Surveillance capitalism has broken so many things for us..
βlet's build this and fix itβ
..for a polyphony of independent tech that puts privacy first.
β @Mer__edith Whittaker at the #digitalx in Colgne, Germany.
I am grateful to have had the opportunity to listen to this inspiring chat!
=> More informations about this toot | View the thread
zed.dev made it to Linux! Congratulations!
Zed is the new CRDT-backed, Rust-based editor from some former? Atom and tree-sitter devs. It was primarily developed on and for MacOs and now made it to the first other platform: Linux
Impressive work!
https://zed.dev/docs/linux
=> More informations about this toot | View the thread
TIL: The version comparing operators in Elixir's mix.exs (f.e. "~> 1.0.0" or "== 3.1.0") are in fact native comparison operators (with the custom comparison operator "~>" of the Version module). :blobcat3c:
Cmp https://hexdocs.pm/elixir/Version.html#module-requirements
=> More informations about this toot | View the thread
I just don't get how the "internet" works for citizens of countries where it's legal to provide web services without a legal address.
Just one example: Linkedin offers a identity verification carried out by the service provider withpersona (com).
In order to proceed the verification process you'll be asked to provide nfc-based data from your passport as well as additional photos and such.
But if you'd like to know who is actually processing the data - you won't find any legal information on the page - who is trusting this kind of generic webpage? I just don't get it.
edit: i seem not being the first person being curious about this: https://www.reddit.com/r/linkedin/comments/1amjpb7/persona_id_verification/
=> More informations about this toot | View the thread
I am reading a lot of takes about the backdoor in the last days.
There is nothing special about this attack-vector or approach in general*.
Our wholesome software-universe is a chaotic system of dependencies. No matter which language or compute-layer we're talking about.
The issue is no question about open-source vs proprietary or shared vs static libraries. It should make you think about awareness and your room and ability to maneuver.
Are you in direct or indirect control of the level of awareness of security relevant events regarding components you use?
And are you in direct or indirect control of the usage of components you use?
=> More informations about this toot | View the thread
Lasse Collin (core maintainer of xz) put up a information site about the backdoor:
https://tukaani.org/xz-backdoor/
Wherever the learnings about this issue end i feel pretty sorry for Lasse - the entire industries aren't appreciating open source work in a sustainable way.
I think proprietary software suffers from the same vulnerabilities combined without a lower chance of detection. I wish open source work would attract more support in general over the whole lifecycle of software.
=> More informations about this toot | View the thread
Gentle reminder to all Mastodon users: your star is too expensive.
=> More informations about this toot | View the thread
In Germany, you are condemned as a "hacker" if you take the plain text password from the binary file. Well - this should raise interesting liability issues in the case of inadequately protected data in software.
(german) https://www.justiz.nrw/nrwe/lgs/aachen/ag_juelich/j2024/17_Cs_230_Js_99_21_55_23_Urteil_20240117.html
via @leah
=> More informations about this toot | View the thread
On the journey of hardening Linux using "Bastille-Unix" seems to be a good choice: https://bastille-linux.sourceforge.net/
=> More informations about this toot | View the thread
So i installed LazyVim as the second setup after AstroVim (after being frustrated with managing my Vim config adding one language after another).
Now LazyVim installs some foo rebinding 's' as 'search'. Unfortunately my muscle memory isn't willing to change.
I guess i'll return to raw NVim again, since VsCode is getting slower and slower with every plugin. The situation reminds me pretty much of the time in history where Atom emerged for a short while. π₯Ή
=> More informations about this toot | View the thread
Evaluated security of the top three fingerprint sensors embedded in laptops and used for Windows Hello fingerprint authentication revealed multiple vulnerabilities allowing to completely bypass Windows Hello authentication.
https://blackwinghq.com/blog/posts/a-touch-of-pwn-part-i/
=> More informations about this toot | View the thread
Who thought that naming the Locator/Identifier Separation Protocol "LISP" was a good idea?
And who thought naming a implementation of that protocol "OpenLISP" would be a good idea?
:ageblobcat:β
=> More informations about this toot | View the thread
SectorC: A C Compiler in 512 bytes
''Did I think I would succeed? I suspected NO. Fit an entire C compiler in 510 bytes of instruction memory? Good luck (sarcasm).,,
This is awesome!πβ
https://xorvoid.com/sectorc.html?utm_source=grugq&utm_medium=email&utm_campaign=november-8-2023
=> More informations about this toot | View the thread
Finally support for CSL (Citation Style Language) landed in typst - i'd say the successor to TeX. Open Source, publicly funded give it a try (online, and free):
Sign up at https://typst.app
=> More informations about this toot | View the thread
We should seriously add feline-vandalism as it risk to all of our registers: https://www.theregister.com/2023/10/05/hospital_cat_incident/
=> More informations about this toot | View the thread
=> This profile with reblog | Go to floriann@infosec.exchange account This content has been proxied by September (ba2dc).Proxy Information
text/gemini