CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.

Phoenix, AZ
Joined July 2009
Filter
Exclude
Time range
-
Near
Replying to @epenzeymoog
The health risks of RF radiation are unknown, so seems like a bad idea to have any wireless tech near reproductive organs. consumerreports.org/radiatio…
Replying to @cryptodavidw
I don’t have a current subscription, but your local library likely does.
1
Replying to @cryptodavidw
I suggest using Consumer Reports. consumerreports.org/cro/air-…
1
Agreed. Even if one were to be diligent and read the privacy policy, decide it’s fine, and use the product, at some point the privacy policy may change and now there’s a struggle with lock-in and migration, possibly requiring divesting expensive hardware (eg a car).
1
Replying to @mdennedy
Yes, as the paper points out, the approach is risk minimization, not actual privacy protection. I liked the paper’s point about holding companies accountable ala product liability. It’s then not enough to minimally comply with the law, companies are on the hook for actual harms.
Anyone who has ever worked on privacy at their company will be nodding in agreement with this entire paper.
YYYYEEEEEESSSSSSS! I testified to this exact point at the Senate Banking Committee. Where you have a disproportionately tiny and underfunded team, the law can say you will be boiled in oil & consumers lose.
1
2
So very happy to see @Cloudflare join the fight against CSAM. blog-cloudflare-com.cdn.ampp…
Thank you for sharing, so very glad the feds are prosecuting them.
2
Doesn’t facilitating transportation across state lines for the purpose of coerced sex fall under the federal sex trafficking laws? Why isn’t this being prosecuted as a federal crime?
Replying to @mdennedy @mmurray
I agree. I never think to use LinkedIn as a dating platform, and no one has ever used it that way with me. But makes me wonder if there’s a social norm I missed? Like how I always tip my Lyft/Uber drivers, but most people don’t.
1
2
Replying to @Kerberosmansour
Haha, good times 🤣
1
FYI, connecting with me on LinkedIn to sell your product or service is a dead end. That’s not how I source products and services. Same with hiring, contracting, training, certifications, or anything else that requires I pay you.
2
1
3
Good info! I suggest looking at NO DIRT for theat modeling; the questionnaire is much easier for non-security people to do than traditional threat modeling tools. omadahealth.com/news/include…
1
3
Remediate the Flag (RTF) looks like a fun secure coding training event for Devs and AppSec teams. github.com/sk4ddy/remediatet…
1
1
Replying to @LeaKissner
Cross referenced with a driver’s license database?
1
Replying to @CelticSeaSalt
Thanks, we now do tape the spoon side closed!
1
1
Mainstream US chocolate is heavier on sugar than EU chocolate, and likely has butyric acid. If you like your chocolate less sweet and creamier (i.e. all adults with a functioning sense of taste), then EU chocolate is going to be superior. chemistryworld.com/podcasts/…
3
"No one wants to be sold anything." I found this video insightful to learn how to successfully pitch myself and my ideas. While I don't do sales, I do need to influence others. Thanks @brantpinvidic and @vvanedwards! scienceofpeople.com/3-minute…
1
1
Poor start to 2020 @hulu
Replying to @k8em0
Back when I was at a large FinTech, we ran our own BB and only considered banning a researcher once, and that was because they went way beyond scope. They got a warning instead for the very reason you cite, we wanted the reports, and bans are only for criminal behavior.
2