Pinned toot

racism, allyship, white privilege 

I found this very useful:
vox.com/2020/6/2/21278123/bein

"How to be a good white ally, according to activists

Three experts on what it does and doesn’t mean to be an ally, now and always."

police violence 

Police shoot pepper bullets at live reporters in Louisville.
tuckbot.tv/#/watch/gt69qe

MSP: Predator Drones 

Things getting real in MSP.

MN politics, racism reference 

It's an absolute travesty we had to get here. Cops, by all indications, straight up murdering another black man. And then proceeding to gas and pepper spray peaceful protesters. And then acting surprised when those protesters, realizing they'll be punished regardless, felt compelled to riot to make their point.

But the reaction from leaders is at least a silver lining here. They're saying the right things, finally. Here's hoping it turns into meaningful change

Everything is remote at the moment, but both spots can be remote forever

Show thread

Hey, Veracode is hiring some security engineers; a Senior Security Engineer and a Principal Cloud Security Engineer (AWS mainly). If you're on the hunt, check it out. If you have questions about the org, feel free to ask; I have no worries about honest answers

Sr. Sec Eng: veracode.com/job-post?gh_jid=4

Principal Cloud Sec Eng: veracode.com/job-post?gh_jid=4

Imagine having an ego so fragile that having to wear a mask in public breaks you.

LOL of the day: "you have to send us this XML file whose contents match the following MD5 Sum"

Hm, I guess I'll have to figure out where I can safely pad the file to force the collision, right?

No! I can put the given MD5 digest in an <MD5> XML element and it's accepted as valid regardless of the actual file contents!

Today's accomplishement: unattended Okta login using stored creds and TOTP secret. So many things I can automate now!

Boost if you also use the face mask as a privacy protection tool against security cameras 🕶️ 😷 (as well as for the obvious health responsibility reasons)

This may be the best food review ever (for a plant based chicken nugget substitute)

I may be in the minority here, but I'm actually happy that so many conferences will be virtual this year. I wish it didn't have to come at the cost of people who like in-person stuff missing out, but I hope the experiment leads to more deliberately-virtual cons

I have my technical gripes about JavaScript, but my main complaint in practice is social: when you put JavaScript on your page, you're passing a cost (in the form of compute power, which is wear and energy use) to me

If you do this, it should benefit *me* more than you. I'd bet 98% of JS that pushes to my browser benefits the operator much more than me.

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.