Well, not that shocked.

https://neal.fun/password-game/

Wouldn’t say I buy cheap shit, not Apple (I’m not Musk or Bezos rich), but flagship Samsung and pro earbuds, Logitech trackball, jbl speakers, and headsets from Bose and Jabra. Now the BT receiver for the stereo, that was cheap Amazon garbage. I’ll give you that one.

I will die on the hill that Bluetooth always has and always will suck ass. Pairing sucks. Latency sucks. Random-ass disconnects suck. Fuck Bluetooth in the neck sideways with a rusty screwdriver.

Same thing we do with .local - “click here to proceed (unsafe)” :D

Set up my work’s network waay back on NT4. 0 as .local cuz I was learning and didn’t know any better, has been that way ever since.

I’m looking into the possibility of moving my organization to FF. Office of about 200 endpoints. The sticky wicket that I don’t fully understand is Auth passthru to 365.

I may be waaaay off here, but the internet as it exists is pretty much built on DNS, isn’t it? I mean, the whole idea of DARPANet back in the 60s and 70s was to build a robust, redundant, and self-healing network to survive nuclear armageddon, and except when humans f it up (intentional or otherwise), it generally does what it says on the tin.

Now, there’s arguments to beade about securing the protocol, but to rip and replace the routing protocols, I think you’d have to call it something other than the Internet.

Looking at specific vulnerabilities or breaches in a complex, interconnected system wouldn’t be particularly helpful in the context I was aiming for. I was thinking more along the lines of generational education in secure practices. Thinking and acting securely on a global scale to ingrain that mindset in future engineers. Security and ethics courses for high school and engineering college undergrads.

Of course, this all comes down to market forces. Manufacturers don’t have an incentive to do more than the bare minimum QA…

Heres an example of the sorry current state: my son just graduated from a Big 10 school with a degree in robotics and electronics engineering. It was very heavy in programming. He’s continuing on to a Ph.D program. He had exactly ONE lecture regarding secure coding and programming ethics. He is required to have no more. In a 7-8 year program, 1.5 hours of formal instruction on secure coding practices and ethics.

No matter what tool is used, if you don’t start from a foundation of security first, your code will not be inherently secure. I can accept that some tools have more guardrails than others, but we are not teaching foundational security skills and principles, privacy and ethics even at the college level. Until that is addressed at a large scale and applied at the lowest layers to the silicon, we’re doomed to this security hell hole dystopia we’re living in.