Here’s the original report: https://securelist.com/stripedfly-perennially-flying-under-the-radar/110903/

It doesn’t specifically attribute this to the NSA, and it’s very hard to definitively say who created what malware anyways.

That being said, if you read through the report, the details on this really scream “state actor” most probably. The level of modularity, the infrastructure of the C2 server, and the detailed & flexible spying capabilities all point to some government agency more than anything else.

Never read again? These can’t be modified, but they can be read. After all, it’d be pretty useless to store data on a medium than can never be read.

Sure, but I suspect this is the real motivation for the article:

Windows 11 Pro force-enables the software version of BitLocker during installation, without providing a clear way to opt out

It sounds like many people may be using software encryption without realizing it, if Windows 11 Pro uses it by default.

Admittedly I haven’t been looking that hard, but I don’t think I’ve seen a TV for sale in the past 10 years that wasn’t a “smart” TV.

That’s because it makes sense when dynamically creating HTML. HTML is not a programming language, it’s simply markup - so if you want to generate some block of HTML in a loop and later access that block of HTML in JS (e.g. to interact with the UI separate from creating it in the first place), it’s a completely reasonable thing to do.

Just wanted to give props to this super informative comment. Thanks for the write up and relevant links!

TS is “better” but often I feel like just configuring typescript takes up a significant amount of the time you save by using it.

deleted by creator

The US can barely even put sidewalks where it’s convenient. I have very little hope for our local governments to add bike lanes to it.

1 hundredweight = (1 qt * 32) + 100.7, of course. It’s very intuitive.

I came across this one just yesterday and while it was convenient at first, I immediately got frustrated when I went to add some parameters and discovered it wasn’t actually curl

It’s not just because of nonsense, it’s more that it doesn’t really matter what you do - the only thing stopping someone with physical access to your machine is their level of determination.

At some point, there’s no stopping the laws of physics. Your data is physically stored there. You can do a lot to make it really difficult to access it, but the best you can do is full disk encryption with a sufficiently strong key, and only store that key on external hardware that isn’t accessible to the attacker.

Even then, you better make sure that your encryption key wasn’t hanging around cached anywhere in memory before you shut down your computer.

I like to draw my pages out on graph paper, then just use position: absolute and tons of media queries to place everything with x and y coordinates. It’s the ultimate grid system.

I would absolutely consider shipping non-minified bootstrap doing something wrong

Grid is just flexbox but worse

“Dependency injection” is just a term for providing a function or method with its dependencies rather than making the function go and gather them itself.

It’s (typically) done through parameters, but it’s still more specific than just invoking a function. It describes how that function was written and the reasoning for certain parameters. To the other commenter’s point, you’ll have a hard time communicating about your code with other developers if you refuse to use the term dependency injection just because you don’t like OOP.

I love that song!