I’d recommend Half Life: Alyx.

Or, you can probably make an absolute beast of Skyrim through mods.

it’s also important to keep in mind that the cybersecurity field has adbanced tremendously, with cloidfare, EDRs, and in general it is now way harder to do anything anonymously without getting caught, quickly. This also males the field of hacking way more difficult to get in, which combined with reduced attention span of younger generations probably means there’s not that many bored teens willing to put the time in, and as an adult you have way much more to loose, so for hose who had the skills it would be a lot greater risk.

As someone who works in gamedev, I’m sure that some of the people there are passionate about it and it is gutwrenching to see your work fail so hard. I’m sad for every project that launches after years of work and fails to get any attention or sales, and I’m definitely sure there’s someone losing sleep due to that.

I never worked in super-large projects, but I did work for a AAA studio and even there, you got people invested into the project.

From how I’ve seen it, you wouldn’t work in gamedev unless you are passionate about it, because you can get drastically better pay for the same job in other, more business focused, industries. So, if all you cared about is money, you have better options.

One night when returning from a party at work, I’ve decided to stay a while longer in the tram to escort my co-workers to the tram central hub (which was like half an hour of tram ride), instead of getting out at my home, which was only 5 minutes from our workplace.

When I got into the tram back home, there was an older guy with a carboard robot costume, who was talking to someone about his work in the theater. Because I find people like that interesting, I decided to move closer and sit next to them, so I can listen to their pretty interesting conversation. I’ve tripped and basically literally fell into their conversation, and the other guy left, so we started talking. It turned out he does a prop-guy on movies and for theater, and we hit it off pretty well. He also lived literally 3 minutes from my place, and we have decided to go have a few more beers at his home, which was basically a storage lot full of random stuff without much furniture - just random props, one bed, and a lot of beer.

I’ve messaged my GF that I’ll be late, since I’m drinking with this pretty cool old guy, and send her a picture of the place. Her reponse was “Wait, isn’t that <name>?”. Turns out, he was a prop guy on a movie they were filming a lot of years ago at their old family house when she was young, and not only he was the most fun guy to be around there, always sneaking out to drink with them, but also briefly dated her (late) mother, so he’s basically her step-dad. Since he’s pretty old-school, no social networks, internet and barely a phone, we did exchange contacts and since then have seen him a few times, and it was always a treat, like getting us to the backstage of theater production. But the way we have met is so, so random and the odds of something like that happening are mind blowing. I usually don’t follow random people home, but here we have hit it off so well that we wanted to keep talking and it didn’t even felt weird.

I can’t decide whether this sentence is a joke or not. It has the same tone that triggers my PTSD from my CS degree classes and I also do recognize some of the terms, but it also sounds like it’s just throwing random science terms around as if you asked a LLM to talk about math.

I love it.

Also, it’s apparently also real and correct.

I really hope that CS will come up with recipes and emails where the board specificly “strongly recommended” that they reduce operation costs or denied internal investments. It probably won’t happen, because such pressure from investors is usually pretty vague, i.e they don’t literally tell you to cut corners, but they strongly suggest that if you won’t somehow increase revenue, you (the management) will have problems. Of course, it’s up to you how you do it, but to meet their often unrealistic demands, just doing a better job while also investing into internal failsafes is often simply not possible. It’s a loss-loss situation for CS, but I really hope they won’t loose this legal battle.

I’m sure there’s a lot of CS employees that would disagree with that, unfortunately there’s probably not much they can do about it.

I was just a few days ago giving my two weeks notice exactly for that reason. I’m getting so fed up with capitalism and companies working for the vultures who give zero fucks about what you do or whether you do it well or not, prioritizing profits over actually doing your job well. I don’t care about money, I worked in cybersec out of principle, to help people with their security. I don’t really care about money, as long as there’s job to be done for someone, I don’t really care if the project I’m working on is super profitable for me, as long as it at least breaks even. But no, we had to cut corners, basically scam our customers by selling products we had no qualified people for who barely scraped by enough results for the customer to not notice it. Non-existent R&D or training, because several milions of anuall profit are not enough. Fuck all of them, if I’m ever going to work again in cybersec, it will be a non-profit.

This OP’s article infuriates me, the nerves they have to demand more money for what’s entirely their failure, which they also directly cause in every company they touch. I’m sure that the fact that the failure was so devastating for most companies is also by large margin fault of their investors, some of which are probably also part of this lawsuit, that blocked investment into disaster recovery plans or backups, because their millions of profit per year felt low.

I feel like I’m getting pretty radicalized recently, ugh.

While I’m all for holding CS accountable for what happened, thisis not the way how to do it and to whom they should be accountable. If there’s any lawsuit, it should come from the customers who have been affected by the outage, not some fucking investors and shareholders that probably kept pressuring CS for the last several years to reduce costs and increase revenue, that are now scrambling to avoid consequences of their endless greed ruining companies they don’t care about by forcing endless growth at all costs and doing as much as they can to prevent internal investments, because that’s not what makes the line go up.

Fuck them. I hope they loose and have to eat their losses + expensive lawsuit. If CS would be able to actually invest their revenue internally, instead of it feeding pockets of greedy investors who give literaly zero fucks about the product or the service, this may not have happened.

I saw that happen at the cybersecurity company I was working at, when we got acquired by investors. Several milion of profit after costs suddenly wasn’t enough, and we had to reduce already non-existent internal projects or investments, that we have already been lacking to be able to do our job properly.

I mean, if it’s **just ** a normal screen-sized website, that already makes it a lot easier. Not having to deal with responsiveness bullshit would make webdev a lot better experience. That is assuming “normal screen” means 1920*1080, or whatever is the median screen size.

One important thing about CS was that it’s also marked as a boot-start driver. That flag tells the OS that it can’t boot without it no matter what happens, aside from safe mode, and iirc if your driver doesn’t have that flag, which drivers probably shouldnt have, from how I understand it if such a boot loop would happen due to a faulty non-boot-start driver, the system will recognize that and simply disable it.

What stops you from tampering with the game folder, and changing the function that sends the hash, to send a pre-calculated and valid value, instead of calculating it from real files you are running?

• OrangePi with HomeAssistant and PiHole.
• Old gaming PC turned 24/7 server with Jellyfin, V-Rising server
• Hetzner cloud with Matrix server for Messenger and Discord bridging.
• Synology NAS for SMB and sharing stuff with others through Synology Drive, which also serves as a seedbox for Redacted.ch, with Headphones and Transmission.

I might be wrong, but from how I understand it it probably wouldn’t help. Kernel drivers have a rigorous QA and cert by Microsoft if you want to get them signed, which is a process that may take a long time - longer than you can afford when pushing updates to AV/EDR to catch emerging threats. What Crowdstrike does to bypass this requirement is that the CS Falcon is just an engine, that loads, interprets and executes code from definition files. The kernel driver code then doesn’t need to change, so no need for new MS cert, and they can just push new definition files. So, they kind of have to deal with unsafe in this case, since you are executing a new code.

I wouldn’t call Crowdstrike a corporate spyware garbage. I work as a Red Teamer in cybersecurity, and EDRs are bane of my existence - they are useful, and pretty good at what they do. In the last few years, I’m struggling more and more to with engagements we do, because EDRs just get in the way and catch a lot of what would pass undetected a month ago. Staying on top of them with our tooling is getting more and more difficult, and I would call that a good thing.

I’ve recently tested a company without EDR, and boy was it a treat. Not defending Crowdstrike, to call that a major fuckup is great understatement, but calling it “corporate spyware garbage” feels a little bit unfair - EDRs do make a difference, and this wasn’t an issue with their product in itself, but with irresponsibility of their patch management.

It has been a while since I have to deal with problem complexities in college, is there even class of problems that would require something like this, or is there a proven upper limit/can this be simplified? I don’t think I’ve ever seen O(n!^k) class of problems.

Hmm, iirc non-deterministic turing machines should be able to solve most problems, but I’m not sure we ever talked about problems that are not NP. Are there such problems? And how is the problem class even called?

Oh, right, you also have EXP and NEXP. But that’s the highest class on wiki, and I can’t find if it’s proven that it’s enough for all problems. Is there a FACT and NFACT class?

Here is a picture, that may help a little bit. The n is input size, and f(n) is how long does the algorithm runs (i.e how many instructions) it takes to calculate it for input for size n, i.e for finding smallest element in an array, n would be the number of elements in the array. g(n) is then the function you have in O, so if you have O(n^2) algorithm, the g(n) = n^2

Basically, you are looking for how quickly it grows for extreme values of N, while also disregarding constants. The graph representation probably isn’t too useful for figuring the O value, but it can help a little bit with understanding it - you want to find a O function where from one point onward (n0), the f(n) is under the O function all the way into infinity.

For me, my common result would be something like O(shit).

Exactly this. I only have pretty vague experience with machine learning, since it was one of the other specializations for my Masters than the one I choose, which however means we still shared some basic courses on the topic, and I definitely share his point of view. I’ve been saying basically the same things when talking about AI, albeit not as expressively, but even with basic insight into ML, the whole craze that is happening around it is such bullshit. But, I’m by no means an expert in the field, so I may be wrong, but it’s nice to finally read an article from an “expert” in the field I can agree with. Because so far, the whole “experts talking AI” felt exactly like the COVID situation, with “doctors” talking against vaccines. Their doomsaying opinion simply contradicts even the little knowledge I have in the ML field.

Ever since I played watchdogs and shadowrun, I wanted to work in cybersecurity, especially as a Red Teamer, which is literally Shadowrun - you run complex ops that have to break in, and steal stuff from largre banks without anyone but the management knowing about the test, with almost nothing being off-limits, as long as it doesn’t cause some kind of damage.

Five years later, I do work as a Red Team Lead. Hpwever, our company was just scrambling to start doing RT since thats the buzzword now, and while we did have amazing pentesters, unfortunately pentesting and Red Teaming requires vastly different skills. Ypu never need to avoid EDRs, write malware with obscure low-level winapi, or even know what kind of IoC ajd detections will a command you run create, when you are doing a pentest.

But since no one knew better, and I love learning and researching new stuff, while also having Red Teaming romabticized, my interrest in it eventually led to me getting a Lead position for the barely scrambling team.

Mind you, I was barely out of being a junipr, with only three years of part time pentesting experience. It was NOT a good idea.

I quickly found out that RT is waaay harder and requires the best of the best from cybersec and maleare development. We didnt have that. Also, turns out that I love to learn now stuff and take on a challenge, but being a Lead also means you are drowning in paperwork and discussions with client, while also everyone from the team doesn’t know what to do and turns to me about what should we do. Which I didn’t know, and barely managed to keep learning it on my own. Our conpany didnt want to give us much time for learning outside of delivery, I was only working parttime, and I was slowly realizing that we don’t have almost any of the skills we need.

We were doing kind of a good job, most of our engagement turned out pretty well, but it was atrocious.

Turns out, I’m not good at managing and planning projects, or leading people. I’m better just as a line member.

I also have a dual-boot, with fresh install of Windows I debloated as much as possible, that I use for games that I can’t get to run even after trying protondb.com. However, it has only happened one or two times since I switched more than half a year ago, and I usually just give up on and refund games that I can’t get to work on Steam. I have a lot of other things to play, and usually I wasn’t that much dead set on playing that particular one. I do make sure to post on the forums of the game when that happens, though.

I’ve also recently stumbled upon https://windowsxlite.com/24H2ProV2/, which should be a debloated and minimized Windows (4Gb installed size is mindblowing, considering that all my Windows VMs have like 40Gb freshly installed). The site looks shady, but it was recommended to me by my coleague who works in cybersecurity, so I hope he knows what he’s doing. I haven’t got the time to test it yet, but it does mention that it should work for games, so who knows.