![[syndicated profile]](https://www.dreamwidth.org/img/silk/identity/feed.png){kind=small}
newpajiba_feed
Tis the season for festive entertainment. Everyone has their favourite Christmas movie and everyone has their favourite argument they have every year about which movies do and don't count in this subgenre (yes, Die Hard is a Christmas movie, case...
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
davidgillonWell yesterday's trip turned epic in (mostly) all the wrong ways. I was halfway across the platform at Kings Cross, Passenger Assistance guy in tow, when he was flagged down by another LNER guy, which soon turned into a conflab with at least four of them. I didn't catch the full conversation, but I was pretty sure I heard "one under", which he confirmed when he came back to me - person under a train, nothing moving, and they'd been instructed not to board anyone, so back to the PA lounge for me. He was back for me in about 15 minutes, and this time we made it as far as the train and he was getting the ramp out when the instruction came through not to board anyone, so he put me aboard anyway.
That confirmed what I'd suspected from my seat reservation, I'd been upgraded to first class - and at that point I was the only person in first class, though it filled up eventually. The train was made up of two five-car Azuma units joined together and I'm not sure if the five-car Azumas actually have any wheelchair spaces in Standard Class, so it may well be an automatic upgrade to 1st if you get the right train. We were forty minutes late leaving in the end, but the crew were soon around offering drinks and a tumbler of a rather nice rioja and a mug of coffee made the delay much more palatable. Lunch followed, though the hot option was gone by the time they got to me, so I had to settled for what the Christmas menu described as a "Boxing Day box with Olivier Salad", but which I described to my sister as a posh Ploughmans without any bread - "All the flavours of Boxing Day in one box: pulled Wiltshire ham, Olivier salad, tangy cheddar, vibrant pickled red cabbage, onions and cornichons, cherry tomatoes, spinach and a touch of piccalilli." There was only about a spoonful of the Olivier Salad, which I'd not come across before, so looked up later; seems it's an alternate name for Russian Salad, though the LNER version seemed to be mostly mayo dressing plus peas. Given pretty much everything else in the box can be a part of an Olivier Salad (according to wikipedia), I guess the whole thing amounted to a deconstructed Olivier salad.
There were another couple of rounds of drinks afterwards, though I skipped the third one as we were almost at Darlington. More fool me. Five minutes outside Darlington the train pulled up, and the guard announced that we were delayed because of trespassers on the line north of Darlington, with the station already full of earlier trains. So we sat, and waited, and waited, and eventually found out that the 'trespasser' was a vulnerable person on the 75ft tall viaduct just outside Durham station, with the police trying to talk them down. Staff came around with another round of drinks, and we eventually moved off after a delay of about an hour and twenty minutes, making us an hour and fifty five minutes late into Darlington. So instead of reaching my sister's at 16:30 it was more like 18:30, making for an eight and a half hour journey.
And then I slept for twelve hours.
On the positive side, I should get a refund for at least 50% of the ticket price, possibly all of it (the website is a bit unclear).
oursinWhat I read
Finished Audrey Lane Stirs the Pot - teensy pedantic note that a girl who was a teenage WW2 evacuee was not going to have been called Doris after Doris Day.
I read a couple more nostalgic (I literally read these when I was still at school) Elswyth Thanes (also the ebooks are v cheap), This Was Tomorrow (1951) and Homing (1957), and apart from a couple of fortunately brief scenes in Williamsburg (I get the impression is being done up as Heritage Site with Rockefeller dough?) set in England/Europe just before and at beginning of WW2. Apart from the 2 idealistic Oxford Groupers (it's not actually named but it sounds very like) who want to shed love and light on the Nazis, nobody is for appeasement. So unlike e.g. Lanny Budd's first wife and her second (Brit aristo) husband.... There is also weird reincarnation theme going on.
Latest Literary Review.
Some while ago I was looking for my copy of The Goblin Emperor and it was not in any of the places I thought it plausibly might be and then I spotted it while dusting the bookshelves in a non-intuitive spot and have been re-reading that. Have also read the online short story Min Zemerin's Plan (The Cemeteries of Amalo, #1.5) (2022), which I hadn't come across before, and re-read The Orb of Cairado (The Chronicles of Osreth, #1.1) (2025). Does anyone know how I can get access to Lora Selezh (The Cemeteries of Amalo, #0.5), which was apparently a freebie for preorders of the Tor edition of Witness for the Dead???
On the go
Have started Dickon Edwards, Diary at the Centre of the Earth: Vol. 1 (1997-2007) (2025) - possibly a dipper-inner rather than a read straight through, though sometimes diaries that one thinks this about grab one like the Ancient Mariner, I'm looking at you Mr Isherwood.
Up Next
As may seem predictable, I am on to a re-read of Katherine Addison's Cemeteries of Amalo trilogy.
I should probably also be turning my attention to Dorothy Richardson, Pointed Roofs, for the Pilgrimage online book group discussion in early Jan.
james_davis_nicoll
fail_feedPicky eaters think they have it rough, but let's not forget what it's like to for the people in their lives.
As a former picky eater myself, I understand the absolute turmoil I put my family and friends through for the first two decades of my life, especially when it came to finding restaurants with menu items that I could enjoy. However, becoming an adult meant not just expanding my horizons in terms of the food I would consume, but it also meant ensuring that the person carrying the burden of what I wanted or didn't want to eat would have to be me and only me.
This long-suffering spouse had to deal with his wife's continual lack of satisfaction with the food that she would order at restaurants. No, this had nothing to do with dietary restrictions, nor was it a "one time" occurrence in which the food that was served was justifiably undercooked or overcooked. This lady had developed an unfortunate habit of sending items back to the kitchen time and time again, and it was only getting worse. For the record, I do feel the need to disclose the face that even in the heights of my picky eating days, I never sent food back. I just didn't eat what I didn't want.
As for this man's debacle, it was only a matter of time before he needed to speak out. Good luck to him because it doesn't sound like his spouse is particularly amenable to criticism.
tomlorenzo_feed
Frankenstein star Mia Goth sported the cutest little holiday dress for her appearance on Jimmy Kimmel Live, but it has us wishing for a particular item to become trendy again. See if you can guess.
Sure, the black makes her recede completely because Kimmel’s is the darkest of the late night sets, but we can’t get mad at a gal breaking out a cute little velvet dress in December. The one thing that could have made it pop is currently not in style: colored tights. We’re not talking bright red elf stockings or anything, but a subtle wine red would have really made the whole look sing. Or, if she wanted to go in a total holiday party direction, a sparkly pair. Still, she looks very cute here.
[Photo Credit: Disney/Randy Holmes – Video Credit: Jimmy Kimmel Live/YouTube]
The post FRANKENSTEIN Star Mia Goth on JIMMY KIMMEL LIVE! appeared first on Tom + Lorenzo.
tomlorenzo_feed
The Copenhagen Test is a new series about a spy whose “brain has been hacked” and we laughed out loud when we read that one. Anyway, here is the presumably hack-free star Simu Liu joining his co-star Melissa Barrera for the series premiere.
They look fine — in the “just ok” sense, not the “DAAAAAAAMN” one. Her dress is well-fitted and sexy, we guess, but the color does absolutely nothing for her. Do this in red and we’ll talk. Also, those black pumps look goofy with it. Love the hoops. We don’t see enough of them on the red carpet anymore. Let’s bring back the doorknockers and chandeliers, please. As for him, he’s unobjectionable, although the combination of pin-striped suit and pendant comes off a little douchey.
ABOUT THE SERIES:
This espionage thriller series follows first-generation Chinese-American intelligence analyst Alexander Hale (Simu Liu) who realizes his brain has been hacked, giving the perpetrators access to everything he sees and hears. Caught between his shadowy agency and the unknown hackers, he must maintain a performance 24/7 to flush out who’s responsible and prove where his allegiance lies.
[Photo Credit: mpi099/MediaPunch/INSTARimages, Noam Galai/Peacock]
The post Simu Liu and Melissa Barrera THE COPENHAGEN TEST New York Special Screening appeared first on Tom + Lorenzo.
eff_feedAnother year has come and gone, and with it, thousands of data breaches that affect millions of people. The question these days is less, Is my information in a data breach this year? and more How many data breaches had my information in them this year?
Some data breaches are more noteworthy than others. Where one might affect a small number of people and include little useful information, like a name or email address, others might include data ranging from a potential medical diagnosis to specific location information. To catalog and talk about these breaches we created the Breachies, a series of tongue-in-cheek awards, to highlight the most egregious data breaches.
In most cases, if these companies practiced a privacy first approach and focused on data minimization, only collecting and storing what they absolutely need to provide the services they promise, many data breaches would be far less harmful to the victims. But instead, companies gobble up as much as they can, store it for as long as possible, and inevitably at some point someone decides to poke in and steal that data. Once all that personal data is stolen, it can be used against the breach victims for identity theft, ransomware attacks, and to send unwanted spam. It has become such a common occurrence that it’s easy to lose track of which breaches affect you, and just assume your information is out there somewhere. Still, a few steps can help protect your information.
With that, let’s get to the awards.
The Winners
We’ve long warned that apps delivering your personal information to third-parties, even if they aren’t the ad networks directly driving surveillance capitalism, presents risks and a salient target for hackers. The more widespread your data, the more places attackers can go to find it. Mixpanel, a data analytics company which collects information on users of any app which incorporates its SDK, suffered a major breach in November this year. The service has been used by a wide array of companies, including the Ring Doorbell App, which we reported on back in 2020 delivering a trove of information to Mixpanel, and PornHub, which despite not having worked with the company since 2021, had its historical record of paying subscribers breached.
There’s a lot we still don’t know about this data breach, in large part because the announcement about it is so opaque, leaving reporters with unanswered questions about how many were affected, if the hackers demanded a ransom, and if Mixpanel employee accounts utilized standard security best practices. One thing is clear, though: the breach was enough for OpenAI to drop them as a provider, disclosing critical details on the breach in a blog post that Mixpanel’s own announcement conveniently failed to mention.
The worst part is that, as a data analytics company providing libraries which are included in a broad range of apps, we can surmise that the vast majority of people affected by this breach have no direct relationship with Mixpanel, and likely didn’t even know that their devices were delivering data to the company. These people deserve better than vague statements by companies which profit off of (and apparently insufficiently secure) their data.
Last year, AU10TIX won our first The We Told You So Award because as we predicted in 2023, age verification mandates would inevitably lead to more data breaches, potentially exposing government IDs as well as information about the sites that a user visits. Like clockwork, they did. It was our first We Told You So Breachies award, but we knew it wouldn’t be the last.
Unfortunately, there is growing political interest in mandating identity or age verification before allowing people to access social media or adult material. EFF and others oppose these plans because they threaten both speech and privacy.
Nonetheless, this year’s winner of The We Still Told You So Breachies Award is the messaging app, Discord — once known mainly for gaming communities, it now hosts more than 200 million monthly active users and is widely used to host fandom and community channels.
In September of this year, much of Discord’s age verification data was breached — including users’ real names, selfies, ID documents, email and physical addresses, phone numbers, IP addresses, and other contact details or messages provided to customer support. In some cases, “limited billing information” was also accessed—including payment type, the last four digits of credit card numbers, and purchase histories.
Technically though, it wasn’t Discord itself that was hacked but their third-party customer support provider — a company called Zendesk—that was compromised, allowing attackers to access Discord’s user data. Either way, it’s Discord users who felt the impact.
Speaking of age verification, Tea, the dating safety app for women, had a pretty horrible year for data breaches. The app allows users to anonymously share reviews and safety information about their dates with men—helping keep others safe by noting red flags they saw during their date.
Since Tea is aimed at women’s safety and dating advice, the app asks new users to upload a selfie or photo ID to verify their identity and gender to create an account. That’s some pretty sensitive information that the app is asking you to trust it with! Back in July, it was reported that 72,000 images had been leaked from the app, including 13,000 images of photo IDs and 59,000 selfies. These photos were found via an exposed database hosted on Google’s mobile app development platform, Firebase. And if that isn’t bad enough, just a week later a second breach exposed private messages between users, including messages with phone numbers, abortion planning, and discussions about cheating partners. This breach included more than 1.1 million messages from early 2023 all the way to mid-2025, just before the breach was reported. Tea released a statement shortly after, temporarily disabling the chat feature.
But wait, there’s more. A completely different app based on the same idea, but for men, also suffered a data breach. TeaOnHer failed to protect similar sensitive data. In August, TechCrunch discovered that user information — including emails, usernames, and yes, those photo IDs and selfies — was accessible through a publicly available web address. Even worse? TechCrunch also found the email address and password the app’s creator uses to access the admin page.
Breaches like this are one of the reasons that EFF shouts from the rooftops against laws that mandate user verification with an ID or selfie. Every company that collects this information becomes a target for data breaches — and if a breach happens, you can’t just change your face.
Another year, another data breach caused by online tracking tools.
In April, Blue Shield of California revealed that it had shared 4.7 million people’s health data with Google by misconfiguring Google Analytics on its website. The data, which may have been used for targeted advertising, included: people’s names, insurance plan details, medical service providers, and patient financial responsibility. The health insurance company shared this information with Google for nearly three years before realizing its mistake.
If this data breach sounds familiar, it’s because it is: last year’s Just Stop Using Tracking Tech award also went to a healthcare company that leaked patient data through tracking code on its website. Tracking tools remain alarmingly common on healthcare websites, even after years of incidents like this one. These tools are marketed as harmless analytics or marketing solutions, but can expose people’s sensitive data to advertisers and data brokers.
EFF’s free Privacy Badger extension can block online trackers, but you shouldn’t need an extension to stop companies from harvesting and monetizing your medical data. We need a strong, federal privacy law and ban on online behavioral advertising to eliminate the incentives driving companies to keep surveilling us online.
In December 2024, PowerSchool, the largest provider of student information systems in the U.S., gave hackers access to sensitive student data. The breach compromised personal information of over 60 million students and teachers, including Social Security numbers, medical records, grades, and special education data. Hackers exploited PowerSchool’s weak security—namely, stolen credentials to their internal customer support portal—and gained unfettered access to sensitive data stored by school districts across the country.
PowerSchool failed to implement basic security measures like multi-factor authentication, and the breach affected districts nationwide. In Texas alone, over 880,000 individuals’ data was exposed, prompting the state's attorney general to file a lawsuit, accusing PowerSchool of misleading its customers about security practices. Memphis-Shelby County Schools also filed suit, seeking damages for the breach and the cost of recovery.
While PowerSchool paid hackers an undisclosed sum to prevent data from being published, the company’s failure to protect its users’ data raises serious concerns about the security of K-12 educational systems. Adding to the saga, a Massachusetts student, Matthew Lane, pleaded guilty in October to hacking and extorting PowerSchool for $2.85 million in Bitcoin. Lane faces up to 17 years in prison for cyber extortion and aggravated identity theft, a reminder that not all hackers are faceless shadowy figures — sometimes they’re just a college kid.
Credit reporting giant TransUnion had to notify its customers this year that a hack nabbed the personal information of 4.4 million people. How'd the attackers get in? According to a letter filed with the Maine Attorney General's office obtained by TechCrunch, the problem was a “third-party application serving our U.S. consumer support operations.” That's probably not the kind of support they were looking for.
TransUnion said in a Texas filing that attackers swept up “customers’ names, dates of birth, and Social Security numbers” in the breach, though it was quick to point out in public statements that the hackers did not access credit reports or “core credit data.” While it certainly could have been worse, this breach highlights the many ways that hackers can get their hands on information. Coming in through third-parties, companies that provide software or other services to businesses, is like using an unguarded side door, rather than checking in at the front desk. Companies, particularly those who keep sensitive personal information, should be sure to lock down customer information at all the entry points. After all, their decisions about who they do business with ultimately carry consequences for all of their customers — who have no say in the matter.
Microsoft is a company nobody feels neutral about. Especially in the infosec world. The myriad software vulnerabilities in Windows, Office, and other Microsoft products over the decades has been a source of frustration and also great financial rewards for both attackers and defenders. Yet still, as the saying goes: “nobody ever got fired for buying from Microsoft.” But perhaps, the times, they are a-changing.
In July 2025, it was revealed that a zero-day security vulnerability in Microsoft’s flagship file sharing and collaboration software, SharePoint, had led to the compromise of over 400 organizations, including major corporations and sensitive government agencies such as the National Nuclear Security Administration (NNSA), the federal agency responsible for maintaining and developing the U.S. stockpile of nuclear weapons. The attack was attributed to three different Chinese government linked hacking groups. Amazingly, days after the vulnerability was first reported, there were still thousands of vulnerable self-hosted Sharepoint servers online.
Zero-days happen to tech companies, large and small. It’s nearly impossible to write even moderately complex software that is bug and exploit free, and Microsoft can’t exactly be blamed for having a zero-day in their code. But when one company is the source of so many zero-days consistently for so many years, one must start wondering whether they should put all their eggs (or data) into a basket that company made. Perhaps if Microsoft’s monopolistic practices had been reined in back in the 1990s we wouldn’t be in a position today where Sharepoint is the defacto file sharing software for so many major organizations. And maybe, just maybe, this is further evidence that tech monopolies and centralization of data aren’t just bad for consumer rights, civil liberties, and the economy—but also for cybersecurity.
Look, we’ll keep this one short: in October of last year, researchers found security issues in the flat earther app, Flat Earth, Sun, Moon, & Clock. In March of 2025, that breach was confirmed. What’s most notable about this, aside from including a surprising amount of information about gender, name, email addresses and date of birth, is that it also included users’ location info, including latitude and longitude. Huh, interesting.
In January, hackers claimed they stole millions of people’s location history from a company that never should’ve had it in the first place: location data broker Gravy Analytics. The data included timestamped location coordinates tied to advertising IDs, which can reveal exceptionally sensitive information. In fact, researchers who reviewed the leaked data found it could be used to identify military personnel and gay people in countries where homosexuality is illegal.
The breach of this sensitive data is bad, but Gravy Analytics’s business model of regularly harvesting and selling it is even worse. Despite the fact that most people have never heard of them, Gravy Analytics has managed to collect location information from a billion phones a day. The company has sold this data to other data brokers, makers of police surveillance tools, and the U.S. government.
How did Gravy Analytics get this location information from people’s phones? The data broker industry is notoriously opaque, but this breach may have revealed some of Gravy Analytics’ sources. The leaked data referenced thousands of apps, including Microsoft apps, Candy Crush, Tinder, Grindr, MyFitnessPal, pregnancy trackers and religious-focused apps. Many of these app developers said they had no relationship with Gravy Analytics. Instead, expert analysis of the data suggests it was harvested through the advertising ecosystem already connected to most apps. This breach provides further evidence that online behavioral advertising fuels the surveillance industry.
Whether or not they get hacked, location data brokers like Gravy Analytics threaten our privacy and security. Follow EFF’s guide to protecting your location data and help us fight for legislation to dismantle the data broker industry.
TeslaMate, a tool meant to track Tesla vehicle data (but which is not owned or operated by Tesla itself), has become a cautionary tale about data security. In August, a security researcher found more than 1,300 self-hosted TeslaMate dashboards were exposed online, leaking sensitive information such as vehicle location, speed, charging habits, and even trip details. In essence, your Cybertruck became the star of its own Keeping Up With My Cybertruck reality show, except the audience wasn’t made up of fans interested in your lifestyle, just random people with access to the internet.
TeslaMate describes itself as “that loyal friend who never forgets anything!” — but its lack of proper security measures makes you wish it would. This breach highlights how easily location data can become a tool for harassment or worse, and the growing need for legislation that specifically protects consumer location data. Without stronger regulations around data privacy, sensitive location details like where you live, work, and travel can easily be accessed by malicious actors, leaving consumers with no recourse.
Confidentiality is a core principle in the practice of law. But this year a breach of confidentiality came from an unexpected source: a breach of the federal court filing system. In August, Politico reported that hackers infiltrated the Case Management/Electronic Case Files (CM/ECF) system, which uses the same database as PACER, a searchable public database for court records. Of particular concern? The possibility that the attack exposed the names of confidential informants involved in federal cases from multiple court districts. Courts across the country acted quickly to set up new processes to avoid the possibility of further compromises.
The leak followed a similar incident in 2021 and came on the heels of a warning to Congress that the file system is more than a little creaky. In fact, an IT official from the federal court system told the House Judiciary Committee that both systems are “unsustainable due to cyber risks, and require replacement.”
Just like last year, a stalkerware company was subject to a data breach that really should prove once and for all that these companies must be stopped. In this case, Catwatchful is an Android spyware company that sells itself as a “child monitoring app.” Like other products in this category, it’s designed to operate covertly while uploading the contents of a victim’s phone, including photos, messages, and location information.
This data breach was particularly harmful, as it included not just the email addresses and passwords on the customers who purchased the app to install on a victim’s phone, but also the data from the phones of 26,000 victims’ devices, which could include the victims’ photos, messages, and real-time location data.
This was a tough award to decide on because Catwatchful wasn’t the only stalkerware company that was hit this year. Similar breaches to SpyX, Cocospy, and Spyic were all strong contenders. EFF has worked tirelessly to raise the alarm on this sort of software, and this year worked with AV Comparatives to test the stalkerware detection rate on Android of various major antivirus apps.
Every year, we all get a reminder about why using unique passwords for all our accounts is crucial for protecting our online identities. This time around, the award goes to Plex, who experienced a data breach that included customer emails, usernames, and hashed passwords (which is a fancy way of saying passwords are scrambled through an algorithm, but it is possible they could still be deciphered).
If this all sounds vaguely familiar to you for some reason, that’s because a similar issue also happened to Plex in 2022, affecting 15 million users. Whoops.
This is why it is important to use unique passwords everywhere. A password manager, including one that might be free on your phone or browser, makes this much easier to do. Likewise, credential stuffing illustrates why it’s important to use two-factor authentication. Here’s how to turn that on for your Plex account.
Troy Hunt, the person behind Have I Been Pwned? and who has more experience with data breaches than just about anyone, also proved that anyone can be pwned. In a blog post, he details what happened to his mailing list:
You know when you're really jet lagged and really tired and the cogs in your head are just moving that little bit too slow? That's me right now, and the penny has just dropped that a Mailchimp phish has grabbed my credentials, logged into my account and exported the mailing list for this blog.
And he continues later:
I'm enormously frustrated with myself for having fallen for this, and I apologise to anyone on that list. Obviously, watch out for spam or further phishes and check back here or via the social channels in the nav bar above for more.
The whole blog is worth a read as a reminder that phishing can get anyone, and we thank Troy Hunt for his feedback on this and other breaches to include this year.
Data breaches are such a common occurrence that it’s easy to feel like there’s nothing you can do, nor any point in trying. But privacy isn’t dead. While some information about you is almost certainly out there, that’s no reason for despair. In fact, it’s a good reason to take action.
There are steps you can take right now with all your online accounts to best protect yourself from the the next data breach (and the next, and the next):
According to one report, 2025 had already seen 2,563 data breaches by October, which puts the year on track to be one of the worst by the sheer number of breaches.
We did not investigate every one of these 2,500-plus data breaches, but we looked at a lot of them, including the news coverage and the data breach notification letters that many state Attorney General offices host on their websites. We can’t award the coveted Breachies Award to every company that was breached this year. Still, here are some (dis)honorable mentions we wanted to highlight:
Salesforce, F5, Oracle, WorkComposer, Raw, Stiizy, Ohio Medical Alliance LLC, Hello Cake, Lovense, Kettering Health, LexisNexis, WhatsApp, Nexar, McDonalds, Congressional Budget Office, Doordash, Louis Vuitton, Adidas, Columbia University, Hertz, HCRG Care Group, Lexipol, Color Dating, Workday, Aflac, and Coinbase. And a special nod to last minute entrants Home Depot, 700Credit, and Petco.
What now? Companies need to do a better job of only collecting the information they need to operate, and properly securing what they store. Also, the U.S. needs to pass comprehensive privacy protections. At the very least, we need to be able to sue companies when these sorts of breaches happen (and while we’re at it, it’d be nice if we got more than $5.21 checks in the mail). EFF has long advocated for a strong federal privacy law that includes a private right of action.
tozka
fail_feedThe best thing about the workplace is all the outrageous things you overhear in your office break room. You'd be surprised by how many seemingly capable adults actually have no idea how to spot your run-of-the-mill scam, or a dairy product when they see it.
Though you have probably had your fair share of mindless slip-ups that could be categorized as "dumb," you likely don't remember them because your coworkers were too nervous to correct you. Who knows, maybe one of your unintelligent slip-ups is lurking in this forum's thread, just waiting to be uncovered by the person who said it…
newpajiba_feed
If you took Big Little Lies, Little Fires Everywhere, and The Slap, tossed them into a blender, watered the whole thing down, and dropped in a Benadryl for that gently sedated vibe, you would end up with something like Little...
snickficwychwoodbrithistorianWhen I order things from Japan and Korea, my goal for managing postage costs is to have the postage cost less than the item, which I'm usually able to manage. Recently one of my friends sent me a package from within the US, for which the postage cost 3x the cost of the item!
fail_feedIt should be no surprise that many "successful" people who run small businesses got there because of their tenacity, and, let's be honest, approaching their work and their business with levels of ferocity and obsession that others would find frightening. And it's something that has helped them survive the rigours of forging a successful enterprise. The entrepreneurial spirit normally requires all-consuming passion to achieve an abstract vision, along with grit, determination, and long hours to see it materialize.
The business will inevitably expand and grow with its success. And as it grows, the founder will need to bring more people on board, and one or two employees will expand to the point that a management structure needs to be put in place.
Eventually, it will reach the point where the owner needs a position in their company, and why not CEO? That sounds like an important title. Really, this means "owner" is the same as it was before, but it might fool new staff and clients for a moment or two before they connect the dots. Despite now retaining a title that speaks to their supposed experience and management skills, the nature of the growth they've experienced to this point and their success has never been tied to the management of people, having done everything themselves or within their family.
They might be, and probably are, great with sales or promoting their business to others, but these are not the same skills that qualify for good people management. Managing people is another beast entirely. For one, you need to know how to consider people and their value outside of straight numbers, until they manage to replace all of us with AI there will always be an intangible art to managing people.
Their approach to people is often the same ferocity they brought to their businesses from the outset, believing that if they can just bend people into the shape they want them to be, like they did their business, then everything will work out. This can create horrifying workplaces with no culture that sometimes cross or tread on the borderline of legality.
It's a bit like living with a roommate who owns the house; it's never the same as renting the entire house among equals. The roommate and owner of the home simply cannot approach situations of the treatment of and rights within the home, or financial discussions, in the same way as those living with them. Those who have lived in these situations will know that the stressed-out owner will be far more authoritarian about everything that happens in "their" house than you'd ever find in similar living arrangements.
newpajiba_feed
And somehow, unbelievably, just like that, 2025 is coming to an end, as time itself continues its transformation into something meaningless and trivial. So what better way to celebrate the festive season than unwrapping some good old fashioned industry secrets?...
newpajiba_feed
I'm going to be upfront with you folks: I have never played the Fallout games. I'm aware of them, and even owned both Fallout 3 and 4 at various points, but never pulled the trigger. That said, when I hear...
sunnymodffa posting in ![[community profile]](https://www.dreamwidth.org/img/silk/identity/community.png){kind=small}
fail_fandomanonfail_fandomanon Rules and Information (and Ban Requests): https://fail-fandomanon.dreamwidth.org/1076.html. The short version: no embeds, don't out people's real names, don't be that much of an asshole, body fluids are off topic, Mods reserve the right to freeze, screen, and delete the fuck out of stuff. FFA discussion covers a wide variety of topics and has a very flexible view of 'fandom' that includes politics, current events, and cooking techniques. FFA is a Choose NOT to Warn experience. Meme away.ffawiki_backup)| HTML-5 (recommended) | |
Demo:spoiler titleSome spoilery content. |
|
| Alternative for inline spoiler-cuts - details here | |
| Demo: spoiler title Some spoilery content. |
|
muccamukk
Transforming: The Bible and the Lives of Transgender Christians by Austen Hartketomlorenzo_feed
[Photo Credit: Peter Joseph Smith/Courtesy of Christian Dior]
The post Christian Dior Pre-Fall 2026 Collection appeared first on Tom + Lorenzo.
tomlorenzo_feed
One Battle After Another and All’s Fair star Teyana Taylor can make almost anything look good just by putting it on, so it’s perhaps not a surprise that she managed to make a fancy beige tracksuit with a built-in airplane pillow look kind of fierce.
Granted, the shades, the jewelry, the beauty and poise, they all tend to help elevate a look. While we can’t ever get behind the idea of that very silly collar situation, we can admit that this suit looks very fine and expensive and the color looks great on her. We’d have recommended a brown top and brown boots, however.
Style Credits:
– Victoria Beckham Oversized Roll-Collar Wool Zip Jacket and Matching Pants from the Fall 2025 Collection
– Schiaparelli Jewelry
– Miu Miu Sunglasses
[Photo Credit: Chris Haston/WBTV, Courtesy of Victoria Beckham – Video Credit: Jennifer Hudson Show/YouTube]
The post ALL’S FAIR Star Teyana Taylor in Victoria Beckham on THE JENNIFER HUDSON SHOW appeared first on Tom + Lorenzo.
badly_knitted posting in drabble_zonebadly_knitted
profiterole_readsfail_feedGetting fired from a job is rarely a pleasant experience for either the boss or employee, but sometimes it's a necessary step.
In the good old US of A, bosses can easily fire most employees for almost any reason, no matter how silly the reason may be. If they want an employee gone, they can easily piece together an excuse to lay them off. Downsizing, restructuring, removing the role entirely… the list goes on. Not to mention that most employers don't bother giving out severance checks, either. Employees are just left to fend for themselves after months or years of having a reliable paycheck.
These people got fired for some interesting reasons! Some stories make it obvious exactly why that worker got sent packing. But other people clearly just had bosses that had it out for them, and would give any excuse to get them to leave. For example, one worker was scolded for sitting down, even when there was no one else in the store. Their manager told them to stand in order to look professional… to which the worker retorted asking why that manager was sitting in their back office all day. Zing! Got him! And they also lost their job for that. Sometimes the joke is good enough to cost you a job, and hopefully that witty individual found something better soon after.
timeasmymeasure
