Skip to main content

You know they have pianos anyone can play at some railway stations? At London Bridge they now have an actual pipe organ! And it sounds pretty good in the tunnel it is in. Who will discover the chord that will bring down the Shard?
in reply to victor tsaran

André Polykanine
André Polykanine
@vick21 I mean, one of my dreams is to play a real organ. I once touched the console, but that's it for me so far.
@victor tsaran
in reply to André Polykanine

Andrew Hodgson
Andrew Hodgson
@menelion @vick21 If you ever get to London Bridge that organ is very accessible. Just start by playing a piano piece, there will most likely be someone there to help you pull out appropriate stops.
@André Polykanine @victor tsaran

Started playing tennis again after 20 years. I forgot how fun it is

Apple moving drivers away from kernel space to user space on macOS suddenly makes sense. #macOS
#MACOS

In an unexpected turn of events, a sensible take on #Crowdstrike from the Orange Site.

Source: news.ycombinator.com/item?id=4…

Screenshot of a Hacker News comment. Text follows: So CrowdStrike is deployed as third party software into the critical path of mission critical systems and then left to update itself. It's easy to blame CrowdStrike but that seems too easy on both the orgs that do this but also the upstream forces that compel them to do it. My org which does mission critical healthcare just deployed ZScaler on every computer which is now in the critical path of every computer starting up and then in the critical path of every network connection the computer makes. The risk of ZScaler being a central point of failure is not considered. But - the risk of failing the compliance checkbox it satisfies is paramount. All over the place I'm seeing checkbox compliance being prioritised above actual real risks from how the compliance is implemented. Orgs are doing this because they are more scared of failing an audit than they are of the consequences failure of the underlying systems the audits are supposed to be protecting. So we need to hold regulatory bodies accountable as well - when they frame regulation such that organisations are cornered into this they get to be part of the culpability here too.

So CrowdStrike is deployed as third party software into the critical path of mis... | Hacker News

news.ycombinator.com
#crowdstrike
This entry was edited (2 months ago)

reshared this

Пішла з життя мовознавиця Ірина Фаріон
#новини #uazmi
Детальніше тут 👇
uazmi.org/news/post/a9f4063d7e…
Пішла з життя мовознавиця Ірина Фаріон

Пішла з життя мовознавиця Ірина Фаріон

Увечері 19 липня невідомий здійснив замах на мовознавицю Ірину Фаріон. Стало відомо, що громадська діячка померла в лікарні. Медики боролися за її життя до останнього.
UAZMI
#новини #uazmi

My husband just misquoted Star Wars. Do I keep him, or throw the whole man away?
in reply to Tammy Garrison

David Goldfield
David Goldfield
You could say, "you're not the husband I'm looking for" and see if he gets it ...

THe CrowdStrike issues wouldn't have happened if they had good telemetry.

QA and testing practices might or might not have prevented this, but a staged rollout process and good telemetry would have for sure.

They should have rolled their updates out to a small subset of machine, where some of them would send a simple "I still work and haven't crashed recently" message after a while. No personal data necessary, just simple, anonymous, aggregated statistics.

WHen the number of "I haven't crashed" messages was below normal levels and the number of "I have crashed" messages was significantly higher, an automatic system would have stopped the rollout, paged an engineer and rolled the update back.

If you scream on social media about "bad telemetry" ever again, you're making a repeat of this issue more likely.

Our final presentation of #GUADEC2024 Day 1 is Keynote Speaker Ryan Sipes. Catch his talk “Thunderbird, the Death and Rebirth of an OSS Project” in Track 1!
events.gnome.org/event/209/pag…
Keynote Speaker Ryan Sipes: Thunderbird, the Death and Rebirth of an OSS Project
#guadec2024
in reply to GNOME

Brage Fuglseth
Brage Fuglseth
He's here on Mastodon as @ryanleesipes! Excellent talk, Ryan, I'm finding it very interesting 🙂
@Ryan Lee Sipes ⚡🦅
This entry was edited (2 months ago)

Mort de Toumani Diabaté, maître malien de la kora lemonde.fr/disparitions/articl…

Mort de Toumani Diabaté, maître malien de la kora

Toumani Diabaté, né en 1965 à Bamako, était issu d’une famille de griots, des gardiens des traditions et détenteurs d’histoire orale. Il était réputé pour son art de la kora.
Le Monde avec AFP (Le Monde)

Daniel's weekly report July 19, 2024

lists.haxx.se/pipermail/daniel…

vacation, merges, AVAILABILITY, CVE, top-10, website links

old paper with a curl symbol on it

[Daniel's week] July 19, 2024

lists.haxx.se

people look at me like i’m stupid when i tell them to not run AV software 🙃
in reply to Ariadne Conill 🐰:therian:

Ariadne Conill 🐰:therian:
Ariadne Conill 🐰:therian:
reactive security never works and just shoots you in the foot. every time. the world of unknown threats is innumerable, you need to design your systems around resilience against the unknown, rather than focusing on known threats.

Ryan's GUADEC keynote about Thunderbird's story of death and rebirth - and how its lessons can help your OSS project - starts in just under an hour at 21:45 UTC! Plenty of time to get a snack, find a comfy seat, and watch in person or online: youtube.com/live/jS7NzYqxH3o?f…

#Thunderbird #GUADEC #OpenSource

A small stage, recessed into the wall and bordered by ornate crown molding. A banner on stage has the logo and text for GUADEC 2024, and stands by an empty podium. A screen is rolled down behind the podium, and has a matching blue geometric background to the banner.

GUADEC 2024 – Day 1, track 1

GUADEC is the GNOME community’s largest conference, bringing together hundreds of users, contributors, community members, and enthusiastic supporters for a w...
YouTube
#opensource #thunderbird #GUADEC

#CrowdStrikepocalypse #crowdstrike
Today was not a security or cyber incident. Our customers remain fully protected
#crowdstrike #crowdstrikepocalypse

The CrowdStrike BSOD fiasco is extraordinary in its scale and scope; on Monday's Oxide and Friends, @ahl and I will be joined by security researcher and @LutaSecurity CEO @k8em0 to help us sort through the many layers of this mess. Join us, 5p Pacific!

discord.gg/QrcKGTTPrF?event=12…

Join the Oxide Computer Discord Server!

The Oxide Computer Company and friends; home of the Oxide and Friends podcast. | 3392 members
Discord
@Katie Moussouris (she/her)🥜👋🏼 @Adam Leventhal @Luta Security

A new issue of #ThisWeekInGNOME is now online!

#157 GUADEC 2024
thisweek.gnome.org/posts/2024/…

#GNOME #TWIG #GUADEC

Screenshot of Keypunch
Screenshot of Embellish
GUADEC Banner
Screenshot of Workbench

#157 GUADEC 2024 · This Week in GNOME

thisweek.gnome.org
#gnome #ThisWeekInGNOME #twig #GUADEC

reshared this

Maras. Google AI. Originál a úprava (v obráceném pořadí, samozřejmě).
This entry was edited (2 months ago)

Matthias sharing good news of gtk and HDR development at #guadec2024
#guadec2024

reshared this

What's going on with the computers, for those who don't care about computers generally:

A security company (Crowdstrike) pushed out a bad update that broke a huge number of Windows computers and will probably require a lot of painful work to fix. This has resulted in, among other things, airlines grounding flights, hospitals locked out of their systems, and Starbucks in-store ordering being broken.

Hey fellow #Linux users, despite the #CrowdStrike problem only affecting #Windows, this is not a windows problem.

This is an "automatic update that got forced onto everyone with insufficient testing while also having way too many permissions" problem.

If you think big corps wouldn't run something similar on Linux, I have a an NFT of a bridge to sell you.

#linux #Windows #crowdstrike
This entry was edited (2 months ago)

reshared this

in reply to xbezdick

Hubert Figuière
Hubert Figuière
@xbezdick @ljrk @ainmosni that was a Fedora silverbluenissir. And I’ll stop here I will not be nice.
@lj·rk @xbezdick

How to add a Google Gemini shortcut to your iPhone homescreen 9to5google.com/2024/07/19/goog…

How to add a Google Gemini shortcut to your iPhone homescreen

Google’s Gemini has been available on iPhone for months now, but it’s not super easy to access since it’s hidden...
Ben Schoon (9to5Google)

I posted this a few years ago on Twitter, but perhaps today is an opportune time to post again here:

Any sufficiently advanced "endpoint protection" software is indistinguishable from malware.

(Adding: Has the potential to cause global outages.)

Comparison table "Endpoint Protectino" vs "Malware"; both categories are checked for each: Stealth install without your consent Sniffs network traffic Logs keystrokes Uploads data to weird IP addresses Near impossible to uninstall Destabilizes system Crappy install scripts Increased Attack Surface

Alternative (computer) input devices?

Does anyone have any suggestions as to what a friend of mine could replace his #keyboard and #mouse with, please?

He's got quite bad neuropathy in both hands (fuck #chemo) and it's quite difficult for him to use either his keyboard or his mouse now.

Tagging for #disability but I don't know if that's appropriate. If you can think of anything more appropriate please let me know.

Please, please boost!

#Disability #keyboard #mouse #chemo

And Track 2 talks on the livestream here: youtube.com/live/vMf3cOtcPtI?f…
#GUADEC2024

GUADEC 2024 – Day 1, track 2

GUADEC is the GNOME community’s largest conference, bringing together hundreds of users, contributors, community members, and enthusiastic supporters for a w...
YouTube
#guadec2024

Canyon uvedl na trh nový Aeroad. Zajímavý vylepšený kokpit. Cena už tolik ne, Canyon už nepatří mezi výhodné nákupy, navíc prodává jen on-line a prakticky nemá lokální servisy. Aeroad je při stejné sadě (např. SRAM Force AXS) dražší než SuperSix (pravda, má powermeter a jako obutí Pirelli P Zero, ale zase nemá v ceně držák computeru).
canyon.com/cs-cz/silni%C4%8Dni…

Aeroad

Objevte kolekci silničních kol Canyon Aeroad - navrženou pro maximální aerodynamiku a rychlost. Vyberte si výkon a styl, který vám umožní posunout své hranice dál.
Canyon

GUADEC Day 1 will be back from the break soon. Catch Track 1 talks in 20 mins on the livestream here: youtube.com/live/jS7NzYqxH3o?f…
#GUADEC 2024

GUADEC 2024 – Day 1, track 1

GUADEC is the GNOME community’s largest conference, bringing together hundreds of users, contributors, community members, and enthusiastic supporters for a w...
YouTube
#GUADEC

A #crowdstrike update can travel halfway around the world while an APT is putting on its shoes
#crowdstrike

Does anyone have a well sourced ballpark estimate for how many computers are affected by this CrowdStrike issue?
in reply to Chris 🌱 :verified_purple:

Lorenz
Lorenz
Also how much electronic trash this produces. I bet thousands of devices aren't economically fixable...

My favorite part of CrowdStrike’s “statement” about the damage they’ve caused is that there is still a free trial signup thing at the bottom of the blog post. I’ve rarely seen a company so bad at reading the room. Never change, CrowdStrike, never change! crowdstrike.com/blog/statement…

Statement on Falcon Content Update for Windows Hosts - crowdstrike.com

CrowdStrike

#AndroidAppRain at apt.izzysoft.de/fdroid today with 9 updated and 1 added apps:

* QuizFlow: create, and study word lists with interactive flashcards and modes

Enjoy your #free #Android #apps with the #IzzyOnDroid repo :awesome:


IzzyOnDroid F-Droid Repository

This is a repository of apps to be used with F-Droid. Applications in this repository are official binaries built by the original application developers, taken from their resp. repositories (mostly Github, GitLab, Codeberg).
IzzyOnDroid App Repo
#android #free #apps #AndroidAppRain #izzyondroid

Hoy estamos de aniversario en esta casa. Hace 3 años nos mudamos con @kastwey a Irlanda. La mejor decisión de mi vida, tanto en lo personal como en lo familiar.💚☘️
@Juanjo
in reply to modulux

Núria🦔🌵
Núria🦔🌵
@modulux @quetzatl Juan ya lo sabe que a mí me gusta el clima irlandés, por raro que aún pueda sonar.
@Juan CBS @modulux
in reply to Núria🦔🌵

modulux
modulux
Si por mi fuera, me gustaría vivir en Singapur. 27 grados todo el año.

Weird Al Yankovic just released a new music video!

youtu.be/y0ZoX4dBvwk


"Weird Al" Yankovic - Polkamania! (Official Music Video)

Single available at:Apple Music: https://itunes.apple.com/album/id/1753408289Amazon Music: http://amazon.com/dp/B0D7RQGLBS…and everywhere else digital music ...
YouTube

Megabridges, Synapse cleaning, and a retreat. That and much more happened This Week In Matrix!

matrix.org/blog/2024/07/19/thi…


This Week in Matrix 2024-07-19

Matrix, the open protocol for secure decentralised communications
Thib (matrix.org)

Make no mistake, if an outage similar to Crowdstrike would have been caused by OpenSource, there would be calls across the entire industry and at the government level to ban OpenSource from critical systems. But since it was caused by billion-dollar publicly-traded companies, nothing to see here, move-on.

#CrowdStrike #Linux #OpenSource #Outage #Microsoft

#linux #opensource #microsoft #crowdstrike #outage
in reply to cslinuxboy

Mike Gifford
Mike Gifford
well the Heartbleed bug probably did have folks call for that. It would be ridiculous though given how much open source is used in proprietary tools.

You may know Allyant (which I pronounce “alley ant”) is the combined form of CommonLook, TBase, and Accessible360.

You may also now Allyable (which I pronounce “snake oil”) is an #overlay vendor.

Apparently Allyable (overlay) was spamming folks on the #DisabilityIN conference app. This resulted in folks regularly visiting the Allyant (combined company) booth thinking it was Allyable (overlay).

#accessibilty #a11y
There are lessons here.

#a11y #accessibilty #overlay #disabilityin

Illegal drug found in Diamond Shruumz candies linked to severe illnesses

New testing finds psilocin, related to psilocybin, in gummies purchased in 2023.

arstechnica.com/science/2024/0…

Illegal drug found in Diamond Shruumz candies linked to severe illnesses

Ars Technica

now seems like the perfect time to share my opinion that link shorteners are a bad idea. worse than nothing. just use a real url; you aren't paying by the character and no one's gonna go into their browser and type in a meaningless string of gibberish no matter how short you make it. all they accomplish is obfuscation and completely unnecessary failure modes. glad goo.gl is getting killed off tbh maybe it'll get people to stop doing this shit
in reply to sjolsen.cdda.wav

IzzyOnDroid ✅
IzzyOnDroid ✅

I'm rather surprised that people still use their services. and trust them. They must either have a rather short memory (Google Reader, anyone? Writely, Google Code?) – or be caught in the eternal loop with the "benefit of doubt"…

killedbygoogle.com/


Killed by Google

Killed by Google is the open source list of dead Google products, services, and devices. It serves as a tribute and memorial of beloved services and products killed by Google.
Killed by Google

První letošní kilíčko. 🤗💪🏼
#cyklovýlet
Na obrázku je hotel ve Františkových Lázních a pod ním statistiky jízdy, z aplikace Strava
#cyklovylet

Let's cut the bullshit and spell out a few things. The IT security industry is about as trustworthy as the food supplement and vitamin industry, but somehow they escaped the same reputation. Their products are overwhelmingly based on flawed ideas, and the quality of their software is exceptionally bad. And while not everyone will agree with the harshness of my words, I'll say this: Essentially everyone in IT security who knows anything in principle knows this.

reshared this

in reply to hanno

hanno
hanno
Their products are flawed not just because they're badly implemented - which they are - but because they are based on a stupid idea. The idea that you improve your IT security by adding more complexity. Doing the opposite is the right approach. But you can't sell that as a product. (You can still sell it, but it's not something you just plug into your network and get security magically.)
in reply to hanno

hanno
hanno
Honestly, if we could get that one basic message out, that if their IT security is based on more complexity, not less, that they're doing it wrong, maybe we could start putting crap companies like crowdstrike or citrix out of business.

Thank you, Carrie, for letting people know about the BT Speak on your Carrie on Accessibility YouTube channel.
youtube.com/shorts/1kkRhG1N6a8…

New Braille "Pocket" Computer? BT Speak Pro from Blazie Technologies

On this Accessibility and Assistive Technology (A&AT) News, CoA introduces a New Braille "Pocket" Computer, the BT Speak Pro by Blazie Technologies. It's run...
YouTube

So It's not always DNS after all.