sylver_dragon

Also, what idiot decided that only one settings window is allowed open at one time?

Microsoft engineers were worried that people missed the joys of MS-DOS and having only one application running at once. Next up, will be the return of base memory versus expanded memory versus extended memory. This ends when they devolve Windows to prove Bill Gates right that 640kB should be enough memory for anyone.

Simple, NoPilot can just erase all your files. Binaries can’t take up memory of they can’t be loaded.

It certainly makes sense. AWS hosts infrastructure specifically for the US FedGov. That infrastructure includes systems for the US DoD. So, that makes it a valid military target. And while cyber attacks can do a lot to degrade command and control, nothing DoS’s a server farm like a few hundred kilos of high explosives.

Got about half way through the article before it became obvious that it’s just “DOOM, DOOOM, DOOOOOOOOOOOOOOOOOM!” in prose form.

Gaming is changing, which is different from never. I mean, I could bemoan the death of 2d puzzlers ala King’s Quest because Sierra is no more, but there are still similar games being made by smaller studios. We may hit a slump, and the main actors may change, but gaming isn’t going anywhere. AAA titles will continue to mostly be money chasing shovelware, indie titles will continue to be where the real development and experimentation happens. But making games, especially PC games, has become so accessible that even the death of a major studio will amount to nothing more than some IP changing hands. And there is still a lot of money to be made in games, so companies will keep chasing that.

Magazines have been predicting the death of PC gaming for decades now. And yet, PC gaming is still incredibly vibrant. The current RAM shortage is just a hiccup. We’ve had RAM shortages before. If the demand for RAM stays at the current level manufacturers will respond by bringing new fabs online. More likely the AI bubble will pop and we’ll be flooded in used RAM and GPUs. The economy will cycle, hiring will pick back up and markets will move on to the "Next Big Thing"^TM

But ya, a headline of “Markets in down cycle, RAM supply currently constrained by high demand” doesn’t motivate clicks.

When you have a potentially volatile situation, lobbing bombs at it rarely makes it better. This wasn’t a “time bomb to explod[ing]”. This was a deliberate decision by Cheeto Mussolini to launch a foreign military adventure. While the current regime in Iran was far from ideal, it’s important to keep in mind why that regime was in place. The UK and US were directly involved in overthrowing the elected government in Iran in Operation Ajax. That resulted in a violent, repressive dictatorship. But it was friendly to UK/US oil interests, so that made it ok. When the Iranian people overthrew that government, the current Iranian government came to power.

That the current administration expects a different outcome this time around is the height of stupidity. All this will accomplish is creating another generation of Iranians who hate the US due to direct experience.

Given the roughly similarly sized drop in Win11 users. I chose to believe that the Win10 jump is from people nopeing out of the Win11 slop.

It’s voice phishing. It’s basically a scammer cold-calling a victim and talking them into giving up useful information or doing things the user really shouldn’t do, like entering credentials into a scammer owned web page or adding a new multi-factor authenticator.

This one is a mixed bag. KYC regulations are very useful in detecting and prosecuting money laundering and crimes like human trafficking. But ya, if this data needs to be kept, the regulations around secure storage need to be just as tight. This sort of thing should be required to be kept to cybersecurity standards like CMMC Level 3, audited by outside auditors and violations treated as company and executive disqualifying events (you ran a company so poorly you failed to secure data, you’re not allowed to run such a company for the next 10 years). The sort of negligence of leaving a database exposed to the web should already result in business crippling fines (think GDPR style fines listed in percentages of global annual revenue). A database which is exposed to the web and has default credentials or no access control at all should result in c-level exec seeing the inside of a jail cell. There is zero excuse for that happening in a company tasked with protecting data. And I refuse to believe it’s the result of whatever scape-goat techs they try to pin this on. This sort of failure always comes from the top. It’s caused by executives who want everything done fast and cheap and don’t care about it being done right.

Unless the romance is central to the game, that sort of focus and depth just isn’t going to be put into it. There is also the issue that the writers in video games have far less control over the main character than they do in other mediums. In a book, you don’t have to worry about your main character deciding to to fuck off for a week collecting all the boxes in a village and stacking them on the town well, just because it’s funny. That main character stays on task and on plot for the writer. There are games where that high level of control is possible, visual novels exist, but that starts to push into the question, “why not just make a book/movie instead?”

Similarly, I think it’s going to be hard for any video game romance not to come off as transactional, due to the nature of a game being a computer program. Imagine trying to tell Romeo and Juliet as a video game. At some point, Romeo and Juliet will need to interact. Romeo arrives at Juliet’s window and professes his love. How does the player interact with the game for that scene? Is it just a cutscene? Or a cutscene with quick time events (press X to woo). Trying to replicate a Jane Austin style story would be even worse. As books about people sitting about in drawing rooms drinking tea and being catty to one another, replicating that in a video game is all going to boil down to dialog trees. Perhaps the first time through it could feel fresh and interesting, but on a second playthrough it’s going to quickly be obvious that the whole thing is really just “pick the right options for a chance at sexy-time”. Maybe we could get a Jane Austin Rouge-like, in that each time you load it up the characters’ personalities change and you really do have to pay attention to verbal and social queues to get anywhere. But even that is still really just “pick the right options for a chance at sexy-time”.

Ultimately, I think video games are always going to be fairly transactional in nature. They are computer programs and are ultimately deterministic. All the interactions you have in a video game need to be planned out, scripted and maybe even voice acted. It’s what makes all the interactions in Baldur’s Gate 3 so amazing. Everything those characters do was planned for, written and recorded. Every comment, every facial expression was planned, written and coded. There is no spontaneity, because there can’t be (maybe with AI, but that’s a different can of worms). That so many little things actually did get covered is amazing. But, the trigger conditions for playing that bit of animation and voice acting will be hard coded. Whether or not a character likes the main character must be a set of numbers stored in memory, because that’s how computers work. Yes, it could be far more complex than just an easily identifiable number. And perhaps hiding those numbers from the player would make it feel less obvious, but they aren’t going to go away.

And all the work which goes into planning, writing and coding those interactions is time spent during development. Going back to Baldur’s Gate 3, wouldn’t it be awesome if some of the NPCs started pairing off with each other? If the main characters isn’t getting busy with Shadowheart, maybe she discoverers an interest in big men who can turn into bears so you come back to camp sometime to find her and Halsin sitting very close together talking softly. This could even have the whole random element where different characters have different crushes/interests each time you play through. That would be neat to see, but it’s going to require a lot of extra development. Unless that’s a feature which starts selling video games, it’s not going to happen. Perhaps this sort of thing will show up in indie games, I wouldn’t expect it in major titles anytime soon.

While I don’t know the specific post you are referring to, Malware exists for Linux. Here’s a great overview from last year. If someone wants to argue, “oh it’s from a security company trying to sell a product” then let me point you at the Malware Bazaar and specifically the malware tagged elf. Those are real samples of real malware in the Linux specific ELF executable binary format (warning: yes it’s real malware, don’t run anything from this site). On the upshot, most seem to be Linux variants of the Mirai botnet. Not something you want running, but not quite as bad as ransomware. But, dig a bit and there are other threats. Linux malware exists, it has for a long time and it’s getting more prevalent as more stuff (especially servers) run on Linux.

While Linux is far more secure than Windows by design, it’s not malware proof. It is harder for malware to move from user space into root (usually), but that’s often not needed for the activities malware gets up to today. Ransomware, crypto miners and info stealers will all happily execute in user-land. And for most people, this is where their important stuff lives. Linux’s days of living in “security through obscurity” are over. Attackers are looking at Linux now and starting to go after it.

All that said, is it worth having a bloated A/V engine doing full on-access scanning? That depends on how you view the risk. Many of the drive-by type attacks (e.g. ClickFix, fake tech-support scams) all heavily target Windows and would fail on a Linux system. The malware and backdoors that come bundled with pirated software are likely to fail on a Linux system, though I’ll admit to not having tested that sort of thing with Wine/Proton installed. For those use cases, I’d suggest not downloading pirated software. Or, if you absolutely are going to, run those file through ClamAV at minimum.

Personally, I don’t feel the need to run anything as heavy as on-access file scanning or anything to keep trawling memory for signatures on my home systems. Keeping software up to date and limiting what I download, install and run is enough to manage my risk. I do have ClamAV installed to let me do a quick, manual scan of anything I do download. But, I wouldn’t go so far as to buy A/V product. Most of the engines out there for Linux are crap anyway.

Professionally, I am one of the voices who pushed for A/V (really EDR) on the Linux systems in my work environment. My organization has a notable Linux footprint and we’ve seen attackers move to Linux based systems specifically because they are less likely to be well monitored. In a work environment, we have less control over how the systems get (ab)used and have a higher need for telemetry and investigation.

That of ServiceNow, whose tools help businesses automate various tasks, dropped by 13%

If AI can kill ServiceNow, I’ll happily praise our new AI Overlords. I’m sure ServiceNow can be really good. I’ve just never seen it in practice. Perhaps we just never paid for the “interface which doesn’t suck” module.

I ditched cable TV over a decade ago for a simple antenna (and wrote a notable Reddit post on the antenna while I was at it). That was done because I was tired of my wallet being raped each month, because I had to buy a higher bundle to get the channels I wanted. I was stuck with cable internet for a number of years afterwards, as it was the only option in my area. Then T-Mobile offered up 5G based internet in my area at a low price. That was around 6 years ago and I haven’t looked back.

The cable companies sat on their laurels while the world moved on. They are now shocked that their terrible offerings for terrible prices are falling to real competition. Sure, I fully expect the new carriers to do everything in their power to enshitify their service offerings. That’s the nature of business/ But, with the market open to competition, there is now a real opportunity for us customers to shop around and get a less shitty experience. Broadband internet is a commodity and is completely fungible. Prices should be falling and it was only rent seeking rules keeping the prices up.

While it’s not a service I would use, if it helps move the needle away from Windows’ dominance of the gaming market, that’s a good thing. The more people who can ditch Windows, the better. It probably means an Eternal September for Linux. But that is ultimately a good thing. If Linux becomes the default choice for gaming PCs for the mass market, more games will be released with Linux Native versions, driving further Linux adoption. It’s the type of virtuous cycle which is needed to kill the giant that is Windows.

Rather than interact with a machine, you’ll just be walking around, sipping coffee, having thoughtful conversations with a bot laughing along with your jokes as it writes your letter and does your taxes.

So, basically the computers from Star Trek: TNG. I’d go for that, but unfortunately, what we’ll get instead is enshitified AI slop which exists to suck a subscription fee out of you every month while pushing ads.

They are chopping the development teams and titles up into convenient bite-sized chunks. Ubisoft will hang onto the large titles in the Vantage Studios vertical, and the rest will be spun off or sold off. Any spun off studios will be saddled with crippling debt.

I mean, no shit? Part of the Snowden leaks was information that the NSA had intercepted Cisco routers and backdoored them before they were shipped on to international customers. So, even without willing actions by US vendors, there is that to worry about. And the idea that a private company would install a backdoor for US Spy agencies in their infrastructure isn’t new. The fact that any Chinese company is using US hardware/software just seems incredibly stupid. And no one should be using CheckPoint.

It’s the same reason Huiwei was thrown out of US infrastructure. You cannot build trusted architecture with hardware/software from a nation which you know wants to hack you. I work for a US based company in cybersecurity, we treat WeChat as Chinese State spyware, because it is. We wouldn’t consider a router or firewall from a Chinese based company and we treat any software from China with outright suspicion. Sure that all sucks and we may be missing out on some great stuff which isn’t malicious. But, the risks far outweigh the costs. I’d expect my Chinese counterparts to be making the exact same risk calculation for US based tech.

You could try using Autopsy to look for files on the drive. Autopsy is a forensic analysis toolkit, which is normally used to extract evidence from disk images or the like. But, you can add local drives as data sources and that should let you browse the slack space of the filesystem for lost files. This video (not mine, just a good enough reference) should help you get started. It’s certainly not as simple as the photorec method, but it tends to be more comprehensive.

If you installed an update in the last 5 years you’re good.

The sad part is that there are apparently quite a few devices online for which this isn’t the case. That said, I do wonder how many of these “over 10,000 devices” are honeypots? This seems like something folks at the SANS ISC or GreyNoise would have added to their default setups.

This strategy really depends on their ability to bribe President Trump for a pardon.