Incident response is a chaotic field. Calendar clutter amplifies that chaos as a neglected source of administrative sludge. Without common conventions, each day becomes unpredictable - deadlines sneak up on you and finding time for regular client calls is a famous challenge. Here are some calendar management ideas that made my availability and meetings more predictable. Anyone in professional services may find them worth building on, and I found them especially helpful in incident response where unexpected recurring meetings materialize every day. Less intuitive stuff first.

If I could pick one piece of advice to shout from every rooftop to minimize the overall impact of ransomware, it would be: 📢GET YOUR BACKUPS OFF THE WINDOWS DOMAIN📢 Across MOXFIVE’s incident response work, almost all ransomware victims we work with have some sort of backup. This is great news – backups maybe the single strongest element to ransomware resilience. But during real cyber events, we find that backups are unusable 63% of the time. How alarming! These victims paid for a backup product – and developed a sense of confidence around that solution – only for the backups to fail when they are most needed.

We introduce entropy-based block selection (EBBS or “entropy triage”), a novel method to programmatically repair files rendered unusable after failed encryption processes. MOXFIVE has applied entropy triage while responding to ransomware attacks since 2023, repairing virtual machine disks that could not be decrypted with attacker-provided decryption tools because the prior malicious encryption process failed. The method measures Shannon entropy to select either pre-decryption or post-decryption data blocks to construct a usable file. Note that we simplify cryptographic descriptions for accessibility; using this method requires reverse engineers skilled with cryptography and malware.

Takeaway: I think generative AI will first worsen, but then resolve, enshitification of digital content. This is driven by accelerated exploitation of already decaying quality signals (here focusing on volume), before helping us pivot toward higher-fidelity signals.

Cyber attacks follow surprisingly consistent patterns and existing frameworks describe many patterns (e.g., MITRE ATT&CK, Mandiant Attack Lifecycle, Lockheed Kill Chain, RAND operational capacities). Attacks may also be examined through the lens of victim impact. At the highest level, there are three fundamental objectives for an attacker to achieve against their victim: Extract, Disrupt, and Influence (EDI).

— Ralph Waldo Emerson

— Abraham Lincoln

I am openly hostile toward cryptocurrency, NFT, web3, and other blockchain gimmicks. Aaaaaand that's not going to change any time soon. Even still, there is a genuine, no-bullshit, for-real-for-real positive outcome for society. That's not to say crypto is a net positive - don't be silly. But this goat rodeo is going to stick around a while so we might as well admire the silver lining.

Rotate your phone’s chimes to temporarily relieve anxious reactions. Useful for unavoidable phone notifications, like work email/chat or tough social situations.

... But I do know that they offer the most demented upsell in the entirety of capitalism. For $2.50 more a month, you get access to all MLB games. Obviously, they offer this because it doesn’t cost them squat and the extra couple bucks is an easy capture against fans willing to subscribe in the first place. Step back a minute. Their 14% increase unlocks a positively prodigious 1,500% more content. That gets even more daffy when you consider that it’s virtually impossible to consume all this extra value your $2.50 gets you.

Mom’s cable company charged $141 monthly for one of those awful “triple play” packages. You know the sort - internet, TV, and home phone for the same price as a bottle of Blanton’s every month. She chopped that down to $50 monthly with a few hours of research and some gear from Walmart and Amazon.

Series of posts outlining the surprising costs of responding to a ransomware attack from investigation to litigation

Willow is a wily dog. She’ll let you leave the room with food on the coffee table month after month after month, never once causing trouble. You might think she’s a very disciplined pup. Lies. She lulls you into complacency until you leave particularly forbidden snacks unattended. Forbidden snacks like the onion rings I bought for today’s lunch. We knew that onions are toxic to dogs but didn’t know how toxic or what to do about it. A bunch of articles and forums told us, “Don’t delay! Induce vomiting IMMEDIATELY if your dog eats even one ring”. We called ASPCA’s Animal Poison hotline on the recommendation of two separate vets, and I happily cosign that rec if you’re in a similar pickle.

AbolishIP was a short-lived pseudonymous blog from my early 20s.

We value impressive sounding numbers because they are a proxy for quality. Page views, word counts, units 'sold'. Maybe AI eliminates the need to rely on those poor heuristics? I'm one of those who thinks that chat GPT is going to be like the advent of the calculator. It's going to allow people to express their intentions very clearly and in ways that are very easily understood very very quickly.

I love looking up concept art, interpretations, or even fan art when ramping into a book / audiobook. It adds atmosphere, contextualizes characters, and makes it easier to imagine complicated concepts and scenes. The trouble is that it's almost always a terrible idea. You'd be hard pressed to think of a better way to catch unwanted spoilers than blindly Google'ing for story images. Just this year, I badly wanted to image search Three Body Problem to help imagine the surreal scenes in the first book. No doubt visuals would have added a great dimension to the experience, but I felt I had to force myself to do without until finishing the series. I had a similar thought reading Log from the Sea of Cortez. Steinbeck chocked it full of beautiful descriptions of dozens and dozens of sea creatures, and I'd have loved a way to see individuals while I was reading without putting the book down to google, deconflict, and find my page again. Someone should make a platform that gives you images based on where you are in the story. Enough to aid imagination without spoiling the whole tamale. For Audible in particular I think this would be a great feature. Think something akin to Spotify's music visualizations.

DarkReading | "Attackers are already circling back to reselling stolen data instead of — and in addition to — extortion"

Congressional term limits are one of those ideas that look great on a bumper sticker but fall apart with an ounce of critical effort. They stomp out the expertise, relationships, and accountability Congress desperately needs, while empowering exactly the wrong people. So what would term limits actually do?

"Guest James Gimbi, Director at technical advisory firm MOXFIVE, shares why he believes banning ransomware payments is bad policy..."

As the policy community gets its arms around how government can address ransomware, we wanted to share an industry perspective on one proposal floated by thinkers outside the cybersecurity space: we believe ransomware payment bans are bad policy.

Brett Thorson and James Gimbi from BCG Platinion Cybersecurity share their thoughts on what the recent SolarWinds breach means for affected organizations, digital product and service providers, and their customers.

Five tips for congressional staffers navigating the @SolarWinds #hack as the next batch of @congressfellows approaches congress

Serving the First Branch has been the highlight of my career. Through 2018 I supported Senator Rand Paul’s work on cybersecurity, technology, and intelligence issues, including encryption and privacy, data breach policy, and drone security. Walking the halls of the Capitol is as stirring and humbling on week fifty as it was on week one. As my fellowship comes to a close, I wanted to share some thoughts that might benefit future fellows working to close the gap between policymakers and technologists.

Exchange that strikes a chord from 'Stranger than Fiction'

For some time now I've been working toward a new direction. Step one is around the bend. Today I found a crew with a similar model nearly eight years ahead of my curve. Check out their early work.

— Martin Luther King, Jr

Celebrating a giant in the family

My first Lichess LoneWolf League match was this morning! Andy (Elo 1752) shredded me (1442) to bits, but I'm happy with my play.

My friend Shanna shared “The Alien Mind” (Philip K. Dick) while we traded old science fiction short stories. It rests on a sketchy .RU domain, and she couldn’t find it anywhere else. Risky-clickiness aside, I wondered how long it would survive before the webmaster stopped paying the bills. Creative collections peppered across the old web are slowly dying off, so I'll mirror a small selection of favorites here.

— Isaac Asimov

Only cowards support the immigration ban. Cowards waste this country. Freedom is dangerous and brave, and would be better spent on families facing real terrorism every day.

No-longer-relevant post about moving from off a consumer blogging platform to a hand-built system

— Jim Harrison

Sharing a refactored comic from 'Calvin & Muad'Dib'

Let's be constructive. Celebrate common ground, identify the cause in our differences, and aim to understand them instead of hate them.

— John Steinbeck

— John Steinbeck

— Antonin Scalia

We hear a lot of chatter about term limits for the Supreme Court these days. The motive is to make the Court more representative or politically accountable. This is dangerous. Democratic representation is ideal for political offices, but SCOTUS was not meant to be political.

— Kurt Vonnegut

User-focused considerations about consumer ad-blockers -- Mark Addison of Adblock Plus was [uninvited to this year's IAM Annual Leadership Meeting, spurring discussion about the ethics of online ads and ad blockers. Seems like an appropriate time to explain why I block ads

Recounting this year's bookshelf. It was a good year for science fiction.

— Philip Su

On the bright side, Clinton and Trump agree on something. On the dark side...

— Josh Lyman

— Sergey Nikitin

Thoughts on the debate about tax inversions

— U.S. Patent & Trademark Office manager

Sifting signal from noise in the Heartbleed's wake

— Thomas Jefferson

In case anyone asks, my life and safety are not worth trading in your uninterrupted privacy and liberty. I accept the consequences of living in a free society, few as they are.

'Some Far-out Thoughts on Computers', a 1962 paper by CIA officer Orrin Clotworthy, predicts with fair accuracy the impact computers, games and game theory, and data analysis in our age.

AIP: On the Republican Study Committee's paper about copyright

AIP: The technique is simple and, sadly, almost cliche: 1) target small businesses with little to no legal faculty; 2) demand cash for infringing flimsy patents completely unrelated to their respective service lines.

Sharing a theory that spammers use deliberately poor language to optimize their hit rate on promising targets over savvy users that ultimately don't close

AIP: Apple's exclusive right to use page turning animations

AIP: METHOD OF EXERCISING A CAT

AIP: While somewhat dated, this article from Kunvay provides a slew of examples of how copyright spoiled the Olympics for many patriotic Londoners

AIP: On Jordan Weissmann's piece in The Atlantic

AIP: METHOD OF SWINGING ON A SWING

AIP: A good time to be a lawyer. A bad time to be an innovator.

AIP: Easy to get confused

Summarizing my experience and presentation at Roc's best 'unconference'

Thoughts on this year's NCAA tournament

Congratulations on the national championship and a well-earned promotion to DI!

My last post was about an awesome new law in New Hampshire requiring state agencies to consider open source software. I was, however, slightly confused about the mandate's exclusion of the Judiciary. New Hampshire State Representative George Lambert was kind enough to offer a quick explanation.

New Hampshire passed a new law advocating open source software and open data formats. While not perfect, HB418 represents a huge step forward for transparency and technical competence in government

AIP: Launching a (now defunct) blog about intellectual property

Non-comprehensive list of things that seem much more important when calc projects are due

A list of several presidential campaigns that are still active. There's more on the menu than McCain and Obama, believe it or not.

Some of them are built so that the front doesn't fall off at all.

Everyone needs a first post