remotelove

Just curious, was there a recent event that happened that affects more than just you? Just curious, s'all.

So. I have had a decent amount of time to think about this kind of thing and I have just become very aware about what I consider private information. If something is super private, I take the appropriate steps to ensure absolute and super paranoid levels of security.

However, there isn't much that I could be blackmailed for because if there wasn't an absolute expectation of privacy from the start, I just expect most information to be public anyway.

Most "general human things" I still wouldn't care about. Someone has naked pictures of me they want to share? "Uh. Why?" would be my first question. I am not much different and any of the other billions of humans out there, so if you want to see those, knock yourself out. (I just won't go out of my way to make or distribute that stuff.)

You caught me going to a porn site on my free time where I had the expectation of privacy? Sorry, but many people do that and again, I'm just being human, so fuck off.

I think at the end of the day, I have seen (and done) so much stupid shit that it takes a lot to bother me. While my experience probably doesn't help you at this moment, it's fairly important to be aware of your own feelings in cases like this.

In the most kind way possible: If all else fails and you cannot rationalize the current situation, remember that very few people know or even care about you specifically. Sure, you have friends and family! If they are "real" friends, nothing can get in the way of that friendship. Family is family. The rest of the world? Bah. Fuck 'em.

Financial loss is another beast and a pain to deal with. Work with your bank and credit cards companies to resolve what you can, if that is the case.

Regardless, time fixes all so hang in there!

Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.

No State shall make or enforce any law which shall abridge the privileges or immunities of citizens of the United States; nor shall any State deprive any person of life, liberty, or property, without due process of law; nor deny to any person within its jurisdiction the equal protection of the laws.

18 U.S.C. § 242: Makes it a crime to willfully deprive someone of a right or privilege protected by the Constitution or laws of the United States

Ok, that is a ton of reading. However, the point of this is to actually define what freedom of speech actually is.

You are free to tell your employer to fuck off and pound sand, but you will get fired. That is a consequence of words. The government won't step in if you weren't threatening anyone. You and your employer have specific rights in that regard.

In the US, you can go on the news and call anyone in the government stupid and they can't do their jobs or that one party is incompetent. You might lose or gain friends from that, which is still a consequence.

Also in the US, if you directly threaten a person with physical harm and if intent of action can be shown, you are going to be arrested. Your words have now become an infringement on the rights of someone else.

I am just clarifying things, s'all.

Having a mouth and being able to speak words is a thing. You are "free to say words" and nobody can legally sew your mouth shut and make you incapable of talking.

When those words become a threat, someone else must now have their rights protected. This is mostly where the limitations on "Freedom of Speech" come from.

I am pulling this conversation back a hair to define what we are talking about as it's easy to mix terms on social media.

Ok. Let's break this down: Your definition and interpretation of free speech is irrelevant. You can interpret anything however you want whenever you want and that is fine. Your arguments may not hold up in court and you cannot force that definition on others because you believe you are enlightened.

As broken as our legal system is, it is all we have for now. As such, you need to understand that the only definition of free speech that matters is the one that has been interpreted by a court of law.

Here ya go: https://en.m.wikipedia.org/wiki/Bethel_School_District_v._Fraser

You can keep babbling on like a SovCit if you want, but you need to understand our legal system and how rights work, especially for minors.

What we are saying is that you can say anything you want but there should be reasonable limits.

Freedom of speech covers most opinions and ideas except when words present a direct threat to others.

China can and does censor things on a broad scale and as an example, calling the government or dictator stupid would probably get you tossed in jail. That is not freedom of speech.

Minors have limited rights anyway, but mostly in the voting side of things. An adult is defined as someone who has reached the "age of majority". After that, they are free to make adult decisions and be fully accountable for their actions.

Schools are basically forced to accept responsibility for kids for a number of hours per day. As such, schools must create a safe environment for all students and maintain some kind of order and ensure the rights of other kids aren't infringed.

Me exercising my rights can never infringe on the rights of others. Many people don't understand that.

Anyone can say anything they want at any time. What people forget is that words may come with consequences.

Schools must have rules for a number of reasons, mainly because they are full of kids. Dress codes for schools apply across all students and must not discriminate. So, if a school has a rule that any words can't be on shirts, no child can have words on their shirt.

Here is a breakdown for you: https://www.freedomforum.org/school-dress-codes/

What you are talking about has been in the courts a number of times.

Original source: https://www.statista.com/statistics/1303450/bilateral-aid-to-ukraine-in-a-percent-of-donor-gdp/

Aid by euros: https://www.statista.com/statistics/1303432/total-bilateral-aid-to-ukraine/

I'm in the US, but I suspect mail is fairly the same across North 'Murica. (The government would handle super-remote locations still?)

The only mail I get are either bills or trash. Packages usually don't ship via USPS. I rarely, if ever, send anything.

I wouldn't cry at all if it cost me $5 to send a letter every two or three years.

This is a complicated topic, actually. If you know all of this stuff, disregard. I can just share my viewpoint from being in security for over 20 years which has slowly morphed from pure engineering work to more of an engineering/business/compliance hybrid skill set.

Context and actual risk matters. An easy exploit is bad and gives an adversary a place to pivot from in the org. However, where can the adversary pivot to after that? What resources are at risk then? ("Risk" is defined as the chance of "something" causing actual financial or reputational damage to an organization.)

Lets say that a customer has a site hosted externally on WP Engine and the admin page is compromised. There may be company contact information loss, possibility of employee password reuse to leverage and of course, one of their public facing pages could be defaced. There is more, but just keeping it simple for now.

Hopefully, WP Engine accounts and data is completely separate from the "meat" of the org: customer information, sensitive data, databases, etc.. If that is true, the easy exploit is still easy, but the actual risk to the org is much lower and from a business perspective, the finding gets bumped down in priority.

What I am saying is that a finding must be presented in full context. Is the finding easy to exploit but low risk or is it hard to exploit but has high risk? Is it easy to exploit and also is high risk?

What Jr. security staff almost always forget is that "risk" is something that is determined by the business, not by the third party pentesters. Part of the job of the security and compliance teams in the org is to take a finding and connect the dots from that finding to other parts of the org. Actual risk and priority can then be assigned.

Of all the security teams I have been part of, I can say that there are a million different ways to determine risk and a million more ways to prioritize a finding.

What is even more difficult to process is that "severity" may just be a summary score of risk and exploit difficulty. It depends on the company and what flavor of security frameworks they use. Severity could also include time to exploit, time to detect and remediate and if and exploit attempt could even be detected.

Good pentest reports will properly define all of its terms first. ie: What does "severity" and "risk" actually mean to the target organization? Security leadership needs to take that report and convert that into data that means something in terms of their budget. It's a sad reality of how businesses operate, unfortunately.

What I always see is that the business side of security is mostly ignored by jr engineers and pentesters. That isn't bad though! Real engineering work is the meat of security and the "business side" of things is a major distraction.

(My pet peeve is getting a pentest report with hypothetical issues where the tester couldn't even show step 1 to prove a vulnerability is even exploitable. I now have a report with a "high severity" call out with no proof attached to it, but still have to sit in meetings with my management telling them the finding is likely bullshit.)

Just call it X-Twitter. It ain't twitter any more, and "X" is just dumb as fuck.

Voyager had it worse than Enterprise-D in general, but I am struggling to define "natural disasters" in this case. I'll need help with this as I am not an Enterprise-D expert, but I think I can explain more about what I think is proper context from Voyager.

Strange aliens that invade the ship are just aliens doing what they do. It's natural, but technically not a disaster.

Voyager getting pulled into the delta quadrant was an act of an entity and not really a disaster in the whole scheme of things. It was really bad, but limited in scope.

I almost classified a planet being destroyed by a dangerous power source explosion a natural disaster, but it's not. It's humanoids doing stupid humanoid things.

Voyager does have "Shattered", that seems natural and a disaster, but it's limited to just Voyager.

"Year of Hell" is so close, because time itself is keeping the imperium in a never ending cycle of wiping out entire civilizations, but doesn't make the cut because it was still the work of one crew and the "disasters" technically never happened.

"Friendship One" may be in the running because a civilization was "gifted" with matter/antimatter tech before it was ready. It was a mistake of pure chance that kicked off a path to the destruction of a society.

(Enterprise-D had a few episodes where they were saving planets from actual natural disasters though. As mundane as that sounds, some of those may come out on top by definition.)

Edit: To completely destroy my own attempt to set content, "The Omega Directive" may be it as the Omega particle was able to create subspace ruptures. It's perfectly and evenly tied with Enterprise's "Force of Nature" where warp drives were destroying the fabric of subspace itself. In that context, both win. Unintentional and unexpected natural consequences of one force of nature acting on another. (I just completed wrecked my own previous arguments, I know. Just having too much fun with this one, s'all.)

Oh. When I said "the west" I was squarely pointing the finger at France. China is playing the longer game there because Russia has stationed Wagner down there already. It benefits both Russia and China if the population is focused on removing French influence. China gets a long term investment hedge against France and Russia gets more cheap mercs for Ukraine.

Now, I don't really want to spend much time doing a full research project on what is basically a game of thrones'ish style side bet. It's insanely complicated, I would imagine. After a few African countries went full-on coup d'état a few months ago, I realized there was much more going on.

Edit: I wasn't downvoting you. I suspect that some people might be trying to launch some instability of their own. Lulz.