Kyle Rankin @kyle@librem.one

@jeremiahlee Cloudflare says they don't sell it for ads, but to answer your question in general, the value is the association of a series of websites with an individual, even if you don't know *who* the individual is.

Advertisers find a lot of value in "someone who likes X also likes Y but doesn't like Z" so that when they do have a target in mind that likes X, they know to market Y to them but not Z. This is why social graphs are valuable--friends/colleagues often share preferences.

@zeh This is why Purism incorporated as a Social Purpose Corporation, specifically so we could put our social purpose ahead of profits.

@jeremiahlee it's your entire browsing history. Every site you visit. Very valuable data and their privacy policy is vague about which data they keep indefinitely, so you focus on the "24hrs" part.

Why is it that the best minds in our industry seem unable to improve security without creating products that coincidentally give their employer more control over people and their data? Vendor lock-in is preventing real innovation in infosec.

Ask yourself why all these companies are fighting each other to be your default DNS provider. Why do their "privacy" solutions always give them your data instead? It's valuable data and it's easy to control it yourself. #privacy https://www.linuxjournal.com/content/own-your-dns-data

Disappointed that Firefox is giving Cloudflare user DNS resolution data by default via DoH. I trust my ISP but if I didn't, I'd use a trusted VPN to protect *all* my traffic. DoH is just a DNS-only VPN. What's worse, if you do use a VPN for #privacy FF will still leak your DNS data to Cloudflare by default. https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/

"The researchers have named their attack NetCAT, short for Network Cache ATtack"

Seriously, netcat? I guess what they say about the two hardest problems in computer science is true... #infosec https://arstechnica.com/information-technology/2019/09/weakness-in-intel-chips-lets-researchers-steal-encrypted-ssh-keystrokes/

Marshmallow technique is important. Crisp, toasted (not burnt) outside, melted inside. #camping #smorn

The insult "ten miles of bad road" is much more devastating now that I've just driven ten miles of bad road. #vanlife

@okennedy That rules!

@dredmorbius I wish!

Check out my new pocket computer! Ok not exactly new, it's a Tasco Pocket Arithometer from the '40s. #vintagecomputers

ElasticCo made Elasticsearch an #opencore product w/ basic security features in a proprietary plugin.

Search Guard made basic ES security features an open core product w/ enterprise auth as a proprietary plugin.

ElasticCo freed code for security plugin recently and now accuses Search Guard of copying both proprietary and #FOSS code. #fossdrama
https://www.elastic.co/blog/dear-search-guard-users

@thibaultamartin The problem is that biometrics are not secret but are treated like they are. Unless you are a twin, your DNA is very unique, yet you leave copies of that everywhere. People focus too much on the uniqueness of a biometric instead of how easy it is to copy/approximate/fake.

There are three main categories of authentication:
Something you know
Something you have
Something you leave copies of everywhere you go.

I hope the hard seltzer trend means craft brewers will go back to making beer-flavored beer, but I fear it means they'll just add more soda flavors to IPAs.

Wow, Huawei just accused the US govt of launching cyberattacks to infiltrate its intranet and internal information systems: https://www.huawei.com/en/facts/voices-of-huawei/media-statement-regarding-reported-us-doj-probes-into-huawei (h/t @Viss and campuscodi)

@blacklight447 We disable PM on Librem One as it isn't actually private. Feel free to reach out to us on our community matrix channel though: #community-librem-5:talk.puri.sm

@blacklight447 It's not as bad as typing with a band-aid on my fingertip I suppose, but it would be if my nails were as long as is common among women around here. I'll get used to it, but it's definitely slowing me down a bit while I do.