Deleted tweet detection is currently running at reduced
capacity due to changes to the Twitter API. Some tweets that have been
deleted by the tweet author may not be labeled as deleted in the PolitiTweet
interface.
Showing page 109 of 151.
Joanna Rutkowska @rootkovska
@letoams "inofsec is fine" means ppl there not vulnerable to social predators. — PolitiTweet.org
Joanna Rutkowska @rootkovska
OTOH needing to be a "tough target" often doesn't make one feel so good. Which is why I don't recommend infosec job. https://t.co/IoCplCLVQX — PolitiTweet.org
Joanna Rutkowska @rootkovska
FWIW, Jake tried his manipulative/harassing exploits on me too. I shrugged them. As an infosec veteran, I might be a bit tougher target ;)
Joanna Rutkowska @rootkovska
FWIW, Jake tried his manipulative/harassing exploits on me too. I shrugged them. As an infosec veteran, I might be a bit tougher target ;) — PolitiTweet.org
Joanna Rutkowska @rootkovska
@_piks3l A group of intellectuals connected by common goal(s), rather than social bonds. Does that sound like an army, really? — PolitiTweet.org
Joanna Rutkowska @rootkovska
@whvholst Privacy communities, such as Tor, could learn a lot from the infosec (offensive researchers) in this respect, I think. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@whvholst Agree. But think more effort should be on making the privacy community less vulnerable to social predators. Infosec OTOH is fine. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@revskills There is no privacy without security first. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@UID_ Ego is good for security, actually. — PolitiTweet.org
Joanna Rutkowska @rootkovska
This should not be interpreted as a defense for Jake. But it's disturbing to watch how this affair erodes the Tor community. — PolitiTweet.org
Joanna Rutkowska @rootkovska
People often forget the main goal for a security project should be to resist attacks, rather than... having fun together when making it. — PolitiTweet.org
Joanna Rutkowska @rootkovska
I think it's wrong when the primary bond for a *security* project' community is social ties, rather meritocracy... https://t.co/byo4bz1WRt — PolitiTweet.org
Marie Gutbub @shiromarieke
Today I am quitting @torproject I published my letter to tor-internal here: https://t.co/ekOJ678HTK
Joanna Rutkowska @rootkovska
@rollingincache @veorq link to the paper? — PolitiTweet.org
Joanna Rutkowska @rootkovska
@veorq @rollingincache I'm also at the mercy of the public docs and the book. I believe @IgorSkochinsky has done most recent reversing? — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @dakami: @pwnallthethings @SwiftOnSecurity no, this isn't nihilism. This is accepting @rootkovska is right about Qubes. Fuck false dich… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @ageis: @rootkovska I love to point out that apt on Ubuntu still trusts a 1024-bit DSA key from 2004 https://t.co/JpQCdoW4yQ — PolitiTweet.org
Joanna Rutkowska @rootkovska
@Voulnet Without reliable ways to verify integrity, everything is backdoored on a global scale, no user interaction :P — PolitiTweet.org
Joanna Rutkowska @rootkovska
@Voulnet This is where I disagree. @thegrugq @botherder — PolitiTweet.org
Joanna Rutkowska @rootkovska
@Voulnet @thegrugq @botherder Backdoored [your fav distro] image which verifies ok, is also "no user interaction"(TM) experience. Reliable. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@Voulnet The art of (anti)exploitation has advanced disproportionately compared to other areas, making it moot, often. @thegrugq @botherder — PolitiTweet.org
Joanna Rutkowska @rootkovska
@brian_reiter Yes. Sadly work still not done yet. — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @Voulnet: @rootkovska @thegrugq @botherder Actually it does. Without them exploits would be too trivial. Drive by like its 1999. — PolitiTweet.org
Joanna Rutkowska @rootkovska
2) Who wrote your firmware and why you have no idea who IS your actual ROOT of trust? — PolitiTweet.org
Joanna Rutkowska @rootkovska
Another things to consider: 1) how has access to the code signing keys for your fav distro: Fedora/Debian/Ubuntu/etc? — PolitiTweet.org
Joanna Rutkowska @rootkovska
A sensible point on how "ASLR RIP & ROP" has little to do with "Real world security" for most users/usecases: https://t.co/sH2JZTa6x4 — PolitiTweet.org
thaddeus t. grugq @thegrugq
This summary by @botherder of how nation states hack dissidents and NGOs. Read it. https://t.co/jDq0LVyfZJ
Joanna Rutkowska @rootkovska
RT @kennwhite: @CopperheadOS @rootkovska I do hope more developers take advantage of SEP for app-level crypto, as is done in Signal https:/… — PolitiTweet.org
Joanna Rutkowska @rootkovska
@stribika @cynicalsecurity But XSA 148 & 182 were fatal inded and so we're going to ditch PV in Qubes 4. See https://t.co/9HGFbvamXa — PolitiTweet.org
Joanna Rutkowska @rootkovska
@stribika @cynicalsecurity FWIW, Qubes is immune to most critical bugs affecting Xen. E.g. bugs in floppy or any I/O emulation we shrug off. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@cynicalsecurity For that we have DispVMs. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@kennwhite Sure. But all these measures are independent from SEP right? Also, consider the app might be intentionally backdoored (bugdoored) — PolitiTweet.org
Joanna Rutkowska @rootkovska
@cynicalsecurity One can have different VMs for hosting PDF viewers depending on their purpose. E.g. personal, work, accounting, etc. — PolitiTweet.org
