Mastodon Feed: Posts

Reblogged by cstanhope@social.coop ("Your friendly 'net denizen"):

mwl@io.mwl.io ("Michael W Lucas¹ :flan_mail:") wrote:

just notified my sponsors mailing list that the first draft of #RYOMS will be finished soon, and I'll be closing sponsorships then.

I should probably tell y'all as well.

https://www.tiltedwindmillpress.com/product-category/sponsor/

Reblogged by fromjason ("fromjason.xyz 🖤"):

tess ("Dana Fried") wrote:

Whenever you create a new technology - especially in the social space - the first question you have to ask yourself is WW4D: what would 4chan do?

And if you can't answer that and then come up with solid mitigations for each of the answers, you need to go back to the drawing board.

Or to put it a different way:

Attachments:

• Jurassic Park "your scientists were so preoccupied with whether they could that they never stopped to ask if they should"

Reblogged by fromjason ("fromjason.xyz 🖤"):

ironiridis@mspsocial.net ("Chris Harrington") wrote:

Hey, it's a gig worker strike tonight, February 14th, in the US. If you have the option:
Don't hire a rideshare
Don't order doordash or similar

Do: Take public transit.

Some news coverage, for reference: https://www.reuters.com/business/autos-transportation/uber-lyft-drivers-strike-across-us-demanding-fairer-pay-2024-02-14/

Reblogged by fromjason ("fromjason.xyz 🖤"):

are0h@h-i.social ("Optional Dictator") wrote:

The issue isn’t being able to federate with awful platforms like Threads and Bluesky. As I dev, I understand why one would want that to work.

The issue is that there are no tools that people can use that to protect themselves from the inevitable bad actors that discover them from these places.

If we had reliable means to do that, none of this would be a problem.

But we don’t. That’s why the pushback is so hard when it comes to allowing these places to interact with the fedi.

They do not care about moderating awful people.

Adding that element into an environment with developed safety tools is a profound mistake.

Reblogged by fromjason ("fromjason.xyz 🖤"):

are0h@h-i.social ("Optional Dictator") wrote:

For me, it’s just irresponsible to focus on growth and advocate for an open web without acknowledging that there are places that use this space for nefarious means and actively work to push Black and Brown folks from this space.

Many developers have safety models based purely on us trusting each other to do the right thing, and that does not happen.

I cannot take any developer seriously if they refuse the context of how online space operates outside of their wishful thinking.

Yes, I want the fedi to grow as well. I’m just not willing to sacrifice the well-being of people to get there.

Especially when we can do better.

Reblogged by fromjason ("fromjason.xyz 🖤"):

strypey@mastodon.nzoss.nz ("Strypey") wrote:

@mattj
> Google have been quietly de-listing XMPP apps from their Play store

I hope the XMPP Foundation have formally reported this to the EU regulators in charge of enforcing the DMA. Goggle compete in the messaging app market, and this of exactly the sort of abusive gatekeeper behaviour that law is meant to stop.

Arguably there ought to be hard antitrust rules against app makers running app stores.

@fdroidorg

Reblogged by fromjason ("fromjason.xyz 🖤"):

tess ("Dana Fried") wrote:

I think that's what these "all problems have technical solutions" people are missing.

I'm here on a social contract, not a code contract. AP (or AT) is an implementation detail. It's an implementation detail that enables certain social structures and dynamics, of course, and makes others harder.

90% of issues people have on here are social, not technical. So any time your argument is "you don't really understand AP" or "nothing in the protocol prevents this" my answer is always "無".

fribbledom ("muesli") wrote:

What a friendly forest!

Attachments:

• Stone with smiley face painted on sitting on a tree stump
• Fallen tree with smiley face painted on

Reblogged by cstanhope@social.coop ("Your friendly 'net denizen"):

ieure@retro.social ("cop ululation") wrote:

What I'm listening to today: "Ella Fitzgerald & Louis Armstrong - Learnin' the Blues."

I’m going to assume y’all are at least aware of Ella Fitzgerald and Louis Armstrong, since they’re two of the most talented and influential jazz musicians ever. But maybe you didn’t know that they collaborated on three albums for Verve between 1956 and 1959.

This song is off the second of those, "Ella and Loius Again," from 1957, and it’s just terrific. It’s got a bit of everything and is a real showcase of their impressive and diverse talents. They’ve got great chemistry on all these albums, and seem like they really enjoyed being in the studio together. Just a lovely song, featuring two amazing Black musicians being amazing together.

https://www.youtube.com/watch?v=XMIArNBLxMo

Reblogged by cstanhope@social.coop ("Your friendly 'net denizen"):

mweagle@hachyderm.io ("Matt Weagle") wrote:

"Nobody can read the source code of Chrome. Not alone, not as a team. Humans don't live long enough. Any group that claims to have gone through the code and de-Googlized it is lying: all that's possible to do is some searches, and try to measure what traffic it emits. A thousand people working for a decade couldn't read the entire thing."

https://www.theregister.com/2024/02/12/drowning_in_code

Reblogged by fromjason ("fromjason.xyz 🖤"):

nullagent@partyon.xyz wrote:

The more I think about the significant surveillance potential of centralized bridges I just can't look away.

Imo... decentralized networks should not be bridged. We should just run multi-lingual nodes.

Consider where your traffic is going using this scheme?

Bruh, if we all use centralized `*.brid.gy` bridges one org now has surveillance of ALL of this cross network traffic.

Raising a lot of questions in my mind . . .

https://fed.brid.gy/docs#translate

#BlueSkyBridge #cybersecurity #Privacy

Attachments:

• 83a46dd70b0f4a82.png (remote)

Reblogged by fromjason ("fromjason.xyz 🖤"):

nullagent@partyon.xyz wrote:

Why the fuck is someone building -another- opt-out bridge?

Bruh if I consented to post my content on BlueSky, FB or any other corporate platform I would have done so already. But I don't post my toots there because I literally do not agree to their terms of use or any other legal agreement associated with those entities.

Be serious, learn what the fuck consent is.

This instance will NOT be federating with bridges.

Tell those corporates to implement ActivityPub.

#MastoAdmin #blueskybridge

Reblogged by fromjason ("fromjason.xyz 🖤"):

nullagent@partyon.xyz wrote:

Ok seems like they don't bridge any posts that are not "full public" for exactly the reasons above(its a MITM).

Further to the point, in the case of nostr the bridgy team will generate their own private-key and essentially MITM your traffic and sign it with their own key.

I get how -some- people might want this from a convenience stand point but this kinda all strikes me as the type of tech we'll all be glad the second we don't need to use it.

#MastoAdmin #BlueSkyBridge

Attachments:

• What are the terms of service? Bridgy Fed's terms of service are simple. You agree not to deliberately attack, breach, or otherwise harm the service. If you manage to access private keys or other sensitive data, you agree to report the vulnerability and not use or disclose that data. Otherwise, you may use the service for any purpose you see fit. However, we may terminate or block your access for any reason, or no reason at all. (We've never done this, and we expect we never will. Just playing it safe.) Do you an administer an instance or other service that Bridgy Fed interacts with? If you have any concerns or questions, feel free to file an issue or email me privately! (remote)
• Who can see me and my stuff? Only the people who can already see you and your stuff, as is. Bridgy Fed only bridges fully public data, so if your account is pfiVate or protected or followers-only, it won't (can't!) bridge your account at all. Same with DMs and private/followers-only posts; it ignores those. (remote)
• Bridgy Fed's second tier of product and engineering values are: o Safety and security: Bridgy Fed minimizes harm to its users. The primary way this currently manifests is that it SUAEREERTIIAIGIINGEIE, and it enables and supports the networks' own moderation features (blocking, reporting, etc). It also uses modern secure coding and ops practices to minimize vulnerabilities that could expose private keys or other sensitive information. (remote)
• Note that Bridgy Fed generates some of these ids itself behind the scenes (remote)

Reblogged by fromjason ("fromjason.xyz 🖤"):

nullagent@partyon.xyz wrote:

There's an interesting discussion at the bottom of bridgy docs about how different social networks have different interaction details.

For instance, it would appear if you have follow requests enabled on mastodon if you're bridged... that's not supported yet so they just auto-accept all followers 🙃

https://fed.brid.gy/docs

#BlueSkyBridge #MastoAdmin

Attachments:

• 8ea4645ec9cd8039.png (remote)
• How are activities routed? A bridge does more than just translate protocols and formats. It processes activities (events) based on domain-specific logic and semantics. The domain Bridgy Fed currently handles is public social microblogging, the kind popularized by Twitter. There are many other related social domains, with fuzzy boundaries and lots of overlap, eg forums (Reddit), questions and answers (StackOverflow), project trackers (GitHub), and many more, but here we're currently focused on microblogging. Even within that domain, behavior logic varies. Twitter follows are one way, but Facebook friends are bidirectional. Your Bluesky timeline (skyline) includes your followings' replies, but your fediverse timeline generally doesn't. LinkedIn...honestly I have no clue how LinkedIn works, but I'm sure it has its own logic, workfluencers and all. Here's what Bridgy Fed's activity router does. I've tried to make it follow "least common denominator" logic, ie do the most common and least surprising thing, and I've explicitly tried not to innovate or invent anything new here. It's a bridge, not a product, after all. (remote)

Reblogged by slightlyoff@toot.cafe ("Alex Russell"):

elverkonge@beige.party wrote:

I was talking to my daughter last night, and she "forgot" the name Mastodon. She asked me if I had heard something on "fossil Twitter," thus killing me twice.

Reblogged by slightlyoff@toot.cafe ("Alex Russell"):

zachleat@zachleat.com ("Zach Leatherman :verify:") wrote:

A front-end web developer just starting out—in order to feel most aligned with the industry and apply for the best jobs—will most likely start in a tool-chain that is *not* aligned with web standards.

In some cases these tools are actively hostile to web standards.

How do we begin to dig ourselves out of this mess?

Reblogged by slightlyoff@toot.cafe ("Alex Russell"):

wingo ("Andy Wingo") wrote:

how many levels of equality r u on, bro / u r like a little baby

Attachments:

• screenshot of an implementation of "SafeEquals" in v8. it is nonsense

Gargron ("Eugen Rochko") wrote:

In mood for this kind of music. Saw Jaga Jazzist live at last year's #ArcTanGent.

https://www.youtube.com/watch?v=0QpJbNW_JaI

#NowPlaying #NP

cstanhope@social.coop ("Your friendly 'net denizen") wrote:

(Also, in fairness to Mozilla, they are struggling for attention against three different platform owners right now: Google (who advertises Chrome all across the web and successfully captured developer mindshare and Android), Apple (MacOS and iOS where alternate browsers have been forbidden), and Microsoft (Windows just being a dick to users). None of those platforms want to permit Firefox in there.)

Reblogged by cstanhope@social.coop ("Your friendly 'net denizen"):

researchfairy@scholar.social ("The research fairy") wrote:

> New Indigenous heist movie focuses on repatriation of belongings

https://www.cbc.ca/news/canada/british-columbia/the-great-salish-heist-1.7112633

I do love a good heist film

collinsworth@hachyderm.io ("Josh Collinsworth") wrote:

[Me, to my 5yo when we're trying to leave the house]: Just get your shoes on! It's a simple task! Why is this taking so long? How do you keep getting distracted!?

[Also somehow me, in my car, that I just started]: Welp I should probably check my notifications before I drive to the store.

pzmyers@octodon.social ("pzmyers 🦑") wrote:

Not only is there no such thing as a gender chromosome, but that's not what biology teaches about gender.

https://freethoughtblogs.com/pharyngula/2024/02/14/nobody-calls-it-the-gender-chromosome/

https://www.youtube.com/watch?v=VsQf2CDaqZE

cstanhope@social.coop ("Your friendly 'net denizen") wrote:

At this point I'd be willing to pay a small monthly fee to support development of *Firefox*, especially if it helped maintain Linux and BSD support.

NfNitLoop ("Cody Casterline 🏳️‍🌈") wrote:

"It may take __ days to remove you from our mailing list."

Funny, it took <1 day to start getting spam from you.

Anyway, I'll be marking your messages a spam from here on out so, sure, keep sending me e-mails and get yourself blackholed by Google. 🤷‍♂️

fromjason ("fromjason.xyz 🖤") wrote:

The bridging continues until moral improves.

Reblogged by fromjason ("fromjason.xyz 🖤"):

robb@social.lol ("Robb Knight") wrote:

omg.lol membership is 64% off today with code LOVE https://home.omg.lol/referred-by/robb

You get an email, blog, mastodon instance, all sorts of stuff and @adam is great too :prami:

slightlyoff@toot.cafe ("Alex Russell") wrote:

Because Apple has gone silent, a lot of folks are inventing innocent explanations for Cupertino breaking web apps in the EU in iOS 17.4 Betas. There is no innocent explanation, and nothing about this is on the level.

Apple isn't being forced to break PWAs by the DMA. They had 6 months from designation and more than 2 years from DMA text availability to get the code in shape. Geofencing browser choice is an insult to users and developers. Radio silence is a choice.

https://www.theverge.com/2024/2/14/24072764/apple-progressive-web-apps-eu-ios-17-4

cstanhope@social.coop ("Your friendly 'net denizen") wrote:

I was mostly joking when I posted this, but I'm now thinking this would actually be a useful feature on here. 🤔

Reblogged by kornel ("Kornel"):

molly0xfff@hachyderm.io ("Molly White") wrote:

frustrating to see headlines about a "$290 million" hack out of even reputable security media like @BleepingComputer. actual loss is probably a tenth of that, at most.

a good time to remind you about notional value in crypto: https://blog.mollywhite.net/cryptocurrency-market-caps-and-notional-value/

(the article in question: https://www.bleepingcomputer.com/news/security/hackers-steal-290-million-in-crypto-from-playdapp-gaming-platform/)

https://hachyderm.io/@web3isgreat@indieweb.social/111930614318572746

Reblogged by fribbledom ("muesli"):

bashbunni wrote:

I'm surprised at how much I'm enjoying blue switches. They feel nostalgic and a bit chaotic - my favourite combination