I never joined circles, but it sounds like they got that aspect right.
I post different topics on different social media sites. Sometimes I'll do #nostr exclusives, even of the message is appropriate everywhere.
NGL though, I do ActivityPub exclusives far more often because they have the ability to make followers-only posts.
Maybe some nostr dev will add a feature that gives a "friend of Dr Hax" key to everyone I approve and let me effectively post just to those people.
Bonus points if there are multiple (Friend, family, bitcoin buddy, decentralized networking pals, etc.).
Why isn't Sideband in the default F-Droid repos?
Do they not meet the requirements? I can open a ticket about it (there isn't one), but figured I'd check here to see if someone knew the answer off the top of their head.
https://github.com/markqvist/sideband
#sideband #decentralize #distributed #decentralized #network #LoRa #Meshtastic #privacy #freedom #tech #Fdroid
If anyone wants to #repair an amazingly high quality drill, I have this Craftsman Model 315.10491 that I will give you if you pay shipping.
The inner coil is shorted out and I don't have the chuck, other than that it seems fine. The catch, and the reason I'm not keeping it and fixing it myself, is that replacement parts aren't available. So you'll have to track down another broken drill with a different problem and combine them.
Also, I already have 3 working drills and don't really need another. I just don't want to see something so well made end up being completely trashed for one bad part. They don't make 'em like they did in the 60s!
Oh and USA only, I'm not dealing with customs paperwork over this.
#tools
Whenever you hear about some vulnerability, some of the questions you should ask yourself:
1. How long has that been there?
2. How many other places in the code has this or something similar happened that just haven't been found yet?
3. Why wasn't this caught in code review?
4. Why wasn't it caught in automated testing?
5. Why wasn't it caught in manual testing?
6. Will any of the above things be improved to catch future vulnerabilities before they make it into a release?
These are at least as important as:
A. How would I know if I were exploited?
B. Has anyone seen this being exploited in the wild?
C. Is there a public exploit for this vulnerability?
And if the answer to #6 starts with "We take security very seriously...", consider switching to something else. That's a huge red flag that the PR department is the one responding to the vulnerability.
#security #infosec #cyber #cybersec #cybersecurity #privacy #vuln #vulnerability #exploit
MasterCard just paid 2.65 billion dollars for a threat intelligence firm.
It's amazing people will pay so much to learn about the payloads of yesterday and not invest comparable amounts in finding the vulnerabilities of tomorrow.
#infosec #security #ThreatIntel #vulnerability #research #tech #IT
This is why I don't allow anyone to get an account on our GitLab server unless they're highly trusted.
In my case, I also don't give the CI runner access to any secrets or access to deploy anything, so I'm nit too worried, personally.
But I will still push for better transparency.
I fight for the user!
Greetz from Urbana-Champaign. 👋
A bug in #GitLab that, according to GitLab's write up, "allows an attacker to trigger a pipeline as an arbitrary user".
Does this mean an attacker could create a pipeline job to extract secrets and then run it as another user?
GitLab won't say. They just say the attacker can #exploit this #vulnerability "under certain circumstances". Not much #transparency for something they consider a "critical" vulnerability.
Before someone tells me thay it's open source and I can just read the source code, just stop. You're missing the point. The point is that people who write up announcements like this should be communitating to other server operators what the actual risk is. Do I need to shut down the CI runner until I can get someone out of bed to patch this? How can I find exploitation in the logs or be completely confident my server wasn't exploited?
#security #infosec #cyber #cybersecurity
"[ SHARE ] Are You #Developer Interested In #Anonymity / #Darknet / #Censorship Resistant / #FreeSpeech #freedom #Technology?
🧄 🔐 I2P Can Use New Applications & Maintainers (I2P messengers, etc)
By @sadiedoreen@mastodon.social (I2P team) - reach out, can confirm friendly! 🤓
Great opportunity to collaborate, on an uncompromising, principled #anonymity network, w/active dev OVER 20 years! 😀
➡️ If not, share this toot. Help spread the word!"
#I2P #internet #anonymous #code #privacy
Everybody knows Hot Dogs & Bologna are junk food!
Except that they're not!!
Watch: https://youtu.be/7ucwXstr0M4
🤣 Oh yeah, super healthy with the corn syrup, modified food starch, "flavorings", sodium nitrate, etc.
Would you support the idea of making the requirement physical strength and reject people who don't meet that requirement and accept people that do, regardless of gender?
The kale is off to the races! Cilantro and celery have yet to sprout.
#hydroponics #gardening #food #foodstr #SelfSufficiency
If you turn down the air conditioning, does it get hotter or colder in the room?
I'm #dehydrating another batch of fish, hungarian and jalapeño peppers again.
Last batch of jalapeños (now about half gone):
#garden #gardening #dehydrator #food #foodstr #prepper #prepping #homestead #homesteading
