Prediction markets sell themselves as truth engines. Put money on outcomes, strip away noise, and let prices reveal reality. The Venezuela strike exposes the cost of that logic. When someone can profit from a covert military operation before the public knows it happened, markets stop forecasting the future and start rewarding proximity to power. This isn’t information discovery. It’s monetized access.

The political problem is simple and corrosive: greed gets institutionalized. When insiders are encouraged to leak or act early because there’s money on the table, restraint becomes irrational. Journalism delays publication to protect lives. Markets pay you to move first and ask questions never.

The ethical problem runs deeper. Prediction platforms don’t just reflect reality; they reshape incentives inside governments, corporations, and security institutions. They quietly ask every insider: do your job, or place your bet?

And the security problem may be the most dangerous of all. Classified plans, military actions, and diplomatic moves become market signals. Prices move faster than accountability. Risk is no longer mitigated; it’s priced.

Efficient markets are not moral systems. When everything becomes tradable, even secrecy turns into a commodity. And when insiders win, the public doesn’t gain clarity. It absorbs the risk.

TL;DR
🧠 Prediction markets reward access to secrets
⚡ Greed displaces ethics and restraint
🎓 Security decisions become financial signals
🔍 Truth priced by markets is not the same as a public good

https://www.theatlantic.com/technology/2026/01/venezuela-maduro-polymarket-prediction-markets/685526/

#MarketEthics #Politics #Crypto #Power #security #privacy #cloud #infosec #cybersecurity

#curl 8.18.0 has been released. This release fixes 1 medium and 5 low level vulnerabilities:
- CVE-2025-14017: broken TLS options for threaded LDAPS https://curl.se/docs/CVE-2025-14017.html
- CVE-2025-14524: bearer token leak on cross-protocol redirect https://curl.se/docs/CVE-2025-14524.html
- CVE-2025-14819: OpenSSL partial chain store policy bypass https://curl.se/docs/CVE-2025-14819.html
- CVE-2025-15079: libssh global knownhost override https://curl.se/docs/CVE-2025-15079.html
- CVE-2025-15224: libssh key passphrase bypass without agent set https://curl.se/docs/CVE-2025-15224.html

I discovered the last 2 vulnerabilities.

Download curl 8.18.0 from https://curl.se/download.html

#vulnerabilityresearch #vulnerability #cybersecurity #infosec

#curl 8.18.0 has been released. This release fixes 1 medium and 5 low level vulnerabilities:
- CVE-2025-14017: broken TLS options for threaded LDAPS https://curl.se/docs/CVE-2025-14017.html
- CVE-2025-14524: bearer token leak on cross-protocol redirect https://curl.se/docs/CVE-2025-14524.html
- CVE-2025-14819: OpenSSL partial chain store policy bypass https://curl.se/docs/CVE-2025-14819.html
- CVE-2025-15079: libssh global knownhost override https://curl.se/docs/CVE-2025-15079.html
- CVE-2025-15224: libssh key passphrase bypass without agent set https://curl.se/docs/CVE-2025-15224.html

I discovered the last 2 vulnerabilities.

Download curl 8.18.0 from https://curl.se/download.html

#vulnerabilityresearch #vulnerability #cybersecurity #infosec

Prediction markets sell themselves as truth engines. Put money on outcomes, strip away noise, and let prices reveal reality. The Venezuela strike exposes the cost of that logic. When someone can profit from a covert military operation before the public knows it happened, markets stop forecasting the future and start rewarding proximity to power. This isn’t information discovery. It’s monetized access.

The political problem is simple and corrosive: greed gets institutionalized. When insiders are encouraged to leak or act early because there’s money on the table, restraint becomes irrational. Journalism delays publication to protect lives. Markets pay you to move first and ask questions never.

The ethical problem runs deeper. Prediction platforms don’t just reflect reality; they reshape incentives inside governments, corporations, and security institutions. They quietly ask every insider: do your job, or place your bet?

And the security problem may be the most dangerous of all. Classified plans, military actions, and diplomatic moves become market signals. Prices move faster than accountability. Risk is no longer mitigated; it’s priced.

Efficient markets are not moral systems. When everything becomes tradable, even secrecy turns into a commodity. And when insiders win, the public doesn’t gain clarity. It absorbs the risk.

TL;DR
🧠 Prediction markets reward access to secrets
⚡ Greed displaces ethics and restraint
🎓 Security decisions become financial signals
🔍 Truth priced by markets is not the same as a public good

https://www.theatlantic.com/technology/2026/01/venezuela-maduro-polymarket-prediction-markets/685526/

#MarketEthics #Politics #Crypto #Power #security #privacy #cloud #infosec #cybersecurity

New year, new password reset at work...

My new password is "NCSC advises against regular password expiry"

Actually TBF that was my old one, my new one is "NCSC advises against regular password expiry2"

#NCSC #passwords #InfoSec

I’m looking for 2 people to sanity-check the approach (10 minutes).

If you work with #requirements, #compliance, or #audits: what would you need to try this on a real spec?
Boost welcome 🤗

#DSL #opensource #itsecurity #requirementsengineering #infosec

I’m looking for 2 people to sanity-check the approach (10 minutes).

If you work with #requirements, #compliance, or #audits: what would you need to try this on a real spec?
Boost welcome 🤗

#DSL #opensource #itsecurity #requirementsengineering #infosec

Fediverse check: who can actually see this? 👋

I’m building dsl-core: an open-source #DSL that makes requirements machine-readable and verifiable (ambiguity / atomicity / consistency).

❓ What would be the first meaningful use case for you?
Repo: https://github.com/rock-the-prototype/dsl-core
(Boost welcome 🙏)

#opensource #itsecurity #requirementsengineering #infosec

New year, new password reset at work...

My new password is "NCSC advises against regular password expiry"

Actually TBF that was my old one, my new one is "NCSC advises against regular password expiry2"

#NCSC #passwords #InfoSec