Ryan Basden
@ryanbasden.com
Independent contractor at @ empiricsecurity.com
#1 photography account about hacking.
Previously:
@bishopfox.bsky.social Red Team
@risk3sixty Pentesting Practice Lead
#1 photography account about hacking.
Previously:
@bishopfox.bsky.social Red Team
@risk3sixty Pentesting Practice Lead
Pinned
Ryan Basden
@ryanbasden.com
· Nov 8
The more I talk to other security consultants, the more I realize that the industry deserves a shake-up. FTE seems more and more like an inevitable path to burnout every day.
If @bsky.app could add TOTP as an MFA option instead of emailing me a code that is not only case sensitive but doesn't use a font that clearly differentiates between uppercase O and the number 0, that would be fantastic.
February 14, 2026 at 6:29 PM
If @bsky.app could add TOTP as an MFA option instead of emailing me a code that is not only case sensitive but doesn't use a font that clearly differentiates between uppercase O and the number 0, that would be fantastic.
Reposted by Ryan Basden
We’ve all seen it: the "compliance-first" mindset that checks every box while leaving the front door wide open, but out of scope.
If you’re tired of the theatre and actually want to move the needle, give this a read.
empiricsecurity.substack.com/p/how-shadow...
If you’re tired of the theatre and actually want to move the needle, give this a read.
empiricsecurity.substack.com/p/how-shadow...
How Shadow Incentives Harm Real Security
Despite the millions upon millions of dollars thrown at penetration testing ever year, big data breaches are still as common as ever.
empiricsecurity.substack.com
February 12, 2026 at 11:58 PM
We’ve all seen it: the "compliance-first" mindset that checks every box while leaving the front door wide open, but out of scope.
If you’re tired of the theatre and actually want to move the needle, give this a read.
empiricsecurity.substack.com/p/how-shadow...
If you’re tired of the theatre and actually want to move the needle, give this a read.
empiricsecurity.substack.com/p/how-shadow...
One more stressful event away from making disappearing into the woods part of my personality
January 14, 2026 at 3:50 PM
One more stressful event away from making disappearing into the woods part of my personality
Have you guys checked out your Kroger 2025 Wrapped yet
January 9, 2026 at 9:24 PM
Have you guys checked out your Kroger 2025 Wrapped yet
Some of the best hackers I know still manage to overestimate their expertise in completely unrelated fields, medical science being a big one. I can go from soaking in some arcane tech wisdom to fielding batshit takes about vaccines in the span of a few seconds with some of you guys. Why?
December 20, 2025 at 7:45 PM
Some of the best hackers I know still manage to overestimate their expertise in completely unrelated fields, medical science being a big one. I can go from soaking in some arcane tech wisdom to fielding batshit takes about vaccines in the span of a few seconds with some of you guys. Why?
Every time I go on a podcast as a guest, I spend the next 24 hours trying to remember if I said anything painfully stupid that will tank my career.
December 3, 2025 at 4:48 PM
Every time I go on a podcast as a guest, I spend the next 24 hours trying to remember if I said anything painfully stupid that will tank my career.
Does Bluesky really still not support TOTP? Can I stop having to copy a code from my email and remove the backticks that it includes?
November 1, 2025 at 7:41 PM
Does Bluesky really still not support TOTP? Can I stop having to copy a code from my email and remove the backticks that it includes?
Reposted by Ryan Basden
STOP CALLING IT VISHING AND SMISHING
YOU SOUND LIKE A FUCKING TODDLER BABBLING NONSENSE
ITS PHISHING OR SOCIAL ENGINEERING
REEEEEEEEE
YOU SOUND LIKE A FUCKING TODDLER BABBLING NONSENSE
ITS PHISHING OR SOCIAL ENGINEERING
REEEEEEEEE
September 3, 2025 at 4:16 PM
STOP CALLING IT VISHING AND SMISHING
YOU SOUND LIKE A FUCKING TODDLER BABBLING NONSENSE
ITS PHISHING OR SOCIAL ENGINEERING
REEEEEEEEE
YOU SOUND LIKE A FUCKING TODDLER BABBLING NONSENSE
ITS PHISHING OR SOCIAL ENGINEERING
REEEEEEEEE
Watch out for people who take your personal growth personally.
August 19, 2025 at 4:00 PM
Watch out for people who take your personal growth personally.
Working on a conference talk
August 13, 2025 at 9:08 PM
Working on a conference talk
"nano is for babies" - crontab
August 7, 2025 at 5:24 PM
"nano is for babies" - crontab
It's a personal conviction of mine that, for how much of the tech industry operates out of Atlanta, there is a serious lack of quality security conferences and communities. But I know some people trying to change that.
July 23, 2025 at 6:43 PM
It's a personal conviction of mine that, for how much of the tech industry operates out of Atlanta, there is a serious lack of quality security conferences and communities. But I know some people trying to change that.
Most fun I've ever had speaking at a conference, hands down. If you were there at @wildwesthackinfest.bsky.social , you were the best audience a guy could hope for.
www.youtube.com/watch?v=Vrtp...
www.youtube.com/watch?v=Vrtp...
Solving Dumb Hacker Problems With Nix | Ryan Basden
YouTube video by Wild West Hackin' Fest
www.youtube.com
July 23, 2025 at 2:21 PM
Most fun I've ever had speaking at a conference, hands down. If you were there at @wildwesthackinfest.bsky.social , you were the best audience a guy could hope for.
www.youtube.com/watch?v=Vrtp...
www.youtube.com/watch?v=Vrtp...
I would simply write memory-safe code
July 3, 2025 at 10:38 PM
I would simply write memory-safe code
Laptop numpads are psychotic, why do I have to overextend my right shoulder just to type
June 16, 2025 at 2:31 PM
Laptop numpads are psychotic, why do I have to overextend my right shoulder just to type
Finally getting around to watching Chernobyl and all I see is a bunch of MBAs making fun of technical experts and high-fiving
June 11, 2025 at 3:26 PM
Finally getting around to watching Chernobyl and all I see is a bunch of MBAs making fun of technical experts and high-fiving
If there's anything I can count on BlueSky for, it's showing me all of the stuff I've painstakingly worked to not have to look at on Twitter.
June 6, 2025 at 1:51 PM
If there's anything I can count on BlueSky for, it's showing me all of the stuff I've painstakingly worked to not have to look at on Twitter.
"In addition, ChatGPT doesn’t just itself fail to recognize the difference between fact and fiction, it presents these answers to people who are themselves unable to discern the difference."
lmnt.me/blog/the-dys...
lmnt.me/blog/the-dys...
The Dystopian Dream Team
lmnt.me
May 29, 2025 at 4:46 PM
"In addition, ChatGPT doesn’t just itself fail to recognize the difference between fact and fiction, it presents these answers to people who are themselves unable to discern the difference."
lmnt.me/blog/the-dys...
lmnt.me/blog/the-dys...
A little tired of getting random junk in conference "swag bags", can I opt out? I don't need fifty branded drawstring bags that I'm just going to donate and might eventually end up in a landfill.
May 20, 2025 at 4:07 PM
A little tired of getting random junk in conference "swag bags", can I opt out? I don't need fifty branded drawstring bags that I'm just going to donate and might eventually end up in a landfill.
iPad babies can be any age.
May 19, 2025 at 7:37 PM
iPad babies can be any age.
Hey Gemini, which spreadsheet does this company store passwords in
April 21, 2025 at 4:35 PM
Hey Gemini, which spreadsheet does this company store passwords in
imagine still using OOP when you could vibe-code functions and structs
April 4, 2025 at 5:24 PM
imagine still using OOP when you could vibe-code functions and structs
Some of my favorites from Zion National Park.
Taken with Kodak Portra 400.
Taken with Kodak Portra 400.
March 28, 2025 at 3:04 PM
Some of my favorites from Zion National Park.
Taken with Kodak Portra 400.
Taken with Kodak Portra 400.
I wish Signal would find a way to make their service censorship-resistant. Can't help but feel like completely abandoning countries that demand encryption backdoors is the wrong move.
Better to refuse AND make service use as hard to restrict as possible.
Better to refuse AND make service use as hard to restrict as possible.
March 25, 2025 at 2:14 AM
I wish Signal would find a way to make their service censorship-resistant. Can't help but feel like completely abandoning countries that demand encryption backdoors is the wrong move.
Better to refuse AND make service use as hard to restrict as possible.
Better to refuse AND make service use as hard to restrict as possible.