Profile picture
, 6 tweets, 4 min read
THREAD: some marginalia and further reading for folks who attended my #nbpy talk and would like to explore further

👇🏻
On password complexity and rotation:

- Laurie Cranor, the then-Chief Technologist for the FCC, sums up the issues with rotation: ftc.gov/news-events/bl…

- Appendix A of NIST SP 800-83B is a wonderful roundup of how to think about complexity: pages.nist.gov/800-63-3/sp800…
On issues of usability vs security:

- Sydney Dekker, _The Field Guide To Human Error_: amazon.com/Field-Guide-Un… - a must-read IMO

- @Pinboard's _What I learned Trying to Secure Congressional Campaigns: idlewords.com/2019/05/what_i…
@Pinboard On retrospective/post-mortem/pre-mortem practice, I consider John Allspaw's "infinate hows" technique to be the gold standard: kitchensoap.com/2014/11/14/the…
@Pinboard For scenarios to use in threat modeling / tabletop exercises:

- @badthingsdaily is a great source of realistic scenarios to prompt brainstorming

- For more formal data, try

a. Verizon's DBIR: enterprise.verizon.com/resources/repo…,
b. BI's Breaches Report ($$$): businessinsider.com/data-breaches-…
@Pinboard @badthingsdaily Finally, on mitigation: a framework I've found super-effective and really grown to love is @magoo's "five factors" framework: medium.com/starting-up-se…
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with jacobian

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#nbpy

More from @jacobian see all

Profile picture
jacobian
@jacobian
I'm not ashamed to admit that sometimes I miss PHP.

Over 20 years later, and still nobody's even come _close_ to PHP's ease of deployment.

This tweet brought to you by the 3 programming languages and 5 Docker images I need just to run one app.
Turns out having what I thought was a mild opinion about web app deployment was an invitation for people to yell at me, assume I'm stupid, or sell me thier Next Great Thing.

Ugh.
The thing that boggles my mind is how people just assume no nuance whatsoever. Most replies seem to think that I don't get that there are good reasons things got more complex, or that I don't know there are downsides to yolo editing in production, or etc.
Read 5 tweets

Related threads

Profile picture
darylvazmp
@darylvazmp
#Thread My Statement at @UNCTAD Trade Forum: SDGs & Climate Change.
I am honoured to be representing The Most Hon. @AndrewHolnessJM, ON, MP, Prime Minister of Ja., at this important gathering which is a necessary precursor to the United Nations Climate Action Summit which is scheduled to take place later this month at the United Nations HQ in NY.
I bring greetings on behalf of Prime Minister Holness who has asked me to commend @UNCTAD for the foresight in organizing this meeting & for the Organization’s extensive work in this area. This year is especially relevant as climate action talks gain more momentum and rightly so.
Read 53 tweets
Profile picture
GreatGameIndia
@GreatGameIndia
#Thread

It has been suggested that Private Equity firm KKR is responsible for #CafeCoffeDay founder #VGSiddhartha's suicide.

The firm has come under scanner in our research in many aspects of National Security as well.

Here is a thread on the various operations of KKR in India
As per the report MO of foreign PE firms like KKR is to borrow money from Indian Banks at 8-9% and then lend it to Indian businesses at a whopping 20-25% - the high rates of interest makes it difficult for native business to survive or remain profitable to repay the lenders.
KKR is the second largest foreign PE investor in #CCD with 6.07% (1.28 crore shares) after selling approx 4.25% in Feb 2018, making at the time 10.3%. Foreign investors together hold 22.35% stake in #CafeCoffeeDay valued at Rs 724 crore.
Read 23 tweets
Profile picture
Erica Buddington
@ericabuddington
#THREAD:

I have a former student named Stan*. I’ve been sharing his commentary on Facebook for 3 years. Folks think he’s funny. 🙄 In honor of his recent graduation, I’m going to start positing the stories here. Here’s our very first interaction, 3 years ago. 👇🏾
Stan: Ms. Buddington, you like your hair like that?

Me: Yes...why?

Stan: *walks around me, looking at my head*

Me: *confused*

(Exhibit A: 👇🏾 2016 Hair)
Stan: *goes into his notebook, scrawls something, rips a paper out and hands it to me, with a number on it*

Me: What is this?

*still confused*
Read 53 tweets
Profile picture
Saiswaroopa
@Sai_swaroopa
#Thread #Kurukshetra #Analytics #Mahabharata
Started a fun project of mine today. Recording the duels of Kurukshetra war in an excel sheet in anticipation of some interesting pattern. Watch this space for interesting tidbits. Full exercise may take quite a while
Interesting Results! #Kurukshatra #Analytics. So many duels without a declared result on Day One
Could record two general battles and 26 duels on Day One. Only 6 of those duels ended decisively. Pandava side suffered horribly in the hands of Bhishma. Uttara killed in the hands of Shalya. Saving grace being Abhimanyu countering Bhishma and winning over Brihadbala #Kurukshetra
Read 432 tweets
Profile picture
Aijay
@Hejeoma
#Thread 1. My people make una no vex about the gist I promised to drop, the damn thing is too long & too explicit. I have been working with my team of directors at 'HBO' to edit & re-shoot. lol I go do am like 'Game of thrones' & drop it in episodes cos all cant fit in 25 extra
2. tweets as given by twitter. Episode 1:
Disclaimer: The stories I tell here are factions, that is they are a mixture of facts & fiction. What is fact/fiction is only known to me, this is primarily a creative enterprise using humor & plain story-telling skills to entertain,
3. teach & learn as well from your feedback. Please, note that names & incidences do not represent actual persons or experiences. I’m only using my literary license, not motor license O! (Rated 18+) James & Joan have been married for 5 years & have two kids together.
Read 155 tweets
Profile picture
Sami Schalk
@DrSamiSchalk
Wow, that last #thread really took off. Let’s try another. I want to think with folks about how we can talk about #SurvivingRKelly outside the logic of the prison industrial complex.
Many of the people who responded to my last thread engaged in carceral logics saying some variation on “his ass should rot in jail” if not calls for his death. Are there other ways we can imagine justice, accountability and healing?
Prison abolitionist Mariame Kaba has said, as ppl raised w/ carceral logics it’s hard for us to imagine or desire alternatives. The #prisonindustrialcomplex has limited how we think about justice—even though other nations do things differently.
Read 14 tweets

Trending hashtags

#ThePlan #DigitalArmy #HinduHaterCongress #digital #AAnon #Narmada #socialmedia #FederalReserve #justice #ಅನುವಾದ #japanesehistory #battle #History #marketer #restorativejustice #schoolshouldnevergavethememail #world #ContentMarketing #BrandMarketing #corruption #RapeCulture #happynewyear #history #AlisonCastalloy #Day14
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!