Wendy NatherJun 15

Okay, could someone explain something to me please?

Why did ANYONE ever think “guardrails” would work?

We all know that blocklisting is suboptimal because you can’t possibly enumerate all the badness (see also: antivirus). And anyone who has had to write a statement of work that includes application security requirements knows how impossible THAT is without adding a whole textbook as an appendix. (Or just writing “Don’t do stupid shit with the code,” which covers it pretty broadly.)

Don’t do that. Or that. Or that, either. And not like that. Oh, we didn’t know you could do that! Don’t do that.

Seriously, why??

Show threadEddie.

@wendynather on this line, one would think the code of conduct for any conference could be summed up with “Be Professional.”

It isn’t for the same reason we have to be warned coffee is served hot and we shouldn’t use chainsaws on our genitals.

Jun 15 at 7:43pmWeb
Show threadWendy NatherJun 15
@infoseclogger /me quietly puts down the chainsaw
Show threadgaryJun 15
@wendynather @infoseclogger conferences are not gta in real life - where is the line between reg mids professionalism and social engineering./ great places to network anyways #comp intel #recruiting #civil and persuasive #poly sci
Show threadeestileib (she/hers)Jun 16

@infoseclogger @wendynather

Ok I agree we shouldn't use the CHAIN part of the chainsaw on genitals, but I've seen more than one strapped to the front of a jumpsuit.

Maybe that's also not appropriate for professional conferences, but I'll think that's up to individual codes of conduct.