Chris Herdt

@[email protected]
291 Followers
277 Following
375 Posts

Infosec operations manager and cybersecurity instructor. Cyclist. Saint Paul, Minnesota.

Past life: sysadmin, web app developer, web monkey, help desk. Philly, Cincinnati, Birmingham, Portland, Detroit, Ann Arbor, Utrecht

Since all that is boring, ask me about the time I bought a school bus on Ebay.

he/him/his

Webhttps://osric.com/chris/
Chris Herdt2d ago

One of my colleagues is currently trolling co-workers with CVE-2025-71263 (a vulnerability found in the recently rediscovered UNIX V4 source)

I kind of want to let people in on the joke, but quite not enough

Chris Herdt5d ago
I know it's easy to mispronounce a word or name you've never heard aloud before, but if you're making a YouTube video about Jean Giraud, maybe figure out how to pronounce his name first?
Chris HerdtMar 17
All the resumes with "CISSP in progress." I can say a lot of things are in progress! That's a red flag. I suppose it matches the pattern for "CISSP" for automated filters, but humans are unimpressed.
Chris HerdtMar 16

Search tools now try to second-guess what I'm searching for. I'm searching for "tree" and it's returning results "three" and "true"

I mean if Levenshtein distance is considered relevance, "trash" is right there

Chris HerdtMar 4

I received an email inviting me to a webinar/talk by Chrys Heard and I thought it was a joke or an AI hallucination based on my name, but there really is someone by that name in infosec

Howdy, Chrys!

Chris HerdtFeb 11

Glad to see Flickr has their priorities straight, sending out their "happy birthday to us!" message before notifying me of their data security incident

(I get it, they need to fully understand the scope of the incident before sending out notifications, and the marketing message has probably been in the queue for a month already)

Chris HerdtFeb 9

Headline: "OpenClaw's Gregarious Insecurities Make Safe Usage Difficult"

The word you're looking for is "egregious" not "gregarious"

Now the q is: was that a human editor or an AI editor that botched it?

https://www.darkreading.com/application-security/openclaw-insecurities-safe-usage-difficult

Show threadChris HerdtJan 4
I'm wondering if this is the first time there has been an admitted coordination of a U.S. cyber attack with U.S. air/ground attacks. Maybe there have been prior, but none that come to mind.
Chris HerdtJan 4
Reading between the lines, the US Cyber Command may have been involved in taking out power in parts of Caracas, although I have not read anything that confirms that explicitly.
Chris HerdtDec 23

Again, again I say, why would you ever install web browser software on a server

Is it because you don't know how to properly manage a server

Why. Why?