I want to share something important I learned thru the process of producing NFTs with my partner @0xBanana over the past months

I had a valuable realization stemming from the creation of new things of uncertain value & shipping them to buyers

This is for the #infosec crowd

1/8
Creating art which is then roundly enjoyed by others has helped me with perfectionism.

Intellectually, I know that ‘perfect is the enemy of good’.

Unfortunately, my standards for my own work are often far too high to encourage incremental progress & learning in public.

2/8
Part of the reason why I feel that way is because the security community is so frequently negatively judging. As this is the community I joined from a young age, it has molded my behavior to be far too constrained & limited — in direct opposition to the hacker ethos.

3/8
Judging the work of oneself & others to an extremely high (& often unattainable) standard reduces the likelihood that people in a given community will produce original work for the benefit of said community by releasing it publicly — even when such efforts are sorely needed

4/8
The community essentially molded my behavior to the point where I have refused to release original work in the security space.

Meaning: useful code/scripts. Methodologies. Process improvements. Updates to the state of the art in information security. Incremental progress.

3/8
I haven’t always felt the things I’ve created have been good enough to stand up to the intense scrutiny which comes from both being a woman and a human in this space — and even if they were, I wanted to avoid the minutiae of the forced and oft-entitled/angry peer review.

4/8
Through the work and culture of infosec, I’ve developed an extremely keen eye for mistakes, errors, and systematic problems — and often fail to state how much I appreciate the value of someone’s work before criticizing it.

5/8
Yet what I’ve helped make has received so much kudos, & the process of making them has been so enjoyable & validating, that I feel I am “good enough” to release artwork for public sale & consumption under my own name — even if not at the level of a Kandinsky or Warhol.

6/8
Seeing the support and kindness people make the effort to express in the #NFTcommunity (within certain communities on Discord especially, shout-out to @itskay_k) has repeatedly shown me that there is another way, and not everyone is like this outside our weird little bubble.

7/8
I’d love for the infosec community to recognize how our overly-critical reactions to the work of others is often the opposite of encouragement, even if well-intentioned, and reduces opportunities for us to effectively learn from each other to improve our craft & culture ❤️

8/8

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Jackie 

Jackie  Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @hackingbutlegal

25 Sep
People who cheat & steal harm the rest of us through their actions. These “bad apples” who act in their own self-interest above the common interest tend to rely on secrecy and obfuscation in order to commit their misdeeds.

Open ledgers are hedges against corruption.
One can have privacy without secrecy. This is the model being tested in cryptocurrency now.

If you’re interested in learning about some avant-garde technical work, check out the work done by various groups to advance the concept of Decentralized Autonomous Organizations (DAOs).
It would be really cool to establish HackerDAO. I’ve given it a lot of thought, but ultimately I don’t think that it is an ‘idea whose time has come’ for the majority of folks who follow me. These ideas take time to percolate, and DAOs are still a very niche idea at present.
Read 4 tweets
2 Sep
Have you ever wanted to drop out of infosec and become your own defensive consultant? Learn from us and our mistakes.

Some things @0xBanana and I learned running our first startup, a boutique cybersecurity consultancy 2018-2020.

A thread🧵

1/
Having lots of enterprise contacts will only get you so far.

Lg corps who have interesting infosec problems to solve typically won't hire a small consultancy unless they have a decent assurance the risk of doing so is low, and the value which will be gained will be high.

2/
Small to mid-size corps have much, much less interesting infosec problems to solve.

In this category, orgs who happen to have a budget with which to hire infosec mostly need product-focused security engineering support, and some nascent devsecops capability.

3/
Read 44 tweets
1 Sep
Australia just passed a nasty surveillance bill:

“When presented with such warrant […] Australian companies, system administrators etc. must comply, and actively help the police to modify, add, copy, or delete the data of a person under investigation”

tutanota.com/blog/posts/aus…
Politicians said the bill is intended to fight child exploitation (CSAM) and terrorism.

However, the bill enables law enforcement to investigate any "serious Commonwealth offence" or "serious State offence that has a federal aspect".
This wording enables the police to “investigate” any offense which is punishable by imprisonment of at least three years, including:

terrorism
sharing child abuse material
violence
acts of piracy (!!!!!)
bankruptcy
company violations
tax evasion
Read 4 tweets
31 Aug
This.

Despite all of the “intractable” problems we seem to have, for at least half of these, money gathered in service of our country and Her people, allocated carefully, is the solution.

Raising taxes on the top 1-10% helps solve this.

1/
Republicans refuse to participate in increasing taxation while claiming to be the party of limited government as justification. Excuse me, that ship sailed long ago.

For neocons, or whatever the GOP even are anymore, a small government is no longer a priority.

2/
The main priority of the GOP leadership (and a few Dem leadership as well), based solely on their actions, appears to be the acquisition & maintenance of power for power’s sake. In politics, money drives the machine, so they’ll do whatever is needed to keep it coming in.

3/
Read 7 tweets
8 Aug
Just recieved what looks a lot like a phishing email, suggesting I am now registered for a COVID test on August 12

Uses the branding of a legit medical facility (in roughly my geo area), from a gmail account with the facility’s legit info@ as the reply-to

Let’s investigate ⬇️
Here's the email. Pretty convincing, right? I have removed a couple of details for OPSEC purposes.

But is there anything particularly sinister about this email? Did it include a tracking pixel? Any bad links?
Let's download the message as an .eml file from Gmail. We do this directly from the message's context menu.

This will provide us the complete headers and allow us to further analyze the message.
Read 37 tweets
27 Dec 20
Current status
Very important dinner update
Apparently if it’s a GIF made from an iOS Live Photo, Twitter downscales to oblivion
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(