Ken

@[email protected]
44 Followers
193 Following
1.1K Posts
Blue Team aficionado, InfoSec purveyor, Wearer of many hats
Githubhttps://github.com/zorg-the-blue
KenMar 24
W3C DevelopersMar 24

📢 @w3c Breakouts Day 2026!
🗓️ Join us tomorrow - 25 March 2026, 13:00–14:00 UTC

The #ActivityPub specification defines a social API and a federation protocol. Mastodon and compatible platforms implement the latter but not the former.

Join @evan's session to discuss the social #API, its value in the distributed social ecosystem, and the efforts to revive its use.
▶️ https://www.w3.org/events/meetings/fd048dc6-4486-4e21-a639-545523e4ca60/

KenMar 24
Show threadAlexander KarnMar 23

For me, the most objectionable part of this is the monarchical PRONOUNCEMENT of historical truth and the attempt to short-circuit debate and dialogue. This is an authoritarian approach to knowledge that flies in the face of democratic principles.

When history and historical actors are put into a frozen pose and nothing new can be introduced to deepen our understanding of the past, that’s when you know that you’re in the grip of an oppressive regime.

KenMar 23
Josh Grossman (tghosthđź‘») Mar 23

Be the first to attend my new training course at @owasp Global AppSec Vienna!

"Repeatable, Scalable and Valuable Code Security Scanning" is a deep dive into the newest ways to validate code security with a strong emphasis on AI acceleration.

Register:
https://owaspglobalappseceuvienna20.sched.com/event/2EB8l

KenMar 19
BSidesCharmMar 19
We would like to send out a big THANK YOU to a returning sponsor - Black Hills information Security - #BSidesCharm 2026 Gold sponsor!
KenMar 18
Chuck DarwinMar 18

In the six days that followed the US and Israel’s joint attack on Iran on 28 February,
$11.3 billion was spent on American taxpayer-funded bombs that hit the country and caused hundreds of deaths,
the Pentagon has told lawmakers.

This figure does not capture the full cost of the conflict,
such as deployment of forces,
and will now be far higher given the ongoing nature of the war.

But even the limited snapshot of the financial cost of the war has underscored the enormous disparity between the amount spent by the US on its military compared with the budgets of agencies tasked to keep Americans’ air clean, help find new cures for cancer and devise new scientific innovations.

The cost of the first week of the Iran war would be more than enough to fully fund the Environmental Protection Agency this year (at $8.8bn),
the Centers for Disease Control and Prevention ($9.2bn)
or the National Cancer Institute ($7.4bn).

The $11.3bn is also more than the total amount allocated this year for federal scientific research funding, via the National Science Foundation.
https://www.theguardian.com/us-news/2026/mar/18/us-spending-iran-war-priorities?CMP=Share_iOSApp_Other

US spending on first week of Iran war raises stark questions about priorities

$11.3bn more than enough to fund EPA or National Cancer Institute, where administration sought to slash budgets

The Guardian
KenMar 18
Roger A. GrimesMar 18

The best article on Google's push to Merkle tree certificates for post-quantum handling I've seen. I was going to write an article on this, but this one is better than what I would have written. If you don't know what's going on in the PKI world, how Google is upending traditional PKI certificate handling in the post-quantum world, or what Merkle tree certificate is, this is the article to read.

https://postquantum.com/security-pqc/googles-merkle-tree-mtc-https/

Google’s Merkle Tree (MTC) Gambit to Quantum-Proof HTTPS

Google will not put post-quantum signatures into traditional X.509 certificates for Chrome. Instead, the company announced in February 2026 a fundamentally different architecture - Merkle Tree Certificates (MTCs) - that shrinks quantum-resistant TLS authentication data from roughly 14,700 bytes down to as little as 736 bytes, making post-quantum HTTPS potentially smaller than today's classical certificate chains. The approach, developed jointly with Cloudflare and now being standardized through the IETF's newly formed PLANTS working group, integrates Certificate Transparency directly into the issuance process, replaces per-certificate signatures with compact hash-based inclusion proofs, and proposes an entirely new Chrome Quantum-resistant Root Store (CQRS)

PostQuantum - Quantum Computing, Quantum Security, PQC
KenMar 9
The Zeek Network Security MonitorMar 9

RE: https://infosec.exchange/@zeek/116178696196522235

Zeek 8.2 development is underway and our team is actively seeking community feedback before the road to 9.0 continues.

Give us a shout! February newsletter has the details:

#Zeek #NetworkSecurity #OpenSource

KenFeb 26
BSides312Feb 26

Meet the humans behind #BSides312: Mike “Shecky” Kavka (Director) 🚆🎭🛡️

Shecky’s been behind the scenes for years herding the coolest cats + cultivating the welcoming vibes BSides312 is known for.

Senior Security Engineer by day. Volunteer: BSides312, Blue Team Con, Hak4Kidz. BurbSec regular, BHIS “Talkin’ About [infosec] News” panelist. Legend.

⚠️ FOMO: tickets will run out—grab yours today!
âś… https://bsides312.org/
đź“… May 16, 2026
🎤 CFP closes Feb 28, 2026

#InfoSec #Chicago #BSides

KenFeb 22
BSidesCharmFeb 22
As always, we will be offering several training classes this year - more details and sign-up instructions will be released in mid-March - you will need a ticket first
KenFeb 16
Show threadbluemoonFeb 15

Free buses? Really? Of all the promises that Zohran Mamdani made during his New York City mayoral campaign, that one struck some skeptics as the most frivolous leftist fantasy. Unlike housing, groceries and child care, which weigh heavily on New Yorkers’ finances, a bus ride is just a few bucks. Is it really worth the huge effort to spare people that tiny outlay?

It is. Far beyond just saving riders money, free buses deliver a cascade of benefits, from easing traffic to promoting public safety. Just look at Boston; Chapel Hill, N.C.; Richmond, Va.; Kansas City, Mo.; and even New York itself, all of which have tried it to excellent effect. And it doesn’t have to be costly — in fact, it can come out just about even.

As a lawyer, I feel most strongly about the least-discussed benefit: Eliminating bus fares can clear junk cases out of our court system, lowering the crushing caseloads that prevent our judges, prosecutors and public defenders from focusing their attention where it’s most needed.

I was a public defender, and in one of my first cases I was asked to represent a woman who was not a robber or a drug dealer — she was someone who had failed to pay the fare on public transit. Precious resources had been spent arresting, processing, prosecuting and trying her, all for the loss of a few dollars. This is a daily feature of how we criminalize poverty in America.

Unless a person has spent real time in the bowels of a courthouse, it’s hard to imagine how many of the matters clogging criminal courts across the country originate from a lack of transit. Some of those cases result in fines; many result in defendants being ordered to attend community service or further court dates. But if people can’t afford the fare to get to those appointments and can’t get a ride, their only options — jump a turnstile or flout a judge’s order — expose them to re-arrest. Then they may face jail time, which adds significant pressure to our already overcrowded facilities. Is this really what we want the courts spending time on?

Free buses can unclog our streets, too. In Boston, eliminating the need for riders to pay fares or punch tickets cut boarding time by as much as 23 percent, which made everyone’s trip faster. Better, cheaper, faster bus rides give automobile owners an incentive to leave their cars at home, which makes the journey faster still — for those onboard as well as those who still prefer to drive.

How much should a government be willing to pay to achieve those outcomes? How about nothing? When Washington State’s public transit systems stopped charging riders, in many municipalities the state came out more or less even — because the money lost on fares was balanced out by the enormous savings that ensued.

Fare evasion was one of the factors that prompted Mayor Eric Adams to flood New York City public transit with police officers. New Yorkers went from shelling out $4 million for overtime in 2022 to $155 million in 2024. What did it get them? In September 2024, officers drew their guns to shoot a fare beater who was wielding a knife and two innocent bystanders ended up with bullet wounds, the kind of accident that’s all but inevitable in such a crowded setting.

New York City tried a free bus pilot program in 2023 and 2024 and, as predicted, ridership increased — by 30 percent on weekdays and 38 percent on weekends, striking figures that could make a meaningful dent in New York’s chronic traffic problem (and, by extension, air and noise pollution). Something else happened that was surprising: Assaults on bus operators dropped 39 percent. Call it the opposite of the Adams strategy: Lowering barriers to access made for fewer tense law enforcement encounters, fewer acts of desperation and a safer city overall.

If free buses strike you as wasteful, you’re not alone. Plenty of the beneficiaries would be people who can afford to pay. Does it make sense to give them a freebie? Yes, if it improves the life of the city, just as free parks, libraries and public schools do. Don’t think of it as a giveaway to the undeserving. Think of it as a gift to all New Yorkers in every community. We deserve it.