Opens profile photo
Follow
Click to Follow SwiftOnSecurity
SwiftOnSecurity
@SwiftOnSecurity
computer security person at a place. former helpdesk. they/them/tay. Microsoft MVP, Client Security @SwiftOnSecurity@infosec.exchange
Cyber, USAJoined April 2014

SwiftOnSecurity’s Tweets

I hammer this nail into my team again and again. I know they get tired of it, but you want to know where the problem usually ends up originating? With a piece of information that can be gathered with the right questions before touching a single piece of hardware.
Quote Tweet
If you are troubleshooting an enterprise problem, you need to establish a chain of supporting evidence instead of assumptions and heuristic blame. I'm going to ask you down to the hard drive and build up from there. You called me. You will learn to deplore complexity.
Show this thread
46
If you are troubleshooting an enterprise problem, you need to establish a chain of supporting evidence instead of assumptions and heuristic blame. I'm going to ask you down to the hard drive and build up from there. You called me. You will learn to deplore complexity.
5
87
Show this thread
I'll be forever informed by this event. Sleeping on that hard bench was worth it. I will absolutely no longer give a shit or deference to what you did before you called me. I'm going to watch you go through it. I'm going to see you prove it as a higher-level problem.
Quote Tweet
Turns out IT systems depend on storage being either healthy or report unavailable, and inconsistent behavior by an intermediary layer obfuscating true health behind the intent to simplify, instead cascades across an enterprise where neither databases or logs are sources of truth.
Show this thread
3
44
Show this thread
Literally last week I saw a team explain a performance issue on a InfoSec service. I was added to the problem chat. I was humble and asked for examples. Turned out, a Security service was named similarly to an Ops service. 10+ people did not see this. They didn't force evidence.
2
48
Show this thread
Advice from an IT troubleshooter: People who are "in the shit" often lose perspective on a problem. I have been that person. I have also been the person who calls it out. It it rare a problem exceeds my skill. But it often subverts my assumptions. It is incredibly humbling.
5
85
Show this thread
I am one of a few people in the final escalation tier in a large firm. It's my job to figure it out. Something I see often is people seizing onto an obvious explanation, and ending the inquiry. But they were wrong. They found a routine blame. And continued issues assure them.
Quote Tweet
Ghost Plane | FULL EPISODE | Mayday: Air Disaster youtu.be/P52BESqVCd0
4
52
Show this thread
If you're in IT, and you're curious about a failure in the news – more mature professions study their failures publicly. Go look it up! Seek out the reports! News is just a public-interest summary with dead bodies. The real stuff is in reports. IT fails like all human systems do.
Quote Tweet
Complex systems defend themselves against routine failure, until they encounter a truly novel and unanticipated issue, after which - from the perspective of an operator - they devolve into absolute inexplicable catastrophe. how.complexsystems.fail
Show this thread
Image
4
168
Show this thread
Oh I lit the brakes on fire coming down the mountain from Lick Observatory. If I had anything better I'd be 100% dead. I would not be tweeting. I am so thankful I had a piece of shit embarrassing car when my brain wasn't developed yet.
Quote Tweet
Replying to @SwiftOnSecurity
I am legitimately impressed. You got a mercury sable up to that speed without driving off a cliff.
4
57
I'm so glad I had a well-maintained but absolute reputational and performance shitbox as my first car. I could have unlimited money and I'd give my teen some Volvo with side-impact airbags. You don't get keys to anything else. At 19 got 105MPH ticket in a teal Mercury Sable:
Image
29
240
Replying to
I heard one in NW Iowa about 10 years ago. (National guard jet from SD on training run 6 mi. away)My initial fear was that my wife’s science building with all the chemicals, gas lines, etc had exploded. I was a block from the building at the time. Pushed the air out of my chest.
2
32
Conspiracies are comfort blankets that salve terror of the unknown. A rational world driven by _something_, replacing one of absolute undefinable chaos where bad things happen, hard and uncomfortable. They couldn't happen to you. You've found agency in life. You're safe from fear
Image
8
225
People felt it and heard it as a literal explosion. I always pictured them as more of a nuisance - despite having seen several documentaries about the history of trans-sonic travel and technologies.
15
191
Show this thread
Like, I knew sonic booms were loud and that's partly why supersonic travel never took off. But the massive swathe of a metro area that heard a little jet pass the sound barrier, really emphasized how much of a barrier it is. I didn't really understand their magnitude until now.
47
506
Show this thread
Seriously, when people complain about Microsoft security baselines, some of those things have been supported since Windows 98 SE (NTLMv2). You've got to start harshly questioning what the heck is going on with teams/vendors saying they need exceptions. This is ridiculous.
Quote Tweet
Windows & Server have supported requiring signing since NT. Your only compatibility issues here will come from 3rd parties not supporting signing. Please contact me if you run into any so I can document them. Expect a lot more news in the SMB security space this year. Thnx /f
Show this thread
8
227
Show this thread
This is going to make a lot of pentesters (particularly mediocre ones) very, very sad. That's a good thing.
Quote Tweet
Ok, IT Pros, major SMB security announcement: Windows Insider Win11 Enterprise (Canary) builds now require SMB signing by default. This is part of our campaign to improve the security of Windows & Windows Server for the modern landscape aka.ms/SMBSigningOBD🧵
Show this thread
7
155