CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.
Phoenix, AZ
Joined July 2009
- Tweets 8,305
- Following 139
- Followers 776
- Likes 17,402
Years ago my daughter was waiting to get her picture with the Evil Queen. EQ asked the girl at the front of the line who was the fairest in the land, and the girl answered “Snow White”. EQ got mad and walked up to my daughter, who meekly said “You.” We were moved to the front. 😆
Seriously WHO is this actress? She's having such a blast being evil. And she's gotta riff the whole thing. Just amazing.
Bil Corry retweeted
And we're presenting Eyeballer at ASU right now to a packed room! Download the #hacking tool here and let us know what you think - or any issues you may encounter: hubs.ly/H0l5glN0
7
8
Bil Corry retweeted
Thank you @florian_tramer, @danboneh and @kennyog for your excellent work identifying and analysing these attacks, and for your professionalism and prompt engagement during the security response process 🙂
How to break Zcash anonymity using side channel leakage, joint work with @florian_tramer and @danboneh:
crypto.stanford.edu/timings/
@ElectricCoinCo $zec #Zcash #anonymity #break
7
29
Talk idea: "Detecting Attacks with Ransom Demands. A responsive strategy that utilizes low upfront costs coupled with cyberinsurance."
propublica.org/article/the-e…
An old idea of mine: create a new protocol handler (and port?) that has all the security features enabled by default. Can even re-imagine SOP. So instead of visiting https://domain.tld, instead visit web://domain.tld. That won't break any websites and allows gradual adoption.
If you're in the Boston area, BASC tickets are free, but limited. Register now before they're sold out.
I'll be there, hope to see you there!
Register for @OWASPBOSTON @basconf at bit.ly/2o9BzGd #owasp #basc #owaspboston #appsec #infosec #training #workshops #dfir #students and be sure to visit our #sponsors and #resumereview workshops!
1
Aka “we need back doors, trust us, they’re safe.”
US can put backdoors in all of the Federal systems today, doesn’t need a new law.
1
For slim fit jeans, this works better.
amazon.com/Zipper-Dadbod-Yiu…
California has a law that might prevent this behavior, not sure if applies to rewards programs, but for anyone living in California, here it is.
leginfo.legislature.ca.gov/f…
Very true!
One of my interview questions is: “How do you stay on top of current infosec news?”
Almost no one says “Twitter.”
1
Several years back, I was buying a pink collar at a pet store with my daughter for her large toy unicorn and the woman behind us asked what kind of dog we have.
My daughter replied, “it’s for my unicorn.”
Without missing a beat, the woman asked for the unicorn’s name.
2
For my son's art project, his teacher asked him how she should grade it.
He wrote "Art is not meant to be measured." and provided Nick Cave's MTV letter.
They mutually agreed she should grade it based solely on effort.
1
2
Bil Corry retweeted
EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip).
github.com/axi0mX/ipwndfu
924
6,128
1,249
15,072
It’s awesome that resources such as ASVS exist, and that there’s a friendly community of us that share this knowledge, and all of it is free.
I’m personally grateful and thankful.
1
2
