Nadreck boosted

Ahh social engineering

So the recommendation that you not use custom domains for email is interesting. I suppose the thought it that it's harder for an attacker to hijack, or wouldn't risk it.

Many email hosts offer plain domains in addition to letting you host your custom domain. In theory that's similar, and somewhere probably between your domain and Google's in hijack potential.

Nadreck boosted

Hi internet friends. I have a very dear friend with over a decade of technical writing experience who is likely to get deported in the next month unless they can find a job.

Anyone looking for technical writers in the Bay Area?

Nadreck boosted

I do not have a Facebook account.

But the app was sending *something* to Facebook every couple of *minutes* from my phone... whether I was using the app or not.
This important @WSJ report on apps sharing @fitbit@twitter.comth Facebook shows how totally out of control the system is. I'm sure most users had no idea personal information about their heart rate, pregnancy planning &am…

Nadreck boosted

This important report on apps sharing data with Facebook shows how totally out of control the system is. I'm sure most users had no idea personal information about their heart rate, pregnancy planning & even period dates was shared with Facebook.

Nadreck boosted

Ikea drawers
Keep the decor calm

Comes in white
Black and brown
Or with wood
Veneer wrapped round

Ohh, buy several Spider-MALMs

Nadreck boosted

1. There has not yet been a battle royale game that made thematic sense.

2. There's a dearth of Dune games in the world.

THEREFORE: I propose a Sardaukar training exercise, set on Salusa Secundus.

It checks a bunch of boxes:

- clear motivation for killing each other (you're literally training as a death commando)
- clear rationale to expect a reward for survival (Imperial boon, promotion)
- top-down power structure capable *OF* granting/enforcing this strict, game-like murder ruleset

Nadreck boosted

To prove a point:

Please RT if you don't have a CS degree and you have a job in tech.

Nadreck boosted

I wish there was some way to convey to people who look sad when I don't remember their name, that I sometimes forget my *family's* names. I just spent five minutes panickedly trying to remember two of my favorite people's first names, and blithely referred to somebody I know super-well as Sebastian, when he's actually a Sylvester.

Nadreck boosted

World: Google, you are so smart, impartial, and benevolent, please write all our protocols and standards.

Google: Oh yeah, btw, we don’t think you should be able to protect yourself from being tracked on our browser.

Google to break uBlock Origin on Chromium.

#SurveillanceCapitalism #Google

Nadreck boosted
Nadreck boosted

hi, i am basically one of the two main people responsible for designing how federation works in Pleroma, and would like to set the record straight on this.

Pleroma and Mastodon have the exact same behavior when it comes to absolute defederation: messages from inbound users are blocked, and (optionally in Pleroma) following relationships directed toward the instance you are defederating are severed.

Pleroma and Mastodon also have the exact same behavior when it comes to processing messages: when a new message comes in, they reconstruct the thread, which involves fetching objects all the way to the root of the thread.

this means that Pleroma will fetch objects from instances which have defederated with it, and Mastodon will do the same. this is possible because the object fetches are unauthenticated: your instance cannot perform access control because it doesn't know who is fetching the object.

so, the proper fix is to specify a method for instances to authenticate while fetching objects, which will allow for access control to be performed. it also is useful for GDPR compliance in general, because it allows end users to know precisely where copies of their data are stored throughout the fediverse.

contrary to what some say, we actually care a lot about fixing leaks like this one in activitypub. it has been a top priority for our security team, and we have been spending months hunting for and plugging leaks throughout the entire ecosystem.

if you have any questions about this or other AP leaks, feel free to reach out, but we definitely want to plug all leaks, and we have definitely been working to plug all leaks.
Nadreck boosted
some free software is "libre as in lucha libre":

it helps to make up a secret identity, because you're going to have to do battle with a bunch of masked chuds with opinions before you even get to wrestle the software itself
Nadreck boosted

a sitting congresswoman is discussing the political situation of the american congress on a donkey kong 64 marathon

Show thread
Nadreck boosted
Nadreck boosted

Cleaning up a customer's PC, I made the mistake of leaving a tab open on Yahoo's home page. Only 1 minute later: malvertized. Sunuva...

I did it again to pin down the cause, & indeed it's Yahoo's ads breaking out, taking over the page, & loading scary messages that make it difficult to leave.

I can't stress enough, folks, that an ad blocker is Internet SECURITY software.

Nadreck boosted

✨📢 We've got an exciting announcement today! We're partnering with our friends at Kickstarter to build a new platform to help artists share their work, build community, and get paid:

Nadreck boosted

- a microSD card weighs somewhere around 0.4g
- the highest capacity microSD that's easily available is 256GB
- a trebuchet can throw a 90kg projectile over 300m

90kg worth of microSD cards is 225,000 of them

Therefore a trebuchet can throw 57.6PB of data over 300m

This would have the highest throughput of any telecommunications network ever created

Nadreck boosted
Nadreck boosted

turns out i still hate reading tweetstorms. get a blog nerd

Show more

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!