Personal account where the owls are not what they seem.
π¦ποΈποΈπͺ΅βπ©π₯§π΅οΈββοΈπ
Also:ππππ»
The "AP Cybersecurity Course Framework" document contains some hacklore about "The Dangers of Public Wi-Fi". If you have contacts there, can you please connect me? π
https://apcentral.collegeboard.org/courses/ap-cybersecurity/about
Hacklore Central contact info: https://www.hacklore.org/about
π π A Stop Hacklore t-shirt makes a perfect Christmas gift for that special someone who stayed off the naughty list by not spreading hacklore! π π
@Geoffairey We can separate the design and manufacturing of software. A great resource for software development is Google's paper on secure by design software:
https://research.google/pubs/secure-by-design-at-google/
For operator errors within enterprises, it's helpful to separate the proximate causes (just left of BOOM) from the multiple contributing root causes. A good book that explains how other sectors treat human error is Behind Human Error by Woods, et al.
If you have specific studies in mind I'd be happy to take a look! π
Itβs time again for me to listen to my favorite cybersecurity podcast. Well, itβs technically about automotive safety, but I canβt help seeing the parallels to software safety. I hope you find it enlightening too! π₯ π
@Geoffairey What sorts of people problems are you thinking of?
@buherator What are the best anti-scam resources I can link to? It's not the focus on Hacklore but I can make sure there is a smoother on ramp to good guidance.
@cigitalgem @jack_daniel Links to old posts/publications welcome!
@nuintari Is that real??
@buherator I posted some thoughts here:
https://medium.com/@boblord/methods-of-delivery-vs-intrusion-the-hacklore-edition-b042f51954a6
Feedback welcome!
@n_dimension I highly recommend you read Geekonomics by David Rice, and especially Behind Human Error by Woods, et al. The combination of those two books will provide you a ton of additional background and nuance around systems thinking. π
@jack_daniel Right. We've put the burden of staying safe on the customer, prevented them from suing for design and manufacturing defects, etc. The best book I've found on this topic is Geekonomics by David Rice. The second best is Unsafe at Any Speed by Nader.
None of this is an accident. The system is designed this way.
@nuintari Which is one of the reasons so many security products are riddled with unforgivable vulnerabilities.
@buherator I made the edits to the references to "URLs". Thank you for that insight that got past all the proofreaders!!!!!
As for the other part about being able to determine the risk level for a site, well, that might be more of a challenge than copy editing. ;-) But fully agree.
@chetwisniewski Yes!
Does your cybersecurity awareness training contain any hacklore?
Iβm collecting examples of hacklore in the wild. Whether itβs training slides, quiz questions, or instructions that focus on rare threats instead of the ones causing the most real-world harm, I want to see it all.
Post some screenshots or notes here, or email them to "info" at hacklore.org. Letβs help organizations replace stale guidance with advice that truly keeps people safe.
What if cybersecurity experts wrote PSAs for elevator safety?
ππ₯π±
https://medium.com/@boblord/psa-elevator-un-safety-7ac69a9498de
@luis_in_brief @joshbressers The car analogy is one of the better ones I've found in part because the development of safety norms after 1965 closely parallels the software marketplace today. The first few minutes of this video explains a small part of the reason:
https://www.youtube.com/watch?v=_n7QRuR_Tck
