Something experience gets you is seeing people who did the wrong thing, by trying to do the “right” one.

Extremely strict “topical” security measures which are great but the environment cannot operationally maintain, leading to worse outcomes overall. I’m one cleaning those up. One environment had DNS allow-listing setup by a security person who did not understand DNS or the OS or have a maintenance process or teach people about it.

They did their thing and moved on. They will never understand how to be better. They can’t. They weren’t here. For later.

PARENTS: You need to sit your kid down and tell them about sextorsion. They are not going to know randos messaging them for sexting is a trap.

reddit.com/r/Sextortion/
This is a really easy way for criminals onshore and overseas to make money. They convince you to link your real identity. There are suicides after ongoing threats to ruin their life after desperate attempts to pay.
And they need to know if they fuck up they need to come to you.

Early in this account’s life, I used it to talk shit. To effortlessly lay cruelty. To insult. Because it is so fucking easy. To be an outsider, like I was.
As I matured into accomplishment I came to understand we are all met with demons. That need accountability. Not cheapness.

https://twitter.com/swiftonsecurity/status/1779240023012868391

A lot of my advice on this account is simply talking to myself 10+ years ago. It is not meant to be dismissive. It’s meant to be what I wish I had heard – and listened to. Knowing hearing it is not enough. We become ourselves by failing to heed advice. It is the human condition.

Advice from a graduate of it:
Snark is a rich source of humor. But it is a skill. And abused, becomes a crutch.
A lot of people, including me in past, based personality and output on it. Now I see it all the time, people who just don’t develop anything beyond it. You need hope. Working in Security you become acutely aware of the personalities it attracts, who have no workable positive vision. Just checklists of denigratives to repeat ad-nauseam. I WAS that person not out of winning, but worry. And it can’t be all you are. It doesn’t work. You need hope.

Tomorrow is the 10-year anniversary of SwiftOnSecurity.

Here’s the story. Which includes my story. I tell myself they are not the same. Someday they won’t. There will be a time I walk away. I can’t live up to this and won’t try. 🧵 This is not important. I have tweeted parts before and then deleted others. There’s no reveal. There no product line. Just looking back and what happened and what it meant.

It will probably be the last time I talk about this in detail.

Nothing is pre-written. I’m just posting.

People new to InfoSec trying to enter and those looking to advance: I want to introduce you to something I call the <<“Competency Bubble”>> you should understand. It’s something I hit. 🧵 FIRST let me say public presence is NOT a prerequisite for competence. We have incredible staff that lurk or get their info from custom aggregation networks. Twitter is not a ranking of skill.

But when you search you’re going to find the online ones. And you need to understand:

Rather than go into OrgKit tonight, I want to explain why Windows networks have been historically insecure. 🧵 Computing does not have a long history. Its progression goes industrial IBM solutions with all services included, to piecemeal solutions separating software and hardware, to innumerable OS options and hardware, to standardized hardware and narrowing OS options, to 90’s businesses

If you’re an influencer: inspire hope instead of despair – because trust me I’ve iterated despair and it’s fucking worthless.
These Zoomers have every reason to give up. They never hear a reason to persevere.
It’s easy to fail. It takes the exceptional to disregard. And live. I’ve been the person who tried to die. Who wanted to, most of my life. I’ve _been_ that game. I’ve lived it. And survived it. And let me tell you. Fulfilling demand for that idol dipshit feeding narrative is easy.
That’s the mainstream advertising busks. Persevering is exception.

Whenever you see NIMBY’s in a city council meeting and blocking housing, remember they’re doing it to steal hundreds of thousands of dollars from the next buyer of their house. They are freeriders with a decaying asset expecting someone to kiss their feet for the opportunity. Imagine if people stood outside a car factory blocking assembly so their 1996 Oldsmobile became a rarity in a world where you have to drive to work. It’s extortion and fake.

What is the right timeout for a laptop to lock itself? IMO computer lock should be ~30 minutes for orgs without biometric login. (This is NOT my org policy)
Making Security people feel better is not the goal. I’m unconvinced local attacks are remotely notable enough to incur the costs of employees having to continually login.

I want someone to touch me like this

https://twitter.com/mokei_tetudou/status/1761294143245128062

As hands approach, I feel anticipation. The warmth of the fingers encircles me, a gentle yet firm grip that promises exploration. The first touch is tentative, a soft brush against the cool, plastic surface of my body. I revel in the sensation , the contrast with pliable skin.

MICROSOFT MVP MASTERCLASS:
I am one of 3 who act as final escalation tier for Microsoft issues in North America at my firm, and am a global guiding architect for Defender AV.

Here’s how I approached troubleshooting PowerBI freezing in a VDI that Microsoft said was unsupported: I added a teammate for cross-training, and started explaining my troubleshooting ethos.
We are going to poke at this problem in ways that will not solve it, but will tell us the scope of failure that will inform our later attempts.

Here’s my list of questions:

Within every Gifted Kid turned adult is the realization it was a way to deprioritize your success because they thought you’d do it anyway. Because I actually did need craploads of help. My educational journey was a shitshow. Which was funded by my parents instead of the school district.
But I was “smart” so I still aced classes until mid-High School so it just did not matter.

The real world sucks. There are so many feedback loops in every category where you just _have_ to do the hard part to gain real reward. And be gaited by the hard part.
Coming to terms with this is really important. Utopia breaks the fulcrum of creating a future. Hard to swallow. I sympathize, but it’s important to know how many people advocating an easy path had to suffer the hard one.
I did. It almost ruined me. It is not repeatable. I don’t have advice for you.
And I wish I could be your savior but I can’t. I don’t have a cure for the human condition.

If you see a news story where someone has internal knowledge on Taylor Swift, it’s pretty much always made up. It’s laundered through successfully more reputable websites starting from random blogs. Her people mostly only drop info to People Magazine rarely. Taylor Swift runs an incredibly tight ship due to her parents being trustworthy already-successful business people. She doesn’t have clingy weirdos that got on her ride early, like other celebrities.

They understand that AI is going to clone them and index their biometric in a database forever and the age of the selfie is coming to an end.

https://twitter.com/nypost/status/1745494459532353969

The age of Flickr where you uploaded a thousand 15-megapixel images of your house and face and friends and strangers and set it as Creative Commons was a magical time that fed our current technological capabilities but it was an errancy.

I started this account for final lolz getting ready to kill myself in 2014 and now it’s almost 10 years later. I’m thinking a lot about what to say.

Anyway I am super sympathetic and it’s understandable but dying is probably the wrong choice. Like betting on Britain in the 1800s Imagine being like the British empire is forever and then transporting to watching The Matrix and finding out they never even mention the Crown

Run this command and explain the output:

dir c:\windows\system32\*1.exe Correct, you can see them with this command:

dir /-n c:\windows\system32\*1.exe

https://twitter.com/ivanrouzanov/status/1742611997471146276

The GTA hacker is an avowed unrepentant scammer who screwed with individual people, and is violently mentally ill on perpetual psychiatric hold.

Please read the articles before telling the FBI to hire him. Also he did not hack Rockstar with an Amazon TV stick. He >>presumably<< mirrored his smartphone’s display to the stick to use the hotel TV as a monitor. He then connected to the smartphone with a Bluetooth keyboard and mouse.



This guy is just a scumbag. lifewire.com/mirror-iphone-…

Rare ProTip:
Mapped network drives are a crappy hack for DOS and can cause enumeration delays for some processes. Treating remote servers as local drives was an old workaround.
The correct, modern way to "pin" a network drive is right-click in This PC > "Add a network location" With mapped drive letters, improperly architected policies or a large enough org, you get into name collisions where S:\Hello.txt is different for different people, causing confusion to users.
Think about it. Why would you have per-computer names for network locations? Dumb.

Today at work there was a 11hr outage bridge call over a small but important area of the Windows network having application errors. Not debilitating but would be eventually.

Here is how I helped solve it after being asked to take a look, and how I approach problems like this. 🧵 I’m an IT Generalist who started in Helpdesk and system engineering. I now work in Security, using those skills to push initiatives forward. Often, to troubleshoot complaints and impediments these projects encounter. I talk with lots of teams, so I’m periodically asked to consult