Software Security Testing Services

Guard your digital assets with Xcoder is the leading name in the realm of software security testing services. Our expert team meticulously evaluates and fortifies your software against potential vulnerabilities, ensuring a robust defense against cyber threats. Our comprehensive approach covers penetration testing, code review, and vulnerability assessments, providing you with a thorough analysis of your software's security posture. Secure your software with Xcoder and fortify your digital presence. To know more kindly visit https://xcoder.agency/services/software-security-testing/

AI in DevSecOps: Revolutionizing Security Testing and Code Analysis

DevSecOps, short for Development, Security, and Operations, is an approach that integrates security practices within the DevOps workflow. You can think of it as an extra step necessary for integrating security. Before, software development focused on speed and efficiency, often delaying security to the final stages.  

However, the rise in cyber threats has made it essential to integrate security into every phase of the software lifecycle. This evolution gave rise to DevSecOps, ensuring that security is not an afterthought but a shared responsibility across teams. 

From DevOps to DevSecOps: The Main Goal 

The shift from DevOps to DevSecOps emphasizes applying security into continuous integration and delivery (CI/CD) pipelines. The main goal of DevSecOps is to build secure applications by automating security checks. This approach helps in fostering a culture where developers, operations teams, and security experts collaborate seamlessly.  

How is AI Reshaping the Security Testing & Code Analysis Industry? 

Artificial intelligence and generative AI are transforming the landscape of security testing and code analysis by enhancing precision, speed, and scalability. Before AI took over, manual code reviews and testing were time-consuming and prone to errors. AI-driven solutions, however, automate these processes, enabling real-time vulnerability detection and smarter decision-making. 

Let’s look at how AI does that in detail:  

AI models analyze code repositories to identify known and unknown vulnerabilities with higher accuracy. 

Machine learning algorithms predict potential attack vectors and their impact on applications. 

AI tools simulate attacks to assess application resilience, saving time and effort compared to manual testing. 

AI ensures code adheres to security and performance standards by analyzing patterns and dependencies. 

As you can imagine, there have been several benefits of this:  

Reducing False Positives: AI algorithms improve accuracy in identifying real threats. 

Accelerating Scans: Traditional methods could take hours, but AI-powered tools perform security scans in minutes. 

Self-Learning Capabilities: AI systems evolve based on new data, adapting to emerging threats. 

Now that we know about the benefits AI has, let’s look at some challenges AI could pose in security testing & code analysis: 

AI systems require large datasets for training, which can expose sensitive information if not properly secured. This could cause disastrous data leaks.  

AI models trained on incomplete or biased data may lead to blind spots and errors. 

While AI automates many processes, over-reliance can result in missed threats that require human intuition to detect. 

Cybercriminals are leveraging AI to create advanced malware that can bypass traditional security measures, posing a new level of risk. 

Now that we know the current scenario, let’s look at how AI in DevSecOps will look like in the future:  

The Future of AI in DevSecOps 

AI’s role in DevSecOps will expand with emerging trends as:  

Advanced algorithms will proactively search for threats across networks, to prevent attacks. 

Future systems will use AI to detect vulnerabilities and automatically patch them without human intervention. 

AI will monitor user and system behavior to identify anomalies, enhancing the detection of unusual activities. 

Integrated AI platforms will facilitate seamless communication between development, operations, and security teams for faster decision-making. 

AI is revolutionizing DevSecOps by making security testing and code analysis smarter, faster, and more effective. While challenges like data leaks and algorithm bias exist, its potential is much more than the risks it poses.  

To learn how our AI-driven solutions can elevate your DevSecOps practices, contact us at Nitor Infotech. 

What's the most common mistake with Appium in mobile web automation?

🤔 Drop your answer below! 👇

Get in Touch with Us!

🌐 Website: qo-box.com 💼 LinkedIn: linkedin.com/company/qo-box 🐦 Twitter: twitter.com/QoBox 📘 Facebook: facebook.com/Qo-Box-103130538903076 📸 Instagram: instagram.com/qo_box

Why Businesses Need Network Penetration Testing in the Age of Cyber Warfare

In 2023, cybercrime inflicted an estimated $8 trillion in global losses, a staggering figure that underscores the ever-present threat businesses face in the digital age. Just like a physical security breach, a cyberattack can have devastating consequences, leading to data breaches, financial losses, and reputational damage.

Yet, many businesses remain vulnerable, unaware of the hidden weaknesses lurking within their networks. This is where network penetration testing (pen testing) becomes crucial. Pen testing acts as a preemptive strike against cybercrime, simulating an ethical attack to identify and exploit vulnerabilities before malicious actors do.

A healthcare provider, storing sensitive patient information, unknowingly has a weak firewall configuration. This vulnerability could remain undetected for years, waiting for a malicious hacker to exploit it and gain access to confidential data. A pen test could have identified this weakness, allowing the healthcare provider to patch the vulnerability and prevent a potentially disastrous data breach.

Here's why businesses, regardless of size or industry, cannot afford to ignore network penetration testing:

Proactive Defense: Pen testing is a proactive approach to cybersecurity, identifying vulnerabilities before they can be exploited by real attackers. Statistics reveal that 64% of businesses experienced a cyberattack in the past year, highlighting the critical need for proactive measures.

Prioritized Remediation: Pen tests go beyond simply identifying vulnerabilities; they prioritize them based on their severity and potential impact. This helps businesses allocate resources effectively, focusing on the most critical issues first.

Compliance and Regulation: Many industries, such as healthcare and finance, have specific regulations requiring regular pen testing. This ensures businesses maintain a minimum level of cybersecurity hygiene.

Informed Decision-Making: Pen testing provides valuable insights into an organization's overall security posture, allowing them to understand how their defenses would hold up against real-world attacks. This knowledge empowers businesses to make informed decisions about strengthening their security investments.

Engage with our team of Security Testing Company to strategically plan your testing approach and maintain continuous monitoring of your applications. Cybersecurity Penetration Testing isn't merely a requirement; it's a proactive measure towards protecting your digital assets in a constantly evolving threat environment.

Web App Development Services in San Francisco

SleekSky stands out because we're good at creating awesome web apps in San Francisco. We take your ideas and turn them into cool digital solutions using our expertise, creativity, and the latest technologies. Our experienced team works closely with you to understand what you need, making everything personalized. From the start to the finish, SleekSky makes sure the whole process is smooth. We create top-notch web apps that shine in San Francisco. Choose SleekSky to make your online presence stand out with our excellent web app development services in San Francisco, where your ideas meet amazing technology!

Choose our software expertise: https://bit.ly/47HDEZZ

HR Innovations & Growth | FYI Solutions

Innovate your HR practices for sustained growth and competitive advantage. Visit today https://fyisolutions.com

Ethical Hacking and Penetration Testing

In today's digital landscape, the need for robust cybersecurity measures has become paramount. With the rise in cyber threats and attacks, organizations and individuals are constantly seeking ways to protect their valuable data and systems. Two methods that have gained significant attention in recent years are ethical hacking and penetration testing. In this article, we will explore what ethical hacking and penetration testing entail, their importance in safeguarding against cyber threats, and how they differ from each other.

Ethical Hacking

Ethical hacking, also known as white-hat hacking, is the practice of intentionally infiltrating computer systems and networks to identify vulnerabilities before malicious hackers can exploit them. Ethical hackers, often referred to as cybersecurity professionals or penetration testers, use their knowledge and skills to legally and ethically assess the security of an organization's infrastructure. Their goal is to proactively identify weaknesses and vulnerabilities, allowing organizations to patch them up before they can be exploited.

One of the key aspects of ethical hacking is the mindset of thinking like a hacker. Ethical hackers adopt the same techniques and methodologies that malicious hackers use, but with the intention of helping organizations strengthen their security. They employ a range of tools and techniques to conduct penetration testing, including vulnerability scanning, network mapping, and social engineering. By simulating real-world attack scenarios, ethical hackers can uncover vulnerabilities that might otherwise go unnoticed.

Ethical hacking plays a crucial role in ensuring the security and integrity of computer systems. It enables organizations to identify and address potential weaknesses in their infrastructure, preventing unauthorized access and data breaches. By proactively seeking out vulnerabilities, ethical hackers help organizations stay one step ahead of cybercriminals.

The Growing Importance of Ethical Hacking

In a world where cyberattacks are becoming increasingly sophisticated, ethical hacking plays a pivotal role in safeguarding sensitive information and critical infrastructure. Businesses, governments, and organizations across the globe recognize the value of proactive cybersecurity measures.

Ethical hackers and penetration testers are in high demand, with career opportunities spanning various industries, including finance, healthcare, and tech. Their skills are crucial for fortifying defenses, ensuring compliance with data protection regulations, and ultimately, preserving trust in the digital world.

The Intricate Art of Penetration Testing

Penetration Testing, often referred to as pen testing, is a subset of ethical hacking. It involves actively simulating cyberattacks to evaluate the security of a system, network, or application. Penetration testers employ a systematic approach, mimicking the tactics of real attackers to identify vulnerabilities and assess the potential impact of an attack.

There are different types of penetration testing, such as network penetration testing, application penetration testing, and social engineering testing. Each type focuses on specific areas of an organization's infrastructure and helps uncover vulnerabilities that may have been overlooked. By conducting regular penetration tests, organizations can ensure that their security measures are effective and up to date.

Conclusion

In the ever-evolving world of cybersecurity, ethical hacking and penetration testing are indispensable tools for organizations and individuals seeking to safeguard their digital assets. Ethical hacking allows organizations to proactively identify vulnerabilities and strengthen their security measures before malicious hackers can exploit them. Penetration testing goes a step further by simulating real-world attacks to assess the effectiveness of existing security measures.

Security Testing Market to Generate $36.78 Billion by 2030

According to a recent report published by Allied Market Research, titled, “Security Testing Market by Type, Deployment Mode, Enterprise Size, and Industry Vertical: Global Opportunity Analysis and Industry Forecast, 2021–2030,” the global security testing market size was valued at $6.25 billion in 2020, and is projected to reach $36.78 billion by 2030, growing at a CAGR of 19.2% from 2021 to 2030.

Security testing is the most important testing for an application to check whether the confidential data is safe and secure from various types of vulnerabilities. In addition, security testing is very important in software engineering to protect data by all false mean. Security testing is adopted in various automotive and manufacturing organizations in their production units to identify the threats in the system and measure its potential vulnerabilities, so that when the threats are encountered the system does not stop functioning or exploited. Furthermore, the key factors that drive the security testing market trends include surge in web and mobile-based business critical applications requiring higher secure endpoint protection and enterprises implementing security measures to prevent financial losses due to increased sophistication in cyberattacks. In addition, stringent government regulations to increase the adoption of security testing solutions and services positively impact the growth of the market. However, factors such as lack of skilled security professionals and higher cost involved in conducting security tests are expected to hamper the market growth. On the contrary, increase in adoption of cloud-based security testing and evolution of technologies and implementation of new technologies, such as DevOps, DevSecOps, and Agile, in software security testing are anticipated to offer remunerative opportunities for the expansion of the market during the forecast period.

Depending on type, the network security segment is expected to hold the largest security testing market share owing to growing need for network security among enterprises and surge in adoption of cloud-based security technologies among various sectors. However, device security segment has witnessed high growth during the forecast period, owing to increase in favorable government regulations for device security across various countries and significant rise in BYOD culture across various sector.

Region wise, the security testing market was dominated by North America, and is expected to retain its position during the forecast period. This is attributed to increase in adoption of advance technologies such as cloud technology, big data, artificial intelligence, and machine learning for automating the security testing and preventing any accidents with real-time monitoring of machines. However, Asia-Pacific is expected to witness significant growth rate during the forecast period, owing to rise in security testing awareness and growth in number of SMEs adopting cloud-based security testing.

The outbreak of COVID-19 is anticipated to have a positive impact on the growth of the security testing market. With the wake of COVID-19 pandemic, enterprises are allowing employees to work from home with their own devices, such as laptops and smartphones, to access company data as well as also provide company-specific web and mobile-based applications for usage. These external devices work on network of the employees, which is susceptible to various cyberattacks due to insufficient security. In addition, with the risk of these devices or applications getting hacked, enterprise data are being leaked and misused, there is an increase in adoption of security testing to provide higher secure endpoint protection for testing of such devices as well as applications. In addition, mitigating potential cyber threats is expected to drive the growth of security testing during the COVID-19 pandemic.

Inquiry Before Buying: https://www.alliedmarketresearch.com/purchase-enquiry/12894

Key Findings Of The Study

Region wise, North America generated highest revenue in 2020.

Depending on security type, the network security segment generated the highest revenue in 2020.

The key players profiled in the security testing market analysis are AT&T, Inc., Cigniti, International Business Machines Corporation, McAfee, LLC, Micro Focus, NTT Security AppSec Solutions Inc., Rapid7, SecureWorks, Inc., Synopsys, Inc., and Veracode. These players have adopted various strategies to increase their market penetration and strengthen their position in the security testing industry.

About Us: Allied Market Research (AMR) is a full-service market research and business-consulting wing of Allied Analytics LLP based in Portland, Oregon. Allied Market Research provides global enterprises as well as medium and small businesses with unmatched quality of “Market Research Reports Insights” and “Business Intelligence Solutions.” AMR has a targeted view to provide business insights and consulting to assist its clients to make strategic business decisions and achieve sustainable growth in their respective market domain.

Empower Your Business with Avantao's Modern Web Development Services

Avantao Technologies is a cutting-edge software development company that specializes in providing advanced technology solutions for businesses. One of their core services is Modern Web Development, which focuses on creating high-quality, dynamic websites and web applications that meet the needs of modern businesses.

How Much Does it Cost to Hire a Security Testing Company?

Security testing has become crucial as businesses and organizations strive to protect their digital assets from potential cyber threats. 

But how much does it cost to hire a security testing company?

When determining the cost of software testing services, you may hope for a straightforward answer. However, it's not that simple. 

Numerous factors contribute to the overall pricing of a security test, such as the scope of testing, the size of the project, etc. 

This blog will explore these factors to provide a comprehensive understanding of expenses.

Keep reading to know these factors.

5 Factors Determining The Cost of Hiring a Security Testing Company 

1. Objectives Of The Test

The cost of hiring the security testing provider will depend on the goals you want to accomplish. 

If the objectives are relatively simple, such as a basic vulnerability scan or a limited-scope test, the cost may be lower. However, the price will likely be higher if the objectives are more comprehensive, involving complex testing scenarios, in-depth analysis, and thorough testing across multiple systems and networks.

2. System and Endpoint Scope: What Will Be Tested?

A larger scope that includes testing a wide range of systems and endpoints will generally require more time, resources, and expertise to assess vulnerabilities thoroughly. It can incur higher costs due to increased labor hours, specialized tools, and expertise needed to test.

Hence, the cost of hiring a security testing company can be influenced by the complexity and diversity of the systems and endpoints to be tested

3. Choosing An Approach For Testing: Automated Or Manual

The approach you choose for testing can significantly impact the cost of recruiting security testing companies. 

Automated testing involves using software tools to scan vulnerabilities in a system, which can be cost-effective as it requires less time and effort. 

On the other hand, manual testing involves human testers who can identify complex vulnerabilities that automated tools may miss, but it requires more time and expertise. Ultimately making it more expensive. 

4. Skills Of Security Testing Team

A highly skilled team with extensive experience in various security testing methodologies, tools, and techniques may charge higher due to their specialized knowledge.  

However, hiring an experienced security testing firm can lead to more effective and reliable results, potentially reducing overall security risks and costs in the long run.

5. Retesting

Choosing a company offering retesting services is essential to mitigate the identified vulnerabilities appropriately. 

Retesting requires additional time and effort from the penetration testers, which can result in additional charges. 

Cost Of Hiring a Security Testing Company Based On App Type

The type of app and its unique characteristics directly influence the complexity of the security testing. As a result, the cost of software security testing services can also be increased. 

Below we have given the security testing costs range as per app type:

Website/web apps - $2500-$50,000 per scan

Cloud - $600-$800 per scan

Mobile apps - $1500-$5000 per scan

SaaS - $1500-$3000 per scan

Final Words

The cost of hiring a security testing company varies depending on several factors, such as the size of the project, the complexity of the system being tested, etc. However, it can range to you between $600 to $100,000, depending on your testing type.

It's essential to carefully evaluate different options and consider the level of expertise the security testing service providers offers. While cost is an important consideration, it's equally crucial to prioritize quality and reliability to safeguard your valuable data.

Qmoniqs Software is a digital transformation company that provides mobile app development, computer hardware, IT solutions, antivirus solutions, Cloud Services, Software Development, and the Best cyber security solution providers in Gurugram, Delhi NCR, India. we are a leader in managed cyber security services and IT security services. We take care of your security, while you take care of your business.

Mobile Network Testing : QO-BOX

www.qo-box.com

Azure DevOps certification is a highly sought-after certificate in the field of cloud computing and software development

Azure DevOps certification is a highly sought-after certificate in the field of cloud computing and software development. It verifies a candidate's skills in using Azure DevOps tools and services to plan, develop, test, and deliver software products.

The certification process consists of a single exam (AZ-400) that covers topics such as agile planning and portfolio management, continuous integration and delivery, testing, and security. The exam is designed to test a candidate's ability to implement DevOps processes, use Azure services to manage infrastructure and applications, and implement continuous feedback.

There are several benefits to obtaining an Azure DevOps certification. Firstly, it demonstrates a professional level of expertise in DevOps practices, which can increase your credibility and marketability in the job market. Secondly, it showcases your ability to use Azure DevOps services to deliver high-quality software quickly and efficiently, making you a valuable asset to any organization.

To prepare for the AZ-400 exam, candidates can take advantage of a variety of resources, including online courses, hands-on labs, and official Microsoft training materials. It is recommended to have prior experience in software development, testing, and deployment processes, as well as an understanding of Agile and Scrum methodologies.

In conclusion, the Azure DevOps certification is a valuable addition to any software professional's credentials, as it demonstrates a comprehensive understanding of DevOps practices and the ability to use Azure services to deliver high-quality software.

Conspiratorialism as a material phenomenon

I'll be in TUCSON, AZ from November 8-10: I'm the GUEST OF HONOR at the TUSCON SCIENCE FICTION CONVENTION.

I think it behooves us to be a little skeptical of stories about AI driving people to believe wrong things and commit ugly actions. Not that I like the AI slop that is filling up our social media, but when we look at the ways that AI is harming us, slop is pretty low on the list.

The real AI harms come from the actual things that AI companies sell AI to do. There's the AI gun-detector gadgets that the credulous Mayor Eric Adams put in NYC subways, which led to 2,749 invasive searches and turned up zero guns:

https://www.cbsnews.com/newyork/news/nycs-subway-weapons-detector-pilot-program-ends/

Any time AI is used to predict crime – predictive policing, bail determinations, Child Protective Services red flags – they magnify the biases already present in these systems, and, even worse, they give this bias the veneer of scientific neutrality. This process is called "empiricism-washing," and you know you're experiencing it when you hear some variation on "it's just math, math can't be racist":

https://pluralistic.net/2020/06/23/cryptocidal-maniacs/#phrenology

When AI is used to replace customer service representatives, it systematically defrauds customers, while providing an "accountability sink" that allows the company to disclaim responsibility for the thefts:

https://pluralistic.net/2024/04/23/maximal-plausibility/#reverse-centaurs

When AI is used to perform high-velocity "decision support" that is supposed to inform a "human in the loop," it quickly overwhelms its human overseer, who takes on the role of "moral crumple zone," pressing the "OK" button as fast as they can. This is bad enough when the sacrificial victim is a human overseeing, say, proctoring software that accuses remote students of cheating on their tests:

https://pluralistic.net/2022/02/16/unauthorized-paper/#cheating-anticheat

But it's potentially lethal when the AI is a transcription engine that doctors have to use to feed notes to a data-hungry electronic health record system that is optimized to commit health insurance fraud by seeking out pretenses to "upcode" a patient's treatment. Those AIs are prone to inventing things the doctor never said, inserting them into the record that the doctor is supposed to review, but remember, the only reason the AI is there at all is that the doctor is being asked to do so much paperwork that they don't have time to treat their patients:

https://apnews.com/article/ai-artificial-intelligence-health-business-90020cdf5fa16c79ca2e5b6c4c9bbb14

My point is that "worrying about AI" is a zero-sum game. When we train our fire on the stuff that isn't important to the AI stock swindlers' business-plans (like creating AI slop), we should remember that the AI companies could halt all of that activity and not lose a dime in revenue. By contrast, when we focus on AI applications that do the most direct harm – policing, health, security, customer service – we also focus on the AI applications that make the most money and drive the most investment.

AI hasn't attracted hundreds of billions in investment capital because investors love AI slop. All the money pouring into the system – from investors, from customers, from easily gulled big-city mayors – is chasing things that AI is objectively very bad at and those things also cause much more harm than AI slop. If you want to be a good AI critic, you should devote the majority of your focus to these applications. Sure, they're not as visually arresting, but discrediting them is financially arresting, and that's what really matters.

All that said: AI slop is real, there is a lot of it, and just because it doesn't warrant priority over the stuff AI companies actually sell, it still has cultural significance and is worth considering.

AI slop has turned Facebook into an anaerobic lagoon of botshit, just the laziest, grossest engagement bait, much of it the product of rise-and-grind spammers who avidly consume get rich quick "courses" and then churn out a torrent of "shrimp Jesus" and fake chainsaw sculptures:

https://www.404media.co/email/1cdf7620-2e2f-4450-9cd9-e041f4f0c27f/

For poor engagement farmers in the global south chasing the fractional pennies that Facebook shells out for successful clickbait, the actual content of the slop is beside the point. These spammers aren't necessarily tuned into the psyche of the wealthy-world Facebook users who represent Meta's top monetization subjects. They're just trying everything and doubling down on anything that moves the needle, A/B splitting their way into weird, hyper-optimized, grotesque crap:

https://www.404media.co/facebook-is-being-overrun-with-stolen-ai-generated-images-that-people-think-are-real/

In other words, Facebook's AI spammers are laying out a banquet of arbitrary possibilities, like the letters on a Ouija board, and the Facebook users' clicks and engagement are a collective ideomotor response, moving the algorithm's planchette to the options that tug hardest at our collective delights (or, more often, disgusts).

So, rather than thinking of AI spammers as creating the ideological and aesthetic trends that drive millions of confused Facebook users into condemning, praising, and arguing about surreal botshit, it's more true to say that spammers are discovering these trends within their subjects' collective yearnings and terrors, and then refining them by exploring endlessly ramified variations in search of unsuspected niches.

(If you know anything about AI, this may remind you of something: a Generative Adversarial Network, in which one bot creates variations on a theme, and another bot ranks how closely the variations approach some ideal. In this case, the spammers are the generators and the Facebook users they evince reactions from are the discriminators)

https://en.wikipedia.org/wiki/Generative_adversarial_network

I got to thinking about this today while reading User Mag, Taylor Lorenz's superb newsletter, and her reporting on a new AI slop trend, "My neighbor’s ridiculous reason for egging my car":

https://www.usermag.co/p/my-neighbors-ridiculous-reason-for

The "egging my car" slop consists of endless variations on a story in which the poster (generally a figure of sympathy, canonically a single mother of newborn twins) complains that her awful neighbor threw dozens of eggs at her car to punish her for parking in a way that blocked his elaborate Hallowe'en display. The text is accompanied by an AI-generated image showing a modest family car that has been absolutely plastered with broken eggs, dozens upon dozens of them.

According to Lorenz, variations on this slop are topping very large Facebook discussion forums totalling millions of users, like "Movie Character…,USA Story, Volleyball Women, Top Trends, Love Style, and God Bless." These posts link to SEO sites laden with programmatic advertising.

The funnel goes:

i. Create outrage and hence broad reach;

ii, A small percentage of those who see the post will click through to the SEO site;

iii. A small fraction of those users will click a low-quality ad;

iv. The ad will pay homeopathic sub-pennies to the spammer.

The revenue per user on this kind of scam is next to nothing, so it only works if it can get very broad reach, which is why the spam is so designed for engagement maximization. The more discussion a post generates, the more users Facebook recommends it to.

These are very effective engagement bait. Almost all AI slop gets some free engagement in the form of arguments between users who don't know they're commenting an AI scam and people hectoring them for falling for the scam. This is like the free square in the middle of a bingo card.

Beyond that, there's multivalent outrage: some users are furious about food wastage; others about the poor, victimized "mother" (some users are furious about both). Not only do users get to voice their fury at both of these imaginary sins, they can also argue with one another about whether, say, food wastage even matters when compared to the petty-minded aggression of the "perpetrator." These discussions also offer lots of opportunity for violent fantasies about the bad guy getting a comeuppance, offers to travel to the imaginary AI-generated suburb to dole out a beating, etc. All in all, the spammers behind this tedious fiction have really figured out how to rope in all kinds of users' attention.

Of course, the spammers don't get much from this. There isn't such a thing as an "attention economy." You can't use attention as a unit of account, a medium of exchange or a store of value. Attention – like everything else that you can't build an economy upon, such as cryptocurrency – must be converted to money before it has economic significance. Hence that tooth-achingly trite high-tech neologism, "monetization."

The monetization of attention is very poor, but AI is heavily subsidized or even free (for now), so the largest venture capital and private equity funds in the world are spending billions in public pension money and rich peoples' savings into CO2 plumes, GPUs, and botshit so that a bunch of hustle-culture weirdos in the Pacific Rim can make a few dollars by tricking people into clicking through engagement bait slop – twice.

The slop isn't the point of this, but the slop does have the useful function of making the collective ideomotor response visible and thus providing a peek into our hopes and fears. What does the "egging my car" slop say about the things that we're thinking about?

Lorenz cites Jamie Cohen, a media scholar at CUNY Queens, who points out that subtext of this slop is "fear and distrust in people about their neighbors." Cohen predicts that "the next trend, is going to be stranger and more violent.”

This feels right to me. The corollary of mistrusting your neighbors, of course, is trusting only yourself and your family. Or, as Margaret Thatcher liked to say, "There is no such thing as society. There are individual men and women and there are families."

We are living in the tail end of a 40 year experiment in structuring our world as though "there is no such thing as society." We've gutted our welfare net, shut down or privatized public services, all but abolished solidaristic institutions like unions.

This isn't mere aesthetics: an atomized society is far more hospitable to extreme wealth inequality than one in which we are all in it together. When your power comes from being a "wise consumer" who "votes with your wallet," then all you can do about the climate emergency is buy a different kind of car – you can't build the public transit system that will make cars obsolete.

When you "vote with your wallet" all you can do about animal cruelty and habitat loss is eat less meat. When you "vote with your wallet" all you can do about high drug prices is "shop around for a bargain." When you vote with your wallet, all you can do when your bank forecloses on your home is "choose your next lender more carefully."

Most importantly, when you vote with your wallet, you cast a ballot in an election that the people with the thickest wallets always win. No wonder those people have spent so long teaching us that we can't trust our neighbors, that there is no such thing as society, that we can't have nice things. That there is no alternative.

The commercial surveillance industry really wants you to believe that they're good at convincing people of things, because that's a good way to sell advertising. But claims of mind-control are pretty goddamned improbable – everyone who ever claimed to have managed the trick was lying, from Rasputin to MK-ULTRA:

https://pluralistic.net/HowToDestroySurveillanceCapitalism

Rather than seeing these platforms as convincing people of things, we should understand them as discovering and reinforcing the ideology that people have been driven to by material conditions. Platforms like Facebook show us to one another, let us form groups that can imperfectly fill in for the solidarity we're desperate for after 40 years of "no such thing as society."

The most interesting thing about "egging my car" slop is that it reveals that so many of us are convinced of two contradictory things: first, that everyone else is a monster who will turn on you for the pettiest of reasons; and second, that we're all the kind of people who would stick up for the victims of those monsters.

Tor Books as just published two new, free LITTLE BROTHER stories: VIGILANT, about creepy surveillance in distance education; and SPILL, about oil pipelines and indigenous landback.

If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2024/10/29/hobbesian-slop/#cui-bono

Image: Cryteria (modified) https://commons.wikimedia.org/wiki/File:HAL9000.svg

CC BY 3.0 https://creativecommons.org/licenses/by/3.0/deed.en