social.gl-como.it
On my blog: Why pandas feels clunky when coming from R
sumsar.net/blog/pandas-feels-c…
Five years ago I started a new role and I suddenly found myself, a staunch R fan, having to code in Python on a daily basis. Working with data, most of my Python work involved using pandas, the …Rasmus Bååth's Blog
"One price of free speech is eternal humility, recognizing that none of us is immune to becoming a tool of censorship if we fail to recognize its manipulative tactics."
“Tools for Thinking About Censorship”
Since Reddit has now sold out to AI, a reminder if you're into #Linux / #LinuxGaming that Lemmy exists and it's open source.
I'm a mod here too: lemmy.ml/c/linux_gaming@lemmy.…
This youtube video does something I literally had no idea was possible with the subtitle system. Watch it without subtitles to get an idea for what the base video looks like, then watch it with the subtitles on.
youtube.com/watch?v=ZYlaUrj2Zk…
Oshi no Ko OP / Opening Theme "Idol (アイドル)" by YOASOBITV Anime "推しの子" Opening ThemeLyrics by @yaco77 , @ichimonji4kanime , https://www.youtube.com/@JakeUHDv...YouTube
Very proud that the IEEE has published my article “Why Bloat Is Still Software’s Biggest Vulnerability - A 2024 plea for lean software”:
È strano che non abbia ancora registrato puntarella it.
[EDIT]Ah, capito… è GIÀ registrato.
Qualys has disclosed a vulnerability in the GNU C Library that can be exploited by a local attacker for root access. It was introduced in the 2.37 release, and also backported to 2.36.lwn.net
Google announced that starting in June 2024, ad blockers such as uBlock Origin #uBO will be disabled in Chrome 127 and later with the rollout of Manifest V3 (#Mv3).
The new #Chrome manifest will prevent using custom filters and stops on demand updates of blocklist. Only #Google authorized updates to browser extension will be allowed in the future, which mean an automatic win for Google in their battle to stop YouTube #AdBlockers .
#ManifestV3 is deceitful and threatening to your privacy, and now is a good time to switch to #Firefox (@mozilla) and/or #TorBrowser (@torproject) if you haven't done so already!
EFF (@eff) on Google’s Manifest V3:
⚠️eff.org/deeplinks/2021/12/chro…
⚠️eff.org/deeplinks/2021/12/goog…
Chrome Manifest V3 Transition Timeline (2023-11-16)
🚩developer.chrome.com/blog/resu…
EDIT for clarification: MV3 in Chrome will still allow some ad blocking extensions, but will severely limit their blocking ability and even restricts pre-set filters to 50 MAX.
Like FLoC and Privacy Sandbox before it, Google Chrome’s Manifest V3 is another example of the inherent conflict of interest that comes from Google controlling both the dominant web browser and one of the largest internet advertising networks.Electronic Frontier Foundation
Desktop
📥mozilla.org/en-US/firefox/Android Play Store
📥play.google.com/store/apps/det…iOS App Store
📥apps.apple.com/us/app/firefox-…
Desktop
📥torproject.org/download/Android Play Store
📥play.google.com/store/apps/det…Fdroid Repo
📥support.torproject.org/tormobi…
iOS App Store(try OnionBrowser)
📥onionbrowser.com/
#Firefox #Mozilla #TorBrowser #Tor #Browser #Privacy
Firefox is more than a browser. Learn more about Firefox products that handle your data with respect and are built for privacy anywhere you go online.Mozilla
Hard to get more clear-cut than this: "this is my own performance of Bach. Who died 300 years ago. I own all the rights", and yet...
eff.org/takedowns/sony-finally…
Here’s the thing about different people playing the same piece of music: sometimes, they’re going to sound similar.Electronic Frontier Foundation
Based on ESP32-H2-MINI-1-N4 module with 4MB Flash. ESP32-H2 combines IEEE 802.15.4 connectivity with Bluetooth 5 (LE). The SoC is powered by a single-core, 32-bit RISC-V microcontroller that can be…olimex
We are currently having network issues. We are able to connect to our server's onboard recovery system, but the access is slow and unreliable.
We'll keep you updated.
againë
Forgive me if I'm stating a commonly asked question but why don't you guys use cloud flare. You just host code
An electrician had to cut a hole in our drywall and instead of just patching it up, my wife decided to make a little scene with miniatures embedded in the wall. 😂🖼️🤯
Edit: pixelfed.social/@thisfunhouse has some more pictures of the subway and I will post lots more quirky art over there.
2 Posts, 1 Following, 1 Followers · Documenting the quirky art, designer toys, weird projects, and collectibles in our house.Will provide links to the artist’s site when possible — please show ❤️ and support them if possible! 🎨Pixelfed
My million dollar idea I want someone to steal and do, so I can be a customer.
"Dumb Stuff" we sell electronic appliances that aren't Internet connected. That's all.
That's it. That's the pitch. I would buy the <bleep> out of this company if their electronic gadgets were even half way decent, and repairable.
Electronic, no wifi, regular screws to open it up. That's it. Do those three things, and you can be sold by this store.
I will pay this business to curate and find these devices for me.
Isn't buying a knife and getting a screwdriver, nail file and corkscrew the opposite of the simplicity requested here?
I have a new post: Live Migrating from #RaspberryPiOs #bullseye to #Debian #bookworm. changelog.complete.org/archive…
I got annoyed that #Raspbian officially has no upgrade path, the security situation, the lag behind Debian, lack of backports, and lack of initramfs in its custom kernel. So I managed to live migrate some Pis to Debian.
If you have /tmp on your SSD, instead of a tmpfs mount:
- create a new directory and mount it as tmpfs (1Gb)
# mkdir /tmp/tmp
# mount -t tmpfs -o size=1G tmpfs /tmp/tmp
- now tell gcc to use it:
# export TMPDIR=/tmp/tmp
I highly recommend supporting the Standard Ebooks project. 📚
«Standard Ebooks is a volunteer-driven project that produces new editions of public domain e-books that are lovingly formatted, open source, free of copyright restrictions, and free of cost.»
Donate 👇
standardebooks.org/donate
Please boost 🙏
#standardebook #standardebooks #ebook #ebooks #publicdomain #book #books #reading #epub #standard
It's that time of year, so we're embracing our roots and looking back at why we celebrate this Festivus for the rest of us!Find your local listing | http://...YouTube
postfix.org/smtp-smuggling.htm…
"SMTP Smuggling" vulnerability in Postfix allows to spoof senders even in the presence of some DMARC checks. Configuration workarounds exist.
Also, a wholehearted f* you to SEC Consult, who sat on this since June and disclosed it to some closed-source vendors and MSPs, but could apparently not be bothered to give e.g. Postfix a heads-up, publishing this close to the holidays.
Boosts for awareness welcome.
Edit: So this has kinda blown up. and especially because the author of the SEC advisory is going to have a slot at 37C3, I would like to add something important: I intentionally wrote "SEC Consult" above, not "$individual". Do not start harassing that person. For all we know, this is a corporate failure and the individual would actually appreciate guidance and tips. That does not mean to not ask the hard questions, but keep the framing in mind. They might genuinely have been told by their managers that that is how responsible disclosure works.
I see SEC Consult has amended their page sec-consult.com/blog/detail/sm… with something of an acknowledgment that they might have stuffed up disclosure a bit here. It does read a bit like "We contacted both vendors, Microsoft _and_ Cisco!"
A hearty Fuck You to SEC Consult for being bad at their one job, and a hearty side of Fuck You to Cisco for their arrogant "It's not a bug".
Now, after I have patched my Postfix server at $dayjob, back to my previously scheduled long weekend.
Introducing a novel technique for e-mail spoofingSEC Consult Unternehmensberatung GmbH
The internet is a big place. We can all have our own fedi. Each of us can have whatever kind of experience, community, connections, etc, we want here.
That’s the beauty of this place. There is enough room for everyone.
Be wary of anyone who tries to force you to be in community with them because of their myopic view of what online spaces should be.
We can make different decisions. We can make better decisions.
If that cheapo desktop PSU feels a bit heavy, you might want to check and see if it has a box of iron filings inside. You know, for extra quality.
hackaday.com/2023/12/12/cheap-…
Humans are funny creatures. For whatever reason, when handling a piece of electronics, we tend to equate heft with value. If something feels too light, it gives the impression of being cheap or in…Hackaday
Infocert (ma ce ne sono tante altre): come disincentivare l'uso di password sicure in 3 soli comodi passi:
1) ogni 6 mesi obbligare a cambiare password
2) chiedere di inserire una password forte (io la genero casualmente)
3) chiedere di confermare la password disattivando il copia/incolla
Risultato: password extra di 24 caratteri alfanumerici random che ci vuole una vita a ridigitare sostituita con "ForzaNapoli2023,.1", "ForzaNapoli2023,.2", "ForzaNapoli2023,.3", etc..
Io ho iniziato ad usare le iniziali di frasi. Una delle prime che avevo usato era una cosa del tipo:
Mi Sono Rotto Le Palle Di Cambiare La Password
completare con numeri :D
Comunque per il resto approvo al 100% . Aggiungi il fatto che: niente copia/incolla significa significa che non puoi gestire con password manager, e che uno dovrebbe usare password diverse per ogni singolo servizio. Alla fine convinci la gente usare la stessa password ovunque compreso siti scrausi che magari salvano le password degli utenti su db.
esatto, non posso usare il password manager per farmi generare una nuova pass. E poi avvisami prima! NON DURANTE UNA TRANSAZIONE CHE SCADE DOPO 60 secondi!
Non ricordo quale fosse, ma c'era un sito che controllava che tu inserissi effettivamente lettera per lettera la password, via javascript: se per caso ti mettevi a smanettare e riattivati il copia incolla, la password veniva considerata vuota 😭
Updated: Please, Expose your RSS rknight.me/please-expose-your-…
Added @james's suggestion (which I've done on my site) of making the RSS icon/button orange.
I noticed a lot of people don't have a link to their RSS feeds on their sites or have the correct metadata for auto-discoveryrknight.me
For anyone who is interested, the 6.1.66-1 #Debian kernel packages are now in the bookworm-proposed-updates suite (also known as proposed-updates) and are going out to the mirror network as I type.
These packages are replacements for the 6.1.64-1 packages which contain the ext4 corruption bug and should *not* be used.
A full stable point release which incorporates these kernel packages will follow as soon as is feasible.
A little status update.
We're currently rebuilding the debian-installer for the point release. When those packages are ready, we will pulse them onto the mirrors (this is necessary to complete the installer build). At that time, we will also remove the 6.1.64-1 packages so that no further installs can happen.
Shortly afterwards, we will do a point release which will put 6.1.66-1 into stable on the mirrors.
The mirror push which removed the 6.1.64-1 binary packages has now happened.
We are now building the final debian-installer components so that we can start the point release.
