Everybody hates the government, but that take is not applicable.

Reading the incident report -
A privileged user got spearphished into downloading a compromised system administration tool. After the compromised tool was detected by industry standard (and modern) intrusion detection software and removed, the backdoor it installed, which was not fixed, was (eventually) used to install a keylogger. Shortly thereafter, another privileged user had a keylogger installed. Afterward, the harvested credentials were used to create further compromises in their network and to move laterally throughout it.

The age of the equipment or software is not a factor when your admin accounts get compromised. The user that got compromised should have known better, but they literally failed one thing - double checking the veracity of the download website. They didn’t surrender credentials, or fall for any direct attack. It’s not really a government bad, private industry good sort of thing. Heck, if that had happened to a non-admin user, the attack wouldn’t have been possible.

The why is sort of at the limits of my knowledge. I can tell you a ‘close enough’ what, though.

By default, Windows tries to install programs to the program files directory, but that requires admin, which triggers user account control. However, apps that do not require admin to install or run can still be installed to the users profile. Clicking cancel from a UAC prompt will just try to install the program locally instead of for all users.

My assumption is that many system administrators believed UAC was enough, or that programs installing locally (as in, just for that user) and not requiring admin were not a big deal.

It was a TCL Alto 9+.

A quick internet search reveals that this issue was known about at least three years ago.

Another model, the 8i was reported to have a root password of “12345678” - which is partially how I got the idea to start seeing if I could gain root.

I commented elsewhere, but I once had a soundbar that just had a no password ssh login. It was one of those ‘connect to your WiFi’ to stream music through models and for whatever reason, after connecting it to my WiFi, it continued to broadcast the publicly joinable setup network.

SSH was open to both the unsecured and secured networks, so anyone within WiFi distance of the device could have gained root control of it. Or if I had a sufficiently weak network setup, anyone online could have taken control of it.

A few years ago I noticed an annoyance with a soundbar I had. After allowing it onto my WiFi network so we could stream music to it, it still broadcast the setup WiFi network.

While dorking around one day, I ran a port scan on my network and the soundbar reported port 22 (ssh) was open. I was able to log in as root and no password.
After a moment of “huh, that’s terrible security.” I connected to the (publicly open) setup network, ssh’d in, and copied the wpa_supplicant.conf file from the device to verify it had my WiFi info available to anyone with at least my mediocre skill level. I then factory reset the device, never to entrust it with any credentials again.

And it’s an act of constant, willful effort by yourself and your community.

One neighbor is a rental, they are a large immigrant family and are barely getting along. Property owner lives out of country. Another neighbor thought it would be a fun idea to feed neighborhood stray cats. They wound up creating a very healthy breeding family of raccoons out the run-down garage of the rental. For years their offspring have wreaked havoc in our neighborhood. Every fall I’ve had to call a pest control company to trap the tiny raccoons that are small enough to climb downspouts (the big ones aren’t) and destroy the siding and soffits of my neighbors houses. The cat food guy moved away, I figured out how to occlude the raccoons from my downspouts with ample and unsightly flashing, and along with other neighbors, have built or repaired fencing in in our backyards (mostly because of pets and trespassing neighborhood kids, honestly).
It seems like the raccoon misadventure has finally concluded. I’m now stuck with damaged soffits that squirrels have moved into (on account of a looming walnut tree that lives in a neighbors yard and is so large it overhangs my roof), and a repair estimate that was $5k a year ago, when I had the garage roof redone but wasn’t sure I’d gotten the raccoon problem licked, so I didn’t want to proceed with those repairs. Who knows what it’ll be now. … yay.

Trying to turn it into the center for disease collaboration

Commenting again to say that I can definitely vouch for the recipe. It was pretty good!

You can disable the Outlook addon that nags you about Adobe cloud, btw. Small part of the puzzle, but it helps.

I know. I was just seeing if you would notice. awkward laughter

(But thanks, I was trying to wing the conversion and started off with 3.3ft =1m and then did the numbers meme while my fingers typed gibberish.)

I have an FDM printer (Ender 3 clone) that is mostly 2020 aluminum extrusion as the frame. A few years ago I found some 2020 on sale and built a set of shelves for my wife’s plants out of it. (Now - I know. It’s not the most economical use of materials, but it was the middle of winter, and I didn’t want to go work in the garage. Plus the 2020 was on sale.) It’ll support a slew of plants over a 4-foot span (~1.2m) without any sagging or other concerns. It can be wobbly side to side, but that’s a matter of bracing and connectors.

Well. Hm. I currently have all those ingredients…

Excellent idea.

That’s a medical complaint to your local licensing board.

Yeah, so during my procedure, my doctor either didn’t numb me up enough or whatever, but I said “I felt that.” right at the start and he said “Do you mean you felt some pressure?” To which I responded: “uh… no. You just put a clamp on my left testicle.”
At which point he said “Oh! Well, let’s get you numbed up a bit more then!” And they did.
That didn’t really stop my body from going into full freakout mode. My BP went up, temperature spiked, and I laid there trying to meditate while the nurses dealt with the physical symptoms.

It was so weird. I had a full physical reaction, but my emotional state was pretty solid, because I trusted their reaction and could tell they cared about my comfort.

We had to stop buying bananas because the ziplock bag for bananas is bulging and can’t possibly fit another.

I really should make some gross banana bread.

hostility towards those who hold traditional American views on religion

This means anyone who wants to tear down separation of church and state is a terrorist. …. right?

Most people haven’t even tried the soap box.

The limited-time rebrand to Maxwell Apartment […] is one of two [marketing] campaigns debuting from the coffee brand

It’s just advertising.

This 2021 article paints a damning picture.

Oklahoma coach preyed on players while school looked the other way, lawsuit alleges — The Oklahoman

Back in the bad old days of the 2009 recession, I got caught in the churn and wound up at a temp agency to make ends meet.
One of my assignments was driving about 6 hours a day, from gas station to gas station to “buy” cigarettes. I never actually bought anything. What I did do, however, was wait until they asked me for either my ID or money. If they asked me for ID, they got a green card. If they asked me for money with no sign of ID’ing me, they got a red card.
It was a voluntary program by Philip Morris to curtail underage smoking. I don’t know what actually happened to the cashiers. I was told no one got punished. (And folks reacted with disappointment, but not sadness or anger. Folks with green cards reacted happily, though. So I assume it was an Incentive-based program.) These interactions got logged, and I turned in the log sheet at the end of the day.

Because we’re victims of our own experience, that immediately came to mind. I feel like we need to start blindly testing if mandatory reporters are reporting things they witness. I mean - no idea how that gets worked out. Seems horrible.

Online retailers, too. Item goes from ordered to processing to shipping in a half hour. Takes a week or more to go from shipping to shipped.
Item can’t be cancelled without a restock fee if it’s in shipping — which is fine (I guess) if the item takes the provided time estimate to arrive.

When I was little my family was canoeing and my parents were very drunk. I was in the canoe with my dad and his buddy, and my mom was with my sisters. My canoe capsized, and I hung on, surfacing under the canoe, perfectly safe. For what felt like an eternity for them, the adults searched for me with a growing panic, until someone noticed my little legs floating off under the upside down canoe they’d all but abandoned.