In this case, the prime manager, the mayor, had just been replaced inthe election.

Actually, management was blamed left and right, the audit helped force the contracting companies to eat far more of the cost, etc...
Trick i failed to mention, it was the NEW incoming mayor that ordered the audit, and less than 1% of project cost to date.

Yeah, this sounds like some kind of jaded Transhumanist humiliation ritual.

If true as written, those 'monks' are without honor or reverence.

That makes no sense at all. If the company is spending $2-3k, for something they charge only $200, then it is an introductory price. To get you hooked. They have to charge you $3-4k at some point of they want to make money. Their suppliers want to get paid, and their investors want to stop losing money eventually. By ask means take advantage while the deal is good, but donâ(TM)t be so naive as to expect the deal to be good forever.

I got an Idea. How about locating and deleting data centers that host these things? Deleting them from existance.

I looked at a waterfall project where the mayor ended up spending $3M to have an audit done on the current state of a project that was way behind on time and way over budget, only for them to come back and say that it'd be cheaper to burn all the effort to date and start fresh.

Are there any tools to watch my lsmod, walk /lib/modules, and configure modprobe.d to deny loading anything I'm not using?

All of these exploits are in distro modules I'd never use.

Local access, unless you haven't patched apache this week, then it's remote access.

> What are normal people supposed to do?

It looks like a omen to take up farming.

Maybe I should pull some of my 4TB nvme sticks and buy my kid a used car...

I wonder what they will do when the cost of AI increases?

We all know that AI companies are selling their services at a loss. Often on a cost-of-compute- basis, but even more so when you factor in model training costs incurred with investor cash. And that is even before we account for how the shortages of relevant hardware and server space for running all of this are driving up the costs of memory, chips, etc. Or the fact that the energy crisis is only getting started, and will impact literally every part of the value chain for addressing the current and future demand.

Most of the sunk costs to date, have been funded with investor cash, but those investors are going to start wanting to get paid back with a strong multiple of their investments to date. That means, as companies reorganize around the use of AI - at the current prices - they are creating a potential nightmare of cost forecasting and control when the AI vendors all decide it is time to start generating that pay-back by sticking the screws to their customers. This is CLASSIC ENSHITIFICATION.

It's not md5 collisions that are the problem here, it's poor passwords.

Which is something that we can't actually fix, and maybe have tried for the past 22 years.

As mentioned above, memory-hard algos are better than hashes now.

My server got compromised last week by this, Slashdot is quite far behind.

There's two new exploits in the Copy Fail class that do privilege escalation everyone should be worried about on shared servers. Copy Fail 2: Electric Boogaloo (https://github.com/0xdeadbeefnetwork/Copy_Fail2-Electric_Boogaloo) and Dirty Frag (https://github.com/V4bel/dirtyfrag)

I am rather disappointed that Ubuntu sat on these LPEs for a month without releasing a fix.