Interesting range of responses, from "0-day is zero days since exploit (using the vuln burns the 0-day, and it's not a 0-day anymore)" to "0-day is zero days of prior disclosure to vendor before release" to "0-day is zero days of fix/patch availability"

I "grew up with" the strictest of those β€” a 0-day is something no one but the attacker is aware of; once it's out, it maybe WAS a 0-day but isn't anymore

Show thread

Current debate: what qualifies a vuln as "0-day"? After hearing someone use it in a way that surprised me, I asked 3 others and got 4 new answers, so…

What's your definition of "0-day"?

Boosts for wide sampling appreciated

You don't need that kind of risk methodology in most cases. In fact, I'd argue that it will usually do more harm than good. What you need isn't usually to quantify your risk, it's:

β€’ identify your security priorities

β€’ have a sound, defensible business case for your security spending

Show thread

The actuarial definition of risk (an annualised expectation of loss that's single loss amount β€’ annual frequency) is a bit of an albatross around the neck of most infosec practice

Very few orgs are going to have the data or discipline to even use it, so they make guesses. Guesses create (sometimes extreme) bias, while the air of "using a formula" hides those biases

Friends, there is someone looking to build experience in a Product Owner role. Please rattle this around a bit and holler if you know a good team that could use someone! I'll pass any info along. :flan_flowers:​ #getfedihired

Show thread


@drwho @onepict I have a couple of pieces of scrip still lying around here somewhere... lest I forget.

I have family members who fought this sort of treachery as late as the 1980's, and one still living fighting for labor rights since the 1940's... I may not be them, but I learned from some hard, hard coal miners that you don't roll over.

Anyone know good cloud threat intel/red team/threat hunter type folks? I might have an interesting job lead for that.

It is through DayQuil alone that I set my mind in motion
It is through the syrup of Pharma that nose acquires breath
The breath allows for thinking
The thinking is adequate
It is through DayQuil alone that I set my mind in motion

Money, power 

Sometimes when I'm in the shower I think about all the sketchy shit I've learned about politics and money and wealth over the years. I find myself wishing that I'd known this stuff as a kid, maybe I'd have been taught by my parents.

Then I realize that's the point.

Folks who are wealthy and powerful learn this stuff almost from the get-go. It's part of how they're raised and conditioned and trained. The rest of us - not so much.

Talking to some friends in the industry today and it became clear to me that there are still places that don't have a technical leadership track. If you grow past senior, you're pushed into management

That's a colossal waste

It bothers me that in the 24th Century we have the capability to travel and send massive amounts data at speeds far faster than light, and yet Starfleet can't seem to avoid whole-ship com systems outages on the reg

I use both Google Chrome and Alfred for macOS, and I often need to make a Markdown-format link to a page. So I made an Alfred Workflow to do that

Type `mdlink` in Alfred and it pastes a Markdown-style link using the title and URL of Chrome's frontmost tab

`.alfredworkflow` file is available in the Releases area here:

I'm hiring at least 4 application security engineers. You a decent , know your way around Ghidra or IDA, programmer who groks security stuff, or OS expert? Wanna break security software? Want your findings to actually get fixed? This could be your thing, DM me!

Fully remote-first, distributed team and company, solid comp and benefits

I forgot how much I missed the challenge of learning a new job. It's a lot of work, but it's so satisfying. Every day has something where I get to go "ooh, neat!"

In the life of the common or garden USBee, the real tragedy is their constant failure to get into the flower the right way around on the first try.

Hey remember reading books for fun? Me either. Sincerely, someone who has way too much work-related reading

Printing from macOS directly to an IPP-capable printer, using the vendor's sanctioned driver stack: works about 20% of the time.

Printing from macOS to a Linux-based CUPS server using opensource drivers for that printer (but still talking to the printer over WiFi): works 95% of the time.


I'm another Senior engineer at CrowdStrike. This role focuses on assessing the security of various on-device sensors, including threat modeling, testing, and code review. Knowledge of OS internals is a huge plus, especially macOS or Linux.


Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.