FBI releases PSA warning about all the ways that cybercriminals are using AI to commit fraud on a larger scale and to increase the success of their scams. The advisory warns about deepfaked videos and voice calls, as well as AI generated profile images to impersonate people.

Among their recommendations:

-Create a secret word or phrase with your family to verify their identity.

-Look for subtle imperfections in images and videos, such as distorted hands or feet, unrealistic teeth or eyes, indistinct or irregular faces, unrealistic accessories such as glasses or jewelry, inaccurate shadows, watermarks, lag time, voice matching, and unrealistic movements.

-Listen closely to the tone and word choice to distinguish between a legitimate phone call from a loved one and an AI-generated vocal cloning.

-If possible, limit online content of your image or voice, make social media accounts private, and limit followers to people you know to minimize fraudsters' capabilities to use generative AI software to create fraudulent identities for social engineering.

-Verify the identity of the person calling you by hanging up the phone, researching the contact of the bank or organization purporting to call you, and call the phone number directly.

-Never share sensitive information with people you have met only online or over the phone.

-Do not send money, gift cards, cryptocurrency, or other assets to people you do not know or have met only online or over the phone.

ic3.gov/PSA/2024/PSA241203

From the Freedom Scientific Blog: Join Us for Our December 2024 Training Events

blog.freedomscientific.com/joi…

Join Us for Our December 2024 Training Events

The Freedom Scientific training team offers ongoing opportunities for you to join us in live training sessions and advance your skills. We’re excited to announce our jam-packed December training sc…

^{Freedom Scientific Blog}

Trump tariff threat: Ambassador 'hopes' Canada can escape

ctvnews.ca/politics/trump-maki…

Trump making 'joke' about Canada becoming 51st state is 'reassuring': Ambassador Hillman

Canada’s ambassador to the U.S. insists it’s a good sign U.S. president-elect Donald Trump feels 'comfortable' joking with Canadian officials, including Prime Minister Justin Trudeau.

^CTVNews

"Right Wing President backs down"

It can happen, it is not inevitable.

theguardian.com/world/2024/dec…

#SouthKorea

South Korea’s president lifts martial law in the face of united opposition

Rightwing president backs down after most serious challenge to country’s democracy since 1980s

^{Amy Hawkins (The Guardian)}

Today I got the chance to ask our computer graphics professor a question that I asked myself quite some time ago: what the fuck is the color pink?

Like, the color right before infrared is red, the color right before ultraviolet is violet. And every other color is some wavelength between those two colors. EXCEPT FOR PINK!?

On a hue color wheel pink is between red and violet, so it's wavelength has to be somewhere around there, right??

Well, turns out pink is the color humans perceive when red and violet are mixed (duh), meaning the red and blue cones are stimulated. Since both cones respond to wavelengths on the opposite ends of the visible spectrum, there is no monochromatic wavelength that would trigger both, hence there is no wavelength that looks pink.

That's also the reason pink does not appear in a rainbow, because there white sunlight light, a mixture of (almost, hi Astro-fedi) all monochromatic wavelengths, is refracted based on wavelength, so no mixed colors occur in it.

I've noticed a concerning trend of "slop security reports" being sent to open source projects. Here are thoughts about what platforms, reporters, and maintainers can do to push back:

#oss #opensource #security

sethmlarson.dev/slop-security-…

New era of slop security reports for open source

I'm on the security report triage team for CPython, pip, urllib3, Requests, and a handful of other open source projects. I'm also in a trusted position such that I get "tagged in" to other open sou...

^{sethmlarson.dev}

Reason to celebrate: the email client #Thunderbird celebrates its 20th birthday. Please remember the parent #Netscape-Suite too. It's been 30 years.

@thunderbird #mozilla

20 Years of Thunderbird
updates.thunderbird.net/en-US/…

20 Years of Thunderbird!

Thunderbird is a free email application that’s easy to set up and customize - and it’s loaded with great features!

^Thunderbird

Our #GivingTuesday campaign is officially LIVE!

We’re raising $75,000 to fund a new hire: ✨ Trust & Safety Lead ✨

A crucial role in protecting Mastodon’s growing community by strengthening our trust & safety tools incl. #moderation & server blocklists.

Your support is an investment in the future of a decentralised, free and respectful online community, where every user feels safe & supported.

Thank you for being part of this movement! 💪

Donate what you can today: givebutter.com/givingmastodon

Tak už i naše instance běží na nové verzi v4.3.2

github.com/mastodon/mastodon/r…

Release v4.3.2 · mastodon/mastodon

Changelog Added Add tootctl feeds vacuum (#33065 by @ClearlyClaire) Add error message when user tries to follow their own account (#31910 by @lenikadali) Add client_secret_expires_at to OAuth Appl...

^GitHub

Tenía tan sólo 3 años cuando Thunderbird 1.0 fue anunciado, que locura! Me alegra de que siga existiendo a día de hoy @thunderbird

#thunderbird

The ACT (Accessibility Conformance Testing) Rules Community Group and related Task Force are looking for feedback from voice control users.

They have created a test site with 27 controls and a corresponding survey:
docs.google.com/forms/d/e/1FAI…

This is to inform WCAG SC 2.5.3 Label in Name support.

#a11 #accessibility

Voice Navigation Feedback

Thank you for agreeing to fill out this survey. We will use the responses to learn the best way to implement the label in name WCAG success criterion for form controls.

^{Google Docs}

Thunderbird is jarig (20) en afhankelijk van donaties. Ik gebruik het al (bijna al die) jaren en dacht, ik doe een donatie....

He, @thunderbird Waarom willen jullie weten waar ik woon?????? #privacy #Thunderbird

#AndroidAppRain at apt.izzysoft.de/fdroid today brings you 9 updated and 1 added apps:

* Redomi: Open songs from different platforms to your favourite one 🛡️

1 update had to be rejected: WeatherMaster was compiled for debug and thus the APK was not accepted for update.

RB status: 359 apps (29.4%)

At apt.izzysoft.de/magisk 2 #Magisk #modules where updated.

Enjoy your #free #Android #apps with the #IzzyOnDroid repo

IzzyOnDroid F-Droid Repository

This is a repository of apps to be used with your F-Droid client. Applications in this repository are official binaries built by the original application developers, taken from their resp. repositories (mostly Github, GitLab, Codeberg).

^{IzzyOnDroid App Repo}

Synapse 1.120.2 was just released with several security fixes: github.com/element-hq/synapse/…
You should really update now and while the last 2 CVEs say, they were fixed on 1.106, to my knowledge that is only true if you enabled authenticated media, which only became the default in 1.120, so you really want to update even for those or at least update your config.

Thank you! :)

#matrix #synapse #security

Release v1.120.2 · element-hq/synapse

Synapse 1.120.2 (2024-12-03) This version has building of wheels for macOS disabled. It is functionally identical to 1.120.1, which contains multiple security fixes. If you are already using 1.120....

^GitHub

Wow, what a clusterfuck: 404media.co/a-total-meltdown-b… (article by @jasonkoebler)

Thinking about it, their conclusion that “the app-ification of everything can lead to some pretty absurd scenarios” isn’t necessarily correct. It isn’t the app-ification – it’s delegating control to some server on the internet which is expected to have 100% availability. It’s the same issue with you losing access to your local e-books or games because a vendor went out of business. Same thing is increasingly happening to hardware which seemingly has little reason to rely on internet services.

I can think of several possible solutions which don’t rely on internet connectivity at all or only require a connection at the time of the reservation (unproblematic: without connectivity no reservation confirmation). These would deposit a token on user’s device which can be verified locally, without relying on the vendor’s server.

While this wouldn’t be hard to implement, it would require the vendor to consider their centralization a potential weakness. This isn’t aligned with their incentives however, as centralizing the system makes it easier to control everything and collect every last piece of data.

‘A Total Meltdown’: Black Friday Zipcar Outage Strands Customers in Random Places

"Went to buy a quick drink to the store and all of the sudden the car is locked. I’ve been waiting over 4 hours in the cold."

^{Jason Koebler (404 Media)}

You'll never see a paywall for ProPublica’s journalism, thanks to readers like you.

This #GivingNewsDay, for gifts of $40+, we’re sending you a thank-you gift to show our gratitude. Get your gift: propub.li/3VbyAK0

Přátelé kávomilci, rád bych pořídil mlýnek na ☕. Kromě nastavení hrubosti vlastně nevím, co od něj chtít, nikdy jsem žádný neměl.

S jakým máte kdo zkušenosti? Děkuji předem za tipy. 🙏😘
Za boost králíčky, může být?

🚀 FluffyChat v1.23.0 is here!

You can now send multiple files at once. The login page got a redesign with SSO as the new default action (legacy password login still available in the context menu at the top right corner).

MAS account settings now available in the profile, making FluffyChat ready for the Matrix OIDC change! 💪

Lot's of new colors and style settings with much better chat wallpapers also landed in this release. 🐾

Learn more at ko-fi.com/post/FluffyChat-Vers…

#FluffyChat #matrix

FluffyChat Version 1.23.0: What's New?

Krille-chan published a post on Ko-fi

^Ko-fi

Synapse security release day! We fixed multiple security vulnerabilities, some affecting all prior versions of Synapse. We are not aware of these vulnerabilities being exploited in the wild, but please upgrade!

github.com/element-hq/synapse/…

Release v1.120.2 · element-hq/synapse

Synapse 1.120.2 (2024-12-03) This version has building of wheels for macOS disabled. It is functionally identical to 1.120.1, which contains multiple security fixes. If you are already using 1.120....

^GitHub