Steve Sims

I think it’s important to provide candid, even critical, feedback on topics of national security. But I don’t ever want to imply that the various govt agencies and the people at them are not genuinely amazing human beings trying really hard to do good in often hard situations

The greatest lie the Devil ever told is that you can simply automate your compliance.

mom: l was sent a jif. me: no mom, it’s gif. mom: but this person pronounced it jif. me: don’t trust people who pronounce gif as jif.

No the White House notice isn’t really actionable for cybersecurity professionals and yes many are already tired, but it’s still significant and cybersecurity personnel are not necessarily the core audience. I’m not sure they had many better options than to publish what they did.

You know you’re a nerd when you’re excited your team uses Slack so you can DM yourself all the links to things you want/need to read instead of keeping 7,000 tabs open which I will also likely do.

Two factor or bust. Also reset your passwords. I’m really hoping I don’t have to give the update your firmware advice still.