Dino A. Dai Zovi
@ddz.bsky.social
Reposted by Dino A. Dai Zovi
I have never once run a phishing sim. I refuse to use the word. I put it in air quotes and say scam by text or email etc
Tech and cyber has been about deflecting blame to anyone else but themselves- which is what sims are. Blaming people when the system they use should protect against issues.
Tech and cyber has been about deflecting blame to anyone else but themselves- which is what sims are. Blaming people when the system they use should protect against issues.
February 8, 2025 at 7:21 AM
I have never once run a phishing sim. I refuse to use the word. I put it in air quotes and say scam by text or email etc
Tech and cyber has been about deflecting blame to anyone else but themselves- which is what sims are. Blaming people when the system they use should protect against issues.
Tech and cyber has been about deflecting blame to anyone else but themselves- which is what sims are. Blaming people when the system they use should protect against issues.
PRF in WebAuthN is going to enable epic things
January 11, 2025 at 3:39 PM
PRF in WebAuthN is going to enable epic things
Fraud is such a broad thing, hard to answer. But I think better forms of digital and cryptographic proofs of selective identity information would help. For example, cryptographic proof of personhood, while still remaining anonymous would help reduce amount of bots and such on social media.
January 10, 2025 at 3:53 AM
Fraud is such a broad thing, hard to answer. But I think better forms of digital and cryptographic proofs of selective identity information would help. For example, cryptographic proof of personhood, while still remaining anonymous would help reduce amount of bots and such on social media.
That is true that it is not cool, but the shift to EMV also happened in the US with cardholders not being liable for fraudulent charges by law. I'm not sure what the laws were in AU, but wonder if that was only the situation in EU/UK?
January 10, 2025 at 3:49 AM
That is true that it is not cool, but the shift to EMV also happened in the US with cardholders not being liable for fraudulent charges by law. I'm not sure what the laws were in AU, but wonder if that was only the situation in EU/UK?
Any plans on supporting Confidential VMs (e.g. AWS Nitro Enclave, AMD SEV-SNP, Intel TDX) w/ TamaGo unikernels?
January 6, 2025 at 3:21 PM
Any plans on supporting Confidential VMs (e.g. AWS Nitro Enclave, AMD SEV-SNP, Intel TDX) w/ TamaGo unikernels?
The way that I think about it is that the systems that I think about the security of have grown larger and more complex. Being Security DRI for Square's EMV launch in 2014 was really educational. True to my roots, I found EMV smartcard parsing mem corruption bugs in our firmware before it shipped :)
January 1, 2025 at 4:49 PM
The way that I think about it is that the systems that I think about the security of have grown larger and more complex. Being Security DRI for Square's EMV launch in 2014 was really educational. True to my roots, I found EMV smartcard parsing mem corruption bugs in our firmware before it shipped :)