Show more

Yesterday tried to answer to an email from Microsoft's Hotmail/outlook.com. And of course my email was rejected because "part of [my provider's] network is on [Microsoft's] block list". So they are blocking emails from subnets when they notice there are any suspicious activities. Not based on my host's reputation that didn't change for the past 2 years.

Just if you search for a reason to switch to a another email provider.

Sheogorath boosted

If you have Facebook "like" buttons embedded on your website, it could make you liable for breaking GDPR privacy laws, even if it's Facebook doing the illegal stuff:

theregister.co.uk/2019/07/29/e

You can protect your site from legal liability (and protect your users' privacy) by removing all Facebook like buttons.

Please tell your employers/organisations about this ruling, it may help convince them that Facebook is toxic (or at least that embedded like buttons are toxic).

#Facebook #DeleteFacebook

I have to say there are some awesome people out there. Great documentation for synapse (Matrix) <-> Keycloak setup:

edenmal.moe/post/2019/Matrix-S

Sheogorath boosted

Schengen-Informationssystems: Grobritannien kopierte Daten heise.de/newsticker/meldung/Mi Ob die britische Regierung ann瓣hernd versteht, welche Gefahr das f羹r den britischen Wunsch darstellt, auch nach Brexit Flugpassagierdaten aus der EU 羹bermittelt zu bekommen? #Datenmissbrauch

Yesterday I started to deploy SSO through my private infrastructure using keycloak. And after deploying Nextcloud and CodiMD with it, I start to question this decision.

Because it's nice to have a central place and only a single login for all services, but except of me, no one is using all services and I don't see an easy way, to restrict people from using certain services.

What to do

Sheogorath boosted

Watching one of my favourite projects slowly dying is painful.

I'm reminded again how the best #FOSS software isn't made by the most skilful coder, or by the most advanced language... but by the most engaged community.

Don't forget to update our synapse instance. Version 1.2.1 is a critical security update which can lead to downgrade attacks on rooms, spoofed read recipients, people being pushed out of rooms, and more.

github.com/matrix-org/synapse/

In order to keep rooms and your servers safe, please upgrade.

After reading another conflict about about what people say and what people do, I decided to write a little note about it on my pad:

pad.shivering-isles.com/s/H1W8

With some reasoning why I think you shouldn't try to judge people before you understand their intentions and stop nailing people down to a few statements they made at some point.

All this would prevent a lot of drama and scandals and without anyone giving up any of their freedom.

I just searched for something completely different but got across this article. It sounded like an interesting problem to solve and as it turns out, wow, I never realized that this problem exists, even when it makes a lot of sense.

TL;DR: People don't enter coordinates to describe an area in order, which causes some confusion on your

crondev.blog/2018/08/17/geomap

Sheogorath boosted

The lovely folks at Pimoroni messaged me on birdsite to say theyre sending me the official Raspberry Pi power adapter for free and wouldnt budge when I tried to convince them that I was happy to pay for it (just didnt want to pay for shipping again).

Please support them: theyre an independent shop in the UK and they have lots of yummy things for tinkering with electronics and computers and awesome customer service:

shop.pimoroni.com/

#RaspberryPi #Pimoroni

The only reason machine learning an AI is even considered in various places as a possible solution is because computer's got people's trust by being *computers*, means machines that calculate results based on algorithms. Where the algorithms were written by humans.

Nowadays we use "AI" to throw data in and getting some results out. And just because it's done by computers people don't question the results. Computers have an image of being correct.

Sheogorath boosted

Schon allein das Abspielen eines Videos reicht aus, um jedes Android-Ger瓣t zu 羹bernehmen, das nicht die Security-Updates von Juli 2019 eingespielt hat. Banking-Apps und Co. pr羹fen das Sicherheitspatch-Level allerdings nicht - die Verantwortung liegt allein beim Nutzer.

github.com/marcinguy/CVE-2019-

Looking ahead in my calendar I think it's time to write a blog post. Went for a responsible disclosure and didn't head back within the past 2 months. Want have things prepared for the day I told them I would disclose things.

Quite annoying when people don't respond on their contact email addresses.

Sheogorath boosted

Some old advice about analysis paralysis I got from a former boss of mine:

If you can't choose between options, pick one randomly.

丹領儭 Email that asks me to participate in a study "[因 of course your personal data is stored encrypted" (Translation by me)

*opens link*

[Google forms] <-- Great!

Sheogorath boosted

PSA (domain block):

Within around a minute I was followed by 500+ bots from @weedis.life and then within another minute was unfollowed by all of them. Essentially a denial-of-service attack. Haven't seen or heard of that before.

This whole aging-app disaster brings out what's wrong with the end-user software market:

The software vendors don't want you to read the Terms of Use, they don't want you to read the privacy policy, they don't want you to require to authorize access to data stored on your devices.

It's a market that pretends to be for their customers but is almost completely about the vendors.

It's on us to change that.

I guess one of the biggest threats to peertube could be pirated videos. Not because you can't ban bad guys, but because every viewer immediately becomes part of the peer-to-peer network sharing/uploading this content.

And at least for Germany we all know how that works out

And if you wonder how I came up with the topic: I just saw a video on and the suggestions where full of music videos which probably originate to youtube, but aren't uploaded by their original authors

Setup my own DoH provider for my Firefox :)

If you want to use it: go to about:config, search for network.trr.resolvers and overwrite the value with:

[{ "name": "Cloudflare", "url": "mozilla.cloudflare-dns.com/dns" },{"name": "Shivering-Isles", "url": "dns.shivering-isles.com/dns-qu]

If you wonder how the stack looks like:

git.shivering-isles.com/contai

On the production code:
git.shivering-isles.com/shiver

Sheogorath boosted

#2176 "How Hacking Works" 

Show more
Sheogorath's Microblog

This instance is the microblog to my blog. You'll probably find more recent content here while finding more elaborated content on the blog. Impressum / Datenschutz / Privacy