Lightnews — Scholar-powered news

Bob Lord

@boblord.bsky.social

6.2K followers 610 following 530 posts

Cautiously pessimistic, esp. about cyber things. The owls are not what they seem. 🗻🗻🦉🌲🪵 🍒🥧☕️🍩 🕵🏼‍♀️ 👍🏻 Also: 🔐🔑🔒

Posts Media Videos Starter Packs

Pinned

Bob Lord @boblord.bsky.social · Dec 20

Reporters, this is a story worth covering. It might not be as glamorous as high-profile hacks, and it might not attract as many clicks, but it’s important. The quiet adoption of HTTPS has improved online security for billions of people, and it deserves attention.

medium.com/@boblord/the...

The Quiet HTTPS Revolution

In a recent post, I explained that the websites I visit on my Chromebook are almost all delivered over HTTPS. Better still, 100% of the…

medium.com

17 65

Bob Lord @boblord.bsky.social · 1d

📣📣📣 It has come to my attention that Department Store Christmas is back on SOMA FM! 🎁☃️🎅🎄❄️
somafm.com/deptstore/

Department Store Christmas (Special) from SomaFM

Holiday Elevator Music from a more innocent time.

somafm.com

Bob Lord @boblord.bsky.social · 3d

Same.

Bob Lord @boblord.bsky.social · 3d

I also had a great time at the event!
🕵️ 👍🏻 ☕️ 🥧 🦙

Reposted by Bob Lord

Institute for Security and Technology @istorg.bsky.social · 15d

In a world with increasing nuclear dyads, can emerging technologies make us safer? On 10/23, IST will host author & international security expert @nktpnd.bsky.social in Palo Alto to discuss his book on the new nuclear age & the changing landscape of nuclear security.
🌐 Register to attend:

Book Talk | The New Nuclear Age: At the Precipice of Armageddon

In a world with increasing nuclear dyads, can emerging technologies make us safer – or are we opening Pandora's Box? Join IST in Palo Alto, CA or virtually for a book talk with Ankit Panda.

securityandtechnology.org

Bob Lord @boblord.bsky.social · 13d

You can't improve what you don't measure. A world in which software is secure by design requires tools to measure progress. In this paper, we present some ideas to evolve the CVE program to meet current and emerging needs. 📜 🔐

securityandtechnology.org/virtual-libr...

CVE at a Crossroads: A Blueprint for the Next 25 Years

The Common Vulnerabilities and Exposures (CVE) Program is a critical public good, yet it is at a crossroads. Established by MITRE with support from the U.S. government, the index of software vulnerabi...

securityandtechnology.org

1 2

Bob Lord @boblord.bsky.social · Sep 19

Oh no! What should I do??

Bob Lord @boblord.bsky.social · Sep 19

That one is malware. It should look like the one I’m using. Or is it the other way around? 🤔

Bob Lord @boblord.bsky.social · Sep 19

Right back at you!!!

Bob Lord @boblord.bsky.social · Sep 19

I'm writing this post while connected to the airport wi-fi. Is that OK? Am I in danger? 🤔🔒

4 1 5

Bob Lord @boblord.bsky.social · Aug 27

Thinking about recurring classes of coding error, are there any patterns in the exploited vulnerabilities? What are the software makers doing to ensure they have eliminated those classes going forward?

Bob Lord @boblord.bsky.social · Aug 25

Why do they call it "malvertising" when it seems that it's just another social engineering delivery mechanism? The user has to run a shell command, type a password, etc. It's not a direct launch of the malware. Or am I confused?

Reposted by Bob Lord

John Sipher @johnsipher.bsky.social · Aug 10

“Official statistics are a public good…Over the long run, there’s no replacement for the government. No private-sector company has the incentive to produce trustworthy official statistics that are available to everybody at no cost.”

www.nytimes.com/2025/08/08/b...

What if You Can’t Believe the Official Numbers?

www.nytimes.com

3 40 140

Bob Lord @boblord.bsky.social · Aug 5

That's why I called them "legacy" MFA. Make them feel like tech debt that will lead to a breach. Because that's exactly what they are.

Reposted by Bob Lord

Merriam-Webster @merriam-webster.com · Aug 3

Not to pile on, but every 'c' in 'Pacific Ocean' is pronounced differently.

79 420 2.6K

Bob Lord @boblord.bsky.social · Jul 31

Defeatist logic often masquerades as insight or realism. Don't fall for it.

Bob Lord @boblord.bsky.social · Jul 27

It will catch fire. We can do hard things! 🔐 💪🏻

Bob Lord @boblord.bsky.social · Jul 27

It would be great to identity the features we’d like to see the OS vendors change so we have security baked in rather than bolted on.
I’ve seen scary things happen when people try to be more secure with personal VPNs.

1 1 3

Bob Lord @boblord.bsky.social · Jul 26

Great speed. Fingerprint reader. 16G RAM. Good battery life. I liked the Pixelbook Go styling but this one is still good. The price was right!
One note: Signal doesn’t run on ARM so I can’t run it in the VM. Feel free to petition Signal to make ARM a first class citizen. 😇

2 3

Bob Lord @boblord.bsky.social · Jul 26

Just got a Lenovo Chromebook and it’s fantastic. My last one was from 2018 so I really feel the improvement.

2 2

Bob Lord @boblord.bsky.social · Jul 19

It’s about security. It needs to be baked in. Not bolted on.

Bob Lord @boblord.bsky.social · Jul 18

You can't add salt to the dough after the bread is baked.

2 5

Bob Lord @boblord.bsky.social · Jun 28

You still need to implement strong authentication, right? So FIDO is still a major part of the solution.

Bob Lord @boblord.bsky.social · Jun 28

Getting all the major players to agree on a protocol and then to implement it? Big challenge.

Bob Lord @boblord.bsky.social · Jun 28

To do that, you’d have to establish a protocol standard and then somehow get every OS and browser and major services to implement it. It would be hard work but then you’d basically eliminate an entire threat vector. Worth considering! 🤔

1 2

Bob Lord @boblord.bsky.social · Jun 27

Reading the news of hacks lately, it occurs to me that someone should invent a form of identification that resists phishing. They could call it something like, “phishing resistant MFA”. Something that protects accounts even when the user does what the hacker says.

What do you think? 🤔

2 1 7