“The hacker ethos once championed as a method of subverting prevailing power has become at last its greatest lieutenant … I am not hoping for programmers to organize as a class, not anytime soon – you dudebro losers haven't got the guts – but good software simply won't be possible until we accomplish at least that much. There will never be the time or money to satisfy the guarantees our ethics require until we demand them with all the power we possess.”
https://garbados.github.io/my-blog/software_from_another_world.html
La pandemia ha fatto bene all'economia dei #GAFAM, ma qualcuno deve iniziare a occuparsi di questi ca**o di informatici!
Di @Shamar alla conferenza #AIUCD2021
http://www.tesio.it/2021/07/23/AIUCD2021_Lobbista_per_5minuti.mp4
In 2014, I gave a talk called Free is a Lie at a run-of-the-mill, dime-a-dozen, Silicon-Valley-worshiping Big Tech/surveillance capitalism conference in the Netherlands.
Yesterday, I learned that they unlisted my talk on *spit* YouTube and that it might be removed.
https://twitter.com/ribasushi/status/1418262501704282115
https://twitter.com/l18cp/status/1418281939778277380
Today, I archived it so you can keep watching it for as long as you want to.
#FreeIsALie #PeopleFarming #SiliconValley #BigTech #SurveillanceCapitalism
I wonder how I can be surprised to learn that #Mozilla's #Thunderbird collect telemetry infos (including your mail domain) and share them with partners such as #Amazon.
It's obvious they spy on your mails! 🤦♂️
Indeed, in case of crash, they even send to "their" #AWS servers a memory dump that contains sensitive data crash reports.
This likely include, your emails in clear, your private encryption keys¹ and everything else the program has loaded and kept in memory.
What does this means for an hypothetical attacker that can access such reports?
I mean... like a #USA agency arguing that you might be a terrorist or something.
Oh but sure... they shall do no evil...
https://www.mozilla.org/en-US/privacy/thunderbird/
#Privacy #Freedom #hypocrisy #Security #infosec
_____
1) Since version 68, Thunderbird does not use the #GPG suite via #Enigmail, but directly do encryption "to avoid licensing issues" 🤷♂️
@rysiek@mastodon.technology @mala
RT @emmevilla
🦠🌍 Volete la prova definitiva che i #vaccini ci stanno salvando?
Eccola.
A sinistra, 8 paesi che hanno vaccinato molto.
A destra, 26 paesi che hanno vaccinato pochissimo.
Trovate le differenze.
E #vaccinatevi.
@rysiek@mastodon.technology
It’s not that simple.
In the article you liked #OCCRP explains
This is normally done through the target’s mobile operator, which some governments can access or control.
How many CA are state-run agency? How many CDNs (behind HTTPS) can be subject to similar impositions?
If a state can impose to a mobile operator to track a citizen, why do you think it cannot impose to serve certain DNS records, certain TLS certificate and so on to certain people only?
Also, HTTPS leaks a lot of information about every visitor to the site owner (IP, cookies) and you are assuming the hosting/cloud provider is not malicious, while often it is.
And these leaks apply to everybody, not just to targetted victims.
You just need to control/compromise a single hosting/cloud provider and attract the victim on one of its HTTPS websites to install the same malware without the website owner knowing anything AND without the victim suspecting anything (it’s HTTPS, so it’s safe, isn’t it?)
On the other hand, HTTP proxies can cache requests and hide you from the server.
It’s dumb to blame http website owner for the victims killed by criminals and governments: it’s the whole Web that is broken and insecure at heart, HTTPS or not.
We need people to understand how it works in depth so that they can foresee the risks.
A false sense of security is MORE dangerous than a known state of insecurity.
It was hard for me to tell how serious the Audacity stuff was
but the original version of this comment (see edit history) is a threat of deportation and insinuation that if they don't comply with a takedown you hope they'll be imprisoned, killed, or tortured by their country of origin https://github.com/Xmader/musescore-downloader/issues/5#issuecomment-882450335
and so yeah okay thanks for making that clear
(also thx for the link @Claire)
Edward #Snowden calls for #spyware trade ban amid #Pegasus revelations.
#NSA #whistleblower warns of world in which no phone is safe from state-sponsored hackers if no action taken.
Massive data leak reveals over 50,000 phone numbers of potential surveillance targets for clients of spyware company NSO.
These include heads of state, activists and journalists, including Jamal Khashoggi’s family.
https://www.amnesty.org/en/latest/news/2021/07/the-pegasus-project/
found at: https://twitter.com/AmnestyTech/status/1416834680553414657
Holy SHIT!
Plain English Programming... for true!
And nobody told me!
IMPRESSIVE ! ! !
A Silicon Valley VC-funded startup succeeds or fails based on how fast it can grow. At the start, it needs YOU to grow. It will put its best face forward and promise to be nice. Once it has grown enough and it no longer needs you (see: network effects), you have little to no power to affect its behaviour. That’s when you get screwed. Maybe not all at once (see: slowly-boiling frogs) but eventually, sure enough.
So exercise your power when you have it. At the start. By looking the other way.
Su LibriVox potete fare due cose:
-Ascoltare
-Registrare.
Gli audiolibri LibriVox sono letti da volontari di tutto il mondo; sono gratuiti per chiunque, e si possono ascoltare, sul proprio computer, tablet, altri dispositivi mobili, masterizzare su un CD o salvare su una chiavetta usb.
Tutte le registrazioni LibriVox sono di dominio pubblico.
Obiettivo di LibriVox:
Rendere disponibili tutti i libri di pubblico dominio in formato audio su internet.
I principi fondamentali di LibriVox:
-E' un progetto non commerciale, senza scopo di lucro e senza pubblicità
-Cede le sue registrazioni come pubblico dominio
-E' sostenuto da volontari
-Mantiene una struttura fluida e aperta
-Accoglie volontari da tutto il mondo, in tutte le lingue.
Ascolta un libro pure tu!
Wow.
"Edsger W. Dijkstra: a Commemoration
This article is a multiauthored portait of Edsger Wybe Dijkstra that consists of testimonials written by several friends, colleagues, and students of his. It provides unique insights into his personality, working style and habits, and his influence on other computer scientists, as a researcher, teacher, and mentor."
PDF at [ https://www.cs.utexas.edu/users/EWD/commemoration/EWD-commemoration-2021.pdf ]