Prior to the advent of social media, exploiters had to put in a LOT of work to market their scams to stupid people because mass, targeted communications was complex and expensive. Then comes social media which allows people to widely advertise their stupidity, congregate online on the basis of their stupidity, and for them to be easily targeted en masse by people who specialize in exploiting stupid people.

Now we have people who started stupid, self-identified as stupid, and have been taught by exploiters that their stupidity is a point of pride and a descriptor of their "culture". And the people are **numerous**.

24-hour news, Television, radio, newspaper, town criers, gossip-- All had an effect, yes, but nothing has the extreme ubiquity and constant stream of reinforcement of genuinely incorrect information of social media.

Discord is only the latest and least of the problems in that regard - Facebook, Instagram and Pinterest locked all of that content up first.

Slop is a totally fair term for any low-quality AI-generated material, and not an unreasonable one for AI-generated content in general due to average output quality.

It sounds like "Graf Zahl" was a not-so-benevolent OSS project dictator and this was the last straw.

Try this: https://www.youtube.com/watch?...

Yeah it sucks that they renamed that mountain to cover up the fact that it was named after a guy who massacred a bunch of innocent native Americans. OH WAIT

Sloppy McSlopperson, Attorney-At-Slop

You don't need physical access to install a bootkit, just root access, and full disk encryption would only protect against bootkit infection via an evil maid attack. The bootkits being discussed here get install by just running on top of the full OS with root privileges.

But on the other hand, bootkits are an extremely rare form of malware, likely the rarest type, and I think creating Secure Boot in response to it was a case of whipping a curious little problem into a crisis and then never letting a crisis go to waste.

No. I assume nothing. I'm telling you that the bill doesn't purport to solve the problem you're accusing it of not solving.

Here's your firearm analogy: The state requires gun locks to reduce the risk of unintentional discharges-- particularly in the hands of children. That doesn't prevent the firearm from being stolen and used in a crime, but it's not supposed it. It's to REDUCE THE LIKELIHOOD that a kid will harm himself.

This law does not solve that problem nor has it intended to. This law intends to help parents semi-lock down (in tiers) their kids digital devices and reduce risk. Not eliminate all possible risk... reduce it. And to do it without introduce more risk from other realms (like the UK did).

The reason they can't (even if they have the resources) is that the market rewards brutal worker exploitation, or at least fails to punish it in any way while allowing businesses to reap the benefits. Labor laws that enforce decent working conditions would be a good start towards a solution, and those start falling into place after similar union-negotiated working conditions become common enough that they're a de-facto market standard. Unions make the progress and government just locks it down.

To clarify, AB 1043 (https://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=202520260AB1043) isn't age verification (even though it uses the term). It's age *setting*.

The bill requires operating system providers to **allow** account owners (parents) to enter the birth date, age, or both, of the **user** of that device (kids) for the purpose of providing a signal regarding the user’s **age bracket** to applications available in a covered application store. No stored ID photos. No PII sent to apps.

The bill also requires developers to confirm the appropriateness of their app per the user's age bracket.

This is a reasonable step forward from doing nothing and not nearly as far as mandating things like photos of driver's licenses and school IDs being stored on random servers.

Because they don't have the money to start a business lying around (a $1k emergency expense would be a big ask for the average American, average startup cost is around $20k), they likely have health coverage tied to their employment, and they probably don't like the odds of competing in a market riddled with oligopolies that benefit from massive economies of scale and labor arrangements that can treat workers as consumables and work them to their limits.

HTH

Unfortunately we have an economic system where people who can't get others to pay for their toil become destitute.

Yes, and IIRC in the '90s/early 2000s they recommended a lower grade of AES for civilian vs. military use. And more recently, there was the TrustCor debacle.

If the NSA can get the non-hybrid PQ algorithm to be the standard for future versions of TLS that would be the NSA's biggest ever win in cryptography standards sabotage. The level of danger they're willing to heap on all non-military communications again raises the question of whether they think their foreign adversaries are massively inept compared to themselves, or if they just think that creating this widespread danger is worth making their jobs easier.