FBI Seizure of Mastodon Server Data is a Wakeup Call to Fediverse Users and Hosts to Protect their Users (2023)

In May [2023], Mastodon server Kolektiva.social was compromised when one of the server’s admins had their home raided by the FBI for unrelated charges. All of their electronics, including a backup of the instance database, were seized.

It’s a chillingly familiar story which should serve as a reminder for the hosts, users, and developers of decentralized platforms: if you care about privacy, you have to do the work to protect it. We have a chance to do better from the start in the fediverse, so let’s take it. ...

https://www.eff.org/deeplinks/2023/07/fbi-seizure-mastodon-server-wakeup-call-fediverse-users-and-hosts-protect-their

HN discussion: https://news.ycombinator.com/item?id=41434600

This is an issue that's troubled me since joining the Fediverse in 2016, and as one of the people heavily involved in the "Plexodus" diaspora from the late unlamented #GooglePlus. Whilst large commercial providers have their failure points concerning privacy and law enforcement, they've also often stood up to over-broad attempts to surveil peoples' online activity. Small instances on distributed systems often run as hobbies or very small-scale subscription / donation-based operations might avoid the roving eye of such efforts, but also lack resources, knowledge, and procedures for how to respond when such seizures occur. As the EFF notes, Kolektiva failed to alert its members (and remote contacts) until months after the FBI raid.

The EFF does have a promising guide to legal rights and considerations specifically tailored at the Fediverse:

"User Generated Content and the Fediverse: A Legal Primer"
https://www.eff.org/deeplinks/2022/12/user-generated-content-and-fediverse-legal-primer

#KolektivaSocial #Kolektiva #EFF #ElectronicFrontierFoundation #CyberRights #FBI #OnlineRights #JacksonGames

Edit: This is a 2023 story.

FBI Seizure of Mastodon Server Data is a Wakeup Call to Fediverse Users and Hosts to Protect their Users

We’re in an exciting time for users who want to take back control from major platforms like Twitter and Facebook.

^{Electronic Frontier Foundation}

> #Microsoft confirms that #Windows 11 Recall #AI is not optional — a glitch made it appear so in the Windows 11 24H2 KB5041865 update
https://www.tomshardware.com/software/windows/microsoft-confirms-that-windows-11-recall-ai-is-not-optional-a-glitch-made-it-appear-so-in-the-windows-11-24h2-kb5041865-update

But don't worry, the company that is unable to correctly implement a toggle switch assures us that they definitely implemented this new immensely complex piece of technology nobody asked for directly in the operating system in a way that is secure and under no circumstances puts anyone in danger in ways security researchers said it will.

Microsoft confirms that Windows 11 Recall AI is not optional — a glitch made it appear so in the Windows 11 24H2 KB5041865 update

Windows senior product manager Brandon LeBlanc says, "This will be fixed in an upcoming update."

^{Christopher Harper (Tom's Hardware)}

I really miss going to Rust and Wasm events, hanging out with folks, geeking out. But like, the last time I got Covid it knocked me flat for about six months - and I don't know how I'll respond to a Next Time. So there really can't be one.

It's so draining to feel like I'm the only one advocating for clean air, accessible environments, spaces that don't risk having participants walking away with long-term disabilities.

Like, I don't even know how to begin to explain that this is important.

"i host my api serverlessly"

THEN HOW DO I CONNECT TO IT, BEN???
WHAT AM I CONNECTING TO???
A FUCKING LOCAL FILE????

I'll be fursuiting as these two huge larger-than-life floofs at Furry Migration from Thursday to Sunday!

Just see me around, talk, hug, or I could also be open for cuddles too!

I can't wait for Furry Migration!

"the bluesky network is federating"

JUST ONE SMALL PROBLEM
FEDERATING WITH WHO, JAY?
FUCKING ACTIVITYPUB?

If your open source project makes me jump through hoops to report a bug, I will just conclude you don't care about bugs.

That includes requiring me to create an account. Big projects like the Linux kernel manage just fine with a simple mailing list, there's no reason your small project needs a big corporate solution with accounts and data leaks. Leave that to big corporate projects like Mozilla, who really don't care about bugs.

I'm not an expert in labor history or activism, but from a lay perspective, it seems unavoidable that in its modern and present form, AI is an attack on labor. Not even just in the direct sense of replacing and supplanting labor, but also in the form of *devaluing* it (e.g.: the shift from translation jobs to "editing" jobs).

Opposing the proliferation of AI is thus, to my naive understanding, an act of labor and class solidarity.

I mean, who could've possibly imagined?!?!

STUDY: "In acute care settings, staff N95 respirators and admission screening testing of patients can reduce hospital-acquired #COVID19 and COVID-19 deaths, and are cost saving because of reduced patient bed-days and staff replacement needs."

I still cannot imagine why healthcare workers need to be told to care about patients and put on masks, particularly during COVID surges!

https://www.journalofhospitalinfection.com/article/S0195-6701(24)00236-6/fulltext

Despite all the doom and gloom about YubiKeys, I’m not ditching mine:

• the attack is far from trivial and cheap. It’s not impossible, but unlikely
• I’d likely treat my YubiKey as compromised anyway if someone had unsupervised physical access
• as far as I can tell, I’m still likely to be much better off with the YubiKeys and, unlikely worst case scenario, they add nothing.

In 1973, Nixon made for-profit healthcare legal.

This is in a nation where those with lots of money can legally bribe those who make and enforce the laws.

The results should surprise no one. America is a nation by, of, and for the corporations. The only useful thing we can do is to serve as a warning to others of what happens if you give too much power to wealthy people and corporations.

Brain: "20 years ago is 1984."
Time: Five seconds later.
Brain: "...shit, THAT was 20 years ago... FUCK!"

It's still weird being the same age as old people.

Holy shit 🤯

Timelapse of a plasma rain event on the sun I captured on Sept 1.

103 minutes condensed down to 9.65 seconds (640x)
#solar #astrophotography

We're coming up on nanowrimo. Every year people ask my thoughts, so here they are.

I love challenges! I love transcending your limits! I love discovering that your limits are not actually limits! I love accomplishing things that you've never accomplished before!

The point of nanowrimo is to artistically challenge yourself. For me, writing a novel in a month is no big deal. If the challenge of setting aside a few hours a day every day to write appeals, do it!

Your novel probably won't be publishable. Learning to tell a novel-length story is a skill that you learn by writing novels. (I have fourteen trunk novels that the world will never see.)

But most people never manage to write even one! It's work! It's a million tiny decisions, one after the other, that will exhaust your feeble little brain! I have fifty-odd books out, and guess what? Every time I start, I don't know if I have it in me to write another book!

Set goals. Transcend limits. Fight. WIN!

With this context: having AI write your novel meets none of these goals. There's no art there. No challenge. Plus, environmental ruin and theft of other people's intellectual property.

#terrypratchett

Source of the post:
https://serialephemera.tumblr.com/post/636666887988740096/thematically-speaking-the-most-important-thing/

OVERWORKED LICENSE (OWL)
dude idfk if i maintain this shit at all its some kind of miracle. like i can barely maintain myself let alone some software i made out of desperation. like just fucking do what you want with this shit i do not care. try not to be evil with it i guess, but no matter what i write here some jackass will find a way to ruin it.

this license is to apply to all derivative works

Ok, here's the deal on the "YubiKey cloning attack" stuff:

yes, a way to recover private keys from #YubiKey 5 has been found by researchers.

But the attack *requires*:

👉 *physically opening the YubiKey enclosure*

👉 *physical access* to the YubiKey *while it is authenticating*

👉 non-trivial electronics lab equipment

I cannot stress this enough:

❗In basically every possible scenario you are safer using a YubiKey or a similar device, than not using one.

#InfoSec #YubiKey5

Life gets us all down at times, so lets have some fun and have a bounce shall we?
Come join me for some fun!

#Fursuit #Fursuiter #Fursuiting #FurryAnthro #FoxFursuit #FoxFursona #TerrenceTheFox #Furry #UKFur #FurryFandom