The story of how I could steal credentials on Infosec Mastodon with a HTML injection vulnerability, without needing to bypass CSP. Everybody on our Twitter feed seemed to be jumping ship to the infose
Infosys has a lot to say about security You can check out their website for a lot of buzwords , but it’s clear from all the stock photos that they take security Very Seriously Indeed ™️.
However, from what I’ve found recently, it seems that Infosys use the following Comprehensive Management-Endorsed Proficiently Driven Cybersecurity Strategy and Framework items:
Don’t use AWS roles or temporary credentials for your developers Instead, use IAM user keys and give them all FullAdminAccess permissions Never rotate these keys and store them as plaintext in git Use these keys to protect what appears to be medical data about COVID patients Have someone publish those keys and the code in a public package to pypi Keep those keys active for days after leakage Make nonsensical pull requests to try and remove all references to the leak The Leak This morning I woke up to a very strange pull request on my pypi-data project.
I am really disappointed to see prominent voices in our leadership at Salesforce promoting things that are the antithesis of our culture and our values.
The fact that I can say so without expecting to get fired shows we're still different. Let's keep it that way.
Show me another CEO that has more skin in the game at 1AM in the office.
These young engineers are learning from the most innovative person of the twenty-first century.
Tesla is recalling more than 321,000 vehicles in the U.S. because tail lights may intermittently fail to illuminate, the company says. nbcnews.to/3geBVa4
Musk with Twitter is like one of those stories about a trust fund kid who buys a million dollar Ferrari but doesn't have a clue how to drive it and totals it the first night he takes it on the freeway.
Since it's #InternationalMensDay, here's a thread of every part of the gynaecological anatomy that is named after a man, with a bit of trivia about each man. Some of the bits are very specific. Before you ask, there are no parts of the gynaecological anatomy named after women...
I have a blog, on a domain that I own, with an rss feed. For a while it felt a little outdated, but now I'm happy I stuck with the thing I felt was right.
lornajane.net
When someone writes "thought leader" in their own bio, then copies your work, word for word, without attribution, and gets a thousand responses on social media...
Flattery feels awesome.
A quick reminder as folks are glorifying absurd hours again:
1. Sustained crunch mode leads to net negative productivity vs. 40 hr/wk
2. Working sleep deprived leaves you as mentally impaired as being drunk
Working longer *feels* productive but it makes you worse at your job.
I tweeted that I prefer cosycore to hardcore and someone called me lazy 🙃
I don’t know why some folks feel like work isn’t work unless it’s miserable and you’re stressed.
Bird watching is so perverted. You blow a little noisemaker that shouts “Wanna fuck?! Wanna fuck?!” And then when a bird shows up wanting to fuck you are like “Aha, I see you through my binoculars!” Sick behavior. Twisted behavior.
TWITTER HAS BEEN A VEHICLE OF AMPLIFICATION FOR WRITERS AND ARTISTS AND WITH ITS DEMISE YOU'RE SEEING A PANICKED GROUP OF CREATORS TRYING TO REESTABLISH AUDIENCES - WHICH TOOK YEARS TO BUILD - ON OTHER PLATFORMS IN A MATTER OF DAYS, ANYWAY HAVE YOU SIGNED UP FOR MY NEWSLETTER
You've defined an elitist form of narcissism that you used to justify the abuse of the very workers who enable the wealth of people like Elon.
Stop justifying abusive behaviors.
Stop celebrating failure.
I'm so glad Elon Musk allows accounts with no profile pictures and only a handful of followers to pay $8 to be "verified" and post this crap. What is this guy "verified" as other than an asshole?
No wonder so many of us are looking at alternatives.
refuse to lose the tweets from the best poster ever just because the worst poster ever shit his pants after a divorce.
here it is: every @dril tweet in chronological order, up & free forever. please share.
will continue to build it out for ease of use docs.google.com/spreadsheets/d…
“Just bring me your best code,” I say with a dismissive hand wave, hoping my strategy for dealing with wine menus I don’t understand also works on engineers.
In one day, Elon Musk did more to endanger Jews and other minorities than any celebrity could ever do.
It won’t be seen that way. Won’t be reported that way. But those are the facts.
btw I didn't actually write the whole thing in a couple hours. The basic story & treatment WAS literally a few hours, but then it took me a few more days to put the whole thing together. Vol 3, on the other hand, took an entire year or more of writing. You never know.
Post details
James Gunn Talks Writing ‘The Guardians of the Galaxy Holiday Special’ in Just a Few Hours and the Latest on His Final ‘Guardians’ Film hollywoodreporter.com/movies/movie-f…
Jamie Tanna
.
#security.
