Notices by CyberFrog (froge@social.glitched.systems)

@magicalthinking@noauthority.social @Humpleupagus@eveningzoo.club they regulate usage of the internet, they don't actually manage or run it right now (for the most part), I just don't think national governments that don't even manage or control the internet should be regulating how people use it

most of the world doesn't have net neutrality, and the USA repealed it recently (again), so packet shaping and blocking/censorship happens constantly online according to whatever your government just doesn't like that day, in the USA internet providers will check for insecure connections and inject extra advertising into websites just to rake money out of you (and this is technically legal), in other places entire protocols like torrents are blocked

The people responsible for running the internet should be working on regulating and managing more of it without intervention and demands from random governments, like US states that want to block porn, or Egyptian and Chinese governments trying to block news websites, letting some national government which only represents a fraction of the people online control how shared resources are used and accessed by everyone else is just shitty in general

This isn't even such a new idea, the people who built these systems understood the issues it could create, that's actually why the governments don't manage who can buy and run a website online, that'd be terrible lol

I feel like the internet should be an independent national organization, independently regulated with its own rule of law and governance systems, letting national governments which are tied to specific populations and land areas control such an important shared global resource is misguided and morally/ethically wrong tbh

@magicalthinking@noauthority.social no, I just care about improving the world and don't like the way governments manage the internet for their own interests smh

@alice@lgbtqia.space not saying the people who often reply this way really mean it, or that they're actively malicious, often they're genuinely just misinformed or whatever

but in saying that... there is a reason the CIA writes about this in their handbooks on how to disenfranchise and squash grassroots movements, it DOES take energy and momentum to sustain positive change, and comments that offer nothing of substance while broadly discouraging action absolutely have a big impact on people and wider movements as a whole, I think this is something most people don't consider very often but it's hugely important to remember

@aral@mastodon.ar.al I genuinely can't view this because reddit is a garbage platform not built for humans anymore, and they block my browser and network, and block people without an account in a lot of cases now, but I'm sure whatever this was it's damning lmao

@zannesan@mastodon.social @inthehands@hachyderm.io you know we really could make it stop... it's just the rich fucks with infinitely more resources than every other human kinda don't want to stop it right now smh

@dansup@mastodon.social I mean I'm not super knowledgeable on the value of analytics data, so I'm not sure how important knowing if the user hit the "read more" button (or similar) actually is for an effective FYP algo, but I can see how it might be useful at some point to have that kind of data coming in

Mostly I think even if you did want to force reporting of that data, it's better to work with the 3rd party clients, rather than leaving the only 3rd partys be those that break things until their tools run

@dansup@mastodon.social in general I would say release API docs and let 3rd party apps implement things correctly, but also, it's likely possible to implement very good FYP algos using mostly backend related data too (eg comment viewing, share related API calls) so maybe it might be worth implementing from a backend-first perspective and looking at if the client analytics even end up causing a significant difference in the future... then maybe it can just be generally avoided 😛

@aral@mastodon.ar.al @noybeu@mastodon.social the Irish DPC being basically useless on GDPR enforcement is a hot button issue in Europe right now, from what I understand the rest of the EU is essentially applying legal pressure and threatening penalties for non-enforcement so hopefully the Irish DPC gets much better in future

@patrickcmiller@infosec.exchange "unhackable"...

he does know what happened to every other person on the planet who ever called something unhackable right? lol, lmao even

@SmartFox@mastodon.social @patrickcmiller@infosec.exchange they had a "data breach" (really just a hacker stealing logins) recently and now people realize what a colossal fuckup it was so they want a "go back" button tbh

@aral@mastodon.ar.al is... is this real? I mean even just the branding here is awful from a PR perspective, wtf are they even doing... incredible

@mattly@hachyderm.io many MANY years ago, when I was first getting involved in security and had just started a github account (long since deleted) I got an email from someone who scraped my details from a repo where I did security patches

they offered me a significant amount of money for some relatively simple XSS related bypass methods in the (back then) actively maintained XSS auditor code of chromium

I refused of course, but to this day, I wonder how many millions of people are being exploited because some random person got an email and some money

anyone know some good FOSS #astrophotography software? I want a fancy telescope and camera to take pictures of the sky with tracking, but I also want free software... not sure if I'm going to have to write that myself

@ryanc@infosec.exchange I'm not sure if they've switched to nftables by default yet, they might have, maybe it's worth checking if they have any nftables rules defined or something weird

@ryanc@infosec.exchange if the distro is new and uses nftables, like fedora or something, it might be doing strange things like that 👀

@ryanc@infosec.exchange but also nftables is syntactically very similar, which helps a lot at least lol

@ryanc@infosec.exchange I learned something cursed when researching the transition of these things, which is that the linux kernel can load both iptables and nftables rules at the same time, on the same machine, and nftables rules take precedence but fall back to iptables afterwards

imagine trying to debug a system that you thought was using iptables but actually has a secret nftables rule inserted before iptables even sees the packet.. all the iptables rules would be totally correct, because the filtering happens earlier on 🙃

@dushman@hollow.raccoon.quest 10/10 even has a funny warning lol

@Hyolobrika@social.fbxl.net @dushman@hollow.raccoon.quest you get banned, skill issue tbh