Share this page!

SwiftOnSecurity (Taylor's Version) Profile picture
Twitter logo
13 Nov, 6 tweets, 3 min read
In 1988, two men sit in a room. One of them is cryptographer Bob Morris, the father of Robert Morris, who had just released the first Internet worm.

"A line had been crossed and the world we inhabited had changed."

(@johnmccumber, Assessing&Managing Security Risk in IT Systems)
Book excerpt: "In 1988, a young graduate student at Cornell University released the first destructive Internet worm. Late one night in November of that year, it crashed thousands of connected computer systems and startled computer administrators and government officials alike."🧵
"Shortly after that incident, I learned about it from my supervisor, who was also this young man’s father. As I sat with Bob Morris in his office that early morning, he motioned me to shut the door so he could try to get away with smoking in the government office building."
"He always got caught, but he fought the rules anyway. After I returned to the side chair, he spoke for a few minutes about his mixed feelings of filial pride and parental frustration. But after only a few comments, we both found ourselves lost in personal reflection."
"Bob Morris slowly twirled the unfiltered cigarette in his nicotine-stained fingers and stared at the smoke rising from the end. We were both aware a line had been crossed and the world we inhabited had changed."

Author: @johnmccumber
Book: google.com/books/edition/…
Further parts of the foreword are illuminating on how obscure InfoSec was in early days, even before the term existed.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with SwiftOnSecurity (Taylor's Version)

SwiftOnSecurity (Taylor's Version) Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @SwiftOnSecurity

SwiftOnSecurity (Taylor's Version) Profile picture
8 Nov
On technical communication:
The authority of the sender and the mental capability of the recipient are irrelevant.
Communication is to achieve results. If it is not succeeding, the communication and environment should be changed until it does. Anything else is whining.
I worked in Helpdesk. I've written communications to a thousand people asking them to do something in their own interest. When that didn't happen, I sat and stewed and left them to their fate.
That also achieved nothing. Value judgements are pointless. Find out how to get results
Communication is its own form of hacking. You find out what the recipient responds to, makes time for, and then is convinced to act on.
This is often simpler and dumber and without the detail you think it expects. In fact, leaving stuff out is often critical. Find out how to win.
Read 4 tweets
SwiftOnSecurity (Taylor's Version) Profile picture
3 Nov
ADEPT-LEVEL IT TROUBLESHOOTING:
In this series, I will lay concepts and processes for ascertaining technical causes of IT failures and outages.
🎖I am a Microsoft MVP in Windows management, worked 10 years in Helpdesk and System Engineering, and now work as an F500 Security IC.
⭐️LESSON 1: EXECUTION CONTEXT
You initiate a process that should work. But it seems like it can't access what it needs. For example, you make a machine login script on a network share, but logs access denied. Or, you launch a process, and the target you have access to can't open.
A critical, advanced IT troubleshooting concept is understanding _execution context_.
You see a machine with everything on one screen. Diagnostic tool or another tool should have same experience as other apps, right? If you can access file, everything else should? No.
Explained:
Read 24 tweets
SwiftOnSecurity (Taylor's Version) Profile picture
2 Nov
Please note I am a real person I have met @hacks4pancakes multiple times and been to @tarah + @deviantollam's house.
Just to be clear Tarah was there I did not break in.
The emplaced gun turrets were a nice touch props to @deviantollam tho
Read 7 tweets
SwiftOnSecurity (Taylor's Version) Profile picture
2 Nov
Not everything can be captured on phone cameras (40D 70-200 f/2.8) Car windshield in rain show...
Note the 40D is a DSLR from 2007, over 14 years ago.
Your prosumer camera and even lower-tier lenses were unimaginable when I was getting into photography. Image
The biggest advancement in sensors in my mind has been low-light performance. It's just unimaginable how clear night photography has become. This was as good as I could get it in 2009. (South Silicon Valley as seen from turnoff near Lick Observatory, 40D 24-105 f/4) Image
Read 5 tweets
SwiftOnSecurity (Taylor's Version) Profile picture
27 Oct
If you are junior IT in small to medium biz, isolated, caring about critical security issues you learn about daily as you expand your knowledge — I've been right the fuck exactly where you are. Years isolated, stewing in humiliation.

Here's what I learned the hardest way, alone:
1.) It is naively admirable to identify yourself and take personal stake in security of your employer's network. It sounds like a way to establish personal investment in the success of a project.
But it's a false idol. Be passionate on aims, but not occlusive in career scope.
Sidebar: Power is restraint.
Technical command of a subject – ability to speak authoritatively to others – is not itself correctness or effectiveness. Biting your tongue is not weakness.
It's strategy. Only you know your mind. Choosing not to strike rhetorically is discipline.
Read 4 tweets
SwiftOnSecurity (Taylor's Version) Profile picture
26 Oct
I'm part of an IT architecture task force guiding business units and vendors in our supply chain.
The cyber requirements we write 90% __do not require specialized InfoSec skills__. They require IT staff with competency in their tools, provided resources and management backing.
If you work in IT and work to work in InfoSec, congratulations, you start today. Understand your tools, their security implications and guidelines, and how to integrate that into your architecture. That's what Security is.
"Who makes sure the bridge doesn't fall down?"
The person who designs it.
Sure there's other checks and changes during building and inspections and service expectations, but it's the designer. Not the Bridge-Don't-Fall-Down Department.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @SwiftOnSecurity has new unrolls!

Check out other threads from @SwiftOnSecurity!

Read all threads by @SwiftOnSecurity

:(