Security alert: social engineering campaign targets technology industry employees
GitHub has identified a low-volume social engineering campaign that targets the personal accounts of employees of technology firms. No GitHub or npm systems were compromised in this campaign. We’re publishing this blog post as a warning for our customers to prevent exploitation by this threat actor. ⌘ Read more
An official FBI document dated January 2021, obtained by the American association “Property of People” through the Freedom of Information Act.
This document summarizes the possibilities for legal access to data from nine instant messaging services: iMessage, Line, Signal, Telegram, Threema, Viber, WeChat, WhatsApp and Wickr. For each software, different judicial methods are explored, such as subpoena, search warrant, active collection of communications metadata (“Pen Register”) or connection data retention law (“18 USC§2703”). Here, in essence, is the information the FBI says it can retrieve:
Apple iMessage: basic subscriber data; in the case of an iPhone user, investigators may be able to get their hands on message content if the user uses iCloud to synchronize iMessage messages or to back up data on their phone.
Line: account data (image, username, e-mail address, phone number, Line ID, creation date, usage data, etc.); if the user has not activated end-to-end encryption, investigators can retrieve the texts of exchanges over a seven-day period, but not other data (audio, video, images, location).
Signal: date and time of account creation and date of last connection.
Telegram: IP address and phone number for investigations into confirmed terrorists, otherwise nothing.
Threema: cryptographic fingerprint of phone number and e-mail address, push service tokens if used, public key, account creation date, last connection date.
Viber: account data and IP address used to create the account; investigators can also access message history (date, time, source, destination).
WeChat: basic data such as name, phone number, e-mail and IP address, but only for non-Chinese users.
WhatsApp: the targeted person’s basic data, address book and contacts who have the targeted person in their address book; it is possible to collect message metadata in real time (“Pen Register”); message content can be retrieved via iCloud backups.
Wickr: Date and time of account creation, types of terminal on which the application is installed, date of last connection, number of messages exchanged, external identifiers associated with the account (e-mail addresses, telephone numbers), avatar image, data linked to adding or deleting.
TL;DR Signal is the messaging system that provides the least information to investigators.
An official FBI document dated January 2021, obtained by the American association “Property of People” through the Freedom of Information Act.
This document summarizes the possibilities for legal access to data from nine instant messaging services: iMessage, Line, Signal, Telegram, Threema, Viber, WeChat, WhatsApp and Wickr. For each software, different judicial methods are explored, such as subpoena, search warrant, active collection of communications metadata (“Pen Register”) or connection data retention law (“18 USC§2703”). Here, in essence, is the information the FBI says it can retrieve:
Apple iMessage: basic subscriber data; in the case of an iPhone user, investigators may be able to get their hands on message content if the user uses iCloud to synchronize iMessage messages or to back up data on their phone.
Line: account data (image, username, e-mail address, phone number, Line ID, creation date, usage data, etc.); if the user has not activated end-to-end encryption, investigators can retrieve the texts of exchanges over a seven-day period, but not other data (audio, video, images, location).
Signal: date and time of account creation and date of last connection.
Telegram: IP address and phone number for investigations into confirmed terrorists, otherwise nothing.
Threema: cryptographic fingerprint of phone number and e-mail address, push service tokens if used, public key, account creation date, last connection date.
Viber: account data and IP address used to create the account; investigators can also access message history (date, time, source, destination).
WeChat: basic data such as name, phone number, e-mail and IP address, but only for non-Chinese users.
WhatsApp: the targeted person’s basic data, address book and contacts who have the targeted person in their address book; it is possible to collect message metadata in real time (“Pen Register”); message content can be retrieved via iCloud backups.
Wickr: Date and time of account creation, types of terminal on which the application is installed, date of last connection, number of messages exchanged, external identifiers associated with the account (e-mail addresses, telephone numbers), avatar image, data linked to adding or deleting.
TL;DR Signal is the messaging system that provides the least information to investigators.
hello person
↳
In-reply-to
»
First test post from GTK UI!
⤋ Read More
One thing I need to also fix - is the way a reply is done, I need it to add the mentions as well, so that you can reply to a person more easily, instead of just the thread.
GitHub Copilot X: The AI-powered developer experience
GitHub Copilot is evolving to bring chat and voice interfaces, support pull requests, answer questions on docs, and adopt OpenAI’s GPT-4 for a more personalized developer experience. ⌘ Read more
Erlang Solutions: Presentamos el soporte de transmisión en RabbitMQ
¿Quiere saber más sobre el soporte de transmisión en RabbitMQ? Arnaud Cogoluègnes, ingeniero de personal de VMware, desglosa todo lo que hay que saber en la Cumbre RabbitMQ de 2021.
En julio de 2021, se introdujeron streams a RabbitMQ, utilizando un nuevo protocolo extremadamente rápido que se puede utilizar junto con AMQP 0.9.1. Los [streams](https://www.erlang-solutions.com/blog/rabbitmq-quorum-queues-explaine … ⌘ Read more
This time I’m doing my commute (to my second flat) with this new 70L travel backpack from Decathlon. It’s already full with just my work stuff (notebook, keyboard, mouse) and some other stuff (personal notebook, smaller backpack, toiletries, 2L water bottle). How am I supposed to fit 14 days of vacation stuff in there? 🤔 Good that I can take a vacation without having to take the work stuff with me. 😅 ⌘ Read more
↳
In-reply-to
»
👋 Hey y'all yarners 🤗 -- @darch and I have been discussing in our Weekly Yarn.social call (still ongoing... come join us! 🙏) about the experimental Yarn.social <-> Activity Pub integration/bridge I've been working on... And mostly whether it's even a good idea at al, and if we should continue or not?
⤋ Read More
And mostly whether it’s even a good idea at al, and if we should continue or not?
I think that activitypub in yarn is a great feature! And also one of the easier ones to set up and get going.
And as I said last week - I think it’s a important features - and will drive adoption.
It is optional as well - so if one does not want it - just not turn that feature on.
I personally was missing the fact that I could not easily follow others before you added activitypub, but now I can choose to follow them, which is great.
New machine for work.
I get to keep the old one for personal use
The company I work work added a hybrid solution after covid restrictions lifted, we can work x amount of days a week from home.
Which was a great solution. Covid proved that everyone could work from home and still meet the project demands.
Personally I prefer the office, even if I have to be there alone (I worked for months alone there). But I also like the flexibility when I need it.
** Ideas for making accessibility and equity a core part of the software development lifecycle **
In accessibility and the product person I said
we need to make accessibility a core part of our processes
Here, I want to talk about that in more detail. I want to briefly explore what making accessibility a part of core processes looks like, and how that is different from centering access … ⌘ Read more
@prologic@twtxt.net personally I would like it integrated and opt-in. just enable with a flag when starting up yarnd.
** Accessibility and the product person **
This post is a slightly modified version of a talk I presented to the product practice at my work. It presents a few ways that product designers and managers can help to move accessibility forward. It is a little bit different than what I normally share, here, but, I thought it may be interesting to some folks.
[
⌘ Read more
H3: Instead of C3
[Updated with correct Gemlog link.]
A version of this was posted on on 2023-01-06 but I thought it might
also fit here. Go to my gemlog for somewhat more personal takes and
see what I publish first. IPv6 only!
gemini://gem.hack.org/mc/log/
As long-time readers know I have participated in the Chaos
Communication Congress (C3) in Germany every year since 2008.
Since C3 was cancelled this year I thought I’d arrange a very small
conference of my own. I would at least try to gather some friends and
acquaintances … ⌘ Read more
H3: Instead of C3
A version of this was posted on on 2023-01-06 but I thought it might
also fit here. Go to my gemlog for somewhat more personal takes and
see what I publish first. IPv6 only!
gemini://gem.hack.org/log/
As long-time readers know I have participated in the Chaos
Communication Congress (C3) in Germany every year since 2008.
Since C3 was cancelled this year I thought I’d arrange a very small
conference of my own. I would at least try to gather some friends and
acquaintances in chat and video conference and watch t … ⌘ Read more
Two Wild Soviet Personal Computers of the 1980s
The Agat 4 and the Iskra 1256. The height of Soviet-styled, Sci-Fi inspired personal computers. ⌘ Read more
My 2022 in Review
2022 is over, welcome 2023! A year full of unexpected events, many personal changes and a lot of new experiences… But since I wrote a review every month, I just want to highlight the highlights here. ⌘ Read more
And the magical person behind this, thanks and the best wishes to you
❤️ 🎶: What a Person Like You by Shim Soo Bong
TIL: gwern has met Jürgen Habermas in person: https://www.lesswrong.com/posts/DXcezGmnBcAYL2Y2u/yes-a-blog?commentId=nhpQK5787tMoaYDWp
If intelligence enables a person to identify problems, and problems make a person unhappy, then an intelligent person will have at least one factor that tends to increase unhappiness. If you’re so smart, how come you’re not happy? | Hacker News
would it be possible to have some indication if you already follow a person? like where the profile pic is - some indication if you are already following or not? I often have to click in to know.
↳
In-reply-to
»
I guess Google Hangouts is finally dead.
⤋ Read More
This is by design due to Google culture. The only way to get promoted into the higher pay scales is to ship a new product. So you have people shipping what worked before without regard to how it will exist within the product ecosystem. Also, why they seem to die off so quickly after launch. see allo and duo for example. The person that launches gets promoted to a higher level and off the original team and so it is left to wither and die.
↳
In-reply-to
»
I guess Google Hangouts is finally dead.
⤋ Read More
This is by design due to Google culture. The only way to get promoted into the higher pay scales is to ship a new product. So you have people shipping what worked before without regard to how it will exist within the product ecosystem. Also, why they seem to die off so quickly after launch. see allo and duo for example. The person that launches gets promoted to a higher level and off the original team and so it is left to wither and die.
I was inclined to let this go so as not to stir anything up, but after some additional thought I’ve decided to call it out. This twt:
is exactly the kind of ad hominem garbage I came to expect from Twitter™, and I’m disappointed to see it replicated here. Rummaging through someone’s background trying to find a “gotcha” argument to take credibility away from what a person is saying, instead of engaging the ideas directly, is what trolls and bad faith actors do. That’s what the twt above does (falsely, I might add–what’s being claimed is untrue).
If you take issue with something I’ve said, you can mute me, unfollow me, ignore me, use TamperMonkey to turn all my twts into gibberish, engage the ideas directly, etc etc etc. There are plenty of options to make what I said go away. Reading through my links, reading about my organization’s CEO’s background, and trying to use that against me somehow (after misinterpreting it no less)? Besides being unacceptable in a rational discussion, and besides being completely ineffective in stopping me from expressing whatever it is you didn’t like, it’s creepy. Don’t do that.
Introducing fine-grained personal access tokens for GitHub
Fine-grained personal access tokens offer enhanced security to developers and organization owners, to reduce the risk to your data of compromised tokens. ⌘ Read more
I heard COBOL devs get paid a ton…
You probably want to share this with everyone you know. Because, you know, you’re a nice person. The Lunduke Journal Community — About the Lunduke Journal — Subscriber Perks The Lunduke Journal Weekly Schedule: Monday - Computer History Tuesday - Computer & Linux Satire ⌘ Read more
Tigase Blog: Tigase Instant Communication, Presence and Messaging
What is “Instant Communication”First things first. What is this all about?
We say this is “Instant communication” or “Near real-time communication” and indeed, this is about communicating,
talking, sending messages, sending other information, documents. Instant or real-time means, whatever you send, is sent
right away, it is also delivered right away.
Would the receiving person get it right away too? Well, it depends, if the person is online, it … ⌘ Read more
How Lunduke handles conflict, personal attacks, & political differences in the Tech industry
Listen now (51 min) | The Lunduke Journal Podcast - September 7, 2022 ⌘ Read more
Contributing to open source at GitHub
A software engineer’s personal journey to becoming an open source contributor. ⌘ Read more
@prologic@twtxt.net I think those are fine because its just sharing someone elses post to people who follow you. Those people who follow you might not follow the orginal person and in return might never see that post unless its retoos/retweets. The thing that is harmful is likes.
What you can expect at GitHub Universe 2022: cloud, security, community, and AI
Register now to attend GitHub Universe virtually or in-person at the Yerba Buena Center for the Arts in San Francisco on November 9-10. ⌘ Read more
Tips & tricks for using GitHub projects for personal productivity
GitHub Issues is a core component of how developers get things done and, as we built more project planning capabilities into GitHub, we’ve found some fun and unique ways to use the new projects experience for personal productivity. ⌘ Read more
Minimizing Liabilities Is Making It.
The default way to look at financial “independence” nowadays is to think that means “making a lot of money.”
That’s understandable.
But then you see stuff like this:
Or this:
It takes until 30 for a person to be as rich as they were when they were born. (And this is average net worth … ⌘ Read more
I just discovered that my phone app (on my personal smartphone) shows me the total call duration of all calls made with the phone so far. A total of about 137.5 hours, which is over five and a half days (!). And that’s just the calls I’ve made using the phone app in the last 22 months. With Telegram and WhatsApp (and my landline phone), I’m sure a few more hours could be added. I’ve often heard the statement that smartphones are hardly used for making calls anymore these days. But apparently I can disprove that. On … ⌘ Read more
One developer’s journey bringing Dependabot to GitHub Enterprise Server
A personal story about building the feature you want and sharing it with the world. ⌘ Read more
The “news” makes very little impact on the average person’s daily life. Why won’t some people pay for news? | Hacker News
The Lunduke Journal Podcast - May 30, 2022
Listen now (17 min) | Lunduke is heading back to in-person conferences! (SO EXCITED!) ⌘ Read more
The Lunduke Journal is heading to in-person conferences!
Want to help? Here’s how! ⌘ Read more
Linux Sucks 2020
Watch now (73 min) | The first Linux Sucks not recorded in front of an in-person audience. ⌘ Read more
Linux Sucks 2022 is now available!
“This time it’s personal.” ⌘ Read more
Linux Sucks 2022
Watch now (68 min) | “This time it’s personal.” ⌘ Read more
No standstill?
When I reflect on myself like this, I have long had the impression that I am a person who cannot live at a standstill. I always need a topic that keeps me busy, a thing in my life that I can optimize or at least a frequently changing topic that I can dive into. ⌘ Read more
In ancient Athens, there was a punishment named rhaphanidosis - inserting a radish into the person’s anus. I think that, once I’ve become the leader of the free world, I will reinstate said punishment for people who call keyboards “keebs”.
Ground Zero for the Personal Computer Industry: 1977’s West Coast Computer Faire
The introduction of the Apple II and the Commodore PET. ⌘ Read more
Childhood Toys
⌘ Read more
okay, so here’s a claim: axes of personal development à la Kegan are in principle orthogonal to meditative attainments
Google reportedly planning subscription service for your personal data
“For the first time ever, we will allow people to own their own data. This is truly revolutionary.” ⌘ Read more
Sure, the big five model is okay, but I prefer a real personality model: dishwasher totalitarians versus dishwasher anarchists
short story about a cancer researcher who starts murdering patients in the control group because he expects there to be a null result, but he always puts on a mask that prevents him from directly seeing the person he kills—double blind
↳
In-reply-to
»
This looks promising - https://lapce.dev
⤋ Read More
Lots of personal preference, but I disagree on Acme: it’s far and away my preferred editor on unix-like systems, too.
that is to say, both might be relevant for personal effectiveness, and both are tangentially related to big problems (how do we bring about good states of consciousness & how does society organise sexuality so that everything works ~well), but not much beyond that.
i think posting about personal meditation practice on the EA forum is bad, because personal meditation practice is as relevant to EA as advice on seducing people.
that’s why cold approach in person works so well, or why programming is easier than mathematics, or why you should build explicit models as quickly as possible (even if they’re shit), or why meditation is so hard
Trudeau, Freeland met with Ukrainian neo-Nazi party cofounder
A person’s feelings don’t have one answer like a math problem. Fantasy and Love: Mischievous Kiss Quotes | Korean Drama Quotes
funder (thunder but with fun, f*** under, fun; der, person who gives funding)
This morning Kaja’s condition deteriorated and by about 6h they weren’t able to recussitate her. I already miss the huge personality from such a small creature
. this stuff is seriously profound, and you’re able to change your bodymind in profound ways that mightn’t be obvious at first
you are a successful person who has started recently reading lesswrong, i am a novel rodent control agent
every copy of Jensen’s inequality is personalized
A new text-mode “Psuedo-3D Engine” written in BASH
Imagine an old-school dungeon crawler, first person game. In ASCII art. Running in your terminal. It’s a thing of beauty. ⌘ Read more
@prologic@twtxt.net I am seeing a problem in which not-so-active users, such as myself, are ending up having a blank “Recent twts from…” under their profiles because, I assume, the cache long expired. What can be done about it? Business personalities such as myself can’t be around here that often! Could something be implemented so that, say, the last 10 or 20 twts are always visible under one’s profile? Neep-gren!
Peter Saint-Andre: MLK and Personalism
In my recent post on idealism and identity, I mentioned my attraction to the philosophy of personalism, with its emphasis on human dignity. It is perhaps a little-known fact that Martin Luther King, Jr., was greatly influenced by that very philosophy. Early in life he ventured north to study at Boston University, then the center of personalist thought in America, where he completed his doctorate under theologian Edgar Sheffield Brightman. We can see the deep influence of personalism on King’s … ⌘ Read more
Finding our Nerdy Happy Place
I’d like to take a step back from my regular Mega-Nerdy ™ articles for just a moment… To talk about things from a more personal point of view. Today was a rough day in the news. I won’t go into the details here, but things were happening out there in the world that made me pretty sad. And frustrated. And afraid. Things that hit close to home. ⌘ Read more
Peter Saint-Andre: Idealism and Identity
Personal identity is a deep, and deeply meaningful, subject: at some level, what’s more important than what makes you you? Paradoxically, throughout history and across cultures, often personal identity has been a social construct, tied closely to tribe, clan, family, ethnic group, race, caste, class, societal role, and so on - usually in opposition to some Other (“I’m a Capulet, not a Montague”, “I’m a proletarian, not a bourgeois”, etc.)…. ⌘ Read more
↳
In-reply-to
»
@tamer We're not trying to compete with anything... If you've read About Yarn.social -- In a nutshell I want to create an open, transparent social platform that respect's folks privacy and freedoms. It must also be easy to use and down-to-earth where human interactions actually matter. None of this rubbish of manipulating what you see, driving up engagement numbers to serve your advertisers and all that garbage
⤋ Read More
@prologic@twtxt.net sorry about the spelling mistakes. English is my third language.
Also I didn’t mean to question the vision as such.
Just ment a mobile up that pulls in files directly from the users follow list would line up better with the idea of decentralizing personal data. Since not everyone will be running a pod, but most everyone can have a public facing folder. Specially now with services like Skynet coming online.
Sorry hope I didn’t offend you too much.
new blog post hashing out my personal good, bad, and ugly of 2021
My 2021 in Review
The year has almost reached its 100% progress, so it’s time again to take a look back and see what happened especially for me personally so 2021. I have written a monthly review every month (already the second year in a row), so here are the highlights of the past 12 months: ⌘ Read more
Web3 being “democratic” makes perfect sense if you can’t tell the difference between a dollar and a person.
@lyse@lyse.isobeef.org I’m a big fan of using PyCharm and IntelliJ on large Python and Java codebases respectively. In my personal life, I mostly use Emacs (because I don’t hack much Java outside of work), but I do wonder what GoLand is like.
How to Select the Docker Subscription That’s Right for You
On August 31st, 2021, we announced updates to our product subscription tiers. These changes are helping us to deliver on our mission to simplify application development and remove complexities for developers, while also providing the security and scale businesses rely on. With four different subscription options: Personal, Pro, Team, and Business, it might be difficult […]
The post [How to Select the Docker … ⌘ Read more
@fastidious@arrakis.netbros.com You might not want to .. like the other tiktok it is rather pointless noise. Especially because its set to my personal timezone.
@fastidious@arrakis.netbros.com You might not want to .. like the other tiktok it is rather pointless noise. Especially because its set to my personal timezone.
Hmmm so… We seem to have a few pods offline in the network 😂 Also 😢
- @jlj@twt.nfld.uk’s twt.nfld.uk => 504 Gateway Time-out
- @adi@f.adi.onl’s f.adi.onl => 200 OK but doens’t appear to be a pod anymore?! 🤔
- @eldersnake@yarn.andrewjvpowell.com’s personal pod => offline due to lack of Solar/Battery power? 😅
- @lohn@tw.lohn.in’s personal pod => 503 Service Unavailable
It’s a bad day for Yarn.social 🤣
Good thing it’s all decentralised 😉
10 personal finance lessons that changed my life ⌘ Read more
Telegram Ads
So Telegram now has ads. But unlike the ads from Google, Facebook or Apple, the ads are not personalized and much more privacy friendly. The ads simply consist of a maximum 160-character message with no external links and are displayed only in large public channels. ⌘ Read more
Screaming In the Cloud with Corey Quinn and Docker CEO Scott Johnston
On August 31st, Docker announced updates to our product subscriptions — Docker Personal, Pro, Team and Business. Our CEO Scott Johnston recently joined Corey Quinn on an episode of Screaming in the Cloud to go over all the details and discuss how the changes have been received by businesses and the broader developer community. The […]
The post [Screaming In the Cloud with Corey Quinn and … ⌘ Read more
↳
In-reply-to
»
#BUG (or feature?) when I hit reply twtxt.net no longer fill in the
⤋ Read More
@mention of the persons who's post I'm replying to...
@darch@twtxt.net
It will only use the nick of the person to whom you are replying, no the occasional never ending chain link of nicks. 😄
#BUG (or feature?) when I hit reply twtxt.net no longer fill in the @mention of the persons who’s post I’m replying to…
009.02 FWUP: I increasingly don’t like how personally people tend to take things…
Docker Desktop 4.1 Release: Volume Management Now Included with Docker Personal
Thanks to all of your positive support of the Docker subscription updates we announced on Aug 31, 2021, we’ve been able to focus on delivering more value to all users, starting with making Volume Management available for users on any subscription tier, including Docker Personal. Just update to Docker Desktop 4.1 to start using it. […]
The post [Docker Desktop 4.1 Release: … ⌘ Read more
Assuming the DNS is playing ball now, my little personal site https://www.andrewjvpowell.com/ is now self hosted and solar powered. As @mckinley@twtxt.net can attest, running on the original nearlyfreespeech.net non-production plan could use as little as $0.01 per day so there’s not really any advantage to this, its just… because I can 🙃
Obscenities are symptoms of weak minds.
Over the past few years, I made the decision to totally cut obscenities out from my speech. You might actually be able to find recordings of me cursing four or five years ago, but as of now, I really stand by my decision.
Obscenities are the linguistic equivalent of an trashy emaciated person entirely decked in tattoos, smoking cigarettes and wearing a shirt with nudity on it. They’ll defend what they do on the idea that it’s someone “their right,” or “e … ⌘ Read more
New GRU Devlog published - first contribution from other person and more tools ideas :)
Can I rely on IPFS mirrors only yet for serving my personal static website? Probably only when you’re a popular IPFS oriented site.
musical experience that involve harvesting, farming, growth, and caretaking of virtual musical creatures with personality. creatures would socialize with eachother and their interactions would change the overall musical sounds implicitely. #halfbakedideas
Making sure my personal profile site is navigatable using a keyboard only for fun
I am not the sort of person who worries a lot about their career growth. I never was a manager and I was always happy to just quietly hack on interesting problems. If you can find the right corners to work in, Google is a pretty great place for that kind of attitude. Tech Notes: Leaving Google
Potentially. What environment/language(s) are you working in? I’d dump fuse for 9p, personally :-)
Hypothes.is is now enabled on my personal site https://johanbove.info - so I can give some insights in what I wrote and it allows for interaction with visitors.
“You’ll hear irrelevant, personalized music…” wait, what?
On the blog: Do the Work https://john.colagioia.net/blog/2021/06/06/do-work.html #rant #personal #ally #harm
Octoverse Spotlight 2021: The Good Day Project—Personal analytics to make your work days better ⌘ Read more…
Conspiratorial Thinking and “Multiple Outs”
How to do magic tricks…Magicians have this concept called “Multiple Outs.” It’s actually how you can do simple magic tricks. Suppose you have a person pick a card and say you will guess the suit of their card.
They pick a diamond card and announce it, and you tell them to check underneath their chair to reveal a slip of paper that says, “You will pick a diamond card.”
That might sound like a nice trick, but if they had picke … ⌘ Read more
I just made the decision to allow a domain I own to expire. Personal growth is possible!