Another example is Old School Runescape, who reverted back to an earlier save and has now diverged as an entirely separate game running with older systems as they lost a ton of players with their "Evolution of Combat" update. While nostalgia is definitely a powerful tool, I agree with the previous commenter that the original WoW was a very different game than the modern version and it seems like that is one of the core aspects of what people desired.
This comes entirely down to the scope of the agreement for the assessment. Some teams are looking for you to identify and exploit vulns in order to demonstrate the potential impact that those vulnerabilities could have.
This is oftentimes political. The CISO wants additional budget for secure coding training and to hire more security engineers, let the pentesting firm demonstrate a massive compromise and watch the dollars roll in.
A lot of time, especially in smaller companies, it's the opposite. No one is responsible for security and customers demand some kind of audit. "Don't touch anything we don't authorize and don't do anything that might impact our systems without explicit permissions."
Wiz is a very prominent cloud security company who probably has incredibly lucrative contracts with AWS already, and their specialty, as I understand it, is identifying full "kill chains" in cloud environments. From access issues all the way to compromise of sensitive assets.
I'm sure you are correct about being able to do some clever prompting or tricks to get it to print inappropriate stickers, but I believe in this case it may be OK.
If you consider a threat model where the threat is printing inappropriate stickers, who are the threat actors? Children who are attempting to circumvent the controls and print inappropriate stickers? If they already know about topics that they shouldn't be printing and are trying to get it to print, I think they probably don't truly _Need_ the guardrails at that point.
In the same way many small businesses don't (most likely can't even afford to) opt to put security controls in place that are only relevant to blocking nation state attackers, this device really only needs enough controls in place to prevent a child from accidentally getting an inappropriate output.
It's just a toy for kids to print stickers with, and as soon as the user is old enough to know or want to see more adult content they can just go get it on a computer.
ChatGPT allegedly has similar guardrails in place, and now has allegedly encouraged minors to commit self-harm. There is no threat actor, it's not a security issue. It's an unsolved, and as far as we know intrinsic problem with LLMs themselves.
The word "accidentally" is slippery, our understanding of how accidents can happen with software systems is not applicable to LLMs.
It sounds like that's a possibility, but why on earth would you take the time to setup a 3 node cluster of object storage for reliability and ignore one of the key tenants of what makes it reliable?
"If you select those people, what’s to keep them from creating a system that gives them ever more amounts of money, to the detriment of their constituents?"
That is literally the system that exists today, except instead of in the open (e.g. salary) it's through stocks with insider information and who knows how else.
The point isn't to optimize for people who are most incentivized through money, the point is to make the position more accessible for anyone who actually wants to do the "service" part, and to minimize the reasons that it's hard. As the previous commenter pointed out, right now independently wealthy people are some of the only ones who are actually capable of running, and someone who isn't independently wealthy who wins is even more susceptible to bribes because they may be in a tenuous financial position.
I would agree with you that we want individuals who's goal is to do "service" for their society, but our current system obviously isn't working and there are a lot of solid reasons why something like this _could_ improve the situation, what alternatives would you recommend?
Agreed. But the difference is I'm saying a better solution is to adjust the incentives rather than just keeping the same incentives but making it more transparent.
I would be in favor of higher pay for Congress given the limits of the job (maintaining at least two residences in DC and their home state, for example). Perhaps we just disagree on the level. I don't want it to be "lucrative" as you said originally (ie I don't want it to be a way to get rich), but it should be high enough to not be prohibitive to go into service. There are also some knock-on effects that would need to be managed; for example, I think overall civil servant pay is pegged to Congressional pay limits. Other solutions may be to have designated Congressional housing (so at least they can't use the housing cost as an excuse).
That is awful, but it doesn't lessen the impact of someone who right now has access to your email and or other accounts. China having your DNA profile is not near as impactful as someone actively stealing your identity and potentially ruining your finances. Use 2fa everywhere, and if your email is in this list, you should change your password.
New macbooks with a notch hide icons underneath of the notch and those icons are completely inaccessible without installing 3rd party software to manage your status bar, or turning off a bunch of other software with visible icons on your bar.
IMO that's a far worse UX than update and shutdown turning the computer back on at the end.
you can finally set a screen resolution that just stays below the notch! I'm not sure when that became available, but I just used it a couple weeks ago.
The sad thing about the current state of macOS is that I'd rather install an app to manage the menu bar than upgrade to the liquid glass monstrosity that is macOS Tahoe.
(I'm also not an early adopter. I only went to Sequoia from Ventura a few months ago.)
in case this implies you haven't found it: it's a feature in Sequoia :) it's just in display settings, though you may have to turn on the "show all resolutions" toggle to show it.
I haven't used Tahoe personally for more than a moment on someone else's computer, but wow they did not think that UI redesign through at all, did they. I'm actually kinda glad I'm mac-less now.
Defaulting a furnace to on certainly shouldn't be considered safe. What if it's leaking CO into your house, what if it gets dangerously hot and causes a fire?
A thermostat and controls are a necessary requirement for HVAC systems and defaulting anything to "run" if your control plane doesn't exist anymore is definitely not the safe option.
The other issue is that in almost all situations (like this one) what you think is a safe and sane default won't align with what other people think.
There should be defaults and they should be clearly defined, but I don't think it's always obvious to determine what they are.
While I agree with your overall point, this clause is irrelevant to/not supportive of it. The presence of a thermostat wasn't going to help you here either and there are vastly more furnaces with connected thermostats than disconnected to worry about.
CO detectors and alarms are needed to address this risk.
Your thermostat is in a far less likely place to be overloaded with CO should the alarms start going off, though. If the thermostat is gone, you have to physically go to the furnace itself or shut off power at the circuit breaker.
Freezing water pipes are bad, but a furnace running non-stop is going to exceed its duty cycle and pose a greater hazard.
Whatever was implemented as this poorly-thought-through fail-safe would be implemented in the furnace itself, thus that furnace implementation could manage any safety-related concerns, though heating equipment is overwhelmingly rated to 100% duty cycle already. (My goal for my boiler is to have at least 22 hours per day of heating demand to ensure that I'm using the exact minimum temperature water to maintain temp in the house, to maximize efficiency.)
My furnace runs pretty close to non-stop when it’s below -30 outside, I imagine a bigger concern than duty cycles if it did that when it wasn’t -30 would be that it would still be pushing the indoor temperature to 50°C above the outdoor temp.
If something is leaking CO into your house, then it's a major safety issue and needs to be immediately scrapped. Whether or not it's internet connected is the least of your worries.
> What if it's leaking CO into your house, what if it gets dangerously hot and causes a fire?
Furnaces have multiple checks when they turned on, even on the dumbest furnaces. There are multiple safety mechanisms preventing it from getting too hot. CO leak - what thermostat will do for you here?
