I have no context for this video—it’s from Reddit—but one of the commenters adds some context: > Hey everyone, squid biologist here! Wanted to add some stuff you might find > interesting. > > With so many people carrying around cameras, we’re getting more videos of > giant squid at the surface than in previous decades. We’re also starting to > notice a pattern, that around this time of year (peaking in January) we see a > bunch of giant squid around Japan. We don’t know why this is happening. Maybe > they gather around there to mate or something? who knows! but since so many > people have cameras, those one-off monster-story encounters are now caught on > video, like this one (which, btw, rips. This squid looks so healthy, it’s > awesome)...

Kendra Albert gave an excellent talk at USENIX Security this year, pointing out that the legal agreements surrounding vulnerability disclosure muzzle researchers while allowing companies to not fix the vulnerabilities—exactly the opposite of what the responsible disclosure movement of the early 2000s was supposed to prevent. This is the talk. > Thirty years ago, a debate raged over whether vulnerability disclosure was > good for computer security. On one side, full disclosure advocates argued that > software bugs weren’t getting fixed and wouldn’t get fixed if companies that > made insecure software wasn’t called out publicly. On the other side, > companies argued that full disclosure led to exploitation of unpatched > vulnerabilities, especially if they were hard to fix. After blog posts, public > debates, and countless mailing list flame wars, there emerged a compromise > solution: coordinated vulnerability disclosure, where vulnerabilities were > disclosed after a period of confidentiality where vendors can attempt to fix > things. Although full disclosure fell out of fashion, disclosure won and > security through obscurity lost. We’ve lived happily ever after since...

Good video. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.

A few years ago, scammers invented a new phishing email. They would claim to have hacked your computer, turned your webcam on, and videoed you watching porn or having sex. BuzzFeed has an article talking about a “shockingly realistic” variant, which includes photos of you and your house—more specific information. The article contains “steps you can take to figure out if it’s a scam,” but omits the first and most fundamental piece of advice: If the hacker had incriminating video about you, they would show you a clip. Just a taste, not the worst bits so you had to worry about how bad it could be, but something. If the hacker doesn’t show you any video, they don’t have any video. Everything else is window dressing...

This is the first ever video of the Antarctic Gonate Squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Interesting. Blog moderation policy.