And here’s how that strategy turns out IRL. jdsupra.com/legalnews/ftc-da…

Why would a church need a police force vs just using a security contractor? Reportable crimes can now be sent to their own police force, who in turn can decline to press charges due to lack of evidence. No more church scandals! npr.org/2019/06/20/734591147…

Why hotel safes are bad: a short video.

Account security - a divided user perception #security #2fa elie.net/blog/security/accou…

W3C is looking for feedback on their latest accessibility draft of "Inaccessibility of CAPTCHA" lists.w3.org/Archives/Public…

Related, I saw the first five minutes of The Great Muppet Caper at a drive-in. The double feature started with E.T., which we watched, but when the Muppets opened with the hot air balloon and singing, my dad was done and drove off. That’s why I don’t live in Hollywood. #scarred

If your company is collecting sensitive personal information, you better have a documented information security program.

Awesome, thanks!

RT @whitequark: you’ve heard of “he uses 2048-bit RSA, so hit him with this $5 wrench until he tells us the key” but did you know it works on microchips too eprint.iacr.org/2018/717.pdf

Are the dives safe for newly certified divers?

It’s crazier than that! nitter.vloup.ch/kt_so_it_goes/st…

You can learn scripting or you can target roles that don’t need it (there are lots). Some security roles require little-to-no technical skills at all. Don’t believe the gatekeeping bullshit on Twitter. Anyone interested in security can find a way in then pivot as they learn more.