Show more

Risk of socially engineered backdoors in critical software seems like an indictment of open-source projects, but it could happen anywhere, EFF’s Molly told @theintercept - in fact, this one was found only due to the project’s open nature.
theintercept.com/2024/04/03/li

We have 4 new open calls for funding for projects that contribute to an open, trustworthy, human-centered internet. Projects must be free and open source and papers published

Deadline is June 1, 12.00 (noon) CEST
#NGI0 #opensource

If you love plants, this newsletter is for you. My guest editor this week is Vikram Baliga, host of the podcast Planthropology, my colleague at Texas Tech University and all-round lover of all things green.

Learn how an abandoned coal mine has been turned into a community garden, why it matters that prairies are at risk, whether you really should be putting shells on your tomato plants like little hats like the viral video tells you to do (no!), and how growing things yourself + with others is an amazing climate solution we can all be part of.

As always, please read and share! talkingclimate.ca/p/the-plant-

@NGIZero Thanks for acknowledging my application!

One "but". You wrote

"You've applied to the Mobifree Fund, which is focused on the Android ecosystem."

except nlnet.nl/mobifree/ doesn't contain the word #android. I had an "oh sh-" moment because my project is about #linuxmobile .

Who's wrong, the web site or the email? You might want to fix one.

“This is the clearest picture that we’ve gotten of how cell-site simulators are operated, installed, and sold to police in years,” EFF’s @cooperq told @HorizonMass. “There absolutely needs to be case law requiring a warrant for a simulator.”
horizonmass.news/2024/04/03/fe

#gmobile 0.1.0 is out. Besides adding support for a new device (Xiaomi Mi A2 Lite) it's also now a shared lib (as updating it in >5 projects became cumbersome):

gitlab.gnome.org/World/Phosh/g

Contest cultures ("constantly prove you belong! Prove you're smart! Everything here is a dog eat dog competition!") tear people down under the guise of "toughness" and "identifying brilliance." In psych, we know this is destructive to long term sustainable work and mastery. We know it's systematically leveled at marginalized folks more.

These beliefs are at the heart of it all. This cannot be what we continue to let define who belongs in technical work and cultures.

mastodon.world/@Mer__edith/112

Microsoft and its 722 advertising/spying partners would like you to use the new Outlook web software. ghacks.net/2024/01/12/proton-m

If you're in Europe you can say no easily. If you're not, good luck.

if you've taken a weekend-long shot of "open source library security is bad", here's a "closed-source cloud security is a wreck" palate cleanser for you:
cyberplace.social/@GossiTheDog

Just to clarify things a bit, so people understand the scale of this...

As of today, I've discovered and reported vulnerabilities in court platforms from eleven(!) separate vendors, with another in a records request platform by one of the same vendors.

There are a large number of vulnerabilities in four(?) more platforms from some of those same vendors that will be reported this weekend.

The consequences of these vulnerabilities are exceptionally severe. I'll avoid the need for a content warning by saying that some of the documents that are available are life-threatening and some involve children; a reply to this post will have such a content warning.

There is a dire need for publicity of this knowledge, so that people can protect themselves, vendors can be held accountable, and real change can be made to solve these systemic problems.

It's still shocking to me that so many people and organizations turn down covering this story or outright ignore me. I've been told several times to call a reporter once it's being actively exploited. If you've been in the industry for very long (as they have), you know that we must assume, with or without direct evidence, that if we've found something -- trivially, I'll add -- that somebody else more nefarious already has as well, and will be abusing it to the fullest.

Show thread

The western evangelical money going into homophobic laws all over Africa isn't discussed enough.

"Who organised this summit of hate? The World Congress of Families (WCF), an elite international network led by US & Russian ultra-conservatives and best known for publicly & militantly opposing LGBT rights and abortion – though its members are also against contraception, comprehensive sexuality education (CSE), divorce, single mothers and multi-generational households."

opendemocracy.net/en/5050/god-

@BjornW

@Mer__edith was making the point that the quietly abusive nature of Jia Tan's interactions with Lassie Collin, which would have faced a healthy rebuke in other cultural groups, was able to guilt-trip the poor M.Collin in a moment of weakness because such entitled demands on FOSS devs/maintainers are alas quite common, and sometimes (too often) validated by other persons intervening in public FOSS discussions, to the extent that it takes a lot of mental energy to deny them.

NZPol " A country is not a company and a Prime Minister is not a CEO" - Chloe Swarbrick 

Anyone looking for someone to do some web content management work for them?

Kim just finished a Datascape Do It Online form-building contract with Kapiti District Council and is looking for more of the same.

Umbraco, Wordpress, Drupal, forms, Datascape, etc. Remote work, contract or ad hoc. Message me.

“This [proposal] turns the City of Atlanta into an open-air prison for everyone on electronic monitoring,” EFF’s @cooperq told the Atlanta Community Press Collective. atlpresscollective.com/2024/04

Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml