Notices by Eleanor Saitta (dymaxion@infosec.exchange)

When this case first came out, I was talking to a relatively senior Finnish journalist about freedom of the press in Finland. We came to the conclusion that Finland's then best in the world ranking on press freedom was entirely down to the fact that the press had never wanted anything that the government wasn't ok with having in the papers. This decision is broadly incompatible with freedom of expression. Prosecuting folks who agreed to keep state secrets is one thing. Accusing journalists of treason, let alone convicting them, for publishing material that in their professional opinion was newsworthy is completely unacceptable. The Finnish national security bureaucracy does and must not be above the constraints of international human rights law, and must not be permitted to either constrain a priori or decide post hoc what is in the national interests. I assume this will be appealed and that the Finnish Supreme Court (or, failing them, the European Court of Human Rights) does the right thing. This case has already caused a significant chilling effect on Finnish journalism — already not in a great position — and this is happening at a time when Finland's national security position and responsibilities are changing rapidly. We need transparency and accountability in the national security bureaucracy now more than ever.

https://yle.fi/a/74-20170451

@raito
Much more likely to becomea law in Europe than the US, honestly. And it might get revised quickly, but quickly in EU terms is at least a decade.
@whitequark @Di4na

@raito
I am, yes. I think it's a pretty solid balance, at the level I've read so far, and they we could do a lot worse, as a model text. It came about in part because the EU does listen to actively engaged folks from civil society, including FOSS devs, when they're willing to engage with the debate on the EU's terms. Hopeful the existing version will be improved where necessary and reasonable and adopted. It's entirely possible, though, that it will be seen as insufficient.

The exclusions in there were not put there by folks objecting to the fundamental framing.
@whitequark @Di4na

@raito
It kind of boggles my mind that folks who write software with the hope of it being used as part of a global ecosystem wouldn't really care whether their software or that ecosystem is secure. Like, sure, if it's your hobby and you don't really care about its impact on the world, you do you? It's exactly the same sort of "negative externalities aren't my problem" attitude that we decry up and down everywhere else.

But yeah, I guess framed that way, the only thing they will make those devs understand that they have to care is liability, the same as everyone else in that situation. It just happens here that liability will probably also destroy the ecosystem at massive cost to us all.
@whitequark @Di4na

@apps
Where is this in settings? I've spent about 20 minutes looking through all the settings menus a half dozen times. Autofetch missing messages and autoload remote media are both off.

@apps
The per-message dotted menu is no longer present in thread view, so I can't e.g. edit replies without re-finding them in my account view.

@clarity
I've also just had relatively good luck with managers, apparently

@clarity
That's terrifying. How do you end up being a manager not knowing this.

@ferrix
There's good money to be made being part of the problem
@evacide

@GossiTheDog
Do you know how security works at scale? This isn't news and among the majors, MS was mostly late to the party. That said, "spies" is doing a lot of work here. If you mean "collaborates specifically around threat intelligence", sure. If you mean "provides the US with general purpose intelligence outside the digital security space above and beyond the cooperation that the US can compel with statutory powers", no, we have no reason to believe that.

Also, with CISA dead, it's unclear that anyone on the USG side is still listening.

@hacks4pancakes
I would like to be fucking wrong more often. I am very tired of being right

@inthehands

@LukefromDC

@LukefromDC
Si vis pacem, para bellum
@inthehands

"We're happy to announce version 1.0 of the Torment Nexus, as popularized by the science fiction book 'Don't Invent the Torment Nexus'! Our innovative product breaks new ground in..."

https://www.theguardian.com/technology/2025/mar/08/vr-prison-california

@inthehands
We did, the NTSB.

I assume it'll be dead soon.

@hacks4pancakes
I struggle with this *because* the industry has changed so much. My way in is unrecognizable today, and I genuinely don't understand a lot of the traps that junior folks are dealing with because I've never seen them. I worry about steering folks the wrong way.

@quinn
Which Sullivan?

@michael_martinez
Well, the evangelicals are horny for revelations anyway — that's why they care about Israel and have so many folks inside the USAF Global Strike Command, so they can make sure the world ends in fire

With the "shutdown" of USAID, the State department has ordered an emergency evacuation of all staff from over a hundred countries by Saturday. In their wake they will leave massive chaos. USAID feeds 53 million people a year, among other things. Many, many people are dying because of this, and many countries will never trust the US again.

USAID is a major part of American international soft power. The damage that this is causing can only be described as treasonous, even ignoring the human cost.

To be clear, this evacuation is impossible. Doing it from one country is very hard. Doing it everywhere all at once, even with all available military airlift assets, cannot happen. Regardless, on whatever schedule they do do this, this is not a normal international move. They are telling staff who in some cases have been in country for decades or who expected to be their for the rest of their careers that they have 48 hours to pack suitcases and leave everything else they own behind, to return to a country where they have no where to live and no job.

But then, that's the point.

Context: you used to be able to cast the full screen on Android and when you locked the phone, it would just keep sending audio. Power usage was surprisingly low, and on a closed network, it's not really a big worry otherwise. Originally I used the Chromecast audio, and then a regular Chromecast with an audio extractor or a Wiim box. Now, when you lock your phone it stops casting. There are other options to get some individual apps to send audio data to the Chromecast with big caveats (Spotify loses track volume normalization, for instance), but nothing if you want everything without having to switch things manually. SonoBus will probably work, but now I need to buy new hardware to run it on if I want it independent of my laptop and running straight into the mixer.