@emilygorcenski u high?
Notices by Hexa (hexadecim8@infosec.exchange)
-
Embed this notice
Hexa (hexadecim8@infosec.exchange)'s status on Tuesday, 30-Jan-2024 20:23:44 JST Hexa -
Embed this notice
Hexa (hexadecim8@infosec.exchange)'s status on Tuesday, 06-Dec-2022 01:31:56 JST Hexa Physical attacks on US electrical distribution infrastructure are now happening to get drag shows cancelled. This has been confirmed.
https://www.thedailybeast.com/power-outage-in-moore-county-north-carolina-caused-by-vandalism -
Embed this notice
Hexa (hexadecim8@infosec.exchange)'s status on Tuesday, 06-Dec-2022 01:31:55 JST Hexa In the recent past, we've been concerned about attacks on grid infrastructure due to geopolitical disagreements. It turns out that the danger is more present from right-wing extremists already present in the United States.
This is becoming a serious issue, and is does not stem from some overseas preacher encouraging it. It comes from paid right wing grifters right here in the US preaching bigotry and encouraging armed attacks against, previously, lgbt people, but now just the general public. They do this under the guise of freedom of speech.
This is a serious threat, and law enforcement needs to be taking these threats much more seriously than they have in the past.
It is not a "both sides" situation. Only one side is shooting up substations and terrorizing children's hospitals. -
Embed this notice
Hexa (hexadecim8@infosec.exchange)'s status on Saturday, 12-Nov-2022 21:57:27 JST Hexa I have heard this opinion that infosec should pay attention to web 3.0 applications like NFTs and cryptocurrency, and it's something we do have to talk about.
First of all, the tenor of the argument is that the infosec community owes web 3.0 applications expertise by default, I guess, by virtue of the fact that people will use it and deserve to be protected when they use it. This argument might make sense elsewhere, but there are limitations to this.
My argument is, we have no responsibility to secure obvious scams just because there are users who will engage in scams.
For example, imagine if Bernie Madoff was using an insecure chat app to communicate with the victims of his ponzi scheme. Is the infosec industry expected to rush in and tell Bernie he should be using an encrypted and community audited chat app for his operations? I would argue, no.
When the overall operation is rife with fraud, securing the operations of that fraud is not an obligation. Feel free to disagree with me.