thaddeus e. grugq Profile picture
Hacker :: https://t.co/km8BR8E1Ga :: thegrugq@gmail.com :: PGP https://t.co/dYipV8y3bo :: @warstudies :: https://t.co/H3dWknFCfk :: https://t.co/Z2lWqEVVua
16 subscribers
Aug 6 8 tweets 2 min read
1/What I learned about B2B sales strategies from Robert Hanssen’s 20 year career of espionage, some lessons on closing deals and keeping clients happy. #SalesTips #Espionage

🧵⤵️ Image 2/ First lesson: Trust your gut and set your own terms. Hanssen didn’t rely on Soviet tradecraft; he made them use his own. Moral? Don’t always follow the client’s lead. Sometimes, you need to dictate the process to ensure success. #SalesStrategy
May 13 7 tweets 1 min read
Telegram is a social media platform, not a secure messenger. The primary use of the system is for groups, with one to one messaging occupying the same space as Twitter DMs.

Signal and Telegram address very different markets. There is no Signal Telegram dichotomy. Signal is a secure messenger, Telegram is a social media app.
Mar 31 12 tweets 2 min read
The xz backdoor was the final part of a campaign that spanned two years of operations. These operations were predominantly HUMINT style agent operations. There was an approach that lasted months before the Jia Tan persona was well positioned to be given a trusted role. The trigger for this “Quest for Maintainer” operation was a very long patch which was exactly the sort of thing that the maintainer was not able to process particularly well. New personas appeared to push on this issue. Jigar Kumar was the spearhead for this op.
Mar 29 5 tweets 2 min read
On the .xz backdoor.

It is hard to see how the developer Jia Tan is innocent. The backdoor was added in 5.6.0 by his account. He contacted Fedora to push them to move to 5.6.0. There was a problem with valgrind, they worked with hi to resolve it. He commits the fix in 5.6.1. If Jia Tan did not commit the backdoor in 5.6.0, and his account was hijacked, it strains credulity that he worked on fixing an issue introduced from a fraudulent commit in his name without noticing. Instead, he worked with Fedora to resolve the issue and committed a fix.
Dec 13, 2023 4 tweets 1 min read
@ravirockks @onixIT “The cyber will get through”

Seriously though, these sorts of attacks have been categorised as counter value operations (the Douhet strategy). And I’m willing to believe that is the Kremlin strategy here.

I just wonder if the mid level commanders believe it will work? @ravirockks @onixIT Or, are they just doing what they get told to do / what they know their bosses expect them to do?

If you spent a couple months gaining access to Kyivstar and then destroy everything just because “it’s Monday” wouldn’t you feel like you’ve wasted your time?
Mar 19, 2018 12 tweets 2 min read
Cambridge Analytica is Goebbles 2.0

See if you can match the Goebbles rules for propaganda to the CA talking points! Its fun :)



psywarrior.com/Goebbels.html 1. Propagandist must have access to intelligence concerning events and public opinion.

.. yup, looks like CA does that. ✅
Feb 3, 2018 4 tweets 1 min read
A critical security feature is self cleansing (this is one of the reasons you cannot have secure email). The next critical component is strong encryption with PFS. The third leg of the “actually secure” tripod is anonymous + disposable accounts. Nothing ticks all the boxes. Signal: self cleansing, strong encryption, accounts are linked to a smartcard

Wickr: self cleansing, unknown encryption, moderate unlinking¹

Threema: 👎, no PFS, moderate unlinking¹

Telegram: self cleansing, 😂, smartcard

Confide: self cleansing, 😂, smartcard
__
¹ GCM/APN
Sep 28, 2017 6 tweets 1 min read
Ha, that thing you tweeted about, is like OverSec for browsers. OverSec works on Android, has some awesome features In particular you can send the encrypted text encoded into non visible glyphs, and then write a cover message that is displayed instead