Torn between "I think losing $100 million when someone beats you at security research is pretty much exactly what you signed up for doing yield farming" and "Maaaaaaaybe not the future of finance you were expecting, huh."

Bitfinex files discovery in "Yo bro, where did our $800 million go?" action and it is every bit as interesting as you'd expect it to

Here's their CFO describing their agreement (which we know from other litigation was never contractualized because, presumably because money launderers hate paper trails):

Bitfinex's CFO was shocked, shocked to learn that the money launderer they engaged to provide money laundering services while I-swear-to-God-this-is-an-actual-quote "we learned to bank like criminals" may have from time to time lied to banks.

"Institutional constraints" means, here, "We were attempting to avoid velocity checks placed by our banking partners to detect fraud and money laundering, which would have detected our fraud and money laundering."

Money at the speed of code, yadda yadda yadda, the Bitcoin economy is surprisingly blasé when several hundred million dollars is in an interstitial state for months.

In a situation never before encountered by a financial institution: the check was not, in fact, in the mail.

My friends @robwalling and @einarvollset just launched TinySeed, an accelerator for software companies where a successful outcome is a healthy, sustainable business rather than attempting to ride the rocketship trajectory. https://t.co/LSHqZNcVid

I have some thoughts:

As somebody who bootstrapped ~4 companies, I feel like I had to make some clearly suboptimal decisions early in them for lack of what is, in hindsight, not all that much money. But there's a huge gap in the product space for investment options.

It's weird: you can get $25k from Amex trivially, and angels are very willing to write a check for that much, but you have to make representations about your goals/ambitions/market/etc which don't really apply to everyone.

And so you see the traditional angel/VC ecosystem fund companies where honestly the returns are probably not there, and this is knowable pretty early, but the chase of them will wreck what could have been a perfectly happy business.

(To make the math work for traditional VCs the company has to at least have a market-appropriate shot of $100 million a year. There are a lot more $10 million a year companies than $100 million a year companies. That is *not* a bad terminal outcome for founders/employees.)

A thread on HN about bad code in legacy projects both makes me think how little we've learned as a discipline over the years and, honestly, how little credit we give ourselves for some pretty major

Fun going down this list and thinking: "Hmm, plausible at a well-run modern software shop", "Hmm, possible, but requires implausible tradeoffs", "Literally disallowed by languages", and "If you were to attempt doing that our test suite wouldn't let you merge."

I think we as an industry celebrate (not quite the right word) failure too much and don't celebrate success nearly enough. There is no DailyWTF for competent execution, word of which generally stays pretty local to the source while incompetence passes into legend.

Alrighty let me try to thread the needle on being the change I want to see in the world while not giving away anything that will get me in trouble:

Ruby has wonderful developer ergonomics. Typed languages are easier for machines to guarantee the correctness of. We built a type checker for Ruby (and I believe it is slated for OSS release sometime).

c.f.

An irony of facebook's situation.

Sheryl got her MBA at Harvard. One of the most famous cases (Extra Strength Tylenol) in one of the most famous classes (Business History) she took: in 1982, someone put cyanide in Extra Strength Tylenol capsules and killed 7 people in Chicago.

What do you do when someone turns your product into a weapon? When they use the system you built to harm? James Burke, CEO of J&J, was shockingly open with the public, he pulled the product and made significant packaging changes to make product safer (but not tamper-proof).

He over-shared every step along the way re investigation, redesign, stood up as both CEO and human. The reintroduction of new Extra Strength Tylenol succeeded. Burke saved the brand.

But four years later it happened again. A killer put cyanide in the capsules, this time a woman in Yonkers died. Same CEO, Burke, pulled the product again, completely changed the form factor from capsule to caplet and relaunched *again*. It worked *again*. How'd they do that?

Burke (CEO) tapped J&Js goodwill bank account w/ the public. Two big withdrawals from that bank account in four years + 8 dead bodies! But his honesty, openness, humanity (choked up about the deaths more than once), humility kept the goodwill bank balance positive the whole time.

I want to explain what happened to tumblr overnight. And why Twitter as reached it's dream (or have come ever so close to it)

Yahoo, who bought Tumblr years ago, used to have a huge adult presence on the early net. They allowed adult groups and what not.

However, people and bots (just like now) misused the service, and Yahoo were forced to make a choice. They made private the groups (and later closed them down and sold some of it to other companies) and then ended their chatrooms on yahoo messenger...

after a incident with one of the chatrooms vid cams. The damage was done, Yahoo Messenger lost a lot of people - and with the closing of the groups - backpage and Craigslist came more important.

Now backpage is no more and Craigslist is slowly passing away. Tumblr had a semi strong community, but once 2014 came around and both porn, and political bots exploded the quality started to go down,

Wanna disable Defender when enabled Isolated Core and Tamper protection?

Its a bit more trouble- but doable, without ruining Isolated Core/Secureboot etc.

Defenders process will run as a unkillable protected service- so new tricks needed.

Here we go:

Ok- tamper protection is easy, just make .bat - run as adm:
:again
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter\Instances\WdFilter Instance" /v altitude /t REG_SZ /d -1 /f
goto again

Then unload minifilter with process hacker:

The registry key will be changed while the minifilter do not protect it, when tamper protection makes the driver load again it cannot attach to volumes nor protect registry keys.

Removing it will make it recreate, but invalid altitude do the trick

Notice now the service is: Protected light(antimalware)
Now we cant do anything to the service/process- not even see its open handles.

Lets start by elevating to SYSTEM- just launch a command prompt, then close process hacker- and run it again from the command prompt.
Now process hacker runs as SYSTEM

Been reading up a lot about these jabs, esp as I know they are going to be a condition of a return to normality

Was on a zoom call last evening with a testing company that had some fascinating evidence on protection etc.

I have more reading to do.

I do not want to be coerced into something I don't want, BUT i want normal back as soon as possible.

Basically i'm at the point in my isolation and thinking that I'll take whatever just so this bullshit can end.

That is a desperate mindset, but so is 12 months of being cut off from the world.

All i have is what goes round and round in my head.

There's no one else to help balance it.

So i'm in group 6, and my surgery are doing group 6 right now. And i am at the point i want to do it to get it DONE.

And also to study what happens. Because i have that kind of mind.

I remember Pandemrix.

But we live with risk every day.

I risk my life climbing walls with only a harness around my waist to catch me as i lean back and fall off

And rational risk assessment is at the heart of everything going wrong these last 12 months

Last weekend, I made a threat on the ongoing #SocialMedia shutdown in Uganda and some implications on the future of #internet & Uganda's #digital agenda.

The thread attracted a lot of engagement and questions. Tonight, I will share some final thoughts on the subject. (1)

Conceptually, social media sites are the largest on-boarding platforms for internet users in Uganda. Notably, Facebook, WhatsApp, Twitter, Instagram & Snapchat attract the highest internet traffic- which drives demand for other platform services e.g Google and Zoom recently.

So- when we talk about an "open internet", we mean the FULL resources of the internet. Any encumberance on selected applications has ripple effects across the entire network thus jeorpadizing standardization of internet/data transmission which is essential for innovation & growth

Furthermore, shutdowns hinder network interoperability (technical ability to plug/link one digital product or service into another product or service). Interoperability is the heart of the "Internet of things" eg business, devices, networks, services, e-govt, integration etc #IoT

Because the internet is a global resource, shutdowns enhance a digital divide (the gap between demographics and regions that have access to modern ICTs, and those that don't or have restricted access). Ironic that 3rd world countries have the highest number of shutdowns globally.