Notices by Lesley Carhart :unverified: (hacks4pancakes@infosec.exchange)

I have this weird, horrible, learned calculus about approving my hundreds of waiting LimkedIn requests. Do I know them? Did they send me a note? Have
I met them? Are they somewhere people want queer people dead? I’m sorry. It’s so hard to know who to trust anymore.

It’s entirely (unfortunately) possible lackluster turnout, disinformation, gerrymandering, and overconfidence cost the bulk of swing states last year. And that reaction to a horrific six months caused this swing. We have to look at every possible cause and the facts to be successful in 2026 and 2028

I know it’s tempting to look at yesterday’s election numbers in America and speculate about lack of 2024 election integrity, but I really caution against doing so without measured skepticism and evidence. Trust in overall election integrity and certification is vital to US stability going forward.

The whole MIT / @GossiTheDog malware study saga is so funny, because aside from the paper absolutely being crazy AI marketing FUD, there’s a crack of accidental admission about the fact that what the industry been hyping this whole time as 📣✨AI✨📣 is just sparkling ML and polymorphism.

The rest of the world is moving on.

This is a good Reddit post about cybersecurity cons for junior people and newcomers, with a lot of good and genuine answers from community friends. https://www.reddit.com/r/cybersecurity/s/YZakYHIwNJ

I taught a live translated class remotely to business people in Japan on OT malware reversing while wearing a kuromi onesie for Halloween, from a friends spare bedroom in a third country if you were wondering how shit is going

I know it’s overwhelming right now, but kick in your rational brain and risk measures and then evaluate if things are the same or as good as they were a year ago, ten years ago, etc. Is this something you would have considered normal or noteworthy? Is this what you’d expect from the gov or media?

This is a natural reaction of your brain to repeatedly seeing horrific things. It will pay less and less attention to those images and have less of a visceral reaction. You can accept horrors.

This is what the fascists want. They want you to accept things continually getting worse and more violent.

@guitarfosec people on Mastodon know. My dad doesn’t know. My colleagues don’t know. The people who organize Chicago events don’t know. We are in a bubble.

Hey, so as a veteran and incident responder I need to warn you to pay attention to something in America.

The human brain is resilient. While you’re watching kids get dragged away from the parents and people being beaten in the streets, you’re accumulating trauma but also being desensitized.

Just realized I am now Midwest nice plus Australia nice and all I need to do is move to Canada for a bit and I'll be -unbearably- friendly and apologetic.

Cybersecurity was always political.
You can’t escape effects on defense, intelligence, and even the increasingly flooded industry job market by closing your eyes really hard and sticking your fingers in your ears. You can’t escape cybersecurity being political by being, “not really into politics”.

Hey guys I bought my first piece of commissioned Australian art and it’s as absurdly nerdy as you expect

(Oh no not straight white dude nerds on Reddit not realizing their non traditional cybersecurity education is also diversity…)

Of course when HR gets 400 qualified applicants for every entry level IT job they start cranking the requirement levers up to 11 in every area. There’s no financial incentive for them not to. Especially since the death of acknowledging talent from diverse backgrounds in America.

Cybersecurity Reddit is devolving between mid career IT with certs saying only degrees are getting hired and grads saying only certs and experience are getting hired - and I’m sorry but this is late stage capitalist hell, comrades. Only people with degrees plus experience and certs are getting hired

So keep it up, hacker community. When I left Twitter, it was only a few of us speaking out about what we didn’t want to enable. We were mocked and ignored. There wasn’t a huge change in content. I’m glad people have started to realize the reality of the battles we face.

We have reached a 50% tipping point for sure. We are way lower on the hierarchy of needs, (bad), but it’s good we are talking about it consistently.

Between the manufactured AI hype crumbling and people being dragged off in the streets, it gives me hope we are taking about human rights.

I have public lists of cybersecurity reporters and pundits on both BlueSky and Mastodon and find it simultaneously encouraging and discouraging how much of the Americans’ content has changed from cybersecurity research to tangential privacy rights and even just social justice in the past six months.