* Posts by hayzoos

430 publicly visible posts • joined 2 Jul 2014

Page:

Post-CrowdStrike catastrophe, Microsoft figures moving antivirus out of Windows kernel mode is a good idea

hayzoos

Re: How will AVs function without being in the kernel

eBPF has been ported to Windows. So that is a definite candidate for the type of solution being sought. It was Microsoft doing the port. I cannot state how ready it is. It may have come along for the ride with WSL.

WhatsApp's 'View Once' could be 'View Whenever' due to a flaw

hayzoos

Think about it

There is a certain irony in th statement; "We continue to encourage users to only send view once messages to people they know and trust.”

Deadline looms: Google Workspace mandates OAuth by September 30

hayzoos

Legacy apps & devices

One solution is to setup your own mail server for legacy apps and devices. If the legacy stuff is all internal, then it makes even more sense to keep them from connecting externally.

AI stole my job and my work, and the boss didn't know – or care

hayzoos

Re: "Stored in a retrieval system"

"The original pictures are not copied at any point beyond the initial access, which is presumably (hopefully) permitted since they're on the internet."

I have published original images I have created on the Internet and I have provided copyright notice. People are allowed to view them, that is expected when publishing to the Internet. Seeing as LLMs did not exist at the time of publication, I do not consider this new use as allowable. I have not been contacted by anyone to ask permission to use for training LLMs. If my Internet published images have been used to train LLMs, then it is a copyright infringement. Publishing to the Internet is not releasing to public domain.

"I just think it makes more sense to view the network as a product of the images, and so at most a license violation, not a copyright violation."

Such a license only holds because of copyright, a violation of the license is a violation of copyright.

It is the initial act of accessing the copyrighted work in a way that was not foreseeable that is to be considered copyright infringement. Until a court of law determines one way or another it is up in the air.

I do have to wonder if an LLM is created to train from querying other LLMs would owners of the earlier LLMs cry foul? On what grounds?

Google is a monopoly. The fix isn't obvious

hayzoos

Root cause analysis

All the proposals for breakup variations or other remedies to the monopoly known as Google(Alphabet?) seem to lack a good root cause analysis.

Google(Alphabet?), having been declared a monopoly, should be first required to fully reveal everything to the court. The court should then identify what is the internal root cause of Google(Alphabet?).

Has Google(Alphabet?) already prepared for a government action by restructuring with Alphabet as the top? What other preparations have they done? Are they positioned to eventually thrive after a government action?

Follow the money is a very good method, but not the only method of revealing answers. There may be false answers planted to throw regulators off the real trail.

I suspect ads, specifically targeted ads, and the requisite data collection is a very large factor. I do not assume that is the only cause.

I do not propose a remedy at this time without more information. We are not necessarily entitled to that information, but the courts are.

Twilio's Segment SDK challenged with wiretapping claim

hayzoos

Does this sound familiar? Twilio Authy

It did to me so I checked it out. Twilio acquired Authy in 2015.

Never really liked Authy in the first place, but now run as fast as you can.

Never really liked Google Authenticator either for the same reason.

You cannot get away from this data slurp crap, it's everywhere.

NASA mulls using SpaceX in 2025 to rescue Starliner pilots stuck on space station

hayzoos

Most important opinion

I do not recall reading about the opinion of the most important experts. What do the astronauts think? I believe their opinion should factor most highly in the decision.

CrowdStrike blames a test software bug for that giant global mess it made

hayzoos
Joke

Automated update distribution

I thought of a spinoff of the suggestion to test on their own systems. Make sure the distribution system is in the test group. Then a catastrophic crash will render the distribution system unable to distribute the problem update. Problem solved.

hayzoos

Re: What is old becomes new again

Lemme guess, gave the same order then as now.

Publish first at all cost.

Google's plan to drop third-party cookies in Chrome crumbles

hayzoos

Ummm, logic?

So, essentially you are saying you are willing to use third party code to block third party code (and content). Okay, we are all doing it. But, stated the way you did, it sounds illogical.

At least we have the chance to research the third party tools to block the source unknown third party code and content thrown at us from websites.

hayzoos

I'm with you, but . . .

Firefox ESR is about to bump to the next level which means you will soon see a lot of what recent releases do if you want to stay with a supported version.

I am also using FF ESR with similar but different blocking. I am happy with the current setup, but I am preparing for the change to a new ESR level.

Another issue I have seen with ESR is some sites consider it to be out of date or unsupported, I have had to school a few in the error of their ways.

Call, text logs for 110M AT&T customers stolen from compromised cloud storage

hayzoos

Re: The low cost of staying relatively safe

Not to cause you any worries, but they likely digitize the check in order to convert it to an electronic ACH transaction. An organization the size of AT&T probably has been doing something like that with checks since the MICR print along the bottom of the check was intended to be machine readable for well over 25 years. BTW that MICR print is the RTN and account number, all that is needed to submit an electronic ACH transaction. And they are probably storing it unless they are specifically prohibited from doing so, ah maybe even then.

Everything online because convenience. Nevermind security.

Sell all information because maximum profits. Nevermind privacy.

Big Tech's eventual response to my LLM-crasher bug report was dire

hayzoos

I wonder . . .

How would these LLMs fare under prompt fuzzing?

Former Fujitsu engineer apologizes for role in Post Office IT scandal

hayzoos

Expert Witness Training

The "Expert Witness Training" referred to here barely qualifies as training, yet does result in being elevated from a run of the mill expert in a field called as a witness to a bona fide "Legal Expert Witness".

If all that is required is reading a particular section covering behavior as an expert witness and expectations and requirements for a report which requires signing an included acknowledgment of the section's requirements, then that is less onerous than a lot of "safety training" I have had to endure.

The trouble I have with the focus on the expert witness vs. legal expert witness is the overlooking of the requirements of any witness at a trial, be it an eye-witness, ear-witness, nose-witness, expert-witness or legal-expert-witness. A key one is to tell the truth.

'One Less Car' Uber bets a grand you'll ditch your wheels

hayzoos

mathematically speaking

I will use US units in my analysis since the amount offered is in US dollars and offered in US cities. A quick search confirmed my estimation of 15,000 US miles per year for vehicles on average in the US. A bit of math tells me this represents 80 cents per mile. Another quick search reveals the US Internal Revenue Service (IRS) allows the maximum of 67 cents per mile for business use of a (passenger) vehicle for tax purposes. There seems to be a bit of over estimation.

systemd 256.1: Now slightly less likely to delete /home

hayzoos

Incredible! It is worse than I thought.

AWS is pushing ahead with MFA for privileged accounts. What that means for you ...

hayzoos

Re: "why not try a passkey?"...

Please explain vendor lock-in in regards to passkeys. I am using passkeys and do not see a lock-in in my use of them.

Stanford Internet Observatory wilts under legal pressure during election year

hayzoos

To update Churchill's observation for modern social media times: "A lie has run around the world five times before the truth decides to mute or snooze the alarm clock"

Volvo recalls all of its 72K EX30 cars due to software bug that obscures speedometer

hayzoos

In my day...

Speedometers used to be an add on device. Stewart-Warner was a well known provider of automotive instruments.

HP BIOS update renders some ProBook laptops expensive paperweights

hayzoos

Re: HP knows that most will not bother ...

Even better. Some jurisdictions do not allow lawyers in the small claims courts. Many a judgement by default has occurred in such jurisdictions when an officer of the corp. failed to show. Collecting on the judgment is another battle.

Snowflake customers not using MFA are not unique – over 165 of them have been compromised

hayzoos

Any suggestions?

I have not found a bank in the US where I can use it's services that uses anything better than SMS. I don't need SMS 2FA, I use the longest password allowed by any service I use, randomly generated, saved to a password manager. These entities implement 2FA because their low hanging fruit customers (password reuse, easy to guess passwords, etc), not for real security. I keep badgering my bank to implement something better than SMS 2FA, I have FIDO U2F keys, passkeys, software authenticator, heck even email these days is better than SMS.

I use Bitwarden for my password manager. It supports passkeys, FIDO U2F, and is a software authenticator. Did I mention I use a 48 character randomly generated master password?

I know, I may seem to be a good target for the effort of cracking my accounts maintaining these high levels of security. I counter that by maintaining a low and even sometimes negative net worth and a poor credit rating.

Digital Realty CTO weighs in on AI's insatiable thirst for power

hayzoos

Re: And to think we used to be worried about EV's draining the grid!

We are so close to a trifecta. All we need is an EV with AI that mines Bitcoin.

Microsoft Research chief scientist has no issue with Windows Recall

hayzoos

Re: Dual Boot

I gave up on dual boot long ago. Windows update has a long history of breaking dual boot. Usually Windows will continue to boot, but sometimes even that is broken.

PayPal is planning an ad network built off your purchase history

hayzoos

Ditched paypal long ago

Over a single transaction. I was purchasing a rare lifetime premium membership only requiring a single payment. The service used paypal for payment processing. I had a paypal account and it was linked to a checking account as they had insisted back then. I was paying with a credit card. Paypal processed the payment as an ACH transaction against the checking account which did not have funds to cover the transaction. I knew full well it did not and did not expect paypal to attempt the ACH transaction. I disputed the transaction with the bank. They attempted to present the transaction again. I disputed again and requested a standing dispute of any and all paypal transactions on the bank account. I then closed my paypal account with a message stating why. I firmly believe that when a form of payment is presented at the point of transaction, only that form should be used even if other forms' details are known by the processor.

I had to call the service provider to purchase the membership over the phone. The lifetime turned out to be lifetime of the service. It was assimilated by IBM.

British Library's candid ransomware comms driven by 'emotional intelligence'

hayzoos

Re: Reading the report...

The first thing that came to mind was "this application must be installed and executed with full admin rights" so frequently found in instructions and FAQS. Plenty of other examples of "turn off security and it will work" exist.

A secure by design system is completely incompatible with an insecure by design system.

One bank's brilliant upgrade was another bank's crash

hayzoos

In systems like these one must mind their balance.

Google cools on cookie phase-out while regulators chew on plans

hayzoos

Re: The other issue...

Coming from Google, it could be even more sinister. Their dossier on each of us could survive a browser history clearing. Imagine their is nothing you can do to to prevent them from building dossiers in the name of targeted advertising but useful for so much more and of course more valuable.

I already practiced fresh browser sessions which includes accepting all cookies but they are gone for next session along with all data and a best attempt at changing the browser fingerprint. I do block malvertising (all ads served third-party are suspect) and the same goes for all third-party "content" (scripting, style sheets, fonts, etc). I only unblock anything if I must use the site. The status quo for the average website these days requires so much third-party "content" that it would have made a textbook example of a malicious site in early cybersecurity texts.

What Google is now proposing will overcome this blind (not really just a bit fuzzy) spot I present to them. Additionally, it will be visible to just Google. And this is what I can discern from the little they have revealed of their plans. They would be fools to reveal their entire plan.

EU tells Meta it can't paywall privacy

hayzoos

Re: Gibberish

The flaw I see in your assessment is that they are offering no tracking (and no ads or personalized ads) for a subscription. How can they offer a non-tracking service (for a fee) which you are stating requires tracking?

Roku makes 2FA mandatory for all after nearly 600K accounts pwned

hayzoos

Re: Not all bad

The time lag is also an issue. There is a widespread belief that SMS and even email are instantaneous message delivery services. I am seeing more "this code is only valid for [some arbitrary time]" and the message carrying the code takes longer than that to arrive. On a recent failed login sequence involving late code delivery, I examined the email headers only to find out the earliest timestamp was after the code had expired.

Twitter's lawsuit against anti-hate-speech crusaders gets SLAPPed out of court

hayzoos

Re: Elmo Fails again!

Free speech, free as in ______ ?

Free as in free for me, not for you.

First release candidate of Linux kernel 6.9 looks 'fairly normal,' says Torvalds

hayzoos

NTFS/Linux permissions

Does root map to administrator? What could map to Windows system account? Many possible ways around the problem and make a complete mess of the ACLs when handed back to Windows.

Air National Guardsman Teixeira to admit he was Pentagon files leaker

hayzoos

Well there's your problem

"was observed viewing intelligence content on TS-SCI websites"

Who thought making such restricted information so readily available on a system designed to easily "share" information was a good idea? Access control is at best a bolt-on afterthought in an HTML based system. You know damn well that the very same core as the WWW was used as the starting point to build these "TS-SCI websites" using web developers familiar with the current HTML tech so these websites are probably of similar technical quality.

HDMI Forum 'blocks AMD open sourcing its 2.1 drivers'

hayzoos

Re: Does AMD

I'm too lazy to go look it up, but my guess is HDMI 2.1 is not an open standard in the same sense which would be compatible with AMD open sourcing it's drivers. In other words HDMI Forum wants it's fees and that might be in jeopardy if AMD open sources it's drivers.

Americans wake to widespread AT&T cellular outages

hayzoos

AT&T sucks - I have no choice

I have been a victim of AT&T for years going on decades. I had resisted the fad of first holding a brick to the side of the face from mouth to ear, and later doing the same with a Star Trek communicator-esque flip phone. My employer back then had decided all support roles were required to be reachable anywhere including me which worked within a space where cellphones were verboten. They issued me a Motorola flip phone with service by Verizon. Then after the numerous "me too" company issued cellphone requests became burdensome, they changed to reimbursement. After having the Verizon phone for what I considered a long trial period, I had found that stomping grounds were poorly served by Verizon but well served by AT&T this included my mother's house where Verizon phones killed their batteries trying to find a tower. I visit mom often enough that it matters. So when I had to contract for my own cellphone service at the company's expense I chose AT&T in order to be somewhat useful.

Even at home AT&T had better signal than Verizon, more "bars" in general and I could go to the basement without losing a call. It was almost better than tolerable back then. When AT&T began building it's 5G system, signal at my place began to degrade. At times worse than Verizon had been. At mom's Verizon was still non-existent but AT&T was degrading as well, sometimes no signal, sometimes poor call quality, sometimes dropped calls. To this day it has only marginally improved. BTW I am determined to stick with my "grandfatherd" "loyalty" plan which is only 4G but avoids the 5G tax. As I hear from others 5G in my area is hardly an improvement even non-existent in some spots. I have no choice, I could go with a MVNO but that does not change the service coverage, but maybe time to check into the option again for other reasons.

AT&T does provide excellent customer dis-service though. Calls to complain connect quickly and are auto answered promptly with the finest examples of maladjusted proprietary hold "music" audio. These calls do not drop either while on hold. Many times the calls will even stay connected through multiple transfers to different departments where audio quality is remarkably diminishing at each transfer. Other times a transfer goes to an anechonic chamber where the silence is deafening or possibly the fates will decide the call should just drop. All the while the voices on the other end are frequently accented perfectly mismatched to one which will not be intelligible to the caller.

The fixes presented during these calls involve, restarting the phone, shut down removing and cleaning the SIM reinstalling and powering up, refresh the account provisioning and pushing related config to the phone, issuing a new SIM, use WiFi calling, try on another phone, unplug it and plug it back in, try holding it differently, fully drain and recharge the battery, fully charge the battery and redrain the battery, remove the protective cover, remove the screen protector, remove both the protective cover and screen protector, try from outside, try from the attic, try from atop the chimney, cut down the neighbor's tree, cut down the neighbor's house, cut down the neighbor's SUV, does the neighbor have a windmill, does the neighbor have solar panels, does the neighbor have a daughter, power off and then power on the house, sunspots, moonspots, leprechauns, ok try that and give it a day or so and call back for more help if that does not work. Please take the survey at the end of the call.

The online experience is equally wonderful. Second Factor Authentication or is that Multi-Factor Authentication, has become mandatory. I remember when username and pet's name were all that were required. Shortly after some high profile SIM jacking events they did provide an optional security code. And eventually the pet's name had to be longer than Dino then longer than Flipper then longer than Tralphaz so currently Mephistopheles looks very confused when I call them to the dinner bowl. Maybe I should use a more secure passphrase like Satan's Little Helper. The 2FA is very sophisticated and therefore secure, so I have been told in an accented voice. You an only receive the randomly generated code via SMS, but wait not just any SMS, only to a line number on the account's plan. My concerns of being unable to receive the code because of: 1) being out of coverage area yet have internet access; 2) having only one line on the plan but having a malfunction, pilfered, lost, destroyed device; 3) having internet access yet the cell service is down; or 4) other reasons I cannot disclose; have been politely and cheerfully dismissed.

Real fun ensued when attempting to login online when traveling and therefore using a VPN for a secure connection. The main website would appear just fine. The convoluted authentication workflow involved redirects to servers protected from hackers by denying connections from known VPNs. I found out through my own troubleshooting changing the pet's name yet again while on travel without the pet was not feasible. Many other websites had also begun using the very same hacker protection, so I now use an undetectable self-hosted VPN.

For the privilege of having to endure these fine levels of dis-service excellence one must be prepared to pay the piper, never mind the piper, no longer enough left after paying AT&T with rate increases at or above the rate of inflation.

On a related topic: New landline service is no longer available in this area. I only consider PSTN service to be landline. And even for those lucky enough to still have it or acquire it under extreme circumstances, the cost has risen to match or exceed cell service and reliability has degraded to cell service level or below. VOIP is not landline. Cable fixed line comes the closest, but requires power locally.

Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts

hayzoos
Joke

Nothing wrong with that, just be sure to use reverse notation with each character also inverted left-to-right or right-to-left as appropriate. This will sufficiently encode said password to be unreadable unless viewed in a mirror. This also makes reading your password yourself easy when you need it if you have a mirror.

Twilio reminds users that Authy Desktop apps die in March – not in August

hayzoos

Another Bitwarden advantage is the extent of cross-platform support.

@Danie - How did you find 61 sites that use 2FA? I will not even tell you how few I have amongst hundreds of logins, it's pitiful.

And, according to Bitwarden's report on 2FA use, I have not missed enabling a single one. Sadly, not a single financial account offers anything more secure than SMS / email delivery of a TOTP. As it stands SMS TOTP delivery seems to be the "industry standard". What bothers me about this is: to generate the code delivered by SMS they have implemented most of what it would take to support "authenticator app" TOTP, yet they still wont do it.

Even worse is the uptake of anything more secure such as hardware keys. I wonder if passkey uptake will be any better.

So I have to wonder, Is the death of Authy Desktop really that big of a deal? Sadly, it may not be.

How artists can poison their pics with deadly Nightshade to deter AI scrapers

hayzoos

The difference is machine

"I see no difference between that and a machine learning system ingesting the same works."

Up until machine learning systems existed, application of copyright was well settled. Court cases were necessary when photocopiers came about and cassette tapes and VCRs etc. New technologies representing new ways of copying for new purposes. Since copyright sets boundaries of fair use granting the copyright holder the greater say of how their work can be copied, any new way of copying should be restricted by default until courts set the fair use boundary concerning the new way of copying.

In machine learning systems, it is not about just the output a copyright holder is concerned. A copyright holder expects all the non-machine learning system examples you have given as long as they are within the boundaries set for fair use or have been granted by the copyright holder. Since most of the copyrighted works existed prior to the explosion of machine learning systems, copyright holders never considered this manner of copying.

I am not okay with free-sale copying via machine learning systems as fair use by default. Machine learning systems are not people. Their benefit to society as a whole has yet to be demonstrated. Their detriment to society as a whole has yet to be demonstrated. I would rather assume the worse and not call forth the genie until being better prepared for the consequences or deciding not to call forth the genie at all if careful consideration shows that is the prudent path.

IT consultant fined for daring to expose shoddy security

hayzoos

Has anybody considered...

An "UN-ethical hacker" had already found the "password" and accessed all the data. Given the company is a service provider to other businesses, all those companies would have then suffered a data breach. Considering the case is being heard in Germany, it would be safe to assume that large numbers of this company's business customers are European based or serving Europeans therefore falling under the GDPR.

This case would make an excellent distraction to such an event.

I think Modern Solutions should either provide proof of no massive data breach or face the consequences and unfortunately their business customers would have to face them as well.

What the AI copyright fights are truly about: Human labor versus endless machines

hayzoos

I have produced copyrighted work which I have published. I have not granted license for LLM training. It did not exist at the time. LLM is a new use case.

I have also not granted license for wholesale photocopying. It did exist at the time. But legal standards had been set that permission has to be granted for wholesale photocopying of a copyrighted work.

I think the similarities of the technologies I compared should be considered in determining whether LLM training should be considered fair use. I do not think LLM training is fair use.

I do not care how "infeasible" it may be for an AI outfit to seek out permissions and provide compensation if the copyright holders demand it, for the vast volumes of training content they require. That is their problem, not the copyright holders.

UK officials caught napping ahead of 2G and 3G doomsday

hayzoos

opportunity knocks

2G/3G sunset consultant - since in-house IT are simply not paid enough to bother listening to.

Google pencils in limited third-party cookie purge for January

hayzoos

Re: Naturally...

Mentioned in the article, google needed a replacement before disablung 3rd party cookies.

I accepr all cookies, and promptly discard them when I leave. Same effect as blocking from my point of view.

I also block scripts by default and only enable those needed for a site to work. How much I enable depends on how much I need to need to use the site.

Google is getting far more pervasive, not good.

Bank's datacenter died after travelling back in time to 1970

hayzoos

Re: Remember those batteries

I remember those "non-replaceable" ones well. At a job from decades ago one had died. For both budget and user sentiment for the computer which had been upgraded to Windows 95, I could not properly fix it. I implemented a new procedure. Do not turn off the "hard drive" (box under the "computer" (box with the screen on the front)). On power failures or other cause of powering off the "hard drive", I followed my part of the procedure. I set the time according to Timex (a handy-dandy device worn on the wrist) and re-entered BIOS parameters such as hard drive geometry according to notes I had previously made on an Ampad and a No. 2 stylus - actually from a backup made on a Xerox. The last step on those note was a reminder to fix the time on the coffee maker and the security camera VCR.

This particular computer was also the one which caused me to realize that Windows 95 had a bug related to long uptimes. Windows update not yet being invented, let alone evolving to a reboot second Wednesday of the month. Windows 95 was actually a lot more stable in retrospect if you kept it off the internet.

Polish train maker denies claims its software bricked rolling stock maintained by competitor

hayzoos

Re: If you expect products to last, then products should come with warranties that you can use.

Well built products do not need warranties. I have a clothes dryer built long ago, before the internet. Parts to repair it are still available. I have replaced... motor, heating elements (twice), rear drum bearing (thrice), front drum glides, drive belt (twice), lint catching screen. It still does its job. It has no electronics. It does not spy.

I have other products in similar states. If they had warrantees, they long expired. I have replaced newer poorly designed appliances that failed with older used ones which can be repaired.

hayzoos

Re: DMCA

It is also because of DMCA that carrier unlocking a smartphone required an exception granted by the Library of Congress.

There were a number of technological "protections" which are considered for exceptions that are NOT providing protections to a copyrighted work.

Messed up metadata could be to blame for Microsoft's Windows printer woes

hayzoos

procrastination pays off again

I have a work laptop with Windows. I configured Windows Update to its least automatic setting and identify network connections as metered. It lives off internet more than on. Its primary purpose is to produce reports and print them. I would keep it off internet permanently except some customers will accept emailed reports. Also the company has chosen MS Office subscription which requires going on the internet periodically. I have been putting off applying the latest update since it hasn't been convenient. I guess that may be why I can still print the reports.

Systemd 255 is here with improved UKI support

hayzoos

I'll stick with a kernel panic message, thank you.

Adopting a BSOD is simply amusing. Dictating filesystem structure of the underlying OS?!? What next? Will we have to look for hosts in some subfolder under Systemd/WINDOWS/SYSTEM32/ since they will no longer be called directories?

What frustrates me the most about systemd is application dependency - real or imagined. You have apps checking for systemd on way or another during install or execution, but not truly needing systemd to execute. Then there are apps which become snap package only. There are people out there spending time on making snap packages work without the snap system and without systemd. Build from source you say? The source build environments have become equally bloated and convoluted. Rube Goldberg would be proud.

I installed Slackware to get away from systemd. Not quite. I looked into Linux from scratch, that project has also been infected. I have even heard of forking systemd to BSD and MAC worlds. Incredible! It is even worse than I thought.

Attack on direct debit provider London & Zurich leaves customers with 6-figure backlogs

hayzoos

Fully tested backups and affordability

So often backups are not tested. Some get lucky and have a good backup, then realize the time to restore is far more than anticipated. Proper backups should be tailored to the workloads and that includes the restore process and include a consideration for tolerable downtime.

The smaller customers who may be at risk of going under are with L&Z because of affordability, but maybe they cannot afford direct debit at all. But it is all the rage.

How to give Windows Hello the finger and login as someone on their stolen laptop

hayzoos

Re: Hardware or software

Fingerprints and the like, only good for Identification, not authentication. Who knew?

BTW - Also only good for ID are national numbers, insurance numbers, account numbers. Some of those even have ID in their names.

Stop misusing IDs as authenticators dammit.

Your password hygiene remains atrocious, says NordPass

hayzoos

I use simple passwords for low risk logins and poor interfaces for good passwords.

I use a password manager and generate the longest passwords a site will accept. Repeating criticism of many above... Why so short, or why accept a longer for setting but not for login? Duh.

The master password I use for the password manager is 48 characters. I memorized it in 8 character chunks. A while back I had upgraded from 24 characters.

I changed the master password earlier this year because of a weakness found in certain Key Derivation Functions amplified when using a low iteration count. This was necessary because I started using the password manager long ago and recommendations changed since then.

FTC interrupts Copyright Office probe to flip out over potential AI fraud, abuse

hayzoos

All rights reserved

You really do not need to state anything in a copyright notice, the laws take care of that. Even the often included "All rights reserved" is not quite accurate. Traditionally, copyrighted works were intended for consumption by human subjects and frequently for monetary compensation. Legal precedent around copyright tradition is well established yet not complete. Now the new technologies of AI/ML are upending those traditions. There are parallels to the traditions and there are tangents. In legal terms those parallels may only be similarities and not due the same fair use treatment. The tangents may be given a pass or prohibited as fair use. The courts' opinions are what matter here.

Page: