CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.
Phoenix, AZ
Joined July 2009
- Tweets 8,305
- Following 139
- Followers 776
- Likes 17,402
You never know when a nation state will unleash a Stuxnet-type attack that will cause an imbalance of flavor and fizz, and by proxy, throw off the mojo of tech workers everywhere.
1
"The Grim Impact of Judicial Secrecy on Public Health and Safety"
This talk at Stanford will be eye opening, I wish I lived closer!
docs.google.com/forms/d/e/1F…
Bil Corry retweeted
Just open sourced all my security career ladders in time for 2020 planning - Enjoy & good luck - bit.ly/36sqBNl
3
8
4
28
The health risks of RF radiation are unknown, so seems like a bad idea to have any wireless tech near reproductive organs.
consumerreports.org/radiatio…
Agreed. Even if one were to be diligent and read the privacy policy, decide it’s fine, and use the product, at some point the privacy policy may change and now there’s a struggle with lock-in and migration, possibly requiring divesting expensive hardware (eg a car).
1
Yes, as the paper points out, the approach is risk minimization, not actual privacy protection.
I liked the paper’s point about holding companies accountable ala product liability. It’s then not enough to minimally comply with the law, companies are on the hook for actual harms.
Anyone who has ever worked on privacy at their company will be nodding in agreement with this entire paper.
YYYYEEEEEESSSSSSS!
I testified to this exact point at the Senate Banking Committee. Where you have a disproportionately tiny and underfunded team, the law can say you will be boiled in oil & consumers lose.
1
2
So very happy to see @Cloudflare join the fight against CSAM.
blog-cloudflare-com.cdn.ampp…
Doesn’t facilitating transportation across state lines for the purpose of coerced sex fall under the federal sex trafficking laws? Why isn’t this being prosecuted as a federal crime?
I agree. I never think to use LinkedIn as a dating platform, and no one has ever used it that way with me. But makes me wonder if there’s a social norm I missed? Like how I always tip my Lyft/Uber drivers, but most people don’t.
1
2
FYI, connecting with me on LinkedIn to sell your product or service is a dead end.
That’s not how I source products and services. Same with hiring, contracting, training, certifications, or anything else that requires I pay you.
2
1
3
Good info! I suggest looking at NO DIRT for theat modeling; the questionnaire is much easier for non-security people to do than traditional threat modeling tools.
omadahealth.com/news/include…
1
3
Remediate the Flag (RTF) looks like a fun secure coding training event for Devs and AppSec teams.
github.com/sk4ddy/remediatet…
1
1