This has been a problem ever since the iPhone 6, when Apple inexplicably decided to move the on/off/lock button from the top of the phone over to the right side, directly opposite the volume buttons.

That's gotta be one of the stupider things I've read about someone doing. Are you sure this guy wasn't from Florida?

Yeah, the twelve-year-old in me enjoyed the video very much! What a fireball!

In which case this, like so many others, becomes a Chrome-only problem.

They're not independent entities.

I think my wife's conversational topics might also work.

From the actual paper (emphasis mine):

After tricking the victim into clicking a malicious link, an attacker can monitor the victim’s activity on the host system, such as website visits and application usage, without further user interaction.

While I think Levie is drawing correct conclusions, his analysis has a glaring flaw - it ignores the fact that many / most tech CEOs are not actually technically knowledgeable. Most of them are, at best, tech-adjacent. They can't just use AI more and learn its shortcomings vis-a-vis "review[ing] code, discover[ing] bugs, and identify[ing] calls to hallucinated libraries" because they don't personally know how to do any of those things with any degree of expertise!

"I'm sure [AI] can do it, but I'd much rather give this job to a real human being," he said in the video.

Is he offering to pay that "real human being", or is he just looking for someone who'll donate their time and skills to his hobby project for free?

Wow, they've been very busy recently! The machines we have in our labs were included there as of a few days ago. Wonderful!

I mean, aren't there plenty of sites which offer pretty much the same thing?

It's nice that Dell is financially supporting this, but - I wish they'd support it for more machines. Last time I checked, it appeared Dell only supported this for a single model out of their entire line.

If "we" are doing the latter, than "we" are being stupid. We need to keep training our users to be skeptical - they should always first ask "does this pass the smell test?" because no technology is perfect.

So basically this is just admin laziness, as in they don't want to manage a separate DKIM / SPF setup for their customers versus their actual employees?

Someone in the Mastodon thread linked from TFS was claiming that Google and Apple basically doing that - which is mind-blowingly stupid, if true. I'm actually a bit skeptical (but feeling too lazy ATM to dig into it right now).

One of our grad students got burned by this - fake emails purportedly coming from his faculty advisor.

I don't get how people fall for it, though... in this case, the faux professor told the student first to go buy a few hundred dollars in gift cards, then to send him the gift card numbers and the confirmation codes (the ones you have to scratch off to access). I mean, why would you think your professor would ask you to do these things?