BrianKrebsSomething tells me we're about to be reminded that here in the US we have something like 18,000+ distinct policing jurisdictions. i.e., plenty of potential "constitutional sheriffs."
Dante Mercurio
- 176 Followers
- 497 Following
- 1.1K Posts
Technology nerd, infosec leader, husband, dad, skeptic though not in that order. Human rights are non-negotiable. Love all things #infosec, #scifi, #motorcycles, #hiking, animals, #technology and #science related.
Director for MSSP services at a security vendor though views here are solely mine.
#MSSP #cybersecurity #fedi22
Lesley Carhart 
I’m absolutely gonna cry when the election is decided. Either because we win and my family and friends and so many vulnerable groups and I are safe, and I’m just so, so horribly exhausted from working and constantly facing horrible online abuse and fighting. Or because my country, that I served my whole youth, is gone to fascism for the rest of my life - and I have to leave. Either way I’ll cry.
I hope you all cared enough to #vote, if you can.
Breaking out my copy and rereading to get through the next few days. Should be required reading in high school.
Tinker ☀️So managers are starting to spew the whole "well I didn't do anything wrong, it affected everyone else, so we're not liable" bullshit.
Did you allow a third party vendor to have the highest privilege access to all of your systems AND let them run Remote Code Execution on your systems whenever they want?
You didn't have a test environment set up to test each update or patch that is applied to your systems before you push them to prod? No? Just let it auto-update?
Yeah, that "Risk Transference" didn't work so well as your GRC policy seemed to think it would, huh? I know they're a security company and they SHOULD have tested it, but they didn't, did they?
I know everyone else does it, but if everyone else jumped off a bridge, would you?
Just because everyone else fucked up, doesn't mean you didn't fuck up.
There's gonna be a lot of deep discussions in this post-mortem and hopefully orgs will change. Those that don't will just be hit again... and again... and again.
@rysiek Pretty sure everyone is in triage mode, doubt we’ll see accurate info for a week or two.
@tinker Mine as well, she’s 74 and has no clue what I do other than work in ‘computer security’.
mccSo this, from Firefox, is fucking toxic: https://mstdn.social/@Lokjo/112772496939724214
You might be aware Chrome— a browser made by an ad company— has been trying to claw back the limitations recently placed on ad networks by the death of third-party cookies, and added new features that gather and report data directly to ad networks. You'd know this because Chrome displayed a popup.
If you're a Firefox user, what you probably don't know is Firefox added this feature and *has already turned it on without asking you*
Lokjo - EU's Gmaps replacement (@[email protected])
Attached: 1 image Firefox is just another US-corporate product with an 'open source' sticker on it. Their version 128 update has auto checked a new little privacy breach setting. If you still use a corporate browser, at least do some safety version! We mainly use @[email protected] based on firefox. (yes, we know, a stable european or even non-US browser is still considered 'futuristic' in europe) #eu #browser #firefox #meh
@webcubus @thomasfuchs That’s my take as well. Ensures only cash heavy rich can afford purchasing homes and leaves the rest to rent.