Here’s the original report: https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/

It doesn’t specifically attribute this to the NSA, and it’s very hard to definitively say who created what malware anyways.

That being said, if you read through the report, the details on this really scream “state actor” most probably. The level of modularity, the infrastructure of the C2 server, and the detailed & flexible spying capabilities all point to some government agency more than anything else.

Never read again? These can’t be modified, but they can be read. After all, it’d be pretty useless to store data on a medium than can never be read.

Sure, but I suspect this is the real motivation for the article:

Windows 11 Pro force-enables the software version of BitLocker during installation, without providing a clear way to opt out

It sounds like many people may be using software encryption without realizing it, if Windows 11 Pro uses it by default.

Admittedly I haven’t been looking that hard, but I don’t think I’ve seen a TV for sale in the past 10 years that wasn’t a “smart” TV.

That’s because it makes sense when dynamically creating HTML. HTML is not a programming language, it’s simply markup - so if you want to generate some block of HTML in a loop and later access that block of HTML in JS (e.g. to interact with the UI separate from creating it in the first place), it’s a completely reasonable thing to do.

Just wanted to give props to this super informative comment. Thanks for the write up and relevant links!

TS is “better” but often I feel like just configuring typescript takes up a significant amount of the time you save by using it.

No worries, the Democrats will do what the party does best with a majority - pretty much nothing.

Enough to say “see? We’re better than the other guys”, but not enough to even nudge the status quo.

deleted by creator

But what if it was an African Swallow?

Building microchips is really hard and Taiwan has held a practical monopoly on the industry for a while now. It’s not that the US doesn’t have educated workers, but it wouldn’t surprise me that it is hard to find many qualified to build the actual facilities to manufacture microchips - most of the US’s involvement in microchips has been designing them and then handing those designs over to Taiwan for manufacturing.

I came across this one just yesterday and while it was convenient at first, I immediately got frustrated when I went to add some parameters and discovered it wasn’t actually curl

“Sorry, our unbelievably massive military budget is only for active duty military. Best we can do is schedule you an appointment to talk to someone next year about the benefits you won’t be receiving.”

“If a student uses the college search tool on CB.org, the student can add a GPA and SAT score range to the search filters. Those values are passed [to Facebook]”

So they don’t associate your official score to your browser, but presumably students who are using that search tool would be searching their real score - or a range close to it.

The headline is fairly leading, but the statement from the College Board is also fairly misleading. They’re not directly selling your official score to advertisers, but they’re indirectly selling data about you that gives a pretty good idea of your score.

I don’t think it’s good enough to have a blanket conception to not trust them completely.

On the other hand, I actually think we should, as a rule, not trust the output of an LLM.

They’re great for generative purposes, but I don’t think there’s a single valid case where the accuracy of their response should be outright trusted. Any information you get from an AI model should be validated outright.

There are many cases where a simple once-over from a human is good enough, but any time it tells you something you didn’t already know you should not trust it and, if you want to rely on that information, you should validate that it’s accurate.

Notice the “up to” in their offer. It’s likely commission based and inflated numbers to lure the developer into doing it - to trick them into thinking exactly what you’ve said here.

I’d imagine what they actually pay out after you cave is significantly lower, only then you’ve already sold out your users so you might as well leave their tracking in there.

“To get a base salary of $170k you know you need to work hard as an Engineer, this sucks.”

As someone who has worked as a UPS driver and now as a software developer, I can say that the UPS drivers definitely work harder than your average engineer.

That quote is also deftly ignoring the fact that you’re generally paid for the value you generate, not how hard to you work.

Out of all the modern browsers, it’s always Safari that I end up needing to write compatibility code for. I’m sure the app works fine on Firefox, they just haven’t tested it.

It’s not just because of nonsense, it’s more that it doesn’t really matter what you do - the only thing stopping someone with physical access to your machine is their level of determination.

At some point, there’s no stopping the laws of physics. Your data is physically stored there. You can do a lot to make it really difficult to access it, but the best you can do is full disk encryption with a sufficiently strong key, and only store that key on external hardware that isn’t accessible to the attacker.

Even then, you better make sure that your encryption key wasn’t hanging around cached anywhere in memory before you shut down your computer.