|
Jeffrey Yasskin
@
jyasskin
Portland, OR
|
|
My pronoun.is/he/him. I'm a privilege hire at Google on the Chrome Web Platform team, but opinions here are entirely mine.
|
|
|
5.749
Tweetovi
|
208
Pratim
|
868
Osobe koje vas prate
|
| Tweetovi |
|
Jeffrey Yasskin
@jyasskin
|
1 h |
|
I have noticed someone subtweeting me.
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
3 h |
|
"Families occupy just 39% of all the large units in the study area. Meanwhile, an equal share of large units is occupied by only one or two people. Large owner-occupied units … are more likely than rental units to be lived in by just one or two people." twitter.com/The_TimReardon…
|
||
|
|
||
| Jeffrey Yasskin proslijedio/la je tweet | ||
|
Tim Reardon
@The_TimReardon
|
5 h |
|
We conclude that the housing challenges facing families exist not only because we haven’t built enough 3+ bedroom units, but also because we haven’t built enough housing across all types, price points, and communities, to meet the needs of residents today and tomorrow.
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
3 h |
|
#performance! (before move semantics or ... RVO ...)
|
||
|
|
||
| Jeffrey Yasskin proslijedio/la je tweet | ||
|
💀 Taudry Hepburn 💀
@tabatkins
|
2. velj |
|
Seriously, fuck our executives for doing this. twitter.com/Pinboard/statu…
|
||
|
|
||
| Jeffrey Yasskin proslijedio/la je tweet | ||
|
Chelsey Glasson
@chelseyglasson
|
1. velj |
|
Rebuttal to Google’s response to my EEOC complaint submitted! Reflecting on how fighting pregnancy discrimination has now consumed close to two years of my life. Fighting workplace harassment, discrimination and retaliation is so challenging for victims. It’s not a fair fight.
|
||
|
|
||
| Jeffrey Yasskin proslijedio/la je tweet | ||
|
Amy
@TheAmyCode
|
2. velj |
|
Hey! This is random. But does anyone in Seattle have a suggestion about employment lawyers I could have a consultation with?
I want someone to look over my offer letters. I doubt things will need to be changed, but I want to start being more thorough with legal things I sign.
|
||
|
|
||
| Jeffrey Yasskin proslijedio/la je tweet | ||
|
atë
@danademaster
|
1. velj |
|
Ticket for an expired meter ($2/hr) in St Paul is $36. Not a criminal offense & doesn't go on a criminal record.
Not paying train fare ($2.50) is $180. Misdemeanor & goes on a criminal record, which can impact housing & job.
Decriminalize transit fare violations.
|
||
|
|
||
| Jeffrey Yasskin proslijedio/la je tweet | ||
|
Celeste Labedz
@celestelabedz
|
30. sij |
|
If you're going to call every new person of color or white woman a "diversity hire" then you also have to call every new white man a "privilege hire". Don't blame me, those are just the rules.
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
31. sij |
|
Controversial opinion: "Are attackers with capability X in the Y threat model?" is an ill-formed question. A threat model defines what attackers with capability X can achieve; it's not just one set of capabilities.
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
31. sij |
|
I've always been in the wrong city, so I've missed them too.
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
29. sij |
|
And sorry for trolling you above: the omnipotent phisher is a get-out-of-jail-free card that's played too often, but you actually had a concrete threat model in mind.
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
29. sij |
|
Yeah, enterprise policies don't usually wind up in W3C specifications, but maybe they should. @reillyeon, what do you think about adding some guidance to the device APIs?
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
29. sij |
|
On a corporate network, you have some other levers for WebUSB, WebBluetooth, etc: cloud.google.com/docs/chrome-en…
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
29. sij |
|
This really seems to underestimate how good phishing attacks can be....
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
29. sij |
|
But the site can convince the user to do ANYTHING! Except download an .exe. That's out of bounds.
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
29. sij |
|
How a security or privacy engineer finds joy in life: twitter.com/Chican3ry/stat…
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
29. sij |
|
As long as a browser allows downloading .exes or linking to a native app store, that's where the omnipotent phisher is going to go. The chooser dialog for WebUSB and similar APIs is designed to make users express as clear an intent as possible.
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
29. sij |
|
That happens in security too: the advice to always use a memory-safe language is ignored partly because it isn't backed up by the ability to demonstrate an exploit in every memory-unsafe program, but it is backed up by a history of such practical exploits.
|
||
|
|
||
|
Jeffrey Yasskin
@jyasskin
|
29. sij |
|
Who thinks @Chloe4PDX would do one too?
|
||
|
|
||