Just doing my undue diligence. ISP vet, Hashcat member, security demi-boffin, YubiKey stan, AK license plate geek. Views his.❤️:⚛👨👩👧🛡🙊🌻🗽💻✏🎥🍦🌶🍫
Blocked/unfollowed? Ask/link!
Joined April 2008
- Tweets 20,704
- Following 4,993
- Followers 2,779
- Likes 294,149
Pinned Tweet
"Infosec is a way for IT to know itself." - me (Sagan riff)
My #BSidesLV talk "Password Cracking 201: Beyond the Basics": invidious.fdn.fr/-uiMQGICeQY?t=20260
Talks: techsolvency.com/talks/
Security keys: techsolvency.com/mfa/securit…
Security insights: @techsolvency
Meta: techsolvency.com/roycewillia…
2
4
30
Royce Williams retweeted
via @FantasticGvnFox, we can confirm the salt was rotated before the new Q posts and then restored to the old one. Got 'em in 4k
21
69
18
576
Royce Williams retweeted
I got access to #midjourney and created a collection of AI art all derived prompts that come from the Sandia long-term nuclear waste warning messages.🧵
2
13
4
30
Royce Williams retweeted
mute and block enough accounts and you start to notice "dark tweets", not directly visible but observable through their effects on the discourse
8
43
5
361
Royce Williams retweeted
Just because a service provider has password length maximums, does not imply that they are storing your password in plaintext (Unix descrypt has an 8 character max).
Case in point, Google caps their password lengths to 100 charaacters, as shown in these screenshots.
3
2
5
Royce Williams retweeted
⚠️We are observing inauthentic accounts replying to people angry about Roe v. Wade and trying to dissuade them from voting in November. These accounts use messaging like:
"Why bother voting now?"
"All is already lost."
"Voting won't change anything."
Stay alert.
121
2,097
215
3,419
Royce Williams retweeted
This is what 600 @FIDOTrustKey looks like.
Thank you guys for your donation! Can not wait to deploy them in Ukraine!
#war #ukraine #cyberwar #fido #security
3
7
20
Royce Williams retweeted
Platforms do push back (for now).
But you know who doesn't?
Banks.
Credit card companies.
Stores you shop.
You can literally buy lists of moms-to-be and people suspected of being pregnant from data brokers today, including "people who recently purchased a pregnancy test."
Not a lawyer but as the many lawyers paid to yell at me (nicely) remind me:
Legal data requests to tech companies must generally be tied to an allegation of an individual crime, not just “give me everyone in Texas who googled abortion last month.” Platforms do push back on that.
Show this thread
1
2
7
Royce Williams retweeted
We are taking on qualified partners… join us in helping orgs stay secure!
It’s time to integrate pentesting into your service offerings. Ready? Contact Raxis today. Raxis.com.
#Raxis #pentesting #infosec #cybersecurity #ethicalhacking
1
1
If you work in tech, today is a good day to read this blog post about what you can do to protect digital rights in a post-Roe world: eff.org/deeplinks/2022/05/wh…
12
367
12
560
I swear the Facebook class-action emails were carefully engineered to omit all well-known "make this message not go to the spam folder" best practices.
3
1
4
Royce Williams retweeted
We should hear from Senators Murkowski, Collins, and Manchin if they believe there should be any consequences at all for misleading members of the US Senate in order to secure a lifetime appointment to the highest court in the land.
Otherwise Roe’s undoing is their legacy too.
6,622
29,109
1,253
192,851
Royce Williams retweeted
Some hope that if one is careful, avoids certain platforms or apps, and opts out of this or that, that one can escape the clutches of these engines of surveillance.
That is simply not true.
In a post-Roe America, we may well get the costly wake-up call.
nytimes.com/2022/05/19/opini…
15
328
28
721
Royce Williams retweeted
Hard up for cash these days, and got to thinking...
Not going to start a Kickstarter or anything like that, *but*...
If I receive a sufficient amount of donations...
I'll write a book and brain dump absolutely *everything* I know about password cracking.
7
30
4
51
Royce Williams retweeted
I hate to be a downer, but deleting *apps* doesn't delete the data they've stored.
If you're deleting apps for safety, first delete what they know. It may help to "move to Europe" so you can exercise a right to be forgotten, if the app maker supports it.
10
64
9
257
Royce Williams retweeted
Foreign influence actors are very likely to use todays abortion decision to amplify the emotions we all feel on both sides of this issue. Russia is more likely to covertly further the divide between Americans on this issue. China is more likely to amplify how F’d the US govt is.
6
28
3
74
Royce Williams retweeted
Forced birth in a country with:
—No universal healthcare
—No universal childcare
—No paid family & medical leave
—One of the highest rates of maternal mortality among rich nations
This isn't about "life." It's about control.
7,237
117,294
3,838
393,930
Royce Williams retweeted
Online service provider and apps can be a treasure trove of information that governments will subpoena. Good data practices can help you avoid being on the wrong side of history. If you don’t have it, you can’t be forced to produce it. eff.org/deeplinks/2022/05/wh…
3
4
The difference between now and the last time that abortion was illegal in the United States is that we live in an era of unprecedented digital surveillance.
396
24,487
929
114,937
If tech companies don’t want to have their data turned into a dragnet against people seeking abortions and people providing abortion support, they need to stop collecting that data now. Don’t have it for sale. Don’t have it when a subpoena arrives.
Show this thread
1