Many many tweeters who think Parler is down because of App Store removal, and also that that somehow violates their 1st Amendment rights.
Clarification: both of those things are untrue.
Removing an app from the store simply makes it unavailable to download or update. The first amendment protects Americans from government suppression of free speech. Thank you for coming to my TED talk.
Twitter could change its TOS to ban all mention of pancakes, and promptly ban me for no other offense.
(Also, I think Parler probably need to wake up their server and network admins.)
• • •
Missing some Tweet in this thread? You can try to
force a refresh
I am so tired of conspiracy theories about 1) Nationwide blackouts 2) Nationwide internet takedowns
It's like suggesting somebody is going to simultaneously unscrew every screw of varying sizes and types in your home.
Neither of those things is happening in modern times without a nuke or an asteroid.
Also, the "national blackout" wet dream conspiracy theory is about the lamest one I can possibly think of - grow some post-apocalyptic creativity. Places all over the world do fine with unstable power. I think of 11 more interesting ways to destroy civilization by breakfast.
We live in wild times. Absolutely unbelievable, what’s happened in the span of one week. So much precedent being set, too.
I find the Parler takedown especially fascinating. Yes, there’s schadenfreude because many awful humans are using it to hurt people, but it is also a glimpse into all the logistical and technical elements that make a modern social site “go”, who can cut them off, and how fast.
We watch malware site and infrastructure takedowns all the time, but those are often LEO backed and not normally like, web presences with MFA and legitimate payment processing.
I would pay very serious and close attention to Mr. Nance. He is an eminently credible expert and I trust his judgement. Review your physical security plans at offices and data centers.
The safety and security of your people comes first. How are they protected, and how can they be rapidly evacuated or shelter safely in place? Have they recently drilled fire and active shooter scenarios? Is it essential they be on site?
After that, consider your disaster recovery, data security, and redundancy planning specific to physical attacks. What happens if there is major damage to a single data center or its links? Have these plans been reviewed and adjusted since the pandemic impacted operations?
It's going to be really... interesting to research and report vulns to voting machine companies after one has been pushed into pursuing a *1.3 billion dollar* defamation case. Hopefully security researchers can maintain their good relationships with them.
Can imagine that figure scaring some folks off, especially inexperienced ones not backed by corporate lawyers. Particularly in cases where there's no or poor response to private disclosure.
(They are well within their rights to sue, of course - if I haven't made that abundantly clear)
It’s challenging to try to explain to liberal and libertarian, privileged baby boomers who are not already activists why gen x, millennials, gen z are arguing for what they perceive as very extreme political and social change. Healthcare, college debt relief, or social justice...
Until I started having conversations with otherwise sensible older people who are center-left and do support things like gay marriage, I didn’t realize how much of a disconnect and blind spot there is. A lot of my 20s-40s friends are in serious perpetual debt with no healthcare..
Economically, structurally, and socially people’s lives have changed a lot in the past fifty years...
Just a reminder that you can’t build a successful threat hunting program to detect the APT indicators everyone is posting unless you actually build the capacity to threat hunt - which had prerequisites, like understanding your environment and building collections of log sources.
Otherwise you’re just throwing pasta at the wall and hoping something will stick, and you don’t know if it means anything if it doesn’t.
Actual serious threat hunting: 1) Builds upon reasonably mature security monitoring capability 2) Requires actual well though out hypotheses about what an adversary might be doing in your environment based on architecture, Intel, Crown Jewels