Mastodawn

Daniel Gordon Nov 21, 2022

@Johnhultquist I know advertising spending probably got allocated a while ago but this Twitter advertising is probably the final straw for me to stop tipping things to Mandiant, both for influence ops and typical hacking activity.

Daniel Gordon Nov 21, 2022

Patrick Gray Nov 21, 2022

Today on Risky Biz:

* Tom Uren and @thegrugq talk about why EU plan to regulate 0day won't do much on Spyware. That podcast up imminently in Risky Business News RSS feed (site currently building)

* News bulletin podcast and newsletter out at 2:30pm AEST
- Some Cyber Partisans action
- Vanuatu government ransomware update
- Russia moves towards cybercrime proceeds forfeiture laws (lol corruption gonna be amazing)
- Free Wickr app gets the Amazon razor
- More

* A long form interview I did with head of developer relations from Snyk: How can CSOs help foster a good secure dev culture within dev org? Still working on that one but will be out later today in the primary RSS feed.

Looks like I'll be spending a bit more time on Mastadon now because this is clearly where the action is. :)

Daniel Gordon Nov 21, 2022

Dmitri Alperovitch Nov 20, 2022

There is far too little recognition of the fact that the US Intelligence Community’s ability to discover Russian invasion plans and share them with Ukraine is one of the greatest intelligence successes of the last 50 years and has had a critical impact on thwarting Putin’s imperialist ambitions.

They knew the Russian war plans better than most of the Russian military executing the invasion (who mostly had no idea they were going to war) and even members of Putin’s Security Council! Remarkable!

Daniel Gordon Nov 21, 2022

@jeff @bolapara I get it. I’m horrified by some companies sacrificing ethics and common sense to make $ from dictatorships. I have two counters: one is that a bunch of companies care enough about their reputation in the US that they have red lines. The other is that at the end of the day we’re not that important. I’m involved in some WILD infosec stuff, but I’m still not a human rights activist, political activist, or journalist in Iran or Saudi. I’m not really a target

Daniel Gordon Nov 20, 2022

@jeff @bolapara I’m both aware of the privacy concerns posed by companies having a presence in a country that can legally (or illegally) compel compliance and the countries that have tried to block encrypted messaging because of lack of visibility. Your standard is that the messenger app can’t be owned by an international corporation for you to use it?

Daniel Gordon Nov 20, 2022

Mx Cazzo 🏳️‍🌈Nov 20, 2022

Daniel Gordon Nov 20, 2022

@jeff hard disagree? Lots of folks in infosec use Keybase. Off the top of my head, WhatsApp, iMessage, FB messenger, Viber, LINE, Telegram (obvious concerns), and Wire are also options and I know there are a lot more.

Daniel Gordon Nov 19, 2022

Forcing remote employees to physically come into an office for a meeting that could be virtual was dumb even before the pandemic. Large meetings are mostly a forum for announcements or training and are generally a terrible way to actually accomplish work.

Daniel Gordon Nov 19, 2022

Lesley Carhart

Nov 18, 2022

#FF Just a few hackers who have made my life better this year: @alyssam_infosec @cillic @SwiftOnSecurity @film_girl @selenalarson @Blenster @jeffmcjunkin @gossithedog @Nerdpyle @malwaretech @PhilHagen @Medus4 @troyhunt @JaysonEStreet @mzbat @ErrataRob @blowdart @accidentalciso @argv @tinker @spaf @jack_daniel @reverseics

Show thread

Daniel Gordon Nov 18, 2022

@hexadecim8 I didn’t used to agree but now I agree. The aggregation of that much wealth requires unethical exploitation, the money/power amplifies the holders’ personality flaws, and the result of their whims, with rare exceptions, is harm to democracy, to justice, to security, to free speech, and to a hundred other facets of society.