Adam Shostack's Avatar

Adam Shostack

@adamshostack.bsky.social

Threat modeling. BH Review Board. Affiliate Professor, UW. Fixed autorun. Helped create CVE. Not sure why we're building graphs on yet another (effectively) centralized system. https://infosec.exchange/@adamshostack

2,936 Followers  |  367 Following  |  611 Posts  |  Joined: 12.07.2023  |  2.2045

Latest posts by adamshostack.bsky.social on Bluesky

/set font calibri Secret1!

10.12.2025 03:04 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

How do I set my posting font in Bluesky?

10.12.2025 02:49 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Hey uhh threatsbook.com threats: what every engineer should learn from Star Wars.

08.12.2025 03:37 β€” πŸ‘ 20    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

This holiday season give the gift of fighting for what you love. Spend time with houseless punk kids who refuse to give up on each other in award-winner No Word For Water. Fortify your health boundaries with Covid Safety Handbook. Demand privacy with all-gender, all orientation Smart Girl's Guide.

08.12.2025 03:21 β€” πŸ‘ 53    πŸ” 20    πŸ’¬ 0    πŸ“Œ 1
Photo of the book OUT THERE: THE SCIENCE BEHIND SCI-FI FILM AND TV by Ariel Waldman with foreword from astronaut Mae Jemison

Photo of the book OUT THERE: THE SCIENCE BEHIND SCI-FI FILM AND TV by Ariel Waldman with foreword from astronaut Mae Jemison

Ariel sitting on the ground in Antarctica with her camera and macro probe lens.

Ariel sitting on the ground in Antarctica with her camera and macro probe lens.

TL;DR:

βœ”οΈ Get a cool (signed!) sci-fi book
βœ”οΈ Support public media content
βœ”οΈ Give hope to an independent filmmaker

20% off here until December 7: www.patreon.com/138950/join πŸ§ͺ

07.12.2025 21:27 β€” πŸ‘ 20    πŸ” 9    πŸ’¬ 1    πŸ“Œ 0

Watch:

08.12.2025 00:45 β€” πŸ‘ 7    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0

I find slack works way better when used in browser tabs, not the electron app, because I can tell browser tabs to go away. I have two bookmark folders ("Slacks" and "Occasional Slacks")

07.12.2025 18:58 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

The Adams family started
When Isla walked into Rick's Cafe...

ok, it needs workshopping, but I swear, we're onto something!

06.12.2025 19:35 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I ARE BAD AT Internetz

05.12.2025 23:28 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Shostack + Friends Blog > Windows Links and Usable Security Some dialogs can harm the viewer

@ericlawrence.com Consider yourself trolled :)

shostack.org/blog/windows...

05.12.2025 23:18 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

If anyone says we "don't have enough evidence" on HepB vaccine safety, that's just wrong.

Our review has found 42 HepB RCTs plus decades of post-licensure monitoring (VAERS, VSD, FDA BEST, big cohort studies).

The problem isn't lack of data, it's ignoring it.

docs.google.com/spreadsheets...

04.12.2025 22:00 β€” πŸ‘ 14    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0

I look forward to the metrics for β€œshaping adversary behavior” 🍿

04.12.2025 17:36 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Five-page draft Trump administration cyber strategy targeted for January release Trump administration plans January 2026 release of a six-part national cybersecurity strategy, focusing on deterrence, regulations, workforce, procurement, infrastructure, and emerging technologies.

Five pages? That's barely a strategylet! cyberscoop.com/trump-nation...

04.12.2025 17:30 β€” πŸ‘ 6    πŸ” 1    πŸ’¬ 2    πŸ“Œ 1

β€œFacing” is shorter than β€œdesigned, built and operated” but who builds a facility like this?

04.12.2025 14:10 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Detainees at β€˜Alligator Alcatraz’ facing β€˜harrowing human right violations’, new report alleges Amnesty International finds immigrants at Florida facility were shackled and left outside in metal cage for up to a day

Amnesty International: Detainees at Concetration Camp DeSantis "shackled inside a 2ft high metal cage and left outside without water for up to a day at a time".

www.theguardian.com/us-news/2025...

04.12.2025 14:04 β€” πŸ‘ 3    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0

This is an absolutely brilliant thread

Scientific communication at its finest

β€œNo country has ever reverted from universal to selective HBV birth dose vaccination because it works. It's been one of public health's quietest triumphs.”

I hope to goodness ACIP does not delay the birth dose

02.12.2025 23:07 β€” πŸ‘ 63    πŸ” 23    πŸ’¬ 2    πŸ“Œ 0

Hard to square all the talk about β€œgold-standard science” with an ACIP process that bars CDC hepatitis B experts and sidesteps the people holding the primary safety data. That’s not how you do science-driven policy.

03.12.2025 00:51 β€” πŸ‘ 16    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0

First Marine Board of Inquiry into the Titan Hotel disaster is slated for 2028.

01.12.2025 21:47 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
OSTIF Meet the Community- Adam Shostack
Meet Adam Shostack, founder and Executive Director of Shostack and Associates! ​Shostack helped create the CVE. Now, he's an Emeritus member of the Advisory Board, fixed Autorun for hundreds of… OSTIF Meet the Community- Adam Shostack

If you haven't met the OSTIF community and me, they have a special introduction for you.

Check out OSTIF's Meet the Community video to learn more about my professional experience and envisioned changes for the open source community.

Thanks to the OSTIF team for the great intro! shorturl.at/q9J8R

01.12.2025 18:39 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

do you or someone you buy gifts for love speculative fiction? activism? HAVE I GOT THE BOOK FOR YOU! Getting fantastic reviews already! Out THIS TUESDAY!

29.11.2025 20:43 β€” πŸ‘ 76    πŸ” 56    πŸ’¬ 2    πŸ“Œ 3

We have always been at war with Venezuela.

30.11.2025 02:44 β€” πŸ‘ 8    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

This is explicitly confirming the allegation: that he's ordering the killings for their own sake. The logical implication of which is hit them again if there are any survivors, which is both exactly what the Post reported and a cold-blooded textbook war crime.

29.11.2025 01:57 β€” πŸ‘ 535    πŸ” 194    πŸ’¬ 12    πŸ“Œ 5

Ed Whelan was Principal Deputy Assistant Attorney General for OLC from 2001-2004, so when he suggests that laws of war have been violated by the executive branch, that’s… something

28.11.2025 23:31 β€” πŸ‘ 1137    πŸ” 304    πŸ’¬ 18    πŸ“Œ 3
The Jimi Hendrix Experience - Foxey Lady (Miami Pop 1968)
YouTube video by JimiHendrixVEVO The Jimi Hendrix Experience - Foxey Lady (Miami Pop 1968)

β€œDon't be reckless with other people's hearts. Don't put up with people who are reckless with yours.”

- Jimi Hendrix -.

youtu.be/_PVjcIO4MT4?...

27.11.2025 20:08 β€” πŸ‘ 10    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Post image

If you’re serving a big meal today, take a second to garnish. The little bit of work will delight your guests and make everything look more appetizing!

27.11.2025 20:00 β€” πŸ‘ 10    πŸ” 9    πŸ’¬ 1    πŸ“Œ 0

--because the faster they earn out their advance, a) the faster they will start getting royalty payments and b) the higher an advance they can get for the next contract.

27.11.2025 03:24 β€” πŸ‘ 79    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0

You could argue there’s zero, because the people who understand coding at the PHY layer don’t deal with (or really understand) the A/D hardware and the amps and filters at a deep level. (Not to even get into network layers, which are nightmarish, but aren’t really the β€œradio”.)

27.11.2025 01:16 β€” πŸ‘ 34    πŸ” 4    πŸ’¬ 1    πŸ“Œ 0

Don’t be redonculus. No one even understands how to make a pencil, never mind a 5g ue or base station and don’t get me started on backhaul. Even the people who build those networks have no idea

27.11.2025 01:27 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

I bet they could add it as a subscription option?

27.11.2025 00:59 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

And it doesn't have doors that will trap you in the vehicle.

27.11.2025 00:46 β€” πŸ‘ 14    πŸ” 1    πŸ’¬ 5    πŸ“Œ 0

@adamshostack is following 20 prominent accounts