The singularity is a pretty stupid idea. Essentially the creation of God, thinly veiled.

Yep. Sort of a singularity of stupidity instead of the one some people still think is happening.

Obviously, all efforts to filter out bad stuff are doomed. They may reduce crap and hallucinations, but unless they have pretty smart people evaluate every bit of training data, they cannot really clean it up. As such a manual review is far, far too expensive, it is not going to happen.

I've never been to a TicketMaster event, because I don't follow the big names. They don't have exclusive contracts with venues, they have contracts with artists. If you don't want to pay TicketMaster to go to a Swift concert, then tell Taylor Swift to stop contracting with them, but that would not be lucrative for Ms. Swift because they do a lot more than just renting out the hall and she'd have to find a better contract with someone else or do the work internally (and hire a bunch of people to do it).

There are artists that have their own crew and travel with their own equipment and have a manager to rent venues and manage tickets.

They do use something similar, but it is basically a management VLAN that is indeed security through obscurity and a bit of encryption. It is in the DOCSIS standard somewhere. In the very early days this traffic wasn't encrypted and customers could basically instruct the modem to change their subscription (because things like traffic management were done in the modem based on the number of channels it was allowed to use), so if you purchased 128k (back then) and wanted the full 10M it was capable of, you could send the modem to use all channels and hope the ISP actually implemented them.

It was the 90s, you can't compare the modern idea, but everyone was handing out coins back then as well that were supposed to have value. The idea was if the bank doesn't give us money to trade, then we will trade our own currency. X got sued, won and Elizabeth Warren started the CFPD as a result to regulate these things.

git clone is not costly, what is costly is hiding all the crap before opening it. Twitter opened its source code and within hours people found the knobs that they had lied about prior. The COVID platforms for a few countries opened source code and people instantly found how the supposed anonymous system leaked identifying data to the government. NSA key registry?

Only for the terminally stupid, such as you. This effect is expected. It comes from less dust in the air.

It really is both and both need somebody competent with enough time to get it right. The main problem on the coder side is that they are often not very good, and here we have a nice example of a borked, unsave default value. The main problem on the process person side is that this person may actually be missing. A coder designing a process is an accident waiting to happen. Oh, and look, it did.

Yep, some companies are really "special". Fortunately, my ISP just delivers optical GbE to me, everything from the fiber socket onwards is my own equipment.

I mean assistance with lying is one of the few things these tools do really well. Hence they will get used for that time and again.

It is really not hard to do: Require any firmware update to have a valid public-key signature. With that, you can even push firmware updates securely without any other measures at all. You could have an FTP drop or the like on the router, for example. Yes, there may be DoS risks from that, so generally you want something a bit more complex, but still. My take is that the people writing the firmware of these routers do not really understand how IT security and cryptography works.

Yes and yes. This may, for example, have been an experiment to see how long the ISP would take to get these people online again and how much the government would get involved. As to organizations that do not have offline or WORM backups at this time, that is basically asking for death.

Sounds like it. Malware is often customized by people with low or very low skills after stealing it from other attackers. Some malware I have seen had several generations of such pretty incompetently done modifications on it. Hence it is entirely plausible that the attacker messed up. The scale of the problem is a bit unusual though. Possibly the ISP did not patch an already older vulnerability, making them part of the problem.

The router's configuration network isn't (or at least shouldn't be) directly hooked into the Internet. Just because my router/switch passes information doesn't mean its firmware is addressable. My cable modem does not get an IP, only the computer/router connected to it does (which the router section could be internal to the modem, but isn't usually the same thing).

So likely this was an attack internal to the network, hence it only affecting a subset at a single ISP, based on the description someone (probably a tech using his work computer at home) brought this on the network and spread it across the configuration subnet. Had it been a wider attack on router firmware for that particular cable modem, we would see the attack proliferate outside a single ASN, whether intentional or accidental.

They need something to blame that isn't the instability brought on by solar wind and shutting down nuclear and gas.