Notices by Merry Jerry 🎄🎅🕎⛄️❄️ (jerry@infosec.exchange), page 3

@catsalad @TindrasGrove @teriradichel I cover this a bit on my most recent podcast - basically from a macro perspective, security budget growth is slowing, stagnate in some instances, and even going down for a few. Meanwhile, spending on security “offerings” continues to grow pretty fast, which to me says that, as a whole, we are spending less overall and what we are spending tends to be more for products and services rather than for employees.

Good news: the Whitehouse is going to help flood the market with even more cyber security workers looking for jobs that don't really exist: https://www.darkreading.com/cybersecurity-operations/cybersecurity-talent-shortage-prompts-white-house-action

@deadbeefdotmonster writing something I've been wanting to do for a while about my experiences with supplier risk management. How you doing?

@deadbeefdotmonster that sounds awesome! I've been having a lot of fun over the past few weeks/months now that I am unemployed - spent more time in a pool over the past two weeks than in the prior 50 years combined.

@deadbeefdotmonster it's been amazing! I have lost all concept of time and responsibility, except for taking care of my pets - they like to eat at specific times

Get your thoughts and prayers ready - another school shooting just happened

I’ll reiterate what many others have said about the yubikey story - unless you’re the target of super sophisticated actors who do not want you to know they’ve stolen your yubikey*, this is a bit of a non-event and highlights the importance of keeping track of your yubikeys. Please don’t toss them, but do keep an eye out for further developments. Once an issue like this is identified, it attracts a lot of attention from many smart people and there may will be other findings in the future, but for now, yubikeys are good enough for most of us.

* I know there are a bunch of people convinced you’re being pursued by these advanced adversaries. I worry about you. For many reasons.

Fox News is on the TV at the restaurant I’m at.

When I was in China, I had a discussion with one of the people I was there to see and they told me that the local news only shows negative stories/tragedies/etc about most of the western world, and only shows happy stories, successes, etc about China.

After watching Fox for a few minutes, I understand old people voting much better now.

@monkeyflower @yubico yes.

And so ends another day at the beach

@ouij @Gargron we do have a lot of aspiring HOA presidents on the fediverse.

@SunTzuCyber I should add: I created it at a time when I thought it ridiculous that everyone was including (real) Sun Tzu quotes in their security conference presentations.

Years ago, I created a bot that posted Sun Tzu quotes, if Sun Tzu had written about cyber war. When X closed up API access that bot broke, and it never was high on my list of priorities to bring here. Well, I just fixed that. May I introduce you to @SunTzuCyber, which posts every 6 hours. The posts are set up as unlisted/quiet public, so they won't show up in timelines unless you follow it.

Looks like bsky is the big winner from X being banned in Brazil.

This is my monthly reminder to support your fediverse instance - most instances are run by volunteers and paid for with donations or out of the administrator’s pocket. Commercial social media that is “free”, but funded by targeted advertising, data mining, etc. The fediverse is “free” for most of us, but far from free to run.

To those of you who support your instance, my thanks. To those who can’t afford it, this place is here for you regardless of your ability to support financially. To those who can, please consider supporting your instance if you derive value from the platform. You can find instructions on donating to your specific instance on your instance’s about page.

And a personal thanks to those who support Infosec.exchange. Y’all are the best :blobheartcat:

And now time for an adult capri sun on the beach

My view while cooking dinner. Not so bad.

With the rampant speculation that law enforcement is now intercepting your inane er terribly interesting discussions on Telegram, I am working on an alternative secure chat system.

@fencepost I do wonder about that. They planned to be up there for days, and they’ll end up being among those astronauts that spent the longest time in space. Hopefully the remembered to put their mail on hold.

Y’all gonna continue telling me that the Boeing capsule is just delayed so they can run diagnostics that can’t be done once it lands?

https://apnews.com/article/boeing-spacex-nasa-astronauts-starliner-e4e81e5a6c23dee2f8f72260ddea011c