Notices by BlueTeamSherpa :verified: (blueteamsherpa@infosec.exchange)

Having #PianoBarCon come up and not currently being on the job, I took the time to actually develop a new karaoke list for the performance at #BlueTeamCon. These are the top 13 things I learned (some having an infosec/IT leaning)

1) I can work steady through lunch and work on a song list for five hours.

2) I've forgotten a LOT of the music I knew from 25 years ago; the 1,600 song list has to go.

3) I still remember a lot of music.

4) It's harder to work on this when using an old computer (the new one is in the shop getting a new motherboard under warranty) but based on proper contingency planning I was still able to get at my file archive.

5) After all these years, I figured out to put the favorites in bold type, so they are easier for people to see.

6) Considering the size of the party and that it is a two-hour (anticipated) gig, I think 25 printouts is enough.

7) It's really cool that I got rid of my 15-year-old Brother laser printer to upgrade to one that would print on both sides of the paper. There was nothing wrong with the old one, but I decided I deserved an upgrade last year.

8) You can legibly put 270 song titles across 4 printed pages, even if over 100 of them are in bold type because they are more popular.

9) I easily could have put more songs on the pages, but really that's way more than enough. Figuring 3-4 minutes a piece, a two-hour gig should be no more than 40 pieces. I've had "two-hour gigs" go four or five hours (sometimes it happens), and one has to figure that not everyone is going to like every piece I can play, so one needs more pieces. I should still be well set, especially since I could have put easily another 50 pieces on there that if someone requests them I can do.

10) It is appropriate to put some instrumental only pieces on this list so if someone wants to hear Linus and Luch (Vince Guaraldi) or the Pink Panther Theme they know that I know it.

11) ChatGPT is excellent for normalizing the song titles and the entity related to them but still has to be checked (I fixed some mistakes).

12) People are bound to find mistakes I didn't catch in the list, I'm bound to have a brain freeze and not be able to play something on the list that someone is going to request, and in spite of that we'll all (or most of us, anyway) will have a good to great time, and we'll raise hundreds for charity while doing it.

13) Brother may still make rock-solid hardware, but their marketing has gone way over the top. I will still buy their products, but apparently their products are so solid that they have to (or chose to) resort to making money through their marketing efforts.

Looking forward to seeing everyone at #blueteamcon Saturday night by the Sober Party Room at 8:30 PM.

Someone called ChatGPT “Grand Theft Autocorrect” and I laughed way too long at that.

@vkc @profdc9 I’m sorry that people of my gender do that shit. While neither my husband nor I catcall anyone (either gender), that doesn’t absolve me from caring.

Yes, It Is Just Like The Nazis
Hey so remember Anne Frank? The Jewish young girl who hid in an attic and was killed by the Nazis? The emblematic person we think of when we think of victims of the Holocaust?

She did not die in a gas chamber or in a death camp. She died in a temporary' detention center for the mass deportations which preceded the death camps.
She was in that camp because a patriotic neighbor ratted her out to the German deportation force. She died, not of a bullet to the back of the head or choking on gas, but of typhus. She contracted typhus because the Nazis couldn't realistically deport people at the rate they wanted to, because before the death camps their infrastructure couldn't handle the sudden influx of ethnic minorities they had decided to imprison, and because they didn't care about the consequences of that so their deportation detention centers were unhygienic and prisoners were underfed and overcrowded.

And she was picked up by the deportation force not because she was an illegal citizen but because, just like the US is doing with asylum seekers, she was part of a formerly recognized class of citizens who were legally redefined to lack citizenship by a new administration.

Anne Frank is exactly like the children who have already died in the United State's detention camps. Exactly. Down to the very last detail. There. Is. Not. A.
Single. Difference.

So unless you want to fucking tell me that Anne goddamn Frank was not a victim of the Holocaust, y'all can shut the fuck up with that "stop making concentration camp comparisons, you're diminishing the suffering of the Holocaust" bullshit.

Its also worth noting that her family TRIED to flee to the US and was denied. She was in that camp partly because the US refused to let her refugee family immigrate.

Elon Musk just raided America's doomsday seed vault.

Yes, you read that right. The vault meant to protect humanity’s last defense against agricultural collapse, stripped and sabotaged.

This isn't hyperbole. The seed bunker held our future. Our protection from famine, disease, climate disasters, destroyed by reckless arrogance.

Elon Musk fired critical scientists, placing centuries of agricultural heritage at immediate risk.

America relied on those seeds. America relied on those scientists. America relied on that bunker.

62,000 unique wheat strains, 600,000 genetic lines, our lifeline in a crisis, now endangered.

Without regular care, these seeds die. Without these seeds, we lose our ability to respond to threats.

Without that ability, we lose food security itself.

This is a direct assault on humanity's survival.

Elon Musk and his Department of Government Efficiency (DOGE) treated our collective security as disposable, gambling with millions of lives. Farmers, families, and children. Everyone is harmed.

If you're thinking someone else will handle this, you're wrong. If you're assuming private industry will step in, you're wrong.

If you're comfortable waiting to act, you're complicit.

Apathy won't fix this, waiting won't reverse it.

You must immediately demand:
- Full reinstatement of the fired scientists.
- Secured federal funding protecting the seed vault permanently.
- Legislative safeguards ensuring this can never happen again.

Call your representatives. Share this message. Demand accountability from Musk, DOGE, and our government.

Act now, because your future depends on it. Your children's survival, planet's stability, and the nation's integrity are at stake.

It is urgent, necessary, and morally essential.

Stand up, speak out, and fight for our shared future.

The best, most cogent and elegantly simple explanation into the inexplicably destructive negotiating processes of the president,by Prof. David Honig of Indiana University.

Everybody I know should read this accurate and enlightening piece...

“I’m going to get a little wonky and write about Donald Trump and negotiations. For those who don't know, I'm an adjunct professor at Indiana University - Robert H. McKinney School of Law and I teach negotiations. Okay, here goes.

Trump, as most of us know, is the credited author of "The Art of the Deal," a book that was actually ghost written by a man named Tony Schwartz, who was given access to Trump and wrote based upon his observations. If you've read The Art of the Deal, or if you've followed Trump lately, you'll know, even if you didn't know the label, that he sees all dealmaking as what we call "distributive bargaining."

Distributive bargaining always has a winner and a loser. It happens when there is a fixed quantity of something and two sides are fighting over how it gets distributed. Think of it as a pie and you're fighting over who gets how many pieces. In Trump's world, the bargaining was for a building, or for construction work, or subcontractors. He perceives a successful bargain as one in which there is a winner and a loser, so if he pays less than the seller wants, he wins. The more he saves the more he wins.

The other type of bargaining is called integrative bargaining. In integrative bargaining the two sides don't have a complete conflict of interest, and it is possible to reach mutually beneficial agreements. Think of it, not a single pie to be divided by two hungry people, but as a baker and a caterer negotiating over how many pies will be baked at what prices, and the nature of their ongoing relationship after this one gig is over.

The problem with Trump is that he sees only distributive bargaining in an international world that requires integrative bargaining. He can raise tariffs, but so can other countries. He can't demand they not respond. There is no defined end to the negotiation and there is no simple winner and loser. There are always more pies to be baked. Further, negotiations aren't binary. China's choices aren't (a) buy soybeans from US farmers, or (b) don't buy soybeans. They can also (c) buy soybeans from Russia, or Argentina, or Brazil, or Canada, etc. That completely strips the distributive bargainer of his power to win or lose, to control the negotiation.

One of the risks of distributive bargaining is bad will. In a one-time distributive bargain, e.g. negotiating with the cabinet maker in your casino about whether you're going to pay his whole bill or demand a discount, you don't have to worry about your ongoing credibility or the next deal. If you do that to the cabinet maker, you can bet he won't agree to do the cabinets in your next casino, and you're going to have to find another cabinet maker.

There isn't another Canada.

So when you approach international negotiation, in a world as complex as ours, with integrated economies and multiple buyers and sellers, you simply must approach them through integrative bargaining. If you attempt distributive bargaining, success is impossible. And we see that already.

Trump has raised tariffs on China. China responded, in addition to raising tariffs on US goods, by dropping all its soybean orders from the US and buying them from Russia. The effect is not only to cause tremendous harm to US farmers, but also to increase Russian revenue, making Russia less susceptible to sanctions and boycotts, increasing its economic and political power in the world, and reducing ours. Trump saw steel and aluminum and thought it would be an easy win, BECAUSE HE SAW ONLY STEEL AND ALUMINUM - HE SEES EVERY NEGOTIATION AS DISTRIBUTIVE. China saw it as integrative, and integrated Russia and its soybean purchase orders into a far more complex negotiation ecosystem.

Trump has the same weakness politically. For every winner there must be a loser. And that's just not how politics works, not over the long run.

For people who study negotiations, this is incredibly basic stuff, negotiations 101, definitions you learn before you even start talking about styles and tactics. And here's another huge problem for us.

Trump is utterly convinced that his experience in a closely held real estate company has prepared him to run a nation, and therefore he rejects the advice of people who spent entire careers studying the nuances of international negotiations and diplomacy. But the leaders on the other side of the table have not eschewed expertise, they have embraced it. And that means they look at Trump and, given his very limited tool chest and his blindly distributive understanding of negotiation, they know exactly what he is going to do and exactly how to respond to it.

From a professional negotiation point of view, Trump isn't even bringing checkers to a chess match. He's bringing a quarter that he insists of flipping for heads or tails, while everybody else is studying the chess board to decide whether its better to open with Najdorf or Grünfeld.”

— David Honig

I love my job, it seems to love me back (employer and client), and if someone needs work that we are hiring for I'd recommend them (and would like to recommend you if I think you're a good fit).

At the same time, for many years I've had an exercise of creating an updated version of my resume.

This year, I took off my street address (no one needs that, city/state is relevant and enough), debated about taking off my graduation dates (and didn't), and added two very important policy document references for people that do know the field; they will know I do Risk Management Framework and have expertise in cross domain solutions (or at least know how to spell CDS).

I left the dates on because in my summary I mention over 30 years of professional experience (actually it's close to 38). I considered changing this text to "almost four decades," but felt that this aged me too much. If I'm leaving in the 30 years, then I may as well leave in the graduation dates, especially since some are within the last 10 years.

Since I'm not looking, it's not practical to ask a recruiter to review it because then they are going to get the impression that I'm looking when I'm not, and they make their money by getting people hired. That, and my field is kind of niche.

What's a good way to get an objective review of my updated resume without sending out recruiter pheromones?

@aka_quant_noir @CatDragon @tristansnell most of the world gets what you call free health care. We could have had it too except for GOP being owned. Don’t put that on Israel.

• An Oxford comma walks into a bar where it spends the evening watching the television, getting drunk, and smoking cigars.

• A dangling participle walks into a bar. Enjoying a cocktail and chatting with the bartender, the evening passes pleasantly.

• A bar was walked into by the passive voice.

• An oxymoron walked into a bar, and the silence was deafening.

• Two quotation marks walk into a “bar.”

• A malapropism walks into a bar, looking for all intensive purposes like a wolf in cheap clothing, muttering epitaphs and casting dispersions on his magnificent other, who takes him for granite.

• Hyperbole totally rips into this insane bar and absolutely destroys everything.

• A question mark walks into a bar?

• A non sequitur walks into a bar. In a strong wind, even turkeys can fly.

• Papyrus and Comic Sans walk into a bar. The bartender says, "Get out -- we don't serve your type."

• A mixed metaphor walks into a bar, seeing the handwriting on the wall but hoping to nip it in the bud.

• A comma splice walks into a bar, it has a drink and then leaves.

• Three intransitive verbs walk into a bar. They sit. They converse. They depart.

• A synonym strolls into a tavern.

• At the end of the day, a cliché walks into a bar -- fresh as a daisy, cute as a button, and sharp as a tack.

• A run-on sentence walks into a bar it starts flirting. With a cute little sentence fragment.

• Falling slowly, softly falling, the chiasmus collapses to the bar floor.

• A figure of speech literally walks into a bar and ends up getting figuratively hammered.

• An allusion walks into a bar, despite the fact that alcohol is its Achilles heel.

• The subjunctive would have walked into a bar, had it only known.

• A misplaced modifier walks into a bar owned a man with a glass eye named Ralph.

• The past, present, and future walked into a bar. It was tense.

• A dyslexic walks into a bra.

• A verb walks into a bar, sees a beautiful noun, and suggests they conjugate. The noun declines.

• A simile walks into a bar, as parched as a desert.

• A gerund and an infinitive walk into a bar, drinking to forget.

• A hyphenated word and a non-hyphenated word walk into a bar and the bartender nearly chokes on the irony.

@patrickcmiller I’m really not a fan of using biometrics as a factor unless in all cases it is an additional factor (law enforcement issue).

If someone has a serious weight change (e.g., cancer or serious accident), does Face ID break? Even if not, is there a bypass function that can be implemented? It’s easy enough for my spouse to find the key to the safety deposit box where I have written down my password, but if I die or am otherwise incapacitated, what is he to do?

@zleap @malwaretech I’d be good with an international peacekeeping force, but considering that one side seems to only accept the total destruction of the other, good luck wading into the middle of that.

@horse you just did. It’s the first and fifth note of the diatonic scale.

@horse the notes are five notes apart. Fifth sort of equals fish.

I usually don’t make jokes that relate to speech impediments, preferring to refer to May fourth as Dave Brubeck day (5/4), but for this one I made an exception because it seems more innocuous. If someone finds this to be offensive I would delete it.