BC INTERNET
Saved by @Alex1Powell

Information Security Framework, Pt I: the Basics:

Let's start with the simple things.

1. Keeping up-to-date on all things software-related on the machine should be paramount.

Not just operating system updates though.

 Software updates for things like word processing programs, music players, email clients, etc.

Kernel and BIOS updates for the machine itself.
If you want to check for the newest BIOS update, look at your computer hardware, visit the vendor's site, and they will have BIOS downloads available, as well as the date they became available.

Keep in mind, some updates on the BIOS itself aren't always necessary.
If the vendor recommends "Not updating if stability isn't a problem, then don't do it"

2. Next, let's talk about things that may communicate over the local network or within a short proximity, such as Bluetooth, airdrop, etc.

If you're not using them, turn them off.
Airdrop is especially troublesome because often I'll be at an airport and see dozens of individuals who have airdrop enabled. I recommend setting it to 'Contacts only' unless you're intending to pass a file to someone close to you.
3. Next, let's talk passwords. This one is extremely troublesome for a good portion of the population anywhere. Often we see people that include names of people they're close to, with a couple numbers of interest.
The number could be their birth year, the year they graduated high school/college, or an event of significance in their life.

Regardless of what it is, these passwords should be complex enough for an automated brute force-like password attack or dictionary attack.
Dictionary attacks leverage a text file of common dictionary words to run the attack. It is typically quicker if the password isn't expected to contain combinations of numbers and special characters. It can be quicker only for the lowest hanging fruit.
Brute force simply runs a number of permutations per second until it finds the password of interest. While it's slower, it eventually breaks a password if it's too short or simplistic.
Due to the concept of Moore's law, we have technology now that can run brute force attacks much quicker, although to be honest there are easier ways to retrieve passwords. More on that later.

The next issue people tend to have is using the same password for most accounts.
BIG mistake. Here's why:

IF an APT (Advanced Persistent threat) is ran on a large company, such as things we've seen in the last five years, they may be able to retrieve the email AND password of that account.
Since many people use identical passwords across the board, this can cause a domino effect across the board.

If they know your email and a common password you use, they can start trying it across the board, going to common sites where folks do business at.
Whether that be Amazon, Gmail, Ebay, etc, it doesn't matter.

By taking advantage of this opening, they could gather even more info on you, whether that be addresses, birth dates, or even connections to other accounts with significant PII (Personally Identifiable Information).
So how do you manage remembering different passwords for different accounts?

Simple. Use a password manager.
Here's how it works: You create a database of passwords, label what site they're for, URLs for the site of interest, email it's linked to, and other additional details in a notes section (For additional details we'll cover later).
You can also specify expiration times for the password. While simple accounts that don't contain much sensitive information won't need their passwords changed often, it'd be prudent to change passwords of finance-related services at least a few times a year.
Same goes with cloud storage, email, etc.

There are two good options: Keepass and Bitwarden.

Bitwarden is cloud-based, Keepass is not. I personally prefer Keepass as the cloud is a risky place for anything, regardless of how 'secure' they claim they are.
To each their own. Keepass is only available on Windows, but KeepassXC is well maintained for other platforms.

So here's the recommendation: Generate a 20-character password, including special characters and numbers.
Some sites don't like certain special characters allowed in the password, so take note of which ones they allow when creating a password.

Update accounts with sensitive info every six months MINIMUM.

More from Internet

Andy Pavlo
Andy Pavlo
@andy_pavlo
If you're interested in DB internals, stop what you're doing and watch @CMUDB Quarantine Talk from Nico+Cesar about @SQLServer's Cascades query optimizer: https://t.co/FCdsbHHEaD

Many talks this semester were good. This one is the best. My thread provides key takeaways

[6:50] Microsoft hired Goetz Graffe in the 1990s to help them rewrite original Sybase optimizer into Cascades. This framework is now used across all MSFT DB products (@SQLServer, @cosmosdb, @Azure_Synapse).

[14:43] The optimizer checks whether it has stats it will need before cost-based search. If not, it blocks planning until the DBMS generates them. This is different than other approaches we saw this semester where DBMS says "we'll do it live!" with whatever stats are available.

[21:05] Their Cascades' search starts small/simple and then they make decision on the fly whether to expand search based on the expected query runtime and performance benefit from more search.

[26:33] They explicitly have a property for Halloween Problem. Operators specify whether they protect from it and then optimizer ensures property is satisfied. This is mindblowing. I have never thought about using the optimizer for this but it makes sense.
INTERNET
THE HELLYWOOD REPORTER \U0001f1fa\U0001f1f8\U0001f1fa\U0001f1f8\U0001f1fa\U0001f1f8\U0001f1fa\U0001f1f8\U0001f1fa\U0001f1f8
THE HELLYWOOD REPORTER...
@mikewolfpack100
Question: HOW Many Accounts Does Twitter Follow???

Answer: Only 9

WHO Are They Following???
INTERNET
Advertisement
Cory Doctorow #BLM
Cory Doctorow #BLM
@doctorow
There are lots of problems with ad-tech:

* being spied on all the time means that the people of the 21st century are less able to be their authentic selves;

* any data that is collected and retained will eventually breach, creating untold harms;

1/


* data-collection enables for discriminatory business practices ("digital redlining");

* the huge, tangled hairball of adtech companies siphons lots (maybe even most) of the money that should go creators and media orgs; and

2/

* anti-adblock demands browsers and devices that thwart their owners' wishes, a capability that can be exploited for even more nefarious purposes;

That's all terrible, but it's also IRONIC, since it appears that, in addition to everything else, ad-tech is a fraud, a bezzle.

3/

Bezzle was John Kenneth Galbraith's term for "the magic interval when a confidence trickster knows he has the money he has appropriated but the victim does not yet understand that he has lost it." That is, a rotten log that has yet to be turned over.

4/

Bezzles unwind slowly, then all at once. We've had some important peeks under ad-tech's rotten log, and they're increasing in both intensity and velocity. If you follow @Chronotope, you've had a front-row seat to the
INTERNET
Logan | Landing Pages \U0001f4da
Logan | Landing Pages ...
@LoftedLearning
7 Tactics To Increase Engagement on Your Threads

// THREAD //

People are constantly seeing the same stuff over and over again on their timeline.

This is why you need to learn how to stand out.

When they’re scrolling you need to grab their attention and reel them into something they want to read.

If you think about it, your job is just to get them to click your tweet. Once that’s done, they’ll be reading your other ones in no time.

In order to get them to click you need to show one of these 7 things:
> authority
> experience
> value
> lesson
> mystery
> opinion
> numbers

The easiest way to write headlines based off of these things is to write out your audience’s objections.

Then, indirectly counter their objection within your headline (sounds cool right?).

An old copywriting trick 😉

1. Authority

“Why should I read your thread? What have you done that makes me trust you”

Headline:
“$97,840 in Profit This Month Using This 5-Step Plan to Make Landing Pages”

Authority shows people you know what you’re doing by telling them a true stat/claim.
INTERNET , TWITTER
Giovanni Pagano
Giovanni Pagano
@giovanni_pag
What are the implications of using hacked data for research?

A short thread inspired by the fact that, before AWs took it down, #Parler was extensively hacked and user data was leaked.

The #Parler dataset seems crazy interesting for doing research, and my first reaction after the breach was to shre it with other #CompSocSci ppl.

However, I started having second thoughts, so what follows is to organize ideas and have it somewhere I can look back to.

2/n

Generally speaking, as far as the ethics of research goes a good advice would be to handle hacked data with caution.

First of all, there's an issue of quality. Data might be altered or incomplete, and the source cannot be considered accountable (assuming src is anonymous).

3/n

Secondly and more importantly, a researcher using the data would probably be violating users’ consent and acting against the data collector's will.

Finally, users’ privacy is at stake, since researchers could see material that users didn’t agree for other people to see.

4/n

Sharing private information without consent might put people at risk of harm.

This is all the more true in cases such as the #ParlerHack, where the leaked information is of particularly sensitive nature, and there’s a high risk of unintended consequences.

5/n
INTERNET

You May Also Like

Antonio Garc\xeda Mart\xednez
Antonio García Martíne...
@antoniogm
Ok, I'll hop on this Elizabeth Warren/Native American testing bandwagon (gently and non-politically).

I've been a @23andMe customer for a while, and have followed their ancestry updates closely.

All is more or less as expected....except for this bit about Native American.


The family is almost completely composed of Spanish peasants (from various regions) who emigrated, along with a massive wave in the late 19th-cent./early 20th-cent., to Cuba back when it was a booming economy (richer than Spain's) and worth emigrating to (Communism killed that).

Also, the native population of Cuba was annihilated early on---was the first place the Spanish colonized after all. Having a native background in Cuba would be like having the same in, say, Massachusetts, particularly if you're (say) mostly Irish. Just really, really unlikely.

(Note: the North African/Arab background is less mysterious. The Iberian peninsula was part of the Muslim world for centuries. It would be odd *not* to have some Arab/Middle Eastern background coming from Spain. Given the family is mostly from Northern Spain, it's small though.)

I have a Spanish passport, have been back to the ancestral villages in Spain, seen the church where my grandmother was baptized, my grandfather told me stories about growing up as the child of Spanish colonists in rural Cuba. The native bit just clashes with all the family lore.
ALL
Cole Escola
Cole Escola
@ColeEscola
If you know me, you know I don't like broadcasting details about my personal life on this website, but I have been getting asked why I'm not doing Christmas this year so I just wanna put this whole mess to bed. First of all, I don't agree with gay marriage... (1 of 4,625)

... full of dog food and she said, "I'm pretending this is ice cream! Treat me like a baby!" and proceeded to hump her own arm and I thought, "something tells me this isn't the real Norah Jones"... (117 of 4,625)

...cost me $7,000. I had to put it on two separate credit cards! It wasn't 'til I got to my car that I realized "that's way too expensive for one onion." But I didn't have time. Amanda Seyfried was begging to change my diaper... (1,001 of 4,625)

...another Christmas miracle. Mistletoe, stockings, sleigh bells, snow! All these things I have put up my ass. The taste of coffee... (2,974 of 4,625)

...I felt a *very* cold finger on my cheek and I turned around and I said, "Grandma?" and she goes, "Surprise, I'm alive and I work at Sears!" I said, "okay"... (3,047 of 4,625)
SOCIETY
Advertisement
Will Buxton
Will Buxton
@wbuxtonofficial
The Haas / Force India argument is fascinating, and the decision of the stewards may still have consequences. The first key finding is that the stewards ruled Racing Point Force India to be a valid constructor. That means that it builds its own cars.

Haas had argued that the cars had been designed by Force India, but as Haas knows only too well, "outsourcing" is legal. The stewards decided that "there is no regulatory support for the argument that Outsourcing of Listed Parts cannot come from a former or excluded team."

In determining this, the stewards also came to the following conclusion: "In relation to the submission by the Racing Point Force India F1 Team that it is not a new team, the Stewards decide that the Racing Point Force India F1 Team is indeed a new team."

This will have a big knock on effect for Haas in its continued arguments over the rights of RPFI as relates to its eligibility and rights under the complex payments structure. Haas has argued all along that RPFI should be treated as a new team and tread the same path that it did.

TLDR? Haas lost the fight but may have won the war. In having its argument that Racing Point hadn't designed their own car thrown out, they gained clarification that RPFI was a new team.
SPORT
Vibhu Vashisth
Vibhu Vashisth
@VIBHU_Tweet
RANI NAIKI DEVI AND THE BATTLE OF KASAHRADA

Mohammad Ghori, the young Ghurid Prince conquered Ghaznavids in Afghanistan in the year 1173 CE. He conducted some successful raids into the Indian territory, which even Mahmud Ghazni & the Persians couldn't do.


First&foremost,Ghori invaded states of Multan &Uch in India.After this he turned to southern states of Gujarat &Rajputana.Everybody knows this about Ghori,but what most pple r unaware of is the defeat he suffered at hands of Chalukyan Queen Naiki Devi in 1178 Battle of Kasahrada.


When he marched southwards, his first target was the prosperous fortified town of Anhilwara Patan.
It was the capital of Chalukyas(also known as Solankis of Gujarat) which was established by Vanraj of Chapotkata Dynasty in 8th century.


American historian Tertius Chandler states that it was the 10th largest city in the world at that time. The history of Chalukyas has been written by many historians, but the valour of the Great Queen Naiki Devi remains unsung.


Born to the Kadamba King Paramardin of Goa,Naiki Devi was well trained in sword fighting, horse riding, strategy & every other subject of Statesmanship. She was married to King Ajaypala of Gujarat who sat on throne in 1171CE. Unfortunately,the King died within 4 yrs of his rule.
ALL
Sumit Grrg
Sumit Grrg
@sumitgrrg
These 10 threads will teach you more than reading 100 books

Five billionaires share their top lessons on startups, life and entrepreneurship (1/10)


10 competitive advantages that will trump talent (2/10)


Some harsh truths you probably don’t want to hear (3/10)


10 significant lies you’re told about the world (4/10)
ALL , MOTIVATION , BOOKS