So it’s not just an unlucky mistake. Its not just a poorly designed deployment process. They ignored actual smaller scale failures.

This interview it’s wild

Washington has fairly strong whistleblower protections. Even if I was disposed toward taking retaliation against somebody in that situation, and I’m not, I’d be very remiss to do that in the state of Washington.

Um wat

So is this what Mozilla meant when they announced a privacy push back in February

https://fortune.com/2024/02/08/mozilla-firefox-ceo-laura-chambers-mitchell-baker-leadership-transition/

How’s it compare to greenshot?

After several years of using Linux for work and school, I made the leap to daily driving linux on my personal computer. I stuck with it for two years. Hundreds of hours I sunk into an endless stream of inane troubleshooting. Linux preys on my desire to fix stuff and my insane belief that just one more change, suggested by just one more obscure forum post will fix the issue.

… the lack of an increment operation, no “continue” instruction, and array indices starting from 1 instead of 0. These differences can be jarring

Understatement

It depends. It will not affect many of them until 2025 when enterprise support for v2 ends and by then other arrangements and fixes might be. Brave in particular I would not worry yet.

Something I often see missing from discussion on privacy is that it’s not always about you, the listener. Sometimes it’s about protecting the most vulnerable people around you. For example, someone escaping from domestic violence might have a different view on how their information is protected. People struggle to see the value in privacy because it’s not been a big problem for them personally or because they think it’s hopeless. An introduction to privacy in my view is all about teaching empathy, hope, and advocating for others.

Once they have that goal in mind, you can tie in how open source helps empower people to take back their privacy

See comment section

This goes way beyond fingerprinting for CSAM detection. local device hidden nudes is now a target for hackers.

This has nothing to do with the Files app, nor does it have anything to do with re-indexing of the Photos library. This has to do with fighting CSAM. Apple has started (in this or a previous update), to scan your device (including deleted files) for anything containing nudity (search for “brasserie”) and adding it to your photos library in a way that it is hidden. That way, anything that the models detect as nudity is stored in your iCloud database permanently. Apple is doing this because it allows them to screen for unknown CSAM material. Currently it can only recognize known fingerprints, but doing this allows them (and the other parties that have access to your iCloud data) to analyze unknown media.

The bug mentioned here accidentally made those visible to the user. The change visible updates the assets in the library in a way that removes the invisibility flag, hence people noticing that there are old nudes in their library that they cannot delete.

…

And speaking of deleting things, things are never really deleted. The iPhone keeps a record of messages you delete and media, inside the KnowledgeC database. This is often used for forensic purposes. Apple is migrating this to the Biome database, which has the benefit of being synchronized to iCloud. It is used to feed Siri with information, among other things. Anything you type into your devices, or fingerprints of anything you view are sent to Apple’s servers and saved. Spooky, if you ask me. But the only way we can have useful digital assistants is when they have access to everything, that’s just how it works.

Nudes are meant to persist on iPhone. You’re just not meant to notice.

Only 91 percent?!

I second keepass. It’s running in at least half the secure environments we all rely on anyway.

They determined that the Gmail address was created on August 15, 2022 at an IP address associated with the Los Angeles residence of Darien’s grandmother. They further found that the recovery phone number for the TJFOUST9 account was associated with a T-Mobile US account registered to Darien.

Some incredible opsec right there /s

Might be factoring in more than just state income tax. There’s also sales tax, property tax, etc.

Kinda buried the headline

A Royal Mail executive does admit that its “overly sensitive” machines can sometimes wrongly flag genuine stamps as fake

They are charging £5 (to the recipient) for these false positives!

When asked why the machine might be wrongly flagging a legitimate stamp, the executive replied: “I mean who knows …"

Richard Trinder, the chairman of a campaign group that represents those wrongly convicted in the Horizon IT scandal, said: “It goes without saying that postmasters do not want to have to deal with false accusations about something else.”

Article takes a long time to say very little.

*Ten things that will pad out my list of generic rpg book topics. I definitely didn’t start with a clickable title and then fumble coming up with the ten things.

Containers are a really cool part of security. The security provided will depend on how the container is configured. For example if you give the container bridged networking permissions (or whatever equivalent term is used by your solution) then you’re giving the container access to communicate with other devices on your local network. This would be the opposite of what you want to do to prevent an attacker from pivoting through your LAN.

Other threats just aren’t within the set of protections that can be provided by a container. For example if you wish to protect your Minecraft world from being griefed the container won’t have any affect on this. Another example is hiding your IP.

Basically what I’m saying is that whenever you are looking at a security technology think about what guarantees it provides and realize that no single security measure provides protection against all threats.