Source: www.schneier.com – Author: Bruce Schneier
Friday Squid Blogging: Footage of Black-Eyed Squid Brooding Her Eggs
Amazing footage of a black-eyed squid (Gonatus onyx) carrying thousands of eggs. They tend to hang out about 6,200 feet below sea level.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
Comments
Corton •
I’ve been an acquaintance of this blog for a while (under different aliases). I’ve never experienced “moderation” or censorship, until recently. In terms of transparency and democracy I think it would benefit us all to have a container/index of all the posts subjected to deletion on this same blog.
Q1: Why and how are certain people splashing the restroom sink water so high up on the mirror above the handwashing stations?
Even for tall people, the spatter patterns go way above anything accidental.
Q2: What are the implications for restroom assault statistics, considering that it might be more difficult to ambush someone if the ordinary restroom mirror allows them to witness and respond to the assailant creeping up behind them?
Q3: Is it just me, or SWAT team members?
Q4: How long has this been going on?
echo •
https://www.ft.com/content/29fd9b5c-2f35-41bf-9d4c-994db4e12998?sharetype=blocked
Financial Times.
A new global gender divide is emerging.
[…]
One of the most well-established patterns in measuring public opinion is that every generation tends to move as one in terms of its politics and general ideology. Its members share the same formative experiences, reach life’s big milestones at the same time and intermingle in the same spaces. So how should we make sense of reports that Gen Z is hyper-progressive on certain issues, but surprisingly conservative on others?The answer, in the words of Alice Evans, a visiting fellow at Stanford University and one of the leading researchers on the topic, is that today’s under-thirties are undergoing a great gender divergence, with young women in the former camp and young men the latter. Gen Z is two generations, not one.
[…]
Outside the west, there are even more stark divisions. In South Korea there is now a yawning chasm between young men and women, and it’s a similar situation in China. In Africa, Tunisia shows the same pattern. Notably, in every country this dramatic split is either exclusive to the younger generation or far more pronounced there than among men and women in their thirties and upwards.
[…]
It would be easy to say this is all a phase that will pass, but the ideology gaps are only growing, and data shows that people’s formative political experiences are hard to shake off. All of this is exacerbated by the fact that the proliferation of smartphones and social media mean that young men and women now increasingly inhabit separate spaces and experience separate cultures.
And:
https://news.yahoo.com/americas-gender-war-105101201.html
Something strange is happening between Gen Z men and women. Over the past decade, poll after poll has found that young people are growing more and more divided by gender on a host of political issues. Since 2014, women between the ages of 18 and 29 have steadily become more liberal each year, while young men have not. Today, female Gen Zers are more likely than their male counterparts to vote, care more about political issues, and participate in social movements and protests.
[…]
But while women were rallying together, many Gen Z men began to feel like society was turning against them. As recently as 2019, less than one-third of young men said that they faced discrimination, according to Pew, but today, close to half of young men believe they face at least some discrimination. In a 2020 survey by the research organization PRRI, half of men agreed with the statement: “These days society seems to punish men just for acting like men.”
It increasingly feels like Gen Z men and women are living on different planets, each guided by the belief that they are navigating uniquely hostile terrain — and understanding why is crucial to bridging the gap.
These surveys are mostly a summary of a range of high level pressures. It’s a repeat run of the 1980’s in some ways with some differences. There’s legacy top down pressures and legacy in group out group pressures public policy and politicians with partisan vested interests aren’t addressing. The second article goes into more detail.
There are no simple solutions to complex problems, and any initiatives today can take years or decades to feed through. If there is a single point I would pick which is problematic it would be the rise of the hard right post financial crash – they sell simple solutions to complex problems which aren’t solutions at all. They’ve also got a little more clever with their messaging and post-internet are more joined up domestically and internationally. There’s also a fair bit of billionaire and dodgy state dark money sloshing about to fund this. Another problem is the hardening of polarisation, persistent use of wedge issues, and bothsiding media who are badly prepared to deal with the threat.
If there are two issues I would pick as a counter it would be women need more individuation and less in group out group identification – not everything is a woman’s issue; and men need more sense of community and be less concerned about hierarchical position. All of the problems which raise from a lack of this are well documented. There have been policy initiatives to counter this but in the UK at least corporate governance and promoting public services and a sense of economic wellbeing have been absent for most of the past decade.
You’d have to go back to the early part of the 20th century to find similar dynamics operating. Few people realise how rapid changes were back then. In less that the space of a decade Victorian attire gave way to the modern lounge suit and dress. The horse was replaced by the car. The beginnings of health and safety, and the welfare state began to emerge. A short period of boom was followed by the last gasp of imperial ambitions and a kickback of modernity and the world was at war not just once but twice.
Where we are at is worrying but the public policy initiatives are there. They are known knowns. We just have to do it. A generation of high status high net worth individuals dying off will be helpful as will sidelining their single issue “think tanks”. More community and equality sounds, omg, so socialist but from another point of view it’s enlightened self-interest. Rebuilding a consensus which works for everyone makes more sense to me than zero-sum games.
I know everyone rolls their eyes at gender studies and feminist economics (yes, it is a thing) but there’s a lot of interesting new developments in both fields and a lot of useful overlap with “men’s issues” and, yes, security policy for the pedants. It does require less of a singular point of view and more of a multi-polar point of view though.
If there’s two personal things I think men and women can do is 1.) Men stop seeing themselves as the only rational actor in the room and 2.) Women stop seeing everything through a social-autobiographical lens. It’s really really really hard to do this in the work place and socially but it needs discussing and needs best practice guidelines developing and practice. It can be done but also needs institutional buy-in and structural factors addressing. I’m not saying it’s the solution to the question posed by the linked surveys but it’s a start, and it’s going to be a struggle as indicated by the surveys but better start now than when the negatives feed through when people are hitting middle and senior management or people are going to have more security issues to worry about.
AI IT •
Computers Make Mistakes And AI Will Make Things Worse — The Law Must Recognize That
“…one aspect of the scandal has attracted comparatively little attention: that the laws of England and Wales presume that computer systems do not make errors, which makes it difficult to challenge computer output. National and regional governments around the world where these laws exist need to review them, as there are implications for a new generation of IT systems — namely those using artificial intelligence (AI). Companies are augmenting IT systems with AI to enhance their decision-making. It is inconceivable to think that this is happening under legal systems that presume computer evidence is reliable. Until such laws are reviewed, more innocent people are at risk of being denied justice when AI-enhanced IT systems are found to be in error.”
Full article: https://www.nature.com/articles/d41586-024-00168-8
JonKnowsNothing •
@chaff, tartan and burberry, All
re: Open link URLs
It has been a topic on this blog for sometime about clickable URLs. “we are okay to click” is very poor security advice and shows you know very little about how the links actually work. Or perhaps you are enticing people to click for other reasons.
URLS are not secure, not securable, not safe and not what you think they are.
There’s a lot behind the scenes and most of it is bad-for-you.
It is recommended you do not click any links, on blog pages, in emails, in text messages as they are all hackable and can carry 0-click exploits, in which case you are already done… well done.
It’s a bit harder to find the source with HAIL everywhere but most posts will indicate a decent path to find the source reference.
URL Spoofing is quite common.
===
ht tps:/ /en. wik ipedia.org/wiki/Spoofed_URL
- A spoofed URL involves one website masquerading as another, often leveraging vulnerabilities in web browser technology to facilitate a malicious computer attack.
- user visits a website and observes a familiar URL
- the information they input is being directed to a completely different location, usually monitored by an information thief.
h ttp s:// en .wikipedia.org/wiki/Spoofing_attack
- spoofing attack is a situation in which a person or program successfully identifies as another by falsifying data, to gain an illegitimate advantage.
- A list of many ways technology can be redirected
Stochastic Parrot •
“I would love to see OpenAI take accountability for everything that ChatGPT says because they’re the ones putting it out there,” she said without hesitation, even though it has been long debated who should bear the blame – developers or users, when technologies backfire. She sternly adds that “They are the ones who set up the means to spill synthetic information into the ecosystem. So far, there’s no accountability for that, and there should be.”
Source: https://analyticsindiamag.com/linguist-emily-m-bender-has-a-word-or-two-about-ai/
JonKnowsNothing •
All
re: UlezGate (1)
In the UK, there are low emission zones (ulez) where no big smog producing vehicles are allowed. London has one of these zones.
It seems that some people must pay a daily registration fee or maybe they do not need to pay this fee.
Some people from EU, visiting London in compatible no-fee-need cars, were tagged and fined thousands for “violation of ulez” parking. Except these vehicles were not in violation.
The UlezGate part, shows up in how Transport for London (TfL) got a hold of the EU drivers information and processed large fines with increasing penalties for the EU drivers.
Since BREXIT the UK no longer has access to the EU licence plate sharing system: Eucaris.
London outsourced collection and fines to a company called Euro Parking. Euro Parking gets a financial incentive for every fine they place and collect. They do not have access to Eucaris either.
So it seems that Euro Parking did a lot of under the table dealings, bribery and shenanigans to get the databases. One set was acquired from Belgium, another from Italy.
- Hundreds of thousands of EU citizens were wrongly fined for driving in London’s Ulez clean air zone
- possibly one of the largest data breaches in EU history
- illegally obtaining the names and addresses of EU citizens in order to issue the fines, with more than 320,000 penalties, some totaling thousands of euros sent out since 2021.
===
1)
HAIL Warning
h ttps:/ /www .theguardi an.com/uk-news/2024/jan/26/eu-citizens-ulez-fines-data-breach-tfl
- Hundreds of thousands of EU citizens ‘wrongly fined for driving in London Ulez’
-
EU states accuse TfL of huge data breach over clean air zone penalties, with many given to compliant vehicles
-
Transport for London (TfL) has been accused by five EU countries of illegally obtaining the names and addresses of their citizens in order to issue the fines, with more than 320,000 penalties, some totalling thousands of euros, sent out since 2021.
-
Since Brexit, the UK has been banned from automatic access to personal details of EU residents. Transport authorities in Belgium, Spain, Germany and the Netherlands have confirmed … that driver data cannot be shared with the UK for enforcement of London’s ultra-low emission zone (Ulez)
ht tps://w ww.theguar dian.com/environment/2024/jan/26/how-belgian-mp-michael-freilich-turned-sleuth-to-solve-london-ulez-fine-mystery
- How Belgian MP turned sleuth to solve London Ulez fine mystery
- Politician tells of trips to city to secure key evidence on thousands of potential data breaches by TfL collection agents
- [UK] penalties accused them of entering the city’s low emissions zone (Lez) without paying the daily charge. The Lez primarily targets heavy, large commercial vehicles, and non-compliant users can be fined up to £2,000 a day.
- were in family cars. Furthermore, their vehicles complied with the sister scheme for cars, the ultra low emissions zone
- Transport for London’s (TfL) debt collections agent, Euro Parking Collections
- Euro Parking got illegal access to EU driver information by bribery and 3d Party Warehouse Exchanges the EU licence plate sharing system Eucaris.
echo •
“Ulezgate” and “licensing” NHS data to Palantir are examples of intended and unintended consequences of the Tory party donor class and nutjobs hijacking government. Notwithstanding the Met being slow to prosecute politicians and white collar crime (due to disincentives including abuse of public office and throttled funding) there’s an increasingly long list of people who deserve jail time. We don’t have a government. We have an authoritarian kleptocratic regime. It’s a bit abstract for some people but on top of this the Tories agenda to duck jurisdiction of the European Court of Human Rights and introduce charter cities by the backdoor is more than a little worrying.
I’m more worried about this than getting paranoid over link clicking. The threat envelope and risk assessment isn’t worth my bother. If anyone has to be eyerollingly paranoid do a search on a quoted text sample and click on the result, or type a link in manually, or use a separate machine. The point being a long list of professional rectitude is an excuse to get nothing done. Focus on what can be done without being one size fits all copycat patronising. The reason why I say this is I see it pop up so many times in established practice and inferred in documentation to the detriment of a client it’s not funny. Why does it happen? Overdoing institutionalising behaviour and poor application of formal risk assessment. Professional reputation and aversion to legal action kicks in and people circle the wagons and go up their own bureaucracy.
Back to the politics there’s a couple of other Post-Brexit and post-truth shoes dropping. Food standards and customs issues will be kicking in as the timer runs out. This will cause food import and export problems i.e. supply issues and business viability issues. The EU is also dealing with supply of medical products due to demand and production and supply chain issues disrupted in part by increased demand and geo-political disruption. They’re creating a huge wall around the EU to secure production and supply. The UK is now outside the single market and that’s going to kick in soon after.
Hands up who has followed parliamentary discussions by the Women and Equalities Committee? BMJ/Lancet published articles on post-Brexit post-pandemic medical item supply? Current implementation of the Council of Europe Convention on Preventing and Combating Violence Against Women and Domestic Violence (Istanbul Convention)? Latest medical best practice guidance? Latest protocol consultations? Latest Crown Prosecution Service (CPS) guidance? What’s emerging about institutional and normalised bad behaviour by significant elements in police forces. (Yes, another documentary is about to drop.) Nope. Thought not.
I’ve wrapped myself up in knots here but the general point is that point of view and method and what information you’re looking at can change the picture somewhat. I think a point I’m getting at is that (male dominated) government and institutions and random actors view themselves as the only rational actor in the room and this can blind them and lead to all manner of mess to clear up.
echo •
https://www.youtube.com/watch?v=U8c-5rs19gU
‘An 80 year old woman was the first to get accountability from [The Orange *&%$ Gibbon] ’: Lisa Rubin
And:
https://www.cnbc.com/2023/04/14/trump-made-a-bundle-of-cash-selling-nfts-financial-filings-show.html
[The Orange *&%$ Gibbon] made a bundle of cash selling NFTs, financial filings show.
To be fair many good men and good women played their part in getting satisfaction for the client. I just find the contrast of imagery between an 80 year old woman and the fantasy world the defendant encourages (as demonstrated by the image in the second older article) quite funny. It condenses in a loose way books by Ruth Ben-Ghiat. Jason Stanley is worth a read too.
(Name substituted to dodge search engine inquiries by pests).
https://www.youtube.com/watch?v=HSaYgxqbl_k
How Authoritarian Leaders Rule and How They Can be Defeated with Dr. Ruth Ben-Ghiat.
https://www.youtube.com/watch?v=CpCKkWMbmXU
The Big Think.
Jason Stanley.
The 10 tactics of fascism.
If there’s one critical issue in both the UK and US it’s the role of campaign advisors. I think too many bad habits have crept in there influenced in part by polarising dogmas such as pushed by Newt Gingrich or divisive campaign advisors like Lynton Crosby and their heirs. And of course Murdoch et al. Doing away with truth in media law, or captured and weak regulators only reinforce this. The donor class and lobbyists skew things harder behind closed doors.
I think job titles and technology (whether big tech or law or any codified or computational thing) go so far. It’s always about people. People are always the weak point. People and by virtue of this society is what we are here for. I always think that gets lost in “chasing the code” or “efficiency” or “purposeful action”. None computational sentiment or tacit knowledge gets crowded out.
https://www.youtube.com/watch?v=TcT488Brm0Y
‘[The Orange *&%$ Gibbon’s] showing extreme weakness’: Is he afraid of debating a woman?
And:
https://www.cosmopolitan.com/uk/reports/a45638898/rishi-sunak-one-year-on/
After one year as Prime Minister, here’s everything Rishi Sunak has done for women
The right wing and legacy arrangements with technical and military spheres typically have problems with women usually manifested personally or with policy tilts and focus. That problem is replicated through organisations and into younger men and women as per surveys. The take from this is it’s solvable and bad actors can be firmly rejected by best practice and society. Long term, I think, this is a win.
ResearcherZero •
APT29 compromised a “legacy, non-production test tenant account that did not have multifactor authentication (MFA) enabled” then “compromised a legacy test OAuth application that had elevated access”
“Midnight Blizzard used residential proxy networks, routing their traffic through a vast number of IP addresses that are also used by legitimate users, to interact with the compromised tenant and, subsequently, with Exchange Online.”
“The actor created additional malicious OAuth applications. They created a new user account to grant consent in the Microsoft corporate environment to the actor controlled malicious OAuth applications. The threat actor then used the legacy test OAuth application to grant them the Office 365 Exchange Online full_access_as_app role, which allows access to mailboxes. Midnight Blizzard leveraged these malicious OAuth applications to authenticate to Microsoft Exchange Online and target Microsoft corporate email accounts.”
ApplicationImpersonation allows a caller, such as a service principal, to impersonate a user and perform the same operations that the user themselves could perform.
“They utilize diverse initial access methods ranging from stolen credentials to supply chain attacks, exploitation of on-premises environments to laterally move to the cloud, and exploitation of service providers’ trust chain to gain access to downstream customers.”
‘https://www.microsoft.com/en-us/security/blog/2024/01/25/midnight-blizzard-guidance-for-responders-on-nation-state-attack/
one service account access to every mailbox in a database
“For Exchange on-premises, you should create a management scope that limits impersonation to a specified group of accounts. If you do not create a management scope, the ApplicationImpersonation role is granted to all accounts in an organization.”
“For Exchange Online, you should create application access policies to limit the scope of the impersonation. If you do not create an application access policy, then the full_access_as_app permission is granted to all accounts in a tenant.”
‘https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/impersonation-and-ews-in-exchange
We do not do routing policy at microsoft etc… blah blah blah
hijack our system [here], [here] and [here]
and you can do redirects right [here]
–
‘https://www.malwarebytes.com/blog/threat-intelligence/2024/01/malicious-ads-for-restricted-messaging-applications-target-chinese-users
Clive Robinson •
@ echo, ALL,
Re: Gen Z devided
“It’s a repeat run of the 1980’s in some ways with some differences.”
You need to look at history a little closer.
It’s not a recent thing or an 80’s thing, it’s a cycle or more acurately a saw-tooth that rises in peace and falls rapidly in war.
It’s why some of us have been warning WWIII could be approaching over the horizon.
Around the time Gen Z etc were comming into the world the tensions between East and West were rising and people were predicting that a new World War would start around Germany as the last two had.
As East/West Germany was on the border with Berlin tucked and divided behind it, to many myself included the East German Guard Labour behaviours under the East German dictator and his wife looked likely as a place where the spark would ignite the powder.
The only thing that kind of gave us hope is what had happened in 1950/61 in Berlin which resulted in the Berlin Wall, Berlin Air Lift, and US Pres aproximately saying he was a doughnut in German.
The tension built and built. I had reason to be in Germany on several occasions during the build up to the wall coming down and whilst I and many were concerned, oddly the Germans I chatted to were not. I was in West Berlin on busines when the wall came down. The days before the Germans were jubilant almost festive because of the behaviours of other nations either side of East Germany “turning a blind eye” to East Germans leaving across their boarders and “going the long road home” to their families.
Then it happened nobody realy knows who swung the first sledge hammer, but things got busy. And even us young able visitors took our turn (which is why I’ve a chunk of the wall in my back garden).
The preaaure was vented the Soviet system colapsed, and if we had all been a little smarter maybe what happened in Belarus would not nor the Ukraine.
Anthropologists say “War is inevitable” due to “mating privaledges” due to lack of prospective female mates.
War kills of mostly unmarried men bellow the age of 30, thus changes the ratio of women to men fqvourable for peace to return.
Gen Z are those under 30 where unmarried men have been rising.
If the Anthropologists are correct politics won’t matter a damn we will “Go to War”.
Something we should think about, and maybe as I’ve said before take a good long look at German Reunification and the removal of Apartheid in South Africa, as well as also why Yugoslavia and Rwanda were such disasters. Because there obviously lessons there if we can find out what they are and learn from them, then maybe, just maybe we can head off disaster.
J-H •
League of Legends is the most popular online MOBA (Multiplayer Online Battle Arena) game, with several spinoff games and a total of over 150 million registered players. The maker, Riot, is wholly owned by the Chinese company Tencent.
As of next month, in order to play any of the LOL games, players must have Vanguard installed on their PCs and running. Vanguard must run at boot, and requires full root access.
In other words, it’s a rootkit.
We are supposed to trust that a company known to sometimes have bugs, which had a data breach last year, and which is owned by a Chinese company and thus vulnerable to influence by one of the top 5 bad actor nations on the internet, will not use root access with frequent (weekly) patches and updates to ever
a) Accidentally distribute malware or open up user vulnerabilities due to a bug or
b) Mis-use root access to PCs to gather data not related to the game.
Many US government employees (including active duty military) log on to their work e-mails from home using a PIV (Personal Identity Verification) card and reader. I can’t imagine allowing this rootkit to run while logging onto military networks is a good idea. I haven’t seen anything yet about the USG issuing a warning on the topic or forbidding logging on to computers that have Vanguard installed/running.
This seems like it’s a pretty big deal.
JonKnowsNothing •
@J-H, All
re Anti Cheating SW HW
Lots of game mfgs are looking into “anti cheating” devices. Some are external devices, while others are software mods, plugins etc.
Players don’t like anything that “holds them back” and are pretty clever in Min-Max advantages. There’s lots of discussion of what sort of advantage (aka balance) you can really have in a computer mediated game.
- If 2 players are equal in all aspects, any fight will be a draw
So, at least some players have to be unequal. Usually called a LowRank, where HighRank can one-shot them for a win.
It depends on the way the game is designed, a battle arena or a lane control or capture the flag, are all PVP versions that require some players to be disadvantaged.
Disadvantaged players, aka speed bumps, won’t hang around long unless they can get past the speed bump stage quickly. Facing veteran players with external advantages does not improve the process.
So, game mfg have been checking their financial reports on how to entice more players to join up. One of their views (not shared by all) is that players with access to external mods, add-ons, devices that give a boost to their game play, provides an advantage not built into to their game design. Basically, it skews the game outputs.
How each mfg decides to implement or ignore this condition will depend on how much their income is derived from players funding the game (subscription, ingame purchases, official add-on items).
That a game mfg wants to install a rootkit, is understandable from their POV. A player can find a different game to play, and many will do that.
Or they play on a dedicated game system and do not use it for Top Secret MilSpec work.
It’s of greater importance to eSports games, where such game mechanic cheats might earn a $Million prize.
echo •
@Clive
You need to look at history a little closer.
No I don’t, Clive. I’m focusing on a subset to keep things focused on a particular set of variables which are largely a 20th Century and onwards phenomena. This is your problem Clive. You spent so much time with maths and physics and in the army you’re not onboarding other factors. You’re head just in the right place because you’re not onboarding cultural and social changes because you’re at the other end of the demographic. When someone is talking about one theme do not upend it with another theme.
I’m well aware of the arc of history. Shall we go back to Roman law or the Vikings? Prattling on about Hitler would have people scratching their heads although, yes, that time period and philosophies were mentioned or implied. People in some problem domains have been warning about a repeat run and have been promptly ignored because of a repeat run of the 1980’s. Like, in the 1980’s women were banned from front line duties and LGBT people were excluded completely. Onboarding in part let alone whole really only happened in the 21st Century and even that is rolling back in some places. All of those elements are precursors and that’s before the conditions for another world war. Some people were warning about this after the financial crash. I have since learned others were warning about problems when the West let Putin off the hook over Chechnya and a few other other issues around that time. If there is potentially one deciding factor according to former Eastern bloc experts the issue is Russia post-Soviet collapse never dismantled KGB internal policing. Politically Russia never moved much past the Stalin era.
Politically I’m focusing on the issue of managing the demographic skews and the public policy initiatives which need to be followed. That’s the whole point of mentioning the theme in the first place!
With regard to gender population imbalances in the Netherlands the state pays for disabled people to visit sex workers on accessibility and safety grounds. (Dating while severely disabled can be tough and there are also safeguarding issues around relationships.) The only reason a right wing man, as people have joked, would object is because they don’t want to meet them on the way out as they are in the way in. Yet, more uptight countries want to peddle the so-called “Nordic model” as fix to “protect women” failing to note the overlap between anti-abortionists and “trad wife” and pro Nordic model advocates is nearly 100%. Surveys indicate states with proportional representation tend to be happier places, and states where women have a high degree of representation at a political level tend to be well run and satisfaction rates are high. They also tend more towards less income inequality. This tends to offset the “crisis of masculinity” and more extreme right wing tendencies. As you might notice this all tends to reduce the chances of internal strife and war.
There’s a fair gender split on worldview and emotional responses in raw data which tend to fight each other. They’re resolvable via public policy and education but the political impetus needs to be there. Currently it’s not. In the UK and US Blair and Clinton-Bush flunked it. Gen Z are feeling the pressure now. I don’t feel the solution is more business as usual neo-liberalism. I also feel that fixing this is a big signal to authoritarians, Putin included, that they’ve lost.
The “war on woke” and transatlantic backscratching by the Tories and GOP is the big weakness. It’s a repeat run of 1930’s Germany and they’re not hiding it. A fair portion of people in power lived through the 1980’s which is the major pinch point and the media pattern pushed by the Murdoch and other right wing inclined press is a repeat run of then, when they honed their skills, not helped by clickbait polarised data raping social media platforms which give them a largely unregulated personal reach. You can even lift articles from the time and just swap out the names of the targets and they read paragraph for paragraph the same. Tory party campaign directors like Lynton Crosby and the extremely murky Isaac Levido deserve special mention. While Putin et al are a pain fixing problems on the home front is an easier reach than going kinetic.
The point is you have to step outside of your field and listen to other experts. The number of times I’ve heard top down silo’d job titles say “it’s complex” or “not relevant” when what they really mean is it’s outside their single specialty and they’re not used to working with multiple fields or taking a holistic view. (This isn’t helped by the default being “man” and any difference of opinion is “political” and the subject matter obsession becomes a “conversation stopper”. And yes I have provided citations and given names of domain experts to consult only to be hit by a wall of crickets and their oh so considered published view is a lukewarm treatment which missed the point even when their focus had shifted to give it attention. It’s not unlike being “mansplained” by a random at a conference who is waving a book around not noticing that the PhD they are conversing has the same name as the name on the book cover because they’re a woman! The, erm, “I’m the author” and being met with a boggled look before continuing onwards is a classic experience of women at academic conferences. And if it happens to them?… And yes I have had a man lecturing me on one of Schneiers books he had just bought and no I don’t need to read the book because I already knew the subject matter in it before it was written which was crashingly obvious from the discussion!! And yes I’ve been laughed at by “senior” barristers when discussing information theory as it pertained to court rules and unlawful data leakage even when a woman who happened to be a Professor and whose PhD was in the topic I was discussing spoke up to back me up and said I was correct!!!! Dear God… Men!!!!!)
&ers •
@ALL
hxxps://en.interfax.com.ua/news/general/963210.html
hxxps://twitter.com/NOELreports/status/1751179676716814794
Screenshots:
hxxps://www.reddit.com/r/ukraine/comments/1acbf91/ukraines_main_intelligence_directorate_cyber/
lurker •
@ResearcherZero, All
Midnight Blizzard (also known as NOBELIUM) is a Russia-based threat actor
Scary, but
Privilege should be scrutinized more closely if it belongs to an unknown identity,
…
If you do not create a management scope, the ApplicationImpersonation role is granted to all accounts in an organization.
…
If you do not create an application access policy, then the full_access_as_app permission is granted to all accounts in a tenant.
IOW after 40 years in the business MS still sell their products wide open OTB. MailServer 101 is not for them, it’s for the customers, if they want …
Some years ago when we were merged with a larger unit and our Novell server closed down, I was reprimanded for not using Outlook or OWA. At least Eudora stripped off CalDAV and vCards and gave access to non-Outlook mail accts.
&ers •
@Sir Clive @ALL
hxxps://www.telegraph.co.uk/world-news/2024/01/26/us-nuclear-bombs-lackenheath-raf-russia-threat-hiroshima/
Clive Robinson •
@ echo,
“No I don’t, Clive. I’m focusing on a subset to keep things focused on a particular set of variables which are largely a 20th Century and onwards phenomena.”
If you don’t have the foundations straight then what you build on them is effectively a waste of time.
You have your foundations wrong, thus anything you do at the level you are talking about is the equivalent of puting a sticking plaster on a broken bone.
Your “I’m right because I’m more wordy and espousy and bossy than you” attitude might impress others initially but when it meets the logic and reason of science and what is built on those foundations you end up looking embarrassed.
Just go pink around the ears and we can all move on to more things more germane.
Mr. Peed Off •
Big Tech has already earned enough revenue in 2024 to pay all its 2023 fines
Last year, we published an analysis showing that fines against Big Tech for breaking the law are far too small even though authorities are empowered to levy larger ones. Government penalties are supposed to be the mechanism to force compliance with democratically approved laws. But for monopolistic tech giants, they’re a cost of doing business and easily ignored.
In fact, ignoring them is sometimes exactly what these companies do, according to our updated analysis. Their disdain for elected governments is all the more troubling considering how easy it is for Alphabet, Amazon, Apple, Meta, and Microsoft to pay up. Combined, Big Tech earned enough revenue in the first seven days and three hours of 2024 to pay off all $3.04 billion in fines from last year.
Why is this a problem? Because unaccountable tech platforms are the biggest privacy abusers. Their data collection capabilities are unmatched and easily co-opted by governments to manipulate and repress their citizens. If surveillance continues to be a profitable business model, privacy and human rights will always be at risk.
I seem to have lost the link to the above article. (*&^%$#@!)
Some here might find the following article interesting:
echo •
There’s been studies on the differences between top game players and the rest. I won’t look this up but like a lot of sport the differences are small and make a big difference in the outcome. In eSports (FPS) there are slight neurological differences at the top. People at the top also tend to hold a steadier aim as well as having a higher degree of situational awareness which results in more one shot kills.
Away from competitions with fixed hardware platforms For those with the money things like 4K screens and the latest fastest graphics card (to reduce latency) and lowered screen settings allow them to spot another persons avatar instead of it being lost in the nose. A 4K versus 1080p screen can mean the difference between an avatar looking like a random pixel or the enemy.
I’ve also seen similar results with car simulators e.g. professional drivers and professional eSports gamers and enthusiastic amateurs. Again, the differences at the top are slight. The difference in lap times was less than five seconds.
Modern consumer level car simulators using the correct car model and a laser sampled racetrack map and consumer level chairs and steering wheel and peddles providing feedback are, according to professional drivers with access to simulators provided by their manufacturing sponsor are close enough to the real car there’s no effective difference apart from the G forces in a real car. It’s also possible in a home set up (if you have the money) to DIY a display which is on par with industrial level screens using projectors and curved screens or, if you have insane disposable income, the same off the shelf hot swappable modular panel displays as used in the current military F35 simulator.
https://www.youtube.com/watch?v=Uq9dYJuwloI
When A 23,000 HOUR DayZ DUO Enter A LAST TEAM STANDING EVENT!
https://www.youtube.com/watch?v=zUuByspP4F8
A 27,000 HOUR Duo Play Chernarus Featuring TheRunningManZ – UNEDITED
I found this (two videos from the two different player’s POV) interesting as I wanted a closer look at strategic and tactical skills, and the differences between individuals and genders.
https://www.youtube.com/watch?v=oyjoqNpaVfk
I Took Part In An ALL FEMALE DayZ PVP Event – UNEDITED
The gendered social dynamics replicate a loose experiment asking a group of young women to judge the body weight of other women in this group who were all different sizes and shapes. The response was more about building rapport which not only hijacked the ability to accurately judge body weight but also the amount of the time dedicated to social glue versus the defined task.
Peer reviewed papers indicate when gender is factored out of intellectual pursuits men and women come out equal, pretty much.
The earlier links on politics and Genz are getting traction on social media. More than the the Bar Council position paper which came out of a few months ago on tackling workplace bullying, annoyingly. (Reports and scientific papers tend to get near zero traction on social media unless it attracts populist interest.) Ugh. The media and social media… They really lack the experts to guide discussion. Having a discussion about multivariate topics is hard at the best of times. More so with a polarised vested interest Greek choir and algorithmically enhanced headbanging.
Currently reading a notable person expressing exactly this kind of opinion on another subject…
JonKnowsNothing •
@echo, All
re: Gender bias in eSports
There is certainly a visible lack of representation in upper levels of eSports. I don’t know if the same is true for all esports where M+F compete in the same arena. Gender segregated sports have a different distribution of players.
Generally and unscientifically, more F are playing eSports than years ago. They are very good players and can reach top ranks. Computers in the main, level the playing field for many physical skills (strength, stamina) but do require a lot of intense focus.
As you have indicated, the quality of rig matters. In eSports competitions, the HW is standardized, the accessories are standardized (headsets, mouse, controllers) and the list of acceptable mods is the same for all teams/player.
PVP games are both single player, group teams, combination groups and a mix. All depends on the Time of Day (timezone) and the number of players logging in to play. Players tend to gravitate to an avatar-toon-class that suits their personal internal preference in how the game sets up The Trinity (DPS, HEAL, TANK). It would be wrong indeed, to think F players only play healers or light armor classes.
In eSports, things are starting to balance out on the gender scale mostly because more people have access to the hardware needed to run the games at basic levels. You don’t need at $20,000 game rig to enjoy PVP games. You might need a $50,000-$100,000 rig if you want to compete at international eSports level, which is why there are big eSports sponsors.
- note: there are mods that are used for people with a variety of physical challenges, vision and hearing issues.
There are lots of factors that go into competitive computer multiplayer games. Getting the playing field even-er is the overall goal for mfg, which they address regularly (updates) keeping their subscribers and fans happy.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Original Post URL: https://www.schneier.com/blog/archives/2024/01/friday-squid-blogging-footage-of-black-eyed-squid-brooding-her-eggs.html
Category & Tags: Uncategorized,squid,video – Uncategorized,squid,video
