Dan Goodin

@dangoodin001

Ars Technica reporter. Signal number 650-440-4479. The world isn't run by weapons anymore or energy or money. It's run by little 1s and 0s, little bits of data.

San Francisco, CA
arstechnica.com/author/dan-goo…
Joined March 2008
196 Photos and videos Photos and videos

Tweets

You blocked @dangoodin001

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @dangoodin001

  1. Retweeted
    Oct 3
    Replying to

    Keys are usually stored in kernel memory or TPM, you can't access the first one from userspace and TPM's don't export keys to begin with

    3 replies 2 retweets 2 likes
  2. Oct 3

    The counterargument is that Equifax could have encrypted the PII and stored the key in a trusted platform module or hardware security module

    Replying to @dangoodin001
    If you are smart you root the encryption in an HSM. No indications of whether Equifax did.
    5 replies 8 likes
  3. Retweeted
    Oct 3
    Replying to

    Encryption is good to keep a thief of the physical drive from getting the data. Nearly Useless against this sort of breach.

    3 retweets 10 likes
  4. Oct 3

    The consensus so far is that encrypting PII likely wasn't feasible for a database under continuous access and if it was may not have helped.

    Replying to @dangoodin001
    Well it depends, if you run a sql query from an authorized app you'll get the actual decrypted data. Sec in depth prevents different threats
    2 replies 1 retweet 5 likes
  5. Oct 3

    Serious questions: If attackers can retrieve the encrypted data, can't they also retrieve the decryption key? If not, why?

    “Equifax stored sensitive consumer information in plaintext, rather than encrypting it” WHAT ARE YOU DOING
    17 replies 7 retweets 18 likes
  6. Oct 3

    Every Yahoo account that existed—all 3 billion of them—was compromised in 2013 hack

    4 replies 48 retweets 29 likes
  7. Retweeted
    Oct 3

    BRB, going to set up an email filter to trash all emails mentioning "Cybersecurity Awareness Month"

    2 replies 9 retweets 31 likes
  8. Retweeted
    Oct 3

    To my friends in media relations: I am fully aware that it is Cybersecurity Awareness Month. No further bulletins are required. Thank you.

    1 reply 6 retweets 34 likes
  9. Oct 1

    One of the top three things I love about being a reporter, too.

    A favorite part of being a hacker: people seeing that you are honestly interested in their work and hence they share their knowledge.
    1 reply 1 retweet 11 likes
  10. Sep 29

    For the record, / has *not* responded to my DM. They have also not responded to my request they resend.

    Replying to @dangoodin001
    Sorry to hear that, Dan. We've responded to your DM. Thanks -Alicia
    2 replies 12 retweets 29 likes
  11. Sep 29
    Replying to

    Your phone line is also unable to honor my request, and it does it without knowing anything about me. Come on, please. You can do better.

    2 replies 1 retweet 3 likes
  12. Sep 29

    ./ Why are you making 143 million people to jump through this many hoops to get a simple credit freeze?

    5 replies 13 retweets 16 likes
  13. Sep 29

    I wish I could be in Madrid next week for this year's Virus Bulletin conference.

    Honoured to have speak at for the fourth year in a row. Great speaker, great guy. My preview:
    1 reply 2 retweets 7 likes
  14. Retweeted
    Sep 29

    And gets ridiculous amounts of publicity for doing so.

    wake me up when an iconic female media mogul who lived her entire life in silk pajamas dies in her mansion surrounded by boytoys
    1 reply 5 retweets 11 likes
  15. Sep 29

    An alarming number of patched Macs remain vulnerable to stealthy firmware hacks

    4 replies 14 retweets 14 likes
  16. Retweeted
    Sep 28

    Hey East Bay peeps! This is tonight! Let's talk about biotech hacking and sentient robots. See you at Books Inc!

    .-- Founder & current Tech Culture Editor at --shares her fantastic debut Thursday in Alameda!
    2 replies 14 retweets 35 likes
  17. Sep 28

    Sometimes all it takes to steal classified NSA information is a pair of pantyhose by

    2 replies 3 retweets 2 likes
  18. Sep 27

    Judge spanks hard for charging for photo removal

    1 reply 5 retweets 5 likes
  19. Sep 27

    From Russia, with love.

    This Tweet is unavailable.
    11 retweets 10 likes
  20. Sep 26

    Lyft and Uber commit 64 percent of downtown SF traffic violations, police say

    6 replies 6 retweets 7 likes

@dangoodin001 hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·