@kfh@chaos.social
@kfh@chaos.social avatar

kfh

@kfh@chaos.social

Software engineer | Aspiring mad scientist

aka Caffeine/kilofox/kiloreven

Norwegian, based in #Oslo
Speaks ๐Ÿ‡ณ๐Ÿ‡ด/๐Ÿ‡ฌ๐Ÿ‡ง, learning ๐Ÿ‡ฉ๐Ÿ‡ช
Occasionally toots in Norwegian
#Developer by day, #hacker by night

Part of https://chaos.social/@hackeriet and https://chaos.social/@coldnorth

Trying to be chaotic good

#python #django #broadcasting #network #infosec #photography #foss #hardwarehacking #homelab #motorcycles #3dprinting #hamradio #discgolf #nonprofit #carpentry

This profile is from a federated server and may be incomplete. Browse more on the original instance.

kfh, to random
@kfh@chaos.social avatar

@ ,

philpem, to random
@philpem@digipres.club avatar

I'm starting to think that "too big to fail" is a synonym for "needs to fail", or at least "needs restructuring". Nothing and no-one should be too big to fail, there's always room to admit you were wrong and learn from it.

kfh,
@kfh@chaos.social avatar

@philpem "too big to be held accountable" is more accurate

kfh, to random
@kfh@chaos.social avatar

move when trying to upload a video to Mastodon that's too big -- send it to yourself on Slack and it gets transcoded automagically. Download the file from your message, which is now 1/4 the size, and small enough to upload :D

kfh, to django
@kfh@chaos.social avatar

You're a good framework, , but sometimes, SOMETIMES, I'm almost losing it.

kfh,
@kfh@chaos.social avatar

@bmispelon heh, mostly ranting :)

We've got an identity-aware proxy in our k8s cluster which passes user data (i.e. name, e-mail, groups) along to the Django app as request headers. These are used to get_or_create (and log in) an Employee object, which is our user model, in middleware.

is_staff will be set from is_superuser in the save() method of Employee, and I've verified that both fields are are True in the DB, but I'm still denied access...

Works well locally, outside the cluster, though

kfh,
@kfh@chaos.social avatar

@bmispelon Turns out that my user in the dev cluster evaluated is_active to False, and flipping that solved the issue :)

cabel, to random
@cabel@panic.com avatar

@Cdespinosa @pixel The plot thickens. โ€œI bought this item at a charity auction during my trip to Munic at Christmas 2001. As you can see, the invoice is expressed in the old German currency, before the entry of the EURO.โ€

I think thereโ€™s a chance this story might be true โ€” and this is a bamboozlee, not the original bamboozler.

Calling all Germans! @map

(But then again: if this person enjoys forging documents, this would be a fun one to forge.)

image/jpeg
image/jpeg
image/jpeg

kfh,
@kfh@chaos.social avatar

@NanoRaptor @cabel @Cdespinosa @pixel @map what happened to the previous 0.5 employee?

mjg59, to random
@mjg59@nondeterministic.computer avatar

I am, once again, attempting to figure out how the fuck Okta's API actually works

kfh,
@kfh@chaos.social avatar

@mjg59 hah, the Okta API implementation I'm working on right now seems trivial to MFA enrollment

m, to Amazon
@m@martinh.net avatar

"If a worker scans the QR code and clicks the link, Amazonโ€™s software automatically generates a letter from the worker and then emails it to the trade union, ending their membership."

The innovation will continue until morale improves :goose_bonk:

[This from the very excellent Foxglove Legal's latest newsletter. Foxglove aren't on Fedi (yet?), but are on the web at https://www.foxglove.org.uk]

kfh,
@kfh@chaos.social avatar

@m unions should respond by not unilaterally accept these auto-generated emails but rather follow up with the member by phone to confirm, and potentially get the member more engaged.

One could argue that this impedes article 23 of the UDHR ("Everyone has the right to form and to join trade unions for the protection of his interests") by inserting themselves between the worker and the union. Hopefully, this will have legal ramifications for Amazon.

bagder, (edited ) to cisco
@bagder@mastodon.social avatar

I was reminded of the great security fix of 2019

kfh,
@kfh@chaos.social avatar

@bagder This is sorta what imgur does for wget as well, to "stop" scraping I guess...

(it has returned 429 "too many requests" every time I've tried, so I assumme it's an ingress rule for the user agent)

kfh, to norge Norwegian
@kfh@chaos.social avatar

Om du er rik vil DNB hjelpe deg med รฅ skjule pengene i skatteparadis [0]

Om du er fattig vil de utlevere adressen din til den fรธrste som spรธr [1]

[0] https://www.aftenposten.no/okonomi/i/kaJmX/slik-rekrutterte-dnb-skatteparadiskunder-paa-spanias-solkyst

[1] https://www.nrk.no/norge/banken-delte-adressen-til-jostein-med-en-fremmed-_-sa-vaknet-han-til-denne-meldingen-1.16824168

rysiek, to fediverse
@rysiek@mstdn.social avatar

Happy seventh anniversary of "Six reasons Mastodon won't survive" to all who celebrate:
https://mashable.com/article/mastodon-wont-survive

kfh,
@kfh@chaos.social avatar

@rysiek wait... That coincides with infosec.exchange's 7th anniversary according to @jerry

kfh, to random
@kfh@chaos.social avatar

If not friend why friend shaped?

(via https://www.tumblr.com/seananmcguire/743142438370181120)

A large cat with tufted ears sleeping in a pile of snow on top of a car. Gets woken up and petted by a human

kfh, to norge Norwegian Bokmรฅl
@kfh@chaos.social avatar

Nok en gang har norske personnumre kommet pรฅ avveie. Informasjon som kan brukes til รฅ inngรฅ lรฅn, SIM-swappe, lรฅse opp lรธnnsslipper og mer.

Nรฅr skal vi slutte รฅ gi personnummer sรฅ mye makt? Nรฅr skal vi erstatte det med faktisk kryptografisk sikkerhet i stedet?

ร… behandle et personnummer som et passord er farlig. Det kan ikke endres, og har lav sikkerhet. Vi har allerede teknologier som lรธser dette. Vi kan gjรธre bedre.

https://www.nrk.no/nyheter/nesten-600.000-personnumre-pa-avveie-etter-sikkerhetsbrist-1.16754714

kfh, to python
@kfh@chaos.social avatar

After watching @dennybiasiolli's talk in the devroom at , about optimizing migrations, I got a bit inspired. I collected some solutions for the past and wrote some text about using seed databases in Django, both for testing and development.

And it nudged me to -finally- get a (MVP) blog started as well! The post got committed in the plane from Brussels, but sadly not deployed mid-air :(

So here's a blog post about using seed database in Django https://tla.wtf/posts/django-seed-db/

kfh, to random
@kfh@chaos.social avatar

2 days.
8000 hackers.
862 talks.

1 power socket.

Thanks to the @fosdem staff, volunteers and speakers! Great people, talks and beer. Already looking forward to next year <3

kfh, to NixOS
@kfh@chaos.social avatar

"I use btw"

kfh, to random
@kfh@chaos.social avatar

@arturo182

kfh,
@kfh@chaos.social avatar

@arturo182 you da real MVP

kfh, to random
@kfh@chaos.social avatar

Some vibes at to take the edge off . No though :(

Faire in Miniature Wunderland with lots of blinking LEDs

kfh,
@kfh@chaos.social avatar

@Bubu wait, for real? In Wonderland?

kfh,
@kfh@chaos.social avatar

@Bubu found it -- in the Italian/Swiss part of all places. With !

Miniature Datenklo

kfh, to random
@kfh@chaos.social avatar

Making @coldnorth

If anyone at has a big red button for sale, let me know

kfh, (edited ) to random
@kfh@chaos.social avatar

Finally got around to watching @pluralistic's DEF CON talk on enshittification. Absolute must-watch commentary that really captures where the Internet is right now, and where we might go from here.

https://youtu.be/rimtaSgGz_4

  • All
  • Subscribed
  • Moderated
  • Favorites
  • โ€ข
  • JUstTest
  • rosin
  • thenastyranch
  • everett
  • DreamBathrooms
  • ethstaker
  • magazineikmin
  • cubers
  • Youngstown
  • tacticalgear
  • Durango
  • slotface
  • ngwrru68w68
  • kavyap
  • provamag3
  • osvaldo12
  • InstantRegret
  • cisconetworking
  • GTA5RPClips
  • modclub
  • tester
  • mdbf
  • khanakhh
  • normalnudes
  • Leos
  • megavids
  • anitta
  • lostlight
  • All magazines
    •