Ian Nickles
LightNews LightNews
inickles.bsky.social
Ian Nickles
@inickles.bsky.social
190 followers 86 following 17 posts
science, infosec, snowboarding.
Posts Replies Media Videos
Reposted by Ian Nickles
elizas.website
come work with me! @oxide.computer is currently hiring for a whole bunch of different engineering roles, up and down the stack — from distributed systems to electrical engineering!
oxide.computer Oxide Computer Company @oxide.computer · Apr 29
You're not seeing double! New engineering positions are posted for the second week in a row. Come join the team! oxide.computer/careers
Purple recruiting graphic reading, from top: ‘Control Plane; OS & Virtualization; Network Software; Electrical Engineering.’ A horizontal band below features the headline ‘We’re Hiring’ in bold white, with a subtle plus-sign pattern and ‘0×’ logo in the lower right.”
April 29, 2025 at 10:04 PM
inickles.bsky.social
Pete Hegseth: "We are currently clean on OPSEC"
March 26, 2025 at 3:58 PM
Reposted by Ian Nickles
jasonkoebler.bsky.social
Scoop: The databases powering DOGE.gov are insecure, and people outside the government have already pushed their own updates to the site to prove it:

www.404media.co/anyone-can-p...
Anyone Can Push Updates to the DOGE.gov Website
"THESE 'EXPERTS' LEFT THEIR DATABASE OPEN."
www.404media.co
February 14, 2025 at 6:44 AM
Reposted by Ian Nickles
christophetd.fr
Device code phishing strikes again www.volexity.com/blog/2025/02...
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication
Starting in mid-January 2025, Volexity identified several social-engineering and spear-phishing campaigns by Russian threat actors aimed at compromising Microsoft 365 (M365) accounts. These attack cam...
www.volexity.com
February 14, 2025 at 10:14 AM
Reposted by Ian Nickles
lcamtuf.coredump.cx
C IS LEGAL AGAIN
January 25, 2025 at 5:47 AM
inickles.bsky.social
New version of Product Security Bad Practices from CISA just dropped.

www.cisa.gov/resources-to...
Product Security Bad Practices | CISA
This voluntary guidance provides an overview of product security bad practices that are deemed exceptionally risky, particularly for software manufacturers who produce software used in service of crit...
www.cisa.gov
January 17, 2025 at 6:22 PM
inickles.bsky.social
After the holidays I am ready for my vacation next week where I return to work.
January 3, 2025 at 7:46 PM
Reposted by Ian Nickles
ramimac.me
Lately, every BSides seems to have a talk on reframing security teams as a “Department of Yes”

We don’t hear nearly as much about the value of a well-considered, strategically deployed “No”

I've pulled together guidance on giving a better, more constructive No:
ramimac.me/saying-no
How to Say “No” Well
Security’s pivot from ‘Department of No’ to ‘Department of Yes’ misses the real lesson - how to say ‘No’ the right way.
ramimac.me
December 30, 2024 at 3:08 PM
inickles.bsky.social
I've never felt so seen and attacked at the same time.

youtu.be/4gygGeLsU7A
When You Get Your Password Wrong
YouTube video by Fairbairn Films
youtu.be
December 20, 2024 at 9:35 PM
Reposted by Ian Nickles
oxide.computer
The new oxide.computer is live 🚀
Oxide Computer Company
Servers as they should be. Hardware, with the software baked in, for running infrastructure at scale.
oxide.computer
December 17, 2024 at 8:32 PM
inickles.bsky.social
FAIL
Picture of a door labeled Palisades Tahoe Security that is not fully closed.
December 14, 2024 at 10:22 PM
inickles.bsky.social
NIST SP 800-53 Rev 5 is a grind.
December 13, 2024 at 10:59 PM
inickles.bsky.social
hack the planet
Picture of 0day IPA 12 oz can from Jailbreak Brewing.
December 5, 2024 at 6:43 PM
inickles.bsky.social
First time in DC. Got to see the Apollo 11 command module at the Smithsonian National Air and Space museum.
Photo of the Apollo 11 command module Columbia at the Smithsonian National Air and Space museum.
December 5, 2024 at 3:17 AM
inickles.bsky.social
Public Oxide security advisories are live!

docs.oxide.computer/security
Docs / Oxide
docs.oxide.computer
November 27, 2024 at 7:54 PM
Reposted by Ian Nickles
oxide.computer
Great article on our work with Lawrence Livermore National Laboratory and how they'll use their new Cloud Computer
Oxides rackscale compute platform lands at LNLL
System to serve as a proof of concept for applying API-driven automation to scientific computing
buff.ly
November 21, 2024 at 7:53 PM