Skip to main content



I got my partner - who is non-technical - a Windows laptop for Christmas in 2023. A fancy one with Windows 11, TPM blah blah. Clean install.

It has Defender, Smart App Control enabled etc so I wasn’t concerned about the security.

Anyhoo, just looked at 7 months later and Defender is disabled, a ‘free’ AV called RAV is registered which appears to be a fake Chinese AV, Smart App Control is disabled, her traffic is routed to a Chinese VPN, her browser is Opera GX (a Chinese owned one).

in reply to Kevin Beaumont

She installed exactly one application, a movie player. It hijacked her entire system. This is why Recall is such a fucking bad idea btw, the idea Windows security is fixed is a joke - home users have no chance against this stuff.


Gajim 1.9.3 has been released 🎉

This release fixes an issue with the MS Store installer and brings some improvements. Thank you for all your contributions!

#xmpp #gajim #chat

gajim.org/post/2024-07-29-gaji…

Nicoco reshared this.

in reply to Gajim

And @archlinux is still stuck on 1.8.4 😭

Can't wait to use all the new awesome features




"3.1.1 Web pages
We crawl publicly available information using our web crawler, Applebot, and respect the rights of web publishers to opt out […] using standard robots.txt”

"3.1.3 Code
Code data is obtained from license-filtered[1] […] repositories on GitHub. The bulk of the code data covers 14 common programming languages, including: Swift, Python, C, Objective-C, C++, JavaScript, Java, and Go.

[1] MIT, Apache, BSD, CC0, CC-BY, Unlicensed, ISC, and Artistic Licenses.”
mastodon.social/@applemlresear…




The number of CNAs over time (#CVE Numbering Authorities). At 385 right now. Over 20,000 CVEs published in the first half of 2024.

From the "CVE Program and CNA Quarterly Report"

#cve


#trurl 0.14 is here. github.com/curl/trurl/releases…

Works best with libcurl 8.9.0 (and later)





«Damit die Attacke gelingt, muss allerdings Python auf dem Zielgerät installiert sein. Daher sind in erster Linie Softwareentwickler und Poweruser anfällig für diese Sicherheitslücke.»
— oder Schüler, die an die Materie "Programmierung" herangeführt werden. Potentiell mögliche Opfer also

#Whatsapp-Sicherheitslücke erlaubt Skript-Ausführung | heise online heise.de/news/Whatsapp-Sicherh… #Bug #MetaPlatforms #Python :python:



Hello Jamers 🙂,

For those who missed it or didn’t have the time to click on the Dev update #10 link, no worries! We've got the highlights for you!

If you're curious and want to dive deeper, here's the link: jami.net/dev-update-10/

#Jami #opensource #P2P #App #PrivacyMatters



If you could speak to the future, what would you want to ask?

Some matters might just be idle curiosity, but others are life and death. If you only got one question, what would you most desperately want to find out?

Well, good news: the future has just gotten in touch.

My first fiction piece for the rebooted OnlySky!

onlys.ky/an-important-message-…

#fiction #future #optimism

This entry was edited (3 months ago)







New app added to the Accessible Android apps directory: Brave Browser accessible with minor issues accessibleandroid.com/app/brav… #Android #App



Your security, your control. PureBoot isn't affected by UEFI key leaks. No central signing keys means no central point of failure. #PrivacyMatters #PureBoot @pureos
puri.sm/posts/purisms-pureboot…


Important Apple-focused accessibility site to shut down (Link) sixcolors.com/link/2024/07/imp…


President Biden Announces Bold Plan to Reform the Supreme Court and Ensure No President Is Above the Law.
1. Constitutional amendment - No Immunity for Crimes a Former President Committed in Office
2. Term Limits for Supreme Court Justices of 18 years, with new appointments every 2 years
3. Binding Code of Conduct for the Supreme Court

This will require Congress to pass appropriate bills.

whitehouse.gov/briefing-room/s…
Opinion piece behind paywall at washingtonpost.com/opinions/20…
1/n

This entry was edited (3 months ago)


Sources: HPE is expected to secure unconditional EU approval for its $14B acquisition of Juniper Networks; the EC is scheduled to decide on the deal by Aug. 1 (Foo Yun Chee/Reuters)

reuters.com/markets/deals/hewl…
techmeme.com/240729/p5#a240729…



Everyone talks about model collapse to discredit AI LLMs, but this story’s point at the end is the most important. Retaining human data into a model eliminated most problems. I’m still very, extremely bullish on the future of #AI in our workflows. The AI you see today is the worst you’ll ever use the rest of your life. axios.com/newsletters/axios-ai…
#AI


A US court rules that US border agents must get a warrant before searching the electronic devices of Americans and international travelers crossing the border (Zack Whittaker/TechCrunch)

techcrunch.com/2024/07/29/us-b…
techmeme.com/240729/p8#a240729…



During the Berlin XMPP sprint, some XMPP developers worked on message formatting. Previously, formatting was done using simple markup (e.g. *bold*), which sometimes leads to unintended formatting and is limited in functionality. We now decided to transmit formatting information outside of the normal text, with optional fallback to markup for legacy clients. We worked on improving the specification and on support in three different clients, including @dino.

#dino #xmpp

This entry was edited (3 months ago)

reshared this

in reply to fiaxh

oh, nice, looks like I will have to add support in slidge soon then. :o)


New, by me: A federal district court in New York ruled that U.S. border agents must obtain a warrant before searching the electronic devices of Americans and international travelers crossing the U.S. border.

The judge warned that had they ruled in the government's favor, this ruling could have be used to target political opponents, who "would only need to travel once through an international airport for the government to gain unfettered access" to their devices.

More: techcrunch.com/2024/07/29/us-b…



Pretty handy feature - my previous phone case didn't offer to suck as much as this one appears to.
in reply to Ross of Ottawa

I'm the only one in our household using a folding case. The flick of my wrist to flop the magnet closed and the accompanying click has become a bit of a signature!
in reply to Sean Randall

@cachondo Ha! Gives the satisfying tactile click. Good chief inspector from Scotland Yard vibe.


#Anthrax - Antisocial (Official Video) - YouTube
youtube.com/watch?v=Hx_m7Y9nGt…

Amri star !!!!

#pouetradio





In July, #LibreOffice's Design community worked on mockups for a peer-to-peer collaboration feature. We also had updates to the software, a preview of the next major release, and more: blog.documentfoundation.org/bl… #foss #opensource

LibreOffice reshared this.

in reply to LibreOffice

hi, it is only a design feature ? Yet not at all a in-real time collaboration ? 😬


The second day of DebConf24 has ended, we start again tomorrow, Tuesday 30, August at 10:00 KST (01:00 UTC). The schedule for the day will be debconf24.debconf.org/schedule… Thank you to all our contributors, viewers, and to our Debconf Video team! See you tomorrow! micronews.debian.org/2024/1722… #debian


Hello, Mastodon. I have news for you today.

reactormag.com/tor-publishing-…

in reply to Scalzi

'And friend?' Great alt text on that photo. ;) Congrats on the deal, glad to know there'll be more coming for years yet!


De-Googling your life is easy – here’s how! 🤩

Say no to Google’s surveillance and privacy-invading tactics by going Google free. 🙅‍♀️
👉 tuta.com/blog/how-to-leave-goo…

#Degoogle #DeGoogling #StopGoogle #Gmail #Betterapps #Privacy #surveillance

in reply to Tuta

nice. But you also need to add the much better Google Docs/Apps/Drive or MSO 365 & OneDrive replacements: NextCloud and OnlyOffice. Quite compelling in my experience.
in reply to Tuta

Authy is not a good candidate for authenticator apps. Like the big brands, they are trying to masquerade a simple, local program as something that requires a cloud account.

KeePassXC also belongs in the authenticator column. It has built-in TOTP.


in reply to Sean Randall

So did you end up getting that book? If so, in what format? Doesn't seem to be available as an audiobook.
in reply to Sean Randall

I wish I'd found this quote sooner. Mark Haddon called it "The bastard love child of The Matrix, Jaws and The Da Vinci Code.
Very entertaining."
All the more interested in reading it now!

Unknown parent

Munchkinbear
@fireborn you can't be logged into the same account in two places.
Unknown parent

Munchkinbear
@fireborn nope, it boots you out of one device when you log into another.



This, @EUCommission , would be a fantastic opportunity to ditch Microsoft altogether and embrace some European-maintained open source solution instead for your 40K employees. The EU government depending on non-EU infrastructure is not good for strategic autonomy – and that's on top on digital surveillance by American tech corps being against our data protection laws.

edps.europa.eu/press-publicati…