I think if siemens was breached they have to publish as it is stock market listed, NIS2 and also founder of the charter of trust. Question is what do you consider breach. Is it malware incident? Some cryptolocker? Or is it exfiltration of IP?

I recommend you to read all the previous CVEs with a "disputed" state :)

Lots of companies did it the same way. SAP, Salesforce, Fortinet, Sophos, heck, even Solarwinds RCE was disputed - AFTER the whitehouse made a public statement about it.

I'd argue that NIS2 doesn't enforce much, because the "reasonably modern" lingo is used everywhere, which is a legal grey area that lazy lobbyists inserted for a good reason.

Legally speaking, base64 is a reasonably modern encryption, which says something about this, and the lack of technical correctness in the whole sector.

TISAX requires 24 hours response times, and the response is "We have received it" because it doesn't say that companies have to disclose or report any incident. Neither any mandatory time frames for bugfixes.

Same for all ISO norms, you can fulfill ISO 27001 et al with a single part time student job, which has 20+ role descriptions. Will the student get the job done? Probably not, but it's still passing the audit because auditors don't control the outcome, only the management policies.

We need to rethink how audits are done, because systematically paying auditors for implied successful audits is what got us here.

Difference might be in voluntarily making bank account and applying for loan and impersonating person. One might be punishable as criminal offence, other as minor scam (not sure about proper legal terms). Also in certain jurisdictions it makes sense as different police units investigating certain crimes and scammers might be connected.

Maybe you are forgetting software industry is pretty inmature. Thats why we struggle with standards, quality, hell even job description (engineer is in certain countries regulated job name). Not mentioning interoperabilty, long term support (ics/scada anyone) or security. This is still wild wild west in 1850+. Civilization is pushing but…

I live in city and i do not have space to do it. I do not think draing oil is legal on city center. Or wise for that matter. So i drive for oil change, even though i know how to so it

To add to this, where I live you can basically only change your own oil if you own your home as nearly every lease will disallow it if you’re renting.

I have never seen such a limitation on a lease anywhere I’ve rented. I’m guessing America?

Yes.

Oh nice. I forgot i was using stay for automated window positioning but it was not working as i wanted. Also good app is/was fluor for switching keys between mac functions and normal f keys in terminal. Does not work on m2 in combination with monitorcontrol but the feature is already missed. :)

I have the keyboard settings to use F1, F2 as standard fn keys. If i really need the mac functions (not so often) i can press Fn+F1 etc.

Hmm. Might be better from ux perspective as keyboard works consistently across apps.

I kind of solved this with salt stack. But i still have like 15 machines where cfg management is nogo. I will use built in pass manager there. But i am open to tips.

I like also terminal splitting and tmux support. Never used integrated pass manager, good hint. I am guilty of using maybe 5% of iterm capabilities. :)

I will try contexts. Macos window management is surprisingly shitty for ui/ux oriented company. Thanks for Tje tips.

Helix looks great, thanks! I am quite satisfied with sublime but server side editing is limited. That is why i have in terminal neovim and in gui sublime. Merging two editors to one seems like logical improvement.

Will try, thanks! FlyCut especially seems like something i am missing. Clipboard manager is something I have in todo list for a while.

I you want to try Alfred anyway, it has this multi clipboard functionality included.