everybody deserves good security.
see also: @firstname.lastname@example.org
Nov 2 • 8 tweets • 3 min read
Hot on the heels of #ChatControl and in the name of “identity” and “consumer choice” the EU seeks the ability to undetectably spy on HTTPS communication; 300+ experts say “no” to #Article45 of #eIDAS #QWAC alecmuffett.com/article/108139
If you would like to see more discussion regarding:
Regulation: EU Digital Identity Framework — including #eIDAS and #QWAC
Could be the attached, but my suspicion is that this is going to be another CYBER! DARKWEB! CYB3R! SYBER! CAMBRIDGE ANALYTICA‼️BRAIN CONTORL! YOU SAW AN ADVERT AND SO A RUSSIAN ARTIFISHIAL INTELLIGENCE APP MADE YOU VOTE FOR UKIP! … thing.
Back in 1991 I published an open-source password cracking tool which defined the state of the art for the next 5+ years, so much so that echoes of it can be found in all major password crackers of today.
Some folk criticised me for doing this, choosing words like these to do so:
I know that in general it's bad form to take a single quote out of context and use it to critique an entire essay (concerned.tech) — but I do feel that this time it's deserved.
May 11, 2022 • 5 tweets • 3 min read
Elsewhere in EU regulatory pipe-dreams authored by people who apparently have more good intention than understanding, the #DMA means that @WhatsApp and @signalapp should both adopt #XMPP and thereby deliver a unified "inbox" of messages.
1/ So @StevenLevy has written at length about the "Badge Posts" - the goodbye, final messages posted for other employees to read as they leave the company.
You'll find his article here:
wired.com/story/facebook…2/ But these are not just "human interest" stories; some are meant to achieve something, and in my case the goal was to move Facebook away from implementing national identities & censorship within the Facebook platform.
You flip the switch on the nightlight. You are in bedroom. You can see:
Wailing Baby, Pot of Sudocrem, Size 2 Nappies
> GET MILK
You can't do that yet.
> FIX BABY WITH CREAM
You slather the baby with the creamy unguent. The baby slips through your fingers onto the bed, and wails more loudly!
> FIX BABY WITH NAPPIES
You'll need a mat for that.
> SMELL BABY
The baby smells clean, with a hint of cheese. Roquefort?
Oct 23, 2021 • 4 tweets • 1 min read
SATURDAY NIGHT THOUGHTS: it'll be weird if the echo-chamber of politicians, journalists, and "safety" / child-protection advocates succeed in somehow banning algorithmic content feeds… and then evaporate when the rage which feeds their community dialectic eventually dissipates.
Say we all move to "chronological" feed ranking as the sole metric. QUANGOs and Charities are not natural "friends" of people, so they'll have to vastly increase their posting and reposting rates in order to maintain visibility.
This will annoy "power users" who follow them.
Sep 11, 2021 • 15 tweets • 8 min read
1/ It's tempting to be darkly snarky about this article, along the lines of
"Met Commissioner Cressida Dick calls for more terrorists to be 'known to the police' before committing atrocities"
Apple's on-your-iPhone #CSAM scanning — using your phone's resources to check whether you're a paedophile — is illiberal, misconceived, and dangerously architected. WORSE: they tie the hands even of those who they claim will vouch for Apple's honesty…
Apple's "Appeal to Code Inspection" as a solution for trusting their #CSAM photo scanning is… a fig leaf. It's a PR spin meant to obscure something dirty — if they were serious, why not Open-Source iPhoto with reproducible builds? — but worse it ACTUALLY detracts from the issue.
Aug 17, 2021 • 5 tweets • 2 min read
HOW IT STARTED…
WHERE IT WENT…
Aug 16, 2021 • 4 tweets • 2 min read
1/ #Tech in general, and #InfoSec in particular, are obsessed with "work-life balance" and of building public perception that "you can have it all: a career AND a life" — seeing this as essential for filling undersized & inadequately diverse hiring pipelines.
And not JUST this…
2/ And not JUST this… clearly there's a mental health aspect to maintaining work-life balance, because if an employee is overworking, overstressing, or burning out then (frankly) the employer HAS a problem, and likely IS the problem.
2/ So, @ncmec are basically goaled and compensated for their headline "number of reports" metric. The bigger the number, the more govbucks and funding, for instance in their *previous* counterblast to end-to-end encryption: missingkids.org/blog/2019/post…
Jun 30, 2021 • 6 tweets • 3 min read
BREAKING: attached is an extraordinary & electrifying blogpost - one which I *think* should be making major headlines:
I don't understand this very well, but it's a document describing new, surprise surcharges to phonecalls inbound to the UK - with the charges applied by source CallerID - which may impact/add costs to keeping in touch with relatives abroad.
It is intuitively & obviously easier, safer, & less error-prone to build a cut-down separate Instagram-like application for kids, so that developers don't have to add all sorts of complex checks & validation on "mixed" accesses by adults & kids.