My opinions on this are partially informed by @thegrugq, whose input can be summarized by the sentence “”.
Like, take this whole paragraph from the article. You’ve seriously got distributors posting “honesty bonds” (their own capital) and it’s enforced by someone doing random testing? There are Fortune 50 businesses that aren’t this organized. https://opaque.link/post/dropgang/
For one thing, dead drops — as a means to distribute illegal substances — just don’t scale. For another, the article implies a level of criminal sophistication and organization that would make a James Bond villain jealous.
I’m increasingly of the opinion that the entire “dark markets have evolved to use dead drops” article was total BS, and I regret tweeting about it.
Honored to join economists from both sides of the aisle in support of a carbon dividends solution to climate change. https://www.wsj.com/articles/economists-statement-on-carbon-dividends-11547682910 via @WSJOpinion
Sorry, this isn’t politics Twitter. But there’s so much of this stuff in my timeline from people who also have strong opinions about computer security and policy, I have to wonder if they’ve thought through those opinions just as carefully.
Followed only by the “both sides are being childish for refusing to negotiate” during a shutdown initiated by one party, admittedly done purely as a negotiating tactic. Smart people I respect actually say this stuff.
“I think we’re heading towards a constitutional crisis that threatens the rule of law in this country but I’m not going to do something gauche like appearing to support the opposition party” - every legal analyst on Twitter.
Well, I'd like to see ol Donny Trump wriggle his way out of THIS jam!
*Trump wriggles his way out of the jam easily*
Ah! Well. Nevertheless,
I trust you have seen that their sister agency in UK has proudly presented its own process for hoarding vulnerabilities this week? What could possibly go wrong? https://www.gchq.gov.uk/features/equities-process
i think most non-academics underestimate how much research projects are driven by sheer annoyance with how wrong everybody else is
How many government servers were not patched in the past month? How many applications and website frameworks were not updated? How many pentests were postponed? How many logs were not examined for intruders?
I think we should have twelve Oakland conferences per year, not just deadlines. Change my mind.
Want to download the latest NIST 800-53 draft? Sorry you can't. https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/draft
Right now we’re relying on friction from software diversity to keep our society functioning. But in practice, the first people to get really serious about automatic vulnerability finding are going to own the equivalent of a nuclear arsenal.
Stuff like this makes me despair. Even the simplest motorized devices are now reliant on computers in fundamental ways, at the same time they’re increasingly being connected to networks.
I’m obviously not an EE — but I was stunned to learn that consumer power drills use a reasonably powerful ARM microprocessor to activate the coils and drive the drill motor.
For more please visit @internetofdongs research
I hate that we have a subfield in computer security called “vibrator security.”