Share this page!

matt blaze Profile picture
Twitter logo
Aug 23, 2018 7 tweets 2 min read
Note: if I comment that it’s extremely unlikely that your state or local government election website can withstand attack from a foreign intelligence agency, I’m not casting aspersions on your competence. I’m stating a harsh reality that you really need to think about.
I don’t know how to reliably secure a complex internet facing service against a state adversary. No one I know does, either. The only people I’d trust to try understand this.
So what should state and local election officials do? Start by planning for scenarios where your web systems get compromised. Because they might be, no matter how confident you are that they won’t.
It's also worth noting that the (publicly reported) Russian attacks against US state and local election systems in 2016 represented nowhere near the full capabilities of a determined nation-state actor. There's a lot more to defend against than spearphishing attacks.
A full-in attack from an intelligence agency looks a lot more like Stuxnet than what happened in 2016. There are no reliable defenses against such an adversary, at least not if you're not a national intelligence agency yourself. The only defense is a good plan for recovery.
Of course, as we saw in 2016, intelligence agencies don't always (or even usually) unleash their full capabilities. So defend against phishing, have backups, and patch things. But also have a recovery plan for when that fails.
Also, reupping this, where I go into this in more detail. mattblaze.org/papers/blaze-g…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with matt blaze

matt blaze Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @mattblaze

matt blaze Profile picture
Feb 21
For the record, there’s no need for the scare quotes here. I’m a full-time professor at a moderately respectable university. This makes me literally and uncontroversially an academic by virtually any common definition of the term. Image
In fact, the writer seems to use academic as a slur, to suggest that my lack of real-world knowledge and experience should make me less legitimate or credible. The scare quotes merely blunt that.
He or she also put scare quotes around my name, which is, literally, my actual name. So I’m thinking perhaps punctuation isn’t their strong suit.
Read 4 tweets
matt blaze Profile picture
Feb 21
Midtown.

flickr.com/photos/mattbla…
Apologies for the horrendous Twitter auto-cropping.
NB: Georgia O'Keeffe and Alfred Stieglitz lived and worked in the (now shuttered) Shelton Hotel (at left), and frequently used the surrounding skyscrapers as subjects.
Read 5 tweets
matt blaze Profile picture
Feb 8
Radio nerditry: after 4 years, my Wellbrook loop stopped working today. Turns out, it’s very hard to properly weather seal a BNC connector, which Wellbrook unfortunately uses. Fortunately, it was only a cheap N-BNC adapter that corroded. Now replaced, with extra coax seal. A badly corroded bnc connector.
Antenna manufacturers: please don’t use freaking BNC connectors on things intended for permanent outdoor installation! What are you thinking?
All that said, I love everything else about the Wellbrook loops. Well worth the international shipping hassle.
Read 5 tweets
matt blaze Profile picture
Jan 30
It's been a very strange weekend here, so here's a needlessly high resolution photo of the Lincoln Memorial.
flickr.com/photos/mattbla…
And here's the 59th Street Bridge, looking like it's dressed up to go someplace fancy.

flickr.com/photos/mattbla…
Here's the UN Secretariat building, looking all mid-century, not only before it was uncool, but before it was cool. flickr.com/photos/mattbla…
Read 15 tweets
matt blaze Profile picture
Jan 29
Heh. Guy just threatened to boycott Georgetown because I canceled my Spotify account.

Go for it, bro.
I'm a little surprised this guy was apparently OK with me until he found out I no longer have a Spotify account. I guess that was the last straw or something.

Sorry, Georgetown fundraising department.
General consensus, however, is that I must be a moron, an imbecile, a spoiled millennial, or a censor. Several people suggested I perform an act that, frankly, seems beyond anatomical plausibility.
Read 6 tweets
matt blaze Profile picture
Jan 29
I just closed my Spotify account; I have no desire to enrich dangerous pro-virus propagandists. Fortunately, it's easy and painless to move (almost everything is available elsewhere). @violetblue has great instructions for finding alternatives and migrating playlists, etc. below.
@violetblue I don't do this lightly. I know the revenue from my account is relatively small, and that the anti-vax stuff is only part of their offerings. And I do things like subscribe to newspapers that print editorials that sometimes offend me. But Spotify has siimply lost its way.
@violetblue In particular, when I signed up with Spotify it was a music streaming service with a few podcasts. Now it's basically a podcasting platform (giving exclusive multi-million deals to dangerous propagandists), with music streaming on the side.

Not for me.
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @mattblaze has new unrolls!

Check out other threads from @mattblaze!

Read all threads by @mattblaze

:(