Show more

Then compare this to getting package updates via the official repositories, which includes a wide array of proven techniques for securely shipping software packages and . In addition, Debian has good track record over decades. In most setups, I think it is safe to enable the "unattended-upgrades" package which automatically downloads and installs updates for the majority of packages in Debian. This is the best choice for users who do not have the means to do further examination

Another key discussion area for is a updating the libraries that they use in their app. Ideally the developer would review all source code changes that the lib update includes. This rarely happens in practice, and we see lots of apps inadvertantly include malware via libs that have been taken over. for example portswigger.net/daily-swig/pop This is where devs should be thinking about how much they trust lib authors to maintain secure accounts, domain names, upload processes, etc.

#Mastodon is hiring!

› Remote-only
› Full-time

Looking for:

› DevOps Engineer
› Product Designer

It could be you! Apply now:

joinmastodon.org/careers

This is the year, folks. I know some of y’all are already there.

Surveillance footage of Tesla crash in San Francisco’s Bay Bridge hours after Elon Musk announced “self-driving” feature theintercept.com/2023/01/10/te

@jack "Updates" also means distros pulling in new upstream versions. The update maximalists often complain that stable distros do not update their packages often enough. That is a technical discussion, which is also good to have in public. "Updates" is a tricky word too, since in American English, it is a variety of meanings while some languages have adopted "Updates" to specifically mean end user software updates. I'm a native American English speaker, sometimes I forget those differences 2/2

@jack I agree that end users who do not look into their software providers should just install updates. That does not mean that we should ban all other discussions about updates, which it sounds like you are recommending. It is dangerous to lull people into complacency to just accepting the status quo because they are not technical. If someone feels threatened, they can also seek out expert advice for things they do not understand. "Updates" also has differences in meaning based on context 1/2

@jack I can't imagine a reason why knowing your software providers is a bad practice, that's what I'm talking about. You can tell Bruce Schneier that "Security is a process, not a product" is bad advice, since I was quoting him. Stable release processes are very much still a thing, as are running releases. The security properties of each have key differences.

Phil Ting's #FreedomToWalk Act is now law in California. You can cross the street anywhere as long as you're not creating a hazard.

#Jaywalking, the fake "crime" created by automobile industry lobbying to blame victims of #TrafficViolence, no longer exists in California.

Enjoy your freedom to walk! ktla.com/news/california/new-l

There seems to be a common mode of thinking about these days that is something like "updated software is always best". I agree there is some truth to that, but it is unfortunately not that simple. Most vulns were introduced in an update, they were not there from the beginning. "Security is a process, not a product", so how the software is developed changes the relationship between updates and , e.g. software that never issues stable updates vs. software with stable releases.

@jeffalyanak I can compare Vienna, New York, and the Bay Area, since that's where I've lived. Accessibility in mass transit in CA and NY is terrible, that's clear. In Vienna, it works well and is also still being improved (the last of the unaccessible trams and buses will be replaced by 2026) : visitingvienna.com/transport/a

Like @amaditalks recommended, accessibility is built into the process, it is not punted to external "advocacy" organizations.

@amaditalks @jeffalyanak I agree that when living in a city built for cars, it will be hard to get around without one, no matter one's abilities and disabilities. There are many cities around the world with the car is not the focus, and looking at those cases, it is pretty clear that a good, car-free design disadvantages the fewest people. This kind of design does disadvantage cars, but cars are not people. Cities built around cars have a much steeper slope to reach effective car-free areas.

I guess I left out my personal motivation: as the father of two curious boys, I'd love for the to be a place of free exploration again, like I first experienced it in 1994. It is far too easy for an 11 year to find things they can never unsee, or really even understand. And even worse, lots of it is coming from services that are literally trying to hook people and get them addicted.

Show thread

The real power to control the problems related to porn comes from the payment. If sites can't accept credit cards or build substantial advertising businesses, there will be much less money going to middlemen. For me the open question is how much to be concerned about also making it harder for the performers to get money //

Show thread

That could then mean that something like pornhub can't really exist, since they make money as middlemen or really they are a kind of pimp. Or what if copyright did not apply to porn, but only something like the part of French "droit d'auteur" copyright law where the "author" has certain inalienable rights over the material. That could be used to maintain control over the images of one's own body. I would like to see something like that since it would make the worst porn much less accessible 4/

Show thread

My gut instinct is that porn is never really a good thing. But I don't have much knowledge on the subject to say conclusively. Seeing that there are unions for sex workers in the US makes me think that at least some sex workers think it is a good thing. Of course, being abused, forced, tricked, etc. is always bad. So I was wondering if the same general Austrian policies for prostitution might work for porn: considered a job in the eyes of the state, the workers get the money, no pimping, etc 3/

Show thread

I wonder how effective porn bans in Asia and Africa are? Is it simply a question of making it illegal? Some country's free speech laws would prevent that, like the US 1st Amendment. I think economic regulation would be legal basically everywhere. In Austria, prostitution is legal and highly regulated, and it seems quite successful at harm reduction, at least compared to New York, where it is fully illegal. I'm guessing though, based on what I've seen on the streets, and read in the news. 2/

Show thread

A strange confluence of recent events has me thinking about the of . Through legal research for porn/gambling/etc regulation for F-Droid, I saw that porn is illegal in most of the world. Then hearing about 11 year olds I know accessing pornhub scared me and made me hate the internet. It is far too easy to access porn these days. Now, a famous man was arrested for human trafficking, and I read about the "loverboy method", which requires the trafficker spend money up front. 1/

@jeffalyanak the concept of accessibility advocacy groups. automatically externalizes the concept of accessibility into something that people who are not a part of the process advocate for rather than people who are central to the process are making a reality. That’s a giant no. Not acceptable.

@shortwavesurfer2009@social.freetalklive.com yeah that's a good reason, I'd love to see support Google devices better, we welcome contributions there. Since we're focused on , and ROMs provide a first class user experience for F-Droid, that is where we have focused our limited development resources.

Show more
image/svg+xml Librem Chat image/svg+xml