Notices by Jan Wildeboer 😷:krulorange: (jwildeboer@social.wildeboer.net)

Hello eye migraine, my old friend. Long time no see :(

And , as is typical, it's moved outwards and is gone after 30 minutes. See you next time, but do take your time before visiting me again!

For those who have never experienced eye migraine with visual aura, this video is quite accurate. It starts with a blurred spot that grows and starts flashing in rainbow colours on its perimeter after a bit. The perimeter grows and grows into a bigger circle until it leaves together with the blurriness. It's harmless, but if you have it for the first time, it will feel dangerous. So. Maybe this helps someone out there to be better prepared should it hit them. https://www.youtube.com/watch?v=qVFIcF9lyk8

The correct headline should be: "Trump's price for a presidential pardon now at $1M, how low will he go?"

(gift link): https://www.nytimes.com/2025/05/27/us/politics/trump-pardon-paul-walczak-tax-crimes.html?unlocked_article_code=1.KU8._rgJ.wElZpe-ZPSkQ&smid=url-share

Wer die datenschutzfeindliche Einstellung des OLG Köln kennt, wird sich nicht wundern.

Facebook/Meta darf öffentliche Profildaten für KI-Training nutzen

„Die angekündigte Verwendung der Daten für KI-Trainingszwecke stelle sich bei vorläufiger Betrachtung auch ohne Einwilligung der Betroffenen als rechtmäßig im Sinne des Art. 6 Abs. 1 Buchstabe f) DSGVO dar. „

https://www.olg-koeln.nrw.de/behoerde/presse/004_zt_letzte-pm_archiv_zwangs/001_letzte_pressemitteilung/index.php

#WhereIsMySurprisedFace "Scientific conferences are leaving the US amid border fears"

Jessica Reinisch, a historian who studies international conferences at Birkbeck University of London: “What is happening now is a reverse moment. It’s a closing down of borders, closing of spaces … a moment of deglobalization.”

https://www.nature.com/articles/d41586-025-01636-5 (Archive link: https://archive.is/iYdBT)

The #PirateBay founders must be looking at the arguments from #OpenAI and #Meta on why they should be allowed to ignore copyright and authorship laws with a certain level of astonishment.

Wenn dein Zug Verspätung hat wegen "Personen im Gleis", dann liegt das auch daran, daß die erforderlichen Polizeikräfte um das schnell zu regeln fehlen, weil sie für sinnlose Grenzkontrollen abgezogen wurden.

Bought a third (refurbished) ThinkCentre M910q Tiny (i5-6500T, 16GB RAM, 256GB SSD, €115) to serve as a test bed for running an air-gapped CA (Certification Authority) with a Nitrokey HSM. #nerdcert

Thank you, #Romania, for electing Nicusor Dan and not the far-right George Simion. Who will of course claim betrayal and manipulation, Trump style. Stay strong and make sure that democracy prevails! You will win!

#Oops Due to the ongoing case New York Times v #OpenAI, you cannot delete your #ChatGPT prompts and conversations as the court has ordered [1] on 13th of May that all logs must be stored until further notice. OpenAI is furious as that means "including sensitive personal information, proprietary business data, and internal government documents" [2]. The court is not impressed [3] and sticks to the order.

[1] https://steigerlegal.ch/wp-content/uploads/2025/05/20250513-openai-gericht-verfuegung.pdf
[2] https://steigerlegal.ch/wp-content/uploads/2025/05/20250514-openai-antrag-schreiben-gericht.pdf
[3] https://steigerlegal.ch/wp-content/uploads/2025/05/20250516-openai-gericht-ablehnung.pdf

"To be successful, a European citizens' initiative has to reach one million statements of support as well as minimum thresholds in at least 7 countries."

The initiative "Ban on conversion practices in the European Union" made both.

- 1,245,603 online signatures plus an unknown number of paper signatures
- 11 countries, France did 1202% and Croatia passed in the final minutes.

Congratulations!

https://eci.ec.europa.eu/043/public/#/screen/home/

Kenne ich Lateiner die "Jobrad" auf Latein übersetzen können? Vehentum Laboris?

Every EU citizen should use International Day Against Homophobia, Biphobia, and Transphobia #IDAHOBIT, which is TODAY, May the 17th, as the perfect reason to sign the "Ban on conversion practices in the European Union" citizens initiative.

You have until the end of today to add your signature! If you have already done this — thank you!

https://eci.ec.europa.eu/043/public/#/screen/home

I am totally sure (sarcasm included) that #Google has totally overseen that their planned changes to their root program requirements will cause a lot of problems for mailserver owners like me who in future might run into weird problems with #Letsencrypt certificates for SMTP. I am sure that Google is absolutely not trying to make running your own mailserver even more complicated just to protect their gmail business. That would be totally not how Google thinks, amirite? https://letsencrypt.org/2025/05/14/ending-tls-client-authentication/

@easytarget @mirabilos No. The removal of the ClientAuth EKU (Extended Key Usage) in newly issued certificates happens everywhere, not only at LetsEncrypt. It is required by Google. Certificates with ClientAuth will not be trusted by Google from mid 2026.

@seyon Yes, and reducing TLS certs in ways they can effectively only be used for HTTPS through this step of only allowing ServerAuth EKUs is IMHO (In My Humble Opinion) a step backwards. But as you can see in the comments, other folks fiercely attack that position. @easytarget @mirabilos

Please, everyone who wants to check if we have reached the threshhold of 1 million signatures on the "ban conversion therapy" initiative, use this link:

https://eci.ec.europa.eu/043/public/api/report/progression

It's ugly, but it gives you the number you are looking for without putting extra load on the servers by avoiding all the pretty UI etc from being downloaded. Leave the full page to those who want to sign! Deal? :)

@sindarina The reasons given for this change at https://googlechrome.github.io/chromerootprogram/moving-forward-together/ are not convincing to me. The arguments there reduce the functionality of TLS certs to web servers: "Client authentication represents a private PKI use case that is not relied upon by web browsers for website authentication." which leads to the conclusion that ClientAuth EKU in a cert shouldn't simply be ignored but instead MUST be removed.

@sindarina I have been following this approach (of making ClientAuth less and less desired and actively being fought) since many years, going back to the times of https://unhosted.org where client certificate based auth was an actual browser feature we hoped to use for decentralised architectures. This is just another step to making such architectures far more complex and effectively unusable. THAT's what I oppose.