Calling your workers hobbits and assuring them you’ll come up with some way for them to face their families after all this…

Oh boy do I have news for you

To be clear: I have been busy with, well, yeah, but fuck JK Rowling and the anti-trans hate she happily basks in. (And fuck everyone over on this side of the ocean who decided that hating on a minority population like she has was the right approach to feeling better about yourself.)

Entire podcasts were dedicated to the question of what JK Rowling has ever done that’s transphobic. She has openly been working toward this outcome for years.

As for the industry, it often casts itself as fighting to defend democracy from election hackers & foreign disinfo. Surely punishing Krebs for defending the truth about America's elections - and punishing @sentinelone.com for the 'offense' of having hired him - would draw public indignation, right?

Anything a hacker can do, so can a careless IT person.

In fact, hackers target IT accounts for takeover, because that gives them 100% of the power to do anything they want.

So little of "hacking" actually involves anything you would call hacking. You just do shit to "become an IT person."

Set "Access this computer from the network" to a pruned AD security group.

I taught a couple of cybersecurity merit badges to my daughter’s Girl Scouts troop and the parents were amazed that I made it so easy to understand for a bunch of 8 year olds

I pointed out that I had years of practice explaining the Internet to senior military officers, so this was a breeze

Tariffs xkcd.com/3073

1. LLM-generated code tries to run code from online software packages. Which is normal but
2. The packages don’t exist. Which would normally cause an error but
3. Nefarious people have made malware under the package names that LLMs make up most often. So
4. Now the LLM code points to malware.

So much of cybersecurity is "We must secure the Orphan Crushing Machine so that unauthorized people do not crush the orphans," and not "Why the fuck are you building an Orphan Crushing Machine in the first place?"

Infosec must not remain silent while Trump goes after Chris Krebs: www.eff.org/deeplinks/20...

it would be soooo easy to be a universally beloved and admired billionaire and kinda telling about the way people who are actually billionaires need to be to become billionaires in the first place that basically none of them are capable of pulling it off.

Microsoft found in its own AI research that it encourages less critical thinking. Unfortunately, this isn't poised to stop the mass AI integration into all levels of schooling, including early childhood education, where critical thinking skills should be formed.
www.404media.co/email/9d5175...

Pretty awesome ransomware training from @first.org www.first.org/education/ra...
www.first.org/blog/2024122...

What you didn't know you needed on this historic day is Episode 7 of the SANS Cyber Leaders' Podcast, where James Lyne and I talk about the worst thing in cyber security - FUD - the nonsense that spreads fear, uncertainty and doubt, instead of real security

www.sans.org/podcasts/cyb...

The crucial answer to this was discussed by @scott.hanselman.com way back in 2012. In a nutshell, don’t pour your words into social networks that don’t care and can disappear. Own your words forever. The blog is the best engine of community.

www.hanselman.com/blog/your-wo...

Elon Musk goes masks off and does a Nazi salute.

"Masculine Energy"