Ariana Mirian
@arianamirian.bsky.social
I get excited about empirical measurement and improving security. Senior Security Researcher @ Censys, avid birder, views my own | http://arianamirian.com
Reposted by Ariana Mirian
"metric strategy" = we do shitty study on 20 white men with y disease and say xx is good
"measurement strategy" = we do better designed representative measures of xx + variance
"evidence strategy" = we're doing ^, plus patient insight & clinicians' experiences over time, getting xx, rr, aa...
"measurement strategy" = we do better designed representative measures of xx + variance
"evidence strategy" = we're doing ^, plus patient insight & clinicians' experiences over time, getting xx, rr, aa...
May 15, 2025 at 10:20 PM
"metric strategy" = we do shitty study on 20 white men with y disease and say xx is good
"measurement strategy" = we do better designed representative measures of xx + variance
"evidence strategy" = we're doing ^, plus patient insight & clinicians' experiences over time, getting xx, rr, aa...
"measurement strategy" = we do better designed representative measures of xx + variance
"evidence strategy" = we're doing ^, plus patient insight & clinicians' experiences over time, getting xx, rr, aa...
Last week I had the pleasure talking to @dennisf.bsky.social about empirically backed security decisions (around scanning) and why it matters. Take a peek as to why the data don't lie 😎
Get your learn on about scanning non-standard ports with @arianamirian.bsky.social from @censys.bsky.social.
youtu.be/qr6Xdl9WfLM?...
youtu.be/qr6Xdl9WfLM?...
Making Non-Standard Port Scanning the Standard
YouTube video by Censys
youtu.be
April 21, 2025 at 6:25 PM
Last week I had the pleasure talking to @dennisf.bsky.social about empirically backed security decisions (around scanning) and why it matters. Take a peek as to why the data don't lie 😎
New year, same old "people getting my name wrong via email"
Today's candidate: "Hello Marian"
Today's candidate: "Hello Marian"
January 22, 2025 at 4:33 PM
New year, same old "people getting my name wrong via email"
Today's candidate: "Hello Marian"
Today's candidate: "Hello Marian"
The security industry is moving FAST, and is leaving behind (actively harming) users. So often we're deploying these defenses that we find out empirically, after the fact, don't. WORK. Security has its own slew of technical problems, yes, AND I think we have a lot to learn from social science here
I've actually become kind of interested in forced security initiatives as an experience of loss of agency in the last few years (in dialogue with @arianamirian.bsky.social a brilliant empirical security researcher) and what better models could be
Have other university ITs become just as overzealous or are we blessed with a particularly impossible setup? in recent years, under the disguise of cybersecurity, we have gradually lost all authority over our work computers (e.g., what software to access) & now everything is subject to bureaucracy.
January 21, 2025 at 8:16 PM
The security industry is moving FAST, and is leaving behind (actively harming) users. So often we're deploying these defenses that we find out empirically, after the fact, don't. WORK. Security has its own slew of technical problems, yes, AND I think we have a lot to learn from social science here
Reposted by Ariana Mirian
I will leave it as an exercise for the reader to imagine whether "security research" venues tend to ever value or make room for behavioral science and social science 🙃 so these chasms grow
January 18, 2025 at 7:45 PM
I will leave it as an exercise for the reader to imagine whether "security research" venues tend to ever value or make room for behavioral science and social science 🙃 so these chasms grow
Better late than never...I'm at shmoocon! If you're around let's hang 🎉
January 10, 2025 at 4:23 PM
Better late than never...I'm at shmoocon! If you're around let's hang 🎉
The number of times I am randomly selected for additional inspection is not a random number of times
November 27, 2024 at 10:48 PM
The number of times I am randomly selected for additional inspection is not a random number of times
Listen, on a Friday afternoon at 3 PM, the best variable name I can come up with is "size_bucket". That's all I got left in me.
Will I be fixing this Monday? Absolutely. Do I care right now? Absolutely not.
Will I be fixing this Monday? Absolutely. Do I care right now? Absolutely not.
November 15, 2024 at 11:02 PM
Listen, on a Friday afternoon at 3 PM, the best variable name I can come up with is "size_bucket". That's all I got left in me.
Will I be fixing this Monday? Absolutely. Do I care right now? Absolutely not.
Will I be fixing this Monday? Absolutely. Do I care right now? Absolutely not.
Reposted by Ariana Mirian
Daniel Stenberg's notes from this week's HTTP Workshop are a nice way of catching up on smart folks' thoughts about the present and future of your favorite transport protocol:
Day 1: daniel.haxx.se/blog/2024/11...
Day 2: daniel.haxx.se/blog/2024/11...
Day 3: daniel.haxx.se/blog/2024/11...
Day 1: daniel.haxx.se/blog/2024/11...
Day 2: daniel.haxx.se/blog/2024/11...
Day 3: daniel.haxx.se/blog/2024/11...
The 2024 HTTP Workshop
Day one. For the sixth time, this informal group of HTTP implementers and related "interested parties" unite in a room over a couple of days doing a HTTP Workshop. Nine years since that first event in...
daniel.haxx.se
November 15, 2024 at 5:40 PM
Daniel Stenberg's notes from this week's HTTP Workshop are a nice way of catching up on smart folks' thoughts about the present and future of your favorite transport protocol:
Day 1: daniel.haxx.se/blog/2024/11...
Day 2: daniel.haxx.se/blog/2024/11...
Day 3: daniel.haxx.se/blog/2024/11...
Day 1: daniel.haxx.se/blog/2024/11...
Day 2: daniel.haxx.se/blog/2024/11...
Day 3: daniel.haxx.se/blog/2024/11...
Finally migrated here from the bad app! A bit about me: I research internet measurement and the intersection of security, and love what I do. Let's try to quantifiably make the Internet a safer place, with empathy for the users! Separate from all that, I also love birds (AMA)
November 15, 2024 at 7:36 PM
Finally migrated here from the bad app! A bit about me: I research internet measurement and the intersection of security, and love what I do. Let's try to quantifiably make the Internet a safer place, with empathy for the users! Separate from all that, I also love birds (AMA)
"we need some metrif of ground truty "--> exhibit #15232 of why we proofread our own text
November 12, 2024 at 6:13 PM
"we need some metrif of ground truty "--> exhibit #15232 of why we proofread our own text