Pinned toot

"IBM wanted CP/M prompts. It made me throw up."

- Tim Paterson

tallship boosted
#Wake_the_fuck_up people!!!

All hail the great #Faceplant :P

I would love to hear what happens to anyone who dares to repost those graphics to their Faceplant or #InstaSPAM pages Muahahaha!

If you do, let us know, m'kay?

https://gizmodo.com/signal-tried-to-run-the-most-honest-facebook-ad-campaig-1846823457

There's plenty of viable de-centralized social and communications platforms (secure too) that shield you from such instrusive raping of your most private secrets, and even what you publicly expound.

#Epicyon, #Pleroma, #Friendica, #Lemmy, #Misskey, #Diaspora, #movim, #matrix, #XMPP, #GNU_Social #Writefreely #jujeune #planetary (#scuttlebutt), and even using your own email services in defiance of what the great Spamming Google gmail engine virtually demands that you not do; are all very viable and privacy respecting opportunities to meet and make new friends, acquaintances, and forge business relationships with others who you'll know are already concerned with privacy respecting communications technologies.

I'll just let that, and the previous advertisements that exposed the private information about people using InstaSPAM and Faceplant users speak for itself.

Kudo's to #Moxie_Marlinspike - You go girl :)

#tallship #Vger #privacy #security #tracking #you_are_the_product



.
tallship boosted
tallship boosted
tallship boosted
tallship boosted
tallship boosted
GET THE #FLOC OUTTA HERE!!!!

I mean, even the term, "Cohorts"... don't you think that sounds kinda ominous?

A friend sent me this **All in One** cheat sheet link, and I encourage everyone to incorporate it and avail themselves of it:

https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network

Already, #Vivaldi said recently this is a no-go for their browser - keep an eye on your preferred #browser to see how respecting of your privacy they are.

#tallship #Vger #security #privacy #advertising #spyware #tracking #evil



.
tallship boosted
Okay I got my notification yesterday from #Debian and #Slackware, and I bit my tongue for a day on this one, because it is potentially so catastrophic. I migrated all of my Exim servers to Postfix and good ole Sendmail quite a few years back.

Now that the news itself is in the wild I'll link to an article:

https://dailyuknews.com/tech/21-nails-in-exim-mail-server-vulnerabilities-enable-full-remote-unauthenticated-code-execution-millions-of-servers-at-risk/

#tallship #Vger #security #vul #MTA #exim @OpenSource

Please patch your boxes yesterday, if not sooner, and make sure you subscribe to ALL security lists for the software you run, m'kay?



.
tallship boosted
@dheadshot @eric @OpenSource

Yes, and let's not forget Microsoft who, last time I checked (going out on a limb here) got about $6 for every single Android sold - due to their Patent trolling.

A humorous aside, "/e/", aside from being a pain in the ass to search on as a term, if you ask a Ham Radio operator, will tell you that it can be correctly pronounced:

"Marky Mark" :P
tallship boosted
tallship boosted
For consideration by the privacy conscious folks out there, tired off being raped wholesale by the Google silos...

Before I begin this little phone rant, haber you read the great news about #Vivaldi categorically rejecting Google's latest insidious advertising scheme? I wonder if #Firefox will need able to resist? They get a lot of their dev money from Google y'know 🤘😎🤘

Okay then... What are some kewl choices that help protect your privacy where phones are concerned?

There's https://puri.sm/products/librem-5/ it's got physical switches to turn off the cellular radio and can even be completely removed and replaced (for a different IMSI - not to be confused with #IMEI which is tied to the SIM).

The battery is removable as well - w00t !! So not even the NSA can turn your phone on remotely lolz, and it will accept a whopper 2TB Micro-SD.

Do you ever lie awake in bed at night wondering why you can't get a phone with a removable battery?

I don't either anymore!

There are other physical kill switches that can turn off GPS, Wifi radio, and the mic/camera.

Imagine that though... Changing out your #IMSI in less than a minute without changing your OS or three configs for your installed applications! That's the one thing you can NEVER change on any other phone - meaning, there's no such thing as a #burner_phone (meaning, swapping out SIM cards is pointless) and anyone who thinks so.... OkayI'll be nice (I'm practicing being family friendly.... at least part of the time). But now there is a true burner phone, you quite literally can swap that puppy out Easy Peasy!

There's also the Pine Phone:
https://www.pine64.org/pinephone/

The #Pine_Phone is privacy respecting in the sense that it isn't actually an Android by any measure at all, but rather, a handheld Linux computer (pick your distro, I prefer #Slackware or #Debian). It can also function as a phone secondarily. I use a small #Bluetooth keyboard that can switch between three devices, and that would be a really handy setup for this er... phone, right? ;) Or you can use a full sized wireless combo keyboard/mouse and monitor for a #Linux box that fits in your pocket when you walk away from your desk.

Do you need it to do something really special? Tell me, what can't you do with a real Linux machine? Okay, you can't chop 🪓 🪵 wood or do laundry.

Really though, how kewl is that???

Neither are the best of any world though, but they are best in breed IMNSHO.

Let's look at pure #Android solutions now, k?

For #ROMs I prefer #CalixOS:
https://calyxos.org/
https://invidious.fdn.fr/watch?v=jdazCQemwqQ&local=true

A de-googled #Pixel 3 XL with 128GBytes of storage is a pretty good and inexpensive platform for this which your can pick up all over #eBay for really cheap

It uses the #Aurora repo/store for closed source proprietary software (so you're de-googled) and of course you use F-Droid to install #FOSS or get the #APKs directly from the devs at their #Git repos (best way for some software, like #Fair_Email, for example).

There's also #GrapheneOS (https://grapheneos.org/), and it has a lot of supporters, but I don't find it as performant as CalixOS. Both are, however, fantastic.

Here's a tidbit about the so-called #MiFi pucks that you're entitled to when you're a member of the #Calix Institute... You're listed as Calyx Institute to the broadband provider - only you and the #Calyx_Institute know your identity because it's on their bill lolz, and that's kept secret and has never been compromised, because they maintain an active warrant canary. 🐦 So if you use one of those and a #Librem_5 with the cellular radio turned off or removed, and using your own #Asterisk server for #VoIP, you're truly just an IP addy surfing the internet while you're talking on the phone.

Of course... You'll need to do all this without your Candy 🍬 Crush. But... There's always APKPure in conjunction with #NetGuard from F-Droid 😉

I hope that helps! Please feel free to share this around with a #boost to raise awareness that, well... All is not lost, and #damn_the_torpedos!

And remember, you can haz #Cheezburgerz! 🍔

#tallship #Vger #OpenSource @OpenSource @eric



.
tallship boosted
@Aeron

Aside from not being aware of what "vfv" refers to, I concur wholeheartedly.

I basically believe that anyone worth interfacing with will reside in a place where it's safe (not a great choice of a word, but for lack of a better term it will suffice) for me to interact online.

I also believe that abandonment of non-privacy respecting monolithic silos as a practice, while at the same time participating and publishing in an environment that is primarily #FOSS based, and privacy respecting. For social systems a distributed model that federates with other independently operated instances, I see it as a critical mass building event - When others see that they're missing out and want to belong somewhere (the reason they stay at #FacePlant, #Twatter, and #InstaSPAM in the first place), they will come.

In the meantime, I've got plenty of friends, associates and colleagues to keep me occupied so I know I'm not missing out on anything - **ESPECIALLY** because I existed online back when the only connection methods were through the use of 300 BAUD acoustic couplers. So anything more advanced than that and a Z80 or 8080 on an S-100 Bus is a total win for me lolz :)

Not to imply that we need to trick people, but getting back to that whole Zoom bullshit, If I'm going to have a video meeting conference, what I do is tell people and either send the invite from my NexCloud calendar or via direct email. I tell them, "Hey at such and such time we're doing a video conference and here's the link :)"

"Oh! We're doing a Zoom call? Cool!"

I say nothing. Let them think whatev...

They don't know the difference from one URL to another anyway, and then when they land, they invariably say, "Wow this is really neat, where did you come across this?" As if it's something novel lolz.

BBB and Jitsi have a zero learning curve onboarding, the average, naïve user simply needs to click the link and then following the event they now have that in their vocabulary.

#tallship #Vger



.
bbb.png
tallship boosted
@0 @gdroid

You're very welcome!

And K9 mail is great stuff too.

One thing I would urge you to pay attention to, without going into a whole dissertation, is that with Fair Email, there are basically three versions.

1.) Google Play store - some features may not be present due to Google's rules, plus the whole signing issue I've ranted on over the last couple of days where they can alter your code and redistribute it (ATM, only *new* apps, but later, everyone's)

2.) F-Droid - The dev considers the F-Droid version current if it is the current version at his GitHub repo. There's a couple of particulars to this.

a.) They sign the compiles with their key so some parts are excluded (Google parts for autoconfig, etc., coz Google only allows one key, that of the dev's, to be used in a version that includes their stuff)

b.) Many devs create an F-Droid compatible repo so you can enable that repo and use the dev's compiled version via your F-Droid client for updates, etc. to use those versions, you must first uninstall whichever version you have installed and then install the Dev's F-Droid compatible repo, and pull down from the top of the screen for refreshes, etc., like with any other app.

3.) Most FOSS projects have a Git repo where you can get the APKs directly and install them from their official releases signed with their keys. But Fair Email is different, in that most projects you have to manually install newer versions (Why most devs use an F-Droid repo of their own) - Fair Email's apk checks the dev's GitHub repo for updates and the app can actually update regularly whenever there is a new release directly from the GitHub repo - that's pretty kewl.

Also, remember that the Google features which are crippled/absent/disabled in many of the official F-Droid apps? This version is signed with the dev's creds so all of the Google features are enabled (Like autoconfig of gmail aliases, etc.).... But there's more.

Aspects of the client that aren't permitted to be included in the Google Play Store version can also be included in the GitHub version because not only is it signed with his creds, but also, it's not being distributed from the Google Play Store so like, with other apps where say, OAUTH stuff is taken out, or whatev, such is not the case with this one - i.e., it has everyting, is the most current, automatically checks for updates and installs them if you wish, etc., etc., etc.

So I recommend, at least with this application, installing directly from:

https://github.com/M66B/FairEmail/releases

The latest version, "FairEmail-v1.1554-github-release.apk" a/o the time I'm posting this, was released just 10 hours ago - that coffee's still fresh and hot lolz.

The dev states that the only thing enabled in his version that isn't included in the Play Store version is Android Auto integration....

I dunno about reading email while driving though, that doesn't sound to safe lol.

And I was also under the understanding that the OAuth support for gmail was missing because it wasn't signed with the dev's keys, but perhaps I'm mistaken there?

There is a couple of major things to note, however:

First, uid/pwd access is going away in gmail soon (for GSuite/Google Apps for Business/whatev you wanna call it) - so one must use OAuth to authenticate with their gmail accounts (Like I said, I could swear the F-Droid version *couldn't* have this because they sign with their keys, not the dev's himself)

Second, I strongly recommend that people, in almost all use cases, DO NOT enable Google's "Advanced Protection Program":

https://landing.google.com/advancedprotection/

If you do, not only can you not run third party email apps (this is not just a gmail thing, mind you), there are many applications you won't be able to install and run - it is far reaching with sweeping ramifications.

Anyway, I run the GitHub version and yes, it's an absolute dream!

The home page on the web with lots of kewl screenies and links to many of the resources is here:

https://email.faircode.eu

So my post turned out to be a virtual dissertation anyway. Oh well ;)

@OpenSource #FairEmail #FOSS #OpenSource #tallship #Vger



.
tallship boosted
Well shit howdie!

Reports are starting to trickle in now about how this has actually been in the wild for a while and now folks are experiencing active exploits and being #pwn3d.... Not good, even for a shitty software platform that NO ONE should be using in the first place - What are you thinking?

Le's see... um.... #NextCloud_Talk, #Matrix, #XMPP, #Big_Blue_Button, #Jitsi - there's no shortage of #self_hosted #secure #FOSS solutions so, bottom line:

If you EVER use Zoom, you're a fucking idiot!

#Zoom no can haz #Cheezburgerz 🍔

#tallship #Vger #zoom #rce #vul #exploit



.
zoom_no_can_haz_cheezburgerz.jp…
tallship boosted

@Mastodon @Sujitech_official @lickability I seriously hope accessibility is a priority in the official app. We don't need another Reddit, where blind users *have* to download a third-party app just to use the service well.

#a11y #blind #accessibility

tallship boosted
**Please Boost** :)

#FOSDEM 2021 presentation by #Stephane_Bortzmeyer, the author and maintainer of the #LUPA statistical analysis engine, on #Project_Gemini, it's explosive growth, and in depth demonstration of the origin, utility, and usage of #Gemini_space.

https://gorf.tube/videos/watch/cf88a4cc-1c06-468c-a7db-74b0c3442b64

#tallship #Vger #Gemini You can haz #Cheezburgerz! 🍔



.
tallship boosted
tallship boosted
tallship boosted
@oppen

It simply is what it always has been :)

As a longtime solution provider, for decades myself, I learned early on that there really is not so much a notion of *problems*, as there is the, #Opportunity_for_Solutions.

It is what it is, and I'm confident in my belief that you've discovered a new opportunity and can develop a viable solution within the confines of the #Gemini spec.

You can still find folks selling #ASCII art portraits at the local Saturday morning swapmeets - they take your photo and then print a coffee cup, or mousepad, and these files can be further manipulated online, even generating #QR_Codes from the artwork. They were indeed not designed for proportional spacing, and #ANSI art is on the rise again as well.

If nothing else, these ASCII-art headers are a hat tip to a kinder, simpler computing environment, while these screen readers you've mentioned are quite probably an example of dismissive arrogance that condescends from the same lofty perch that the big monolithic silos sit upon, as they beautify the intricately complicated monetization, slaughter, butchering, packaging, and distribution of the target commodity we call people, but they call inventory.

Yup, this same pretty #Dopamine delivery system that actually spawned something like #Project_Gemini in the first place, with its simple plaintext files that beg the acknowledgement of those #ASCII_Art banners - the same ones you see in every #IRC network, #UNIX #MOTD, #Gopher, and #FTP servers around the globe (not to mention the thousands of extant #Echomail based file sharing network systems or the signature line artwork that plaintext based email users incorporate).

If there's indeed a problem here, one might propose that it stems from the lack of regard for the concept of backward compatibility in contemporary tools predicated on, and intended for use in, an environment where the only truly important thing is to facilitate the cannibalistic feeding upon of the users themselves in a market based economy of total consumer consumption.

And I don't mean the consumer consuming, but rather, the consumption of the consumer.

#They_eat_their_young.

There's a lot you can do client side with Ariane I think?

Love your work by the way!



.

#tallship #Vger #FOSS #1965
randomTemp12093934181916801955.…
tallship boosted
tallship boosted
Something has been bothering me for a while (years, actually), and it's privacy related in the sense that someone can use a privacy concious search utility like Duck Duck Go or Startpage, and yet still only be handed the sanitized results that meet the objectives of the companies stealing the privacy of individuals in the first place.

It is a zero sum game - you're still packaged and quantified. You're still getting the results that you were bought and paid for in the first place.

Examples:

* You affect a search for a hotel room in some town you plan to visit in a few days. Travelocity and like sites come up, but the bed and breakfast you probably would have chosen is buried on page four of the SERPS. They're also listed in one of the directory services on page one that, if they didn't already pay for, would leave their website buried in oblivion - even though booking directly would cost less than the megaopolis sites that extort them at the peril of being driven into bankruptcy, and never mind the money that they spent on SEO for their own website.

* You do a search for a plumber. That's local to you, right? And even though the plumber had a website, that too is buried under several pages of directory indexers like Yelp - even below their own GMB (Google My Business) page, which of course, is down in page two or three of the #SERPS. Big wealthy plumbing companies with marketing departments dominate Yelp anyway, add have dedicated staff to solicit ratings and okay the rank game with Yelp and other directories, so you never actually reach the vendors that you actually would have chosen.

They get fucked in the ass and so do you.

What if...

There was a #search_service that utilizes something like startpage or DDG , yet filtered out all of those big monolithic motherfuckers that are running the equivalent of modern day #protection_rackets, threatening to crush the Ma & Pa plumbers and motels and other small businesses that no matter what, never will appear on page one of a Google or Bing search?

What technology exists to build this, and how stable and effective might it be?

Your thoughts? Suggestions? Expertise in implementing such a fair and equitable service?

I'd really like to open a dialog about this. We have Nitter, and Yotter, and Invidious, and Bibliogram. These seem to address one aspect of how we are tossed into the chipper and then reconstituted as Soylent Green. It's freaking cannibalism, if you think about it.

So what initiatives, dialogs, discussions, or projects might we be able to deploy with the long range goal being the, #disruption_of_the_corruption as a viable solution?

#Please_boost, and I'm so very interested in hearing your input.

Thanks, and I guess that helps! :)



.

#tallship #Vger #FOSS #LibreSearch
randomTemp16645347990549432608.…
Show older
Mastodon @ SDF

"I appreciate SDF but it's a general-purpose server and the name doesn't make it obvious that it's about art." - Eugen Rochko