I joined , , and on the podcast to talk about the U.S. government's zero trust security strategy and why things need to change: overcast.fm/+xz8X8qQgQ
Since I can't bear listening to myself, you'll have to let me know how it turned out!
Eric Mill
@konklone
Currently: OMB, leading USG tech and security policy. Formerly: , , , Chrome Security. Personal account. he/him.
Eric Mill’s Tweets
For the first time ever, Congress has included memory safety in a law, requiring the National Cyber Director to study memory safety in the government. The omnibus is expected to pass this week. Proud to have worked on this provision while in the Senate!
appropriations.senate.gov/imo/media/doc/
2
46
137
After 4+ years of development, Antimatter Dimensions released the Reality update and is finally complete: ivark.github.io/AntimatterDime
Antimatter Dimensions was my first exposure to a modern incremental game in 2020 - it expanded my imagination, and hooked me on the genre ever since.
In fact there is a whole paper on this, it is great: arxiv.org/abs/1709.01606
Quote Tweet
If Chicken McNuggets are sold in packs of 6, 9, or 20, then 43 is the largest number of nuggets that cannot be ordered.
Show this thread
8
17
Great to see this from NH. We should get to the point where all voting machines in the U.S. run on open source software.
Not only for transparency, but for security - in my experience, developing software in the open leads to greater rigor.
2
7
Immortality is a total treat, one of the best games I played in 2022, and a perfect fit for holiday downtime after the kids are asleep.
Quote Tweet
8
Since 2019 I’ve been in an expensive, stressful legal battle to protect Webcomic Name (my “oh no” comics). It’s a relief to finally talk about this publicly! I’m launching a crowdfunder to pay my
remaining legal fees to end this. 1/8
209
13.5K
29.9K
Show this thread
Facebook user Johnny Darrel used MidJourney to imagine what it would look like if Jodorowsky directed TRON.
Trippy.
18
138
671
Show this thread
Today, released guidance directing agencies to inventory quantum-vulnerable cryptography used on their most critical systems, signifying the start of a major undertaking to prepare our Nation for the risks presented by this new technology. whitehouse.gov/wp-content/upl
3
25
34
Show this thread
I recently finished my fellowship in the Senate via , working for the Homeland Security and Governmental Affairs Committee under Sen. Gary Peters.
I had a fantastic experience working on cybersecurity and tech policy. Here's some of what I worked on: 🧵
8
37
133
Show this thread
Dems flipped both the Minnesota and Michigan legislatures.
They should join the National Popular Vote Compact, which — when activated — awards electoral votes to the winner of the national popular vote. Each state that joins brings us closer to making the Electoral College moot.
571
3,375
12.2K
Show this thread
November’s award for best .gov website goes to elections.ulstercountyny.gov/student-resour
Quote Tweet
I don't know if you all remember the "I Voted" sticker design contest for Ulster County that went viral and the internet all voted for this design but...it really did win, and they are using it for the current election: dailyfreeman.com/2022/10/30/ear
Show this thread
1
1
6
"Over the coming months, we’ll be rolling out a comprehensive, end-to-end solution for passwordless authentication, beginning with full support for creating, saving, and using device-agnostic passkeys in 1Password during the first half of 2023."
Quote Tweet
Today, we welcome Passage to the 1Password team.
Combining Passage’s technology and expertise with our own, we are bringing passwordless authentication to everyone. Our CEO shares what this means for the future of authentication and passkeys.
blog.1password.com/1password-acqu
4
20
Just finished a great presentation on risk-spotting for fiscal sponsors. Posting the materials here: mill.law/blog/risk-spot
Thanks to Ehsan (of MLC) and Jinna (of ) for joining!
2
4
Are you early career (< 2yrs out of a degree) and interested in working for the US govt in cyber, software eng, product management, or design? Check out the US Digital Corps!
Quote Tweet
Interested in becoming a Fellow? We're hosting an info session this Thursday 10/27 at 12pm ET. Our team and current Fellows will share more about the program and answer questions on how you can begin a civic tech career in government. 
Register today: eventbrite.com/e/us-digital-c
1
6
5
Show this thread
Oh, now this is a great step forward - the just released an order imposing security requirements on Drizly that not only require MFA be used internally, but that the MFA be phishing resistant:
ftc.gov/system/files/f
read image description
ALT
1
30
64
Oh, now this is a great step forward - the just released an order imposing security requirements on Drizly that not only require MFA be used internally, but that the MFA be phishing resistant:
ftc.gov/system/files/f
read image description
ALT
1
30
64
Consumer alert: To protect your privacy, avoid using unencrypted messaging sites (like Facebook Messenger) to communicate about seeking abortion services.
We've already seen Nebraska authorities use a woman’s Facebook messages to indict her for seeking an abortion.
7
143
199
Show this thread
NEW / ANALYSIS:
Only 25% of election websites are using the .gov domain.
Election officials need to have a trusted web presence. A .gov domain is a key element of that, but adoption is too low.
🧵
1
21
30
Show this thread
NEW EPISODE!
joins us to talk about SOC2, what it means, how to get it, and if it's important or not:
1
9
17
I’ll give you my thoughts. Warning, this is going to be a long thread:
Voters have the responsibility to make sure the ballot is marked the way they intend to vote, that is true for either style of ballot. But…
4
37
61
Show this thread
Multi-factor authentication increases the level of protection on your account information. If your financial institution is preventing you from using this data security practice, you can submit a complaint to the CFPB.
6
30
30
We’re so thrilled to finally announce the selections for the Draknek New Voices Puzzle Grant! The grant is going to a diverse group of 12 puzzlecrafters from all around the world.
grants.draknek.org
We’ll be introducing them in this thread ⬇️⬇️⬇️⬇️
5
131
205
Show this thread
1:31
20.8K views
13
140
515
Started and finished Linelith last night, a wonderful little puzzle game. Only around an hour long with various fun surprises:
1
News: is building a domain name registrar in the open, to be maintained by , that “intends to serve all government entities in the United States looking for a .gov domain to use publicly.”
github.com/cisagov/getgov Disclosing a zone file is 21st Century transparency.
Quote Tweet
read image description
ALT
The .gov domain program at CISA published a bunch of new things it's doing, and it is a long and interesting list! A few highlights:
* Building a new registrar with @18F.
* Publicly releasing the .gov zone file.
* DMARC checks for non-existent domains.
home.dotgov.gov/updates/2022/9
8
22
The .gov domain program at CISA published a bunch of new things it's doing, and it is a long and interesting list! A few highlights:
* Building a new registrar with .
* Publicly releasing the .gov zone file.
* DMARC checks for non-existent domains.
home.dotgov.gov/updates/2022/9
read image description
ALT
1
25
60
We’re partnering with to build a new home for .gov domains! We’ve also made the .gov zone file available, shared guidance on moving to a new domain, and request your help when governments are impersonated online: go.dhs.gov/Z3h
2
35
70
The .gov domain program at CISA published a bunch of new things it's doing, and it is a long and interesting list! A few highlights:
* Building a new registrar with .
* Publicly releasing the .gov zone file.
* DMARC checks for non-existent domains.
home.dotgov.gov/updates/2022/9
read image description
ALT
1
25
60
Railbound - a comfy train-bending puzzle game is
🚂🚃🚃 AVAILABLE NOW 🚃🚃🚃
on Steam, App Store and Google Play!
Grab it now and enjoy:
🧩 over 150 puzzles to solve,
🐶 cute story about 2 dogs,
🖼 lovely comic-book-inspired art,
🎼 relaxing soundtrack to vibe to,
LINKS ⬇
0:52
91.6K views
67
819
3,626
Show this thread
😎 COOL JOB ALERT
We’re hiring a software engineer to lead the development of a new registrar for the .gov domain. This role directly impacts the security of thousands of US-based gov't orgs and their millions of users. Apply by 9/28: usajobs.gov/job/674331100
5
61
60
2 years ago, issued a directive that required most 🇺🇸 executive branch agencies to have a vulnerability disclosure policy (cisa.gov/binding-operat). As of today, agencies must have *all* internet-accessible systems in scope of their VDP.
1
15
18
Show this thread
Hi and hello, I am writing to tell you of a once-in-a-lifetime SWE job in the government:
Building a new registrar for the .gov TLD usajobs.gov/job/674331100
🏛 Federal job at
🏡 Remote (US)
💻 Work is open source
🚫📜 No clearance req’t
👋 Work w/me (DMs open)
GIF
read image description
ALT
8
74
130
Show this thread
My piece on today's exceptional The Lever/ProPublica article on the most dramatic dark money contribution yet.
1
2
1
Show this thread
As ONCD continues to grow, we are excited to announce that we are hiring a Director for Cybersecurity Planning and Operations, a GS-14/15 role responsible for coordinating the development and implementation of U.S. defensive cybersecurity planning and operations.
12
63
135
Show this thread


























