Matin 👋

#caféAnimé

📣 Help needed! For our upcoming #RSAC talk, @boblord and I are studying cyber near misses, moments where serious harm was narrowly avoided, and what we can learn from them. These near misses might apply to software development, or to network defense. (Please boost for reach! 🙏)

We are hoping to surface general patterns using some (anonymized) examples.

If you’re willing, reply with a high-level response to one or two of these prompts. Anonymize as appropriate, and/or send to us in DMs if you prefer:

* What lesson did an organization fail to learn after a near miss, even though it seemed obvious at the time?
* Describe a time when you discovered something and thought “If we didn’t catch this now, it would have been baaaaad”.
* Describe a time when you dealt with a software vulnerability in your systems that was being actively exploited elsewhere, but (as far as you could tell), not in yours. What saved the day?
* What repeated “almost failures” do you see getting normalized or waved away as acceptable risk?
* Can you recall a near miss triggered by a third party such as a researcher report, customer question, bug bounty submission, or vendor advisory that revealed a bigger issue than expected?
* Can you think of a near miss where the most important factor was not a security control, but a human action like someone double-checking, questioning an alert, or escalating a “weird feeling”?

Thanks!

I will never stop being angry at whichever renaissance europeans imported arabic numerals to europe and, in doing so, flipped them from little to big endian by inaction

utterly inconsiderate, causes no end of problems when dealing with bitvectors in modern day

For all the programmers: Do you prefer `assert` as a keyword over a library function (or macro).

The former is how it is done in Python, the latter is used in Rust, Zig and C.

#RustLang #Python #Programming #programminglanguages #question

The cat printer was running low on ink.

You are now seeing your glasses.

Its a well known fact that the 4 CPU architectures are x86-64, aarch64, riscv64, and s390x

Nobody has ever actually directly observed s390x but, like dark matter, we can infer its existence through compiler support

I like this:

The GPS never says "Are you sure you're going the right way?"
It just says, "Recalculating route."

Remember that when your kid tells you they're trans.

The future of software development is Gemini adding and removing the "status/needs-triage" tag from an issue on GitHub 5,000 times.

Gemini is made by Google, a company once famous for incredibly high quality software engineering.

https://github.com/google-gemini/gemini-cli/issues/16723

the AI systems are way better than any of you bitches at one thing: They consume enough water to function

there are five hand problems in software development:

1 naming things
3 absolute ordering
2 cache in5 concurrencyvalidation
́4 exactly-once delivery
6 off by one errors
4 exactly-once delivery

the kids remain undefeated

"In China, driverless delivery vans have become a total meme, they plow through crumbling roads, fresh concrete, motorcycles, anything. Nothing stops them."

When you hear something outside, but you didn't have time to put on pants.

I don't play OPTIMALLY, I don't CARE FOR THE META, I don't play TO WIN, I PLAY TO HAVE FUN, and if I don't have fun, THEN I STOP PLAYING

#OffTopic

Best material?

[not you may not have criteria or a use case, that's the joke]

Posts without alt-text shouldn't qualify for trending.