Not having a recent GCC and not having GCC are different things. There may be architectures that have older GCC versions, but are no longer supported for more current C specs like C11, C23, etc.
>4. Ask an exec if he would please let you add mfa to their mailbox.
Ask?! This is where the org's cyber insurance is your friend. Just have the executive get the provider's clearance on him not having MFA. I'm sure that line item will change his mind, and if not, be sure to accidently mention those exemptions to those yearly auditors.
Commercial airline passengers are not the only users of ATC. If you include mail and parcel carriers and other use cases like med-evac, tourist, and other private flights, you are probably close to 100% coverage of US taxpayers in the country.
The point is that how does the whistleblower know whether or not they are not whistleblowing to the very people or allies to those being reported on if who is behind it?
To pull an example out of thin air, would you risk whistleblowing to TruthWave on Amazon if you knew that the Washington Post was running TruthWave?
Or, would you whistleblow on Tesla, if you knew any out of a hundred companies was behind it, like Meta, Alphabet, Amazon, ...? About the only "big" entity I MIGHT trust would be Berkshire Hathaway..
I think this trust (in the Post) is now misplaced, and in the case of the Post and Amazon, you absolutely shouldn't. But perhaps it always should have been with any single newspaper.
This is why whistleblowers now often work with two different organisations with different ownership/politics, or in different branches of media, or with a journalist backed by the ICIJ (e.g. the Mossack Fonseca leak investigation was shared with the ICIJ).
But yes, any generic online whistleblowing broker with dozens of concurrent cases is going to be such an obvious target for state or organised crime interference. Anyone making a business of brokering whistleblowing for a cut of the reward is an obvious risk.
"Great, first you wanted more money to buy compute and storage for dev and staging separate from production, and now you even more for 'testing backups'?!"
And yet, look at how pretty much every human society deals with immigrants/refugees. We most often find the least common ground between races, ethnicities, nationalities, or any other way to create outgroups, and you think humanity will handle an intelligent extraterrestrial civilization well?
> We most often find the least common ground between races, ethnicities, nationalities, or any other way to create outgroups, and you think humanity will handle an intelligent extraterrestrial civilization well?
But we find PLENTY of common grownds when we talk to the smartesr of those groups and races, across milenia and continents via groups, scientific forums, discussion books.
We find very little common grounds when we have forced encounters with the uneducated trouble makers up to no good, in systems designed for high trust abused by said individuals.
> We find very little common grounds when we have forced encounters with the uneducated trouble makers up to no good, in systems designed for high trust abused by said individuals.
I'd bet good money lots of non-Western European civilizations had that same thought after the English, Spanish, Portuguese, etc. rolled up on their shores.
> I'd bet good money lots of non-Western European civilizations had that same thought after the English, Spanish, Portuguese, etc. rolled up on their shores.
Something like this has happened in the proprietary world: the SolarWinds supply chain attack. IIRC, they were releasing breached versions for about a year, and I think it became known only when the US Government came knocking on SolarWinds door. SolarWinds potentially vetting every employee through HR had zero effect on preventing a supply chain attack.
Not having a recent GCC and not having GCC are different things. There may be architectures that have older GCC versions, but are no longer supported for more current C specs like C11, C23, etc.
reply