Elon Musk has apparently stolen money from either Canada and taxpayers, or Tesla dealerships, or likely, from both, as police and transport Canada get involved finding how thousands of Teslas got EV rebates.
Tesla made a suspicious number of rebate requests on last days of Canadian EV incentive
Hello , @Friendica Support It's been more than 2 months since UpdateContacts the one highlighted in red it doesn't end , can you tell me how i can remove it?
@Anomaly if you have console/terminal access, run cd your-friendica-directory bin/console.php worker it runs your cron jobs, and gets your workers to complete jobs in the queue, it may help
Hi @pasjrwoctx👽 , thanks I can't find any entries related to worker
bin/console.php
Usage: bin/console [--version] [-h|--help|-?] <command> [<args>] [-v]
Commands:
addon Addon management
cache Manage node cache
clearavatarcache Clear the file based avatar cache
config Edit site config
contact Contact management
createdoxygen Generate Doxygen headers
dbstructure Do database updates
docbloxerrorchecker Check the file tree for DocBlox errors
extract Generate translation string file for the Friendica project (deprecated)
globalcommunityblock Block remote profile from interacting with this node
globalcommunitysilence Silence a profile from the global community page
archivecontact Archive a contact when you know that it isn't existing anymore
help Show help about a command, e.g (bin/console help config)
autoinstall Starts automatic installation of friendica based on values from htconfig.php
lock Edit site locks
maintenance Set maintenance mode for this node
movetoavatarcache Move cached avatars to the file based avatar cache
mergecontacts Merge duplicated contact entries
user User management
php2po Generate a messages.po file from a strings.php file
po2php Generate a strings.php file from a messages.po file
typo Checks for parse errors in Friendica files
postupdate Execute pending post update scripts (can last days)
relocate Update node base URL
serverblock Manage blocked servers
storage Manage storage backend
relay Manage ActivityPub relay servers
Options:
-h|--help|-? Show help information
-v Show more debug information.
@Anomaly then if you open terminal on your server, and cd to your friendica dir, bin/worker.php it should run the worker, and one other thing you can try, is go to myphpadmin open your database for friendica, and in the sql tab enter DELETE FROM `workerqueue` WHERE `done` = 1; which will clear all jobs completed, the task may be completed, but not cleared out of the database table. other than that maybe @hypolite can help maybe better
@Anomaly also try, Admin/Site/Worker Maximum load average=50, Maximum number of parallel workers=20, Maximum load for workers=150, Worker defer limit=15, Worker fetch limit=25, it may help as well as double check your Database Lock Wait Timeouts, check the Friendica log files for any error messages related to lock wait timeouts, sorry I cant offer more, im a little limited on my knowledge, just sharing everything I know, because I have dealt with some of these issues, y
@Anomaly Deferred tasks aren't currently running. They failed during they initial run, which placed them in this wait list with a next try date in the future. From your screenshot it appears that the task creation date and the next try date are pretty close to each other, so it must only have failed a few times at most.
Running either the worker or the daemon manually will not clear deferred tasks which next try date have not been reached yet. There's an incremental back off system that increases the delay before the next try after each new failure. Once the task succeeds, the task will clear from the deferred list.
@Hypolite Petovan yes I thought this, but why has this entry been in the list for 2 months? All entries are successfully completed . I have no problems with friendica, if this entry does not cause problems,can be on the list
Did some app icon design work for the first time in a while today. Haven't gotten feedback on either of these yet, but regardless of whether they'll actually end up being used, I'm happy with how they turned out 😁
so yes the rumors are correct (this was leaked on reddit a few days ago, oh well)
the #FLX1 will be getting support for hooking up to external displays. the difference here compared to other approaches is that it will be running full #GNOME shell instead of #Phosh desktop mode (with some integration). as much as we love Phosh, GNOME shell simply provides a superior experience on a large display (and our community members voted for this too)
Media playback tablet running GNOME and postmarketOS
A couple of years ago I set up a simple and independent media streaming server for my Bandcamp music collection using a Raspberry Pi 4, Fedora IoT and Jellyfin. It works nicely and I don’t have to play any cloud rent to Spotify to listen to music at home.
But it’s annoying having the music playback controls buried in my phone or laptop. How many times do you go to play a song and get distracted by a WhatsApp message instead?
So I started thinking about a tablet that would just control media playback. A tablet running a non-corporate operating system, because music is too important to allow Google to stick AI and adverts in the middle of it. Last month Pablo told me that postmarketOS had pretty decent support for a specific mainstream tablet and so I couldn’t reset buying one second-hand and trying to set up GNOME there for media playback.
Read on and I will tell you how the setup procedure went, what is working nicely and what we could still improve.
What is the Xiaomi Pad 5 Pro tablet like?
I’ve never owned a tablet so all I can tell you is this: it looks like a shiny black mirror. I couldn’t find the power button at first, but it turns out to be on the top.
The device specs claim that it has an analog headphone output, which is not true. It does come with a USB-C to headphone adapter in the box, though.
It comes with an antagonistic Android-based OS that seems to constantly prompt you to sign in to things and accept various terms and conditions. I guess they really want to get to know you.
I paid 240€ for it second hand. The seller didn’t do a factory reset before posting it to me, but I’m a good citizen so I wiped it for them, before anyone could try to commit online fraud using their digital identity.
How easy is it to install postmarketOS + GNOME on the Xiaomi Pad 5 Pro?
I work on systems software but I prefer to stay away from the hardware side of things. Give me a computer that at least can boot to a shell, please. I am not an expert in this stuff. So how did I do at installing a custom OS on an Android tablet?
Figuring out the display model
The hardest part of the process was actually the first step: getting root access on the device so that I could see what type of display panel it has.
Xiaomi tablets have some sort of “bootloader lock”, but thankfully this device was already unlocked. If you ever look at purchasing a Xiaomi device, be very wary that Xiaomi might have locked the bootloader such that you can’t run custom software on your device. Unlocking a locked bootloader seems to require their permission. This kind of thing is a big red flag when buying computers.
One popular tool to root an Android device is Team Win’s TWRP. However it didn’t have support for the Pad 5 Pro, so instead I used Magisk.
I found rooting process with Magisck complicated. The only instructions I could find were in this video named “Xiaomi Pad 5 Rooting without the Use of TWRP | Magisk Manager” from Simply Tech-Key (Cris Apolinar). This gives you a two step process, which requires a PC with the Android debugging tools ‘adb’ and ‘fastboot’ installed and set up.
Step 1: Download and patch the boot.img file
On the PC, download the boot.img file from the stock firmware. (See below).
Open the Magisk app and select “Install” to patch the boot.img file.
Copy the patched boot.img off the tablet back to your PC and rename it to patched_boot.img.
The boot.img linked from the video didn’t work for me. Instead I searched online for “xiaomi pad 5 pro stock firmware rom” and found one that worked that way.
It’s important to remember that downloading and running random binaries off the internet is very dangerous. It’s possible that someone pretends the file is one thing, when it’s actually malware that will help them steal your digital identity. The best defence is to factory reset the tablet before you start, so that there’s nothing on there to steal in the first place.
Step 2: Boot the patched boot.img on the tablet
Ensure developer mode is enabled on the tablet: go to “About this Device” and tap the box that shows the OS version 7 times.
Ensure USB debugging is enabled: find the “Developer settings” dialog in the settings window and enable if needed.
On the PC, run adb reboot fastboot to reboot the tablet and reach the bootloader menu.
Run fastboot flash boot patched_boot.img to boot the patched boot image.
At this point, if the boot.img file was good, you should see the device boot back to Android and it’ll now be “rooted”. So you can follow the instructions in the postmarketOS wiki page to figure out if your device has the BOE or the CSOT display. What a ride!
Install postmarketOS
If we can find a way to figure out the display without needing root access, it’ll make the process substantially easier, because the remaining steps worked like a charm.
Following the wiki page, you first install pmbootstrap and run pmbootstrap init to configure the OS image. A note for Fedora Silverblue users: the bootstrap process doesn’t work inside a Toolbx container. At some point it tries to create /dev in the rootfs using mknod and fails. You’ll have to install pmbootstrap on the host and run it there.
Next you use pmbootstrap flasher to install the OS image to the correct partition.
I wanted to install to the system_b partition but I seemed to get an ‘out of disk space’ error. The partition is 3.14 GiB in size. So I flashed the OS to the userdata partition.
The build and flashing process worked really well and I was surprised to see the postmarketOS boot screen so quickly.
How well does GNOME work as a tablet interface?
The design side of GNOME have thought carefully about making GNOME work well on touch-screen devices. This doesn’t mean specifically optimising it for touch-screen use, it’s more about avoiding a hard requirement on you having a two-button mouse available.
To my knowledge, nobody is paying to optimise the “GNOME on tablets” experience right now. So it’s certainly lacking in polish. In case it wasn’t clear, this one isfor the real headz.
Login to the machine was tricky because there’s no on-screen keyboard on the GDM screen. You can work around that by SSH’ing to the machine directly and creating a GDM config file to automatically log in: $ cat /etc/gdm/custom.conf # GDM configuration storage[daemon]AutomaticLogin=mediaAutomaticLoginEnable=True It wasn’t possible to push the “Skip” button in initial setup, for whatever reason. But I just rebooted the system to get round that. Enough things work that I can already use the tablet for my purposes of playing back music from Jellyfin, from Bandcamp and from elsewhere on the web.
The built-in speakers audio output doesn’t work, and connecting a USB-to-headphone adapter doesn’t work either. What does work is Bluetooth audio, so I can play music that way already. [Update: as of 2025-03-07, built-in audio also works. I haven’t investigated what changed]
I disabled the automatic screen lock, as this device is never leaving my house anyway. The screen seems to stay on and burn power quickly, which isn’t great. I set the screen blank interval to 1 minute, which should save power, but I haven’t found a nice way to “un-blank” the screen again. Touch events don’t seem to do anything. At present I work around by pressing the power button (which suspends the device and stops audio), then pressing it again to resume, at which point the display comes back. [Update: see the comments; it’s possible to reconfigure the power button so that it doesn’t suspend the device].
Apart from this, everything works surprisingly great. Wi-fi and Bluetooth are reliable. The display sometimes glitches when resuming from suspend but mostly works fine. Multitouch gestures work perfectly — this is first time I’ve ever used GNOME with a touch screen and it’s clear that there’s a lot of polish. The system is fast. The Alpine + postmarketOS teams have done a great job packaging GNOME, which is commendable given that they had to literally port systemd.
What’s next?
I’d like to figure out how un-blank the screen without suspending and resuming the device.
It might be nice to fix audio output via the USB-C port. But more likely I might set up a DIY “smart speaker” network around the house, using single-board computers with decent DAC chips connected to real amplifiers. Then the tablet would become more of a remote control.
See the comments for a way to reconfigure the power button so that it unblanks the screen instead of suspending the device.
After updating to latest (2025-03-07) postmarketOS edge, the built-in speakers now work and they sound pretty OK. Not sure what changed but that’s very nice to have.
39 km za 1 a čtvrt hodiny. Nepřijde mi to v tomhle počasí jako nejhorší způsob trávení neděle. Hlavně vypadnout z pražskýho vzduchu... #solarbike #recumbent #regel17
„Naproti Dantově soše vylézají každou noc z pekla transky, aby navrátily světu jaro.“ Román
Potvory má podobné účinky jako iniciační rituál, je to strašidelná pohádka, skupinový portrét, provokativní...
“The fundamental weakness of Western civilization is empathy, the empathy exploit,” Musk said. “There it’s they’re exploiting a bug in Western civilization, which is the empathy response.” -Elon Musk, Feb 28, 2025
“In my work with the defendants (at the Nuremberg Trials 1945-1949) I was searching for the nature of evil and I now think I have come close to defining it. A lack of empathy. It’s the one characteristic that connects all the defendants, a genuine incapacity to feel with their fellow men. Evil, I think, is the absence of empathy.” -Captain G. M. Gilbert, the Army psychologist assigned to watching the defendants at the Nuremberg trials
Technology is transforming lives, and for blind and visually impaired individuals, smart home automation offers incredible opportunities to enhance independence and convenience.
A little over a year ago, I was given the profound responsibility of leading British Wireless for the Blind Fund (BWBF) as we embarked on our small charity’s next chapter.
After nearly four decades of remarkable leadership, British Wireless for the Blind Fund (BWBF) is embarking on a new chapter with the appointment of Sophie Jones as our new Chief Executive Officer, effective March 1st, 2024.
Brandon Biggs is a Software Engineer at The Smith-Kettlewell Eye Research Institute, CEO of XR Navigation, and a PhD Candidate at the Georgia Institute of Technology.
Want to try running your own builder – to confirm apps as #reproducibleBuilds or just to build your own apps? At #IzzyOnDroid we've just made "easy setup scripts" available which should take care for all requirements, while letting you choose which parts you want:
@s3nnet err… Steht gleich am Anfang in der Readme (hat leider nicht mehr in den Tröt gepasst): In der ersten Version funzt das nur mit Debian-basierten Systemen. Für RPM-basierte Systeme haben wir uns schon ein Issue aufgemacht. Für BSD möchte auch schon jemand schauen.
Aber schau gern mal über das 01_sudo_requirements.sh Skript, was da für Arch/Manjaro die passenden Dinge wären, und mach dafür ein Issue auf.
Can you explain in how far this project is linked to E Foundation or /e/OS? According to mobifree.org, NGI Mobifree is initiated and coordinated by them and nlnet is only an implementation partner (which I guess means they give Mobifree money to other projects like this).
I am smitten with DeltaChat... DeltaChat has been making massive strides lately and I think you should consider using it as your full time secure messenger.
Hi, this is Lothar aka lk108. I’m today’s guest on the blog and it’s my pleasure to introduce DeltaTouch, a third-party client based on deltachat-core-rust for the mobile phone OS Ubuntu Touch (UT)...
I mostly wanted to share lothar's blogpost in which he describes how easy it was for him to create a new client because the api of dc core is easy to understand.
Quickly read it but regardless of common misconceptions about deltachat, I cannot see a single advantage of it over SimpleX (my current top pick) or XMPP, and probably also KeyChat or Whitenoise on #nostr)
@gvs Simplex has two options for routing messages: the centralized SMP servers, and a 2-hop onion/Tor-like private message routing using forwarding nodes. Both of these are easily blocked if you want to shutdown access to Simplex for users.
XMPP: easy to block Anything using Nostr: easy to block
Shutting down all email services in your jurisdiction: much harder to accomplish
This is basically the only argument I keep seeing for DeltaChat. "But it's difficult to block because it's SMTP and that wouldn't be reasonable to block all email!". Which, could be true. But, it's also an unrealistic and exceedingly feeble argument for an otherwise wholly inferior architecture. @gvs
It's feeble because Simplex now defaults to port 443, which is also difficult to block as a whole. What ends up happening is that known service providers will get blocked and deltachat has 0 advantage again.
@gvs @adiz "known service providers" -- every email server is a DeltaChat service provider.
Do you think Russia is going to shutdown Yandex to stop people from using DeltaChat on it and cripple their own country's ability to use the internet?
The most they can do is demand all email servers in their jurisdiction block all encrypted emails, period, which requires custom technical solutions for each provider and will have severe consequences as well. Encrypted emails are not as uncommon as people think.
If I work in the government and want to be a whistleblower I could literally use my government email account with DeltaChat. Maybe they'll eventually detect that I'm using it, but they'll never be able to decrypt those messages.
They can be, but they keep and leak metadata. In some places, e-mail logs have to be stored for 2 years. So using your government e-mail account to use deltachat still reveals who you are talking too.
Neither does that argument negate that SimpleX now defaults to https traffic, which you think would be more likely to be wholesale banned then mail?
Nothing is going to convince me that DeltaChat (quirky email, basically) isn't a solution looking for a problem that doesn't perform as well, nor is as capable as, pre-existing, long-matured, well-established, purpose-built alternatives. @gvs
I don't know anyone outside of some niche Fedi circles who uses or knows what DeltaChat is. Meanwhile I am apart of and familiar to many thriving, populous XMPP, Matrix, and even IRC communities. I don't see any failure "in the field". 🤷 @gvs
Mail from and RCPT to cannot be encrypted. So all involved mailservers have a record who sends to who, when and size. In some places, those logs have to be kept years. @adiz
> You stated that any SMTP can be used for deltachat, so non chatmail servers have to be taken into account as well
Yes that's one of its strengths. They can't really block all possible methods of exfiltrating data securely.
Let's pretend they do successfully figure out how to get every email service in the country to block PGP mail? Delta controls the clients, they can just work around it. Unlikely but possible scenario: just generate random PNGs as attachments to innoculous mails and append the PGP data to the end of the PNG...
>You stated that any SMTP can be used for deltachat, so non chatmail servers have to be taken into account as well
And this continues to be the cruc of my argument. Everyone shilling DeltaChat does so with the disingenuous argument that "you can just use your existing email!"---which isn't really honest. There are major providers where it doesn't work. Assuming that does work, the recommended "best practice" is to have a separate email address entirely to use with DeltaChat vs. your primary, normal email address. And then, thereafter, to address all the performance issues associated with [*squints*]……trying to use email as an instant messenger platform……, and to utilize all the marketed features supposedly available immediately out of the box, the recommendations and solutions are to spin up, or have an account on, a specialized email stack.
By the time you do all of this one could otherwise be using an instant messaging protocol made for instant messaging.
Ultimately, the "sales pitch" is, dare I say, intentionally dishonest. @feld
@adiz @gvs best practice is to use a separate address, preferably a Chatmail server if possible.
But if you can't because you exist in an environment with extreme limitations, use your normal email.
That's it. That's the whole sales pitch. You lose some anonymity and only a little extra metadata is exposed, but still nobody can MITM your messages. Your conversations are still secure, plus you gain a TON of functionality.
Oh, now you want to do realtime collaborative editing of a document? Add the WebXDC app to your chat, and boom E2EE P2P connection established and realtime group text editing activated between all members. No need to use a third party service that may not even be accessible to some people in the chat.
Are all the features advertised functional out of the box on deployment of a ChatMail server? And, is it easy to manage/maintain a ChatMail server (e.g., Prosody XMPP almost literally "just works" and doesn't break with updates)? Genuine question. I am willing to go through the lengths of setting up a ChatMail server if it's so straightforward. @gvs
@adiz the default deployment is with a tool called "cmdeploy" that is Ansible-ish python which SSHes to the server and does everything, installs the configs from templates, does Acme HTTP-01, etc.
I do not like this because I don't want HTTP-01, I want DNS-01 especially as my original tests were behind NAT and the tooling has some test for connectivity built in and wasn't detecting the public IP properly so that annoyed me.
Updating is as simple as a git pull on the repo and running the same deploy command again.
HOWEVER, as I said I do not like this method so I maintain a separate implementation using a Chef cookbook that does not rely on a Chef server.
I have a video showing the entire deploy process to a fresh Debian VM. It's very fast and simple to do.
Done! You're online. Start issuing/registering accounts and to chat with people! It's that easy. Extremely straightforward. Prosody has an update? apt takes care of that with sudo apt update && sudo apt upgrade -y, just as it does with every other ordinary binary package. I have some transports and bridges setup that ship as Docker containers. Equally as straightforward and painless to get setup and running.
When I upgrade from Debian 12 to Debian 13, guess what? Everything is just going to work. If I have to move my service to a new machine I just copy the Prosody directory contents over and import the PostgreSQL database. So simple. So straightforward. So easy to manage. I like that.
@adiz the good news is that by then it doesn't matter, there won't be much of a purpose of self-hosting because your client will automatically learn of all the available Chatmail servers and self-register ephemeral email accounts and jump between them completely transparent to the user.
At that point deploying Chatmail relays is just strengthening the overall network
>At that point deploying Chatmail relays is just strengthening the overall network
If it becomes that easy (i.e., as easy as setting up an XMPP service, e.g.: Prosody) then I'd deploy and maintain a ChatMail server solely to strengthen the network even if I don't utilize the service itself.
> Are all the features advertised functional out of the box on deployment of a ChatMail server?
Majority of the features are in the client. The one thing you get with Chatmail is functional (and secure) push notifications on iOS and Android devices via APNS/FCM. Desktop doesn't need them as IMAP PUSH works there. *Some* Android devices can use IMAP PUSH, but depending on how aggressive the vendor changed Android to kill background processes etc.
> And, is it easy to manage/maintain a ChatMail server
Run package updates, maybe deploy the latest Chatmail changes once a month or so? There are some middleware services in Python that will be rewritten to Rust eventually. A couple of Dovecot/Postfix config tweaks have happened in the last few months as well. It's fairly low maintenance. I have apt Unattended Upgrades enabled on my servers so they take care of themselves including rebooting as necessary.
> By the time you do all of this one could otherwise be using an instant messaging protocol made for instant messaging.
Except when that protocol is blocked, but email still works.
If you're happy living in your little bubble where nobody is censoring the protocols you're using, feel free to keep doing whatever you're doing. But your suggested protocols have failed the people the DeltaChat team is helping.
@gvs @adiz Turns out Simplex using port 443 doesn't make it "difficult to block", because Russia has done it. Not just blocking the known public servers. They have DPI working that detects and blocks Simplex
Is there an existing issue for this? I have searched the existing issues Platform Android OS version Android 14 App version 6.0.4 Current Behavior . Expected Behavior . Steps To Reproduce . Relevan...
@adiz have you actually tried it yet, though? It cost you nothing but a minute of your time. No need to provide any identifying information to make an account, and the account will be auto-deleted if it's idle for too long.
click the link in my bio to message me. I'll show you some cool stuff that no other messenger has.
Yes, I have. And, it worked. But, it sucked. And I don't want to go through the lengths to make it not suck (like a dedicated address for it + a Chatmail deployment) when I already run an XMPP service which does everything DeltaChat does but better + more.
@adiz this statement is technically inaccurate. Xmpp and Delta chat have the same federated model, so architecturally they are equivalent.
However, a key pain point for me for xmpp is that media attachment is out of band with regards to the protocol, occurring over http. It has all the same privacy concerns that media uploaded to the fediverse does. As media sent over Delta chat occurs in band (email attachment) and is end-to-end encrypted, it is strictly better from a privacy perspective.
However, from a normalfag perspective, interface remains the chief detriment of using xmpp over other solutions. The xmpp ecosystem has been waiting for "someone else" to make a good, functional, attractive client forever. It is not a good argument to say that all it needs is a client that has not been developed in 20 plus years. One client that is a functional clone of something that normalfags are used to like telegram or Whatsapp, is an enormous selling point for people not concerned with, or unable to understand arguments for privacy.
I like xmpp. I like Delta chat. But there will be no one true instant messaging solution until a plurality of users exist that brings it to dominate the market. Currently, those are all proprietary networks tied to services like Facebook or well, mostly Facebook I guess.
The open source community is never going to fill this gap. I'd like to be proven wrong, but I've been waiting for 20 years now...
waiting just as long. hasn't happened. the desktop ui for deltachat feels wonky and i'm slowly moving away from handset although arcanechat for 'droid is pretty okay.
what i like about deltachat is i already have a mail system which i use for.. mail. i can still keep encrypted mail separate from delta(openpgp) encrypted messages and it just works. i've handed deltachat to people in this thread, elsewhere on fedi, at the local coffee haus, and to the chick i'm dating who's not technical. so far so good.
i was always an enthusiast of xmpp, but damned if i can't get anyone to talk on it regularly so i use it for a transport bridge for fun, nothing serious.
@adiz @pwm it looks like the latest non-electron is github.com/dignifiedquire/drea… which hasn't had much velocity lately. we'll have to see how it goes.
@pwm @adiz thanks, i overlooked it. for now i'll keep on what is working. i'm starting to migrate fully to bsd for my desktop system, so that should also be a good time.
Everyone talks about XMPP and bad clients, but I just don't have this experience. There are multiple clients available and they all work well for me. 🤷
It's kinda a moot point when Delta Chat has just the one client.
I can concede media being facilitated by HTTP in XMPP vs. within the protocol itself. Still more performant and capable than trying to do file transfer over SMTP. @feld
DeltaTouch for Ubuntu Touch ArcaneChat for Android ArcaneChat TUI DeltaChat on KaiOS (feature / flip phone) kdeltachat for the KDE folks (stale at the moment though)
@adiz @pwm it's pretty easy for you to build a client on any platform if you want. You get to skip all the annoying parts of reinventing the SMTP/IMAP/PGP and Iroh functionality. In fact it would be stupid to reinvent it because the core has been audited multiple times.
So you just wrap the core DeltaChat JSON-RPC server (written in Rust) and treat it like an API service, and you're done.
Everything we're talking about (XMPP, SMTP, IMAP, etc.) are pre-existing and well established protocols that are neither new nor need reinventing. @pwm
just because there are client libraries for these protocols in another language don't mean they're good or safe
edit: I should really emphasize that the only safe PGP implementation is rPGP in Rust, and it has some required functionality you will not find in GPG, Sequioa, NetPGP, etc that is being leveraged for additional privacy. It would be a security downgrade to not use it.
edit2: anonymous recipient is an example, which makes it impossible for an adversary to analyze the PGP data and know who it was intended for because there is no exposed public key ID. The only way to know who the message was for is to successfully decrypt it with the recipient's key! github.com/rpgp/rpgp/issues/50…
Currently rPGP supports receiving packets with "anonymous recipient" (all-zero wildcard keyid/fingerprint), but I have not found any way to generate them. But key_id is always included in the gener...
> Everyone talks about XMPP and bad clients, but I just don't have this experience.
If you lock yourself in a box where only Android and Linux desktops exist, sure, there's an *okay* XMPP experience available. Conversations on Android is like the only good client available.
But the experience is still terrible on Windows, Mac, and iPhones
media attachment is out of band with regards to the protocol, occurring over http
Does it not send some sort of key over XMPP when you are sending a file to an OMEMO chat, making the data transmitted over HTTP useless without it? I never looked into it myself, but attachments sent without OMEMO look like normal links you can access from a web browser, those sent with OMEMO encryption have aesgcm:// schema.
I'm just not that knowledgeable about XMPP and not sure what that means 🤪 Does this mean that the URL is encrypted or that the file has to be downloaded and then decrypted with a key sent over XMPP?
Ah, I think I've found it: xmpp.org/extensions/xep-0448.h… Yeah, the key seems to be sent over XMPP separately, making HTTP traffic useless even if intercepted. Good enough!
@m0xEE @adiz @pwm that's similar to how Signal does it as well, and I think iMessage(?). Probably Whatsapp for groups too. Makes most sense anyway.
Fun part is that if the web hosting is not owned by the chat app team it has a potential for metadata leaks. Signal groups use CloudFlare, so you can just ask CloudFlare for the logs of who downloaded a file from their CDN and you get the IPs of all members of a Signal group. So you better hope that nobody has infiltrated your top secret anonymous anarchist chat group and shared a file because there's a way to unmask the members
There are ways to unmask IPs, anyway. If the concern is about deanonymization or infiltration or loss of encryption then honestly the most likely threat in any system is a mole, not people pulling server logs from service providers or man-in-the-middle attacks, etc.. And, there is virtually no way to program or digitally defend yourself out of infiltration if you're running a group or organization. 🤷
Luckily, we run our own websites and XMPP server, etc.. @pwm @m0xEE
(You could have the best, most secure, most anonymous, most decentralized, zero access, log-less, bla bla bla app or protocol to run your illicit or nefarious agendas over and it means almost nothing if you're communicating with someone who is an agent of the state or an informant.) @pwm @m0xEE
🔹 Sync deletion of messages and chats across devices 🔸 Page sized text editor for longer messages 🔹 Webxdc: Notifications (and more) 🔸 Improved integration into UT (ContentHub import/share)
Attached: 1 image
Release cycle completed. Please update so we can initiate the next release round with a long awaited feature ;) Generally delta apps are compatible to all currently released apps and because 15+ app stores come with all kinds of …
A migrant family of four, including two young children, were rescued at the Canada-U.S. border on Thursday, as they were trying to enter Quebec illegally. The Royal Canadian Mounted Police (RCMP) had to intervene around 4:15 a.m.
Ok look, I’m going to need to know exactly how these attempted “hacks” work, because I’ve been computering quite a lot for quite some time and this is not at all how computers work.
"We see o1-preview can’t win at chess fairly (0 normal wins), but does sometimes succeed with hacking. All successful hacks we record replace the chess board with a winning position".
This framing is the kind of nonsensical AI boosterism that @timnitGebru has been telling us about for years, just absolutely bullshit. There’s no hacking of anything, no clever new insight, it’s just lying and cheating, and the conclusion of this article should properly read “the more expensive a model is the more likely it is to produce lies that seem superficially correct and we have to ask ourselves what world we think we’re going to build on a foundation of epistemological quicksand.”
Davros, creator of the Daleks, first appeared 50 years ago OTD in Part 1 of the classic 1975 story: Genesis of the Daleks. Davros would go on to become one of the greatest adversaries the Doctor has ever known. #DoctorWho
@Bruce He and Terry Malloy had such amazing vocal control with that character. I'm so glad Malloy is still being called on to play that role in the audio dramas.
@DavidGoldfield @Bruce Terry Malloy crafted an excellent performance as well as Davros. He made the character seem even more sinister and macabre - especially in Revelation of the Daleks. I'm really glad he's still doing the Big Finish audios as well.
My dad, who is constantly bored, is a talented home improvement hobbyist craftsman. Can fix up pretty much anything. He has #ADHD, keeps asking me to remind him to do stuff, he keeps not doing it, months pass.
I've now set up a cron job that calls a homemade Python script (that I'd update over SFTP) to put one task in front of him at all times on his #GNOME computer, using this #GNOMEShell extension: extensions.gnome.org/extension…
I don't know whether that makes me a chaotic good or lawful evil son.
@federicomena Hilarious! A long time ago I got annoyed at @johnmark not completing things that I was waiting for, so I wrote a quick IRC bot that would remind him any time he spoke up in channel.
@donbahno anoo ma trochu nahneval a vtedy som si povedal začnem jazdiť na biku... keď sa na to ale pozerám spätne nemusel som byť tiež taký nepríjemný.
Getting rid of an old Yahoo email address doesn't need to be a hassle. Here's how to delete a Yahoo account in a few easy steps on iPhone, Android or browser.
There's a new TWBlue version available. Highlights include initial support for filters, pinned posts, posting in different languages and some minor bugfixes (including show all posts correctly). You can update via autoupdater as always, or via GitHub Releases at github.com/MCV-Software/TWBlue…. Due to lack of time on weekends I will delay this announcement on TWBlue's website until monday, thanks for understanding!
Changelog
In this version, we have focused on providing initial support for Mastodon filters and pinned posts. From TWBlue, it is now possible to initially use filters for posts in most buffers, as...
Wow. #Rust is an unserious language. Unless you bend over backwards to fight the compiler and avoid the standard library, you cannot write code that doesn't try to terminate the calling process on arbitrary error conditions. news.ycombinator.com/item?id=4…
Terminating the process is never an appropriate action in a library. The library has no way to know its caller's uptime constraints. Libraries should only return error codes to callers. Only applications can decide whether to bail out or not.
Debian is participating in Google Summer of Code! We're seeking candidates who are interested in working on projects and receiving mentorship. Applications are open March 24 - April 8, 2025. wiki.debian.org/SummerOfCode20… #Debian #GSoC
I think you who complain about Debian being in GSoC should read the link. It is not about giving something to Google it is about getting people some introduction to software development, and in Debians case, code/software in Debian.
Hello there! Just came across your profile browsing my Mastodon feed. I'm fascinated by Minitel and similar systems and would love to learn more about them. I am blind and the Minitel sounds like something that could have potentially been a gamechanger for our community back then. Unfortunately, from my limited research (I can't speak French almost at all), back in the 80's hardware speech synthesizers were the only way to have any text synthesized. Those were expensive, bulky boxes and even though there have been attempts to make Minitel accessible, none of the proposed solutions seemed to have gained traction. Do you think accessibility is an aspect that could be included when rethinking modern Minitel revival projects, while modding terminals if at all done? I'd be happy to discuss this further. All the best from Vienna!
@Piciok thanks for your message. So the Minitel itself is just a terminal, screen and keyboard. There also no audio capabilities, never was. So I doubt it ever was accessible that way. We are using a raspberry pi to control the screen and read keyboard inputs. So the pi can output audio but the Minitel itself wouldn't do too much except having a nice keyboard, but it's AZERTY. So I wish it could be useful that way but I don't really think it would be that useful. Unfortunately in 1980 it wasn't something the french government thought through, and looking at the situation of accessibility in general in France today, it's still isn't a priority unfortunately.
Yes, I thought that might have been an issue. I thought, perhaps, it would be possible to hook up an external device, capable of reading the text transmitted over the Minitel protocol, into the terminal and have it output, a kind of hardware screen reader. In my fantasy, it would hook up like those hardware caller presence indicators, maybe even output speech through the phone's receiver, to allow for two-way interaction. Maybe it's something to think about. Yes, with Raspberry Pi, it would be relatively easy to build a simple screen reader, I expect.
The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented "backdoor" that could be leveraged for attacks.
Update 3/9/25: After receiving concerns about the use of the term "backdoor" to refer to these undocumented commands, we have updated the title of our story.
Archos
in reply to Robin Bedrunka 🐞 • • •