A thread on bad analysis. When #ThreatIntel analysts want to show off their Foreign Policy and Economist subscription status after reading the Russian foreign policy Wikipedia page /n #threatintelligence #cybersecurity #infosec Most analysts who are "doing attribution" aren't doing good cyber threat intelligence, they're doing poor foreign policy analysis

False flag operations are very rare because they're risky and the blowback effects are bad. Interestingly, the risks increase the more "important" you are so the most powerful countries are less likely to conduct FF ops. /1 #infosec #cybersecurity #ThreatIntel Traditional covert and clandestine operations are cheaper, less risky, and more likely to succeed than false flag ops. Importantly, not all attempts to redirect blame is a false flag but just considered standard covert ops. /2

MLK Jr "Letter from a Birmingham Jail" africa.upenn.edu/Articles_Gen/L… #BlackLivesMatter #BlackLivesMatter

This is terrible. Let me tell you why. THREAD #privacy #infosec #cybersecurity #COVID19 theverge.com/2020/4/10/2121… First, health data has ALWAYS been considered protected and sensitive. Hence, the privacy requirements and oaths physicians abide by - courts have LONG recognized this privacy.

Yesterday made ciabatta for the first time. The bottom was slightly overcooked but flavor and texture was great. /thread First, the “biga.” fermented the yeast, flour, and water for 24 hours to get a strong flavor.

THREAD Tonight, some live tweeting making dinner. This evening comes from a little further afield from last time. No spoilers as to what it is until the end. Guesses are welcome 😃 #Cooking #Cuisine First, a load of Pecorino Romano cheese in a bowl.

"My kingdom is not of this world. If my kingdom were of this world, my servants would have been fighting, that I might not be delivered over to the Jews. But now (or 'as it is') my kingdom is not from the world" (John 18:36) #theocracy #chosenone cnn.com/2019/11/25/pol… This line of thinking make the problem of evil sooo much worse. If Rick Perry believes this, then he must believe God ordained Hitler and the Holocaust too.

I like @SANSInstitute a lot - I recommend them a lot. But, I'm going to be honest. They've become the gatekeepers of the #infosec practice in many ways and at $10k for a course and travel it's hurting our ability to grow leaders and practitioners. #cybersecurity #training

https://twitter.com/bsdbandit/status/1197259125572415494

@SANSInstitute There are many stories about #infosec warriors "pulling themselves up by their bootstraps" which is true! However, we're now beginning to change from a meritocracy into a plutocracy. Only those who work for the wealthiest companies or have the personal fortune can get in easy

A thread about #journalism and #infosec/#cybersecurity.

I hear ALL the time from executives who read about infosec issues in the news and want to know more. Journalists are the most important part of the education and information component of #cybersecurity. I consider journalists part of #infosec - not outside of it. They serve their purpose like a Firewall admin serves theirs for the larger #cybersecurity space. I've never met a malicious journalist, not saying they're out there but, almost all have good intentions.

THREAD My comments on the Project Raven story. It's a project that many of us former IC knew about and was quite a dirty little unknown. Most of us that I speak to frowned upon it. reuters.com/investigates/s… by @Bing_Chris @joel_schectman via @Reuters @Bing_Chris @joel_schectman @Reuters If you're smart enough to be in @NSAGov you're generally smart enough to know how the world works. Any amount of knowledge of the Middle East or UAE would have told you this. Even a cursory Google search on UAE government will turn up human rights abuses.