Here’s the original report: https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/

It doesn’t specifically attribute this to the NSA, and it’s very hard to definitively say who created what malware anyways.

That being said, if you read through the report, the details on this really scream “state actor” most probably. The level of modularity, the infrastructure of the C2 server, and the detailed & flexible spying capabilities all point to some government agency more than anything else.

Never read again? These can’t be modified, but they can be read. After all, it’d be pretty useless to store data on a medium than can never be read.

Sure, but I suspect this is the real motivation for the article:

Windows 11 Pro force-enables the software version of BitLocker during installation, without providing a clear way to opt out

It sounds like many people may be using software encryption without realizing it, if Windows 11 Pro uses it by default.

Admittedly I haven’t been looking that hard, but I don’t think I’ve seen a TV for sale in the past 10 years that wasn’t a “smart” TV.

That’s because it makes sense when dynamically creating HTML. HTML is not a programming language, it’s simply markup - so if you want to generate some block of HTML in a loop and later access that block of HTML in JS (e.g. to interact with the UI separate from creating it in the first place), it’s a completely reasonable thing to do.

Just wanted to give props to this super informative comment. Thanks for the write up and relevant links!

TS is “better” but often I feel like just configuring typescript takes up a significant amount of the time you save by using it.

deleted by creator

No worries, the Democrats will do what the party does best with a majority - pretty much nothing.

Enough to say “see? We’re better than the other guys”, but not enough to even nudge the status quo.

deleted by creator

Spotify pays artists based on how many listens their songs get, so if you can get a bunch of bots to stream your music over and over you can get a legitimate income stream.

In this case, they’re using their illegal income to pay people to use a botnet to stream their songs - which then means they have a nice legal income instead.

But what if it was an African Swallow?

Mostly agree. I’m ok with single characters in a one line / single expression lambda, but that’s the only time I’m ok with it.

Building microchips is really hard and Taiwan has held a practical monopoly on the industry for a while now. It’s not that the US doesn’t have educated workers, but it wouldn’t surprise me that it is hard to find many qualified to build the actual facilities to manufacture microchips - most of the US’s involvement in microchips has been designing them and then handing those designs over to Taiwan for manufacturing.

1 hundredweight = (1 qt * 32) + 100.7, of course. It’s very intuitive.

I came across this one just yesterday and while it was convenient at first, I immediately got frustrated when I went to add some parameters and discovered it wasn’t actually curl

“Sorry, our unbelievably massive military budget is only for active duty military. Best we can do is schedule you an appointment to talk to someone next year about the benefits you won’t be receiving.”

“If a student uses the college search tool on CB.org, the student can add a GPA and SAT score range to the search filters. Those values are passed [to Facebook]”

So they don’t associate your official score to your browser, but presumably students who are using that search tool would be searching their real score - or a range close to it.

The headline is fairly leading, but the statement from the College Board is also fairly misleading. They’re not directly selling your official score to advertisers, but they’re indirectly selling data about you that gives a pretty good idea of your score.

I don’t think it’s good enough to have a blanket conception to not trust them completely.

On the other hand, I actually think we should, as a rule, not trust the output of an LLM.

They’re great for generative purposes, but I don’t think there’s a single valid case where the accuracy of their response should be outright trusted. Any information you get from an AI model should be validated outright.

There are many cases where a simple once-over from a human is good enough, but any time it tells you something you didn’t already know you should not trust it and, if you want to rely on that information, you should validate that it’s accurate.

Yeah, and those blood suckers are the richest assholes out there