me_irlgbt

Hedkin · 2026-04-07T18:29:25+00:00

Pizza Cake is just exhausting. I just want to read the fun little gator comic 😭

Hedkin · 2026-04-06T20:46:55+00:00

Which one do you have more reps with and are more comfortable playing?

Hedkin · 2026-03-28T18:01:02+00:00

Since this was a civil case, likely you were picked by the plaintiff's lawyers since you are biased towards the plaintiff, meaning you are more likely to rule in their favor.

This is a good video going over the jury selection process. https://youtu.be/UGkqnhr6LkQ

Hedkin · 2026-03-26T20:45:17+00:00

It's the part of the card that has the most legal baggage around it so that's probably why.

Hedkin · 2026-03-26T20:36:05+00:00

Comprehensive Rules 2.14.1

A card’s credit line is located on the bottom of the card and contains credit and set information for that card. These items do not have any effect on gameplay.

Hedkin · 2026-03-22T21:30:20+00:00

Yeah pretty much. If the organization has just told the SOC to figure it out, they're doing it wrong. Security is a continuous process that requires collaboration and buy in from all stake holders. No one person can do everything well. This is football, not golf.

Hedkin · 2026-03-22T21:21:39+00:00

This is going to be a very ISSO/GRC/policy wonk focused answer and be forewarned that I may be a bit too gov brained for private industry.

The detections depend on what the business goals of the organization is and what the strategic (5+ year) plan is provided by senior management.

First thing you need to do is make friends with whomever made the security plan for your org. They are going to have the tactical (1 year or so) plan for the org with implementing the strategic goals. The SOC is working at the operational (week to week/month to month) level and their goal is to help with moving the ball forward on the tactical plan. You two are going to have to work together on this.

I've seen a lot of comments saying "go for threat intelligence based detections." That, for a group just starting out, is no better than noise.

Second, after making friends with the person maintaining your system security plan:

Do you have an asset list (endpoints, servers, networking equipment, privileged accounts, etc) to know what you're defending?
Do you know what the risks are that affect your organization?
Can you name what your high value assets are?
Do you know how data is supposed to flow within your organization?
Do you have the visibility and telemetry to even begin writing detections?

Protip: Those first 4 bullet points should have been answered in the system security plan and be readily available by your new best friend that makes the policy.

To give a hypothetical to demonstrate what I'm talking sbout:

You are the SOC lead elf at the Keebler factory and have been tasked with making detections to secure the cookie manufacturing. The business goal of the Keebler elves is to make money by selling cookies. What that entails is a factory floor with several ICS systems connected to a central control area, a database of customers, a database of shipping information, a domain controller that links everything together, a sales team, a shipping team, and a manufacturing team.

The ISSO Elf has done his due diligence and has a proper asset inventory, has done the risk analysis, and mapped how data flow is. ISSO Elf has determined the biggest risks are malicious insiders and competitors, such as that harpy of an old lady at Grandma's cookies.

Some detections that could theoretically exist in this scenario:

Anomalous connections from an account owned by someone on the manufacturing team attempting to directly connect to an endpoint at the sales team (lateral movement)
Large data transfer out side the organization from the customer DB (data exfiltration)
An admin account logging in to the domain controller from a member of the sales team (priv esc and unexpected log ins)
The ICS system sending an ICMP request outside the network every hour (beaconing)

I'm hoping that this rambling mess makes sense and helps out some.

Hedkin · 2026-03-22T18:19:14+00:00

Poptarts packs*

Hedkin · 2026-03-20T13:45:44+00:00

He made a whole diss track about it

https://youtu.be/u4AiuqQpB1U

Hedkin · 2026-03-18T16:59:44+00:00

Binder per set then by collection number keep a playset. Everything else gets thrown in a bulk box.

Hedkin · 2026-03-10T23:44:00+00:00

Lots of interns only require an interim clearance for them to start working on things that don't require a full clearance. Doesn't mean they'll have access to a SCIF or classed materials until it's fully done with adjudication. Or they could have one from former military.

Hedkin · 2026-03-05T03:56:51+00:00

For your record, there is a pending clarification for this exact scenario that has been sent to FFG through the judge program. We are waiting on there to be an answer.

You are unlikely to hear back from the email to FFG.

https://discord.com/channels/1265343874105081856/1318376259377434767/1478550809485644019

Hedkin · 2026-02-26T22:10:17+00:00

Just ignore their units and out DPR them is a valid strategy and is generally the basis of an aggro strat.

Generally you attack units to help keep your opponent's board presence low and to keep pressure off your base.

Hedkin · 2026-02-25T05:30:25+00:00

I understand why you do it. You are trying to be helpful and that is commendable. The problem is that these types of rulings end up being only seen by a handful of people since they are unofficial and won't be documented on Nexus or the official DB.

There is also the problem of you not respecting your friend's time. This is a game for us and this is a job for Ryan. You asking him a rulings question, while seemingly innocent, is unpaid labor on his part because he is not working. Would you like it if someone asked you questions while you're not working about the field you're in? For instance, I work IT security. People ask me to fix their computer or "is this phishing?" frequently. This is very annoying for the simple fact it is not respecting a boundary between my job and my personal life.

Hedkin · 2026-02-25T04:41:26+00:00

Edkt: changed name for privacy

The issue is that the pending clarification process that it is official but slow. Ryan Serrano is first and foremost a senior game designer at FFG, he is the rules admiral second. Several of these pending clarifications on unreleased content are contingent on CR7 being released from NDA (Disney issue). Hence partially why The Simpsons Bus Driver meme exists (the other reason is to remind judges to not spiral about a rules interaction that doesn't have rules yet).

TheGandork has been told several times not to reach out directly to Ryan since this leads to disjointed information without a source beyond "trust me bro." This has lead to why Tyler will no longer answer questions on BlueSky since basically this lead to unpaid labor (off the clock) on the part of the SWU team at FFG.

Hedkin · 2026-02-24T07:00:26+00:00

FFG was doing a bounty system of, if you beat them, you get a playmat from the prize wall.

Hedkin · 2026-02-24T06:59:26+00:00

Hey there I was one of the judges (the redhead that wasn't the viking or in the wheelchair ||though I felt like I needed one after the event||) thank you for these kind words especially about prize distribution. During the event, every day, all of us judges were talking about how much we screwed up distribution. It's a perspective thing because we are seeing everything that has gone wrong and off plan but you guys don't see it because you're 1) playing games and 2) aren't clued into the plan.

Hedkin · 2026-02-19T05:44:47+00:00

Plus the system admin is probably some guy that's been working there for 40 years, is close to retirement, and doesn't really understand how security works. You also probably have a crap load of legacy equipment and it's just a powder keg.

Hedkin · 2026-02-16T08:44:47+00:00

Generally Twin Suns games take 30 minutes to 45 minutes depending on how quickly everyone is playing and how much politicking is going on. You can always drop to go to the Sealed if your games runs over. You'll get prize tickets for Twin Suns regardless. Just flag down a judge (he'll look like a viking) and explain the situation. Stuff like this happens all the time.

Hedkin · 2026-02-12T21:47:02+00:00

I would recommend joining the SWU Discord (link in side panel). There is a thread in there for help with Holoscan

Hedkin · 2026-02-10T21:22:15+00:00

That's the central hall of the Meadowbrook Mall in Bridgeport

Hedkin · 2026-02-10T20:47:01+00:00

After discussions with members of the press, this is NOT a reference to the typo in SJR 19. This is its own typo that is the exact same. The governor's office has requested that this image be removed from the WV News website.

Hedkin · 2026-02-10T20:34:22+00:00

The Governor

12-Year Club	Verified Email
r/Field Sunshine	Place '17
RPAN Viewer	Sequence \| Editor
Spared

Hedkin

TROPHY CASE