Let's talk apathy for a moment. We bemoan users for it. We see the issue with it, yet as #infosec folks who know better, we participate in it. I've been seeing this trend in our community. It was particularly visible when the TikTok privacy concerns were brought to light. 1/
On one extreme, you had those that over-reacted and sensationalized it, agreed. But on the other, you had this weird reaction of "Well it's no worse than what FB, Twitter, and others do." I have two issues with this response. First, it flippantly and irresponsibly 2/
dismisses the unique nature of what and how they gathered the info. Second, since when to we as security folks say "Well everyone's doing it so don't worry about it"? I'm seeing this occurring more and more every time there is news of a privacy breach. I'm even starting to 3/
see it in official communications for orgs who used to be champions of privacy. Look I get it, it's exhausting and overwhelming. So much news of this every day. But are we in security just giving up? WTH? #DoBetterBeBetter /FIN
โข โข โข
Missing some Tweet in this thread? You can try to
force a refresh
I've been dwelling on this response from @specterops' @jasonjfrank and whether to respond further. Considering some of the factors you're about to read, you'll see why I chose to take this point by point.
It'll be a thread since I refuse to pay the #MuskRansom.
1/
Let's talk first about the supposed out reach to many diverse speakers. I mean I freaking called it that the "pipeline" excuse would be the first response in my post and you STILL came at us with that response? If you couldn't find a single non-male non-white human,
2/
who could "make it" you weren't trying very hard. This is the lazy excuse we see from conferences and other events time and again when they pull this and it's so tired and phony.
3/
I'm not sorry I didn't live up to your expectations, those were, after all, yours not mine. I never claimed to be perfect, super human, or even a good person. I try to be all those things but I know I am not. 1/
Look, I can be selfish sometimes, I can be an a$$hole, I can be cruel and mean, and I can be hurtful. I make mistakes, I say and do dumb things, I make other people cry sometimes. It's part of being human, which I am. 2/
So what are my expectations of myself?
1. I expect myself to be self aware. I know I will make mistakes, I know I will do things I don't like, but my expectation is that when I do those things I can take a step back and analyze how I could have done better. 3/
OK I said I wasn't going to do this but I guess I am, so here goes and if I left you off, I'm sorry, please know I love you and it was just an omission. Some amazing women doing amazing things that I want to recognize on #IWD2022. A ๐งต
@DeweyRitten my partner, pushing me to learn and grow, and conquer @LilMzMuffinCup amazing woman who inspires me @virulentvalor proving every day what force she is @invertedgeek an honor to watch your career launch @gabsmashh the most intelligent human I know
@CISAJen overcoming BS to make CISA great @BentleyAudrey beautiful woman whose always got my back @aprilwright another amazingly talented and intelligent friend @shehackspurple my appsec buddy doing amazing work to help others @ki_twyce_ a constant source of inspiration
Let me explain something. Cybe_rpunkfixer (subject of the original thread) attacked @gabsmashh, Ian Coldwater, myself and numerous other women. So calling me a troll and us a "mob" is an attack on us and a defense of an epic misogynist.
Cybe_rpunkfixer has been banned under multiple accounts, for his harassment. Jonathan defends him as a victim. Jonathan still, inconceivably, has an audience that are unaware of how phony and toxic he is. So calling it out, I hope helps them to see that so they don't
2/
get sucked in and taken advantage of by a known bad actor in our midst. So instead of saying ignore him and he'll go away, understand he hasn't gone away. He's carefully groomed an audience, duped many (including mainstream media) and is doing active damage to
3/
No joke I still remember the exact details. That was the day I started my first salaried job as a programmer. I had no degree (I was enrolled in a Computer Science program at Marquette University), no real documented dev experience.
/1
All of what I knew of programming was self-taught and a little theory from my course work that I had only just begun that semester. BASIC, Visual C++, and a little bit of VB.
I got hired to write code for a home banking and billpay application. It was the dot com era.
/2
Programmers were in high demand. The company that hired me provided banking software as a service (we called it a service bureau back then) to banks across the country. Consumers nationwide relied on the systems I maintained to manage their accounts and to pay their bills.
/3
I don't come from money. Growing up, we weren't poor, but near the bottom of the 80's middle class. I always dreamed of being in a better financial position than my parents, but swore I wouldn't forget where I came from.
1/
My first child (of 3) came when I was 17. Married at 21, I lived through nearly two decades of overdrawn bank accounts, maxed out credit cards, collection calls and threats of lawsuits.
Ultimately, we were fortunate. Never had a night where I couldn't scrounge
2/
something together for dinner. I have my family to thank for much of that.
So why I am I giving you this walk through Alyssa's past? Well because now in my 40's I'm in a position that I dreamed of as a child. Financially, while not rich by today's standards, I am in
3/