|
🗿Patrick McCanna🗿
@
PatrickMcCanna
Carnation, WA
|
|
Mobile Security. Amazonian! “The only sure safeguard against the vagueness of theory is constant practise” -George Jack’s Wood-carving design and workmanship
|
|
|
5.366
Tweetovi
|
925
Pratim
|
1.030
Osobe koje vas prate
|
| Tweetovi |
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
1 h |
|
Paul Simon - Mrs. Robinson (Dick Cavett Show 1970) youtu.be/vzDp2d5b_o8
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
3 h |
|
|
||
| 🗿Patrick McCanna🗿 proslijedio/la je tweet | ||
|
Jake Rudh (Your classic alternative tour guide)
@JakeRudh
|
5. velj |
|
On this day in 1980, #TheCure released “Boys Don’t Cry” - a U.S. compilation that combined tracks from their 1979 debut album “Three Imaginary Boys” (a non-U.S. release) with material from the band’s 1978/‘79 era. pic.twitter.com/SDORYT0D8Z
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
6. velj |
|
Twitter says an attacker used its API to match usernames to phone numbers | ZDNet zdnet.com/article/twitte…
|
||
|
|
||
| 🗿Patrick McCanna🗿 proslijedio/la je tweet | ||
|
Phil Mocek
@pmocek
|
4. velj |
|
News media: Please stop parroting the talking points. We do not need the US Dept. of Homeland Security to vet software used by political parties or by anyone else. We *should* push for free and open source software for public purposes--anyone can audit it, use it, and improve it.
|
||
|
|
||
| 🗿Patrick McCanna🗿 proslijedio/la je tweet | ||
|
Melanie Ensign
@iMeluny
|
6. velj |
|
Sign up! @NeverLanCTF runs a great competition!
If you’ve never done a CTF before, this is a great one to get you started. Teams can be designated student or non-student.
Good luck! twitter.com/neverlanctf/st…
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
6. velj |
|
I am also aware of this anecdote- I don’t think it’s in the public domain. Ravi’s reference seems right to me.
|
||
|
|
||
| 🗿Patrick McCanna🗿 proslijedio/la je tweet | ||
|
Mudge
@dotMudge
|
6. velj |
|
Agreed.
But why isn’t there a unit test for the presence of even basic safety/hygiene:
stack guards
ASLR
DEP
% of fortified v un-fortified functions replacement
blacklisted functions (note: MSFT does this now)
...
in the CI/CD development lifecycle.
#unconscionable_absence twitter.com/domenuk/status…
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
5. velj |
|
Some day, you'll likely want to know that the command
"tshark -G fields" can be used to list all of the possible fields you can filter on with tshark. This may be helpful when you can't remember the field's name.
e.g. is it tls or ssl that tshark wants us to use these days? pic.twitter.com/P0o8fbJYqr
|
||
|
|
||
| 🗿Patrick McCanna🗿 proslijedio/la je tweet | ||
|
Alex Gantman
@againsthimself
|
5. velj |
|
The "Summary of the NCSC’s security analysis for the UK telecoms sector" is quite an interesting read.
ncsc.gov.uk/report/summary…
Some nuggets in thread below...
1/7
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
5. velj |
|
Nostalgia!
Quake Team Fortress (TF) - Gothic Terror vs. Thanatos, pt. 2 youtu.be/8VFSsbjpgpo
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
5. velj |
|
Sec advocate: “here’s a change that’ll cause increased calls to care in roaming, but it protects users from IMSI catchers. “
Exec: “How much money does the change save?”
Sec: “It’s questionable.”
Exec: “How much money does the change cost?”
Customer care: all the metrics
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
5. velj |
|
If you work at an MNO, see the ridiculous press coverage around the security efforts of certain platform teams and compare it to the hostile coverage of mnos, it doesn’t make it easy to advocate for change that most users will take for granted.
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
5. velj |
|
Sec researchers are too adversarial towards mnos generally. I can’t say I blame them. But they don’t make progress easy.
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
5. velj |
|
There is a huge disconnect between the security research community’s excitement about progress in this space. AT&T activated requirements for 2g disablement switches in the UI of android devices ~ 4 years ago. The enthusiasm for this change was disappointing. twitter.com/jhamby/status/…
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
5. velj |
|
Amazon Ups Alexa Voice Service Security Requirements - Voicebot.ai voicebot.ai/2020/02/03/ama…
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
5. velj |
|
With webUSB, you can finally load index.htm without the Internet!
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
5. velj |
|
I’ll be selling pitchforks and torches.
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
5. velj |
|
That’s it. Firefox is finally feature complete.
|
||
|
|
||
|
🗿Patrick McCanna🗿
@PatrickMcCanna
|
5. velj |
|
Sharing a few days late: we've updated our device requirements for AVS device makers.
developer.amazon.com/en-US/blogs/al…
|
||
|
|
||