4·
2 days agoLike most supply chain attacks, it’s targeting developers and other people who use tooling like this rather than Bob and Alice on the street.
- 0 Posts
- 6 Comments
Joined 1 year ago
Cake day: March 19th, 2025
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
That doesn’t make you safe from supply chain attacks generally. There’s no reason a supply chain attack couldn’t be applied to software repos you do use if a vulnerability exists within them and a bad actor is sufficiently motivated to exploit it.
1·2 days agoYeah this response is not reassuring. Death to AI slop.
Noted, totally_not_a_gun_pinky_promise.stl will print just fine
I’m not really sure what people want when they raise this complaint about Proton, it’s going to be true of any company. They can’t refuse a legal order, there’s very few jurisdictions on earth where the authorities will just allow a business to refuse to comply with a legal order and the ones that do are not worth running a business in. As far as I know, they’ve never given up content of emails or traffic logs.
If your threat model includes the authorities of the US or any country you might happen to be in, then you shouldn’t be trusting any business that might be compelled by them.
The rules of cybersecurity:
Under no circumstances should you own a computer.
If you absolutely must own a computer, under no circumstances should you connect it to the internet.
If you absolutely must connect it to the internet, it’s too late and they already have you