I spend my time reading 3-6 books a month on security, technology, and society—and thinking about what might be coming next. Every Monday I send out a list of the best content I’ve found in the last week to around 40,000 people. It’ll save you tons of time.
STANDARD EDITION | EP. 255 | November 16, 2020
An Agile Primer More
Organizing Feedly by Tags More
Joe Rogan vs. Alex Jones More
Solid is an idea and company started by Tim Berners-Lee, the inventor of the world wide web. The idea is that you put all your data into a Solid Pod, and then you give granular access to that data to others. So rather than your data being owned and controlled by various corporations, you'd have it all yourself and you'd just give access to groups that provide you functionality. More
Jackson, Mississippi is running a pilot program allowing police to access the live feeds from citizens' Ring security cameras. More
California's Senator, Diane Feinstein, who was also Chair of the Senate Intelligence Committee, had a Chinese spy working for her for 20 years. He was evidently mostly a driver and a gofer, but he did serve as the liaison to the Chinese Consulate as well. The FBI concluded that nothing serious was leaked, but, seriously? More
Trump has banned Americans from investing in 31 different Chinese companies due to their ties to the Chinese military. More
There's now a black market for fake COVID test results. Because of course there is. More
Microsoft is saying you should use app-based MFA, and not SMS. This is the debate that doesn't die. My opinion is that you should use app-based for your highest-risk accounts, such as email and anything financial, and that SMS is probably good enough for most others. And SMS is still far better than password alone. More
The US's latest tactic against Russian government APTs is trolling them via embarrassing cartoons. More
Samy Kamkar released new research called NAT Slipstreaming that allows one to bypass NAT for anyone visiting a website. Samy remains my favorite researcher, both personally and technically. More
Shadowmap did some great analysis on how a Chinese company called Zhenhua Data collects and organizes social media data on American targets. More My Essay on This
CISA says the recent US election was the most secure we've ever had. It's good to hear we've made such significant gains in election security since 2016, but it seems clear now that the bigger threat is the influence of populations, not manipulation of the election technology itself. More
The Chinese hacking competition, the Tianfu Cup, yielded vulnerabilities in Chrome, ESXi, Windows, and many other platforms. More
Israeli agents assassinated Al Quaeda's #2 guy along with his daughter via shooting from a motorcycle on the streets of Iran. More
Google has released some updates to Chrome. More
Cisco has released updates for its IOS XR software for ASR 9000 series routers. More
There's a new attack against the DNS, specifically around cache poisoning, called SAD. More More
WordPress has patched 10 security bugs as part of their recent 5.5.2 release. More
Luxotica has announced a data breach affecting 820K EyeMed and LensCrafter patients. More
Capcom disclosed a breach this week using Ragnar Locker ransomware. The attackers claimed to have stolen more than a terabyte worth of files. More
28 million Texas drivers have had their data stolen. It was leaked by an insurance software company called Vertafore, which left the data in an unsecured location. More
Menlo security just raised a $100 million Series E to defeat phishing by only showing representations of content, not the actual thing. More
Eagle Eye is bringing video surveillance to the cloud, and just raised a $40 million Series E. More
Zoom is lifting its 40-minute limit on free meetings for Thanksgiving. More
Amazon is expanding its garage door delivery service to over 4,000 cities. It allows the Amazon driver to open your garage door and put your stuff inside, instead of leaving it on your doorstep. More
Amazon is releasing something called Care Hub, which allows people to care for their aging family members. It allows you to link accounts with elderly family members so you can see things like commands issued, lights turned on, etc. The elderly family member can also say, "Alexa call for help", and it will contact the connected family member. More
Facebook has copied Snap's vanishing message feature on Messenger and Instragram. More
Zoom's stock took a massive hit last week when news was announced that we are getting closer to a COVID vaccine. More
AWS just launched a new service called Glue Databrew, which cleans and normalizes data—supposedly up to 80% faster. More
Databricks has launched SQL Analytics. More
McDonald's is doubling down on automation tech, including automation to take and parse orders, as well as a focus on drive-thru. Again, COVID didn't start this trend, but it accelerated it. More
Scientists successfully injected an in-utero monkey with the gene that made human brains larger, which made the brain grow and become more human-like. They didn't let the monkey be delivered though, because they said that would have crossed an ethical line. More
Unemployment claims in the US fell to the lowest level since March, at 709,000. More
The US divorce rate has hit a 50-year low. More
One good sign in the American jobs market is that churn is increasing, meaning there are more people leaving their jobs voluntarily. Over 3 million did so in August, and layoffs declined and openings increased. More
MakAir is an open-source ventilator, and it's now being used to treat human patients. More
The New York Times has hit 7 million digital subscribers and is now making more from online than print. More
US visas for Chinese students are down 99%. More
A very unscientific poll on Hacker News asked, "Are you depressed?", and the results were 53% yes. Again, who knows if that was gamed or how clean it was, but if that's anywhere near accurate that's troubling. More Discussion
78% of Americans say there is more crime in the US in the last year, but far fewer say there is more crime in their area. More
A fascinating video clip of Neil Postman talking about Cyberspace in 1995. His book, Amusing Ourselves to Death, is one of my favorite books of all time. More
Disney+ now has 73 million subscribers. More
I just finished:
The Uprising, which is the UL Book Club book of the month
We, which is the dystopian precursor to 1984 and Brave New World
Currently reading:
Prestige, a book about hiring at elite institutions
CrowdSec — A modern, crowdsourced replacement for Fail2Ban written in Go. More
Drumbit — an online drum machine. More
Cartography — An asset management tool that does visualizations via Neo4j. More
Linux Command One-liners More
A visualization of American trust in TV news media. More
A CISO Mindmap — What do security professionals really do? More
Making money in bounty is all about being unique, whether that's through new bugs, speed, or finding special targets. More
There's a Twitter hashtag for hacking with automation. #hackwithautomation
A Twitter thread on how bad Google is at UX. Highly entertaining. And true. More
DNSX — A new DNS tool from ProjectDiscovery.io that allows you to perform a high volume of DNS queries using multiple resolvers. More
The Surrender of Culture to Technology (Video) More
"It is difficult to get a man to understand something when his salary depends upon his not understanding it."
~ Upton Sinclair