I was caught with MDMA coming in the mail from Vancouver, and some marijuana coming from california (the latter of which is what I am currently serving my time for right now)
April 2017 the police find traces of carfentanil while executing a search warrant at his place - plausibly but not provably linked to some recent carfentanil deaths - and police announce they are searching for him. https://www.cbsnews.com/boston/news/man-wanted-suspected-let...
The articles aren't clear on this, but given his own recounting I assume that a suspended sentence for Marijuana was un-suspended as a result of the new charges and he is serving that sentence first, or concurrently.
I downloaded and extracted the files in a fresh Linux virtual machine with tools for viewing Word, Excel, and PDF documents. After reviewing the contents for about 30 minutes, the data appears technically authentic—not AI-generated—but nothing particularly noteworthy stood out.
The files "Vulnerabilities/Fetched Data.txt" appear to be output from an automated security scanner that targeted public-facing web servers. Some directory labels are inaccurate. For instance, a company listed as a crypto exchange—Cryptopro—is actually an IT consulting firm focused on cryptography and PKI.
A number of Word, Excel, and PDF files containing corporate reports and similar materials appear to be publicly accessible online and even indexed by search engines. I was able to locate several by searching their titles.
One file, "Part 1/Report those Russian ringleaders/russRingleadersPerDFUNAFO.txt", seems to be the likely source of the "Kremlin Assets in the West" mention. It’s a brief list of Twitter accounts and may have been assembled through open-source intelligence methods.
While the leak might contain some mistakenly published or sensitive material, I didn’t come across anything as significant or dramatic as implied by the article linked.
> personally I know nobody with the former or the latter experience
I have personally received threats of having such experience, from a director of the company I was working for at that time. Happened in Moscow around 2010. The director was from FSB, unfortunately the company forgot to mention that detail in the job ad.
> emigrant press, who often do not have any firsthand Russia experience
LOL. The reason you only read about cases like that in emigrant press, local journalists don't want to be murdered in a forest.
> local journalists don't want to be murdered in a forest
I can see this pronounced difference between Palestinean journalists and journalists specializing in Russia.
The former are present on the ground and fall victim to the current military conflict.
The latter are comfortable writing about Russia from their rented Israeli or German flats, while not setting the foot in Russia in years. That would be way too dangerous. Unsurprisingly they are not having much cred with actual Russians who do live there.
Not to mention setting their foot in the area of the conflict and having a firsthand experience of what happens there on the Russian side of the front. That would be an absolute taboo.
I usually use something completely different for that use case.
Specifically, ECDsaCng class from the standard library, which implements ECDSA asymmetric cryptoalgorithm.
Generate a key pair, embed public key in your executable, keep private key private.
A license is some JSON or XML or whatever, signed with the private key. If your licenses are permanent, and you don't need different license types, a license is just a signature of some computer ID (like hard drive serial), with that private key.
Unlike the older RSA, ECDSA results in very small signatures, even for very strong curves like NIST P-521.
These signatures only take couple lines in Base64 text format.
If your licenses are time-limited, you can use regular X.509 certificates to represent a license (where the subject name signed is the computer ID, and the validity period of the certificate is the validity period of the license). You could even run standard X.509 revocation checks in order to enable blocking of illegally shared keys.
You can go a step further and you can embed a key in the license itself that is used to sign any files that the software produces that then would alert someone if they were created with unlicensed software.
AutoDesk software and quite a few other creative tools do that.
So whilst they are fairly easily cracked its quite hard to use that software in a commercial setting.
Oracle’s cloud servers are OK. Their physical servers have 160 cores (2x Ampere Altra Q80-30, 80 cores/each), 1TB RAM, and 100 Gbps network bandwidth (2x 50Gbps cards). They can also cut these servers into VMs and offer these smaller VMs.
The software story is OK by now. I had little to no issues with that aarch64 Linux in their VMs. I didn't need a lot though, only mysql, asp.net core runtime, and related OS setup (SELinux, built-in firewall, etc).
I format them, and gift to some people around here who could make a good use of them (friends, neighbors). Usually, I replace disks because I need more storage, the old ones have quite a few years of life still left. These people know me, getting good hardware for free, and I'm reasonably confident they won't sell them to digital forensic experts on e-bay.
When I was younger, out of curiosity I've downloaded leaked source code of Windows or video games.
Got an impression that code is not that useful to an outsider. It can help answering extremely specific questions how a particular small isolated function is implemented. Even ignoring legal issues, it won't significantly help building competing products, let alone building a successful business around such product.
When we hire people, they gain access to complete source code, documentation, continuous integration environment, bug tracker, and most importantly to the current developers. It usually takes them months to become productive. With just the source code, would probably take a year even for very smart person.
Do you have a source? It seems that guy was selling MDMA and marijuana. Here's the relevant quote from https://pthorpe92.dev/intro/my-story/
I was caught with MDMA coming in the mail from Vancouver, and some marijuana coming from california (the latter of which is what I am currently serving my time for right now)