Discover and read the best of Twitter Threads about #Defcon
Most recents (21)
Hi @mdeperno! 👋 Ingham County Clerk Barb Byrum again… It was nice seeing you on #LetItRip with @rooprajfox2 last night. I heard that you thought I went silent… perhaps that was just because you took up most of the oxygen with your bloviating.
fox2detroit.com/video/1104367
fox2detroit.com/video/1104367
But since you tweeted at me, this morning, I would like to take the opportunity to expand on a few things: You would be a dangerous AG and are a threat to our democracy.
You were asked several times if you were in possession of tabulators and never satisfactorily answered the question. Did you possess them?
Today's Twitter threads (a Twitter thread).
Inside: A TRAP for workers; and more!
Archived at: pluralistic.net/2022/08/04/its…
#Pluralistic 1/
Inside: A TRAP for workers; and more!
Archived at: pluralistic.net/2022/08/04/its…
#Pluralistic 1/
A TRAP for workers: Oops, we re-invented indenture.
2/
2/
Hey look at this
* Public Defenders/Defense Attorneys: Help @ProPublica Report on Criminal Justice propublica.org/getinvolved/pu…
* @StephenKing testifies against publishing merger bbc.com/news/world-us-…
* How to write a Flintstones history of money brettscott.substack.com/p/how-to-write… 3/
* Public Defenders/Defense Attorneys: Help @ProPublica Report on Criminal Justice propublica.org/getinvolved/pu…
* @StephenKing testifies against publishing merger bbc.com/news/world-us-…
* How to write a Flintstones history of money brettscott.substack.com/p/how-to-write… 3/
EFF's member t-shirts come in many different shapes and sizes! Looking for a super-soft v-neck? Check out our Grey Cat V-Neck that also comes with a year-long membership! supporters.eff.org/shop/grey-cat-…
Are v-necks not your style? Check out EFF's set of vintage #DEFCON t-shirts that come in several different designs, like our DEF CON 27 shirt featuring a futuristic utopia on the back. supporters.eff.org/shop/def-con-2…
Having a hard time finding a smaller shirt? We've also got you covered with our DEF CON 23 t-shirt that comes in slim fit xs or slim fit s and features an encryption puzzle! supporters.eff.org/shop/def-con-2…
DEF CON 28: this weekend, all weekend. The 2020 virtual event is free to attend. You don't have to register. defcon.org
This year, we have 3 speakers from F-Secure at DEF CON, hacking all the cars and all the clouds:
@VicHarkness
@_Skybound
@nojonesuk
@VicHarkness
@_Skybound
@nojonesuk
Slowly digging through #BlueLeaks and keep finding gems like Homeland Security warning police of low-tech ways "smugglers" can defeat automated license plate readers (ALPRs)
Law enforcement told that if they see a person use the Siri shortcut “Police,” wherein saying "Hey Siri, I’m getting pulled over” starts an iPhone recording, it "may raise suspicion in a reasonable person and constitute a basis for reporting." #BlueLeaks
LOL at someone trolling a random cop via AirDrop (turn off your Bluetooth, folks) #BlueLeaks
I received an email from John Graham-Cumming telling me my code was in the original Terminator movie. And it's true!
Here's the still from the movie:
Here's the still from the movie:
and here's the article from the May 1984 issue of 73 Magazine:
@Ndjour 1/
Second, Nicholas.
👏🏿👏🏾👏🏽👏🏻👏🏿👏🏾👏🏽👏🏻
I use a dbl pronged descriptor:
We need Full-Faith & Complete-Confidence in the integrity of our elections🗽
In GA we haven't either..
".. or a distant cousin, twice removed .."
"Cripple, put the Keystone, on the table."
___ Da Vinci Code
Second, Nicholas.
👏🏿👏🏾👏🏽👏🏻👏🏿👏🏾👏🏽👏🏻
I use a dbl pronged descriptor:
We need Full-Faith & Complete-Confidence in the integrity of our elections🗽
In GA we haven't either..
".. or a distant cousin, twice removed .."
"Cripple, put the Keystone, on the table."
___ Da Vinci Code
@Ndjour 2
Starts w/ #ProprietaryAndConfidential
US Laws & then
#PrivatelyOwned &
#PubliclyFunded
GA Taxpayers own #ElectronicVotingDevices w/
#CorruptibleCode impacting public services, schooling, taxation, commerce, GA's #GDP etc.
Election results drive it & we can't inspect suspect
Starts w/ #ProprietaryAndConfidential
US Laws & then
#PrivatelyOwned &
#PubliclyFunded
GA Taxpayers own #ElectronicVotingDevices w/
#CorruptibleCode impacting public services, schooling, taxation, commerce, GA's #GDP etc.
Election results drive it & we can't inspect suspect
@Ndjour 3
code.
Documented, proven irresponsible #EMS methods & procedures have left GA voters private, personal & sensitive information available on the Web, for those who know how to find it.
There are at least 2 lawsuit's pending on these issues:
@CoalitionGoodGv &
@fairfightaction
code.
Documented, proven irresponsible #EMS methods & procedures have left GA voters private, personal & sensitive information available on the Web, for those who know how to find it.
There are at least 2 lawsuit's pending on these issues:
@CoalitionGoodGv &
@fairfightaction
You can’t vouch for your own bug. You will always see it as the most beautiful bug that ever did bug. Doesn’t matter if you’re the one who does the thing, or even if you’re right. If it needs a vouch, recuse yourself. It’s ok. It’ll hold up on its own, or not. Learn either way.
On the flip side, be careful whose vouches you do trust. Review boards have drama that has absolutely nothing to do with you, starting from the reality that they can’t accept all the good talks. No room.
People in such situations sometimes get shitty. Don’t take it personally.
People in such situations sometimes get shitty. Don’t take it personally.
You absolutely need external calibration. You’ll eventually notice our culture (for *many* definitions of our) has a positive feedback problem.
A rule of thumb is, don’t seek approval from those who reject everything. What can you expect?
No easy answers here.
A rule of thumb is, don’t seek approval from those who reject everything. What can you expect?
No easy answers here.
Wow. #Orwellian #Doublespeak Below @KathyBoockvar claims to be part of a bipartisan effort to improve #ElectionSecurity. Yesterday she released a report re-certifying the #ExpressVoteXL through a secret review that was not open to the public. freespeechforpeople.org/wp-content/upl…
3 good government groups made a joint statement about what a charade this #security review of the #ExpressVoteXL was freespeechforpeople.org/election-secur…
“It is disappointing that @KathyBoockvar decided not to be fully transparent” said @kskoglund Chief Technologist of Citizens for Better Elections. “Every petition for reexamination since 1980 has included a demonstration where the public and petitioners were invited."
Thread 1. !CTA! Tues 8/20 8:30 PM EST Unique Opportunity - call w/ Senator @RonWyden & @HarriHursti To get $600M dollars in #ElectionSecurity funding for cash-strapped states. Sign up for call here: zoom.us/webinar/regist… @StandUpAmerica @secureourvotes @LetNYvote @commoncauseny
2. Read my op-ed @thehill about what I experienced at #DEFCON & the very real dangers we are facing right now in achieving an accurate vote count. thehill.com/opinion/techno… @VerifiedVoting @NEDCDefense @D3P @BrennanCenter @dailykos
3. !CTA! 9/17 there will be a nation-wide action to push for the $600M in #ElectionSecurity funding. Call tonight is to plan for this. Sign up: zoom.us/webinar/regist… Host an event. @StandUpAmerica @peoplefor @emilyslist @LetNYvote @NYDLC @representus @VerifiedVoting
The #DEFCON Voting Machine Hacking Village is critically important to US election security. But I personally believe that the Village should not be advertising and promoting goods or services for personal gain.
Many people have shared similar concerns with me. I say this after searching the twitter feeds of many other villages at #DEFCON to understand if this is a normal activity. It does not appear to be so.
I believe this is a bad example to set for an organization so important. To be clear, if they were raising money for the village itself, I personally think that would be different. Buying machines off eBay ain’t cheap. I know.
[THREAD sorry]
So @smealum's #defcon #buttplug talk is done.
Piecing together what I can from slides posted to Twitter since going to Defcon would requires leaving the house.
AFAIK, our software is not affected by this specific exploit chain.
Info and some thoughts follow.
So @smealum's #defcon #buttplug talk is done.
Piecing together what I can from slides posted to Twitter since going to Defcon would requires leaving the house.
AFAIK, our software is not affected by this specific exploit chain.
Info and some thoughts follow.
I will warn that this thread will be painfully technical.
If you're following me for intimate UI/UX contexts and don't wanna see a bunch of talk about OS API models and firmware and what not, feel free to mute this thread, I'll tag everything from here out with #meltbutt too.
If you're following me for intimate UI/UX contexts and don't wanna see a bunch of talk about OS API models and firmware and what not, feel free to mute this thread, I'll tag everything from here out with #meltbutt too.
1 hour left! My talk « History if the worst #Android app ever: mAadhaar » is at 10am at the @AppSecVillage of #Defcon!
I will talk about #India, #Aadhaar, #Android app, #Frida and #disclosure
I will talk about #India, #Aadhaar, #Android app, #Frida and #disclosure
Ofc I’ll share the link when I have it
Oops I tagged the wrong handle it’s @AppSec_Village
Bro, don't try to be smart. Do your homework first and I'll be happy to discuss with you... 😒
General comment: Don't let your political view change your judgement on technical details. You will say stupidity like this.
My research on mAadhaar is well documented and I will present everything at #Defcon. You will have the possibility to verify everything if you want
My research on mAadhaar is well documented and I will present everything at #Defcon. You will have the possibility to verify everything if you want
I broke all the versions of mAadhaar for the last 4 years. I know my subject 😀
@ceo_uidai Hi @reliancejio, what's up? Can you cancel the vacation of your spokesperson?
@ceo_uidai @reliancejio It's gonna be epic
In order to prepare my talk for the @AppSec_Village at #Defcon, I spent my night on the the official #Android app made by @UIDAI: mAadhaar.
Whatever the version of the app, you will get a "Technical Error" when you try to add a profile. 1/3
Whatever the version of the app, you will get a "Technical Error" when you try to add a profile. 1/3
Few months ago, someone at the @UIDAI offices changed the APIs on the server side but forgot to update the mobile app. I decrypted the all thing and the "Technical Error" is in reality an "API ERROR" aka the mAadhaar don't know anymore how to discuss with the UIDAI's servers. 2/3
The quality of this app is a shame. Again, this shows how bad is the app and the mAadhaar team. This is ridiculous @UIDAI, fix your sh*t! 3/3
#Defcon advice: Do whatever you want to do, there is a room for everyone.
This is what @Defcon and this community is: a bunch of very different people with the same passion, the same spirit.
We are also adults and security professionals, so be respectful too.
This is what @Defcon and this community is: a bunch of very different people with the same passion, the same spirit.
We are also adults and security professionals, so be respectful too.
If you read Twitter, you can have a weird feeling about #Defcon. If you want to join, don’t be afraid and come. As said, we will make a place for you.
Personally, I’m going to the conferences and Defcon especially for the experience. I want to meet new people, know them, share our experiences. I will also select and attend some talks to expand my view on subjects I like.
OK, chores are done, errands are run, so here comes a thread about surviving #defcon (and looking fabulous while you do it.)
1) You're going to want to wear waterproof mascara, if you're wearing mascara at all. The heat/sweat will cause normal mascara to run, so waterproof is definitely your best bet.
2) Find a good setting spray to keep face makeup from melting. I really like Too Faced's 3-in-1 setting spray because it hydrates, primes, and sets well, but ymmv.
I wonder if #DEFCON26 just leaves discoverable BlueTooth devices around in order to see how many people try to pair with them
Hi Marvin. #DEFCON26
(Explanation: this guy trust transmits a zillion random WiFi "beacons" pretending to be an access-point, in order to overflow monitor products like this with data)
(Explanation: this guy trust transmits a zillion random WiFi "beacons" pretending to be an access-point, in order to overflow monitor products like this with data)
At #DEFCON26, this other guy is doing a brute-force attempt at broadcasting a zillion access-point names, hoping that your phone/laptop is automatically configured to connect to them.
I've been getting a lot of questions from women (and some men!) who are going to defcon for the first time this year. First off, congratulations! It's a really great environment to learn and make friends! Since I've been answering the same qs for many, here's a thread of tips:
I'm heading to #defcon @defcon and @DianaInitiative only this year because I'm finalizing a keynote and working on a super secret thing for Saturday. I don't have the capacity to also go to #BlackHat2018 and #BSidesLV so will sadly be missing those :(
