Infosec thoughts, links, experiences, rants, chats
(Not my cat.)
I need to give an official name to something we are all talking about right now: Security drift.
Security drift is when software continues to work, but slowly becomes less secure over time, without anyone intentionally making it that way.
1/2
This new internet where services are fully https://www.wired.com/story/tiktok-platforms-cory-doctorow/ shittified as part of accepted business plan is a self-inflicted and unfortunate use of technological output, social contract, and creative and emotional energy.
Maybe we can start betting pools on what's next to go? Reddit looks pretty likely from the API fee direction.
I'm updating myself (after some time away) on the whole "TikTok is a massive national security threat" line. Does anyone have any clear-eyed analysis they'd like to share, please?
So far, I can see that it's bad because it collects data, but for the Chinese rather than "Not the Chinese, probably" like most of the rest of the internet.
Policies are WHY you should be doing something.
Standards are WHAT you should be doing.
Procedures are HOW you should be doing something.
Tanya Janca | SheHacksPurple 
Darryl MacLeod