Parienve @Parienve@qoto.org

Happy Friday everyone!

As a reminder, anticheat "drivers" that run in kernel mode are a spectacularly bad idea, and *every* MDM/BYOD policy I roll out blocks the most popular ones.

Today I learned that unprivileged users can run "systemctl show servicename" to see all the environment variables set in the .service file.

This means if someone sets their AWS_SECRET_ACCESS_KEY in there (or any other secret), it can be read by an attacker even if they don't have read privileges to read the .service file.

For defenders, use EnvironmentFile= instead of Environment= and as long as your environment file has the correct privileges, you will be fine on this front.

LAGPL please

Our report from December 2021 is now live: https://t.co/0U4nHc8TuL

Featuring: 💠 @tails 💠 @torproject 💠 @debian 💠 @opensuse 💠#nixos 💠 @conservancy & many more…

@urusan I don't agree with everything Stallman wrote, but I really loved his article on copyright:

https://www.gnu.org/philosophy/misinterpreting-copyright.en.html

Site.js version 17.3.4 released

Upgrades JSDB to version 1.2.2 (CJS backport of 2.0.6; details: https://mastodon.ar.al/@aral/107548661864126393)

Site.js is the Small Web construction set.

https://sitejs.org

#SmallTech #SmallWeb

GPL is basically the software equivalent of Creative Commons Attribution ShareAlike.

Those who have a problem with it do so because they don’t want to share alike.

They want to take but not give.

So you decide how you feel about that.

Encryption is the key to personhood.

If you’re looking for an excellent app for annotating/marking up PDFs on Linux, try Xournal++

https://xournalpp.github.io/

#linux #pdf #annotation #app

Disney has a long history of being an enemy of content freedom, most notably how they twisted and manipulated copyright law to something distincly NOT in public interest, for their own pocketbooks. Disney+ is the climax of that same ignoble mission so far. https://www.defectivebydesign.org/blog/idad-2021-counteracting-disneys-attack-culture

Box art of the day: #DOSGaming

Before you buy that e-book from Amazon, do yourself a favor and see if the publisher has a website with direct sales.

I've found a number of books that I was interested in DRM-free, in EPUB format, and sometimes at a discounted price, just by poking around a little.

Sounding like it's already passed Ditch-LastPass o'clock 😬

https://www.bleepingcomputer.com/news/security/lastpass-users-warned-their-master-passwords-are-compromised/

Let me talk out the architecture I've got planned for my "Haphaestus" browser engine for TVs & eReaders.

I'll tackle the rendering engine first, so let's start there.

I plan to use GPU-rendering to avoid the need for more complex optimizations elsewhere. Rendering all the "fragment" pixels (in GLSL) for each element simultaneously is an unusual programming paradigm, but should be easy enough!

I'll parse relevant CSS properties directly into GLSL input within this module.

1/?

@alexandra So we have invented this essentially undeletable database, it's horribly inefficient but it works, right, so shouldn't we be using it to record all of humanity's knowledge as well as evidence of crimes against humanity, instead of using it for funding ransomware and making a few people richer?

After three decades of using email I just sent my first message using the protocol directly by talking to an SMTP server interactively and typing in all the commands by hand.

Have to say, was actually simpler than setting up some of the email clients I’ve used over the years :)

"Sigmund Freud called this “the narcissism of small differences.” He noted that the fiercest fighting doesn’t happen between people with big differences, but between those with relatively insignificant differences. The Romans used this bit of human nature in their “divide and conquer” strategy, turning locals against themselves and their neighbours for easy plunder, and colonialists and corporations have been doing the same ever since, wherever opposition springs up."

https://www.permaculturenews.org/2021/07/19/how-the-narcissism-of-small-differences-is-holding-back-community-transformation-work/

How many holes does this shirt have?

Hint: you are probably wrong.