sylver_dragon

While I like the sentiment, unless the EU is interested in a WWII style total war and invasion of Russia, Putin is never going to be held to account for the invasion of Ukraine.

The Russian government (Read: Putin and his cronies) are not going to agree to hand Putin over to The Hague. Even if the current war ends on favorable terms for Ukraine, that is never going to look anything like the German or Japanese surrenders. At best, this war ends with Russian military exhaustion and withdrawal. More like the end of Soviet involvement in Afghanistan. There will be no push to Moscow, no mass bombing of Russian factories or cities. Just Russian soldiers packing up and going home, leaving death and devastation behind for the survivors of their invasion to deal with.

Any negotiated peace is going to look pretty similar. It will stop the death sooner at the cost of giving Russia something it’s willing to accept. That’s the way negotiations work. If you want to force the other side to accept your terms, without any compromise, that’s what war is for. Since it seems neither the EU nor the US are willing to engage in a direct confrontation with Russia, then the only choice to end this war early is compromise. And Putin facing accountability is almost certainly not going to be on the table.

First off, why does a beer company have personal data on customers? It seems like the best protection for this data would be, don’t have it in the first place. You sell beer, you don’t need to hoover up personal data on people to make and sell beer.

“That reflects a wider truth that companies are investing more than ever in digital defences, yet adversaries continue to outpace them, exploiting weak links in supply chains or breaking in through trusted partners,” he (Shankar Haridas, head of UK and Ireland at ManageEngine) added.

Ya, they are spending money, but failing at basic cyber hygiene (read: documentation, patching and network segmentation). But hey, I Mr. ManageEngine here will be happy to sell us another product which just papers over the failures to get the basics done. And it will almost certainly have “Agentic AI” to do…something.

The compromise seems to have started with network equipment at one site, impacting the OT environment and potentially expanding into IT systems

I’d bet a lot of money the Asahi security team had been screaming about the OT environment being a big, juicy target for a long time. But, applying security controls in the OT environment is hard and scary and might cause a blip in production. So nope, all those shit-boxes running Windows XP must never be touched. Also, NDR is expensive and hard, so stop asking about it. But yes, those same shit-boxes really do need to be fully internet connected and logged on 24x7 as a local admin, with the same password everywhere, because identity management is hard.

We seriously need to start dragging CTOs, CIOs and CEOs out into the street, tarring and feathering them when this shit happens. Also, the companies making the OT systems need to have their entire management put through a chipper shredder the first time one of them suggests that their systems just shouldn’t be patched. If your shit is so fragile that an OS patch might break something, chipper shredder goes BRRRR…

Sorry, OT systems are a bit of a pain point.

The Felon in Chief can bluster all he likes. When people don’t have the money to spend, they ain’t gonna spend it.

This is also why the Trump administration is considering helicopter money checks. These types of hand-outs can give people a sense of having money. The problem is that it ultimately drives inflation. We saw this with the stimulus checks during the pandemic. Arguably, something was needed then to support people during an actual emergency. But part of the inflation problems we have now can be traced back to those checks.

“Tariff” checks may give a short boost to holiday buying. But the long term damage is not going to be worth it to anyone but Trump. And that assumes the short term benefits last through the 2026 midterms.

Coming soon:
Assassin’s Creed: Long March

Which, might not be the worst game ever. The politics of it would be interesting though.

This is great, but the Senate seats up for election in 2026 make the Democrats winning a majority really, really tough. The current Senate is 53 Republicans, 43 Democrats and 2 Independents who caucus with Democrats. This means that the Democrats need to net +4 seats to gain control of the Senate. Sure, it’s possible but the map doesn’t look good.

For example, the Democrats best pickup opportunity is likely Susan Collins’s seat in Maine. Despite Maine leaning Democrat in statewide elections, this is a rodeo Collins knows very, very well. Democrats have been trying to knock her off for several cycles and yet she’s still here. Maybe this will be the year. But, if this is the best opportunity for Democrats, we aren’t off to a good start.

North Carolina is an open seat, which helps some. But, the State has consistently voted Republican in Statewide elections (and went for Trump by ~3 points in 2024). A large enough blue wave could overcome that, but it’s already an uphill battle. And things only get worse from here.

Next up is Ohio, which Trump won by ~11 points. We aren’t talking super-hard MAGA land there, but Democrat friendly, it ain’t. This is the state which gave us Vice President JD Vance as a Senator. The election here is for the remainder of Vance’s term. Hope may spring eternal, but there is a really sketchy looking reality hiding around the next corner with a sock full of pennies.

That takes us on to Iowa. This state was Trump +13 in 2024. Sure, some farmers may be pissed off about the tariffs, but enough to put a Democrat in the Senate? This seems to fall into the “time to put the bong down and reconnect with reality” territory. I mean, it’s always possible. With a really well calibrated Democratic candidate, the GOP picking a really flawed candidate and really poor economic conditions, maybe. But I wouldn’t be betting the farm on Democrats picking this one up.

And then we need to consider defense. Jon Ossof is up for re-election in Georgia. Georgia went for Trump by ~2 points. Not a large margin, but enough that Osoff isn’t a shoe-in. And Michigan (Trump +1) is an open seat election. The previous Senator (Gary Peters) was a Democrat, so there is certainly hope, but again this isn’t a certain thing. If either of those seats are lost, Democrats are then looking at Texas (Trump +14. Also, it’s fucking Texas).

I’m all for a Democratic Congress. But their chances in the Senate look pretty bleak.

There are a number of sites which provide either labs or virtual machines which are intentionally vulnerable. Some provide other resources to help learn.

• https://tryhackme.com/
• https://overthewire.org/wargames/
• https://crackmes.one/
• https://portal.offsec.com/labs/play
• https://www.hackthebox.eu/
• http://flaws.cloud/

I’d also suggest getting a good foundation in programming and building systems.

They are still legal tender, the Mint just isn’t producing them anymore. If things stay that way, eventually they will just become rarer and rarer until no one really sees them anymore (we stopped caring about them decades ago). Why bother with some convoluted, expensive plan to do anything about them? It’s really a problem that will solve itself for the cost of someone a bank occasionally delivering a bag of them to the Mint as they do with any currency which is old and should be taken out of circulation.

While some of the more intelligent animals could be interesting to see just how far they could go, most animals are going to mostly be vocalizing for the purposes of procreation. The wonderful sounds of the forest are millions of bugs and animals screaming, “hey, wanna fuck?” as loud as possible. Other vocalizations will be similarly utilitarian like, “look out, predator”, “holy fuck this hurts” or “back off!” Not exactly stimulating conversation.

The remote access devices can be a good thing. The issue is one of control. Given the software driven nature and complexity of devices, bugs are inevitable. Having a way for the manufacturer to distribute those updates remotely is a good thing as it lowers costs, and makes it more likely the updates get deployed. That said, the ability to enable and disable that remote access system needs to be in the hands of the customer, not the manufacturer.

As an example, many years ago I worked for a company which manufactured physical access control systems (think those stinking badges and readers at office buildings). And we had two scenarios come up which illustrate the issue quite well. In the first case, the hardware which controlled the individual doors had a bug which caused the doors to fail unlocked. And based on the age of the hardware the only way to update the firmware was to physically go to the device and replace an EEPROM. I spent a very long day wandering a customer’s site climbing a ladder over and over again. This was slow, expensive and just generally not a great experience for anyone involved. In the second case, there were database issues with a customer’s server. At that time, these systems weren’t internet connected so that route for support didn’t exist. However, we shipped each system with a modem and remote access software. So, the customer hooked up the modem, gave us a number to dial in and we fixed the problem fairly quickly. The customer then unplugged the modem and went about breaking the system again.

Having a way for the manufacturer to connect and support the system is important. They just shouldn’t have free run of the system at all times. The customer should also be told about the remote support system before buying the system and be able to turn it off. Sure, it’s possible to have reasonably secure remote logins on the internet (see: SSH or VPN), but it’s far more secure to just not have the service exposed at all. How many routers have been hacked because the manufacturers decided to create and leave in backdoors?

The main thing I have from that time is several large boxes hanging about taking up shelf space and a burning hatred of MMOs. My wife and I got into WoW during late Vanilla. We stood in line at midnight to get the collector’s edition box for WotLK and later again for Cataclysm (we weren’t that far gone when The Burning Crusade released). Shortly after Cataclysm released, there was the Midsummer Fire Festival and as we were playing through it, we hit that wall where any more quests became locked behind “Do these daily quests 10,000 times to progress” and the whole suspension of disbelief just came crashing down. I had already hated daily quests and the grindy elements of the game, but at that moment I just said, “fuck this” and walked away from the game.

I do look back fondly on some of the good times we had in the game. Certainly in Vanilla there was some amazing writing and world crafting. We met some good people and had a lot of fun over the years and I don’t regret the time or money spent. However, one thing it taught me is just how pointless MMOs are. They are specifically designed to be endless treadmills. And this can be OK, so long as the treadmill itself is well designed and fun. But, so many of the elements exist just to eat time. Instead of being fun, they suck the fun out of the game and turn it into a job.

We even tried a few other MMOs after that point (e.g. Star Wars) just because we wanted something to fill that niche in our gaming time. But invariably, there would be the grind mechanics which ruined the game for us. Or worse yet, pay to win mechanics where the game would literally dangle offers of “pay $X to shortcut this pointless grind” (ESO pops to mind for this). If the game is offering me ways to pay money to not play the game, then I’ll take the easier route and not play the game at all, thank you very much.

So ya, WoW taught me to hate MMOs and grinding in games. And that’s good, I guess.

What you are trying to do is called P2V, for Physical to Virtual. VMWare used to have tools specifically for this. I haven’t used them in a decade or more, but they likely still work. That should let you spin up the virtual system in VMWare Player (I’d test this before wiping the drive) and you can likely convert the resulting VM to other formats (e.g. VirtualBox). Again, test it out before wiping the drive, nothing sucks like discovering you lost data because you just had to rush things.

So, if the higher level universe works by magic, then the theory is fine.

Sure, I’m making assumptions that any universe simulating our own would have finite energy and resources. Also that they would make a simulation that is at least close to their own (making theirs close to ours). Those seem like reasonable assumptions to make, otherwise we might as well just say that our universe is a pocket dimension made by magic and the whole thing becomes absurd pretty quick.

It would be interesting to see someone with the background to understand the arguments involved in the paper give it a good review.

That said, I’ve never brought the simulation hypothesis on the simple grounds of compute resources. Part of the argument tends to be the idea of an infinite recursion of simulations, making the possible number of simulations infinite. This has one minor issue, where are all those simulations running? If the top level (call it U0 for Universe 0) is running a simulation (U1) and that simulation decides to run its own simulation (U2), where is U2 running? While the naive answer is U1, this cannot actually be true. U1 doesn’t actually exist, everything it it doing is actually being run up in U0. Therefore, for U1 to think it’s running U2, U0 needs to simulate U2 and pipe the results into U1. And this logic continues for every sub-simulation run. They must all be simulated by U0. And while U0 may have vast resources dedicated to their simulation, they do not have infinite resources and would have to limit the number of sub-simulation which could be run.

deleted by creator

AWS seems to be cratering as well: https://downdetector.com/status/aws-amazon-web-services/

And Google, why not?

Was going to say the same. I work in cybersecurity and while I have avoided the management track like the plague, I do recognize that it’s a fairly reasonable progression for someone in any tech field. Even if you don’t end up pursuing management, knowing how to speak to management will make your job in cybersecurity easier. Project management is also a worthwhile skill to pick up and that often comes from business school.

How long until someone figures out how to hack Samsung’s ad service and starts showing porn ?

My bet is on it never getting completed. It’s going to be a running grift over the next few years. There will be delay after delay after delay with multiple “independent” contractors rolling through to deal with whatever the current delay is. Those contractors will be chosen via a competitive bid process,. The company bidding the highest kickbacks to Trump being awarded the contract. At the end of the Trump administration, anything actually constructed on the grounds will need to be torn down due to engineering failures, and multitudes of bugs planted by foreign spy agencies.

It’s not just speed, CGNAT is a near complete “fuck you” to self-hosting. You can work around it with a VPN endpoint “in the cloud”, but that still means you are reliant on someone else’s computer.