Share this page!

Robᵉʳᵗ Graham😷, provocateur Profile picture
Twitter logo
25 Jun, 10 tweets, 2 min read
Companies should support BYOB allowing employees to use personal devices, especially phones and laptops, for work. Only REALLY sensitive things need to be segregated, like admins who can destroy the company with ransomware.
In other words, even from a cybersecurity perspective, companies need to be tolerant of the fact that they cannot control employee devices.
I say this first before pointing out that employees need to keep work and private life separate. It's not for the company's sake, it's for your own sake. Your should have a separate email account (like Gmail.com or Outlook.com) for private stuff.
Storing stuff on work computers incurs a LOT of risk. For example, when the company gets sued, they'll come in and image your desktop and give the image to the opposing lawyers as part of "discovery".
Or maybe a pandemic hits and they suddenly have to layoff a bunch of people and shove you out the door before you can copy off all those personal files.
I bring up porn in the top example because it illustrates the point. YOUR IT DEPARTMENT IS SICK OF SEEING ALL YOUR PORN. They are especially sick of seeing porn from the top executives. Really sick and tired.
The reason the I.T. nerds don't look you in the eye at the company Christmas party isn't because they are shy, it's because they are embarrassed by what they know about you.
Your personal information leaks all over the corporate network and server storage. Even when it's not porn, it's a lot of personal crap that IT would simply rather not be looking at.
And they have to. Even with encryption, IT has to do it's best to eavesdrop on what's going on in order to monitor for hacker activity. They are thus monitoring your activity far more than you realize -- not you, so much, as your machine in case it's hacked.
Bah, I mean BYOD up above, not BYOB. Companies have to support "bring your own device" because it's impractical forcing things like corporate phones on people.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Robᵉʳᵗ Graham😷, provocateur

Robᵉʳᵗ Graham😷, provocateur Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @ErrataRob

Robᵉʳᵗ Graham😷, provocateur Profile picture
25 Jun
#1 McAfee was never the face of cybersecurity
#2 he struggled with addictions long before he created his anti-virus program
McAfee disappeared from the hacking/infosec scene in 1994 when he was pushed out of his own company after it went public.

It reappeared in 2013 after he was pushed out of Belize because of a murder investigation. Every serious person knew not to take him seriously.
It's hard for me to call him a "charlatan" because nobody serious took him seriously. He was instead very fun and entertaining.
Read 8 tweets
Robᵉʳᵗ Graham😷, provocateur Profile picture
24 Jun
Q: What is a TPM?

Microsoft announced Windows 11 will requirement one, so what is it, and why do you need it?
A: A type of cryptographic vault. It stores (and validates) cryptographic keys on an impenetrable* chip. Even if somebody steals your device, they can't recover the keys.
It's roughly the same thing as the chip on your credit card, Historically, credit cards simply used a long number that could be read from the front of the card, or read from the magnetic strip on the back....
Read 20 tweets
Robᵉʳᵗ Graham😷, provocateur Profile picture
23 Jun
Analogies comparing "economics" and "cybersecurity" usually understand neither.

That's demonstrated in the item below using economics concept "market for lemons".
The report this article refers to is below, as is the Wikipedia article on economics principle.
debatesecurity.com/downloads/Cybe…
en.wikipedia.org/wiki/The_Marke…
"Information asymmetry", the fact the sellers know more than buyers, but it's an issue for ALL buyers/sellers.

The "market for lemons" describes one case of this overall issue, with specific criteria. Image
Read 11 tweets
Robᵉʳᵗ Graham😷, provocateur Profile picture
16 Jun
It's amazing how clueless people are. In this case, the person is clueless about both Section 230 and Libertarians. Section 230 doesn't say what this person thinks, and there's no way Libertarians support the "speech" policies this person wants.
Everybody suggesting a change to Section 230 doesn't understand Section 230. It's weird how common this is. It's because they don't care what it currently says -- only what it might make it say in the future.
And the thing they want it to say in the future is something something suppress speech they don't like and something something promote speech they do like.
Read 6 tweets
Robᵉʳᵗ Graham😷, provocateur Profile picture
13 Jun
I decided yesterday to spend this weekend writing a regular-expression library in C. How's your weekend going?
I want multiple pattern matching for lex grammar parsing, packet parsing, intrusion-detection, and IoC recognition. None of the libraries out there do a good job for this.
The "regular" in "regular-expression" means parsing them is real easy, just read characters left to right. It's actually easier to write code to implement them than it is to use them.
Read 4 tweets
Robᵉʳᵗ Graham😷, provocateur Profile picture
9 Jun
Repeat after me: ransomware is not about perimeter security, it's about how they were able to spread internally after the perimeter breach.
For decades, we've been preaching "cybersecurity is not just about the perimeter", yet every time our community is tested, we fall back to "it's just the perimeter". We've been lying this entire time.
The #1 reason ransomware has such a devastating impact is because we put all our security eggs in the Active Directory basket, then the hacker gets Domain Admin, and the game is over.
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @ErrataRob has new unrolls!

Check out other threads from @ErrataRob!

Read all threads by @ErrataRob

:(