CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.
Phoenix, AZ
Joined July 2009
- Tweets 8,305
- Following 139
- Followers 776
- Likes 17,402
That article is from a year ago.
Maybe @cpomagazine can date their articles?
1
The solve is to pass a law making background checks illegal, as it is in some jurisdictions such as Poland.
FWIW, some language in contracts only obligate a background check, but are silent on exclusion criteria, so the company can decide.
When ordering, does it say it’s a service order? And is having it buried within a dense legal agreement considered “posted conspicuously”?
(Not an attorney)
Under California law, it has to be “posted conspicuously” otherwise “as long as you have your receipt, you are entitled to full refund or equal exchange within 7 days of purchase. (Cal. Civil Code § 1723.)”
saclaw.org/articles/returns-…
1
When the government claims it needs backdoors for law enforcement and that it can be done securely, my reaction is “Great! Put backdoors in all of the government systems to show us how it can be done securely.”
3
This does a good job of diving into the issue.
“I regret having children”
macleans.ca/regretful-mother…
2
41
I attended a talk by the DOJ about it. It’s a very sharp edge case. Their advice is to proactively reach out before you make the payment to someone on those lists.
One wrinkle in paying a ransom is if the bad actor is on the OFAC or terrorist lists, it’s a federal crime.
1
The incentives are completely backwards on this.
I propose a new rule: once the safety engineer declares the intersection safe for pedestrians, the safety engineer’s family is blindfolded and must cross the street 10 times during rush hour traffic.
We've been told this highway off-ramp won't get a stoplight because not enough pedestrians have been seriously injured here.
It's time to rethink rules like this from the #MUTCD that prioritize speed over access.
3
If your computer died, but your hard drive is fine, you can buy an external enclosure and plug it into another computer to access the files.
If your hard drive died, then you can have @OntrackUS (or similar) recover files.
3
I wonder if the advances in security cameras is applicable? It used o be a security guard would have to watch multiple video feeds for hours. Now the systems alert on footage to review, freeing the security guard from constant monitoring.
For example, TurboTax that takes an obnoxiously large task and breaks it into smaller tasks, either by “walking” you through each step, or allows you to jump around if you’re more experienced.
4
I miss these more innocent times...
“Moreover, because the system is based on HTML, you have the option of providing active content and using embedded ActiveX controls or Java applets.”
1
That would require having a company culture that people would *want* to come back to. And would have to include opportunities for growth. Without those two ingredients, I doubt people would return.
Moving around inside a company could work too.
2
BTW I’ve done entry-level training for information security, not as a coat-cutting measure, but as the community service I wish I had when I was first starting out.
Anyone complaining how hard it is to fill positions and is not offering entry-level jobs is literally the problem.
2
I’m reminded of that old joke where the CFO complains to the CEO about the cost of training, “What if we train them and they leave?” CEO replies, “What happens if we don’t train them and they stay?”
2
1
Periodic reminder that a carbon monoxide detector saved my life and you should absolutely have them throughout your house!
texastribune.org/2021/04/29/…
2