CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.
Phoenix, AZ
Joined July 2009
- Tweets 8,305
- Following 139
- Followers 776
- Likes 17,402
BTW, the same “consistent body of social science evidence” that applies to grades ALSO applies to employee review programs.
When “excellence” is purposely made scarce.
“Suppose ... every student in your state met the standards and passed the tests. What would the likely reaction be from politicians, businesspeople, and the media? Would these folks ... say, “Damn, those teachers must be good!”?”
Just posted - the more complete (unabridged) version of my recent NY Times op-ed, "Can Everyone Be Excellent?": alfiekohn.org/article/excell…
1
Yep. That’s why mandatory encryption backdoors are so bad - other nation states will use them against the very lawmakers that required them. (Looking at you Australia!)
3
2
Yes, hard to know if it’s a researcher who overstepped their scope or a criminal trying to double-dip (exploit the vuln, then get paid to report it).
Good way to get banned from bug bounty programs too. Companies will check the logs to see if bug was exploited by criminals, which will include you if you go out of scope.
1
Loyalty programs will likely be exempt.
AB-846 (Burke) - Exempting "Customer Loyalty Programs" from CCPA's anti-discrimination/differential pricing provision. Passed 8-0 w/ amendment to restrict further sales. Also exempts services whose "functionality is directly related" to the collection of data (e,g, lotteries). 3/
Bil Corry retweeted
Here's a break-down of the #CCPA amendments that passed CA Senate Judiciary Cmtee last night - for those w/Tuesday night social lives. In order of bill#. Almost all passed - several w/amendments may need to be reconciled w/Assembly versions, one 3-3 tie, & one withdrawn. 1/x
3
23
5
40
GIF
Reminds me of the legal and ethical questions raised by researchers who were able to infiltrate and/or take over botnets. Can they set the devices free? Or only allowed to observe? Is it ethical to do nothing and allow harm?
1
Bil Corry retweeted
If lawmakers are opposed to requiring states to follow the almost universally agreed-upon best practices for election security, they should just say that.
Suggesting that the jury is still out on what those best practices are is factually inaccurate.
16
88
5
237
Hey, I’m running for the @owasp Board of Directors. If you’re a member, ☑️ vote for me. If you’re not a member, join and ☑️ vote for me.
I haven’t seen this years schedule, but elections are typically in October.
☑️ ☑️ ☑️ ☑️ ☑️ ☑️ ☑️
1
6
1
4
I just registered for @owasp @appsecusa in DC. Hope to see you there!
1
Bil Corry retweeted
After 2 years of consultation @eSafetyOffice is incredibly proud to release our final #SafetybyDesign Framework here: bit.ly/2JnDcs7. The only way we can build a safer Internet is for the online platforms to take responsibility & put safety at the core of product devt!
Commissioner @tweetinjules explains @eSafetyOffice’s world-leading initiative, #SafetybyDesign, which shifts responsibility for safety back onto tech organisations themselves.Offering a set of standards that all online services, large/small,need to uphold. esafety.gov.au/about-the-off…
16
41
7
123