lingo.lol is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for linguists, philologists, and other lovers of languages.

Server stats:

59
active users

#electmorehackers

0 posts0 participants0 posts today
Andrew 🌻 Brandt 🐇<p>Last night I attended the <a href="https://infosec.exchange/tags/Boulder" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Boulder</span></a> BVSD school district's District Accountability Committee meeting. I am the representative to my kids' high school at the DAC, that advises the school board on policy matters. It's a commitment I made to staying involved in local school operations, regardless of the outcome of the election last year.</p><p>The DAC is considering updates to policies surrounding the searches of and interrogations of students on school grounds. The DAC policy subcommittee made several positive changes that strengthen the protections this policy gives to students, who under these kind of circumstances are obviously in a power-imbalance situation.</p><p>But there was one change that I couldn't abide, and when I brought it up, it started a nearly hourlong debate in which many other DAC representatives chimed in with their own concerns.</p><p>The change was to give schools the permission to search students' mobile devices and laptops. It was a one-line insertion into an existing policy that gives school officials permission to search student lockers. </p><p>I made the point that phones/laptops often contain highly sensitive, personal information that falls outside the scope of any legitimate investigation, and that the language was overbroad and failed to take into account the need for student data privacy and limiting the scope of the search, and raises significant civil rights issues.</p><p>Another DAC member raised the issue that the policy seems to lay the responsibility for students maintaining the security of their devices on the students, even when an adult has access to those devices, which seemed weirdly out of sync.</p><p>Yet another DAC member was concerned that there was no guidance about how such searches would be conducted, and under what circumstances. Doesn't changing a policy like this lead to potential 'fishing expeditions' on specious evidence or even just allegations of misbehavior without evidence? </p><p>In the end, the DAC thought this policy would sail through and be passed along to the BVSD board for their approval next week. I think the policy needs significant rework and there's no way the board should pass it in its current form. I will speak at the school board meeting next week to get that point across, because the way it looks right now, I would not want my name connected to this policy.</p><p><a href="https://infosec.exchange/tags/COpolitics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>COpolitics</span></a> <a href="https://infosec.exchange/tags/BVSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BVSD</span></a> <a href="https://infosec.exchange/tags/SchoolBoard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SchoolBoard</span></a> <a href="https://infosec.exchange/tags/policy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>policy</span></a> <a href="https://infosec.exchange/tags/electmorehackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>electmorehackers</span></a> <a href="https://infosec.exchange/tags/4thAmendment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>4thAmendment</span></a> <a href="https://infosec.exchange/tags/PolicyHackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PolicyHackers</span></a> <a href="https://infosec.exchange/tags/education" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>education</span></a> <a href="https://infosec.exchange/tags/USPol" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USPol</span></a></p>
Andrew 🌻 Brandt 🐇<p><span class="h-card" translate="no"><a href="https://mastodon.social/@dangillmor" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dangillmor</span></a></span> ...which is just another reason we should <a href="https://infosec.exchange/tags/ElectMoreHackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ElectMoreHackers</span></a> so we have legislators who have the technical chops to build some consumer protection policy with teeth!</p>
Andrew 🌻 Brandt 🐇<p>The Aspen Tech Policy Hub is organizing some training in how hackers can engage in tech policy by learning how to speak and write effectively to communicate with lawmakers. They're calling it "The Cyber Civil Defense Policy Training Series"</p><p>The first one starts next Tuesday.</p><p>Sign up for one, or all three, here: <a href="https://aspenpolicyacademy.org/short-courses#cybersecurityseries" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">aspenpolicyacademy.org/short-c</span><span class="invisible">ourses#cybersecurityseries</span></a></p><p><a href="https://infosec.exchange/tags/ElectMoreHackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ElectMoreHackers</span></a> <a href="https://infosec.exchange/tags/TechPolicy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechPolicy</span></a> <a href="https://infosec.exchange/tags/Policy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Policy</span></a> <a href="https://infosec.exchange/tags/engage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>engage</span></a> <a href="https://infosec.exchange/tags/engagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>engagement</span></a> <a href="https://infosec.exchange/tags/fightforthefuture" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fightforthefuture</span></a> <a href="https://infosec.exchange/tags/AspenTech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AspenTech</span></a> <a href="https://infosec.exchange/tags/AspenTechPolicyHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AspenTechPolicyHub</span></a></p>

Exciting news, #hackers: the #KamalaHarris campaign will be hosting a reception to support her candidacy at #Defcon on August 8.

If you're interested in protecting our democracy and supporting a candidate who understands what a future looks like that hasn't been captured by corporate tech interests, I encourage you to join me in donating and attending this special event.

The donation link is secure.kamalaharris.com/a/mid-

Last October, while in the home stretch of an off-year campaign for elected office, a political candidate's inbox received a series of email-borne attacks. @SophosXOps investigated both the business email compromise (BEC) and the phishing emails the candidate received.

news.sophos.com/en-us/2024/06/

Sophos News · Phishing, BEC attackers target candidates in local election, among othersAn escalating series of email-borne attacks were sent to candidates, including the author
Continued thread

I'm actually astonished at how bad the answers were from this Colorado state senator Mark Baisley (2nd from left, so-called "freedom senator") to questions on this panel about #infosec and #elections.

When asked about the risks to lower or local/downballot candidates were minimal (wrong!), and when asked how political parties or candidates should protect voter roll data, he answered "obfuscation, security through obfuscation" (I guess he's unfamiliar with the baseline security principle of "there's no security through obscurity.")

We desperately need more people to run for office who know what they're talking about. This was just embarrassing.

Why you need an infosec analyst on your #SchoolBoard: I received two scam emails this past weekend on an account I use for my candidacy and alerted my fellow candidates.

The scams were fairly rudimentary "iTunes gift card" fraud, but the attackers did look for and use the names of other candidates and one actual board member in their scam emails.

I had heard that politicians get hit with a larger-than-average volume of #malspam but this was a new one for me. Also, totally hamfisted, using UTC+3 time zone and a Russia-based webmail provider. Try harder next time, losers!