While private prisons are abhorrent and unconscionable, they aren’t even close to the root cause of our prison problem. Hint: it’s systemic racism and our militarized police culture.

https://www.sentencingproject.org/reports/private-prisons-in-the-united-states/

Louisiana, the #1 on the list supposedly had 0 private prison inmates in 2021. Blaming private prisons at this point almost feels like deflecting from the real issues.

I’m not sure about color support without HTML or add-ons, but Obsidian is a good markdown editor with a lot of functionality and extensibility.

It’s not open source but it runs on everything.

The definition I learned for web 2.0, as it was happening, was a shift from static web pages generated all at once on the server and delivered to the client whole, to using Ajax with in-browser Javascript dynamically changing already-delivered pages with back-end XML calls.

Look man, it’s okay to be wrong. It’s a natural part of growth.

But when you double down on your ignorance instead of taking the opportunity to open your mind and listen to the experts in the room, you just end up embarrassing yourself.

Try to be better.

We can restrict the use of software TOTP, which is what companies are doing when they move users onto the MS Authenticator app.

Admins can’t control the other TOTP apps like Google Authenticator or Authy unless they go full MDM. And I don’t think someone worried about installing the MS Authenticator app is going to be happy about enrolling their phone in Intune.

Edit: And even then, there is no way to control or force users to use a managed device for software TOTP.

This is incredibly well said and I agree 100%. I’ll just add that software TOTP is weaker than the MS Authenticator with number matching because the TOTP seed can still be intercepted and/or stolen by an attacker.

Ever notice that TOTP can be backed up and restored to a new device? If it can be transferred, then the device no longer counts for the “something you have” second factor in my threat model.

While I prefer pure phishing-resistant MFA methods (FIDO2, WHFB, or CBA), the support isn’t quite there yet for mobile devices (especially mobile browsers) so the MS Authenticator is the best alternative we have.

We’re not as stupid as they think we are.

Aren’t we though?

Most likely it was a password stuffing attack. If they used the same password on multiple sites, there is a good chance one of those other sites was compromised and the attackers took the compromised credentials and tried them on other sites like Instagram. It could have been something more advanced like a stolen cookie, but usually the simplest explanation is most likely.

Always use a different password for each service, enable MFA where possible, and use a password vault like Bitwarden.

You need to demand a raise. And keep working from home.

Right, because international hackers are going to mobilize boots on the ground across the world to steal your fucking Optiplex.

And similarly, why can’t Star Trek officers just set it to wide beam and/or just hold down the button while they paint the room?

The rootkit is easy enough to turn off in the BIOS but I highly, highly recommend G-Helper instead of Armoury Crate.

Moving to it from AC is like leaving a prison cell full of screaming children and entering a calm beach.

ASAs are still way more prevalent than they should be when Palo Alto and others are much better options. Still, I’m glad I barely have to deal with them any more.

I like returning 418 instead of 404 or 403 on the files the script kiddies are hunting for on my web servers. I’m sure it does nothing but I’d like to think I’ve wasted some of their time at least once.

It’s been a minute but I remember it as a panel of scientists looking down on him, almost as if in a court room. Now I definitely need to rewatch.

If I recall it’s only like 10 minutes and either no dialog or in French. But it’s easy to get the gist of it and worth a watch. And it unlocked the thought experiment about someone witnessing their own death through time travel that Terry Gilliam expertly ran with.

This is entirely from memory from a time before every Easter egg and explanation was published on the internet, and I haven’t watched it in a few years. So I could be wrong.

But I always thought >!the woman on the plane next to the red-haired man with the pre-released, pure virus about to travel around the world, is one of the doctors from the future that was sending Bruce Willis back to locate a pure sample of the virus so they could develop a cure in the future. As she introduces herself, she says she works “in insurance.” So I always took that to mean their original goal was successful. !<

Regardless I need to watch this movie again. It is easily one of my favorites and the first movie that made me realize just how amazing an actor Brad Pitt is and that he wasn’t just another pretty face in Hollywood.

I’ve always felt the protagonists win in 12 Monkeys. They say in the beginning that the virus outbreak can’t be prevented (it’s not that kind of time travel), but they needed a pure sample of the virus for the future to cure it. I don’t want to spoil anything more than I have, but the plane passenger at the end is relevant. They work in insurance.

It’s a shit company for pulling this, for sure. But I kinda like the building.