KSG is building a diverse team interested in solving hard security problems for important organizations. We are looking for everybody from new grads to ex-CISOs, and can offer flexible locations, the opportunity for growth and huge impact.
A great overview of the various ways US law enforcement can get data from tech companies, from former federal agent, my former colleague, my current friend and CISO of whatever Yahoo is called these days: Sean Zadig. https://t.co/oS50gVUTwo
After seeing a lot of incorrect chatter on Ye Olde Bird Site about legal process and tech companies in the wake of the Schiff / McGahn news, I wanted to correct a few misassumptions. Let’s go on a journey into the exciting world of the Electronic Communications Privacy Act! (1/X)
This is also something we dug into this last year, documenting Rally Forge presence on Twitter and Instagram as well. While we focused on their later campaigns, their earlier political activity and left/right sockpuppeting was readily apparent. 1/ https://t.co/47NpMePWP3
NEW: Days before the 2018 midterms, a mysterious group ran Facebook ads for Green Party candidates in swing districts.
A 2020 FEC investigation failed to uncover the true source of the ads.
I can reveal it was a firm with close ties to Turning Point USA
The bill really needs some kind of floor on "compete" or "enhance" that does catch the M&A we want, but since they are specifically targeting the Instagram deal that most commentators saw as insane, it's hard to define such a standard. https://t.co/2uiXjV2INh
Apple friends: FB9162327
A suggestion: have a belt-and-suspenders model with a UX element and a "circuit breaker" in Safari that relies upon a special DNS keep-alive request every 5 seconds or so. Queue up requests if it fails. Show UX changes on some number of changes.
California gets 13% of a lot of those deals (leading to a record surplus) so I expect the California delegation might have ideas for something more targeted.
Here's the Zoom E2E system that I guess some consider too good an "enhancement" to ship:
There are tons of small acquisitions of companies with specific skillsets or features that can't get the impact they want, and large companies that want to improve existing products. This would decimate a key way talent and capital flow up and down the stack.
This is a good rundown of the new tech regulation bills by @CaseyNewton. There are some good ideas here, but I think the anti-acquisition law is too broad. For ex: could have blocked Zoom's acquisition of Keybase, which brought E2EE and other security enhancements to millions. https://t.co/ovpD8QMQDX
I spent the day reading the five big bills Democrats are planning to introduce to regulate Big Tech, and looked at them through the lens of which problems Congress wants to solve.
There are some good ideas here!
I disabled and re-enabled, and I was explicitly told that my traffic was protected, but here is my DNS request to visit https://t.co/2ibP8fTlVZ from Safari "Private Browsing Mode".
Time to fill out a bug that'll never get a reply. https://t.co/X2vWmMajP4
Whoa. Been capturing dumps of Apple’s new Private Relay to seed a student project and all the sudden it just stopped working.
No GUI indicating failure in Safari or settings, but DNS now going to local resolver and requests going out plaintext from my IP. Bad UX. Be careful! https://t.co/qJK4vyAWaA
I was looking for records of my grandfather's service at D-Day and fell into this rabbit hole: the National Archives has digitized thousands of pages of ship's logs.
Here, for example, is the USS Hornet's log the day she recovered Apollo 11.
This seems rather overblown in both privacy benefit and metric impact, since Outlook already blocks pixels by default (and many corporate gateways completely strip them) and GMail has an option to do so.
Do more people use Apple Mail than Outlook? https://t.co/2RHCSCHQLQ