Mastodon Feed: Posts

fromjason ("fromjason.xyz ❤️ 💻 ✍️ 🥐 🇵🇷") wrote:

I've had a cluster headache once every three hours for the past 24 hours. I'm so tired 😩

Boosted by soatok@furry.engineer ("Soatok Dreamseeker"):
drwho@masto.hackers.town ("The Doctor") wrote:

The four proven ways to build wealth in 2026:

0. Be born into a rich family.
1. Be born into a rich family.
2. Be born into a rich family.
3. Go into politics.

Boosted by soatok@furry.engineer ("Soatok Dreamseeker"):
redsad@ohai.social ("captain acab :antifa: 🏳️‍🌈") wrote:

in case no one told you today

jsonstein@masto.deoan.org ("Jeff Sonstein") wrote:

for the terminally lazy: https://en.wikipedia.org/wiki/Poe's%5Flaw?wprov=sfti1#

jsonstein@masto.deoan.org ("Jeff Sonstein") wrote:

keep Poe’s Law in mind as you read this delightful chain:

https://mastodon.de/@ErikUden/116732587030945871

jsonstein@masto.deoan.org ("Jeff Sonstein") wrote:

okay, this is wonderful and amazing

https://www.nytimes.com/2026/06/11/science/ecology-mycorrhizal-fungus.html?unlocked%5Farticle%5Fcode=1.pVA.ErOB.GjNoAz6iWmDn&smid=nytcore-ios-share

dysfun@treehouse.systems ("gaytabase") wrote:

he has been hijacked twice before

holy shit, that is some incredibly bad luck right there

jsonstein@masto.deoan.org ("Jeff Sonstein") wrote:

"Is SpaceX Worth $1.77 Trillion? It’s a Pie in the Sky, Some Investors Say

Elon Musk’s rocket company is spending big and losing money. That has raised questions about whether it can justify its valuation for its blockbuster initial public offering."

https://www.nytimes.com/2026/06/11/technology/spacex-valuation-skeptics.html?smid=nytcore-ios-share

jsonstein@masto.deoan.org ("Jeff Sonstein") wrote:

“the price-to-sales ratio for SpaceX (a measure of a stock’s price in relation to its annual sales) is incredibly high. Morningstar values the stock at $63. If its analysts are correct or even close, there will be no reason to lament missing out on buying SpaceX at $135.”

https://www.nytimes.com/2026/06/11/business/spacex-ipo-investing.html?smid=nytcore-ios-share

Boosted by jsonstein@masto.deoan.org ("Jeff Sonstein"):
ike_seblon ("Ike Seblon") wrote:

My friend: "...go to the Mix?"
me: "ewww, fuck the Mix."
my friend: "why?"
me: "i dunno gurrl, just...

Friends, now I know:

Badlands and Toad Hall are also in on it, and it looks like they're sharing all their customer data with some str8 bars too (booooooo). There is no way this will be unregrettable.

#SanFrancisco #castro #gay #pride #resist

https://sf.gazetteer.co/why-do-these-castro-gay-bars-have-tsa-style-face-scanners

Boosted by jsonstein@masto.deoan.org ("Jeff Sonstein"):
politicalbillsc@universeodon.com ("Political Bill SC") wrote:

What the actual f--- is going on? Cutting funding on proven, effective renewable energy and funneling it to the worst form of polluting energy we've got?

#Environment #Coal #Pollution

https://www.usnews.com/news/politics/articles/2026-06-04/trump-to-unveil-700-million-coal-support-plan-using-emergency-powers

dysfun@treehouse.systems ("gaytabase") wrote:

rice and beans and lentils.

well the rice was good anyway

Boosted by cwebber@social.coop ("Christine Lemmer-Webber"):
sodiboo@gaysex.cloud ("sodiboo :pride_heart:") wrote:

MANY ORPHANED AUR PACKAGES ARE BEING TARGETED WITH AN INFOSTEALER.

the Arch User Repository package alvr has been orphaned, then adopted by a threat actor who immediately updated it with an infostealer. If you have this package on your system and updated it recently, you've been compromised. This is not a result of any upstream compromise; it's just that one AUR package. in particular, the alvr-bin sister package seems to be fine.

here's the relevant thread for alvr from the Arch Linux mailing list. alvr seems to be the first package compromised and/or the first one that was noticed. it was updated maliciously at 2026-06-11 13:53:45 UTC (2026-06-11T13:53:45.000Z) and reverted approximately 3-4 hours after that.

SEVERAL OTHER PACKAGES ARE BEING TARGETED WITH THE SAME MALWARE: 1, 2, 3, 4, 5

AUR mailing list megathread <-- over 400 (!!!!) packages have the malicious npm dependency

they all share in common that they will install the atomic-lockfile package from NPM (so, here's a live link to the actual malware. do not install that). they were all orphan takeovers. as far as i can tell, all of the ones i linked have been reverted to known safe versions. including alvr.

this is an infostealer, meaning it exfiltrates sensitive data from your system such as login credentials. removing the malware will not undo the damage. moreover, uninstalling the malicious package will not remove the malware because it persists as a systemd service that stays on your system indefinitely.

it executes as an npm preinstall script, and the npm package is installed by the AUR packages. this means that simply installing the malicious versions of any of these packages will compromise you. it does not require you to do anything more afterwards. again, the malware persists if you uninstall the malicious packages

to check if you've been compromised, look in /etc/systemd/system and ~/.config/systemd/user for a recently added .service file with a random name. that's the persistence mechanism and the most obvious mark that you've been compromised.

---

Attached is a screenshot of an announcement from the "Linux VR Adventures" discord.

i know we all hate discord, but LVRA has a lot of auxiliary discussion, so here's an invite link

of special interest, here's a malware analysis thread. Feel free to follow it in real time, or contribute, or whatever. Whanos has produced a preliminary analysis blog post that contains a lot of important information about the malware.

Boosted by cwebber@social.coop ("Christine Lemmer-Webber"):
researchfairy@scholar.social ("Unnamed TNG skant beefcake") wrote:

He talked about the age verification thing

How it will be done by 3rd party companies

He accidentally said everyone will be "de-anonymized"

He meant to say "anonymized"

But what he said was right

Boosted by cwebber@social.coop ("Christine Lemmer-Webber"):
researchfairy@scholar.social ("Unnamed TNG skant beefcake") wrote:

The Canadian government made a list of 7 categories of online harm to children and surveillance wasn't one of them

Boosted by dysfun@treehouse.systems ("gaytabase"):
Catfish_Man ("David Smith") wrote:

Something I've noticed about performance work is that people really want there to be A Cause for improvements. A new technology, something old no longer holding things back, "removing the debug logging", etc…

The truth of the matter is that 97% of the time the enabling thing for performance work is engineers having time in the schedule to sit down with the tools (usually a sampling profiler) and grind out small wins over and over.

There's no magic bullet that replaces good engineering.

Boosted by cwebber@social.coop ("Christine Lemmer-Webber"):
SheDrivesMobility@norden.social ("Katja Diehl") wrote:

wow.

https://dronexl.co/2026/06/09/pokemon-go-scans-niantic-vantor-military-drone-navigation/

Boosted by cwebber@social.coop ("Christine Lemmer-Webber"):
metin@graphics.social ("Metin Seven 🎨") wrote:

#tech #technology #BigTech #data #security #privacy #safety #InfoSec #IT #surveillance #computing #digital #online #internet #web #cloud #meme

Boosted by cwebber@social.coop ("Christine Lemmer-Webber"):
BrideOfLinux@mastodon.opencloud.lu ("Christine Hall") wrote:

H.R. 6028 would fundamentally change the U.S. Copyright Office, and not in a good way. The bill removes the Library of Congress’ current supervisory role over the Copyright Office, transfers several powers directly to the Register of Copyrights, and makes the Register a presidential appointee, confirmed by the Senate: Congress Just Rushed Through a Disastrous Copyright Office Overhaul https://www.eff.org/deeplinks/2026/06/congress-just-rushed-through-disastrous-copyright-office-overhaul

Boosted by cwebber@social.coop ("Christine Lemmer-Webber"):
annika@xoxo.zone ("Annika Backstrom") wrote:

Any AI-free Godot knowers out there looking for a project?

A friend of mine is in the middle of a game buildout and parted ways with her dev because of a difference in opinion on AI slop. She's hoping to partner with someone else to get it finished. General theme is "cosy looking farm sim with a weird twist."

This would be a revenue share rather than a paid gig. If this sounds like your jam, I can put you in touch.

Boosted by cwebber@social.coop ("Christine Lemmer-Webber"):
joho@mastodon.online ("Joaquim Homrighausen") wrote:

Age verification ...

#privacy #privacymatters #ageverification #socialmedia #surveillance #dataskydd #dataprotection #gdpr #deepstate

jonny@neuromatch.social ("jonny (nonvenomous)") wrote:

Assoc editor of Frontiers in Systems #Neuro:

Over the last month I saw that human editors are now stripped of control. I could no longer stop the system from auto-inviting "reviewers" with zero relevant expertise. Even worse - the AI began actively revoking the invitations I manually sent out to actual, qualified experts.

I emailed and met with the editorial office to ask for the AI assistant to be turned off. I was told this is not possible.

https://bsky.app/profile/michael-okun.bsky.social/post/3mnxkxte55s25

Boosted by ChrisWere@toot.wales ("Chris Were ⁂🐧🌱☕"):
ChrisWere@toot.wales ("Chris Were ⁂🐧🌱☕") wrote:

I made a new #PeerTube exclusive video where I talk about this script I've been developing to aggregate RSS feeds.

https://video.thepolarbear.co.uk/w/irphhwFowTMngRQALHxfit

Boosted by cstanhope@social.coop ("The Luddites were right"):
david_megginson@mstdn.ca ("David Megginson") wrote:

Reminder: if you're a secondary-school teacher, and want to give your students a hands-on activity for learning logarithms, my site

https://cardboard-computer.org/

is free (libre and gratuit) and has no ads, analytics, or tracking cookies. You can download templates to build your own sliderule, and there are instructions and interactive exercises for using it.

(Tell them it's a steampunk calculator.)

#slideRules #teaching #math

Boosted by cstanhope@social.coop ("The Luddites were right"):
cbecker@hci.social ("Christoph Becker") wrote:

What I do know is that these conversations to reimagine computing for ecological and just futures ARE taking place and that people have inspiring ideas, wonderful collaborations and fabulous results to share, including - among others - at #LIMITS2026 in two weeks, proudly independent of ACM and free to attend, everywhere at once :)

https://computingwithinlimits.org/2026/

Boosted by cstanhope@social.coop ("The Luddites were right"):
trc@social.coop ("Tyng-Ruey Chuang") wrote:

(AFP) The Indian workers training AI robots to take their jobs

https://us.afpnews.com/article/?the-indian-workers-training-ai-robots-to-take-their-jobs,B3ZX2NQ

> With a smartphone strapped to her head, Indian housewife Nagireddy Sriramyachandra films herself slicing mangoes to train AI-powered robots to take on household jobs in the future.

> Earning just over two dollars for an hour of video, her mundane recordings are invaluable for global tech companies teaching machines how to move like humans in the real world.

> The 25-year-old is one of a growing army of thousands of AI system trainers in the world's most populous country. ...

jscalzi@threads.net ("John Scalzi") wrote:

Over on Whatever, I talk about the legit business email I got that was written with "AI," why I thought it meant the sender's domain was hacked by scammers, and why using "AI" in business emails automatically lumps you in with spammers and frauds. Don't do it!

https://whatever.scalzi.com/2026/06/11/please-i-beg-of-you-do-not-use-ai-in-your-business-communications/

Boosted by dysfun@treehouse.systems ("gaytabase"):
bentsukun@bsd.cafe ("benz") wrote:

Best #FreeBSD vulnerability, or bestest #FreeBSD vulnerability?

https://bumsrake.de/

baldur@toot.cafe ("Baldur Bjarnason") wrote:

Bumblebee wings sure beat fast. This one's wings are just a blur #photos #nature

Boosted by baldur@toot.cafe ("Baldur Bjarnason"):
MostlyHarmless@thecanadian.social wrote: