..but I think the scope is steadily expanding. Back then, it affected specific communities. Now it seems to quickly make its way to broad media and to that one uncle we all have who shows up at Thanksgiving chock full o someone else’s virulent (and provably wrong) “truth”
Oh, I agree about concern trolls.. but also remember the wide variety of ways people tried to sabotage a wide variety of communities over the past 30+ years. Not just insufferable posters, but agent provocateurs, DoS efforts, false-flag DoS efforts and so on. The methods seem new, the problem isn’t.
Agree 100%. “bad faith actors” is one of the most accurate phrases I’ve ever seen used to narrow down the core problem. They’re *always* the problem that plagues communities, no matter where they are or when. 80s BBS, 90s Usenet, Internet, Tor/i2p/etc. Same basic problem.
Fritos chili cheese flavored beef jerky image
Um. Bleep No. This looks like the Fortnite of food products. The fact that you *can* work out a merchandising deal doesn’t mean that you should.
oh god now I've noticed it and it disturbs me
One thing I truly hate in the strongly-isolated OT space is that no firewall seems to fit well. Palo is increasingly cloud-first and Fortinet's abysmal RCE luck isn't appealing. Anybody know of something else I should be looking at? At >500 sites.. getting increasingly tempted to just build my own.
Yeah..increasingly worried that CISA gets hosed on multiple levels. Couple that with "reform" of the FBI, and from a critical infrastructure perspective, I lose my best huge-campaign response coordination & deep dive help (CISA) and my oh-shit-it-hit-me-today help (FBI) is off chasing squirrels.
The more potentially-intrusive the insider threat program, the more it HAS to be a transparent, cross-functional effort across stakeholders (HR, Legal, etc) w/ oversight that avoids the perception that Pervy Pete in IT is closely inspecting those beach photos Sally posted on Insta.
Work assets are fair game and reasonable in most situations in US. You could maybe build a case that personal social media specifically mentioning org/keywords are in-scope, but only way you find them is to crawl all their social media so you're basically back to where you started.
Two biggest concerns: 1. The optics suck SO hard. You're going to alienate a lot of employees unless the threat obviously warrants the action. and 2. At a personal level, it totally f's up your relationship with the rest of your org, no matter which way you spin it. BTDT in a past life, it sucks.
Vaccuming up employees' personal social media in bulk for insider threat might have its place if you've got some ultra high threat environment, but for most programs, it's probably a better tool on an investigative ladder after a team identifies heightened concern through a well-defined process.
I think your Nigerian Zuckerberg example is probably in the ballpark.. surely it’s some massive cultural/language gap that makes someone think, “this is the perfect identity”
Omg. Now I’m insanely curious. Like.. what’s the play? “Hello iz abe lincoln here u want buy bitcoins and send newds?” Or maybe “This is Meat Loaf, pleeze click my link”? Like.. why??? I just.. can’t. quite.. Process that.
Tony Bennett?? Like.. the formerly 96yo singer? Somebody’s amazing secret plan to achieve evil impersonation success at (whatever) revolves around them credibly being a 97yo crooner now? I feel like they should aim higher. At least impersonate Gene Wilder or something.
Didn’t even know neovim had removed it. So lazy now I mostly ‘!!command’ and just delete its output down I’m done. Or tmux. Until this thread, I had forgotten the feeling of being trapped in a SINGLE shell session (dumb terminal or serial modem session).
So much this. The hard part is still the hard part: you have to truly understand your problem and how to solve it. Solving it is never just buying that one tool or hiring that one genius. It’s just hard work, followed by more hard work. If it was easy, it’d already be solved.
The only, and I mean *only*, downside of semicolons is that you feel a vague sense that you’re oversemicoloning when you use them more than sparingly. End semicolon shaming!
I forced myself to learn vi in 1994, just because I could shell out of it when I was composing an email in elm and whatever I was using before (pico?) wouldn’t let me. And I never ever heard the backstory on this in ~30 years of using vi. Had no idea where the keys came from, but they work.
First computer? This bad boy could play Star Raiders ("Garbage Scow Captain" was my usual rating) and could store all the BASIC you felt like typing on a cassette tape. Just had to remember which index your program started at and fast-forward to it.
I worry about CISA moving forward. I've been involved in some of the JCDC efforts, and the folks on those teams are world-class. Ditto their threat hunt teams. Huge Easterly fan, too, she joined us in a session at CISA HQ and dove right into problem solving with solid perspectives. Will miss her.
Natchez is such a cool place. Remarkable amount of history for a Southern town of 15,000 people. Glad y'all enjoyed it!
I love the Whole of Household approach to it all. That's just awesome.
I avoid driving through Dallas any way I can. Firmly convinced that every time I pick the wrong choice from the sixty three-dimensional highway options ahead of me, they build three new Applebees and more earthtone apartments with balconies.
Any navigational mistake, no matter how minor, adds thirty more minutes to your journey. Thank you for visiting Dallas.
Your family ranks every NFL team from most-liked to least-liked? That's so legit. Do you revisit rankings regularly, or is it largely static? For me, Chiefs are #1 since forever, but Bills probably at #3 for me in terms of I-like-em-ness. Excited about this game either way it goes!
How did it take me this long to finally watch Out of the Past (1947)? Wow — Fantastic noir film. With a young Mitchum, Kirk Douglas in a great role, and Jane Greer. m.imdb.com/title/tt0039...
This. So much this. Trade Wars is clearly the answer. But Farmville is what we'll end up with.
A ton of it is all contextual though. If you're working somewhere where nobody gaf about security and you don't have support... find somewhere else to be and focus on finding that. Life's too short. Some places are just a bad fit.
Also.. the harder I can work to find better/safer ways to still let people do what they need/want to, the better I feel about myself. Like..I want the guy across the table to be successful too, just not at the expense of massive security incidents.
Me? I compartmentalize a ton. I work *really* hard to find something to love about every single person I work with -- I admire their strengths and try to work around their weaknesses. But with some folks, I just try to minimize the amount of free conversation time we get. Get in, get out.
