Notices by jomo (jomo@mstdn.io), page 2

@Mastodon Thanks but no.

From your privacy policy: "We may use your personal information for marketing and promotional purposes, such as to send marketing, advertising and promotional communications by email, text message or postal mail, and to show you advertisements for products or services. This may include using your personal information to better tailor the Services and advertising on our Site and other websites."

I though Mastodon would do better.

@Suiseiseki Deja Gnu!

@sun that's the mouse that came with the first Macintosh

#xz

The OSM foundation finally announced vector maps coming to osm.org! 🥳

https://blog.openstreetmap.org/2024/02/11/2024-announcing-the-year-of-the-openstreetmap-vector-maps/

They hired @pnorman, who regularly posts technical details about vector maps on https://www.paulnorman.ca/.

#OSM #OpenStreetMap

@lain hacker haben hackertools

@kaia @lain @shibao ich understande was hier läuft!

@lain

@ret2bed @feld @lorenzofb these people agreed to share their data with whoever the company decided to be genetic relatives, a.k.a. a bunch of random people from the internet.

@lorenzofb hot take: they are not wrong. If what they said is true, 23AndMe was not hacked, customers decided not to use 2FA and then use a known password, and did allow to share data with other customers. This is the customers' fault.

23AndMe did however not use standard security practices such as enforcing MFA, and it's right to blame them for that.

not sure if troll or serious #37c3

@lain das schmeckt sogar ganz gut

@feld this is happening for images that are embedded as  in Discord, you don't need to fetch any opengraph tags for that.

@feld well they don't have to request it twice for that, they already have the content after their first crawl.

TIL #Discord effectively does traffic amplification when users post an image. They crawl the image URL using a Discordbot User-Agent, but in the same second request the same URL with a spoofed Mac OS browser User-Agent that can't be identified as a Discord request.

Both request are required for the image to render in Discord chat. Absolutely great!

https://github.com/discord/discord-api-docs/issues/1600#issuecomment-628529359

Was ist das denn jetzt schon wieder? #bahn #dbnavigator

@lain
:thinkerguns: RAUBMORDKOPIE

You use your real name to post online? You use the same phone number, or the same email address to sign up to different accounts? You use the same, or a similar sounding username on your online accounts? You use the same profile picture on your accounts?

Anything that is publicly available is being scraped and indexed by archivists, officials, and private companies.

Do you really think there are no automated tools that connect the dots, let alone investigators being able to manually do this?

Everything you share publicly on the internet is publicly available and will not be forgotten. That includes government agencies, [and] your worst enemies.

This shouldn't be a surprise to anyone, but it repeatedly is. The latest source of outcry is #ShadowDragon, which seems to be a simple #OSINT tool that just collects public posts and makes them available to the feds. Some call this mass surveillance.

https://www.404media.co/inside-shadowdragon-ice-babycenter-pregnancy-fortnite-black-planet/ #privacy #surveillance

@lain https://youtu.be/STiPwOasCmE?t=122