Skip to main content



The adjective for metal is metallic.

Not so for iron, which is ironic.

reshared this



Something looks suspicious about the IA attack, and I suspect the goal is to change sentiment about *something*, probably the Internet Archive, but it's not clear what, and it may be more than one thing. It seems like someone probably paid a hacking agency to do this, very possibly a publishing house upset about copyright claims, and I say that especially because:

- "See you on Have I Been Pwned", but really, this is one of the least dramatic things to end up on HIBP of all time: it's names and email addresses sure, but all the passwords are properly hashed and there isn't much else. So why gloat about it?
- There seems to be an attempt to lower public impression of IA in terms of talking about its tech "held up with sticks". It is old tech, so maybe, but why the focus on that?
- If you analyze the HN thread about it for comments in terms of when posted, there were a bunch of sockpuppet accounts created almost immediately after the post was made, seemingly to add comments: news.ycombinator.com/user?id=N… news.ycombinator.com/user?id=h… news.ycombinator.com/user?id=1… news.ycombinator.com/user?id=M…
- An allegedly pro-palestinean militant hacking group is claiming responsibility, but their rationale doesn't make sense: they say it's because the IA is an American company, and the US is helping Israel. But why the IA *specifically*? This seems like a false flag operation either to draw attention away from the real perpetrators, or possibly to try to turn technically inclined people against pro-palestinean activists x.com/sn_darkmeta/status/18441…

The IA *is* engaged with several fights with publishers and people who have beef on copyright grounds. It's entirely possible one of them hired a nation-state affiliated hacking group (of which there are quite a few) that had a side beef, or that group is trying to throw the public off its tracks, but regardless, sock puppets like this typically appear after a hacking attack when there's a paid organization.

Regardless, nobody else is keeping the internet's history alive, and yes, the IA has made some mistakes sometimes, but I stand behind them and wish their staff strength in dealing with this time.



Afternoon sessions at the #LibreOffice and Open Source Conference 2024 are underway! The Engineering Steering Committee is presenting its work, and videos of the talks will be made available very soon: conference.libreoffice.org/202…


Život je velmi veselý.
Včera jsem neměl žádný Mastodon, dnes mám 2.
Takže mi to tu pořád cinká a já jsem zmatený, jak lesní včela ve větráku.😂
in reply to Archos

@archos
Já instance neřeším, sleduji napříč instancemi, ale obecně je mi tady na Mastodonu dobře.
Sice vlastně vůbec nechápu jak to celé funguje, ale ať si v tý fediverzi běhaj ti trpajzlíci jak chtějí, hlavně když mi přinesou inspirativní a zajímavé posty a to se děje 🙂
A děkuji za přijetí na mamutovo.cz




Autocrat and authoritarian now means independent from the US and refusing to be vassalized.

theatlantic.com/international/…



What #AntiVirus are you guys using?
I've uninstalled #avast a few months ago, used Windows Defender for a while now, but honestly it's kinda going on my nerves, how it behaves and the UI.
I don't like These huge anti Virus Providers which just have a Million functions I don't even care About. I don't Need vpn, Password Manager, game mode, or anything. I just Need protection against stupid viruses.
Anything thin and small you could recommend, or at least something which could fit my Needs? I mean, that it shouldn't slow down your entire System like Avast does is clear I Guess.
thanks for your recommendations.
in reply to Jonathan

@vibudanimsara Because of Bit Defender's high test scores, I would love to try it but when I installed it several years ago I allso found it to be totally accessible. I have also read that Windows Security does provide high test results. Personally, I use MalwareBytes Plus, which includes the antimalware program and the VPN. MalwareBytes is mostly accessible. Its main issue is that pull-down menus are not identified when you first move focus to them but once you invoke them the resulting options are accessible. I also use Windows Security, as both programs can be run concurrently.
in reply to David Goldfield

Sorry for coming back on this so late. But I don't completely understand. Was it accessible when you installed it, or not? Because for me it wasn't, and you wrote "I allso found it to be totally accessible."
This entry was edited (2 weeks ago)



Vážení posluchači, zůstaňte u svých přijímačů. Bude vysílána důležitá zpráva.


Zajtra makám v pivárni a nie že by som sa sťažoval ale v sobotu sa potrebujem učiť.


If I wanted to do an attack like LZMA, I'd attack something in Bazel's dependency chain. Bazel depends on OpenJDK, which pulls in a bunch of things like libpng, libXt, and so on. How many eyes are on libXt, given that basically no one uses that bit of the protocol anymore? Inject something there that looks for OpenJDK symbols and, if they're present, hooks into the class loader. In the class loader, watch for Bazel-specific classes and then inject some different Java bytecode. Now you have control over the build systems of a load of things, most notably Chrome, so now you can run your malware on around 65% of client devices.
in reply to Matt Campbell

@matt Yes, that one (xz is the command-line tool that wraps the LZMA library that contained the attack).
in reply to david_chisnall

Right. My first thought, reading your post shortly after waking up, was that there was a new attack I hadn't yet read about.


Nightmare

Sensitive content



🇩🇪Niederländisches Parlament verabschiedet mit breiter Mehrheit vorbildliche Entschließung zur #Chatkontrolle +++ "unüberwindbare Bedenken gegen die Verhältnismäßigkeit" +++ "die private Kommunikation aller Bürgerinnen und Bürger zu überwachen" sei abzulehnen +++ Regierung soll bis Dezember mit Experten "einen alternativen europäischen Vorschlag zur Bekämpfung der Verbreitung von Bildern von Kindesmissbrauch im Internet erarbeiten"
berthub.eu/tkconv/document.htm…
in reply to Patrick Breyer

🇬🇧Dutch Parliament just passed an exemplary resolution on #ChatControl with broad majority +++ "irreconcilable concerns about the proportionality of the European CSAM Regulation" +++ "detection order to be issued on the private communications of all citizens" is unacceptable +++ Government and experts to draft "an alternative European proposal to combat the dissemination of images of online child abuse"
berthub.eu/tkconv/document.htm…
This entry was edited (3 weeks ago)


Is It COVID or Flu? FDA Gives 'Official' Authorization to Test That Will Tell You cnet.com/health/medical/is-it-…



How to View Saved Wi-Fi Passwords: All the Tricks and Hacks You Need to Know pcmag.com/how-to/view-saved-wi…


Slack's 'also send to channel' thing in threads is just so useful. Just as being able to get a timed reminder about any message from the context menu.
Clearly a well thought-out app for team communications, it's all the little details that make it work so nicely.
in reply to Sean Randall

Interesting. We have a kind of soft-ban on using that checkbox at work because of the noise it makes, as does the web a11y Slack. What do you find it useful for?
in reply to James Scholes

@jscholes drawing attention to an important update, mostly.
In this case we started a thread about a series of tickets that need fixng by the end of the month and people have been adding to it throughout the week. The notification of an all-channel meeting and a camban board for people to add to went on the thread, but also needed really to go in the channel. we're over 200 messages further ahead by this point, so it just worked well in that specific situation. There are presumably times you want to be sure all your channel members see something relevant to something that previously came up.


What the fuck why does Windows CMD still, still, still not have LS? And why do I have to use a different command if I want to change the working drive?
in reply to Haily Merry

there's UIs for tonnes of stuff. DNS, printer management, group policy, users and computer management in AD, almost everything has been prettified for the mouse generation.
in reply to Sean Randall

@cachondo I'd be kind of interested to know which sort of businesses stick to Windows Server and which use Linux, but I'll bet you almost anything the former consists almost exclusively of schools, leisure centres, non-critical corporate / government arms, probably critical government arms too actually given that they paid Microsoft to keep XP supported for years until wannacry happened.

in reply to SuspiciousDuck

cítim sa ako... včera som mal ai frutti di mare a ako zamestnanec to mám za polovicu a to sa čo?
This entry was edited (3 weeks ago)


Thoughts on tabletop, language, and J. L. Austin

Sensitive content



#TWBlue seem to have some concurrency bug: when new toots come into a timeline, pressing the command to read the next toot sometimes jumps over a few incorrectly. I think maybe the timeline data structure needs a mutex to make sure it is not concurrently written to and read from.
in reply to modulux

Either that, or TWBlue is expecting posts to always come in ordered when they very much don't.
in reply to James Scholes

Also possible. But the weird thing is after a second or two the "cursor" goes back to the right place. So often I get something like:

ctrl-win-space: toot is read.
Beep indicating new messages.
Ctrl-win-space: different toot is read, cursor is off.
A second or two pass.
Ctrl-win-space: the previous toot is read, cursor is back in place.



My mum wants to join the #Fediverse - as she's fed up with adverts in other social media - and I have no idea what server would be best for her.

She's in her seventies, likes gardening, outdoors, cats and dogs, travel, books..

Any suggestions?

#askFedi #askMastodon



he leído un libro malísimo, bueno, ni lo he terminado, en teoría tenía que ser erótico, en realidad era una mierda, mal traducido, pero hasta el punto de falta de concordancias de todo tipo, masculino cuando tenía que ser femenino, y al revés, palabras mal traducidas que se ven aunque no se sepa inglés. Un puto desastre. La temática ya ni hay por donde tomarla. No os digo cuál para evitaros la tentación de perder cinco minutos en leeros 10 o 15 páginas, porque ni para eso vale.
in reply to modulux

@modulux pero suele estar muy muy muy mal escrita.. Tampoco soy demasiado aficionado a esa literatura, pero es que me encontré unas basuras de la hostia, y encima con tales déficits de traducción…
in reply to Juan CBS

Sí, pero a eso voy, que la gente se piensa que vale cualquier mierda y hacerlo bien no es fácil. Soy muy selectivo y sólo leo cosas bien escritas, y a veces me cuesta encontrarlas.



Por ninguna razón en particular, se me ocurre recordar las funciones de la justicia penal, tal y como se conciben en el mundo jurídico y en nuestra normativa. Póngase por delante que todo esto es discutible, pero para discutirlo hay que conocerlo primero.

Prevención general: la pena se da a conocer a la sociedad, y disuade a la población en general de cometer crímenes. Esto tiene dos vías: la negativa (intimidatoria), y la positiva (demostrando la eficacia de las normas e inculcando los valores jurídicos).
Prevención especial: actúa directamente sobre el delincuente, evitando la comisión de nuevos crímenes. Esto tiene dos vías, directamente por limitación (la privación de libertad impide la comisión de muchos ilícitos) e indirectamente por intimidación.
Rehabilitación y reeducación: se busca que la pena funcione no sólo limitando la capacidad criminal del reo, sino dándole la capacidad de participar en sociedad de forma productiva.
Mantenimiento del monopolio de la violencia del Estado: esta función, a veces ignorada, implica que sólo el Estado tiene el poder de ejercer violencia legítima. Se puede ver desde la perspectiva del contrato social, como un acuerdo por el que cada individuo cede su capacidad de ejercer la violencia a cambio de que el Estado se haga cargo de actuar contra el reo que nos ha causado un daño. También se puede ver como una necesidad social y organizativa, ya que la falta de un sistema eficaz y creíble de justicia redundaría en el uso de la fuerza por parte de los ciudadanos, y en largos ciclos de venganza.
Protección de la víctima: es otra faceta de la prevención especial, pero no desde el punto de vista de cualquier crimen que el reo pueda cometer, sino específicamente de la víctima contra la que ya ha actuado.

Nuestra constitución se pronuncia en su artículo 25 sobre la naturaleza y sentido de las penas, en particular en su apartado 2.

Artículo 25.2. Las penas privativas de libertad y las medidas de seguridad estarán orientadas hacia la reeducación y reinserción social y no podrán consistir en trabajos forzados. El condenado a pena de prisión que estuviere cumpliendo la misma gozará de los derechos fundamentales de este Capítulo a excepción de los que se vean expresamente limitados por el contenido del fallo condenatorio, el sentido de la pena y la ley penitenciaria. En todo caso, tendrá derecho a un trabajo remunerado y a los beneficios correspondientes de la Seguridad Social, así como al acceso a la cultura y al desarrollo integral de su personalidad.


Pues bien, la Constitución indica que, sin perjuicio de otros fines lícitos para la pena como los que he detallado más arriba, la orientación central de las penas es la rehabilitación y reeducación del reo. Al contrario que otras tradiciones jurídicas que consideran que el crimen priva al reo de derechos, nuestra normativa lo coloca en el centro, paradójicamente como principal beneficiario de la pena, detallando que conserva sus derechos e incluso su libre desarrollo de la personalidad.

Esto implica que nuestra Constitución no admite la cadena perpetua. Pero va más allá: el prolongamiento de las penas supone un fracaso, ya que no se obtiene el resultado deseado.

Sin ninguna razón en particular, me gustaría saber de que sirve una pena de 30 años, que no se pueda hacer en 25, desde el punto de vista de los fines legítimos de la pena que he comentado anteriormente.

Cada cual que reflexione.




Niether of my instances is updated with the latest source code. I think I'm going to change again and this time I'm going to try murging them into one so I can still follow both instances but only have to worry about posting or replying once. Is it even possible to murge two instances and their follow lists into one?

in reply to aaron

@fireborn It is a whole lot of fun. It’s also all his fault I was up all night playing the darn game, lol


I've noticed that, for me and my wife at least, #Signal isn't always reliable for time sensitive messages. Even after exempting it from the Android power saving and everything it's almost like it goes to sleep sometimes and notifications don't pop until we open it up. The #XMPP app Conversations.im however is very reliable. Running a packet capture on my phone shows that when switching networks #Conversations immediately reconnects, but Signal doesn't, sometimes for several minutes.


…and regarding the Internet Archive hack, in the past, we have seen no-kill animal shelters hacked, children’s cancer centers hacked, traditional libraries hacked, humanitarian aid organizations hacked, and so on. These people aren’t put off one bit by who their victims are. Just like a regular library remains as important after being hacked, so is IA. Help them dust off and get back to work.

And fuck the people who victimize organizations like that.

This entry was edited (3 weeks ago)


Teda zrovna povel štěkej, má myslím vypadat jinak 😃😃
#wick
#wick

in reply to Lucinek

Ano já to chtěl napsat, že u nich člověk není jistý na jak dlouho, jen jsem to rychle odeslal 😃
in reply to Archos

@archos Ono takovému fanouškovi přírody v Rusku pravděpodobně hrozí dlouhé vězení. A nikdo se to nikdy nedozví.


To all the blind musicians out there, is their a mailing list you guys are on to talk about instruments and recording sofftware?,thanks.
in reply to Keao Wright

There are numerous lists out there. One I'm on is the MIDIMag discussion list on Freelists. There's also the Reapers without Peepers list if you use the REAPER multitrack software.


Nepředpokládám, že by moje instance skončila, přesto si občas v nastavení exportuji a zálohuji seznam sledovaných a sledujících, takže by případný nucený začátek jinde zabolel, ale nebyl by od nuly. #cztwitter

in reply to aritrasaha

There is no clarity yet. But in any case, we will make sure that none of Tuta accounts get lost.


Zítřejší @mastopivo nakonec nezvládám. Přeskupily se mi povinnosti a tím nakonec i priority. Třeba příště ...
#mastopivo


La Fundación ONCE convoca una ayuda para opositores a los subgrupos A1 y A2 de cualquier Administración pública española. La ayuda se extiende a academia o preparador, transporte, alojamiento, materiales y herramientas, y es de hasta 5000 EUR.
Requisitos: nacionalidad española, discapacidad del 33% o más, titulación universitaria (necesaria para el grupo A), y no estar trabajando ni tener prestaciones superiores a 15000 EUR.
Fecha límite: 24 de octubre.
Que bien me habría venido esto en su día.
Más información: becas.fundaciononce.es/Paginas…
#becas #oposiciones #discapacidad
in reply to modulux

Lo de la nacionalidad española, ... No aprendemos! Es excluyente a residentes de la Comunidad Europea que no pueden obtenerla.
in reply to Óscar Gorri

Sí lo es. Tampoco se puede argumentar que sea porque el acceso a la Función Pública en general y a los puestos A1/A2 en paticular esté limitado a ciudadanos españoles.


The #LibreOffice and Open Source Conference 2024 has started! Eliane Domingos from @tdforg's Board of Directors gives the opening speech. conference.libreoffice.org/202…


This stupid WordPress drama is making me feel I should migrate Spews to a new solution, but which one? I could use Hugo, but that's gonna be a pain in the backside to convert.
in reply to Sean Randall

@cachondo I don't mind all that stuff (I use the HTML editor) I was mainly refering to the whole drama with WPEngine.
in reply to Seedy of Chucky

How does that impact you individually?I mean unless you were going to use Engine.
Wordpress is still wordpress outside of the drama.