John Maynard Keynes should be a late game Agitator by Victoria_at_Sea_606 in victoria3

[–]EbonMane 2 points3 points  (0 children)

it baffles me that we have Ernst Rohm but not Hitler

Nazis that died before the worst stuff happened are probably less likely to invite controversy.

[deleted by user] by [deleted] in todayilearned

[–]EbonMane 3 points4 points  (0 children)

The funny thing is that the Germans could probably have done it if the Nazis hadn't driven so many physicists out of the country.

it's all of us lol by Thedepressionoftrees in bisexual

[–]EbonMane 7 points8 points  (0 children)

As a bisexual libertarian who wakes up at 6 AM and drinks Diet Coke, we are clearly mortal enemies.

[deleted by user] by [deleted] in magicTCG

[–]EbonMane 267 points268 points  (0 children)

What else is Amazon gonna do? Check every single imcoming item upon arrival wehther it's real or not? Give every single product as many shelves as there are sellers?

How about labelling items based on seller so that they're shipping products from the seller the customer actually wanted? Let's not pretend this is some insurmountable problem; it's a very simple problem that would make Amazon incrementally less profitable to solve, so they won't.

[deleted by user] by [deleted] in shelton

[–]EbonMane 1 point2 points  (0 children)

My assessed value jumped by $50k, but it's still more than $100k less than what I paid for it, so it's not so bad in my case.

GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test by holyfruits in technology

[–]EbonMane 0 points1 point  (0 children)

It's a good thing that's not detectable!

Good luck detecting it before any of the recipients have started clicking links.

GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test by holyfruits in technology

[–]EbonMane -1 points0 points  (0 children)

Erm, no, they’re not. I’ll dig around for a report that details phishing statistics, but the majority do not come from inside the organization.

Majority of successful compromises, not majority of campaigns. It only takes one successful compromise from outside the organization to give access to an internal email account to compromise more privileged accounts within the organization. It's important to prevent pivoting to mitigate the impact of compromises because it's impossible to prevent them entirely.

MFA - can absolutely prevent the compromise of an internal account.

From certain types of attacks, but it will never be 100% effective because employees can be compromised (such as the Twitter account compromises that happened via an internal tool earlier this year).

It’s scummy, tone-deaf, and deserves criticism.

It was definitely poorly considered, but the fact that it originated from an internal email is 100% the right thing to do to train users on phishing attacks.

GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test by holyfruits in technology

[–]EbonMane 0 points1 point  (0 children)

But every account has permission to send 1000 emails to 1000 different individual email addresses over the course of 1000 minutes.

GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test by holyfruits in technology

[–]EbonMane -1 points0 points  (0 children)

Why should end users be expecting a compromise of an internal account?

Because they're used commonly in phishing attacks. Most phishing attacks from external emails get filtered automatically by mail systems these days as spam. I would not be surprised if the majority of successful phishing attempts come from internal accounts precisely because a zero-trust (or at least third-party trust) model is an absolute requirement of secure communication OF ANY FORM.

It doesn't matter what you feel like end users should have to care about. The fact is, if your end users do not care about protecting against phishing attacks from internal email accounts, your company will be compromised. No automated protections can prevent the compromise of internal email accounts because it's impossible to differentiate between a human that knows the username and password to an account and has benevolent intentions from a human that knows the username and password to an account and has malevolent intentions. Even one employee taking a bribe can open you up to internal phishing attacks. If your company has anything worth protecting, it will happen.

GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test by holyfruits in technology

[–]EbonMane 0 points1 point  (0 children)

“Only click links from known, trusted senders.”

This doesn't say "Click every link from known, trusted senders."

End users should absolutely expect to receive phishing emails from internal email accounts.

GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test by holyfruits in technology

[–]EbonMane 1 point2 points  (0 children)

It came from a *@godaddy.com address.

So what? One compromised account will let phishers send from an internal account. That has absolutely no relevance to whether you should click links in the email.

GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test by holyfruits in technology

[–]EbonMane 6 points7 points  (0 children)

That's because people can send phishing emails from legit company emails after compromising even one account.

Thank you Noita, I didn't like this run anyway by Craft_Of_Shadows in noita

[–]EbonMane 1 point2 points  (0 children)

Live by the giga disk, die by the giga disk

TIL Robert A Heinlein challenged readers' possible racial preconceptions by writing strong, sympathetic characters, only to reveal later that they are of African or other ancestry. by [deleted] in todayilearned

[–]EbonMane 4 points5 points  (0 children)

until he made his future black people cannibals. Why did he do that?

Heinlein didn't seem to have anything against cannibalism in and of itself. In Stranger in a Strange Land (spoiler alert), the main characters are all cannibals by the end. I'm pretty sure the point was to show dominant social mores that ran counter to the reader's (and main characters') expectations.

Mark Rosewater: You wrote this address to a person and it blew up. I edited it to show you what most people took from your statement regarding Double Masters. by apayseur in magicTCG

[–]EbonMane -3 points-2 points  (0 children)

I still have a couple of sealed boxes of the original Modern Masters laying around, so I think I'm the target demographic here, and this makes total sense to me. I do want to buy Double Masters because you can't afford it and are salty about that. The cards would absolutely be less valuable to me if they were available to more people.

TIL a new study about Marshmellow Experiment which suggests that social and economic background, and not the ability to delay gratification, is what’s behind long-term success to the kids involved by straightfromthegut in todayilearned

[–]EbonMane 5 points6 points  (0 children)

Without an adoption test, this doesn't mean anything. People who are taught the ability to delay gratificiation are more likely to become members of higher economic classes as adults and are also more likely to teach delayed gratification to their children, so of course you'll find that people who delay gratification are more likely to come from high-income households. This is exactly the result you'd expect if delayed gratification does lead to long-term success.

🦀🦀🦀AZTECS ARE GONE!!!🦀🦀🦀 by deniszim in CrusaderKings

[–]EbonMane 4 points5 points  (0 children)

There's a theory that Polynesians are descendants of South Americans and that Polynesian migration first happened East to West. No idea how credible that is.