ML2 @mathlover@qoto.org

#Florida Is Fighting to Feed Starving #Manatees This Winter - https://www.wired.com/story/florida-is-fighting-to-feed-starving-manatees-this-winter/ poor manatees, humankind to blame, as usual....

"the Supreme Court Historical Society is ostensibly independent of the judicial branch of government, but...

over the years the society has become a vehicle for those seeking access to... [SCOTUS]

The justices attend the society’s annual black-tie dinner soirees, where they mingle with donors & thank them for their generosity... more than $23 million over the last two decades."
~https://www.nytimes.com/2022/12/30/us/politics/supreme-court-historical-society-donors-justices.html

#SCOTUS #USPolitics

I'm sad. Very sad. We lost a nurse colleague to suicide. Our hearts are broken. So many questions. We are mourning. Crying through our shifts while still caring for patients & working short-staffed.

Please check on nurses. Fight for nurses. We wonder who else is struggling 😢

Twitter changed the way you report a tweet and it's really hard now to report verbal abuse.

Say, you see someone being calling off due their political inclination.

You can't report that. The report now requires that the attacker must be attacking someone's identity (religion, sexual inclination, whatever), but political inclination is not identity, so...

Lol, there's no better endorsement of Mastodon than the fact it's apparently become the new "pronouns in bio" to right wing chuds

I've been using #Twitter significantly less recently, and only to read stuff others have tweeted (not that I was ever a prolific poster anyway).

The one thing that really stands out, however, is just how toxic that place was. I didn't really notice until I left... It was so common that I became almost immune to it, like it was normal or to be expected.

Whether it was posts about #infosec or #Brexit or #Covid or Greta Thunberg... Tweets just constantly seemed so argumentative and intentionally divisive. It's such a more pleasant experience overall here on Mastodon!

Live Nation and Ticketmaster were allowed to merge in 2010. The result?

They now control 70% of the primary ticketing and live event venues market.

They exploit all of us — and we simply have to take it.

Big mergers are terrible for everyone but super-rich CEOs.

The first rule of the Dunning-Kruger club is you don't know you're a member of the Dunning-Kruger club.

‘Our identity lies in these songs’: saving the music of #India’s Biate - https://www.theguardian.com/world/2023/jan/03/forgotten-songs-collective-saving-music-biate-indian-hill-tribe-global-audience so much wonderful culture is being lost around the world; more must be done to capture it before it is too late... #ethnomusic

In a democracy, the private depends on the public.

Businesses depend on public resources: roads, bridges, highways, sewers, a water supply, airports and air traffic control, a patent office, public education for your employees, public health, the electric grid, the satellite communications, the internet, and more.

Individuals depend on clean air, water, safe food, public safety, access to education and health care, housing, employment ...
Without such public resources, you are not free.

Last week, I discovered a public Amazon S3 bucket belonging to a French bank that contained approximately 16GB of data (122 339 files), including static assets such as CSS, JavaScript, and images, as well as official documents, schema, unverified IBANs and API documentation.

While the bucket was intentionally left open, the bank's security team promptly responded to my report and corrected the issue.

However, there are several potential risks associated with leaving an Amazon S3 bucket open to the public.

By knowing the name of the bucket, I was able to download its entire contents, potentially gain access to sensitive information (naming convention, API endpoints), and even deduce the bank's AWS Account ID (prod?) and AWS Organization ID.

In today's AWS Security landscape, it is generally considered best practice to use a CloudFront distribution to expose static files rather than leaving S3 buckets open to the public.

As a fun side note, I discovered that Google was also indexing the bucket's contents.

Despite the security lapse, the bank was grateful for my report and even rewarded me with a $10 credit as a customer.

Overall, it was a reminder that security is an ongoing effort, and we should all be vigilant in protecting our assets.

#AWS #Security

I started a new account on Twitter to see what would happen. I made no posts and followed 8 others; weather, traffic, local police and news. My time line is NOTHING but right wing hate, absolutely nothing else. #Twitter #elonmusk #rightwinghate

@jesse soft launch. We are kicking the tires and making sure the instance works.