Legally speaking, no - it would still be a criminal offence.
Practically speaking, there is zero chance that the USA would extradite someone to Iran, even if they weren't currently at war with them. Whether they did anything about it would probably depend on exactly what the situation was - there's a big of difference between targeted IRGC or defence systems and ransomwaring an Iranian hospital or scamming random citizens.
Where they'd probably get you is if you tried to monetise it, and get stolen/extorted cryptocurrencies (or whatever) into your bank account. But that could easily fall under tax evasion laws rather than computer misuse ones, because they'd be a lot easier to prove in court.
It would be very dependent on the exact circumstances - who made a complaint, what exactly they're accusing you of, what evidence there is, how high profile it is, the current diplomatic position (which changes by the hour), etc, etc. I don't think you can really get a simple answer for this kind of question.
There's been a lot of nice quality of life changes in the 3.7 builds (which has now become 5.0.0) that make going back to the older versions a bit painful.
Also some pretty major gameplay and balance changes, some of which are pretty controversial. But overall, I think that it's a big improvement, and although I don't necessarily agree with all the changes it certainly makes the mid and late game a lot more interesting and varied (not to mention dangerous) than it was in 3.6.7.
Against the Storm (and excellent rouguelite city-builder) does this in a really cool way. Pausing is a core mechanic of the game, and you frequently pause while you place building or things like that - and all the visual animations stop (fire, rain, trees swaying, etc).
But when you find a broken ancient seal in the forest, the giant creepy eyeball moving around in it keeps moving even when you pause the game, which helps emphasise how other-worldly it is.
> The reason that the rich were so rich, Vimes reasoned, was because they managed to spend less money.
The "boots" item feels less true, because expensive doesn't seem to be as correlated with "good quality" as it used to. But the general statement still very much stands.
Things like financial products that charge higher interest rates to poorer people, or services that offer discounts for paying annually rather than monthly are great examples of this. And less direct things, like being able to drive to cheaper shops and buy in bulk, or being able to do preventative maintenance to avoid a cheap fix turning into an expensive one.
It can still apply to individual items, as long as you're careful about what you buy and do your research to make sure you're actually buying high quality boots, and not just cheap ones with an expensive logo on the side.
It's also just broadly true about whole categories. For example home ownership. Most poor people rent, which means having a place to live costs them money, but they get nothing for that money as a result, they just need to keep paying forever.
Utilities, in my country people who aren't trusted to pay for electricity, gas, even water (which you need to live!) in arrears have to pay up front for it, so maybe I use 500 kWh of electricity, and I've agreed to pay 20p per kWh = £100, at the end of the month I get a bill for £100 and I settle that a few days later, if I don't eventually I get angry letters and eventually a court summons. That's electricity I used two weeks ago and I won't even pay for it until May. But if I was poor, I might find my best option is I pre-pay £10 to get 40 kWh of electricity. So that 500kWh would cost £120 and I have to buy it first before I use it and if at any time I forget or can't pay the lights go off immediately that my credit runs out.
>Things like financial products that charge higher interest rates to poorer people, or services that offer discounts for paying annually rather than monthly are great examples of this.
Exchange of future cash flows are not comparable to a one time exchange of goods or services due to the risk of default.
> And less direct things, like being able to drive to cheaper shops and buy in bulk, or being able to do preventative maintenance to avoid a cheap fix turning into an expensive one.
This is a good example, but the best example I can think of is having sufficient cash flow to be able to purchase a home in a higher socioeconomic neighborhood, because if you have kids, you are effectively paying almost nothing for a higher quality education since a lot of comes back to you in the form of equity and your child’s increased chances of financial stability.
Expensive doesn't guarantee high quality, but very cheap almost always means low quality. A £200 pair of boots might be great and last for a decade, or might be overpriced and fall apart after six months. But a £5 pair are definitely going to be crap.
Which is why it makes sense to buy the 5 pound shoes 40 times if they last at least 3 months. Except for running shoes, I just get the Costco ones for $20 to $30 and toss them in 6 to 12 months.
But then you're constantly either breaking in a new pair, or dealing with a pair that's falling apart, and you're lucky to get 1 month of good comfortable wear out of those cheap shoes. And you have to go buy them every three months, and shoe models change constantly so you have to find the current cheap pair that actually fits you.
I am lucky I have a wide range that I find comfortable, because the $30 Costco shoes and the $180 On Clouds are all the same to me. I also don't buy them every 3 months, maybe 6 months at most frequent. Last time was probably almost a year ago, and I got 2 pairs, one to keep nice so they're presentable, and the other for literally anything else, and they look terrible, but still aren't coming apart.
Plus it gives the ransomware gangs a whole new angle they can use.
So, remember how you illegally paid us a ransom a few months ago? Unless you want to go to prison, then you better...
We're already seeing this against companies who pay ransoms and fail to report the breaches when they're legally required to - but it would be much worse if it's against individuals who are criminally liable.
It's one of those ideas that sounds nice in theory, but doesn't survive contact with the real world. In the same way that many people would say that you shouldn't negotiate with terrorists or kidnappers; but if it's their loved one who's being held and tortured they'll very quickly change their mind.
Getting to a world where no one pays ransoms and the ransomware groups give up and go away would be the ideal, and we'd all love to get there. But outlawing paying ransoms basically sacrificing everyone who gets ransomwared in the meantime until we get to that state for the greater good.
And where companies get hit, they'll try hard to find ways around that, because the alternative may well be shutting down the business. But if something like a hospital gets hit, are governments really going to be able to stand behind the "you can't pay a ransom" policy when that could directly lead to deaths?
Financial costs won't solve the problem for companies, because they're hard to enforce. You'd be weighting up the cost of dealing with the fallout of getting hacked against the cost of paying the random and the chance that you might get caught and fined. If that former cost is existential for the business, then it'd always be worth paying and taking the risk.
The only real way around that would personal consequences for the owners/directors of the company - "get caught paying a ransom and the whole board goes to jail" would certainly discourage people. And also provide a wonderful opportunity for blackmail when people did.
Not to mention all the problems of fining public sector organisations, and how counter-productive that usually is.
Right, make the penalty for paying a ransom catastrophic. Very few employees will risk a criminal conviction and years in federal prison just to protect their employer.
It's all fun and games until it's your livelihood at stake, and then it makes a lot more sense to acquiesce, lick your wounds, and keep your business alive.
Getting hacked is no fun, but companies don't deserve to die because something in their tech stack was vulnerable.
I respectfully disagree - I do agree that the natural financial death of a company probably shouldn't result in bailouts, but if I as a company get breached because my fully-updated, follows-best-practices Windows Domain got hacked because of a vulnerability in Microsoft's stuff? That's hardly fair.
Shouldn't I be able to sue Microsoft for financial relief?
That is an acceptable outcome. Life isn't fair. Companies fail all the time for a variety of unfair reasons. This will force customers to demand that Microsoft and other software vendors improve their own security practices and/or indemnify customers for damages from breaches. You can sue Microsoft for financial relief if they breach your contract.
I've also seen roads that have these kind of signs, but they only apply during busy hours.
However, as with any traffic controls they're useless if they're not actually enforced. Which is a shame, because it'd be absolutely trivial to automate that detection with cameras.
Let dashcam footage be used as evidence of traffic violations and behold how quick will drivers themselves be to send every such piece of footage to the police.
Practically speaking, there is zero chance that the USA would extradite someone to Iran, even if they weren't currently at war with them. Whether they did anything about it would probably depend on exactly what the situation was - there's a big of difference between targeted IRGC or defence systems and ransomwaring an Iranian hospital or scamming random citizens.
Where they'd probably get you is if you tried to monetise it, and get stolen/extorted cryptocurrencies (or whatever) into your bank account. But that could easily fall under tax evasion laws rather than computer misuse ones, because they'd be a lot easier to prove in court.
reply