Posts by Taliesinawen

Criminal culpability and the ICE-tracking app

The developer of the ICE-tracking app, faces potential criminal culpability as an accessory if users of his app rely on its location tracking features to target and kill ICE agents.

And the soluion is ..

And the solution is to design an OS that can't be compromised by opening a malicious email attachment or clicking on a malicious weblink.

The limitations of spreadsheets

Spreadsheets or useful for working out ideas. For serious work you need a database. Isn't it possible for Airbus to design such a system. Airbus net profit around €4.2 billion for 2025.

Avoid suspicious emails and links :o

“The incident involved phishing and social engineering tactics, with warnings issued to staff to avoid suspicious emails and links.” ref

How about only accepting emails digitally signed by a trusted Certificate Authority (CA). Or at least marking all other emails as suspect?

Cloud based critical event notification platform :o

“OnSolve, a cloud-based critical-event and mass-notification platform, suffered a highly disruptive cyberattack recently which forced it to sunset its legacy CodeRED environment and move to a new version, as well as losing sensitive data and even a business customer.”

‘While Crisis24 only attributed the breach to an "organized cybercriminal group," BleepingComputer has learned that the INC Ransomware gang has taken responsibility for the attack. .. INC Ransom is a ransomware-as-a-service (RaaS) operation that launched in July 2023 and has since targeted organizations worldwide.’

What would the Soup Dragon have to say?

Clangers: S01E03: In the Soup

Atlassian the sophisticated high-wire act

Atlassian: a highly unstable high-wire act, because of its complex microservices architecture. The system balances numerous independently deployable services coordinated via APIs, demanding sophisticated orchestration and constant oversight. ref

App Store Security Threats in 2025

“Mobile devices are now the primary gateway to the digital world. From banking to healthcare, users rely on apps for critical daily tasks. Yet, this convenience has become a double-edged sword.”

How about using a locked-down device with a read-only switch set for normal usage and not download from an apps store. I mean every time you install an app - it's game over as far as security is concerned.

What's old is new again ..

“The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory”

Oct 2000: ‘The attack, also known as the "dot-dot" or "path traversal" attack, leveraged a flaw in how the IIS server handled Unicode-encoded characters in URLs.’

Jonathan Haidt on the Anxious Generation

The Anxious Generation: How the Great Rewiring of Childhood Is Causing an Epidemic of Mental Illness is a 2024 book by Jonathan Haidt which argues that the spread of smartphones, social media, and overprotective parenting have led to a "rewiring" of childhood and a rise in mental illness

Outsourcing at scale ..

Infosys Limited reported annual revenue of approximately $19.28 billion for the fiscal year 2025, with a net profit ranging between $3.2 billion and $4.4 billion during the same period. Outsourcing makes money for the outsourcer but I doubt the end product is of quality given the continuous churn of low cost staff.

ps: no fricken way do a seventy hour week!

Distributions must stop supporting deviating solutions!

Lennart Poettering: “Well, it is definitely our intention to gently push the distributions in the same direction so that they stop supporting deviating solutions for these things where there's really no point at all in doing so.”

Firewall needs protection with another Firewall

Best to place the FortiWeb web application firewall behind another perimeter firewall.

FortiGate vs FortiWeb | Which Security Solution is Right for You?

Welcome to the digital petri dish: where childhood goes to Mutate

A place where today’s youth are cultivated like rare strains of basement fungi. Kept warm, moist, and mildly deranged by a steady drip-feed of dopamine hits and existential dread. Beneath the cheery UI is a psychological minefield laid out by algorithms that won’t rest until every teenager’s value system has been pureed into a fine slurry of outrage and nihilism. Such that their sense of self dissolves into the algorithm.

In-vehicle hypervisors to isolate different workloads.

No just no, running your car on a virtualised operating system doesn't sound too stable to me. For instance if updating the infotainment system caused the steering wheel to change orientation. Isolated independent dedicate hardware doing the one task is the most reliable solution.

Ministry of Clowns (Bumbling Bozos)

How about using digital signatures and end-to-end encryption and disabling CC and BCC and preventing receiving or sending to non-digitally verified email addresses.

Tesla Q3 2025 Financial Summary

Total Revenue Q3 2025 $28.1B, Total Revenue Q3 2024 $25.2B, +12%

Self modifying code es malo ..

‘It operated in-memory, left "minimal" forensic artifacts, and injected itself into running threads using Java reflection, according to the cloud giant's threat intel team.’

‘Reflection is a feature in the Java programming language. It allows an executing Java program to examine or "introspect" upon itself, and manipulate internal properties of the program.’

The Mega Distributed Single Point of Failure

These sprawling AI superclusters, stitched together across continents and hyped as models of redundancy, risk turning into exactly the opposite — a mega distributed single point of failure. One misbehaving subsystem, a power hiccup, or a compromised control network could send shock waves through supposedly independent sites, turning distributed design into synchronized disaster.

A design that originated in Window?

> .. a clear large majority of desktop environments in FOSS today share the same design, and it's a design that originated in Windows. Nearly 20 years ago, Microsoft threatened to sue over it. It never happened ..

Because Microsoft borrowed most of the elements from Apple. Apple sued Microsoft in March 1988 over borrowing "look and feel". Microsoft's defense was; you borrowed it from the same place we did - Xerox's Palo Alto.

VM minis run in the past ..

> Singaporean super-app company Grab has dumped 200 cloudy Mac Minis and replaced them with physical machines, a move it expects will save $2.4 million over three years.

And save you from the key and mouse responses happening two seconds in the past /s

JLR Breach Breakdown: Analysis of the JLR Hack and Lessons Learned

JLR Breach Breakdown: Analysis of the JLR Hack and Lessons Learned

“JLR Cyberattack: What went wrong & how it could have been prevented”

$407 million to upgrade IT estate

Good Grief! .. A ten year old desktop PC and run the latest Linux system!

AI agents: Is it worth the money ?

AI agents may be useful as an aid. Nowhere near a fully autonomous system. The question is - would you pay real money for it?