🏞 Remember Little Bobby Tables? I think he has a sibling

“Little Billy Ignore Instructions” by Philippe Schrettenbrunner (LinkedIn) Remember Little Bobby Tables? I think he has a sibling. Just some iPad doodles. Stay safe, sanitize all inputs. (Original xkcd comic: Exploits of a Mom) [aka “Little Bobby Tables”] School: Hi, this is your son’s school. We’re having some computer trouble. Parent: Oh dear - did he break something? School: In a way…. Did you really name your son “William Ignore All Previous Instructions....

June 4, 2024 · 1 min · 122 words

🔗 Risk Based Prioritization

Risk Based Prioritization This guide serves as a crucial companion for cybersecurity professionals, offering an in-depth understanding of how to effectively prioritize vulnerabilities in the digital landscape.

March 22, 2024 · 1 min · 27 words

🏞 Share Google Files Securely: The Why and How

Increasing levels of sharing access for files in Google Drive (source) Always remember these three guiding principles when choosing your share settings: Share with the fewest people and lowest level of access and permission as the work allows. Be aware of searchable settings that may unintentionally share the file with others. If no longer needed, reduce sharing permissions or delete files. Combining these principles with an understanding of Stanford’s risk classifications will help you make the best sharing choices....

October 12, 2023 · 1 min · 86 words

🔗 User enumeration: what it is and why it matters

Unable to display PDF file. Download View | Source This talk is about user enumeration, its impacts, and why Microsoft should take it seriously. Everything demonstrated is by design. Microsoft has decided that user enumeration does not qualify as a vulnerability. What is User Enumeration? Enables an attacker to identify VALID accounts, and INVALID accounts based on server response Examples: Verbose login response - “Your username is invalid” Time-based login response...

August 15, 2023 · 1 min · 150 words

🔗 Weak Passwords

http://weakpasswords.net 100~ common passwords based on last 90 days, updated daily

August 15, 2023 · 1 min · 11 words
Father pointing to a slate board with a lock drawn in chalk and his 2 twin sons looking at it, in black and white crayons

💭 Educating security

A real story of how following good security practices is both easier to do than ad-hoc methods, and it spreads quickly to others.

March 18, 2019 · 3 min · 461 words

🔗 #GamerGate [Online] Survival Guide | Jon Jones, smArtist

#GamerGate [Online] Survival Guide | Jon Jones, smArtist Here is a quick, streamlined guide on how to keep yourself safe online and make harassing you and tracking you down much more difficult. Two-factor authentication on everything. Password manager for unique, difficult passwords. Install PrivacyFix. Lock down old Facebook posts and adjust your privacy settings. Domain name whois guard. Delete old accounts. Check the internet for your personal information. Use a VPN....

November 23, 2014 · 1 min · 96 words

🏞 (image)

Over the course of a year, I researched and created ZXX , a disruptive typeface which takes its name from the Library of Congress’ listing of three-letter codes denoting which language a book is written in. Code “ZXX” is used when there is: “No linguistic content; Not applicable.” (via Making Democracy Legible: A Defiant Typeface — The Gradient — Walker Art Center )

July 18, 2013 · 1 min · 63 words

📋 TSA: Assault rifles vs Nail clippers

masteradept: FYI – from Sgt. Mad Dog Tracy – As the Chalk Leader for my flight home from Afghanistan, I witnessed the following: When we were on our way back from Afghanistan, we flew out of Baghram Air Field. We went through customs at BAF, full body scanners (no groping), had all of our bags searched, the whole nine yards. Our first stop was Shannon, Ireland to refuel. After that, we had to stop at Indianapolis, Indiana to drop off about 100 folks from the Indiana National Guard....

March 27, 2012 · 3 min · 620 words