timorl @timorl@qoto.org

Realistically speaking, utopias would probably look a bit grubby and lived-in, especially if we're talking about low-key, actually achievable utopias as opposed to chrome and food pills.

That's the side-effect of making an actually liveable society, people are gonna live in it, and leave stains, scuffmarks, wear, tear and grafitti behind.

#Technofeudalism is a new system in which the techno-lords are extracting a new power to make the rest of us do things on their behalf. This new power comes from investing in a new form of capital that allows them to amass a new type of value which, in turn, grants them the opportunity to extract surplus value from vassal-capitalists, the precariat, and everyone using their platforms to produce on their behalf, even more command capital. #surveillancecapitalism
https://the-crypto-syllabus.com/yanis-varoufakis-on-techno-feudalism/

Flutter and Chromium accept contributions from anyone. Anyone who's rich enough to buy modern hardware capable of building the software from source.

Like no, I don't want my computer to be unusable for hours just so I can attempt a Flutter build.

Daily reminder that software has a carbon footprint. How many devs buy new hardware because they need to build software like this while running Discord/Slack/Spotify? How much e-waste is your software responsible for?

New #blog post: The right thing for the wrong reasons: FLOSS doesn’t imply security . A longer post, ~3623 words.

I think free and open source software is super important and avoid proprietary software (the only proprietary software on my machine is firmware and Zoom, which I’m required to use). But too many people support it for the wrong reasons: they assume that proprietary software is impossible to audit and that source availability is therefore necessary for security. Quote from the article:

One of the biggest parts of the Free and Open Source Software definitions is the freedom to study a program and modify it; in other words, access to editable source code. I agree that such access is essential; however, far too many people support source availability for the wrong reasons. One such reason is that source code is necessary to have any degree of transparency into how a piece of software operates, and is therefore necessary to determine if it is at all secure. Although security through obscurity is certainly not a robust measure, this claim has two issues:

Source code describes what a program is designed to do; it is unnecessary and insufficient to determine if what it actually does aligns with its intended design.
Vulnerability discovery doesn’t require source code.

I’d like to expand on these issues, focusing primarily on compiled binaries. Bear in mind that I do not think that source availability is useless from a security perspective, and I do think that source availability is required for user freedom. I’m arguing only that source unavailability doesn’t automatically imply insecurity, and source availability doesn’t imply security. It’s possible (and often preferable) to perform security analysis on binaries, without necessarily having source code. In fact, vulnerability discovery doesn’t typically rely on source code analysis.

There’s also a gemini version.

Good article about a bad subject, all the more because it confirms things I've believed for some time.

You have to design for anti-harassment from day one. Waiting until the project is in the hands of the public and then adding it is much, much too late and you will always be playing catch-up. If you bother trying at all, like those YouTube alternatives I mentioned.

One thing I applaud Mastodon for is actually thinking about it during the design stage.

https://blog.mollywhite.net/abuse-and-harassment-on-the-blockchain/

you go to school to study "the brain" and then the next thing you know you're learning how to debug surveillance in PDF rendering to understand how publishers have so contorted the practice of science for profit. how can there be "normal science" when this is normal?