We can fix it. We have the technology. OK. We need to create the technology. Alright. The policy guys are mucking with the technology. Relax. WE'RE ON IT.
- Tweets 128,735
- Following 414
- Followers 83,345
- Likes 11,466
Pinned Tweet
I'm increasingly thinking that every functioning system has two forms: The abstraction that outsiders are led to believe, and the reality that insiders actually and carefully operate.
You don't incrementally learn a system. You eventually unlearn its necessary lies.
162
1,679
5,671
OH:
The Keanu Reeves Four-fold Path:
Bill & Ted: Be excellent to one another.
Speed: do not engage bad faith actors on their terms.
The Matrix: Step out of your worldview and listen to those doing the work toward revolution.
John Wick: Destroy those who delight in cruelty.
39
1,304
4,505
Active shooter drills are child abuse, in a uniquely awful way. I worry this particular security theatre manufactures the active shooters it’s supposed to be managing.
Kids learn what you teach them. You don’t always know what they learn.
It would take a while to find out.
62
914
3,720
This video is fantastic *documentation*:
“Hi. You might have this problem. You will think of this solution. It will be wrong. This is what the right solution looks like. I am going to do this right in front of you. Here is how you will test that you’re doing it right.”
23
1,033
2,751
With permission, here's my friend Ilana winning Halloween last night. She went as a...
...
...
Statistical model.
15
739
1,959
If somebody helped you — always feel free to let them know. They may not. Really.
There is no statute of limitations on being thankful. Years, decades, doesn’t matter. Now is always a good time.
Best when you don’t need them for any reason.
Notice the helpers.
14
550
1,742
Banning kidnapped children from hugging isn't even Nazi shit.
It's Dolores Umbridge shit.
There's a reason she's the most feared and despised character @jk_rowling ever created. Kids know Voldemort isn't real.
268
407
1,640
We patched a human, successfully. This is fantastic beyond words, the culmination of so much work.
In a world first, a teenager with sickle cell disease achieved complete remission after gene therapy, doctors say cnn.it/2lIamU4
32
914
1,508
It’s genuinely exhausting seeing Twitter get raged against for making a very, very hard call, correctly. Stop it, or nobody will ever do anything not aggressively legislated as a requirement.
33
326
1,162
"Well you see, it's not really kidnapping, their parents shouldn't have..."
You take a baby, you take a toddler, you take a seven year old, you drag him away from his mom, he doesn't know what bullshit you tell yourself to sleep at night. He knows he's being KIDNAPPED.
11
190
903
"Cybersecurity is a game in which you get to make the rules. You are under no obligation to play fair; it's *your* *network*. You *get to cheat*."
This, more than anything else, is what offense knows implicitly but defense is always *gobsmacked to hear*.
YOU GET TO CHEAT.
I’ve had fun with this the last month. Thinking up the dirtiest, stupidest tricks imaginable based on attacker behavior.
18
252
954
OH: When we said 'flatten the curve' we probably should have specified 'along the X axis'
12
149
835
i'm not saying everything you need to know about hacking, machine learning, and hacking machine learning is in this photo
18
304
829
You are never, ever too “junior” to talk to anyone in Infosec. There’s no bar you must pass, talk you must give, code you must write before you’re qualified to nerd out with someone. Anyone. Really.
Trust me, the “famous” nerds miss the heck out of you.
5
181
769
OH: "Ah yes, two factor authentication. Something you've forgotten and something you've lost."
5
479
762
We’d written this proper HTML filter. Whitelist — not approved,not allowed.
<b starts a bold tag. ✅
<i starts an italic tag. ✅
<div starts a div tag. ✅
<3
isn’t a tag. Tags don’t allow numbers. But I didn’t allow <3 as text.
And that is how I broke every heart on MySpace.
7
103
714
Tech. @jack.
Stop it. This wasn't cool, even *when* we were still cool. This is how we *stopped* being cool.
It's like going to a restaurant and having the waiter disagree with your order. Dude, this is not a negotiation.
24
231
695
If you’ve never priced yourself out of a job there’s a good chance you’re not charging enough.
5
66
650
Wait wait wait
Could a country ban Bitcoin mining
And then claim
To have eliminated over half their emissions
Thus meeting all their reduction targets and not needing to do anything more
Would that work
Asking for a global superpower
19
107
624
It takes a while.
You get more minutes back, every day or so. Less than you'd like, more "or so" than you'd want.
Parts of Simone are making friends with other parts of Simone. Or perhaps, catching up. It's been a while. There's been a lot of...moving.
We can wait.
2
3
617
There’s no such thing as the cloud, there’s just somebody else dealing with hardware bullshit
19
156
581
Also, this guy is choosing very intentionally to experience a painful thing such that others might experience less pain, less panic, less death.
Good man. Role model. Hero.
Citizen of the world I would like to live in.
7
40
549
OH: "We used to leak kilobytes, then megs, then even gigs. Now, we leak EC2 instances. Someday, we'll leak entire datacenters."
22
962
587
That is an amazing and brave photograph. Bracingly honest. This is you. Rebuilding.
Just realize you are the world expert here. You did you. Nobody else did, nobody else could, nobody else will. Some guys showed up with bulldozers, but you're the architect.
Simone 2.0.
2
3
535
You can’t vouch for your own bug. You will always see it as the most beautiful bug that ever did bug. Doesn’t matter if you’re the one who does the thing, or even if you’re right. If it needs a vouch, recuse yourself. It’s ok. It’ll hold up on its own, or not. Learn either way.
12
152
559
no malware
fully password compliant
never clicked a bad link
all required patches applied
secure against literally all known and unknown 0day
best defense, no be there.
Japan's minister in charge of cybersecurity acknowledges that he has never used a computer. abcn.ws/2QFAsr7
15
168
501
Banning a kid from hugging?
He knows he's being KIDNAPPED by people who MEAN HIM HARM.
We're not even dumb enough to do that to prisoners, because prisoners know how to riot.
5
61
461
Ok, so. Microphones are speakers, if you run power in the other direction. Doesn’t sound great, but it does a thing.
LEDs are solar panels, in exactly the same way.
In fact — solar panels are LEDs too. Run em backwards, they glow.
Hacking is mostly ignoring the directions.
2
103
482
Close. AI has plenty of doubt (most models can return probabilities for any prediction, if you configure them to).
The problem is humans, not doubting the AI enough to notice when it doubts itself.
It’s a tool, and it matters how you use it.
What separates humans from AI? It’s doubt on.ft.com/3dstHH9
15
109
489
Take me down to Anonymous Proxy
Where the cash is crypto and the girls got Moxie
Oh won’t you please take me /home
7
92
476
The data showed Prozac no more effective than getting a dog. Somebody said this meant Prozac doesn’t really work. No, it means dogs actually work. They want you to live. It’s contagious.
Welcome to why the placebo effect is real, and why it gets stronger the harder we fight it.
I once asked my dad, a Stanford cardiologist, for the single greatest piece of advice he gave his transplant patients. He didn’t skip a beat: “I tell them to get a dog.” cnn.com/2019/08/23/health/do…
17
122
475
Law is a lot more ex post facto, and he-who-has-the-gold-makes-the-rules, than it would appear.
Medicine is a lot more "just distract the patient till the body fixes itself".
Microprocessor behavior is determined, on other things.
Global PKI is a lot more DNS than it appears.
12
64
473
This happens partially because your contact then has to explain to his manager that he overpaid everyone else.
Yes! Ask for more money. Also, build networks where you can ask people what they’re getting. Heroes are rare, often people will just assume you know you’re bad at this
8
13
419
There is only one Actually Bad Idea.
"You must be perfect. To fail once is to be exiled forever."
I see this concept, this burden, this prediction in people, systems, and sometimes myself. I have never seen it be useful or true, ever. Not once.
You get to fail. How you learn.
9
131
416
Next week, we're still here.
Next month, we're still here.
Next year, we're still here.
We'll be here, when you're here. Laughing. Hysterically.
I have no idea at what.
Probably a Brian Catapult.
3
2
399
At some point, Elon, you have to care about -- even defend -- the world that enables you to execute.
9
28
352
This thread is absolutely a love letter to everything I’ve treasured, being an Infosec nerd. A *lot* of people were kinder than they had to be. I’m proud to say I did everything I knew to return the favor, and not ashamed to admit I didn’t always know how.
But I can document :)
4
76
384
It is possible that you’ve heard The Expanse is really, really good.
That is because The Expanse is, in fact, *really* *really* good.
17
25
391
dear gen z
we are so very sorry
The perfect gift for the ranch-obsessed grad 🎓, customize your own Hidden Valley Ranch bottle for your special graduation occasion! Graduation never tasted this good.
Get yours here TODAY: hiddenvalley.com/ranch-shop/ #HVRLove 💚
72
46
358
To be very clear: That complex systems have abstractions isn't a surprise to me.
It's that any system in which you _haven't_ had to unlearn half your assumptions, isn't a system you've learned in the first place.
At least for systems of any complexity.
10
35
368
Oh, wow. Of course that would work, and not just on fingerprints. Face space isn't random either.
Interesting research on creating synthetic fingerprints that can match a large number of real fingerprints. These would be Master Prints, just like we have Master Keys for locks. #GAN
arxiv.org/abs/1705.07386
13
168
337
The most useful bit of corporate wisdom I ever learned was:
Disagree and commit.
Fight your fights, make your stand, play your play, but once a decision is made, even a “lesser” one, commit.
Your mission is not to fight some forever war.
Only works under good faith.
13
83
362
The year is 2037. People are shipping entire VM images in cookies. Security engineers breathlessly await the UNIX apocalypse.
8
197
317
If you’re thinking of mocking @elonmusk for developing tech that might well treat Parkinsons, Epilepsy, Senility/Dementia, even Depression:
Well, you can join Team Cervical Cancer and Team Measles. Targeting is *the* problem in chemical systems, it’s why we evolved nerves.
14
46
332
I support trans people.
Not because I am one. Boring old straight white guy over here.
Not because I have trans friends. I do — watched several transition, at great difficulty, and finally become genuinely comfortable in this harsh world. I wish I could do that, glad they did.
9
75
307
This thread has completely and utterly altered my understanding of Star Trek. Maybe humanity. Probably myself.
There is toast.
m.imgur.com/t/funny/F3OYfTU
12
121
318
If somebody wants to nerd out with you in the hallway at con, unless you *absolutely* have to be somewhere — they are the most awesome person in the world at that very moment. Doesn’t matter if they’re competent or not. Does matter if they’re curious!
Explore. Yes, you get to.
3
45
310
There’s a culture war going on, and it’s come for tech. Be sympathetic. Nerds aren’t supposed to be bullies, but we sure took everyone’s lunch money. Journalism got defunded, and “user generated content” is not enough.
But don’t forget that tech can be fun and useful. Some do.
2
56
301
And here's the thing. I know this is an administration *built* on the non-obvious benefits of making people angry, *designed* around the sort of performative rage in this very tweet.
I know it demonstrates how powerful they must be, if they can ignore dissent this widespread.
1
35
273
Uber paid $100K to protect 57M people?
Good.
I think people forget the goal is actually to prevent harm.
Yeah, those hackers could totally have kept the data. But then, their identities were known, and they knew they might face consequences.
Not ideal, welcome to the real.
47
103
315
Build things, regularly. Especially things that have nothing to do with security.
Nothing will make your skills go stale faster than *only* breaking stuff. You will stop knowing what things to break, or how they imagine the world works.
This is a problem. We make poor tools.
1
67
287
vimeo.com/36579366 This is the most compelling programming environment demonstration I have ever seen. No, really, watch it.
7
84
310
Honestly Trump is not really a Republican and this is the best time to structurally eject someone who is quite visibly barely an ally.
22
37
234
A small number of high level nerds eventually get high enough in business to wonder
how the hell is anyone still in business
and the answer is
they’re often not, we just hide that with m&a and reorgs and such
“metrics fixation leads to a diversion of resources away from frontline producers toward managers, administrators, and those who gather and manipulate data.”
9
77
297
Power is what you take, minus what others take back.
The idea in democracy is the more you overstep, the greater the alliance forms against you, and so the easier it becomes to restore normal order.
In reality, it only takes the solid support or indifference of a few to win.
2
57
271
Heh. Nobody’s as happy as they look. Best I can tell, everyone’s on fire.
Lots of ways to burn.
Protect your curiosity. Seek it in others. You’re not “supposed to already know”...anything. That’s the fun of hacking. Pawing around in the darkness, discovering accidental beauty.
2
64
277
The war is against burnout. Don’t forget that. Money does not cure burnout. Be kind to yourself, don’t think working for yourself doesn’t mean your boss can’t be an asshole. You’d assume. You’d be wrong.
Under no circumstances share a hotel room with another consultant.
2
52
286
The worst is when you’re trying to solve some obscure ancient and serious problem
And you google
And the only links that come back
Are your own
...
And you didn’t solve it back it in the day either
I find myself running code I wrote with the irrational hope that it has developed some improvements since I wrote it.
13
44
288