Share this page!

Robᵉʳᵗ Graham Profile picture
Twitter logo
29 Dec 21, 4 tweets, 2 min read
Soooooo .... I get trapped into fact checking things, so here goes:

Many of Romney's grandchildren are from adoption, in vitro fertilization, and surrogacy.
Here's grandkids born via surrogate:
Here's adopted grandkid:
I click on the trending item, and see the expect toxic spew of twitter. So naturally I start looking for facts. He's got 5 kids, at least 24 grandkids, and no greatgrandkids. Image

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Robᵉʳᵗ Graham

Robᵉʳᵗ Graham Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @ErrataRob

Robᵉʳᵗ Graham Profile picture
31 Dec 21
Missouri state government computers were making the SSN#s of teachers public. The governor is responding prosecuting the expert and reporter who notified them of the problem. The cybersecurity community is outraged by this.

What gets lost in this discussion is what the law says. Image
Obviously, everyone should be outraged when a well-meaning whistleblower pointing out government incompetence is then prosecuted by the embarrassed government. You don't need to be a computer scientist to understand the problem here.
Such "disclosure" of vulnerabilities is a standard practice in cybersecurity. Outsiders pointing out problems is pretty much the only way cybersecurity improves -- something that has been known since the late 1800s. So we are especially offended by this.
Read 12 tweets
Robᵉʳᵗ Graham Profile picture
29 Dec 21
1/ I've been trying to stalk my parents since Christmas Eve using an AirTag. My dad finally got an alert on the phone. There are many things that'll prevent the generation of such alerts. Image
2/ For one thing, the tag has to keep moving. When you leave it sit for too long, it turns off. There's no reason to keep updating it's location if its location isn't changing, so it conserve power.
3/ Thus, if stalkers attach it to a car, and the car spends most of its time parked, then the stalkee may not get alerts on their phone.
Read 6 tweets
Robᵉʳᵗ Graham Profile picture
29 Dec 21
Napster is not still a thing.
Napster was a peer-to-peer music theft program 20 years ago.
Then somebody bought the brand name and used it to describe a completely different music streaming service.
BitTorrent is still a thing.
People respond to this thread claiming Napster is still a thing. It really isn't. As Wikipedia documents, somebody simply bought the name and stuck it on a different music streaming product.
Read 5 tweets
Robᵉʳᵗ Graham Profile picture
27 Dec 21
Visiting my parents over the holidays, I of course hid an Apple AirTag in their car to track their movements. My parents are frequently the targets of my various hacking experiments, in this case, AirTag stalking.
I'm trying to estimate how well Apple's anti-stalking features will work, such as the AirTag beeping when it's out of range, or iPhone owners getting a notification on their phones that a suspicious AirTag is nearby.
So far, no conclusions. However, I did have to tell them they are being stalked, so that they don't get surprised and swerve off the road when a strange beeping starts in the backseat of their car.
Read 4 tweets
Robᵉʳᵗ Graham Profile picture
26 Dec 21
So many misconceptions in this story:
1. log4j wasn't a software development issue
2. CEOs aren't going to help you solve the problem
3. the problem doesn't need government help
cnn.com/2021/12/23/pol…
The log4j vulnerability wasn't an accidental bug, but a deliberate feature. Trying to apply heavy-weight secure software development practices would require 10x as many engineers and still would let problems like this slip through.
It's not "process" but "clue" that was missing. You could bring your engineers together for weeks of "threat modeling", but unless an engineer had a clue about how injection vulnerabilities work, or how JNDI works, you aren't going to get anywhere.
Read 8 tweets
Robᵉʳᵗ Graham Profile picture
22 Dec 21
Well, yes, because web3 proponents are wrong so of course people who are right are going to repeat the same things, like “not actually decentralized”.
You keep saying things like “owning NFTS”. Uh there no ownership involved, at least not without the involvement of real work governments and real world police.
Most NFTs point to URLs on a website and not to anything decentralized. Opeansea NFTs are basic fraud, for example, which is why they are regularly censored.
Read 10 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @ErrataRob has new unrolls!

Check out other threads from @ErrataRob!

Read all threads by @ErrataRob

:(