See my post above for a bit more detail, but this looks like it could be an SPF include failure. They have included "_spf-ssg-a.microsoft.com" in the SPF, which in turn includes "spf.protection.outlook.com". AFAIK, that's basically the Outlook.com webmail service, so quite possibly at least some, and possibly any, users of that service could impersonate "microsoftonline.com" and get an SPF pass.

If so then yeah, that's *totally* the kind of lack of attention to detail you tend to expect from Microsoft.

It was (and still is), but this is the problem that SPF was designed to solve (as opposed to being the FUSSP some made it out to be). If you have a critical domain that you use for sensitive stuff, like "microsoftonline.com", or any bank's domain, etc, then you need to be very specific on your SPF record's contents and make sure it has an "-all" in there to force a reject for failures, rather than the looser "~all" or (heaven forbid) "+all" which is really only intended for testing. Spammers know this, and seldom waste their time trying to spoof domains that will cause a failure; every domain I have setup SPF with "-all" on has seen Joe-Job bounces drop to zero pretty much overnight. DKIM works slightly differently, but adds another layer to this. Microsoft for sure knows this too and does indeed do both, but that doesn't mean you can't slip up and leave a hole somewhere.

So, taking a quick look, as things stand, the SPF record for "microsoftonline.com" is:

"v=spf1 ip4:216.32.180.228 include:spfa.microsoftonline.com include:spf-exacttarget.microsoftonline.com include:spf-msods.microsoftonline.com include:spf-mfa.microsoftonline.com include:_spf-ssg-a.microsoft.com -all"

They've got the "-all" in there, which is good, but also a whole bunch of "include" directives, including one that refers to ExactTarget a third party MSP, but the one that appears like it could possibly be the problem is the last one. That contains a further include, and in there is "spf.protection.outlook.com". All the includes do have "-all" but, AFAIK, that domain covers the outbound mail gateways for a least some parts of the Outlook.com webmail service, so if the spammers have been able to a suitable account using a server within one of the many IP ranges listed in that include that doesn't properly restrict the domains able to send their mail, then they are good to go.

I think it's more horses for courses, and can also vary considerably between what different demographics, both contemporary and historical, think of as "perfection". Hollywood is largely driven by white western males, so they naturally favour your "20% silicone", although that does seem to be undergoing a gradual change of late, but that's not the case for world cinema as a whole; you'll find far fewer wannabe Barbie Dolls in African cinema, for instance.

From a people portraiture perspective, especially candids, there is also a night and day difference between what a photographer would most typically want to shoot in a studio vs. on the street. The former is very much about some ideal of perfection, with hours spent on makeup and clothing the model(s) and setting up the lighting rigs, before the camera even gets turned on, whereas in the streets and fields, you are totally going to home in the people with the most interesting features, and those often tend to be very much the definition of imperfection. You are actively looking for the aged faces with more lines than a metro map, more piercings/tats than Vogue would likely ever consider acceptable, and anything else that really tells a story about the kind of life the viewer of the resultant image might imagine them to live. For the right images, there is absolutely value that can be measured in both clicks and dollars there too.

Also, why limit it to women implanting silicone to comply with some visual aspirational idea of perfection being forced on them by men (mostly), media, and entirely unrealistically proportioned dolls? Have you seen the lengths some men are going to as part of the "looksmaxxxing" fad? There's going to be a Darwin Award winner there real soon now, I'm sure.

Actually, I think it was Fred Schwed Jr. 86 years ago, but still just as relevant. In case it's not obvious from the fee, this is totally not about making YOU financially better off.

I'm guessing the tank has enough positive pressure left internally that it can withstand the pressure exerted upon it by the upper stage's engine exhaust without collapsing until the upper stage is clear. If it deforms, then presumably it would not be able to be reused, but if it can withstand the pressure long enough just fine then that removes the need for some additional shielding, and the mass that entails.

You're assuming the companies with these fleets of (currently largely non-existant) robots are still going to solvent if the bubble pops. That seems highly unlikely in many cases given the business model for AI is apparently "borrow massive amounts of money to fund it using the promise future orders as collateral". Asset strippers have no interest in salvaging a business; their business model is to buy the physical assets cheap, dump the debt on to bagholders (the shareholders), and sell the assets off to whoever wants it, hopefully for more than the cents on the dollar paid they probably for it. I buy stuff from these auctions from time to time; it's a great way to get nearly new, and often still on the market, kit at a fraction of the retail price.

Also, Facebook might not be the best counter example there. Remember what happened to many of the hires, business units, servers, and services, Meta setup when Zuck went all-in on the Metaverse? What do you think he'll do if going all-in on AI doesn't pan out for him?

Yeah, but these are Humanities students. That, by its very definition, is an area where AI should have very limited use, where it is applied should be done really, really, carefully, and job losses are far less likely than in many other fields. Sure, there's analysis of datasets, especially of geographical and historical data, but that is one of the areas where a specifically trained model can really be of use, but an AI is never going to painstakingly brush away dirt from some ancient historical site, and I shudder to think what would happen if AI hallucinations get let loose on philosophy or religion. That said, it would probably be very amusing watching those who buy into the output; and doubly so if the model was trained on the Butlerian.Jihad from Dune, less so for actual crusades, jihads, and "holy" wars.

Still, if these presumably tech savvy Gen Z students are not fans of the tech, regardless of whether that's because the recognise how its being used by corporates or some other reasons, then I think the people that need to be more worried about this are those that have built the massive pyramid trillions of dollars of debt to build something that few seem to want or trust. Like the .com boom, the bubble must pop sooner or later and sort out who is a "pets.com" and who is a "google.com", and there are growing indication that, unlike .com, the demand that will be required to pay for it all just isn't there, and we're already way beyond the scale of any previous government bailouts. That kind of crash only has one outcome; a lot of shareholders (which includes pension funds) are going to lose their shirts.

According to TFS, the layoffs are due on 20th May. No one is going to voluntarily quit if they can just phone it in for another 8 working days and get at least some additional severence pay to tide them over while they look for a new job. If they don't get cut and are still hacked off enough on the 21st, that's probably when people are going to start to quit.

Of course, one thing Meta is very good at is profiling people. And another, as TFS points out, is being callous sociopaths. Chances are they've factored all that in and I wouldn't be at all surprised if their actual target is a 15% RIF and they've worked out that if they fire *this* 10% on the 20th, then *this* further 5% that have definitely had enough and were hoping to be laid off will be so fed up with the loss of their former colleagues and even more hostile workplace will quit of their own accord over the next few weeks. If Meta was aware you were looking for another job before they announced the 10% RIF, it's pretty good bet you're in the additional 5% they are hoping for.

It's not a lake under the city, it's an aquifer, so it takes quite a bit of time for the water to disperse, rather than flow, through it. Replenishing a little bit of the water in one area through a leak might stave off some of the sinking in that area, but the areas where water is being extracted from will continue to sink much faster, with the additional complication that the density of the aquifter likely varies as well. The net result is the same though; different parts of the city sink at different rates, with those near leaks or denser parts of the aquifer slower than those near extraction points or the more porous areas, hence all the tilting buildings.

's OK. The war (whether it returns to hot or remains "of negotiation") will almost certainly be over in less than two months, one way or another. Why? Because the Iranians can demonstrably control the Strait of Hormuz, and now they know that for a fact because the world's most powerful navy hasn't even really tried to force it open, let alone actually been able to do so. That means European and Asian airlines cannot get the jet fuel they need and - something Trump still hasn't grasped - pushes up the prices of oil for everyone, even if you can produce it yourself, because of the way the US set things up with the petrodollar (LOL!).

Why does that all matter? Because in less than two months, at least some European and Asian football fans (mostly) are going to want to fly to the US to watch the vastly overpriced World Cup.(under Trump, why am I not surprised?). Even if they have the cash to burn on it, they can't do that if the airlines are forced to cancel their flights, can they? Remember how wound up Trump got over crowd & stadium numbers? Do the math.

I'm sure the Iranians know this, and have almost certainly also realised they just need to stall while keeping passage through the strait to a minimum (they don't even need to expend a lot of munitions for this; just keep the uncertainty high enough no one risks the passage) until the Trump administration realises this and has to make some major concessions to get the oil and gas flowing again. How close to the first match do you think that will be for our 5D chess playing grandmaster? He's got six weeks before the fans get given a red card by their airlines...

I hear Trump is supposed to be doing a Bible reading as a result of his recent spat with the Pope. Might I suggest Galatians 6:7? :)

A way for Elon to dilute his losses from Twitter and other missteps into all those people who buy into the upcoming SpaceX IPO.

If your plan isn't to get in early and dump the stock as close as possible to the almost inevitable price spike those all who didn't a chance to pre-buy in cheap and are now taking part in the FOMO buying / cash-out frenzy that follows the shares hitting the stock exchanges, then you *really* need to be paying attention to where all Elon's debts and loss-making business units are. (Hint - he's been steadily moving them all into SpaceX).

Good question, that probably should be addressed in TFA, but isn't. Have a cookie, assuming you're not blocking them. :)

The Earth was exiting a period of relative geological and climatic stability and entering a cooling phase, which would have helped strengthen the AMOC. This process was then enhanced by a large scale volcanic eruption, thought to be in North America, with the ejecta from that and a series of subsequent eruptions leading to a significant deviation from the trendline, a mini-iceage known as the Late Antique Little Ice Age (LILIA) similar to the Maunder Minimum, a multi-decade period of cooler than statistically expected temperatures (up to 2.7C cooler than average in European summers). This is reflected in tree-ring records which show highly stunted growth for the time, ice cores from polar ice cores, and some of the remaining writings from the period that describe widespread crop failures.

The issue here might be that the hotel is legit, but their internal reservation system has been compromised. They get the booking.com confirmation, enter it into their system to assign you the relevant room, and the scammers use that info to try and stiff you. The scammer has your details, and combined with the fact that it's a fresh booking, a made up request for some clarity/additional confirmation followed by a request for money is going to press all the buttons for an almost perfect phish.

It apparently happens a lot, and it's outside of booking.com's control (although the hack in TFS is obviously on them), so all booking.com can do it advise you that they don't reach out view email or WhatsApp, and all you can do it pay attention to the booking details on the main booking.com site and only interact through that. Or use a different hotel booking site.

Don't try and report these to booking.com, btw, as you found out, they clearly give zero fucks. I had that kind of scam happen with one booking out of four on a trip (obvious scammer reached out on WhatsApp) and ended up going around and around in circles on booking.com to try and find a way to flag the fact that there was a compromise, probably on the hotel's side. After 3 laps I gave up, cancelled all four bookings, blocked the spammer on WhatsApp, and rebooked using a different agent swapping out the compromised hotel for another one. I can only assume that booking.com is definitely doing their part to ensure the enshittification of the Internet.

Totally agree with the rationale for the blocking; no sane company is going to willingly publish info that could harm them. Can't really argue with that at all; their site, their rules, and all that. What the First Amendment says about free speech is regarding the Government, not public entitiies like Meta, so they absolutely have the right to decline to provide these lawyers with an online megaphone and soapbox to stand on.

On your question though, it's quite likely no one authorized them. Assuming you're not blocking ads outright, then any ads you do see are basically the result of an in-browser bidding war to see which company is willing to pay the most (still tiny fractions of a cent) to get you to look at their ad instead of someone else's based on the info Meta has on your demographics and interests. Meta has a demonstrably loose grasp of ethics, so if you are thinking they are vetting every ad's contents before it gets accepted into the auction mill rather than just relying on companies to comply with the conditions Meta set and dealing with any that don't if any complaints get sufficient traction, then you have a radically different take on Meta than I do.

At best, they've probably just changed the Ts&Cs to put a clause in preventing ads of this type, or blacklisted the companies that were pushing them.

I find I can do everything I need with old and OWA, and OWA is only really needed for some SP/group stuff that will probably never make it into "old". I'd switch to Thunderbird, but that's coming up short in some areas too and OWA alone won't make up the shortfall there, so my current approach is the least painful for getting stuff done, no matter how much that chafes. I find "New" to be a confusing and broken mess that is missing several key features needed to interact with other Microsoft systems (FFS!), and have fed that back to Microsoft in no uncertain terms every single time I've found myself switched to it and have immediately switched back using the feedback form they give you. No real idea on the Store version as I've only tried it once in the hope it might do everything I need (it didn't), but I hear that's awful too.

So, yeah, GP listed three products, which are the "local" versions, then there is the OWA version, so Microsoft has four totally different products that use the "Outlook" name by my count. Maybe they employed a former cola exec to lead the product development, or something; throw flavours at the wall and see what sticks? Store seems to be the "Diet" version, so maybe next up will "Cherry Outlook" and "Lime Outlook"... Personally, I really want "Outlook Zero", which will be me uninstalling it for good once I can switch to anything else.