on a device. 🙄
I still haven’t found a legitimate reason why Galaxy Store needs those permissions.

:blank: :balloonline_s: :blank: ALWAYS HAVE BEEN
:blank: :balloonline_s: :blank: :balloonline_s:
:beret_r: :balloonline_sw: :blank: :balloonline_se: :blackhat_l:
:body_phone_e: :blank: :blank: :blank: :body_s_w:
:legs_stand_e: :blank: :blank: :blank: :legs_stand_w:

Is privilege a driver of #privacy invasion? We think so.

With that said, desperation can be a factor. Not everyone that invades our privacy is doing so maliciously. Sometimes, their business is struggling to survive, and the idea that "we can stay afloat" if we learn everything about our customers seems like a no-brainer.

Marketeers tout this as the only way to win, and those desperate to stay in business fall prey to that philosophy.

It's as much on "us" to create new & ethical ways to win.

Our CEO just referred to SaaS as "Software as a hostage" and I think that's pretty spot on.

Of course, coronaviruses existed long before SARS-CoV-2. 😃

The point here is to say they have been really forward-looking by reserving a domain name for such a generic term.

notovirus.com, rotavirus.com, adenovirus.com… have also been existing for more than 10 years. Maybe one of them will become a familiar term one day.

Show thread

coronavirus.com redirects to a page by the WHO. Fine!

According to WHOIS, the domain name was created… back in 2002.

Registrar URL: uniregistry.com
Creation Date: 2002-08-13-T02:31:44Z

Got this on one of my domains:

From: <complicated address with @gwart.xyz>
To: postmaster@<mydomain>

This email is a harmless security check to your email system. It does not attempt to penetrate or circumvent your security measures.
To opt-out of these security checks please visit the opt-out link.
<link with a token ID containing my domain>

I suspect they want to see whether the mailbox is monitored, in case I would open their link.
What is the trick here exactly?

I’ve seen this often.

User sends a screenshot of her screen.

On the screenshot, you see a tab with a google search result page for "How do I take a screenshot?" 😃

If everything is fine with this RC, you can expect the final 0.21 release by the end of the week 🎉

Show thread

Failed exploit against our Mastodon server. SQL injection attempt, obviously.

@tux They seem to be interested in you. 😉

Why are we flooding your feed today? Because we feel we are entering into a perfect storm of privacy issues.

We believe that engaging in and out of our personal networks can help us correct course.

1. We have an unprecedented attack on #encryption, in the US with the EARN-IT act, and beyond.

2. Pervasive widespread person-tracking is being embraced by governments and the public, often unwittingly.

3. Fear may prompt the public to cling to ideologies that are injurious to #privacy.

There are great initiatives over here.

A local NGO named DigitalForYouth collects and refurbishes laptops and phones for low-income groups and schools.

Sadly, they seem to be completely adverse to the idea of using free software and will impose Windows 10 on every machine. 😞

The mobile app for Meet has been updated to 20.1 this week.

They fixed an annoying bug in the settings dialog. Entering a custom URL for the server was a real pain. Now it’s quite easy.

This is very good news. There are lots of Jitsi Meet instances around, and this setting is really useful. (And I had some friends about to give up only because of that poor usability problem.)

I learned something about NS, the Dutch railways: they use GNU/Linux for their info screens.

Slight misconfiguration here, though. 😉

has gone too big, it should become independant from .

That way, instead of we could start saying G-MAFIA. 😄

Matthias Kirschner (from Europe) raised an interesting concern during his talk.

Some people might say: "I want a restrictive to the software I’m writing, to prevent 'bad guys'—e.g. the military, the Mafia—from using it."

Bad idea: if people are killing other people, software licences are probably not something they would really care about.

Better stick with licences that do not impose personal views about who and what purposes. (Copyleft is important, though.)

It is interesting to see how attacks are quickly mutating.

Today, hundreds of "GET /.aws/credentials" requests started popping up.

Show thread

In the past hours, I have seen a large number of requests in my log.

"GET /.env HTTP/2.0" 403 146 "-" "curl/7.58.0"

Hundreds of bots looking for the file, then going away. Most addresses resolve in compute.amazonaws.com

They are very obviously trying to get a config file. Is it still that old Laravel ?

#fosdem is around the corner. I've been attending since 2004. If you do anything computer related try to attend once in your life.
Show more

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!