kevincox

I'm struggling to see how this actually made money. Because presumably the customer is paying for the delivery (as well as the food that was never ordered). So the fraudsters would just be paying themselves in a complicated way. My best guess is one of the following:

1. DoorDash is subsidizing orders so much that this is profitable overall (the amount they pay the driver is more than the customer pays) seems unlikely.
2. DoorDash is paying the driver multiple times but only charging the customer once. But if this was the case how was this obvious accounting issue never noticed? Shouldn't the books come out even in the end?

They want to make money off of services, every service they offer requires a Microsoft account to purchase and use. Everyone that they force to make an account during setup is one step closer to paying for a Microsoft service.

There are obviously tradeoffs (less sales of these versions of windows and some users pushed away from Windows altogether among others), but the motivation is clear.

Just looking at the numbers, they are spending $5G and losing $1G. Their subscriptions are growing. So if they grow another 25% they are making money. (Ignoring infrastructure costs which are most likely a tiny fraction of per-user revenue.) They also just launched an Android app. So I think their story is looking pretty good. Not even considering that it raises the value of Apple TV hardware, their other devices and gives them more lock-in for customers in general that seems like a great investment they made.

But your case is wrong anyways because i <= INT_MAX will always be true, by definition. By your argument < is actually better because it is consistent from < 0 to iterate 0 times to < INT_MAX to iterate the maximum number of times. INT_MAX + 1 is the problem, not < which is the standard to write for loops and the standard for a reason.

Huh?

I've used Vim for a decade and I would be offended if it made any noise.

I still recommend it. I'm not fully happy with the situation but for now I consider it my best option.

1. I consider Chromium-based browsers out of the question as they give too much power to Google. This is already showing to be a problem with new APIs and "features" that Google is pushing into the web platform and the bigger the market share gets the more control they have.
2. Web browsers are the biggest attack surface that most people have. Displaying untrusted webpages and running untrusted code is incredibly difficult and vulnerabilities are regularly discovered. I don't yet know a Firefox fork that I trust enough to reliably respond to security vulnerabilities quickly and correctly.

So for now I am staying with raw Firefox. Not to mention that as a disto-built Firefox I have some insulation from Mozilla's ToS. But I am very much considering some of the forks, especially the ones that are very light with patches and are mostly configuration tweaks.

Wine will mount your root folder as a Windows drive by default. So if the malware is scanning all connected drives and encrypting/uploading them you still have a problem.

It's definitely an option. It will do the things that you want (as long as your phone is online, but that is the same for any other solution).

sending Signal messages with it would be less secure

Yes, this is because Beeper converts the Signal protocol to the Matrix protocol and vice versa. In order to do this it needs to access the messages. So it needs to decrypt the messages, then re-encrypt them on the other side. This means that the bridge (in this case operated by Beeper) has access to your messages. This is often referred to as "end-to-bridge" encryption, as it isn't end-to-end anymore.

This is going to be true of any bridge you use that is hosted by a third party. You are always adding one additional trusted party into your communication.

the recommended bridge instructions sends me over to Beeper, since I don’t have my own server

Yes, to practically operate a bridge you need your own Matrix server. This is because the bridge will create a new Matrix user for every remote participant (every phone number you communicate with in this case). Doing this with regular mechanisms would be difficult (as signup is likely restricted in some ways) and inefficient (as each account would need to be checked for new messages separately). Beeper runs their own homeserver so that they can operate their bridges. However Beeper's bridges are only available to users on the same homeserver (this is not a protocol limitation, just their choice). So in order to use their bridges you need to make an account with them (which you can, it is free IIUC). Beeper also offers custom clients which have special features for interacting with their bridges (for example making it easier to start a conversation with a new phone number).

The alternative would be to run your own server and bridge (or hire someone to it on your behalf).

Oops, I linked the wrong one and got fooled because the most recent post is actually open again.

[email protected] is more active. (Although not bustling either)

[email protected] is active enough.

Yeah, public trackers definitely raise your chance of a notice by at least an order of magnitude. New content also tends to be more noisy than old content. I also found a drop by selecting "require encryption" although I can't imagine why it would help (IIUC most of these scanners just connect to everyone in the swarm, not sniff random internet traffic.

I've been using nginx forever. It works, I can do almost everything I want, even if more complex things sometimes require some contortions. I'm not sure I would pick it again if starting from scratch, but I have no problems that are worth switching for.