|
@
alexstamos
San Francisco, CA
|
|
Recovering CISO teaching and researching safe tech at the Stanford Internet Observatory. “Less diplomatic on Twitter...” - DigiDay
|
|
|
6.227
Tweetovi
|
1.473
Pratim
|
60.007
Osobe koje vas prate
|
| Tweetovi |
| Alex Stamos proslijedio/la je tweet | ||
|
Dustin Volz
@dnvolz
|
4 h |
|
MORE WARNINGS IGNORED: Bob Lord, the DNC’s cybersecurity chief, also directly urged Iowa Dems to drop plans to use the Shadow app, an overture that was ignored, according to people familiar with the matter. twitter.com/dnvolz/status/…
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
9 h |
|
I knew Facebook was to blame!
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
10 h |
|
Android APKs decompile real pretty-like, so client-side source wouldn't be so important. Just giving access to a test environment and app would be a great start.
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
10 h |
|
"How did you create this photo of the defendant?"
"Well, sir, I made a graphics card stare at the gas station's camera footage for hours then fed it LSD."
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
10 h |
|
If Shadow Inc allowed for the same level of access that every tech company (sans Apple) does, namely the ability to test the app and associated API black box, then that would be 100x better than the status quo.
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
10 h |
|
Yes, this is excellent.
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
10 h |
|
Yes, outside of Apple all of the major companies have very liberal bug bounty programs and, in some cases, facilitate testing with special debug mechanisms like this: facebook.com/notes/facebook…
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
10 h |
|
I think a Bloomberg story on how the FTC consent decree, CCPA, GDPR and most proposed privacy laws make academic research more difficult would be very useful. We are holding a workshop on this very topic in the European Parliament on 2/18, maybe Mike can buy you a ticket. :)
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
10 h |
|
|
||
|
Alex Stamos
@alexstamos
|
10 h |
|
This is user data that is protected by ECPA/SCA, GDPR and CCPA. I would like Facebook to share more and have called for that, but this is a completely irrelevant example.
If you care this much, then look into EPIC's blocking of Social Science One under GDPR and the EDPS report.
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
10 h |
|
If Shadow, Inc. and the Iowa Democratic Party want to reestablish trust, then they should...
1) Publish a detailed technical post-mortem of last night's failures
2) Allow for critical technologists and academics to examine their system
Both are standard in Silicon Valley. twitter.com/ShadowIncHQ/st…
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
10 h |
|
"Don't test in production" is certainly a lesson most of SV has learned the hard way. It will be interesting to find out which individuals built this app and whether they have any scaled-out operational experience.
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
11 h |
|
I'm thinking about the faces on those little girls, which look a bit different when recreated at distance versus up close.
This will be a fun cross-examination the first time it's used in a felony case.
|
||
|
|
||
| Alex Stamos proslijedio/la je tweet | ||
|
Robby Mook
@RobbyMook
|
14 h |
|
Apology accepted and I appreciate it. Good reminder that misinformation gets half way around the world before the truth gets its pants on. twitter.com/ebruenig/statu…
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
11 h |
|
Lots of interesting questions about what truth can be extracted from an AI's fevered dream fed from unaltered footage.
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
14 h |
|
|
||
|
Alex Stamos
@alexstamos
|
14 h |
|
This is conspiracy mongering disinformation, sir, and should be deleted.
You called John McCain, who gave his body to protect American democracy, a good friend. The least you could do is refrain from weakening the ties that bind the US for temporary electoral benefit.
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
14 h |
|
This is good.
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
14 h |
|
Yeah, but she still deserves credit for swimming upstream. Leadership when your followers want to grab their pitchforks isn’t easy.
|
||
|
|
||
|
Alex Stamos
@alexstamos
|
14 h |
|
Side-loading APKs is about the worst possible distribution mechanism for what should be a dependable and secure mobile app.
|
||
|
|
||