They don't care about being American. They want the sweet American dollars that X is paying for engagement. They figured out the MAGA crowd is the easiest to engage, so that's where they go.

Seems like when the security market is low on the white hat side, it's high on the black hat one. Security people just need to learn to adapt.

I'm sure some of these ransomware groups probably offer health insurance and 401k matching.

And of course there's AI!

> In the AT protocol, your identity isn't tied to a server.

It kinda is. Your identity is in the hands of whoever controls the PLC Directory. You can argue this is better than having your account and identity on the same place, but it still a third party that you depends on.

Payment Request API is a thing and it looks kinda nice, except apparently nobody cares about it.

Curl's case was related with its bug bounty, so when involving money the incentives are different.

> Imagine if companies automatically paused billing if you stopped using their product? Panacea.

Beeminder does exactly that!

https://blog.beeminder.com/autocancel

GCP outbound data is limited to 1GB/mo and I believe by default it doesn't have any cap, it will just charge for additional traffic with the credit card you are required to enter in order to get a free tier account. So I would be careful publishing anything with it.

I don't know exactly what's the logic but sometimes I need to confirm a rm operation with an "y". Maybe cp and mv should have the same behavior for destructive operations.

> I don't know exactly what's the logic but sometimes I need to confirm a rm operation with an "y".

I believe some Linux distributions alias rm to either rm -i or -I in their default shell config.

People were literally XSSing themselves and the worst someone did was a funny prank. Those were simpler times.