Adam Shostack  

@[email protected]
4.2K Followers
680 Following
11.4K Posts

Author, game designer, technologist, teacher.

Helped to create the CVE and many other things. Fixed autorun for XP. On Blackhat Review board.

Books include Threats: What Every Engineer Should Learn from Star Wars (2023), Threat Modeling: Designing for Security, and The New School of Information Security.

Following back if you have content.

Websitehttps://shostack.org
Latest bookhttps://threatsbook.com
Opsec statusCurrently clean
Youtubehttps://youtube.com/shostack
Show threadAdam Shostack  22h ago
On the other hand, it absolutely got me through a set of fiddly failings and improved my sa + postfix configs
Adam Shostack  22h ago

If ever I needed proof that llms are not concept models:

apt install re2c
sudo sa-compile
systemctl restart spamassassin

Yeah, sure claude, only sa-compile needs a sudo.

Adam Shostack  1d ago
Trying to find this recent article: T a social engineer had started an account recovery thing with Apple, then called the victim claiming to be from apple, and walked the victim through handing over their account...
Adam Shostack  1d ago

RE: https://mastodon.social/@jeffjarvis/116303605675826379

Back in the day, people were just trying to get past the switchboard.

Adam Shostack  1d ago
Jeff Jarvis2d ago
Some hero renamed the White House on Google Maps as Epstein Island. Bless you, whoever you are.
Post reporters called the White House. Their phones showed ‘Epstein Island.’ https://www.washingtonpost.com/style/power/2026/03/27/white-house-google-database-epstein/
Post reporters called the White House. Their phones showed ‘Epstein Island.’

Washington Post journalists who called the White House switchboard using Google Pixel Android phones saw “Epstein Island” on their screens Thursday.

The Washington Post
Adam Shostack  2d ago
But... his emails!
Adam Shostack  2d ago

@boblord FYI https://publications.cispa.de/articles/conference_contribution/Public_Wi-Fi_Security_and_the_Spread_of_Fear_Uncertainty_and_Doubt/31834648/1/files/63017911.pdf

#hacklore

Adam Shostack  3d ago

Whoa, archive.ph was altering its archives...

https://arstechnica.com/tech-policy/2026/02/wikipedia-bans-archive-today-after-site-executed-ddos-and-altered-web-captures/

Wikipedia blacklists Archive.today, starts removing 695,000 archive links

If DDoSing a blog wasn't bad enough, archive site also tampered with web snapshots.

Ars Technica
Adam Shostack  3d ago

We have altered the terms of the deal.

https://www.seattletimes.com/nation-world/parents-who-borrowed-for-childs-college-face-major-policy-changes/

Adam Shostack  3d ago
Geng3d ago

Great to catch up with @adamshostack
at #RSAC—author of the threat modeling book that shaped how so many of us think about secure design. 🛡️

Always a privilege to learn from the pioneers who built the security practices we rely on every day.