shawnhooper

kissane, 4 days ago to random

It's legitimately interesting to see how often volunteer moderation/server leadership is seen as a vulnerability or a problem in spaces where unpaid open-source dev work is positioned as normal or ideal.

cspray, 4 days ago to javascript

One time I found some #JavaScript in an app that was constructing a full blown SELECT statement in SQL, sending it to the server, and then blindly executed on that server.

It is still the most glorious, beautiful code I've ever seen.

symfonystation, 4 days ago to drupal

Explore our latest article: This should be Drupal Starshot’s Destination.

https://symfonystation.mobileatom.net/Drupal-Starshot

#Drupal #Starshot

https://newsletter.mobileatom.net/this-should-be-drupal-starshots-destination/

#Drupal #Starshot

campuscodi, 5 days ago to random

Security researcher Alexander Hagenah has released TotalRecall, a tool that extracts and displays data from the Recall feature in Windows 11.

https://github.com/xaitax/TotalRecall

SmudgeTheInsultCat, 5 days ago to random

mjg59, 5 days ago to random

The "Recall can't record DRMed video content" thing is because DRMed video content is entirely invisible to the OS. The OS passes the encrypted content to your GPU and tells it where to draw it, and the GPU decrypts it and displays it there. It's not a policy decision on the Recall side, it's just how computers work.

GottaLaff, 5 days ago to random

AT&T outage: Service down for customers across the US

https://cnn.it/3V1U5vW

thomasfuchs, 5 days ago to random

What a photo

Deep Impact

grmpyprogrammer, 5 days ago to random

I have been finding I enjoy the meetings I have with other developers who are at the same level as I am — it allows me to see what other teams are doing and see if they have solutions to problems I come across because it does help if the org as a whole decides on the same approaches.

campuscodi, 5 days ago to random

From this report: https://mastodon.social/@ravirockks@infosec.exchange/112555805013166419

"Including any given PHP library has a greater than 50% chance of bringing a security flaw along with it."

kek 😆

sarah, 5 days ago to random

Do you include built-in functions in your namespace “use” declarations or not? Why or why not?

aardrian, 5 days ago to accessibility

I am not the only one to say this:

Please remember that WCAG itself is the bare minimum of #accessibility. Conforming to WCAG does not guarantee something is accessible. It does not even guarantee something is usable. All WCAG does is provide you with a starting point. Lots of WCAG failures suggest the page has not even made it to the starting line.

Which I say at the end of this post comparing free automated WCAG testing with manual testing:
https://adrianroselli.com/2023/01/comparing-manual-and-free-automated-wcag-reviews.html#Takeaways

#a11y

karlgroves, 5 days ago to random

Exactly 2 weeks left before the end of our crowdfunding campaign for Eventably. If you're thinking of contributing, now's the time!

https://www.indiegogo.com/projects/eventably

stephanie, 6 days ago to random

@WTL I didn't know the numbers, but I think it makes sense to continue with the Loblaws boycott:

Edit for clarity: we were chatting about rotating boycotts, not giving up :)

"The largest one, Loblaws, and its affiliate stores, control about 42% of the retail grocery market in Canada.

Loblaws controls 42%, and, by comparison, the largest grocery retailer in the United States controls about 11%. "
-Peter Julian

jmichaelward, 6 days ago to random

Confirmed: if you leave music equipment in your car and accidentally leave a door open, that gear will be stolen.

njr, 6 days ago to random

If you use Git, no matter how expert you are, you should probably buy (or download, if it’s too expensive) @b0rk ‘s amazing zine about git.

I bought it mostly to support Julia, thinking it probably wouldn’t help me, but I was wrong: I learned tons.

What’s really great about the way Julia approaches git it is that she goes kind-of bottom up, looking at actual files to explain how git works. And it’s super clarifying.

Just buy it!

From: @b0rk
https://social.jvns.ca/@b0rk/112552672907642693

paigerduty, 6 days ago to random

would love to see a day of lightning talks where devs discuss the first time they operated some piece of technology

would love if it was cowgirl themed and titled "This IS My First Rodeo"

x00001, 6 days ago to random

The data obtained by 404 Media includes privacy and security issues that Google's own employees reported internally. These include issues with Google's own products or data collection practices; vulnerabilities in third party vendors that Google uses; or mistakes made by Google staff, contractors, or other people that have impacted Google systems or data. The incidents include everything from a single errant email containing some PII, through to substantial leaks of data, right up to impending raids on Google offices. When reporting an incident, employees give the incident a priority rating, P0 being the highest, P1 being a step below that. The database contains thousands of reports over the course of six years, from 2013 to 2018. In one 2016 case, a Google employee reported that Google Street View's systems were transcribing and storing license plate numbers from photos. They explained that Google uses an algorithm to detect text in Street View imagery.

Google Leak Reveals Thousands of Privacy Incidents: https://www.404media.co/google-leak-reveals-thousands-of-privacy-incidents/

sarahjamielewis, 6 days ago to random

For all the discussion of "prompt engineering" and "finetuning", I think the most interesting biasing structure for modern AI that has flown somewhat under the mainstream discussion is the ability to directly constrain the output space through e.g. grammars for llms and control nets for image generation.

It's weird to see people deploy the raw output of large scale generative statistical models when there are pretty powerful tools just sitting there that allow more finegrained application.

rbreich, 7 days ago to random

Why are multimillionaires and billionaires like Peter Thiel, Rupert Murdoch, Travis Kalanick, Steven Mnuchin, and others are rallying behind Trump?

Yes, the tax cuts. But there's more.

The more Trump tears down democracy, the safer the oligarchy becomes.

JenMsft, 9 days ago to random

How to fall down the stairs:

Step 1:
Step 2:
Step 4:
Step 10:
Step 18:

GossiTheDog, 9 days ago to random

Very big cyber incident playing out at Snowflake, who describe themselves as “AI Data Cloud”. They have a free trial where anybody can sign up and upload data… and they have.

Threat actors have been scraping customer data using a tool called rapeflake, for about a month.

kcarruthers, 9 days ago to random

Every single organisation should now be working out how to mitigate their data risk and taking active steps to minimise their data holdings. https://eigenmagic.net/@daedalus/112538960682208544

zackwhittaker, 9 days ago to random

BREAKING: Live Nation has confirmed Ticketmaster was hacked. The company says personal information was stolen, though has yet to say who (likely customers).

A cybercriminal claims to be selling 560 million customer records on a known cybercrime forum.

More: https://techcrunch.com/2024/05/31/live-nation-confirms-ticketmaster-was-hacked-says-personal-information-stolen-in-data-breach/