Olivier Forget @teleclimber@social.tchncs.de

So, uh. You know Invidious, the privacy-focused front end for YouTube?

Someone made the same thing except it's for Twitter. And it has RSS support.

https://nitter.net/about

Mycroft finally opened up it's backend code using the AGPL. They cover their reasoning here:

https://mycroft.ai/blog/open-sourcing-the-mycroft-backend/

#mycroft #agpl

"<video> tag doesn't play in iOS Safari unless you add type="*" for some reason" is a good example of where web development is still not fun https://stackoverflow.com/a/28361053

An open source camera project.

I deleted my Facebook-account years ago, but my latest job (not tech related) uses Facebook for communication.

I created a new account, I have no photos of me there and I share nothing, no posts or anything.

A few days ago they suspended my account for no reason at all and required me to upload an ID of me. I ended up creating a new account days later.

Even though I have nothing of value there I have never felt so powerless. It made me appreciate the ethical fediverse even more.

#Facebook

Has anyone done something like this with @nextcloud?

Mounting the main file storage from a USB drive connected to a Pi at home, but running the Nextcloud instance on a remote cloud server (hopefully there's some file caching going on, at least for thumbnails, so that recent pictures remain viewable even if the Pi goes down temporarily, and other data like contacts or calendars should be on the server itself).

Doable? Any caveats?

What year did you first get the internet?

People who've done FOSS/self-hosted home automation, what system(s) did you use and how well does your setup work?

How the fuck are these the top comments on the RMS resignation post ?!

We should be cheering his resignation, you don't get to say shit like that and expect nothing to happen.

this site is the friggin best

Private Internet Access is now on the #gab "affiliate partners" page. I'm a customer, so I've opened a ticket asking them to disassociate and #isolategab

Can anybody here recommend another VPN provider with straight openvpn support and some way of handling inbound connection attempts?

If you only read one post today, pay attention to this one... YOU HAVE BEEN WARNED

(Please Boost)

I've been cautioning people about this aspect of using biometrics for credentials for a few years now.

Sure, it may lend itself to secure authentication, yet it also lends itself to search and seizure w/o the constitutional requirements of a warrant signed by a judge. i.e., a court order is required to compel one to divulge a password, or at the very least unlock a device such as a laptop or mobile device using that person's password.

If you're arrested, law enforcement personnel do not have the authority to demand you divulge such information, or require you to use your passwords to grant them access to your assets. Only a judge can do that.

They can however, force you to roll out your fingers to be printed and entered into a fingerprint database, and for if arrested for an alleged felony, collect DNA from a suspect.

What this means, is that in the United States, if you lock your phone with a biometric key, such as a fingerprint, cops can hold you down and physically force your hand (yes, pundit) to unlock your phone, making all of the contents of that device available to them.

Here's the relevantt verbiage in this ARS Technica article that glosses over this fact that most folks aren't even aware of...

To wit: if you lock your phone with a fingerprint, it isn't locked at all if you're ever arrested for something even as common as a DUI.

"While courts aren’t unanimous, they frequently grant more latitude to defendants who refuse to divulge passwords, since doing so amounts to testifying against oneself. Biometric information, by contrast, is often regarded as evidence that investigators can confiscate."

The way they put it in this article, it doesn't sound as vile and all encompassing in scope as it actually is in reality - go read up more on this, US Circuit courts have already long since ruled on this, so it is in fact De jure.

I'll say this one more time: "If you are arrested for ANYTHING, and you lock your phone with a biometric key of any kind, Law enforcement is entitled to freely access ALL of your data without any additional cause.

Unless you want to be their bitch, Don't do it.

#search_and_seizure #iris_scan #1984 #retinal_scan #fingerprint #biometric #privacy #security #personal_information #vulnerability #big_brother #we_are_the_dead #chant_of_the_ever_circling_skeletal_family #run_forrest_run #be_afraid_be_very_afraid #shorn_sheep

https://bit.ly/2Kvv2hW
privacy_annulled-biometrics-002…

@zensaiyuki @dredmorbius

man, imagine Game of Thrones in Smellovision

Why can't you use "Beef stew" as a password? Because it's not stroganoff.

I spent all day looking for vulns in a IoT clothes dryer. What did I find?

* HTTPS to talk to backend service
* XMPP w/ STARTTLS to steam events
* Cert pinning so no MitM
* Android app obfuscated w/ no obvious backend URLs or certs
* Dryer runs an AP for initial setup w/ DHCP and HTTPS servers
* That HTTPS requires auth with a password printed on a label near the door

Best I could do was get the DHCP server to serve the same IP to every request.

Well done GE.

#defcon27 #iotvillage

when you think about it, the idea that software should scale is actually really weird. "sure this garden is nice, but how nice can it be if it doesn't grow to cover the entire surface of the earth?"