♥ Information Security ♥

California, USA
Joined November 2010
Earlier this year, ProtonMail enabled sessions persisting between browser sessions. After a few months of use: it's solid. If you haven't been using 2FA with ProtonMail to avoid constant TOTP code entry, be happy. Now is a good time to enable that protection again!
Thought: @ProtonMail requires 2FA users to validate using a TOTP app at every login. There’s no option to cookie a device for a week or a month, and no U2F support. How many users who might have used 2FA will instead choose no 2FA over inconvenient 2FA?
0
0
0
0
Hey, heavy Google Authenticator users: A couple exciting updates: 1. You can now export ALL your accounts. The old device will generate a series of QR codes to scan from a new device. Each QR code contains about a dozen sites. I moved 179 sites over with 16 export codes.
1
0
0
1
2. iOS users finally have a way to wipe out existing codes and start over. Erasing and reinstalling the app didn't work; it recovers codes from the iOS keychain. But producing export codes offers the option to erase the exported sites at the end, even if you didn't import.
0
0
0
0
I'm an Information Security Director, currently part of the interview team for potential CISOs. Is it weird that most candidates with 10+ years of experience can't describe a structured approach to vendor risk management?
0
0
0
0
Mouse retweeted
Some of my #infosec infographics in one thread 👇👇👇
9
236
15
843
Show this thread
Mouse retweeted
Thread: over the years, I had countless infosec newcomers ask me how to build a successful career in the field. I don't have a recipe for success; but there are several things I learned over the years, and they're a bit different from the usual career advice you hear. (Thread)
9
215
30
775
Show this thread
That feeling when you're looking at snippets of db dumps from a breach, and you're as disappointed by the subject's key and index usage as you are by their security practices...
0
0
0
0
Free WiFi!
0
0
0
0
2
22
449
24
1,855
Mouse retweeted
Ok, call me immature. Whatever. This made me laugh-
8
4
0
39
Show this thread
For individuals, it's the cheapest option if you value your privacy. For businesses, it's the cheapest at scale.
"Linux is only free if your time is worthless" Jamie Zawinski.
0
0
0
0
Mouse retweeted
Replying to @_StaticFlow_
Everyone who's made it into the @zaproxy core team has been offered a job as a result.. just saying 😀
0
1
0
9
What's the appropriate response when you're told you're trying to pack too many responsibilities into a job req... but it's all a subset of the stuff you're currently doing solo?
0
0
0
0
hey my last saved picture IS my political ideology
1
1
0
8
Literally, trying to get malicious patches added to the Linux kernel. Every open source project needs to be on the lookout for bad actors in general. But if you’ve accepted UMN patches, you should drop everything and review them now.
Leadership in the University of Minnesota Department of Computer Science & Engineering learned today about the details of research being conducted by one of its faculty members and graduate students into the security of the Linux Kernel.
Show this thread
0
0
0
0
Why yes Apple Terminal I would like to FaceTime my SSH public key.
11
55
5
1,023
Mouse retweeted
Name this IDE 😉
13
2
3
27
Show this thread
0
0
0
0
6
I'm torn, because I know I'm supposed to get the second vaccine shot, but I'm also supposed to avoid sequel injection
96
1,270
178
6,703