Olivia
Online
April C Wright
@aprilwright
The Infosec Diplomat, Absurdist Polymath. AI philosopher. Reality-Auditor. Hacker, Author @oreilly. Privacy, ethics, chaotic good
@[email protected]
Joined July 2008
4.7K Following
18.4K Followers
21.5K Posts
Pinned Tweet
Data leeks are a major problem in #infosec
Hey, Max, look how cute my human is!
Risk from defunding #cybersecurity advice agencies (I’m not talking about the surveillance ones) is a threat to nearly everyone on the planet because global security #supplychain is volatile, at best
@NCSC @ACSC @ASDGovAu @cybercentre_ca @ownyouronline @ncsc_nz @CISACyber #finalcyberstand
Who to follow
Snow
@_sn0ww
Your friendly neighborhood Con-Artist | @sec_defcon Co-Founder | 3x Black Badge | Trainer/Keynote |💍@jc_socal | She/her 🏳️🌈
🇺🇦 Joe Gray aka JOSINT 🇺🇦
@C_3PJoe
Abandoned account.
BlueSky: C_3PJoe & Mastodon: JOSINT.
Threat Intel; 5x Black Badge; Views: my own; https://t.co/eGtH4P4tzV
Grifter
@Grifter801
Threat Hunting & DFIR, Hacker, Geek, DEF CON & Black Hat CFP Review Board Member, DEF CON Contest/Events/Demo Labs Dept. Head, Black Hat Staff, DC801 Founder
@UK_Daniel_Card @cyber_scrutiny Maybe @CISA is attempting to produce some esoteric advice before they maybe get defunded…?
While I dread that, I am here for the “Fuck it” energy
@imecge @ProtonMail Oh no… A small correction that got lost in the edits:
You want to send the pastebin/link and the email via separate via TWO diff platforms
And I don’t mean one via insta and one via facebook because (both Meta)
Do NOT send them both via email. Nor both via telegram, eg.
You can use one of these services to share a secret separate from an encrypted string with someone
How it works (either order)
Send encrypted message via email or whatev
Send the secret via a pastebin-like link
The encrypted text and secret aren’t connected, unless you or your recipient’s end nodes is compromised
https://t.co/LeSMUx2No4
https://t.co/yqYj9Dt5Mg
https://t.co/FhrwFg08ft
If you will be sharing secrets regularly with this entity, use a password manager. They can basically all do this now.
Pro tips (for the truly paranoid):
Send the message and pastebin-like link with the secret more than a few minutes apart. This helps potentially limit correlation via an ISP compromise or similar (AI could otherwise easily think “this person send a link and an encrypted string immediately after, so they’re probably related!”)
Use different VPNs / separate no-log VPN IPs to send both messages
What NOT to do:
Do not send a photo of the written secret (AI can read handwriting)
Do not allow the pastebin link to be accessed by an end user more than once
This tip for sending messages securely, I caveat, is for some of the truly, most paranoid people… Spy shit.
This sounds like the same trope we all know (nothing is safe), but here’s the “intel agency real pro tip”:
The reason steganography has been so popular for hundreds of years is that “hiding in plain sight” is sometimes better than looking like an outlier to an algorithm or to a human.
I pose a paranoid challenge: Who do you think the police or AI are going to investigate harder from CCTV: 1) the person with the anti-surveillance mask, a hat with an LED, and anti-night vision reflective clothing? Or 2) the soccer mom with a stroller (which is actually full of ordinance and messages)?
Not everything needs to be AES-900000 encrypted. Consider the dreidel and other low tech devices for communication and sharing secrets and ideas
This likely does not apply to you or anyone you know today, but it’s worth noting for the record: Outliers get attention
And I looove me some @ProtonPrivacy - I know exactly what encryption means for individuals and society. I believe in you! #Privacy is like, my whole thing. I’m just sayin’. “Spy shit” exists because nothing is infallible
When you can’t trust *gestures vaguely at the entire world* anymore, we do what we have to do to communicate
You can use one of these services to share a secret separate from an encrypted string with someone
How it works (either order)
Send encrypted message via email or whatev
Send the secret via a pastebin-like link
The encrypted text and secret aren’t connected, unless you or your recipient’s end nodes is compromised
https://t.co/LeSMUx2No4
https://t.co/yqYj9Dt5Mg
https://t.co/FhrwFg08ft
If you will be sharing secrets regularly with this entity, use a password manager. They can basically all do this now.
Pro tips (for the truly paranoid):
Send the message and pastebin-like link with the secret more than a few minutes apart. This helps potentially limit correlation via an ISP compromise or similar (AI could otherwise easily think “this person send a link and an encrypted string immediately after, so they’re probably related!”)
Use different VPNs / separate no-log VPN IPs to send both messages
What NOT to do:
Do not send a photo of the written secret (AI can read handwriting)
Do not allow the pastebin link to be accessed by an end user more than once
This tip for sending messages securely, I caveat, is for some of the truly, most paranoid people… Spy shit.
This sounds like the same trope we all know (nothing is safe), but here’s the “intel agency real pro tip”:
The reason steganography has been so popular for hundreds of years is that “hiding in plain sight” is sometimes better than looking like an outlier to an algorithm or to a human.
I pose a paranoid challenge: Who do you think the police or AI are going to investigate harder from CCTV: 1) the person with the anti-surveillance mask, a hat with an LED, and anti-night vision reflective clothing? Or 2) the soccer mom with a stroller (which is actually full of ordinance and messages)?
Not everything needs to be AES-900000 encrypted. Consider the dreidel and other low tech devices for communication and sharing secrets and ideas
This likely does not apply to you or anyone you know today, but it’s worth noting for the record: Outliers get attention
And I looove me some @ProtonPrivacy - I know exactly what encryption means for individuals and society. I believe in you! #Privacy is like, my whole thing. I’m just sayin’. “Spy shit” exists because nothing is infallible
When you can’t trust *gestures vaguely at the entire world* anymore, we do what we have to do to communicate
I spend like 30% of most days trying to actually make AI hallucinate on purpose
Important and wonderful, but deeply weird work
Sometimes it’s fun:
It’s been 14 years and I STILL want to get off Mr Bones Wild Ride.
But the ride never ends, does it…
C’est la rollercoaster of life
On this day 14 years ago, an anonymous 4chan user posted a RollerCoaster Tycoon 2 thread showing a 30,696-foot coaster that took four in-game years to finish, complete with riders screaming “I want to get off Mr. Bones Wild Ride” and a looping exit where “the ride never ends.”
@SweetJMichael really tho, I’m happy to share any insights into AI prompt engineering
but I warn you: I can go tangential in like .02 seconds and there’s no turning back
@SweetJMichael LOL
it’s only Thursday but I wish you luck for your epic weekend plans 🫡
@infosec_fox It’s a phase called “I don’t have a cat with light colored fur, so I can wear dark colors without showing errant cat hair”
I wish this on nobody. Always have a cat nearby with any state of fur color. If you can’t ruin a nice, dark top via cat hair, what are we even doing here.
@ArtByAlida We can still blame the Pixar version of BnL’s DNS somehow
Anyone who says ADHD isn’t real is a liar
…3 hours
Enter a 1yo @LastWeekTonight about AI (10min remain)
During which, I published a blog better explaining AI slop, analyzed cannibalism on the WALL-E Axiom…
A 30 minute alleged “comedy” turned into hyperfocus / deep analysis, content generation for the greater good, and a dark understanding of earlier Pixar
https://t.co/mXtVVKtAfb
And finally, the original story which made me question whether @LastWeekTonight fully understands “slop” vs “art” vs “disinformation”. Or just simplified it for the audience into a fun four letter word.
https://t.co/gti4Y1HZe2
I’m just saying…. You can’t survive for 700 years in space without eating a few humans
https://t.co/TqOnqtUBpI
Today we continue our #eli5AI series by explaining AI "slop" vs "AI art"
What's the difference? Isn't all Ai output the same? In summary: No.
https://t.co/pwf38I4WEU
(ELi5ai= explain it like i am 5: AI)
Last Seen Users on Sotwe
John Mark Uncut
dona shemale hot invitation only vip
Seen from Indonesia
Mek Sarrah
Seen from Malaysia
D4NNYstaySìlent_
Seen from Malaysia
avboy.top
Seen from Vietnam
Sofia Mendez Official
Seen from Turkey
Ash Morgan
Seen from Switzerland
ClaireCutie
Seen from United Kingdom
sporokulu
Seen from Turkey
Full Nelson Fan
Seen from Italy
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers