Show more
Old Fucking Punk boosted
dorotaC  

@Codeberg I think it would be a very good first step. There are good reasons for not internationalizing domains. That's all because the namespace owner does not vet the entries.

In case of projects belonging to a user, the user *does* control the entries, so I'm not seing any downsides.

0
Old Fucking Punk boosted
varx/tech  

I've published my first version of the debugging tool that causes large corporations to scream and run away:

crates.io/crates/breakmancer is a *secure* reverse shell, allowing you to drop a breakpoint into any build script.

Your build can pause, reach out to your laptop and let you poke around, and then resume where it left off. Incredibly useful.

It's written in Rust and uses some basic libsodium cryptography to secure the connection. I'd like to get a security audit (any volunteers? it's a pretty small program!) and expand to include plugins for languages that support REPLs, such as Python, Javascript, and Clojure.

Show thread
0
Old Fucking Punk boosted
Kevin Beaumont  

Can’t find my thread to update it, but after a Chinese company acquired Polyfill.io last year (embedded in over 100k websites), it has started serving malware to users of said websites - prepare to be surprised.

sansec.io/research/polyfill-su

#threatintel

1+
Old Fucking Punk boosted
Simon Willison  

Worth grepping your source code for "polyfill.io" and taking urgent measures to remove that code if you're linking it into your site - the domain name apparently now intermittently serves malicious JavaScript

My notes here: simonwillison.net/2024/Jun/25/ - or read this article sansec.io/research/polyfill-su

1+
Old Fucking Punk boosted
Paul Guinnessy  

More than 60% of those surveyed said they posted fake jobs “to make employees believe their workload would be alleviated by new workers.” 62% of companies said another reason for the shady practice is to “have employees feel replaceable.” #Work #WorkLifebalance #Hiring #Jobs qz.com/companies-posting-fake-

1
Old Fucking Punk boosted
Codeberg.org  

@dcz Would it help if repository names would support more characters, while profile and org names would not?

This might be actually worth a consideration.

In recent years, there have been a lot of attacks by using lookalike unicode characters, so although technically feasible, many fear to accept non-ASCII characters.

But since repositories of the same author already induce a certain trust, it might be worth taking that one step.

Happy to start the conversation about this in#Forgejo.

~f

1+
Old Fucking Punk boosted
Ral  

Releasing the #KiCad files for my #HDMI signal tap and proxy PCBs to the public.

The git repositories are on my #codeberg (Do clone with submodules!)

Tap:
codeberg.org/ral/hdmi_signal_t

Proxy:
codeberg.org/ral/hdmi_signal_p

0
Old Fucking Punk boosted
juliaro  

@ludicity You're right, I'm sorry. My nerdiness is more around crochet, origami and graphic novels. But may I entertain you with my rage cartoon on "AI"? It's the least I can do after the laughs I got from your article buttondown.email/juliarodraws/

1
Old Fucking Punk boosted
PM Press  

Learn more by reading the linked solidarity statement from Weelaunee the Free: weelauneethefree.org/solidarit

Purchase an @nobonzo designed “In Defense of the Forest/Stop Cop City” benefit tee. Proceeds support the Atlanta Solidarity Fund: pmpress.org/index.php?l=produc

0
Old Fucking Punk  

@mhoye Even without AI, whenever the message isn't directly recorded by the producer of the message, it is subject to transmutation. e.g., spellcheck is an early example of the evils of AI combined with transmutation. The children's game of telephone (aka chinese whispers) shows how AI doesn't need to be involved.

0
Old Fucking Punk boosted
mhoye  

An AI thing I'm watching play out at another org:

1: Expert A, with a deep understanding of a nuanced and difficult problem answers a question they've been given, presenting several choices.

2: Director B, recipient, uses an AI to summarize it and then runs it up to leadership saying, "A says this." That generated summary is subtly and very wrong.

3: A is now being held responsible for plans made based on B's AI-generated and very wrong rewriting of his recommendations.

Fun times.

1+
Old Fucking Punk boosted
Electronic Frontier Foundation  

For the first time in the Espionage Act's more-than-100-year history, the U.S. has obtained an Espionage Act conviction for basic journalistic acts, EFF’s @davidgreene told the @nytimes of Julian Assange’s plea deal. “These charges should never have been brought.” nytimes.com/2024/06/24/us/poli

1+
Old Fucking Punk boosted
mk zariel.  

Signal boosting for a dear friend #anarchist #mutualaid #wekeepussafe #disability #queer

0
Old Fucking Punk boosted
Max  

AI time wasting 

1
Old Fucking Punk boosted
Prof. Sam Lawler  

Worst part of updating my talk: looking up how fucking many more Starlink satellites there were than last time I gave a version of this talk. 200 more than a month ago. Fuck.

There are now 6,209 Starlinks in orbit, fully 62% of the 10,009 active satellites in orbit.

All of these "fully demisable" Starlinks are planned to burn up and deposit their metal in Earth's atmosphere. I just saw multiple 100-pound pieces of another SpaceX "fully demisable" rocket, so I'm sure it'll be just fine.

1+
Old Fucking Punk boosted
Dan Gillmor  

Those supposedly libertarian cryptocurrency boys are going with Trump. Of course they are.

citationneeded.news/issue-60/

The hypocrisy is a given. But in one key way it's a natural match, given all the sleaze in the sector and Trump's endless corruption.

1+
Old Fucking Punk boosted
Dan Gillmor  

Hong Kong's government is controlled by Beijing. It has adopted the dictatorship's paranoia, and is systematically erasing human rights.

The rulers are now ordering citizens to smile more to bring back tourism. This is not a joke.

sg.news.yahoo.com/hong-kong-te

I've been to HK many times over the years, and can assure you that the residents' occasional rudeness is not the reason I'm unlikely to return.

When Beijing stops abusing their rights, I'll be back.

1+
Old Fucking Punk boosted
dorotaC  

"Repository name should contain only alphanumeric, dash ("-"), underscore ("_") and dot (".") characters."

Hot take: we're too attached to the #Latin script. It's a historical accident that I can't call my #Git repo "привет" on a code #forge , and it's pushing a cool part the native cultures of billions of humans to the margin. Git itself can do it no problem!

And why should Дима switch to Latin for naming project if John doesn't switch to #кириллица anyway?

#Forgejo #github #gitlab

1+
Old Fucking Punk boosted
Rich Puchalsky ⩜⃝  

the sickest burns are also completely accurate

1+
Old Fucking Punk boosted
Freedom of the Press  

BREAKING: Justice Dept. and Julian Assange reach plea deal in case that threatens press freedom

Our statement: freedom.press/news/justice-dep

1
Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml