On this day in 1985, Microsoft released Windows 1.0 Been downhill ever since 😱

“With AI, everything changes everyday” ~ Pierluca Chiodelli, Dell’s VP of edge product management.

Another Monday, another potentially catastrophic WordPress plugin exploit. This time, it's the turn of popular (4+ million active installs) security plugin, Really Simple SSL, which has a "authentication bypass vulnerability" << very, very bad 😱 Here's the full detail, thanks to Bleeping Computer. The version you want to see, if you're using this plugin on your WordPress website, is 9.1.2 Go do it now.

I was today years old, when I was lied to about the origins of the name YAHOO! so I asked Perplexity, and now I'm not sure if the truth or the fiction is stranger. Brian Livingston, writing for the AskWoody newsletter, said that, "Yahoo still has a search engine — and, as the company’s founders said when they first set up their website, You Always Have Other Options." A quick Perplexity search revealed that was not in fact, the case. "The claim that YAHOO stands for "You Always Have Other Options" is not accurate. The name Yahoo! is actually an acronym for "Yet Another Hierarchical Officious Oracle." This phrase was created by the founders, Jerry Yang and David Filo, as a playful reference to the hierarchical organisation of their web directory, which was one of the first popular search engines on the internet" Now you know :)

I was today years old when this first penny dropped for me. Email Link-following. Cool term, what does it mean? In hindsight, it's obvious. In order to protect you from bad guys including bad links in the email they send to you, your email server is most likely... wait for it... waaaaaiiit... "clicking" on every link, in every inbound email, to check it, before sending it on to you. Once more, in case the significance of that went skating past you, like it has me... Every.link.in.every.inbound.email. The tactic works, and is pretty much the only way it can be done, but gracious, there are some privacy issues, right there! And, while we're stirring this *particular "email is stupid"* pot.... here's another GEM. "Microsoft says that Midnight Blizzard, a cyber unit inside Russia's SVR Foreign Intelligence Service, has begun using a clever new technique to compromise victims and deploy malware on their systems. The technique involves sending malicious RDP configuration files to victims via email." Translation: This version of Ivan has stopped trying to break into your computer. Now, he'd like you to click on this file that he's sent to you via email, which will connect you to him! With every administrator privelege that Windows can give, and then some. Read every byte on every hard drive. Install any software on your computer. Terrifying as it is, you just have to say, this.is.brilliant! "I won't call you, I'll just give you my number. You'll call me." It's also absurdly stupid. Configuration files are common and necessary. Almost every application has one. Most of them are text files. Or they should be. Text files are pretty harmless. Buuuut... *sinister voice* what happens when you make a configuration file executable? Believe it or not, this is not the first time Microsoft has done this. They used to have a ... feature ... where if you downloaded a file like a .doc for example, if it was associated with an application in Windows, IT WOULD RUN THAT APPLICATION! And before you think "Well, that's quite useful and convenient?" I'll just remind you that .py and .bat and .vbs and .cmd and .js are ALSO examples of text files that are associated with an application. (python3.exe, cmd.exe, vb.exe etc).