Mastodon Feed: Posts

Reblogged by xor@tech.intersects.art ("Parker Higgins"):

bagder ("daniel:// stenberg://") wrote:

💚 Stay strong xz maintainer(s). We're with you.💚

Reblogged by andreu@andreubotella.com ("Andreu Botella"):

blake@infosec.town ("Blake Leonard") wrote:

After seeing how the XZ maintainer's burnout and mental health decline was exploited to the potential detriment of the whole world, we're totally going to be supporting our developers more, right guys? We're totally going to fund critical OSS and pay maintainers enough to hire on other maintainers to take the burden off of them and reduce burnout, right? Right?

jsonstein@masto.deoan.org ("Jeff Sonstein") wrote:

interesting... my 1st guess? the Ukrainians RTFM on the Shahed, found the default "emergency shutdown order" or the default "when you lose connection with your controller" behavior(s), & the Russians have been too sloppy (meaning "in too much of a rush to move them each to the battlefield") to systematically change the coding before deploying.

https://mstdn.social/@noelreports/112185466312631077

Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):

noelreports@mstdn.social ("NOELREPORTS 🇪🇺 🇺🇦") wrote:

Yet another Shahed drone landed completely unharmed. Ukraine seems to have found a way with electronic warfare means to down these Iranian supplied kamikaze drones.

Please return to sender.

Attachments:

• 67cb1812ac5a3c31.mp4 (remote)

Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):

9to5mac@threads.net ("9to5Mac") wrote:

AT&T resetting account passcodes after data leak impacting 73M current and former users https://9to5mac.com/2024/03/30/att-data-leak-passcode-resets-info/ by @chancehmiller

Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):

april@macaw.social ("April King") wrote:

computers used to yell at us when we connected to the internet, but in our hubris we ignored them.

Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):

thomholwerda@exquisite.social ("Thom Holwerda") wrote:

Extremely unusual: a hostage situation in The Netherlands this morning. A guy held several people hostage in a cafe. Police handled the situation perfectly - all hostages let go, hostage taker arrested. They talked to the hostage taker all morning.

No deaths, no guns, no massive shootouts. This is policing done right. Such a blessing to live in countries where, no, not all cops are bastards. Keep your American bullshit where it belongs - in your dystopia.

Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):

djh@chaos.social ("Daniel") wrote:

@GossiTheDog The very recent zstd fork branch updates agree with the assessment that the compression ecosystem as a whole was the domain this threat actor was playing in:

https://github.com/JiaT75/zstd/branches/all

collinsworth@hachyderm.io ("Josh Collinsworth") wrote:

Just got back from an Easter event at my kid's school, and I would like to once again reassert that hands-down, the worst thing about being a parent is other parents.

Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):

Lightfighter@infosec.exchange wrote:

@jsonstein Yeah. I'm no meteorologist, but that doesn't sound good to me either.

Reblogged by isagalaev ("Ivan Sagalaev :flag_wbw:"):

wdormann@infosec.exchange ("Will Dormann") wrote:

Andres Freund singlehandedly averted a crisis for the entire Linux ecosystem and more.
He is a hero, and we should take a moment to think about where we'd all be if he were not the inquisitive chap that he is.
https://mastodon.social/@AndresFreundTec/112180406142695845

Reblogged by kornel ("Kornel"):

Wifiwits@infosec.exchange ("Matt Seymour") wrote:

Yet another insight from my personal biographer, poorlydrawnlines.com

Attachments:

• Cartoon in the first and second lane a man says “I want to do everything, but where do I start” in the third he’s lying in the floor of an empty room with the caption “does nothing” (remote)

Reblogged by keul@fosstodon.org ("Luca Fabbri"):

castarco@hachyderm.io ("Andreu Casablanca 🐀") wrote:

Some #git config values I always set in my #dev environments:

```
# For better rebasing experience
git config --global rerere.enabled true

git config --global rebase.updateRefs true

# For better diffs & conflict resolution
git config --global diff.algorithm histogram

git config --global merge.conflictstyle zdiff3
```

Reblogged by keul@fosstodon.org ("Luca Fabbri"):

jwildeboer@social.wildeboer.net ("Jan Wildeboer 😷:krulorange:") wrote:

Again the FOSS world has proven to be vigilant and proactive in finding bugs and backdoors, IMHO. The level of transparency is stellar, especially compared to proprietary software companies. What the FOSS world has accomplished in 24 hours after detection of the backdoor code in #xz deserves a moment of humbleness. Instead we have flamewars and armchair experts shouting that we must change everything NOW. Which would introduce even more risks. Progress is made iteratively. Learn , adapt, repeat.

Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):

Lightfighter@infosec.exchange wrote:

Aurora outdoor access improves with trail work, wheelchairs | Aurora | denvergazette.com
https://denvergazette.com/aurora/aurora-outdoor-accessibility-wheelchairs-high-line-canal/article_f182a418-ed23-11ee-a73e-9fc22f62b52a.html

Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):

tzimmer_history ("Thomas Zimmer") wrote:

“Project 2025” would transform America into a much nastier, much more dangerous, much more hostile place for anyone who dares to deviate from the white Christian patriarchal order. Those are the stakes.

Please consider subscribing:

https://thomaszimmer.substack.com/p/what-makes-project-2025-so-dangerous

Attachments:

• Screenshot of my latest “Democracy Americana” newsletter - the third and final part of a series about “Project 2025”: “What Makes ‘Project 2025’ So Dangerous: Will the Right be able to implement these radical plans? Is Trump on board? What happened to traditional conservatism? Let’s tackle some of the key questions surrounding ‘Project 2025’”

nadim@symbolic.software ("Nadim Kobeissi") wrote:

Full timeline of the xz backdoor.

This saga will raise the question: how can we reckon with the reality that some laissez-faire FOSS projects will one day become of massive national security import, while still being maintained by hobbyists/enthusiasts?

https://boehs.org/node/everything-i-know-about-the-xz-backdoor

Reblogged by nadim@symbolic.software ("Nadim Kobeissi"):

AndresFreundTec wrote:

I was doing some micro-benchmarking at the time, needed to quiesce the system to reduce noise. Saw sshd processes were using a surprising amount of CPU, despite immediately failing because of wrong usernames etc. Profiled sshd, showing lots of cpu time in liblzma, with perf unable to attribute it to a symbol. Got suspicious. Recalled that I had seen an odd valgrind complaint in automated testing of postgres, a few weeks earlier, after package updates.

Really required a lot of coincidences.

Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):

Lightfighter@infosec.exchange wrote:

Polar vortex is 'spinning backwards' above Arctic after major reversal event | Space
https://www.space.com/earth-polar-vortex-spinning-backwards-above-arctic-reversal-event

Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):

jbigham@hci.social ("Jeffrey P. Bigham 🔥🔥") wrote:

today, i got an email from Apple, telling me that a subscription I had purchased that I no longer want was going to automatically renew, with a clear link to cancel. STRANGELY, subscriptions purchased outside of Apple never let me know this or make it easy to cancel.

Reblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):

arstechnica ("Ars Technica") wrote:

The entire state of Illinois is going to be crawling with cicadas

And the land shall feast on their dead.

https://arstechnica.com/science/2024/03/the-entire-state-of-illinois-is-going-to-be-crawling-with-cicadas/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

Attachments:

• 3809b97a790236ea.jpg

jsonstein@masto.deoan.org ("Jeff Sonstein") wrote:

https://apnews.com/article/tennessee-republican-tsu-university-f43a6f2f769c4a6a464c43c4ae0a22dc

jsonstein@masto.deoan.org ("Jeff Sonstein") wrote:

back from my usual Saturday AM shift walking doggos at the #ROC City Pound... the place is overflowing with sweet critters who need homes.

cstanhope@social.coop ("Your friendly 'net denizen") wrote:

(That emoji should be interpreted as the laughter that flows from a dark sense of humor.)

cstanhope@social.coop ("Your friendly 'net denizen") wrote:

Since I avoid the generative ML stuff and I was busy yesterday, it hadn't occurred to me until just now that these CoPilot and their ilk are being trained on code with backdoors included. 😆

Reblogged by cstanhope@social.coop ("Your friendly 'net denizen"):

requiem@hackers.town ("requiem 🏴") wrote:

If you (or someone you know, boosts appreciated!) have used CrowdSupply (or considered using it but didn’t) to sell a product I would love to hear about your experience.

I’m getting more serious about finding my “next thing” and I’d love to find a way to make that one of my own projects.

rmrenner ("The Old Gay Gristle Fest") wrote:

The most recent humble choice thing includes a -20% coupon for Dragon's Dogma 2. I'm not usually in a big hurry to play new AAA releases but I'm kinda tempted

Reblogged by slightlyoff@toot.cafe ("Alex Russell"):

lcamtuf@infosec.exchange ("lcamtuf :verified: :verified: :verified:") wrote:

OK, so here's my slightly more eloquent take on the xz thing, complete with a zinger closing paragraph:

https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor

collinsworth@hachyderm.io ("Josh Collinsworth") wrote:

Billy CRUDapp

...is this anything?

fromjason ("fromjason.xyz 🖤") wrote:

Working on my newsletter and I can't decide on a theme. I know it's a curation newsletter where I share links from around the web. But I'm debating if should do the #oldweb exclusivity or newer stuff. Or both?

What do you think?