Hum , interesting point. If you are a hacker, would you not prefer software to be spread out everywhere so people would be even more confused what is the real source for some application?

I guess people would then just depend on their search engine

Well, in principe I do not see that much different between ‘curl | bash’, ‘sudo apt-get install’ or installing an app on your phone. In the end, it all depends on trust.

Considering how complex software has become and on how many libraries from all over the internet any application that does more then ‘hello world’ depend, I do not see how you can do if you are not prepared to put blind trust into some things.

Concerning CrowdStrike, I am just reading an book on human behaviour (very interesting for everybody who is interested in cybersecurity), and I am just on the chapter about the fear of deciding with unknown parameters vs. the fear of not deciding at all. Any piece of software will brake at some point, so will you wait forever to find something that will not have any vulnerabilities?

Obtainium seems to have a very interesting take on this. Thanks for the link! I will check it out 👍

The problem is here is this: how is a user supposted to know if the official website of an application is organicmaps.app, organic-maps.app, organicmaps.org or github.com/organicmaps?

And even if she/he knows, hackers do ways to make you look the other way. The funny thing in this case is that the original author complained that the app was removed from google playstore, and did so on the fosstodon mastodon-server. Although I guess this was not at planned, he made the almost perfect social-engineering post. :-)

One of the basic elements of a democracy are three branches. In fact, democracy is an inherent instable system where these three branches must keep eachother in check. A natural concequence thereof is that every one of these three branches has the right to conduct and lead investigations.

That the courts can act proactive or reactive is more a cultural element then a core element of democracy. There are quite some countries where judges are part of the investigative process and can unilateral.

As Brazil, as a number of other countries in Latin America, has been in the situation in the past that both the gouvernement and the parlement are controlled by people with a … euh … not so good reputation on their democratic values, a judicial branch that acts in a more proactive manner should not be that IMHO unexptected.

Here there are two issues: free speech and the judicial system in Brasil. I’ll reply to the later in a different mail.

The freedom of speech is the result of democracy. No democracy, no freedom of speech. It is also inherent part of the democractic process.

On the other hand, it is not the only element of a democracy. and it can also be used against these other elements?

My question to you: can you use a fundamental freedom, granted to you by the fact you line in a democracy, to attack democracy?

Big international companies have no problem to create pseudo “national” versions of services if they can make more money with it.

So there should not be a problem for the social media companies to create versions that meets local legislation.

If you create a product and want to sell it in a certain market, you must also adhere to the laws of that country/region.

Protection of citizens against unjust ruling by a court is a protection-principle of democrary.

Why would you grant such a protection to an organisation aimed to destroy democracy (X/twitter)?

No apps at all ???

So it really is like a dumb terminal. Now I know why I never used a Chromebook😀

Sounds like a money laundering sceme!

As I mentioned earlier, I guess chrome is more like android where you have a much more strict seperation between the OS, applications and user data. (I remember reading about all the different partitions on android and what they are used for, but I should bruch up my knowledge on this).

Thanks for the additional into on brtfs! 👍

Just watched some videos on btrfs. I start to understand the conceps. Perhaps I should also look into how exactly

On windows and the “recovery partion”. I guess what you say is that it should always be possiblity to boot in some kind of system, but it will not happen automatically as there is no way for a system to detect that the system completely hangs.

Thinking about it. It kind of strange. Embedded systems have watchdog interrupts that get fired if the system hangs (i.e. if it does not provide a “yes, I still live” signal every “x” milliseconds). Does a PC not have something similar?

just watched some videos on btrfs. Looks interesting indeed. I will look into it and perhaps do a test-installation and see how it goes.

Thanks for the info

OK. That makes a lot more sense.

Thank you for correcting the original post. 👍

Yes, that was indeed the question.

If I read it correct, you need a specialised distro for this. You cannot do this on a off-the-shelf Debian or Ubuntu?

I’ll do some searching on ‘unmutable Linux’. Thanks for the (very quick) answer! 😀

Concerning linux, yesterday I was watching this video on computerphile on the crowdstrike incident. https://www.youtube.com/watch?v=rlaNMJeA1EA (*)

What is interesting is the comment made in the video on how chromebooks do software upgrades with dual “OS” disk-partitions and the ability to rollback to the previous OS-partition.

Question: is something like this also possible on one of the major linux distros? (debian, ubuntu, rocky, …) What would be the procedure to do this kind of “dual partition” system-upgrade?

(*) a great video that explained some of the technical details in a very clear way, including some very interesting ‘lessons learned’ and "what if"s If you ever need to explain crowdstrike to your manager, this video is a good start.

This is a typical mail a phishing campaign would send out, and we have already said to people "never believe this kind of messages. They are all fake.

Now, if a genuine company sends out mails with a genuine gift-cards (what the article on techcrunch seems to indicate) … this is NOT helpfull at all!!!

And that comming from a cybersecurity company (rolling-eyes)

First … thanks all for replying. Sorry for the late reply. … know you … summer … holiday … :-)

Yes, that was indded my question. Some objective and scientific research into this. Interesting reading. Thanks.

My idea was kind-of the result of what we see in cybersecurity: What we are seeing is that with AI disinformation has become so easy and cheap, and also easy to automate. Can we assume a senario where desinformation -like phishing moving into the area of spear phising- is becoming personal.

Just wondering. Certain social media have a feature ‘remember, x years ago, you took part in this event’ (with some photo’s you shared about that event)’ What would happen if you start feeding people false information? Or semi-fake information? Including posts by other people?

I agree. Getting people to believe they took part in <some event> x years ago might not be easy. But can you get people to question certain secundairy elements. “Did I really meet <some person> during <some event> 4 years ago?”

I wonder. How many people rely on their own memories what they did in the fast? And how many rely on what the photos in their smartphone and/or social media account tell them?

Kr.

Well, for some time now, I have this question in the back of my mind: is cyberpunk still the future or has it become reality.

The photo-album on our smartphone has become our individual memory, stored on somebody else’s computer (“the cloud”). Our photos on social media have become our collective memory, which determines how other people interact with us, based on algorithms controlled others.

In 2024, is your memory still your own memory?