The 2FA/TOTP security theater was partly to blame for this.
How so? Has the author mentioned somewhere that he was tricked into providing 2FA codes / had any sort of 2FA enabled at all?
Readit Newslurker_jMckQT99 commented on NPM debug and chalk packages compromised aikido.dev/blog/npm-debug... · Posted by u/universesquid
lurker_jMckQT99 commented on Crew-9 Returns to Earth spacex.com/launches/missi... · Posted by u/saikatsg
It won't play for me. Has it been uploaded anywhere else?
youtube, probably elsewhere as well
lurker_jMckQT99 commented on Crew-9 Returns to Earth spacex.com/launches/missi... · Posted by u/saikatsg
The drone footage is absolutely amazing (as compared to any other camera angle from the recovery boat where you would expect to have better quality but was actually awful). I had trouble, for a moment, believing that it was not CGIed.
Is there any information about what drone/camera equipment was used?
> In the not-so-distant technofedualist future you'll have [...]
I guarantee that I won't. That, at least, is a nightmare that I can choose to avoid. I don't think I can avoid the other dystopian things AI is promising to bring, but I can at least avoid that one.
I guarantee that you will. That is a nightmare that you can not choose to avoid unless you are willing to sacrifice your social life.
Remember how raising awareness about smartphones, always on microphones, closed source communication services/apps worked? I do not.
I run an Android (Google free) smartphone with a custom ROM, only use free software apps on it.
How does it help when I am surrounded by people using these kind of technologies (privacy violating ones)? I does not. How will it help when everyone will have his/her personal assistant (robot, drone, smart wearable, smart-thing, whatever) and you (and I) won't? It will not.
None of my friends, family, colleagues (even the security/privacy aware engineers) bother. Some of them because they do not have the technical knowledge to do so, most of them because they do not want to sacrifice any bit of convenience/comfort (and maybe rightfully so, I am not judging them - life is short, I do get that people do not want to waste precious time maintaining arcane infra, devices, config,... themselves).
I am a privacy and free software advocate and an engineer; whenever I can (and when there is a tiny bit of will on their side or when I have lever), I try to get people off surveillance/ad-backed companies services.
It rarely works or lasts. Sometimes it does though so it is worth (to me) keep on trying.
It generally works or lasts when I have lever: I manage various sports team, only share schedules etc via Signal ; family wants to get pictures from me, I will only share the link (to my Nextcloud instance) or photos themselves via Signal, etc.
Sometimes it sticks with people because it's close enough to whatsapp/messenger/whatever if most (all) of their contacts are their. But as soon as you have that one person that will not or can not install Signal, alternatives groups get created on whatsapp/messenger/whatever.
Overcoming the network effect is tremendously hard to borderline impossible.
Believing that you can escape it is a fallacy. It does not mean that is not worth fight for our rights, but believing that you can escape it altogether (without becoming and hermit) would be setting, I believe, an unachievable goal (with all the psychological impact that it can/will have).
Edit: fixed typos
lurker_jMckQT99 commented on What is the minimal possible UK address? microblog.vladh.net/posts... · Posted by u/vladharbuz
In Canada, kids can write letters to:
Santa
H0H0H0
which is valid postal code, and used to be processed by volunteers around Christmas time.
I suspect you can just write H0H0H0 and it will work.
Same in France/Belgium, kids can write a letter to "Santa" (i.e. "Père Noël" or "Papa Noël"), no need for a postcode, or anything else than the name :-)
(it is also processed [my guess would be by volunteers too] and kids receive a proper answer letter back from "Santa, North Pole")
lurker_jMckQT99 commented on Ask HN: Self-hosting in 2023: Nextcloud on Linode, or...? · Posted by u/jtode
If you're worried about costs, I run Nextcloud locally in my house, and just deal with the fact it's not externally available. Everything syncs when it is in the house, which is just about always for the laptops and pretty often for the cell phones, and when it is out and about it just doesn't. It all works out.
I have a backup process running on it, but back up disk space is a lot cheaper than live disk space attached to a VM, so it's a lot cheaper than the requisite VM disk space would be.
That said:
"and I think I know how to get that done without getting snagged by one of their runaway expense traps, but I'm not completely sure. I do not trust them not to find some way to slip a thousand dollar bill past me before I realize what their automated system is doing."
This is a per-service concern. EC2 may be old & busted & "just VMs, dude, get cloud native you early 2000s buffoon" & totally uncool... but also precisely because it is just a VM, it is also bounded. It won't blow up on you, because you can't just use 100 times the service you expected. Worst you can do is use the network like crazy, and for as expensive as bandwidth is at large scales, at this scale it's not going to break your bank unless you really screw up. I'm bounded by the fact my home network connection won't let me go too crazy anyhow. (Or on a small T3 instance you can turn on unlimited credits and then run those up, but there's a bound on how large that can be even if you're running 100% full time and it's not huge.)
Just some options. Mastadon is presumably more complicated to run on local resources, you'd still need something with a public IP that can be reached to work correctly.
I run Nextcloud "locally" too. It's "local" in the sense that it sits on an laptop-turned-server by my desk [0]. Add a domain name, a simple dynamic DNS [1] and a forwarding rule on your router ; your local machine is now reachable from everywhere.
No (useless for that usecase) additional intermediary like Tailscale in the middle. It has the added benefit of allowing you to share everything that is on Nextcloud with people without requiring them to use any VPN/etc.
[0] the fact that it runs an a laptop (with its battery) rather than on a workstation provides a UPS on the cheap
[1] dynamic DNS can be achieved even using cheap providers such as OVH as long as you get your domain name there https://docs.ovh.com/ie/en/domains/hosting_dynhost/
This opened up my eyes. My pseudo is "ploum" and I have the ploum.net domain since 2006/2007. I’ve used the ploum@ploum.net adress for years but it became unbearable regarding spam.
It took me this post to make the link that, in France, "ploum ploum" means "whatever random thing" and that surely people are filling "ploum@ploum" as a random address in every web form.
Must be even worse for the ploum.com domain.
That's a weird take. I am French, I have never heard (except for Téléphone's song) that expression. The closest thing that comes to mind is "plouf plouf".
Wouldn't it simply be because you have been using (and publicly disclosing) that mail address for quite some time and it probably became part of each and every email list script kiddies are able to get their hands on?
Maybe because I don't understand modern CSS and part of the most new HTML markup, but I kinda enjoy reading this type of source code.
I ignore what standard the page follows but the code looks like it was generated or written by someone with little knowledge about CSS. Among other things, code is duplicated all over the place ; everything is globally centered, before every element being individually aligned to left.
This is what it would look like with proper "boring old" html/css written back in the days https://jsfiddle.net/dgtvjn5x/ (more readable and slightly lighter)
For the sake of completeness:
-it would require a more verbose doctype or none depending on when it was written ;
- the "style" element would also require a "type" attribute until some point in time ;
- "border: none" isn't required anymore, browsers have stopped adding border around images.
PS. this is just a comment about how html/css can still be easy and straightforward these days. I do not mean to undermine the fact that the owner did the right thing with regard to standing for and protecting the domain (and promoting eff :)).