The best way to protect a dataset from falling into the “wrong hands” (for however the “wrong hands” is defined for that dataset) is to not keep that dataset in the first place. While I get that tracking the movement of citizens can make solving some crimes easier, the risks to privacy and of authoritarian abuse are far too great to accept.
I have two:
I remember working in environments where management had decreed that we would not install updates ever. . .That’s…definitely a decision that puts a lot of trust in Microsoft’s security. Lol
It was a very different time. Security was still something that happened mostly at the network perimeter, and even then not much. Routers without firewalls were very common and things like SQLSlammer were much more possible.
Ya, I’m sure the AI code isn’t helping, but is it materially any different? I spent way too many long nights trying to unfuck Windows servers after updates failed to install correctly. And that was well before the AI Slop Boom. Even more fun is when the update reported installing correctly but the Nessus scans came back showing the old version of DLLs still in the System32 folder. There is a reason no one installs Windows patches on day 1. At minimum, you give them a week to let the foolhardy and fanboys get their disks slapped by Microsoft, again.
Going back to my days supporting Window 2000/2003, I remember working in environments where management had decreed that we would not install updates ever, because of too much downtime due to bad updates. Even today, updating in OT environments can be very difficult due to shitty software running on really old versions of Windows. At least that stuff can usually be kicked off the network and left to rot in isolation.
one day when we will hopefully be living in more peaceful times without imperialists
You don’t read much history? Humans have never lived in widespread peace for any length of time. We have evidence of violence between groups of humans well back into the Stone Age. We are not a species prone to peace.
While I don’t know the specific post you are referring to, Malware exists for Linux. Here’s a great overview from last year. If someone wants to argue, “oh it’s from a security company trying to sell a product” then let me point you at the Malware Bazaar and specifically the malware tagged elf. Those are real samples of real malware in the Linux specific ELF executable binary format (warning: yes it’s real malware, don’t run anything from this site). On the upshot, most seem to be Linux variants of the Mirai botnet. Not something you want running, but not quite as bad as ransomware. But, dig a bit and there are other threats. Linux malware exists, it has for a long time and it’s getting more prevalent as more stuff (especially servers) run on Linux.
While Linux is far more secure than Windows by design, it’s not malware proof. It is harder for malware to move from user space into root (usually), but that’s often not needed for the activities malware gets up to today. Ransomware, crypto miners and info stealers will all happily execute in user-land. And for most people, this is where their important stuff lives. Linux’s days of living in “security through obscurity” are over. Attackers are looking at Linux now and starting to go after it.
All that said, is it worth having a bloated A/V engine doing full on-access scanning? That depends on how you view the risk. Many of the drive-by type attacks (e.g. ClickFix, fake tech-support scams) all heavily target Windows and would fail on a Linux system. The malware and backdoors that come bundled with pirated software are likely to fail on a Linux system, though I’ll admit to not having tested that sort of thing with Wine/Proton installed. For those use cases, I’d suggest not downloading pirated software. Or, if you absolutely are going to, run those file through ClamAV at minimum.
Personally, I don’t feel the need to run anything as heavy as on-access file scanning or anything to keep trawling memory for signatures on my home systems. Keeping software up to date and limiting what I download, install and run is enough to manage my risk. I do have ClamAV installed to let me do a quick, manual scan of anything I do download. But, I wouldn’t go so far as to buy A/V product. Most of the engines out there for Linux are crap anyway.
Professionally, I am one of the voices who pushed for A/V (really EDR) on the Linux systems in my work environment. My organization has a notable Linux footprint and we’ve seen attackers move to Linux based systems specifically because they are less likely to be well monitored. In a work environment, we have less control over how the systems get (ab)used and have a higher need for telemetry and investigation.
One of the things to look at is the interest rate you would be paying for either loan and how that would effect the total cost of the loan. Also, there is the question of the utility of any money spent up front. For example, if using a loan on the existing house would result in no up front costs and a 5% interest rate over 30 years, and the standard mortgage would cost $20,000 and have an interest rate of 8%, you’re almost certainly better to use the existing house as backing and throw that same $20K in a long term interest bearing investment (e.g. government bonds). All this assuming you plan to hold onto the second property long term.
Compounding interest is a fantastic tool and a fearful master. If you can make it work for you, then do it. If you are facing the possibility of paying it, you almost always want to lower it as much as possible.
That of ServiceNow, whose tools help businesses automate various tasks, dropped by 13%
If AI can kill ServiceNow, I’ll happily praise our new AI Overlords. I’m sure ServiceNow can be really good. I’ve just never seen it in practice. Perhaps we just never paid for the “interface which doesn’t suck” module.
I ditched cable TV over a decade ago for a simple antenna (and wrote a notable Reddit post on the antenna while I was at it). That was done because I was tired of my wallet being raped each month, because I had to buy a higher bundle to get the channels I wanted. I was stuck with cable internet for a number of years afterwards, as it was the only option in my area. Then T-Mobile offered up 5G based internet in my area at a low price. That was around 6 years ago and I haven’t looked back.
The cable companies sat on their laurels while the world moved on. They are now shocked that their terrible offerings for terrible prices are falling to real competition. Sure, I fully expect the new carriers to do everything in their power to enshitify their service offerings. That’s the nature of business/ But, with the market open to competition, there is now a real opportunity for us customers to shop around and get a less shitty experience. Broadband internet is a commodity and is completely fungible. Prices should be falling and it was only rent seeking rules keeping the prices up.
It tends to be much more focused on bringing products to market, but of course they do. The transistor, the base unit of all of the microchips which make this conversation possible, came out of Bell Labs. And, as much as we might hate them for it, you have companies like Monsanto doing a lot of work on chemical engineering and genetics. Much of the work on AI (for good or slop) is being done in private sector labs now. Aeronautics research happens heavily in companies like Boeing and Airbus, though they are often working hand in hand with government labs (e.g. NASA, JPL, EASA).
Where Universities and Government really shine are areas like basic research and research which doesn’t have obvious commercial applications. Which is why support for those organizations is so critical. Those areas of research often have long term effects and can result in entirely new areas of knowledge, research and products.
It’s easy to think of large corporations as soulless organizations hell bent of accumulating wealth at the cost of anything else, because they are. But they are also surprisingly good at focusing wealth and effort to find new ways to do things cheaper, faster and more efficiently. Specifically because those things make money. Veritasium had a video on a good example of this recently.
Vice News did a bit on 3d printed firearms a while back. It was really interesting and gave a realistic demonstration of the ease and difficulties of 3d printed firearms.
That would probably be the FGC-9. Or Luty’s Expedient Homemade Firearms. That said, getting into a gunfight with armed federal agents seems like a quick way to commit suicide.
I’m in, though I’m curious what “turns you into a reptile” means. Does it just mean I become cold blooded. I’m fine with that, it just means I’m moving somewhere tropical. Do I grow scales and a tail? Certainly not ideal, but I could probably live with it, especially if the tail is prehensile and if I get claws in the mix. Do I get a really long, controllable tongue? Can’t think of any uses for that. Nope, none at all…
Attraction, sex and reproduction would be interesting questions as well. Do I still find human women attractive, or is my brain rewired to want a lusty argonian maid? What does my new plumbing look like? Are there others of my new species around for me to do the monster mash with?
But overall, yes I’d probably go for it. I don’t delude myself into thinking that I will somehow continue to exist after death; so, not dying seems like the better alternative. Sure, if the downsides are really bad, I can accept that death is a better outcome (e.g. you live forever, but have locked-in syndrome forever). But, living as a lizard person doesn’t seem too horrible.
I trust every AI group to do their level best to separate me from my money. Beyond that, I wouldn’t trust them with a stolen identity.
You could try using Autopsy to look for files on the drive. Autopsy is a forensic analysis toolkit, which is normally used to extract evidence from disk images or the like. But, you can add local drives as data sources and that should let you browse the slack space of the filesystem for lost files. This video (not mine, just a good enough reference) should help you get started. It’s certainly not as simple as the photorec method, but it tends to be more comprehensive.
Most of those US services (YouTube, Twitter, etc.) arose to fill a niche which was opened by expanding access and bandwidth. Take YouTube as an example, the idea of sharing a video on a dial-up connection was simply silly. Just downloading the contents of a 1.44MB floppy on a 14.4kbps modem took forever. Even when we got to a 56kbps modem, pictures could still be slow and GIFs were painful to download. It wasn’t until home DSL or cable connections became common that sharing a video was even close to reasonable. In that environment, we saw the start of media sharing services rushing to fill a previously unknown “need”. The most well known was Napster for music sharing, but we also saw the start of bittorrent clients. While not exactly legal, early music sharing and torrent sites showed that people wanted to be able to download media. And with sites like MySpace or GeoCities cropping up, it was apparent that people wanted to also create and share media. YouTube simply married up those two desires at a time where the technology could reasonably support it. And they have massively capitalized on the first mover advantage. With them also having Google money to scale the service, they now sit in a fairly privileged position in their niche.
I bring this up to say that, were US based services snapped out of existence, new services would arise to fill the gap. If you look at somewhere like China, where access to US services is highly regulated, they aren’t simply doing without, they are creating their own alternatives. TikTok is a good example, while it lacks the longer form videos of YouTube, it did provide media sharing in China. Were YouTube to be blocked at the Great Firewall, TikTok is in a good position to expand into the longer form videos. China also already has WeChat which fills much of the Twitter and FaceBook nice. Russia has VKontakte for those spaces as well. Basically, any place which isn’t well served by US based media giants has their own solutions to fill those gaps.
Western Europe (using EU as shorthand, though yes I know the EU isn’t all of Western Europe) has the issue of being closely linked with the US economically and culturally. US based services can operate in most EU countries with little friction. Sure, they have to figure out GDPR and Data Privacy issues, but that’s not a major barrier, despite US companies’ whining. So, given the size, first mover advantage and money behind the US based solutions, there hasn’t been space for reasonable EU based replacements. Why use some second rate EU based system, when the US system works so well, and the EU and US are such good allies and closely linked?
Of course, that last bit is changing (which is part of why you’re asking the question, no doubt). With the US Government going quickly off the rails, and US tech giants doing their damnedest to enshitify everything, the deep cultural links between the US and EU are starting to slip. There might now be space for EU based services to try to step in and replace services like YouTube or Twitter. And that’s the answer to your question. If those services go away, they will be replaced by something else. In time, they are probably bound to be replaced anyway. At one time everyone though MySpace was here to stay, these days I suspect some folks had to google it to figure out what the hell I was going on about. It may be a long time to come, but I’d bet on YouTube eventually being replaced. I have no idea what will replace it, but nothing lasts forever.
A what now?
I’m just here to read memes and rant about crap no one else cares about. I can’t be arsed to dig into all the random profile crap the developers poured hours of blood, sweat and tears implementing.
If the only place you are seeing this sort of behavior is Reddit, it’s not worth worrying about. If you are so obsessed with what other people are doing on Reddit that you feel the need to ask about it on Reddit/Lemmy, it’s probably time turn off your devices and go touch grass. Always remember the Greater Internet Fuckwad Theory. People with pseudo-anominity say a lot of stupid stuff.
I can think of a couple of reasons off the top of my head.
You don’t say, but I assume you are working on-site with your work system. So, the first consideration would be a firewall at your work’s network perimeter. A common security practice is to block outbound connections on unusual ports. This usually means anything not 80/tcp or 443/tcp. Other ports will be allowed on an exception basis. For example, developers may be allowed to access 22/tcp outbound, though that may also be limited to only specific remote IP addresses.
You may also have some sort of proxy and/or Cloud Access Security Broker (CASB) software running on your work system. This setup would be used to inspect the network connections your work system is making and allow/block based on various policy settings. For example, a CASB might be configured to look at a domain reputation service and block connections to any domain whose reputation is consider suspect or malicious. Domains may also be blocked based on things like age, or category. For this type of block, the port used won’t matter. It will just be “domain something.tld looks sketchy, so block all the things”. With “sketchy” being defined by the company in it’s various access policies.
A last reason could be application control. If the services you are trying to connect to rely on a local program running on your work system, it’s possible that the system is set to prevent unknown applications from running. This setup is less common, but it growing in popularity (it just sucks big old donkey balls to get setup and maintain). The idea being that only known and trusted applications are allowed to run on the system, and everything else is blocked by default. This looks like an application just crashing to the end user (you), but it provides a pretty nice layer of protection for the network defenders.
Messing with the local pc is of course forbidden.
Ya, that’s pretty normal. If you have something you really need to use, talk with your network security team. Most of us network defenders are pretty reasonable people who just want to keep the network safe, without impacting the business. That said, I suspect you’re going to run into issues with what you are trying to run. Something like SyncThing or some cloud based storage is really useful for businesses. But, businesses aren’t going to be so keen to have you backing their data up to your home server. Sure, that might not be your intention, but this is now another possible path for data to leave the network which they need to keep an eye on. All because you want to store your personal data on your work system. That’s not going to go over well. Even worse, you’re probably going to be somewhat resistant when they ask you to start feeding your server’s logs into the businesses log repository. Since this is what they would need to prove that you aren’t sending business data to it. It’s just a bad idea all around.
I’d suspect Paperless is going to run into similar issues. It’s a pretty obvious way for you to steal company data. Sure, this is probably not your intention, but the network defenders have to consider that possibility. Again, they are likely to outright deny it. Though if you and enough folks at your company want to use something like this, talk with your IT teams, it might be possible to get an instance hosted by the business for business use. There is no guarantee, but if it’s a useful productivity package, maybe you will have a really positive project under your belt to talk about.
FreshRSS you might be able to get going. Instead of segregating services by port, stand up something like NGinx on port 443 and configure it as a reverse proxy. Use host headers to separate services such that you have sync.yourdomain.tld mapped to your SyncThing instance, office.yourdomain.tld mapped to your paperless instance and rss.yourdomain.tld mapped to FreshRSS. This gets you around issues with port blocking and makes managing TLS certificates easier. You can have a single cert sitting in front of all your services, rather than needing to configure TLS for each service individually.
It’s certainly one of those hard trade-offs to make. One of the methods for reducing crime is increasing the perceived likelihood of getting caught. Cameras can do that, if there is regular follow-though by government authorities to investigate, arrest and prosecute crimes. Though, there is probably more value in reducing poverty and corruption, which is known to reduce crime. And which has the added benefit of not creating a surveillance network when corruption does creep into government. Of course, that is expensive and might just help the poors, and that is antithetical to authoritarians of every stripe.