Their products are cool and I've been happy with them over the years, but their blog right now has had some blunders recently. Also their reliability seems to have been having trouble but does seem better recently.
One account gets compromised and your doomed. A lot of companies even have prod access be a request based system. Most modern security models with zero trust don't let everyone have access to everything, quite the opposite.
I think they were intending to evoke the image of RAID rather than literally referring to a redundant array of inexpensive disks. You host your code on Github, Gitlab, and at home, then you survive a Github outage. It's a redundant array. Not sure it's inexpensive, though.
Yes I have both copies, prefer the ANSI C second edition my self. I brought another second hand C programming book and when I was working through the exercises in the mid 2000s the GNU C compiler kept issuing warnings as the code used gets() to read strings. :D
> I find it doubly ironic since their own fork caused Bambu users' telemetry to hit Prusa's servers back in 2022, and (to my knowledge) Prusa didn't snap back with a C&D.
> Has law enforcement been engaged? Yes. We've notified law enforcement, including the FBI, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), and international law enforcement partners.
Hmm. I thought all these agencies say NOT to pay a ransom.
Not always. They have been known to give "marked bills" to pay with in the past. A lot can be learned by watching how ransom money moves around (bit coin is very traceable this way). Sometimes paying a ransom is an important part of finding and arresting the guilty.
In the abstract, it’s hilarious to imagine the hackers keeping the data, then some time from now leaking it accidentally (or another hacker group hacks them) then them having to issue a public apology for not having kept the stolen data secure and having lied about shredding it.
However, they could use it as a last resort or as a final "gift" before getting arrested or switching identities.
They might be considered "trustworthy" right now to get companies to pay them money, but no one will know what will happen in a few years when this strategy won't work anymore.
Anyway, I hope this doesn't come at all, or as late as possible.
> but no one will know what will happen in a few years when this strategy won't work anymore.
Good point.
> Anyway, I hope this doesn't come at all, or as late as possible.
Same. As I said, I find the idea funny in the abstract, if it didn’t affect anyone or if it were a TV show, for example. But since it does affect real people…
I suspected as much as it disappeared from the ShinnyHunters page and it recovered so fast. The main thing I'm interested in knowing was how much was paid. Also I don't really like their statement that the data is safe or destroyed, those promises seem a little questionable with regards to these incidents.
AI right now feels like the go to for anything and everything that was tedious for humans to do or that took quite a bit of expense. What people seem to struggle to realize is that those exact things that they offload to AI are exactly what made their stuff reliable and well known like Cisco. If I am buying a router I really don't want vibe coded software, I want reliable software that had thought behind it especially if it supports a very critical part of a system.
