Profile picture
Pumpkin' Spice Rob 🎃
@ErrataRob
, 3 tweets, 1 min read Read on Twitter
There are many industrial control systems, Windows or not, that cannot be patched and are full of vulnerabilities.

This is not a problem. Patching is only one mitigation measure.
The infosec community is full of small-minded jerks that focus on patching. It's not because they have experience with the problem. Instead, it's because their model of the world is that insecurity comes from moral weakness, greedy corporations and lazy users.
Yes, patching is important. But It's not some transcendental concept. It's only one of many important things. The most important things are whether the system remains up and functional.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Pumpkin' Spice Rob 🎃
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @ErrataRob see all

Profile picture
Pumpkin' Spice Rob 🎃
@ErrataRob
The President's comments calling for China/Ukraine to criminally investigate his chief political rival is unprecedented and wrong.

It's worse than Trump's tax bill or position on climate change.
I mention this because my timeline is full of Democrats who want to impeach Trump for the crime of being a Republican and not agreeing with them on political issues like taxes and climate change. His brazen corruption is just an excuse to impeach him for these other things.
But such corruption transcends politics. When otherwise stable democracies fail, like most recently Venezuela, they fail because such corruption and demagoguery runs unchecked. It must be checked for democracy to survive.
Read 4 tweets
Profile picture
Pumpkin' Spice Rob 🎃
@ErrataRob
I can't believe I'm saying this, since I loathe everything about Stallman, but I'm on his side here. I read his comments, he didn't say what Vice claims he said.
It's a good example how social media outrage nobody wants to be on the wrong side, and thus, when inaccuracies happen, nobody wants to defend them. Nobody wanted to defend Minsky, and when Stallman did, nobody wanted to defend Stallman.
All Stallman said, as far as I can tell, is that Minksy might not have known she was 17/coerced. Vice twisted Stallman's words into "Epstein Victims [are] 'Entirely Willing'".
Read 9 tweets
Profile picture
Pumpkin' Spice Rob 🎃
@ErrataRob
It's Trump's argument that there was "no quid pro quo" that convinces me. If it were a legitimate "favor" he was asking for, then "quid pro quo" is legitimate. That "quid pro quo" would be illegitimate means the favor was illegitimate.
If asking Ukraine to dig up dirt on his political opponents were in the national interest, then threatening or bribing the Ukraine is totally appropriate. In fact, that's pretty much how all foreign policy works.
Would it be legitimate for Trump to say 'Can you do me a favor and send $100,000 to my bank acount? There's no quid pro quo here, I'm promising nothing in return.".

Of course not. And what he's asking is worth more than $100,000 to him -- dirt on Biden.
Read 4 tweets

Related threads

Profile picture
Elliot Alderson
@fs0c131y
1. During my last talk someone in the audience asked me if I was optimistic. Are you optimistic? Do you think the future will be better?

My answer is a clear no, let me explain why
2. Public interest is not a thing for #infosec sector. Business is everywhere. A conference organizer told me recently: "We have difficulty to find people who want to talk and have nothing to sell"
3. There is a lot of money in this sector and everybody is trying to get a part of it. As said during the @defcon talk of @schneierblog, public interest should be one of the major concern of the #infosec sector.
Read 11 tweets
Profile picture
ᴸᵁᴸᵁ ᴸᴱ ᴹᴱᵂꜝ #HateIsNOTaHoax
@LuluLemew
⚠️New clues show how Russia’s grid hackers aimed for physical destruction
2016 Russian cyberattack on Ukraine intended to cause far more damage than it did. arstechnica.com/information-te…
For nearly three years, the December 2016 cyberattack on the Ukrainian power grid has presented a menacing puzzle.

Two days before Christmas that year, Russian hackers planted a unique specimen of malware in the network of Ukraine's national grid operator, Ukrenergo.
Just before 12am, they used it to open every circuit breaker in a transmission station north of Kyiv. The result was an unprecedented, automated blackout across a broad swath of its capital. wired.com/story/russian-…
Read 62 tweets
Profile picture
Elliot Alderson
@fs0c131y
1/ Thread: Few days ago, I had a nice discussion with a French #infosec professional. He told me: “Maybe you don’t know it but some French infosec pros don’t like what you are doing”

A clarification is needed.
2/ I’m very surprise by the amount of negative feedback I received from the French infosec community. I don’t know why but I don’t receive the same feedback from the others infosec community 🤷‍♂️
3/ Dear infosec pros, I don’t care if you don’t like my account because this account is not made for you. It is here to make things change, to solve issues, force companies to fix their sh*t, to have an impact on millions of people.
Read 9 tweets
Profile picture
Mingyu Zheng
@zmingyu
Earlier this year I transitioned from product into security. This is my #infosec story.

It all started about two years ago with the WannaCry incident (en.m.wikipedia.org/wiki/WannaCry_…). Some rando had stopped malware from spreading by buying up a domain name, and this legit blew my mind.
I thought you had to have serious 1337 chops to stop worldwide cyberattacks?? Apparently I’ve had it in me all this time?

Well that 'rando' happened to be on Twitter, and not only did he possess actual 1337 chops, but a wicked sense of humour to boot.
I’m talking about the fabulous @MalwareTechBlog of course. Shortly after that I found @malwareunicorn, who is living proof that 1337 chops and fashion can go hand in hand (come to think of it, why the heck not). Then @SwiftOnSecurity, and down the security rabbit hole I went...
Read 11 tweets
Profile picture
F-Secure
@FSecure
Introducing...

THE HUNT: A Cyber Attack in the Process Industry

#cybersecurity #thehunt

blog.f-secure.com/cyber-security…
In manufacturing...

• 86% of cyber attacks are targeted

• 66% feature hacking

• Only 34% involve malware
In manufacturing, almost half – 47 percent – of breaches involve the theft of intellectual property to gain competitive advantage.

#cybersecurity #thehunt
Read 89 tweets

Trending hashtags

#TrumpRussia #Infosec #IndivisibleTimes #Community #GCdigital #security #AltGovDaily #infosec #nowwhat #fakenews #Journalists #ReesMogg #osint #CensusFail #Security #ODSCWest #startup #Infographic #unhackthevote #digital #disinfo #DigitalAcademy #KeyBoy #Twitter #OpenEducation
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!