Notices by Kate Temkin (ktemkin@provably.online)

heads up for trans folks using ING bank in NL: be aware that each time you re-authenticate with an ID, it resets some public-facing details (incl. gendered title shown on transfers) to match the ID used when opening the account

(passing this on from a trans partner)

@dalias @dymaxion I don't generally subscribe to statements that ignore nuance.

While I accept that there's generally some responsibility to prevent machiens from themselves turning into threat vectors (e.g. it's not great to have your iot device be easily made part of a botnet), I am also not going to suggest there's an oversized onus on the authors of e.g. a Thread flashlight to make sure their little uC that's too slow to render its own confiugration UI and which could last maybe five minutes as a slow-as-hell active threat before its battery ran out is protected from the other devices on the theoretically-bridgable Thread network

especially when the time is better spent e.g. understanding that the best solution to most problems that could include many devices is to improve the UI so people stop using insecure defaults

this is why threat modeling is important and nothing is just an implicit "responsibility' with its priority fixed to '1'

@dymaxion infosec folks who then spend their time loudly, publicly calling products crap because of they've identified parser bugs -- without understanding what makes them insequential -- actually can shift manufacturer priorities, making them more likely to spend their time on the stuff that's visible rather than the stuff that's actually applicable to their threat model

(this message brought to you by yet another infosec person writing a huge 'teardown' of soneone's use of cryptography... without bothering to understand that a cryptosystem that protects against every possible attack---no matter how construed---would have such bad ergonomics as to be useless)

@dymaxion threat models still apply to all of these things; they're literally what you use to determine where you spend the limited time you can spend on security (whether that's training coders, auditing code, choosing what to harden, etc etc)

folks can lecture for days about how parser bugs creating weird machines is a serious threat, but if the parser is parsing some saved configuration flash on my digital stylus, chances are the worst that could come of any attack is a bricked stylus.

if you've spent your limited time and energy making sure that's ultra-audited because it's a parser, you're taking time away from things like "realizing that the auth token included in the GET requests for the firmware updater actually also has permissions to fetch and overwrite other products' files"

periodic reminder for infosec folks: stop deciding things are done badly or "insecure" outside of the context of a threat model

it's disingenuous and irresponsibly ignores that security and cryptography are fundamentally about balancing risk tolerance and risk abatement

today in "forgetting dutch exists": this ocr software has word-usage probability models for different historical variants of english, several dead germainc languages, pretty much every other world language, and... exactly 0 models for dutch