Show more
Stick boosted

Prediction: within 5 years Google will have successfully turned the web into a closed platform, with DRM and spyware being ubiquitous and efforts to circumvent them becoming ineffective

Stick boosted
Stick boosted

ADS ADS ADS ADS ADS ADS

HI BUY PRODUCT CONSUME

AD AD AD AD AD AD AD

Hey welcome to our instructional video on CPR. Remember to smash that like and subscribe button! This video is sponsored by VPN SERVICE. Use promo code LIFESAVER to get 20% off the privelege of having all of your internet traffic sold to China.

Okay, so to perform CPR---

MIDROLL AD

CONSUME PRODUCT

AAAAAAAAAAAAH

Stick boosted

Holy shit

medium.com/@behdadesfahbod/if-

The maintainer of harfbuzz got fucking black bagged by Iran and they're threatening his friends and family

Stick boosted

Reminder that you should write software which brings joy to people, not anger

Especially avoid writing software that forces people into writing MORE software just to get rid of yours, like popup or ad blockers

Stick boosted

Being based in Switzerland or wherever else is NOT a panacea when it comes to privacy.

They're still vulnerable to hacking attempts (which CAN be state sponsored and have lots of resources!), zero-day vulnerabilities, illegal warrants and soapenas from the host country, regieme changes, and the company being sold.

Frankly, with correct end-to-end encryption you should be comfortable with the service provider storing everything and personally handing over the data to the NSA, MI6, and the North Korean government without ever fearing your privacy being compromised.

If you want your data to be private, NEVER GIVE IT TO A THIRD-PARTY WITHOUT ENCRYPTING IT FIRST.

THIS IS THE ONLY SOLUTION.

Stick boosted

Sigh. Imagine if you could get a technical manual for your kids...

If you haven't read this, here's what the US National Intelligence Council predicted in 2016. Pretty bleak and pretty much on-point so far. dni.gov/files/images/globalTre

"Time feels weird because we’re in a low-entropy experiential purgatory surrounded by a high-entropy black hole of social disorder unlike any in our lifetime." 

Stick boosted

Look, can we just cut it out with the constant attempts at SSH access across the entire IPv4 space? I'm trying to read my logs, and you aren't getting in.

"Of those 1.3 million packages, 1,700 depend directly on themselves, either perfectly circularly, or a different version of the same package. I have no explanation for that."

😆😂🤣😢🤯☠️

sambleckley.com/writing/npm.ht

Stick boosted
Stick boosted
Stick boosted

Questions to ask when evaluating an online service 

1. Are they open source to an extent that you're comfortable with? Do they ask you to run proprietary software on your devices? Is the code running on their servers open?

2. If they claim to be open source, do they use an OSI-approved or FSF-approved software license? If not, they're misleading you.

3. Is your personal data handled by such proprietary software? Do you ever transmit your personal data to their servers? Even if open source, they would be able to read and use this data however they wish and you wouldn't be able to tell - do you trust them to? What if they're compelled by law enforcement?

4. Do the needs justify the personal data they are collecting about you? If not, why are they collecting it?

5. If they claim to use encryption for the data which is transmitted to their server - question whether or not it's really private. Do they ever handle the unencrypted data? For example, if an email service claims to encrypt incoming emails, they have an opportunity to read the unencrypted email before they store it. Do they disclose these "gotcha"s, or do they make clear the limitations of their encryption? Is any encrypted information decrypted by software they control, like their web application, or a desktop application which is automatically updated without your consent? If so, they could decrypt it on your computer and transmit the decrypted data back to their servers.

6. Are they responsible for any scarce resources, like an email address, phone number, and so on, which you wouldn't be able to take with you if you leave? Are there ways to provide the same functionality without scarcity, such as the use of your own domain? If so, why aren't they offering them? How important are these resources to your identity, will your friends be able to find you if you choose to stop using the service?

7. How do they make money? What is their motivation for providing services to you? If their circumstances change, will their values change? How likely is change?

Periodic reminder that climate change isn't primarily due to small, individual choices. It's the large-scale, systematic choices of our society.

Also, you should support nuclear power.

grist.org/climate/the-world-is

Stick boosted

"A terrible command name is a curse, but a great command name has a poetic elegance."

"The Poetics of CLI Command Names"

smallstep.com/blog/the-poetics

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.