Hacker News: secfirstmd

New comment by secfirstmd in "Formula One Handovers and Handovers From Surgery to Intensive Care (2008) [pdf]"

secfirstmd — Sat, 13 Dec 2025 10:30:48 +0000

Yep totally. It's something I've incorporated. Especially where the main incident commander gets overwhelmed with decisions, tunnel vision or distraction. For example getting trapped into threat hunting rather than commanding.

I actually think most cyber incident responder training for the commander is pretty weak because it doesn't do a great job of instituting the stress element. Physical security training does it in a much better way. The result is the need to create custom stuff. Because some shitty off the shelf big vendor table top or similar ain't gonna do it.

New comment by secfirstmd in "Formula One Handovers and Handovers From Surgery to Intensive Care (2008) [pdf]"

secfirstmd — Sat, 13 Dec 2025 07:55:52 +0000

So as someone who runs and trains cyber incident response teams. Where a big focus is on MMTx and reducing chance for adversary breakout times. Which are gonna get worse thanks to AI. This paper was actually part of me calling the approach Formula One IR.

Specifically about getting people joining the IR to already have their assigned speciality and first moves ready to go and to begun, as a way to support the incident handler. There's really big benefits to studying the metrics of specific incidents you have to the minute by minute level. So much time saving to be made, accuracy to be enforced and duplication to be reduced.

You can find there's less time wasted in an incident dividing out jobs or lost go inevitable context switching to join the incident. There's already searches, people and clarity about what should mostly likely be done in the first few mins, even though the plan will change and details initially are probably scare. It's really effective and cuts MMTx down a huge amount.

Obviously then the handover itself is a vital part in IR to get done accurately and with speed. So that flows into all of the above. It's a really good paper for thinking through workflows

I must get around to writing it up some day.

New comment by secfirstmd in "Atlassian is acquiring The Browser Company"

secfirstmd — Thu, 04 Sep 2025 13:05:52 +0000

ARC always feels like a feature not a product. Don't see how Atlassian connection is really gonna make either better.

New comment by secfirstmd in "Buttplug MCP"

secfirstmd — Fri, 30 May 2025 07:55:19 +0000

MCP? I find the name MCP over used but not offensive.

New comment by secfirstmd in "I use zip bombs to protect my server"

secfirstmd — Tue, 29 Apr 2025 21:58:11 +0000

Eh I got news for ya.

The file size problem is still an issue for many big name EDRs.

New comment by secfirstmd in "GPT-4o with scheduled tasks (jawbone) is available in beta"

secfirstmd — Tue, 14 Jan 2025 23:12:29 +0000

I think there is an argument that currently Google Gemini is best place to tie everything together. Assuming Google executes on it well.

Most people use Gmail, Docs, Google Maps, Google Calendar above Apples alternatives. Gemini could really tie them up well.

New comment by secfirstmd in "New Defense Dept Initiative to Recruit Private Sector Tech Pros for Reserves"

secfirstmd — Tue, 22 Oct 2024 21:15:33 +0000

Lol, pretty sure you can. See Afghanistan withdrawal, Iraq, Vietnam etc etc

New comment by secfirstmd in "Ireland's big school secret: how a year off-curriculum changes teenage lives"

secfirstmd — Thu, 17 Oct 2024 08:57:46 +0000

Failed country? By what measure? One of the highest GNPs per person, one of the most democratic, one of the highest winners of novel prizes for literature per population, one of the safest countries in the world, one of the most food secure countries in the world, overall very good and mostly free health and education, a high redistributive tax system, friendly people, easy place to work...

New comment by secfirstmd in "Ireland's big school secret: how a year off-curriculum changes teenage lives"

secfirstmd — Thu, 17 Oct 2024 08:52:07 +0000

I worked at the MIT Media Lab Europe and in the army for my transition yeah.

Oh and drank a lot of beer. Great times!

New comment by secfirstmd in "Malware infiltrates Pidgin messenger's official plugin repository"

secfirstmd — Tue, 27 Aug 2024 19:46:28 +0000

Intersting. Pidgin and variations are used by some gov orgs.

New comment by secfirstmd in "Make your electronics tamper-evident"

secfirstmd — Sat, 03 Aug 2024 22:17:15 +0000

At secfirst.org over the past 10+ years we've probably trained hundreds of journalists on this exact scenario and how to detect/mitigate it.

New comment by secfirstmd in "Fabric is an open-source framework for augmenting humans using AI"

secfirstmd — Sun, 07 Jul 2024 02:02:12 +0000

Unfortunately though this means the amount of people who can use it is dramatically reduced.

New comment by secfirstmd in "Research into homeopathy: data falsification, fabrication and manipulation"

secfirstmd — Fri, 05 Jul 2024 20:57:38 +0000

Obligatory Mitchell and Webb: Homoeopathy Accident and Emergency Ward

https://youtu.be/HMGIbOGu8q0

New comment by secfirstmd in "Raspberry Pi is now a public company"

secfirstmd — Wed, 12 Jun 2024 11:54:43 +0000

Sadly Mozilla is essentially a company that survives on a Google handed, given by the big G to reduce any risk of anti-trust.

New comment by secfirstmd in "Apple Intelligence for iPhone, iPad, and Mac"

secfirstmd — Mon, 10 Jun 2024 19:29:07 +0000

TBH I'd say the same about Notion.

New comment by secfirstmd in "British Nuclear Warning System"

secfirstmd — Sun, 09 Jun 2024 20:47:05 +0000

Threads is the most harrowing movie by far. Remember watching it in college and not being able to get out of bed the next day because I was so fucking depressed.

New comment by secfirstmd in "Building a serverless secured dead drop"

secfirstmd — Wed, 05 Jun 2024 22:17:57 +0000

I think what we are specifically speaking about here is one where it can be done remotely. Intelligence orgs have had secure(ish) digital dead drops for years. Example:

https://www.bbc.com/news/world-europe-16614209

New comment by secfirstmd in "Ask HN: Talk me through the acquihire process"

secfirstmd — Sat, 11 May 2024 23:19:01 +0000

It's probably not possible to do a regular hire in 1.5 months. To purchase a full business in that time? No chance.

New comment by secfirstmd in "Europeans have more time, Americans more money. Which is better?"

secfirstmd — Wed, 08 May 2024 12:24:48 +0000

So we are cheaper for insurance but you do actually pay more than that when you include the black hole that is your taxes to the HSE.

New comment by secfirstmd in "Stirling PDF: Self-hosted, web-based PDF manipulation tool"

secfirstmd — Fri, 03 May 2024 08:59:32 +0000

Who cares if it was developed by ChatGPT if it actually works? Why not try it out first before crapping on someone's hard Open Source work?