JavaScript is not available.

Jack Cable

@jackhcable

Dec 20

For the first time ever, Congress has included memory safety in a law, requiring the National Cyber Director to study memory safety in the government. The omnibus is expected to pass this week. Proud to have worked on this provision while in the Senate! appropriations.senate.gov/imo/media/doc/

137

Dec 17

After 4+ years of development, Antimatter Dimensions released the Reality update and is finally complete: ivark.github.io/AntimatterDime Antimatter Dimensions was my first exposure to a modern incremental game in 2020 - it expanded my imagination, and hooked me on the genre ever since.

Dec 17

In fact there is a whole paper on this, it is great: arxiv.org/abs/1709.01606

Quote Tweet

Dimitriy V. Masterov

@falsedvmaster

Dec 16

If Chicken McNuggets are sold in packs of 6, 9, or 20, then 43 is the largest number of nuggets that cannot be ordered.

Show this thread

3 N.H. towns are testing out new ballot counting machines that use open source software

Dec 14

Great to see this from NH. We should get to the point where all voting machines in the U.S. run on open source software. Not only for transparency, but for security - in my experience, developing software in the open leads to greater rigor.

wbur.org

Unlike the current model that New Hampshire uses, these machines have software that’s open source, which allows anyone to see how it was programmed to tabulate votes.

Legal fund for Alex Norris "oh no" comics, organized by Alex Norris

Dec 10

Immortality is a total treat, one of the best games I played in 2022, and a perfect fit for holiday downtime after the kids are asleep.

Quote Tweet

IMMORTALITY

@HalfMermaid

Nov 21

#IMMORTALITY

10/10 Edge - "Astonishing" 95% PC Gamer - "Our highest score of 2022" ★★★★★ NME - "An arthouse masterpiece" 𝚆𝚑𝚊𝚝 𝙷𝚊𝚙𝚙𝚎𝚗𝚎𝚍 𝚝𝚘 𝙼𝚊𝚛𝚒𝚜𝚜𝚊 𝙼𝚊𝚛𝚌𝚎𝚕? Play on Steam, GOG, Xbox Series X|S, Game Pass and Android & Apple devices with Netflix

🌞 🐢

403

4,060

Since 2019 I’ve been in an expensive, stressful legal battle to protect Webcomic Name (my “oh no” comics). It’s a relief to finally talk about this publicly! I’m launching a crowdfunder to pay my remaining legal fees to end this. 1/8

gofundme.com

I am Alex Norris, creator of the webcomic Webcomic Name. I am here to ask for h… Alex Norris needs your support for Legal fund for Alex Norris "oh no" comics

209

13.5K

29.9K

Facebook user Johnny Darrel used MidJourney to imagine what it would look like if Jodorowsky directed TRON. Trippy.

138

671

Today,

released guidance directing agencies to inventory quantum-vulnerable cryptography used on their most critical systems, signifying the start of a major undertaking to prepare our Nation for the risks presented by this new technology. whitehouse.gov/wp-content/upl

I recently finished my fellowship in the Senate via

@congressfellows

, working for the Homeland Security and Governmental Affairs Committee under Sen. Gary Peters. I had a fantastic experience working on cybersecurity and tech policy. Here's some of what I worked on: 🧵

133

Dems flipped both the Minnesota and Michigan legislatures. They should join the National Popular Vote Compact, which — when activated — awards electoral votes to the winner of the national popular vote. Each state that joins brings us closer to making the Electoral College moot.

571

3,375

12.2K

The NSA calls for strategic shift to memory safe languages (cc

@yaelwrites

)

176

Until today, I've been convinced Twitter would (deserved or not) stabilize and be okay after this initial burst of cruelty and entropy. Maybe wishful thinking, as I genuinely really appreciate Twitter and what it's done for me and others. But, I now believe it will collapse.

November’s award for best .gov website goes to elections.ulstercountyny.gov/student-resour

Quote Tweet

Kaleigh Rogers

@KaleighRogers

Nov 2

I don't know if you all remember the "I Voted" sticker design contest for Ulster County that went viral and the internet all voted for this design but...it really did win, and they are using it for the current election: dailyfreeman.com/2022/10/30/ear

Show this thread

Risk-Spotting for Fiscal Sponsors — Mill Law Center

Nov 3

"Over the coming months, we’ll be rolling out a comprehensive, end-to-end solution for passwordless authentication, beginning with full support for creating, saving, and using device-agnostic passkeys in 1Password during the first half of 2023."

Quote Tweet

1Password

@1Password

Nov 3

Today, we welcome Passage to the 1Password team.

Combining Passage’s technology and expertise with our own, we are bringing passwordless authentication to everyone. Our CEO shares what this means for the future of authentication and passkeys. blog.1password.com/1password-acqu

Just finished a great presentation on risk-spotting for fiscal sponsors. Posting the materials here: mill.law/blog/risk-spot Thanks to Ehsan (of MLC) and Jinna (of

@AdlerColvinSF

) for joining!

mill.law

We (Ehsan Ali and I, along with our good friend Jinna Kwak from Adler & Colvin ) just gave a fun presentation on fiscal sponsorship and spotting (and resolving) risks in the context of new projects,...

Are you early career (< 2yrs out of a degree) and interested in working for the US govt in cyber, software eng, product management, or design? Check out the US Digital Corps!

Quote Tweet

U.S. Digital Corps

@USDigitalCorps

Oct 24

Interested in becoming a Fellow? We're hosting an info session this Thursday 10/27 at 12pm ET. Our team and current Fellows will share more about the program and answer questions on how you can begin a civic tech career in government.

Oh, now this is a great step forward - the

@FTC

just released an order imposing security requirements on Drizly that not only require MFA be used internally, but that the MFA be phishing resistant: ftc.gov/system/files/f

Requiring multi-factor authentication methods for all employees, contractors, and affiliates in order to access any assets (including databases) storing Covered Information. Such multi-factor authentication methods for all employees, contractors, and affiliates shall not include telephone or SMS-based authentication methods and must be resistant to phishing attacks. A Covered Business may use widely-adopted industry authentication options that provide at least equivalent security as the multi-factor authentication options required by this sub-provision, if approved in writing by the Commission;

read image description

ALT

Alex Gaynor and 2 others

Analysis | Few election offices have implemented a key defense against hackers

Oct 25

Oh, now this is a great step forward - the

@FTC

just released an order imposing security requirements on Drizly that not only require MFA be used internally, but that the MFA be phishing resistant: ftc.gov/system/files/f

read image description

ALT

Alex Gaynor and 2 others

Consumer alert: To protect your privacy, avoid using unencrypted messaging sites (like Facebook Messenger) to communicate about seeking abortion services. We've already seen Nebraska authorities use a woman’s Facebook messages to indict her for seeking an abortion.

143

199

NEW

ANALYSIS: Only 25% of election websites are using the .gov domain. Election officials need to have a trusted web presence. A .gov domain is a key element of that, but adoption is too low. 🧵

washingtonpost.com

Just one in four use the .gov domain.

Security. Cryptography. Whatever.

@SCWpod

Oct 16

NEW EPISODE!

@worldwise001

joins us to talk about SOC2, what it means, how to get it, and if it's important or not:

securitycryptographywhatever.buzzsprout.com

SOC2 with Sarah Harvey - Security. Cryptography. Whatever.

We have Sarah Harvey (@worldwise001 on Twitter) to talk about SOC2, what it means, how to get it, and if it's important or not. The discussion centers around two blog posts written by Thomas: SOC2...

I’ll give you my thoughts. Warning, this is going to be a long thread: Voters have the responsibility to make sure the ballot is marked the way they intend to vote, that is true for either style of ballot. But…

Multi-factor authentication increases the level of protection on your account information. If your financial institution is preventing you from using this data security practice, you can submit a complaint to the CFPB.

consumerfinance.gov

Submit a complaint | Consumer Financial Protection Bureau

Submit a complaint

Alan Hazelden/Draknek & Friends

@Draknek

Sep 28

We’re so thrilled to finally announce the selections for the Draknek New Voices Puzzle Grant! The grant is going to a diverse group of 12 puzzlecrafters from all around the world. grants.draknek.org We’ll be introducing them in this thread ⬇️⬇️⬇️⬇️

grants.draknek.org

Draknek New Voices Puzzle Grant

The Draknek New Voices Puzzle Grant is a grant opportunity for game developers from traditionally underrepresented groups and backgrounds who are interested in designing and developing puzzle games.

131

205

oh heck even Riker is playing #TromboneChamp on the ol' holodeck to impress tha ladies

1:31

20.8K views

140

515

Solve puzzles embedded in rocks and crystals as you explore a colorful, serene alien asteroid. Discover a few clever twists as you progress in this short and sweet puzzle experience.

Sep 19

Started and finished Linelith last night, a wonderful little puzzle game. Only around an hour long with various fun surprises:

store.steampowered.com

Linelith on Steam

Sep 18

I'm up early for skydiving day, an annual tradition where I bring a ~dozen people (mostly first timers) to do a tandem skydive. It's been 3 years since the last one and it feels great to get back out there. Photos to come later!

News:

is building a domain name registrar in the open, to be maintained by

, that “intends to serve all government entities in the United States looking for a .gov domain to use publicly.” github.com/cisagov/getgov Disclosing a zone file is 21st Century transparency.

Quote Tweet

Sep 14

Making infrastructure less invisible
SEPTEMBER 14, 2022
Author: Cameron Dixon

Invisibility is embedded in the concept of “infrastructure”: the word’s component parts literally mean ‘to build below’. Though everyone relies on infrastructure, what keeps it below the radar for many people is that it usually just works. Without knowing better, a person could reasonably conclude that life-giving water coming from the tap is boring, or that the miracle of power from an electrical outlet is too obvious to be noteworthy, or that the entire internet emanating from a Wi-Fi access point is simply How It Should Be®. While we concede that last point is true (and that invisible consistency tends to be a trait of good infrastructure), it usually takes a lot of work to achieve those boring “it just works” outcomes.

read image description

ALT

The .gov domain program at CISA published a bunch of new things it's doing, and it is a long and interesting list! A few highlights: * Building a new registrar with @18F. * Publicly releasing the .gov zone file. * DMARC checks for non-existent domains. home.dotgov.gov/updates/2022/9

The .gov domain program at CISA published a bunch of new things it's doing, and it is a long and interesting list! A few highlights: * Building a new registrar with

@18F

. * Publicly releasing the .gov zone file. * DMARC checks for non-existent domains. home.dotgov.gov/updates/2022/9

read image description

ALT

Cameron Dixon

Cybersecurity and Infrastructure Security Agency

Sep 15

We’re partnering with

@18F

to build a new home for .gov domains! We’ve also made the .gov zone file available, shared guidance on moving to a new domain, and request your help when governments are impersonated online: go.dhs.gov/Z3h

Sep 14

The .gov domain program at CISA published a bunch of new things it's doing, and it is a long and interesting list! A few highlights: * Building a new registrar with

@18F

. * Publicly releasing the .gov zone file. * DMARC checks for non-existent domains. home.dotgov.gov/updates/2022/9

read image description

ALT

Railbound - a comfy train-bending puzzle game is 🚂🚃🚃 AVAILABLE NOW 🚃🚃🚃 on Steam, App Store and Google Play! Grab it now and enjoy: 🧩 over 150 puzzles to solve, 🐶 cute story about 2 dogs, 🖼 lovely comic-book-inspired art, 🎼 relaxing soundtrack to vibe to, LINKS ⬇

0:52

91.6K views

819

3,626

Cybersecurity and Infrastructure Security Agency

Sep 4

😎 COOL JOB ALERT We’re hiring a software engineer to lead the development of a new registrar for the .gov domain. This role directly impacts the security of thousands of US-based gov't orgs and their millions of users. Apply by 9/28: usajobs.gov/job/674331100

2 years ago,

issued a directive that required most 🇺🇸 executive branch agencies to have a vulnerability disclosure policy (cisa.gov/binding-operat). As of today, agencies must have *all* internet-accessible systems in scope of their VDP.

Hi and hello, I am writing to tell you of a once-in-a-lifetime SWE job in the government: Building a new registrar for the .gov TLD usajobs.gov/job/674331100 🏛 Federal job at

A Bleak Glimpse at Dark Money and Alternatives to Philanthropy — Mill Law Center

🏡 Remote (US) 💻 Work is open source 🚫📜 No clearance req’t 👋 Work w/me (DMs open)

GIF

read image description

ALT

130

Replying to

Now cabbage, on the other hand...

My piece on today's exceptional The Lever/ProPublica article on the most dramatic dark money contribution yet.

mill.law

Since reading The Lever and ProPublica’s excellent and essential joint piece , by Andrew Perez, Andy Kroll & Justin Elliott this morning, I have been wrestling with the best way to write about Barre...

The Office of the National Cyber Director

@ONCD

Aug 16

As ONCD continues to grow, we are excited to announce that we are hiring a Director for Cybersecurity Planning and Operations, a GS-14/15 role responsible for coordinating the development and implementation of U.S. defensive cybersecurity planning and operations.

135