Real History of the NRA

The National Rifle Association (NRA) has an interesting origin story that is basically 180 degrees from its current incarnation. We should begin by acknowledging that the current NRA is basically a slush-fund non-profit organization of white supremacists in America who export death for profit, as Hasan Manaj masterfully explains: What Hasan misses in his segment, is the obvious ties to history. For example, a move by the current US regime…

May 23, 2019
Read More >>

Garbage In, Garbage Out is NOT Why Machine Learning Fails

May 15, 2019

I’ve been getting a lot of positive feedback on my RSAC trade-show floor hot-take on ML security (and the longer-format Defense in Depth podcast as well) so thought I should memorialize them both here on my own site: Kudos to David for the opportunity to opine on his platform for learning. Source: http://www.flyingpenguin.com

Read More >>

The Facebook Trust Disaster Was Easily Predicted

Five years ago in 2014, the future of Facebook trust was in the balance. What happened? ‘When I joined Facebook in 2016, my mom was so proud of me, and I could walk around with my Facebook backpack all over the world and people would stop and say, ‘It’s so cool that you worked for Facebook.’ That’s not the case anymore,’ a former product manager says. ‘It made it hard…

May 10, 2019
Read More >>

This Day in History: Nazis Invade Czechoslovakia

Radio Praha remembers this dark day in history with a post including some poetry. It begins… Eighty years ago today, on March 15 1939, Hitler gave Czechoslovak President Emil Hácha a stark choice: accept becoming a protectorate or face destruction. There was no choice, really, as Hácha was tortured and literally manipulated by Nazi “doctors” into signing away his country’s existence. An eye-witness (M. Coulondre, French Ambassador in Berlin, in…

March 15, 2019
Read More >>

Kalashnakov Kamikaze Drone

In 1951 the US boasted of having “pin point accuracy” in a radio-control bomb called ASM-A-1 or the “Tarzon” (TAllboy, Range and aZimuth ONly) In reality, while the accuracy could be within 500 feet of target (i.e. bridges in Korea), the complexity of the design made it unstable and costly to maintain. In addition the accuracy depended on daytime low-altitude flights, which greatly deflated chances of accuracy (at least two…

March 2, 2019
Read More >>

MOD (Masters of Data) PodCast: The Big Security Topics of 2019

February 15, 2019

#bugbounty #privacymatters #govermentshutdown Many thanks to all those who invited me in to crash the MODcast about “Big Security Topics of 2019“. Special shout-out to George who kept calling me David. The conversation has been blowing up my social channels so thought I might as well add some reference here as well. “People have the right to know what others are doing with their data” Government Shutdowns, Bug Bountires, and…

Read More >>

Egregious Misconduct Lawsuit For 2014 Yahoo Security Management

It was the 10th of March 2014, the bugles were blaring. A red carpet was unrolled. Who was this man of mystery coming into view? He came with no prior CSO experience, let alone large operation skills. Suddenly out of nowhere, front and center of Yahoo’s own financial news site was the answer: Watch out, Google. The rumors are true. Yahoo has officially stepped up its security A-game. It’s called…

January 28, 2019
Read More >>

Do Walls Work?

Strangely enough I’ve been getting this question lately from people who believe I might have an answer. Little do they realize how complicated the answer really is. The short answer is (from a political economy view) that walls will be said to work when someone is trying to get them funded, and will be said … Continue reading Do Walls Work? → Source: http://www.flyingpenguin.com

January 20, 2019
Read More >>

At Least Five LiDAR Challenges for Vehicles

Sensors Online has a nice summary of the current product management view for LiDAR manufacturers. They spell out these five concerns: Size Cost Reliability Range Eye Safety Conspicuously missing from the list (pun not intended) is integrity of the data. Reliability in the above list refers only to environmental risks (“replace the moving parts with a solid-state alternative with each component able to meet Grade 1 temperature and qualification”) instead…

January 17, 2019
Read More >>

EV Charging Station Vulnerability

Anyone else read this article about the bug in a Schneider product? At its worst, an attacker can force a plugged-in vehicle to stop charging At its best, an attacker can give away power for free. That’s basically it. A hardcoded password meant the power could be disabled, although really that means it could be … Continue reading EV Charging Station Vulnerability → Source: http://www.flyingpenguin.com

January 14, 2019
Read More >>