Portable security

http://img.youtube.com/vi/fVIOIi8YziA/0.jpg

This video hit my feed this morning.

 

Yes, we can all mock Leftist and say, “you voted for this.”

But…

What about the people who didn’t vote for this?  Should they suffer?

I am traveling at the end of this month that will have me spend two days in Portland, Oregon.

Most of one of those days will be after I check out of my hotel, so my belongings will have to stay in my rental car.

I have already posted about the secure container I have installed in my truck.

I will be taking some extremely valuable items with me on this trip and I don’t want them to get stolen and I can’t take them into the facilities I’m going into.

(Trust me, you will read all about this soon enough.)

So what to do.

When you watch the video, you will notice two things:

  1. They moved very fast.
  2. The only tool they used was something to break the window, and it was small. Maybe a center punch or something.

That’s good news.

It means defeating these people can be done with anything that slows them down and requires tools.

Again, nothing is perfect, it it doesn’t look like these assholes are willing to start fucking around with bolt cutters and grinders.

My most valuable items will be in a Pelican case with padlocks.

Of course, that alone is not enough.  The box needs to be secured to the vehicle.

That is where a security cable with loops on each end comes in.  Those are cheap.  You can buy them at a hardware store or on Amazon for $10.

Now you have to know what to secure it to.

SUVs generally have cargo tie-down spots in the trunk. Cars don’t. You can secure it to the spare under the trunk floor cover.  In my car, there is a steel loop. Welded to the car body that held the jack in place. I got my car used so the jack was missing. I can key lock to that.

In the cabin or behind the seat, there is also a LATCH system attachment point for car seats.  That is very strong and can accommodate a padlock.

Many cars have a pass through from the trunk to the cabin. Usually the center armrest in the rear seat. A four foot security cable can reach from the trunk to a rear seat LATCH point.

A good padlock, a cable lock, and a Pelican case will defeat these guys.

If a Pelican case is too expensive, I’ve been impressed with the Harbor Freight version APACHE case.

For soft items, you can use a steel wire mesh bag by Pacsafe.

Here is a video of one in use:

 

You can also just buy sheets of that wire mesh from Amazon, and using a cable and lock, make your own for odd size or shape bags.

Once again, locking it to a tie-down or LATCH location.

I get it, it’s a hassle and you shouldn’t have to do it.

But wish in one hand and shit in the other.

If you need to travel to areas like this, you can take precautions that for less than $100, will secure what you own from theft.

 

 

Gun Free Zone

Airplane Size Comparison

https://theawesomer.com/photos/2022/10/airplane_size_comparison_t.jpg

Airplane Size Comparison

Link

The smallest plane we’ve flown on was a 4-seat Cessna, and the biggest was a Boeing 777. But there are much smaller and much larger airplanes out there. RED SIDE created this computer-generated clip of these flying machines ranging from a 12.8 feet long single-seater all the way up to a gigantic 275-foot-long cargo jet.

The Awesomer

“Most notorious” illegal shadow library sued by textbook publishers [Updated]

https://cdn.arstechnica.net/wp-content/uploads/2023/09/GettyImages-1437356693-760×380.jpg

“Most notorious” illegal shadow library sued by textbook publishers

Yesterday, some of the biggest textbook publishers sued Library Genesis, an illegal shadow library that publishers accused of “extensive violations of federal copyright law.”

Publishers suing include Cengage Learning, Macmillan Learning, McGraw Hill, and Pearson Education. They claimed that Library Genesis (aka Libgen) is operated by unknown individuals based outside the United States, who know that the shadow library is “one of the largest, most notorious, and far-reaching infringement operations in the world” and intentionally violate copyright laws with “absolutely no legal justification for what they do.”

According to publishers, Libgen offers free downloads for over 20,000 books that the publishers never authorized Libgen to distribute. They claimed that Libgen is “a massive piracy effort” and noted that their complaint may be updated if more infringed works are found. This vast infringement is causing publishers and authors serious financial and creative harm, publishers alleged.

“The Libgen sites deprive plaintiffs and their authors of income from their creative works, devalue the textbook market and plaintiffs’ works, and may cause plaintiffs to cease publishing certain works,” the complaint said.

This is not the first lawsuit to go after Libgen, and if history repeats, it likely won’t be the last. TorrentFreak reported that after the publisher Elsevier sued Libgen in 2015, a court ordered Libgen to shut down. But after briefly disappearing, Libgen popped back up and has been online ever since, operating in defiance of that order—as well as court orders “in several countries, including Belgium, France, Germany, Greece, Italy, and the United Kingdom,” publishers’ complaint filed yesterday said. Those countries even tried ordering “Internet service providers to block access to Libgen Sites as a result of infringement actions,” publishers said, all seemingly to no avail.

It’s hard to say if the new lawsuit will have better luck forcing Libgen offline. Publishers have asked a US district court in New York to order Libgen to pay damages that TorrentFreak estimated could exceed $30 million. They also want an order blocking Libgen from any future or ongoing infringement, an accounting and disgorgement of Libgen’s profits, the destruction of all Libgen’s copies of infringed works, and an order forcing all of Libgen’s domain names to either be transferred to publishers or deleted.

Anonymity is key to Libgen’s success

According to Similarweb data cited in the complaint, Libgen attracted “an average of over 9 million visitors per month from the United States” from March through May 2023. This includes tons of students whom publishers claimed are “bombarded with messages to use Libgen sites” on social media rather than paying full price for textbooks. This, publishers claimed, devalues the textbook market and caused a “substantial decline in revenue from sales.”

Instead of paying publishers to distribute books like a real library does, the complaint alleged, Libgen profits off pirated works by running advertisements alongside e-book downloads for things like online games and browser extensions. Sometimes Libgen’s ads, publishers claimed, “appear to be phishing attempts, which can result in users downloading a virus or other malicious program onto their computers.” Libgen also fields donations from users, reporting that it has raised $182,540 so far in 2023, the complaint noted.

Publishers said the key to Libgen’s success as a pirate website is its carefully guarded anonymity. Libgen staff, the publishers alleged, hide behind usernames like “librarian” or “bookwarrior” and rely “on proxy services that specifically conceal website operators’ identifying information.” As a business, Libgen never provides names or addresses as contact information, and when they register for new domains, they use registrars that “keep registrant information private and/or registrant proxy services.”

So far, they’ve proven seemingly impossible to unmask, but Libgen’s operators “are believed to reside outside of the United States at unknown foreign locations,” the complaint said. But while Libgen staff remains anonymous, publishers know that they also “rely on US companies as intermediaries to operate the sites,” and those companies could help disable the operation. Those companies include Cloudflare, Protocol Labs, Namecheap, and Google, which publishers claimed help to enable Libgen’s file-sharing, proxy services, domain registrations, and search engine services.

Thanks in part to these US companies, Libgen operators can “rely on the anonymity of the Internet and their overseas locations to hide their names and addresses and frustrate enforcement efforts against them,” publishers alleged.

Publishers hope their lawsuit will finally end years of Libgen’s alleged mass copyright infringement, but shadow libraries like Libgen have proven resilient through multiple attacks from the highest levels of US law enforcement. Even when the US government arrested operators of another shadow library called Z-Library last year, Z-Library returned a few months later and found a way to continue operating after the US seized its login domain.

Ars could not immediately reach publishers’ lawyers or Libgen for comment.

Ars Technica – All content

Brilliant: Doctors Open Therapy Center For Men That’s An MMA Octagon With A ‘Therapy’ Sign Out Front

https://media.babylonbee.com/articles/6504c376bc4df6504c376bc4e0.jpg

BATON ROUGE, LA — In the most successful advancement for men’s mental health in decades, therapists opened an office that is simply an MMA octagon with a sign outside saying “Therapy”.

“My cracked rib is all healed so I’m off to therapy again honey,” said local man Deron Thompson to his wife. “Ready to get back in there and, uh, really work through my issues.”

Dr. Tim Dillashaw and Dr. Domingo Cruz said the new office is already bursting with patients after opening the new office just last month. “It’s not that men won’t do therapy, it’s just that no one has been offering actual therapy for men,” said Dr. Cruz. “You don’t need to lay on a couch. You need to lay on the mat while your opponent is throwing haymakers in full mount and learn how to fight your way back to your feet. Now if you’ll excuse me, I have a patient to choke out.”

According to sources, the incognito MMA studio has produced stunning therapeutic results. “All of that stress from work suddenly didn’t matter so much when I was losing oxygen from an arm triangle,” said local patient Timothy Traeger. “I got absolutely pummeled during my first session and walked away feeling more alive than I’d felt in months. I tried and failed a million stress management techniques. Turns out, all I needed was to learn how to pass guard and make my buddy tap with an armbar.”

At publishing time, patients’ wives had reported tremendous satisfaction in their husbands’ new willingness to attend therapy, though they did express concern over why their husbands always returned from therapy limping.


In Disney’s upcoming reboot of 1937’s Snow White, will the Prince kiss the sleeping princess? Or will he obtain her consent first?

Subscribe to our YouTube channel for more tactical instruction

Babylon Bee

How Google Authenticator Made One Company’s Network Breach Much, Much Worse

A security company is calling out a feature in Google’s authenticator app that it says made a recent internal network breach much worse. ArsTechnica: Retool, which helps customers secure their software development platforms, made the criticism on Wednesday in a post disclosing a compromise of its customer support system. The breach gave the attackers responsible access to the accounts of 27 customers, all in the cryptocurrency industry. The attack started when a Retool employee clicked a link in a text message purporting to come from a member of the company’s IT team. It warned that the employee would be unable to participate in the company’s open enrollment for health care coverage until an account issue was fixed. The text arrived while Retool was in the process of moving its login platform to security company Okta. Most of the targeted Retool employees took no action, but one logged in to the linked site and, based on the wording of the poorly written disclosure, presumably provided both a password and a temporary one-time password, or TOTP, from Google authenticator. Shortly afterward, the employee received a phone call from someone who claimed to be an IT team member and had familiarity with the "floor plan of the office, coworkers, and internal processes of our company." During the call, the employee provided an "additional multi-factor code." It was at this point, the disclosure contended, that a sync feature Google added to its authenticator in April magnified the severity of the breach because it allowed the attackers to compromise not just the employee’s account but a host of other company accounts as well.

Read more of this story at Slashdot.

Slashdot

Laravel SchemaForge

https://miro.medium.com/v2/resize:fit:1200/1*Swb4pEdKwDPUsStSP2Fi9A.pngLaravel SchemaForge is a powerful Laravel package designed to simplify and streamline the process of database schema design, CRUD view generation, and API resource method creation within Laravel applicationsLaravel News Links

Lawyer Comes Unglued

I was giving a deposition a few years ago when I sued my mortgage holder, SunTrust bank. I had gone through a Chapter 7 bankruptcy and it had been discharged. There was a court order, so they weren’t allowed to do anything to collect the debt. All they were permitted to do was foreclose on the house.

Here is the problem- it turned out that they were NOT the mortgage holder. They had lied to the bankruptcy court. They tried all sorts of tactics- they forged a note. They lied to the court. None of that worked, and they were unable to foreclose on the house. So they resorted to sending collection agents to my house, and calling me repeatedly on the phone. I wound up suing them 5 times in 4 years and collecting more than $40,000 in damages. They still kept it up, with a collector calling me a deadbeat who doesn’t pay his bills, so I sued them again.

So that’s how we wound up in the deposition. I brought my attorney. One part of the deposition went like this:

Divemedic: I have a tape of your client’s collectors harassing me on the phone and calling me a deadbeat

SunTrust Lawyer: Did you ever think, even once, that if you paid your bills, the calls and visits would stop?

DM: Are you telling me that you and your client are knowingly violating the orders of the Federal Bankruptcy court to collect this debt in violation of Federal Law?

STL (to the court reporter): Stop recording this. This is off the record. (To my attorney): You need to remind your client that I am an officer of the court, and he needs to be civil, or we will ask for contempt charges.

My Lawyer: (to me) You heard her. You have to be civil.

DM: (to my lawyer) This is still off the record, right?

My Lawyer: Yes.

DM (To STL): Kiss my ass.

The SunTrust lawyer came unglued and ended the deposition at that point. On the way out, my lawyer told me that my comment was the funniest thing he ever heard at a deposition. We wound up settling the lawsuit for five figures, but I can’t comment on how much because of an NDA. That was almost ten years ago, and I still laugh about it.

Area Ocho

Blending with Fire

https://theawesomer.com/photos/2023/09/blending_with_fire_t.jpg

Blending with Fire

Link

The guys from How Ridiculous aren’t done destroying things in their gigantic blender. This time, there’s even more spectacle as they satisfy the appliance’s voracious appetite with aerosol deodorant cans, a garbage bin filled with dry ice, and glow sticks. They also fed it a combination of hairspray and sparklers, resulting in some impressive fireballs.

The Awesomer

3 crucial Laravel architecture best practices for 2023

https://life-long-bunny.fra1.digitaloceanspaces.com/media-library/production/56/conversions/programmer_v_02_o9k1tl-optimized.jpg

3 crucial Laravel architecture best practices for 2023

Updated on

Table of contents:

3 crucial Laravel architecture best practices for 2023

How should you organize your Laravel app to best serve your needs? Well, the good news is that you don’t have to worry about this since you are using a framework! Stick to the defaults unless you have good and objective reasons to do otherwise.

And yet, people can’t stop overthinking the architecture of their projects.

To me, it seems that the urge to deviate from the standard project structure often reveals a deeper issue – a fundamental inability to maintain organization. Whether you adhere to the Laravel architecture or significantly modify it, the outcome is likely to be disorganized.

Therefore, to address this problem, we will put ourselves in shoes that would fit almost any enterprise project.

Before we begin, though, let’s define what an “enterprise project” is in our context. Essentially, it’s a public facing project with lots of users that generates revenue, making it vital to continuously evolve by adapting to new technologies, business requirements, and market trends.

Here’s what is expected from the team of such projects:

  1. Easy collaboration.
  2. Maximize compatibility with third-party solutions that will help maintain the cost of development down.
  3. Keep the cost of onboarding low. To achieve this, new hires need to easily find their way around the codebase, which can make them somewhat productive even when they lack domain knowledge.

With these goals in mind, let’s dive into what I, and most of the experts from the community, think are the best architecture practices.

Using Laravel is meant to make your life easier, not harder.

  1. First, following conventions helps ensure that new hires can quickly find everything they need and start being productive as soon as possible. Laravel is a popular framework, and most developers will already be familiar with its default folder structure. By sticking to this, you help minimize the learning curve for new team members.
  2. Also, a profitable project is supposed to last for many years. People come and go. You will likely move on to something else. Why wouldn’t you make it easy for the ones who will take over?
  3. Additionally, by following the framework’s defaults, you ensure compatibility with many first and third-party packages. This can be crucial for maintaining development costs down and maximizing the use of available resources.

While it’s essential to keep the default folder structure, it’s also necessary to organize your code in a way that makes sense for your project. One way to do this is by organizing it by domain, without breaking the default folder structure.

This means that, for example, inside your Models folder, you could create a Blog folder. This way, when using the php artisan make:model Blog/Category command, the new file will be created at the right place.

This approach can also be used for controllers, middlewares, policies, and so on. Organizing your code the intended way will help you maintain a compatible, clean and intuitive codebase.

Developers love discovering new ways of doing things, and it’s always tempting to experiment with new packages or approaches. This is fine for personal projects or when you are working alone, but it may not be ideal in a team setting.

When you hire Laravel developers, you are hiring them to expand and maintain your product using Laravel. It’s essential to remember this and stick to the built-in features of Laravel whenever possible.

For example, don’t use Data Transfer Objects (DTOs) instead of custom form requests unless there are good and objective reasons to do so. Using the built-in features of Laravel ensures that all developers on your team are working with the same set of tools and reduces the learning curve for new hires.

Matt Stauffer, who has a lot of experience building apps for enterprise as the CEO of Tighten, talks about how keeping things simple benefits big projects.

James Brooks is a core Laravel team member. He knows what working with a big team and a big codebase are. He also asked me to include it in this article, so there he is!

https://twitter.com/jbrooksuk/status/1697182125663945015?s=20

Sebastian Schlein is the co-founder of BeyondCo, a company deeply involved with Laravel, and he also thinks that you should stick to the framework’s defaults. This is a tweet from 2019 by the way.

https://twitter.com/seb_sebsn/status/1186228940555345921

Jason McCreary, from Laravel Shift, also showcases his favorite way of organizing Laravel projects. Looks familiar, don’t you think?

https://twitter.com/gonedark/status/1333474208123412488

All that being said, at the end, results matter the most. Here’s a tweet from Taylor Otwell himself about keeping an open mind:

https://twitter.com/taylorotwell/status/1668580181504606208

Laravel News Links