1/ I'm going to use holiday travel as an analogy for "infosec burnout". A big cause of burnout is struggling to make people see the obvious. In this case, I struggle with the fact that airline travel over the holidays is NOT particularly busy, despite what everyone knows.
2/ Airlines fly about 85% full all the time, and on busy days (Xmas, Xgiving, summer), those numbers may rise to 95% full. A 10% increase is not large, thus those huge crowds you believe exist, and see on local TV news, don't really exist.
3/ I cite as evidence this chart. The busiest days are in the summer, when people travel on vacation. The months June through August are busier than right now for Christmas.
4/ That airlines aren't busy on the holidays is as obvious as the non-existence of Santa Claus. It's basic logistics. It means airlines have to fly empty the rest of the year, or a stash of airplanes in reserve they pull out only for holidays.
6/ Cybersecurity is full of similar problems. Believe believe in feelings rather than measurements, evidence, math. This happens on both sides: those who ignore obvious problems, and those who believe in imminent doom.
5/ I scan the Internet, I measure things, I can see things that are obvious. I'm regularly astonished by big organizations who are unaware of their public exposure on the Internet, and the inevitable risks this causes.
7/ Conversely, there are the prognosticators of doom. Everyone is prognosticating what Mirai means for the future, but they are all wrong, because they refuse to look at what actually happened with Mirai.
8/ Eg. Mirai was due to public exposure to IPv4. No, the coming wave of 20 billion IoT devices isn't a Mirai-style danger since there are no public IPv4 addresses left. They all go on random IPv6 or behind NAT.
9/ what’s more likely in the coming years, another Mirai-style worm? Or a vendor gets popped and pushes out a signed update that automatically gets applied?
10/ When that happens, I’ll be in a conversation:
“I told you IoT was a problem”
“Yes, but your solution was to force vendors to auto update their products”
• • •
Missing some Tweet in this thread? You can try to
force a refresh
It's probably biggest in Economics, where it's hard to have a rational discussion about what DOES happen because people are so concerned with what SHOULD happen.
It's a lot easier with physics or chemisty.
It's a big problem with law. There's a wide gap between what the CFAA DOES day and what people think it SHOULD say.
Infosec was up in arms that F12 "view-source" isn't criminal hacking, but that was a NORMATIVE statement. Nobody read the Wisconsin law to see what it DOES say.
Back a couple years ago, people were rewriting the classic 'wc' program (word-count) in their favorite programming language to prove theirs could be as fast as C.
So I decided to rewrite using my favorite algorithm instead: a "state machine parser".
The algorithm to count words (and lines and characters) is 3 lines long, the while(){} loop at line 25.
You are supposed to marvel at how this is absolutely NOT a word/line/char counting algorithm -- and yet, it produces the same results as 'wc'.
I implemented the same algorithm in JavaScript, and it ended up being faster than all those "I rewrote wc in my favorite language" examples. But the reason isn't that JavaScript is faster than their language, but because the ALGORITHM is faster. It also jits well.
About an hour into it, when I'm describing DNS header compression on generating the query packet for "google.com" that they'll be asking me politely to leave.
I lie. It'll take hours to get to that point, as I first explain how Chrome caches DNS names before making a request to the operating system to do DNS resolution on it's behalf -- assuming they haven't enabled DNS-over-something.
I lie. There's probably a whole day's discussion of what happens when you click with the mouse on the screen to load the page, tracing the path of execution through Windows event handlers.
Note that I'm not a solid source here. 1. I experience weird disruptions trying to make calls to the Ukraine cell phone network 2. Techies (who don't want to be named) said it was because the cell network was being DDoSed.
I do know that while cell providers are supposed to have private links to each other, I know that a lot of traffic ends up going across the Internet backone, so the scenario is plausible (though not proven).
The weirdest thing was a recorded message saying the subscriber wasn't available, in english, but breaking up severely due to disruption on the network, which as I understand it, shouldn't be possible.
Here is inflation from the Eurozone. It has the same spike as we do. It's hard to imagine how Biden caused that.
The things that economists cite that cause the current inflation were the steps taken during Trump's administration. Stimulus happened in 2020, the effects were seen in 2021. It was sticking upwards before Biden had a chance to make any difference.