@luis_in_brief I donโt have any specific suggestions per se. I've written other things on this same subject and enjoyed reading your thoughts/perspective.
The first 100 people to star this toot shall have their Mastodon handle forever enshrined on this page https://shellsharks.com/starsharks. A can't miss opportunity to be sure.
*Remember to star first before boosting to ensure you reserve your spot! ๐
@ittavern Honestly there's no other motive lol. The idea popped up in my head last night and just decided to do it. But if you've bopped around my site enough (which I wouldn't fault you or anyone else for not having done this) you'd know that I do all sorts of silly things for no other reason than to add whimsy or experiment.
That said, this experiment has yielded a few things for me...
I've discovered some new cool accounts, including those that are infosec-related but not on infosec-primary instances.
I've also discovered a lot of new instances that I had never heard of. I always like finding these since they open up new areas of the Fediverse for me.
I've had some conversations with people I wouldnt have had otherwise. This platform is all about socializing afterall =).
Also there's boredom and me procrastinating on other stuff hah!
A quick-look at a not-so-talked-about type of security assessment, the "Secure Configuration Reviewโ. Here I introduce a quick methodology for conducting this sort of review and provide examples of configs/settings you might typically evaluate during the assessment. Consider using this assessment type in the context of triaging OWASP Top 10 "Security Misconfiguration" or CWE-16-type flaws.
In 2019 I started my blog but knew nothing of the #IndieWeb or #SmallWeb. Thanks in large part to the awesome #Mastodon community I was introduced to these concepts and have been diving in ever since, adding IndieWeb capabilities to my site and exploring the Indie World in its entirety. To help introduce others to the IndieWeb as well as catalog useful/interesting things I encounter I decided to write a post about it.
They've had some incredible stories and scoops over the last couple months. I see all the headlines come through Mastodon or RSS and I say "wow that's crazyโ, or โdang, I never knew thatโ, but that doesn't always translate into me fully reading the post. Maybe I don't have time to read it, maybe I mean to but then forget, in other cases I think the story is interesting but doesn't necessarily impact me specifically. But these stories are meant to be read, they need to be read, maybe not by me all the time, but by someoneโฆ in reality, A LOT of someones if you ask me. Everything they call out in terms of rampaging AI theft, social network decay, traditional journalism in freefall, etc... is no joke. I'm seeing it happen each day and it is in fact quite troubling.
I'll admit, I've always relied on the free-ness of stuff on the web and as a result have been somewhat reluctant to choose creators/publications to support. But given the state of the web, HELL, the state of the world, I really can't justify that any more. I want to see more of what 404 produces, and to help ensure that, I plan to support that end. I've also been working on a list of other causes, publications, etc... to support as this I feel is an ever precarious point in time. (If you have any suggestions I would be interested in hearing what you believe could use the support - comment or DM me).
So what's my point? I suppose it's support what you like, what's impactful, what's important to not just you but to everyone, otherwise it may vanish. The world has changed and I need to as well.
#followfriday once again. Here are some awesome #infosec / #cybersecurity accounts I've discovered in the past week. As usual, the Local feed at infosec.exchange pops off!
At least Microsoft and HP are getting hacked by a cool-sounding threat actor like "Midnight Blizzard" and not something lame like "Cinnamon Sleet", which sounds more like a seasonal Starbucks beverage.
I've talked about my dislike for #Medium in the past but after listening to the latest episode of @mike 's Dot Social podcast (https://flipboard.social/@mike/111772770875141589) featuring @coachtony (CEO of Medium) I have a much different perspective on what Medium provides to both creators and those of us who still want to find something good and meaningful on the web. This comes at a time where companies like Google and Microsoft are destroying search at a furious speed. I still would like to see people embrace the #indieweb and not rely on centralized places for hosting their content but what Medium provides as a service to A. get people actually writing and B. Surface interesting things through human curation is imo really great.
So anyways, Iโm going to go check out some stuff on Medium and I suggest everyone go subscribe to the Dot Social podcast as each episode has really been fantastic so far.
May be cold in NoVA today but #followfriday remains hot! Hereโs some great new #infosec accounts I've discovered, followed and have been enjoying recently.