Wednesday, December 31, 2014

2014 InfoSec Tweet Awards

Welcome to the third annual InfoSec Tweet Awards!  These posts continue to be some of the more popular blog entries on so I feel compelled to continue the series.
As in previous years, there are no actual awards.  These are just funny or thought provoking tweets that I've "favorited" over the last year. Also, you will notice that the categories have changed.  This is because they are completely arbitrary. I make them up as I go along. So without further ado...

Best Tweet Inspired by a Movie

Best Tweet Inspired by a Song (Tie)

Best Tweet Inspired by the Holidays (Tie)

Best Tweet on How to be a Hacker

Best Tweet About Linux

Best Tweet About Metasploit

Best Tweet About Medical Devices

Best Tweet About The Cloud

Best Tweet About Cryptography

Best Tweet About Two-Factor Authentication

Best Tweet About Silk Road

Best Tweet About "Named" Exploits

Best Tweet About Attribution (Tie)

Best Tweet Explaining the Sony Breach

Best "Fake" Tweet

Best "Get Off My Lawn!" Tweet

Best Twitter... um... –er

Last but not least we have the "award" for the person who posted the best overall tweets of the year.

And the winner is.... InfoSec Taylor Swift (@SwiftOnSecurity)! InfoSec Taylor Swift is an unusual account. On one hand it's an obvious parody of a celebrity with a humorous slant towards information security. On the other hand she (he? they?) offers legitimately sound advice in 140 characters or less. The quality is such that news outlets have quoted the account and the new web site associated with it,, has the potential to become a solid resource for InfoSec fundamentals.

If you follow one new account this year it should be @SwiftOnSecurity. Below are a few gems from 2014:

Serious Tweets:

Funny Tweets:

This concludes the 2014 Tweet Awards. Please feel free to share your favorite tweets in the comments below. I wish you and yours a very Happy New Year!

Monday, December 15, 2014

Don't Click

As I'm sure the readers of this blog will know, way back on
June 20, 2011, the ICANN board voted to end restrictions on TLDs. This paved the way to expand the number of TLDs (22 at the time) to include over 400 gTLDs (Generic Top Level Domain).  Most of the new gTLDs were sponsored by companies and organizations willing to pay the $185,000 application fee.  In November 2013, these new domains began rolling out a few per month.

Many domain registrars are offering free pre-registration for the new gTLDs.  Like a good little geek I immediately skimmed through all the options and reserved a couple dozen domains.  There are some real gems in my list but I'll keep them to myself until their respective gTLDs go live.  I don't want to lose them in the land rush :)

So what's my point?  Basically I wanted to share my first gTLD and solicit ideas for its use.  Without further adieu I present:

What do you think?  What would you do with this domain?  Please leave your suggestions in the comments below or hit me up on twitter (you'll find me as @ITSecurity).  Thanks in advance.