It's about f'in time the big publications pressed Mr. Trump on his statements this past week that supporters just needed to vote for him one more time, and then "you don't have to vote again." Trump's response -- which is that if he's elected "the country will be fixed" and their votes won't be needed -- seems pretty unambiguous. It is absolutely unreal that this is the GOP candidate for president, and that this blatantly antidemocratic statement alone does not somehow disqualify him from running.

Live Election Updates: Harris Issues a Debate Challenge in Battleground Georgia (Published 2024)

During a boisterous rally in Atlanta, Vice President Kamala Harris challenged former President Donald J. Trump to keep his previous commitment to d...

While this may come as a shock to some of my followers, I do have quite a few hobbies and personal causes that have nothing to do with computer security or cybercrime. So if my occasional outbursts about cooking, nature, music, politics or whatever has you feeling like responding that I should stay in my lane, just know that few things annoy me more and I will block you immediately.

So apparently the European Honeybee has recently been named Virginia's official state pollinator. This steams me so bad. Honeybees are NOT native to Virginia, and the fact that so many people import them to grow colonies and have their own honey actually crowds out native bees that mostly feed on native plants. I'm still not sure how this happened, as the European Honeybee is widely considered an invasive species.

I have a feeling that the story I'm about to publish about a privacy company whose CEO apparently has founded dozens of people-search businesses is not going to end well for the privacy company or CEO.

I resemble this post

Cranks On Security

Get me the manager!

Reminds me of the messages I sometimes get after breaking a story about a big breach, and the reader asks "WHY ISN'T ANYONE TALKING ABOUT THE ROOT CAUSE???," as if this is somehow gettable and knowable on Day 1, and somehow didn't occur to anyone.

Information wants to be freemium.

Sure. Let Adobe AI scan all of your documents. What could go wrong?

Went to get a Covid booster yesterday at Walgreens after my wife made us 5:30 pm and 5:45 appointments for a shot. Showed up on time, only to be told they didn't have me in their system. 30 minutes later, it dawned on them that maybe I'd never filled a prescription through their system before. Turns out, even though my wife had filled out all the right forms, they had a pile more forms for me and proceeded to ask me a bunch of personal health info in front of a long line. 15 minutes later, and 45 min after my "appointment" they were still registering me in Walgreen's system. I left because we also had a dinner reservation a few minutes after that. Hard to believe they're only just figuring this out. Nobody is going to bother at Walgreens if it's this hard.

Yes, X, something went wrong. Something went very, very wrong. WTF else is new? OMG how I don't miss this platform. And no, it's definitely not my fault. We all know whose fault it is.

This Daily Beast piece on DeSantis' security team tripping over themselves to keep a 15-year-old kid from asking difficult questions is pure gold. Getting big time Dead Zone vibes after reading this story, and this kid is my new hero. His question should be the first that anyone asks every GOP candidate on the campaign trail for the next 14 months: “Do you believe that Trump violated the peaceful transfer of power,” the teenager asked the governor, “a key principle of American democracy that we must uphold?”

The Daily Beast

Ron DeSantis Is Afraid of Questions From a 15-Year-Old

The Florida governor's operation went to extraordinary lengths to intimidate a high school sophomore—all for a question about Donald Trump.

Wired has a good story about research from Zach Edwards about a huge scam targeting kids with Roblox and Fortnite "offers" that has been "hiding in plain sight for years." The story concerns CPABuild, which is an affiliate program that is very much like the "circle jerk" porn sites of old, only instead of dangling porn they're dangling offers you will never be able to collect, even as they collect all kinds of info about you.

WIRED

A Huge Scam Targeting Kids With Roblox and Fortnite 'Offers' Has Been Hiding in Plain Sight

The wide-ranging scams, often disguised as game promotions, can all be linked back to one network.

CPAbuild has been around for some time, and probably deserves more attention. In the meantime, it appears CPAbuild comes w/ default Google Analytics codes built in. This one, e.g., is currently in the HTML source code of than 5,000 newly registered websites, according to https://dnslytics.com/reverse-analytics: UA-85922709.

There's an important aspect of the devastating fires in Hawaii that I hope does not get lost in all the coverage about climate change: The role of non-native plants and grasses that were brought to the state years ago but which have been allowed to grow unchecked over the years and pose a huge fire hazard.

How Invasive Plants Caused the Maui Fires to Rage (Published 2023)

A sweeping series of plantation closures in Hawaii allowed highly flammable nonnative grasses to spread on idled lands, providing the fuel for huge...

John Clifton Davies, a convicted fraudster estimated to have bilked dozens of technology startups out of more than $30 million through phony investment schemes, has a brand new pair of scam companies that are busy dashing startup dreams: A fake investment firm called Equity-Invest[.]ch, and Diligere[.]co.uk, a scam due diligence company that Equity-Invest insists all investment partners use. A native of the United Kingdom, Mr. Davies absconded from justice before being convicted on multiple counts of fraud in 2015. Prior to his conviction, Davies served 16 months in jail before being cleared on suspicion of murdering his third wife on their honeymoon in India.

Diligere, Equity-Invest Are New Firms of U.K. Con Man – Krebs on Security

This is fine, lol. "One day after California green-lighted a massive expansion of driverless robotaxis in San Francisco, the implications became clear. At about 11 p.m. Friday, as many as 10 Cruise driverless taxis blocked two narrow streets in the center of the city’s lively North Beach bar and restaurant district. All traffic came to a standstill on Vallejo Street and around two corners on Grant. Human-driven cars sat stuck behind and in between the robotaxis, which might as well have been boulders: no one knew how to move them. The cars sat motionless with parking lights flashing for 15 minutes, then woke up and moved on, witnesses said."

Los Angeles Times

San Francisco's North Beach streets clogged as long line of Cruise robotaxis come to a standstill

Just one day after state officials approved massive robotaxi expansion in San Francisco, a long line of the driverless cars come to a standstill an...

The one and only time I saw The Grateful Dead in concert was by chance 30 years ago last month, when a friend and I were bored and decided to take the Metro to RFK stadium and just hang around outside the show and enjoy the music. To our amazement, not longer after Sting opened up for them, we spotted an unguarded entrance and made a beeline for the concert floor. Fantastic show. Best $1.50 I ever spent.

Doxing victims in Illinois now have the ability to hold their attacker accountable after Governor J.B. Pritzker signed the Civil Liability for Doxing Act (House Bill 2954) into law on Friday. Introduced by State Representative Jennifer Gong-Gershowitz (D-17) and sponsored by State Senator Julie Morrison (D-29), the new law fills a significant gap in Illinois law and provides victims with legal recourse when bad actors publish their personally identifiable information with the intent to cause harm. HB 2954 unanimously passed out of both chambers of the Illinois General Assembly. https://chicago.adl.org/news/governor-pritzker-signs-anti-doxing-bill-into-law-ilinois-victims-of-doxing-gain-ability-to-receive-civil-recourse-for-online-hate-and-harrassment/

New. Scoopy. By me. "WormGPT, a private new chatbot service advertised as a way to use Artificial Intelligence (AI) to help write malicious software without all the pesky prohibitions on such activity enforced by the likes of #ChatGPT and Google Bard, has started adding restrictions of its own on how the service can be used. Faced with customers trying to use WormGPT to create ransomware and phishing scams, the 23-year-old Portuguese programmer who created the project now says his service is slowly morphing into “a more controlled environment.” "The large language models (LLMs) made by ChatGPT parent #OpenAI or Google or Microsoft all have various safety measures designed to prevent people from abusing them for nefarious purposes — such as creating malware or hate speech. In contrast, WormGPT has promoted itself as a new, uncensored LLM that was created specifically for cybercrime activities."

Meet the Brains Behind the Malware-Friendly AI Chat Service ‘WormGPT’ – Krebs on Security

#wormgpt, #malware #chatgpt

Many have asked why I'm not going to DEFCON this year. In a word: Contractors. Don't let them in your house, because they'll never ever really leave. I *could* go to Vegash and leave Mrs. K and Special K (our GSD, not her real name) alone for a few days with the contractors. I think that would probably use up a lot of, er...points. But to me, leaving your home with contractors inside is a bit like walking away from a Microsoft Windows machine while it's rebooting after applying updates: You're just asking for trouble.

Two things that make me cray-cray: 1) people who confuse kindness and mercy with weakness; 2) people who confuse values and beliefs with strongly-held (and usually very tenuous) personal convictions about nearly everything under the Sun. Someone close to me once said the secret to happiness is to lower your expectations, or to limit the number of things you feel really strongly about. I don't completely subscribe to this point of view. To me happiness has more to do with severely limiting the number of things I consider myself an expert on, and even then trying really damn hard to pretend I don't know anything about those subjects all day long.