O.G. πŸ‡ΊπŸ‡¦πŸŒ»

@[email protected]
266 Followers
200 Following
14 Posts
Recovering threat hunter.
Birdsite@0x4f47
Bluesky@0x4f47.bsky.social
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Jun 14, 2023
The thing about great quotes by great people is that most of them were already great by the time they made those quotes. A lot of great quotes by unknown people have probably gone unnoticed.
O.G. πŸ‡ΊπŸ‡¦πŸŒ»May 18, 2023
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Apr 13, 2023
No, I am not that OG.
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Jan 28, 2023
NIST SP 800-63B-1: Change your password every 90 days.
...
NIST SP 800-63B-3: No periodic password change requirements.
...
NIST SP 800-63B-5: Change your password every LastPass breach.
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Dec 23, 2022
I have unfounded fears about using escalators, but I am taking steps to avoid them.
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Dec 22, 2022
Welp, I guess I know what I'm doing this holiday season. Going through all of my online accounts and changing all the passwords and recovery codes, because I don't remember if I did all of them when I ditched #LastPass and they're not making it very clear what exactly got stolen β€‹ https://infosec.exchange/@og/109441555092278405
O.G. πŸ‡ΊπŸ‡¦πŸŒ» (@[email protected])

Since #LastPass bashing is all the rage right now, I want to share something - I stopped using LastPass. But it had nothing to do with their security issues. I think their transparency and handling of having a constant target on their back has been above board. I switched myself and all of the extended family members away from their services last year... because of the way LastPass handled monetization. Tricking users into "free" accounts, then breaking the device sync functionality and demanding a payment to restore it was just shady. A lot of those users were not technical, and moving to LastPass for credential management was a first (and rather challenging) investment of time and effort for them. Breaking core functionality for a payment, causing confusion, loss of trust (and, in some cases, resistance to keep using a password manager) did not sit right with me. We pay the premium subscriptions to other services now.

Infosec Exchange
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Dec 22, 2022
  • We were breached, but don't worry, your data was not stolen.
  • Ok, we were breached, and your data was stolen, but don't worry, it was encrypted.
  • Actually, we were breached, and your data was stolen, and some of it was not encrypted, but don't worry, the rest of it was definitely encrypted.
  • You know what, were breached, and your data was stolen, and...
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Dec 22, 2022
If you are always "experiencing higher than usual call volumes" then they aren't higher than usual.
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Dec 9, 2022
#threathunting
O.G. πŸ‡ΊπŸ‡¦πŸŒ»Nov 22, 2022
Ok. I am going to say it. If you have surface knowledge of Silk Road and Mt.GoX in the context of Bitcoin's shady past, you have got to read @agreenberg's "Tracers in the Dark". I'm only on chapter 19, and I've now said "holy shit" to myself no fewer than 19 times. Without posting spoilers, the true story of the full extent of what transpired through those investigations put modern crime dramas to shame. And still over 30 chapters to go...