The most concerning part should be that the utility isn't auditing it's service. The most basic check is to compare water pumped or otherwise brought into the system against water usage billed to customers. Those two numbers should be equal, any discrepancy indicates leaks or other unaccounted-for draws. Any discrepancy should also be relatively stable, with any large variations correlated to known main breaks. You especially audit things immediately after a major change like bringing smart meters on-line to catch problems like this.

The sticky note under the keyboard or in a desk drawer is actually pretty secure. Most attacks are remote, they've no way to read that note. The social-engineering attacks don't target people who'd go to your desk either, they either target you directly (you already know your password) or support people who don't need to know your password to give them access.

I have to ask, are these platforms even trying to secure their systems anymore? Because I keep seeing of more and more of these breaches, involving more and more platforms, and the attacks are less and less sophisticated. I hear companies talk and talk about security, yet their day-to-day practices require their employees and contractors to violate practically every good security practice and treat the red flags of an attack as normal company practice instead.

Occam's Razor no longer applies, because at this level malice and incompetence are indistinguishable.

This isn't really a new result, nor tied to genAI. Machine-learning models have a long track record of being able to identify medical problems better than humans based on records. Not really a surprise, the problem is essentially one of pattern matching and machine learning is _really_ good at extracting patterns from large volumes of data and then matching new data against those patterns. I wouldn't apply genAI to the problem, though, the established ML systems do a better job using fewer resources.

Not really. All the examples you give are cases where, if everyone follows the rules, you know what you're going to get before you pay for it. In gambling, if everyone follows the rules you do not know what the outcome will be. Which is the case with futures trading, you don't know what the price/value of the commodity will be when the contract comes due.

Probably. But then slot machines and roulette don't look like gambling from the casino's POV either.

The problem the states are going to have is that futures trading, what the CFTC regulates, is gambling. You're betting on what the price of the commodity will do in the future. The moment the CFTC expanded to allowing intangible commodities, the outcome was a foregone conclusion.

Thinking further, it seems like it'd be impossible to separate things because commodities future trading is in fact a kind of gambling. When you buy a futures contract, you're betting that the price of the commodity will go above the contract price. The seller is betting it won't. The only difference is what you get if you win the bet. dollars or eg. corn. Once you allow intangibles in, even that distinction disappears. The dissent has a point, but I think the majority is correct as to the law and if people don't like it then the law needs to be changed to restrict what can be traded on a commodities market.

You know, looking at the definition, I could probably make the argument that a pull on a slot machine is a "swap" per the definitions as long as the casino operator jumped through the hoops to get declared a DCM.

Maybe the legal experts could sit down and work out how to modify licenses (including the GPL/LGPL) to be for non-commercial use only? As long as an entity wasn't making money using FOSS, it could use it just like now. Individuals and non-commercial projects wouldn't be affected. But if you're a business making money using FOSS? Not without paying for it you're not. Yes, this would go against the free-software principles. But principles don't pay the bills every month, and none of these changes would prevent anyone from staying with the existing licenses if they wanted to.

The first thing I think of as a problem would be a company setting up a separate entity that wouldn't make money, just make services available to the company using FOSS to get around the fees. The trick to preventing this would be to phrase the terms so that that entity truly had to pay it's own bills without having the company using it's services pay anything either directly or indirectly. Not even by doing things like providing hosting "free". I'd have to sit down with a bunch of rules lawyers and game out all the ways to funnel money into that entity and how to block them, but what's life without a little challenge?

That's something I've said for a long time. And unlike permanent DST, going to permanent standard time doesn't require Congressional approval. Any state can do it any time by just passing a law.

Is MS doing the blocking themselves, or is it an RBL that's doing it? And if an RBL, which one? The MS mail admins can answer those questions easily, and then affected senders can direct their attention to the appropriate target.

Is it AI driving this? Or is it just the fact that if your gross margins are 70-90% there's a lot of difference between the value you're providing and the price you're charging and your customers are recognizing that? Because I've done tests with Claude and while it might be acceptable for boilerplate code it still falls on it's face with complex business requirements and logic unique to specific internal processes that don't appear elsewhere.

A V8 in a city is strictly for racing. It's got too much power for most purposes. The one place it does have a use, trucks or vans for carrying heavy commercial/industrial loads, isn't a huge market compared to personal use. Big pickup trucks look and sound impressive, until you need to find a parking spot for them. Or deal with rough streets. Or tight residential streets. Or stop-and-go traffic. Then practicality wins out.

I look at the US auto industry today and see it repeating the strategy of the early 70s. We know how that ended. The same motivations are at work now. Their focus groups may say "big and powerful", but consumer wallets say "small and economical".

The AIs understand "stakes" just fine. They just understand them correctly, without human emotion getting in the way. Humans place an emotional value on other humans, even if they're the enemy. Computer algorithms don't. They calculate in cold hard numbers, optimizing for the lowest casualty count on their side for the least cost and effort. Casualty count on the enemy side, if it factors in at all, is a lower priority than reduced casualties on the computer's side.

Yes, that's horrifying. Go ask some first responders about triage at a major accident scene. They have to do much the same thing when the injuries are more than they have resources to manage.

Cyanide safety training at a mine: "When the cyanide alarm sounds, leave the area. Do not stop. If you see someone down, do not stop to help them. Not stopping gives the rescue teams 1 person they know to go in after because you told them. Stopping gives them 2 people to go in after, except they don't know that because you're down and dying of cyanide exposure and can't tell them.".