CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.
Phoenix, AZ
Joined July 2009
- Tweets 8,305
- Following 139
- Followers 776
- Likes 17,402
Important research for building safer online services!
South Asian women face a major hurdle while participating online: safety.
We interviewed 100+ women from the region to better understand the unique difficulties they face.
Our results are summarized in this blog elie.net/blog/user-experienc… and this paper: elie.net/publication/they-do…
Princeton has a desktop tool that can help find cameras too. iot-inspector.princeton.edu
39
3
379
I found this embedded in an iframe on a phone reverse lookup website (yes, notoriously spammy). At first I thought it was a honeypot, but I think it's advertising?
I didn't log into it to avoid a felony, but it's definitely not a simple error message that it's pretending to be.
It’s best if we don’t know where or how our food is made.
#SoylentGreen
Unsolicited dick pics wasn’t enough to get @Apple to change AirDrop behavior, maybe terrorist threats will do it?
Racism in drug laws and their application.
youtube.com/watch?v=_Pz3sy…
1
Are you responsible for some aspect of security at your company? This relationship-building advice from @_mwc is spot on! I plan to use his insightful questions on my next "listening tour." Be sure to subscribe to his newsletter for more!
blog.altitudenetworks.com/wh…
1
2
The perfect accessory for any InfoSec wardrobe.
100soft.shop/collections/fea…
2
Scroll through #broadwayblackout to brighten your weekend!
mobile.twitter.com/hashtag/b…
BTW, the same “consistent body of social science evidence” that applies to grades ALSO applies to employee review programs.
When “excellence” is purposely made scarce.
“Suppose ... every student in your state met the standards and passed the tests. What would the likely reaction be from politicians, businesspeople, and the media? Would these folks ... say, “Damn, those teachers must be good!”?”
Just posted - the more complete (unabridged) version of my recent NY Times op-ed, "Can Everyone Be Excellent?": alfiekohn.org/article/excell…
1
Yep. That’s why mandatory encryption backdoors are so bad - other nation states will use them against the very lawmakers that required them. (Looking at you Australia!)
3
2
Yes, hard to know if it’s a researcher who overstepped their scope or a criminal trying to double-dip (exploit the vuln, then get paid to report it).
Good way to get banned from bug bounty programs too. Companies will check the logs to see if bug was exploited by criminals, which will include you if you go out of scope.
1
Loyalty programs will likely be exempt.
AB-846 (Burke) - Exempting "Customer Loyalty Programs" from CCPA's anti-discrimination/differential pricing provision. Passed 8-0 w/ amendment to restrict further sales. Also exempts services whose "functionality is directly related" to the collection of data (e,g, lotteries). 3/