Yellow Flag đ· @WPalant@infosec.exchange
- Website
- https://palant.info/
- https://twitter.com/WPalant
- Social me
- https://social.tchncs.de/@WPalant
Software developer and security researcher, browser extensions expert. He/him
Other Mastodon account for non-technical topics: https://social.tchncs.de/@WPalant
Joined Aug 2018
It also happens that the company has no idea what the job is. If you get this job, you might end up becoming the scapegoat and getting your self-confidence thoroughly destroyed.
So here is your reminder: the interview process is also for you to evaluate the company. Take care!
RT @Carnage4Life@twitter.com:
> Applying for jobs you donât meet all the qualifications for is a no brainer. Worst case youâre rejected on submission.
>
> ...
Note that I say âsemi-randomâ because I quickly realized that all the ~200kB images are political memes. The few >1MB images are less likely to be edited and more likely to be personal. But even here you have people making photos of their weapons or messages on computer screens.
I did some semi-random sampling of #Parler images as well and can confirm this. While I didnât count, almost all of it were political messages. Could it be that Parler wasnât a social but rather a propaganda network?
I did see two cats thoughâŠ
RT @silascutler@twitter.com:
> 4) (est) +80% of images contain political or religious themes
>
> -----
>
> What strikes me as particularly odd is the ... lack of personal content? Very few pictures of people and/or their families.
I wonder how that will turn out. Few open source enthusiasts havenât heard of the Mozilla layoffs last year. And most should realize that Common Voice is a non-essential project, likely to disappear next. So Mozilla might experience severe âpipeline issuesâ now.
RT @msurman@twitter.com:
> Mozilla is hiring for a Common Voice Community Manger. This is a great role and exciting project, growing a global community creating more inclusive and democratic voice AI.
For reference: a simple reboot solved this problem it seems. I meant to run fsck on boot but it doesnât look like I succeeded. And that problematic file is simply gone.
Looks like I found my first case of file system corruption on Linux in a very long time. File is visible in the directory listing but attempts to open or remove it result in âNo such file or directory.â And this isnât a permissions issue either.
Server upgrade time: Alpine 3.13 is out. While at it, I restricted SMTP port 25 even further: messages originating from a local domain no longer accepted here. Should get rid of the âlook, I sent a mail from your mail accountâ scams.
If somebody is interested, here is a lengthy thread detailing their technical incompetence. I mean, supposedly it wasnât a hobby website. https://twitter.com/sarahmei/status/1348466213987315712
Iâm not actively tracking the Parler story, but what I hear amazes me more and more. So they spent $300k on hosting per month (!) but couldnât hire a decent developer? Could it be that their CTO was of those guys who cannot accept anybody more competent than themselves?
Just realized that the Twitter server responds with â400 Bad Requestâ here. Thatâs IMHO a very unconventional way of saying: âYour request is fine but I donât like the client you are using.â
Iâve looked through the available info and everything adds up. Yes, it seems that activists managed to archive at least 30TB of #Parler data. Itâs now safe to use the past tense when speaking about Parler. Even ignoring the technical difficulties, there is no coming back from that.
I must say, for a âfree speechâ platform Parler had quite a lot of moderators (note: thatâs not a full list). Maybe it wasnât âfree speechâ after all but âonly speech we likeâ? https://gist.github.com/d0nk/ef4e58645d3250851491e4550cb16e29
This means: all messages and videos have been downloaded in a crowdsourced fashion, via publicly available Docker images. Even presumably deleted messages were still in the database. And peopleâs driver license images that they used to get the âVerified Citizenâ status.
This gets even bigger. If https://www.reddit.com/r/ParlerWatch/comments/kuqvs3/all_parler_user_data_is_being_downloaded_as_we/giu04o6/ is legit (and so far everything matches up), Twilio dropping Parler made them implement a work-around that left accounts wide open for takeover. Like: admin accounts. So people have been using that to scrape all âprivateâ data.
Hi #Twitter, this âbrowserâ is the current Thunderbird release, a mail and RSS client. Its capabilities are no different from Firefox 78. How about you detect Gecko rather than detecting Firefox?
Better yet, do feature detection instead of UA sniffing: https://developer.mozilla.org/en-US/docs/Web/HTTP/Browser_detection_using_the_user_agent
The story is developing, now itâs not merely AWS. Parler lost Twilio who they used to implement 2FA, theyâve been dropped by their email provider and pretty much all other third-party providers. As @sarahmei@twitter.com points out, this will be major hurdle for them. https://twitter.com/sarahmei/status/1348367076616929281
Very nice explanation of Parler being kicked off Amazon Web Services and what this means now. AFACT, everything is correct. Parler promises to be back online by Tuesday but I also consider that highly unlikely.
Every now and then, #Ubuntu for some reason will stop removing old kernels automatically. These fill up the /boot partition then and cause trouble. Found a support article on that, it seems that no linux-* packages should be marked as manually installed. https://help.ubuntu.com/community/RemoveOldKernels#Manual_Maintenance
Somehow itâs easier to create an SVG icon myself than to figure out attribution for the existing ones in a browser extension. I am very grateful for #Ionicons that are available under a regular MIT license. Too bad they donât have everything I need.
- Website
- https://palant.info/
- https://twitter.com/WPalant
- Social me
- https://social.tchncs.de/@WPalant
Software developer and security researcher, browser extensions expert. He/him
Other Mastodon account for non-technical topics: https://social.tchncs.de/@WPalant
Joined Aug 2018
