scottwilson

@scottwilson@infosec.exchange

I'm a 25-year (plus) cybersecurity professional, who currently manages Vulnerability Management programs, Penetration Testing engagements, and Adversarial Simulation projects at IBM X-Force Red.

I love to read! Hit me with some good books.

#infosec #cybersecurity #privacy #books #scifi #reading #mystery #thriller

This profile is from a federated server and may be incomplete. Browse more on the original instance.

scottwilson, to random

@eric_capuano @shortstack @limacharlieio Awesome!

https://www.securityweek.com/limacharlie-lands-10-2-million-series-a-funding/

Season 7 Reaction GIF by The Office

scottwilson, to RSS

@molly0xfff I believe that recently you had posted about #RSS feeds, and I recall that you mentioned that you rarely encountered a website that DIDN'T provide a feed.

That stuck with me, because my experience has been that it's uncommon for me to see a website that DOES have a feed?

I'm just curious if you could expand on your thoughts? If find myself let down that I can't consume more information via RSS reader.

scottwilson,

@molly0xfff Well, to clarify, I absolutely do pick up feeds for many of my interests, such as MIT AI (https://news.mit.edu/rss-in-the-media/topic/artificial-intelligence2), the NASA news feed (https://www.nasa.gov/news-release/feed/), and Troy Hunt's website (http://feeds.feedburner.com/TroyHunt) just to name a few.

However, as an example where can I locate the CNN RSS feed? I certainly don't see anything on https://www.cnn.com/.

Maybe I'm just an idiot, I don't know.

spacerog, to voyager
@spacerog@mastodon.social avatar

Now stop me if you’ve thought of this… but hear me out… …Voyager 3.

https://arstechnica.com/space/2024/02/humanitys-most-distant-space-probe-jeopardized-by-computer-glitch/

scottwilson,

@spacerog The next furthest spacecraft is Mars Odyssey...

scottwilson, to books

Do you like mystery, murder, and adventure on the high seas? Plus, history?

Then I very much recommend "The Wager: A Tale of Shipwreck, Mutiny and Murder", by David Grann. He's the author of "Killers of the Flower Moon", which is a recent movie you might've seen, by Martin Scorsese.

briankrebs, to random

There's a huge disconnect for me rn in the IT space. Companies love to talk about an increasing deficit of smart, talented and skillful people available to help defend the cybers. Welp, a lot of those people are somehow now seeking gainful employment bc they've been laid off. Which is just nuts to me given the sheer scale, resources and effort our adversaries are throwing at everything now.

p.s. AI isn't going to fix anyone's security problems. If anything, it's going to compound them by orders of magnitude (at least in terms of data governance).

scottwilson,

@briankrebs I think most companies - especially big ones - are just whacking numbers from a spreadsheet. Business Units receive edicts from the top: “you need to cut headcount by 3.7% before end of month”.

We’ve been collectivey riding the wave of pretty decent salaries for awhile, and so chopping staff had a major impact to cost reduction.

Combining that with failure by orgs to properly quantify risk and measure application/system criticality… boom.

codinghorror, to random

Eddie Rabbitt Deep Thoughts: what if rainy nights actually DID get people high? 🤔🌧️

scottwilson,

@codinghorror “Hangin' around
Nothin' to do but frown
Rainy days and Mondays always get me down…”

scottwilson, to random

@ivory Team, I have really been enjoying Ivory on iOS. Great client, great features, exemplary experience.

I was wondering, has anyone ever requested an Ivory client for Linux? I was thinking, as macOS and Linux are somewhat related, maybe it'd be a possibility?

hacks4pancakes, to random

Let us have a little chat about the person who accused @brysonbort of gaming RSA talk submissions by submitting a talk with me by "playing the diversity card" to get accepted. And all the people thinking it and simmering.

Thank you kindly for completely devaluing my expertise in my field, which I have worked in daily for over a decade and a half, served as a senior NCO in the military doing, teach, and speak on globally. Whether you consciously intended it or not, you implied I am a diversity token and not an expert in cybersecurity incident response.

It's actually good to purposefully share the stage with underrepresented voices in technology, because we still routinely have entire tech conferences that are 100% white and male speakers because of bad CFP boards and management. That was RSA keynotes, within my professional lifetime. It cost me and my colleagues a lot of goodwill calling them out at the time.

When I am "handed" a speaking slot explicitly because I am not a straight white man, it's usually on a droll topic I am totally unqualified to speak on, like "TeLL uS abOUT beINg a WomAN in TEch" that also devalues my expertise. Side note - this has turned out to be a huge red flag. Often done by people who go on to do Bad Stuff to women.

You, yes you are a prime reason women and nonbinary people don't want to submit to conferences.

Reference (in image):
https://x.com/brysonbort/status/1752474954975637699?s=20

scottwilson,

@hacks4pancakes @brysonbort Not cool.

BigAngBlack, (edited ) to blackfriday
@BigAngBlack@fosstodon.org avatar

#BlackHistoryMonth
Drop some facts!

#BlackFriday Feb 2, 2024

1839
Inventor Edmond Berger patented the spark plug.

1862
District of Columbia abolishes slavery

1898
Alfred L Cralle invented Ice Cream scooper| patent #576,395

1915 Ernest Just wins 1st Spingarn Medal

1935
Anne Raven Wilkinson 1st African American to receive full time contract with major ballet company

#BlackMastodon
@blackmastodon @BlackMastodon

scottwilson,

@BigAngBlack @blackmastodon @BlackMastodon 'Lil Washington!!!

scottwilson, to firefox

Hey, did you know that Firefox, even when configured to be more secure and private, still bleeds data?

Well, you may want to disable the telemetry features reporting back to Mozilla. It's a VERY chatty feature.

For example, in just 24 hours 1 Firefox browser on my home generated tons of junk that I blocked - more than a factor of 10 more than anything else!

You can configure Firefox to NOT send any of this data: https://support.mozilla.org/en-US/kb/share-data-mozilla-help-improve-firefox

scottwilson, to random

@jerry I can’t tell if this is just a “me problem”, but I’m having problems with the web interface of infosec.exchange? The login screen is correct but it looks like lots of CSS content is messed up?

scottwilson,

@jerry I’ve tried both Firefox and Chrome, on Ubuntu Linux.

scottwilson,

@jerry Well... I have been able to fix my problem, but I'm not 100% what is happening. I continued to have major problems (see the attached video).

I'm using NextDNS on my home's network, and so ultimately I tried adding 'infosec.exchange' to my allow list, and that solved the issue. I'm not sure what's up with that.

Short screen recording showing some funky rendering of https://infosec.exchange/ on my computer.

scottwilson,

@jerry Oh yeah, Jerry, also note that I even though everything's working, I'm still seeing errors when loading this resource:

https://assets.infosec.exchange/packs/css/core/inert-15d4bcde.chunk.css

Not sure why?

scottwilson,

@jerry LOL. Yes, that did the trick. In true IT troubleshooting tradition, I skipped right over the easy stuff and dove into this at the wrong level. 😜​

Thank you, happy Wednesday!

#lazytroubleshooting

jerry, to random

Holy cow, did I just completely upgrade infosec.exchange without downtime? I feel like I must have screwed something up because I'm not seeing what I screwed up.

Oh, the infosec.exchange branding will (probably) revert to stock mastodon till I have time to futz with that this weekend.

scottwilson,

@jerry Seems like no problems! Well done!

scottwilson, to privacy

“stores are now testing a security tool that lets customers use their cell phone to unlock products on the shelf. It’s essentially self-service for unlocking display cases — in exchange for a customer’s phone number.”

Seems logical and totally fine.

https://www.cnn.com/2024/01/29/business/locked-up-products-stores-freedom-case/index.html

scottwilson, to random

Mead-powered knowledge bombs from Auntie Lesley on a Saturday night

scottwilson, to accessibility

@jerry Hey, so I use Mastodon's "light" theme versus the default dark mode (I know, I'm an old loser...) and I've noticed that when one views a user's profile pic, the little "X" in the upper right-hand corner is very much invisible just due to the theme.

Is this something specific to infosec.exchange, or is it something upstream? I suspect many people don't notice as they are likely using dark mode.

Thanks.

scottwilson,

@jerry Cool! Thank you for considering my post.

scottwilson, to mastodon

@ivory Is there no way to display Toots only in my preferred language? I have this preference on the Web version of my instance…

scottwilson,

@ivory Tapbots team, do you have any feedback on this?

scottwilson,

@ivory Thank you for your reply. Well, this is exactly why I sent my message. On the Mastodon instance I'm using, I have configured my preferences to show only posts in English.

When I view my timeline via the Web interface, this preference is honored, but when I use Ivory, it is not being honored.

scottwilson,

@ivory Yes I can. I believe these settings indicate that I only wish to see posts in English.

Screenshot of my Mastodon instance preferences, under the "Other" settings, showing only English language selected (2 of 2).

scottwilson,

@ivory Ah, I understand.

One follow-up question. In Ivory, I can see 3 timelines: Home, Local, and Federated. Are the latter two both considered "public"?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • mdbf
  • ngwrru68w68
  • tester
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • InstantRegret
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • DreamBathrooms
  • megavids
  • tacticalgear
  • osvaldo12
  • normalnudes
  • cubers
  • cisconetworking
  • everett
  • GTA5RPClips
  • ethstaker
  • Leos
  • provamag3
  • anitta
  • modclub
  • lostlight
  • All magazines
    •