Shouldn’t be this hard to find out the attack vector.

Buried deep, deep in their writeup:

RocketMQ servers

• CVE-2021-4043 (Polkit)
• CVE-2023-33246

I’m sure if you’re running other insecure, public facing web servers with bad configs, the actor could exploit that too, but they didn’t provide any evidence of this happening in the wild (no threat group TTPs for initial access), so pure FUD to try to sell their security product.

Unfortunately, Ars mostly just restated verbatim what was provided by the security vendor Aqua Nautilus.

Only the cyber truck. Model S and 3 refreshes are still on the legacy platform, with a lithium ion 12V.

So the article repeats, several times, “waymo relies on remote operators”. I don’t think the author knows what “self-driving” means.

Don’t bother with the cert if it’s not your job, but at least look into CCNA Routing and Switching. There are tons of courses available, both in person and online, as well as numerous YouTube videos on the subject.

See if your local library or community college has an adult education center that provides a course. At some point, you will need to learn subnetting, which is just math, but practice makes perfect, and your life is easier if you have it committed to memory.

Proper written work is still one of the most effective ways to do this.

Sorry if I’m about 10 years behind Linux development, but how does Docker compare with the latest FlatPak trend in application distribution? How you have described it sounds somewhat similar, outside of also getting segmented access to data and networks.

Digital signature as a means of non repudiation is exactly the way this should be done. Any official docs or releases should be signed and easily verifiable by any public official.

I wouldn’t immediately jump to that conclusion. There are plenty of legitimate business opportunities that do not imply “taking money to promote products”. In-line advertising and properly disclosed free samples are standard operating procedure for the tech industry, but they are completely above board, and by themselves do not imply bias.

Nearly every content creator’s YouTube channel About page or website will have a similar line, somewhere.

The biggest mistake users will make is thinking their data is safe JUST because they have a NAS or a RAID. It’s common parlance in Systems Administration that RAID is NOT backup.

To wit— not truly understanding RAID and how it relates to capacity, parity, and especially the time required to rebuild in failed disk situation. It is a crucial mistake to use RAID 5 with greater than 2TB disks, and even that is pushing it, but RAID 5 is at least in the zeitgeist.

There are also some outside concerns such as Drive batch dates and knowing to pre-purchase spare disks well in advance that may hamper recovery.

You are absolutely correct— major blog hosting, image hosting, and video hosting sites are all “free” for the content creator, but YouTube by far has the largest audience and highest monetization rates of any of them.

This is just creators buying in with their wallets; it makes sense to go where the money is, even if the format sucks for the idealized content consumer.