Old Fucking Punk @lwriemen@librem.one

Goodbye Craig Maloney @craigmaloney
Blog post: https://www.davidrevoy.com/article1021/goodbye-craig-maloney

@BjornW

@Mer__edith was making the point that the quietly abusive nature of Jia Tan's interactions with Lassie Collin, which would have faced a healthy rebuke in other cultural groups, was able to guilt-trip the poor M.Collin in a moment of weakness because such entitled demands on FOSS devs/maintainers are alas quite common, and sometimes (too often) validated by other persons intervening in public FOSS discussions, to the extent that it takes a lot of mental energy to deny them.

https://www.nzherald.co.nz/nz/a-country-is-not-a-company-and-a-prime-minister-is-not-a-ceo-chloe-swarbrick/3USXRUBPIZERJDH2EJ73RIFUKY/

In 2024, 40 years on from the 1984 Rogernomics reforms, it’s time for an economy that serves both people and the planet - not the other way around.

#nzpol

Anyone looking for someone to do some web content management work for them?

Kim just finished a Datascape Do It Online form-building contract with Kapiti District Council and is looking for more of the same.

Umbraco, Wordpress, Drupal, forms, Datascape, etc. Remote work, contract or ad hoc. Message me.

“This [proposal] turns the City of Atlanta into an open-air prison for everyone on electronic monitoring,” EFF’s @cooperq told the Atlanta Community Press Collective. https://atlpresscollective.com/2024/04/01/atlanta-police-foundation-pushed-unprecedented-surveillance-plan/

Are you experienced with GTK and Rust ? ❤️

We are looking to contract someone to work on the new GNOME Password Manager 🔑

We want it to become a core/default app and help secure millions of users.

You'll be working with the GNOME Foundation, a non-profit dedicated to building emancipatory technologies for everyone.

Please send resume / portfolio to stf@gnome.org

Boosts welcome

#GTK #Rust #rustlang #GNOME #Linux #Ubuntu #Linux #Fedora #OpenSUSE #Debian

“This is really just a high-tech way of gathering intelligence on people exercising their First Amendment rights under the pretext of public safety: it snoops on everyone, regardless of any connection to a crime,” EFF’s Dave Maass told the @WIExaminer. https://wisconsinexaminer.com/2024/04/02/milwaukee-police-seek-open-source-intelligence-tool-for-rnc/

just a PSA to anyone going to watch the eclipse, The American Astronomical Society says under no circumstances should you buy glasses from Amazon https://aas.org/press/american-astronomical-society-warns-counterfeit-fake-eclipse-glasses

Here's a fun AI story: a security researcher noticed that large companies' AI-authored source-code repeatedly referenced a nonexistent library (an AI "hallucination"), so he created a (defanged) malicious library with that name and uploaded it, and thousands of developers automatically downloaded and incorporated it as they compiled the code:

https://www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/

1/

Over the last couple of weeks we migrated Karrot over to @Codeberg - GitHub had been feeling a less and less fitting home for the project.

So our new code home 🏠 is https://codeberg.org/karrot/

We also took the opportunity to refine our release process, so now our container-first releases are over here https://codeberg.org/karrot/karrot/releases - being built using Codebergs CI.

Here's to our bright new Codeberg future! ✨

March 31 was already significant to me because that's day in 1998 when I helped #Netscape Navigator become #OpenSource.

Now this day has a whole new meaning for me as a #transgender woman. And it's my first #TransDayOfVisibility that I celebrate publicly since coming out to everyone on June 21 of last year.

To all my #trans siblings, I see you. Even if complete visibility isn't possible for you right now. You still matter. You're still loved. And you're still trans. Never doubt that. 🏳️‍⚧️🫂💖

Hello #Forgejo admins

We've published a post regarding the impact of the xz backdoor (CVE-2024-3094) on the Forgejo project.
https://forgejo.org/2024-03-xz/

#xz #cve20243094

It's fine to have inconsequential kinks. Positioning, spacing, indentation...

But not everyone is into the same stuff. So if you want someone else to participate in them, make it as easy as possible to adjust. Nobody enjoys repetitive, thoughtless manipulation.

Even (or especially) if there's money involved, do you want me to waste my time on something a machine could do?

...

PLEASE, if you enforce a coding style, GIVE ME A FREAKING LINTER.

#coding #programming #OpenSource #contributing

Allowing private businesses’ Terms of Service to dictate our Fourth Amendment rights is absurd and impracticable. https://www.eff.org/deeplinks/2024/03/eff-asks-oregon-supreme-court-not-limit-fourth-amendemtn-rights-based-terms

Hey funders,

You know you could just... give... the money... to projects that need it. Like software libraries that ARE IN EVERYTHING.

No grants. Don't make tech nerds write grants.
Don't make the tech nerds hire grant nerds to write grants.

FFS don't fund research into this problem with a budget of double what it would take to SOLVE THE PROBLEM for a significant number of open source projects with code that is, again, IN EVERYTHING.

#xz

I feel like a lot of liberals and progressives have been fooled into supporting state repression of free expression by the whole "Russia stole the 2016 election via online disinfo and social media shitposting" narrative. Well guess what peeps? We live in a two party system in which Dem control of gov't is followed inexorably by Repub control. Signing off on gov't censorship when it seems to suit your politics will always backfire.

https://lpeproject.org/blog/social-media-authoritarianism-and-the-world-as-it-is/

I'm sorry ya'll, but the people developing this tech are idiots. The people deploying this tech are idiots, and the people trumpeting the power of this tech are, unsurprisingly, also idiots. [NYC AI Chatbot Touted by Adams Tells Businesses to Break the Law]
https://www.nakedcapitalism.com/2024/03/nyc-ai-chatbot-touted-by-adams-tells-businesses-to-break-the-law.html

Heads up for distro maintainers:

gnome-session 46 dropped support for the `--systemd` option.
(https://gitlab.gnome.org/GNOME/gnome-session/-/merge_requests/93)

So if you want to use #phosh with gnome-session >= 46 make sure to drop that option from `/usr/bin/phosh-session`. A point release fixing this is in preparation: https://gitlab.gnome.org/World/Phosh/phosh/-/merge_requests/1387 . Until then the safest thing is to stick with gnome-session << 46.

Small thing that I have found missing in the current discussion around the xz debacle:

If a project that you have an interest in has already a problem with maintainer capacity, probably the worst solution is to just add a maintainer (and even worse doing it in a rush).

You don't need to arm-twist the overworked maintainer in sharing power, you can just start doing non-binding reviews, answering questions and offloading other work from the maintainer(s).

Whenever security incidents happen, you always see certain vendors take part in ambulance chasing: blog posts that talk about how *their* product could have prevented it.

I've come to expect it from commercial vendors, but I didn't expect OpenSSF to do it, especially when their charter is precisely to prevent things like this from happening in exactly these kind of under-resourced-but-important projects.

https://openssf.org/blog/2024/03/30/xz-backdoor-cve-2024-3094/