CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.

Phoenix, AZ
Joined July 2009
Stumbled across this gem in the Casper Star-Tribune (Casper, WY). It's from Oct 19, 1926. #roaringtwenties
We found a way to mount *remote timing* attacks on *constant-time* cryptographic code running on modern x86 processors. How is that possible? With #hertzbleed! Here is how it works (with @YingchenWang96). hertzbleed.com/
32
581
133
1,389
I'm not sure who at Netflix wrote the copy for this, but 🤣
1
And FWIW, when I go to a location and order this, I'll specifically ask them not to put mayo on it and nearly every time the cashier will tell me it doesn't come with mayo, but it almost always comes with mayo. So I don't know why this is an issue, but it's bigger than doordash.
Now that I've asked you twice, I'll just start asking for refunds on this menu item in the future. If it doesn't say it comes with mayo, and I can't remove the mayo, and it shows up with mayo, that's a wrong order.
1
Keep in mind, it's a safety issue; many people are allergic to dairy. Some people are vegan. Some people have special diets. It's a huge liability problem that the description doesn't include mayo but it comes with mayo. You can fix this, just do it.
2
I’m not sure why @pacificfoods changed their vegetable broth from having actual veggies to veggie juice, but the new recipe is terrible, and yes, we noticed. We were going through 2 to 3 a week. Now we make our own. (original on left, new terrible recipe on right)
1
Bil Corry retweeted
When you agree to take on another service commitment as a professor in academia.
50
449
122
3,589
0
Bil Corry retweeted
Our TLS research group is developing a TLS-Scanner for a few years now, mostly for our own purposes. I rarely advertised it much, but it is actually quite powerful. A 🧵:
8
147
3
537
Bil Corry retweeted
When I started doing research in encrypted search 20 years ago, I made a commitment that I would see it through. In 2021 our company Aroki Sys. was acquired by @MongoDB and today I’m excited to announce that we’re releasing encrypted search in MongoDB: mongodb.com/blog/post/mongod…
37
96
11
425
Bil Corry retweeted
Lots of folks are getting hit with an attack targeting IG accounts. If a "friend" asks you to screenshot a text from IG/FB, 🙅‍♀️ DON'T DO IT 🙅‍♀️. Your friend's account has been hacked. The attacker will copy the URL/code from the screenshot and use that to take over your account 📸
8
20
6
21
Bil Corry retweeted
Even if an event is not data breach reportable under applicable data breach notification laws - if you experience a breach and do not timely disclose information - this can be a violation of Section 5 of the FTC Act - says @FTC tinyurl.com/2p82bx67
1
5
1
7
Bil Corry retweeted
Using #AI to analyze videos of your customers? If you do this, whether for fraud prevention or otherwise - get your #BIPA notice, consent and retention/disposal documents in order. tinyurl.com/2s39878a
2
1
Is @WellsFargo forever destined to be morally and ethically bankrupt? nytimes.com/2022/05/19/busin…
I guess the upside is there's an elaborate page to view billing in a dozen different ways. Or maybe it's a downside. Just how expensive is this thing?
Reloading the Dataflow page changed the "Try Dataflow Free" button into a "Go to console" button. My expectation, as a user, is that if I say I want to try a product, it should take me to that product, not the billing page of that product. But maybe it's just me.
1
I thought I'd explore GCP Dataflow. Clicking the "Try Dataflow Free" button dumps me into a billing admin page. Perhaps a sign of what is to come, but how do I actually try Dataflow? Or is it a product that just bills you? Super confused.
1
Explains the deluge of sales emails.
1
India's new cybersecurity regulation is causing a stir by requiring a six-hour notification window (among other things): cert-in.org.in/PDF/CERT-In_D…
1
Handy US privacy law cheat sheet by @SPB_Global, with newcomer Connecticut included. squirepattonboggs.com/-/medi…
2
1