Show more
Hans-Christoph Steiner boosted
Json Doh  

WTF Google Play?
You're drunk, #PlayProtect. Go home!

"Harmful app removed. #KDEConnect. The app is fake. It can steal your personal data, such as banking info and passwords."

@kde ftw
#DeleteGoogle #KDE

1+
Hans-Christoph Steiner  

When organizations that use maintain the packages they use in Debian, the whole ecosystem gains. The more organizations that do that, the more efficient the whole ecosystem becomes for all users. Here's a recent example from :

f-droid.org/2023/10/10/f-droid

I'm a Debian Developer, I'm happy to help get organizations working in this way. Reach out if you're interested!

0
Hans-Christoph Steiner  

" may be exaggerating a bit here. It wants to provide a safe experience, but in 2022 the company still removed 186,195 apps that had been previously approved. So its review process has some gaps."

theregister.com/2023/10/09/app

I hope the will keep the pressure on like and give app stores the opportunity to compete with Apple by providing more trustworthy reviews that include reviewing the source code.

1
Hans-Christoph Steiner boosted
Michael Downey 🚩  

🌍 Unsurprisingly, neocolonizers #Google, #Facebook, #Microsoft, and #Amazon are rushing to control connectivity and infrastructure across #Africa.

💰 #DigitalSovereignty for Africa? Not likely anytime soon: We can't even escape them in the US or Europe given their corrupt regulatory capture.

african.business/2023/07/techn

0
Hans-Christoph Steiner  

hardware maker is laying off staff! That is great news, that is a clear sign that people are pulling back from Bitcoin. And they couldn't pivot to , so perhaps another good sign.
theregister.com/2023/10/10/bit

0
Hans-Christoph Steiner  

It would help if people showed their interest on the issues there. It can be just a 👍 or even better, post about your use cases

Show thread
0
Hans-Christoph Steiner  

Perhaps the most difficult case ever for packagers: They do all the things that make packaging a nightmare:

* Build the tool with itself
* Circular dependencies: Gradle needs to build which needs Gradle to build...
* Depend on snapshots to build releases, but then they don't keep a way to reproduce the snapshot releases github.com/gradle/gradle/issue
* Java-style bundling of all dependencies
* Hidden proprietary depends github.com/gradle/gradle/issue

thanks ebourg for keeping on!

1+
Hans-Christoph Steiner boosted
Moritz Bartl  

Empathy in open source: be gentle with each other · baby steps

"#Empathy is not about being nice or making the other person feel good or even feel better. Being empathetic means understanding what the other person feels and then showing them that you understand.

Understanding what the other person feels doesn’t mean you have to feel the same way. It also doesn’t mean you have to agree with them, or feel that they are “justified” in those feelings."

by @nikomatsakis

smallcultfollowing.com/babyste

0
Hans-Christoph Steiner boosted
The Citizen Lab  

🚨🚨WE URGE EVERYONE TO UPDATE THEIR APPLE DEVICES AS SOON AS POSSIBLE.

We have found an actively exploited #zero #click vulnerability that was used to deliver #NSO group’s #Pegasus #spyware citizenlab.ca/2023/09/blastpas

1+
Hans-Christoph Steiner boosted
SwiftOnSecurity  

UX designers who eliminated the filesystem from user consciousness in name of simplicity ruined the world and are morally culpable for shriveling minds of children who are unable to tackle the challenges of today thanks to a choice sold as advocacy for the user but was ultimately motivated by control of a disempowered customer.

1+
Hans-Christoph Steiner  

"This bug also shows that we have an over-reliance on for security assurance of complex parser code. Fuzzing is great, but we know that there are many serious security issues that aren't easy to fuzz. For sensitive attack surfaces like image decoding (zero-click remote attack surface), there needs to 1) be a bigger investment in proactive source code reviews, and 2) a renewed focus on ensuring these parsers are adequately sandboxed." blog.isosceles.com/the-webp-0d

0
Hans-Christoph Steiner boosted
Jan Schaumann  

Uhoh, looks like #libwebp might have had additional security fixes _after_ the release of v1.3.2, which was what OS vendors use to address #CVE-2023-4863:

github.com/webmproject/libwebp

openwall.com/lists/oss-securit

If so, then we're seeing the shellshock effect, where discovery of one issue gets everybody's attention on it to quickly discover additional problems, so maybe expect follow-up releases.

#webp

0
Hans-Christoph Steiner  

The vulnerability CVE-2023-4863 demonstrates a huge advantage of the "distro" approach of shipping software, like pushes so hard to deliver. We see a mad scramble for many software vendors to ship with the patched version of . In the distro model, the patch is shipped in the single lib package, then all of the software automatically uses the safe version. This leads to shorter times to get fixes to users with much less work overall.

1+
Hans-Christoph Steiner  

I just read this op-ed about the intelligence of (its 6 months old). It is the best piece I've read so far that demonstrates how things like can bring in "banality of evil" amoral decision making where humans would be troubled by the moral issues in the situation.
nytimes.com/2023/03/08/opinion

1
Hans-Christoph Steiner boosted
Meredith Whittaker  

I'd LOVE more serious journalists digging into the recent proliferation/funding of these advocacy orgs, who use stirring tales of harm to push for surveillance, w/o engaging with ppl/orgs who do front line service work for victims (and generally reject these narratives)

Show thread
1+
Hans-Christoph Steiner boosted
David Zipper  

Visiting the Norwegian city of Bergen, I cycled along a stunning 3-km bike path blasted through a mountain.

It's the longest bike tunnel in the world -- and a centerpiece of Bergen's plans to reduce driving.

I wrote about it in Bloomberg CityLab.

#norway #bergen #bike #cycling

bloomberg.com/news/features/20

1+
Hans-Christoph Steiner  

I was in a European city new to me at an event where the planners assumed that Uber and Bolt where the only taxi options people would use. I asked for a taxi phone number, called and had a car in 5 minutes. That's much quicker than the account signup, and leaks much less private data. Taxi apps are not more efficient, horrible for privacy, and their business model is based on building a monopoly. I guess fancy UX in the apps really hooks people, or I'm missing something

sfchronicle.com/opinion/openfo

1
Hans-Christoph Steiner  

Fluss

1
Hans-Christoph Steiner boosted
European Commission  

Alphabet, Amazon, Apple, ByteDance, Meta, Microsoft

These are the first 6 companies designated as ‘gatekeepers' under the Digital Markets Act.

They have 6 months to ensure their core platform services comply with our rules, including:

✔ Allowing users to unsubscribe and remove pre-installed services
✔ Allowing the download of alternative app stores

❌ Banning tracking outside of their services without consent
❌ Stopping ranking their products more favourably

europa.eu/!NbfBbn

#DMA

1+
Hans-Christoph Steiner  

Another problem that often goes ignored is how less attractive countries can keep the people that they have paid to educate. I know this first hand because my father was a doctor who was educated by the social system of including an annual stipend that he lived off of, then he left for once he finished his studies. Austria paid to educate a doctor but got little in return. This dynamic is common around the world, medical pros from poorer countries emigrate to richer ones. 3/3

Show thread
0
Show more

fdroid

71

debian

38

privacy

15

guardianproject

1

gnu

1
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml