Profile picture
Robᵉʳᵗ Graham 🤔 @ErrataRob
, 16 tweets, 3 min read Read on Twitter
1/ So I want to discuss Trump's poor writing as an allegory for cybersecurity. Twitter blew up yesterday enjoying the irony of Trump using the wrong word for "pore" in a tweet extolling his skill as a writer. There are similarities in how people treat software bugs.
2/ Most enjoying Trump's misfortune themselves did not know the difference until it was pointed out to them. Yet, everyone sees themselves as competent in criticizing Trump's writing skills.
3/ The "pore" vs. "pour" problem isn't the only flaw in his tweet, there are several worse problems. Yet people seize on this one mostly because it's the easiest for their small minds to understand.
4/ Another flaw in Trump's tweet is a "dangling participle", which remains even after Trump corrected "pore". I see nobody laughing at him over this, because people just don't understand it, even after "dangling participle" is explained to them.
5/ Something similar happened with the "notPetya" worm. A lot of pseudo-experts opine abut the ETERNALBLUE bug in Windows that was used in the worm, but like "pour", it was the least important of the issues. It dominates the discussion because it's easiest to understand.
6/ The real issues of "notPetya" were (1) it was delivered via an auto-update software patch from the vendor, and (2) it spread laterally through reuse of Windows credentials. ETERNALBLUE was only a minor third issue.
7/ Ironically, "experts" use "notPetya" to claim that it demonstrates the need for automatic patching, to fix bugs like ETERNALBLUE before they can be hacked. They aren't paying attention to what's going on, just to what messages the ignorant public wants to hear.
8/ Back to the Trump's tweet. Bigger than typos and grammar mistakes is that his "best selling books" where ghostwritten and edited. His claim he wrote them is a lie. It's false, and he knows it's false.
en.wikipedia.org/wiki/Bibliogra…
9/ This shows how in Trump's presidency, trivial debates consistently overshadow substantive ones. People display more concerned about a simple typo than an outright lie. Even on substantive issues, debate veers toward the trivial.
10/ How "notPetya' spread via PsExec using Windows credentials is the most important cybersecurity issue your organization faces right now. I've been saying this since before notPetya. Yet, it's a discussion that we can't have.
11/ Inevitably, such discussions veer toward the trivial, such as asking what product, which vendor, will fix this issue. There is no product. Well, there is, it's called "Windows". The products you need to address this are already provided by Microsoft, you just ignore them.
12/ The underlying issue is that you've made bad decisions, that you were advised not to, because everyone else was making the same bad decisions without apparent problems. Now that ransomware spreads via Windows networking, these decisions are shutting down organizations.
13/ It's just easier to blame ETERNALBLUE. It's not your fault! It's Microsoft's fault!! It's the NSA's fault!!! The city of Atlanta's network was destroyed by ransomware spread via Windows networking, but sure, let's blame somebody else!
14/ Anyway, we still haven't even discussed the topic of Trump's tweet, which is criticism of how he Capitalizes words Awkwardly. Some claim it's because he's committing a grammatical mistake, others that it's just because Twitter has no bold/italics to emphasize words.
15/ Trump's flaw is he over-emphasizes too much, both with Capitalization and exclamation marks!! Criticizing this as a grammar flaw, or insisting Twitter should add bold/italics, doesn't address this underlying flaw.
16/ The same is true with cybersecurity. Many want software liability for vulns. They are ignoring how this doesn't address anything. It does't address almost all the hacks in Verizon's DBIR. It ignores what really happened in notPetya and Mirai. It's not addressing the problems.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Robᵉʳᵗ Graham 🤔
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @ErrataRob see all

Profile picture
1/ So I thought I'd write up a few notes on Trump's oval office address (transcript here). The reason I'm writing this is up is because Pelosi/Schumer derided Trump on the "facts" -- and then provided none of their own.
nytimes.com/2019/01/08/us/…
2/ First of all, I think the context is that Trump wants to declare a "state of emergency" to bypass congress. He's either trying to convince us, or test the waters to see if we'll accept it. We should not let him, this would be a horrible abuse of power, what despots do.
3/ There is legitimately a "humanitarian crisis" going on. As this Wikipedia article describes, there has been waves of refugees, including a lot of children, coming from the three countries immediately south of Mexico since 2014.
en.wikipedia.org/wiki/2014_Amer…
Read 28 tweets
Profile picture
1/ Well, to answer this, sign up for the phone company's family plans designed to allow you to track your children. It's hit or miss, sometimes very accurate, sometimes not.
2/ Modern phones and towers have multiple abilities to track your location. For one thing, because of speed-of-light delay, the tower must know your distance from the tower to within 100 meters.
3/ Next, towers know which directional antenna your signal arrives on. This gives them a 120° arc within which to locate you, the closer you are to the tower, the more accurate that is, of course.
Read 13 tweets
Profile picture
1/ In regards to my tweets today about "institutions" that make us great, let's talk about journalism and "both-sides-ism". Nobody likes it, but those who disagree with us are still reasonable people, the are multiple sides to every debate. This is why a free press is valuable.
2/ Let's take "anti-vaxxers" for a moment, which I assume you'll agree are "batshit crazy" and not "reasonable" in any fashion. Yet, we still have a "both sides" issue. Even if "vaccines cause autism" argument is garbage, we still debate whether governments can force vaccines.
3/ It's the same argument whether governments can force you to donate a kidney. Or force you to donate bone marrow (which is relatively harmless to the donor). Or force a woman to cary a baby to term.
Read 9 tweets

Related threads

Profile picture
@Jim_Jordan Any #Trump sycophant, alleged pedophile protector, trying to besmirch this hero, while his own children will have to suffer from the decisions made for the country, is sad. Why wouldn't the #GOP make it an open door session if they had nothing to hide? Your reign ends soon.
@Jim_Jordan As time passes, more comes to light, with the Steele dossier, Trumps alleged involvement in Epstein child sex ring where Secretary Acosta stopped the FBI investigation before more suspects could be arrested, and money laundering campaign contributions from Russian operatives.
@Jim_Jordan Plus your support for a theocratic monarchy that really acts like a ruthless inhumane dictator & desire to sell American technology to them when it could then be used to kill our own troops or handed over to Russia is genuinely INSANE. Who is dishonorable, spineless sycophantic?
Read 81 tweets
Profile picture
Introducing...

THE HUNT: A Cyber Attack in the Process Industry

#cybersecurity #thehunt

blog.f-secure.com/cyber-security…
In manufacturing...

• 86% of cyber attacks are targeted

• 66% feature hacking

• Only 34% involve malware
In manufacturing, almost half – 47 percent – of breaches involve the theft of intellectual property to gain competitive advantage.

#cybersecurity #thehunt
Read 89 tweets
Profile picture
So #Trump is holding a news conference in about five minutes. I’ll be watching (and probably tweeting). Follow/mute at will!
Okay, #Trump has started speaking. He's already slurring. He's already made a joke about "a lot of......MEDIA.".

This does not bode well.
#Trump is now saying that China wants to "see me lose an election because they've never been challenged before."

It's not just China, pal.
Read 63 tweets
Profile picture
Trump: Day 571
-Calls African-American Aide a "Dog"
-Cant Guarantee an "N" Word Tape
-Opposed 2 Putting Tubman on $20
-Omarosa Issues Startling Claims
-Gained More Executive Power w/Bill
-More Ethical Issues 4 Wilbur Ross
-US Crop Export Prices Plummet
-Manafort Refuses 2 Testify
Add...
Day 676 since Donald Trump admitted to sexual assault — yet he’s still in the Oval Office
Add...
Day 528 of NO EVIDENCE produced by Trump that his phones were tapped by Obama.

The FISA warrant Trump referenced targeted Carter Page. #TrumpLies
Read 68 tweets
Profile picture
Trump: Day 481
-Disclosure Admits Stormy Payment
-Senate Intel Shows Russian Support
-Kremlin Used NRA to Help Trump
-Calls Deported Immigrants "Animals"
-Cancels WH Press Briefing Again
-Walls Closing in on Michael Cohen
-Trump/Kim Summit Now in Question
-THIS IS NOT NORMAL!
Add...
Day 586 since Donald Trump admitted to sexual assault — yet he’s still in the Oval Office
Add...
Day 454 since Donald Trump held a news conference.

Trump’s first and only solo news conference was on February 16, 2017.

What is he afraid of?
Read 67 tweets
Profile picture
Trump Hotels' website still lists Trump SoHo New York among its properties in the Our Hotels menu. Select its name though to access its page and there's a message about it being renamed

bit.ly/2EPCSy1
National politics correspondent for Newsweek, Nina Burleigh, with a fun find on a TV above the bar at the Trump Hotel DC bit.ly/2E37QRR
Two errors in the 2nd graf of Breitbart's Trump Hotel DC article:
-holdings aren't out of @realDonaldTrump's hands: trust isn't blind & he can profit from it
-Trump Org told Congress it was estimating foreign receipts—not auto donating in full
bit.ly/2CpL7z2
Read 1562 tweets

Trending hashtags

#Crete #StopCrossCheck #maga #IranianDeal #IranDealWithdrawl #Idlib #IIBAWC18 #NoKavanaughVote #PompeoAtHeritage #Guardian #BrooklynBecky #Turkey #Athens #Turkish #Iran #america #satire #Bolton #Greece #Trump #PAM #codes #MAGA #Mueller #left

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!