Stick boosted

Look, can we just cut it out with the constant attempts at SSH access across the entire IPv4 space? I'm trying to read my logs, and you aren't getting in.

"Of those 1.3 million packages, 1,700 depend directly on themselves, either perfectly circularly, or a different version of the same package. I have no explanation for that."


Stick boosted
Stick boosted
Stick boosted

Questions to ask when evaluating an online service 

1. Are they open source to an extent that you're comfortable with? Do they ask you to run proprietary software on your devices? Is the code running on their servers open?

2. If they claim to be open source, do they use an OSI-approved or FSF-approved software license? If not, they're misleading you.

3. Is your personal data handled by such proprietary software? Do you ever transmit your personal data to their servers? Even if open source, they would be able to read and use this data however they wish and you wouldn't be able to tell - do you trust them to? What if they're compelled by law enforcement?

4. Do the needs justify the personal data they are collecting about you? If not, why are they collecting it?

5. If they claim to use encryption for the data which is transmitted to their server - question whether or not it's really private. Do they ever handle the unencrypted data? For example, if an email service claims to encrypt incoming emails, they have an opportunity to read the unencrypted email before they store it. Do they disclose these "gotcha"s, or do they make clear the limitations of their encryption? Is any encrypted information decrypted by software they control, like their web application, or a desktop application which is automatically updated without your consent? If so, they could decrypt it on your computer and transmit the decrypted data back to their servers.

6. Are they responsible for any scarce resources, like an email address, phone number, and so on, which you wouldn't be able to take with you if you leave? Are there ways to provide the same functionality without scarcity, such as the use of your own domain? If so, why aren't they offering them? How important are these resources to your identity, will your friends be able to find you if you choose to stop using the service?

7. How do they make money? What is their motivation for providing services to you? If their circumstances change, will their values change? How likely is change?

Periodic reminder that climate change isn't primarily due to small, individual choices. It's the large-scale, systematic choices of our society.

Also, you should support nuclear power.

Stick boosted

"A terrible command name is a curse, but a great command name has a poetic elegance."

"The Poetics of CLI Command Names"

Watch "Police: Last Week Tonight with John Oliver (HBO)" on YouTube 

"The Dragon spacecraft also runs Linux with flight software written in C++. The ship's touchscreen interface is rendered using Chromium and JavaScript."

The Dragon interface is an Electron app? Thanks, I hate it.

Stick boosted
Stick boosted


Docker and Electron are the most hyped new technologies of the last five years. Both are not about improving things, figuring out complexity or reducing it. Both are just compromised attempts to hide accumulated complexity from developers because it became impossible to deal with.

This is exactly why I hate using Docker.

Stick boosted

Any police officer who quits in solidarity with a colleague who put an innocent person in the hospital is a police officer we're better off without.

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.