Notices by Matt Linton :donor: (amuse@infosec.exchange)

Trump on Hillary: "Her careless storage of emails could have caused security issues!"

Hegseth: "Hold my 13 empty beers."

You know who wouldn't have cancelled the public inauguration because of cold weather?

If there was a Hippocratic oath for sysadmins and software engineers, it would say to patch exploitable vulnerabilities without needing to be told to do so.

I'm aware that there are very deep politics at the heart of this iceberg, but headlines like this always make me grimace.

What hope is there for government cyber security, if agencies still need to be *told* to patch critical vulnerabilities?

Publicly announcing that the 5% of your employees you plan to lay off are the "lowest performers" is probably the meanest thing a company leader could do. First they lose their jobs, then the CEO intentionally tarnishes their reputation in the market so they can't find another?

Looks like this person got a visit from the ghost of cybersecurity "foreseeable consequences".

"I harassed my users into not opening any emails they aren't expecting, and now they won't open any emails they weren't expecting!"

#phishingtraining

I don't know if y'all noticed but CRWD is now trading higher than it was before that big oopsie in July.

w00t!

Starting in ten minutes, I'm teaching my favorite community safety class to my local community #CERT members (and anyone else who wanted to come)

OK folks, I have a 12 hour flight tomorrow and I don't sleep well on planes.

What books (kindle) and movies/TV shows should I consider bringing for myself to pass the time if there's no wifi?

Leaving the USA at SFO, I tested out "Opting out of facial recognition scans before boarding" procedure to see if it indeed exists and will be followed.

It didn't go very well.

The gate agent argued saying I couldn't opt out. I insisted that I'm allowed to, and they pointed to a sign on the wall explaining the "Biometric verification privacy policy". The sign says "Customers wishing to opt out may speak to a gate agent or CBP officer for a manual verification" clearly at the bottom.

The agent then told me I have to opt-out *in advance with CBP*. I pointed out that the sign says "or gate agent" and asked if she was a gate agent. She insisted again that I can't opt-out but by that point another agent heard the discussion, came over, and showed the first agent how to place my passport on the scanner and sent me through. I overheard her telling the first agent as I walked away, "If it's a US passport, it's OK."

A flight of probably 300 people, I'm definitely the only one who opted-out today and by the gate agent's confusion, I suspect I'm the only one who has opted out in a long time.

I'm in every system there is (and China already has my entire SF-86) so it's not that I'm some off-the-grid paranoid who doesn't want to be in "the system" - but for privacy rights to exist at all, it's important to use them when you don't need to and keep them available for people who DO need privacy.

@ryanc @lcamtuf 🎯

@ryanc @lcamtuf You're right! I confuse so many early RFCs and the listserv discussions about them sometimes. Especially from Jon, who was particularly prolific :D

The vanity .tld system was a terrible idea and ICANN should be beaten with barracuda for allowing it. Nobody needed a TLD for '.boats' or '.cheese'

@lcamtuf Reminds me of the original SMTP RFC guidelines; "You should be strict about the RFC while sending, but graceful when receiving".

But look where THAT got us.