⊥ᵒᵚ⁄Cᵸᵎᶺᵋᶫ∸ᵒᵘ ☑️ @falken@qoto.org

Why we no longer support the use of Cloudflare on our web and email hosting accounts. Spoiler: it's AI bot scraping. https://www.mythic-beasts.com/blog/2025/09/03/web-hosting-and-cloudflare/

Does anyone know 'verified' Linux Mint developers in the Fediverse who might be interested in an apparent high priority issue?

@linuxmint only (re)posts their blog entries and that account, as welcome as it is, has no indication of official status listed anywhere.

The component is in GitHub (and the issue isn't listed), but I've no account there and feel it's counterproductive anyhow to publish a howto in public...

Trusted #infosec pros with channels to Linux Mint may qualify to handle the brown paperbag forward.

I'd also ping Jamie Zawinski, but he doesn't appear to be around.

#linuxmint

Fuck every EV charger that requires an app to use. Just give me a goddamned credit card reader.

This is the *second* station we've stopped at today that required yet *another* app install and registration—only to have the fucking thing not work.

(Alice is ticked off)

#EVs #ChargingFail #FuckCapitalism #Enshittification

Alright Fedi. This is going to be my more far fetched question as of yet.

Do any of you happens to have, lying in a box somewhere, a Photo CD? And if so, would you be willing to part with it?

Just to clear any possible confusion, I’m specifically looking for a disc in the Photo CD format, not a CD-R on which pictures have been stored as files. Here is the article on the subject: https://en.wikipedia.org/wiki/Photo_CD.

Boosts are appreciated, as my search has not been fruitful this far.

The velocity for patching Critical vulnerabilities is set by standards and driven by criminal activity. 2000-2010, the acceptable timeframe was 30 days. That dropped to 14 days, from 2010-2020. By 2022, the 7 day standard became the norm.

The criminals, meanwhile? With Netscaler they had exploits within 12 hours of disclosure.

The Open Rights Group is working on an amendment to the OSA which would propose a small site exemption, for sites that are maintained without a view to profit, with a small number of active users, and which the owner reasonably believes to pose no risk to users.

If you want to give thoughts on various parts of the potential amendments, there's a form here:

https://cloud.openrightsgroup.org/nextcloud/apps/forms/s/dQB6GSRQ4jHzGjxiYG5tAnDB

#OnlineSafetyAct

People in Internet security circles are sounding the alarm over the issuance of three TLS certificates for 1.1.1.1, a widely used DNS service from Cloudflare. The three improperly issued certs escaped notice for 4 months.

https://arstechnica.com/security/2025/09/mis-issued-certificates-for-1-1-1-1-dns-service-pose-a-threat-to-the-internet/

Worried about the future of installing your own software on your Android device? @conservancy is hosting a Q&A to update you about sideloading software as well as other tips about how to ensure your phone runs the software you want, without any artificial restrictions. Join us on BigBlueButton this Friday September 5th at 15:00 UTC (08:00 US/Pacific, 11:00 US/Eastern, 17:00 CEST)

https://sfconservancy.org/blog/2025/sep/3/sfc-qa-on-how-to-keep-your-sideloading/

Your mother paints roundabouts and your father shouts at hotels.

@hazelweakly @risottobias
It's like the adage that since debugging is twice as hard as coding, if you write code as cleverly as you can you're not clever enough to debug it, only worse.

Testing the code an AI generates is 100x as hard as prompting it: since AI output is massively under-specified by a natural language prompt it's like building Lego wearing oven gloves, and prompt complexity increases faster than precision of control of the output.

So nobody is clever enough to test the code.

UK sought broad access to Apple customers’ data, court filing shows | FT
https://alecmuffett.com/article/114735
#EndToEndEncryption #HomeOffice #apple #icloud #privacy #surveillance #tcn

Look, Jeff Atwood, it is difficult to take you seriously when you write authoritatively on a subject you clearly don’t understand.

GDPR doesn’t mandate cookie notices.

Cookie notices are *malicious compliance* by the surveillance-driven adtech industry.

If you’re not tracking people, you do not need a cookie notice, period.

If you’re only using first-party cookies for functional reasons, you do not need a cookie notice, period.

If you’re using third-party cookies to track people – i.e., if you’re sharing their data with others – then *you must have their consent to do so*. Because, otherwise, you are violating their privacy. Even then, the law doesn’t mandate a cookie notice.

How would you conform to EU law without a cookie notice if your aim wasn’t malicious compliance?

You would not track people by default and you would make it so they have to go your site’s settings to turn on third-party tracking if, for some inexplicable reason, they wanted that “feature”.

Boom!

No cookie notice necessary.

What’s that?

But that would destroy your business because your business is founded on the fundamental mechanic of violating people’s privacy?

Good.

Your business doesn’t deserve to exist.

Because the real bullshit here isn’t EU legislation that protects the human right to privacy, it’s the toxic Silicon Valley/Big Tech business model of farming people for data that violates everyone’s privacy and opens the door to technofascism.

https://infosec.exchange/@codinghorror/115120175033311443

@codinghorror As for why this isn't a browser feature, it was and is! It is a *choice* by your industry to disregard this, by ignoring DNT and not implementing GPC in major browsers. Did your site honour DNT? Does it honour GPC in places where it is not legally obliged to?

https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/DNT
https://globalprivacycontrol.org/

@codinghorror

True, but my point remains. This shitty experience we're collectively having here this isn't "the EU forcing cookie notification on people", it's "the malicious compliance of companies that profit from user tracking."

Every company that shows you an cookie popup has made the choice to put a few fractions of pennies of possible future profit ahead of your experience.

https://gdpr.eu/cookies/

Gaussfest, and an electrical day in London on the 7th September (Next Sunday) @ The London Museum of Water and Steam (Brentford)

https://www.extremeelectronics.co.uk/the-gaussfest/

High voltage, tesla coils, electrostatic machine demonstrations and a Victorian/Edwardian pumping station to look around, plus a chance of seeing a working mercury rectifier(s)

I can't think of a better day out :)

Please retoot for reach.

Tickets https://lmws.digitickets.co.uk/event-tickets/68513?catID=65283&

GREETINGS PROGRAMS! IT'S OFFICIAL! Don't tell Mrs Wife I'm dipping into the savings!

Tron and Tron: Legacy coming to 4K disc on September 16th (US)!!

END OF LINE.

https://thedigitalbits.com//columns/bill-hunt/my-two-cents/item/3205-breaking-on-the-bits-disney-sets-tron-1982-tron-legacy-2010-for-4k-ultra-hd-release-on-9-16