#Learn365 Day-6: Cross-Site Leaks

Goldmine to Learn: https://t.co/TsqGRWxPq7

Cross-Site Leaks/XS-Leaks is a less explored security issue that usually comes from Side-Channel Attacks. I found this an interesting vector but unusual.

(1/n)

#BugBountyTips #infosec #AppSec

@cain_nate My friend Nate Cain and I have worked hundreds of hours with various politicians and legal groups trying to explain the election laws and how they fit together. There are many misperceptions of what happened during this election and what it means.

Simply put, our election laws are an intricate tapestry designed to ensure accuracy and prevent fraud. They work together like parts of a car. But when certain parts fail, the car is just a hunk of scrap iron and plastic. In this case critical parts failed.
2/

You do not have to prove fraud or intent, you just have to show that the election officials were unable to conduct an election that met the law and relevant certification requirements. In this case, the election does not come close to meeting accuracy requirements.
3/

These specifications are found deep in laws like FISMA, HAVA, and state adoptions of EAC guidance. 1 ballot error out of 125,000 or 1 position read error out of 500,000. Just look at the discrepancies between incoming ballot counts and total votes, the system fails.
4/

It is worse in the the swing states in Democrat strongholds but it is bad in many places. You add the apparent losses of ballots through the Mail and error rates in the ‘system’ are staggering. Why do we have these rules? Sure it is to prevent fraud, but......
5/

Nonlawyer Explainer Thread: On Keeping One's Mouth Shut

It occurs to me that certain private-jet-flying seditionists who continue to yammer on Twitter about their DC excursions provide us with the opportunity to do a little hypo to explore the benefits of silence.

So let's explore what a hypothetical law enforcement interview *might* look like in this situation. I'm not - I want to make clear - drawing from experience as a lawyer here.

I AM NOT A CRIMINAL LAW ATTORNEY.

Instead, I'm mostly drawing from discussions with my father-in-law.

My father in law is a now-retired homicide cop, and we've had a lot of discussions (especially since I started law school) about criminals and interviews over the years.

So with that in mind, let's look at this hypo.

ALSO - Simplifying for Twitter character counts.

*Knock*
*Door opens*
Agent: Ms [Name]? I'm Agent Smith, and this is Agent Jones. We're with Agency. We'd like to talk to you if you've got a minute.

Ms X: Oh? Is this about that thing at the Capitol?

[Yes, it seems insane but if you're worried about something specific and the cops show up, blurting out something like that is totally a thing that can happen.]

From @jack:

Starting now, we are changing the way we do things at Twitter. Even though we have been following policies we created, that we thought were good and necessary, it just hasn’t had the desired effect of promoting good discourse. Effective immediately, we are changing.

The basic principle that now guides us is that instead of trying to manipulate discourse, we are opening it up, and making ourselves more transparent and accountable, and resisting attempts at censorship of us or our users.

Further, we have been fundamentally operating under the false premise that we, our our news and fact-checking partners, are smarter or better at understanding information than you, our users, are. This is a vain fiction, and we will drop this pretense.

We have long known that we are not just another social media site, but the place where citizens, governments, and organizations communicate with each other, for essential purposes. We have a great responsibility to the public to be open. So, we change to improve.

First: we will no longer proactively delete any content, except for: private information harming a person other than who posted it (e.g. doxxing, revenge porn, etc.), and any content we are legally required to remove.

@jeffreyatucker In the end, it is all a natural consequence of a very human foible, namely that we all do everything we can to blame anybody or anything else for our problems, if we can get away with it. It's the reason why rulers start wars to squelch domestic dissent - macro and micro the same

The very notion of the germ theory of disease revolves around this and while it is good for selling medical interventions, treatments and pharmaceuticals, it is no good for either personal health, or public health in any way. We need to start looking at health on a holistic level

More of a systems approach to health would get us to see that the whole instinct to stamp out viruses, like the very counter-factual notion of "zero Covid," and other nonsense, are driven by this need to blame somebody or something else for our problems, so we can have our cake

and eat it too, i.e. we can pass the blame to others and go and kill them, be they bugs or other people (lockdowns???). The results are disastrous for health on both a personal and a public level, and we continue on a path of assured self-destruction. But times are changing, now.

Lifestyle Medicine @aclifemed provides the new paradigm, more of a systems approach to health, in which personal responsibility for our habits comes first, starting with nutrition. Immune systems become depressed by fatigue, stress, inner conflict, malnutrition and so on. Change

VALENTINE DAY CELEBRATION: FRSC CAUTIONS MOTORISTS AGAINST EXCESSIVE SPEED, DRUNK DRIVING AND RECKLESSNESS ON THE ROAD.

Owing to the need to ensure a safe and crash free celebration during the 2021 Valentine Day celebration, the Federal Road Safety Corps has warned the teaming community of celebrants and other road users, to desist from indulging in drunk driving, avoid excessive speed,

and resist the temptation to drive recklessly so as to mitigate all incidences of road traffic crashes during the celebration.

The Corps Public Education Officer, @BisiKazeem who made this public, said that the Corps Marshal, Dr Boboye Oyeyemi has directed Commanding Officers across board to double their efforts by ensuring massive deployment of Officers and Men for enhanced visibility,

adequate traffic control, and maximum enforcement of all COVID-19 protocols amongst motorists.