I'm going to say something that a lot of you won't like.

If you stay on Twitter to make fun of Elon, you aren't fighting the man. You're doing the thing Elon wants.

He is the main character driving user engagement. Posting space Karen memes isn't a protest. It's the product I posted this on another site. It's true here, too.

If you stay on this site, even to make fun of Elon Musk, advertisers will come back. Advertisers don't care why you're here, just that you see their thing.

This would actually mean Elon Musk is dumber than he looks.

High school sports is a monopoly. If you go to Jefferson High, and you don’t like the coach at Jefferson High, you can’t move to City High, where City High will also give you a raise.

https://mobile.twitter.com/dickiebush/status/1593614986743611392

If Jefferson High’s football team sucks one season, it gets new players in the same district automatically. It doesn’t ruin recruiting forever.

Twitter's office is closed because they are worried employees will sabotage the company.

https://twitter.com/ZoeSchiffer/status/1593391954301054976

Musk had recently complained that too many employees were working remotely.

Cybersecurity has a lot of really weird internal drama. I'm going to skip rebroadcasting the latest one, except for one claim: A guy said someone who only had a bachelor's degree couldn't critique his PhD-level research.

This is a thread about cybersecurity and the institution. Moreso than any other field I'm aware of, law enforcement, investigation, crime prevention and national security tasks are shifted to the private sector.

Almost all research happens outside academia and - until very recently - nearly all training did as well.

This article gives a false impression that Taylor Lorenz or the Internet Archive did something extraordinary by remove her tweets.

Here's why I have a problem with the story, why I deleted my original thread, and why I'm posting it again.

foxnews.com/politics/taylo… The Internet Archive has always allowed creators to request their work be taken down. People do it all the time.

If the Wayback Machine is "facing criticism," it's because people don't understand what the Wayback Machine is and isn't.

https://twitter.com/JoeUchill/status/1518033546874703872

I deleted a thread about Fox News framing a story badly because I think the problem may be an editing mistake. Here's the sentence that's a problem

Authenticating all real humans would not be sustainable without dramatically changing what Twitter is and extraordinary expansion of staff.

The fact that Musk hasn’t spoken to people in content moderation about what’s possible is not a good sign. Authenticating people means continuous moderation of things like their bio, their name, their profile pic, and what claims they make about themselves.

I have a blue check. You don’t want me to change my name and pic to Joe Biden and declare war on Guam.

Caesars Entertainment, which hosts @defcon in Paris, Bally's and sometimes Planet Hollywood, is hosting a QAnon Conference in Las Vegas.

https://twitter.com/New_Narrative/status/1429157140447498253

DEF CON has a contract with the hotel group.

The people who attend DEF CON, pay for hotels, bars and restaurants do not.

Any minute now, the House Homeland Security Committee will host a critical infrastructure cybersecurity hearing with Joseph Blount, president and CEO of Colonial Pipeline.

THREAD Chair Bennie Thompson calls the system of (largely) voluntary cybersecurity guidelines in critical infrastructure into question.

DOJ's Colonial Pipeline presser appears ready to start. Lisa Monaco: "The Department of Justice is announcing a significant development in the ransomware attack on the Colonial Pipeline."

I'm a big fan of @ciaranmartinoxf.

Here's a thread about why this might not work.

https://twitter.com/ciaranmartinoxf/status/1393599106052939777

In the simplest possible terms, the goal of banning paying ransom is to reduce the profitability of ransomware.

It isn't the only way to do that, and it very likely isn't the most effective way to do that. Let me explain.

I had a thread yesterday about why banning payment of ransomware is not an easy solution to the problem
Just to go through some of the other policy options that are worth considering or combining into a comprehensive package:

https://twitter.com/JoeUchill/status/1378512730697691136

One idea is to impose know-your-customer laws and mandatory intervention with warrants on cryptocurrencies sold on legitimate exchanges.

It would help recover funds and impose an extreme cost on criminals trying to stay anonymous.

Speculators would super hate it.

With respect to Chris Vickery and other people who've made this suggestion, it's not that easy. Illegalizing ransoms is actually something with historic precedent. It's shown success against kidnappings in the past
But here's the thing...

This is a weird article, but not for the reasons people seem to think it's a weird article.

nbcnews.com/think/opinion/… The article makes the assertion that 200 years in the future, only the Beatles and Bob Dylan will be remembered.

If you're angry about that name three 1760s composers.

CISA leadership will be testifying before the House Appropriations Committee's Homeland Subcommittee in about an hour about "Modernizing the Federal Civilian Approach to Cybersecurity."

I'll be live-tweeting it. 🧵 Interesting notes to consider in advance.

- Brandon Wales will testify as Acting Director.
While the Biden administration has discussed a task force in the wake of Hafnium, there's no confirmed CISA director, someone you'd expect on the task force.

The interesting thing about gaffs is not that they happen.
They happen to everyone. Today, I forgot the word acronym. What's interesting is how the ones that stick are ones that confirm what people already suspect about the person who said them. That's not to say legitimately not knowing something important isn't a problem. But if you give 4 hours of speeches a day, you're going to trip over words.

Yet no one honestly thought Obama didn't know how many states there were when he said he visited 53 of them.

There's a ton of stuff we don't know about Bloomberg Supermicro 1 and 2 that I'm not sure we're going to know. Here's what I do know about Supermicro 1, the original story: I know a ton of national security and cybersecurity reporters and contractors who tried to substantiate the first story without success.

I tried to substantiate the first story without success.

The EAC is about to vote on the Voluntary Voting System Guidelines 2.0.

The most contentious point in VVSG is that it says wireless technology should be disabled and not completely removed from voting machines. I'll try to live-tweet anything interesting, but am also expecting a call for work. So this thread may cut short at any time.

It could be very dramatic.

The natsec/infosec implications of the coup attempt are staggering - not just in Pelosi's office.

They'll need to assume all systems and physical files were compromised, and catalog what of each was stolen, altered or destroyed In the long run, they need an evacuation failsafe for computer systems.

I AM GOING TO CONTINUE TO WATCH CSI:CYBER

https://twitter.com/JoeUchill/status/1342864723482697730

By the end of the first season, over the course of several investigations, the FBI had hacked into Boston's transportation system, an online casino that was cooperating with the investigation and the camera on a teenage girl's home computer.

Where will they CSI:CYBER next?

The passage of the NDAA means that the Executive Branch gets a new staff member: the National Cybersecurity Director. The position is modeled after the U.S. Trade Representative, and is one of the Cybersecurity Solarium’s suggestions.