he/him/his, cis, gay, husband, Beagle chew-toy, JavaScript jockey, Rustacean

  • 56 Posts
  • 100 Comments
Joined 1Y ago
cake
Cake day: Apr 06, 2021

help-circle
rss
> It sounds like something out of an urban legend: Some Windows XP-era laptops using 5400 RPM spinning hard drives can allegedly be forced to crash when exposed to Janet Jackson's 1989 hit "Rhythm Nation." > >But Microsoft Software Engineer Raymond Chen stands by the story in a blog post published earlier this week, and the vulnerability has been issued an official CVE ID by The Mitre Corporation, lending it more credibility.
fedilink

> It sounds like something out of an urban legend: Some Windows XP-era laptops using 5400 RPM spinning hard drives can allegedly be forced to crash when exposed to Janet Jackson's 1989 hit "Rhythm Nation." > >But Microsoft Software Engineer Raymond Chen stands by the story in a blog post published earlier this week, and the vulnerability has been issued an official CVE ID by The Mitre Corporation, lending it more credibility.
fedilink

> Australian police last month arrested the man, now 24, and identified at least 201 of his Australian customers, in an investigation that began in 2017 and involved a dozen law enforcement agencies in Europe and Australia, and information provided by Palo Alto Networks and the FBI. The case underscores the sheer scope of the market for stalkerware—the app, costing just $35, was sold for seven years before law enforcement shut it down. Tens of thousands of victims were spied on, police said. Its customers included domestic violence perpetrators and even a child sex offender.
fedilink

> Australian police last month arrested the man, now 24, and identified at least 201 of his Australian customers, in an investigation that began in 2017 and involved a dozen law enforcement agencies in Europe and Australia, and information provided by Palo Alto Networks and the FBI. The case underscores the sheer scope of the market for stalkerware—the app, costing just $35, was sold for seven years before law enforcement shut it down. Tens of thousands of victims were spied on, police said. Its customers included domestic violence perpetrators and even a child sex offender.
fedilink

Perhaps what we could do is have a preference that is like Firefox’s privacy settings (standard versus strict), as a way for the user to tell NetworkManager their risk-appetite and which set of default behaviours is more appropriate?

It would be even better if this was a system-wide


> In the longer term, the community should pool know-how and effort to elevate the professional artist workstation experience on Linux to be at least on a par with, and hopefully exceed, Windows and macOS. New virtualization and containerization technologies should enable more flexibility, and increased interoperability, so that studio workstations with different operating systems can more easily co-exist with each other. Software vendors and studios should work together to ease the adoption of Linux for studios that want to increase its use on workstations. Finally, better community coordination can help increase the ease and frequency of software updates. This would help the whole community to adopt new capabilities more quickly, and use more recent releases that offer better security, performance, and functionality.
fedilink

> Regulators must take more effective voluntary actions against harmful content and adopt moderation frameworks that are consistent with human rights to make the internet free and limit the power of government agencies in flagging and removing potentially illegal content.
fedilink

Look, everything here is a good suggestion for someone who knows what they are doing, but all of them have the potential to have some impact on the user experience in a variety of negative ways


MAC addresses should be randomised by default, but only when scanning and when connecting to untrusted networks, but how do we know that a network is untrusted? Many newer open networks (e.g. at restaurants, resorts, hotels, parks, etc) use a WPA2-PSK instead of an unencrypted captive portal, so it’s not true that a WPA2-PSK means a network is trustworthy

So, we’d have to prompt the user to ask them, but now we need to explain the risks and why they should care, and we now also need to help inform the user and offer to reverse this choice if it’s not compatible with the network they really want to join


The UX for dealing with all of these suggestions becomes complicated pretty quickly

A privacy-minded person will appreciate the extra knowledge of what their system is doing, but someone trying to switch from Windows or macOS is probably going to be confused unless developers spend a huge amount of time considering every possibility (spoiler: many won’t)


Alternative title: please make it impossible to get normal people to like Linux


I think another thing that confuses me here is the use of the phrase “own the libs” by right-aligned communities, what is meant by this phrase?


Thanks, I was a little confused about liberalism and the way it relates to libertarianism

I think I often consider liberalism and social liberalism to be closer than they actually are


Imagine being a greedy criminal who is so powerful that you can hold the economy hostage, and force the government to turn a blind eye
fedilink

I dearly wish Google would switch back to contextual advertising, and then add proper tracking protection to Android and Chrome out-of-the-box

It’s frustrating knowing there are talented security-minded and privacy-minded folks at Google who aren’t allowed to ship any code that would jeopardise the money tree


> In my spitball theory here — which I think Heer shares — App Tracking Transparency is not the cause of Facebook’s troubles, but just an extra kick in the pants as they stumble downhill toward legacy media irrelevance — a decline that was in the making years before “Ask App Not to Track” was in our vernacular.
fedilink

I don’t want to hear anything at all from libs and conservatives about how people are brainwashed in socialist countries when we have to put up with this.

I don’t think “libs=liberals” makes sense in this sentence, liberals tend to be in favour of democratic socialism and social justice

“libs=libertarians” makes way more sense (to me), because libertarians and conservatives work together to vote for right-wing parties, and right-wing politicians are always screeching about how bad socialism/communism is





Hypothetical: Apple's "Find My" network as a proper mesh network used as an alternative to cellular/ISP networks
Probably not an original thought, but I'm just thinking about how Apple originally wanted nothing to do with cell carriers and for the iPhone to use WiFi instead, and how 15 years later we have Apple's "Find My" network It would be neat if e.g. iMessage (starting with text-only messages) worked peer-to-peer via this decentralized mesh network, only using carrier/ISP networks as a fallback And it'd be even better, of course, if such a mesh network was as broadly-deployed and yet operated by a community of individuals/volunteers, on hardware of their choosing (e.g. cheap single-board computers instead of Apple iDevices) It reminds me of the zero-trust mesh networks that are described in science fiction like [Cory Doctorow's "Walkaway"](https://bookwyrm.social/book/137722/s/walkaway)
fedilink

Cory Doctorow: A modest proposal to fix contracts
Companies persuade us to accept bespoke agreements like EULAs that have us waive our rights, this happens all the time now There's an idea here to force companies to provide the default law-provided contract terms as an alternative to the bespoke agreement (which often requires customers to shed their rights), and to tax companies the difference if they financially incentivize customers to choose the bespoke agreement But many services offer free services to their users in exchange for data So, could we take the tax idea further, and assign a dollar value to personal data, so that companies that harvest personal data have to pay more tax?
fedilink

PGPP | What Is Pretty Good Phone Privacy?
Fascinating service, just wish I was in one of the available countries
fedilink

PGPP | What Is Pretty Good Phone Privacy?
Fascinating service, just wish I was in one of the available countries
fedilink

https://twitter.com/gitlab/status/1555325376687226883

We discussed internally what to do with inactive repositories. We reached a decision to move unused repos to object storage. Once implemented, they will still be accessible but take a bit longer to access after a long period of inactivity.


> Most neurosurgeons are already up to speed on the basic approach required to put it in, which reduces a high-risk surgery to a procedure that could send the patient home the very same day. “And that is the big innovation,” Kording says.
fedilink



Pluralistic: 25 Jul 2022 – Why none of my books are available on Audible
> When Amazon announced its Audible acquisition, they promised that they would remove DRM from the Audible store, and I rejoiced. Then, after the acquisition…nothing. Not a word about DRM. The Amazon PR people who'd once enthusiastically pitched me on Amazon's DRM-free virtue stopped answering my email.
fedilink

Pluralistic: 25 Jul 2022 – Why none of my books are available on Audible
> When Amazon announced its Audible acquisition, they promised that they would remove DRM from the Audible store, and I rejoiced. Then, after the acquisition…nothing. Not a word about DRM. The Amazon PR people who'd once enthusiastically pitched me on Amazon's DRM-free virtue stopped answering my email.
fedilink

Yeah, I think there are some cases where it’s a performance thing, sure: e.g. a list that displays a few hard-coded common options, and is repopulated with personalised options once they’ve been fetched from a back-end



UX rant: interfaces that rearrange right before you tap
Why is it not common UX practice to start ignoring user input prior to rearranging the UI, and only responding to user input once the layout has settled and perhaps after a short delay? It's very frustrating to reach for an option in a list, only to have the list repopulate just as I tap, inevitably on an undesired option I'm not even talking solely about web design: even the Google Cast destination picker does this and it's native Android code Has Apple solved this over in iOS land?
fedilink


I’m still a subscriber, and I greatly prefer the user experience of Netflix (as imperfect as it is) compared to Disney Plus or Amazon Prime Video, or even YouTube

It’s almost as though nobody at these companies even tries to use their own apps


spoiler: they want to keep abusing LGBT folks but, thankfully, it looks like more folks support banning conversion therapy, fingers crossed this ban is signed into law
fedilink

Yeah, we need the different architectures to be roughly equal in market share, so architecture-specific problems like this don’t hit everyone

I’m wondering if we’ll see designs shift away from speculative execution in general, in order to avoid this entire class of attack?


On the plus side, it’ll make surveillance capitalism and user-hostile design more visibly obvious

However, instead of custom Android distributions or even Linux phones, I predict this will more likely increase iPhone sales instead




Could be that there are enough middle-boxes inspecting/manipulating plain-text traffic? And those boxes do nothing (or do less) when the traffic is encrypted?