The BBC micro was revolutionary. Had a few of these in school in the 1980's. This was the first machine I came across where you could program inline assembly, out of the box. Got me started on adventures with the amazing 6502 family, assembly language, RISC, hardware and a ton of fun things.
OAuth2.0 is for authorization, it is not an identity layer or authentication protocol. The article further conflates the purpose of OAuth with authentication types, phishing and other (valid) concerns, which are not entirely in the scope of OAuth.
There are widely used schemes (OAuth+OIDC+... etc.) that the industry is already using. The last two paragraphs are fluff. Not sure who this article is is meant for, but it's sloppy.
The user agreement T&C document is cause for concern. [1]
Specifically, sec 4.4:
4.4 You understand and agree that, unless proven otherwise, by uploading, publishing, or transmitting content using the services of this product, you irrevocably grant DeepSeek and its affiliates a non-exclusive, geographically unlimited, perpetual, royalty-free license to use (including but not limited to storing, using, copying, revising, editing, publishing, displaying, translating, distributing the aforesaid content or creating derivative works, for both commercial and non-commercial use) and to sublicense to third parties. You also grant the right to collect evidence and initiate litigation on their own behalf against third-party infringement.
Does this mean what I think it means, as a layperson? All your content can be used by them for all eternity?
It is not different from the Creative Commons Attribution ShareAlike license or the GNU General Public License v2+. It does not extend to content that is not derived this model.
There could also be a distant relationship with the Brahmi script / family [1]
Some characters have similarities. The Brahmi 𑀕 may be related to the <Gimel> 𐤂
character in the tablet. Other characters like the "tha" (the O with a dot in the middle), the (, the O, the ) and some others also appear to have common traits.
There almost certainly is a distant relationship. Almost all writing systems in Eurasia are derived from the Egyptian hieroglyphics through the Phoenician script, which gave us the Greek, Latin, Syriac, Hebrew, Arabic, and the Brahmi script, among others. The only system in use today in the whole world which isn't derived from Phonecian is Chinese and even there its derivatives like Japanese kana and Korean hangul were influenced by knowledge of alphabetic writing via India.
To find something unrelated would be monumental and would suggest another culture independently invented writing, something known to have happened only a few times (Egypt, China, Mesopotamia, Mayans, maybe the Indus Valley civilization, plus a handful of other disputed instances).
> An initial comparative analysis conducted with over 20 languages shows that the characters, which could belong to an aboriginal Caucasian population, beside proto-Georgian and Albanian writing signs, bear some similarities with Semitic, Brahmani, and North Iberian characters.
Shein sells cheap, "fast fashion" goods. They had a few pop up stores here in Singapore, selling what looked like low end knockoffs, albeit at low prices. They're selling tops and dresses for anywhere between $4.95 and $12 (Singapore dollars). I'm sure that toxic chemical safety is at the top of their list, selling at those prices.
I remember hearing about them in their early days when they were called "ZZKKO" like yet another of those random sounding shopfronts flooding amazon and peddling junk. Their mobile app looks and works pretty much the same as the other Chinese owned marketplaces like Lazada or Shopee.
Their founder appears to be following a similar trajectory too, moving from China to Singapore with a permanent residency, like the founder of Shopee. I think the Shopee founder is now a Singapore citizen. Not that there's anything wrong, this seems to be a common pattern on the Silk Road these days.
You would be interested in this if you need the 'crypto' library to work in a FIPS 140-2 compliant way. You can switch on / off this mode by setting the runtime variable GOFIPS=1 before running your Go program [1]. Nice.
It looks like the Go community officially has no plans to support FIPS140-2 any time, so I'm glad to see this alternative.
“If there’s a clear and present market reality, we need to twitch faster, like the athletes twitch faster,” he said.
“There is something to be learned from that faster-twitch, shorter wavelength execution,” he said.
Raghavan urged employees to “meet this moment” and “act with urgency based on market conditions.”
After that he goes to praise the teams working 120 hours a week, that's basically 17 hours a day.
Early in my career I'd have been angry, surprised or in denial at hearing this sort of rancid garbage. Now I see this in so many organizations, this is just a symptom of the deeper rot and top-down dysfunction.
I've worked 100 hours a week for a few months to finish my thesis on time. It felt like the upper limit of mental work you can sustain for more than a single-digit number of weeks when you are 100% motivated and deeply care about the work.
But 120 hours? Do they even shower? RTO must be fun for their colleagues.
This level of human depravity is just sick. And for what?
Its really just the effect of empire building. Too much money allowing non operative people to flourish and new administrative layers to be added that then have to justify themselves by making operative employees report thing they can quantify to show their bosses in the hope to climb the ladder.
Its just a symptom of all big organizations in the west these days be it private or public.
My current and past employers are all-in with Microsoft because (like it or not) managing large corporate fleets is easier. Our Linux and Mac machines are treated as exceptions.
This has nothing to do with user experience, it's all about risk management. If we need some software on our Mac, we need to sign a waiver accepting responsibility for any security issues. With the corporate issued windows laptops the IT department is responsible for risks.
Valgrind will tell you about memory leaks and won't always behave the way it did here when there's a backdoor. In this case it just so happened that valgrind was throwing errors because the stack layout didn't match what the exploit was expecting. Otherwise valgrind would have probably worked without issues.
I am also curious, and if something like asan would also have found it? It seems social engineering was used to get MS to stop fuzzing the library for malicious code, so if the malicious party expected the valgrind behavior they might have removed it as well.
Which to me is a very carefully orchestrated thing. You don't just spend 2 years of your life doing that. No loner would pre-plan this to such an extent and create sockpuppet accounts for all this.
That's because you're a normal, well adjusted person.
Consider TempleOS[1] which was created by a programmer having a series of manic episodes which he believed was God's instruction to create 640x480 pixels of perfection.
He spent the rest of his life on this.
People vastly underestimate the tenacity of individual fixated people: so much so that in the physical world victims usually feel isolated by their peers who just don't believe the degree of effort they stalker will actually go to.
TempleOS feels a little different because Terry was fairly well-known in the community and didn't try to hide his identity. I'm pretty sure he went to conferences and has met with actual people who could verify his identity.
I haven't seen proof that Jia Tan is a real person and to me that's the most malicious part of the attack. I'm pretty confident that whoever is hiding behind the Jia Tan identity is a well adjusted individual (or group) and knows exactly what they're doing. It feels far too coordinated and careful to chalk up to a psychotic episode or manic behavior.
