Humor is a *ahem* funny thing. What makes one person LOL might have another shaking their head. Toss in the challenge of tickling the funny bone in 280 characters or less on Twitter—a platform that often plays to an asynchronous audience—and the fine balance between content and comedy becomes an even trickier proposition.
Even so, there are some denizens of Twitter who are both IT management pros, masters of topics like mobile security, and able to mix wit and wisdom into small bites begging for a retweet. In addition to our guide of the best tech-centric accounts to follow, we’ve rounded up some of the pithier folk behind the feeds that keep us laughing while teaching little lessons about why the best-laid cybersecurity plans #fail. Here are some suggestions for who to follow if you want a little sass with your cybersecurity.
1. the grugq
Some cybersecurity professionals are so serious about their work they prefer not to reveal their identity. This is the case with “the grugq,” whose real name and face aren’t even on his speaker bio page for the Black Hat Asia conference. However, he’s been working as an information security researcher for more than 20 years, and his clever and often bitingly sarcastic tweets break down a variety of subjects, like threat intelligence, digital forensic analysis, binary reverse engineering, and more. To wit, here’s a sick burn lobbed at Intel:
China, because they were basically the only ones to show up to the protocol design meetings and so they’ll have the patents and the hardware and everyone is gonna be using Huawei to run their networks. Try not to screw it up for #6G https://t.co/bxcmt3W9Mr
— the grugq (@thegrugq) June 8, 2018
2. Pwn All The Things
Rippingly irreverent, the Pwn All The Things feed comes from an infosec expert at the Robert Strauss Center for International Security and Law at the University of Texas. It features a heavy dose of drollery alongside practical advice, such as shoring up security on a personal Gmail account or, more recently, pointing out that the journalists at the summit between President Trump and Kim Jong Un should maybe reconsider plugging in the USB gifted in their swag bags:
Maybe don't plug this into your main laptop and also this is great swag please send me one https://t.co/mBsErQPI2x
— Pwn All The Things (@pwnallthethings) June 12, 2018
3. Mark Burnett
Former Microsoft veteran Mark Burnett is an infosec consultant and author with a wry sense of humor who isn’t afraid to turn his caustic comedy on his old employer and point out what’s not exactly up to snuff. But he’s also telling it like it is with sensitive security issues hiding in plain sight, like how accessibility apps are a threat to desktop or mobile security and need a second look from IT management or, better yet, solutions that anticipate problems and head them off before there’s an incident.
Want your malware to run on the logon screen secure desktop? Register it as an accessibility app. pic.twitter.com/YmfUA2Wek8
— Mark Burnett (@m8urnett) May 31, 2018
4. SwiftOnSecurity
An author at DecentSecurity.com, SwiftOnSecurity is as prolific—33 tweets in an hour—as they are funny. Tongue-in-cheek advice on how to beat a bot detector, takedowns of games, and practical points on what can screw up a security regime are just some of the nuggets you can find on this account.
Machine tip: To make people think you are not a robot, insert subtle grammatical errors in tweets, leave they up 21.53 seconds, delete them, and tweet a correction.
— SwiftOnSecurity (@SwiftOnSecurity) June 12, 2018
This is highly effective.
5. Liam O
A self-professed white rabbit hacker from Australia, Liam O intersperses funny tweets with more practical items—like this tweet, which devolves into a hilarious bit about running git in mum’s basement but starts with a warning about centralized commercial repositories. Or this sage and sarcastic tidbit, which points to the need to shore up mobile endpoints before you need a fix:
Todays "tactical fixes" are tomorrows technical debt
— Liam O 🦆 (@liamosaur) June 4, 2018
6. Malware Unicorn
Amanda Rousseau, aka the Malware Unicorn, is indeed a rare sighting in the land of infosec. As a woman in the field, Rousseau routinely points out the misconceptions and challenges surrounding women security professionals, in addition to serving up clever GIFs and commentary to industry insiders.
Also don't assume that someone dressed nicely at a booth is forced to do so. I was wearing prada heels at my company's booth and someone asked me if I was being forced to dress like that. Haha no, I like fancy heels. https://t.co/3qCWKHK0KY
— Amanda Rousseau (@malwareunicorn) June 8, 2018
Now that you’ve got the best feeds to follow, dive in to keep pace with the latest news and enjoy a few chuckles on the side. Security isn’t a laughing matter, but your business and career could use a bit of wisdom wrapped in humor to spark new ideas.