I thought so to, but I guess it was Door Dash https://9to5mac.com/2023/05/19/doordash-charges-iphone-users-more-than-android-users-lawsuit-alleges/. Also something about using a Mac to book travel https://www.bbc.com/news/technology-18595347

Are you talking a VPN running on the same box as the service? UDP VPN would help as another mentioned, but doesn’t really add isolation.

If your vpn box is standalone, then getting root is bad but just step one. They have to own the VPN to be able to even do more recon then try SSH.

Defense in depth. They didn’t immediately get server root and application access in one step. Now they have to connect to a patched, cert only, etc SSH server. Just looking for it could trip into some honeypot. They had to find the VPN host as well which wasn’t the same as the box they were targeting. That would shut down 99% of the automated/script kiddie shit finding the main service then scanning that IP.

You can’t argue that one step to own the system is more secure than two separate pieces of updated software on separate boxes.

https://nvd.nist.gov/vuln/detail/cve-2024-6409 RCE as root without authentication via Open SSH. If they’ve got a connection, that’s more than nothing and sometimes it’s enough.

I went down a rabbit hole on this one. I think the age may be irrelevant, or only correlated with children. At least Kidman and Holmes left him over Scientology. They were trying to avoid having their kids indoctrinated. That worked for Holmes, backfired on Kidman. It might have worked for Holmes because it backfired on Kidman. https://www.mercurynews.com/2024/06/28/after-tom-cruise-once-denied-abandoning-suri-she-seems-to-get-the-last-word/

“way before the toilet paper shortage even starts.” LMAO.

You gotta set up a dead man’s switch (not literal give the evidence to a lawyer or do a deposition or whatever). Do that before you blow the whistle and announce that at the same time.

If you first have to write comprehensive unit/integration tests, then have a model spray code at them until it passes, that isn’t useful. If you spend that much time writing perfect tests, you’ve already written probably twice the code of just the solution and reasonable tests.

Also you have an unmaintainable codebase that could be a hairball of different code snippets slapped together with dubious copyright.

Until they hit real AGI this is just fancy auto complete. With the hype they may dissuade a whole generation of software engineers picking a career today. If they don’t actually make it to AGI it will take a long time to recover and humans who actually know how to fix AI slop will make bank.

Many people that voted for Trump did so because Fox news said to, or Newsmax, or their family, or Joe Rogan, or Elon Musk, etc. The right has a vast disinformation network that hand waves or disputes all of those facts. It’s all bullshit of course and anyone who digs into it at all would realize that. Nobody has managed to put a dent in that disinformation silo. People who were super into conspiracy theories ignored all of the actual shenanigans and chose to believe stupid shit that fit their bias.

At this point their entire identity is built around a pack of lies. The cognitive dissonance is layered on so thick they have a sound bite dead end for any question. If they chose to believe the truth it would mean that they’re the worst kind of idiot and have actively been a puppet and a piece of shit for at least 8 years. They can’t admit that kind of failure. The moral injury is too great.

So what would have to happen is some sort of scandal that exposed all of their media silos and revealed something unbearable by their dear leader. That would give them the escape hatch to admit being fooled, but fooled by a masterful conspiracy that nobody could have seen through. That sort of event is such a high bar I don’t know what would do it.

A lot of his supporters won’t survive him breaking both social security, Medicare, and most other federal institutions. They’ll have a maga flag at the funeral too.

Maybe his inevitable demise will happen sooner than later. You’d think they planned for that, but they’ve been pants on head stupid at everything else and blundered into success for so long I doubt it.

https://arstechnica.com/gadgets/2023/08/mcdonalds-ice-cream-machine-teardown-shows-error-codes-dmca-keep-it-broken/

Right to repair DMCA mess and maybe intentionally temperamental to extract repair fees.

They dropped to second place for DUIs at least. BMW drivers are nearly twice as likely to be caught driving drunk.

I think it’s not a question of if they can get them. It’s a question of if they can use them.

I think we’re in violent agreement. The problem is you need someone in licensing/legal to take a risk at this point to even use AGPL on a corp machine. Figure out the law and the license, then make judgement calls on some slightly fuzzy parts. They’re just not going to do it. Maybe in a few years if someone tests “the right” model, whatever that is in court and prevails. Meaning the dev gets paid and the user retains intellectual property that is either tangential to the product or provides enough value to be it’s own product that’s still sellable in the same way as before the suit.

Unless it’s open source and you have any contributions without a rug pull contributor agreement. Also you don’t have any AGPL dependencies.

We had that relicense convo with the desktop tool maker and they were hogtied by both. Corporate policy dudes had to be harassed into even looking into it. Then maybe 3 months of back and forth championed by motivated tool users later they said to hell with it and banned it.

So if you plan for the AGPL rug pull for your contributors or you have no contributors and none of your dependencies are AGPL in a viral way, go ahead.

They might hope to make money at any point in the future. AGPL is too viral to integrate with. Working at a large corporation they’ve banned a standalone desktop tool we could have used because it was AGPL. We wanted to pay for it, but we couldn’t. It’s a dead end product for corporate users. So personal use , hobbyists, and those companies that think the AGPL won’t infect their IP or don’t care. You limit your TAM severely if you use AGPL.

So if you aren’t in it to ever make money in the future, go for it.

Yeah. Surprisingly realistic hair and everything else looks pretty normal then THE EYES.

You think these bots are streaming movies and music? 73% of Internet traffic is not bots. It’s all YouTube, Netflix, Insta, TikTok, Spotify, etc media consumption. 73% of login traffic may be bots, but it’s a teeny drop of global traffic.

The headline stat is a misinterpretation of the study which was done by Arkose Labs which “provides businesses with lasting bot prevention and account security by sapping the financial motivations of cybercriminals.”

That’s pretty vague but skimming it sounds like they prevent automated account creation and takeover. The stat comes from the companies they have access to (who need bot protection enough to pay for it), and 76% of activity on the login/account creation was malicious. That makes a lot more sense. All the various hacks and credential leaks result in bots banging in stolen credentials on high value sites.

You need an encrypted cloud copy. 3-2-1 backup with duply to wasabi (AWS bucket-like). Otherwise you’re hosed if you have a fire/tornado/theft/etc.

It’s more like “Why are you smoking cigarettes, stop buying cigarettes.” It’s addictive, well marketed and cool, and totally avoidable with some self discipline.

I wouldn’t joke about people with an actual illness by telling them to toughen up, but we’re not talking about that.

Why not get a phone that can take, send, and receive pictures and video. It would also have maps, GPS, encrypted messaging, streaming music, audiobooks, e-books, home automation apps, ride hailing, food ordering, decent browser, etc.

Then, stay with me here, don’t install social media apps. The lengths people go to so they can avoid social media when it is extremely avoidable is crazy to me.