Cloudflare making headlines again, probably not the way it would prefer. From @dangoodin at Ars:
A familiar debate is once again surrounding Cloudflare, the content delivery network that provides a free service that protects websites from being taken down in denial-of-service attacks by masking their hosts: Is Cloudflare a bastion of free speech or an enabler of spam, malware delivery, harassment and the very DDoS attacks it claims to block?
arstechnica.com/security/2024/…
Meanwhile, from Proofpoint:
Proofpoint is tracking a cluster of cybercriminal threat activity leveraging Cloudflare Tunnels to deliver malware. Specifically, the activity abuses the TryCloudflare feature that allows an attacker to create a one-time tunnel without creating an account. Tunnels are a way to remotely access data and resources that are not on the local network, like using a virtual private network (VPN) or secure shell (SSH) protocol.
First observed in February 2024, the cluster increased activity in May through July, with most campaigns leading to Xworm, a remote access trojan (RAT), in recent months.
Campaign message volumes range from hundreds to tens of thousands of messages impacting dozens to thousands of organizations globally. In addition to English, researchers observed French, Spanish, and German language lures. Xworm, AsyncRAT, and VenomRAT campaigns are often higher volume than campaigns delivering Remcos or GuLoader. Lure themes vary, but typically include business-relevant topics like invoices, document requests, package deliveries, and taxes.
proofpoint.com/us/blog/threat-…
Cloudflare once again comes under pressure for enabling abusive sites
Cloudflare masks the origin of roughly 10% of abusive domains, watchdog says.Ars Technica
I love this! Ask people to boost a post if they want to be "notified" of some special news, edit the post to send a notification. In this case @eniko even changed their profile display name so you don't even need to tap on the notification to know what's going on. 💜
Many of the features we take for granted today emerged first through creative use of the existing (limited) features of the platform (e.g. boosts were just "RT @originalaccount tweet" back in the days) and were picked up by platform developers when they become popular. This is how the userbase evolves a platform.
A quick accessibility review of the new Lenovo Tab Plus - Accessible Android
An 11.5 inch display, a lot of memory, the latest Android with 4 years of updates and speakers from JBL; the new Lenovo Tab Plus promises a lot of featuresSteffen Schultz (Accessible Android)
Steffen reshared this.
@khronos A post about them from @pitermach: Mame 0.268 came out yesterday, and it’s a really cool release for blind fans of vintage tech because it includes a fix by @datajake1999 to its emulation of the Dectalk PC Card. What this means is it’s now possible to emulate a self-contained talking IBM PC complete with an original synthesizer without having to resort to a windows only virtual serial port driver and separate apps like you have to with Dosbox. If you want to play with this there are already 2 packages that help with setup just like the community made for the Apple II a while back - one from Jake, which just includes a talking freeDOS installation and no other programs found here datajake.braillescreen.net/uti…
As well as one compiled by Daniel Nash that also includes a bunch of games, including some text only classics like Eamon Deluxe as well as the first audio games from PCS Games or Jim Kitchen found here
nashcentral.duckdns.org/projec…
The cool thing is even though both of these come with a Windows version of Mame this all works just as well on Mac or Linux, you just have to get the latest version of mame from homebrew or your package manager, then unzip either of these and take the startup command from the .bat file and paste it into the terminal.
Chuwi MiniBook X review: Small, inexpensive laptop with one niche use case xda-developers.com/chuwi-minib…
Intel N100, here we come with your crap performance. But for audiogaming and travel tasks to connect back to my home desktop, I suspect this will work
Chuwi MiniBook X review: Small, inexpensive laptop with one niche use case
The Chuwi MiniBook X is a small laptop with a surprisingly good keyboard. While the rest of the specs are pedestrian, it can work for remote writers.Ben Sin (XDA)
The climate crisis has bigger problems than AI
Deciding whether AI is “worth” the energy it consumes is a messy, complicated matter.Nilay Patel (The Verge)
reshared this
Samsung is putting Google's Wear OS support to shame
Three years of support isn't long enoughZachary Kew-Denniss (Android Police)
Seems like huge news: "Nasal COVID-19 vaccine halts transmission"
Study in hamsters indicates vaccines targeting nose, mouth may be key to controlling spread of respiratory infections
As Its CPU Scandal Deepens, Intel Plans to Cut Thousands of Jobs
The chipmaker is reportedly cutting jobs as it faces down a gloomy earnings report and a growing product scandal.Matthew Gault (Gizmodo)
Zvonimir Stanecic reshared this.
The first public working draft of the EBraille spec is available! It is primarily meant for organizations that develop software that will read or write eBraille files. eBraille uses an EPUB 3-compatible file set based on the Open Web Platform — using technologies such as XHTML and CSS — to encode braille in semantically enhanced markup and allow it to adapt to the different capabilities of braille reading devices. The file set is designed for both packaged distribution to end users and deployment to the web for online and downloadable reading.
daisy.github.io/ebraille/publi…
#accessibility #Braille #Blind #reading #books #EBraille
eBraille 1.0
This specification defines eBraille, a digital reading format for braille publications.daisy.github.io
Tamas G reshared this.
shop.puri.sm/shop/librem-5/
“Study Finds Consumers Are Actively Turned Off by Products That Use AI”
futurism.com/the-byte/study-co…
> When AI is mentioned, it tends to lower emotional trust, which in turn decreases purchase intentions
Like I've been saying, we don't need the term "slop". Consumers have decided that "AI" in its entirety is bullshit. And, honestly, they’re right.
Study Finds Consumers Are Actively Turned Off by Products That Use AI
Researchers have found that including the words "artificial intelligence" in product marketing is a major turn-off for consumers.Victor Tangermann (Futurism)
reshared this
"A Story About Jessica" by SwiftOnSecurity
The cybersecurity expert SwiftOnSecurity, a decade ago, wrote a parable called "A Story About Jessica" and posted it to their (now-deleted) Tumblr blog. I found it moving and insightful.Cogito, Ergo Sumana
We have an AMAZING lineup for The Matrix Conference!
🙌 A barcamp
🧑🏫 2 Core Conference Days
🗣️ 43 Speakers
Stay tuned for speaker highlights and check out the full schedule at 2024.matrix.org/schedule
Programme
The Matrix Conference is coming to Berlin, Germany on September 19–22, 2024.2024.matrix.org
litzdigital.com/blog/4-reasons…
#accessibility #a11y #webdesign #overlays
4 Reasons An Overlay Widget Will Not Solve Your Accessibility Woes – Litz Digital
With promises like “100% compliance now and in the future” it’d be hard not to consider the merits of these overlay widgets.Matt Litzinger (Litz Digital, LLC)
In Touch - Technology for Life; The First Blind Barbie - BBC Sounds
The world's first ever blind Barbie doll visits the In Touch studio.BBC
ONE. HOUR. LEFT
until our furry mario game with a queer love story, kitsune tails, releases on steam and itch!
steam: store.steampowered.com/app/132…
itch: eniko.itch.io/ (page isn't live yet)
#KitsuneTails #QueerGames #GameDev #PixelArt
Kitsune Tails on Steam
Run, jump, and dash across a land inspired by Japanese mythology and untangle the love triangle between three young women on a journey of self discovery.store.steampowered.com
We sat down with Troy Hunt from Have I Been Pwned to discuss how to maintain privacy and security despite the constant wave of data breaches. 🧑💻
Check it out here 👉 youtu.be/94WJbheo_T0
#privacy #security #databreach #passwords #encryption
Passwords, Data Breaches & Security with Troy Hunt from Have I Been Pwned | Tuta Talks #password
We sat down with Troy Hunt from Have I Been Pwned to discuss #passwords, data breaches, and what you can do to keep your personal information safe online.Wit...YouTube
We're thrilled to share details about our fellowship pilot program. Launching in Q4 2024, this new initiative aims to address a critical challenge in the open source ecosystem: supporting the dedicated individuals who keep our digital infrastructure running.
BrianKrebs
in reply to BrianKrebs • • •For what it's worth, I've always been confused by Cloudflare's official position on abuse, which is that they are not a hosting provider, but rather a pass-through, so it's not up to them to be arbiters of what's fine and not so fine.
But if you think about it, by that definition Cloudflare is the world's largest proxy network. Probably they don't use this term to describe their business because proxy providers are -- at least historically -- somewhat strongly associated with abuse.
Either way, if Cloudflare decides to stop proxying traffic for a particular customer, they are not being arbiters of free speech, as the CEO constantly claims. Because that customer's site will still be reachable. It simply won't enjoy the protection from DDoS attacks that Cloudflare offers for free.
Underneath all of these concerns, a lot of people in the security industry seem to believe that if Cloudflare were to somehow start clamping down on the rampant abuse of their services for cybercrime, then those bad actors will just move to someplace else where Western law enforcement and intelligence agencies have less visibility, like Russia's DDoS-Guard. That may be. But I say let's burn that bridge when we come to it.