Dave Weinstein

@[email protected]
621 Followers
402 Following
2.2K Posts

Recovering Game Developer turned Security Professional. Sometime musician, potter, player (and occasional author) of games. Not a speaker for my employer. He/Him.

A Partial List of Interests:

#GameDev
#Infosec
#VulnDev
#IncidentManagement
#TTRPG
#Synthesizers
#FolkMusic
#Pottery

Previous profile dhw on mastodon.social

Also @t-dye.bsky.social

Bloghttps://belegaer.com
Gameshttps://narratio.press
LinkedInhttps://www.linkedin.com/in/weinsteindave/
GitHubhttps://github.com/DaveWeinstein
Dave Weinstein3d ago
Adam Shostack  3d ago
There sure do seem to be a lot of ways to not say "The United States is threatening to commit war crimes."
Dave WeinsteinMar 11
evacideMar 11

I know that bad news is coming when a co-worker messages me with "You're gonna be so mad..."

Grammarly has rolled out an AI-powered "expert review" feature where its simulacrum of me makes suggestions for your text. My real edits are usually along the lines of "Throw this into the sea."

Dave WeinsteinMar 6
mekka okereke Mar 6

Slurs spoke themselves unto the mouths of young GOP members again! I just hope that they're all OK!🤡

Slurs emitted themselves fully formed, from the fingertips of innocent far-right people! That must have been terrifying for them! 🤡

Pray for those that survived spontaneous chat room devolution! 🤡

Dave WeinsteinFeb 28
MostlyHarmlessFeb 28
Dave WeinsteinFeb 28
CassandrichFeb 26

PSA: The Amazon wishlist doxing threat is much greater and more immediate than folks might realize. Attack works like this:

Stalker who wants your address opens an Amazon seller account and lists themselves as a third party seller for any item on your public wishlist. Then, they order the item from themselves as a gift for you. Bam, they have your address.

In particular, attack does not depend on an existing third party seller having poor PII handling hygiene, like the articles have implied.

Dave WeinsteinFeb 22
Missing The PointFeb 22
Breaking: The U.S. dispatches health insurance claim denial ship to Greenland.
Dave WeinsteinFeb 20
Robert ReichFeb 20
Dave WeinsteinFeb 17
nullagentFeb 17

I heard Donald Trump doesn't want anyone to see this interview of a Texas Democrat.

The Trump FCC has threatened every show State Rep. James Talarico goes on and this week it was The Late Show's turn in the hot seat. The FCC forced this interview off the airwaves.

We probably should watch it if Trump hates this politician so much.

https://youtu.be/oiTJ7Pz_59A

#JamesTalarico #Texas #Trump #TheLateShow #stephencolbert #USPol #1A #christianity

Rep. James Talarico On Confronting Christian Nationalism, And Strange Days In The Texas Legislature

YouTube
Dave WeinsteinFeb 17
Kevin BeaumontFeb 16

Today in InfoSec Job Security News:

I was looking into an obvious ../.. vulnerability introduced into a major web framework today, and it was committed by username Claude on GitHub. Vibe coded, basically.

So I started looking through Claude commits on GitHub, there’s over 2m of them and it’s about 5% of all open source code this month.

https://github.com/search?q=author%3Aclaude&type=commits&s=author-date&o=desc

As I looked through the code I saw the same class of vulns being introduced over, and over, again - several a minute.

Build software better, together

GitHub is where people build software. More than 150 million people use GitHub to discover, fork, and contribute to over 420 million projects.

GitHub
Dave WeinsteinFeb 15
lolgopFeb 15

I wrote about the "I never want to see a child ever run away from our own government ever again" guy.

I think he shows why Trump being a dogshit president temporarily solves many of the Democrats' worst problems with the media. And we have to take advantage of this moment.

https://www.thefarce.org/i-never-want-to-see-a-child-ever-run-away-from-our-own-government-ever-again/

"I never want to see a child ever run away from our own government ever again"

Notes on changing brains. And Brians.

THE FARCE