Pinned post

I implore any group using to consider switching to @matrix for public (unencrypted) and private () chats, and services (Mastodon, Pleroma, Write.as etc) for announcements. And Discourse.

t.me/durov/176

Pinned post

Come watch me and my colleagues discuss what we're working on for @fedora and at this year's @fosdem and CentOS Dojo! From speeding up to managing desktops and servers at scale, these should be fun.

Both free to attend. And our time slots should work for both EU and US attendees since we're doing this from our homes in the US.

michel-slm.name/posts/2021-02-

This post is day 13 of my challenge






re: Signal, NFTs 

@vortex_egg We need to stop venerating tech.

Finally got around to unboxing my . Works fine once I a) remembered to actually be on the right network, and b) use the web interface, since somehow the automatically configured device is wrong.

Wow, seeing that interface was nostalgic.

The Problem With NFTs by Folding ideas

youtube.com/watch?v=YQ_xWvX1n9

A long one at 2hr18min but looks like a nice one, with lots of history and detail. I'm around 17min mark and doubt I'll go beyond 20-30, so don't know all of what's in there yet.

You can organise events and groups on the Fediverse using @mobilizon, a free open source federated events platform from the makers of PeerTube. More info on the official website at:

joinmobilizon.org

There's also a list of recommended instances to sign up on at:

mobilizon.org

If you just want to try it out, there's a test site at demo.mobilizon.org which is reset every 24 hours.

You can follow Mobilizon accounts from Mastodon etc. For example, @radio27 is a Mobilizon account that recommends psychedelic rock concerts in Berlin.

Alternatively, Mobilizon accounts can also be followed through RSS/Atom or ICS/WebCal if preferred.

#Mobilizon #FediTips #Fediverse #Fedi #Events #Groups #Calendar #Activists #Activism #ActivityPub

Show thread

nytimes.com/2022/01/21/technol

> Peiter Zatko, the head of security who is better known within the security community as “Mudge,” is no longer at the company, Twitter confirmed. Rinki Sethi, the chief information security officer, will depart in the coming weeks.

I can imagine several scenarios for how that might've gone down, and none of them reflect well on Twitter.

Per reporting at lemagit.fr/actualites/25251223 the vulnerability exploited to access data was CVE-2021-40539 for Zoho's ManageEngine server, which despite fixes being available since September, remained unpatched as of 12 January.

Show thread

Oh dear... the Qt Company sure does seem to be going downhill... they're adding tools for advertising with Qt applications: qt.io/blog/monetizing-cross-pl

💻 I did a presentation today on the topic of "Funding Free Software projects in a transparent way"

🔗 The presentation is available here github.com/nicksellen/funding-

🧵 I'll make a little thread here as a "fedi edition" of the presentation.

1/

Now that I have finally had the experience of taking my dog outside to pee in the snow, I suddenly see the Snoopy Snow Cone Machine in a whole new light.

Re-upping this:

I made a curated list of Rust command-line utilities. I only use a handful, but all of the ones I listed look interesting to me.

gist.github.com/sts10/daadbc2f

#rust

There's an iOS/iPadOS point release; a security fix for HomeKit, doesn't seem to apply to the other Darwin-derived OSs.

Little Bobby tables strikes again...!

"Impact: Processing a maliciously crafted HomeKit accessory name may cause a denial of service

Description: A resource exhaustion issue was addressed with improved input validation."

support.apple.com/en-us/HT2130

Most people in the UK seem to rely at least somewhat on facebook platforms. Most of those people have no idea what "ned to end encryption" means and some of them may be uncomfortable that advertisers, facebook and others are snooping on their private messages, most also imagine that they are either "uninteresting" personally or somehow immune to propaganda.

The Tory attack on facebook privacy is strategic for two reasons:
1. The people who really care about privacy are not using facebook messenger. Tories are not trying to ban Signal (yet), but are just making privacy inaccessible for most people. This is a similar strategy to how huge numbers of people in the US have lost access to abortion rights.

2. Tories are specifically invested in facebook because it is a social network and has worked extremely well in the past at manipulating people. They specifically want third parties, like advertisers or their PR campaigns, to be able to scan personal messages. This makes proaganda deployment more effective and will provide a basis as they build and expand upon privatised surveillance and manipulation.

"Smart contracts without Blockchains" by Paul Frazee

This is the kind of work I want to see more of. Take some of the interesting parts of "crypto" and make them, you know, not suck so much.

paulfrazee.medium.com/smart-co

@rysiek While hosted on a co.uk domain, please remember that the creator of wordle comes from the country of simplified English ;)

For multimedia content on Wikipedia (videos, 3d models, panoramic images) large third-party JS libraries get loaded up in main page context, increasing our security surface area significantly. Potential security review could hold up a new format's deployment easily.

If we can isolate the renderers into sandboxed iframes, though, a vuln or supply-chain attack on a library won't endanger the main Wikipedia site context. I think this'd be a big plus.

Show thread
Show older
FLOSS.social

For people who care about, support, or build Free, Libre, and Open Source Software (FLOSS).