CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.
Phoenix, AZ
Joined July 2009
- Tweets 8,305
- Following 139
- Followers 776
- Likes 17,402
Brexit impact on .eu domains (spoiler: you cannot have .eu domains if no EU presence)
eurid.eu/en/news/brexit-eu-d…
1
2
A friend and I took the same class at the same time, but two different teachers. He wrote papers and had pop quizzes. I had a couple of easy tests. I got an A without trying, he got a B. Very subjective and not worth the stress.
@TwitterSupport This ad has flashing lights that can trigger seizures.
Groove and move with #TheMaskedDancer! 🕺
It’s an all-new twist on your favorite show — premiering, Sunday, December 27 on @FOXTV.
Every generation for thousands of years thought kids were ruining things, described by the authors as a "pervasive illusion of humanity."
advances.sciencemag.org/cont…
The original TEE used to include Lux, and there are plenty of commuters into Lux from BE, FR, and DE, plus CJEU is there, seems like it could be easily added and is odd it wasn’t. But maybe the cost/benefit isn’t there...
I noticed it goes around Luxembourg on all sides, ouch! I wonder if that’s to protect Luxair’s short-haul flights?
2
15-year-old scientist and inventor Gitanjali Rao is named Time's Kid of the Year (and is well deserved!).
npr.org/2020/12/03/942034617…
@Coupa - feature request: do NOT send HTML attachments for POs, invoices, or anything else. HTML attachments get blocked, which means your POs and invoices do not get received. Either provide a link, or attach a PDF, or put the HTML invoice into the body of the email. k'thx!
I missed you were updating 6265, I’ll take a look. BTW, 6265 was the product of ~35 people, including everyone from 2109. But yes, @adambarth did do the heavy lifting for 6265, including building a cookie behavior testing suite. He’s an unsung hero of the internet.
1
2
This documentary about the USPS' 100-year-old "Operation Santa" tradition looks to be awesome.
dearsanta.movie/videos/
1
2
Beautiful story, be sure to watch the video.
abajournal.com/news/article/…
SAMM and BSIMM are two ways to assess the maturity of your AppSec program. Wonder what the difference is?
Here's a comparison:
owaspsamm.org/blog/2020/10/2…
Back when I owned the bug bounty program at PayPal, I was adamant that researchers should be able to post their findings after it was patched. That’s how the community can collectively learn.
This is even better, do it! 💪
For the exemplar of "doin' it right", see Dropbox, who leave the researchers in control: dropbox.tech/security/protec…; Dropbox does not use the bug bounty to buy silence; neither does Dropbox reserve the right to take forever to fix.
1
3
