#security risk software | Explore Tumblr posts and blogs

jcmarchi · 1 year ago

Text

Data breach litigation, the new cyber battleground. Are you prepared? - CyberTalk

New Post has been published on https://thedigitalinsider.com/data-breach-litigation-the-new-cyber-battleground-are-you-prepared-cybertalk/

Data breach litigation, the new cyber battleground. Are you prepared? - CyberTalk

By Deryck Mitchelson, EMEA Field Chief Information Security Officer, Check Point Software Technologies.

Nearly everyone trusts Google to keep information secure. You trust Google with your email. I use Google for my personal email. Yet, for three years – from 2015 to 2018 – a single vulnerability in the Google Plus platform resulted in the third-party exposure of millions of pieces of consumer data.

Google paid a settlement of $350M in a corresponding shareholder lawsuit, but most organizations cannot afford millions in settlements. For most organizations, this level of expenditure due to a breach is unthinkable. And even for larger organizations with financial means, constant cycles of breach-related lawsuits are unsustainable.

Yet, across the next few years, especially as organizations continue to place data into the cloud, organizations are likely to see a significant uptick in post-breach litigation, including litigation against CISOs, unless they adopt stronger cyber security protocols.

Litigation looms large

Organizations that have experienced data breaches are battling a disturbing number of lawsuits. In particular, privacy-related class actions against healthcare providers are taking off.

Globally, there were 2X the number of data breach victims in 2023 as compared to 2022.

In 2023 alone, breach related class actions and government enforcement suits resulted in over $50 billion in settlement expenditures.

The Irish Health Service Executive, HSE, was severely impacted by a large cyber attack in 2021 with 80% of its IT services encrypted and 700 GB of unencrypted data exfiltrated, including protected health information. The HSE subsequently wrote to 90,936 affected individuals. It has been reported that the HSE is facing 473 data-protection lawsuits, and this number is expected to continue rising.

I recently spoke with a lawyer who specializes in data breach litigation. Anecdotally, she mentioned that breach-related lawsuits have grown by around 10X in the last year. This is becoming the new normal after a breach.

While organizations do win some of these lawsuits, courts have become increasingly sympathetic to plaintiffs, as data breaches can result in human suffering and hardship in the forms of psychological distress, identity theft, financial fraud and extortion. They can also result in loss of human life, but more about that later.

In courts of justice, an organization can no longer plead ‘we made an error or were unaware’, assuming that such a line will suffice. The World Economic Forum has found that 95% of cyber security threats can, in some capacity, be traced to human error. These cases are not complex. But the level of litigation shows that businesses are still making avoidable missteps.

To that effect, businesses need to not only start thinking about data protection differently, but also need to start operating differently.

Personal (and criminal) liability for CISOs

CISOs can be held personally liable, should they be found to have failed in adequately safeguarding systems and data that should be protected. At the moment, we’re not seeing much in the way of criminal liability for CISOs. However, if CISOs appear to have obfuscated the timeline of events, or if there isn’t full transparency with boards on levels of cyber risk, courts will indeed pursue a detailed investigation of a CISO’s actions.

The patch that would have fixed a “known critical vulnerability” should have been applied immediately. If the organization hadn’t delayed, would it still have been breached?

Therefore, it is in CISOs’ best interest to record everything – every interaction, every time that they meet with the board, and every time that they’re writing a document (who said what information, what the feedback was, who has read it, what the asks are), as a proactive breach preparedness measure.

If a CISO ends up in litigation, he or she needs to be able to say ‘this risk was fully understood by the board’. CISOs will not be able to argue “well, the board didn’t understand the level of risk” or “this was too complex to convey to the board”, it is the CISOs job to ensure cyber risk is fully understood.

We’re starting to see a trend where CISOs are leaving organizations on the back of large breaches, which may mean that they knew their charter, but failed to take full responsibility and accountability for the organization’s entire cyber security program.

The consumer perspective

As a consumer, I would expect CISOs to know what their job is – to understand the attack surface and to map out where they have weaknesses and vulnerabilities. And to have a program in-place in order to mitigate against as much.

But even if CISOs have a program in place to mitigate breaches, consumers can still come after them for a class action. Consumers can still argue that cyber security staff should have and could have moved faster. That they should have attempted to obtain additional investment funding from the board in order to remediate problems efficiently or to increase their operational capacity and capability to prevent the data breach.

The challenge that CISOs have got is that they’re trying to balance funding acquisition, the pace of change, innovation, and competitive advantage against actually ensuring that all security endeavors are done correctly.

A current case-study in liability

In Scottland, the National Health System of Dumfries and Gallloway recently experienced a serious data breach. The attack led to the exposure of a huge volume of Personally Identifiable Information (PII). Reports indicate that three TB of sensitive data may be been stolen. As means of proof, the cyber criminals sent screenshots of stolen medical records to the healthcare service.

As expected, a ransom demand was not paid. The criminals have now leaked a large volume of data online. Having previously worked in NHS Scotland, I find such criminal activity, targeting sensitive healthcare information, deplorable. Will we now, similar to HSE, see already constrained taxpayers’ money being used to defend lawsuits?

Liability leverage with proper tooling

CISOs cannot simply put in tooling if it can’t stand up to scrutiny. If CISOs are looking at tooling, but less-so at the effectiveness/efficacy of that tooling, then they should recognize that the probability of facing litigation is, arguably, fairly high. Just because tooling functions doesn’t mean that it’s fit for purpose.

In regards to tooling, CISOs should ask themselves ‘is this tool doing what it was advertised as capable of?’ ‘Is this delivering the right level of preventative security for the organization?’

Boards should also demand a certain level of security. They should be asking of CISOs, ‘Is the efficacy of what you’ve implemented delivering at the expected level, or is it not?’ and ‘Would our security have prevented a similar attack?’ We don’t see enough senior conversation around that. A lot of organizations fail to think in terms of, ‘We’ve got a solution in-place, but is it actually performing?’

CISOs need to approach data the same way that banks approach financial value. Banks place the absolute best safeguards around bank accounts, investments, stocks and money. CISOs need to do the same with all data.

Third-party risk

One of the areas in which I often see organizations struggle is supply chain and third-party risk. As you’ll recall, in August of 2023, over 2,600 organizations that deployed the MOVEit app contended with a data breach.

What lessons around due diligence can be learned here? What more could organizations have done? Certainly, CISOs shouldn’t just be giving information to third parties to process. CISOs need to be sure that data is being safeguarded to the right levels. If it’s not, organizational leaders should hold CISOs accountable.

If the third party hasn’t done full risk assessments, completed adequate due diligence and understood the information that they’ve got, then consider severing the business connection or stipulate that in order to do business, certain security requirements must be met.

The best litigation defense

In my view, the best means of avoiding litigation consists of improving preventative security by leveraging a unified platform that offers end-to-end visibility across your entire security estate. Select a platform with integrated AI capabilities, as these will help prevent and detect a breach that may be in-progress.

If an organization can demonstrate that they have deployed a security platform that adheres to industry best practices, that’s something that would enable an organization to effectively demonstrate compliance, even in the event of a data breach.

With cyber security systems that leverage AI-based mitigation, remediation and automation, the chances of a class-action will be massively reduced, as the organization will have taken significant and meaningful steps to mitigate the potentiality of a breach.

Reduce your organization’s breach probability, and moreover, limit the potential for lawsuits, criminal charges against your CISO and overwhelming legal expenditures. For more information about top-tier unified cyber security platforms, click here.

0 notes

claire-starsword · 11 months ago

Note

also, because i keep seeing misinfo on my dash, this is not a Windows problem, it's a Crowdstrike problem. If you just have a windows machine it's not gonna get bricked, it only affects those who have the crowdstrike program installed, which, to my understanding, is geared towards workplaces, not common users.

i'm also gonna nitpick all the comparison to y2k going around, because y2k was a general and predictable problem about the way dates were stored in programs, and fixes could be discussed and developed years before it was meant to happen. This is one single company pushing a bad update and immediately bricking everyone, plus both them and the companies having no decent strategy to restart the systems or activate alternate systems during such an error.

Thoughts and prayers for u this morning Chrissy, hope your work hasn’t been too hectic!!

The issue isn’t a Microsoft issue and I’m not IT, so luckily I’ve dodged any bullets related to this. I’m in fact LESS impacted than most since Microsoft doesn’t use third-party antimalware.

I am however watching this whole thing unfold because it is absolutely unbelievable.

#not a cybersecurity specialist in any way but #i think security keys should not be stored in a machine identical to the ones it's supposed to help restore #i think there's a very obvious flaw in this one #some people in the notes took it as 'yeah don't store everything digitally!!'#and i do see the point in that (the link between this and y2k that people love so much is the overreliance on tech)#but you gotta acknowledge that: 1) non-digital systems have their disadvantages and security risks as well #and 2) there are many many ways to store things digitally #you can have machines with different systems. you can have offline machines to avoid both update issues and attacks #there is a lot you can consider here that is not 'uh oh our machines are all exactly the same and can be taken down in masse'#the real problem here is people thinking security issues can be fixed solely by installing a third party software #instead of actively caring about the issue and developing multiple strategies to suit all your needs and constant changes #that would require training and paying competent specialists and god knows we can't have that

2K notes · View notes

caramel12345 · 2 years ago

Text

HR Innovations & Growth | FYI Solutions

Innovate your HR practices for sustained growth and competitive advantage. Visit today https://fyisolutions.com

#Human Capital Services #Cloud Security Services #Risk Management Services #Project Management Services #Network Monitoring Services #Software Testing Services #Business Process Management Services #Staff Augmentation Services #Customized Software Development Services #Azure Consulting Services

0 notes

romerona · 4 months ago

Text

Ethera Operation!!

You're the government’s best hacker, but that doesn’t mean you were prepared to be thrown into a fighter jet.

Bradley "Rooster" Bradshaw x Awkward!Hacker! FemReader

Part I

This was never supposed to happen. Your role in this operation was simple—deliver the program, ensure it reached the right hands, and let the professionals handle the breaching.

And then, of course, reality decided to light that plan on fire.

The program—codenamed Ethera—was yours. You built it from scratch with encryption so advanced that even the most elite cyber operatives couldn’t crack it without your input. A next-generation adaptive, self-learning decryption software, an intrusion system designed to override and manipulate high-security military networks, Ethera was intended to be both a weapon and a shield, capable of infiltrating enemy systems while protecting your own from counterattacks in real-time. A ghost in the machine. A digital predator. A weapon in the form of pure code. If it fell into the wrong hands, it could disable fleets, and ground aircraft, and turn classified intelligence into an open book. Governments would kill for it. Nations could fall because of it.

Not that you ever meant to, of course. It started as a little experimental security measure program, something to protect high-level data from cyberattacks, not become the ultimate hacking tool. But innovation has a funny way of attracting the wrong kind of attention, and before you knew it, Ethera had become one, if not the most classified, high-risk program in modern times. Tier One asset or so the Secret Service called it.

It was too powerful, too dangerous—so secret that only a select few even knew of its existence, and even fewer could comprehend how it worked.

And therein lay the problem. You were the only person who could properly operate it.

Which was so unfair.

Because it wasn’t supposed to be your problem. You were just the creator, the brain behind the code, the one who spent way too many sleepless nights debugging this monstrosity. Your job was supposed to end at development. But no. Now, because of some bureaucratic nonsense and the fact that no one else could run it without accidentally bricking an entire system, you had been promoted—scratch that, forcibly conscripted—into field duty.

And your mission? To install it in an enemy satellite.

A literal, orbiting, high-security, military-grade satellite, may you add.

God. Why? Why was your country always at war with others? Why couldn’t world leaders just, you know, go to therapy like normal people? Why did everything have to escalate to international cyber warfare?

Which is how you ended up here.

At Top Gun. The last place in the world you wanted to be.

You weren’t built for this. You thrive in sipping coffee in a cosy little office and handling cyber threats from a safe, grounded location. You weren’t meant to be standing in the halls of an elite fighter pilot training program, surrounded by the best aviators in the world—people who thought breaking the sound barrier was a casual Wednesday.

It wasn’t the high-tech cyberwarfare department of the Pentagon, nor some dimly lit black ops facility where hackers in hoodies clacked away at keyboards. No. It was Top Gun. A place where pilots use G-forces like a personal amusement park ride.

You weren’t a soldier, you weren’t a spy, you got queasy in elevators, you got dizzy when you stood too fast, hell, you weren’t even good at keeping your phone screen from cracking.

... And now you were sweating.

You swallowed hard as Admiral Solomon "Warlock" Bates led you through the halls of the naval base, your heels clacking on the polished floors as you wiped your forehead. You're nervous, too damn nervous and this damned weather did not help.

"Relax, Miss," Warlock muttered in that calm, authoritative way of his. "They're just pilots."

Just pilots.

Right. And a nuclear warhead was just a firework.

And now, somehow, you were supposed to explain—loosely explain, because God help you, the full details were above even their clearance level—how Ethera, your elegant, lethal, unstoppable digital masterpiece, was about to be injected into an enemy satellite as part of a classified mission.

This was going to be a disaster.

You had barely made it through the doors of the briefing room when you felt it—every single eye in the room locking onto you.

It wasn’t just the number of them that got you, it was the intensity. These were Top Gun pilots, the best of the best, and they radiated the kind of confidence you could only dream of having. Meanwhile, you felt like a stray kitten wandering into a lion’s den.

Your hands tightened around the tablet clutched to your chest. It was your lifeline, holding every critical detail of Ethera, the program that had dragged you into this utterly ridiculous situation. If you could’ve melted into the walls, you absolutely would have. But there was no escaping this.

You just had to keep it together long enough to survive this briefing.

So, you inhaled deeply, squared your shoulders, and forced your heels forward, trying to project confidence—chin up, back straight, eyes locked onto Vice Admiral Beau "Cyclone" Simpson, who you’d been introduced to earlier that day.

And then, of course, you dropped the damn tablet.

Not a graceful drop. Not the kind of gentle slip where you could scoop it back up and act like nothing happened. No, this was a full-on, physics-defying fumble. The tablet flipped out of your arms, ricocheted off your knee, and skidded across the floor to the feet of one of the pilots.

Silence.

Pure, excruciating silence.

You didn’t even have the nerve to look up right away, too busy contemplating whether it was physically possible to disintegrate on command. But when you finally did glance up—because, you know, social convention demanded it—you were met with a sight that somehow made this entire disaster worse.

Because the person crouching down to pick up your poor, abused tablet was freaking hot.

Tall, broad-shouldered, with a head of golden curls that practically begged to be tousled by the wind, and, oh, yeah—a moustache that somehow worked way too well on him.

He turned the tablet over in his hands, inspecting it with an amused little smirk before handing it over to you. "You, uh… need this?"

Oh, great. His voice is hot too.

You grabbed it back, praying he couldn't see how your hands were shaking. “Nope. Just thought I’d test gravity real quick.”

A few chuckles rippled through the room, and his smirk deepened like he was enjoying this way too much. You, on the other hand, wanted to launch yourself into the sun.

With what little dignity you had left, you forced a quick, tight-lipped smile at him before turning on your heel and continuing forward, clutching your tablet like it was a life raft in the middle of the worst social shipwreck imaginable.

At the front of the room, Vice Admiral Beau Cyclone Simpson stood with the kind of posture that said he had zero time for nonsense, waiting for the room to settle. You barely had time to take a deep breath before his voice cut through the air.

“Alright, listen up.” His tone was crisp, commanding, and impossible to ignore. “This is Dr Y/N L/N. Everything she is about to tell you is highly classified. What you hear in this briefing does not leave this room. Understood?”

A chorus of nods. "Yes, sir."

You barely resisted the urge to physically cringe as every pilot in the room turned to stare at you—some with confusion, others with barely concealed amusement, and a few with the sharp assessing glances of people who had no clue what they were supposed to do with you.

You cleared your throat, squared your shoulders, and did your best to channel even an ounce of the confidence you usually had when you were coding at 3 AM in a secure, pilot-free lab—where the only judgment you faced was from coffee cups and the occasional system error.

As you reached the podium, you forced what you hoped was a composed smile. “Uh… hi, nice to meet you all.”

Solid. Real professional.

You glanced up just long enough to take in the mix of expressions in the room—some mildly interested, some unreadable, and one particular moustached pilot who still had the faintest trace of amusement on his face.

Nope. Not looking at him.

You exhaled slowly, centering yourself. Stay focused. Stay professional. You weren’t just here because of Ethera—you were Ethera. The only one who truly understood it. The only one who could execute this mission.

With another tap on your tablet, the slide shifted to a blacked-out, redacted briefing—only the necessary information was visible. A sleek 3D-rendered model of the enemy satellite appeared on the screen, rotating slowly. Most of its details were blurred or omitted entirely.

“This is Blackstar, a highly classified enemy satellite that has been operating in a low-Earth orbit over restricted airspace.” Your voice remained even, and steady, but the weight of what you were revealing sent a shiver down your spine. “Its existence has remained off the radar—literally and figuratively—until recently, when intelligence confirmed that it has been intercepting our encrypted communications, rerouting information, altering intelligence, and in some cases—fabricating entire communications.”

Someone exhaled sharply. Another shifted in their seat.

“So they’re feeding us bad intel?” one of them with big glasses and blonde hair asked, voice sceptical but sharp.

“That’s the theory,” you confirmed. “And given how quickly our ops have been compromised recently, it’s working.”

You tapped again, shifting to the next slide. The silent infiltration diagram appeared—an intricate web of glowing red lines showing Etherea’s integration process, slowly wrapping around the satellite’s systems like a virus embedding itself into a host.

“This is where Ethera comes in,” you said, shifting to a slide that displayed a cascading string of code, flickering across the screen. “Unlike traditional cyberweapons, Ethera doesn’t just break into a system. It integrates—restructuring security protocols as if it was always meant to be there. It’s undetectable, untraceable, and once inside, it grants us complete control of the Blackstar and won’t even register it as a breach.”

“So we’re not just hacking it," The only female pilot of the team said, arms crossed as she studied the data. “We’re hijacking it.”

“Exactly,” You nodded with a grin.

You switched to the next slide—a detailed radar map displaying the satellite’s location over international waters.

“This is the target area,” you continued after a deep breath. “It’s flying low-altitude reconnaissance patterns, which means it’s using ground relays for some of its communication. That gives us a small window to infiltrate and shut it down.”

The next slide appeared—a pair of unidentified fighter aircraft, patrolling the vicinity.

“And this is the problem,” you said grimly. “This satellite isn’t unguarded.”

A murmur rippled through the room as the pilots took in the fifth-generation stealth fighters displayed on the screen.

“We don’t know who they belong to,” you admitted. “What we do know is that they’re operating with highly classified tech—possibly experimental—and have been seen running defence patterns around the satellite’s flight path.”

Cyclone stepped forward then, arms crossed, his voice sharp and authoritative. “Which means your job is twofold. You will escort Dr L/N’s aircraft to the infiltration zone, ensuring Ethera is successfully deployed. If we are engaged, your priority remains protecting the package and ensuring a safe return.”

Oh, fantastic, you could not only feel your heartbeat in your toes, you were now officially the package.

You cleared your throat, tapping the screen again. Ethera’s interface expanded, displaying a cascade of sleek code.

“Once I’m in range,” you continued, “Ethera will lock onto the satellite’s frequency and begin infiltration. From that point, it’ll take approximately fifty-eight seconds to bypass security and assume control."

Silence settled over the room like a thick cloud, the weight of their stares pressing down on you. You could feel them analyzing, calculating, probably questioning who in their right mind thought putting you—a hacker, a tech specialist, someone whose idea of adrenaline was passing cars on the highway—into a fighter jet was a good idea.

Finally, one of the pilots—tall, broad-shouldered, blonde, and very clearly one of the cocky ones—tilted his head, arms crossed over his chest in a way that screamed too much confidence.

“So, let me get this straight.” His voice was smooth, and confident, with just the right amount of teasing. “You, Doctor—our very classified, very important tech specialist—have to be in the air, in a plane, during a mission that has a high probability of turning into a dogfight… just so you can press a button?”

Your stomach twisted at the mention of being airborne.

“Well…” You gulped, very much aware of how absolutely insane this sounded when put like that. “It’s… more than just that, but, yeah, essentially.”

A slow grin spread across his face, far too entertained by your predicament.

“Oh,” he drawled, “this is gonna be fun.”

Before you could fully process how much you already hated this, Cyclone—who had been watching the exchange with his signature unamused glare—stepped forward, cutting through the tension with his sharp, no-nonsense voice.

“This is a classified operation,” he stated, sharp and authoritative. “Not a joyride.”

The blonde’s smirk faded slightly as he straightened, and the rest of the pilots quickly fell in line.

Silence lingered for a moment longer before Vice Admiral Beau Cyclone Simpson let out a slow breath and straightened. His sharp gaze swept over the room before he nodded once.

“All right. That’s enough.” His tone was firm, the kind that left no room for argument. “We’ve got work to do. The mission will take place in a few weeks' time, once we’ve run full assessments, completed necessary preparations, and designated a lead for this operation.”

There was a slight shift in the room. Some of the pilots exchanged glances, the weight of the upcoming mission finally settling in. Others, mainly the cocky ones, looked as though they were already imagining themselves in the cockpit.

“Dismissed,” Cyclone finished.

The pilots stood, murmuring amongst themselves as they filed out of the room, the blonde one still wearing a smug grin as he passed you making you frown and turn away, your gaze then briefly met the eyes of the moustached pilot.

You hadn’t meant to look, but the moment your eyes connected, something flickered in his expression. Amusement? Curiosity? You weren’t sure, and frankly, you didn’t want to know.

So you did the only logical thing and immediately looked away and turned to gather your things. You needed to get out of here, to find some space to breathe before your brain short-circuited from stress—

“Doctor, Stay for a moment.”

You tightened your grip on your tablet and turned back to Cyclone, who was watching you with that unreadable, vaguely disapproving expression that all high-ranking officers seemed to have perfected. “Uh… yes, sir?”

Once the last pilot was out the door, Cyclone exhaled sharply and crossed his arms.

“You realize,” he said, “that you’re going to have to actually fly, correct?”

You swallowed. “I—well, technically, I’ll just be a passenger.”

His stare didn’t waver.

“Doctor,” he said, tone flat, “I’ve read your file. I know you requested to be driven here instead of taking a military transport plane. You also took a ferry across the bay instead of a helicopter. And I know that you chose to work remotely for three years to avoid getting on a plane.”

You felt heat rise to your cheeks. “That… could mean anything.”

“It means you do not like flying, am I correct?”

Your fingers tightened around the tablet as you tried to find a way—any way—out of this. “Sir, with all due respect, I don’t need to fly the plane. I just need to be in it long enough to deploy Ethera—”

Cyclone cut you off with a sharp look. “And what happens if something goes wrong, Doctor? If the aircraft takes damage? If you have to eject mid-flight? If you lose comms and have to rely on emergency protocols?”

You swallowed hard, your stomach twisting at the very thought of ejecting from a jet.

Cyclone sighed, rubbing his temple as if this entire conversation was giving him a migraine. “We cannot afford to have you panicking mid-mission. If this is going to work, you need to be prepared. That’s why, starting next week you will train with the pilots on aerial procedures and undergoing mandatory training in our flight simulation program.”

Your stomach dropped. “I—wait, what? That’s not necessary—”

“It’s absolutely necessary,” Cyclone cut in, his tone sharp. “If you can’t handle a simulated flight, you become a liability—not just to yourself, but to the pilots escorting you. And in case I need to remind you, Doctor, this mission is classified at the highest level. If you panic mid-air, it won’t just be your life at risk. It’ll be theirs. And it’ll be national security at stake.”

You inhaled sharply. No pressure. None at all.

Cyclone watched you for a moment before speaking again, his tone slightly softer but still firm. “You’re the only one who can do this, Doctor. That means you need to be ready.”

You exhaled slowly, pressing your lips together before nodding stiffly. “Understood, sir.”

Cyclone gave a small nod of approval. “Good. Dismissed.”

You turned and walked out, shoulders tense, fully aware that in three days' time, you were going to be strapped into a high-speed, fighter jet. And knowing your luck?

You were definitely going to puke.

Part 2???

2K notes · View notes

arivivek · 2 years ago

Text

In this landscape rife with risk, it is vital for businesses to take every step possible to manage risk effectively and enhance their risk resilience.

Here is how security risk assessment software can help.

#security risk assessment #risk assessment software

0 notes

cosmicsimsi · 3 months ago

Text

Why You Shouldn’t Use GShade

Even after two years, I still see people using GShade and claiming it's a safe program, when it’s really not! There are already some older Tumblr posts about this, but I figured it’s worth refreshing the issue.

So please read this

Around two years ago, GShade’s developer added a code that could forcefully shut down your computer, not because of a bug or security measure, but on purpose. Why? Because he was mad that someone, specifically a 16-year-old made an alternative way to install GShade without using the official updater. Instead of handling it professionally, the dev decided to add a malicious code as "punishment" for anyone trying to modify GShade. That’s malware behavior.

(The first spark) ↓

At that time you also HAD to update Gshade to unistall it. ↓

(Developers "Apology") ↓

Now, you might be thinking, “Okay, but that was patched out, so it’s fine now, right?” Nope. Because the biggest issue isn’t just what he did, it’s the fact that he still thinks he did nothing wrong.

The Problem with Closed-Source Software Like GShade

GShade is closed-source, meaning no one except the developer can see or verify what’s actually in the code. This is a issue when dealing with someone who has already abused their control over the software.

With open-source programs (like ReShade), anyone can look at the code, verify it’s safe, and contribute to improving it. If something shady is added, people can catch it immediately. But with GShade, you have to just trust that the dev isn’t hiding anything malicious. And considering his past actions, that’s a massive risk to take.

Even if GShade is "safe" right now, nothing is stopping the dev from adding another backdoor, data collection, or something even worse in the future. Since no one can see the code, you wouldn’t know until it was too late. And given that he still defends his actions, there’s every reason to believe he’d do something similar again.

“But I’ve Never Had Issues With GShade”

A lot of people say GShade runs better than ReShade or has better effects. That might be true, but no amount of quality or convenience is worth putting your computer at risk. Just because something hasn’t caused problems yet doesn’t mean it won’t in the future. Malicious code can be slipped in at any time, and because it’s closed-source, no one would be able to warn you.

And honestly? You shouldn’t be using software made by someone who has already proven they’re willing to mess with your computer. If a developer intentionally inserts harmful code once, they can do it again.

What Should You Use Instead?

There’s a safe and open-source alternative: ReShade

It’s free and open-source, meaning the community can review the code to ensure it’s safe.

It can do almost everything GShade does, and while it may take some tweaking, it’s worth the effort.

Most GShade presets can be converted to work with ReShade with a bit of adjustment.

There are guides available to help transition from GShade to ReShade Here is one: How To Move To ReShade From GShade

Final Thoughts

At the end of the day, it’s your computer, and you can do whatever you want with it. But if you choose to keep using GShade, just be aware of the risks you’re taking. The dev has already demonstrated that he’s willing to sabotage people’s computers when he feels like it. He still thinks he was justified. And because GShade is closed-source, he has complete control over what’s in the code without anyone being able to check.

So ask yourself: Is that really the kind of software you want to trust?

ReShade is a safer, open-source alternative that doesn’t put you at risk.

Thank you for reading

Here are some links that discusses the whole topic:

Twitter

The persons Blog the code was directed at

#thesims4 #ts4 #the sims 4 #sims 4 #sims

718 notes · View notes