h3artbl33d, 1 month ago to random

Oh my :flan_ooh: A big Youtuber with 20M subscribers (Mrwhosetheboss) talks about Enshittification, features @pluralistic right in the intro.

Now that there is some momentum, it might be a good time to help your loved ones move away from big tech and reclaim their privacy. Please help, you all, increase the awareness!

The video in question:

• Jouwbuis
• Piped
• Invidious

h3artbl33d, 2 months ago to random

Eleventy is a simpler static site generator

Have you even met ssg?

$ doas pkg_add lowdown<br></br>$ mkdir -p bin<br></br>$ ftp -Vo bin/ssg https://romanzolotarev.com/bin/ssg<br></br>$ chmod +x bin/ssh<br></br>

Way simpler and doesn't require the bizarre nodejs kitchensink.

Thank you @romanzolotarev

stux, 2 months ago to random

What's in my daily toolbelt?

Well, Visual Code Studio, Terminus, Photoshop, FileZilla, Atom and some other utilities ⚒️

Oh, and a saw

h3artbl33d, 2 months ago to random

A map of Europe drawn from memory

h3artbl33d, 2 months ago to random

From what I gather, from the very limited information available: the signedness folks are being vocal about an NFS exploit and dubbing it as an OpenBSD RCE.

I have no reason to assume that this is misinformation, given the track record of these folks. However: NFS is disabled by default.

If you are running nfsd, especially exposed publicly, you might want to disable it until this vulnerability is patched.

#OpenBSD :openbsd:

h3artbl33d, 2 months ago to Signal

Signal on OpenBSD

Rust-powered Signal client for the terminal. Sans Java.

Here is how you do it, pending my port:

$ doas pkg_add git protobuf rust<br></br>$ cargo install --git https://github.com/boxdot/gurk-rs gurk<br></br>$ export PATH=~/.cargo/bin:$PATH<br></br>$ gurk<br></br>

Might want to grab a coffee (or beer, wine, whatever your poison is) while cargo runs.

Enjoy - and as always HACK THE PLANET :flan_hacker:

#OpenBSD #Signal

h3artbl33d, 2 months ago to random

Apple's move to create a single ecosystem, based on the same architecture is fantastic.

One exploit to pwn them all :flan_hacker:

h3artbl33d, 3 months ago to random

Over a decade ago, I took a leap of faith and became an entrepreneur. It has somewhat escalated - as in: my company incorporated and that I have employees nowadays (still getting used to that, but that is a story for another day).

There are some key lessons that I learned, that I want to share:

• The single most worthy 'asset' is humans. Treat them with respect. If you don't, you'll be digging your own grave. Listen, reward and pay effin attention. Nobody is perfect - nor are you and I.
• Having an attitude can be good. The client isn't always right - and if you can explain why you don't want to work on it, it might just open their eyes.
• Being an entrepreneur often requires taking risk. But do it at your own expense - never, ever at the expense of others.
• Let go. You can't manage everything - even though your company feels like it is your 'child'. Micro-managing will end up hurting everyone.
• Always be open to learn and adapt. We are human, bound to make mistakes and fuck up. Be honest and humble. Apologize if you effed up.
• Never, ever, give tight deadlines. If your estimation is three weeks, communicate double (six weeks). It'll cut you some slack when things don't go according to plans.

1/2 🧵

thomholwerda, 3 months ago to random

There's two ways to handle linking to someone else's work on a blog or news website.

1. Find an interesting paragraph, quote it, and link back to the post. Add a few lines of your own, if needed. You can also not quote and only link, but that's immaterial.

2. Take someone else's work, reword it, maybe add a link to an earlier related story you also lazily reworded, to give it a veneer of original reporting, and post it as a full 'new' news story.

@osnews has, since its inception, pretty much exclusively done 1. This is very old-fashioned and not SEO-friendly, but I am convinced it's the only correct way to link to someone else's work, and ensure as much traffic as possible is sent the source's way. I'm always very cognisant of the fact people tend to not follow links to sources, so I try to quote only a taste, a bite, a sample, ensuring people are encouraged to browse to the source and read it in full.

A lot of popular, funded, profit-driven tech news websites do 2. It makes it seem as if every story they post is original reporting, but in reality, it's just a form of theft. It's taking someone else's hard work, posted on a less well-known blog, rewording it just enough to seem original, and claim the clicks. (1/2)

h3artbl33d, 3 months ago to random

Did you know that Mastodon has a nifty NSA-esque feature?

It stores all user IP addresses by default for a year :flan_nooo:

Exquisite retains the IP addresses for 4 (four) hours before being pruned completely.

Should we become the target for abuse, we can increase the retention. But one full year? That is just plain and utter madness - and a complete disregard for privacy and protecting the community :flan_molotov:

#MastoAdmin

ParadeGrotesque, 3 months ago to random

Ooops... ☹️

grep -ic 2024 /etc/hosts.deny

2363

That is 2363 unique hosts added to the deny list because they tried to brute-force SSH since the beginning of the year. Today is March 4th, 64 days into the year. That's about 36 new hosts per day.

It is quite obvious to me that there is a concerted effort to attack SSH ports opened on the Internet.

Anyone else see this?

h3artbl33d, 3 months ago to random

Our platform uses military grade end-to-end encryption to protect your data from hackers. We recently have upped the ante, by switching to ROT-17576.

mariyadelano, 3 months ago to mentalhealth

#BPD is a real bitch, y’all.

Because of it I’m not good with conceptualizing a coherent sense of reality beyond the present moment.

So right now I’m deeply upset because someone I really care about and like working with is on vacation until Monday.

Even though we have messaged every single day for a month now - my brain is telling me that because we aren’t speaking RIGHT NOW it doesn’t count, they aren’t real, they don’t care about me. Ugh

#mentalllness #personalityDisorder #mentalHealth

h3artbl33d, 3 months ago to random

Whoop. Mastodon is throwing in a change that might just help battle the increase in spam.

This PR will flip open registrations to approval required if the staff (admins/mods) have been inactive over a week.

#mastoadmin

thomholwerda, 3 months ago to random

So my wife and I have been using Signal for a few months now and... Damnit I wish I could get everyone to use it. It's such a nice, no-nonsense application.

Just wish their desktop applications weren't shit.

h3artbl33d, 3 months ago to Signal

Molly is an hardened fork of Signal for Android.

It is designed to keep userdata safe, even in the case of a full phone compromise. But that is not where it stops. Not at all:

• Molly has an official FOSS version with FCM, GMaps etc stripped out,
• Additionally, there is a UnifiedPush version. Push messages from either a trusted party or selfhosted.
• It features encryption at rest, secure RAM wiper, automated lock, multi device support and much more.

Now grab a Pixel (preferably 8+ due to MTE), install GrapheneOS and Molly.

While we are on the #Signal subject, the upcoming v7 beta will feature usernames and phone number privacy (source). Finally :flan_hurrah:

h3artbl33d, 3 months ago to random

A new episode in Torvalds' "all bugs are equal" bullshit. Citing Ian Coldwater on the birdsite:

The Linux kernel became a CNA and are planning on issuing a CVE for every bug whether security-related or not “because security fixes aren’t special”. It’s blatant sabotage of a system people rely on and it’s going to fuck all kinds of systems that rely on it.