Summer updates

Summer has arrived and so has the traditional time for site changes (along with the usual outdoor activities). We're kicking around ideas for new features and improvements that we can make to the site and still keep it accessible to the widest range of clients possible while adhering to the KISS rule. With some of the features and ideas we're considering implementing we don't think that it will be manageable or scalable if we stick strictly with our original design concept. We don't want to abandon any of our users, some of whom are still using 2.x and 3.x browsers! It's a tough call and reducing administrative overhead is something we hope to accomplish with any updates.

CSS looks like a must just because even we're getting a little tired of looking at the original design. The aphorism "If it isn't broken don't fix it," comes to mind as we're considering this. The other thing we're trying to figure out with respect to CSS is whether or not we should go back and bring the old pages up to the new spec or leave them as is. There is an argument to be made for leaving them alone for historical/archival purposes (Web Archive notwithstanding). It's unclear which way we'll go but there seems to be a leaning to leaving the original pages as is.

Bruce Schneier

Someone pointed out to us a while back that Bruce Schneier gave us a nod in his Crypto-Gram Newsletter for our interview with Gene Spafford. While it doesn't have any direct effect on what we're doing on the project, and we know we have a long list of accomplished users, it's nice to know that our efforts are appreciated by someone like him. It amounts to a public vote of confidence from someone whom a lot of people respect as an authoritative source on all matters security-related.

Has anyone come across the issue of someone listing themselves as being involved in a project without actually contributing anything to it? Doing so would be no different than taking credit for someone else's work.

The certification of Advogatons is informed (in part) by the degree of involvement and number of projects they contribute to. When one can easily list oneself as being a contributor without contributing anything to a project, it calls into question the assumptions that we make when certifying people. Remedies?

After neglecting this journal for months, it's well past time to update it. To anyone who might have been waiting for the (promised) update, sorry for not posting the links to the Spafford interview before now. But now you've got them, so enjoy reading the interview!

The interview with Spaf went well and we're working on transcribing it. Do you have any idea how painstaking and time-consuming it is to type out a 60-minute interview?

We'll post the interview on the site as soon as we have verified it.

Are there any cryptomathematicians who are interested in getting involved? We have knowledgable people working on the project but we need some highly technical people to handle some of the really esoteric stuff. I suppose I should post something to Advogato's Projects page. Will do that soon.

Hmmm no certifiers out there yet. Someone? Anyone?

We're interviewing information security superstar Dr. Spafford tomorrow (Aug 30). There's still time to send in your questions.

By the way, if someone would kindly certify me then I could post an article and get the questions that people want answered.