This is normal NYTimes fair: "My provider of anti-science medical quackery called chiropractics holds anti-science medical quackery opinions about vaccines. Is this unethical?"
So that "9-0 pcap" conspiracy-theory video: I grabbed a screenshot of what they claim to be "pcap of encrypted data", OCRed it, and converted the hex back to ASCII. My guess is that it's a hexdump of an SQL dump. It's certainly neither "encrypted" nor a "pcap".
Fields separated by commands implies CSV format, but when those fields are surrounded by quotes, then many fields surrounded by parentheses, it starts to look at a lot like an SQL dump instead.
Bah, immediately after posting this, I see others have already gone down this route:
So I'm reading the CFAA decision. I want to point out yet again that the "mens rea" requirement in the CFAA is bullshit. It doesn't mean the perp knew they were unauthorized, it means a reasonable person in the perp's place would've known they were unauthorized.
I can appreciate that in most crimes, this is the reasonable approach.
It's just that in computer crimes, it's not. People have wildly different understands how computers work, and thus, different understands about what's authorized.
Most people are unintimidated by the URL bar in the browser and have never edited the URL in their lives. Thus, reasonable people assume that if you couldn't have accessed a resource without editing the URL, then it was unauthorized.
I'm somebody who actually likes the Federalist Society. How can it not vigorously defend the free speech rights of this student for what's obviously satire????? What part of "free speech" are people not understanding any more?
The correct answer is that THIS IS FREAKIN' KERCKHOFF'S PRINCIPLE FROM 1880!!!!!!! Seriously, at some point we have to point out YOUR CONCERN WAS ADDRESSED OVER 100 YEARS AGO!!!!
Yes, yes, we can't apply this principle has a clichéd response to every question (as some people do). But at the same time, we can apply it where it's clearly appropriate, such as in this case.
The naive believe we need to hide the details of how things work, in the name of security, so that the attacker doesn't know the details.
Ransomware is an 'existential threat' to business. What's your plan to respond to it? Wrong answers include "we are prepared" and "doing better at cybersecurity basics".
I mention this because I read a lot of op-eds by infosec types that claim that ransomware demonstrates the need to for better cybersecurity. I disagree. I think we need to actually pay attention to the specifics how ransomware attacks work, and address those specifics.
Anybody says "we need to take it seriously", about any topic. Here's my take on the Israel-Palestinian crisis: "The recent rocket attacks by Hamas and Israel's response demonstrate how the United States needs to take this conflict more seriously". See how it works?