We can't. If someone tries, then they get arrested for doxing, harassing, "causing discomfort", etc. Have you tried to follow a politician around? Do you want to try and track their phone?
That’s a coward’s take, and even if you are taking the middle-ground route there are sufficiently legal ways. You just won’t find much enthusiasm about it among people here because the demographic of this platform is living comfortably.
I read the first 4-5. They either 'provide services' to govs/law enforcement, and/or are ran by govs.
So to answer to your question, Nothing. You can write 100 letters to your senator, MP, mayor, etc. The "system" will serve its purposes. Best case you will get a response that "national security, paedophiles, terrorists, bad actors", etc.
In some regions you can file a GDPR nightmare letter, which will be shut down because of EU DPR ("national security, paedophiles, terrorists, bad actors", etc.)(yes I copied and pasted from above.. there is a pattern here).
Historically (and Harari describes this far better in "Nexus") documentation and bureaucracy was created to exert control. Any information 'must' be captured, stored, processed, assessed, flagged. Before we only had letters and radio. Now we have more letters (bits and bytes/packets). The mechanism is the same. Collect, store, process.
Cross-referencing this with 1984, everything we do/say/send/etc. will never be forgotten, can and will be used against us. Politicians though can 'rewrite' history ('Oceania was at war with Eurasia; therefore Oceania had always been at war with Eurasia.').
IMHO1: Notion is a Confluence+SharePoint+Jira with useless "AI" to quickly create templates.
Anyone who uses it for your made-up use-case is silly, and has no sense of 'segregation of duties' (access).
IMHO2: this is a process/procedure problem, not a technical problem (to quote GDPR's phrase) "..technical and organisational measures necessary to ensure.." this is an organisational problem that you are trying to solve as technical.
I have very recently tried to work with Notion staff in applying basic "compliance" controls, and their input/response was next-to-garbage, with a big "we didn't build it for/like this mate" attitude. E.g. complete lack of "canned reports showing inactive users", "canned reports showing failed login attempts", and so on. One will have to drill though the audit logs, extract the lot, and go excel magic. Other 'within-Notion' solutions are (politely) 'inaccurate'.
Overall it is a GRC/Privacy nightmare and I am happy to not be a user of this any more :)
It's Ukraine. Are you aware of the "banks' debt collectors"? They had thugs knocking on your door (and your face) for an overdue loan payment; they would _of course_ use violence/torture to extract information.
Fun fact, I was internal auditor in a bank (I will not specify the year(s) for safety/privacy). We did the due diligence and ended up buying a Ukrainian bank. Part of the 'collections' was really to smash people's faces. Believe it or not. But sure.. you know best.
Yup, I feel like Ukraine has been trying to break away from the society is a meat grinder culture of Russia for a while and the war has made if clear who's on what side locally.
My only qualm with them is their not so great support for gay people, but then during the war ofc the party line is now they love their gay soldiers. Would have been nice to see more action around that beforehand but I get it. Even other first world countries still have plenty of problems as a gay person, especially gay men.
I remember Steve Gibson saying some years back that the only reason USA doesn't (cyber-)'attack' Russia's train infra is the inability to 'hide the traces' of the attack, and it would be 'easily' attributed/mapped back to the USA causing (political) issues. Well, Ukraine doesn't have 'that' challenge.
On the other hand (and I'm not defending a drone company), anyone that has a business should know by now that ransomware (with our without deletion) is a real thing, and it's not an 'if' question, it's a 'when' question.
I have never worked with/for a Russian company, so it would be interesting to hear/read from someone who has, how 'well organized' are they? GRC-wise. Assuming that someone would run the COBIT framework on them (Russian companies), would the 'average' be 'ok' or it's a big mess (kinda like working for an EU company in early 00's)?
> I remember Steve Gibson saying some years back that the only reason USA doesn't (cyber-)'attack' Russia's train infra is the inability to 'hide the traces' of the attack
This is not a real reason. This explanation hides the real reason: Russia is a valuable geopolitical partner for USA. Regarless who are in power in USA - all presidents tried to make deals/contacts with Russia.
There is no value for USA in getting Russia loose this war, have internal instability or split in 20-ish national states.
USA wins more from russia being as it is today with all it blood, suffering and hundreds of thousands of deaths caused by the regime thrive for survival.
Actually USA are afraid to push too much to cause internal issues in Russia. And russian ruling class knows that.
I guess another reason is that there isn't too much IT infrastructure that Russian trains depend on.
There are ticket sales systems for people being transported, but much is freight trains, and if there was an easy way to disrupt that, you can be sure that Ukraine would've done it by now, because the Russian military heavily depends on rail-based supplies.
I did work for a Russian financial multinational just before COVID-19, as a native Russian speaker, and it was a free-for-all mess interally. The IT side had a load-bearing, old-school sysadmin type with a personality for heroics.
I was reading a couple of days ago the Frank Miller's Robocop comic series. I laughed so hard at the comment/response of "Dr. Love" when asked "have you sold out?" and the response was "I'm reposisioned Lilac to where I can more efficaciously relate values of cooperation and participation to our children. Where I can infuse a spirit of caring and sharing to marketing and media."
Then she (Dr. Love) continues to say... "I welcome this change to dialogue. To relate to you OCP's commitment...."
So when I read the FF's post, Dr. Love and the beginning of a big spin came to mind!
Having worked as IA in plenty of banks, I can only say "no good deed goes unpunished". My friendly suggestion is that when you involve cunts in the dialogue (regulators, legal depts, lawyers) you JUST started a fire and those assholes ONLY care to have a fall-guy. And the #1 is (you guessed it) You!!
You cannot expect an honest response from (ffs!) a bank! They are the most dishonest people on planet earth.
If there is a bounty, go through the hoops and do get paid. If not, then feel free to go for a lunch with someone-who-knows/trusts-someone and solve it in the d-l.. with all the plausible deniability you can get "I saw the photo of the guy/gal on LI and wanted to meet him/her for the sex.. I dunno what hacking-vuln you are talking about!"
Betting/gambling. Also talking shit to your friends in the pub which support the 'other' team (in a (friendly) banter).
I remember when I was betting (a lot) with Ladbrokes 15-20 years ago, I _loved_ statistics. But win/lose/draw was never my cup of tea. I would study the numbers and find teams who score/receive a lot and would bet on Over/Under. It didn't even have to be the 'premier' leagues. There were teams in Finland and Netherlands that would have an aggregate of 6-8 goals in most games. This was as certain as it could be. Low yield but steady yield. It just took time. I assume now with LLMs, one could write a prompt that would get an LLM to scour the interweb and give it "the games with over/under of x1.5 or more and teams that do so-and-so.. but.. who has time for that!
