Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
SwiftOnSecurity Profile picture
SwiftOnSecurity
@SwiftOnSecurity
computer security person. former helpdesk. Microsoft MVP in Security 2018-2023.
Compuguy 😺😷 Profile picture Aquarion/Nicholas❎ Profile picture Jimmy Profile picture Cowly Profile picture sally paddles Profile picture 83 subscribed
Aug 15 6 tweets 3 min read
I was among the first in world to have a laptop/tablet at school, due to an accommodation IEP... and living in Silicon Valley. It was a Toshiba Portege 3500 I got ~2005. I was the literal first wave of the populace to do this. These are my thoughts on its impacts, looking back.🧵

Image
Image Giving students electronics is generally not a good idea. It is not a replacement for books. I've looked in despair as this has happened. I loved my machine, it helped. But I had my Windows XP Tablet before schools had WiFi. Before there were online apps. I used OneNote offline.
Aug 13 5 tweets 1 min read
There is just a level of destiny, of purpose, seemingly not appreciated at-large. The US and its allies built weapons of war for a single purpose. An opponent of doom, under auspices of preventing the greatest calamity in the history of Man.
And now its void-fillers are target. Generations of technology earnestly endeavored under cause of never succumbing to invasion – and thus preventing it. All that purpose, imbued into stored product. Mislaid but appreciated by soldiers of another worldly action. Now, returned to the chance of original fulfillment.
Aug 12 8 tweets 2 min read
I imagine it can be hard to start with nothing to do, but learning to endlessly optimize and improve in small ways showed me how much time I could free up. Went from 14 Helpdesk ppl 10 years later to ~5. And so I had free time to run this account too. That work made me who I am. Note the downsizings were not my idea and would have mostly happened regardless, the point is I increased free time as resources shrank. That's the dumb business assumption of how it's supposed to work but rarely actually does. But you can do it for yourself. For your career.
Jul 30 5 tweets 1 min read
Free advice, worth what you paid, for reasons I won't convey: Confident incorrectness is very dangerous in high-level work. It's been made clear to me if I don't know something for a fact as of today and the CISO asks, you go check first. You are not here to bullshit visibility. Something time in IT and Cyber teaches you is the sheer monumental weight that "incorrect assumptions" and "configuration drift" cause. It's basically everything. You're getting paid to find out how your system is configured RIGHT NOW, not HOW YOU CONFIGURED IT YESTERDAY.
Jul 27 8 tweets 2 min read
wtf Temu's email unsubscribe link goes to a webpage that says your WiFi is disconnected Image Here's the link, stripped of my identifying information. If you click unsubscribe on Temu the website says your WiFi is disconnected. Over HTTPS.
temu.com/bgms_unsubscri…
Image
Jul 25 4 tweets 1 min read
I have C-suite asking for how we and our vendors are planning to avoid a Crowdstrike scenario. If you're a security vendor you need to document this right now and also get on improving it. There's discussions about risk reductions. Crowdstrike situation is putting a very firm pressure on removing software agents without mandatory need, especially kernel-mode. This is real I'm in the middle of it.
Jul 22 6 tweets 2 min read
Something really undersold in the Taylor Swift discourse is how fundamentally she has altered the discussions and power of musicians in licensing deals. She's a star even to stars, with enormous cachet amongst peers. Her maneuvering is just all-encompassing in strategy to win. You'll hear from people even early in Taylor Swift's career how much she did not want to be simply managed, she wanted to know the business and how to rise. Her positioning as a teen girl darling completely obscures her machinations. Which were shunted, then rose like a phoenix.
Jul 20 6 tweets 2 min read
The correct answer is a fully validated and controlled execution environment needing no antivirus but we've made an industry of bandaids for a fundamental error in our approach. I could heartily debate this position, but it is worthy questioning the fundamentals of our assumptions.
Jul 19 5 tweets 2 min read
Note this will not work if your machine is bitlocker encrypted without getting the recovery key for each machine... You could build a PXE boot WIM file and have it execute a fix script but that will require telling everyone how to boot over the network. Very few have this skillset though and will likely require reconfiguring every network to do DHCP relay and won't work if machine locked down.
Jul 17 11 tweets 3 min read
Story time on having a criminal history: In my first job they needed help with a surge of laptop replacements and new hires, we were getting pallets of 50 laptops delivered and deployed. They brought someone on light on experience, but decided to give him a chance as a temp.🧵 He was 95% cool but there were these rare weird moments where you weren’t sure, then it passed. Anyway I also had come from getting a chance taken on me, so whatever. We work together a few months, he handles a lot of the laptop swaps. Then a coworker goes to the IT storage room.
Jul 17 28 tweets 6 min read
On TikTok there is AdjusterTok, where work from home insurance agents video their side of calls explaining how car insurance works to irritated people, and it’s quite sobering stuff. People don’t really know what insurance is, it’s just some magical thing to make stuff better. Constant asks to add people to insurance coverage retroactively is indicative of someone where none of this is a market product, where there is no concept of the role of insurance, it’s an ethereal “thing” that will give you a new car and reimburse you for feeling bad.
Jul 9 13 tweets 3 min read
🗣️ I have things to say on the realities of influencing the public on policy. As someone who has endlessly tested this for 15 years, on initiatives of wanting people to care about the greater good. Things of seeming marginal individual utility, but huge value to the community. 🧵 Maybe most important part of messaging is testing. A common trope is technologists think themselves savants of any related field. In this case I have an argument. I had to convince people to solve things themselves and stop opening viruses. No real cudgel. Just words and tools.
Jul 5 12 tweets 3 min read
Remember something you installed is probably fucking your computer up in ways you cannot fathom and it’s not Windows’ fault, usually. You disempower yourself by preemptively blaming the OS. You have levers to pull. It is very very rare I encounter a true OS issue in my work. Being able to ascertain the real causes of IT issues sets you up to actually identity true low-level problems if they appear. You’re skeptical in the right places because you can solve the normal stuff. You know when you’ve found non-normal.
Jul 2 11 tweets 2 min read
There are many nuances in adminstering a corporate network at scale because the edge-cases accumulate. A lot of my work is specializing in decipering those scenarios. Most firms do not have this kind of resource. It's why I encourage firms to hew to norms as much as possible. Right now I'm working on correcting ~100 machines out of xx,xxx because these machines are very critical and in a unique scenario seperate from others. Chasing the 0.1% is a real job you must do. Eventually the debt becomes 20% otherwise. It's the exceptions that become the norm.
Jul 2 5 tweets 1 min read
This is edgy to say – but this *waves hands in direction* was all decided in 2016. I know, I was there that night. Elections have consequences in the form of lifetime appointments. This was locked-in 8 years ago. I’m not sure what people want to be told here. Elections matter. They matter for a very long time. The levers to pull are before the final public contest. If you didn’t succeed, try next time. All that matters then is a binary choice for the next 50 years. In abstention and fantasy you are inseparable from the blasé.
Jun 30 7 tweets 2 min read
Something I think a lot about are people who lived before time. Not as in the clock, but the written word. Even that was not enough. Before broad literacy. Most of humanity lived in ways we regard as surviving, but no more. What stories did they have. The forbidden loves, lost. Each of those humans who lived before time had a struggle. Which we today would devalue as not being recorded. Or persevering 3 generations. The people who made us possible. Who ended up birthing billions. And we don’t have it. We never will. They are lost not in time but words.
Jun 20 6 tweets 2 min read
As mentioned to international audiences before, the US Postal Service occupies a deep historical role in American governance and you don’t fuck with them. Federal resources that can get you time for “minor” infractions that fall through the cracks of local agency. They got guns. Robbing a postal worker is like maybe the dumbest shit you can do in the United States in 30 minutes other than murdering a postal worker.
Jun 20 7 tweets 2 min read
One time I told ISP support I had already rebooted my modem. They said do it again. I could have lied. What I didn’t know is they had already sent a command to refresh the device on next reboot. I actually did need to reboot it. With modern IT support tools you may be calling someone who has already sent some kind of command to your PC via an RMM suite integrated into their support software.
And reboots just do fix things period. In some rare cases twice may actually matter.
Jun 6 5 tweets 1 min read
There’s a class of person who is truly intelligent, but has nothing to contribute to society. Who can dance to impress others because that is their skillset with concepts and themes. They see performances where substance didn’t matter, and become enthralled. “I can do this too.” There is some core of a fundamental idea that the practitioners and innovators create. But is different enough it seems to call for its own field of wordage and realities. Crypto, NFT, AGI. There’s ~some validity and group of skilled people. But that’s not who we’re talking about
Jun 2 4 tweets 1 min read
I don’t think people really understand that without autism Wikipedia doesn’t exist. Dawg I was there at the beginning and once you understand you know. Or like, a whole bunch of other stuff. I’m not autistic I’ve got other stuff going on but like. It’s a big part of humanity. Really if you understand even a little bit of history and all the deeply weird obsessive shit, the idea autism just invented itself in the 1990s lol. May be exacerbating factors but oh my god you are not appreciating diagnostic criteria and shifts in handling of shunned people.
Jun 1 5 tweets 1 min read
⚠️There is a massive bias I see in InfoSec I must highlight:
The Uninnovative Attacker Hypothesis

You think you are protected because attacker capabilities are driven by skill instead of tooling. That you can do something, and stop. It’s proven wrong. Here’s why. With proof. 🧵 I was a front-line administrator on Exchange (email). There were trivial steps you could take to disable old protocols that would basically prevent you from being hacked. But most didn’t. Skill issue. You essentially opted-out of being a target. Opportunistic. It was magic. But..