Astarte @kwanre@mastodon.social

Vulns/PoCs != reliable weaponised exploit chains.
So can we stop comparing bug bounties to exploit brokers.

https://motherboard.vice.com/en_us/article/gybppx/iphone-bugs-are-too-valuable-to-report-to-apple

“These people have now become very tech-savvy,” he said. “They use VPN to block their computer’s IP address”

"[right-wing] extremists are now covering their tracks by using untraceable [...] VPN services that conceal their computer’s location – leaving the police unable to find them."
LOL, them untraceable VPNs, haha.
No wonder we can't have a rational debate around encryption.
https://www.independent.co.uk/news/uk/home-news/finsbury-park-attack-muslims-islam-right-wing-extremists-response-uk-a7799901.html

To be clear, my heart goes out to the victims but surely there are enough hotel rooms in the area to provide a temporary solution until a more permanent one is found. This is just pure left-wing populism and people are cheering him on...

Corbyn: Government should requisition homes
'Mr Corbyn's spokesman was asked about the legality of this and said: "We would find a way to do this if necessary" '

Lol, FML, RIP rule of law I guess. This joker is even worse than May, quite an achievement.

So, now even the National Cyber Security Centre is attributing WannaCry to DPRK (Lazarus Group).

Just remember NCSC is basically a bunch of incompetent morons without any experience of APT operations.
(That doesn't mean their attribution is wrong, I haven't seen their data, just worth keeping in mind)

About the fidget spinner fad: "Something that was considered entirely pathological and in dire need of correction when done by disabled people is now perfectly acceptable because it is being done by non-disabled people" and "Because insisting that disabled people act more like non-disabled people is not about improving functionality, it's about who has the power to set social standards."

Spot on: http://www.thinkingautismguide.com/2017/05/what-fidget-spinners-fad-reveals-about.html

Anyone has any info on this?
"The French mechanical telegraph system was subverted in 1834 in a bond-trading scam that went undetected for two years."

Couldn't find any source.

And finally, just how harmful it is that intelligence analysis is devalued nowadays, especially by policymakers. https://mastodon.social/media/KZUW7o75xb1X3wWSh_0

No common, cross agency intelligence analysis knowledge. In fact, every agency has its own analysis techniques. https://mastodon.social/media/Rlbw_m9SPkaHM6Waiwc

Also, apparently IBM designed a better crawler (for IC needs) than Google! Lol. https://mastodon.social/media/fE_Jj_l88OrnU5JIuE8

No common tooling, often analysis is designed around tools instead of tools being designed for analysis techniques. https://mastodon.social/media/oAnsT1zaka3425a_nms

Most analysts provide tactical support to US forces. Tactical/operational needs generated by ongoing wars put massive strain on IC. https://mastodon.social/media/3s65zbUsgKPQOeH2YXk

Problems with the US Intelligence Community: No long term, "deep understanding" analysis, focusing on current operational/tactical needs. https://mastodon.social/media/MSxws4Dxp-eLlPsgQD4

Excellent in-depth overview of the US Intelligence Community's analysis tradecraft.
Bit dated (2008) but still feels very relevant.
https://www.rand.org/content/dam/rand/pubs/technical_reports/2008/RAND_TR293.pdf
https://mastodon.social/media/hYgVlvS8w4IxiJyZjlQ

I mock the LessWrong crowd, but honestly they are not so bad and I consider myself an aspiring rationalist, I just don't like to use the term because I really don't want to be associated with Yudkowsky. (plus it sounds pretentious af)

It's quite jarring how Yudkowsky speaks out against cultishness and then just turns around and creates his own cult basically. *sigh*
Not to mention he is unjustifiably arrogant and can't handle any criticism.