Staff Security Engineer at @Twitter, formerly @Mozilla. Thinks all locks should be green and all spells should be blue. Has β@katecongerβ in her profile.
I'm excited to share a project that I've been working on: a brand-new version of @Mozilla's SSL Configuration Generator:
ssl-config.mozilla.org/
Configuring TLS is perhaps the most complicated and error-prone of all IT tasks, and this tries to make it as easy as possible.
In a survey, 41% of cybersecurity professionals admitted their job is too easy and/or they donβt understand the current progression of artificial intelligence.
zdnet.com/article/ai-set-to-β¦
A similar question about #golang from @katie_hockman got me curious, so here is a #popquiz about #python:
what does this program output? no cheating and no spoilers.
print("" in "")
Me: Thank gosh for internet video future. Cable television is downright unwatchable with all these commercial breaks.
@YouTube: *plays eight advertisements over four interruptions in a 10 minute video, with half being the same advertisement*
When stuff like this shows up at the top of Google results, I canβt help but wonder if other people recognize how much of the internet is completely fake?
As someone who went into tech at 16, I foolishly thought that the lack of diversity would improve over time. It hasnβt.
It took until I was 39 to be on a security team with more than one other woman.
Meanwhile, diversity initiatives have only succeeded at generating hostility.
First, what doesnβt work: shallow, showy diversity efforts (even if they are well-intentioned) arenβt just ineffective, they actively cause harm.
Spend time thinking through your strategy & making sure you can back it up 2/
medium.com/tech-diversity-fiβ¦
With the holidays around the corner, GoDaddy employees received an email last week offering some welcome financial relief: a $650 holiday bonus.
Two days later, they received another email from GoDaddy:
βYou failed our recent phishing test.β coppercourier.com/story/godaβ¦
Anyone have any clue why Cloudflare and Google use Cache-Control "no-store, no-cache, must-invalidate" with "max-age=0" sometimes or why Github uses "max-age=0, private, must-revalidate" instead of just "no-store"?
I can't find a single piece of documentation that explains why.
It's somehow comforting that even @Cloudflare is sending weird Cache-Control headers.
I think it's really great that @MozDevNet says that "no-store" alone should disable all caching, and yet not a single person seems to use this Cache-Control pattern in the real world.