Cat Easdon
@easdon.bsky.social
Privacy engineering at Dynatrace | privacy, tech policy, hardware security. You may know me from: @virtualroutes.bsky.social, @internetsociety.bsky.social, or my past life hacking CPUs 👩💻 All opinions my own.
What do you think? 🤔
◆ You can check out the slides here: www.cattius.com/images/virtu...
◆ Read more about @dynatrace.com's secure development lifecycle here: docs.dynatrace.com/docs/manage/...
◆ And learn how to attest our product components' SBOMs here: docs.dynatrace.com/docs/ingest-...
◆ You can check out the slides here: www.cattius.com/images/virtu...
◆ Read more about @dynatrace.com's secure development lifecycle here: docs.dynatrace.com/docs/manage/...
◆ And learn how to attest our product components' SBOMs here: docs.dynatrace.com/docs/ingest-...
www.cattius.com
February 10, 2025 at 12:25 PM
What do you think? 🤔
◆ You can check out the slides here: www.cattius.com/images/virtu...
◆ Read more about @dynatrace.com's secure development lifecycle here: docs.dynatrace.com/docs/manage/...
◆ And learn how to attest our product components' SBOMs here: docs.dynatrace.com/docs/ingest-...
◆ You can check out the slides here: www.cattius.com/images/virtu...
◆ Read more about @dynatrace.com's secure development lifecycle here: docs.dynatrace.com/docs/manage/...
◆ And learn how to attest our product components' SBOMs here: docs.dynatrace.com/docs/ingest-...
As a society, we can set expectations for companies' responsibilities. ESG initiatives were a first step beyond the Friedman doctrine (the only social responsibility of a company is to increase its profits). Now let's consider what role we want companies to play in building societal resilience...
February 10, 2025 at 12:22 PM
As a society, we can set expectations for companies' responsibilities. ESG initiatives were a first step beyond the Friedman doctrine (the only social responsibility of a company is to increase its profits). Now let's consider what role we want companies to play in building societal resilience...
I highlighted how business pressures can lead over time to a weak security culture and resulting data breaches, despite the best efforts of individuals. To tackle this, do we perhaps need more than just internal organizational change across the industry?
February 10, 2025 at 12:20 PM
I highlighted how business pressures can lead over time to a weak security culture and resulting data breaches, despite the best efforts of individuals. To tackle this, do we perhaps need more than just internal organizational change across the industry?
We discussed:
◆ How businesses reason about software security
◆ The secure development lifecycle at @dynatrace.com
◆ Supply chain security and SBOMs 📜
◆ Two breaches that led to the US Cyber Safety Review Board calling on all cloud providers to drastically prioritize security
◆ How businesses reason about software security
◆ The secure development lifecycle at @dynatrace.com
◆ Supply chain security and SBOMs 📜
◆ Two breaches that led to the US Cyber Safety Review Board calling on all cloud providers to drastically prioritize security
February 10, 2025 at 12:18 PM
We discussed:
◆ How businesses reason about software security
◆ The secure development lifecycle at @dynatrace.com
◆ Supply chain security and SBOMs 📜
◆ Two breaches that led to the US Cyber Safety Review Board calling on all cloud providers to drastically prioritize security
◆ How businesses reason about software security
◆ The secure development lifecycle at @dynatrace.com
◆ Supply chain security and SBOMs 📜
◆ Two breaches that led to the US Cyber Safety Review Board calling on all cloud providers to drastically prioritize security
Reposted by Cat Easdon
'“The bottom line is, you can’t replace the guy who screams, ‘Listen, this is dangerous,’” with all the advanced AI technologies in the world,” said Caspit, the Israeli journalist who has interviewed every living 8200 commander for his book.'
December 30, 2024 at 10:32 AM
'“The bottom line is, you can’t replace the guy who screams, ‘Listen, this is dangerous,’” with all the advanced AI technologies in the world,” said Caspit, the Israeli journalist who has interviewed every living 8200 commander for his book.'
Android’s developer docs talk about accuracy to within a few feet (for the raw fused location data without heuristics in addition). But it varies a lot depending on the environment (dense urban areas = lots of WiFi data), phone hardware, whether power saving mode is on, etc.
Change location settings | Sensors and location | Android Developers
developer.android.com
December 28, 2024 at 7:58 AM
Android’s developer docs talk about accuracy to within a few feet (for the raw fused location data without heuristics in addition). But it varies a lot depending on the environment (dense urban areas = lots of WiFi data), phone hardware, whether power saving mode is on, etc.
Great question! 10cm is unusually precise - it shocked me when I read the article. I’d assume the ‘geo’ data it refers to is data from the phone’s precise location source (GPS + WiFi, Bluetooth, cell coverage, etc.) + car-specific heuristics (e.g. you’re probably parked on a road, not in a river).
December 28, 2024 at 7:49 AM
Great question! 10cm is unusually precise - it shocked me when I read the article. I’d assume the ‘geo’ data it refers to is data from the phone’s precise location source (GPS + WiFi, Bluetooth, cell coverage, etc.) + car-specific heuristics (e.g. you’re probably parked on a road, not in a river).
More info (🇩🇪-only) in the Spiegel + at 38C3 later this evening (recording coming soon). Intrigued to hear their take on why this data was even collected…Collecting with such precision seems like pure data greed given the risk to individuals + organizations (police, military etc. all in the dataset).
Volkswagen-Konzern - Datenleck: Wir wissen, wo dein Auto steht
VW hat mit einer neuen Blamage zu kämpfen. Bewegungsdaten von 800.000 E-Autos sowie Kontaktinformationen zu den Besitzern standen ungeschützt im Netz. Sichtbar war, wer wann zu Hause parkt, beim BND o...
www.spiegel.de
December 27, 2024 at 8:42 PM
More info (🇩🇪-only) in the Spiegel + at 38C3 later this evening (recording coming soon). Intrigued to hear their take on why this data was even collected…Collecting with such precision seems like pure data greed given the risk to individuals + organizations (police, military etc. all in the dataset).