Notices by Chris Wysopal (weld@infosec.exchange)

Message security reminder:

Text Messages sent between Apple and Android devices are not end to end encrypted.

Use a secure messaging app. I recommend Signal.

It took massive Chinese telco infiltration but now the US Govt gets it

2015: "We cannot stop what we cannot see," Rep Mike McCaul

2024: "Encryption is your friend, whether it's on text messaging or if you have the capacity to use encrypted voice comms." Jeff Greene, CISA

There is a Tesla #cybertruck at Black Hat MEA but unfortunately you can’t hack it. There is a semi you can hack in the truck hacking area. #cybersecurity

After 18 yrs as Veracode's CTO I have transitioned to Chief Security Evangelist. I'm excited to have more time to engage developers at meetups & conferences. You'll still see me at all the cybersecurity cons. This & the future of AppSec w/Jens Wessling & Alan Shimel: https://techstrong.tv/videos/interviews/the-evolution-of-application-security-integration-with-veracodes-jens-wessling-and-chris-wysopal

It was so great to be part of this amazing panel this year at ⁦@Defcon - Bricked & Abandoned: How To Keep IoT From Becoming An IoTrash. https://securityboulevard.com/2024/11/def-con-32-bricked-abandoned-how-to-keep-iot-from-becoming-an-iotrash/

Breaking: Aliens have finally contacted us, and guess what? They want us to update our antivirus software!

What gets collected gets stolen and resold. Information wants to be freely available for a price. https://cyberscoop.com/23andme-user-data-theft/

"Computer scientists from Stanford University have found that programmers who accept help from AI tools like Github Copilot produce less secure code than those who fly solo."

Looks like there will be a market for AI vuln remediation!

https://www.theregister.com/2022/12/21/ai_assistants_bad_code/

Social media is metastasizing and I am here for it.

I was there for BBSes.
I was there for IRC.
I was there for AOL chat.
I was there for Facebook.
Yeah didn't like Myspace.
I was there for Twitter.
I am here for private Slack
Now I am here for Mastodon.

It's been amazing seeing a whole community that has built up over 10+ years migrate to a new platform. The sentiment I have seen and heard repeated is that people have 1/10th the followers and have more engagement (I know that word). This can only mean goodness.