And the champions just received their solid silver medals for solving the series.

I wrote a book called Women In Tech that came out in 2016 which has become one of the top books on Amazon in their Career Guides lists, floating between top 10 and top 100 much of the time and is the #1 bestseller right now.

Let’s look back to the middle of 2015. I’d just run the biggest anthology Kickstarter of all time according to the project manager there who’d reached out to me as the site featured it as the Project Of The Day. The…


When you have little to no budget, how do you start spending on information security in a startup to protect customer data and operations? I was asked to comment on this via email by Zack Whittaker for a story he was doing on TechCrunch, and in responding, I found myself getting writer-mad, so I knew I had something to say. Here’s his original article (it’s paywalled as an Extra Crunchy article).

And here are my original thoughts, slightly edited to remove unnecessary emoji and “I know, right???”s from the text.

**********

This is a fascinating question, and in fact, my…


(originally posted https://tisiphone.net/2018/03/07/the-infosec-amnesty-qa/ with thanks to Lesley “Hacks4Pancakes” Carhart)

Here’s why I know about this

My tech journey started in academia, where I spent my time writing math in Java. As I transitioned more and more to tech, I ended up as the de facto PKI manager for several projects. I handled certificate management while I was at Microsoft Game Studios working on Lips for Xbox and Halo for Xbox, and debugged the cert management process internally for two teams I worked on. On my own projects and for two startups, I used a 2009 Thawte initiative that provided certificates…


Just a few minutes ago, Twitter enabled the option to protect accounts with 2FA (Two-Factor Authentication) without the user having to rely on SMS (Short Message Service, aka texting). Previously, you could choose between signing into your Twitter account with just a password or enabling 2FA with a six-digit SMS code texted to your phone.

It’s common knowledge that while 2FA with SMS is much, much better than using only a password, SMS can be spoofed easily, and a OTP (one-time pad) authentication such as that provided by Google Authenticator, Duo Mobile, or Authy is more secure. …


Tarah Wheeler, hacker, & Sandy Clark, Ph.D., University of Pennsylvania Computer and Information Science

***These are the opinions of Tarah and Sandy, and do not represent the opinions of Symantec or the University of Pennsylvania***

Introduction

Let’s all calm down when it comes to spreading FUD on the Internet about this morning’s giant CIA leak. This information leak is a revelation of something we all knew: the CIA has 0-days (high-impact, previously undisclosed exploits) and purchases exploits from a number of researchers both in and out of the US in order to surveil individual devices.

What happened

This morning, WikiLeaks…

Tarah Wheeler

New America Cybersecurity Policy Fellow, Principal Security Advisor at Red Queen Technologies, hacker, speaker, leader, incident response, author Women In Tech

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store