Are we doing enough to protect our data? Are we responsible for our data being collected and used? Is it bad to depend on big tech?
🧵⬇️
Everyone has some amount of awareness, on a scale of little to lots, about how our data is collected and used by the technology we use.
Yes, even the least tech-savvy people. They know that passwords can be stored, they like the ads they see, and map apps require location.
Then there's the other side, with tech and infosec professionals. We talk about data privacy and security and protect data for a living. What are we doing in our personal lives? Are we implementing what we know? Are we able to teach others how to protect their data?
Bottom line: Big tech is collecting our data everywhere. What can we do, whether as average users or tech professionals?
And should we feel bad for continuing to utilize big tech when we know how much of our data it collects, analyzes, uses, and sells?
The answer, in short, is how could we? How could any of us fight big tech?
These are companies dealing with billions of dollars, with the sole purposes of making money, and users already within their grasps due to convenience and what everyone already owns.
Should we all be self-hosting, using little-known (to average users) browsers and search engines, and trading in smartphones for burners?
While the result of those actions isn't actually being off the grid, it's pretty darn close in today's age.
We're used to having smartphones. We're used to having help navigating when we're already out and didn't print out directions (whose search queries & results would have been saved anyway).
Expecting people to have the knowledge & resources to self-host? Yea, not a good solution.
Again, should professionals in the field at least be able to do all this?
NO.
It's unrealistic on all accounts- time, money, convenience, space.
And this is exactly why we all use big tech. It's how the things we do are possible. If we all had to provide tech services for ourselves, frankly we wouldn't have the internet.
Should we be expected to trade living in society for privacy?
The point is that privacy is barely accessible today, even for infosec professionals.
No one, at all, should feel bad about not being able to fight big tech. That's why it's called big tech. That's why everyone, toddlers to grandparents, know big tech names.
Do your best with what you can (this includes energy and mental capacity levels), but don't feel like you're letting yourself down by not beating big tech. It's not possible.
If small and mid-sized companies can’t even compete with big tech, how are we expecting ourselves as individuals to?
• • •
Missing some Tweet in this thread? You can try to
force a refresh
This will be an evolving 🧵 of commands I learn about today and the resources used ⬇️
1. awk
awk is used for text manipulation within the command line.
A common use is specifying what kind of information you want to pull from a file or command output.
Example:
The who command returns currently logged in users of the system, as well as other information. What if we only wanted to see the users, without extra information? We could use awk like this, knowing the user is the first parameter in who output:
Interview advice for people getting into tech 🧵 ⬇️
1. Know main points about the company.
When interviewing all around, this can be hard. But know the main things. Does it make a product? Know what the product is and does. Does the company have a specialty expertise? Know what it is. This is a simple first hurdle to prepare for.
2. Know how to sell yourself.
Interviews often start with “tell me about yourself”. Know your strengths. Know your accomplishments. Know your passions. Know what you’re interested in (multiple things is okay, esp when you’re earlier career!). Be able to be concise & to expand.
Something that doesn’t rely on a reactive response to finding susceptibilities. It’s not realistic for users, and it’s a race for groups against their adversaries.
In fact, I’ve been told that being a technical lead too early (despite being qualified and requested for the position) would make others question if I actually had the technical chops.
That being a TECHNICAL lead would make people question my TECHNICAL abilities.
Male colleagues with my same experience had become technical leads no problem.
If a woman is a technical lead and you assume she’s just leading because she doesn’t have the technical abilities, and you don’t think the same of dudes, that is a YOU problem. Not a me problem.
Things not (normally) taught in computer science curriculums that should be included, a 🧵 ⬇️
1. Secure coding
Not just taking off points when students submit code with security flaws, but proactively teaching why certain practices will provide said flaws. Help them recognize insecure coding practices. Understanding security is a critical aspect of sw engineering.
2. Documentation
Comments may be required in code for beginning level classes but they’re even more important in later classes where code gets complicated and single characters can change code’s ability. This is esp important when students may just be taking shots at solutions.