Need to let loose a primal scream without collecting footnotes first? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful youā€™ll near-instantly regret.

Any awful.systems sub may be subsneered in this subthread, techtakes or no.

If your sneer seems higher quality than you thought, feel free to cutā€™nā€™paste it into its own post ā€” thereā€™s no quota for posting and the bar really isnā€™t that high.

The post Xitter web has spawned soo many ā€œesotericā€ right wing freaks, but thereā€™s no appropriate sneer-space for them. Iā€™m talking redscare-ish, reality challenged ā€œculture criticsā€ who write about everything but understand nothing. Iā€™m talking about reply-guys who make the same 6 tweets about the same 3 subjects. Theyā€™re inescapable at this point, yet I donā€™t see them mocked (as much as they should be)

Like, there was one dude a while back who insisted that women couldnā€™t be surgeons because they didnā€™t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I canā€™t escape them, I would love to sneer at them.

    • flere-imsaho@awful.systems
      link
      fedilink
      English
      arrow-up
      8
      Ā·
      edit-2
      4 months ago

      this is quite infuriating, i had a number of mozilla/firefox people telling me that this feature wouldnā€™t work with opt-in (itā€™s bullshit though) because too few users would enable it, and neither fucker asked himself : ā€œwait, if weā€™re afraid we canā€™t convince our user base to buy-in, perhaps we shouldnā€™t develop the feature?ā€

    • Mii@awful.systems
      link
      fedilink
      English
      arrow-up
      7
      Ā·
      edit-2
      4 months ago

      Sounds like a good idea to piss off your primary user base, because at this stage I feel the only people singing Firefoxā€™s praise are privacy advocates who wonā€™t touch Chrome & friends with a ten-foot pole.

      (I have the feeling that this comes from the same shithead who pushed to include spicy autocomplete in Firefox.)

      Itā€™s also enabled in the dev builds, by the way. I just checked.

      • self@awful.systems
        link
        fedilink
        English
        arrow-up
        8
        Ā·
        4 months ago

        (I have the feeling that this comes from the same shithead who pushed to include spicy autocomplete in Firefox.)

        it definitely reads like the same shithead, but Iā€™ve had them blocked on mastodon for some time so I canā€™t say for sure if it was for rampant LLMery or for doing the ā€œwithout advertising the modern web would die and you donā€™t want that do youā€ thing advertisers do constantly

        • Mii@awful.systems
          link
          fedilink
          English
          arrow-up
          9
          Ā·
          edit-2
          4 months ago

          Lol what an absolute tool. Thatā€™s the same shit the marketing bozos at my job say when I inform them that, no, I canā€™t auto opt-in our customers into whatever stupid Facebook ad campaign theyā€™re pushing this week because itā€™s literally against the GDPR and our privacy laws.

          But I guess thatā€™s the logical next step if your whole business model depends on lazy deceiving people into clicking the button with the flashiest color in the cookie popup without reading the label.

          P.S. the modern web can die in a fucking fire.

        • self@awful.systems
          link
          fedilink
          English
          arrow-up
          7
          Ā·
          4 months ago

          and because it feels like itā€™s worth screaming this into the void in case thereā€™s any marketing assholes reading: fuck yes Iā€™m here to kill the modern web

      • froztbyte@awful.systems
        link
        fedilink
        English
        arrow-up
        8
        Ā·
        4 months ago

        I donā€™t really know if any chromium-based options are a real solution - thereā€™s so much code in there that a lot of times wonā€™t get caught (cf. brave etc for this very thing), and goog is actively working to push their own agenda and they have a lot more dev-hours than anyone else to churn shit out

        ladybird and servo seem like the most promising alternative paths right now, and ladybird less so because chuds -_-

        • sinedpick@awful.systems
          link
          fedilink
          English
          arrow-up
          2
          Ā·
          4 months ago

          Ladybird isnā€™t going anywhere. The web standards move too fast and theyā€™re not going to be able to catch up. I wish it was another way, but thereā€™s no way a couple of million $ is going to move the needle here when (probably) tens of billions have been poured into chromium/FF.

            • sinedpick@awful.systems
              link
              fedilink
              English
              arrow-up
              5
              Ā·
              4 months ago

              oof. Something tells me heā€™s a good guy and just knee-jerked that response without thinking about it. But then I realize it doesnā€™t matter because the kind of community you create doesnā€™t depend on who you are deep down but what you say publicly.

      • BlueMonday1984@awful.systems
        link
        fedilink
        English
        arrow-up
        6
        Ā·
        edit-2
        4 months ago

        Update - Ended up jumping ship to Librewolf, since I just didnā€™t like the feel of Chromium.

        I was contemplating going back to Firefox, but then I accidentally wiped my entire profile whilst trying to transfer over my browser history and went ā€œfuck it, Iā€™m sticking with Libreā€.

  • BigMuffin69@awful.systems
    link
    fedilink
    English
    arrow-up
    19
    Ā·
    5 months ago

    https://www.nature.com/articles/d41586-024-02218-7

    Might be slightly off topic, but interesting result using adversarial strategies against RL trained Go machines.

    Quote: Humans able use the adversarial botsā€™ tactics to beat expert Go AI systems, does it still make sense to call those systems superhuman? ā€œItā€™s a great question I definitely wrestled with,ā€ Gleave says. ā€œWeā€™ve started saying ā€˜typically superhumanā€™.ā€ David Wu, a computer scientist in New York City who first developed KataGo, says strong Go AIs are ā€œsuperhuman on averageā€ but not ā€œsuperhuman in the worst casesā€.

    Me thinks the AI bros jumped the gun a little too early declaring victory on this one.

    • YourNetworkIsHaunted@awful.systems
      link
      fedilink
      English
      arrow-up
      13
      Ā·
      4 months ago

      See, in StarCraft we would just say that the meta is evolving in order to accommodate this new strategy. Maybe Go needs to take a page from newer games in how these things are discussed.

    • sc_griffith@awful.systems
      link
      fedilink
      English
      arrow-up
      11
      Ā·
      4 months ago

      this is simple. we just need to train a new model for every move. that way the adversarial bot wonā€™t know what weaknesses to exploit

      • BigMuffin69@awful.systems
        link
        fedilink
        English
        arrow-up
        10
        Ā·
        4 months ago

        In chess the table base for optimal moves with only 7 pieces takes like ~20 terrabytes to store. And in that DB there are bizzare checkmates that take 100 + moves even with perfect precision- ignoring the 50 move rule. I wonder if the reason these adversarial strats exists is because whatever the policy network/value network learns is way, way smaller than the minimum size of the ā€œtrueā€ position eval function for Go. Thus youā€™ll just invariably get these counter play attacks as compression artifacts.

        Sources cited: my ass cheeks

        • sc_griffith@awful.systems
          link
          fedilink
          English
          arrow-up
          9
          Ā·
          4 months ago

          i donā€™t think that can be quite right, as illustrated by an extreme example: consider a game where the first move has player 1 choose ā€œwinā€ or ā€œhypergo.ā€ if player 1 chooses win, they win. if player 1 chooses hypergo, begin a game of Go on a 1,000,000,000 x 1,000,000,000 board, and whoever wins that subgame wins. for player 1, the ā€˜trueā€™ position eval function must be in some sense incredibly complicated, because it includes hypergo nonsense. but player 1 strategy can be compressed to ā€œchoose winā€ without opening up any counterattacks

          • sc_griffith@awful.systems
            link
            fedilink
            English
            arrow-up
            7
            Ā·
            4 months ago

            more generally I suspect that as soon as you are trying to compare some notion of a ā€˜trueā€™ position eval function to eval functions you can actually generate youā€™re going to have a very difficult time making correct and clear predictions. the reason I say this is that treating such a ā€˜trueā€™ function is essentially the domain of combinatorial game theory (not the same as ā€œgame theoryā€), and there are few if any bridges people have managed to build between cgt and practical Go etc playing engines. so itā€™s probably pretty hard to do

            (I know thereā€™s a theory of ā€˜temperatureā€™ of combinatorial games that I think was developed for purposes of analyzing Go, but I donā€™t think it has any known relationship to reinforcement learning based Go engines)

  • blakestacey@awful.systems
    link
    fedilink
    English
    arrow-up
    17
    Ā·
    5 months ago

    And in other news:

    Muse is a new creative platform that can create your own AI-generated series so you can dive into a new world of storytelling without the need for personal content creation.

    Who the fuck are these people and why do I not have a button that spreads Lego bricks across their floor?

    • YourNetworkIsHaunted@awful.systems
      link
      fedilink
      English
      arrow-up
      9
      Ā·
      4 months ago

      Yeah, I always hated the part of art and storytelling where there was always a tiny and sometimes misshapen window into the human soul there. Better to do away with that and replace it with an endless parade of #sponsoredcontent. That way thereā€™s no risk of suddenly developing empathy or accidentally connecting with the people Iā€™m exploiting as a billionaire VC.

  • deborah@awful.systems
    link
    fedilink
    English
    arrow-up
    17
    Ā·
    edit-2
    5 months ago

    From the just released GOP 2024 party platform (PDF), this is a single bullet point in CHAPTER THREE: BUILD THE GREATEST ECONOMY IN HISTORY:

    Republicans will pave the way for future Economic Greatness by leading the World in Emerging Industries.

    Crypto

    Republicans will end Democratsā€™ unlawful and unAmerican Crypto crackdown and oppose the creation of a Central Bank Digital Currency. We will defend the right to mine Bitcoin, and ensure every American has the right to self-custody of their Digital Assets, and transact free from Government Surveillance and Control.

    Artificial Intelligence (AI)

    We will repeal Joe Bidenā€™s dangerous Executive Order that hinders AI Innovation, and imposes Radical Leftwing ideas on the development of this technology. In its place, Republicans support AI Development rooted in Free Speech and Human Flourishing.

    Expanding Freedom, Prosperity and Safety in Space

    Under Republican Leadership, the United States will create a robust Manufacturing Industry in Near Earth Orbit, send American Astronauts back to the Moon, and onward to Mars, and enhance partnerships with the rapidly expanding Commercial Space sector to revolutionize our ability to access, live in, and develop assets in Space.

    When your party platform is just a long-form weird tweet that you wrote after bong rips with Elon Musk.

    • Soyweiser@awful.systems
      link
      fedilink
      English
      arrow-up
      12
      Ā·
      edit-2
      5 months ago

      Human Flourishing

      This term was already very iffy, but this cements it into being full on red flag territory.

      When your party platform is just a long-form weird tweet that you wrote after bong rips with Elon Musk.

      Wouldnt be surpised if we discover he is behind it, the whole manufacturing things in space (yes I also played SMAX Musk) has his smell over it. What makes this a bit more funny is that Musk has also been hired to help safely crash down the ISS into the sea (Personally considering the cost of lifting stuff out of our gravity I would try to keep it up there, if I wanted to build more things in space, but due to capitalism we cannot (really, the ISS is going to be trashed because figuring out who own what part and resolving all that is too hard, capital says no)). Which brings up a fantastic opportunity for a random person on twitter who has Musks ear. We can now put a city at risk of being crushed by the ISS by tweeting ā€˜hey musk, make the ISS do a barrel rollā€™.

    • earthquake@lemm.ee
      link
      fedilink
      English
      arrow-up
      16
      Ā·
      edit-2
      4 months ago

      ā€œdisorderly cities are required by the state religionā€

      When they are absolutely sure the tweet will not escape containment, they will just take assumptions like ā€œa certain percentage of people has incurable Criminal Mindā€ as given and go from there.

    • skillissuer@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      8
      Ā·
      edit-2
      4 months ago

      tangent: these screencaps are from scott? he doesnā€™t mention long acting injectable antipsychotics (one shot every 2-4 weeks or so, no pills needed; needs consent ofc, result is vastly increased compliance) is that not a thing over there?

      e: he mentions it but doesnā€™t discuss it for whatever reason

    • V0ldek@awful.systems
      link
      fedilink
      English
      arrow-up
      17
      Ā·
      4 months ago

      Wait, this guy published ā€œis Nearā€ twenty years ago and then UNIRONICALLY published ā€œis Nearerā€?

      Come the fuck on, this has to be satire?

      The sequel to ā€œApocalypse Nowā€, ā€œApocalypse Even More Presentlyā€

      • Jonathan Hendry@iosdev.space
        link
        fedilink
        arrow-up
        9
        Ā·
        4 months ago

        @V0ldek

        Buy my new book ā€œYouā€™re older than youā€™ve ever beenā€.

        Twenty years pass

        Buy my new book ā€œAnd now youā€™re even olderā€

      • Soyweiser@awful.systems
        link
        fedilink
        English
        arrow-up
        7
        Ā·
        4 months ago

        iirc he predicted the singularity somewhere in 2040 so it does make sense, even if it looks weird.

        • V0ldek@awful.systems
          link
          fedilink
          English
          arrow-up
          10
          Ā·
          4 months ago

          Oh gosh, hopefully I live to see ā€œSingularity Is Still Near, Just Not as Near as I Thought: Trust Me Brosā€ released in 2041

          • Soyweiser@awful.systems
            link
            fedilink
            English
            arrow-up
            7
            Ā·
            edit-2
            4 months ago

            ā€˜Sorry no singularity, climate change is an existential threat after allā€™.

            (Iā€™m bitterly reminded of the SSC post where he starts with ā€˜why donā€™t we hear about the ozone layer anymore, well the scientists fixed it!ā€™ where he goes after the environmentalist movement. There is only one problem with the ā€˜we fixed the ozone layerā€™ thing. Butt wait, there is more!)

  • zbyte64@awful.systems
    link
    fedilink
    English
    arrow-up
    16
    Ā·
    edit-2
    4 months ago

    Over at ā€œwork on climateā€ thereā€™s been an influx of companies that will greenwash using ChatGPT. One company I interviewed for (in my estimation it) boiled down to using ChatGPT to make generic greening recommendations for a business and attach hallucinated numbers that the client can then pass off for themselves.

    Edit: is there a list of companies that use ā€œprompt engineeringā€ so that I can just avoid them?

  • froztbyte@awful.systems
    link
    fedilink
    English
    arrow-up
    15
    Ā·
    5 months ago

    (Iā€™ll try put a decent summary of links on this later)

    thereā€™s a UK party that (aiui) committed electoral crimes by submitting non-existing genML-created people as candidates, a whole new usecase!

    gonna be real fun to see that catching sunlight, if TNI manages to do due process right

    • swlabr@awful.systems
      link
      fedilink
      English
      arrow-up
      13
      Ā·
      5 months ago

      what a coincidence, ā€œaiuiā€ is the sound I make when I get caught doing electoral crimes.

    • Mike@awful.systems
      link
      fedilink
      English
      arrow-up
      10
      Ā·
      5 months ago

      If you want more crazy, that political party is actually a limited company in which the leader is also the majority shareholder and the bylaws permit him to fire and appoint a majority of directors at will. Iā€™m not sold on whether all those candidates were actually fake, but journalists from more credible outlets than Byline Times are no doubt working on physically tracking down every one off these candidates as we speak to verify their existence or otherwise.

    • David Gerard@awful.systemsOPM
      link
      fedilink
      English
      arrow-up
      7
      Ā·
      edit-2
      5 months ago

      guardian story

      one guy whose pic looks like a fucking Auton actually got in touch with the Grauniad and showed them the original of his ridiculously yassified campaign photo

      • froztbyte@awful.systems
        link
        fedilink
        English
        arrow-up
        6
        Ā·
        5 months ago

        it continues to do my head in that I vacillate on whether thereā€™s more insane politics shit for yā€™all in TNI, or in what we have here in ZA

        • Mike@awful.systems
          link
          fedilink
          English
          arrow-up
          9
          Ā·
          5 months ago

          There was a new government elected last week on a platform which can be broadly summarised as ā€œno more insane politics shitā€. So far theyā€™re showing dangerous signs of competence and rational thought. What a load of weirdos.

  • skillissuer@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    15
    Ā·
    edit-2
    5 months ago

    found this linked in ed zitron comment section for some reason: https://www.funraniumlabs.com/2024/04/phil-vs-llms/

    With a momentā€™s contemplation after reading it, I just realized how spectacularly bad this could go if, for example, you went to do a search for an chemicalā€™s Material Safety Data Sheet (MSDS) and a Large Language Model (LLM) gave you back some bullshit advice to take in the event of hazmat exposure or fire.

    jokeā€™s on you, MSDSs are already dogshit. these things only exist to cover ass of manufacturers and are filled with generic, useless advice https://www.science.org/content/blog-post/uselessness-msds https://www.science.org/content/blog-post/un-safety-data-sheets there is MSDS for sand, MSDS for tear gas and ethanol lists the same dangers, toxicity is overemphasized (because itā€™s common) and some other dangers like explosiveness are underappreciated (because itā€™s not), we donā€™t even need LLMs for this, humans (lawyers mostly i guess) did the same on accident

    also bonus points for first-principling what could have been instead of asking somebody that actually knows, like any proper rationalist would do. also, vinyl chloride is not reactive with water and spraying pressurized containers with water can be a sensible thing to do, because this cools them down, so it decreases pressure meaning it decreases risk of rupture, which would be a bad thing, if manageable for firefighters to do it safely. see: some fires involving propane tanks

    An MSDS may not tell you what respirator to use;

    Slander! MSDS will tell you to use the right one (ā€œappropriate respiratorā€), itā€™s your job to figure out what it is

    • froztbyte@awful.systems
      link
      fedilink
      English
      arrow-up
      10
      Ā·
      5 months ago

      MSDSs are already dogshit

      one of those cases of ā€œminimum legally requiredā€ type of things? maybe with a dash of ā€œthe specification and requirements were written ${time} ago and havenā€™t evolved a lick since then, despite much shift in industry and progressā€?

      • skillissuer@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        10
        Ā·
        edit-2
        5 months ago

        there are no real enforced requirements of accuracy, most of typical known hazards are covered by generic useless advice and everything else is just filled by ā€œno informationā€

          • skillissuer@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            10
            Ā·
            edit-2
            5 months ago

            itā€™s less of this and more of prop65 the size of rationalist footnote

            actual pictograms are not vibes based, there are thresholds for toxicity, flash point etc

            • YourNetworkIsHaunted@awful.systems
              link
              fedilink
              English
              arrow-up
              6
              Ā·
              4 months ago

              You know, I would expect the at-a-glance symbolic information to be more useful just from sheer accessibility. But I never would have expected them to be more accurate and rigorous than the detailed safety sheets.

              • skillissuer@discuss.tchncs.de
                link
                fedilink
                English
                arrow-up
                4
                Ā·
                4 months ago

                MSDS is a multi-page document that is mostly filled with boilerplate, but you could expect some more detailed precautions and instructions, like for example in case of HF burn apply calcium gluconate cream, use special glass for diazomethane because it can explode in contact with ground glass surface, pay special attention around whatever-class of compounds because these are potent sensitizers, or such. most of the time itā€™s not there, because people that write it never used these compounds, and people that do donā€™t read that and donā€™t need reminder after that detailed advice propagated to them via what is basically folk tales from labmates. itā€™s more useful to have a comprehensive chemical engineering handbook or similar resource (as searchable pdf) that has listed dangers for common dangerous reagents

                from that second link upthread:

                Experienced chemists know to go to sources like Saxā€™s or Bretherickā€™s for more useful advice, and tend to ignore safety data sheets entirely. But theyā€™re not really made for experienced chemists (nor, apparently, by them either). For more general users, you would want these things to do some good, or at least do no harm, but the idea of a safety data sheet that actually makes its readers less safe is really unacceptable.

    • BlueMonday1984@awful.systems
      link
      fedilink
      English
      arrow-up
      10
      Ā·
      5 months ago
      An MSDS may not tell you what respirator to use;
      

      Slander! MSDS will tell you to use the right one (ā€œappropriate respiratorā€), itā€™s your job to figure out what it is

      Po-tay-toh, po-tah-toh, still better than an LLM directly endangering you with bad advice

      • skillissuer@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        7
        Ā·
        4 months ago

        as if we needed LLMs for that. at least two of my profs have abstract tattoos left from experimenting with homemade explosives when they were in high school

        • froztbyte@awful.systems
          link
          fedilink
          English
          arrow-up
          5
          Ā·
          edit-2
          4 months ago

          as reminders? or are they just that metal?

          (e: mostly unsure whether you mean ink or scartissue with ā€œabstract tattoosā€)

          • skillissuer@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            6
            Ā·
            edit-2
            4 months ago

            sorry if that was unclear, metal acetylides that they played with when ignited give off a cloud of fine metal particles and soot, they had hands close enough that these particles got embedded in their skin, permanently. so basically tattoo ink but explosively deposited

            • froztbyte@awful.systems
              link
              fedilink
              English
              arrow-up
              5
              Ā·
              4 months ago

              ah, gotcha. so, metal, but not quite the type I had in mind! no worries on the initial confusion, was just not entirely sure what you meant wrt mechanism

    • Soyweiser@awful.systems
      link
      fedilink
      English
      arrow-up
      9
      Ā·
      5 months ago

      Slander! MSDS will tell you to use the right one (ā€œappropriate respiratorā€), itā€™s your job to figure out what it is

      I lolled.

  • flizzo@awful.systems
    link
    fedilink
    English
    arrow-up
    14
    Ā·
    5 months ago

    Iā€™ve been out-of-the-loop for a bit on the Nix drama. Is there a good summary of the last couple weeks?

      • gerikson@awful.systems
        link
        fedilink
        English
        arrow-up
        8
        Ā·
        4 months ago

        Man there was a long thread about different forms of self-identifying as Muslim that was finally purged by mods after 2 days.

      • self@awful.systems
        link
        fedilink
        English
        arrow-up
        7
        Ā·
        4 months ago

        Evaluation is 5-20% faster than 2.18, depending on which benchmark is in use, thanks to eldritch horrors.

        this is awesome

        nix flake lock --update-input nixpkgs is now the much more reasonable nix flake update nixpkgs.

        but this is making me go ā€œfuck yeahā€ on the inside. it seems like a small change, but I canā€™t emphasize enough how frequently this command gets used (for every flake dependency, not just nixpkgs) for how longwinded and non-memorable the old form of it was. itā€™s kind of fucking incredible how many UX warts Nix has just from the old evaluatorā€™s devs digging in their heels on shit like this.

        • froztbyte@awful.systems
          link
          fedilink
          English
          arrow-up
          6
          Ā·
          4 months ago

          which reminds me, I need to check if lix/aux are going to do a cli-side nixpkgs search with a reasonable invocation

          • self@awful.systems
            link
            fedilink
            English
            arrow-up
            4
            Ā·
            4 months ago

            what do you mean you donā€™t like when your package search command is one of several random, probably-unmaintained ecosystem packages that has to very slowly index everything every time nixpkgs updates because it doesnā€™t have access to the evaluatorā€™s internals?

      • gerikson@awful.systems
        link
        fedilink
        English
        arrow-up
        9
        Ā·
        4 months ago

        Thanks for posting this. I live in Sweden and many of these actors are new to me.

        FWIW we have our own word for people who try to hijack the judicial system with spurious lawsuits etc: rƤttshaverist (ā€œjustice wreckerā€). I donā€™t believe the Roman/German law system really meshes well with the SovCit movement in common law systems, but Iā€™m sure people are trying to apply it.

      • Amoeba_Girl@awful.systems
        link
        fedilink
        English
        arrow-up
        9
        Ā·
        4 months ago

        I really canā€™t imagine reading a book by someone whose vision of the future is ā€œmen will be taller and have more muscles, women will stay the same height but theyā€™ll all be conventionally attractive and have voluntary control of their uterusā€.

        • blakestacey@awful.systems
          link
          fedilink
          English
          arrow-up
          5
          Ā·
          4 months ago

          Babel-17 came out in 1966, and its vision of the future was that a good shipā€™s captain knows how to complete a poly triad and you canā€™t leave Earth without a full crew including three ghosts and a furry.

          • gerikson@awful.systems
            link
            fedilink
            English
            arrow-up
            4
            Ā·
            4 months ago

            Now thatā€™s the kind of stuff that makes puppies sadā€¦

            (New wave SF is a bit of a blind spot for me. Never really read any Delany, even though his autobio is one the best Iā€™ve read)

    • YourNetworkIsHaunted@awful.systems
      link
      fedilink
      English
      arrow-up
      6
      Ā·
      4 months ago

      Itā€™s weirdly open about its nostalgia for the good old days when you could throw around racial slurs and watch porn at work with no consequences.

  • Sailor Sega Saturn@awful.systems
    link
    fedilink
    English
    arrow-up
    11
    Ā·
    edit-2
    4 months ago

    So remember when Google Domains got sold off to Squarespace because it wasnā€™t profitable enough and Google has the attention span of a squirrel?

    Well that meant bye bye MFA for anyone who didnā€™t check their email diligently enough, allegedly leading to a number of cryptocurrency domains getting hacked.

    The cryptocurrency aspect is mostly just funny, but Google and Squarespace should know better than to effectively disable MFA out from under people. Tech companies put profit over people all the time. And then everyone blames the people for not being hyper-vigilant about computer security.


    Edit: The tweet linked in that bleepingcomputer article is funny if this was indeed the issue: https://twitter.com/pendle_fi/status/1811683909509558562

    Some ā€œdefiā€ company realized this could be a problem 22 hours before they were hacked. Even had time to write a tool to mitigate the impact of getting hacked. Got hacked anyway. Did they uhhā€¦ IDK change their password? Make sure MFA was set up? They donā€™t say.

    • earthquake@lemm.ee
      link
      fedilink
      English
      arrow-up
      12
      Ā·
      4 months ago

      ā€œAny messages beyond this tweet from anyone claiming to be from Pendle is a scamā€

      33 replies from scammers. Holy shit.

      • Sailor Sega Saturn@awful.systems
        link
        fedilink
        English
        arrow-up
        11
        Ā·
        edit-2
        4 months ago

        I know cryptocurrency people have a weirdly high tolerance for getting scammed and blaming the victim, but the twitter spam is constant now. Youā€™d think theyā€™d get tired of it at some point and switch to a platform that lets them moderate better.

        • froztbyte@awful.systems
          link
          fedilink
          English
          arrow-up
          12
          Ā·
          edit-2
          4 months ago

          presumes that people know thereā€™s better possible

          soapbox.gif: you see a dynamic of this sort with a lot of people who have largely only ever interacted with ā€œthe internetā€ through vendor-mediated apps and shit. you can often pick up on it by people that speak in frames of ā€œthis appā€ - the app is their gateway to that engagement, and they have never known substantially otherwise. and itā€™s a day-vs-night type difference in experiences in so many cases! there are some sites that I outright refuse to even open on mobile simply because the anti-nagblocker/etc capabilities that I have on RealComputer with RealOS (i.e.: not some artificially hobbled shit run by a monopolist fuckwad company) just completely block the annoying shit, whereas it is almost impossible to have that experience on mobile

          and for so many people, the latter type (of experience/internet) is all they ever know

      • froztbyte@awful.systems
        link
        fedilink
        English
        arrow-up
        9
        Ā·
        4 months ago

        hey if the cost of operations is a tweet (or an openai chatgpt api call) and the possible reward is a couple dozen suckers at $200-equiv, Von Neumann ends up with a hangover

        • earthquake@lemm.ee
          link
          fedilink
          English
          arrow-up
          11
          Ā·
          4 months ago

          Canā€™t wait to find out that the Perseid meteor shower, which has inspired humanity for centuries, is actually just Von Neumann probes from a long-dead civilization that spam their equivalent of tea.xyz pull requests on any planet that has advanced to hosting source forges.

    • froztbyte@awful.systems
      link
      fedilink
      English
      arrow-up
      10
      Ā·
      4 months ago

      ā€œtoughened up our defensesā€ like adding DNS monitoring. so they just ā€¦ didnā€™t have that before? for a user-facing public web service? cool.

      (and yeah lol at how little detail the rest of this covers)

    • skillissuer@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      9
      Ā·
      4 months ago

      code is lol

      all these libertarian pyramid schemes sit at convenient crosssection of high reward and low probability of being caught, which makes me believe that no good people were harmed in this incident

    • Sailor Sega Saturn@awful.systems
      link
      fedilink
      English
      arrow-up
      3
      Ā·
      edit-2
      4 months ago

      More details: https://krebsonsecurity.com/2024/07/researchers-weak-security-defaults-enabled-squarespace-domains-hijacks/

      It sounds like Squarespace just let people take over domains without actually logging in wtf?

      Whatā€™s more, Monahan said, Squarespace did not require email verification for new accounts created with a password.

      ā€œThe domains being migrated from Google to Squarespace are known,ā€ Monahan said. ā€œItā€™s either public or easily discernible info which email addresses have admin of a domain. And if that email never sets up their account on Squarespace ā€” say because the billing admin left the company five years ago or folks just ignored the email ā€” anyone who enters that email@domain in the squarespace form now has full access to control to the domain.ā€