In my time zone this is now #curl's 25th birthday.
If you want to send along your congrats or curl related memories, consider doing it here: https://github.com/curl/curl/discussions/10465
In about 8 hours there will be a new curl release. In 10 hours there will be a curl release video. There will be blog posts and there will be an online celebration starting in 18 hours.
This is the day. Thanks for flying #curl.
Aqours! Aqours! Aqours! #Aqoursとホワイトデー_Day1 #lovelive #Aqours
Just learned something interesting... I use Firefox for my personal browser, and have two privacy extensions installed, Ublock Origin and DuckDuckGo Essentials.
I ran the EFF browser privacy test using both plugins and learned that while ads and trackers were being blocked, I had a perfectly unique browser fingerprint which is trackable itself.
I also learned that using both of these extensions may have diminishing returns, so I disabled DDG and reran the test... Now I only have a "nearly unique" browser fingerprint.
TL;DR - more than one privacy extension does not equal more privacy.
Misskey v13がリリースされました!!!
数々の新機能、様々な改善、バグ修正、UIのブラッシュアップ、全体的なパフォーマンスの改善などが含まれています。
詳しくはリリースノートをご覧ください。 特に運営者の方は、対応が必要な点がいくつかあるので注意してください。
https://misskey-hub.net/docs/releases.html#_13-0-0
開発に関わってくれた方、ベータテスト用のインスタンスを作成してくださった運営者の方、ベータテストに参加してくださった方に感謝を申し上げます🙏
I wanted to take a few moments and apologize to many of my former students.
In the past I said the industry needs people who look at security as a vocation and an avocation.
I was wrong.
Have a life outside of this industry.
Have hobbies that have nothing to do with your computer.
Get outside.
The problems of the industry are not problems of people not working hard enough.
They are not problems of people not being "hard core" enough.
They are problems of education and resource prioritization.
I was wrong.
I am sorry.
Stop breaking yourself on rocks for people who don't really care if you break yourself on rocks.
If you’re outraged about Adobe sending your pictures off their servers (you should be), please know other vendors do this too. That horse has already bolted.
Eg Microsoft Edge automatically sends your key presses in Edge to MS - enabled by default https://winbuzzer.com/2022/09/19/microsoft-editor-in-edge-sending-personla-info-to-microsoft-could-be-putting-users-at-risk-xcxwbn/
Microsoft Office 365 sends every photo and screenshot you add in Word, PowerPoint etc (including in emails) to Microsoft 365 Intelligent Services without prompt https://support.microsoft.com/en-us/office/everything-you-need-to-know-to-write-effective-alt-text-df98f884-ca3d-456c-807b-1a1fa82f5dc2
I'm more or less part of the fediverse since 2017, but I still can't get over the fact that you people are describing images, very often making me almost content with not being able to see them at all. I've never seen so many people taking time to write meaningful descriptions on this level anywhere else.
It really, really means a lot! Thank you for making it awesome for everyone! Keep 'em coming! ☺️
New video premieres in 15 minutes: https://www.youtube.com/watch?v=zu0hyIwKDmE
"We need to talk about Dropout", in which we talk about media, pivoting to video, the life and death of CollegeHumor, and discuss the Dropout video player.
@mikewest underselling setHTML? I said "guaranteed to be secure" at least twice :) I do agree that there's a lot of value in a good CSP (and in TT) - as I believe I said during Q&A. However, it's become apparent that not a lot of developers can afford that. I also notice the difference between "number of page loads" and "web pages out there", but I really intend to make it work for every page author. Hence my focus. I totally get yours though!
@freddy talked about the Sanitizer API at #HIP22, starting at ~15:30 of https://streaming.media.ccc.de/jev22/relive/49210.
My feeling after watching the talk is that he's underselling the value: for many web applications `el.setHTML(str)` is a drop-in replacement for `el.innerHTML = str` that will satisfy developer needs while removing the risk of DOM-based XSS. There are some subtleties around the edges that we need to work out, but I'm really looking forward to that core shipping in Firefox and landing in WebKit.
"Etch A TV is a simple modem that uses two tones to represent an X and Y coordinate. This allows drawing simple images over radio. It's designed for ham radio use over 3khz SSB." by @xssfox #hamradio #othernetworks https://github.com/xssfox/etch-a-tv
Good post about ReDOS and why some bug classes add more noise than signal: https://blog.yossarian.net/2022/12/28/ReDoS-vulnerabilities-and-misaligned-incentives (via @kozmic). Fits well with Mark Curpheys recent blog posts at https://blog.crashoverride.com/
hi I made a table of all the wikipedia "whale size" diagrams and categorized whether the cetacean in question seemed happy with the presence of the SCUBA diver (for scale)
朝の散歩をしながら散歩について思う
年末のせいか、車はほとんど走ってませんね。
外を散歩してる人もいません。
考えてみると、一昨年から今までとてもたくさん散歩をしてるように思います。社会情勢の影響もありますけれど、散歩するのが楽しいんだと思います。すっかり毎日の習慣になっています。
毎日散歩する以前は何をしていたかというと、何をしてたんでしょうね。多分数年前は、散歩という形では外を歩かずに、外のカフェに仕事をしに行くために歩いてきたのが多かったと思います。
つまり散歩という意識はあまりなかったんですね。多分そのときでも1日に 10,000歩近く歩いていたと思いますが。
最近は特に、朝夕の散歩をしながら、音声入力で文章を作っているのが楽しみです。文章を作っているというのは不正確ですね。音声入力をしているときには、「お話ししている」という気持ちになります。実際に声に出しているからでしょう。
文章を作っているわけではないというのは、特に何か考えがあって話しているわけではなくて、その都度その都度浮かんできた言葉を声にしているだけだからです。
歩きながらですから、文章を細かく読み返して、編集することもありません。時々発生する誤変換を直すくらいしか修正はせずに、とにかく先へ先へと話が進んでいく。話を進めていく。
ちょうどそれは、散歩で前へ前へと進んでいるのと似ていますね。
It's so nice to have @Popehat blogging about free speech again: https://popehat.substack.com/p/can-a-tarot-card-reading-be-defamatory
Every day the New York Times tries to convince me to read an article in their app instead of on the web because it is “better in the app.”
I downloaded the app to see why it is better. It appears to be an embedded web view showing the same article. If anything, it loads slower.
Pushing people to native apps for things that the web is great at is so stupid.
Several people in my mentions confused about the legal and technical differences between content and metadata in communications systems.
This 2016 paper by my colleagues (@SteveBellovin, Susan Landau, Stephanie Pell, and me) probably won't make you any less confused, but will at least make you feel better about it.
https://jolt.law.harvard.edu/assets/articlePDFs/v30/30HarvJLTech1.pdf
Software created using taxpayers’ money should be released as Free Software. Can you help us to achieve it?
🔹Sign our Open Letter https://publiccode.eu/
🔸 Support our work! https://my.fsfe.org/donate
he+him cis hetero 🏳️🌈🏳️⚧️/ 日本語 / Wanna-be Haskeller / UBI / Strong Towns / ラブライブ / 京アニ / Hololive / アイドルも声優もプログラム言語もDD / Correctly Useless