This is really sad news. MacUpdater is an absolutely fantastic tool for keeping your software current and making sure you are not running outdated versions of apps with unfixed security holes.
> I think vibes are underrated. The smart people can easily mislead you because they're smart. So you can cover things up with "official statistics", maliciously or by accident.
> For instance, inflation is a big one. I remember during the first spike in inflation (2021 I believe), I started nothing prices have gone up between 25-50%. We've been told at the time inflation was something like 7% but that would mean paying $5.35 for something that used to cost $5, which was obviously not what was happening. In short, they play games with the numbers.
When there is a mismatch between your personal gut feeling and some official number or alleged fact in the world, there are different ways you can react:
A) You could think "Hmm, that's weird, is it possible that I'm missing something?"
B) You default to thinking that clearly you are right, so this is just another case of those so-called experts lying to you.
Had your response been A), you would have looked a bit more into it and realized that the overall inflation number is not based just on a subset of a few grocery items, but based on all different kinds of living expenses that people have. Many of those prices increased much less in 2021 than the overall 7% inflation rate (e.g., prescription drugs, cell phone plans, airline fares, motor vehicle insurance), so naturally, inflation in other categories was much higher to result in an overall rate of 7%.
If your gut feeling also tells you to doubt the inflation numbers for individual item categories released by the U.S. Bureau of Labor Statistics ([1]), you can get the raw data for those too, if I remember correctly.
One problem with your gut feeling is that it's very susceptible to various biases. For instance, the price of one grocery item increasing by 30% will be much more noticeable to you than the price of another item staying the same. It's also very easy to not realize that you are comparing the current price to the one from two years ago or so, thereby dramatically overestimating the yearly inflation rate.
I didn't mean to single you out, but the tendency by so many people to have overconfident knee jerk reactions to various information, instead of at least considering that they might have unknown unknowns or things they don't fully understand, is something that really concerns me.
My gut tells me that there are literally trillions of dollars tied to the "official" inflation numbers, so there is a huge incentive to nudge them one way or another, not to mention that no politician likes to be blamed for high inflation.
But if you want to get into it, sure. The inflation numbers are not a fixed basket of goods. They take into account elasticity and shifts the basket to weight less expensive items more as inflation goes up.
For instance, suppose you have only two goods, bread and butter. Bread costs $5 and butter costs $10, and suppose the inflation numbers are based off 50% bread and 50% butter. Now suppose both these prices double. What happens to inflation? The naive response is inflation is 100%. But no, the BLS in its infinite wisdom realizes that if butter doubled, you'd likey consume less of it and opt for more bread! So maybe now the breakdown would be 75% bread and 25% butter, so your basket that cost you $7.5 now costs you $12.5 (0.75 * 10 + 0.25 * 20). Inflation is only 67% compared to 100%. Trillions of dollars of government spending tied to inflation (e.g. pensions, wage increases, etc) has been saved!
In some respects its true, consumption will obviously shift to the cheaper items. But on the other hand, I want a simple objective measure of what increased money supply is doing to the price of goods. I'll figure out myself how much bread and butter I should buy.
So hence, I don't exactly "trust the experts" especially when there is trillions at stake.
But they would never play games right? The BLS is above reproach. What percentage of Americans can name anyone at the BLS or the methodology? Doesn't matter. Obviously the relative importance of Cakes, cupcakes, and cookies is 0.113, shifting from 0.188 just last month. Pretty obvious objective move.
This is not how it works. The weighting is based on the Consumer Expenditure Survey. BLS does not arbitrarily assign the weights. If they change the weighting between butter and bread it's because they found that people were buying more bread in the CES not because they assume that's what will happen.
CPI's methodology is transparent and the data is available if you wish to reproduce it. They aren't playing games with the data. There are all kinds of reasons your personal inflation rate might differ from CPI but it's not because BLS is putting their thumb on the scale to try and show less inflation.
...and Vivaldi had vertical tabs as native functionality before Edge even existed (and about six years before Edge implemented it).
The only other browser (to my knowledge) that had native tabs earlier than Vivaldi was the original Opera browser, which was eventually killed, which in turn led to people leaving the company and creating Vivaldi.
> Presumably, Crowdstrike runs on macOS without a kernel extension?
That's correct: CrowdStrike now only installs an "Endpoint Security" system extension and a "Network" system extension on macOS, but no kernel extension anymore.
One would hope that Crowdstrike does a similar thing on Linux and relies on fanotify and/or ebpf instead of using a kernel module. The other upside to this would be not having to wait for Crowdstrike to be constantly updating their code for newer kernels.
I believe so but would like better details. We used to use another provider that depended on exact kernel versions whereas the falcon-sensor seems quite happy with kernel updates.
Whatever protection is implemented in user-land can be removed from user-land too. This is why most EDR vendors are now gradually relying on kernel based mechanisms rather than doing stuff like injecting their DLL in a process, hooking syscalls, etc...
First, we were talking about EDR in Windows usermode.
Second, still, that doesn't change anything. You can make your malware jmp to anywhere so that the syscall actually comes from an authorized page.
In fact, in windows environment, this is actively done ("indirect syscalls"), because indeed, having a random executable directly calling syscalls is a clear indicator that something is malicious. So they take a detour and have a legitimate piece of code (in ntdll) do the syscall for them.
Yes, exactly. There is too much romanticizing of scary fairy tales as useful educational tools. It's important to remember that the pedagogical model behind these stories was the same that lead people to believe that harsh corporal punishment was a crucial component of successfully raising a child.
Have you tried rebooting your Mac? Because on both of my Macs (a MBP 2020 and a Mac mini 2018, both running Ventura), the involuntary Sonoma upgrade only started once I manually rebooted the machine. Before the reboot, everything seemed normal and there was nothing indicating that the upgrade would take place.
After experiencing the issue on my MBP, I actually waited a couple days before I rebooted my Mac mini, and before I did so, I checked whether there was an "Install macOS Sonoma" app in the Applications folder (there was not). My (now proven incorrect) assumption was that the Sonoma installer would always come in form of such an app, like it did for previous versions of macOS.
For the past 5+ years, I've always waited at least 6-9 months before upgrading to a new major macOS version, and I am generally very careful about not upgrading accidentally. There is zero chance that I twice missed a notification or accidentally initiated the Sonoma upgrade myself.
Exactly. Typically, exfiltrating this kind of information is only the first step. Once enough high value targets are caught in this net, the actual malware is deployed.
2b. If you have attached documents in 1Password, you need to manually add those to Bitwaren.
This process is pretty straight-forward, though. To get a clean list of all items with file attachments in 1Password, I found it very useful to create a Smart Folder with the rule "Number of attachments is greater than: 0".
This can really backfire. Ages ago, I used to have exactly the same alias for 'rm'. After a year or two, I got so used to 'rm' not really being destructive that one late night when I was really tired, I used it on a remote system without feeling the need to carefully check the file name. That remote system, of course, did not have 'rm' aliased to a safer version...
Long story short, I strongly recommend using a different alias name (e.g., 'rem', 'rmi' or so). In this case, the worst that can happen is getting a 'command not found' message, when the alias is missing.
I agree, yet I consider this to be the other way round. I treat "rm" still like a direct removal of the file and therefore use it with caution every time. Having it trash the file on my local machines is just a to me hidden fallback. But it is a very valid concern, of course.
