A few things to keep in mind today:
— We have no idea of why/who re: Wed’s assassination.
— Today is the anniversary of a tragic event that has enabled much of the harm caused by the GOP this year.
— Trump is an adjudicated rapist & was involved at least in some way in the mass sexual assault of children.
Oh, and never let anyone forget what happened on January 6th, too.
Details: https://dailydrop.hrbrmstr.dev/2025/08/07/drop-691-2025-08-07-short-sweet/
(I posted this on LI, but I like to own my content, so am also posting here.)
The cybersecurity community deserves better than what we’re witnessing at RSAC 2025, today.
While Kristi Noem delivers today’s keynote, the absence of traditional cybersecurity leaders from agencies like NSA and CISA speaks volumes about shifting priorities in our field. This contrast becomes even more troubling when viewed alongside recent developments with Chris Krebs. The former CISA director — widely respected for his defense of election security — has faced unprecedented retaliation: security clearances revoked, his employer SentinelOne effectively blacklisted, and federal investigations directed into his tenure for simply upholding the integrity of our democratic systems.
Meanwhile, Secretary Noem — who has publicly committed to “reining in” CISA’s disinformation efforts and called its election integrity work “shocking” — receives our industry’s most prestigious speaking platform. Her tenure at DHS has featured more political theater than substantive cybersecurity leadership — or just leadership in general — prioritizing spectacle over the technical expertise and collaborative approach our field demands.
RSAC has always represented rigorous, forward-thinking discussion about defending critical infrastructure and fostering trust in technology. By elevating political figures who undermine the very principles our community stands for — while one of our most principled voices faces silencing — we’re accepting a dangerous new standard.
The cybersecurity field requires leaders who value expertise, accountability, and the defense of democratic norms. We must ask ourselves: what message are we sending about our professional values when we applaud those who work to dismantle the very protections we’ve built?
Every individual involved with RSAC who had a part to play in this decision should be deeply, deeply ashamed of themselves.
Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA), was fired by Donald Trump in 2020 for publicly affirming that the presidential election was secure and free from widespread fraud. Fast-forward to April 2025: Trump, now back in the White House, issued an executive order revoking Krebs’ security clearances and ordering a federal investigation into his conduct, specifically targeting both Krebs and his employer, SentinelOne. The order also suspended clearances for other SentinelOne employees and threatened the company’s ability to do business with the government.
Krebs responded by resigning from SentinelOne to fight the administration’s campaign against him, stating, “This is a fight for democracy, freedom of expression, and the rule of law. I’m ready to give it my all”. SentinelOne’s stock dropped, and the chilling effect on the broader cybersecurity sector was immediate and palpable.
Despite Krebs’ reputation for professionalism and integrity, the cybersecurity industry has, with rare exceptions, responded with silence. Reuters reached out to 33 major cybersecurity firms and three industry groups—only one responded with a comment. Industry leaders, major vendors, and conference organizers have largely avoided public statements. Even companies with direct ties to Krebs, such as Microsoft and CrowdStrike, declined to comment.
This silence is not just disappointing—it’s dangerous. The executive order against Krebs is not merely a personal vendetta; it is a test of constitutional norms and the independence of the cybersecurity profession. By targeting Krebs for telling the truth, the administration is sending a message: dissent—especially when it contradicts the preferred political narrative—will be punished. The industry’s lack of response is, in effect, complicity.
RSA Conference 2025’s theme is “Many Voices. One Community.” But a community that stays silent in the face of injustice is not united—it is complicit. Every attendee, whether you’re a practitioner, vendor, or “A-lister,” has a responsibility to meet this moment.
When you visit vendor booths or encounter cybersecurity leaders and influencers at RSA, ask them:
Don’t let them dodge. Don’t accept platitudes.
If you’re a vendor or a leader: issue a public statement. Sign an open letter. Organize a session or a panel on defending professional independence. Use your platform—on stage, on social media, in the press—to call out this abuse of power.
If you’re an attendee: demand answers. Refuse to let silence be the industry’s answer to authoritarian overreach.
Remember: Silence is not safety. Silence is capitulation. If the cybersecurity community cannot defend its own when the truth is under attack, then what exactly are we protecting?
This is your moment. Don’t waste it.
Just putting a marker out there, that I’m either fundamentally wrong, or we all are f’d this week.
If the latter: I told you so.
(Re-posted from 47 Watch).
The State Department, under the stewardship of Secretary Marco Rubio, has just dropped a bombshell determination that’s about as subtle as a foghorn in a library.
You can/should review the Federal Register notice before continuing. There is a markdown formatted version of this on the 47 Watch knot.
In a nutshell, they’ve decided that pretty much everything involving borders, immigration, and international trade should now be considered a “foreign affairs function.”
Why does this matter?
Well, it’s because this administrative magic trick exempts these activities from the Administrative Procedure Act — a law that ensures the government can’t just make sweeping changes without telling anyone. It’s like democracy’s version of “no take-backsies.”
Let’s break down just some of the potential consequences:
The “Your Phone is Our Phone” Situation: Border agents could potentially get more power to access your devices. Hope you’re ready to share your entire camera roll with strangers in uniform (who will all be employees of a private company, soon)!
The “Economic Whiplash” Effect: The government could slap trade restrictions on countries faster than you can say “global supply chain disruption.” It’s like playing economic Jenga, but with real people’s livelihoods.
This determination could lead to policies being implemented without public input or oversight. It’s like the government putting on noise-canceling headphones while making decisions that affect millions of lives.
So, what can we do?
Well, it’s time (again) to make some noise.
Write to your representatives, call your senators, and make your voice heard.
Let’s shine a light on this issue before we wake up in a country where border policy is decided by whether the angrily-tossed plate with condiments on it hits the wall ketchup-side up or down.
If you’re looking for something to riff from when contacting your representative, this is what I’m emailing, printing-and-mailing, and calling (on Monday) my reps with:
——
As a [what you do + where you reside], I strongly oppose the determination to classify all efforts related to border control, immigration, and cross-border transfers as “foreign affairs functions” under the Administrative Procedure Act (APA).
This determination poses significant risks to transparency, accountability, and the fundamental principles of democratic governance. By exempting these critical areas from APA requirements, we risk implementing far-reaching policies without proper public scrutiny or input. This is particularly concerning given the complex, nuanced nature of immigration and border security issues.
The broad scope of this determination, encompassing “people, goods, services, data, technology, and other items,” is alarmingly vague and could lead to overreach in areas such as digital privacy and trade. As someone deeply involved in data science and security, I foresee potential abuses in data collection and surveillance that could infringe on civil liberties and hinder technological innovation.
Furthermore, this determination may exceed executive authority and violate the separation of powers. The Constitution grants Congress, not the executive branch, the power to establish a “uniform Rule of Naturalization” (Article I, Section 8, Clause 4). This sweeping reclassification appears to usurp congressional authority over immigration law.
From a national security perspective, while rapid response capabilities are important, the lack of public input and oversight could lead to poorly conceived policies that actually harm our security interests. Hastily implemented changes could disrupt critical international relationships, intelligence sharing, and cooperative law enforcement efforts.
I urge you to reconsider this determination. Instead, focus on improving existing processes within the current legal framework, ensuring that changes to immigration and border policies remain subject to proper public scrutiny and democratic checks and balances.
On March 10, 2025, Xitter experienced major service disruptions throughout the day. Users couldn’t access the platform on both mobile apps and the website. Here’s what happened and why it matters.
X suffered multiple waves of outages starting early Monday morning:
People trying to use Xitter saw loading symbols, error messages saying “Something went wrong. Try reloading,” or couldn’t access the service at all.
A pro-Palestinian hacking group called Dark Storm Team claimed responsibility for the attack. They posted on their Telegram channel: “Twitter has been taken offline by Dark Storm Team,” along with screenshots showing connection failures from different global locations.
Dark Storm Team has been active since around 2023 and is known for targeting organizations in Israel, Europe, and the United States. According to security experts, the group specializes in DDoS attacks and has a pro-Palestinian orientation.
Elon Musk, Xitter’s owner, acknowledged the attack several hours after it began: “There was (still is) a massive cyberattack against Xitter. We get attacked every day, but this was done with a lot of resources. Either a large, coordinated group and/or a country is involved.”
Later, in an interview with Fox Business, Musk made a controversial claim connecting the attack to Ukraine: “We’re not sure exactly what happened but there was a massive cyberattack to try and bring down the Xitter system with IP addresses originating in the Ukraine area.” He provided no evidence to support this claim.
Cybersecurity experts expressed significant skepticism about Musk’s Ukraine claim:
Ukrainian officials firmly denied any involvement. Oleksii Merezhko, chairman of Ukraine’s parliamentary Foreign Affairs Committee, stated that the Ukrainian government had “absolutely” no part in the alleged cyberattack on Xitter.
Ed Krassenstein, who claimed to have communicated with Dark Storm’s leader, contradicted Musk’s assertion. According to screenshots shared online, the group responded to the Ukraine claim by saying: “Elon Musk must provide evidence for his claim, and we will provide evidence for ours.” They allegedly threatened further attacks, warning “We can attack again. A stronger attack this time, not only on Xitter but Tesla and others.”
The incident was a distributed denial-of-service (DDoS) attack. These attacks work by:
– Overwhelming a platform’s servers with excessive traffic
– Causing slowdowns or complete outages by exhausting available resources
– Using compromised devices (forming a “botnet”) to send overwhelming amounts of data
Cybersecurity experts described this attack as “far beyond simple DoS attempts,” involving “full-scale DDoS assaults, combined with sophisticated botnet activity, credential stuffing, API abuse, and targeted application-layer attacks designed to cripple operations.”
Xitter implemented Cloudflare’s DDoS protection services to mitigate the impact. This defensive measure introduced captcha verification for suspicious IP addresses generating too many requests. By evening, the platform had largely recovered, though some users continued to experience intermittent issues.
I’m not surprised Cloudflare helps protect Nazis, but it’d be nice to live in a universe where they all crawled back under their rocks for good.
Maine 2025 Ballot Questions Redux
If you want to or do vote “yes” for question 1, you are not a real American, you are not a real Christian (if you profess to be one), you are not a decent human. You are at the very least a classist; you are also very likely a racist/bigot, and you have zero ability to think critically or with evidence. You hate Americans serving in the military or in any type of foreign service. You also very likely don’t look in the mirror since if you did you’d likely slap yourself for what you believe.
If you want to or do vote “no” for question 2, you are anti-life (never, ever use the words “pro-life” to describe yourself if in my presence…it will end very badly for you), have no ability to use evidence to make decisions, and should never work in any profession that requires any level of decent judgement. Given your lack of mental acuity, your own firearms should be removed from your possession and you should likely be forced to take an annual driver’s test to ensure your mental acuity is up to snuff.
Decent people are for honest, free access to exercising their right to vote as an American citizen, and decent people are for sane gun regulations.
Now, excuse me while I go early voting to help ensure you continue top indeed be losers in life and also these initiatives.