digging through old emails in a database, wtf was this???
On Sun, Jul 12, 2015 at 12:10 PM, feld <feld@redacted> wrote:
> Will I get to see Arnold's butt? It's been so long I can't remember!
>
Raise your hand if you remember people attaching their PGP private key to their email by accident
Wonder if the SGX that was storing the username <> phone number link died hahaha
RT: dragonscave.space/users/meneli…
Calling all #Signal experts. I'm getting this: "Something went wrong with your username, it’s no longer assigned to your account. You can try and set it again or choose a new one." Tried setting from the phone and from the laptop (iOS and Windows respectively), no dice. What should I do now? @signalapp
@pertho @jae you read a lie, it has nothing to do with GnuPG. It uses a Rust implementation of PGP called rpgp which has been audited multiple times
github.com/rpgp/rpgp/blob/main…
rpgp/docs/SECURITY_STATUS.md at main · rpgp/rpgp
OpenPGP implemented in pure Rust, permissively licensed - rpgp/rpgpGitHub
@pertho openpgp.org/software/deltachat…
not sure how crusty or black you could make it. but the shxt just works. feld and i use it daily for over a year at this point.
@jae @pertho the thing that blows peoples minds is how FAST it is as a messenger. They just assume it's gotta be slow because it's email underneath and there will be greylisting and other anti-spam nonsense that will make it frustrating to use.
But this is more like how email worked before anyone did spam filtering at all: fast, direct. Messages delivered via modern internet in less than 1 second usually.
@pertho @jae I would recommend forgetting email exists here at all, install the app, click create account, write a username and bio if you want, and then you're done
you don't even need to know the email address or password involved. Your identity is your PGP key, not your email address, and soon the email addresses being used will begin rotating across a whole network of servers, you'll have multiple paths that you can be reached at, etc etc. And they'll be disposable identities.
how? if the servers involved can only send encrypted mails, we can allow accounts to be created on demand. Spammers can't use them because they won't have any victims to spam unless they can acquire not just the active email addresses of user accounts, but also their public keys... which they won't be able to do
@pertho @jae people you want to chat with on there will have to share their invite link as a URL or QR code (safe to do over insecure comms). Then you'll be able to add them as a contact.
it's so easy to setup, give it a shot. I have an account linked in my bio here if you want to test.
also you can have multiple accounts/identities unlike Signal. This gives you some flexibility for further controlling your opsec
Discussion avec un contrôleur ce soir sur un ter. Lui dit que le train c'est comme l'avion il faut prendre son billet a l'avance et que c'est normal qu'on ne puisse plus prendre son billet à bord sinon les gens frauderaient. Moi je lui dit que justement on prend le train parce qu'on ne veut pas d'une expérience comme l'avion on veut un moyen de transport du quotidien, flexible. Mais il n'en démord pas et préfère mettre des amendes que vendre ses billets. Triste état d'esprit que la #SNCF...
Literally me. 11 successful installations of Linux in my area so far, with zero complaints, and I will be doing a 12th soon.
#linux #operatingsystem #foss #opensource
Re: last boost (aus.social/@MattHatton/1153703…), it may be hyperbolic, but we all know there's a kernel of truth. Now, what are we software developers going to do about this fucked up situation? I don't know, except sometime I want to ship a whole non-trivial desktop app written entirely in Rust, and hope that I don't fuck up its startup time.
We sent people to the moon using little more than an abacus connected to a double-a battery.Now I need more computing power than was produced in the entire last 40 years to open one fucking page of text.
We have strayed so far from God's light.
Attempting to open a video project on the day job laptop.
I will see you in three to six business days.
The computer is showing the desktop. There are no other applications running.
The computer is using 8Gb of RAM.
We sent people to the moon using little more than an abacus connected to a double-a battery.
Now I need more computing power than was produced in the entire last 40 years to open one fucking page of text.
We have strayed so far from God's light.
This uber has a high-frequency, slightly modulated beeping signal coming along with the radio broadcast, and I think this violates the Geneva convention.
You know what's even worse? Trams with multiple blinkers, which are almost (but not quite) running at the same frequency.
@miki Obligatory Technology Connections video:
youtube.com/watch?v=2z5A-COlDP…
youtube.com/watch?v=2z5A-COlDP…
Why it's not possible to synchronize turn signals (but also absolutely is)
Use your blinkers.Links 'n StuffAging Wheels' video on my Figaro:https://www.youtube.com/watch?v=HE2dKZ492TAMy old turn signal video:https://youtu.be/O1lZ9n2...YouTube
"The mics are fine, it's my DSP that's broken"
Me describing my autism related central auditory processing disorder (CAPD) to other nerds.
If only Europe (and Canada) would legalise "jail breaking" devices. And put up some other provision in favour of consumers.
None of that industry it "protects" is Eropean (or Canadian)
I mean what are the US gonna do? Put tarriffs???
(not my idea)
This entry was edited (1 hour ago)
please! I beg of you, do it. Fuck American Companies over until they agree to stop being fascist bootlickers.
Hell, I'll write to your politicians!
!MESSAGE Missing requirement: Apache Directory Studio LDAP Browser Core 2.0.0.v20210717-M17 (org.apache.directory.studio.ldapbrowser.core 2.0.0.v20210717-M17) requires 'osgi.bundle; org.apache.directory.api.dsmlv2.parser 2.1.0' but it could not be found
okay but that's not helping
ahh ok now I'm getting somewhere...
Cannot complete the install because one or more required items could not be found.
Software being installed: Apache Directory LDAP API DSML Engine 2.1.0 (org.apache.directory.api.dsmlv2.engine 2.1.0)
Missing requirement: Apache ServiceMix :: Bundles :: dom4j 2.1.3.1 (org.apache.servicemix.bundles.dom4j 2.1.3.1) requires 'java.package;
javax.xml.stream [1.0.0,2.0.0)' but it could not be found
Cannot satisfy dependency:
From: Apache Directory LDAP API DSML Engine 2.1.0 (org.apache.directory.api.dsmlv2.engine 2.1.0)
To: java.package; org.dom4j 2.1.3
looks like javax.xml.stream is not available in the classpath in openjdk21 as it was moved to some module or something, idk, this is java shit i never mess with
if I build Eclipse with an older version of Java it should work...
"Darth Vader MBA"
"I have revised the financial results. Pray I don't revise them again." *lightsaber buzzing*
The… cool people… at @thunderbird have released a new feature called "Account Hub". It works exactly with Outlook.com and Google Mail and crashes on any self-hosted mail server 🤦.
Do they even test their crap with independent systems? OIDC support being limited to Google and a handful others in code was one thing, but how does a feature that simply breaks all mail accounts but GAFAM make it into a release?
@nik@toot.techkids.org We're sorry Account Hub isn't quite there yet with servers that might need manual configuration. We're actually taking it out of ESR until we can get it right in the Beta and Release channels. You can follow the meta bug report here (bugzilla.mozilla.org/show_bug.…). And while we know it's our responsibility to test and get this right, everyone who helps test their setup helps our team do that!
1853056 - (tb-account-hub-email) [meta] Implement Email Setup for Account Hub Upgrades
NEW (vineet) in Thunderbird - Account Manager. Last updated 2025-10-14.bugzilla.mozilla.org
NPR’s Tom Bowman today is handing in the Pentagon press pass he has held for 28 years. npr.org/2025/10/14/g-s1-93297/…
"Starting in December 2024, the researchers began contacting the affected telecoms. T-Mobile responded by encrypting its satellite transmissions within weeks, but responses from other cell carriers were mixed."
Everything is cool and normal.
sorta surprised T-Mobile fixed this so quickly, but then again they were also the one to resist handing data over to the NSA years ago (unsure if that ever changed)
Ich bin froh, dass dieser Frau der #Friedensnobelpreis zuerkannt worden ist. Sie kämpft seit Jahren für die Demokratie in ihrem Land. Sie bringt sich täglich in Gefahr. Ich bin auch froh, dass ihn der Mann nicht erhalten hat, der nun einmal getan hat, was vom Präsidenten einer Weltmacht verlangt werden kann.
mdr.de/nachrichten/welt/panora…
mdr.de/nachrichten/welt/panora…
Trump geht leer aus: Maria Corina Machado erhält Friedensnobelpreis
Die venezuelanische Oppositionspolitikerin Maria Corina Machado erhält den Friedensnobelpreis. Das teilte das norwegische Nobelkomitee am Freitag in Oslo mit.MDR AKTUELL (MDR)
Discover how technology is revolutionizing the lives of people who are blind. From smartphones to navigation apps, innovation is breaking barriers and fostering independence! Read more here: wix.to/bhBtMAL #TechForGood #Inclusion #WorldBlindnessAwareness
ALT TEXT: person holding a cellphone
ALT TEXT: person holding a cellphone
News alert affecting blind people: Most federal employees within the Office of Special Education and Rehabilitative Services received Reduction in Force notices last Friday.
If not reversed, this action will be detrimental for blind students, adults, and entrepreneurs.
We call upon the Department of Education to immediately rescind this reduction in force.
Read our full press release at: buff.ly/NbJ1mIj
I yet have to see a web page that has no errors in the Javascript console. LOL
CNN - Major US airports refusing to play a “public service announcement” from DHS Security Noem at security checkpoints in which she blames Democrats for the federal government shutdown. cnn.com/2025/10/13/us/kristi-n…
Enshittification is a word.
Sabem porque é que eu vos digo para usarem ferramentas AI em grande volume desde que não paguem nem um chavo às empresas de AI?
Porque a AI é uma bolha. Como qualquer bolha, quando rebentar vai ter efeitos na economia real. Mas quando mais depressa rebentar, menos efeitos terá. Se rebentar antes dos idiotas meterem AI em tudo será muito menos destrutiva do que rebentando depois.
Portanto, façamo-la rebentar depressa. Usem AI todos os dias. Não lhes deem um tostão furado.
This entry was edited (7 hours ago)
@ragb Esses usecases não vão desaparecer, mas duvido que sejam suficientes para pagar a batelada de massa que aquilo custa, mesmo depois da bolha rebentar e tudo voltar a um nível mais sustentável.
Pois, é isso. Os modelos locais e que conseguem correr em hardware “acessivel” ainda só são giros para rir…ja para nao falar no treino..
was just chatting with a former student about how much interesting compiler work never gets written up, and of course other work is written up and then forgotten.
on that topic, was there ever a good overview or retrospective for Microsoft's Phoenix compiler? and does anyone have an educated guess as to how many engineer-years they put into it?
@brouhaha @monospace @goosey @alexr @foone
The R1000 is deeply interesting for more reasons than you can imagine, but what impresses most people is this:
Imagine you maintain a library in some corner of $ReallyBigAndImportantProject and one of your exported functions has a parameter which defaults to 3.
Now you want to change the default to 4.
Who do you call ?
On the R1000, you change the 3 to 4 and when you try to commit that change, it will tell you /precisely/ which other code modules would be /semantically/ affected by that change, and ask you what to do about that.
Only calls which do not explicitly specify that parameter will be on the list.
When we demo that for modern developers, some of them get upset that was possible in 1980 but they can't do it today.
idk what to say other than these dudes look exactly how I expected
TIL that Apple made $800M on the sale of their $2.5M investment in ARM in the 90s. They had made the investment for the Newton.
Right! I now have a copy of Eloquence that works on the 64-bit alphas of #NVDA, with the following issues: say all on the web doesn't work (it stops whenever the type of element changes for reasons I don't understand), and dialect switching doesn't work (but it doesn't crash everything anymore). If you want to play, you need to follow the build instructions; I only understand about a quarter of this code and have no intention of actually releasing things that are still broken: github.com/fastfinge/eloquence_64/
GitHub - fastfinge/eloquence_64: Eloquence synthesizer NVDA add-on compatible with 64-bit versions of NVDA
Eloquence synthesizer NVDA add-on compatible with 64-bit versions of NVDA - fastfinge/eloquence_64GitHub
Salut Mastodon.
Ma mère, vivant à Paris, accueille un réfugié tibétain chez elle. Ça arrange bien tout le monde, mais ce qui l'arrangerait encore plus lui, c'est de trouver un boulot à Paris ou en banlieue, en journée. Il comprend bien le français mais le parle encore difficilement. En revanche anglais fluent. Il aimerait bien trouver dans la restauration mais pour l'instant tout travail serait le bienvenu. Si jamais tu as ça...et sinon repouet apprécié.
Ma mère, vivant à Paris, accueille un réfugié tibétain chez elle. Ça arrange bien tout le monde, mais ce qui l'arrangerait encore plus lui, c'est de trouver un boulot à Paris ou en banlieue, en journée. Il comprend bien le français mais le parle encore difficilement. En revanche anglais fluent. Il aimerait bien trouver dans la restauration mais pour l'instant tout travail serait le bienvenu. Si jamais tu as ça...et sinon repouet apprécié.
ráno nám přišla fotka ďalšieho neplatiča čo sa naje a nezaplatí, tak pre seba si hovorím to je už asi štvrtá za posledné dva mesiace a dnes vreckári okradli hostí.. ach jo
If you're curious whether an account is an impersonation or not, one way to check is viewing the profile. If any of the profile fields includes a website or similar, and it says something to the effect of: "Ownership of this link was checked on Sep 24, 2025, 04:24 PM", that means there's a link back from that website to that Mastodon account, meaning that in theory, that person has control of both the Mastodon account and the website being linked. If it does not say this, then there is no link between the website and the Mastodon account. You can see this on my profile as an example.
Of course you have to make sure that the website is also one that belongs to the person in question, and they have to have linked it. For example, if the URL says something like iamtalon.fakewebsite.com then that's probably not me.
It's not a bullet proof system, but it is definitely a tool available to check.
Some clients might also display this. Enafore displays it, it says "Verified" under the website link in the profile fields. I'm not sure about other clients, though the website of the instance will show it as well as quoted above.
Of course you have to make sure that the website is also one that belongs to the person in question, and they have to have linked it. For example, if the URL says something like iamtalon.fakewebsite.com then that's probably not me.
It's not a bullet proof system, but it is definitely a tool available to check.
Some clients might also display this. Enafore displays it, it says "Verified" under the website link in the profile fields. I'm not sure about other clients, though the website of the instance will show it as well as quoted above.
This entry was edited (3 hours ago)
It's weird how critical personal data got stolen soon after age verification became a thing, and now neither company wants to accept responsibility for the hack. It's almost like, if the government is so desperate to force users to verify their ages, then the government should implement a way to do that. Want to verify someone can drive a car? Government system. Check that someone lives at their address? Government system. Taxes? Government. But verify someone's age? Nothing!
@jscholes I've heard of that effort. I don't know enough about it to land on one side or the other for the UK. This is the same UK that keeps demanding backdoor access to encrypted Apple user data,, so I don't know if I trust their IT expertise, but digital IDs sure makes a lot of sense to me.
@jscholes The UK and US are the only two countries with "ID allergy."
In the rest of Europe (and the rest of the world)., it is obvious that every citizen has an ID card, (which is distinct from any other document which could potentially be used for identification, like a passport or driver's license).
Even Germany, which is famously stubborn about things like these (they don't have a single citizen identification number for example) has ID cards.
@jscholes To be fair, not all of those IDs are digital, and integrating with digital IDs as a third party ranges from costly and difficult to illegal and impossible.
@FreakyFwoof @jscholes Not having an ID doesn't mean your data is safer, in fact, it's just the opposite.
Without an ID, it's much harder to prove who you are, so organizations that need to do so have to collect more data about you.
New, by me: If you're not using ad blockers, you should be! I wrote 2,000+ words on why you should use them and how to get started.
In this deep-dive blog, I explain why ad blockers are critical for your online security and privacy, what threats ad blockers can help defend against, and we'll look at some of the best ad blockers out there.
More: this.weekinsecurity.com/why-ad…
You can also sign up for my weekly cybersecurity newsletter, out Sundays: this.weekinsecurity.com/
Why ad blockers are a top security and privacy defense for everyone
Ad blockers can help defend against some of the top hacks, scams, and surveillance today. Here are some of the best ad blockers that you can use.Zack Whittaker (~this week in security~)
One advantage of using #AdGuardHome is that it provides statistics on the responsiveness of public DNS providers.
For me, #DNS4EU is by far the fastest (10 ms). Perhaps it's because of their geographical proximity, as they're also based in Czechia. The slowest has been #quad9 at 500 ms. I have no idea why.
I'm also glad to learn that DoH doesn't have a significant speed penalty. It's 12 ms versus 10 ms for DNS4EU. So you don't have to trade privacy for responsiveness.
What has been your experience with #DNS providers based in Europe? Do you have any recommendations? I'm interested in unfiltered DNS because I do the filtering in AdGuard Home.
@slamp You may also want to try dns0.eu/
For me it isn't as fast as DNS4EU, but it's run by a French non-profit, may be a different experience from there.
For me it isn't as fast as DNS4EU, but it's run by a French non-profit, may be a different experience from there.
The European public DNS that makes your Internet safer.
A free, sovereign and GDPR-compliant recursive DNS resolver with a strong focus on security to protect the citizens and organizations of the European Union.dns0.eu
I have excellent response times from quad9, and I recently learned that an anycast location is very close. DoH even seems to be quicker than plain DNS.
Today's forecast: train posting. 🧵
This entry was edited (6 hours ago)
I24: Hostage families urge Israel to freeze Hamas deal until 24 bodies returned saying “a nation that abandons its fallen abandons its destiny”
I24: Qatari media reports that Hamas to hand over additional bodies of deceased Israeli hostages tonight.
(Me: We will see if “additional” is all 24, I guess.)
Spoiler: It is not 24. It’s 4. Hamas is fucking around because it knows the world doesn’t care, and will only focus on the response. As usual.
This entry was edited (4 hours ago)
My company has recently stopped using GitLab and I think it's worth a quick discussion why, because I think these are largely addressible.
Firstly, their paid product for teams is very pricey. Where Github costs ~$4 per seat per month, GitLab charges $29 per month. Even if we assume some portion of that is due to Microsoft's economy of scale and exploitation of user code for things like AI training, that's 7.5x more expensive!
GitLab charges for things like API address, and even more (full price) if you want to do things like store secrets via API.
While the direct cost wasn't a lot, I didn't feel like being nickle and dimed, and the product was just not worth it.
I enjoyed the product, but the pricing wasn't 2x, or even 3x, but >7.x! I felt like I was being taken advantage of, so we left altogether!
This entry was edited (2 days ago)
ah, you are coming from the saas offering, not from self hosted gitlab enterprise.
That's something I never considered.
That's something I never considered.
feld
in reply to feld • • •holga
in reply to feld • • •feld likes this.
feld
in reply to holga • • •