Product Security professional with a focus on IoT/embedded systems and ecosystems that keep them running. Standard disclaimer: my views, not my employer's

Massachusetts
Joined September 2011
Matthew Coles retweeted
LIVE!!! Right now. @ElleArmageddon is absolutely crushing it on their keynote at @pancakescon ! go to PancakesCon.com for links to livestream !
1
12
55
Show this thread
Matthew Coles retweeted
Whenever EFF launches a new legal case, activism campaign, tech project, or development campaign, we try to create unique and inspiring graphics to promote it. And we've been busy this year. eff.org/deeplinks/2021/10/20…
1
17
34
Matthew Coles retweeted
Who says #threatmodeling talks can’t be cute?! For my last talk this year, I updated my slide deck. Now both #LINDDUN #privacy and #STRIDE #security threat categories are illustrated with animal pictures. Doesn’t it look pawsome? 🐾
3
15
1
37
Matthew Coles retweeted
Friday!Let me tell you about this week.I have a friend, John,we all call him J.He wanted to be a lumberjack,leaping from tree to tree in the mighty rivers of BC. So this week I wanted to give him a gift.A log.I spent the week looking for a log for J. Had to settle for a shell.
2
1
1
8
Matthew Coles retweeted
I hate to take you away from doomscrolling ... but wanted to share a new whitepaper on Fast, Cheap and Good Threat Modeling: shostack.org/whitepapers/
1
9
3
34
Matthew Coles retweeted
The 2021 #CWE Most Dangerous #Hardware Weaknesses List is now available. go.usa.gov/xexQj #InfoSec #Cybersecurity
44
4
52
Got a courtesy car while my car is in the shop. The prior users of the car had the courtesy to demonstrate why one should not pair their phone with a vehicle they don't own. 1/3
1
The courtesy car is well-traveled, as indicated by the past addresses saved in the satnav system where the prior users went. Hope the students got off to college okay, everyone made their flights, and got good sleep at the hotels. 2/3
1
I'll do the good deed for the day and clear the user profiles and such. #PrivacyMatters
Matthew Coles retweeted
Apropos A04:2021 “Insecure Design”, if you need a place to start the Threat Modeling Manifesto is a great resource: threatmodelingmanifesto.org/
4
6
Matthew Coles retweeted
Welcome A04:2021-Insecure Design to the @owasp Top 10 2021! “...it calls for more use of #threatmodeling, secure design patterns and principles, and reference architectures” owasp.org/Top10/ owasp.org/Top10/A04_2021-Ins…
4
6
Matthew Coles retweeted
Integrate privacy early and systematically in software design. Using #threatmodeling, this is a piece of cake 🍰 Check out the guest article I wrote about this for the @startpage blog: startpage.com/privacy-please…
What is threat modeling and how can it help protect your privacy? 🤔 In our latest guest blog, academic privacy researcher @Wuytski explains the recipe for privacy threat modeling. startpage.com/privacy-please… #PrivacyPlease
5
5
Matthew Coles retweeted
The feels...missing @defcon...
8
60
4
424
Matthew Coles retweeted
@coles_matthewj and I are now on #defcon29 @AppSec_Village talking about that DFD thing. piped.kavin.rocks/watch?v=qH7ze-NR… - there’s still time to join and we’re better than Friday night Netflix! #threatmodeling
8
3
Matthew Coles retweeted
Let's make sure this message reaches many, many people.
557
23,202
1,229
94,724
Show this thread
This is Kismet. Today is the 8 yr anniversary of her passing. Her death was tragic. She was trapped in a closed vehicle on a hot day in July, forgotten by a "professional pet sitter" (and formerly close friends). #petsafety 1/3
1
1
Please remember to keep your companions safe. If you have a way to keep cool this summer, please make sure your pets can share in the luxury. 2/3
1
If you have to entrust your pets to a caretaker - a sitter, dog walker, daycare, or kennel - check in on them. Thank your caretakers when they do a good job keeping your companions safe.
Contribute to community educational resources on how to construct, interpret, and analyze threat models, with examples of the many ways models may be constructed. The collection of models will help others learn the skills needed to perform the crucial activity of threat modeling.
Call for contributions! Submit a data flow diagram showing work from home setup assets for the @owasp Project Integration standards. Thanks, @0xfde, for your leadership! cc @Owasp_tmcb @jonathanmarcil
Show this thread
1
2