I did a bunch of interviews today and something really stuck with me - being told that a lot of politicians are trying to decide if climate change or infrastructure cybersecurity is more pressing.

Climate change deeply impacts geopolitics and military policy. Therefore it is a cybersecurity issue. The DoD has always understood this. You can’t look at the “APTs” and terrorist orgs we deal with and not consider how climate impacts will continue to motivate them.

Here's a refresher on how to think about stories in the news from a "secure by design" standpoint. Many stories about compromises of consumer devices and apps are unfortunately overstated or outright hoaxes (what I call "hacklore"). Some sample questions that we should ask:

-Which operating systems, apps, etc. are affected? What versions?

-What did the software/hardware manufacturer say in response to the alleged vulnerability? Are they going to address it in a future version?

-How can users determine if the attackers successfully compromised them?

Questions like this can help us urge technology companies to improve the security of their products. Or, in some cases, it can reveal the alleged allegations as incredibly rare, or even as hoaxes.

Reporters should pay special attention to the full list of questions here:

https://www.cisa.gov/news-events/news/applying-secure-design-thinking-events-news

Introducing Citadel! Citadel is a tool for Mastodon admins that makes it quick and easy to find + suspend spammers in one click!

Eventually Citadel will have more tools, but I wanted to get this out ASAP to help server admins.

It's a client-side app, no server. Everything's all in your browser.

Give it a shot: https://citadel.samw.dev

View source: https://github.com/samwightt/citadel

(also note that after you log in you will ned to reload the page)

#MastoAdmin #FediBlock #FediBlockMeta #Admin #Spam