BC TECH
Saved by @jay_millerjay

A quick thread on intelligence analysis in the context of cyber threat intelligence. I see a number of CTI analysts get into near analysis paralysis phases for over thinking their assessments or over obsessing about if they might be wrong. (1/x)

 Consider this scenario. A CTI analyst identifies new intrusions and based on the collection available and their expertise note that the victims are all banks. Their consumer wants to know when threats specifically target banks (not just that banks are victims).
The CTI analyst has, from their collection, at this time, and based on their expertise enough to make an activity group (leveraging the Diamond Model in this example) that meet's the requirement of their consumer. So what's the problem?
The CTI analyst begins to over think it. "What if I had more collection? Would my analysis change? I really don't *know* they aren't also targeting mining companies in Australia as I don't have collection there."
The analyst knows their analysis is going to be shared. Maybe even public. "What if another team or professional intelligence firm has more collection and ends up noting that it isn't banking specific at all. Banks are victims, not targets. Will my consumer distrust me later?"
It's a scenario I see often. I see many of my #FOR578 students run into scenarios like this. "What if I say something about ICS, what will Dragos say. What if I say something about this APT, what will FireEye say. What if I say something about $X, what will CrowdStrike say."
All of our assessments are made using our expertise at a point in time with the available collection. One of the values of estimative language is explicitly accounting for the gaps. If you have significant collection gaps, bake that into the assessment: e.g. Low Confidence
Too many analysts and consumers look for facts. Intelligence is analysis. It's allowed to evolve and change as collection, time, or other considerations change. We're advising consumers to help them make better choices. Not to know the unknowable.
I would advise that analyst to make the group. Sure they can always try to coordinate with others, share, see if other groups/teams see what they see or can expose collection gaps, etc. But that's not always necessary or possible.
One of my favorite articles is the Fifteen Axioms of Intelligence Analysts by Frank Watanabe. It's been in my CTI class for years now as the last slide of the course: https://t.co/45kzw5kLz7
He doesn't start off with anything about being wrong. Or making mistakes. He starts off with "Believe in your own professional judgements." The #2 is "Be aggressive, and do not fear being wrong." It's not until #3 we hear "It is better to be mistaken than to be wrong."
Build confidence with yourself. Then build trust with your consumer. That you are going to deliver the best judgement based on the insights you have at that time. And that if it changes, you'll let them know and admit it. That's really hard to do - but it's vital.
Don't sit on your intelligence and not disseminate it, or overthink it to even finishing your work, if it can be valuable to your consumer. It's always a point in time and based on what you know at that time. You'll never have enough to feel comfortable
The balance is in not blasting your consumer with thinly supported guesses though. Go through your processes. Use your team. "Aggressively pursue collection of information you need." But then make the call. If it was easy it wouldn't be intelligence.

More from Tech

Mrkhtake2
Mrkhtake2
@mrkhtake2
Today we’re going to talk statistics and semantics. I’m going to do so via the medium of one of Twitter’s favourite stats 1.7% (aka “intersex is as common as red heads.”). The statistic comes from Fausto-Sterling’s work, which you can see a review of

To understand the statistic, we have to drill down into what the meaning of the word intersex is. Most people think of hermaphrodites. Let’s stress at the beginning there has been no example ever of a human being with both sets of working reproductive organs.

There is a very tiny percentage of people who are born with both testicular and ovarian tissue (what Fausto-Sterling calls “true hermaphrodites”). And when I say tiny, we’re talking intersex tiny, as in 0.0117/1,000 live births, or one in 1,000,000. These are very complex cases.

So, how do we arrive at 1.7%? What Fausto-Sterling does is apply a wider scope. Instead, she argues that intersex is anything that doesn’t fit into a platonic ideal. The platonic ideal, in this case, being a phenotypically perfect XX female and a phenotypically perfect XY male.

This means that intersex, used in the context of the 1.7% statistic, includes people for whom there is no sexual ambiguity. Take for example Klinefelter syndrome (XXY males). As Fausto-Sterling acknowledges, many males can go their whole life and not realise they are XXY.
TECH
Patrick McKenzie
Patrick McKenzie
@patio11
A thread on HN about bad code in legacy projects both makes me think how little we've learned as a discipline over the years and, honestly, how little credit we give ourselves for some pretty major

Fun going down this list and thinking: "Hmm, plausible at a well-run modern software shop", "Hmm, possible, but requires implausible tradeoffs", "Literally disallowed by languages", and "If you were to attempt doing that our test suite wouldn't let you merge."

I think we as an industry celebrate (not quite the right word) failure too much and don't celebrate success nearly enough. There is no DailyWTF for competent execution, word of which generally stays pretty local to the source while incompetence passes into legend.

Alrighty let me try to thread the needle on being the change I want to see in the world while not giving away anything that will get me in trouble:

Ruby has wonderful developer ergonomics. Typed languages are easier for machines to guarantee the correctness of. We built a type checker for Ruby (and I believe it is slated for OSS release sometime).

c.f.
TECH
Advertisement
foone
foone
@Foone
I went looking for a remote-controlled power switch (the wireless christmas kind, not the modern IoT kind) and didn't find it, but I did find this thing I bought just to figure out why it exists.
It's a timer outlet, but you program it from your phone... but it's not wireless.


Yeah instead it plugs into your phone's HEADPHONE PORT


I got it on sale.
probably because iphone dropped the headphone port and they had to get with the 21st century and make it bluetooth


So inside the box is the device. it's got a little 2-prong polarized outlet with no ground.


on top is the only controls: on/off/timer.
TECH
Got Got Need
Got Got Need
@Hudlen_
Thought I'd put a thread together of some resources & people I consider really valuable & insightful for anyone considering or just starting out on their @SorareHQ journey. It's by no means comprehensive, this community is super helpful so no offence to anyone I've missed off...

1) Get yourself on the official Sorare Discord group https://t.co/1CWeyglJhu, the forum is always full of interesting debate. Got a question? Put it on the relevant thread & it's usually answered in minutes. This is also a great place to engage directly with the @SorareHQ team.

2) Bury your head in @HGLeitch's @SorareData & get to grips with all the collated information you have to hand FOR FREE! IMO it's vital for price-checking, scouting & S05 team building plus they are hosts to the forward thinking SO11 and SorareData Cups 🏆

3) Get on YouTube 📺, subscribe to @Qu_Tang_Clan's channel https://t.co/1ZxMsQR1kq & engross yourself in hours of Sorare tutorials & videos. There's a good crowd that log in to the live Gameweek shows where you get to see Quinny scratching his head/ beard over team selection.

4) Make sure to follow & give a listen to the @Sorare_Podcast on the streaming service of your choice 🔊, weekly shows are always insightful with great guests. Worth listening to the old episodes too as there's loads of information you'll take from them.
TECH
Joe Natoli
Joe Natoli
@joenatoli
#UX and #design friends, we need to talk about estimating. I'd like to share some advice that's come up 3 times this week, in hopes it's useful. And it's echoed, by the way, in the BUSINESS OF UX course @EliNatoli and I are teaching at my UX 365 Academy (link at the end).

(1/12)

Avoiding wars with clients is a matter of how you structure your engagements, along with how you spell out what you're doing in your proposals/contracts. That starts with estimating.

The biggest 2 rules I follow are these:

(2/12)

1. I do not EVER estimate a project in full from start-to-finish.

2. Once we're past initial Discovery (see below), I estimate in small chunks, e.g. "here's what will take us to the next iteration/review."

(3/12)

NEVER estimate past the point where you may get new information based on a build/test cycle.

Believe me when I say that you'll be wrong every time. Ask me how I know ;-)

(4/12)

So instead, first, I estimate a Consult/Discovery part that details what I think we need to do to get a handle on what's actually wrong here, and how long that will take.

For example...

(5/12)
TECH

You May Also Like

Anu Satheesh \U0001f1ee\U0001f1f3
Anu Satheesh 🇮🇳...
@AnuSatheesh5
Velimalai Kumaraswamy Kshetram
Kumarakovil, #Kanyakumari
#Tamilnadutemples 🚩

Velimalai Kumaraswamy Temple is a Murugan temple located in Kanyakumari District of Tamilnadu.

Muruga faces east and is said to be facing Sthanumalayan (Paramashiva) of Suchindram. Muruga is of


eight feet vigraham and Valli thayar is six feet tall. Eventhough Thiruthani is believed to be the place where Subrahmanya married Valli, it is also believed that Valli’s thayar's marriage took place with Murugan here.

There is a Kalyana Vinayakar sannidhi
who helped Muruga's


marriage with Valli. Kumarakovil is also known as Kumara Kshetram and Subrahmanya Sthala. The Tamil epic Chilapathikaram refers to the temple as Chera Nattu Aeragam

Wedding of Valli and Murugan is celebrated here in the Tamil month of Panguni (March-April).

Om Muruga
🙏🕉🙏
ALL
Anu Satheesh \U0001f1ee\U0001f1f3
Anu Satheesh 🇮🇳...
@AnuSatheesh5
Agastya Muni & Kaveri River
#story
This is a story which describes how River Kaveri was brought on earth by Agastya muni. There was a king named Kavera lived in the Brahmagiri hills who prayed to Brahma for a child. He was blessed with a daughter whom he named Kaveri.


Agastya muni married her. A demon, named Shoorapadma, wanted to trouble people so he prevented rain from reaching South India. As a result famine occurred in South India.
Agastya Muni who came that way was very sad seeing this. He started to pray Mahadeva for a solution.


Shiva gave him small amount of Ganga water in his Kamandalu (small pot) and said wherever you spill this water the river will flow from there. Agastya Muni travelled lot of places to find a suitable place to pour water. Feeling tired he kept his Kamandalu and took rest.


At that time Ganesha took a form of crow and perched on the Kamadalu and made a hole that water began to flow as river Kaveri. This place is now called as Talakaveri (Karnataka), located in the Brahmagiri hill.


Tala Kaveri has temple for Agastheeswara, which denotes the story between Kaveri and Agasthya muni. Kaveri is a part of Ganga, thus, also called Dakshina Ganga.
🙏🕉🙏
ALL
Advertisement
Vibhu Vashisth
Vibhu Vashisth
@VIBHU_Tweet
IT WAS RISHI KANADA WHO GAVE THE ATOMIC THEORY & TALKED ABOUT THE GRAVITY OF EARTH, 2600 YEARS BEFORE AN APPLE FELL IN FRONT OF NEWTON'S EYES:

Scientists of the modern world credit an English scientist John Dalton (1766 CE -1844 CE) for the Atomic Theory.


And this is because, most of us are not even aware of an ancient Indian Sage named Kanada, who was the first to formulate the theory of atoms, almost 2600 yrs before Dalton and talk about earth's gravity.


Rishi Kanada was born around 600 BCE in Dwarka, Gujarat and he was the son of a philosopher named Ulka. He was fascinated with the minute detailing of the things right from his childhood. Once, when he was very young, he accompanied his father on a journey to Prayaga.


He saw plentiful grains scattered along the path leading to the shore of river Ganga. It's a tradition in Hindu families to scatter the grains for the ants and birds to feed on them. Suddenly, an ant caught his attention, who was feeding on a rice grain.


He was mesmerised by this very fact that how a small grain of rice becomes food for the ant but to satisfy the hunger of a person so many grains are needed together. This incidence made him realize the importance of a single grain of rice.
ALL
Vibhu Vashisth
Vibhu Vashisth
@VIBHU_Tweet
Surkanda devi mandir is a famous shrine of Hindus located near Kaddukhal distt of Uttarakhand, 11 Km from the town of Dhanaulti and 35 Km from Mussoorie.
The Temple is one of the 51 Shakti Peethas spread all over Indian Subcontinent and is dedicated to Goddess Surkanda.


Nestled on a Hill at an Altitude of 2700 m approx, the place offers a splendid view of the snow capped mountains, the picturesque scenic beauty that offers an experience of the lifetime.
The Temple build in the traditional Garhwal style exuberates the Architectural splendour.


The origins of the Surkanda Mata Mandir is attributed to Goddess Sati, consort of Bhagwan Shiv who in a rage immolated herself in her arrogant Father Daksha's Yajna Kund bcoz he didn't invite Bhagwan Shiv in the Yajna.


Devastated by the death of Sati Shiva wandered all over the cosmos performing Tandava-The Dance of Cosmic Destruction.Fearing the total annihilation of cosmos, Gods requested Bhagwan Vishnu to pacify Shiva.Bhagwan Vishnu then used his discuss to destroy the burning corps of Sati.


The pieces of Sati Mata's body then got scattered all over the region which were later established as Shakti Peethas by Bhagwan Shiva himself.Its believed that the head of Sati fell here and it was called Sirkhanda Mata Temple before, but with passage of time it became Surkanda.
ALL
Murray \U0001f1fa\U0001f1f8
Murray 🇺🇸...
@Rothbard1776
NEW: @SidneyPowell1 radio interview w/ @toddeherman "The new report has a truckload of evidence of foreign interference in the election in it. That's what people seem to want to deny, even though the FBI & CISA ... issued an advisory and alert back on Oct. 30th & updated on

2/ Nov. 3rd, so for them to deny that now is absolutely absurd. Plus, we have an affidavit from an expert cyber-warfare [individual] who even shows the diagram of all the attacks coming in. We know that the VPN ... the Dominion people left those open and unencrypted on the night

3/ of the election, so that anybody could get in. We know that the packets of information went to Serbia [note: over 100 Dominion employees scrubbed there LinkedIn profiles of any affiliation with the company after the election, many of whom were in Serbia], Liechtenstein,

4/ Spain, Venezuela, Hunan, China & Hong Kong. There was traffic all over into our election system that is supposed to be self-contained, not accessible by the internet at all. We have witnesses who document that it was connected to the internet. We have a study out of

5/ [the Dominion voting system in Antrim] MI, they know that it was connected to the internet. They erased their audit files & their adjudication files, where they dumped over 68% of their ballots into a bin that they call "adjudication" [that would've been thousands + thousands
POLITICS , ELECTIONFRAUD