Hard to get more clear-cut than this: "this is my own performance of Bach. Who died 300 years ago. I own all the rights", and yet...
Sony Finally Admits It Doesn’t Own Bach and It Only Took a Bunch of Public Pressure
Here’s the thing about different people playing the same piece of music: sometimes, they’re going to sound similar.Electronic Frontier Foundation
reshared this
ESP32-H2-DevKit-Lipo Open Source Hardware board with Thread/Matter/Zigbee and BLE5 is ready for pre-order
Based on ESP32-H2-MINI-1-N4 module with 4MB Flash. ESP32-H2 combines IEEE 802.15.4 connectivity with Bluetooth 5 (LE). The SoC is powered by a single-core, 32-bit RISC-V microcontroller that can be…olimex
Diego Roversi reshared this.
reshared this
We are currently having network issues. We are able to connect to our server's onboard recovery system, but the access is slow and unreliable.
We'll keep you updated.
reshared this
againë
Forgive me if I'm stating a commonly asked question but why don't you guys use cloud flare. You just host code
@kirby cloudFlare is a privacy nightmare for many. And it costs a lot of $$$, see https://fosstodon.org/@drewdevault/111739234229534233
An electrician had to cut a hole in our drywall and instead of just patching it up, my wife decided to make a little scene with miniatures embedded in the wall. 😂🖼️🤯
Edit: https://pixelfed.social/@thisfunhouse has some more pictures of the subway and I will post lots more quirky art over there.
✰ This Fun House ✰ (@thisfunhouse@pixelfed.social)
2 Posts, 1 Following, 1 Followers · Documenting the quirky art, designer toys, weird projects, and collectibles in our house.Will provide links to the artist’s site when possible — please show ❤️ and support them if possible! 🎨Pixelfed
reshared this
My million dollar idea I want someone to steal and do, so I can be a customer.
"Dumb Stuff" we sell electronic appliances that aren't Internet connected. That's all.
That's it. That's the pitch. I would buy the <bleep> out of this company if their electronic gadgets were even half way decent, and repairable.
Electronic, no wifi, regular screws to open it up. That's it. Do those three things, and you can be sold by this store.
I will pay this business to curate and find these devices for me.
reshared this
My advice to consider #security first when evaluating systems: https://changelog.complete.org/archives/10620-consider-security-first This is part of my decision to migrate my #RaspberryPi devices to running pure #Debian.
I have a new post: Live Migrating from #RaspberryPiOs #bullseye to #Debian #bookworm. https://changelog.complete.org/archives/10622-live-migrating-from-raspberry-pi-os-bullseye-to-debian-bookworm
I got annoyed that #Raspbian officially has no upgrade path, the security situation, the lag behind Debian, lack of backports, and lack of initramfs in its custom kernel. So I managed to live migrate some Pis to Debian.
reshared this
Compile your kernel (or whatever) withour wearing your ssd:
If you have /tmp on your SSD, instead of a tmpfs mount:
- create a new directory and mount it as tmpfs (1Gb)
# mkdir /tmp/tmp
# mount -t tmpfs -o size=1G tmpfs /tmp/tmp
- now tell gcc to use it:
# export TMPDIR=/tmp/tmp
I highly recommend supporting the Standard Ebooks project. 📚
«Standard Ebooks is a volunteer-driven project that produces new editions of public domain e-books that are lovingly formatted, open source, free of copyright restrictions, and free of cost.»
Donate 👇
https://standardebooks.org/donate
Please boost 🙏
#standardebook #standardebooks #ebook #ebooks #publicdomain #book #books #reading #epub #standard
reshared this
Diego Roversi reshared this.
#festivus #holidays #miracle
The Story Of Festivus | Seinfeld
It's that time of year, so we're embracing our roots and looking back at why we celebrate this Festivus for the rest of us!Find your local listing | http://...YouTube
reshared this
https://www.postfix.org/smtp-smuggling.html
"SMTP Smuggling" vulnerability in Postfix allows to spoof senders even in the presence of some DMARC checks. Configuration workarounds exist.
Also, a wholehearted f* you to SEC Consult, who sat on this since June and disclosed it to some closed-source vendors and MSPs, but could apparently not be bothered to give e.g. Postfix a heads-up, publishing this close to the holidays.
Boosts for awareness welcome.
Edit: So this has kinda blown up. and especially because the author of the SEC advisory is going to have a slot at 37C3, I would like to add something important: I intentionally wrote "SEC Consult" above, not "$individual". Do not start harassing that person. For all we know, this is a corporate failure and the individual would actually appreciate guidance and tips. That does not mean to not ask the hard questions, but keep the framing in mind. They might genuinely have been told by their managers that that is how responsible disclosure works.
reshared this
I see SEC Consult has amended their page https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/ with something of an acknowledgment that they might have stuffed up disclosure a bit here. It does read a bit like "We contacted both vendors, Microsoft _and_ Cisco!"
A hearty Fuck You to SEC Consult for being bad at their one job, and a hearty side of Fuck You to Cisco for their arrogant "It's not a bug".
Now, after I have patched my Postfix server at $dayjob, back to my previously scheduled long weekend.
SMTP Smuggling - Spoofing E-Mails Worldwide
Introducing a novel technique for e-mail spoofingSEC Consult Unternehmensberatung GmbH
The internet is a big place. We can all have our own fedi. Each of us can have whatever kind of experience, community, connections, etc, we want here.
That’s the beauty of this place. There is enough room for everyone.
Be wary of anyone who tries to force you to be in community with them because of their myopic view of what online spaces should be.
We can make different decisions. We can make better decisions.
Elena ``of Valhalla'' likes this.
reshared this
If that cheapo desktop PSU feels a bit heavy, you might want to check and see if it has a box of iron filings inside. You know, for extra quality.
https://hackaday.com/2023/12/12/cheap-computer-psu-puts-on-weight-with-box-of-iron/
Cheap Computer PSU Puts On Weight With Box Of Iron
Humans are funny creatures. For whatever reason, when handling a piece of electronics, we tend to equate heft with value. If something feels too light, it gives the impression of being cheap or in…Hackaday
Diego Roversi reshared this.
Same situation!!!
Infocert (ma ce ne sono tante altre): come disincentivare l'uso di password sicure in 3 soli comodi passi:
1) ogni 6 mesi obbligare a cambiare password
2) chiedere di inserire una password forte (io la genero casualmente)
3) chiedere di confermare la password disattivando il copia/incolla
Risultato: password extra di 24 caratteri alfanumerici random che ci vuole una vita a ridigitare sostituita con "ForzaNapoli2023,.1", "ForzaNapoli2023,.2", "ForzaNapoli2023,.3", etc..
Elena ``of Valhalla'' likes this.
reshared this
rag. Gustavino Bevilacqua reshared this.
Io ho iniziato ad usare le iniziali di frasi. Una delle prime che avevo usato era una cosa del tipo:
Mi Sono Rotto Le Palle Di Cambiare La Password
completare con numeri :D
Comunque per il resto approvo al 100% . Aggiungi il fatto che: niente copia/incolla significa significa che non puoi gestire con password manager, e che uno dovrebbe usare password diverse per ogni singolo servizio. Alla fine convinci la gente usare la stessa password ovunque compreso siti scrausi che magari salvano le password degli utenti su db.
esatto, non posso usare il password manager per farmi generare una nuova pass. E poi avvisami prima! NON DURANTE UNA TRANSAZIONE CHE SCADE DOPO 60 secondi!
Non ricordo quale fosse, ma c'era un sito che controllava che tu inserissi effettivamente lettera per lettera la password, via javascript: se per caso ti mettevi a smanettare e riattivati il copia incolla, la password veniva considerata vuota 😭
Elena ``of Valhalla'' likes this.
Updated: Please, Expose your RSS https://rknight.me/please-expose-your-rss/
Added @james's suggestion (which I've done on my site) of making the RSS icon/button orange.
Please, Expose your RSS
I noticed a lot of people don't have a link to their RSS feeds on their sites or have the correct metadata for auto-discoveryrknight.me
reshared this
Elena ``of Valhalla'' likes this.
reshared this
For anyone who is interested, the 6.1.66-1 #Debian kernel packages are now in the bookworm-proposed-updates suite (also known as proposed-updates) and are going out to the mirror network as I type.
These packages are replacements for the 6.1.64-1 packages which contain the ext4 corruption bug and should *not* be used.
A full stable point release which incorporates these kernel packages will follow as soon as is feasible.
reshared this
A little status update.
We're currently rebuilding the debian-installer for the point release. When those packages are ready, we will pulse them onto the mirrors (this is necessary to complete the installer build). At that time, we will also remove the 6.1.64-1 packages so that no further installs can happen.
Shortly afterwards, we will do a point release which will put 6.1.66-1 into stable on the mirrors.
The mirror push which removed the 6.1.64-1 binary packages has now happened.
We are now building the final debian-installer components so that we can start the point release.
sono quasi 4 ore, ma le vale tutte.
poi capisco perchè tra un video e l'altro passano mille anni, come nei migliori canali youtube (vedi oversimplified)
Plagiarism and You(Tube)
What is plagiarism? Where did plagiarism come from? Who made plagiarism? Where am I, plagiarism? Can you help me?My Patreon: https://www.patreon.com/HbombMy ...YouTube
Diego Roversi reshared this.
Modern XMPP Server
Posted on December 1, 2023
Just a quick mention that I’ve updated my instructions on how I configured my XMPP serverto its current status under Debian Bookworm.
And yes, it took me just a bit of time, we release when we’re ready here :D
https://blog.trueelena.org/blog/2023/12/01-modern-xmpp-server/index.html
like this
reshared this
Attribution of source code has been limited to comments, but a deeper embedding of attribution into code is possible. When an embedded attribution is removed or is incorrect, the code should no longer work. I've developed a way to do this in Haskell that is lightweight to add, but requires more work to remove than seems worthwhile for someone who is training an LLM on my code. And when it's not removed, it invites LLM hallucinations of broken code.
reshared this
So apparently WPA3 is just outright broken on Raspberry Pi: https://rachelbythebay.com/w/2023/11/06/wpa3/
Good for me, means I can re-send our patch that rips out the (now confirmed useless and non-functional) Cypress WPA3 support and replaces it with the Broadcom WPA3 support that does actually work on Broadcom chips in Apple machines.
We've had WPA3 in Asahi Linux since forever, the only reason it's not upstream yet is because the Broadcom maintainer guy was worried that ripping out the Cypress thing (that nobody knows about, and Cypress guys gave us the silent treatment when we sent them emails asking) would break Cypress. Looks like Cypress is already broken, so there.
reshared this
NASA is sending a software update to the Voyager 2 spacecraft today!
The patch contains logic to auto-recover from glitches similar to one in May 2022, when the AACS system on Voyager 1 started sending garbled data. The root cause was not fully diagnosed. The patch will be activated/tested on Oct 28. Voyager 1 will be next.
Data will be sent at 16 bps with a 19 kW transmitter using the 70-m dish at @canberradsn.
Distance: 20 billion km; 18:40 light hours
https://www.jpl.nasa.gov/news/nasas-voyager-team-focuses-on-software-patch-thrusters
#Voyager
1/n
NASA’s Voyager Team Focuses on Software Patch, Thrusters
The efforts should help extend the lifetimes of the agency’s interstellar explorers.NASA Jet Propulsion Laboratory (JPL)
reshared this
A "glitch" is not the same as a "bug". A glitch is something transient, easy to miss…maybe it never happened. The term predates computers.
When a spacecraft loses all communications it is not a mere glitch. It is a serious bug.
Not as much fun to say, but it's still the right word.
@Kent Borg @AkaSci 🛰️ @CanberraDSN They are two different classes of things. A glitch may be caused by a bug.
I don't have an opinion on whether this was correctly labeled a glitch, I haven't looked into it. I agree that a glitch is transient and disagree that it can't have serious impact.
Udite! Udite!
Sia noto in tutto il regno che sabato si terrà la conferenza gratuita "Un patrimonio per la città: gli stranieri a Como nel Quattrocento".
#ASpassoNellaStoria #Storia #GEP
reshared this
@LaVi 🕊️📚🐈 sisi, decisamente interessante, e ti siam stati grati per la segnalazione.
l'unico problema è che forse forse dobbiamo un pezzettino di gratitudine anche a trenò? che se non t'avessimo seguita per le lamentele sui treni, non so se l'avremmo mai scoperto :D
(se ti è utile saperlo: hai causato 4 delle presenze :) )
rag. Gustavino Bevilacqua reshared this.
rag. Gustavino Bevilacqua reshared this.
Incredible. A fully modular gaming handheld using Framework Laptop 13 parts by pitstop_tech:
https://youtu.be/zd6WtTUf-30?si=aFQ8-jRQRPd9vymF
World's First Fully Modular Gaming Handheld!
Project I've been working on that I'm very passionate about. A fully upgradeable gaming handheld where you can upgrade the battery, mainboard (cpu), ram, sto...YouTube
reshared this
How I Keep my Life in Git
Posted on September 12, 2023
git secret_cabal greet
After watching My life in git, after subversion, after CVS. from DebConf, I’ve realized it’s been a while since I talked about the way I keep everything1 I do in git, and I don’t think I’ve ever done it online, so it looked like a good time for a blog post.
Beyond git itself (of course), I use a few git-related programs:
- myrepos (also known as
mr
) to manage multiple git repositories with one command; - vcsh to make it easy to keep dot-files under git;
- git annex to store media files (anything that is big and will not change);
- etckeeper to keep an history of the
/etc
directory; - gitolite and cgit to host my git repositories;
and some programs that don’t use git directly, but easily interact with it:
- ansible to keep track of the system configuration of all machines;
- lesana as a project tracker and journal and to inventory the things made of atoms that are hard 2 to store in git.
All of these programs are installed from Debian packages, on stable (plus rarely backports) or testing, depending on the machine.
I’m also grateful to the vcs-home people, who wrote most of the tools I use, and sometimes hang around their IRC channel.
And now, on to what I’m actually doing.
With the git repositories I’ve decided to err for too much granularity rather than too little3, so of course each project has its own repository, and so do different kinds of media files, dot-files that are related to different programs etc.
Most of the repositories are hosted on two gitolite servers: one runs on the home server, for stuff that should remain private, and the other one is on my VPS for things that are public (or may become public in the future), and also has a web interface with cgit. Of course things where I’m collaborating with other people are sometimes hosted elsewhere, mostly on salsa, sourcehut or on $DAYJOB related gitlab instances.
The .mr
directory is where everything is managed: I don’t have a single .mrconfig
file but a few different ones, that in turn load all files in a directory with the same name:
collections.mr
for the media file annexes and inventories (split into different files, so that computers with little disk space can only get the inventories);private.mr
for stuff that should only go on my own personal machine, not on shared ones;projects.mr
for the actual projects, with different files for the kinds of projects (software, docs, packaging, crafts, etc.);setup.mr
with all of the vcsh repositories, including the one that tracks the mr files (I’ll talk about the circular dependency later);work.mr
for repositories that are related to $DAYJOB.
Then there are the files in the .mr/machines
directory, each one of which has the list of repositories that should be on every specific machine, including a generic workstation, but also specific machines such as e.g. the media center which has a custom set of repositories.
The dot files from my home directory are kept in vcsh, so that it’s easy to split them out into different repositories, and I’m mostly used the simplest configuration described in the 30 Second How-to in its homepage; vcsh gives some commands to work on all vcsh repositories at the same time, but most of the time I work on a single repository, and use mr to act on more than one repo.
The media collections are also pretty straightforward git-annex repositories, one for each kind of media (music, movies and other videos, e-books, pictures, etc.) and I don’t use any auto-syncing features but simply copy and move files around between clones with the git annex copy
, git annex move
and git annex get
commands.
There isn’t much to say about the project repositories (plain git), and I think that the way I use my own program lesana for inventories and project tracking is worth an article of its own, here I’ll just say that the file format used has been designed (of course) to work nicely with git.
On every machine I install etckeeper so that there is a history of the changes in the /etc
directory, but that’s only a local repository, not stored anywhere else, and is used mostly in case something breaks with an update or in similar situation. The authoritative source for the configuration of each machine is an ansible playbook (of course saved in git) which can be used to fully reconfigure the machine from a bare Debian installation.
When such a reconfiguration from scratch happens, it will be in two stages: first a run of ansible does the system-wide configuration (including installing packages, creating users etc.), and then I login on the machine and run mr to set up my own home. Of course there is a chicken-and-egg problem in that I need the mr configuration to know where to get the mr configuration, and that is solved by having setup two vcsh repositories from an old tarball export: the one with the ssh configuration to access the repositories and the one with the mr files.
So, after a machine has been configured with ansible what I’ll actually do is to login, use vcsh pull
to update those two repositories and then run mr to checkout everything else.
And that’s it, if you have questions on something feel free to ask me on the fediverse or via email (contacts are in the about page)
Update (2023-09-12 17:00ish): The ~/.mr
directory is not special for mr
, it’s just what I use and then I always run mr -c ~/.mr/some/suitable/file.mr
, with the actual file being different whether I’m registering a new repo or checking out / updating them. I could include some appropriate ~/.mr/machines/some_machine.mr
in ~/.mrconfig
, but I’ve never bothered to do so, since it wouldn’t cover all usecases anyway. Thanks to the person on #vcs-home@OFTC who asked me the question :)
- At least, everything that I made that is made of bits, and a diary and/or inventory of the things made of atoms.↩︎
- until we get a working replicator, I guess :D↩︎
- in time I’ve consolidated a bit some of the repositories, e.g. merging the repositories for music from different sources (CD rips, legal downloads, etc.) into a single repository, but that only happened a few times, and usually I’m fine with the excess of granularity.↩︎
https://blog.trueelena.org/blog/2023/09/12-how_i_keep_my_life_in_git/index.html
GitHub - sitaramc/gitolite: Hosting git repositories -- Gitolite allows you to setup git hosting on a central server, with very fine-grained access control and many (many!) more powerful features.
Hosting git repositories -- Gitolite allows you to setup git hosting on a central server, with very fine-grained access control and many (many!) more powerful features. - GitHub - sitaramc/gitolite...GitHub
like this
reshared this
Un amico mi scrive quanto segue:
“Ciao,mi devo liberare dei #libri di cui puoi trovare le copertine al seguente link:
https://data.laboccadellupo.it/index.php/s/SYEWLWEMKYW3txo
Li ho rozzamente classificati e non li ho catalogati perche' non trovo che il gioco valga la candela. Voglio provare a salvarli dal loro tristo destino: finire nella stufa, una pagina alla volta, questo inverno. Mi dai una mano?
Sono i vecchi libri miei, di mia madre e di mio padre che abbiamo deciso di non tenere dopo aver venduto la vecchia casa di famiglia. La URL ti permette di accedere ad un gestore di file web: accedi ad una cartella, clicca su un'immagine e comincia a scorrere con i tasti freccia destra e sinistra tra le copertine. Qualcosa so che finira' sicuramente nella bocca della stufa, ma magari qualcosa no (spero la maggior parte!).
Sono quasi tutti in italiano, tranne quelli in un'apposita e chiara cartella. Cosa troverai? Arte e romanzi, saggi sull'Italia repubblicana, qualcosa di filosofia, vecchi manuali liceali, qualcosa di informatico, vecchie riviste e fumetti, pubblicazioni molto locali. Guardati intorno.
Segnati il nome del file che appare sopra l'immagine della copertina e mandamelo per dirmi che vuoi il libro o maggiori informazioni. Passa pure questo messaggio a persone che possono aiutarci a salvarli, pero' io agisco nella sola area di #Varese e dintorni mentre tu ti prendi la responsabilita' per amiche o amici piu' lontani.
Consulta il file "istruzioni.txt" per trovare il modo di contattarmi ed eventuali altre informazioni che potrei aver aggiunto nel tempo rispetto al momento in cui hai ricevuto questo messaggio.”
(hashtag miei)
Qualcuno qui sul fediverso vuole dargli una mano?
reshared this
Sto notando una nuova tendenza sulla locale, ossia quella di non utilizzare i CW per contenuti sensibili (violenza, politica, cronaca nera, etc).
Ricordiamoci che i CW non sono una limitazione alla nostra libertà di espressione, ma che consentono a tuttə di scegliere consapevolmente se esporsi a questi contenuti, espandendo quindi la libertà di tuttə tutelandoci a vicenda
reshared this
Remember Kung Fury?
The crowdfunded, excellent 80s martial arts film spoof that is so absurd, it breaks the cool meter?
The full-length movie - Kung Fury II - has been in limbo for years due to an investor screwing the production team over after they finished filming.
But the film crew prevailed, and the movie is near!
https://www.imdb.com/title/tt5765844
David Sandberg has proven to be an excellent writer, director and actor, so I am pretty sure this movie will be a classic too :)
Kung Fury: The Movie (2023) | Action, Comedy, Crime
Kung Fury: The Movie: Directed by David Sandberg. With Arnold Schwarzenegger, Alexandra Shipp, Michael Fassbender, David Hasselhoff.IMDb
Diego Roversi reshared this.
I would like to mention here Stamps Back, which is also a crowdfunded movie, and it has english subtitles, so if you are interested in the 80s of Central Europe and Commodore 64, it's worth a watch.
📎: https://imdb.com/title/tt12370388/
YT 📎: https://www.youtube.com/watch?v=YUqn1OPxtmE
Stamps Back (2022) ⭐ 9.5 | Documentary
Stamps Back: Directed by Szilárd Matusik. With János Almási, Zoltán Balla, Zsolt Bangha, Zoltán Berényi. The story of the birth of the Hungarian home computer scene back in the '80s behind the Iron Curtain.IMDb
Confy 0.7.0
Confy 0.7.0 has been released
This is the first release with a brand new UI written in Gtk4/libadwaita, using Blueprint for UI definition!
User interaction has been revisited, while being mostly similar to the previous version: gone is the tab switcher in headbar, now starred talks can be found in navbar. Gone is also the map view (for now, at least).
Adding new conferences from URL is now done via a nice dialog, and editing of user-added conferences is done directly in the conference list view. Which is now a window by it's own, used as an "open" dialog.
There are some new shortcuts, like the "<primay>-c" shortcuts to copy the current talk details as plain text in clipboard.
The talk search can now be filtered to match only starred talks and there are two search "mode": the global search, activated by the button over in the navigation header and by the '<primary>-f' shortcut, and the "current list" search, which search in current talk list for
day/room/track.
I'm sure I'm missing something and I'm sure I've missed more than something testing this, so please open tickets on the tracker (tickets can be opened also via email just sending a text/plain
mail to ~fabrixxm/confy@todo.sr.ht or
u.fabrixxm.confy@todo.sr.ht)
There is also a fix from ~edwardbetts for events that are after UTC midnight. Thanks!
reshared this
reshared this
reshared this
BeagleV-Ahead: Default Development git repositories
I think we always mess this up on Launch, our main development repo’s are on https://git.beagleboard.org/ Sadly this gitlab server on aws tends run out of bandwidth once hit by everyone… I’m working syncing our github mirrors: OpenSBI: Fast Mirr…BeagleBoard
reshared this
reshared this
#OpenSourceHardware picks of the day:
➡️ @olimex - OSH manufacturer based in Bulgaria
➡️ @adafruit - OSH manufacturer based in USA
➡️ @mntmn - Small indie company making a libre laptop
➡️ @blitzcitydiy@mastodon.social (main) & @blitzcitydiy@diode.zone (videos) - Technician building fun electronics projects
➡️ @apertus - OSH for professional film-making, incl high end cameras
➡️ @nitrokey - Selling OSH security keys etc
➡️ @oshwassociation - US non-profit promoting OSH
➡️ @bonfire - Combining the Fedi with OSH data storage
reshared this
Unfortunately, I was affected by layoffs at Posit PBC. I'm still processing this big change, but I'm now open to work.
If you're looking for a data scientist or someone more broadly with experience in R, package development, causal inference, Rust, and many other skills, please reach out to chat!
If you're curious about my work, check out my GitHub
https://github.com/malcolmbarrett
malcolmbarrett - Overview
@posit-pbc. Ph.D. in Epidemiology. malcolmbarrett has 192 repositories available. Follow their code on GitHub.GitHub
reshared this
Octavia con Amore :pink_moon_and_stars:
in reply to Terry Hancock (Director/Producer) • • •