What do I want out of life? To be happy. And right now I am:

sitting in a hotel restaurant, enjoying a pretty good breakfast and an excellent book, listening to good music and thinking about all the things they led me here.

I'm not happy all the time, but right now I'm happy.

The things in life I enjoy the most and remember most fondly are also those I spend the least amount of time pursuing.

Now imagine being a bodybuilder who exclusively uses Cricket-sourced protein and being The Man Crickets Built

Let's start, my first toot in the mastodon universe

And his discussion on the French Fry Oligopoly is fantastic! Give it a read and think about the world we all live in...

This one too:

"When you interview Trump voters in rural areas about why they voted for Trump they often state that they think the system is rigged against them. Tepper and Hearn argue that is because the system really is rigged against them"

It's not InfoSec, but I love this article by John Hempton. Being Australian, he does such a great job of looking at the US market. A few of my favorite quotes:

"Market power gives licence to corporate management to behave like jerks, whether it be kicking in the teeth of their customers (United Airways) or paying their workers poverty wages (Walmart)"


Here I am, the same as everyone else, refreshing my page to see who favorites/boosts me.

I am as bad as everyone. Maybe worse.

Social media:
"They have ears but they don't hear.
They have eyes but they don't see.
They have minds but they can't think."

We are blind, deaf, and dumb and every day we revel in our ignorance; shouting from the streets how great it makes us.

Important→ Someone hacked the official site of #PHP PEAR and replaced package manager (go-pear.phar) with a "tainted version"


If you have downloaded/updated #pearPHP package manager from its official site in past 6 months, consider yourself compromised. t.co/PUm7o9CP8S

And so another week is about to begin. Here's to all the bees buzzing about mon-fri to keep all our lives going.

I'm more convinced every day that using the same security strategy for endpoints and servers is fundamentally wrong. The goals of each are opposed to one another.

For endpoints, the goal is to protect people. Not from themselves, but from those who would take advantage of them.

For servers, the goal is to protect environment integrity and privileged data.

There's overlap, sure, but until we move away from a "one size fits all" solution, we'll never solve the real security problems.

I'm thinking of doing a podcast with an InfoSec focus. Would be 15-20min episodes. Debating topics still.

I'm leaning toward a podcast where we talk through various things folks getting into InfoSec would need to know. Grow to include the infinite number of topics out there. Helpful for newbies & experts & leaders. Not just "What is AV" but "Why does AV matter". Periodically bring on experts and vendors to talk about their expertise and dive deeper into specific topics.


Pst! Do you need CPEs for your CISSP, CISM, CISA, or CEH? Why not check out some free courses on Cybrary.it or even better, go listen to some security podcasts like Defensive Security (@jerry), Smashing Security (@gcluley) or even Purple Squad Security (me)! We're all entertaining and informative in our own rights, and you can get 1 CPE per hour. ;-) YMMV, but I'm a fan.

One of the questions I am asked at the #Eunomia meeting, are there any politicians/journalists using Mastodon? Help me out

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.