This is demonstrably false. Almost all servers that de-federate Threads still broadcast the RSS feed of your posts. This is available to everyone, even servers that are de-federated from yours.
If you don’t believe me, test this out for yourself. Append “.rss” to the end of your profile URL (exampleserver.com/@username.rss), and see what happens.
Hell, if I wanted to build a search engine for the Fediverse and not use ActivityPub, I could use RSS instead and I could index most of the Fediverse – whether you opt into it or not.
Let’s stop spreading the myth that de-federation by itself prevents Threads from accessing your public feed.
Defederating #Threads will, however, stop Threads from drowning out the entire rest of the Fediverse.
The result of federating is that Threads is the Fediverse now, and the rest of us are just the silent periphery that no one cares about and aren't even allowed to speak to Threads users (the federation is one-way). This kills the Fediverse. Easiest #EmbraceExtendExtinguish ever.
So the way the IDF chose targets was (1) an AI spat out tens of thousands of names of potential Hamas members; (2) those people's homes were made bombing targets; (3) no one bothered to review any of it or even see if the person was home; (4) the potential for civilian casualties didn't matter. https://www.972mag.com/lavender-ai-israeli-army-gaza/
You can do that in many languages. Slap together any random American first and last name, like “Sarah Connor”, and you'll have the name of dozens if not hundreds of people.
I chose that particular combination because, well, remember Terminator 1? That name belonged to numerous different people, and the Terminator went around killing all of them (and failed to kill the one it was actually supposed to).
Having unprivileged user namespaces and netfilter enabled is neither very specific nor uncommon. That's the default configuration in most distros. High severity is completely warranted for this CVE.
March 31 was already significant to me because that's the day in 1998 when I helped #Netscape Navigator become #OpenSource.
Now this day has a whole new meaning for me as a #transgender woman. And it's my first #TransDayOfVisibility that I celebrate publicly since coming out to everyone on June 21 of last year.
To all my #trans siblings, I see you. Even if complete visibility isn't possible for you right now. You still matter. You're still loved. And you're still trans. Never doubt that. 🏳️⚧️🫂💖
Problem: we don't know the future, so we have no idea which small change, if any, we should make.
We know which big changes we should make (climate change, etc)—that much is obvious—but it seems impossible to predict which small, subtle changes would help until it's too late.
The security community is going through the five stages of grief right now with the xz thing and I think a lot of people are coping with “there are technical measures that could have prevented this”. To move on, it is important to understand that this is not true in the slightest
Yes. This attack was, by all appearances, incredibly difficult and time-consuming to carry out. The attacker put in years of effort, only to be foiled at the last second by some random bystander.
This incident proves that there is much to fear, but let us not forget to celebrate our victories.
It's tribalism. “If it looks like a person, but it behaves differently from me, then it's an outsider or a defect. Either way, it's bad for the tribe, so get rid of it.” Definitely one of humanity's darkest traits.
So you may have heard that a Boeing whistleblower died of what local police described as a "self-inflicted" gunshot wound right in the middle of his depositions, a timing which… well, lots of things happen, but if someone were going to act on suicidal impulses that is not the timing I would expect them to do it with.
Have you been wondering what exactly it was he was saying in those depositions? Cuz here's an American Prospect article largely based on his testimony:
I know the next 3-7 days will be filled with exaggeration and doomsday talk, but IMHO the #xz backdoor, though seemingly meticulously planned for a long time, failed miserably as it was caught at a stage where it wasn't widely deployed but only in testing/prerelease distros. Yes, it made it quite far in the supply chain but it ultimately failed. The mess is being cleaned up, no cases of actual use of the exploit in the wild are known thus far. The immune system of FOSS has worked. Again.
The back door was discovered by serendipity. It could easily have gone unnoticed, if not for one person randomly noticing that logging in via ssh had gotten slightly slower, and then actually bothering to investigate why.
We're relying on luck to detect these attacks, and luck eventually runs out.
xz maintainer: fell victim to social engineering, reportedly due to ill health
xz co-maintainers responsible for code review: don't exist; nobody's getting paid to do that
Corporate security impresarios in the near future, probably: “Three-factor authentication is now mandatory. This will solve everything for sure this time.”
EU government: “Open source is now illegal. Use proprietary software instead; it never contains malware.”
People say and do those things when they hate someone and they know they're in the wrong for hating that someone. They seek justification, so that they're not in the wrong any more.
This was the final year of his life on this planet. He could have enjoyed it. He could have spent his last days traveling the world and seeing its sights one last time, or whatever other pastime pleases him.
Instead, he died as he lived: trying to hurt millions of innocent people.
I don't think I'll ever understand what could drive such malice.
A cruel irony (lemmy.world)