https://wbo.ophir.dev/boards/klFrzLZIyfumYW6larIfi-NKQescKcR8pMib1hlochQ-

Feel free to draw here.

One night when returning from a party at work, I’ve decided to stay a while longer in the tram to escort my co-workers to the tram central hub (which was like half an hour of tram ride), instead of getting out at my home, which was only 5 minutes from our workplace.

When I got into the tram back home, there was an older guy with a carboard robot costume, who was talking to someone about his work in the theater. Because I find people like that interesting, I decided to move closer and sit next to them, so I can listen to their pretty interesting conversation. I’ve tripped and basically literally fell into their conversation, and the other guy left, so we started talking. It turned out he does a prop-guy on movies and for theater, and we hit it off pretty well. He also lived literally 3 minutes from my place, and we have decided to go have a few more beers at his home, which was basically a storage lot full of random stuff without much furniture - just random props, one bed, and a lot of beer.

I’ve messaged my GF that I’ll be late, since I’m drinking with this pretty cool old guy, and send her a picture of the place. Her reponse was “Wait, isn’t that <name>?”. Turns out, he was a prop guy on a movie they were filming a lot of years ago at their old family house when she was young, and not only he was the most fun guy to be around there, always sneaking out to drink with them, but also briefly dated her (late) mother, so he’s basically her step-dad. Since he’s pretty old-school, no social networks, internet and barely a phone, we did exchange contacts and since then have seen him a few times, and it was always a treat, like getting us to the backstage of theater production. But the way we have met is so, so random and the odds of something like that happening are mind blowing. I usually don’t follow random people home, but here we have hit it off so well that we wanted to keep talking and it didn’t even felt weird.

What exactly would the collapse cause? Article mention polar ice creeping up to northern England, and temperatures dropping. Would it mean that you’d basically get ice age in half of Europe? How I understand it, you’d gat extreme cold in the north, and extreme (not survivable) hot around the equinox. So, mass migration from both into the central eruope, where the weather would be extreme hot but survivable in summer, and super cold in winter? More storms, typhoons, and in general a really bad time, due to drought and crops gerting fucked?

One important thing about CS was that it’s also marked as a boot-start driver. That flag tells the OS that it can’t boot without it no matter what happens, aside from safe mode, and iirc if your driver doesn’t have that flag, which drivers probably shouldnt have, from how I understand it if such a boot loop would happen due to a faulty non-boot-start driver, the system will recognize that and simply disable it.

What stops you from tampering with the game folder, and changing the function that sends the hash, to send a pre-calculated and valid value, instead of calculating it from real files you are running?

Isn’t that, like, illegal?

I’m not. I vaguely remember seeing it in some posts and comments, and it would explain it pretty well, so I kind of took it as a likely outcome. In hindsight, You are right, I shouldnt have been spreading hearsay. Thanks for the wakeup call, honestly!

I see a lot of hate ITT on kernel-level EDRs, which I wouldn’t say they deserve. Sure, for your own use, an AV is sufficient and you don’t need an EDR, but they make a world of difference. I work in cybersecurity doing Red Teamings, so my job is mostly about bypassing such solutions and making malware/actions within the network that avoids being detected by it as much as possible, and ever since EDRs started getting popular, my job got several leagues harder.

The advantage of EDRs in comparison to AVs is that they can catch 0-days. AV will just look for signatures, a known pieces or snippets of malware code. EDR, on the other hand, looks for sequences of actions a process does, by scanning memory, logs and hooking syscalls. So, if for example you would make an entirely custom program that allocates memory as Read-Write-Execute, then load a crypto dll, unencrypt something into such memory, and then call a thread spawn syscall to spawn a thread on another process that runs it, and EDR would correlate such actions and get suspicious, while for regular AV, the code would probably look ok. Some EDRs even watch network packets and can catch suspicious communication, such as port scanning, large data extraction, or C2 communication.

Sure, in an ideal world, you would have users that never run malware, and network that is impenetrable. But you still get at avarage few % of people running random binaries that came from phishing attempts, or around 50% people that fall for vishing attacks in your company. Having an EDR increases your chances to avoid such attack almost exponentionally, and I would say that the advantage it gives to EDRs that they are kernel-level is well worth it.

I’m not defending CrowdStrike, they did mess up to the point where I bet that the amount of damages they caused worldwide is nowhere near the amount damages all cyberattacks they prevented would cause in total. But hating on kernel-level EDRs in general isn’t warranted here.

Kernel-level anti-cheat, on the other hand, can go burn in hell, and I hope that something similar will eventually happen with one of them. Fuck kernel level anti-cheats.

Why does this need to be installed here when previously agentless technologies was sufficient

As someone who works in offensive Cybersecurity doing Red Teamings, where most of my job is to bypass and evade such solutions, I can say that bypassing agent less technologies is so much easier than agented ones. While you can access most of the logs remotely, having an agent helps you extremely with catching 0-day malware, since you can scan memory (that one is a bitch to bypass and usually how we get caught), or hook syscalls which you can then correlate.

Oh, an unknown unsigned process just called RWX memory allocation, loaded a crypto binary, and spawned a thread in another process that’s trying to execute it? Better scan that memory and see what it’s up to. That is something you cannot do remotely.

From what I’ve heard, didn’t the issue happen not solely because of CS driver, but because of a MS update that was rolled out at the same time, and the changes the update made caused the CS driver to go haywire? If that’s the case, there’s not much MS or CS could have done to test it beforehand, especially if both updates rolled out at around the same time.

From what I’ve heard and to play a devil’s advocate, it coincidented with Microsoft pushing out a security update at basically the same time, that caused the issue. So it’s possible that they didn’t have a way how to test it properly, because they didn’t have the update at hand before it rolled out. So, the fault wasn’t only in a bug in the CS driver, but in the driver interaction with the new win update - which they didn’t have.

I guess you are right.

Its what literally changed my life. I was really socialy awkward, spend most of my lide behind a computer, and when I managed to go out to parties in a subculture scene parties I loved, I couldnt talk to anyone, had a few beers awkwardly in a corner and went home.

Then I met someone who introduced me to MDMA. That happened almost 8 years ago, and now I am an organizer of 2/3 of the same scene regular parties in our city, Im helping and DJing on a festival that happens here, and am living my best life in that regard. All thanks to that one best friend who got me something that made me talk to, and get to actually know people in the scene in the extent that I always wanted, and get comfortable enough that I no longer need to be high to interact with anyone. Since now they are friends and regulars, and not random people I wanted to talk to, but was afraid of approaching.

But, it wasn’t as easy as it sounds. I was always trying to be responsible and cautious, and In did get bordeline to addiction in the process, which I was fortunately able to recognize early and put a stop to it by getting help in a adictiology nonprofit. It was never bad, more like a precaution. And I caught it in the best possible moment. I’ll never forget my first group session, where literally everyone else said “I’m 35+, I used to take stuff at parties for fun when I was 25, and then I ended for 10 years in meth…”.

Everyone had similar story. And I went “Well, I’m 25, and I take stuff on parties for fun…”. And that was a really strong lesson, where I realized I’m stopping a really huge problem at exactly the right time.

So, it might help. It is definitely fun, but it is so hard to not end up badly. You will need a lot of luck, especially if you are exploring it on your own. I still take things on parties, but with personal experience about the dangers it has. And getting that, is something that no one can give you, unless you see it for yourself. And for most of the people, that comes too late. I was lucky, you probably won’t be. But in conclusion - drugs are amazing, and have changed my life. Its a shame that personal experience will probably vary.

deleted by creator

Crypto is doing kind-of ok. But what about other blockchain apps and startups, or blockchain integrations into every tech imaginable? There were so many popping up, just like there are with AI now. Business models and use-cases that are based solely on the hype of the tech in question, without any consideration about whether it’s actually a good fit for the tech. That is the point, and what it has common with AI and other “buzzwords”.