It was absolutely worth the money ruling it out. That’s literally how science works.

No, absolutely not. Even if you could buy the 30-50,000 parts individually, the markup alone would absolutely kill the feasibility, much less the ability to weld the frame components together, assemble the literal miles of wiring, or program the computers.

Planned obsolescence plus unnecessary app subscriptions for physical hardware, worst timeline.

At least this device doesn’t need the app, but instantly moves this company from near the top of my recommendations for kitchen gadgets, right into the “never recommend” bucket.

Actively encouraging people to toss perfectly good hardware to fuel their subscription bullshit… and these guys weren’t even recently bought by a VC firm or anything?

To be pedantic, they have a navy, just no large ships in said navy.

NB: Alignments are not factions. Two Chaotic aligned characters are not inherently on the same side; they are on their own sides, individually.

Here are two potential ways to play it.

If your Fey is Chaotic Neutral:

You find the two clerics dragging your resident murder hobo in front of a tribunal hilarious, and in fact, might be inclined to help. It would be different if they attempted the same for you; in your mind, the action would be justified if you did it, but for the supposed “good” rogue, they still just killed someone out of convenience. You are allowed to be a hypocrite, they are not.

If you are Chaotic Good:

That rogue still straight up ganked a guy for being an asshole. Even if you think the guy probably deserved it, and maybe could have talked yourself into doing the same, it has nonetheless created a situation where you are inconvenienced. They screwed up big time, and not even that deep down, they know they’ve got a black mark on their soul, but that’s neither your nor the clerics’ problem. The last thing you want to hear are more verbose, moral arguments from the clerics and to be sidetracked from the mission; the rogue can atone later, this nonsense is getting between you and getting paid.

Are you and the rogue chaotic good, or chaotic neutral? It doesn’t seem like you’re clear on this with the rest of your party. Murder (e.g., backstab in the middle of dialogue) is not a “good” action, any way you slice it, even if the spectator is an asshole, evil, or through RP, would have eventually led to combat resulting in death anyways. If you were playing true chaotic, it’s understandable, but it doesn’t sound like that is what was made clear.

And if you’re trying to force an alignment shift, consider that you may be ruining the enjoyment of everyone else at the table; if I’m playing a lawful good cleric, I’m not sure my character would party with a true chaotic fey, which would essentially end the campaign.

DLC itself almost never goes on sale; you’ll be waiting for an eventual game of the year edition like 3-5 years out. CyberPunk 2.0 has all the base game improvements of Phantom Liberty, and easily 100 hours of content without the DLC.

1. From the title of your article and your executive summary, the premise of your paper is that CVSS is flawed, and CITE is your solution.
2. From the title of your article, and choice of name, “QHE CVSS Alternative; CITE”. CVSS is a VULNERABILITY Scoring System. CITE, as your propose, is a THREAT evaluation tool. You can see how one could have the impression that they were incorrectly being used interchangeably.

As you yourself stated, CVSS does exactly what it says on the box. It provides a singular rating for a software vulnerability, in a vacuum. It does not prescribe to do anything more, and it does a good job doing what it sets out to do (including specifically as an input to other quantitative risk calculations).

Compare what with attack?

Your methodology heavily relies on “the analysis of cybersecurity experts”, and in particular, frequently references “exploit chains”, mappings which are not clearly defined, and appears to rely on the knowledge of the individual practitioner, rather than existing open frameworks. MITRE ATT&CK and CAPEC already provide such a mapping, as well as a list of threat actor groups leveraging tactics, techniques, and procedures (e.g., exploitation of a given CVE). Here’s a good articlewhich maps similarly to how we operate our cybersecurity program.

I think there is a lot on the mark in your article about the issues with cybersecurity today, but again, I believe that your premise that CVSS needs replacing is flawed, and I don’t think you provided a compelling case to demonstrate how/why it is flawed. If anything, I think you would agree that if organizations are exclusively using CVSS scores to prioritize remediation, they’re doing it wrong, and fighting an impossible battle. But this means the organization’s approach is wrong, not CVSS itself.

Your article stands better alone as a proposal for a methodology for quantifying risk and threat to an organization (or society?), rather than as a takedown of CVSS.

Glancing through your article, while you have correctly assessed the need for risk based prioritization of vulnerability remediation and mitigation, your central premise is flawed.

Vulnerability is not threat— CVSS is a scoring system for individual vulnerabilities, not exploit chains. For that, you’ll want to compare with ATT&CK or the legacy cyber kill chain.

No— it is more viable to set up cryogenic hydrogen infrastructure at an airport than replacing our gas stations with hydrogen stations along our roads today. Additionally, the amount of cooling, insulation, and pressurization equipment required will almost certainly be far too large and expensive to fit in a $20-30k passenger vehicle.

Realistically, if we assume a decarbonized future, it’s seeming that battery electric will be used in most small passenger vehicles (cars and trucks today), whereas hydrogen will be used in heavy equipment (construction, extraction, military) and aviation.

While I appreciate this, there were far too many questions, which were pretty technical for a layperson. And even after picking the most basic options, I was still presented with like six variants of Ubuntu, including Mint and Elementary.

How about something like:

• Do you use your computer more for games, or for work?
• How much do you care about open source?
• Do you know what a makefile is?