National Museum of Mathematics: Inspiring math exploration and discoverymomath.org
How does a Tumblr survey miss the queerness? Like the _only_ reason I use tumblr is for the queer (horny) community.
That and to politely tell Automattic that they're wrong (different blog)
🎣① Here’s a story about an interesting DM phishing attempt I got over on Twitter.
It started with a DM from, uhh, ostensibly a staff member of Barrons (?), inviting me to a podcast (?) to do an interview about decentralized web3 creator service platform (?)
I wanted to see where it went, so, I was very enthusiastic
Sensitive content
Ryan is one of my favorite persons in the #PHP community. I cannot imagine what he and his family must be going through. They face expensive medical bills and more ahead. If you can help financially, please do so.
gofundme.com/f/support-ryans-b…
Hi friends! I have some bad news. On March 11th I went to the emergency room after … Ryan Weaver needs your support for Support Ryan's Brain Cancer Battlegofundme.com
Even with all the eclipse photos circulating right now, this one made my eyes pop. Great shot of jet contrails breaking up the edge of the eclipsed Sun. Quick calculation: The Sun is about 30,000,000 times wider than the jet.
(Photo by Bobby Goddin, Bloomington, IN) #eclipse #nature #science #photography
We are part of the #ZOOOMProject consortium, a #HorizonEU project with the purpose of promoting open technologies. 🚀
💡 Recently, the 
#FSFE legal team produced 4 chapters in 2 comprehensive reports, dealing with many topics, and providing empirical data on #FreeSoftware topics in 🇪🇺 in relation to critical technologies, such as AI.
📃 Check them out!
🔸 zooom4u.eu/wp-content/uploads/…
🔹 zooom4u.eu/wp-content/uploads/…
⚠ NGI Zero Commons Fund 2nd call ⚠
Are you developing or contributing to #FreeSoftware that contributes to the vision of the Next Generation Internet?
💥 You might be eligible for the @nlnetlabs funds!
💡 Find out more information and how to apply here: ⤵️
Sensitive content
Hey! Let's talk about #SSH and #security!
If you've ever looked at SSH server logs you know what I'm about to say: Any SSH server connected to the public Internet is getting bombarded by constant attempts to log in. Not just a few of them. A *lot* of them. Sometimes even dozens per second. And this problem is not going away; it is, in fact, getting worse. And attackers' behavior is changing.
The graph attached to this post shows the number of attempted SSH logins per day to one of @cloudlab s clusters over a four-year period. It peaks at about 3.4 million login attempts per day.
This is part of a study we did on our production system, using logs of more than 640 million login attempts, covering more than 1,500 hosts on our side and observing more than 840 thousand incoming IP addresses.
A paper presenting our analysis and a new, highly effective means to block SSH brute force attacks ("Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them") will be presented next week at #NSDI24 by @sachindhke . The full paper is at flux.utah.edu/paper/singh-nsdi…
Let's dive in. 🧵
I've got a big picture question that may sound silly: What's the point in blocking the attacks?
If you've got user accounts with weak passwords, then that is a problem that should probably be addressed with higher priority than the frequency of attacks.
If you've only got users with strong public keys, then attacks won't succeed anyway. Blocking them will save you some resources, but will also redirect the attackers to weaker targets. Isn't it overall better to just tank the attacks?
@samgai Not a silly question at all, it's a great question!
One reason to block ssh brute force attempts is that you may have devices on your network that you don't know are vulnerable: for example, we see lots of attempts to attack IoT devices, such as a big spike of attempts to log in to accounts associated with the Dauha backdoors when those were revealed. We also see lots fo attempts to log into routers from various vendors (Unifi, MikroTik, and Huawei).
Another is that in some cases, you don't have full control over your users. The facility we operate is cloud-like in the sense that we do control the initial configurations of sshd and can force users to use good passwords, but after that, they have root and can - and do - change configurations or set local passwords in a way that makes the vulnerable.
A third reason is that a lot of these attacks are *probably* coming from botnets that are launching a range of different kinds of attacks. So if you can easily recognize them as ssh attackers, you can block them completely, possibly saving yourself from other attacks.
Finally, they consume resources on the target machine - maybe not a lot, but heavy attacks can have a significant impact, and we want to keep this impact low.
Když jsem u těch kruhů 💞 tyhle se mi líbí 🤗
#ukazkruhy #fedicircles #mastocircles
data.natty.sh/fedi-circles/
reshared this
I set myself the task to design and print 50 birds using a custom LEGO letterpress technique. This was in 2018. Figured it would take a year or so. I finished the last print earlier this year 
Presenting the complete series for the first time in an exhibiton in the workplace where the prints were made. Opening this weekend:
Come! 
_
#letterpress #printmaking #LEGOletterpress #MastoArt #birds
Offenbar an Innenministerin Nancy Faeser vorbei hat sich die Ampel auf die Einführung des Quick-Freeze-Verfahrens geeinigt, das als Alternative zur Vorratsdatenspeicherung gilt.netzpolitik.org
We're often asked "When can I use Thunderbird in my browser?" It's a logical question! After all, Thunderbird was built on top of Firefox technologies, right?
Let's have a quick chat about it:
PeerTube: tilvids.com/w/fUUkxQCFvVJdPgxx…
YouTube: youtu.be/LQwgG2sLIVE
#Thunderbird #Firefox #Webmail
Thunderbird was built on top of Firefox browser technology, right? So could there ever be a webmail view of Thunderbird? We hear this question a lot, so let's talk about it! 🔗 NEED SUPPORT? Thunderbird Community Support: https://mzla.TILvids
#CommunitySpotlight are you an #XMPP user?
Make sure to check out #Conversations codeberg.org/iNPUTmice/Convers… or #blabberIM codeberg.org/kriztan/blabber.i… from #Codeberg!
Prosody IM reshared this.
The monocles chat. A more modern and secure chat client for Android based on Conversations with features from blabber.im and Cheogram and a lot of own changes and improvements.Codeberg.org
Sonos will release a redesigned mobile app on May 7th. The new software features a customizable homescreen, faster search, and easier setup for the company’s devices.Chris Welch (The Verge)
#YunoHost devs are testing #Prosody as #xmpp #jabber replacement for metronome to get better integration with the system and better compliance with jabber standards. Also new default features as A/V calls.
It's on early development, without ETA!!
great news IMO 👌
thank you 🙏 🧙
Prosody package for YunoHost. Contribute to anubister/prosody_ynh development by creating an account on GitHub.GitHub
It's 2024 and #Outlook has seen its worst email hack ever.
When will they start listening to their founder Bill Gates?
A lax security culture made attacking Outlook so easy for China - you won't believe it! Find out what made the hack possible via this thread:👇
🧵1/7
5. One engineer from a firm acquired by Microsoft in 2020 was working on a compromised laptop and in 2021 accessed the corporate network from that machine. It's not certain that this laptop was the root cause, but Microsoft published an update in March 2024 which stated a “compromised engineering account” is the “leading hypothesis” for the cause of the breach.
🧵6/7
6. Instead of letting this compromise go unnoticed, Microsoft should have run a proper security assessment of the firm's network after its acquisition - which it didn't.
More on this hack and what the US government has to say about it: tuta.com/blog/microsoft-china-…
🧵7/7
China's Microsoft hack shows why security must always be prioritized over features and why there must not be a general key that can be used as a "backdoor".Tutanota
Last year, the @sovtechfund fund invited us, the Sequoia PGP Project, to join their new Bug Resilience Program.
Today, I'm pleased to announce that we are publicly launching our bug bounty program with rewards of up to €10,000 for novel, security-relevant issues in Sequoia applications, libraries, or specifications. #pgp
sequoia-pgp.org/blog/2024/04/1…
Sequoia is a modular OpenPGP implementation in Rust.sequoia-pgp.org
👉 Still not sure what to make of Meta's 'Pay or Okay' model?
Researcheres at Utrecht University have come to the conclusion that it violates the GDPR, as it fails to ensure that consent is freely given.
📝 Read the full paper here: papers.ssrn.com/sol3/papers.cf…
Meta introduced its ‘pay-or-okay’ model to respond to heightened requirements as to the way it collects users’ personal data for targeted advertisement. This mopapers.ssrn.com
Currency converter for the fish shell. Contribute to Flameborn/fcc development by creating an account on GitHub.GitHub
Winter blue tardis reshared this.
Our Czech community reports back from a recent event… For the third time, the LibreOffice project had its own booth at InstallFest 2024, and here we present our experiences from the event.Mike Saunders (The Document Foundation)
Revolut does not have a UK banking licence.
If you are a victim of fraud you'll be SOL.
Best advice; close your account and move conventional bank elsewhere.
Please boost to make people in the UK aware.
theguardian.com/money/2024/apr…
The company seems to hold me entirely responsible for the fact £40,000 was stolenMiles Brignall (The Guardian)
Our new Chief Technology Officer, Gerald Hartig, is being interviewed on Vision Australia Radio tonight at 8:10pm AEST (About 1hr 15mins after I post this). You can tune in online at: player.listenlive.co/65731/
#NVDA #ScreenReader #Accessibility #Interview #News #A11y
Accessible news, information and entertainment. Vision Australia Radio offers a range of interesting and informative programs that feature readings from the latest newspapers, magazines and books.Vision Australia Radio Adelaide
Vodíková Tatra bude stát celý den ve středu 10. dubna před budovou Národní technické knihovny, zájemci si ji mohou prohlédnout zblízka.Eva Srpová (Aktuálně.cz)
Blippy the Wonder Slug 🇩🇪
in reply to Dr Zoyander Street • • •