Some days all you have is bad options, and you have to choose the least bad that enables you move forward.

I wish video conferencing software had dual monitor support.

It seems I am always fighting between keeping talking heads closer to my camera to better simulate eye contact, or maximizing on my big screen so I can see what is being shared.

Truly the answer should be both.

YAb0 boosted

This was my "office" for 7 years back when I worked at ESO's Paranal Observatory in Chile. What a view, huh?

That's the Milky Way framed by the entrance corridor to the underground "residencia", where we sleep, eat, etc. I miss those views!

Something I've been historically terrible at was being careful about what I say.

Needless to say I've made more mistakes than I remember transitioning from engineering to leadership.

So many I feel like I should go back to engineering some days.

But then I see how amazing my team is and all the shit they can do without my engineering skills, and it makes me feel so proud to enable them, and watch them grow.

Show thread

Weird things I want to add to TheGibson's thread are all the weird things I learned being a new manager that you don't think of until you're a manager.

Like suddenly everything you say has a lot more weight and meaning, so you need to be a LOT more careful about what you say.

The jokes you made while even a senior engineer are parsed very differently when you are a manager.

You can (and will) say something you think is totally benign , only to make a team member think you want to fire them.

Something I could never relate to was why people -- especially those in the security industry -- loved the movie "Hackers".

Did you like it? Why did you like it? What make it appealing to you?

YAb0 boosted

Ultimately having options for technology are good. Vendor lock-in and monopoly is bad for everyone.

As for if it ends up being a great technology. Time will tell.

Show thread

The Turing Pi 2 has my attention. Not because I am obsessed with self-hosting.

I think of it as an early prototype alternative for easily managed cluster bare metal.

Assuming everything was available it's price for its compute density and ease of management already competes with existing enterprise solutions. Will be interesting to see where we are in a couple years.

Use MITM Proxy to create Swagger files? This could come in useful.

I was wondering why my scam calls diminished between Apr 12th and Apr 25th.

I ended up deleting my security-focused twitter account.

After looking through my history the last time I tweeted was a year ago. The time before that was 2 years before.

Was reading a lot of tweets, but didn't feel like interacting with any.

This was likely due to who I was following, but feel like Twitter like all commercial social media sites drive you to follow as many people and topics as possible to maximize interactions and ad views.

Everyone I know there follows hundreds of people

I am glad this is getting more mainstream attention.

From personal experience I know many websites do this for the idea of maintaining state should the browser lose state, but even then

it's still creepy to think that your incomplete thoughts are being saved where others can potentially access it.

How many times have you written something in anger or otherwise emotional that you ultimately did not share? Or worse, did something dumb like including financial info?

Me: support, I have this problem
Support: no reply
Me: support, I still have this problem
Support: no reply
[repeat many times]
Me: [cancel account]
Sales: we noticed you canceled your account…

Monday. One of the best days to take off of work. 😂

Companies: if your mobile-web experience sucks, I assume your app experience sucks too. Same incompetent developers hired by incompetent leadership.

Want me to install your app? Show me an awesome web experience

It would be wonderful if devices with fingerprint or facial recognition login allowed using those for multi-factor authentication and not strictly alone.

Repeat after me:

WAF are not a fix for vulnerabilities.
WAF are not a fix for vulnerabilities.
WAF are not a fix for vulnerabilities.


Had to report a critical vuln to someone and the response was an update WAF policy as the solution.

It happens, but the context I cannot elaborate on here is that this situation is particularly disappointing.

I acknowledge that Human Resources IT is particularly challenging.

That aside, I have strong feelings about how so many human resources departments simply hire various external vendors that all message employees in different ways, and frequently change vendors simply expecting employees to trust messages from a new vendor.

This not only makes it easier to trick employees with a phishing message, but increases the likelihood of successful compromise.

some days as so very exhausting.

Not because they are bad days, but just so much mental labor

Show older

InfoSec Community within the Fediverse. Newbies, experts, gurus - Everyone is Welcome! Instance is supposed to be fast and secure.

We have a Getting Started Guide here: