> the first stage of the [Minotaur IV] was manufactured in 1966.
Was it?
Minotaurs repurposed components of Peacekeeper missiles. Development of the SR118 first stage motor—reused as the first stage on Minotaur IV—didn’t start until 1978. [1, pg16]
…or booting from alternate media to retrieve data from the disk in situ (depending on which measurements are used to seal the key in the TPM).
“Don’t let perfect be the enemy of good.” Vulnerabilities/limitations should be understood and you have every right to determine that TPM+PIN is the minimum control that addresses threats you’ve modeled and reduces risk to a tolerable level, but TPM-only encryption is not pointless. It reduces risk by increasing required attack complexity without impacting usability. That’s enough for a lot of people.
My mother was diagnosed with MG 25 years ago. Her first symptoms were droopy eyelid and double vision. Plasmapheresis helped, Prednisone had nasty side effects (glad to hear that sounds not to be the case for your father), prismatic glasses to un-double her vision kind of helped?
As her symptoms increased—-speech delay, difficulty swallowing, eye misalignment, all stemming from fatigue-induced nerve conduction delays which can culminate in respiratory failure—-myasthenic crisis, they opted for thymectomy (open surgery). She was probably 50 and while the recovery was lengthy, it drastically improved her symptoms and the amount of activity she could do before arose symptoms appeared. No more prism glasses or multi-second speech delays, or weekly plasmapheresis visits. If she spent too much time being active or driving on a sunny day (squinting), she’d feel the ocular fatigue first and know she had to rest or take a prednisone. Now her eyes are failing for other reasons but the thymectomy bought her 25 years and counting.
I’m glad your father survived his crisis. It sounds like you’re doing all of the conservative treatments (which is good; steroid noncompliance is a risk factor for crisis).
There are new medications that directly reduce or deactivate AChR antibodies. Non-invasive video-assisted thoracoscopic thymectomy is more viable today too (and thymectomy has been shown to decrease the frequency and severity of crises even where the thymus was considered normal). Plasmapheresis remains generally effective, if time consuming.
MG sucks. From one son to another, I hope you can get a few more good decades with your parent too.
I bought a very similar looking $120 Brother HL-2170W 13 years ago after moving cross country and being unable to justify schlepping my trusty Laserjet 4 Plus.
I’ve apparently only printed 6500 pages and I think I’ve changed the toner two or three times but it has been surprisingly trusty for the price point.
The fire apparatus I’ve worked on have a 120V inlet called a shoreline to keep equipment (MDT, radios, cardiac monitor, portable suction, and Lucas battery chargers, interior lighting, etc) operational at station without draining the battery.
Presumably this is the same thing whatismytenantid.com does under the hood.
Interesting (to me) is that the OpenID configuration endpoint provides the tenant ID for not only Commercial tenants but US Government (GCC & GCC-High) as well because the Azure AD portal has relatively new functionality to configure cross-tenant access settings by tenant ID or domain name but Gov tenants require you to obtain the tenant ID from the organization which is either security through obscurity or due to use of some Commercial-only Graph API call.
Not only is there phishing opportunity, it's being actively exploited to much greater financial effect (check fraud and identity theft), and you don't even need to go to the lengths of creating a company profile or a website as anyone can create a job posting for any company (with rare exception) [1].
Here's a very real series of events I'm privy to:
- Bad guy gets a domain name confusingly similar to the target company (maybe tack on "inc" or "llc").
- Bad guy gets access to a LinkedIn account (doesn't matter who or if they're connected to the company; stands to reason that a hacked account with existing connections adds credibility) and updates the title to CEO of target company.
- Bad guy posts an "Easy Apply" ad for a remote job with target company.
- That job listing automatically appears on target company's LinkedIn page.
- Bad guy begins receiving contact info for the job and gets to work.
- Following a weak interview process conducted entirely over IM or email, the candidate is hired.
- New hire provides identity documentation at bad actor’s request.
- Bad actor sends new hire a check with instructions to buy equipment for their home work area from a specific vendor who is also the bad actor.
- New hire deposits check and bank makes funds available before the check clearance process actually completes.
- New hire buys a few thousand dollars’ of equipment from a vendor that doesn’t exist with money they don’t actually have.
- Check bounces and the jig is up.
By the time target company found out, LinkedIn has removed both the job ad and the profile that created it, but did not and would not reach out to the applicants to warn them of the scam nor provide those applicants to the target company (y'know, the company the applicants thought they were applying to; citing "privacy reasons").
While [1] says LinkedIn can do something to restrict who can post jobs on behalf of your company, it's wholly undocumented (and I suspect may not work well for companies relying on both internal and external sourcing). The only defensive measure I've identified is setting up a job alert for your company, specifically for Easy Apply and/or Remote positions as that seems to track with the scam.
The more nefarious ploy is how Axie infinity got shut down for millions of dollars in fraud because the targets opened a PDF that was actually sent by NK bad actors posting a fake high paying job and interview process
Yeah, my wife and I are both members of various slack workspaces (work, volunteer groups, social/industry groups, etc) so it was beneficial to use the same tool (with a free, private workspace) for us to not only chat but also keep track of things in different channels (#wanderlust, #whatdowedo, #whatdoweeat, etc).
I was about to say that due to the new 90-day policy, we stand to lose pretty much allof the content in those channels but as it turns out, except for one message from July 2020, we already have. I suppose it doesn’t matter to me now if it’s 10k messages or 3 months of history but the former amounted to 24 months.
Was it? Minotaurs repurposed components of Peacekeeper missiles. Development of the SR118 first stage motor—reused as the first stage on Minotaur IV—didn’t start until 1978. [1, pg16]
[1]: https://ntrs.nasa.gov/api/citations/20120016230/downloads/20...