Why don't ppl add security controls to attack trees in #cybersecurity #threatmodels ? I think this could add another fun layer of creativity and a sense of positive actions.
November 5, 2025 at 8:53 PM
Why don't ppl add security controls to attack trees in #cybersecurity #threatmodels ? I think this could add another fun layer of creativity and a sense of positive actions.
🔐 Is it a vulnerability, or just a misunderstood feature?
At #NodeCongress2025, I broke it down in my talk: "What is a Vulnerability and What’s Not"
Topics:
👉 Real vs. imagined risks in @nodejs.org and @expressjs.bsky.social
👉 Why #threatModels matter
🎥 Watch: gitnation.com/contents/wha...
At #NodeCongress2025, I broke it down in my talk: "What is a Vulnerability and What’s Not"
Topics:
👉 Real vs. imagined risks in @nodejs.org and @expressjs.bsky.social
👉 Why #threatModels matter
🎥 Watch: gitnation.com/contents/wha...
What is a Vulnerability and What’s Not? Making Sense of Node.js and Express Threat Models by Ulises Gascón
In this talk, we will discuss security, vulnerabilities, and how to improve your overall security. We will explore various vulnerabilities and the difference between developer errors and misconfigurat...
gitnation.com
May 19, 2025 at 6:11 AM
🔐 Is it a vulnerability, or just a misunderstood feature?
At #NodeCongress2025, I broke it down in my talk: "What is a Vulnerability and What’s Not"
Topics:
👉 Real vs. imagined risks in @nodejs.org and @expressjs.bsky.social
👉 Why #threatModels matter
🎥 Watch: gitnation.com/contents/wha...
At #NodeCongress2025, I broke it down in my talk: "What is a Vulnerability and What’s Not"
Topics:
👉 Real vs. imagined risks in @nodejs.org and @expressjs.bsky.social
👉 Why #threatModels matter
🎥 Watch: gitnation.com/contents/wha...
First part is know about different gradations of threatmodels of course. But what Naomi mostly tried to address was the total lack of knowledge from the journalists who said: "just use Signal, it is safe" which actually got people into huge problems. Technology, no matter how good, needs less hype
March 25, 2025 at 10:56 PM
First part is know about different gradations of threatmodels of course. But what Naomi mostly tried to address was the total lack of knowledge from the journalists who said: "just use Signal, it is safe" which actually got people into huge problems. Technology, no matter how good, needs less hype
Yup. Even for online conversation there are some options which are suitable for more serious threatmodels. And even more serious stuff needs a whole different approach, although Signal is definitely better than WA, I dislike the trend that it is being pushed as the new best thing
March 24, 2025 at 8:47 PM
Yup. Even for online conversation there are some options which are suitable for more serious threatmodels. And even more serious stuff needs a whole different approach, although Signal is definitely better than WA, I dislike the trend that it is being pushed as the new best thing
I haven't been on Signal for years. I had personal contact with Moxie when Naomi Wu tried to raise awareness about it not being foolproof for people with certain threatmodels, and how they handled it was far from good. That a phonenumber is still needed for registering is also a thing
March 24, 2025 at 8:27 PM
I haven't been on Signal for years. I had personal contact with Moxie when Naomi Wu tried to raise awareness about it not being foolproof for people with certain threatmodels, and how they handled it was far from good. That a phonenumber is still needed for registering is also a thing
Sich von den #usa zu emanzipieren heißt auch, von #microsoft wegzukommen. Im Ernstfall könnte man darüber hier praktisch die komplette Wirtschaft lahmlegen. Der unangekündigte und dauerhafte Ausfall der Microsoft-Infrastruktur sollte jetzt Teil jedes #threatmodels sein.
February 28, 2025 at 11:50 PM
Sich von den #usa zu emanzipieren heißt auch, von #microsoft wegzukommen. Im Ernstfall könnte man darüber hier praktisch die komplette Wirtschaft lahmlegen. Der unangekündigte und dauerhafte Ausfall der Microsoft-Infrastruktur sollte jetzt Teil jedes #threatmodels sein.
Running my own TOR Exit Node and such. I would never serve, will even get refused due to PTSD luckily. But damn: I am so ready, and Briar Project deserves more attention. It's so time to step up threatmodels and such
January 26, 2025 at 2:58 PM
Running my own TOR Exit Node and such. I would never serve, will even get refused due to PTSD luckily. But damn: I am so ready, and Briar Project deserves more attention. It's so time to step up threatmodels and such
Me: Do I need to include the probability that the Chinese already own US telecomms when discussing #UAS #UAV #drone #cybersecurity #threatmodels ? 🤔
December 5, 2024 at 2:33 PM
Me: Do I need to include the probability that the Chinese already own US telecomms when discussing #UAS #UAV #drone #cybersecurity #threatmodels ? 🤔