College was huge for me. Much more diversity in the people and better chances of making friends with mature, educated people (not to say that they don’t exist outside of college, just that the pickings were much easier/reliable)

Is this satire or

You’ve discovered an artifact!! Yaaaay

If you ask GPT to do this in a more math questiony way, itll break it down and do it correctly. Just gotta narrow top_p and temperature down a bit

Got snatched up at an airport

Fell out of a 5th story window

Sent to a religious work camp

Being poisoned with polonium-210

All sorts of fun little things

Not at all what I meant. The premise was that this wouldn’t happen if they were being paid fairly. Supply chain attacks happen with or without fair pay.

Look at what happened with the XZ backdoor. Whether or not they’re getting paid just means a different door is opened.

The root of the problem is that we blindly trust anyone based on name-brand and popularity. That has never in the existence of technology been a reliable nor an effective means of authentication.

If it’s not outright buying out companies it will be vulnerabilities/lack of appropriate management, if it’s not vulns it’ll be insider threat.

These are problems we’ve known about for at least a decade+ and we’ve done fuck all to address the root of the problem.

Never trust, always verify. Simple as that.

… he made plenty off the product and made additional when he sold. Devs ability to make money has nothing to do with companies coming in and injecting malware to the service.

Any threat actor group with sufficient funds from various campaigns, spyware, etc could use said funds to buy out a dev, owner, etc.

Not to mention state-sponsored threat actors. This is the perfect example of distracting from the fact of what happened.

Good catch! Missed that one

For anyone interested - I’d you are using umatrix to block shit you can punch these lines into a new text file and import as blocklist, then commit it with the tiny arrow that points left toward the permanent list to save it permanently:

* www[.]googie-anaiytics[.]com * block

* kuurza[.]com * block

* cdn[.]polyfill[.]io * block

* polyfill[.]io * block

* bootcss[.]com * block

* bootcdn[.]net * block

* staticfile[.]org * block

* polyfill[.]com * block

* staticfile[.]net * block

* unionadjs[.]com * block

* xhsbpza[.]com * block

* union[.]macoms[.]la * block

* newcrbpc[.]com * block

Remove the square brackets before saving the file - these are here to prevent hyperlinks and misclicks.

Edit: this is not a bulleted list, every line must start with an asterisk, just in case your instance doesn’t update edits made to comments quickly.

Edit2: added new IOCs

Edit3: MOAR IOCS FOR THE HOARDE

This has almost nothing to do with what you’re talking about.

A Chinese company bought the domain and the service in February and are attacking people in highly specific conditions. (Mobile devices at specific times)

This is an attack. Not negligence, not an uh oh oopsie woopsie fucky wucky. Attack.

Intuit uses pollyfill… and a lot of people use that service.

Cloudflare and fastly wouldn’t be setting up mirrors if it weren’t still being used, I can guarantee that.

Red flags aren’t guaranteed to be a problem, they should just weigh heavier on your assessment of risk

Cheap TLDs should always be a red flag imo

Literally just said that windows is a dumpster fire for the majority of the time

Then explained that I also don’t think Linux should be seen as somehow better, and that it’s just a variant with different problems

But I guess that flew over your narrow mindset.

See ya

Gamblers fallacy.

Python, npm, and others are seeing huge spikes in typosquatting with malware

Supply chain attacks are also continuing to rise which takes away everyone’s naive approach to trusting whatever comes along on the premise of “name brands”

There’s no such thing as greener grass. It is always just a different shade. We are long past simplistic systems, and continue to grow in complexity which means an increasing attack surface and a necessity for continuing education/research.

Never trust, always verify. Windows is a heaping dumpster fire 80% of the time but I’m not going to pretend that Linux magically fixes everything and is infallible or somehow just “better”. There’s a reason many people don’t switch to Linux and that’s in the simplicity of using windows (mac, even). Linux, to some extent, requires a technical mindset, especially when it comes down to analyzing push/pull history for every package that gets installed/updated.

Not to mention the bullshit that comes with the (go figure) most common and user-friendly Linux distro - Ubuntu.

Inb4 linux is better but ignoring that things like “trusted” repo upgrades could come with a side order of compromised for months, including spyware

Turns out, not everything is black and white

Couldn’t have said it better myself - this tool, just like every “new” technology is built off the back of prior tools and science, and is multifaceted/dual-edged sword. You can’t just view things in one light or another, you have to look at them from multiple angles, understand the wounds they inflict, and how to manage them.

You’re absolutely right, I’m similarly in a high demand sector, (wonder if you can guess where, from my username) so my options are much more open.

I guess the conclusion I’m coming to is, maybe this fictional hack/tactic does work - just don’t spend too much time there if you can help it. Minimize how much you’re buying into these companies and don’t give them anything more than what they’re paying you to do.

My circumstances aren’t going to be the same as others, so all I can do is listen to their experiences and try to learn about other realities. Probably too deep in the comment thread now but definitely open to hearing others experiences in not-so-in-demand sectors.

Maybe that’s part of the problem - being in a field that is out of favor/demand? How do you provide value when that value isn’t needed at the moment?

To some extent, it’s about creating your own value.

I do agree that sometimes, we have to hack it to make it. We have to forge our own paths. Sometimes that means pivoting around jobs, getting your foot in the door, networking, etc. it means taking a lower paying salary now, and pushing your way into higher raises a la alternate job offers, now that you have experience.

But it does not mean supporting those that are stomping on others. It does not mean supporting the oppressor or the upper class for the sake of temporary security because you can bet your ass these same companies will put the AI into your working environment and fire just as much as it hires. All the while, you get stomped out anyway.

I’d watch the fuck out of this, and it’s an important topic to explore. Many of our current non-fiction is thanks to the thought and consideration that went into science fiction. You’ve got some talent here! Hope you’re still enjoying using it!

I understand and mostly agree with what you’re saying, but only under the notion you’re supposing.

That the majority of companies do this. That’s an assumption. We need data to accurately define whether or not it’s a wide spread problem.

I’m also highly confused but your first few sentences. You mince words by saying “for most employment domains” but then also say not most places but the largest companies

If the highest paying jobs are unavailable, and they are a small amount of other jobs which pay less (but not necessarily bad wages), there are still a majority of mediocre places and even underpaying places that exist.

I do not see value in encouraging the largest, best paying companiesjobs to continue to use these bad faith and misunderstood practices. You don’t encourage behavior you don’t want to see. You take mediocre salaries, and you hustle your way up into valued roles, ask for a fair wage, and if they say no, THEN you go to the large paying companies, and come back with the offer they made to you (perhaps with this fictional AI work around) and try again.

You should be paid fairly if you are truly valued. But sometimes you have to hack your way into that pay.

If you show these companies that, hey this AI thing works pretty good, do you think they’ll be happy at where it is or do you think they’ll continue to buy into “better” AIs more and more and make the problem more widespread?

You don’t fight fire with fire. You smother that shit or put it out with a firehose.