I recently compared the stats from LinkedIn and X (formerly Twitter) for one of my more popular posts. In the first 24 hours of that post, X accumulated 304 impressions from 8,426 followers, and LinkedIn accumulated 3,117 impressions from 1,861 followers. These are absurdly lopsided numbers that speak to the death of Twitter as a primary source of InfoSec knowledge sharing. I say "Twitter" here because X is clearly not the same platform. I shared these stats with an online community and it triggered a conversation about InfoSec knowledge sharing from both the content creation and consumption perspectives given the current state of social media. I am primarily a content creator, and currently focus exclusively on LinkedIn, but I still do some consuming. Apparently, my consumption approach is unconventional and intrigued some of those involved in the conversation. I thought I would share it here in case anyone else could benefit from it.
I didn't follow many people on Twitter. I just followed a few people that followed everyone else and retweeted the things they thought were helpful. The people I followed were essentially content filters for the topics I was interested in. I used to call them tweet aggregators, and my usage of Twitter as a consumer revolved solely around their behavior. This technique served me well for the first decade or so of my career, but this all ended a couple years ago when the majority of the people I followed left Twitter. This created a gap in consumption for me, and I eventually noticed myself falling behind in awareness of what was going on in the various topics that interest me. So I went searching for an alternative way to efficiently consume useful information.
There are email newsletters available for pretty much any domain within information technology i.e. security, development, etc. Newsletter authors scour the internet for resources related to specific subjects and provide summary emails with links to all the things they found interesting or significant. Sometimes daily, and sometimes weekly. This is very similar to what the people I followed on Twitter did. I began subscribing to newsletters and found that not only is this a great way to consume information, but it actually has many advantages over the social media approach of old.
Organized long-term storage. I use Gmail filters to automatically organize and sort newsletter emails into a categorized label structure. I can hold on to them as long as I want, and they will never expire or become inaccessible until Gmail goes away at. Even then, I'll be able to export the emails. It won't likely matter anyway because the linked resources will be irrelevant before Gmail is.
Scoped searching. Even if I don't read every email, I am building a repository of relevant and vetted resources. Google search has recently introduced AI, which I have found to provide horribly inaccurate responses to queries. Therefore, finding trustworthy, truthful, and accurate information is becoming harder by the day. If I have a development or security question, rather than go to Google for the wrong answer, I can search the associated label in Gmail with relevant keywords and have vetted resources at my fingertips in a moment. It's amazing. By the way, here's a way to make Google behave like it used to before AI.
Less commitment. Consuming Twitter was an ongoing process that required frequent views and scrolling, or else a useful resource might get buried in the pile of tweets that would accumulate over time. The FOMO was real. Newsletters are daily or weekly, and they don't get put in a crowded buffer of garbage. Get to it when you get to it, skim the headlines, and read what you want. Quite often I will skim headlines without clicking any of the links just to keep a pulse on what's going on. I may not know the details of the latest vulnerability that is bringing the internet to its knees, or the latest breaking change added to React, but I'll at least have awareness, and that is often good enough until there is a reason to dig further into it. Then I can use the search technique mentioned above to dive in.
Less screen time/social media. On the topic of FOMO... I already stare at a screen all day, so the less time I feel pressure to stare at a screen and expose myself to the toxic nature of social media, the better. I don't need to worry about what I might be missing, because anything worth paying attention to will be in the next newsletter.
Obviously, I use Gmail for all of this, and Google being the king of search, Gmail naturally has great filtering and searching capabilities. I imagine any email provider will provide similar capabilities, but I use Gmail, so the above information should be taken in that context.
Now, before any of this was possible, and I had to find the right newsletters. I started by reaching out to friends and contacts in the various industries that I wanted to stay informed of and asked them if they knew of any. This resulted in a few leads, and using that context, I did some searching to find alternatives, which led to more leads. I eventually found newsletters across multiple topics with just enough overlap between them to indicate good coverage without gaps. For those interested, below are the ones that I am currently subscribed to and why. Note that as my interests or the quality of the newsletters change, the list will to, and I probably won't update this post to reflect it.
Information Security. This is what I do.
Development. In order to truly be good at application security, I need to know how to do what developers are doing. I spend as much time writing code as I spend reviewing and testing it. This list covers the front end to the back end and everything in between with a focus on emerging technologies.
- TLDR Web Dev
- Hacker Newsletter
- Programmer Weekly
- JavaScript Weekly
- Go Make Things - Daily Developer Tips
- Frontend Focus
- CodePen Spark
Development Operations (DevOps). Many of my clients need help in this area, specifically with regards to DevSecOps. Therefore, I try to stay on top of the DevOps piece so I can integrate my expertise to help them solve the security problem.
Python. I'm a huge Python nerd.
- Python Weekly
- PyCoder's Weekly
- ArjanCodes - The Friday Loop (link in the footer)
General IT. I'm a geek that enjoys keeping an eye on technology as a whole.
Not all of these newsletters are treated equally. I prioritize the TLDR newsletters because I have grown to enjoy the quality and brevity. I rarely read the DevOps newsletters simply because I do a lot less of that than I do everything else. I always make time for Go Make Things just because I really like Chris' perspective of front end development, even though we couldn't be further away from one another on most other topics (his emails can be quite opinionated and occasionally venture outside the topic of development, but I respect his platform). PyCoder's, Python, and Programmer weekly are on par with TLDR, so they usually get my full attention as well. The rest might get a skim if I have time, otherwise I don't feel guilty letting them slip into storage to become a resource for future searches.
Well, that's about it. Hopefully someone finds this useful in the post-Twitter age of information sharing. I know I have.
Please share your thoughts, comments, and suggestions via Twitter.
Tweet Follow @lanmaster53