@nbering Although, as the linked article points out, Canadians are generally pretty good about not staying loyal to a single party, which is encouraging. Still something we need to guard against though

@nbering Perhaps an alternate democratic model is possible where people vote for policies directly instead of using candidates as proxies. But that has its own issues of course—referendums, for example, often prove rather dangerous (*cough* brexit *cough*)

The reality is that this (mostly false) narrative of polarization actually begets more polarization. We need to stop identifying as “liberals” or “conservatives” (or whatever other group) but recognize that we are complex individuals with multifaceted views. The more we can see this complexity in ourselves, the more we are able to recognize the same in others

This article gives me hope about the upcoming election in Canada and has lessons that can be applied regardless of where you live in the world

The TL;DR is that polarization in politics is—to a large degree—a lie. The (perhaps surprising) truth is that people on the opposite side of the aisle have more in common with you than you think. Even in the US, where everything has become a partisan issue, people overall agree on most issues


@ayo Fair enough. I can definitely see your point.

But I can’t help but wonder whether the manner in which they “forked” the project (they just removed mention of the original author) is a violation of the license terms

@ayo If you are a FOSS maintainer I guess you can’t prevent others from distributing the code. But are you yourself obligated to be the one to distribute it?

Regardless, I don’t think the author of those libraries had any illusions about his inability to prevent others from using them. His aim was likely just to cause some temporary disruption to draw attention the issue—a legitimate form of protest in my eyes

This story is nuts. Chef signed a $95k contract with ICE, did some shady shit to cover it up and when that didn’t work, published a blog post claiming they did nothing wrong


@nbering Awesome, I’m glad 😊

Some of it is just formalizing stuff I already kind of knew, but there are enough things that I haven’t had much exposure to that keep me interested. (Keep in mind that I don’t really have any infosec expertise and this my first attempt at any sort of formal training in this area.) I don’t think it will be a difficult exam, but the material covered is quite broad so there is a lot of reading and note taking that has to be done

@nbering Yeah, I don’t know how often that term is used in the industry. But hopefully now you have something you can Google. The exam doesn’t seem to go into any more detail than that, so I’m afraid I don’t have anything to point you to if you wanted more info

@nbering This is contrasted against mandatory access control (access granted based on a user’s security clearance level), role-based access control (access granted based on predefined roles to which the user is assigned), rule-based access control (rules describe the circumstances under which access is granted) and attribute-based access control (access is granted based on the attributes of the user and the attributes of the object).

@nbering I am in the process of studying for the Security+ certificate and they refer to it as “discretionary access control” (basically the owner of the object has full access and can grant access to other users at their discretion).

@kev Probably won't be doing that anytime soon then. 😂 Thanks for the information, though—its good to know what's out there

@kev 😬 Oh wow, I had heard they were expensive but didn't realize /that/ was the price tag. Wow.

@kev Maybe that's a good one for me to work on as the next step after S+, depending on how challenging it is. The SANS training seems to be highly regarded; would love to have the opportunity at some point to do one of their certs. One thing at a time, though 😆

Firefox is getting a new privacy protection report that shows you how much ick it has blocked over the last week. I /think/ it should ship as part of FF70 which comes out on 22 Oct. Also, it looks like the new logo is part of this release as well ✨

@kev Thanks! I've been meaning to do it for a long time and finally made it a priority

If you're going to make me lease a gateway/modem, don't give me a piece of shit

And also, at minimum, IT SHOULD NOT START ON FIRE

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.