Most of the so called "emerging tech" projects at JPM are being phased out due to not delivering the promised returns on investment (lots of money for expensive developers to build out moonshot projects with little concrete deliverables).
We need to start distinguishing between the H1B abuse of several large foreign consulting companies and the seasonal low skill jobs in our discourse. You yell "let's reform the visa process" in a crowded room in this country and everyone cheers for different reasons.
That's right, it isn't black and white. There isn't one knob to turn. If you read the visa regulations, it looks perfectly fine. But "body shops" game the system. Because, short of litigating every job description, there is no visibility by regulators into job requirements and whether applicants meet those requirements, H1-B has hijacked for the purpose of wage suppression.
There's also no bright line between the generally bad actors and the good guys. Even R&D-oriented high tech companies that often use H1-B for the intended purpose of importing otherwise unobtainable talent also use H1-B (and other methods like anti-poaching agreements) for wage suppression.
Reform needs to be flexible and enforced by financial incentives, like auctioning visas at a high reserve. It does not need to be cheap for employers.
I think wage suppression was a side effect despite good intentions. In addition, H1Bs are/were a mechanism for outsourcing companies to win US IT contracts. Auctioning visas may not solve this problem.
Other causes of recent wage suppression include the no-poaching and other gentlemen agreements among the big players in the Valley. In addition the basic, I'm not going to pay more than the other guy (or the minimum I can get away with).
Wage suppression comes in other forms too. Asking for previous salaries, asking for W2s etc... Some companies are so large that they just refuse to pay more as well. But that's just "the market" at that point. In every company there's some maximum value for you.
The only way to escape this is to start your own company.
Looking through some of the code and some of the docs, these look old. In absence of a lot of time or some missing docs, not sure how usable these things are.
In the article pointed out by Snowden:
https://www.nytimes.com/2016/08/17/us/shadow-brokers-leak-ra...
they state that the stolen code is from 2013 and Snowden was quoted in Wikipedia saying "circumstantial evidence and conventional wisdom indicates Russian responsibility".
To me it seems impossible that non-state-sponsored hackers would have gotten their hands into top secret NSA hacking tools. If I'd have guess it would seem that TheShadowBrokers are "useful idiots" that Russia gives information in the way they did (probably) with Wikileaks. The real question is why would anyone leak these files at this very moment? Did it take this long to get angry at Trump or are there some others factors at play?
> To me it seems impossible that non-state-sponsored hackers would have gotten their hands into top secret NSA hacking tools.
About as impossible as the Snowden exfiltration, so that makes it entirely believable.
All it takes is one rogue employee or plant. And if you don't want to burn an inside asset it would pay off to release files that are several years old.
Releasing several year old files is signalling. "Next time it may include your zero-days". Remember the previous threats?
> What this have do with fun Cyber Weapons Auction? We want make sure Wealthy Elite recognizes the danger cyber weapons, this message, our auction, poses to their wealth and control. Let us spell out for Elites. Your wealth and control depends on electronic data. You see what "Equation Group" can do. You see what cryptolockers and stuxnet can do. You see free files we give for free. You see attacks on banks and SWIFT in news. Maybe there is Equation Group version of cryptolocker+stuxnet for banks and financial systems? If Equation Group lose control of cyber weapons, who else lose or find cyber weapons? If electronic data go bye bye where leave Wealthy Elites? Maybe with dumb cattle? "Do you feel in charge?"
These look much older than 2013. So much of this stuff is targeted at sun/sco.. the only thing I can suggest is: most state/government systems are simply ancient.. so their tools will be tailored to their targets.
# ELATEDMONKEY is a local privelege escalation exploit against systems running the cPanel Remote Management Web Interface, at least through version 24, and probably future versions too (althogh that should be checked before throwing).
It has been tested explicitly on cPanel 11.23.3 and 11.24.4 running CentOS 5.2 Linux
I wish I could say I'm unaware of a few thousand c5 machines still currently running prod and internet facing at just one of my previous clients; but I can't. These releases don't make things much worse than they were for those folks but let's not pretend there isnt a lot of unmaintained compute that this still applies to and that his is likely to change anytime soon.
Don't underestimate the ability of failing smbs to dismiss the risks involved with that when they can't pay to fix it.
