I don’t see in what way having a PSN account would make Horizon Zero Dawn safer on PC.
It’s safer for Sony’s stock price, as they can report higher numbers of people on the PlayStation Network and greater “player engagement”. What, you thought this was about improving the experience for the customer? No one gives a fuck about them.
Not to mention many troops still have an emphasis on Christianity. Though it’s slightly less mandatory than it used to be.
Do you really want Musk starting a game console company?
the minister of the interior can deport people for a period of up to 20 years to the besieged Gaza Strip or another location based on the “circumstances”
But don’t worry.
Work will make them free!
Do I even need the /s?
It’s a dick move, but I can kinda understand why SpaceX would make it. There has been a push to “de-risk” supply chains, after the disruptions caused by Covid, Russia’s invasion of Ukranie, and other world events. This type of de-risking was partly responsible for the CHIPS and Science Act. The US Government has a strategic incentive to have a stable and resilient supply chain for semiconductors.
For SpaceX, having critical components be only available from fabs in Taiwan is a risk to business. China has been more and more vocal about it’s desire to annex Taiwan. With Trump taking office, one can imagine that the US commitment to protect Taiwan may not be quite as iron clad as it has been in the past. It’s not hard to imagine a future where China launches an invasion of Taiwan and the US does little more than shrug. At that point, any business which is solely reliant on Taiwan for semiconductors is going to see major disruptions.
So ya, it’s a complete dick move. But, I suspect SpaceX will be far from the last company looking to build a supply chain outside Taiwan.
The diver probably has some food on him, which the stingray is trying to get.
I visited Stingray City in Grand Cayman a lot of years back. Part of the tour package was that they gave you small squid to feed to the stingrays, and they would climb up you, out of the water for that snack. Also, there were a lot of stingrays in the area. We were instructed to shuffle our feet as we walked, to avoid stepping on one. The swimmer in the picture only needed to hang out for a bit before one or more stingrays would have come over, looking for any handouts.
That said, the experience of Stingray City was absolutely worth it. Between that, and snorkeling at the barrier reef, I have a lot of fond memories of my time at Grand Cayman.
Can we follow this up by murdering most of the generic Top Level Domains (gTLD)? I have yet to see anything except spam and malware coming out of the .top domain.
Real Druids are kinda an unknown. We have writings about their practices and beliefs from Roman writers and much later Christian writers. The former were known to be exaggerate and just make shit up when it came to “barbarians” and the enemies of Rome. And the later were often working with incomplete knowledge and also making shit up. This was muddled further by 18th Century work which liked to make ancient cultures even more fantastical. And then you get all the Neo-Pagan revival crap which cast their own beliefs onto ancient cultures, such as the druids, which completely muddied the waters. The fact is, we don’t actually know a whole lot about the real Druids.
Ya, absolutely. My point was that, we shouldn’t assume that vendors are doing things right all the time. So, it’s important to have those layered defense, because vendors do stupid stuff like this.
This is a good example of why a zero trust network architecture is important. This attack would require the attacker to be able to SSH to the management interface of the device. Done right, that interface will be on a VLAN which has very limited access (e.g. specific IPs or a jumphost). While that isn’t an impossible hurdle for an attacker to overcome, it’s significantly harder than just popping any box on the network. People make mistakes all the time, and someone on your network is going to fall for a phishing attack or malicious redirect or any number of things. Having that extra layer, before they pop the firewall, gives defenders that much more time to notice, find and evict the attacker.
Also, Whiskey, Tango, Foxtrot Cisco?
Seen this one in my work environment. Confusing as heck the first time. It looks like explorer.exe in the context of the local user starts PowerShell.exe with a command line involving an Invoke-WebRequest piping the download into an Invoke-Expression (usually the shorter iex alias). No .lnk or .js file involved. Just explorer, PowerShell, infected.
If you suspect a failing drive, you may want to consider using ddrescue as opposed to dd. The tool is specifically designed to help with failing disks.
Ya, in fairness to MS, Windows XP was a good release (post SP1, like most “good” MS releases). But, the fact is that MS is going to push the latest version, regardless of how ready it is for use. MS was hot for folks to switch to Windows ME. And holy fuck was that a terrible OS. MS also did everything short of bribery to get folks to switch to Vista (anyone remember Windows Mojave?). The “upgrade, or else” mantra has always been their way. Not that I blame them too much, it does need to happen. It just sucks when the reason for the new OS is more intrusive ads and user tracking.
Many years ago, I attended a Windows XP launch event. The Microsoft presenter had the perfect line to describe how MS views this:
“Why should you upgrade to Windows XP? Because we’re going to stop supporting Windows 98!”
This was said completely unironically and with the expectation that people would just do what MS wanted them to do. That attitude hasn’t changed in the years since. Win 10 is going to be left behind. You will either upgrade or be vulnerable. Also, MS doesn’t care about the home users, they care about the businesses and the money to be had. And businesses will upgrade. They will invariably wait to the last minute and then scramble to get it done. But, whether because they actually give a shit about security or they have to comply with security frameworks (SOX, HIPAA, etc.), they will upgrade. Sure, they will insist on GPOs to disable 90% of the Ads and tracking shit, but they will upgrade.
Gaming under Linux is getting better and better. With all the work Valve has put into Proton, the list of games which don’t run has been shrinking.
WeChat’s software has security issues? Color me shocked. Shocked, I tell you.
Well, not that shocked.
Also:
WeChat’s custom encryption protocol
I’ve been using Proxmox professionally for years now, and not once did i have s problem i could not fix myself.
And how many of the environments you have left behind became an unmanageable mess when the company couldn’t hire someone with your skillset? One of the downsides to this sort of DIY infrastructure is that it creates a major dependency on a specific skillset. That isn’t always bad, but it does create a risk which business continuity planning must take into account. This is why things like OpenShift or even VMWare tend to exist (and be expensive). If your wunderkind admin leaves for greener pastures, your infrastructure isn’t at risk if you cannot hire another one. The major, paid for, options tend to have support you can reach out to and you are more likely to find admins who can maintain them. It sucks, because it means that the big products stay big, because they are big. But, the reality of a business is that continuity in the face of staff turnover is worth the licensing costs.
This line, from the OP’s post, is kind of telling as to why many businesses choose not to run Proxmox in production:
It is just KVM libvirt/qemu and corosync along with some other stuff like ZFS.
Sure, none of those technologies are magic; but, when one of them decides to fuck off for the day, if your admin isn’t really knowledgeable about all of them and how they interact, the business is looking at serious downtime. Hell, my current employer is facing this right now with a Graylog infrastructure. Someone set it up, and it worked quite well, a lot of years ago. That person left the company and no one else had the knowledge, skills or time to maintain it. Now that my team (Security) is actually asking questions about the logs its supposed to provide, we realize that the neglect is causing problems and no one knows what to do with it. Our solution? Ya, we’re moving all of that logging into Splunk. And boy howdy is that going to cost a lot. But, it means that we actually have the logs we need, when we need them (Security tends to be pissy about that sort of thing). And we’re not reliant on always having someone with Graylog knowledge. Sure, we always need someone with Splunk knowledge. But, that’s a much easier ask. Splunk admins are much more common and probably cheaper. We’re also a large enough customer that we have a dedicated rep from Splunk whom we can email with a “halp, it fell over and we can’t get it up” and have Splunk engineers on the line in short order. That alone is worth the cost.
It’s not that I don’t think that Proxmox or Open Source Software (OSS) has a place in an enterprise environment. One of my current projects is all about Linux on the desktop (IT is so not getting the test laptop back. It’s mine now, this is what I’m going to use for work.). But, using OSS often carries special risks which the business needs to take into account. And when faced with those risks, the RoI may just not be there for using OSS. Because, when the numbers get run, having software which can be maintained by those Windows admins who are “used to click their way though things” might just be cheaper in the long run.
So ya, I agree with the OP. Proxmox is a cool option. And for some businesses, it will make financial sense to take on the risks of running a special snowflake infrastructure for VMs. But, for a lot of businesses, the risks of being very reliant on that one person who “not once [had a] problem i could not fix myself”, just isn’t going to be worth taking.
Someone is trying to re-create the virus from Snow Crash
The Company believes the unauthorized actor exfiltrated certain encrypted internal ADT data associated with employee user accounts during the intrusion. Based on its investigation to date, the Company does not believe customers’ personal information has been exfiltrated, or that customers’ security systems have been compromised. ADT’s containment measures have resulted in some disruptions to the Company’s information systems, and the Company’s investigation is at an early stage and ongoing.
This reads a lot like a domain controller got popped. Considering that this is the second breach in a short time, and the previous one got access to customer data, I wouldn’t be surprised to find out that it’s either the same attacker or this breach was an access broker who sold credentials to the previous attacker.
That’s just my guess, and I doubt we will ever get a sufficiently detailed write-up to know. But, it seems like a likely way for the attacks to go down.
Yes, but getting in close without getting stabbed is really hard.
Here’s an actual example of modern HEMA folks giving it a lot of goes:
https://www.youtube.com/watch?v=uLLv8E2pWdk