sylver_dragon

I work for a fairly large company, and we’re hearing about “AI” constantly. CoPilot is available and its use encouraged. Also, in the cybersecurity space, AI is fucking everywhere. Vendors won’t shut up about their “AI Enabled” products. And the new hotness is “Agentic AI”, which is basically automation, but we’re going to let AI hallucinations fire off the automated process which could bring production systems down.
Good times are surely coming. /s

It looks like archive.org is capturing some of lemm.ee. So, it’s possible that most of the images are there and could be referenced.

He got tired of shoveling corporate shit and decided to put those skills to use for himself, shoveling chicken shit.

ChatCCCPT

So, DeepSeek?

I don’t remember it that way. To me, it was a minefield of viruses, popup ads, chain mail, and unexpected extreme NFSW content.

What, you don’t want to punch the monkey and also have 50,000 pop-up and pop-under windows spawn because you picked the wrong link?
Also, accidentally discovering that python[.]com was NOT where one went to download the scripting language back around 2006, while trying to help a student get her laptop setup. It’s still not, but that’s not how I wanted to learn that fact.

As other folks have already covered, most modern websites use TLS (formerly SSL) which will encrypt any thing going to/from those sites. Someone could redirect a page to a server they own and try to get you to enter your credentials into their site for harvesting, though you’d probably notice due to errors related to the security certificate. There is a risk here, but it’s not all that bad. Just pay attention to any security errors and maybe don’t go to high value sites (e.g. banking websites). There are some highly technical attacks (e.g. TLS downgrade) which could pose a risk. But, it’s not all that likely, and you’re probably fine. For the most part, you can ignore the “zomg! you need a VPN” ads clogging up YouTube. Yes, they have a use case. No, that’s probably not you.

The other consideration is the security of your system itself. If you are running and old and vulnerable OS, it’s possible that an attacker could use the greater exposure to attack your system. For example, if you are running a Windows 7 system, there’s a real chance that you don’t have the EternalBlue patch applied or some other remote exploit vulnerability can be used to compromise your system. Even with a newer OS, if you haven’t been installing updates, you could have some holes which would allow an attacker in. Though, for most situations, there’s not going to be an attacker just waiting to pounce on your system. So, you probably don’t need to be worried. But, it’s also a good reminder to keep your system up to date, if you’re going to be using WiFi regularly. Some folks just get bored and start poking at anything around them. Make sure the doors are locked when those folks rattle the handle. It can also be useful to have a host based firewall running, even just setting the network to “Public” in Windows will do a lot to mitigate this risk.

Security is always going to come down to a trade off between risk and convenience. Public WiFi can be very useful, but it does carry some risk. In most situations, you can mitigate that risk by keeping your system up to date, having a host based firewall running (even if its just Windows setting the network to “Public”), watching URLs/Links carefully and watching for certificate errors in your browser.

On the Privacy side, assume someone can track the domains you are visiting (though likely not the full URL). If you use normal DNS, the network owner can look at DNS logs and know all the sites you visited. Even if you use a different DNS server, the network owner could be sniffing the packets on the wire (DNS is not encrypted). Additionally, WiFi is logically a bus topology; so, anyone on the same network could be sniffing packets and also get all your DNS traffic. This is a good use case for DNS over HTTPS (DoH). With DoH, you can stick to a DNS provider of your choice and get TLS encryption to keep things private. Anyone sniffing packets would know that you are using DoH and would likely know what provider you are using, but not see the contents of the DNS queries.

Of course, even with DNS traffic encrypted, most web servers still rely on Server Name Identification (SNI) to determine the host you are connecting to. The end result of this is that the domain you are visiting is sent, unencrypted over the wire and could be sniffed. There are solutions for this (e.g. eSNI), but they are not widely adopted yet. So, assume that anyone sniffing packets can get a list of the domains you are visiting. If this poses a serious risk to your safety (e.g. you are a journalist working in a repressive regime), this is a use case for a VPN. Though, using a VPN may be obvious to anyone monitoring and they could apply Rubber Hose Cryptanalysis to the problem.

The tl;dr of this all is, you’re probably fine. The fact is, it’s more likely that no one gives a shit about you and all the other folks on that public WiFi are too busy looking at cat pictures to try and hack you. A few simple security hygiene things will cover the 99% situation, and the other 1% isn’t worth worrying about.

An Operating System is a tool. Would you be annoyed because you had to use a hex key on a bolt with a hex socket, when what you really like using is a robertson drive? If the work you are doing is dependent on a particular OS choice, then use that OS and get over yourself.

That said, if this is for work and you want to avoid the crapware in Windows 11, talk with your IT team. By default, Recall is removed on commercially managed devices. I’m not 100% sure, and can’t be arsed to look it up at the moment, but this likely refers to devices managed via Intune. Assuming your IT team isn’t stuck in the 90’s, they are probably doing this already. Telemetry can also be mostly disabled via Group Policy, and many IT organizations will already be doing this. Or, as you have arrived at, use a Mac and disable the telemetry.

On the other side of that coin, if you expect privacy on a work owned device, I have bad news for you. More and more organizations are using Endpoint Detection and Response (EDR) products on all endpoint devices. Yes, this includes Mac and Linux devices. So, your organization is watching you browse porn on your work device. If you are doing something and you don’t want someone watching over your shoulder, don’t use a work device. Keep your work device for work and your personal device for everything else.

When my father’s dog was getting towards the end of his life, my father would order an extra burger patty, with nothing else for the dog. He figured the dog was close enough to the end of his life, the occasional burger patty wasn’t going to cause meaningful harm and it gave the dog a nice treat.

You may have had a customer with a similar situation.

But, we’ll know where the aircraft is. It’s a built in, instant location flare. No more aircraft disappearing and not being found.

The short answer is, it’s what we were taught in school. Like many preferences, it’s shaped by the culture we grow up and live in.

I’m sorry but it doesn’t make sense to me.

Of course not, you were raised and live in a different culture; so, your preferences are different.

Ultimately, the right answer is ISO8601. It’s unambiguous and sorts well on computers. But, I don’t think any culture is teaching that as the primary way to write dates, so we’re stuck with the crappy ways.

Can’t wait to see how long it takes for one of these to be hacked.

Imagine the flight envelope as a graph. Going further to the right means going faster. Going further up means going higher. The goal of test flights is to push against the upper-right hand corner of that envelope. Unfortunately, that’s also where your postage gets stamped.

Um yay, I guess. I’m always for more options. And maybe there is a market out there for the “game from the cloud” idea. Personally though, I’d rather just play a game on the Steam Deck directly. Or, if that’s somehow not an option, stream the game from my own PC to my TV via SteamLink. In no world do I want to pay for a subscription to play games on a device where I can just play that game locally.

Yes.

Symbolic links are files that act as pointers to other files.
– Source

A hardlink is the original file.

My personal preference is to use FOSS whenever it’s practical. For home use, I’ve switched to FOSS for the vast majority of my computing needs. I run Linux on both my server and desktop. Most of the software on my server is FOSS, with the one exception being a container using the Splunk free license. My desktop is running Linux, and I use LibreOffice for documents and the like. I do run Visual Studio Code, which is technically Open Source, though I would not put it past Microsoft to do a rug-pull on that eventually. And I have an extensive library of games with Steam, basically nothing of which is Open Source.

I have reached a point, financially, that piracy is not morally defensible. And I’m not willing to get into the mire of if, or where such a line would be. I believe that creators should be rewarded for their work. Though, I also agree that the limits on copyright are way out of whack with the changes Disney has purchased through the years. So, piracy as a moral question is a murky subject, with no clear answers to me. But, the end result is that I buy games, movies or TV shows. For other software, I usually look to FOSS projects (e.g. Gimp vs Photoshop, FreeCAD/OpenSCAD vs Autodesk), free licenses (e.g. Splunk) or just do without. For TV Shows/Movies, if it’s not on one of the streaming services I subscribe to, I may buy it via a digital service; or, I do without.

it’s steam game which means there’s a key?

Maybe.
If the game is already in your Steam account, no. I can’t seem to run the actual policy down with a quick search, but games in your Steam library are not transferable.
If you have received a key in your email (It’ll be a long, alphanumeric sequence) then you can forward that to someone else, so long as it hasn’t been used by you or anyone else.
If the game was sent as a gift to your Steam account using the Steam gift system. Then no, you cannot transfer it.

I would look into three things first:

1. Do the terms of the prize dictate transferability? In the rules of the contest in which you won the game, was there anything about not selling or giving away the prize?
2. What type of game is it? Video game, board game, card game?
3. What is the delivery mechanism for the game? Some things will be easier to transfer than others. A physical copy can likely just be shipped to a new recipient. A digital key for a game might be easy to just send to the recipient. Other delivery mechanisms may or may not have a system to prevent transfer.

While an interesting idea, this sounds like an organization designed to separate some doofus investment manager with a lot of capital before inevitably folding because companies won’t give a damn. Sure, if we were to pass laws allowing us to hunt down anyone responsible for using blue LEDs on devices which did not specifically need blue light, and burn their eyes out with a hot poker. Then, such a certification might make sense. But, so long as there are no repercussions for companies making horrible design decisions, why would any company pay for a certification like this.

Geometry is a lot of it. It also makes seeing much easier when pulling out. When backing in, I can easily see the traffic lane around me, and they can see me pretty easy as well (I’m the asshole blocking up the whole place). When driving out, only a smaller portion of my vehicle needs to enter the traffic lane before I have a clear view of any opposing traffic. For the case of nosing it, I have a clear view while pulling in; but, when pulling out I need to get most of my vehicle out into the traffic lane, before I can see anything.

No, if you open a terminal and run:
sudo dmesg

You should get a long output which is the kernel log. Assuming the crash happened recently, there may be something in the last few lines (bottom of the output) which could indicate why the process died (or was killed). Keep in mind that this is a running log; so, if it’s been a while since the crash, the entries for it may be higher up in the log. It’s often best (if you can) to trigger the problem then immediately go run the sudo dmesg command and look at the output. With luck, there will be useful logs. If not, you may need to look elsewhere.