VLC media player 3.0.7 released, containing mainly fixes for security vulnerabilities discovered due to the EU-FOSSA program.
– over 40 security vulnerabilities were fixed
– detailed report: http://www.jbkempf.com/blog/post/2019/VLC-3.0.7-and-security
Looks like Sign In with Apple is going to be mandatory for many apps. That's one way to get adoption.
2019: "Our incredibly fragile tools only work with one micromanaged theme nobody likes. Please take systems integration advice from webshit design nerds because branding"
- via @[email protected]
Qualys SSL Labs adds 4 new tests for vulnerabilities, and considers cipher suites using CBC "weak":
– as an admin, you should disable all CBC cipher suites for several reasons (use GCM for block ciphers)
– SSL Labs tests for POODLE, GOLDENDOODLE, 0-Length OpenSSL, and Sleeping POODLE now
– servers affected by the vulnerabilities are downgraded to F
It's disturbing when a large and experienced open source steward like #ASF (Apache Software Foundation) decides it can't sustain community-hosting and needs to create new dependencies on #DataFarms. This is exactly the opposite of what ought to be happening, especially since GH was acquired by Microsoft.
Linux on the desktop
If we really give a shit about Linux on the desktop, we need to start giving a shit about longevity and community rather than glitzy features and novelty. People need to stop jumping on whatever ephemeral distro crawls out of the woodwork and stick for the ones we know will be around in a decade. Which means basically Debian TBH.
Apple: we believe privacy is a human right.
Also Apple: here’s your trust score.
Some doubters think our VPN is run by some dude in a dolphin onesie. Rest assured, there’s a whole team of us. (Turn 🔉 ON) https://www.reddit.com/r/ProtonVPN/comments/axw0tu/i_demand_protonvpn_team_or_at_least_one_member_of/
@KitsuneAlicia *busts down door, holds up dollar bills* Yes please.
@fun The idea of America, or the physical country?
@BurungHantu SSLStrip is the attack that comes to mind (https://moxie.org/software/sslstrip), and the FAQ for HTTPS Everywhere has some more information (https://www.eff.org/https-everywhere/faq#why-use-a-whitelist-of-sites-that-support-https-why-cant-you-try-to-use-https-for-every-last-site-and-only-fall-back-to-http-if-it-isnt-available)
“It’s almost like we woke up and suddenly the Internet was owned and operated by private capital under a kind of regime, a new economic logic that really was not well understood.” https://blog.apnic.net/2019/04/03/the-future-of-undersea-internet-cables-are-big-tech-companies-forming-a-cartel/
Cat Mom. They/Him. Slowly figuring out the world. Self-taught infosec and dev.
Why should you sign up on mstdn.io?
This instance is not focused on any theme or subject, feel free to talk about whatever you want. Although the main language is english, we accept every single language and country.
We're connected to the whole ActivityPub fediverse and we do not block any foreign instance nor user.
We do have rules, but the goal is to have responsible users.
The instance uses a powerful server to ensure speed and stability, and it has good uptime. We follow state-of-the-art security practices.
Also, we have over 300 custom emojis to unleash your meming potential!
Looking for a Kpop themed instance? Try kpop.social