I'm sure it is, but the issue is more complex than that.
How much data is stored on each person? How many hoops does an individual analyst have to jump through, if any, to access that information for an individual? Is it stored in an encrypted or anonymized way so that an analyst can't access the details without approval from management? Are there jobs constantly scanning this dataset and alerting on suspicious patterns, and if so, what is the average false positive rate and does an alert give carte blanche to read all of the data collected about that individual and their connections and connections-to-connections?
I doubt Congress will ever get clear or entirely truthful answers to those questions, let alone the general public.
That's not what he was saying. Yes, it would of course be a good idea to try to hide the malware implants from tools like Little Snitch. It's just that the method they propose of going about it is really dumb.
What tptacek is saying is that instead of writing some hand-tailored userspace code to specifically fool Little Snitch, they should just be using a kernel module that will hide the network and process activity from all analysis tools. That's what most nation-state malware does (or tries to do).
I don't think it's flag-worthy because it absolutely could be true. It's not like anything here is that difficult to believe given previous insider reports from Uber. None of the claims here are that absurd.
But, yes, it could easily be an anonymous troll. It needs verification.
Their non-mobile quality seems to be pretty high as far as I can tell, but, yeah, I feel like he'd have to agree their iOS app is the definition of clowntown.
>Instead he replied that if Uber paid a little more for the women’s jackets, they would have been beneficiaries of special privilege. This is standard bigot’s code for denying people protection from discrimination because of their gender, race, religion, or sexual preference.
I think the jacket issue has Uber clearly in the wrong, but it's a huge stretch to claim that opposition to giving a minority group special privileges is always "standard bigot's code".
True, but I feel like if they wanted to ensure their death, they could've just wiped them with the same rag after Kim was confirmed to be exposed. It seems they just let them go, so I guess they didn't care either one way or the other about their survival?
And were any of these actually in positions of power to know definitively whether or not extermination programs existed (including ones not at their local camp)?
Also, how about Einsatzgruppen? Are there witnesses claiming they didn't exist either?
edit: Also, what's your response to the Wannsee notes and Posen speeches? Even if hypothetically the gas chambers never did exist, there's clear evidence they very strongly intended to kill all European Jews. Clear intent + 6 million Jews missing + a whole lot of mass graves seems like a pretty cut and dry case, even if you have to resort to saying they were all starved/worked to death and shot instead of gassed.
That's true, the MTurk questions he asked are very similar.
It could maybe be coincidental, since that's basically the default things you'd ask someone when trying to understand pain points and product ideas, but I do see your point since it seems like it's the same 4 questions.
It's straightforward, it's not trying to shill Cloudflare products too much, it's not self-congratulatory, and it's told from the chronological first-person perspective of an engineer trying to debug a protocol issue and accidentally uncovering a critical vuln.
Basically, it wasn't written by a marketing department like most of these other company-found vuln disclosures.
They're marketed towards casual users but Discord is probably the best chat and collaboration software I've used so far. I definitely prefer it to Slack for professional-type stuff.
You can use Discord any want you want. If you join some popular Discord server, odds are it'll be full of spam and Internet humor, but obviously you can do whatever like on your own server(s).
How much data is stored on each person? How many hoops does an individual analyst have to jump through, if any, to access that information for an individual? Is it stored in an encrypted or anonymized way so that an analyst can't access the details without approval from management? Are there jobs constantly scanning this dataset and alerting on suspicious patterns, and if so, what is the average false positive rate and does an alert give carte blanche to read all of the data collected about that individual and their connections and connections-to-connections?
I doubt Congress will ever get clear or entirely truthful answers to those questions, let alone the general public.