„AfD-Abgeordnete gehen gezielt gegen gemeinnützige Vereine vor:
Ziel ist Aberkennung der Gemeinnützigkeit“
#gemeinnützig #AfD #Verbotspartei #schwarwel

Ok, jetzt wirds lustig. Alle OpenR@athaus Instanzen, also die egovernment Services aus 300 Kommunen sind jetzt einfach mal offline. Danke
@bsi !

Und ich dachte, meine Dunstabzugshaube mit App-Steuerung ist das bescheuertste was es gibt...

Heute am Frühstückstisch einen miesen Lachflash bekommen … Danke @sueddeutsche_feed

“I could rewrite #curl”

Here's my collection of some less cheerful quotes to keep me firmly grounded. Blogged three years ago today:

https://daniel.haxx.se/blog/2021/05/20/i-could-rewrite-curl/

I wish more people who are worried about FOSS supply side attacks would realize that universal basic income and free healthcare would result in an almost infinite stream of excellent software from people who care more about quality than profit.

Intelligent Cat Humor

#catsofmastodon

This xz backdoor thing reminds me of a story I heard from friends that worked at a tech company that made cell phones. They had a great coder that worked on the project, he had put in work as a contractor for a few months, and due to the quality of his work he was hired in full time. After two months he simply stopped showing up to the office.

An investigation turned up the following interesting items. His account had accessed all files including source code to *all* cellular projects - in that he had apparently downloaded a copy of everything. He had committed a large amount of contributions to the project he was assigned to. None of his paychecks were ever cashed. A wellness check to the house he had rented was performed and the house was completely empty. Per the landlord he'd paid for 6 months rent in advance in cash. Apparently he never physically moved in. No record for him nor his social security number seemed to check out. The guy was a ghost.

I was asked about recommendations on future prevention by friends who worked there - no idea how far they got in their investigation, if backdoors were ever found or even existed, or if the Feds were ever involved. The punch line? This was probably a couple of decades ago.

This shit is real, and it has been going on for a long time.

#infosec

I've heard about the interview process at Cannonical, but sweet XML Jesus on a Segway, it's even worse.

https://hachyderm.io/@sara/112117125241735836

Docusign just admitted that they use customer data (i.e., all those contracts, affidavits, and other confidential documents we send them) to train AI:

https://support.docusign.com/s/document-item?language=en_US&bundleId=fzd1707173174972&topicId=uss1707173279973.html

They state that customers "contractually consent" to such use, but good luck finding it in their Terms of Service. There also doesn't appear to be a way to withdraw consent, but I may have missed that.

Zero Trust Environments

Voices of Open Source: The European regulators listened to the Open Source communities! https://blog.opensource.org/the-european-regulators-listened-to-the-open-source-communities/
Open Source Entwickler doch nicht für Sicherheitslücken (etc) in ihrer Software haftbar wie kommerzielle Entwickler. Das war auch *extrem* weltfremd.

Someday, I'm going to need one of these. 😸

who needs a clapper when you got a booper

#Caturday