Random take, am not trying to defend it, just thinking of reasons - maybe he doesn't want people to fork it and risk that someone would market it better than him, and he would end up only as a footnote in sources list? So he wants to get known as The author, before making it open source?
Mikina
joined 2 years ago
it's also important to keep in mind that the cybersecurity field has adbanced tremendously, with cloidfare, EDRs, and in general it is now way harder to do anything anonymously without getting caught, quickly. This also males the field of hacking way more difficult to get in, which combined with reduced attention span of younger generations probably means there's not that many bored teens willing to put the time in, and as an adult you have way much more to loose, so for hose who had the skills it would be a lot greater risk.
I think it's quite the contrary, and AI will actually increase our job security. Because now, you have a lot of people learning to code using AI, and I've heard from my friends who was talking to other CTO's at a conference that they have even discusses whether it's even worth it to bother with hiring juniors now, because it turned out that a surprisingly large amount of them are in fact just a front-end for ChatGPT.
Can you eventually get a problem solved by talking to a LLM about it? Sure, but it will take you a lot longer, and you don't learn much programming skills. It's basically a lot worse version of copy-pasting code from StackOverflow, because there you can at least be certain that the code you are copying has been reviewed by at least someone, and the explanation isn't in most cases hallucinated stuff that sounds correct. You also can't keep asking Stack Overflow to edit your code for your use-case, and have to figure it out yourself.
But I'm really looking forward to major companies trying to replace programmers with AIs. Google implementing LLMs into search results was my favorite recent trainwreck, and reading articles with the CEO squrming that "We actually have to manually filter the results, because solving the LLM models halucinating turned out to be a really difficult issue". No shit, it's almost as if you want factually correct and precise outputs from a statistically-biased but still random generator.
Please, I want to se a company fire most of their programmers to replace with AI, and watch them burn. Hopefully, it will happen soon.
On the topic of Mullvad, what made me choose Kullvad over LibreWolf was the VPN being bundled in. If I'm not mistaken, the whole point of ToR browser is that you have exactly the same fingerprint as any other Tor browser user, making it a lot harder to distinguish you from others using your extensions, browser and other minor stuff your browser reports about you, that combined makes for a pretty unique fingerprint, evej of you are using a VPN.
But, if you have a browser that has the same fingerprint for all users, and it has an accompanying VPN, you can partly expect that most of other users of the same VPN will also be using the same browser, making it a lot harder to track you - because while there may be only a few thousands users of Mullvad in the wild, which renders the same fingerprint not much of an advantage (because you would be one of the few users of i.e Proton VPN with Mullvad), if you also use Mullvad VPN, it's probable that most of other users who share your Mullvad VPN IP are also Mullvad browser users, making it easier to blend in.
Bit that's mostly my theory, why (along with being able to pay with Monero) I feel like the combo of Mullvad browser and VPN is the best combination as far as minimizing fingerprint is considered. If someone has more knowledge about the issue, I'd love to hear some counter-arguments or tips how to improve my setup.
After Stormgate, which I was looking forward to, came out to be kind of meh, I reinstalled Starcraft and catched up on recent Florencio Files. I like PiG's casting, and Florencio's games are so entertaining to watch, how off-meta and nonsensocal they are, while also miracolously working. IIRC he plays in GM league, while his mechanics and gameplay is so weird but still somehow works. It's fun.
My favourite has been this game, the sneaky probe is such a genius move - https://youtu.be/-tlQv_r5w_s?si=Mb5Zb3hCxUXIpQh-
EVE is one of the most unique games I've ever seen and I admire it, and CCP in general, from what I've seen in their volunteer programs or from streams, seems like a nice workplace.
Also, Island is cool.
Then the book will definitely be up your alley, it's exaclty about that, and offers a great tips about how to approach it.
I cheated the MFAs by switching what I could to SMS, Yubikey or just copying the MFA private keynto Bitwarden. Kind of defeats the point of MFA, but makes stuff definitely easier.
Anything that's important however is on yubikey, however.
Also, good luck! Are you going through the Digital Minimalism book? I should refresh on it, every time I try it, it doesn't last long, but I always get rid of one more stupid online habit that I don't pick up when I inevitably return to my pre-reading the book intetnet usage. So, after already going through like 4 attempts in the last 3 or 4 years, my internet usage is slowly but surly changing for the better. But it's more of a long run, rather than being able to get everything on the first try, in my experience at least.
If you're not doing it because of the book/haven't heard of it, I definitely recommend reading Digital Minimalism by Carl Newport.
How to best approach starting secops in a small indie gamedev studio. We don't even have a sysadmin, and our boss mostly also does most of our infra together with one of the programmers.
We would love to start setting up some basic security setup, ideally FOSS based, and while I work there as a programmer, I do have 5 years of experience working as pentester and doing red teamings, so I kind of have an idea about what we could have. But I never did anything from blue team side, and also worked for large corporations, so most of the tools and solutions I've encountered are waaay over the budged of 20 man indie gamedev studio.
How would I even start? Are there any frameworks that would help but arent aimed at large corporations? What of the buzzwords we even need? Do I start with hardening group policies, get rid of local admins, then set up some kind of log management/SIEM, then IDS? And it's so hard to google for, because every blog post I found is just a disguised ad for a company that does Security as a Service. Why isn't there some kind of easy 10 step program that would tell you "step 1. Harden configuration. Step 2. Install ."
I vaguely know that most of the buzzwords that are thrown around have some dependencies, but what? Does IDS needs logs from SIEM, or is it the other way around? I'm obviously not qualified for this, but i dolid get time to research it, and some DIY attempts is definitely better than having no security in place at all. And, I know very well how to actually hack and test our security setup, so I can at least tell if something I've done is shit or useless :D
I'd go for scandiavia, if I could choose anywhere. Or Island, working for CCP is my dream job.
When I tried that, it lasted me for almost a year and a half, before I unfortunately got a second job that required MFA and I needed to be more online in general due to juggling two jobs. And it was amazing!
What I eventually did however was to get a dumb phone that can do a wifi hotspot, and still carried my smartphone but without simcard and net access, and powered off. When I really needed to get a taxi or look up a way home when I overslept drunk on public transport and ended up who knows where, I could always just fire up hotspot, power on the smartphone and do stuff I needed. Cause when that happened first time, it was when I first realized how much dependent I am on smartphone and net access.
Thanks for reminding me, I just quit one of the jobs and I can afford to be more offline, so back to the dumb phone I go! Convincing my GF again that she has to text me instead of using discord will be hard, though ... Or explaining that I really cant look up the fact she wants, or call a taxi quickly...
I still have a python bot that forwarded discord messages to my own bare html website, so I can chat with her with the basic web browser of the dumb phone.
I'd recommend Half Life: Alyx.
Or, you can probably make an absolute beast of Skyrim through mods.