Rule 777: If you don’t make a system usable and secure, the user will make it usable and insecure. (Inspired/reworded from thread by war🦄 pwnie and @[email protected]) x.com/rotopenguin/st…

Why do smart companies & orgs make stupid mistakes? A thread:

Have you ever wondered what happens behind the scenes when you type your password into the Windows logon screen and hit enter? I'm waiting for a build to complete, so I'm gonna tell you.

The slides for my Arm Research Summit keynote “Hacker Nightmares — How to give Hackers a Headache with Exploit Mitigations” ... are uploaded and available here: azeria-labs.com/downloads/Keyn… Video will be uploaded to YouTube in the next couple of days. :)

Are you taking full advantage of Python 3? Are you sure? Here are 10 Python 3 features that will change the way you are writing code today. 🧵👇

Let’s build a high-performance fuzzer with GPUs! blog.trailofbits.com/2020/10/22/let…

We did it again: we hacked the Tesla Model X. In less than 2 minutes we can create our own key fob and drive away with your shiny car. All the building blocks are secure but there are quite some implementation weaknesses (not the first time this happens).

Cydia is finally taking Apple to court for anti-competitive behaviour. The Cydia store launched before Apple’s own App Store and after copying some of Cydia’s features, Apple has been trying hard to prevent it from existing ever since. washingtonpost.com/technology/202…

mRNA vaccine reverse-engineered: absolutely fascinating read berthub.eu/articles/posts…

📢 THE TIME HAS COME📢 Today I make public ALL *recordings* and updated slides (+ FAQ) for my mobile security class, MOBISEC 2020! Everything is available, for free, at: mobisec.reyammer.io/slides! Few words about this release in a short thread 👇

#LucaApp Sicherheitslücke (Video): Luca-Nutzer greift Gesundheitsamt mittels manipulierter Kontakdaten an und stiehlt Daten weiterer Nutzer. Volles Video - einschl. Fortführung des Angriffs bis zur Infektion des Gesundheitsamtes mit Ransomware - im nächsten Tweet verlinkt

I've spoken to 2,000+ companies over the last 12 months about their plans for remote work going forward Here are a few things I've learned [ a thread ] 💻🏠🌍

Ransomware costs more because it produces change instead of a PDF

11 Promises from a Manager: a 🧵 1. We’ll have a weekly 1:1. I’ll never cancel this meeting, but you can cancel it whenever you like. It’s your time.

We facepalmed a lot while researching the password policies of 120 websites, but this took the cake. Facebook tells users 20-char random pw's are weak, but "Passw0rd" is strong, because hackers could never guess that pw's might have uppercase or digits. passwordpolicies.cs.princeton.edu

This interview with former Google's Sr. Eng. Director (ex-Amazon) on How Google Hires Engineering Managers is a goldmine! Many insights in so many areas: 1:1s, Delegation, Growing People, Questions he asks & how he assesses EM candidates… Here are my 7️⃣ favorite learnings: 🧵

Steve Jobs famously said innovation is "saying no to 1000 things" before you say yes. For more than a decade, Apple has used Pablo Picasso's Bull to drive home the lesson. Here's a breakdown 🧵

The most important skill you’ve never been taught: Storytelling 10 dead-simple tips to make you a better storyteller:

15 years ago my PhD advisor taught me One Weird Trick for editing your own writing. Edit **back to front**, paragraph by paragraph. I still use it and it still surprises me how well it works. When I get my students to do it, it often blows their minds. Try it!