Kernel and BIOS updates for the machine itself.
Information Security Framework, Pt I: the Basics:
Let's start with the simple things.
1. Keeping up-to-date on all things software-related on the machine should be paramount.
Not just operating system updates though.
Kernel and BIOS updates for the machine itself.
Keep in mind, some updates on the BIOS itself aren't always necessary.
2. Next, let's talk about things that may communicate over the local network or within a short proximity, such as Bluetooth, airdrop, etc.
If you're not using them, turn them off.
Regardless of what it is, these passwords should be complex enough for an automated brute force-like password attack or dictionary attack.
The next issue people tend to have is using the same password for most accounts.
IF an APT (Advanced Persistent threat) is ran on a large company, such as things we've seen in the last five years, they may be able to retrieve the email AND password of that account.
If they know your email and a common password you use, they can start trying it across the board, going to common sites where folks do business at.
By taking advantage of this opening, they could gather even more info on you, whether that be addresses, birth dates, or even connections to other accounts with significant PII (Personally Identifiable Information).
Simple. Use a password manager.
There are two good options: Keepass and Bitwarden.
Bitwarden is cloud-based, Keepass is not. I personally prefer Keepass as the cloud is a risky place for anything, regardless of how 'secure' they claim they are.
More from Internet
A thread of resources for aspiring & new Product Managers:
(should also be useful for Eng, Design, Data Science, Mktg, Ops folks who want to get better at PM work or want to build more empathy for your PM friends ☺️)
(oh, and pls also share *your* favorite resources below)
👇🏾
1/
Product Management - Start Here by @cagan
(hard to go wrong if you start with Marty Cagan’s
2/
Tips for Breaking into PM by @sriramk
(I’ve recommended this thread in my DMs more often than any other thread, by a pretty wide
3/
Top 100 Product Management Resources by @sachinrekhi
(well-categorized index so you can focus on whatever’s most useful right
4/
Brief interruption.
It’s important to understand your preferred learning style and go all in on that learning style (vs. struggling / procrastinating as you force a non-preferred learning
(should also be useful for Eng, Design, Data Science, Mktg, Ops folks who want to get better at PM work or want to build more empathy for your PM friends ☺️)
(oh, and pls also share *your* favorite resources below)
👇🏾
1/
Product Management - Start Here by @cagan
(hard to go wrong if you start with Marty Cagan’s
2/
Tips for Breaking into PM by @sriramk
(I’ve recommended this thread in my DMs more often than any other thread, by a pretty wide
Breaking into PMing - a \U0001f9f5 // A question folks from eng/design/other functions often have how to become a PM in a tech co.
— Sriram Krishnan (@sriramk) April 14, 2020
It can seem non-obvious and differs with each company but here are some patterns I've seen work. All the below assumes you have no PMing on your resume.
3/
Top 100 Product Management Resources by @sachinrekhi
(well-categorized index so you can focus on whatever’s most useful right
4/
Brief interruption.
It’s important to understand your preferred learning style and go all in on that learning style (vs. struggling / procrastinating as you force a non-preferred learning
There is no One Correct Way\u2122 to learn
— Shreyas Doshi (@shreyas) August 15, 2020
Don\u2019t feel pressured to read 70 books/year just becos Super-Successful Person X does that
Videos, Podcasts, Audiobooks, Discussions\u2014all are fine
What to do:
Understand your preferred learning style
Don't resist it, embrace it
Commit to it
There are lots of problems with ad-tech:
* being spied on all the time means that the people of the 21st century are less able to be their authentic selves;
* any data that is collected and retained will eventually breach, creating untold harms;
1/
* data-collection enables for discriminatory business practices ("digital redlining");
* the huge, tangled hairball of adtech companies siphons lots (maybe even most) of the money that should go creators and media orgs; and
2/
* anti-adblock demands browsers and devices that thwart their owners' wishes, a capability that can be exploited for even more nefarious purposes;
That's all terrible, but it's also IRONIC, since it appears that, in addition to everything else, ad-tech is a fraud, a bezzle.
3/
Bezzle was John Kenneth Galbraith's term for "the magic interval when a confidence trickster knows he has the money he has appropriated but the victim does not yet understand that he has lost it." That is, a rotten log that has yet to be turned over.
4/
Bezzles unwind slowly, then all at once. We've had some important peeks under ad-tech's rotten log, and they're increasing in both intensity and velocity. If you follow @Chronotope, you've had a front-row seat to the
* being spied on all the time means that the people of the 21st century are less able to be their authentic selves;
* any data that is collected and retained will eventually breach, creating untold harms;
1/
* data-collection enables for discriminatory business practices ("digital redlining");
* the huge, tangled hairball of adtech companies siphons lots (maybe even most) of the money that should go creators and media orgs; and
2/
* anti-adblock demands browsers and devices that thwart their owners' wishes, a capability that can be exploited for even more nefarious purposes;
That's all terrible, but it's also IRONIC, since it appears that, in addition to everything else, ad-tech is a fraud, a bezzle.
3/
Bezzle was John Kenneth Galbraith's term for "the magic interval when a confidence trickster knows he has the money he has appropriated but the victim does not yet understand that he has lost it." That is, a rotten log that has yet to be turned over.
4/
Bezzles unwind slowly, then all at once. We've had some important peeks under ad-tech's rotten log, and they're increasing in both intensity and velocity. If you follow @Chronotope, you've had a front-row seat to the
The numbers are all fking fake, the metrics are bullshit, the agencies responsible for enforcing good practices are knowing bullshiters enforcing and profiting off all the fake numbers and none of the models make sense at scale of actual human users. https://t.co/sfmdrxGBNJ pic.twitter.com/thvicDEL29
— Aram Zucker-Scharff (@Chronotope) December 26, 2018
1.
01/06/2021 Riot decode via Youtube/Twitch
Symbolism comms allow hiding messages in plain sight, classified data updates, or signals to coordinate crimes.
e.g. I decoded a song that implied Mi6 + CIA used the Radio to coordinate the removal of JFK.
01/06/2021 Riot decode via Youtube/Twitch
Symbolism comms allow hiding messages in plain sight, classified data updates, or signals to coordinate crimes.
e.g. I decoded a song that implied Mi6 + CIA used the Radio to coordinate the removal of JFK.
1.
— CodesUcq (@CodesUcq) March 28, 2020
I've gotten a lot of requests to decode the new 17/Q Minute Bob Dylan song about JFK's murder.
Ok.
So first up this isn't a new song except in that it's just been released. The question of why wasn't it released before is worth considering.
https://t.co/FZjO8Dm92l
You May Also Like
BREAKING: @CommonsCMS @DamianCollins just released previously sealed #Six4Three @Facebook documents:
Some random interesting tidbits:
1) Zuck approves shutting down platform API access for Twitter's when Vine is released #competition
2) Facebook engineered ways to access user's call history w/o alerting users:
Team considered access to call history considered 'high PR risk' but 'growth team will charge ahead'. @Facebook created upgrade path to access data w/o subjecting users to Android permissions dialogue.
3) The above also confirms @kashhill and other's suspicion that call history was used to improve PYMK (People You May Know) suggestions and newsfeed rankings.
4) Docs also shed more light into @dseetharaman's story on @Facebook monitoring users' @Onavo VPN activity to determine what competitors to mimic or acquire in 2013.
https://t.co/PwiRIL3v9x
Some random interesting tidbits:
1) Zuck approves shutting down platform API access for Twitter's when Vine is released #competition
2) Facebook engineered ways to access user's call history w/o alerting users:
Team considered access to call history considered 'high PR risk' but 'growth team will charge ahead'. @Facebook created upgrade path to access data w/o subjecting users to Android permissions dialogue.
3) The above also confirms @kashhill and other's suspicion that call history was used to improve PYMK (People You May Know) suggestions and newsfeed rankings.
4) Docs also shed more light into @dseetharaman's story on @Facebook monitoring users' @Onavo VPN activity to determine what competitors to mimic or acquire in 2013.
https://t.co/PwiRIL3v9x
