I thought so to, but I guess it was Door Dash https://9to5mac.com/2023/05/19/doordash-charges-iphone-users-more-than-android-users-lawsuit-alleges/. Also something about using a Mac to book travel https://www.bbc.com/news/technology-18595347

Are you talking a VPN running on the same box as the service? UDP VPN would help as another mentioned, but doesn’t really add isolation.

If your vpn box is standalone, then getting root is bad but just step one. They have to own the VPN to be able to even do more recon then try SSH.

Defense in depth. They didn’t immediately get server root and application access in one step. Now they have to connect to a patched, cert only, etc SSH server. Just looking for it could trip into some honeypot. They had to find the VPN host as well which wasn’t the same as the box they were targeting. That would shut down 99% of the automated/script kiddie shit finding the main service then scanning that IP.

You can’t argue that one step to own the system is more secure than two separate pieces of updated software on separate boxes.

https://nvd.nist.gov/vuln/detail/cve-2024-6409 RCE as root without authentication via Open SSH. If they’ve got a connection, that’s more than nothing and sometimes it’s enough.

I went down a rabbit hole on this one. I think the age may be irrelevant, or only correlated with children. At least Kidman and Holmes left him over Scientology. They were trying to avoid having their kids indoctrinated. That worked for Holmes, backfired on Kidman. It might have worked for Holmes because it backfired on Kidman. https://www.mercurynews.com/2024/06/28/after-tom-cruise-once-denied-abandoning-suri-she-seems-to-get-the-last-word/

You gotta set up a dead man’s switch (not literal give the evidence to a lawyer or do a deposition or whatever). Do that before you blow the whistle and announce that at the same time.

If you first have to write comprehensive unit/integration tests, then have a model spray code at them until it passes, that isn’t useful. If you spend that much time writing perfect tests, you’ve already written probably twice the code of just the solution and reasonable tests.

Also you have an unmaintainable codebase that could be a hairball of different code snippets slapped together with dubious copyright.

Until they hit real AGI this is just fancy auto complete. With the hype they may dissuade a whole generation of software engineers picking a career today. If they don’t actually make it to AGI it will take a long time to recover and humans who actually know how to fix AI slop will make bank.

https://quantian.substack.com/p/market-prices-are-not-probabilities#footnote-anchor-1-150368734

The approach of LLMs without some sort of symbolic reasoning layer aren’t actually able to hold a model of what their context is and their relationships. They predict the next token, but fall apart when you change the numbers in a problem or add some negation to the prompt.

Awesome for protein research, summarization, speech recognition, speech generation, deep fakes, spam creation, RAG document summary, brainstorming, content classification, etc. I don’t even think we’ve found all the patterns they’d be great at predicting.

There are tons of great uses, but just throwing more data, memory, compute, and power at transformers is likely to hit a wall without new models. All the AGI hype is a bit overblown. That’s not from me that’s Noam Chomsky https://youtu.be/axuGfh4UR9Q?t=9271.

“Freedom of choice Is what you got Freedom from choice Is what you want” -Devo

Maybe they mean a real one with fMRI. Or maybe just signaling to China that their assets get interviewed for life.

Do they make them with LiPos? Everything I’ve ever owned had sealed Lead/Acid batteries. Really hard to cause any damage with those.

They’re also adding a lot more incompatible text formatting and shit to keep Android incomplete with their real chat protocol. Gotta keep those teens bullying Android users. Also E2E encryption would be nice, but the EU didn’t force them to do that.

Still great because MMS is garbage and ruins photo and video quality.

Experts believe the SEC faces significant challenges if it proceeds with fraud charges. “Courts typically prefer fraud cases that involve clear false statements,” said Fagel. “Transforming a regulatory violation into fraud, especially one involving delayed disclosure, can be an uphill battle.”

James Park, a securities law expert at UCLA, added, “Regulators could potentially frame this as a case of market deception, which complicates matters compared to straightforward falsehoods. It’s a nuanced issue but significant enough to warrant serious consideration.”

The biggest thing in their favor is a firefighters pension that sold at a lower than expected price if he had made the disclosure. They’re not wrong, but it’s a lie of omission type thing. We’ll see if it flies over the next 5 years of appeals and shenanigans. Meanwhile he wrote himself a check on Tesla stockholders dime to cover the Twitter fuck up. I’m betting he fucks them over as Tesla spirals into a crater.

The fingerprinting I’m talking about gets encoded in the screen recording too. Subtle pixel changes here or there over the entire length of the video. It’ll be lossy when it’s transcoded, but over the whole video it’s there enough times it won’t matter. Even scaling to lower quality won’t fix it and then it’ll also be lower quality.

It’ll be like DRM, there will be people trying to remove it like anything else. They’ll break one thing and another will come along. There would still be a black market, but most people can get an unrestricted copy in exchange for money so there’s one less reason to pirate.

Unless you’re actually pointing a camera at the screen, then OK, you do you.

They could offer a way to download a copy and steganographically tag it to hell with your id so that they know if you distribute it. You can “loan it out” by letting friends stream off your Plex or whatever. If you start selling that streaming service or it shows up in torrents, it has your ID on it.

Boom, you own it forever and you’re incentivized not to over share.

Or you know sell DRM free versions and let people do whatever, but that probably has a snowballs chance in hell.

https://www.nbcnews.com/news/us-news/police-fatally-shoot-student-wisconsin-middle-school-responding-report-rcna150308

Not a ton more detail, but it sounds like a kid has a visible gun that some students reported seeing. Then they tried to enter the school, but the school had a video doorbell/door buzzer type setup. There were five or so shots in quick succession that must’ve included officers.

Have to wait on more info, but it sounds like at worst they failed to deescalate. At best they showed up and the kid started shooting and they returned fire.

No innocent kids died, so that’s a win in my book.

X gon’ give it to ya Fuck waiting for you to get it on your own X gon’ deliver to ya Knock knock, open up the door, it’s real Wit the non-stop, pop pop of stainless steel

What message? Revolution to give the power back to the people? Yeah that’s not great, but it has happened a few times with positive results. That’s what the history book writers tell me.

Which songs are you talking about?

The problematic thing with Pantera is that the lead singer said some ignorant racist shit in 2016 “Metal musicians have condemned Pantera frontman Philip Anselmo after he was filmed last week giving a Nazi salute and shouting ‘white power’.” https://www.theguardian.com/music/2016/feb/01/metal-community-condemns-racism-phil-anselmo-nazi-salute-white-power

He tried to pass it off as a stupid joke about white wine. He’s since apologized https://loudwire.com/philip-anselmo-video-apology-offensive-gesture-exclamation/. People vouched for him.

But it’s kind of a pattern at this point https://en.m.wikipedia.org/wiki/Phil_Anselmo

So yeah the lead singer is probably a racist. Nobody that listened to them in the 90s knew that. None of their songs are racist AFAIK.

But yeah the lead singer is probably a shithead offstage. It’s like Rodger Waters. Pink Floyd was amazing. He’s dead wrong on a few things and a complete asshole about it. Two goundbreaking (in totally different ways) bands. Two shithead lead singers.

I know “separate the art from the artist” is a cop out, but people change. Maybe they are worse people than the ones that made the songs you love 30-60 years ago. Maybe they were secret assholes the whole time. I like the music.

Your ISP is doing it wrong, which I guess you already know. I get a /64 net via DHCPv6 for my LAN which is pretty standard.

+1 to dual stack. Too much of the internet is v4 only, missing AAAA, or various other issues. I’ve also had weird issues where a Google/Nest speaker device would fail 50% of the time and other streaming devices act slow/funky. Now I know that means the V6 net is busted and usually I have to manually release/renew. Happens once every few months, but not in a predictable interval.

Security is different, but not worse IMO. It’s just a firewall and router instead of a NAT being added in. A misconfigured firewall or enabling UPnP is still a bad idea with potentially worse consequences.

Privacy OTOH is worse. It used to be that each device included a hardware MAC as part of a statelessly generated address. They fixed that on most devices. Still, each device in your house may end up with a long lived (at least as long as your WAN lease time) unique IP that is exposed to whatever sites you visit. So instead of a unique IP per household with IPv4 and NAT, it’s per network device. Tracking sites can differentiate multiple devices in the house across sites.

This has me thinking I need to investigate more on how often my device IPv6 (or WAN lease subnet) addresses change.

App updates must specify a target SDK of >= 31 which has been out for 2 years. There are lots of reasons around security and privacy mostly. https://support.google.com/googleplay/android-developer/answer/11926878?hl=en

You can still have a minimum of API 21 (Lollipop from 2014) and ship to those older devices.

To get that warning, they’d have to have a target of <=30 and less than your device. I don’t know what phone you have, but 30 is 3 years old.

The app publisher needs to step up their game.