Brian Beach has moved @bwbeach@qoto.org

This OKTA harfiles hack update is a rollercoaster and a lot of people are remarking on the "While 94% of Okta customers already require MFA for their administrators" revelation that 6% of the people who _control authentication for their orgs don't use MFA_ - which is definitely very bad - I want to take a moment to look at this picture of an industrial paper cutter.

Longtime readers, you've heard me go off on this before.

https://sec.okta.com/harfiles

@StillIRise1963 Pretty much yeah. I think we all need to start holding up President Biden as our WISE ELDER. Which in fact he is. Then suddenly all those visual cues that currently read as "old guy" get re-read as "seasoned, experienced, authoritative, wise." Us humans understand the 2orld via tropes, we oughta start using them more consciously. IMHO.

Today in Labor History November 28, 1843: The Kingdom of Hawaii was officially recognized by the United Kingdom and France as an independent nation. Consequently, the date is now known as Ka Lā Hui (Hawaiian Independence Day). The nation was formed in 1795, when the warrior chief Kamehameha the Great, of the independent island of Hawaiʻi, conquered and unified the independent islands of Oʻahu, Maui, Molokaʻi and Lānaʻi. The U.S. became its chief trading partner and “protector” to prevent other foreign powers from seizing control. In 1891, the Committee of Safety, led primarily by foreign nationals from the U.S., U.K. and Germany, and some dissident locals, overthrew Queen Liliʻuokalani. And in 1898, the U.S. annexed Hawaiʻi, making it a territory of the U.S. In 1993 Congress passed the Apology Resolution, acknowledging that the overthrow of the Kingdom of Hawaii was by agents and citizens of the U.S. and that the Native Hawaiian people never relinquished their claims to sovereignty.

#WorkingClass #LaborHistory #colonialism #hawaii #NativeHawaiian #indigenous

"George Orwell predicted this

An onslaught of fake propaganda about a Niagara Falls car crash. Government officials trying to crush news orgs with investigations. Journalists killed at a record pace

Press freedom - and the truth - under attack."

If @willbunch wrote it, you should read it.©...& I thread it. 1/... 🧵

https://www.inquirer.com/opinion/commentary/free-press-right-wing-authoritarianism-20231126.html#loaded

This year's Black Friday marks the rough ten-year anniversary of the 2013 intrusion at Target.

Their compromise became public knowledge when I wrote about in on Dec. 18, 2013. But the reporting for that story started ~ Dec. 12, when I began hearing from fraud control people at several smaller banks I'd worked with in the past on Zeus trojan attacks. They were seeing unprecedented numbers of customer cards getting compromised and used for in-store fraud at big box retailers.

I agreed to give each of those contacts a short primer on how to buy back their own bank's cards from a new set of 6 million freshly hacked cards (100 percent valid) that was being advertised in the cybercrime forums. All I asked in return is that they share the results of any fraud analysis on those cards.

Within 5 days, all of those bank sources reported success in buying back enough cards to determine the pattern: All had been used w/in the same three-week period at a Target store somewhere in the United States.

The fraud shop that was selling cards that everyone at this point suspected were coming from Target helpfully included the zip code tied to each card record for sale. Initially, we lost valuable time laboring under the assumption that the zip code was tied to the cardholder's address, but it soon became clear that was not the case, because there were only about 2,000 unique zip codes in the hundreds of pages of card data we scraped, and there are > 40k zip codes in the whole US. Still, the zip codes in the card data were spread out to almost every state.

Then we had an "AHA!" moment: The Target store locator page listed every single zip code of every store. After scraping those, we found there was about a 99.1 percent overlap in the Target store ZIP codes and the zip codes in the millions of fresh new cards put up for sale.

At that point, I felt really good about confronting Target, because every single source and data point led to the conclusion that they were totally owned.

https://krebsonsecurity.com/2013/12/sources-target-investigating-data-breach/

Cool study out of Sweden, published in BMJ, finding that the more doses of covid vaccine someone has received, the less likely they are to get long covid if they do get covid.

https://www.bmj.com/content/383/bmj-2023-076990

Bookshop.org is offering free standard shipping all weekend! If you want an alternative to Amazon, this is an excellent choice.

https://bookshop.org/

As far as I can tell, the greatest tragedy is that human lifespans are so short compared to all the knowledge, joy, and humor there is to experience. Even 100 years is not enough to scratch the surface.

Yet there are people in the world who are so dull that they squander their lives on bigotry, and who think the pinnacle of humor is demeaning marginalized people. I truly don't get it, and in a way I'm glad that I don't get it.

The most secure data is the data you don't have.

STUFF TO READ: Twitter’s Former Head of Trust and Safety Finally Breaks Her Silence | WIRED

Interesting interview, not least because reading between the lines of stuff like “getting a semi-effective multi-account detection algorithm in place took years. Years.” — and I know from life experience that part of the reason that’s hard is that REGULATORS HATE COOKIES AND THINK THAT ALL “TRACKING” DEVICE COOKIES ARE FOR ADVERTISING

Sigh.

I consistently had conversations with people … because people would go into trust and safety because they care, right? You don’t go into trust and safety because you’re like, “I enjoy getting praised for my work.” You really have to want to get into the weird, human, messy issues where sometimes both parties are at fault, sometimes neither party’s at fault, and you still have to navigate all of those.

https://www.wired.com/story/del-harvey-twitter-trust-and-safety-breaks-her-silence/

#delHarvey #trustAndSafety #twitter

https://alecmuffett.com/article/108431

On this is … this is one of the strangest solo projects I've ever seen. "Volumetric Display using an Acoustically Trapped Particle". Dude has two speakers facing each other, they emit a wave that contains enough force a light foam bead is forced to levitate in the air between them, then by varying it he can move it around, and by changing the light of an LED shining on it he can give it color. He can draw basic 3D shapes and persistence of vision makes them appear real. https://www.youtube.com/watch?v=hCC1C5KIeUA

The annual Thanksgiving tradition has obscured the historical reality of Native American genocide: dispossession from their lands, efforts to destroy their cultures, and the slaughter of their communities.

It is important to remember this past as we celebrate with our families and bear witness to current struggles against genocide and imperialism. Around the world, Indigenous people are continuing to resist and refuse to be erased.

Resources:

Harvard Library American Indigenous Studies Resource List: https://guides.library.harvard.edu/american-indigenous-studies

Land Back Movement: https://landback.org/

Find out whose land you are on: https://native-land.ca/

(I am on the Tongva land: https://native-land.ca/maps/territories/tongva-gabrieleno/)

Defend the Weelaunee Forest (stolen Muscogee land): https://stopcop.city/

#indigenous #resistance #landback #native #NativeAmericanHeritageMonth #thanksgiving #thanksgiving2024 #maddenthanksgiving #turkey #turkeyday #feast #thanks #genocide

It amazes—and alarms—me how much hatred some people express toward Joe Biden. You can disagree with his politics and worldview, but any normal person paying attention can grasp his empathy and decency. That hate is the outgrowth of propaganda.

Apparently I’m a ‘menace’ to walk around with in other towns because I keep assuming I have the right of way. I’m used to streets where cars are allowed, but they must yield to pedestrians and cyclists. So I unthinkingly wander in the middle of the road in other cities too, gathering cars behind me like a pied piper until a sighing friend pulls me aside. As I stand with all the other people forced aside to let 1 driver in 1 car pass, I wonder: who’s the real menace here?

#Aarhus #LiveableCities