Yup. That’s basically what happened with TikTok.

Ah yes, C64 floppy drive “headbanging”.

IIRC this is because rather than ship a design with a limit switch or any position sensing at all, the drive software just rapidly slaps the read head home a bunch of times to ensure it’s properly aligned with track zero. I have a hard time believing this was to reduce part count, because the drive itself is a whole-ass 6502 computer; the sale price also reflected that. Instead, I think it’s a software fix for a “sometimes an issue” hardware problem.

Yes, but don’t use a public service for this. Use a local LLM and maintain distinct profiles, one for each online account.

Besides, it’s a really bad form of ID. The numbers aren’t even unique, and up until 2011, a few digits are reserved for geographical information.

https://en.wikipedia.org/wiki/Social_Security_number#Structure

If I had to reach for a hasty solution, it would be to use the IRS taxpayer ID instead. Of course, that might weaken the SSA’s importance overall, so that wouldn’t be without consequences: https://en.wikipedia.org/wiki/Individual_Taxpayer_Identification_Number

The content inside the notepad edit window should probably be universally sandboxed from your local box

Sadly, this was already the case when Notepad stayed in its lane and only handled plain text unicode.

Three times++, actually. The second attack was documented to have resumed after the third, with different payload URLs.

https://securelist.com/notepad-supply-chain-attack/118708/

As someone who is inside the IT industry, and has been for a while, I have some insight here. Yes, it’s stupidity alright, but a weird focused kind of stupidity like having a blind-spot. Money and ethics, IMO, are the only divisions that explain it.

We like to think of tech as being this rebellious, counter-cultural place. And that tracks when you start talking about “information wants to be free” and “the internet circumvents censorship”, but also “market disruption” and “move fast and break things.” But there’s this problem where that rebellion is actually multiple groups moving in a similar direction. If you look at the decisions people make, there’s a clear tradeoff of ethics in line with freedom and liberty, for cold, hard cash. The people we’re talking about went for the money. It took me a long time to reconcile this, and I’m now comfortable concluding that the rebellious spirit here is less “damn the man” and more “fuck you, got mine.” Nevermind that it’s not sustainable and always ends in a death-spiral of everything they built.

To put it another way, technohippies and conservatives agree about the broad strokes of personal liberty and rebelliousness right up until things like empathy all others get involved. Once you surrender those kinds of ethics, or figure out that having few/none is seen as an asset, bigger paychecks are on offer; its too good to pass up for some folks. It should come as no surprise that aligning one’s self with authoritarianism and even fascism is a small step from there.

And my personal experience - take with salt - there’s also a lot of people in security that are just VERY pessimistic, if not outright fearful, of their fellow man. A lot of them vote to the right, despite depending on an industry mostly fueled by left-thinking labor. They’re highly skilled, competent, and intelligent people in every other way. Once again, I think the fat paycheck smooths a lot of this over.

Make no mistake, the oligarchs see the personal computer as a 40-year-old experiment that has failed, or needs to fail. They want their mainframes and CPU/hr billing back. Server hosting for enterprise uses has already gone this way for the most part. Small consumers are next.

As far as I recall, that’s how it went.

I was gonna say this is at least Digg 3.0.

It’s worth adding that, if you are arrested, that phone is a treasure-trove of potential liability that will absolutely get used against you. Also, you’re probably not getting it back, so you’re better off without it. Carry cash, a map if you must, and coordinate rally points and fallback locations with your friends ahead of time.

A proper camera is a good tip, but make sure the camera memory and storage card are wiped ahead of time.

just living your life without a phone is getting harder

This is a bigger problem than most realize. Consider the barrier-to-entry for phones, internet access, and charging. Then add cashless payment on top of that. Combined, it creates a new red-line between economic classes, and a rather ugly one at that. At some point, this mode of commerce is going to get selected not for the convenience it provides, but for whom it excludes.

I’ll also add that getting access to a smartphone with total anonymity is impressively hard to do.

I haven’t always been a fan of Go. It launched with some iffy design decisions that have since been patched, either by the project maintainers or the community. It’s a much better experience now, which suggests that maybe there’s some long-range vision at work that I wasn’t privy to.

That said, Pike clearly has a lot of good ideas and I’m glad Google funded him to bring those to light.

I’ll also say that after finally wrapping my head around Python and JavaScript async/await, I actually much prefer the Goroutine and channel model for concurrency. I got to those languages after surviving C++, and believe me when I say that it’s a bad time when your software develops a bad case of warts. Better to not contract them in the first place.

The genius of launching an attack of this scale from an address space that is already jam-packed full of hackers, should not be understated. Id say that, if not for doing it live on stage, law enforcement now has a giant haystack of needles to sift through.

I have a USB-bootable thumbdrive with Ubuntu 24 on it. Two home systems down, two to go.

My chief concern is that this wave of enshitifiation will eventually make it to Microsoft’s security support. Historically, at least recently, the weekly updates and response to critical vulnerabilities and virus scanning have been pretty good. But now that they’re attacking their own flagship products - Office and Windows itself - I think it’s only a matter of time before they fumble Windows security in a big way.

I’ll also predict that Non-pro Windows will eventually be “free” (as in beer), but will be useless without a live internet connection and cloud services. So now really is the time to switch. IMO, all the money points in that direction.

FTA:

Many of the passages are longer than 600 yards (550 meters) and tall enough for an adult to walk through without bending.

Checks out.

I’m going to call it like I saw it, a very long time ago.

<rant>

You have a product that is basically purpose built to make data hoarding and piracy practical, yet it requires a login with a central service. I don’t care what justification anyone thinks makes that worthwhile or even a good compromise. Signaling to any corporate entity that you’re in possession of such a thing is a bad idea to begin with. They shouldn’t even know you exist. That information, along with anything else you do with the product is compromising to you and can be sold for money if aggregated with everyone else’s data.

If you find this rant out of place in our modern world, I’d like to point to the concept of shifting baselines. This didn’t used to be normal and nothing short of greed continues the behavior. The technology before this ran/runs without anyone knowing. Consider VLC, or XBMC.

To quote your quote:

I got the product launched. It worked. I was proud of what I’d created. Then came the moment that validated every concern in that MIT study: I needed to make a small change and realized I wasn’t confident I could do it. My own product, built under my direction, and I’d lost confidence in my ability to modify it.

I think the author just independently rediscovered “middle management”. Indeed, when you delegate the gruntwork under your responsibility, those same people are who you go to when addressing bugs and new requirements. It’s not on you to effect repairs: it’s on your team. I am Jack’s complete lack of surprise. The idea that relying on AI to do nuanced work like this and arrive at the exact correct answer to the problem, is naive at best. I’d be sweating too.

In a small, anecdotal way, I can say with confidence that the level of fiber trenching that happened (in a major metro area) from late 1999 through 2002 was on a whole other level.

I’ll take it one step further and say that if you absolutely must use Office, O365 works in a browser on any operating system. You literally don’t need Windows anymore for that.