Stephen LB @[email protected]

This is a great debate between DHH and Matt Mullenweg about open source, power, and whether it would be a good thing for WordPress to have 85% market share. https://rework.fm/open-source-and-power-with-matt-mullenweg/

Screen Mate Poo aka Sheep.exe (Village Center) Win3.x, 1996

Ooh. Didn't see this coming. https://arstechnica.com/information-technology/2019/10/alexa-and-google-home-abused-to-eavesdrop-and-phish-passwords/

Got a Raspberry Pi 3B+ or 4B and want to get a static or dynamic server up and running really really quickly?
@aral’s got Site.js working on those tiny creatures: https://ar.al/2019/10/18/site.js-and-pi/

Wet paint.

Amnesty International: "Young people have the right to learn & talk about sex! But today Poland will vote on a bill which would make teaching or promoting sexuality education to under 18s a crime punishable with for up to 3 yrs in prison. Support people in Poland opposing this. https://www.amnesty.org/en/latest/news/2019/10/poland-law-criminalizing-sexuality-education-recklessly-retrogressive/"

[#humanrights #news #bot]

"Before visiting a website, Safari may send information calculated from the website address to Google Safe Browsing and Tencent Safe Browsing to check if the website is fraudulent. These safe browsing providers may also log your IP address."

- Apple

Anyone know what happened to the Kino Social website or have a backup of it?

@kinosocial

Sesame Street, a show created for public access television to help kids from low-income families learn to read and write, is being put being a paywall which will prevent the kids who most need it from accessing it.
The past 50 seasons are also included in that so they can't be streamed anywhere else.

Fuck capitalism.

Pirate Sesame Street.

Some good news for a change. Bee population recovering due to regenerative farming.
https://globalnews.ca/news/5767381/bee-population-recovering-regenerative-farming/?fbclid=IwAR3dNcAKZik8MH2W9pWUOSAURHi80nZBP00ak0eCEyrWGxrNV5BN8PEHHtU

VeraCrypt 1.24 available:

https://www.veracrypt.fr/en/Release%20Notes.html

– The maximum length of passwords is 128 bytes in UTF-8 encoding for non-system volumes now (previously limited to 64 bytes).
– Many new features are for Windows only, e.g. optional RAM encryption of keys/passwords (using ChaCha12), or erasing encryption keys from memory to prevent cold boot attacks.

#veracrypt #encryption #security #infosec #cybersecurity

@trickster
2008: The economy blew up because people spend money they didn't have

2019: The economy is blowing up because people refuse to spend money they don't have

This will not get old for some time.

is that a fucking

magazine fed floppy drive

Simjacker – abusing the [email protected] Browser to track phones:

https://www.adaptivemobile.com/blog/simjacker-next-generation-spying-over-mobile

– it requires the [email protected] Browser on the targeted phone, and a mobile operator allowing special SMS
– many details are missing
– mobile operators can remotely uninstall [email protected] Browser; so this perfectly shows that you can't "take back control" of your phone by just installing some LineageOS on it

#simjacker #vulnerability #smartphone #security #infosec #cybersecurity

If you haven't heard of KaiOS before, you probably think Firefox OS is entirely dead. But actually, as a fork of B2G, KaiOS has silently grown to a user base of more than 100 million people on devices from more than 10 manufacturers, making it the third most-popular mobile OS after Android and iOS now.

They just launched proper developer docs, as well as an app store:

* https://www.kaiostech.com/meet-the-devices-that-are-powered-by-kaios/
* https://developer.kaiostech.com/

Mastodon client for KaiOS, when? All JS/Web clients should work.

Wow…

So electron improved their security features with the recent version 5, but by doing this broke tons of applications because they either need User Namespaces or an SUID executeable (to launch proper isolated subprocesses).

#Signal Desktop noticed this problem and as well and "fixed" it in the worst way possible:

https://github.com/signalapp/Signal-Desktop/commit/1ca0d821078286d5953cf0d598e6b97710f816ef

On the other hand #Riot Desktop did a proper fix, which enables an SUID bit on this binary: https://github.com/vector-im/riot-web/commit/56674ea70849b3a793fa7b862945163aa10b36b8

#infosec #security #linux

RT @[email protected]
Vies et morts des navigateurs de 1996 à nos jours

What OS camp are you in? Hopefully this will be big so please boost so we can get as many votes as possible