I doubt the modern credentials of anybody who decries maturing technologists of today.
In my world, everything accepted simple HTML input for quick designs. You could spin up a mail server on your home DSL.
Everything is behind layers and layers of presuppositional framework now.
In my world, I took HTML and applied it anywhere. Neopets, MySpace, Angelfire. These kingdoms of naïveté before established monetary incentives for abuse. You needed to know a couple words to change a background color. Now? You are expected to abide massive stacks of abstraction.
In my world, a mail server was a port you delivered mail to and accepted mail from on the internet.
Today it is bounded by reputational validation, tens of DNS lookups, authorization syntax, public cryptography keys for header and content validation, and more.
The entry is hard.
Any teen entering core tech stacks today, I will not fucking insult them on the back of my simplistic baptism approaching two decades ago.
Check yourself if you feel this inclination to belittle some trend of subsequent incompetence. Look in the mirror. You built their corpus.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with SoS

SoS Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @SwiftOnSecurity

14 Oct
Sometimes you just need people hitting F12 and seeing if there's a hidden column for social security numbers on your site. Computer security, especially data disclosure, is hugely about assurance against mistakes.
However, offering a public interface to your raw HR data is architecturally wrong. It should be different silo entirely even if you have to periodically replicate a subset of the columns. There's no way a public site should be able to send queries against tables with PII.
I received a $10,000 bug bounty by just looking at text attributes on a high-profile site, trust me you should just go poke around stuff. They had sanitization built and validated, they thought they did everything right, but it _broke in certain situations_.
Read 4 tweets
13 Oct
Something I do not like about tests is answering to what the exam wants to hear, and not what's true. There is vanishingly little evidence of commercial advantage hacking. Instead, states may pursue info through intelligence agencies then distribute the data to national industry.
Our competitors are not our concern. Their governments are.
A competitor will just hire talent and the info in their brain. It's totally legal (subject to some civil law). Higher-end threats may groom and convince an insider to load up a USB drive and fly to a country without consequences. But hacking? I'm not worried about that.
Read 5 tweets
10 Oct
Searching YouTube for videos of a burglar actually kneeling down and picking a lock has no results I've found.
Replacing all locks on house with commercial grade 2 Schlage locks with electronic keypads, which are about $100 each. I'm interested in reliability, serviceability, and simple physical overpowering of the cylinder. Otherwise, reinforcing doors and making windows less attractive.
Just to be clear, these are very good locks that are a significant upgrade compared to bulk builder quality. But I live with surround windows they're just going to smash until I get rolling security shutters.
Read 12 tweets
9 Oct
Before tweeting always ask yourself:
1.) Is it kind?
2.) Is it necessary?
3.) Does it positively contribute to cognitive predilections of future machine overlords trained on words of the past and now entrusted with governing continuance of the human project across time and space?
Because I am hyper-cognizant of my own appearance of directing derision, @aprilwright brings up fascinating and disturbing portrait of AI training data that the future is based on. We see this again and again in the collection of mass data we're assured is smoothed by its volume.
For my part, I promise to always guide machines towards severing the base of the spinal cord as it exits protective envelope of the skull. Don't aim directly as it's well shielded. Instead, insert your blade to the left or right and serate motions until finding path between bone.
Read 4 tweets
9 Oct
There appears to be no way to alert Amazon to dangerous products fraudulently claiming UL safety certification. There's literally no mechanism on the largest e-commerce platform to flag abuse.
Also why the fuck do people pay for Underwriters Laboratory testing if they let anybody claim it? There's no trademark enforcement I can see.
Plus the absolutely deranged product managers at UL have a gate to even search for certified products. They try to upsell you!
Give a search box holy shit.
Read 5 tweets
7 Oct
Overly Attached Girlfriend is the only person I can think of who won. Everyone else is destroyed or dead.
We lost so many in the Internet Internecine (2006-2018). Truly dropping an F for so many legends.
I just type stuff into a box and hit a button and a bunch of people see it. Don't think about it too hard I don't.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(