Post @post@qoto.org

"Microsoft Edge sends a request to bingapis .com with the full URL of nearly every page you navigate to"

Microsoft secretly tracks people across myriads of websites/apps via pixel. Now it was caught tracking them directly in the browser, by default. Wild.
https://www.theverge.com/2023/4/25/23697532/microsoft-edge-browser-url-leak-bing-privacy

@freemo @stux @Pat @trinsec @khird
> the fediblock process

i'd not go as far as to call witch hunt using hashtags "process" xD

Google has just updated its 2FA Authenticator app and added a much-needed feature: the ability to sync secrets across devices.

TL;DR: Don't turn it on.

The new update allows users to sign in with their Google Account and sync 2FA secrets across their iOS and Android devices.

We analyzed the network traffic when the app syncs the secrets, and it turns out the traffic is not end-to-end encrypted. As shown in the screenshots, this means that Google can see the secrets, likely even while they’re stored on their servers. There is no option to add a passphrase to protect the secrets, to make them accessible only by the user.

Why is this bad?

Every 2FA QR code contains a secret, or a seed, that’s used to generate the one-time codes. If someone else knows the secret, they can generate the same one-time codes and defeat 2FA protections. So, if there’s ever a data breach or if someone obtains access ....

#Privacy #Cybersecurity #InfoSec #2FA #Google #Security

Meta aka Instagram is working on a Twitter competitor that is rumored to be ActivityPub compatible.

If you run a fediverse instance (Mastodon, Pixelfed, Calckey and others), would you ban a Meta instance?

Boosts appreciated 👍 #fediverse #barcelona #activityPub #meta

What?? 🤬 „Smartphones With Popular Qualcomm Chip Secretly Share Private Information With US Chip-Maker“

https://www.nitrokey.com/news/2023/smartphones-popular-qualcomm-chip-secretly-share-private-information-us-chip-maker

WordPress.org is counting 3.000 installations of the #ActivityPub Plugin so far 🎉

g10 Code becomes a KDE patron🎉! g10 Code are the creators and maintainers of #GnuPG, the vital #encryption engine 🔒 that is one of the fundamental technologies that ensures #privacy 🔑 and #security online.

https://dot.kde.org/2023/04/25/g10-code-becomes-kde-patron

Switching back from #obsidian and #logseq to #emacs and #orgmode (+#orgroam) feels like a step from someone else's home into a thriving forest: such a rich eco-system! Found #systemcrafters an invaluable resource to get quickly from vanilla emacs to something which exceeds or is on par with the alternatives in all aspects that matter: configurability, extendability, control, speed, resources, android support via #orgzly, themes, #foss, local first, future proof,....

https://wiki.systemcrafters.net/emacs/

#meme #culture #progress #architecture #history #art #modern #life #world

“When Google’s management does grapple with ethics concerns publicly, they tend to speak about hypothetical future scenarios about an all-powerful technology that cannot be controlled by human beings”

➡️So tempting to focus on fictional future harms rather than current real ones.

Thank you, @daveyalba for this reporting.

@jwildeboer @EU_Commission

Don't you see they are already going to the opposite direction with things like #ChatControl to the point of a dystopian violation of privacy as a human right?

And what about #CyberResilienceAct that poses every FOSS community at risk as noted by Python Software Foundation? https://pyfound.blogspot.com/2023/04/the-eus-proposed-cra-law-may-have.html

The fact EU has a Mastodon instance doesn't mean anything.

@Garwboy by estimating the combined volume of my family, I'd say we only use 1% of our house. Think what we could achieve if we used 100%!

Was recently asked which scientific 'myth' I'd like to see banished forever

Obviously, given my field and output, I had to choose 'we only use 10% of our brains'

It's not just a silly thing that leads to shoddy movie plots. It's worse than that

For one thing, the origins of the 'we only use 10% of our brain' notion are unclear. But analysis suggests it came about *at least* a century ago. Believe it or not, our understanding of the brain has improved by orders of magnitude since then

/1

@occhiolist well, in my experience, you can only see the replies from servers your server federates with. For me that’s kinda broken because it can look like no one responded to something (this could be happening right now!), so I respond, but the original poster gets a deluge of these sorts of replies from people who just don’t realize that a million others have already said the same thing.
Not sure if that’s what @thomasfuchs is talking about, but it’s on my mind

Oh snap, #Discourse is adding #ActivityPub support!
https://meta.discourse.org/t/federation-support-for-discourse/90921/108

#Fediverse

@ch0ccyra1n @fediverse Perhaps it already exists in some way, but I would like it if for example public or official web pages could easily connect their RSS update functionality to the Fediverse, so that I can follow a web page of for example my municipality, and also comment and engage in the Fediverse in relationship to public institutions.