malwaretech

malwaretech, 10 months ago to random

This article from the EFF seems naive at best. They argue that Tier 1 ISPs should not police speech, which is fair, but their proposed solution is to just let hate sites sit around and radicalize people, then have the law deal with the few who cross the line between protected speech and criminal harassment.

Below is an extensive list of all the times 'just throw more cops at the problem' has solved anything:

1. literally not once ever.
2. See 1.

https://www.eff.org/deeplinks/2023/08/isps-should-not-police-online-speech-no-matter-how-awful-it

video/mp4

malwaretech, 10 months ago to random

Would love to know the rational behind posting travel content = becoming a Republican. 😆

malwaretech, 10 months ago to random

I’m not sure if I’m out of touch or not, but I do find the idea of someone standing up for people who can also afford to fly on the same plane but in less nice chairs to be extremely funny. More than 3/4 of people have never been on a plane at all, but it’s important we stay focused on the real issue: the wealth disparity between the different airplane seat classes.

malwaretech, 10 months ago to random

I see a lot of confusing around this due to the fact "cyber attack" gets used as an all-encompassing term for any kind of hacking at all (when ideally it should be reserved for intentionally destructive acts).

Basically, from most nations perspective, any kind of hacking for reconnaissance/intelligence gathering/data theft/whatever you want to call it, falls into the category of cyber-espionage, or cyber-enabled espionage. It's essentially treated similar to regular espionage (really annoying and definitely illegal, but not an act of war).

When countries talk about the possibility of invoking Article 5 in response to a cyber-attack, they don't mean cyber-espionage like stealing voter data, they mean an intentionally disruptive or destructive attack. Even something like accidentally taking offline a power grid while conducting espionage probably wouldn't meet the bar.

I think a lot of the confusion comes from people having a belief that cyber and kinetic attacks are fundamentally different, and thus responses must be in-kind. So if someone took offline your power grid with hacking instead of bombs, you can only respond with hacking instead of bombs. Not a lawyer, but as far as I'm aware this has never been a policy. Most of what I've seen is just official clarification of what's long been the case (we don't care if your attack uses hackers or bombs, you're getting clapped either way).

Nobody is actually insane enough to invoke Article 5 or any kind of kinetic response over basic cyber-espionage, because literally everyone is doing it and that would just be a direct escalation and also set the irreversible precedent of "you can bomb people for spying on you now". Which nobody wants.

malwaretech, 10 months ago to random

Honestly the whole startup equity / tax stuff in the US makes my head spin. There's a really dumb situation where equity grants are considered income. So if a startup gave you $1m in stock, from the IRS' perspective, you just made $1m in income for the current tax year. You now have a tax bill of like $500k, but the startup is private so you can't sell the stock to obtain the money. Basically you have to somehow find $500k cash to pay your taxes or you're screwed. So in order to avoid this, there's these contracts where you don't technically own the stock until the company goes public, but that opens you up to the risk that if the contract isn't ironclad they can take back the stock, or do something shady like a debt or IP transfer to basically make your shares worthless.

malwaretech, 10 months ago to random

Can someone explain employee stock options to me? I recently encountered them for the first time, and my understanding is they're not equity. It's basically just a contract that says "you can buy some of our stock if you want". So the part I'm confused about is, why do I need stock options to buy the stock? Since startups are private and their only way to raise money is via outside investment, wouldn't they want people to buy their stock? Why do you need the options and can't just say, phone up and just ask to buy shares?