Share this page!

matt blaze Profile picture
Twitter logo
Jan 22 4 tweets 1 min read
I wonder what the people who think we shouldn't talk about vulnerabilities in election hardware and software think we should do. Do they think everyone should just shut up about it and hope for the best?
So much of the attitude still present in some circles about voting security reminds me of computer security in the mid 90's, when vendors routinely attacked and threatened people who found and reported security bugs. It didn't work then, and it doesn't work now.
Computer security has grown up since then. It now celebrates discovery and discussion of vulnerabilities (and ways to eliminate them) as essential parts of the software life cycle. Our infrastructure is far more robust because of this.

Voting vendors can learn something here.
It frankly amazes me that we even have to say this in 2022.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with matt blaze

matt blaze Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @mattblaze

matt blaze Profile picture
Jan 18
covidtests.gov seems to be semi-live (sometimes it says ordering starts tomorrow, other times it links to the order page).

It seems to be uneven about how it handles apartment buildings, with some people being rejected if someone else in the same building also ordered.
Apparently you’re supposed to be able to order 4 free rapid (antigen) tests per household. That’s definitely better than nothing, but also clearly insufficient without sustained additional test distribution.
The current 4-per-address scheme makes the most sense as a strategy for ensuring that households have tests on hand for people who develop symptoms, as opposed to as part of a routine testing regime.
Read 9 tweets
matt blaze Profile picture
Jan 16
TIL that (possibly) the first (civilian) college course in cryptography was taught in 1941 my alma mater, @Hunter_College. Whether it was actually the first such course is a good question, but this is fascinating in any case. nytimes.com/1941/09/28/arc…
@Hunter_College Hunter was, at the time, a women-only college focused on training teachers (though this course, in the evening session, may have also been open to men). The instructor was a locally famous architect, Rosario Candela, who had recently successfully broken a french military cipher.
@Hunter_College The NYT archive is unfortunately paywalled, but everything in the article is amazing.
Read 5 tweets
matt blaze Profile picture
Jan 15
Preventing these kinds of attacks is a practical application of small Faraday containers. See mattblaze.org/blog/faraday
I understand the convenience of these key fobs, but the manufacturers really should equip them with a hard off switch (which would be cheaper and simpler than needing to store them in a shielded container).
And before you say "this only affects rich people with fancy cars", this kind of technology makes it way into cheap cars very quickly. It's like saying "look at the fancy car with AIR CONDITIONING".

The rich people with fancy cars are debugging this for the rest of us.
Read 4 tweets
matt blaze Profile picture
Jan 13
I'm not going to give more O2 to that dreadful voting article that came out the other day. But I will say that "don't find things out or tell other people about them because bad people might misinterpret them out of context" is a weird premise for a journalist to start from.
Anyway, as a scientist and academic, I'm committed to the value of finding things out and telling others about them, even when they're complicated, subject to disingenuous misinterpretation, or inconvenient.
I also take pains to try to put my work in context, but that doesn't always survive sloppy malicious compression into soundbites.
Read 5 tweets
matt blaze Profile picture
Jan 10
Been playing the "enter your grades" video game and I'm really tired of feeding quarters into this machines.
It looks really simple. I just have to shoot the correct grade into each student's space ship before any of them reach the bottom of the screen.
In all seriousness, while the mechanics of grading (and the need to make hard decisions) indeed sucks, I've really been enjoying reading these papers over the last few weeks. I've learned a lot, some of which will definitely get incorporated into future classes.
Read 4 tweets
matt blaze Profile picture
Jan 4
I wish I understood election security as well as random people on Twitter do.
According to the replies, people would like me if only I smiled more.
People with recently created accounts, few followers, and no obvious existence outside this web site sure do have strong opinions about how I should improve myself.
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @mattblaze has new unrolls!

Check out other threads from @mattblaze!

Read all threads by @mattblaze

:(