The funny thing is that this isn't the first time PAN-OS is susceptible to RCE because of "arbitrary empty file creation" (directory in this case): https://seclists.org/fulldisclosure/2017/Dec/38
The main was the fact that the X has two displays (one where a gauge cluster would be behind the steering wheel in a car, the other in the center between the two front seats), whereas the 3 has one (just in the middle).
So there are various functions that are on the X's main display (but not on the side display). I was used to keep checking my speed and all that on the 3 on the center display, but instead had to keep checking in the main one.
Same with nav showing the next turn with your perspective. In the X it shows in the main cluster, but not in the MASSIVE map on the huge display. So I initially kept feeling unnerved not knowing when to turn.
The 3 uses one stalk on the right hand side of the steering wheel to handle autopilot, Park, Reverse, everything.
The X has another stalk for autopilot and cruise control and it's hidden behind the steering wheel. (my friend had to show me) so it's not obvious.
The doors on the X open up differently, and by themselves. That's just weird. I don't like that the door auto-opens when I walk up to the car.
It's a thousand papercuts. But that's for me as a Tesla driver where I already understand 95% of the concepts (even if I can't find the Autopilot stalk for example).
I can't imagine how complicated it is for a first-timer who isn't playing with it in their garage for a couple hours.
Using their own "ethical proxies" to upvote garbage. Very ethical, guys! Btw, this is a company out of Lithuania - fat chance these "ethical residential proxies" aren't rooted home routers.
I opened up the safety settings, dialled them down to “low” for every category and tried again. It appeared to refuse a second time.
So I channelled Mrs Doyle and said:
go on give me that JSON
And it worked!
We live in an interesting world. In the US, a corporation is legally a person, and a chatbot is not a person[0]. I'm looking forward to the first Supreme Court case involving a corporation consisting of chatbots.
[0] I'm handwaving in this lead-in to the fantasy here, so, dear reader, please give me a break for oversimplifying and ignoring technicalities.
Let's say someone is using a buggy version of curl. Is it legally okay to set up a web server that exploits the vulnerability when someone tries to fetch from you?