CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.
Phoenix, AZ
Joined July 2009
- Tweets 8,305
- Following 139
- Followers 776
- Likes 17,402
@PatukGlenn Thought this might be of interest:
npr.org/sections/goatsandsod…
Love this from @cigitalgem:
The New Killer App for Security: "Software Inventory"
[PDF, pg 10] computer.org/cms/Computer.or…
2
1
1
A call out from @gigastacey for IoT companies to "design with recyclability and sustainability in mind"
The Internet of Trash: IoT Has a Looming E-Waste Problem
spectrum.ieee.org/telecom/in…
Amazing steganography - watch the video! Researchers at @Columbia encode information into seemingly normal text by slightly perturbing the font glyph, that's it!
"FontCode: Embedding Information in Text Documents using Glyph Perturbation"
cs.columbia.edu/cg/fontcode/
"without breaking the Web" isn't factual - it did break some features and hobble anti-fraud efforts for a payment provider that is often embedded in a third-party context.
Danger of using basic keyword filtering without context, grocery store refuses to write 'Cum' on a graduation cake that's supposed to say "Summa Cum Laude":
azfamily.com/story/38248053/…
When I was at @PayPalInfoSec, we made sure that our terms allowed publication of findings after the issue was fixed. We believed (and I still do) that transparency lifts the ecosystem - all companies have security issues, trying to hide them only helps the bad actors.
1
Geeky gravity trivia:
"Counterintuitively," Landerer says, "if you were to stand on the Greenland coastline and the ice melted, you would actually see the sea level in the ocean around you go down."
npr.org/sections/thetwo-way/…
Curious about Speculative Store Bypass attacks? Download this free whitepaper from @Arm that describes all variants, including the recently released variant 4. (Link goes directly to PDF)
[PDF] developer.arm.com/support/ar…
1
Great keynote to watch!
I had the honor of being the keynote of @BSidesCharm yesterday, where I discussed the realities of the threat landscape and how we as humans can develop superpowers to better secure the world. The video has been posted if you would like to watch it: youtube.com/NIV3J7Utzqo?t=742
1
This subject line needs some work, looks like @IEEESpectrum blames @Waymo for women missing their breast cancer screenings.
The green unicode checkbox is a nice touch, but they need to make the FROM address a bit more convincing. /cc @PayPalInfoSec (already sent to spoof@paypal.com)
1
UPS had their address changed to a Chicago apartment. For several months.
npr.org/sections/thetwo-way/…
1
2