mastodon - Link to source
I've been playing with Orpheus TTS (not the old screen reader synthesizer, a new one that claims to be natural). It's not for real-time use, but rather, you give it a chunk of text and it gives you a .wav file. It runs locally. It sounds okay, but Tara, the default voice, has what almost sounds like room noise. It's very odd. If you try it, remove wave>=0.0.2 from requirements.txt or you might get installation errors. github.com/isaiahbjork/orpheus…

GitHub - isaiahbjork/orpheus-tts-local: Run Orpheus 3B Locally With LM Studio

Run Orpheus 3B Locally With LM Studio. Contribute to isaiahbjork/orpheus-tts-local development by creating an account on GitHub.
GitHub

mastodon - Link to source

Our @panoramax -server is back online!

In other word, looking at our images and uploading new images is possible again.

Did you try to upload an image yesterday? Open the MapComplete website or app again, MapComplete will try to upload again without losing your image.

You can also see the 'image upload queue' in the menu; in case you'd want to abort uploading an image.

A big thanks to @thibaultmol for hosting our server and to the @panoramax for the assistance!

@Thibaultmol 🌈 @Panoramax

Pietervdvn reshared this.

in reply to Václav Pašek

mastodon - Link to source

Archos

Mně se povedlo dostat skoro celou rodinu na MXChat (Matrix) a WhatsApp mám už jen kvůli práci – máme ho přemostěný do Matrixu, takže mi všechny zprávy chodí tam.

Volání přes most nejde, ale aspoň mi přijde notifikace, že někdo volal → pak buď otevřu WhatsApp a zavolám zpět, nebo zavolám normálně.

Jediná nevýhoda: WhatsApp stejně musí být v telefonu. Most totiž používá webové rozhraní (WhatsApp Web / linked device), takže telefon musí být připojený k internetu, aby to fungovalo. WhatsApp appka nemusí být pořád otevřená – stačí ji jen občas spustit.

sharkey - Link to source

Extrem rechte Akteure und Organisationen verdrehen und missbrauchen #christliche #Narrative und versuchen ihren Einfluss auf die konfessionelle #Christenheit auszuweiten.

Eine wichtige #Doku von #Monitor:

wdrvod-rwrtr.akamaized.net/i/,…
#ZurFeierDesSonntags #FediKirche #ChristUndPolitik #Kirche

#monitor #fedikirche #doku #kirche #zurfeierdessonntags #christliche #narrative #christenheit #christundpolitik

mastodon - Link to source

I can’t even…

#RFKJr Blames Pills — Not #Guns — for #SchoolShootings

There is NO credible evidence that #antidepressants cause violence, but Kennedy now vows a “massive” effort to prove the failed theory.

#policy #law #Trump #ConspiracyTheories #disinformation #ChildEndangerment #PublicHealth #GunControl #GunLaws #Health #MentalHealth #science #medicine #USpol #SchoolShooting #MassShooting #GunViolence #EnoughIsEnough
motherjones.com/politics/2025/…


RFK Jr. blames pills—not guns—for school shootings

There is no credible evidence that antidepressants cause violence, but the health secretary now vows a “massive” effort to prove the failed theory.
Mother Jones
#Trump #law #disinformation #health #science #uspol #MentalHealth #policy #publichealth #guns #medicine #conspiracytheories #enoughisenough #rfkjr #schoolshootings #antidepressants #childendangerment #guncontrol #gunlaws #schoolshooting #massshooting #gunviolence
in reply to miki

mastodon - Link to source

miki

With that said, guns are a *necessary first step* that makes mass shootings possible, but there's more to them than just access to guns.

Whatever the trend is, even Europe isn't fully immune from it either, see e.g. the attacks in Berlin a few years ago where a person drove a truck into a large crowd of pedestrians. The tool is different, the effect is similar.

mastodon - Link to source

Does anyone have these things that they love and would recommend:

- Bluetooth speaker (portable)
Not smart. I don't need to ask it anything. Just something I can connect to that will make good music sounds in my house.

- CD player
Something modern that connects to the computer so again I can throw it out to speakers. Or something that connects direct to speakers?
But being able to rip CDs like the olden days would also be good.

Ta!
#recommendations #music #cd #speaker #elextronics #gadgets

#music #cd #gadgets #speaker #recommendations #elextronics
This entry was edited (2 days ago)

mastodon - Link to source

Vojtux - Accessible Linux distro which is almost pure Fedora

Vojtěch Polášek has put together a technical preview of a version of Fedora that should work well for blind or visually impaired users. While his goal is explicitly to see these improvements and changes become part of Fedora itself, for now you can use this implementation based on the Fedora MATE spin. :)

➡️ freelists.org/post/orca/Announ…

#Vojtux #Fedora #Accessibility #a11y #Linux #OpenSource

[orca] Announcing Vojtux - Accessible Linux distro which is almost pure Fedora - orca - FreeLists

[orca] Announcing Vojtux - Accessible Linux distro which is almost pure Fedora, orca at FreeLists
www.freelists.org
#a11y #Accessibility #linux #opensource #fedora #vojtux

reshared this

mastodon - Link to source

RE: fosstodon.org/@arcanechat/1157…

There’s a vulnerability in Signal. You are developing an alternative. Do you:

  • A: skim read the report, see it contains the phrase ‘phone number’, and shitpost about Signal, or
  • B: Analyse the attack and see if it could be adapted to your protocol, then post about how you either were already protected or have deployed a mitigation?

If you chose option A, please don’t expect to be able to convince me that you are serious about security.

ArcaneChat

2025-12-14 09:39:00

mastodon - Link to source

"Tool allows stealthy tracking of #Signal and #WhatsApp users through delivery receipts"

cyberinsider.com/tool-allows-s…

Another privacy vulnerability caused by the dependency on phone numbers.

In #ArcaneChat (and other #chatmail clients like #DeltaChat) you don't need a phone number (or any private data at all!) to register, so such attacks are simply impossible, keep your family safe, join arcanechat.me



Tool allows stealthy tracking of Signal and WhatsApp users through delivery receipts

A new tool named Device Activity Tracker exposes a privacy flaw in WhatsApp and Signal that lets attackers covertly monitor user activity.
Alex Lekander (CyberInsider)

in reply to David Chisnall (*Now with 50% more sarcasm!*)

mastodon - Link to source

ArcaneChat

replied here fosstodon.org/@arcanechat/1157…

ArcaneChat

2025-12-14 10:17:43

mastodon - Link to source

@david_chisnall by saying "requires phone numbers" I was implying that you can discover people by phone numbers since that is the case in 99% if not 100% of all apps that offer phone number registration, that you can disable this feature is meaningless if it is opt-out and most people will leave it like that, by saying ArcaneChat is immune to this I meant because you can't discover people like that, people must get in contact directly via QR or invite link

mastodon - Link to source

"Tool allows stealthy tracking of #Signal and #WhatsApp users through delivery receipts"

cyberinsider.com/tool-allows-s…

Another privacy vulnerability caused by the dependency on phone numbers.

In #ArcaneChat (and other #chatmail clients like #DeltaChat) you don't need a phone number (or any private data at all!) to register, so such attacks are simply impossible, keep your family safe, join arcanechat.me


Tool allows stealthy tracking of Signal and WhatsApp users through delivery receipts

A new tool named Device Activity Tracker exposes a privacy flaw in WhatsApp and Signal that lets attackers covertly monitor user activity.
Alex Lekander (CyberInsider)
#signal #whatsapp #deltachat #chatmail #arcanechat
in reply to ArcaneChat

mastodon - Link to source

David Chisnall (*Now with 50% more sarcasm!*)

When you post something about a vulnerability in another messenger and completely misrepresent it, in a way that implies that you don’t understand the cause of it at all, it gives me no confidence in your system.

The root cause is nothing to do with phone numbers. It depends on two things:

  • Being able to send messages to someone from some public identifier. Any messenger that doesn’t require an interactive flow for pairing devices (as some military systems do) has this feature.
  • Receiving read receipts from messages. Signal allows you to turn off read receipts if you are concerned about information leaks from them.

If you actually wanted to convince people your system was better you would:

  • Show that you don’t issue read receipts (which will put some people off because they are useful).
  • Show how you mitigate this kind of attack, by rate limiting this kind of message, adding jitter to responses, and so on.

Email-based flows tend to not be vulnerable to this kind of attack because they do most of the processing on the server, so you’d only be able to probe the server. But you wouldn’t bother because email has so little metadata protection that you don’t need to bother with an attack like this. From what I know of DeltaChat’s group chat protocol, I suspect there is a way of triggering a similar attack by sending broadcast invalid messages and timing the error response. If you really wanted to convince people that your system is better, you’d show a security analysis that explains why I’m wrong, rather than just say ‘I don’t understand this attacks but the researchers who published it didn’t bother trying to attack the protocol I use and so I’m sure it is secure!’ That is exactly the attitude to security that makes me distrust DeltaChat.

Oh and before anyone jumps in with anything about XMPP: this attack is completely trivial on XMPP. Send an invalid iq stanza to the client’s bare JID and time the response. And this is impossible to fix without redesigning the protocol because unknown iq stanzas must be forwarded to the client to enable future extension and clients must respond with errors.

in reply to David Chisnall (*Now with 50% more sarcasm!*)

mastodon - Link to source

ArcaneChat

@david_chisnall by saying "requires phone numbers" I was implying that you can discover people by phone numbers since that is the case in 99% if not 100% of all apps that offer phone number registration, that you can disable this feature is meaningless if it is opt-out and most people will leave it like that, by saying ArcaneChat is immune to this I meant because you can't discover people like that, people must get in contact directly via QR or invite link
@David Chisnall (*Now with 50% more sarcasm!*)
in reply to David Chisnall (*Now with 50% more sarcasm!*)

mastodon - Link to source

ArcaneChat

#DeltaChat is for private chatting, so you normally don't put your link anywhere publicly, you could create a dedicated profile for public interactions tho, which, unlike in signal, it is super easy to do and you can have as many as you want,

and notice the use case I am talking here is family chat, not business and public interactions, that is why I said "keep your family safe" I am talking about family chat solution here

#deltachat
This entry was edited (2 days ago)
in reply to ArcaneChat

mastodon - Link to source

David Chisnall (*Now with 50% more sarcasm!*)

#DeltaChat is for private chatting, so you normally don't put your link anywhere publicly, you could create a dedicated profile for public interactions tho, which, unlike in signal, it is super easy to do and you can have as many as you want,


Okay, so your use case for 'private chatting' excludes journalists publishing contact information for whistleblowers? It excludes union organisation? It excludes protest organisation?

I guess that's fine, but maybe don't claim to be operating in the same space as Signal then.

and notice the use case I am talking here is family chat, not business and public interactions, that is why I said "keep your family safe" I am talking about family chat solution here


Then you need to learn about the concept of an anonymity set. If you have one mechanism for talking to your family and another different one for talking to your union rep, it's really easy for a passive adversary to track when you suddenly start using a different mechanism for high-value conversations.

#deltachat
in reply to David Chisnall (*Now with 50% more sarcasm!*)

mastodon - Link to source

Delta Chat (39c3)

@david_chisnall
what kind of passive adversary are you talking about here? server, provider, global?

Identifying whether you are using this or that chat profile is not necessarily trivial, especially since the 2.33 releases which introduced multi-relay profiles. A single chat profile can jump between using different relays/hosts.

FWIW we share the recommendation of @arcanechat to split between a public profile (invite link published etc.) and private ones (no publishing).

@David Chisnall (*Now with 50% more sarcasm!*)
in reply to David Chisnall (*Now with 50% more sarcasm!*)

mastodon - Link to source

ArcaneChat

> Okay, so your use case for 'private chatting' excludes journalists publishing contact information for whistleblowers? It excludes union organisation? It excludes protest organisation?

> I guess that's fine, but maybe don't claim to be operating in the same space as Signal then.

the ArcaneChat slogan is "private chats for the family" I don't get why you jump angry into my thread to attack, I never said anything about "whistleblowers" whatsoever, please, calm down 😅

This entry was edited (2 days ago)
in reply to David Chisnall (*Now with 50% more sarcasm!*)

akkoma - Link to source

lizzie

@david_chisnall
Sorry for jumping in as a random person here, but I think I have some relevant points.
First of all, you admittedly both missed the mark about the cause of the security issue Arcane posted. Delivery receipts are separate from read receipts, and turning off read receipts in signal does not mitigate this issue.

Now as per Delta Chat's FAQ: delta.chat/en/help#what-do-the…
It should have the same issue. Delta Chat claims to send "delivery" receipts, but as far as I can tell, there is no UI indication for the sender when a client receives the message (I tested both mobile and desktop). So unless there is an email sent that doesn't result in any UI indicator for the sender, I think Delta Chat is safe from this particular privacy issue. If it is the case that Delta Chat identified this bad decision and fixed it, please also update your FAQ to match!

The rest of y'all's argument seems to hinge on aspects of how delta chat and arcane chat are marketed/presented, rather than the technical details, so I'm not interested. But what I *do* find really interesting is the idea that "private" and "secure" chat programs would ever send automatic responses without user action. To me, it seems painfully obvious that "features" like this just create an attack surface for probing. Look... I use Signal (as well as Delta Chat), and I like it, and I'm not going to stop using either anytime soon. But it was disappointing to learn about this anti-feature. It *is* a legitimate criticism of Signal that needs to be addressed.

Also, while this issue had nothing to do with phone numbers, I think the fact that Delta Chat does not require phone numbers, and allows the creation of more identities than one might even *have* phone numbers, is an enormous advantage compared to Signal for people who want to protect the privacy of their identity and not just the contents of their messages.


Delta Chat: FAQ

What is Delta Chat? Delta Chat is a reliable, decentralized and secure instant messaging app, available for mobile and desktop platforms. Instant creation of private chat profiles with secure and i...
delta.chat
@David Chisnall (*Now with 50% more sarcasm!*)
in reply to lizzie

mastodon - Link to source

ArcaneChat

@capitalthree ArcaneChat/DeltaChat doesn't have delivery receipts, only read receipts, the only automatic responses the app does in your behalf is to handle invite links, for that you first have to share invite link with the malicious contact, as side effect they also expose when they are online so if you go to your contact list and see them at the top with a green dot while not chatting with them often you can detect this, in thr future this might change

@david_chisnall

@David Chisnall (*Now with 50% more sarcasm!*) @lizzie
in reply to David Chisnall (*Now with 50% more sarcasm!*)

pleroma - Link to source

feld

@david_chisnall there is a clever scheme that I know one person does, which is that your public point of contact is an address that starts a conversation with a bot and the bot hands the user a private identity of yours to contact. Then you can have one public facing point of contact but you still gain private 1:1 identities. It's not very feasible for non-technical users but it could be improved
@David Chisnall (*Now with 50% more sarcasm!*)
in reply to David Chisnall (*Now with 50% more sarcasm!*)

mastodon - Link to source

ArcaneChat

@david_chisnall

> rather than just say ‘I don’t understand this attacks but the researchers who published it didn’t bother trying to attack the protocol I use and so I’m sure it is secure!’ That is exactly the attitude to security that makes me distrust DeltaChat.

I don't understand why do you seem so upset, #DeltaChat has received several REAL PROFESSIONAL INDEPENDENT security audits, all listed here: delta.chat/en/help#security-au…
can you provide a similar list of REAL sec. audits for Signal?


Delta Chat: FAQ

What is Delta Chat? Delta Chat is a reliable, decentralized and secure instant messaging app, available for mobile and desktop platforms. Instant creation of private chat profiles with secure and i...
delta.chat
#deltachat @David Chisnall (*Now with 50% more sarcasm!*)
in reply to ArcaneChat

mastodon - Link to source

David Chisnall (*Now with 50% more sarcasm!*)

I don't understand why do you seem so upset,


Because you're spreading misinformation to score marketing points and spreading misinformation about secure messengers gets people killed.

I don't understand why do you seem so upset, #DeltaChat has received several REAL PROFESSIONAL INDEPENDENT security audits, all listed here: delta.chat/en/help#security-au


So, none after this particular class of attack was discovered and therefore none that include this in the threat model?


Delta Chat: FAQ

What is Delta Chat? Delta Chat is a reliable, decentralized and secure instant messaging app, available for mobile and desktop platforms. Instant creation of private chat profiles with secure and i...
delta.chat
#deltachat
in reply to David Chisnall (*Now with 50% more sarcasm!*)

mastodon - Link to source

Delta Chat (39c3)

@david_chisnall being careful of claiming that something is "secure" is good advise/critique. Users are easily misled other ways. As to delivery receipts, it's unlikely there is a big problem with #chatmail clients (of which delta chat and arcanechat are two) because you can not cause a delivery receipt from a peer. But there are likely online-leakage issues with the invite protocols securejoin.readthedocs.io like github.com/chatmail/core/issue… that require work and independent audits.

Prevent silent probing of device online status

SecureJoin has two types of tokens: invite tokens and auth tokens. Currently SecureJoin invite token can be used to silently probe device online status. Auth token when successfully used results in...
link2xt (GitHub)
#chatmail @David Chisnall (*Now with 50% more sarcasm!*)
in reply to Delta Chat (39c3)

mastodon - Link to source

Mikalai

@delta @david_chisnall
Delta(s). Your design -- separation of chatting logic from transport -- is what will allow to overcome this observation and correlation constructions.
You can swap to different transport, like ASMail from 3NWeb set, it is web-style federation, reducing metadata on servers, and correlations between servers.
And then clients and servers may sit on mixnet, like Nym (say hi to them at 39c3).
@Delta Chat (39c3) @David Chisnall (*Now with 50% more sarcasm!*)

mastodon - Link to source

RE: hear-me.social/@Onj/1156902183…

I've done what I set out to do by the end of the year. I made it to 180 tracks in the collection. I stopped at 171 in May of 2023, then I just couldn't focus on much music for the last couple of years which, as a composer, really depressed me, but this December I decided to really try and sit down to make a go of it, so I did.
It may not seem like much, but not being able to write, when it's what I've done for 30 years felt very stifling and depressing in ways I cannot express.

My next goal is to hit 200, so I'll start work on that, hopefully soonest.

I just want to thank every person that favourited, reposted or interacted with me on my self-assigned journey recently. You're all wonderful humans, even those that said they had no use for such a project, which is totally fine. They still shared it most of the time, and I respect that.

Onj 🎶

2025-12-09 15:03:57

mastodon - Link to source

Here's a collection of free-to-use short music for any kind of project imaginable. I've been working on this project for over 10 years on and off, and it's a labour of love.

Whether you're doing work for TV, Radio, Film, your next podcast, show reel, powerpoint presentation, youtube video or university assignment that requires something to intro or outro it, there should be something for you, and if not you directly, maybe someone you know.

This is not the final form. I add to it whenever I find inspiration to do so. Check back every so often as you may find more content was added when you weren't looking 🔇

Currently:
1210 items
766 MB download in mp3
over 9 hours of music.

Absolutely no AI was used (or harmed) in the making of this collection.

If you feel so inclined, please do boost for reach. Many thanks.
onj.me/shorts


Andre Louis - FreakyFwoof Shorts - AudioPlayer

onj.me

This entry was edited (2 days ago)

reshared this

mastodon - Link to source

Přede mnou poslední pracovní týden (? možná - si ještě skočím do práce 22. a 23. chystat nové nástupy).
Stihnout se toho musí jako obvykle tři prdele.
V pondělí IT večírek. V úterý reinstalace notebooku majitelky. Ve středu výměna notebooku. Ve čtvrtek další večírek. A v pátek, aby toho nebylo málo, naaaaa Vsetíně, tam je luka, seče jú syneček.... Od rána až do večera. To bude náročné.

A samozřejmě očekávám uživatele, kteří si podají požadavek 19. prosince a 5. ledna se zeptají, proč to ještě není hotové.

This entry was edited (3 days ago)

glitchsoc - Link to source
Really impressed with my Bazzite VR experience today. Was able to play a few hours of Half Life: Alyx and Boneworks today :D The main issue I ran into (with both) is that Steam Link will cut out when you first launch the game when trying to pre-compile shaders. Sometimes this leads to Steam VR bugging out and requiring a reboot in order to reconnect. After the first launch the experience was completely seamless.