Upgrade to llamafile 1f1793082e08350c57367ce3952243c6b356e9f2

boop

@@ -0,0 +1,536 @@
+[INST]Summarize the following article:
+
+   Link: canonical
+   Link: webmention
+   Mastodon 
+   [ Submit ]
+     * Home
+     * Workshops
+     * Speaking
+     * Media
+     * About
+     * Contact
+     * Sponsor
+     * *  *  *  * Sponsored by:
+
+                     A Decade of Have I Been Pwned
+
+     * *  *  *  * 04 December 2023
+
+   A decade ago to the day, I published a tweet launching what would
+   surely become yet another pet project that scratched an itch, was
+   kinda useful to a few people but other than that, would shortly
+   fade away into the same obscurity as all the other ones I'd
+   launched over the previous couple of decades:
+
+     It's alive! "Have I been pwned?" by @troyhunt is now up and
+     running. Search for your account across multiple breaches
+     http://t.co/U0QyHZxP6k
+
+     — Have I Been Pwned (@haveibeenpwned) December 4, 2013
+
+   And then, as they say, things kinda escalated quickly. The very
+   next day I published a blog post about how I made it so fast to
+   search through 154M records and thus began a now 185-post epic
+   where I began detailing the minutiae of how I built this thing,
+   the decisions I made about how to run it and commentary on all
+   sorts of different breaches. And now, a 10th birthday blog post
+   about what really sticks out a decade later. And that's precisely
+   what this 185th blog post tagging HIBP is - the noteworthy things
+   of the years past, including a few things I've never discussed
+   publicly before.
+
+  Pwned?
+
+   You know why it's called "Have I Been Pwned"? Try coming up with
+   almost any conceivable normal sounding English name and getting a
+   .com domain for it. Good luck! That was certainly part of it, but
+   another part of the name choice was simply that I honestly didn't
+   expect this thing to go anywhere. It's like I said in the intro of
+   this post where I fully expected this to be another failed
+   project, so why does the name matter?
+
+   But it's weird how "pwned" has stuck and increasingly, become
+   synonymous with HIBP. For many people, the first time they ever
+   hear the word is in the context of "Have I Been..." with an
+   ensuing discussion often explaining the origins of the term as it
+   relates to gaming culture. And if you do go and look for a
+   definition of the term online, you'll come across resources such
+   as How “PWNED” went from hacker slang to the internet’s favourite
+   taunt:
+
+     Then in 2013, when various web services and sites saw an uptick
+     in personal data breaches, security expert Troy Hunt created the
+     website “Have I Been Pwned?” Anyone can type in an email address
+     into the site to check if their personal data has been
+     compromised in a security breach.
+
+   And somehow, this little project is now referenced in the
+   definition of the name it emerged from. Weird.
+
+   But, because it's such an odd name that has so frequently been
+   mispronounced or mistyped, I've ended up with a whole raft of
+   bizarre domain names including haveibeenpaened.com,
+   haveibeenpwnded.com, haveibeenporned.com and my personal
+   favourite, haveibeenprawned.com (because a journo literally
+   pronounced it that way in a major news segment 🤦‍♂️). Not to
+   mention all the other weird variations including
+   haveibeenburned.com, haveigotpwned.com, haveibeenrekt.com and
+   after someone made the suggestion following the revelation that
+   PornHub follows me, haveibeenfucked.com 🤷‍♂️
+
+  Press
+
+   It's difficult to even know where to start here. How does the
+   little site with the weird name end up in the press? Inevitably,
+   "because data breaches", and it's nuts just how much exposure this
+   project has had because of them. These are often mainstream news
+   events and what reporters often want to impart to people is along
+   the lines of "Here's what you should do if you've been impacted",
+   which often boils down to checking HIBP.
+
+   Press is great for raising awareness of the project, but it has
+   also quite literally DDoS'd the service with the Martin Lewis
+   Money Show in the UK knocking it offline in 2016. Cool! No, for
+   real, I learned some really valuable lessons from that experience
+   which, of course, I shared in a blog post. And then ensured could
+   never happen again.
+
+   Back in 2018, Gizmodo reckoned HIBP was one of the top 100
+   websites that shaped the internet as we knew it, alongside the
+   likes of Wikipedia, Google, Amazon and Goatse (don't Google it).
+   Only the year after it launched, TIME magazine reckon'd it was one
+   of the 50 best websites of the year. And every time I do a Google
+   search for a major news outlet, I find this little website. The
+   Wall Street Journal. The Standard (nice headline!) USA Today.
+   Toronto Star. De Telegraaf. VG. Le Monde. Corriere della Sera.
+   It's wild - I just kept Googling for the largest newspapers in
+   various parts of the world and kept getting hits!
+
+   The point is that it's had impact, and nobody is more surprised
+   about that than me.
+
+  Congress
+
+   How on earth did I end up here?!
+
+   6 years and a few days ago now, I found myself in a place I'd only
+   ever seen before in the movies: Congress. American Congress.
+   Saying "pwned"!
+
+   For reasons I still struggle to completely grasp, the folks there
+   thought it would be a good idea if I flew to the other side of the
+   world and talked about the impact of data breaches on identity
+   verification. "You know they're just trying to get you to DC so
+   they can arrest you for all that stolen data you have, right?! 🤣",
+   the internet quipped. But instead, I had one of the most memorable
+   moments of my career as I read my testimony (these are public
+   hearings so it's all recorded and available to watch), responded
+   to questions from congressmen and congresswomen and rounded out
+   the trip staring down at where they inaugurate presidents:
+
+   Today, that photo adorns the wall outside my office and dozens of
+   times a day I look at it and ask the same question - how did it
+   all lead to this?!
+
+  Svalbard
+
+   The potential sale of HIBP was a very painful, very expensive
+   chapter of life, announced in a blog post from June 2019. For the
+   most part, I was as transparent and honest as I could be about the
+   reasons behind the decision, including the stress:
+
+     To be completely honest, it's been an enormously stressful year
+     dealing with it all.
+
+   More than one year later, I finally wrote about the source of so
+   much of that stress: divorce. Relationship circumstances had put a
+   huge amount of pressure on me and I needed a relief valve which at
+   the time, I thought would be the sale of the project I loved so
+   much but was becoming increasingly demanding. Ultimately, Project
+   Svalbard (the code name for the sale of HIBP), had the opposite
+   effect as years of bitter legal battles with my ex ensued, in part
+   due to the perceived value that would have been realised had it
+   been sold and some big tech company owned my arse for years to
+   come. The project I built out of a passion to do community good
+   was now being used as a tool to extract as much money out of me as
+   possible. There's a wild story to be told there one day but whilst
+   that saga is now well and truly behind me, the scars are still
+   raw.
+
+   There were many times throughout Project Svalbard where I felt
+   like I was living out an episode of Silicon Valley, especially as
+   I hopped between interviews at the who's-who of tech firms in San
+   Francisco to meet potential acquirers. But there was one moment in
+   particular that I knew at the time would form an indelible memory,
+   so I took a photo of it:
+
+   I'm sitting in a rental car in Yosemite whilst driving from the
+   aforementioned meetings in SF and onto Vegas for the annual big
+   cyber-events. I had a scheduled call with a big tech firm who was
+   a potential acquirer and should that deal go through, the guy I
+   was speaking to would be my new boss. I'd done that dozens of
+   times by now and I don't know if it was because I was especially
+   tired or emotional or if there was something in the way he phrased
+   the question, but this triggered something deep inside me:
+
+     So Troy, what would your perfect day in the office look like?
+
+   I didn't say it this directly, but I kid you not this is exactly
+   what popped into my mind:
+
+     I get on my jet ski and I do whatever the fuck I want
+
+   My potential new overlord had somehow managed to find exactly the
+   raw nerve to touch that made me realise how valuable independence
+   had become to me. 6 months later, Project Svalbard was dead after
+   a deal I'd struck fell through. I still can't talk about the
+   precise circumstances due to being NDA'd up to wazoo, but the term
+   we chose to use was "a change of business circumstances on behalf
+   of the purchaser". With the benefit of hindsight, I've never been
+   so happy to have lost so much 😊
+
+  The FBI
+
+   10 years ago, I certainly didn't see this on the cards:
+
+     This is so cool, thanks @FBI 😊 pic.twitter.com/aqMi3as91O
+
+     — Troy Hunt (@troyhunt) June 28, 2023
+
+   Nor did I expect them to be actively feeding data into HIBP. Or
+   the UK's NCA to be feeding data in. Or various other law
+   enforcement agencies the world over. And I never envisioned a time
+   where dozens of national governments would be happy to talk about
+   using the service.
+
+   A couple of months ago, the ABC wrote a long piece on how this
+   whole thing is, to use their term, a strange sign of the times.
+
+     He’s just “a dude on the web”, but Troy Hunt has ended up
+     playing an oddly central role in global cybersecurity.
+
+   It's strange until you look at through the lens of aligned
+   objectives: the whole idea of HIBP was "to do good things after
+   bad things happen" which is well aligned with the mandates of law
+   enforcement agencies. You could call it... common ground:
+
+   IFrame
+
+   This is something I suspect a lot of people don't understand -
+   that law enforcement agencies often work in conjunction with
+   private enterprise to further their goals of protecting people
+   just like you and me. It's something I certainly didn't understand
+   10 years ago, and I still remember the initial surprise when
+   agencies started reaching out. Many years on, these have become
+   really productive relationships with a bunch of top notch people,
+   a number of whom I now count as friends and make an effort to
+   spend time with on my travels.
+
+  Passwords
+
+   This was never on the cards originally. In fact, I'd always been
+   adamant that there should never be passwords in HIBP although in
+   my defence, the sentiment was that they should never appear next
+   to the username to which they originally accompanied. But looking
+   at passwords through the lens of how breach data can be used to do
+   good things, a list of known compromised passwords disassociated
+   from any form of PII made a lot of sense. So, in 2017, Pwned
+   Passwords was born. You know what I was saying earlier about
+   things escalating quickly? Yeah:
+
+     Setting all new records for Pwned Passwords this week: biggest
+     day ever yesterday at 282M requests and biggest rolling 30 days
+     ever, now passing the 6 *billion* requests mark!
+     pic.twitter.com/dQiuQim3da
+
+     — Troy Hunt (@troyhunt) September 12, 2023
+
+   As if to make the point, I just checked the latest stats and last
+   week we did 301.6M requests in a single day. 100% of those
+   requests - and that's not a rounded number either, it's
+   100.0000000000% - were served from Cloudflare's cache 🤯
+
+   There's so much I love about this service. I love that it's free,
+   there's no auth, it's entirely open source (both code and data),
+   the FBI feeds data into it and perhaps most importantly, it has
+   real impact on security. It's such a simple thing, but every time
+   you see a headline such as "Big online website hit with credential
+   stuffing attack", a significant portion of the accounts being
+   taken over have passwords that could easily have been blocked.
+
+  The Paradox of Handling Data Breaches
+
+   On multiple occasions now, I've had conversations that can best be
+   paraphrased as follows:
+
+   Random Internet Person: I'm going to report you to the FBI for
+   having all that stolen data
+
+   Me: Maybe you should start by Googling "troy hunt fbi" first...
+
+   But I understand where they're coming from and the paradox I refer
+   to is the perceived conflict between handling what is usually the
+   output of a crime whilst simultaneously trying to perform a
+   community good. It's the same discussion I've often had with
+   people citing privacy laws in their corner of the world (often the
+   EU and GDPR) as the reason why HIBP shouldn't exist: "but you're
+   processing data without informed consent!", they'll claim. The
+   issue of there being other legal bases for processing aside,
+   nobody consents to being in a data breach! The natural progression
+   of that conversation is that being in a data breach is a parallel
+   discussion to HIBP then indexing it and making it searchable,
+   which is something I've devoted many words to addressing in the
+   past.
+
+   But for all the bluster the occasional random internet person can
+   have (and honestly, I could count the number of annual instances
+   of this on one hand), nothing has come of any complaints. And when
+   I say "complaints", it's often nothing more than a polite
+   conversation which may simply conclude with an acknowledgment of
+   opposing views and that's it. There has been one exception in the
+   entire decade of running this service where a complaint did come
+   via a government privacy regulator, I responded to all the
+   questions that were asked and that was the end of it.
+
+  People
+
+   When you have a pet project like HIBP was in the beginning, it's
+   usually just you putting in the hours. That's fine, it's a hobby
+   and you're scratching an itch, so what does it matter that there's
+   nobody else involved? Like many similar passion projects, HIBP
+   consumed a lot of hours from early on, everything from obviously
+   building the service then sourcing data breaches, verifying and
+   disclosing them, writing up descriptions and even editing every
+   single one of those 700+ logos by hand to be just the right
+   dimensions and file size. But in the beginning, if I'd just
+   stopped one day, what would happen? Nothing. But today, a
+   genuinely important part of the internet that a huge number of
+   individuals, corporations and governments have built dependencies
+   on would stop working if I lost interest.
+
+   The dependency on just me was partly behind the possible sale in
+   2019, but clearly that didn't eventuate. There was always the
+   option to employ people and build it out like most people would a
+   normal company, but every time I gave that consideration it just
+   didn't stack up for a whole bunch of reasons. It was certainly
+   feasible from the perspective of building some sort of valuable
+   commercial entity, but in just the same way as that question about
+   my perfect day in the office sucked the soul from my body, so did
+   the prospect of being responsible for other people. Employment
+   contracts. Salary negotiations. Performance reviews. Sick leave
+   and annual leave and all sorts of other people issues from
+   strangers I'd need to entrust with "my baby". So, bringing in more
+   people was a really unattractive idea, with 2 exceptions:
+
+   In early 2021, my (soon to be at the time) wife Charlotte started
+   working for HIBP.
+
+   Charlotte had spent the last 8 years working with people just like
+   me; software nerds. As a project manager for the NDC conferences
+   based out of Norway, she'd dealt with hundreds of speakers
+   (including me on many occasions), and thousands of attendees at
+   the best conference I've ever been a part of. Plus, she spent a
+   great deal of time coordinating sponsors, corporate attendees and
+   all sorts of other folks that live in the tech world HIBP
+   inhabited. For Charlotte, even though she's not a technical person
+   (her qualifications are in PR and entrepreneurial studies), this
+   was very familiar territory.
+
+   So, for the last few years, Charlotte has done absolutely
+   everything that she can to ensure that I can focus on the things
+   that need my attention. She onboards new corporate subscribers,
+   handles masses of tickets for API and domain subscribers and does
+   all the accounting and tax work. And she does this tirelessly
+   every single day at all sorts of hours whether we're at home or
+   travelling. She is... amazing 🤩
+
+   Earlier this year, Stefán Jökull Sigurðarson started working for
+   us part time writing code, cleaning up code, migrating code and,
+   well, doing lots of different code things.
+
+   Just today I asked Stefán what I should write about him, thinking
+   he'd give me some bullet points I'd massage and then incorporate
+   into this blog post. Instead, I reckon what he wrote was so spot
+   on that I'm just going to quote the entire thing here:
+
+     "Just" that having had my eye on the service since it was
+     released and then developing one of the first big integrations
+     with the PwnedPasswords v2 API in EVE, coinciding with us
+     meeting for the first time at NDC Oslo in 2018 shortly after, 
+     HIBP has managed to take me on this awesome journey where it has
+     been a part of launching my public speaking career, contributing
+     to OSS with Pwned Passwords, becoming an MVP and helped me meet
+     a bunch of awesome people and allowed me to contribute to a
+     better and hopefully safer internet. I'm very happy and honoured
+     to a be a part of this project which is full of awesome
+     challenges and interesting problems to deal with. Having meeting
+     invites from the FBI in my inbox a few years after doing a few
+     experimental rest calls to the Pwned Passwords API in early 2018
+     was definitely not something I was expecting 😅
+
+   What really resonated with me in Stefán's message is that for him,
+   this isn't just a job, it's a passion. His journey is my journey
+   in that we freely devoted our time to do something we love and it
+   led to many wonderful things, including MVP roles and speaking at
+   "Charlotte's" conference, NDC. Stefán is based in Iceland, but
+   we've still had many opportunities to share beers together and
+   establish a relationship that transcends merely writing code. I
+   can't think of anyone better to do what he does today.
+
+Breaches
+
+   731 breaches later, here we are. So, what stands out? Just going
+   off the top of my head here:
+
+   Ashley Madison. Every knows the name so it needs no introduction,
+   but that incident in 2015 had a major impact on HIBP in terms of
+   use of the service, and also a major impact on me in terms of the
+   engagements I had with impacted parties. My blog post on Here’s
+   what Ashley Madison members have told me still feels harrowing to
+   read.
+
+   Collection #1. This is the one that really contributed to my
+   stress levels in early 2019 and had a profound impact on my
+   decision to look at selling the service. Read about where those
+   773M records came from (still the largest breach in HIBP to date).
+
+   Rosebutt. Don't make a joke about it, don't make a joke about it,
+   don't... aw man, thanks The Register! (link to an archive.org
+   version as they seem to have thought better of their image choice
+   later on...) The point is that even serious data breaches can have
+   their moments of levity.
+
+   Shit Express. Sometimes, you just need a bit of hilarity in your
+   data breach. Shit Express is literally a site to send other people
+   pieces of that - anonymously - and they got breached, thus
+   somewhat affecting their anonymity. The more serious point is that
+   as I later wrote, claims of anonymity are often highly misleading.
+
+Future
+
+   I often joke about my life being very much about getting up each
+   morning, reading my emails and events from overnight and then just
+   winging it from there. Of course there are the occasional
+   scheduled things not to mention travel commitments, but for the
+   most part it's very much just rolling with whatever is demanding
+   attention on the day. This is also probably a significant part of
+   why I don't really want to see this thing grow into a larger
+   concern with more responsibilities, I just don't want to lose that
+   freedom. Yet...
+
+   We're gradually moving in a direction where things become more
+   formalised. 3 years ago, I did 100% of everything myself. 1 year
+   ago, I did everything technical myself. 6 months ago, we had no
+   ticketing system for support. But these are small, incremental
+   steps forward and that's what I'd like to see continuing. I want
+   HIBP to outlive me, I just don't want it to become a burden I'm
+   beholden to in the process. I'd like to have more people involved
+   but as you can see from above, that's been a very slow process
+   with only those very close to me playing a role.
+
+   The only thing I have real certainty on at the moment is that
+   there will be more breaches. I've commented many times recently
+   that the scourge that is ransomware feels like it's really
+   accelerated lately, I wonder how many of the people in the emails
+   and documents and all sorts of other data that get dumped there
+   ever learn of their exposure? It's a non-trivial exercise to index
+   that (for all sorts of reasons), but it also seems like an
+   increasingly worthy exercise. Who knows, let's see how I feel when
+   I get up tomorrow morning 🙂
+
+   Finally, for this week's regular video, I'm going to make a
+   birthday special and do it live with Charlotte. Please come and
+   join us, I'm not entirely sure what we'll cover (I'll work it out
+   on the morning!) but let's make a virtual 10th birthday party out
+   of it 🎂
+
+   IFrame
+   Have I Been Pwned Tweet Post Update Email RSS
+   Troy Hunt's Picture
+
+      Troy Hunt
+
+   Hi, I'm Troy Hunt, I write this blog, create courses for
+   Pluralsight and am a Microsoft Regional Director and MVP who
+   travels the world speaking at events and training technology
+   professionals
+
+   Please enable JavaScript to view the comments powered by Disqus.
+
+    Troy Hunt
+
+   Hi, I'm Troy Hunt, I write this blog, run "Have I Been Pwned" and
+   am a Microsoft Regional Director and MVP who travels the world
+   speaking at events and training technology professionals
+
+    Upcoming Events
+
+   I often run private workshops around these, here's upcoming events
+   I'll be at:
+
+    Must Read
+
+     * Data breach disclosure 101: How to succeed after you've failed
+     * Data from connected CloudPets teddy bears leaked and ransomed,
+       exposing kids' voice messages
+     * Here's how I verify data breaches
+     * When a nation is hacked: Understanding the ginormous
+       Philippines data breach
+     * How I optimised my life to make my job redundant
+
+   Don't have Pluralsight already? How about a 10 day free trial?
+   That'll get you access to thousands of courses amongst which are
+   dozens of my own including:
+
+    1. OWASP Top 10 Web Application Security Risks for ASP.NET
+    2. What Every Developer Must Know About HTTPS
+    3. Hack Yourself First: How to go on the Cyber-Offense
+    4. The Information Security Big Picture
+    5. Ethical Hacking: Social Engineering
+    6. Modernizing Your Websites with Azure Platform as a Service
+    7. Introduction to Browser Security Headers
+    8. Ethical Hacking: SQL Injection
+    9. Web Security and the OWASP Top 10: The Big Picture
+   10. Ethical Hacking: Hacking Web Applications
+
+    This is already the newest post!
+
+    Weekly Update 376
+
+   Subscribe
+
+    Subscribe Now!
+
+   Send new blog posts:
+   [ ] daily
+   [ ] weekly
+
+   _____________________ [ go! ]
+
+   Hey, just quickly confirm you're not a robot:
+
+   Submitting...
+
+   Got it! Check your email, click the confirmation link I just sent
+   you and we're done.
+
+        Copyright 2023, Troy Hunt
+
+   This work is licensed under a Creative Commons Attribution 4.0
+   International License. In other words, share generously but
+   provide attribution.
+
+        Disclaimer
+
+   Opinions expressed here are my own and may not reflect those of
+   others. Unless I'm quoting someone, they're just my own views.
+
+        Published with Ghost
+
+   This site runs entirely on Ghost and is made possible thanks to
+   their kind support. Read more about why I chose to use Ghost.
+
+     * *  *  *  *   
+
+[/INST]

mistral-7b-instruct-v0.1-Q4_K_M-main.llamafile

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:1944286a05b979cb37652c2cf8a00f3fbc5275b6d0108b36adb199962de65562
-size 4372112113
+oid sha256:bdaeb0ef1585433be5787abee1b33262e8c226d44af3774ef5090e349825db4d
+size 4372701937

mistral-7b-instruct-v0.1-Q4_K_M-server.llamafile

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:9fc5f94f1fb497744931fd31362248d43bea89b00a41fd5d65bcdb19f5c501ef
-size 4373161170
+oid sha256:20def5a6a51d6ce8bcd78fc2765e5f6813530cba34d9d294b949ef7c3d2d949a
+size 4373292242