0daysto.live

0daysto.live

0daystolive | @[email protected]

Opinions are those of my employer.
Computer Hacker.
Work @ https://sorcery.ie
Blog @ https://0daysto.live

who decided on the name Secret Santa when Nondisclosure Claus was right there for the taking

@PogoWasRight if the compromise of one worker leads to the entire company going under I don't believe you "did everything right". It doesn't even sound like the worker was an IT admin so they didn't follow the Principle of Least Privilege and internally the network was insecure.

@roolyaboolya what part is non-deterministic? Is it the surplus ballot redistribution when candidates reach the threshold?

@ghouston @briankrebs Parkinson's Law of Triviality

Bluesky and the Fedi: It's VC vs. DIY and you can't underestimate that distinction in your comparisons

Bluesky received $35 Million in a year.

"The Fediverse" as a whole, may have managed to acquire a grand total of $500k in investment from individuals and nonprofits over the past eight years.

Mastodon itself has like 3 paid devs. None of them are getting rich.

Things just are not going to move at the same speed or at the same scale--and they literally can't, because the money isn't there.

It's the difference between VC-funded and volunteer-funded and any discussion or comparison to platforms needs to fully internalize that this difference does matter.

It's like wondering why the local bakery can't compete with, I dunno, BreadMax, the franchised international bread consortium with a store on every corner.

This isn't to say there aren't cultural differences, but ultimately it just feels like a much different conversation.

New person joins Bluesky and no one really talks about the infrastructure because you can't just "host your own," not really. Hosting your data isn't the same as hosting the "means of posting and discoverability itself." Moderation isn't outsourced in the same way as it is to every individual server admin here.

Also, a person joining Bluesky can be like, "WTF devs?" and devs who are literally working fulltime, every single day, with no side projects or silly distractions like "needing to support themselves with a job to live" to take away their focus from building the thing, will build the thing.

And "the thing" will materialize, as if by magic. Wow, when you fund a development team and dedicate them to a task and when the millions fall from the fucking skies, it's amazing what you can do!

Isn't it, though? If you put money behind a dev or design team, suddenly stuff starts happening.

The problem comes in trying to look over here at Johnny's little Snac activity pub server and mocking it and going, "Damn, Snac, get it together. Bluesky has quote posts already. And where's your reply control?"

And the Snac dev/devs (I am just picking one project at random) look up and go, "Uhhhh, I don't actually WORK for you. Evidenced by the fact that you aren't paying me a goddamned thing to work on this, so I'll get to your concerns eventually, but watch your fucking tone or make your own or just fuck off, I don't care."

And people will go, "Damn, this place is rude."

Well.... YOU are kinda rude too, you know? I even do this to some degree and it's not okay.

Like when I complain about Mastodon, I'm basically demoralizing a (largely unpaid) team who is drastically underfunded for the scale of projects against which they are competing.

We just don't have millions of dollars to fuel development. Lots of times, it's people building the shit for free. So I get that you're mad that we're not farther along, and that stuff moves slowly, and whatever, but it's hardly a surprise that a team with access to millions of dollars is moving more quickly than a space with development funded largely--although not entirely--by people working for free.

And, I dunno, when you come into the house of people working for free to build a thing and you yell at them about the thing, it hits a lot differently than when you're yelling at a company with millions of dollars in the bank and the resources to do the stuff you want at the speed of the market.

Reminder: RFK Jr caused a deadly measles outbreak in Samoa that killed 83 people, mostly children.

RFK Jr and his non-profit visited Samoa to lobby the government and spread misinformation that reduced measles vaccination rates.

He may now lead the top US health agency.

Chart: Samoa Measles Vaccine Rate

> There are no official bilateral relations between the People's Republic of China (PRC) and the Holy See. The Holy See instead recognizes the Republic of China (Taiwan) as the representative of China ever since the establishment of relations with the ROC government in 1942.

erm based

speaking about the Deutsche Bahn like one would about a god of travel:

  • "if the Bahn wants it, I shall arrive at dawn"
  • "may the Bahn grant you swift travels"
  • "our travels shall be guided by the Bahn's mercy"

This evening I saw "Inhumane Zones", an exhibition of Forensic Architecture's work documenting the Gaza genocide @ Echo Correspondence in Vienna. Harrowing testimony from medics treating civilians with horrific injuries. FA are doing important work in documenting war crimes against civilians.

A significant step to have this exhibition in a country where many people are either in denial that these crimes against humanity are taking place, or worse, try to justify them.

https://www.echocorrespondence.com/program/forensic-architecture-inhumane-zones

A bill called the ‘Stop Resistance Activities by Federal Employees Act’ was introduced in the House yesterday. It covers federal employees at or above GS-15 and would impose very serious penalties for “opposing, obstructing, or impeding lawful directives from the President, Vice President, or any other political appointee”.

The language is….well it’s fascism. And I’m not exaggerating. And maybe it won’t pass this time, but we all see the trend.

https://pfluger.house.gov/uploadedfiles/strafe_act.pdf

@gabriel @GossiTheDog 18TB of sensitive customer data != Storage space available on the machines. Also != Total data on the machines. Hardly (?) anyone deploys honeypots that size with believable data in them.

@GossiTheDog their software must be filled with issues 👀

China successfully compromised for months the infrastructure used to do wiretaps on the AT&T and Verizon networks.

This is a huge "told you so" moment for the cryptographic community that has been saying that such infrastructure does present a huge risk to national security. China reportedly used this capability for intelligence collection, obviously without a warrant ...

https://www.wsj.com/tech/cybersecurity/u-s-wiretap-systems-targeted-in-china-linked-hack-327fc63b?st=C5ywbp&reflink=desktopwebshare_permalink

German concept of "Gefährder", which criminalizes you on the assumption that you COULD commit crime in the future, was quietly extended to the EU with an informal definition of “potential terrorist”.

Council „created space for a new, informal practice. It will likely permit the collection and sharing of data on far more people than those involved in terrorism and violence.“

This will at first affect refugees and climate activists. Ultimately you.
@statewatch report:
https://www.statewatch.org/news/2024/october/eu-definition-of-potential-terrorists-opens-door-to-broad-information-sharing/

you can check this yourself here: http://z-lib.org

I do not think these people are cybercriminals. They are the best we got to help information preservation (next to the Internet Archive) in the 21st century.

The fact they had to mention that these people are Russian also strikes me as odd. They don't even seem to be government affiliated, I'm pretty sure the FBI would've said so if there was even a slight hint of that.

While OpenAI can freely use all copyrighted material and make billions off of it, these people giving it out for free are supposed “criminals”. Aaron Schwartz didn't die for this.

@Viss @by_caballero @kissane @fediversereport You could use Pleroma which is written in Elixir if you wanted to avoid nodejs and ruby on rails

@roolyaboolya Big Toothpaste have got their teeth in everything

A submission to the parliament from our Amnesty Austria colleagues on the Staatsschutz- und Nachrichtendienstgesetz, Änderung, which would (re)-introduce the use of spyware by the state

https://www.parlament.gv.at/PtWeb/api/s3serv/file/579efb23-118d-4964-966e-bd669cf60593

I'm pretty sure there's a term for this

A NEW ERA OF SABOTAGE

Israel’s presumed attacks in Lebanon were more psychological than strategic, creating fear that ordinary devices can become miniature grenades.

Ah, so regulations like GDPR hobble the competitiveness of EU tech startups, but giving their US competitors secret tax deals doesn't? Got it

Âť