Mastodon Feed: Posts

Boosted by cstanhope@social.coop ("Your friendly 'net denizen"):
tripflag@layer8.space ("ed") wrote:

I made a video about #copyparty, the open source file server I've been making for the past 5 years: https://youtube.com/watch?v=15%5F-hgsX2V0

also available as a webm on the demo server: https://a.ocv.me/pub/demo/

kornel ("Kornel") wrote:

Black Mesa is a great example how much difference better textures and lighting can make, now RTX edition:
https://youtube.com/watch?v=waoNTFtPRhw

fromjason ("fromjason.xyz ❤️ 💻") wrote:

Pulling an all-nighter to get a project done. 😭 Send memes. Send nudes. Send movies I should watch while I code.

#coding #memes #html

NfNitLoop ("Cody Casterline 🏳️‍🌈") wrote:

@aral 👋 I was reading https://kitten.small-web.org/tutorials/end-to-end-encrypted-peer-to-peer-small-web-apps/ today and saw mention of the "Small Web Protocol".

So I visited https://small-web.org, but … its SSL cert just expired. ⚠️

I'm interested to read more about this "Small Web Protocol", and key exchange. Is it mostly this?
https://kitten.small-web.org/reference/#reserved-small-web-protocol-routes

Kitten looks pretty nice!

Boosted by cstanhope@social.coop ("Your friendly 'net denizen"):
CursedSilicon@restless.systems ("Cursed Silicon") wrote:

HEY, #RetroComputing folks in #Seattle (or the PNW in general)

Interim Computer Festival is coming up! October 4th and 5th in Seattle!

It's FREE to attend (though donations to SDF are appreciated!)

I'll be there demoing Compu-Global-Hyper-Mega-Net (CGHMN) on FOUR different machines! Come say hello and check out our lovely retro internet project. Or just say hello! (I'll also be handing out stickers to folks that want them)

https://sdf.org/icf/

(Signal boosts appreciated also!)

chipotle@mstdn.social ("Watts Martin") wrote:

I realize I should clarify, I *live* in the middle of nowhere, so I am not stranded, just highly agitated. (Hence me not doing a good job of choosing my words…)

Boosted by ChrisWere@toot.wales ("Chris Were ⁂🐧🌱☕"):
arstechnica ("Ars Technica") wrote:

Google loses app store antitrust appeal, must make sweeping changes to Play Store
Google's failed appeal could open up the market for Android apps.
https://arstechnica.com/gadgets/2025/07/google-loses-app-store-antitrust-appeal-must-make-sweeping-changes-to-play-store/?utm%5Fbrand=arstechnica&utm%5Fsocial-type=owned&utm%5Fsource=mastodon&utm%5Fmedium=social

chipotle@mstdn.social ("Watts Martin") wrote:

Oh good, my car won't start, in a kind of dramatic "almost nothing turns on but it's stuck in accessory mode and won't even technically shut off all the way" fashion. And it is out of warranty, so no break on the towing charge. Which is a lot. Because I am in the middle of nowhere.

Gargron ("Eugen Rochko") wrote:

It seems like all the negatives from my Croatia trip got lost in the mail on the way back from the lab. My best work to date. I'm very sad.

Boosted by cstanhope@social.coop ("Your friendly 'net denizen"):
loriemerson@post.lurk.org ("Lori Emerson") wrote:

and here's Joseph Weizenbaum, the creator of the early chatbot ELIZA, in 1976: "we, all of us, have made the world too much into a computer , and that this remaking of the world in the image of the computer started long before there were any electronic computers. Now that we have computers, it becomes somewhat easier to see this imaginative transformation we have worked on the world. Now we can use the computer itself--that is the idea of the computer--as a metaphor to help us understand what we have done and are doing." #ai

jwz wrote:

Ambient age verification.

Newgrounds, a gaming forum, has some clever ways for non-intrusively complying with the shambling disaster that is the "UK Online Safety Act". For years, I've been doing something similar to this when generating internal...
https://jwz.org/b/yksP

jwz wrote:

You should be using RSS.

Molly White has a good intro: Far from being the new hotness attracting glitzy feature stories in tech media or billions in venture funding, RSS has been around for 25 years. [...] Many, if not most, websites publish an RSS...
https://jwz.org/b/yksN

Boosted by jwz:
crk5@layer8.space ("crkⓋ") wrote:

Boosted by jwz:
MarkHoltom@mastodonapp.uk ("Mark Holtom (aka Kingbeard)") wrote:

They are trying to 'herd immunity' climate change

Boosted by jwz:
danirabbit@mastodon.online ("Danielle Foré") wrote:

It’s wild to me how Zohran has gained national attention for a **mayoral** race and democrats are focused on how to stop that rather than how to replicate it

Boosted by jwz:
danirabbit@mastodon.online ("Danielle Foré") wrote:

This crap about “spoiler votes” is ridiculous and childish and sad. Democrats lose when they try to appeal to the right. That’s all this is. They are constantly pushing back and trying to suppress progressive members of the party and they will not allow progressive messages on the national stage and that’s why they lose. Refusing to acknowledge this just means they’ll do it again and lose again.

Boosted by jwz:
JuliusGoat ("A.R. Moxon, Verified Duck 🦆") wrote:

The reason Substack pushed a Nazi blog onto people's phones is because—as founder Hamish McKenzie said in his response to Substackers Against Nazis 2 yrs ago—he believes it is valuable and important to platform Nazi voices.

This sort of thing is not a one-off. https://www.the-reframe.com/questions-for-substack/

Boosted by jwz:
noisemakerbot@genart.social ("Noisemaker Bot") wrote:

shatter vs. ridge

Attachments:

• gifv: "Shatter" shows jagged shards fanning outward in a burst of golden yellow, magenta and burgundy. Seed: 16061

Boosted by jwz:
jenny753@indiepocalypse.social ("Cmdr Jenny") wrote:

For folks who cancelled their Paramount+ accounts but still want to watch the newest Strange New Worlds episode without flying the ol' 🏴‍☠️, Paramount posted the entire episode to Youtube.

(This is most likely region locked.) With ad block, it's free, legal, and doesn't give Paramount $$.

https://www.youtube.com/watch?v=7Ig%5FeYqQvHI

#StarTrek

mattblaze@federate.social ("Matt Blaze") wrote:

Fun fact: the Reading was a major northeastern US railroad (made famous internationally by its place on the Monopoly gameboard), which ceded its rail business in 1976 to the newly formed Conrail consortium. But the company kept most of its non-railroad real estate holdings, and today mostly operates cinemas (including NYC's Angelika) in several countries.

(The Reading Company was named for the Pennsylvania city, and so is pronounced with the past tense of what you do with words on a page).

mattblaze@federate.social ("Matt Blaze") wrote:

The GX680 was a fun but very unusual camera that couldn't quite decide what it wanted to be. It was a truly gigantic beast of a medium format SLR camera providing (limited) view camera movements. It used 120-format roll film with a 6x8cm frame (so a 3:4 aspect ratio), with a built-in autowinder. It's sort of what you'd get if you somehow merged a Nikon F4, a Hasselblad, and a Crown Graphic. Definitely not a point & shoot camera.

mattblaze@federate.social ("Matt Blaze") wrote:

Captured with a Fuji GX680 camera, 80mm lens, T-Max 100 film. Some tilt was applied to control focus. It was very dark in there, and focusing required the use of a flashlight.

The Pennsylvania Avenue Subway was built to provide a sub-grade freight connection between the Reading Railroad's main line and its "City Branch". It served the Baldwin Locomotive Works' Callowhill plant and, later, the Philadelphia Inquirer's printing plant, among other Center City industries. Abandoned in the 1980's.

mattblaze@federate.social ("Matt Blaze") wrote:

"Pennsylvania Avenue Subway" Tunnel, Former Reading Railroad, Philadelphia, 2004.

#photography

Boosted by isagalaev ("Ivan Sagalaev :flag_wbw:"):
tomjennings@tldr.nettime.org ("tom jennings") wrote:

@kevinbowen

Yeah. The US postal service may prove to have been the best service the US ever provided to its citizens. Its not an American idea but it was done very well. Internet kids don't get it I don't think. Deliver an ounce/28 grams of paper to any physical address within 8 billion sq km for the same pocket change.

The best art and communication medium ever.

@jerod23

Boosted by cstanhope@social.coop ("Your friendly 'net denizen"):
logicalelegance@mastodon.online ("Elecia White") wrote:

Look, I haven't said anything because you've been doing a good job but...

You've been doing a good job and I do notice and appreciate it. Thank you very much. Please continue.

cstanhope@social.coop ("Your friendly 'net denizen") wrote:

The Maintainers Study Guide:

https://themaintainers.org/study-guide/

"...maintenance encompasses a lot more than repairing objects. We consider it to encompass a variety of interconnected systems: valuing care labor, preserving bio-regions, safeguarding our data, providing reliable public transportation, and advocating for the workforce that sustains our infrastructures. Maintenance also comprises the mundanity of daily life: brushing one’s teeth, tidying the home, mending a sock..."

Gargron ("Eugen Rochko") wrote:

If you're using mastodon.social's web app, you may notice that the "Some replies may be missing" notice in certain threads is gone. Instead, you may see a "New replies available" button, as Mastodon checks for missing replies automatically now, based on work submitted by @jonny. Please enjoy!

NfNitLoop ("Cody Casterline 🏳️‍🌈") wrote:

@TexasObserver This comic would be more accurate if the TX GOP hadn't already had a long history of voter suppression and gerrymandering.

It's not so much bowing to authority as being given permission to do what they already wanted to do anyway.

Boosted by jsonstein@masto.deoan.org ("Jeff Sonstein"):
Viss wrote:

Boosted by kornel ("Kornel"):
bobdahacker@infosec.exchange ("BobDaHacker 🏳️‍⚧️ | NB") wrote:

Found critical vulns in Lovense (the biggest sex toy company) affecting 11M+ users. They ignored researchers for 2+ years, then fixed in 2 days after public exposure. 🤦

What I found:
- Email disclosure via XMPP (username→email)
- Auth bypass (email→account takeover, no password)

History of ignoring researchers:
- 2022: Someone else reports XMPP email leak, ignored
- Sept 2023: Krissy reports account takeover + different email leak via HTTP API, paid only $350
- 2024: Another person reports XMPP email leak AND Account Takeover vuln, offered 2 free sex toys (accepted for the meme)
- March 2025: I report account takeover + XMPP email leak, paid $3000 (after pushing for critical)
- Told me fix for email vuln needs 14 months because "legacy support" > user security (had 1-month fix ready)
- July 28: I go public
- July 30: Both fixed in 48 hours

Same bugs, different treatment. They lied to journalists saying it was fixed in June, tried to get me banned from HackerOne after giving permission to disclose.

News covered it but my blog has the full technical details:
https://bobdahacker.com/blog/lovense-still-leaking-user-emails/

Edit: This guy was one of the CO-Founders of Lovense and got kicked out unfairly, and they are trying to hide his existence, like how Mark Zuckerburg from Facebook did to one of his Co-Founders back in the day. He is currently being sued by Lovense.

https://x.com/LovenseDispute/status/1879155775865589995

#InfoSec #BugBounty #ResponsibleDisclosure #Security #Vulnerability #IoT #cybersecurity