Trump has a point. The pool was vandalized. By Trump and his cronies. And they stole $14 million in the process. And also left the pool full of blue trash which will likely cost millions to remove.

Not surprising. Web search from the Start Menu was always a bad idea.

Hell, I’ve had to deal with users getting their systems compromised because of this idiocy. User typed ‘ms teams’ in the start menu, clicked on the first link and ended up at an attacker’s page which mimicked the official Teams download page. User clicked “Download”, received the trojaned .msi file and ran it.

Sure, there’s some blame to go around in that case (and we finally got some default configuration changes out of it), but the fact that Microslop’s greed led to a malvertising link showing up in a user’s Start Menu is indicative of everything wrong with Windows 11.

All of the above.

Is it that ISPs are being paid by tech-bros to assign them these IPs?

Bullet Proof Hosting is a thing. Some ISPs basically advertise to criminals about their ability to evade take down orders and unwillingness to work with law enforcement. So, some infrastructure ends up on these devices. However, the IP ranges from these services often get discovered and are added to public reputation and block lists.

Along side this, cloud providers are pretty bad about policing their networks. On my own home server, I have blocked much of the Digital Ocean IP space, as it’s home to a lot of scanners, bots and other malicious traffic.

Is it that residential devices have been hacked /contain malware that does this?

This happens, a lot. The Mirai Botnet thrived on compromised home routers. People are pretty bad at updating their devices and many SOHO routers ship with some pretty bad vulnerabilities. It’s only a matter of time until someone finds an unpatched or misconfigured router and adds it to a botnet. People also get phished or install trojans all the time, adding to botnets. Darknet Diaries just had a fantastic episode on the Bayrob malware, part of which was turning infected machines into a custom botnet.

Is it trivial for companies to assign themselves residential IPs?

Some ISPs just look the other way when they get reports of malicious activity on their network. Also, attackers can force a DHCP refresh and just get a new IP when the old one seems blocked. Getting one in the first place is often as simple as signing up for service and/or compromising someone’s home PC and using it as a relay.

Paid volunteers are doing this for AI companies?

This probably happens. Afterall, we’ve already seen a company selling an AI product which was just workers in India.

Obviously this is a problem because one can rotate / cycle through residential IPs and if I aggressively block each offender in my logs permanently, then the next person assigned this IP who may be a legitimate user will be unable to access my site.

Look into Fail2Ban. This program monitors your logs and will ban IPs automatically based on criteria you set. This can include specific HTTP requests in your web logs. The ban can be permanent or can be time limited. For example, I have a container running in a cloud provider which I use to proxy requests through my ISP’s CGNAT setup. There is an NGinx reverse proxy running there and I have fail2ban watching the access log. If certain request strings are seen, the sending IP gets dumped in a permanent jail. I also have it scanning the sshd logs and banning IPs which fail to login 3 times within a short period.

It’s far from a silver bullet, but it’s something which should be running on any web facing system. Attackers will always be rattling the door knobs. There is no reason to let them keep rattling away.

I have trouble feeling sympathy for any company which didn’t greet the Broadcom buyout of VMWare with a firm plan to migrate. Expecting anything other than “abusive conduct” out of Broadcom is like expecting to jump in the ocean and not get wet.

Edge is just Chrome with a Microslop skin. They went from crushing Netscape so hard it got open sourced (mostly via monopoly shenanigans) to copying Google’s homework. And their attempts at mobile anything has been failure (Windows CE) after failure (Windows Phone) after failure (Windows for ARM).

If it weren’t for Office and companies’ undying love of Active Directory and Exchange, Microslop would be a memory and little more.

Sadly, a reluctance to install patches isn’t unique to Windows administration. I worked at a site with a well functioning Satellite infrastructure and support contracts with Red Hat. And we (InfoSec) were still chasing down admins to get their shit patched. Thankfully, we had NAC and authorization to disconnect systems that feel out of compliance. Most departments got with the program pretty quick when they ignored the "please patch all critical vulnerabilities in three days’ email and ended up with a “you are out of compliance and have been disconnected” email.

And Docker had made the whole Linux situation even worse. So many devs love to spin up containers, basically disable any sort of firewall, don’t bother with IP filtering. Oh and let’s just use passwords for ssh. Also, who needs logs? It’s a container, right. So, let’s disable all logging and not forward those anywhere. Then they promptly forget about the container until we run a vuln scan and find it’s got half a dozen RCE vulns and have to run them down and ask why the fuck it’s still running.

Linux is a much better base to build on. But bad security hygiene is still rife and still really bad for security.

Wow. Learn something new everyday.
Thanks for sharing.

Then they transfered a file to /tmp/exp which was linux kernel CVE-2026-43500, nicknamed ‘Dirty Frag’, an RxRPC local privilege escalation. I had not patched these internal servers that nobody should have access to against this.

Lessons Learned #1:
Install your patches.
“But I have a firewall!”
That is not a sufficient control.
Install.
Your.
Fucking.
Patches!

Thanks for sharing.

But, please stop using the curl command piped into a terminal pattern. Malicious actors have been abusing the fuck out of this pattern ever since the idiots at Anthropic decided that would be the official install pattern for Claude. I’ve been cleaning up infections based on people just blindly running shit like that constantly over the last couple months.

Folks, never run a random script from the internet, without being sure what you are actually about to run. If using AUR packages is considered risky. Random scripts being piped into a terminal ranks right up there with sticking your dick in a blender.

LLMs are a tool. Like all tools, we are going to go though a learning curve as we adapt to safe usage of that tool. LLMs cratering companies would be a really tame way to learn those lessons. Usually, we don’t start writing regulations around tools until we have buckets of blood to write those regulations with.

I still break out the old Sierra games (specifically the Quest for Glory series) from time to time. Those are still a lot of fun and ScummVM makes them run damn near perfectly.

Most non-indie stuff is complete and utter trash.

Ya, it’s telling that some of my favorite games these days all started as indie games. I do worry about them as they get in bed with larger producers, but I also understand the draw. E.g. I still love Valheim, but they were Embracer’d by private equity. And I’m waiting for that relationship to push them to shit all over their players. Though I understand that publisher backing lets them focus more on development and less on the marketing and distribution of the game.

So now I expect it will be just a patronising nostalgia IP reboot fest designed to extract as much cash as possible.

Ya, this is one of the big turn-offs for me. For example, I really liked Prince of Persia: Sands of Time back in the day. I’ve got exactly zero interest in the remake. Ubisoft’s logo now looking like a neat pile of dogshit, viewed from above, is pretty apt.

I think it’s pretty telling that so many of the people they talk to and a lot of the focus of the article isn’t really about older gamers, it’s about their money.

The opportunity is substantial. The 40+ segment in the US is on track to grow from $19 billion in 2022 to $43 billion by 2030, a 132% expansion at a moment when the rest of the industry is shrinking. These are players with the most disposable income, the longest gaming literacy, and the highest brand loyalty.

I’m in that “40+ segment” and I suspect part of the “problem” these companies face is that older gamers have seen the enshitification of so many of the brands we love. Our tolerance for bullshit is basically gone at this point. Micro transactions, season passes, fucking ads in games, all of that bullshit is a quick way to not get our money.

I also suspect “brand loyalty” is basically gone for the same reason. As a kid, I looked for the Electronic Arts logo. If I saw this logo on a game package, I knew I was looking at a good game. I haven’t bought an EA game in years. I don’t expect to buy an EA game any time soon and I basically ignore everything they do. Sure, if a trailer for Starflight 3 dropped, I’d sit up and take notice. I’d also expect it to be an enshitified mess wearing the skin of a beloved series to sucker me in, before pouncing on my wallet.

So ya, maybe just make good games and older gamers will inevitably buy them. I mean, Larian can pretty much say, “hi we’re making…” and I’ll have my wallet out and be pulling bills before they get any further. And maybe that’s your “brand loyalty”. Game companies who make good games and aren’t private equity firms wearing the dead skin suits of brands we used to love.

Soldiers give up a lot of rights when they sign their enlistment contract.

He might be right. He’s a complete ass for pointing it out. And the fact that he would think he might need to point it out should be cause for some serious self reflection. But ya, disparaging someone above you in the chain of command is going to run afoul of the UCMJ. I’m just not sure of the VP is considered in the chain of command.

I’d wonder how in the world such a young kid could have made that much money. And did so without me noticing.

More seriously, assuming this happens well into the future, I’d congratulate him and just ask that he be sure to take good care of his mother when I die.

My company has let us get Enterprise Copilot and has been pushing us all to “use AI”. So, I now use it as a a semi-functional search for SharePoint/Outlook/Files on an almost daily basis. I also ask it questions about Microsoft documentation on a regular basis. I wonder how long it’s going to be until they yank my license.

Seems like this would be a good place to treat those stocks (and options) as real property and tax them accordingly. With a properly progressive rate on them, we could set the lower end such that normal retirement funds won’t be impacted, with the high end discouraging hording assets.

Next up, we turn The Ellipse into the Circus Maximus. I mean, it’s already got the right shape for the chariot races.