Masha

Not sure how to explain it, but the desire for incredulous judgement around failure is weird. OceanGate being the recent example. A: despite what we pretend, most of the world is held together by bubble gum, tape, & luck B: most people’s 9-5 work quality is well below OceanGate

A German security researcher bought a device designed to capture fingerprints and perform iris scans, for $68 on eBay. Then he found its memory card held the names, nationalities, photographs, fingerprints and iris scans of 2,632 people. nyti.ms/3PVVykl

@_MG_ Any idea if admins can use “password strength” data in enterprise accounts to target those that need to update master password and vault passwords?

Seeing lots of confusion about LastPass breach of encrypted vaults. The biggest risks for actually unlocking the vaults are: - phishing your master password - you having an ultra weak password, or something already known (ex: cred reuse or in a wordlist) 🧵1/n

However, this makes it doubly important for customers to do their due diligence into the platforms and products they use. As a regulated US entity, we'll continue to do our part, working closely with regulators, to deliver the safest and most trusted crypto experience possible.

Despite SBF having an equity stake in Robinhood, we have no direct exposure to Alameda, FTX, or any of its entities, and we've confirmed with our partners that they don't have material exposure either.

@_MG_ @seanzadig @TheParanoids They are few and far between. The Paranoids’ culture is unmatched 😭

@seanzadig @TheParanoids It would be pretty cool to see how things compare elsewhere. It requires opportunity, resourcing, and the right culture. Externally, I only see that at a few places.

I was really really really bummed I couldn’t make it out to NolaCon. Luckily, I have really really really awesome friends who included me in some con fun. Winning was just a cherry on top. Thank you @marbisman @paulby @rqou_ 💜

@paulby You best not be watching Grey’s without me!

Kings of Cascadia. Rulers of MLS. Next: CONCACAF #Sounders #SCCL22 #SEAvPUM @WeAreECS

1/ I've been managing people remotely for 8 years. Here's how to be a better manager in a remote (distributed) team:

A story in two parts: 1. Today I met a woman who ran a beauty salon. The Russians occupied her town, shot at her brother, stole friend's car. Seven soldiers broke into her salon and slept there, stole boxes of beauty products and all the equipment, shat in the neighbouring shop.

In closing, here's the origin of the greatest military opsec failure of all time. First, Putin signed the so-called @bellingcat law, prohibiting soldiers from posting on social media. Then he told the military to not use foreign phones as they are "insecure". The rest is history.

@LitMoose Same idea, different virus.

@LitMoose @kgorin It was super hard to read, even as a Russian speaker.

Get yourself a security team who isn’t trapping you in 10-20 year old security models, if for no other reason than your very-near-future adversaries are evolving with the times. “It’s what everyone else does” is rapidly turning into “being an easy target”

This is the holy grail of security engineering. Well done, @netflix. (h/t: @ryanaraine) netflixtechblog.com/the-show-must-…

Look ma, I made it.

Thank you so much to @BSidesLV for inviting me to speak this year! I present to you, the recording of “Human Security Spaghetti and the Wall Youre Throwing it at.” youtu.be/Qjtael6M_tM #infosec #behavioralscience