Are these genuinely being hand rolled in an enterprise environment? Unless it’s completely impossible to automate then I can’t be sympathetic to companies that are just doing it wrong.

Who is buying SSL certs for $300? Is this an enterprise thing? I’m using free certs on AWS. LetsEncrypt is also fine for self-hosting.

I have no issue with the stealth part given that it can only recognise audio which is already publicly available. If you don’t want people to know what you’re listening to, just don’t play it loudly in public.

This project also wouldn’t be possible if people were aware of it (it would just be gamed and certainly removed).

My AirPod Pros have also worked perfectly on my Linux PCs - just as solid as connecting to an Apple device.

That’s fair!

Sure, I use a ThunderBolt dock at home, but being docked 100% of the time is probably not normal.

The article says it’s a stock photo that has been edited with AI.

Interesting point about the KVM. To make it transparent the KVM would need to report the model of a real monitor in the display EDID data. Also if you’re monitoring the device, which is almost certainly a laptop, it would be suspicious if it was plugged in to a monitor 100% of the time.

2FA by SMS you mean? TOTP codes are generated offline

You can only install 3 self-signed apps at a time, and they expire after 7 days. It’s meant to make it difficult for anything other than development purposes.

Thanks

Not always. It can be perfectly reasonable to implement something in a quick and dirty way to get it out there with a view to either kill it off (eg if it doesn’t get adopted by users) or re-write before it needs to be extended. The key is having the awareness when putting yourself in that position.