mastodon - Link to source
Jieshuo+ vs. Jieshuo Lite: Differences and Which One Should You Choose accessibleandroid.com/jieshuo-…

Jieshuo+ vs. Jieshuo Lite: Differences and Which One Should You Choose - Accessible Android

Jieshuo screen reader comes in two versions: Jieshuo+ and Jieshuo Lite. The Lite version is sometimes referred to as the "International" version on the GitHub
Kareen Kiwan (Accessible Android)

mastodon - Link to source

Automakers have been selling data about the driving behavior of millions of people to the insurance industry.

In the case of General Motors, affected drivers weren’t informed, and the tracking led insurance companies to charge some of them more for premiums.

I’m the reporter who broke the story.

I recently discovered that I’m among the drivers who was spied on.
nytimes.com/2024/04/23/technol…


How G.M. Tricked Millions of Drivers Into Being Spied On (Including Me)

This privacy reporter and her husband bought a Chevrolet Bolt in December. Two risk-profiling companies had been getting detailed data about their driving ever since.
Kashmir Hill (The New York Times)

reshared this

mastodon - Link to source
This song is obsessing me. It leaves me breathless every time. “Infinitely Light Years” by Steven Page. His voice, the lyrics, the themes, the orchestration and layering, all so rich. It evokes way more for me than most songs can, and music is emotive to me. youtube.com/watch?v=g4HMlwO_Cj…

Infinitely Light Years

Provided to YouTube by IDLAInfinitely Light Years · Steven PageExcelsior℗ Fresh Baked Goods IncReleased on: 2022-09-30Producer: Steven PageLead Vocals: Steve...
YouTube

mastodon - Link to source

#UploadFilter #ResponsibleEncryption - politicians today use euphemisms when they want to break encryption. 🤯

We must keep fighting for our right to privacy! 💪

Learn here why #backdoors to #encryption must never be allowed: tutanota.com/blog/posts/why-a-…

Tim Cook unlocking a backdoor on an iPhone while the FBI, hacker, oppressive regimes etc wait in line.

Let's fight encryption backdoors on Global Encryption Day! | Tuta

61% of all Tuta emails are sent e2e encrypted - a huge success for privacy. But the authorities want to weaken encryption. We must stop them!
Tuta
#encryption #backdoors #uploadfilter #responsibleencryption

mastodon - Link to source

FYI: CVE-2024-11053 is *not* a critical security flaw, even if now several security related sites repeat that statement.

This is as good as any reminder that you should read the #curl advisories for #curl issues rather than trusting the scaremongers.

curl.se/docs/CVE-2024-11053.ht…

(edit: I wrote an extra '1' in there at first)

curl - netrc and redirect credential leak - CVE-2024-11053

curl.se
#curl
This entry was edited (1 year ago)

daniel:// stenberg:// reshared this.

in reply to daniel:// stenberg://

mastodon - Link to source

Alexandre Dulaunoy

We added your clarification in vulnerability-lookup.

vulnerability.circl.lu/cve/CVE…

Now I'm wondering if we should not add the ability to propose the author and maintainer to counter any element from a vulnerability description.

@cedric what do you think of it? Not sure how this could be efficiently implemented.

cvelistv5 - CVE-2024-11053

Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources.
vulnerability.circl.lu
@Cedric 🏴󠁧󠁢󠁳󠁣󠁴󠁿
in reply to daniel:// stenberg://

mastodon - Link to source

Zimmie

I get why it’s important to have an independent severity rating for security flaws. Vendors are incentivized to downplay the severity. Does anybody think Adobe would have appropriately rated even *half* of the bugs in Flash?

But for the independent ratings to be useful, they need to have high quality with extreme consistency. We certainly don’t seem to be getting that.

mastodon - Link to source

Apparently #CISA has rated #curl #vulnerability #CVE_2024_11053 as #CVSS v3 Base Score 9.1 "critical". This is wrong, and will lead to automation triggering unnecessary warnings and blocking use of perfectly fine systems until an update is installed (which can take months). nvd.nist.gov/vuln/detail/CVE-2…

Edit: In case you wonder my credentials for judging this: I found this vulnerability.

Edit2: This appears to be originating from CISA: cve.org/Media/News/item/blog/2…

Edit3: The score has now been fixed. Commit: github.com/cisagov/vulnrichmen…


data updated · cisagov/vulnrichment@91fadb2

A repo to conduct vulnerability enrichment. Contribute to cisagov/vulnrichment development by creating an account on GitHub.
GitHub
#vulnerability #curl #cvss #cisa #cve_2024_11053
This entry was edited (1 year ago)

mastodon - Link to source

Opt-Out von der "dunkelgrünen Schrumpel-Bananen Software" schon vorgenommen?

Elektronische Patientenakte: Sorge vor Verlust von Zeit und Vertrauen
heise.de/meinung/E-Patientenak…


Elektronische Patientenakte: Sorge vor Verlust von Zeit und Vertrauen

Die "E-Patientenakte für alle" soll ab 2025 durchstarten. Ärzte und Ärztinnen wie unsere Autorin befürchten hohe Aufwände und Vertrauensverlust ihrer Patienten.
heise online
in reply to Cyb3rrunn3r ⭐️

mastodon - Link to source

IzzyOnDroid ✅

@Cyb3rrunn3r "Dem Kram" ja, dem Arzt (hoffentlich) noch nicht. Und das ist es, was die Autorin da befürchtet: Verlust des Vertrauensverhältnisses zwischen Arzt und Patient. Patienten haben keine Kontrolle darüber, welche Daten in der Akte landen und was damit passiert – und Ärzte wundern sich, wenn jemand etwas nicht in die Akte eingetragen wissen will…

Für diese Datengier ("aber die (datengetriebene) Wirtschaft!11!") setzt man das also auf's Spiel.

@Cyb3rrunn3r ⭐️
Unknown parent

mastodon - Link to source

IzzyOnDroid ✅

@MrMST wider Erwarten, teilweise ja. Ich bekam erst kürzlich Bescheid, dass dieses tolle Teil ab Januar für mich eingerichtet würde – ohne irgendwelche Aufklärung. Habe also meine Versicherung aufgeklärt. Das (per Fax) zugestellte Opt-Out hatten sie bereits in weniger als 24h eingetragen, auf die schriftliche Bestätigung warte aber nun ich seit 8 Tagen…

Opt-Out ist auf allen Kanälen möglich: Anruf (da hast Du aber nichts in der Hand), Fax, Mail, Web-Formular… Vorsorglich machen.

@🌿🍃 /home/mst 🦊🦝

mastodon - Link to source
OpenAI's Sora Is Generating Videos of Real People, Including This Unintentionally Demonic Version of Pokimane futurism.com/openai-sora-pokim…

OpenAI's Sora Is Generating Videos of Real People, Including This Unintentionally Demonic Version of Pokimane

A creepy Sora output of the streamer Pokimane shows that despite guardrails, the video generator is good at depicting real-life people.
Noor Al-Sibai (Futurism)

mastodon - Link to source

Day 15 - #adventOfIOSAccessibility. Touch target sizes are recommended to be at least 44 x 44 points for better usability. Buttons in the navigation bar (especially when not using nav bar button items), dismiss buttons, and custom toolbars, are common examples that often fall below this size.

#365DaysIOSAccessibility

Calendar of Advent of iOS Accessibility. Day 15. Small touch target sizes. Three examples of common cases with buttons that tend to have small touch target areas. The first one is buttons in the navigation bar. The second one is dismiss buttons for modal or inline popups. The third one is toolbars, especially custom ones.
#365DaysIOSAccessibility #adventofiosaccessibility
This entry was edited (1 year ago)

mastodon - Link to source
I just learned one thing about #Peertube that can make it quite attractive to content creators. Peertube channels have #podcast feeds, and most podcast apps can play video podcasts these days. You can submit the feed to Spotify or Apple Podcasts, making it available to millions of users. AFAIK, you can't do that with videos uploaded to #YouTube channels.
I haven't tried if it really works. But if it does, it's a big deal.
This is how @mestskacyklistika looks in the #Podverse app.
A podcast episode with a video content in a podcast app. There is a guy in a bike helmet and yellow jacket standing by a road in the video.
#peertube #youtube #podcast #podverse @Městská cyklistika

mastodon - Link to source
Calling all Python expert friends and Masto peoples who also know something about NVDA add-ons.
Right now, the BeSTSpeak TTS thread can still on occasion crash with certain speech interrupts, particularly if larger chunks of text are fed at once to the TTS. I honestly don't have the knowledge to diagnose all possible combinations of thread management, and all of this is reminding me too much of my C++ college days of race condition handling and such.
GPT Pro mode gave me like 7 ways to diagnose it, I just don't have the energy, nor the expertise myself in Python, so if someone picks it up, be my guest. Possible solutions detailed in eurpod.com/crashes.txt and the add-on at eurpod.com/BestSpeak.nvda-addo…
in reply to JamminJerry

mastodon - Link to source

Tamas G

yeah, some of that may get ironed out in the next few days :) I probably won't have the energy to pick it up again this hardcore tomorrow, like 8 or 9 hours of just coding with GPT straight and barely looking up to go to the bathroom twice. Aha. This is the mess any kind of coding projects get me into. Seeing others from the community step in though gave me a bit of hope that I'm not alone on it and let's face it, there exist far better Python experts than myself out there who could own me and my GPT crafted knowledge any day haha.
This entry was edited (1 year ago)

mastodon - Link to source

TIL, Pemerintah Indonesia selepas era orde baru tetap melarang penyebaran paham komunisme karena demokrasi negeri ini berkembang bersama dengan sistem oligarki dan kapitalisme. Karena itulah, ada upaya oleh orang-orang berpaham kapitalisme agar ajaran paham komunisme tidak dapat berkembang di negeri ini.

hukumonline.com/berita/a/kenap…

Catatan: Saya tidak condong atau bahkan mendukung penuh dari salah satu kedua ajaran itu yaa


Kenapa Negara Melanggengkan Kriminalisasi atas Komunisme dalam RKUHP?

Walaupun RKUHP membatasi kriminalisasi apabila dilakukan untuk kepentingan ilmu pengetahuan, tidak berarti setiap orang dengan leluasa mempelajarinya, apalagi mengembangkannya.
Mulya Sarmono (PT Justika Siar Publika)

mastodon - Link to source
Shoutout to @masonasons for helping to add headSize and excitation options to the BeSTSpeech add-on :) Now you can make that Keynote Gold sound whispery or like a chipmunk, if you wanted to. Also had help with improving the capitalization pitch shift function so it should not get stuck and keep spelling out everything in certain situations. Love to see bugs getting squashed. (eurpod.com/BestSpeak.nvda-addo… for those who do not have the link)

David Goldfield reshared this.

in reply to Tamas G

mastodon - Link to source

Simon Jaeger

I was an idiot and deleted my post instead of editing it, so apologies if you get this twice. I'm curious how on earth yoiu accomplished this? I see B32_TTS.DLL but have no idea how to begin figuring out what that actually is. Is it some kind of neural voice or did you figure out how to actually emulate the original keynote voice? I thought it was neural until it crashed in a very un-neural-like way.
in reply to Simon Jaeger

mastodon - Link to source

Tamas G

@simon @jscholes so from what I understand: This was found in an old educational product from the mid-90s - the DLL had popped up there thanks to the Internet Archive. Both the 90s software and BeSTSpeech are long dead now, but I find it interesting that the DLL description says: "BeSTspeech TTS for Windows (Designed by Jason Zheng)" and it's copyright 1994. We're using a DLL that's 30 years old, wow, way to celebrate its 30th birthday.
@James Scholes @Simon Jaeger

mastodon - Link to source

Everybody knows Ubisoft's NFT games and NFT initiative crashed and burned and they had to stop talking about AI, but one other thing I'm noticing is every game with generative AI elements is absolutely slated by consumers - e.g. these are a sample of comments on the Catly trailer from The Game Awards across different channels.

It's exciting to see a new generation just outright reject this stuff.

mastodon - Link to source
Want Keynote Gold's Voice inside your NVDA?
OK, leaving this here for now. Huge thanks to all of you who jumped in to debug this TTS. Of course, without @rommix0 releasing this find and the demo app, documenting parameters, none of this would have gone anywhere. Oh, and GPT Pro mode still gets credit for teaching me good lessons about threadding exceptions and deadlocks.
I tried to add parameters to allow for the reading of full numbers as right now anything above 4-digits gets announced as single numbers. No-go there, n3,0 and n6,0 and n2,0 and n5,0 all just didn't change anything. Maybe someone else can find a fix for that. Most other functions work though.
Some people will no doubt ask me to allow this to use another sound output device than default, and that's a big no, it's limited by the DLL itself. So not happening.
eurpod.com/BestSpeak.nvda-addo…

David Goldfield reshared this.

Unknown parent

mastodon - Link to source

Tamas G

have been debugging it for 3 hours now but don't think it'll go anywhere. When 2025.1 comes out and they return integers in the config values for the output device, this could be made a little easier (though I don't know if it will still translate the correct mapping into the MME device ID right), but at least it'll mean not needing to enumerate them based on string name. Right now it's a mess:
def enumerateWaveOutDevices():
devices = {}
count = waveOutGetNumDevs()
for i in range(count):
caps = WAVEOUTCAPS()
res = waveOutGetDevCapsW(i, byref(caps), ctypes.sizeof(caps))
if res == 0:
devName = caps.szPname.strip()
devices[devName.lower()] = i
return devices
and then later:
" devices = enumerateWaveOutDevices()
log.info("Enumerating devices for exact match:")
for dn, did in devices.items():
log.info(f"Device '{dn}' = ID {did}")
if val in devices:
matched_id = devices
[val] log.info(f"Matched exact device '{val}' to ID {matched_id}")
return matched_id
else:
log.info(f"No exact match for '{val}', using WAVE_MAPPER")
return WAVE_MAPPER

"
So yeah. All because NVDA's config can return a string. The fuck.

Unknown parent

mastodon - Link to source

Tamas G

nah. MME is getting deprecated in 2025.1 in favor of Wasapi-only.... To them its use is considered legacy unfortunately. And it doesn't help that we cannot pipe the BestSpeech audio directly through Nvwave, because it's another window and handle entirely, it's not as easy as just passing the parameter for the buffers and the dll returns audio to that player object. Gosh my life would have been a dream with Bestspeech if it were that easy.

mastodon - Link to source
For anyone who is up for debugging Python code on a Saturday afternoon, please help me get a working copy of BeStSpeak working on NVDA: eurpod.com/BestSpeak.nvda-addo…
Notes:
- This block the main window thread somehow still, so NVDA thinks it has a dialog open. Consequently you cannot change back to your synth and will need to open NVDA.ini in notepad to change it.
- very basic, which means: No rate, pitch, or other synth settings implemented yet.
This entry was edited (1 year ago)
in reply to Tamas G

mastodon - Link to source

Jack-Frostodon

Interesting. The speech synth window bug specifically affects use of ctrl+nvda+s. But getting to it through nvda settings ends up working, and even allowing you to change synths. However, even when the synth switches back, ctrl+nvda+s is broken for the remainder of the nvda session. Ctrl+insert+s also somewhat works with inconsistent success, however getting to synth settings through nvda settings is consistently successful. Hopefully htis helps to isolate the issue somewhat.
This entry was edited (1 year ago)

mastodon - Link to source

The 2024 Godot showreel is finally out 🎥

Thank you to all the ones who submitted a project and wishing you good luck for the next ones. We plan on include more people in the voting process, so stay tuned to hear more about that next year.

#GodotEngine #godot

youtube.com/watch?v=n1Lon_Q2T1…


Godot Engine – 2024 Showreel

0:00 PVKK - https://store.steampowered.com/app/2956040/PVKK_Planetenverteidigungskanonenkommandant/0:07 Megaloot - https://store.steampowered.com/app/2440380...
YouTube
#godotengine #godot

mastodon - Link to source

Když tedy @archos rozjel českou instanci #PeerTube - vhsky.cz, přemluvil jsem Petra Šimáčka, aby tam dával svá skvělá videa o městské cyklistice. Pomohl jsem mu s přechodem z #YouTube a teď tam najdete vše, co Petr za ten více než rok vytvořil: vhsky.cz/a/mestskacyklistika/

Vím, že se tu o cyklistiku zajímá dost lidí, tak dejte @mestskacyklistika follow, ať Petr vidí, že je tady taky publikum. 😉

#cyklistika #kolo #biking


Městská cyklistika

Tipy a triky pro městskou cyklistiku. Jsme parta kamarádů, kteří jezdí do práce na kole. Šetří nám to čas, peníze a zlepšuje kondici. Pojďte to zkusit taky a odpoledne už nebudete muset jít do Fitk...
VHSky
#peertube #youtube #cyklistika #kolo #biking @Archos @Městská cyklistika
in reply to Milu P. Pragerova

mastodon - Link to source

Radomír Žemlička

@Milu Zkus přímo @mestskacyklistika_vse (resp. vhsky.cz/c/mestskacyklistika_v…)

Městská cyklistika

Tipy a triky pro městskou cyklistiku. Jsme parta kamarádů, kteří jezdí do práce na kole. Šetří nám to čas, peníze a zlepšuje kondici. Pojďte to zkusit taky a odpoledne už nebudete muset jít do Fitk...
VHSky
@Milu P. Pragerova @Městská cyklistika
This entry was edited (1 year ago)
in reply to Archos

mastodon - Link to source

Jiří Eischmann

Registrace je potřeba, to je mi jasné. Jde mi o to, že by ty registrace byly otevřené, ale ve výchozím stavu by uživatelé nemohli vkládat žádná videa, jen komentovat, sledovat, dělat si playlisty. A nějakou kapacitu na vkládání videí by dostali až po žádosti a schválení.

@aikencz @Milu @Razemix

@Milu P. Pragerova @Lukáš Jelínek @Radomír Žemlička
in reply to Radomír Žemlička

mastodon - Link to source

Archos

Řeknu, ale jen když se mi nebudete smát 😄😄😄

Sensitive content

@Milu P. Pragerova @Lukáš Jelínek @plactagonic @Jiří Eischmann @Radomír Žemlička
in reply to Smoon

mastodon - Link to source

Archos

@smoon jj teď už jo 😄😄
mastodon.arch-linux.cz/@archos…
@Milu @Razemix @schmaker

Archos

2024-12-15 13:50:01

mastodon - Link to source

@Razemix
On tam byl nastavený limit registrací na 10 uživatelů a
@plactagonic byl přesně 10 uživatel proto už víc nešlo. 🤦🏽‍♂️🤦🏽‍♂️🤦🏽‍♂️ Stane se no 😄
@sesivany @aikencz @Milu

@Schmaker @Milu P. Pragerova @Smoon @Radomír Žemlička

mastodon - Link to source

Holy shit.

The Russian gov send in an abuse request for the @Bellingcat to be removed from mstdn.social :amaze:

I am not gonna comply, and have replied to Hetzner

No way I'm gonna let the evils of the gremlin dictate stuff on anything I host

UPDATE: Hetzner ignores their requests and we're in the clear: mstdn.social/@stux/11366257336…

We have received an abuse report from 398- fz@rkn.gov.ru for your IP address 49.13.236.103.
Notification is sent about a violation of the distribution of information posted at the following URLs (record ID: 1088855-HB): https://mstdn.social/@Bellingcat The hosting provider or another person ensuring the placement of the specified information resource on the Internet is obliged: 1) immediately after receiving this notice, inform the owner of the information resource about the need to immediately delete the information disseminated in violation of the law; 2) in case of refusal or inaction of the owner of the information resource to delete the information disseminated in violation of the law, after 24 hours from the date of receipt of this notification, restrict access to the specified information resource. The owner of the information resource is obliged to delete information disseminated in violation of the law within 24 hours from the date of receipt of the relevant notification from the hosting provider or another person. Sincerely, The Federal service for supervision of communications. information technology. and

stux⚡ (@stux@mstdn.social)

Attached: 1 image Nice!♥️ Got a reply and Hetzner just ignores the bullshit from the Kremlin Wish it where that easy with the war in Ukraine..
Mastodon 🐘
@Bellingcat
This entry was edited (1 year ago)