I constantly encounter stories I would like to read on local news sites, but find I'm not often eager to cough up a $10 subscription or whatever just to read that one story. And I suspect a lot of other people feel the same way.

But what if I could subscribe to a service that works exclusively with local newspapers and websites to let me buy a certain number of credits or maybe a monthly/yearly pass to read stories at random news sites. Like an Eagle Pass that gets me into all the parks for the year. That way, the publications would get more revenue from people who would otherwise try to find the news for free somewhere else, and readers we really, really want to keep/capture aren't turned away.

Just as importantly, people who want to have an opportunity to support a broad spectrum of local news gathering across the nation can do just that.

Maybe this has been tried and failed before, but it seems like something along these lines is needed if we want to stop local news pubs from circling the drain or being bought by Musk or Bezos or Murdoch or the Tech Bros.

Thoughts? I'm really curious if this has been attempted, if it has succeeded/failed anwwhere, and why.

"L’idée est magnifique (...) mais la communauté scientifique, elle, commence depuis deux ans à s’insurger. “Les affirmations extraordinaires nécessitent des preuves extraordinaires” (...). Or ici, les preuves de la #désinformation scientifique s’accumulent."

https://www.epsiloon.com/tous-les-numeros/n42/la_vie_secrete_des_arbres/

I'm fascinated by the concept of measuring attacker-defender advantage in software, devices, and even entire IT environments. What do I mean by "attacker-defender advantage?" Lemme sum up and then share a chart.

Let's say you could measure the speed at which defenders remediate various types of security vulnerabilities across all relevant assets. Then say you could detect and measure the speed at which attackers find/exploit those vulnerable assets across the target population of organizations using them. Finally, plot those curves (across time and assets) to see the delta between them and derive a measure of relative advantage for attackers and defenders. That relative value is what I mean by attacker-defender advantage.

Since a picture is worth a thousand words, here's a visual example of the concept. The blue line represents defenders, measuring the speed of remediation. Red measures how attacker exploitation activity spreads across the target population. When the blue line is on top, defenders have a relative advantage (remediating faster than attackers are attempting to exploit new targets). When red's on top, the opposite is true. The delta between the lines corresponds to the relative degree of advantage (also expressed by the number in the upper left).

This chart comes from prior Cyentia Institute research in which we were able to combine datasets from two different partners (with their permission). Unfortunately, those datasets/partners are no longer available to further explore this concept - but maybe this post will inspire new partnerships and opportunities!

Any surprises in the attacker-defender advantage results depicted in the chart? Has anyone measured this or something similar?

#cybersecurity #vulnerabilities #cyberattacks #infosec #exploitation

https://www.youtube.com/watch?v=inAypsBvCcc

Donc, YouTube a supprimé (provisoirement) la vidéo qui révélé le scandale du bullshit ésotérique financé par l'État.

Alors qu'on parle de favoriser les énergies renouvelables, les exploitants d'éoliennes sont, de fait, rançonnés par ce système.

Soit ils paient pour des gadgets 100% bullshitesques ou des cérémonies ésotériques. Soit ils n'auront pas leur permis de construire.

Et ces financements donnent plus de puissance et d'influence à ces lobbies de charlatans.

https://threadreaderapp.com/thread/1854186037116903460.html

L'art du 2 poids 2 mesures quand il s'agit de parler de sécurité alimentaire et d'écologie.

#journalisme #alimentation #environnement #médias #information

Three weeks ago, panic erupted when the South China Morning Post reported that scientists in that country had discovered a “breakthrough” in quantum computing attacks that posed a “real and substantial threat” to “military-grade encryption.”

Among the many problems with follow-on coverage, aside from a lack of skepticism, was its failure to link to the correct paper. For the first time, here's the right one.

https://arstechnica.com/information-technology/2024/10/the-sad-bizarre-tale-of-hype-fueling-fears-that-modern-cryptography-is-dead/