Defense in depth is a concept they teach you in cybersecurity 101. But that’s expensive and time consuming, so you end up with shit like this.

This makes me feel a bit nauseous.

You could take care of like 90% of that just by blocking X.

The bigger problem for me personally is that my bank uses the app to verify certain transactions and there doesn’t seem to be a way around that. I’m planning on moving to GrapheneOS on my daily phone soon, my solution will be to have my old iPhone run nothing but my banking apps. It sucks but privacy sometimes involves sacrifices.

Welcome to a new kind of tension

All across the maple leaf nation

Where musicians are slanderd by the claaaaankers

Ultimately Discord is a corporate-owned social media platform, and like all corporate-owned social media platforms their best interests rarely intersect with the best interests of their users. Centralised systems like Discord always end up with a power imbalance between the users and the administrators, and if you break their rules they have it within their power to just vapourise your community without a second thought. Your organisation or community only exists for as long as you toe their line.

I mean if you want to help someone in an abusive relationship, telling them to just leave doesn’t really work there either, and for a lot of the same reasons. But you can support them in other ways until they’re able to do what’s necessary to leave.

Don’t wanna be a Canadian diddler

🎸🎶

Mixed him up with his brother, the fiddler

🎸🎶

We probably shouldn’t be using Discord but you’ve got to meet people where they’re at. Telling someone to just drop a service when all of their connections are there is unhelpful at best.

I’ve been finding that there’s generally more than enough comments to read right here. Much higher quality too.

Did someone vibe code too close to the sun again?

Not the person you replied to, but I did work in the music industry for a little while. The short version is that streaming services and especially Spotify pay artists like shit. They work on a revenue share model based on the number of streams an artist gets per month so there isn’t really a fixed number, but it hashes out to fractions of a cent per stream typically. Even the more “generous” services like Tidal or Apple pay just over a cent per stream on average if you’re pulling in serious numbers of streams. I did the math once, and to make the minimum wage from streaming alone in my country, an artist would need to be pulling in over 600k streams per month on Spotify. Most artists will get a fraction of that. This is also assuming that the artist is entirely independent with no labels and distributors to cut in too, so the true number will be much higher for most.

If you purchase an album from an artist on Bandcamp once, that’s almost certainly going to be orders of magnitude the amount they make from streaming that same album over and over again.

Can also recommend the JM21. I just wish the battery life was better.

That works from the ISP end, but this legislation makes websites themselves accountable. Even if it was about ISPs, as you said they can’t see what you’re doing to stop it and there’s too many use cases for VPNs to just block the protocols outright.

So how do they plan on figuring out if any given user behind a VPN is in Utah?

That thing is so ugly that it almost loops back around into looking cool again

The rules of cybersecurity:

1. Under no circumstances should you own a computer.

2. If you absolutely must own a computer, under no circumstances should you connect it to the internet.

3. If you absolutely must connect it to the internet, it’s too late and they already have you

Like most supply chain attacks, it’s targeting developers and other people who use tooling like this rather than Bob and Alice on the street.

That doesn’t make you safe from supply chain attacks generally. There’s no reason a supply chain attack couldn’t be applied to software repos you do use if a vulnerability exists within them and a bad actor is sufficiently motivated to exploit it.

Yeah this response is not reassuring. Death to AI slop.