I have seen the Time Knife

@[email protected]
152 Followers
414 Following
84 Posts

Bird-site refugee. Not my first social media exodus. Used to love LiveJournal and Tumblr. Nothing lasts forever.

Lawyer, Data Privacy, InfoSec, CyberSec, Telecom. BLM. Abolish the bar. He/him/they. Former FF/EMT. Nerdy, Jewish, Neurodivergent. Also puppies. 🏳️‍🌈

I do privacy work for a tech company that actually cares about privacy issues, and it’s really nice after a long career elsewhere.

I have seen the Time KnifeApr 14, 2023
Tane Piper ⁂Apr 14, 2023

I Think I Found a Privacy Exploit in #ChatGPT

https://tane.dev/2023/04/i-think-i-found-a-privacy-exploit-in-chatgpt/

#ChatGPT4 #LLM #agi #openai #privacy

I Think I Found a Privacy Exploit in ChatGPT

Either ChatGPT is good at hallucinating, or I found an exploit in their API that can expose private information

tane.dev
Show threadI have seen the Time KnifeApr 11, 2023
@averagesecurityguy applied and they said not the right fit. Oh well 🤷🏻‍♂️. Thank you though!
I have seen the Time KnifeApr 4, 2023
Bunnies Every HourMar 21, 2023
I have seen the Time KnifeApr 4, 2023
Joshua MensahApr 4, 2023

White people when Tesla is an extremely racist work environment: 😴

White people when Tesla owner ruins their favorite website: 😡

I have seen the Time KnifeApr 4, 2023
This app crashes on anyone else when you try to edit your profile?
I have seen the Time KnifeApr 3, 2023
Anthony Collette  / LoistavaApr 3, 2023

“DIGITAL GARLIC” SCARES AWAY HACKERS

Time Management for Hackers

Attackers don’t bother brute-forcing passwords that are long or passwords that contain special characters.

Every one of us — hackers included — only have 24 hours in every day. So how do criminal hackers make the best use of their time when brute-forcing passwords?

Microsoft researcher Ross Bevington analyzed the usernames and passwords hackers entered from over 25 million brute-force attacks.

Here's the breakdown of 30 days' worth of attacks against passwords:

➡️​ 6% attacked passwords over 10 characters in length.
➡️​ 7% attacked passwords which included special characters.
➡️​ 39% attacked passwords with numbers in them.
➡️​ 0% attacked passwords with spaces.

Hackers definitely *stayed away* from passwords which were longer (94% of the time), and they *didn't bother* spending much time cracking passwords which contained special characters (only 7% of the time).

Probably because of the common use of numbers at the end of passwords, hackers definitely honed in on digits.

But hackers *didn't even attempt* brute-forcing passwords with spaces, most likely because including spaces in passwords is still fairly uncommon.

From the article written by Catalin Cimpanu:

"The researchers' findings suggest that longer passwords that include special characters are most likely safe from the vast majority of brute-force attacks, as long as they haven't been leaked online and are part of attackers' brute-forcing dictionaries."

Should we include special characters (including spaces) in our passwords?

Here we have high-quality evidence collected by Microsoft at scale. It shows decisively that password length and the inclusion of special characters act like digital garlic, keeping the vampires and werewolves at bay — keeping the bad guys away from our online accounts.

How do ordinary consumers get this “digital garlic” in an easy way? They use a Password Manager.

https://therecord.media/attackers-dont-bother-brute-forcing-long-passwords-microsoft-engineer-says/

#Passwords
#PasswordManagers
#ComplexPasswords
#SpecialCharactersInPasswords
#TimeManagementForHackers
#DigitalGarlic
#Microsoft

Attackers don't bother brute-forcing long passwords, Microsoft engineer says

According to data collected by Microsoft\'s network of honeypot servers, most brute-force attackers primarily attempt to guess short passwords, with very few attacks targeting credentials that are either long or contain complex characters.

I have seen the Time KnifeApr 3, 2023
Charlie McHenryApr 3, 2023
Interested in just what tech your local police department is using for citizen surveillance? Curious about body cams, drones and Ring.#surveillance? Just enter your city and state into this third party database to see exactly what tech gadgets and gizmos your local PD is using. Naturally, bigger cities do a lot more surveillance than smaller towns. https://atlasofsurveillance.org/ #police #policing #policetech #privacy
Atlas of Surveillance

Documenting Police Tech in Our Communities with Open Source Research

Show threadI have seen the Time KnifeApr 3, 2023
@jtomasello <3
I have seen the Time KnifeApr 3, 2023

Found out that I was part of a large round of layoffs. I have a baby girl on the way, and could use some help finding a new gig. Ideally would like to work for another tech company as a CPO, DPO, Privacy Counsel, Dir of Privacy, or Privacy Program Manager.

Have my CIPP/US & CIPM. CIPP/E soon. Privacy/regulatory/risk-management a specialty. Used to be a gov’t regulator, so I know the other side of the table very well. Extensive GDPR & US state privacy law experience. Incident response exp too. Remote or Denver-based.
#Privacy #PrivacyLaw #GetFediHired #GDPR

I have seen the Time KnifeApr 2, 2023
Show threadKevin BeaumontApr 2, 2023

The Times have a report up saying #Capita NHS services staff are working using WhatsApp and Google Drive, rather than approved Microsoft tooling.

Massively concerned by lack of transparency, going to start digging into this tomorrow with officials. https://www.thetimes.co.uk/article/capita-dogged-by-it-problem-for-three-days-wthl2zp5v

Capita dogged by IT problem for three days

An IT meltdown at Capita continued over the weekend, fuelling speculation of a cyberattack at a company that handles key public service contracts. Staff, incl

The Times