Notices by h3artbl33d :openbsd: :antifa: (h3artbl33d@exquisite.social)

We are seeing an increased number of account signups on our #Mastodon instance. They are fake and very likely to be a part of the Russian LLM-backed campaign.

The reason for joining tends to be very broad and vague:

I'm looking to join a friendly Mastodon community and participate in discussions.

The email addresses used in these signups are valid (as they are able to verify it), but seem to be automatically generated.

The IP addresses they use either stem from a VPN, Tor exit node or a compromised webhosting thing (we do not log IP addresses - except during the registration, which is deleted once an account is approved or denied).

One positive consequence: this is really helpful to maintain our blocklist :flan_XD: :flan_molotov: These bots end up being blocked by our pf(4) across the infrastructure.

#MastoAdmin

#OpenBSD 7.9 coming soon... And it is going to be one heck of a release.

If you want to tinker with it already, go -current.

Please do note that not only video streaming uses Widevine DRM, but audio / music streaming tends to use it too.

I personally greatly prefer media without DRM. Eg, I tend to get my music albums from Bandcamp - especially on their Friday specials where 100% goes to the artist.

#OpenBSD gains (open) Widevine DRM support on Chromium. This will fix compatibility with a large number of streaming services.

Please do note that Widevine has three security levels. Platforms can dictate what level they require. For instance, Netflix only allows SD (480p) playback at L3 and limits 4K to L1.

L1 requires secure boot, a signed and approved kernel, etc. This is not going to happen. Not on the BSDs, not on Linux.

Have yet to experiment with it - I presume it will default to L2. That is 720p playback on Netflix, if I am not mistaken.

I am seeding the original Unix tape with a 40Gbit/s connection. If you want it fast, grab the torrent at archive.org.

Trust our sovereign cloud! We run it in our own datacenter!

Says the vendor whom:

1. Has Microsoft as their MX records (meaning: uses the MS cloud for mail),
2. Records and stores every phonecall to them in Azure, transcribes it using CoPilot,
3. Uses Win11 + O365 on nearly every desktop/endpoint,
4. Is awarded Microsoft partner of the year,
5. Has a website including portal which are completely infested by Microsoft, Adobe, Google and many others.

Yeah. Seems rather trustworthy :flan_XD:

No AI being used here :flan_molotov:

Also: #RunYourOwnMailServer

#selfhosting #email #openbsd #opensmtpd

New blogpost: Using a SSH config: https://h3artbl33d.nl/blog/using-a-ssh-config

#OpenBSD #OpenSSH #SysAdmin

Me, running #OpenBSD-current on a large number of machines (including servers):

@stefano

Signal has an outage - so it is not you (or Gurk).

@jae @stefano

Thankfully, yeah. And so is regular SMTP :flan_hacker:

(and yeah, I am familiar with Deltachat and Chatmail)

@feld

Calling out a company sponsoring fascists is "playing cancel culture wars" in your opinion?

Truly excellent writeup about the current clusterfuck that is Framework (computers):

Framework under fire for Omarchy/DHH/Hyprland support?

There are alternatives!

Get a refurbished ThinkPad through Minifree, preinstalled with Libreboot and funds the further development.

Or get a vintage ThinkPad with modern internals.

Also, there is:

• MNT Reform
• Tuxedo
• Slimbook
• NovaCustom
• Star Labs
• and others

Belgium now opposes #chatcontrol :flan_hurrah:

But we aren't there yet, far from it. Lets bury this fucker :flan_molotov:

Things are escalating fast :flan_aww:

• Both me and the awesome @stefano will be giving a talk at @EuroBSDCon: Liberating the social web using *BSD
• I will be giving a talk at BSides Querétaro: "Defending the democracy - through hacking"
• And I have some blogs lined up to be published soon-ish ™️

It is a true honor to serve you all. I am incredibly grateful to be given this space - and your attention. Don't ever forget that, no matter whom you are - you are awesome and you really deserve to be you.

If you ever want to talk: just reach out.

@stefano @EuroBSDCon

You really should patent that smile :flan_XD:

:flan_heart:

Casual reminder: you are supposed to run your own mailserver

If you aren't operating your own mailserver by now, what is your excuse? Don't have the hardware? Get a VM with @OpenBSDAms. Too much effort? Nah, @mwl has you covered.

Never surrender the protocols.

Run your own mail server.

Revolt.

Rebel.

#RYOMS #mail #selfhosting #decentralize #reclaim

I recently found an iPhone at a café - looked like one of the more premium models. Tried to give it to the bar personnel, but the seat wasn't reserved and they had no clue how to contact the owner.

The phone and the case didn't have anything identifying. Tried to see if it was secured and it showed that it had a pin of six numbers. Pretty sure I couldn't get in, I tried all zeroes and 123456. Bingo. The latter one was correct

I opened the phone book just to check whether there was a favorite contact. There wasnt but there was an ICE. Texted the ICE that he phone can be picked up at the café and handed it to the personnel, solely stating that it would be picked up.

But OMG. It feels so incredibly wrong to go over those details - if I had malicious intentions I might have been able to inflict serious harm.

Please, if you want your phone to be recoverable: make sure it has some identifying info (or enable Find My) - and if you don't want that, make sure it is impossible for a hack like me to get in that easily.

Mobile phones often contain data that you don't want to share completely with one person!

@stefano @fosdembsd @mwl

Totally. Six lines of Postfix config are equal to three letters (!) for OpenSMTPD: tls.

@mwl @stefano @fosdembsd

Yeah - totally. Slay the Gods. I mean - there is a certain case for the looney bin that is Postfix.

I might be a privileged postmaster - but no legacy crap for me.