It’s a fair question. There’s precedent where malware is embedded in PDFs.

Then someone will write an utility that automatically sets timezone using geoclue location data.

There’s the environmental impact: these ultra-fast planes burn through massive amounts of fuel, releasing far more emissions than regular aircraft

Hypersonic flights are a way to get us to a NON-inhabitable earth faster than ever before.

It would be fair to compare browsers without adding extensions, with default settings.

This would show which browser have the best security and privacy out of the box. Also, the comparison would be practically impossible otherwise.

Most people use defaults, and I suspect a large portion of users install no extension, unless maybe if a tech-savy relative adds an adblocker.

This is why these people ask, among other things, to strictly limit access to adults.

LLM are good with language and can be very convincing characters, especially to children and teenagers, who don’t fully understand how these things work, and who are more vulnerable emotionally.

That’s a good point, but there’s more to this story than a gunshot.

The lawsuit alleges amongst other things this the chatbots are posing are licensed therapist, as real persons, and caused a minor to suffer mental anguish.

A court may consider these accusations and whether the company has any responsibility on everything that happened up to the child’s death, regarless of whether they find the company responsible for the death itself or not.

Does this attack scale linearly with key size?

Using the D-Wave Advantage, we successfully factored a 22-bit RSA integer, demonstrating the potential for quantum machines to tackle cryptographic problems

That attack is a threat only if it scale better than existing attacks.

Update from Brewster Kahle:

Archive.org sub services coming back up when they can, safely. e.g. Email working.

Now contract crawls for National Libraries (important to keep collections whole)

Thank you for the patience. More as it happens. @internetarchive

Testing infrastructure would help for sure, but it’s not necessarily the lack of infra that’s causing trouble.

Linus complains the author didn’t submit the patch to some places for public comments and testing BEFORE requesting a merge.

It sounds like he expects something like

Here’s a mailing list thread asking for feedback and testing. No one complained in a week, could you merge ?

I hope Gimp 3.0 stable will happen before the heat-death of the universe.

Hovering over a checkmark will display a message that explains “Google’s signals suggest that this business is the business that it says it is,” which is determined by things like

I guess this due diligence cost time and money. And doing this due diligence for every ad customer might affect their bottom line.

• You have a malicious actor on your trusted network.
• If so, you have bigger problems.

This is more likely than you think. There’s more computers than you realise on the average network. Many aren’t updated and have vulnerabilities. If there’s one malware on one machine on your network, that means a malicious actor is on your network.

Common exemples :

• Home WiFi network with old unpached router, Android smartphone, network printer, security camera, thermostat, robot vacuum cleaner, smart lightbulb, smart TV, …
• Unsecure WiFi network at the cafe, train station, hotel, … where you connect a laptops that is sometimes used for printing and which has CUPS

What about winning hearts and minds?

Fighting ennemies while antagonising civilians create new ennemies. I fear that strategy is fueling an endless war, rather than ending a war.

That sounds promising for anyone with a weak immune system, who is unable to benefit much from vaccines.

This hasn’t gone through clinical trial yet, according to this article, so it’s going to take more time, money, and luck.

NOYB has the right to send a complaint if it think a company infringe upon right to privacy. Mozilla isn’t entitled to special treatment or special notice before filling a complaint.

Mozilla should have expected this. They claim to defend users privacy so they should understand why consent for data collection is important. Also there was public outcry and criticism of opt-out, and yet they haven’t backed down.

If Mozilla resolve these issues, NOYB could ask for the complaint to be dropped. I hope they do resolve this, and do drop the complaint.

Link to other sources are welcome.

I searched for sources and picked this article as it’s both relatively exhaustive, and one of the firsts ones published on this topic.

Thanks for the links, it’s interesting background. In that article from February 2021, The Artlantic states “There was also never a default”.

There was indeed no default as of February 2021. The default occured later, in April-May 2022, so we can’t expect a past article to include that information.

All major lenders need to take part in restructuring the debt indeed. That occured in 2023, and multiple lenders asked for a restructuring deal similar to the first one signed with China. I don’t know about the US, but Japan/India/French lender were looking for a similar restructuration terms. That sounds fair to me.

A debt rework between Sri Lanka and countries including Japan, India and France was also expected this week, but news of the EXIM deal took them by surprise. The three nations request comparability of debt treatment with China.

“As far as the information we have is concerned, conditions set by China are comparable to ours,” Kanda said.

The country’s default is clear evidence the overall debt wasn’t sustainable. Both Sri Lanka and its lenders have a responsibility on this. China is often the first mentioned because it was (still is?) Sri Lanka’s biggest foreign lender, although it would be good to have transparency of the country’s debt and interest rates on a per-lender basis, to see which ones are the most sustaonables.

The 2022 bloomberg article you cite first state:

It didn’t provide details on the value of the loans which it said matured at the end of 2021, nor did it state which nations owed the money.

I couldn’t read much further due to the paywal.

The Bloomberg article has too few details to make conclusions. We don’t know if AP and Bloomberg articles are referring to the same countries, nor whether it’s a significant portion or that country’s debt toward China.

The Reuters 2021 article has more details, and cite write-offs, as well as specific countries benefiting from deferrals: Angola, Pakistan, Kenya, the Republic of Congo. It’s good to read there’s some willingness to accomodate some countries.

Sadly that didn’t prevent Zambia and Sri Lanka from defaulting. China has lended hundred of billion of dollars with unsustainable terms, and this contributed to countries defaulting. That’s a bad situation for everyone involved.

I hope Tanzania and Zambia read the fine pints on the loan/inversement agreement.

Knowledge of the account is an obvious caveat. Yubikey-based MFA is an added layer of protection for accounts, so any kind of attack against MFA assumes the attacker already knows which account to target.

It’s like saying “our door lock is flawed, but the attacker would need to have knowledge of the door”.

The cost and complexity is what’s noteworthy and is more relevant. Although attack cost and complexity usuallu goes down with advances in tooling and research. So it may be a good idea to plan a progressive retirement of affected keys.