CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.
Phoenix, AZ
Joined July 2009
- Tweets 8,305
- Following 139
- Followers 776
- Likes 17,402
@MtnValleyWater Found a piece of glass in my one liter bottle of spring water. Bottle looks fine, so guessing came from manufacturing. Bottle number from bottom: 139 18 A1W P 1850 and top: 080218 MV 11:21
I use activated charcoal pills when something I’ve eaten doesn’t agree - totally safe. Not so much for brushing teeth as it has high abrasion and you’ll wear off the enamel.
The story of standardized testing in schools, which leads to stories like this:
abcnews.go.com/beta-story-co…
1
1
He can blame young people, but given Michael Richards withdrew from the public eye after a racial outburst at his set and Paul Reubens withdrew after his masturbation scandal, it’s clear those social norms predate the youth of today.
1
I saw that there’s a class action against Apple for a faulty screen design on their Apple Watch. So even if it doesn’t fall off your wrist, the screen can still break.
amp.timeinc.net/fortune/2018…
1
1
This story from three years ago will sound familiar.
joewilcox.com/2015/04/27/sha…
2
1
2
The case against frictionless:
"By creating a more complex sign-up, Tulerie had signalled that its service was special and worth the effort. “People perceive it as harder to get into, and they want to be a part of it.”
nytimes.com/2018/12/12/techn…
I make a good faith effort to cancel, and if it’s too hard or involves too much hoop jumping, I dispute the charge with my credit card company. Works every time.
Bug bounty programs are for refining a mature SDLC, it’s the feedback loop that identifies (hopefully small) gaps.
Running a BB against an immature or non-existent SDLC means whack-a-mole with thousands of submissions; it’s costly and doesn’t solve gaps.
1
3
Not sure what happened in your case, but in some circumstances, Federal law prohibits Money Services Businesses (such as PayPal) from informing their customer as to why their account has been closed.
en.m.wikipedia.org/wiki/Bank…
1
1
2
Australia (@tweetinjules) is working on a “safety by design” framework, hopefully is a sign of things to come everywhere. /cc @jllord @tsunamino
esafety.gov.au/about-the-off…
6
Made the same mistake my first time to Phoenix, was right up against the preserve of South Mountain.
1
Agreed, I would have jumped at it if it had been around three years ago. Maybe @laraghavan has a need.
1
I started designing a system like this while at PayPal because they have requirements for on-brand and off-brand partners and it’s hard to manually enforce.
1
You can’t make this stuff up.
"An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element."
cve.circl.lu/cve/CVE-2018-19…
Don’t visit Italy unless you want your luggage blown up.
travelandleisure.com/travel-…
1
2
Similar story, this karaoke user is ditching Chrome because Chrome won’t allow microphone access unless the website sets the mic permissions and HTTPS is used.
groups.google.com/a/chromium…
