Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Katie🌻Moussouris (she/her) is not coming to Vegas Profile picture
@k8em0
Dec 17, 2017 4 tweets 2 min read Read on X
New from me:
Important changes to #Wassenaar protects defenders from export control paperwork impeding #vulnerabiltydisclosure & #incidentresponse . Done? Not yet! Let's celebrate this win for tech/policy collaboration now. What's next? Read on. 🍻🥂🥃
thehill.com/opinion/cybers…
All options, including seeking further clarifications, or drafting a proposed domestic export control rule, are all still on the table in the US. There will likely be further opportunities for the public to weigh in on this undecided next move by the US.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Katie🌻Moussouris (she/her) is not coming to Vegas

Katie🌻Moussouris (she/her) is not coming to Vegas Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @k8em0

Katie🌻Moussouris (she/her) is not coming to Vegas Profile picture
Sep 21, 2018
I just got this from Twitter, so I asked:
"I received notice that Twitter employees had access to some of my DMs. Which DMs were they exactly? How many Twitter employees had access to them? Were the recipients of my DMs also told that my private messages to them were compromised?
Putting this at the top of the replies so that people can stop feeling like they need to correct my original tweet. :) Clarification is in my timeline, but not high enough in the replies to see that it is *even worse* than I initially thought:
Read 5 tweets
Katie🌻Moussouris (she/her) is not coming to Vegas Profile picture
Sep 21, 2018
I got 2 consecutive restraining orders against an MIT professor, the 1st of which he forced an evidentiary hearing w his own character witnesses & full cross examination of me on the stand, he wasn't disciplined at all.
I was 21. He was 34.
Why do that ever again
#WhyIDidntReport
I left my job at MIT, where I'd worked 4 years, moved across the country & became a Linux dev. I chose not to get a 3rd restraining order in San Francisco, so that he wouldn't know where I lived. To this day, now that I'm a public figure, I worry that he will snap & come hurt me.
It's been over 20 years. He was known to hit on undergrads. Known to MIT by complaints by students. Even when court found him to be a credible threat to me, his position at MIT remained unchanged. I spoke up loudly for myself & to stop him from hurting anyone else. MIT failed us.
Read 6 tweets
Katie🌻Moussouris (she/her) is not coming to Vegas Profile picture
Aug 29, 2018
Marketing can often get things wrong. So can media. I expect technical folk to use technical terms correctly.
"Integration in SDLC" which I've discussed extensively regarding vuln disclosure/bug bounties has little to do with nifty JIRA bug bounty integration (which is cool).
It sure makes for glossy marketing to say that it does - but that labels a feature erroneously. It is actually a process. The process can still be missing. Why does it matter so much?
It's like saying a bug bounty can make you more secure - which is a lie without back-end process
It's accurate to say that bug bouny platform-JIRA integration streamlines the vulnerability response process, because that is all that it does. This is quite useful without the marketing deception & complete misuse of the technical process term "SDLC". That's for preventing bugs.
Read 11 tweets
Katie🌻Moussouris (she/her) is not coming to Vegas Profile picture
Aug 13, 2018
Last view of the crime scene that was my invaded hotel room and violated space, courtesy of @CaesarsPalace who still have not told me anything, offered me anything (except to move my room - like that really would prevent their security team screaming at me again). My last #DEFCON
The reporting out of this event so far has noted "privacy" concerns. The fact of the matter is, a male's chief concern is privacy. Women's includes that, but our high order bit is that this policy designed to keep people safe from gun attacks *increases* our chance of assault.
Threat models change, & we as security professionals know that. October 1 changed the threat model for Vegas hotels. That in no way changed the threat models for women traveling alone. Only @CaesarsPalace security did that. They are sacrificing women's safety for gun inspections.
Read 19 tweets
Katie🌻Moussouris (she/her) is not coming to Vegas Profile picture
Jul 26, 2018
TFW you're happy folks are celebrating others & you, yet there's still an annoying focus on your least significant bit, nothing to do with your work. I'm so fucking sick of the "women in" lists. The equality I crave is that professional lists have plenty of unscripted diversity.
Also annoying as hell: people coming to me, expecting me to be an expert in diversity & diversity hiring. What the fuck does hacking (my tech background) or policy work have to do with recruiting skills? To me, it's as offensive as expecting all women to know how to cook & clean.
For the record: I don't know anything about how to recruit more women. Please tax the men w fixing their own shitty hiring pipeline they created. We pay enough overhead just being recognized for our work. We aren't typically paid or promoted equally. I'm already fighting that.
Read 4 tweets
Katie🌻Moussouris (she/her) is not coming to Vegas Profile picture
Mar 19, 2018
What used to frustrate me as a young professional pen tester was needing to overprove myself each time, whereas junior males were assumed to be more technical than me. Now I get it on Twitter w people who know my work, yet still think dismissing my expertise counts as "debate".
Feed the pipeline, they say. Get more♀️interested in STEM. We don't have enough qualified candidates, or we'd totally hire them/have them speak. As a♀️who's done pro hacking, IT admin, development, & shifted major company bounty policy w data, I can tell you it's not worth it
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

Become Premium to read this thread!

Read all the old archives from Twitter by becoming our Premium member for only $3/month! Read more »

Become Premium

Already a Premium member? Login to access this thread

:(