deleted by creator

deleted by creator

deleted by creator

TL;DR: Cofounder of open source project says super popular platform using their project needs to pay up for inane reasons. Chaos ensues.

In summary:

WP Engine is one of the most popular third party platforms built on top of WordPress.

They have a link and images on their webpage referencing that they are built on top of Wordpress (this is legal).

The former cofounder of Wordpress said that they are illegally using the Wordpress trademark.

WP Engine sends Cease and Desist.

WordPress Cofounder doubles down, blocks WP Engine and demanded WP Engine pay licensing fees for using their branding.

This pissed off a lot of people.

WP Engine sues. For a lot, including extortion, abuse of power, and asserts the cofounder of WordPress has criminally made false statements to the IRS.

The Executive Director for Wordpress resigns, presumably in solidarity with WP Engine and the community.

deleted by creator

Actively encouraging people to toss perfectly good hardware to fuel their subscription bullshit… and these guys weren’t even recently bought by a VC firm or anything?

That’s a penis dot gif

Metroid prime pinball was incredible, especially with the use of the rumble pack. Underrated accessory for the DS.

If they are also sending a validation email, it would fail, so no issue.

You can improve output by 10% by replacing that one bamboo with sugarcane. Other than that, just tile the design.

1. From the title of your article and your executive summary, the premise of your paper is that CVSS is flawed, and CITE is your solution.
2. From the title of your article, and choice of name, “QHE CVSS Alternative; CITE”. CVSS is a VULNERABILITY Scoring System. CITE, as your propose, is a THREAT evaluation tool. You can see how one could have the impression that they were incorrectly being used interchangeably.

As you yourself stated, CVSS does exactly what it says on the box. It provides a singular rating for a software vulnerability, in a vacuum. It does not prescribe to do anything more, and it does a good job doing what it sets out to do (including specifically as an input to other quantitative risk calculations).

Compare what with attack?

Your methodology heavily relies on “the analysis of cybersecurity experts”, and in particular, frequently references “exploit chains”, mappings which are not clearly defined, and appears to rely on the knowledge of the individual practitioner, rather than existing open frameworks. MITRE ATT&CK and CAPEC already provide such a mapping, as well as a list of threat actor groups leveraging tactics, techniques, and procedures (e.g., exploitation of a given CVE). Here’s a good articlewhich maps similarly to how we operate our cybersecurity program.

I think there is a lot on the mark in your article about the issues with cybersecurity today, but again, I believe that your premise that CVSS needs replacing is flawed, and I don’t think you provided a compelling case to demonstrate how/why it is flawed. If anything, I think you would agree that if organizations are exclusively using CVSS scores to prioritize remediation, they’re doing it wrong, and fighting an impossible battle. But this means the organization’s approach is wrong, not CVSS itself.

Your article stands better alone as a proposal for a methodology for quantifying risk and threat to an organization (or society?), rather than as a takedown of CVSS.

Glancing through your article, while you have correctly assessed the need for risk based prioritization of vulnerability remediation and mitigation, your central premise is flawed.

Vulnerability is not threat— CVSS is a scoring system for individual vulnerabilities, not exploit chains. For that, you’ll want to compare with ATT&CK or the legacy cyber kill chain.

.(potksed ym rof) 68x naht rehto gnihtyna no swodniw nur reven ll’I ,epoN

.gnimoc eb lliw sehctap ytrap tsrif on os ,tsixe regnol on erawtfos taht etorw taht seinapmoc eht fo emos ,snur llits ti dna swodniw no (yllacipyt semag ro snigulp noitcudorp cisum rehtie) oga sedaced nettirw erawtfos pu llup yllanoisacco I tub ,krow rof PBM MRA ym htiw yppah yrev m’I

According to the Bureau Of Labor Statistics, the median salary for airline captains, first-officers, second-officers, and flight engineers in the United States is $203,010 as of 2021.

The big problem is actually in certifying people qualified to take those jobs, which takes additional time and money, mostly to pay for flight time for training. It can take a few grand for just a personal pilot license, but to fly an airline, you need instrument, commercial, and Airline Transport Pilot License (ATPL) certifications, plus increasingly expensive type ratings for the various aircraft you will be flying, a minimum of 1500 hours of flight time, and multiple years at the bottom working your way through smaller regional airlines and courier services.

You can get through the commercial licensing in 12-18 months and about $40k in flight time and insurance, but that is barely enough to get your foot in the door making $50k a year, and even then, you’re still not allowed to fly parcels or passengers for money. Getting those licenses will take another 18 months and another $40-80k, again, mostly in flight time.

That said, once you have ATPL, the company will start paying for your flight time, and you will be earning a 6 figure salary. After 5 years or so and about $100k investing in your training, you should be making over $200k, and can begin to recoup those costs.

“Tesla hasn’t met it’s 2025 production targets in 2023, news at 11!”

Are you playing bedrock or Java? How much do you know of the core mechanics, such as Efficiency, different tools, or Beacons? The game does not make it clear, but you need to switch tools to mine different blocks, or mining them will take forever.

Generally, in Survival, you need an Efficiency V diamond pickaxe with a Haste II beacon to “insta-mine” stone, but a mere Efficiency III diamond shovel will do the same for gravel and dirt. That said, any levels in efficiency will greatly speed things up.

It can be a fun challenge to search for diamonds and lapis to use the enchanting table (though spending hours accumulating resources like bookshelves just to suffer from bad RNG on enchantments can be frustrating). However, if you are just looking to get started building, don’t feel bad about popping into Creative to give yourself some Efficiency books, an anvil, or a beacon, unless you are interested in grinding out the whole game.

The generalized approach in industry is to use API calls, and create classes to structure the data you receive as JSON or XML. At that point, it is entirely up to you how to format and display the data from your classes. Take a look at some of the Lemmy client code like Mlem, Memmy, or Voyager as examples. Though they have gotten more complicated, they all follow this client-server model for front end development.

However, due to recent shenanigans around API and RSS by companies, mostly those looking to prevent AI companies from using their data for free, the alternative, much worse method is to take the HTML output from a standard web request, and try to reverse engineer the page information into a class structure. This sucks, breaks frequently, and requires you to code around ads and other junk on pages in order to get at the content.

Saying “Integrates with OpenAI” in 2023 is exactly equivalent to saying “uses Web 2.0” from 20 years ago. Buzzword trash that says absolutely about how the product uses said technology.

Yes

That’s a gauss gun, not a railgun. Still cool, though.