Mastodon Feed
indubitablyodin@sfba.social ("Odin Halvorson") wrote:
"The library where I worked at the time did not successfully fulfill a single Patriot Act request.
Not that this is relevant to the current situation. I assure you this is a random memory that popped into my head with zero prompting. "
6/6
Mastodon Feedadam@social.lol ("Adam Newbold") wrote:
Back in my day, we had the courtesy to put an “under construction” GIF on a webpage like this.
Mastodon FeedReblogged by adam@social.lol ("Adam Newbold"):
RepShontelBrown ("Rep. Shontel Brown") wrote:
Elon is not an elected official.
He is not a senate confirmed appointee.
He is leading a fabricated dept. without Congressional oversight
And he clearly lacks any understanding of government.
He is dangerous and must be stopped.
Mastodon FeedTook a little time on my weekend to block all of the remaining 30,000 people who were still following me on Twitter. Just as a treat.
Mastodon Feedvirtualbri@mastodon.online ("Brian Tatosky") wrote:
"Now, for some of you it doesn't matter. You were born rich and you're going to stay rich. But here's my advice to the rest of you: Take dead aim on the rich boys. Get them in the crosshairs and take them down. Just remember, they can buy anything but they can't buy backbone. Don't let them forget it. Thank you."--Herman Blume, Rushmore
I think about this scene a lot.
Mastodon FeedNfNitLoop ("Cody Casterline 🏳️🌈") wrote:
This is the MVP for the UI rewrite, rebrand, and (re?)organization.
But I'm continuing development. Next things in mind are:
* Re-adding a few things that were skipped for the UI rewrite.
* Updates to the tool for syncing posts from Mastodon.
* Browser plugins to simplify signing content.If you're interested in trying it out, please let me know! 😊
Mastodon Feedr_flash@mastodon.r-flash.eu ("Adam P") wrote:
Adding complexity...
Mastodon FeedNfNitLoop ("Cody Casterline 🏳️🌈") wrote:
This includes a v1.0.0 release of the core API/protocol:
And a new github org:
https://github.com/diskutoThe UI has been (mostly) rewritten to be standalone and easy (I hope?) to fork in case people want to experiment or make something that looks nicer. 😊
Mastodon FeedNfNitLoop ("Cody Casterline 🏳️🌈") wrote:
Renamed my #p2p #socialnetwork system from #FeoBlog to #Diskuto.
Details here:
Mastodon Feedpzmyers@octodon.social ("pzmyers 🦑") wrote:
Scientific administrators/bureaucrats must be tremendous cowards.
https://freethoughtblogs.com/pharyngula/2025/02/03/sorry-lady-scientists-you-dont-count/
Mastodon Feedjalefkowit@vmst.io ("Jason Lefkowitz") wrote:
Be the asteroid you are praying will hit the planet
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
georgetakei@universeodon.com ("George Takei :verified: 🏳️🌈🖖🏽") wrote:
Well, that's incredibly disturbing. https://www.comicsands.com/transportation-memo-handmaids-tale?utm_source=mastodon&utm_medium=infeed&utm_campaign=linkprogram
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
joshsusser@autistics.life ("josh susser") wrote:
Why they are fine with doing crimes right out in the open: SCOTUS has declared that POTUS is immune to prosecution for giving illegal orders, and Trump can pardon anyone for carrying out his orders. No one on his team fears consequences for anything, so they can do anything they want to.
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
heidilifeldman ("Heidi Li Feldman") wrote:
Murphy explaining how shutting down USAID directly benefits Musk financially. https://www.c-span.org/event/news-conference/congressional-democrats-on-trump-admin-closing-usaid-hq/430674
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
w7voa@journa.host ("Steve Herman") wrote:
President Trump’s so-called buyout offers "are not guaranteed. Federal employees should be cautious and follow the guidance of their unions to protect their rights." - New York Attorney General Letitia James
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
ErikJonker ("Erik Jonker") wrote:
Read this incredible thread by Judd Legum about Musk’s data heist on BlueSky.
https://bsky.app/profile/juddlegum.bsky.social/post/3lhbnjiu3fs2n
#musk #doge #heist
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
Ian Whitcomb was a lifelong friend and colleague who passed away in 2020. He was not only a performer but a historian and chronicler of American music, and owned a lot of important historical items. His wife Regina lost everything in the Eaton Fire, and as most people know there was no time to prepare for evacuations. Please take a look at this GoFundMe for one of my oldest friends.
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
MaryAustinBooks@mstdn.social ("Mary Austin VOTED 4 HARRIS!") wrote:
If you think Americans aren't doing anything and nobody is protesting, that's understandable. Corporate media and a lot of billionaire owned social media want you to think we're all just sitting on our hands.
There are protests going on right now. And there will be protests Wednesday at noon in every state capital. I'm going to mine.
Mastodon FeedReblogged by cstanhope@social.coop ("Your friendly 'net denizen"):
vertigo@hackers.town ("Vertigo #$FF") wrote:
Once upon a time, many years ago, someone had posted a link to a website that implemented something very much like GitHub pull requests, but which was not affiliated with GitHub, GitLab, etc. It was open source, it was self-standing, and could even be used with repositories hosted on places like SourceHut.
Does anyone remember:
- What this place was called?2. What the URL for this service was?
I'm positive that I've bookmarked this site, but I cannot seem to find it in my pinboard exports nor in my Firefox bookmarks. I will try searching Masto bookmarks next, but Masto's search functionality leaves so much to be desired...
Thanks for any tips or leads! :boost_ok:
EDITS
- It's not codeberg.org or forgejo.org -- it is not a code forge unto itself. It focused just on reviewing PRs, and could work across forges and self-hosted Git repos alike. 2. Ahh! I remember something more about it now: code reviews used to happen in Git Commits itself, by adding or removing comments directly in the code being reviewed.. The website was just a tool for visualizing diffs.
Mastodon FeedReblogged by cstanhope@social.coop ("Your friendly 'net denizen"):
Anomnomnomaly@beige.party ("Anomnomnomaly BSC SSC") wrote:
Friend: Tell me your best knock knock joke
Me: Knock knock
Friend: Who's there
Me: Hike
Friend: Hike Who?
Me: Unsuspecting friend
I Wait with my breath bated
Setting perfect trapsFriend: How is that funny?
Me: 🤦 😂
Mastodon Feedjsonstein@masto.deoan.org ("Jeff Sonstein") wrote:
27 June 2007, Veneta Oregon
Mastodon Feedjsonstein@masto.deoan.org ("Jeff Sonstein") wrote:
30 July 2013, Toronto ON Canada
Mastodon Feednadim@infosec.exchange ("Nadim Kobeissi") wrote:
Many more findings are included in our full 101-page report. Read the full audit report for all findings & recommendations: https://cure53.de/audit-report_nym.pdf
Mastodon Feednadim@infosec.exchange ("Nadim Kobeissi") wrote:
Our audit demonstrates the importance of rigorous cryptographic reviews. Nym has been proactive in fixing these issues and pointed out that some had limited impact, reinforcing its privacy-focused mission. Kudos to their team for their responsiveness!
Mastodon Feednadim@infosec.exchange ("Nadim Kobeissi") wrote:
6/ A Bloom filter misconfiguration meant that 1 in 6 credential checks could result in false positives, potentially impacting the security of the Nym network. We suggested switching to Binary Fuse filters for better accuracy.
Mastodon Feednadim@infosec.exchange ("Nadim Kobeissi") wrote:
5/ Our team also found a signature forgery attack against the Pointcheval-Sanders scheme in Nym’s cryptography. Attackers could derive new valid signatures from existing ones! We recommended strict integrity checks.
Mastodon Feednadim@infosec.exchange ("Nadim Kobeissi") wrote:
4/ Nym’s gateway credential verification skipped serial number checks, meaning eCash tickets could be used multiple times—leading to double-spend attacks. We recommended ensuring strict checks across all verification paths.
Mastodon Feednadim@infosec.exchange ("Nadim Kobeissi") wrote:
3/ The audit found nonce-key reuse in AES-CTR within Nym gateways. With a zero nonce, attackers could decrypt communications with simple XOR operations! We recommended a switch to AES-GCM-SIV for better security.
Mastodon Feednadim@infosec.exchange ("Nadim Kobeissi") wrote:
2/ A partial signature bypass was also discovered in offline eCash, allowing attackers to generate valid signatures for arbitrary payloads. This mirrored the Coconut vulnerability and was promptly patched.
Mastodon Feednadim@infosec.exchange ("Nadim Kobeissi") wrote:
1/ Our audit identified BLS12-381 EC signature bypasses in the Coconut library. Attackers could forge credentials, bypass validation, and manipulate public attributes.
