Don Jackson

Support my efforts to fund pediatric cancer research and treatment: https://t.co/RI8wQYqrzi

Accurately reflects the sad state of passkey usage, and a great follow-up to Dan Goodin's previous article on the subject. https://t.co/PzqQWysRjc

Hiding it from a sidebar or making a div invisible does NOT turn off anything. Sliding a toggle to "OFF" means nothing when it's enabled again (or the choice removed entirely) after the next update. https://t.co/yMvMZaEzP6

When using a public content posting service, there is sometimes such a thing as "a specific account cannot see my content", but there is never an "everybody except this specific person can see my content".

The changes in NIST SP 800-63-4 imply that regular password resets and character set requirements do more harm than good. Are these conclusions driven by real world data and formal studies?

Software vulnerabilities are dangerous product defects, and technology vendors shipping low-quality code are enablers of villains. https://t.co/UG6sgRXuOz

Frequently abused internet surveillance technology will only be sold to regimes that are... the most democratic? https://t.co/VDzk3fnXkw

So what? Just shuffle a few nucleotides around! https://t.co/fSCNK1go3F

https://t.co/IIEq4P9M4f

Instead, we have what already appears to be the most impactful systems outage to date. While well-managed servers are more easily recoverable, the fact that EUCs can't boot and need to be physically touched to recover creates a real mess.

Production defects are a thing, but they usually have specific underlying data, config, or load conditions only seen in real production environments. This is not the case with the CrowdStrike update.

Hard to imagine how this made it past testing/QA into production, early on a Friday morning (for many of us) no less. Even simple automated testing should have blocked this from deployment.

If you have an agreement to purchase a phone, even on installments or a subsidized plan, you own it (same as vehicles, for example). It should be unlocked on day 0. The deterrent to abandon the carrier could be early (reasonable) termination fees instead. https://t.co/YzrhQ9pjnC