CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.
Phoenix, AZ
Joined July 2009
- Tweets 8,305
- Following 139
- Followers 776
- Likes 17,402
InfraGard had a recent talk regarding paying ransoms to someone on OFAC’s SDN list.
Summary: reach out to FBI and OFAC first and fully cooperate with their investigation. That will weigh more positively when the case makes it to DOJ.
Replay on @InfraGardNatl website.
BBC News - Hackers threaten to leak plastic surgery pictures
bbc.co.uk/news/technology-55… and the group is on the USA's denied person's list so paying the ransom may be problematic
1
1
1
BTW, this is the same issue with federal taxes for Americans working abroad, along with Americans living in US-territories.
Perverse that the American colonies argued that representation is required to tax as a fundamental right, then turns around and does the same thing.
1
1
Massachusetts 1764: no taxation without representation
Massachusetts 2020: New Hampshire remote workers still owe us taxes even though they have no representation.
wsj.com/articles/states-squa…
1
Bil Corry retweeted
Are you an OWASP Foundation member? If so, get yourself an Xmas present of a SecureFlag account which is now part of your benefits. If not, then give us an Xmas gift and sign up. Getting yourself a gift in the process! lnkd.in/dm4F9iP
5
8
@expensify - I want to add a bank account without giving my banking credentials to Plaid. Sure, there's a way, but it's non-obvious.
Other problem, you require a password to manually add a bank account, but I use SSO and don't have a password. That's just poor design work.
I'm not familiar with the comic, but found Sam's website and wow, he's an insanely talented illustrator!
behance.net/samchivers
1
I watched it live, it was fantastic!
helenjanelong.com/product/li…
If you missed the live streaming show then great news due to rather massive demand, we’ve added it to our concert page so you can watch it for a further 5 days!! Happy Christmas! 🎄
Zark also features a robot:
zark.com
Seems like it was a popular trope at the time.
1
1
Not quite the match, but there’s this one:
en.wikipedia.org/wiki/Diesel…
1
1
Using AI to track down forced labor in high-seas fishing.
globalfishingwatch.org/resea…
Modern newspaper industry: go to read a story (in this case at @ConMonitorNews), get redirected to a fake news site peddling weight loss pills, try again a second time, now asked to subscribe before reading content.
I wonder why subscriptions are down?
Bil Corry retweeted
Missed this yesterday, but Microsoft said it discovered "an additional malware that also affects the SolarWinds Orion product but has been determined to be likely unrelated to this compromise and used by a different threat actor." microsoft.com/security/blog/…
Fun!
23
3
34
A little Sunday humor, enjoy Fred Allen's 1932 letter as read by Jude Law.
(the entire video is great if you have time)
youtube.com/k0ZoacVdnho?t=240
Which is why this hot take on “the rigor gap” is so profoundly backward, it assumes test scores, not teacher evaluations, is the source of truth.
fordhaminstitute.org/nationa…
1
1
2
Saw this back in 2012, still makes me think.
"Might achievement, as a goal unto itself, be pointless? Could this need to have done something notable, simply be greed in a more socially-acceptable form?"
deliberatism.com/forget-self…
1
When I tell people you can graduate from a four-year university in many states without a high school diploma, no SAT/ACT scores, with guaranteed acceptance and lower overall educational costs, they think I’m make it up. Community college is the best kept secret in America.
1
Bil Corry retweeted
This manual has a very boring name, but it is the best guide to locking down your Apple devices, especially for survivors of domestic abuse: manuals.info.apple.com/MANUA…
13
444
26
788
I recently complained about this. They do not need any permissions to prompt adding an event to Google Calendar.
Every time I go to add a Zoom meeting to my calendar, I wonder why @zoom_us insists on having total access? All the other providers use the custom URL method to add calendar events, no access required. Over-collecting data when not required is likely a GDPR violation.
1