Lea Kissner
@leak.bsky.social
Security, privacy, respect. Was the Twitter CISO until it was terrible. Now LinkedIn CISO. they/them
Would certainly hope not! I got more context once I scrolled back further (it was split across multiple posts and Bluesky orders in reverse chronological).
February 10, 2026 at 6:36 PM
Would certainly hope not! I got more context once I scrolled back further (it was split across multiple posts and Bluesky orders in reverse chronological).
Being willing to look stupid is a superpower
January 30, 2026 at 10:09 PM
Being willing to look stupid is a superpower
Dashboards are a curation of sharing information, not the choice on collecting it, which may be made differently.
(And in the case of information about people is way more complicated)
(And in the case of information about people is way more complicated)
January 28, 2026 at 4:14 PM
Dashboards are a curation of sharing information, not the choice on collecting it, which may be made differently.
(And in the case of information about people is way more complicated)
(And in the case of information about people is way more complicated)
I swear I have something I want people to do when they read the post! I want people to think through that question when they share information.
Honestly, good dashboards have helped me get so much done, especially wrangling an entire company at once.
Honestly, good dashboards have helped me get so much done, especially wrangling an entire company at once.
January 28, 2026 at 4:08 PM
I swear I have something I want people to do when they read the post! I want people to think through that question when they share information.
Honestly, good dashboards have helped me get so much done, especially wrangling an entire company at once.
Honestly, good dashboards have helped me get so much done, especially wrangling an entire company at once.
January 28, 2026 at 4:04 PM
I swear I have something I want people to do when they read the post! I want people to think through that question when they share information.
Honestly, good dashboards have helped me get so much done, especially wrangling an entire company at once.
Honestly, good dashboards have helped me get so much done, especially wrangling an entire company at once.
This is my biggest pet peeve about dashboards: what is someone going to *do* when they get this information? If it's "be informed" that's the same as saying "nothing" and why did you even bother?
We need to start thinking about information’s value being decision-centric. what makes outlets like Financial Times so good is that the model reader is, well, a financial decision-maker. Whereas other papers cater to someone whose only purpose is a nebulous “being informed.”
January 28, 2026 at 3:48 PM
This is my biggest pet peeve about dashboards: what is someone going to *do* when they get this information? If it's "be informed" that's the same as saying "nothing" and why did you even bother?
I have no idea what this person wanted when they called my spouse, but if they ask me for more wipes I also do not know what to say.
January 23, 2026 at 1:36 AM
I have no idea what this person wanted when they called my spouse, but if they ask me for more wipes I also do not know what to say.
Not trying to shame the vendor so I left out more identifying statistics.
January 14, 2026 at 1:19 AM
Not trying to shame the vendor so I left out more identifying statistics.
A security vendor sent me a pile of paper with many statistics where [citation needed]. For instance.... Why does automating IAM reduce the likelihood of a breach to 5%? From what? And how is that independent from, say, use of passkeys or auto-escaping templates?
January 14, 2026 at 1:19 AM
A security vendor sent me a pile of paper with many statistics where [citation needed]. For instance.... Why does automating IAM reduce the likelihood of a breach to 5%? From what? And how is that independent from, say, use of passkeys or auto-escaping templates?
The other masechot and the Yerushelami are on the overflow table 😁
a person 's finger is pointing to a book titled " hundertjahrgeschichte "
ALT: a person 's finger is pointing to a book titled " hundertjahrgeschichte "
media.tenor.com
January 12, 2026 at 7:42 PM
The other masechot and the Yerushelami are on the overflow table 😁
The pink-ish background watercolor is a golem named Emmett (which is a pun) who has a security blanket. Also a pun.
There's a very cool piece of Twitter artwork.
The turtle is a gift from a coworker in the Bangalore office.
There's a very cool piece of Twitter artwork.
The turtle is a gift from a coworker in the Bangalore office.
January 12, 2026 at 5:16 PM
The pink-ish background watercolor is a golem named Emmett (which is a pun) who has a security blanket. Also a pun.
There's a very cool piece of Twitter artwork.
The turtle is a gift from a coworker in the Bangalore office.
There's a very cool piece of Twitter artwork.
The turtle is a gift from a coworker in the Bangalore office.
Over on the other wall is a card with messages and sketches like "this place is not a place if honor" and "the danger is still present in your time as it was in ours" from a project to figure out how to label nuclear waste. Also heavily memed.
en.wikipedia.org/wiki/Long-te...
en.wikipedia.org/wiki/Long-te...
January 12, 2026 at 4:27 PM
Over on the other wall is a card with messages and sketches like "this place is not a place if honor" and "the danger is still present in your time as it was in ours" from a project to figure out how to label nuclear waste. Also heavily memed.
en.wikipedia.org/wiki/Long-te...
en.wikipedia.org/wiki/Long-te...
Weirdly the USPS took down their page about it, but the little frame has a Women Cryptologists of WWII stamp
www.nsa.gov/Press-Room/N...
www.nsa.gov/Press-Room/N...
www.nsa.gov
January 12, 2026 at 4:27 PM
Weirdly the USPS took down their page about it, but the little frame has a Women Cryptologists of WWII stamp
www.nsa.gov/Press-Room/N...
www.nsa.gov/Press-Room/N...
The writing with a key over it is the first known poem written about cryptography, beginning "Il nest plus rien dessous les Cieux/ Qu'on puisse caches à tes yeux". I got it from The Codebreakers, which is eminently worth reading.
en.wikipedia.org/wiki/The_Cod...
en.wikipedia.org/wiki/The_Cod...
The Codebreakers - Wikipedia
en.wikipedia.org
January 12, 2026 at 4:27 PM
The writing with a key over it is the first known poem written about cryptography, beginning "Il nest plus rien dessous les Cieux/ Qu'on puisse caches à tes yeux". I got it from The Codebreakers, which is eminently worth reading.
en.wikipedia.org/wiki/The_Cod...
en.wikipedia.org/wiki/The_Cod...
The knife has my password on it. The Google security leaving tradition is that (if you agree) people will try to steal your password. If they succeed, they engrave it on a knife.
Someone on my team had to own the user-facing account system to get mine!
bughunters.google.com/blog/the-gre...
Someone on my team had to own the user-facing account system to get mine!
bughunters.google.com/blog/the-gre...
Blog: The Great Google Password Heist: 15 years of hacking passwords to test our security (and build team culture!)
The Leaving Tradition in Google's security team, which could be described as a type of small-scale offensive security exercise, is a great (and fun) example of team culture. Curious? See this blog pos...
bughunters.google.com
January 12, 2026 at 4:27 PM
The knife has my password on it. The Google security leaving tradition is that (if you agree) people will try to steal your password. If they succeed, they engrave it on a knife.
Someone on my team had to own the user-facing account system to get mine!
bughunters.google.com/blog/the-gre...
Someone on my team had to own the user-facing account system to get mine!
bughunters.google.com/blog/the-gre...
The big map is how John Snow figured out that cholera is water-borne not spread by miasmas. He's considered the father of modern epidemiology.
en.wikipedia.org/wiki/John_Snow
en.wikipedia.org/wiki/John_Snow
John Snow - Wikipedia
en.wikipedia.org
January 12, 2026 at 4:27 PM
The big map is how John Snow figured out that cholera is water-borne not spread by miasmas. He's considered the father of modern epidemiology.
en.wikipedia.org/wiki/John_Snow
en.wikipedia.org/wiki/John_Snow
The oldest customer service complaint: the tablet of Ea-Nasir (top left)
If you haven't heard of this yet, it's partially delightful for the rich trove of memes. Rich. Trove. I cannot explain how many memes over the last few decades.
en.wikipedia.org/wiki/Complai...
If you haven't heard of this yet, it's partially delightful for the rich trove of memes. Rich. Trove. I cannot explain how many memes over the last few decades.
en.wikipedia.org/wiki/Complai...
January 12, 2026 at 4:27 PM
The oldest customer service complaint: the tablet of Ea-Nasir (top left)
If you haven't heard of this yet, it's partially delightful for the rich trove of memes. Rich. Trove. I cannot explain how many memes over the last few decades.
en.wikipedia.org/wiki/Complai...
If you haven't heard of this yet, it's partially delightful for the rich trove of memes. Rich. Trove. I cannot explain how many memes over the last few decades.
en.wikipedia.org/wiki/Complai...
Progress in my ongoing effort to decorate the wall behind me with something other than stacks of books. 🧵 for the fun stuff
The round thing is the Incident Hat/Bad News hat. I can't remember if I've told this story here, but basically I trained several companies to be scared of a hat instead of me
The round thing is the Incident Hat/Bad News hat. I can't remember if I've told this story here, but basically I trained several companies to be scared of a hat instead of me
January 12, 2026 at 4:27 PM
Progress in my ongoing effort to decorate the wall behind me with something other than stacks of books. 🧵 for the fun stuff
The round thing is the Incident Hat/Bad News hat. I can't remember if I've told this story here, but basically I trained several companies to be scared of a hat instead of me
The round thing is the Incident Hat/Bad News hat. I can't remember if I've told this story here, but basically I trained several companies to be scared of a hat instead of me
I'm speaking as someone with a very limited diet here, so I can't buy commercial jam, but chia seed jam is both easier to make than the normal kind and has more fiber/protein (and probably some random nutrients that I'm not getting somewhere else). It tastes perfectly fine and it's easy 🤷
January 12, 2026 at 3:04 PM
I'm speaking as someone with a very limited diet here, so I can't buy commercial jam, but chia seed jam is both easier to make than the normal kind and has more fiber/protein (and probably some random nutrients that I'm not getting somewhere else). It tastes perfectly fine and it's easy 🤷
Folks in privacy engineering and related fields, it's PEPR time again -- submit talk proposals about topics related to designing, building, and understanding products and systems which foster privacy and respect. I'm looking forward to seeing your talks!
www.usenix.org/conference/p...
www.usenix.org/conference/p...
PEPR '26
The 2026 USENIX Conference on Privacy Engineering Practice and Respect (PEPR '26) will take place on June 1–2, 2026. PEPR is focused on designing and building products and systems with privacy and res...
www.usenix.org
January 7, 2026 at 10:58 PM
Folks in privacy engineering and related fields, it's PEPR time again -- submit talk proposals about topics related to designing, building, and understanding products and systems which foster privacy and respect. I'm looking forward to seeing your talks!
www.usenix.org/conference/p...
www.usenix.org/conference/p...
Zoom has customers who *really* like phones. Anecdotally based on which customers were yelling at me would particularly say lawyers and banks, but sometimes connectivity is just bad especially when people are traveling and phone is what they've got.
January 7, 2026 at 8:34 PM
Zoom has customers who *really* like phones. Anecdotally based on which customers were yelling at me would particularly say lawyers and banks, but sometimes connectivity is just bad especially when people are traveling and phone is what they've got.
The Zoom people were legit surprised when I explained that their "end to end" security wasn't. Now there's a setting to turn it on -- not everyone should turn E2EE on, though. For example, if you need to call in with a normal phone, E2EE won't work because phones don't do that.
January 7, 2026 at 8:26 PM
The Zoom people were legit surprised when I explained that their "end to end" security wasn't. Now there's a setting to turn it on -- not everyone should turn E2EE on, though. For example, if you need to call in with a normal phone, E2EE won't work because phones don't do that.
It started dubbing French shorts for me, but not Hebrew, so either it does a bad job of assessing fluency or it doesn't have full language coverage
January 4, 2026 at 5:27 PM
It started dubbing French shorts for me, but not Hebrew, so either it does a bad job of assessing fluency or it doesn't have full language coverage