Joanna Rutkowska

Joanna Rutkowska @rootkovska

RT @FredericJacobs: Since people seem serious about migrating to Mastodon. You can follow me over there https://t.co/Q7epQjGlZ8 Hope it goe… — PolitiTweet.org

Joanna Rutkowska @rootkovska

FakeNews FakeCats FakeBook FakeFriends FakeWorld FakeLife Other than that, we should be fine! — PolitiTweet.org

Joanna Rutkowska @rootkovska

@rhymebyter Exactly. — PolitiTweet.org

Joanna Rutkowska @rootkovska

No, the future does not look scary. It looks pathetic :/ https://t.co/1qidqvoLTh — PolitiTweet.org

Joanna Rutkowska @rootkovska

FakeCats :( https://t.co/L7foHngAyI — PolitiTweet.org

Joanna Rutkowska @rootkovska

Oh, great, more women in Norway hunt animals than ever! Yay, equality! Hooray! #Sick https://t.co/ed9ougl0tW — PolitiTweet.org

Joanna Rutkowska @rootkovska

RT @hdevalence: Has "Reimplement it in Rust" gone too far? https://t.co/TuZQub8NMG — PolitiTweet.org

Joanna Rutkowska @rootkovska

RT @LouHaigh: In answer to my question yesterday, Minister appeared to confirm companies could be "required" to decrypt messages. Big impli… — PolitiTweet.org

Joanna Rutkowska @rootkovska

So for a device like a printer the "trusted" status should be "sticky". This would not be the case if the device was stateless, tho. — PolitiTweet.org

Joanna Rutkowska @rootkovska

What makes trusted printer TRUSTED, BTW, are ACLs (no WAN, limits who can talk with it) & assumption these ACLs won't be lifted in future. — PolitiTweet.org

Joanna Rutkowska @rootkovska

@Evil_X_ Heh ;) Unfortunately these are completely different printers (the "work printer" is hi-speed B&W jet, the… https://t.co/ELKz5Rwpsh — PolitiTweet.org

Joanna Rutkowska @rootkovska

E.g. of why user/admin roles should be separated. And it should be PITA to break this sep (surely more PITA then ge… https://t.co/kpgI0VTEdu — PolitiTweet.org

Joanna Rutkowska @rootkovska

TFW a trusted printer runs out of toner and you need to fight temptation to adjust ACLs & switch to another (full of toner, but untrusted).. — PolitiTweet.org

Joanna Rutkowska @rootkovska

RT @solardiz: CVE-2017-7184 Linux kernel privesc demo'ed by @ChaitinTech in #Pwn2Own is now public https://t.co/5YkyssotzF https://t.co/HPP… — PolitiTweet.org

Joanna Rutkowska @rootkovska

Nah, it's no more brutal to our status quo, than a good exploit is to a buggy software ;) https://t.co/m52blWAWKM — PolitiTweet.org

Joanna Rutkowska @rootkovska

For reference, the post from 2016 about this important topic: https://t.co/DCDMqXSpik — PolitiTweet.org

Joanna Rutkowska @rootkovska

As traditional attacks gets costly, the next target is: build-time compromise. We've been prepping for this for yrs… https://t.co/kfWCPTiV91 — PolitiTweet.org

Joanna Rutkowska @rootkovska

RT @mdowd: Jesus, what a bloodbath: https://t.co/OyN4SPHyt6 — PolitiTweet.org

Joanna Rutkowska @rootkovska

I double checked if the tweet was really from 2017. Also checked if it's not April 1st, just in case. #WTF? https://t.co/wzQzYv90A5 — PolitiTweet.org

Joanna Rutkowska @rootkovska

RT @veorq: reading https://t.co/8kLCq6FZq1 tonight, better use of my time than infosec dramas and gossiping — PolitiTweet.org

Joanna Rutkowska @rootkovska

2017: when crypto debate turns into discussing AirBNB sharing challenges, broken (walking) sticks, and conference reception gossips. — PolitiTweet.org

Joanna Rutkowska @rootkovska

When we introduced isolated net VMs in Qubes 7 (!) yrs ago, most folks were like: nah, nobody attacks networking st… https://t.co/8B0vlUCTnG — PolitiTweet.org

Joanna Rutkowska @rootkovska

RT @esizkur: Worth pointing out that the BCM4339 chip in question is attached to the cellphone's SoC using PCIe. Hopefully IOMMUs are in pl… — PolitiTweet.org

Joanna Rutkowska @rootkovska

@nixcraft Yeah, the point was to show how much Xen bugs affect Qubes OS on average. AKA: how often to panic when new XSA comes out ;) — PolitiTweet.org

Joanna Rutkowska @rootkovska

@nixcraft For Xen? — PolitiTweet.org

Joanna Rutkowska @rootkovska

@jeorgen (E.g. b/c of the removed qemu components from Dom0 or backends not running in Dom0 on Qubes.) — PolitiTweet.org

Joanna Rutkowska @rootkovska

@jeorgen Also, one of the reasons of this XSA tracker is to give ppl an impression on: "How often an XSA is critical for Qubes". — PolitiTweet.org

Joanna Rutkowska @rootkovska

@jeorgen No. That'd be tricky. E.g. many XSA are DoS on non-Qubes systems. How to count these? — PolitiTweet.org

Joanna Rutkowska @rootkovska

While arguably a decent result, some might point out such metrics are far from being meaningful evaluation of security. And I mostly agree. — PolitiTweet.org

Joanna Rutkowska @rootkovska

Of all the 200+ XSAs published in last 6 yrs, less than 10% affected Qubes OS somehow. https://t.co/iNrPjUNbiH — PolitiTweet.org