Kate Pearce

See also: @Secvalve@cloudisland.Nz

@rossjanderson Professor Ross Anderson, FRS, FREng Dear friend and treasured long term campaigner for privacy and security, Professor of Security Engineering at Cambridge University and Edinburgh University, Lovelace Medal winner, has died suddenly at home in Cambridge.

@herbertbos Can’t find the details as it is from years ago, but I reference one here.

@herbertbos My Blackhat talks had several academic papers come out a year or so later each claiming it was “novel” and “not yet documented”. They practically copied my diagrams and didn’t reference my talk.

Hey Infosec twitter/X, I am looking for examples where academic researchers did not credit hackers/non-academic security researcher, or vice versa. Just reply here, or DM me if you don't want do this in public.

@andrewtychen She absolutely could beat you up. But, she would never need to fight. You would take one look and you would never start it. She finishes fights by never needing to start them.

@AlanJ_KA7 “It sounds like carrots might actually be fruit in this case. Attackers are known to innovate and work to evade traditional definition methodologies.”

@secvalve God yes, I’d give this tweet a thousand likes if I could. There’s always one source in the local media that’s willing to speculate on basically any topic.

Important note about cyber security and media interaction during active incidents: When those who know the details can’t talk, those who can talk won’t know the details.

@taramcallister4 But the “potential savings” of $3.70 if you fly seven hours after you need to be there and/or stay 45km away. The potential savings!!!1!

@grogersxyz There is a reason the phrase “as much as the market can bear” exists….

Stuff is asking for whinging landlords to complain about increased costs while the treasury reveals that the main factor driving increases in rents isn’t increased costs, it’s hoarding and greed i.stuff.co.nz/stuff-nation/1…

Do NOT season the pigeons

Dropping #Downfall, exploiting speculative forwarding of 'Gather' instruction to steal data from hardware registers. #MeltdownSequel - Practical to exploit (POC/Demo) - Defeat all isolation boundaries (OS, VM, SGX) - Bypass all Meltdown/MDS mitigations. downfall.page

@DeeMickSee More like: 1 X engineer and 9 ex-engineers. 😬

Q: What do you call 10 Twitter Engineers? ... A: 10 X Engineers 🥁

Where @dotMudge makes an important point at @SummerC0n: real data on ATOs shows that SMS 2FA is fine for the vast majority of users. It prevented 100% of 3.3B automated password stuffing attacks, 96% of 12M bulk phishing, and even 76% of <10k targeted attacks seen over last year.

This tweet bought to you by the one person with overlapping interests.

What’s that about Microsoft Entrapta?

“Machine Unlearning” sounds like a joke, but it’s a very real thing that has huge value if we can figure it out: ai.googleblog.com/2023/06/announ…

@WoSecNZ Next year it will be something else.

@secvalve That did not last long.

Web3 is dead, long live webGPT

@errbufferoverfl Heh. You missed a chance to say “it depends”. 🙃

Which is worse?

@grogersxyz Don’t both options have that risk though?

@secvalve I feel quite strongly that allowing your developers access to production data is a larger risk than implementing a bug in production that might expose the data