floof.org

Hazelnoot sharkey (AP)

I hope this is common knowledge, but just in case not: Authorized Fetch does not protect media attachments. Only post contents and (some) user profiles are authenticated.

Likewise, uploaded media is always public. Even if sent as a DM, anyone with the link can access the files without authentication. That includes blocked users / instances, so be careful what you upload!

#PSA #FediTips #Fedi #Fediverse

1 2

Naia Ōkami mastodon (AP)

lol

https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github

1 2

Campfire Stories 🔥

Commission for Kaiyoht from Jack-Jackal! :3 Higher res version, time lapse video, and drawing stage snapshots are up on my Patreon!: https://www.patreon.com/posts/campfire-stories-108754627

#Furry #FurryArt #FurryArtist #MastoArt #Commission #ArtCommission

1 2

Everytime I look up advice/details of how to do something on Linux and the project/guide doesn't explain what to do, but instead has a docker image, my resolve to never use docker increases a little bit more.

I get why docker exists and I'm not saying that it's not useful but wow I really do not want the question "How do I do x" to be answered with "Use this docker image"

1 2
The year is 2034. The Linux command "man" is now distributed as a Docker image. To find out how to deploy it, you have to join a Discord server, the client for which is also distributed as a Docker image.
1 3
Ikani mastodon (AP)
@tryst funny thing on that. For Mint, the only listed install for discord is flatpak, which is a docker image. It's a 1.8GB download and the image is unable to log into discord for me. It goes into a captcha loop.
This Reddit post kinda sums up how I feel about docker:
1 2

Honestly if you like docker then that's great but here me out:

Docker on enterprise servers? ✅ Yep
Docker instead of VMs? ✅ Sure why not?
Docker because you want to? ✅ Of course!
Docker on a single board computer for one job? ❌ Nonononono please just tell me the steps involved so I can learn how the system works!

1
The Vargarnir system mastodon (AP)
I've got a couple of things running in Docker on SBCs that are the ony thing doing anything on that machine. it's kinda overkill, but it allows me to more easily intergrate it into my larger remote management system, and makes monitoring, alerting, and updates a looot easier.

@garrwolfdog Sorry I didn't mean to come across as "never use docker at all" but that I dislike that answers have in some cases become "use this docker image"

For example I want a SBC to monitor the temperature of my hot water tank. The first guide I found said that I should use multiple docker images to provide Prometheus and Grafana, and other guides were similar.

In the end Darac pointed me to Munin and that's exactly what I want. :)

@garrwolfdog Like in your case if you're already au fait with docker and it fits into your network then it makes sense, but for me who's still running servers with multiple services for an internal home network I'd prefer to have the details of how to configure it myself :)

It wouldn't be an issue if it was "here's how to do it from scratch but also there's a docker image if you want" but I keep seeing guides that are "you must use docker"

The Vargarnir system mastodon (AP)
I'm not totally sure I follow. Even if you're using docker you still need to configure things as much as you would if you were setting it up on bare-metal. the only real difference if that you don't need to compile the binarries yourself and it will have kind of sandbox to run in. unless you're wanting to tinker with the source code itself, I guess?
Ooor this might just be confusion about how docker works? it can be alittle unclear, tbh.

@garrwolfdog Sorry let me clarify; I know nothing about docker and the first time I tried to follow one of these guides I ran into a problem with no way of being able to troubleshoot the fault. I couldn't find an easy answer of how to look at the logs or files within the docker so I had no idea what was going on.

That one did have all the code/scripts/etc not in a docker image and the first time I ran all that I found the fault straight away just by looking at the system logs.

@garrwolfdog @garrwolfdog It turned out that the python code was pointing to a folder that didn't exist. Changing that code fixed the problem, but the docker image pulled the code directly from the GitHub so short of forking the project and making my own changes directly from there I wasn't able to find a way to change the files in the docker container
@garrwolfdog I guess my point is that while I'm futsing around with my own little projects I know how to troubleshoot if it doesn't work. I've no idea how to do that on a docker container and I haven't yet found anything that explains it in a way I can understand, if it even is possible to troubleshoot like one would for a bare metal machine.
Kootenay mastodon (AP)
@garrwolfdog Really, each container is just a little Linux server running in its own space on top of actual Linux. You can get into it and see the filesystem with 'docker exec <container id|name> -ti /bin/bash’.
Incoming network connections are mapped (on startup) from your host to the container.
Logs may be in /var/log in the container, or sometimes it's set to go to stderr, in which case use 'docker logs <container> -f' to see them.
You know all this, then you can debug. :)
The Vargarnir system mastodon (AP)
Yikes! yeeeeeah, that is NOT how you should be building your container images. The whole point of containerisation is to avoid problems like that! no one should be releasing images that pull no-versioned locked code from 3rd party sources; that's dodgy as hell!

@garrwolfdog That's how I've seen a lot of people using it for small projects, hence my aversion to it in small projects.

I've always seen it as one of those things that you have to know/be invested in learning before you use it in a production environment but some people are treating it like FlatPak/AppImage

The Vargarnir system mastodon (AP)
honesty, if you're running self-hosted home systems, then it's worth learning how to use docker. it can make spinning up and testing out services sooo much quicker and clear.
@garrwolfdog I want to eventually when I can brain properly for it; I want to set up four TV channels running from a server and being output into an old hotel CATV distribution board, and having each channel in its own docker container would be helpful for monitoring them.
The Vargarnir system mastodon (AP)
If you ever need to pointers to get you going, we're always happy to help!
The Vargarnir system mastodon (AP)
ok, unrelated to you but I got to be pedant for a moment XD
It should be it's named after the raven so its a nominative singular masculine propper noun, so it should be "Muninn" not "Munin". Why people don't consult a linguist before naming their software, I'll never know!
Kootenay mastodon (AP)
@garrwolfdog Woo! Corvid pedantry! I approve! :>
Kootenay mastodon (AP)
@garrwolfdog It’s always Corvid Time.
Pippin friendica
@Epoxy / Renby 💜🏳️‍⚧️ The reason I hate the idea of using docker is that I want/need to *understand* things properly before I use them. I love things like postfix, because it has a full set of man pages which explain every little detail of how to configure it and how it behaves, and it also has documentation designed to help you understand how to use it. Docker and git and various other things… I've never come across documentation that actually *helped*. The more complex it is, the more documentation is needed to explain it and the better organised that documentation needs to be. I have a bit of ambivalence regarding qemu - it's pretty much essential for my business, but the documentation is severely, *severely* lacking, to the point where I've had to refer to the source code. And even that is full of unexplained abstractions and very hard to understand.
2
Pippin friendica
@Epoxy / Renby 💜🏳️‍⚧️ Actually, thinking about this properly (and I haven't thought about docker other than in an "ew, no" way for a long time now) I suspect the thing that originally put me off was that, if I remember right, its normal mode of operation is to download stuff from unidentified, unexplained servers on the internet and execute it on my machine. This is kinda the same reason I don't like/use build systems that do that kind of thing, like pip and pear and composer and npm and so on. I just about trust Debian's distribution network so I'll install dependencies from there thankyouverymuch, stop trying to grab them from places I've never even heard of, and especially don't just replace whole dependencies with newer possibly-improved-possibly-compromised versions on a whim. I certainly don't want entire containers obtained that way.
1
Kay Ohtie mastodon (AP)

@pippin part of the point of the containers is to avoid the very issue it sounds like you're worried they cause. There are potential Escape Routes (usually if run with too many permissions) but the idea is almost more "I don't trust this to _not_ get compromised so I'm isolating this with limited connections for networking/data out of it" with the added benefit of "I also don't have to worry about package collisions or it fucking with local packages".

Outside of official containers I tend not to trust ones where I can't see the Dockerfile, and can read to see how the container image was built and what it'll do inside itself. Useful sometimes for writing my own Dockerfile stuff like for the mastodon image I use.

But yeah the dual purpose is definitely "contain" first, hence the name, with the benefit of "isolate libraries" second meaning if your container ever goes sideways you can just tear it down, and not have to worry about "alright what files got fucked up by building or package management?" And kinda making the data a little more portable. Definitely makes migrating/moving stuff a lot less painful.

1
Pippin friendica

@Kay Ohtie @Epoxy / Renby 💜🏳️‍⚧️ I don't drive recklessly just because I'm wearing a seatbelt, though. 🤷‍♂️

I'm just very dubious about the benefits, haven't had the time and motivation to spend to learn this whole new thing, and haven't had any problems doing it the way I've always done it.

(I'm probably in the "anything invented after you turn 30 is newfangled trash" phase, too.)

Dex 🔞 - :dex: mastodon (AP)
yeah i can sort of get it from an avoiding dependency hell perspective but yeah absolutely not running it on the pi zero

Seritus Sabre mastodon (AP)

"You! Explain what this world is about!"

Seems this sabre has been transported in time to the modern day, and is grumpy about it!

📸 @silverfoxwolf
🐯 @tungro as Seritus the Sabretooth Tiger
✂️ @madebymercury
📆 2024-07-20
🌍 LondonFurs, London, UK

#FursuitFriday
#Furry
#Fursuit

1 2
Chloé Raccoon mastodon (AP)
*sneaks up, corks the teeth in the name of HSE*

someone just shared this picture with me and I am so mad this is a thing that somebody thought was a good idea, or even not a terrible idea
1 8
Ikani mastodon (AP)
if there's a transit authority for said train, I'd see about reporting an accessibility complaint either to them or whichever government regulates them

Phil M0OFX hometown (AP)
#QOTD: “You can't give her that!' she screamed. 'It's not safe!'
IT'S A SWORD, said the Hogfather. THEY'RE NOT MEANT TO BE SAFE.
'She's a child!' shouted Crumley.
IT'S EDUCATIONAL.
'What if she cuts herself?'
THAT WILL BE AN IMPORTANT LESSON.”
#qotd
1 2
Arakin mastodon (AP)
still such a classic 😀
Karl Fredrik 🦊 mastodon (AP)
not to mention this brilliant illustration https://adi-fitri.tumblr.com/post/105355206099/its-a-sword-its-not-meant-to-be-safe-my
1 2

This meme is at least two years old, but current politics compels me to post it again.
1 3

On the OpenStreetMap wiki there is a list of example queries for the Overpass API (a tool to query OSM data). This one is my favorite
2 3
Aatheus mastodon (AP)
First Bank of Crimes

Dan Goodin mastodon (AP)

In 2012, an industry-wide coalition of hardware and software makers adopted Secure Boot to protect against a long-looming security threat. The threat was the specter of malware that could infect the BIOS, the firmware that loaded the operating system each time a computer booted up. From there, it could remain immune to detection and removal and could load even before the OS and security apps did.

To this day, key players in security—among them Microsoft and the US National Security Agency—regard Secure Boot as an important, if not essential, foundation of trust in securing devices in some of the most critical environments, including in industrial control and enterprise networks.

On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than 200 device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022. In a public GitHub repository committed in December of that year, someone working for multiple US-based device manufacturers published what’s known as a platform key, the cryptographic key that forms the root-of-trust anchor between the hardware device and the firmware that runs on it.

The repository included the private portion of the platform key in encrypted form. The encrypted file, however, was protected by a four-character password, a decision that made it trivial for Binarly, and anyone else with even a passing curiosity, to crack the passcode and retrieve the corresponding plain text. The disclosure of the key went largely unnoticed until January 2023, when Binarly researchers found it while investigating a supply-chain incident. Now that the leak has come to light, security experts say it effectively torpedoes the security assurances offered by Secure Boot.

“It’s a big problem,” said Martin Smolár, a malware analyst specializing in rootkits who reviewed the Binarly research and spoke to me about it. “It’s basically an unlimited Secure Boot bypass for these devices that use this platform key. So until device manufacturers or OEMs provide firmware updates, anyone can basically… execute any malware or untrusted code during system boot. Of course, privileged access is required, but that’s not a problem in many cases.”

https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/

1 3
Rachel Rawlings mastodon (AP)
File under "News that makes people want to retire and raise chickens, until they remember bird flu."
1 1

Awww what a touching poem!!! (by u/Not_NosyCat)
(AI Alt-Text)
1 2

Paul Cantrell mastodon (AP)

“Imagine a house where the drywall, flooring, fireplace, and light fixtures are all made by companies that need continuous access and whose failures would cause the house to collapse. You’d never set foot in such a structure, yet that’s how software systems are built.

“It’s not that 100 percent of the system relies on each company all the time, but 100 percent of the system can fail if any one of them fails.” https://hachyderm.io/@wka/112849901858780783

1 1

mitten mastodon (AP)
📑 I wish there were more wikis and fewer Discords. Chat is not documentation, people.
1 3

Alice McFlurry :bc: mastodon (AP)
I don’t have a lot of requests for my funeral, but one must-have is for my casket to be modded so the guests can ride it like a mechanical bull.
1 2

AzulCrescent mastodon (AP)

Blind spot

This was a "WTF" moment when i first found this out; hope i explained this well enough!

1 2

AutomataDog mastodon (AP)

Shreddyfox at FWA24

🦊: shreddyfox
📌: FurryWeekend

#Furry #Furries #Fursuit #FursuitFriday #Photography #Anthro #FurryArt #FurryArtist #FWA #FWA24

1 1

Haley's Head Mechanic mastodon (AP)

These oversized american vehicles are getting out of control! How can someone justify buying something big enough to crack the pavement just to pick up groceries or go to their office job?!

I bet this thing has never even seen mud. It's useless for doing any actual work. Its practically designed just for killing pedestrians and I think that shows exactly how much the landlord class in America values the lives of you and me and anyone else they see as beneath them.

#mecha #keimech

1 1

Pippin friendica

Give 'em someone they're actually willing to vote for, and people will want to vote.


Griffin:

Vote .org just announced a nearly 700% increase in daily voter registrations — more than 38,500 new registrations — in the 48-hour period following President Biden's announcement.

This figure marks the single largest number of voter registrations over a 48-hour period during the 2024 cycle.

👉🏼👉🏼Younger voters between 18 and 34 accounted for 83% of new registrations.



Laffy mastodon (AP)

Griffin:

Vote .org just announced a nearly 700% increase in daily voter registrations — more than 38,500 new registrations — in the 48-hour period following President Biden's announcement.

This figure marks the single largest number of voter registrations over a 48-hour period during the 2024 cycle.

👉🏼👉🏼Younger voters between 18 and 34 accounted for 83% of new registrations.

1 1

I'm keeping this one.
1 1

The Vargarnir system mastodon (AP)

Content warning: UKpol, Trans rights.

1 2

Robin C mastodon (AP)

Fantastic news for those of us who rely on breathing for our daily lives.

https://www.theguardian.com/environment/article/2024/jul/25/ulez-expansion-led-to-significant-drop-in-air-pollutants-in-london-report-finds

#London #ulez

1 2

The Register mastodon (AP)

OpenBSD enthusiast cooks up guide for the technically timid

If you want a simple step-by-step, this is the best we've seen French BSD enthusiast Joel Carnat has written a how-to guide on setting up a laptop with OpenBSD for general use. It's worth a go for the Unix-curious.…
#theregister #IT
https://go.theregister.com/feed/www.theregister.com/2024/07/25/openbsd_for_the_people/

1 1

1 4

When Sunday made history as the worldwide hottest day on record, it held the top spot for just one day: Monday is now the warmest day of global average temperature
- and Tuesday is second.
Three global temperature records set in three days.

Climate crisis? What climate crisis?

https://apnews.com/article/climate-global-temperatures-10600ef3b2092dfc4d456f0d593ee0de

1 2

Eric Topol mastodon (AP)
Masks work. Again. New Randomized trial
https://www.bmj.com/content/386/bmj-2023-078918
1 2

Satan mastodon (AP)
1 3

Yag Fox mastodon (AP)
1 1

Sebastian mastodon (AP)
#TIL that the #IAEA uses something called a „COBRA seal“ to seal relevant objects against manipulation. One type of these seals works by using a multi-core optical cable. When the seal is locked a random number of cores are cut. This creates a unique optical pattern that can be verified simply by shining a light into the cable and can’t be recreated.
#til #iaea
1 2

Pippin friendica

It's almost as if our glorious leaders really ought to, y'know, do something about it.


Sure feels great to see "_ was hottest day ever recorded on Earth" headlines every week


Volpeon :wvrnFlight: sharkey (AP)
Sure feels great to see "_ was hottest day ever recorded on Earth" headlines every week
1 2

K.T. mastodon (AP)
I dare you to draw your sona in the style of an Aardman claymation!
1 1
That one dragon(s) mastodon (AP)
@Jencen (bucket'o'Jencen)
That one dragon(s) mastodon (AP)
@Jencen oh, you still have it!
Jencen mastodon (AP)
@jacel Don't know if I have the original. I think it was in one of your sketch books.
But have this copy and still love it ❤
Jencen mastodon (AP)
do not ingest the happy fun Drgn!
Do not upend the happy fun Drgn!
Do not look into the operational end of the happy fun Drgn!
Do not immerse yourself, even partially, in the happy fun Drgn!
This entry was edited (1 year ago)

@jacel @Jencen
you did not say anything about drinking the happy fun Drgn…

>:}

@Jencen @jacel@m.prettyshiny.or

So as you can see, I can’t read, and am are not of the smarts <u>

Jencen mastodon (AP)
@Rivernoodl is OK. Didn't help I can't type >.>
@Jencen so anyways I started adding more ingredients to the soup
Jencen mastodon (AP)
@Rivernoodl ooooh! What shiny things have been added?
@Jencen rocks and moss. You can’t have soup without rocks and moss

mia iceshrimp (AP)
1 3

Dan Gillmor mastodon (AP)

This is pure cartel behavior: Reddit and Google have cut a deal that will freeze out all other search engines from indexing Reddit, where volunteers do essentially all the work.

This should not be legal.

It is VITAL to replace Reddit, and it will take a global village to do it. If we don't, the cartel wins.

And Google should be broken up by Congress, if the antitrust people won't try.

https://www.404media.co/google-is-the-only-search-engine-that-works-on-reddit-now-thanks-to-ai-deal/

This entry was edited (1 year ago)
2 4

So it seems @protonprivacy is adding Crypto wallets. My opinion, that is a horrible idea. As far as I've seen, crypto currency, especially Bitcoin is mostly a scam, it's also highly destructive to the environment. Not to mention Bitcoin it's self is not private, making it a very odd choice for a company who is supposed to specialize in privacy. Much like the Generative AI released previously, this is not something I wanted or asked for, and makes me trust Proton less and less.
1 3

Cendyne mastodon (AP)

It's 2026, McDonald's has partnered with IBM again for verbal order placement in the drive through.

You left your wallet at home, but know tap to pay works with your phone.

You arrive at the takeout window, no one is there. Your food is behind a glass mechanical door. You tap your phone and a voice tells you:

"This payment method is not accepted, please use a trusted device."

You ask what a trust device even means, a voice responds devices without any modification to the Operating System. You don't care what an OS is, you want those chicken nuggets.

You press again and the voice gives an example "Your device may be jail broken." You ask why this gets in the way of paying with your card backed by your connection to BigPhoneOSCorp.

The voice says: "I cannot disclose that information"

You drive away.

1 3
Cendyne mastodon (AP)

The person behind you never gets their food, the voice thinks it is still in a conversation with you until they pay... for your food.

The window won't switch food until the next driver rolls in.

They can't get their food until they pay for the previous persons food.

They never scripted this edge case.

For the next three years this location continues to serve food offset by one customer.

1 3
Kay Ohtie mastodon (AP)

Why are you doing things on my device that require that level of scrutiny?
"Apple/Google pay!"
Then just disable that feature and let me use the card you're storing deets of on your server.

No one cares if a rootkit manages to order 100 mcnuggets on my behalf. They can mcshove it.

1

Neil Brown mastodon (AP)

If Tesla (the organisation) ceased to exist, how much functionality in a Tesla (the car) would cease to work?

Would it still be driveable, able to charge etc.?

Is the same true of other modern cars?

1 3
Ikani mastodon (AP)
So, thinking on this, there's a lot that the cars need to be able to do without phoning home, since cell data doesn't cover everywhere. Unlocking the doors, the charge port, starting the car, etc. would all work. Updates and remote app control would obviously break. Charging at home is a non-issue but I'm not sure what would happen with superchargers. That would probably fail due to failed billing queries. Traffic aware routing would also break. Same with music streaming.
1

Craig Groeschel mastodon (AP)

The exciting news about the R21 malaria vaccine makes me want to point out that malaria is endemic in parts of the world. And it kills about half a million people every year.

You know what's coming.

Say it with me.

All together now:

Endemic does not mean benign.

1 2

1 2
RevK :verified_r: mastodon (AP)
yeh, my first thought would be a QR to do pretty much all the typing needed.

sockfox mastodon (AP)
hi I haven’t posted here in a while
1 1
Thumper mastodon (AP)
Hi Sock! Looks amazing :)
Later posts Earlier posts