Three times++, actually. The second attack was documented to have resumed after the third, with different payload URLs.

https://securelist.com/notepad-supply-chain-attack/118708/

As someone who is inside the IT industry, and has been for a while, I have some insight here. Yes, it’s stupidity alright, but a weird focused kind of stupidity like having a blind-spot. Money and ethics, IMO, are the only divisions that explain it.

We like to think of tech as being this rebellious, counter-cultural place. And that tracks when you start talking about “information wants to be free” and “the internet circumvents censorship”, but also “market disruption” and “move fast and break things.” But there’s this problem where that rebellion is actually multiple groups moving in a similar direction. If you look at the decisions people make, there’s a clear tradeoff of ethics in line with freedom and liberty, for cold, hard cash. The people we’re talking about went for the money. It took me a long time to reconcile this, and I’m now comfortable concluding that the rebellious spirit here is less “damn the man” and more “fuck you, got mine.” Nevermind that it’s not sustainable and always ends in a death-spiral of everything they built.

To put it another way, technohippies and conservatives agree about the broad strokes of personal liberty and rebelliousness right up until things like empathy all others get involved. Once you surrender those kinds of ethics, or figure out that having few/none is seen as an asset, bigger paychecks are on offer; its too good to pass up for some folks. It should come as no surprise that aligning one’s self with authoritarianism and even fascism is a small step from there.

And my personal experience - take with salt - there’s also a lot of people in security that are just VERY pessimistic, if not outright fearful, of their fellow man. A lot of them vote to the right, despite depending on an industry mostly fueled by left-thinking labor. They’re highly skilled, competent, and intelligent people in every other way. Once again, I think the fat paycheck smooths a lot of this over.

Yeah, that’s not how this kind of advertising works. Check this out.

Look at that ad for as long as it takes to read the article, then look away and immediately name the first three restaurant chains that come to mind.

Unless you’re coming from a place that is critical/cynical about the invasive nature of advertising, it’s possible you’ll just go along with “Chili’s” as one of a handful of options and not give it a second thought.

I appreciate the (icky) subtext that the reviewer is not only eating a good amount of food off of that, but is casually wearing it around town and also touching elevator buttons with it.

Exactly. We need to build these muscles and demonstrate to other would-be protesters that acting en masse is possible. Otherwise, everyone new to this just feels like they’re sticking their neck out.

Or you’d get lucky and some other program you installed happens to have the right dependencies. Just copy them to the application install dir or to C:\windows\win32\ and off you go.

Yeah, stuff like that continues to be the best use-case for windows virtualization. Sounds a lot like trying to upgrade the BIOS or Firmware on an older PC; often the installer is some binary that only runs on Windows of the same vintage.

Backwards-compatibility with older web browsers so engineers can build websites for them, is another. I’ve also heard of industrial automation (e.g. CNC machines) being married to Win2k or WinXP, so being able to run an old OS on new hardware is crucial.

Windows, can I run this 25 year old software I just installed?

Exactly.

For medium sized rice, consider mochi or tteokbokki.

Works great on 300 baud; not many editors can boast that. Also, if your programs are all under 2000 lines long.

The only northern lights I’ve ever seen were in Iceland. Honestly, the conditions were less than ideal and what I did see was very dim to the naked eye.

What a lot of people don’t know is that a camera (like on your phone) picks up even the faintest aurora with ease. I have pictures that make the whole thing look many times more vibrant than what I could see.

Thank you for your service.

Make no mistake, the oligarchs see the personal computer as a 40-year-old experiment that has failed, or needs to fail. They want their mainframes and CPU/hr billing back. Server hosting for enterprise uses has already gone this way for the most part. Small consumers are next.

As far as I recall, that’s how it went.

I was gonna say this is at least Digg 3.0.

Oooh, rocking an HP? I too like to live dangerously.

But seriously, that’s good to know. Those are probably easier to come by out in the wild. It really looks like Thinkpads go from office deployments straight to refurb companies these days. I never see them at thrift stores, and I’m not brave enough to dumpster-dive at e-waste.

Sometimes, old machines are survivors. Beware of confirmation bias when trash/thrift-picking cheap systems though. IMO, Thinkpads can be tough as a coffin nail. Including work systems, I’m on number 8 at this point with no hardware failures in sight.

That said, I have a very lightweight Acer that’s about a decade old with the worst keyboard and trackpad ever manufactured. It also performs like a slug, even with Linux on it. Still, it refuses to break so I can get rid of it.

This essay is brought to you by Raid: Shadow Legends.

Ooooh, yeeeeaahhhh.