"If you failed it is only evidence that you were not doing enough."
is the core principle the whole self-help, self-improvement and large parts of weight loss and health industries always have been based on.
Maybe it's not about the money primarily. There are enough parties out there that want the people behind Anna's archive behind bars and I'm afraid this will end the same way as for the Pirate Bay guys in the best case and like it ended for Aaron Schwartz in the worst.
If the operators of Anna's Archive live somewhere like Russia or China, there's a good chance nothing will ever come of any of this legal action. Anna's Archive's biggest challenge is just maintaining availability of infrastructure.
If they were not physically in Russia or similar country out of the jurisdiction of the court, then they have likely moved to one or operate from one.
At this point, the court is just a willing instrument of corporate anger and assistant to help vent their frustration. The secondary purpose, is to erode rights and privacy, for a continual surveillance state and gain as much control over the DNS infrastructure as possible.
Chevron hired a private prosecutor who was friends with the judge who took the case, to prosecute Donziger after he won a case outside of the US against Chevron.
That’s a big if. My bet is that they are in Central or Northern Europe, just like the Pirate Bay people. Unlikely anyone in Russia or China would care to offer a service primarily to the benefit of the western world. I bet there are similar sites in the Runet or behind the Great Firewall we don't even know about and that simply don't bother catering to us.
Yep. You can also see that in the design language and the written English on their sites and blog posts. Something created by people with a Russian or Chinese background would approach a myriad of little things differently.
Z-library was/is very likely run by Russians. They were even arrested by FBI, but escaped. Archive.is is likely run by a Russian. LibGen was run by Russians.
They are all not Anna's Archive and one is not like the other. Z-library, LibGen maybe, Archive.is might be eastern Europe but almost certainly not Russia. Just because it's advantageous in some cases to appear Russian or Chinese doesn't mean it is true. Some are better in their camouflage others like https://migflash.com/ not so much.
What are you on about? rutracker, libgen, sci-hub, z-lib are all Russian/ex-Soviet projects and cater heavily to westerners. I'm 99% sure archive.is and anna's-archive are also in this category.
Or you know, MegaUpload. Raided at his home, while congress was trying to pass a bill, that allowed them to... stop online piracy... apparently, they REALLY needed that bill in order to do so.
"This plan works by letting software supply chain companies find security issues in new releases."
If it was that easy we'd simply find all vulnerabilities before the release. If the supply chain companies can run the scanners you can (and should) run them too. Even if we assume there is more to it, it would make sense to let those companies do the work before GA.
But it is not that easy. The true value comes from many eye balls and then we are back at cooldowns being some eye balls grifting others.
Consumers of dependencies aren't necessarily - or, I would argue, even typically - eyeballing them. The eye ballers in practice seem to mostly be hackers. Skipping the cooldown doesn't mean you're contributing eyes, it means you're volunteering to help the news of how many victims the attack swept up bigger.
No-one is hurt by having the cooldown. Hackers could choose to also have a cooldown, but must balance the risk of competing groups exploiting vulnerabilities first against the reward of a bigger pool of victims to exploit, and without collusion that still favours early exploits over held ones.
"Consumers of dependencies aren't necessarily - or, I would argue, even typically - eyeballing them."
No, but they are the reason software supply chain companies look into the releases. Cool downs very well shift the priorities and therefore hurt the ones not doing them, or doing shorter periods.
Oh boy, that’s a very generous view of human nature.
The cynic in me agrees with the article’s premise, but not because I believe "alignment is a joke", but because I doubt that humans are "biologically predisposed to acquire prosocial behavior."
EPYC chips have multiple levels of NUMA - one across CCDs on the one chip, and another between chips in different motherboard sockets. As a user under Linux you can treat it as if it was simple SMP, but you’ll get quite a bit less performance.
Home PCs don’t do NUMA as much anymore because of the number of cores and threads you can get on one core complex. The technology certainly still exists and is still relevant.
"Being on time is rude because you may be disturbing your host before they’ve made all the preparations they need before your arrival. Being early would be an outrageous offense."
It always amazes me how Brazilians and Germans can be so different when it comes to punctuality and yet so similar when it comes to their love of bureaucracy (and devotion to soccer, for that matter).
I specifically give people a time somewhere in the middle of a window in which they could arrive that neither disturbs my preparations nor disturbs the schedule I've devised. Everything may not be exactly ready at the beginning of that window but any preparations left to do can be performed while socializing (finish making appetizers, for example).
It also depends on who my guests are. If I know they are consistently late, I give them an earlier time. If they are always early, I give them a later time.
My grandfather was overly punctual. He'd show up 30-60mins early for dinner and my mom hated it. My mom loves hosting people but she can't do that while she's blowdrying her hair or helping her children get ready. So she would tell him a different time than everyone else coming over so he'd show up when everyone and everything was ready.
In the Brazilian case, it is not so much "love of bureaucracy" but rather "bureaucracy as a protection against private capture of public goods and services".
I think every OS should ask you to press a freshly generated sequence of keys when connecting a keyboard to prevent BadUSB attacks. Does any system do this?
That would break credit card readers, barcode scanners, and special purpose keyboards (like video workstations).
I suppose you could rely on a binary code, where the user is instructed to press any two keys to repeat the code, or if there is only one key (or it's a barcode scanner), to enter the same input multiple times, separated by long and short pauses.
Still seems like it would be difficult for the average user.
Having those devices ID themselves to the OS as a keyboard sounds like an idea where someone said "it'll be fine" rather than doing something more specific. sure, hindsight is 20/20 and all.
I'm all for personal responsibility but when it comes to employer/employee relationship there is a certain duty of care (beyond paying you) from the employer side. In many countries this is even coded in law but even if not it makes sense.
If there is no protection for the employee no one would get into a dependent employment relationship in the first place, especially when the pay is universally worse than being self-employed.
To me all the faces look messed but I believe it is mostly because the image seems to be distorted, it is stretched in the vertical direction.
I suspect it was created on hardware with non-square pixels and is just displayed wrongly.
reply