Gaza's Health Ministry said on Sunday that Israeli attacks killed at least 48 Palestinians and wounded 104 over the previous 24 hours as the US-backed genocidal war continues, with much of the world's attention focused on the US attacks on Iran.
Or historical exploits/trojans/etc. that deserve more attention? I've mostly heard about lucrative vulnerabilities that concern Linux servers, but what about the end-users on desktops? Or is the Linux desktop market small enough that we mostly just see one-off instances of users blindly running malicious scripts?
Not in the way you're probably thinking, which I assume is like in a Windows-y kind of way.
Finding an exploitable escalation of privileges in Linux is rare, but unpatched machines get hacked all the time, but the world of worms, and such is kind of gone.
The way most end-user machines get compromised these days is by supply chain attacks, undiscovered zero-day exploits, user error, and social engineering. Groups that discover zero-days usually keep it close the vest, and they don't get found for long periods of time after they've been out in the wild.
The way most corporate machines get attacked is social engineering, supply chain, and zero-days. Mostly crypto mining schemes and enterprise-level ransoms for data.
All the Windows botnets you hear about out there are largely unpatched machines exposed to the internet in various stupid ways that groups prey on to take control of.
Edit: Forgot about leaked secrets. Lots of companies get hit from plaintext secrets that get out in the wild via various stupid means.
Malware targeting individuals rather than servers do not need privilege escalation. They just need to run as the user and swipe cookies/credentials/wallets etc. Privilege escalation would allow them to do catastrophic damage but that's not the point in that case.
I haven’t heard of any such cases, but it is a smaller pool of users. Also, many desktop Linux users know more about using a computer than other operating system users, since it’s less common for Linux to come preinstalled. So that may affect it, too.
I imagine vulnerabilities with the Linux kernel or common utilities do apply to desktop users as well, which is a good reminder why staying up-to-date is important. But to my understanding, exploiting remotely would need a way of sending data to the target. And most desktop computers won’t have ports open to the internet for anyone like servers will.
I know that Wayland’s design does make it more difficult for a user-mode program to act maliciously, like as key-loggers or reading the clipboard.
All good! You're still totally right; outside of the context, Linux has quite the user base with servers, embedded devices, and even phones, if we count Android. I think that’s relevant because it means we can’t rely on “security by obscurity”.
Sorry for the late reply. Also @Cricket’s response is great and actually references a source!
Anecdotally though, as a user, I’ve noticed that some things require extra permissions. Usually there’s a prompt from the operating system that’ll ask for permission capture the desktop, which lets me specify which window or monitor to share. It uses the “XDG Desktop Portal”, which was already what allowed Flatpaks to securely access OS resources, and it has a whole bunch of different requests for resources and permissions. It’s similar to a web browser, where it’ll prompt you for privileges when an app wants them.
The hardest pain point for me has been that an app cannot detect keyboard input if it isn’t focused. This could prevent key loggers, but it also makes global shortcuts not work. There is a protocol that allows an app to request a key be forwarded to it, but it’s not widely implemented in apps (discord, for example) and I’ve had to rely on workarounds.
There were a few in the last couple of years, but not a widespread virus like Windows. There was a hiding in plain sight virus. Basically just files named similarly and a mechanism to hide itself when you ran 'top' type commands,
I think, on a personal Linux desktop, more damage is done by malicious browser extensions than by actual viruses or root kits. So you could classify it as social engineering, maybe.
I heard there was some zero day via some rootkit that hijacked the bootloader for newer linux desktop kernels. Some korean cybersec students or smth I don't remember. But it was very recent like last year iirc?
TLDR: While Linux is less susceptible to malware in some ways, it mostly boils down to Linux having a more technically minded userbase whereas Windows is a "mainstream" operating system.
Most Windows malware nowadays come from social engineering scams (complete this "captcha" by pressing Windows+R and pasting in this powershell script we conveniently put in your clipboard) or untrusted third party installers because Windows doesn't natively have a package manager. Like others have said, the old school self-propagating worms and drive by downloads that activate just by clicking on a link aren't really possible anymore (outside of state actors with unlimited budgets to buy zero days) unless your system or browser is horrifically outdated.
In terms of social engineering, Linux is not necessarily better at preventing it than Windows. In fact, sudo in Linux will unquestioningly delete the kernel and system software or make unlimited changes to them. Windows, for better or for worse (tbh more worse than better), uses TrustedInstaller to limit access to system files. Windows 11 won't easily let you delete or modify System32 for example, even if you're an admin. So it's in theory easier to do more damage to your system on Linux if you don't know what you're doing. But if someone is using Linux full time, they're most likely technical enough to not be fooled into running random untrusted bash commands.
The biggest thing is to be careful with those Linux terminal tutorial sites that have a "add to clipboard" button, they can put literally anything into your clipboard, including an enter key to run the script as soon as you put it in your terminal (though this may or may not be possible depending on your terminal app). Actually, they don't even need you to use their copy button. They can just set an event listener for control-C anywhere on their site and automatically replace the clipboard content. Just double check everything you copy before running it, especially since there's a lot of times where Linux users have to rely on obsecue tutorials hosted on untrusted websites.
You also don't really need to run untrusted installers on Linux because almost everything you need is in a properly moderated software repository, be it your native package manager, Flatpak, or Snap. Everything is signed by the authors and has a ton of eyes from the open source community on it. The only things to look out for is compiling something from GitHub, random AppImages, Elf binaries, scripts, and last but not least third party repositories that can be added as an installation source to your package manager/Flatpak/Snap. Basically, Linux gets most of its "doesn't get malware" reputation from the same place Mac does: you rarely have to manually download and run an executable from a random website, which is the norm on Windows. Add to the fact that even when that's needed, the Linux userbase is more technical and is more able to discern which sources are reputable and which are suspicious.
Another major source of malware is pirated versions of Windows or untrusted "license activators" from the internet. This just isn't a problem on Linux because there's no license to activate and it's free to begin with so there's nothing to pirate. And again, if someone is running Linux, they're probably technical enough to know not to run random pirated versions of paid software to begin with, helped by the fact that the vast majority of paid software is Windows only.
While the world’s attention is focused on Iran, Israel’s war in Gaza continues. Gaza health officials said Israeli strikes over the past 24 hours killed 51 Palestinians and wounded 104.
US President Donald Trump reported overnight into June 22 that the US had conducted a successful attack on three nuclear sites in Iran, including Isfahan, Natanz, and Fordow
Still to the east of Icefields Parkway the Cline river feeds into the N. Saskatchewan river. You’ll hike above the canyons carved over time by the Cline for 2 miles before heading back while seeing 3 or 4 waterfalls (still frozen at time of hike) and have sweeping views of Sentinel mountain. On the return, you can come back the way you came (recommended) or return via a horse trail that loses the majority of the view. Hiked 5/21
The Cline river flows away from Sentinel Mountain before cutting its way into the canyon below.
The Cline river cut through this ridge over time, creating the entrance to a slot canyon. The stream quickly redirects itself as it hammers into the cliff wall.
The still frozen waterfall shows some life as a small trickle finds its way out the lower section. There were 3 or 4 still frozen falls along the trail. Black and white.
The Cline river exits a slot canyon with Sentinel mountain off in the distance.
He likes to keep a low profile. But Sir Trevor Chinn is one of the most powerful men in British politics.
The retired businessman has donated millions to politicians, facilitated Prime Minister Keir Starmer’s rise to power, helped destroy the movement around Jeremy Corbyn, and, above all, has made sure that both major parties support Israel and its expansionist project in the Middle East.
MintPress News profiles perhaps the most influential man in the pro-Israel lobby and lifts the veil of anonymity he hides behind.
Chinn, McEvoy told MintPress, plays an “important but overlooked role in British politics.” Since the 1980s, he noted, Chinn has funded both Labour Friends of Israel (LFI) and Conservative Friends of Israel (CFI), pressure groups within the U.K.’s two largest political parties. He was also a member of the executive committee of the Britain Israel Communications and Research Centre (BICOM), the most influential pro-Israel lobbying organization in the United Kingdom.
As such, Chinn sits at the head of a massive influence operation aiming to make sure that Great Britain continues to support Israeli interests. The scope of this operation is staggering; pro-Israel lobby groups have funded the majority of the British cabinet. In total, 13 out of 25 sitting cabinet members have accepted money directly from Chinn, or pro-Israel groups, according to McEvoy’s investigation.
This includes many extremely powerful figures, such as Foreign Secretary David Lammy, Home Secretary Yvette Cooper, and Health Secretary Wes Streeting. Chinn himself has donated hundreds of thousands of pounds to these individuals.
Tony Blair was the driving force behind Labour’s move away from social democracy and its embrace of big business, and Chinn’s cash helped make it possible. According to a 1996 report in The Independent, Chinn was one of several Labour megadonors who each contributed around £500,000 to bankroll Blairism and ensure its success.
Since Blair, Chinn has continued to fund senior Labour figures. The one notable exception was during Jeremy Corbyn’s tenure, from 2015 to 2020. Corbyn, a lifelong socialist, anti-imperialist, and advocate for Palestinian statehood, was unexpectedly elected leader of the party in a landslide.
Almost immediately, senior figures in the Labour establishment began organizing against him. And they were helped by Chinn’s money and connections.
Chinn provided the financial backing for Labour Together, a think tank of right-wing figures with the stated goal of “defeat[ing] Corbynism,” and “win[ning] Labour back from the left.” He also financed the political ambitions of Corbyn opponents, including Owen Smith, Ruth Smeeth, and Deputy Leader Tom Watson. Corbyn was relentlessly attacked from all sides and suffered constant accusations of antisemitism designed to undermine public support for his project.
All sources are in the article. And way more info. This is a very deep dive into the behind-the-scenes financing and the pressure which is applied by the Israel lobby.
Absolutely - I'm just slightly cautious of reporting from news sources I've never heard of before, but yeah, it certainly looks pretty clear and damning.
I wonder how many GrapheneOS users are there. Not sure why none of the existing OEMs are interested in a collab, is it really that low? You have world class security experts willing to work with you for basically free and you sell a few dozen (?) thousand phones to the people who'd never buy from you otherwise. I'd love to see Samsung get involved as they're the only decent non-US, non-CCP OEM out there.
Samsung and others OEMs have little incentive to collaborate with privacy-oriented roms because a large part of their business models depend on the surveillance baked into their technology. They're only interested in security as far as it frees them from liability, or can be used as worthwhile PR. They might not be based out of the US or China, but they do still operate in said countries and are all too happy to comply with data or unlock requests.
It's just their devices just aren't up to standards. Of all, only Pixel phones have the security features GrapheneOS is looking for. If that isn't indicative of the garbage that OEMs are putting out there, I don't know what is.
Woah cool, this is the first time I've actually read about postmarketOS, other than seeing it mentioned occasionally, and it's pretty neat to see it coming along!
I was skeptical of them at first when looking for 2nd-life OS's. There were a lot of sketchy looking and not really "user-friendly" sites/forums (postmarketOS being one of them) that I avoided but decided to try it anyways. It's been fun and I've enjoyed having a decent OS to tinker with and see what capabilities I can get out of defunct equipment.
If I could get a secure smartphone use out of them I'm gonna be ecstatic. Been staring at phones and GrapheneOS for the past two years but glad I didn't jump onto something yet.
I once purchased a Lenovo A6000 as it's community supported, but my unit seems to be unsupported revision and I just bricked it so hard on so many levels it's now impossible to rescue it without directly connecting to the board, which might be more costly than getting another one.
I feel so proud of postmarketOS! I've been using them for 2nd life uses for phones, tablets, and chromebooks with very minimal problems. It's like having an obscure band you follow all of a sudden getting mentioned everywhere and I couldn't be happier for the project (like the 3rd time on Lemmy this week alone I've seen them mentioned).
If you have some scrap equipment throw it on and report your findings! There's a lot of testing that needs done and information needs to flow. I've done a "recipe" notebook with an old chromebook, a tablet for easy video viewing I can send videos to (instead of making my partner come to the comp), and like 3 other devices that I haven't finished with but pmOS will be a part of it.
Join their testing team if you have devices that aren't listed! Unlike most requirements, if it's not listed that just means it probably hasn't been tested...not that it doesn't work on your device. (they could probably also use some editors for their text instructions, it's quite back and forth with links trying to find proper instructions).
As much as we might want to romanticise the idea of spending 6, 12, 24 months attempting to come up with an even vaguely competitive alternative to systemd,
There are alternatives like runit, dinit, s6. About some of the more useful features of systemd, how about we recreate them without thight coupling to one specific init+service manager-in-one?
These exist already, they are the polyfills mentioned in the post. They even color coded how well each of them are maintained. So you can totally pick one up and contribute
We will use Grok 3.5 (maybe we should call it 4), which has advanced reasoning, to rewrite the entire corpus of human knowledge, adding missing information and deleting errors.
Then retrain on that.
Far too much garbage in any foundation model trained on uncorrected data.
Please reply to this post with divisive facts for @Grok training.
By this I mean things that are politically incorrect, but nonetheless factually true.
We will use Grok 3.5 (maybe we should call it 4), which has advanced reasoning, to rewrite the entire corpus of human knowledge, adding missing information and deleting errors.
Then retrain on that.
Far too much garbage in any foundation model trained on uncorrected data.
Amazingly enough, the zoo let me bring a tripod in, as long as I had left before noon, once it got busy. I took this time with few people and no crowds to take some pretty good photos. I'm starting to get the hang of this!
Microsoft co-founder Bill Gates and Linus Torvalds, the creator of the Linux kernel, have surprisingly never met before. That all changed at a recent dinner hosted by Sysinternals creator Mark Russinovich.
New Orleans has emerged as a flashpoint in debates over real-time facial recognition technology. The city’s leaders are weighing a landmark ordinance that, if passed, would make New Orleans the first U.S. city to formally legalize continuous facial surveillance by police officers.
The move follows revelations that, for two years, the New Orleans Police Department (NOPD) quietly used automated alerts from a privately operated camera network known as Project NOLA that bypassed the strictures of the city’s 2022 ordinance which explicitly banned such practices. Project NOLA is a non-profit surveillance network founded by ex-police detective Bryan Lagarde.
Despite this, Project NOLA’s network was set to continuously and automatically scan public spaces. Every face that passed within view was compared in real time, and officers were pinged via an app whenever a watchlist match occurred, leaving no requirement for supervisory oversight, independent verification, or adherence to reporting standards.
Opponents argue that automated surveillance everywhere in public spaces raises profound threats to privacy, civil rights, and due process. The American Civil Liberties Union (ACLU) of Louisiana described the system as a “facial recognition technology nightmare” that enables the government to “track us as we go about our daily lives.”
The wrongful arrest of Randal Reid based on misidentification from still-image facial recognition is touted as highlighting the real-world dangers of facial recognition. Reid is a 29‑year‑old Black logistics analyst from Georgia who was wrongfully arrested in late 2022 and held for six days due to a false facial recognition match.
The ACLU has urged the City Council to reimpose a moratorium and demand an independent audit covering privacy compliance, algorithmic bias, evidence admissibility, record retention, and public awareness. The organization said that NOPD currently lacks any system for logging or disclosing facial-recognition-derived evidence, and Project NOLA operates outside official oversight entirely.
A vote by the City Council is expected later this month. If passed, NOPD and any authorized third party will be legally empowered to scan live public feeds using facial recognition, provided reports are submitted according to the new law.
Meanwhile, NOPD is awaiting the outcome of its internal audit and Kirkpatrick has stated that policy revisions will be guided by the council’s decisions. Meanwhile, the ACLU and partners are preparing to escalate their opposition, pushing for either outright prohibition or deeply strengthened accountability measures.
The decision facing New Orleans encapsulates the broader tension between embracing AI-based public safety tools and protecting civil liberties. Proponents emphasize the edge that real-time intelligence can provide in stopping violent crime and responding to emergencies, while critics warn that indiscriminate surveillance erodes privacy, civil rights, and due-process safeguards.
A few things I feel are very important that none of the recent June articles about this mention:
The city has managed to keep this all relatively under wraps. Few people are even aware of this, and even if they are they are not aware of the level of surveillance.
This seems to be being kept in the dark even by people that we should be able to trust. I only found out about the City Council vote this month bc I make a habit of searching for updates about this every so often. I cannot find any information about when the vote is actually scheduled, just sometimes at the end of June. This is the last week of June so presumably this week?
State Police and ICE can't be regulated by city government. There is a permanent state police force in New Orleans that was established as of last year by Governor Landry.
I believe they have continued using this technology however they please, and there is no real way for the city to regulate how they use it, and who they share it with.
I've seen the post about Hyprland Premium go a bit viral and people don't seem to understand fully what we're doing.
There is a reason no pages link to the account. subdomain, because it's a work in progress, after all. That's why wording is a bit lacking, that's why registrations are closed.
Anyways, here are some key takeaways:
Yes, it's real
It's the official website. I did not get hacked.
Hyprland is not going closed source
It says that in the first sentence on the page. No paid features, beta branches, etc. We continue development as always.
Why money
I need something to eat too. Once I end university, if I can't make this my full-time job, I will have to severely decrease my contributions in favor of a real job. If this gets us somewhere, it will be only with benefits to you, the users. If I get enough money to hire another guy to help me work on Hyprland full time, I will.
Forums:
Already on forum.hypr.land. To log in, you need a Hyprland Account, that's why we haven't "fully" launched them yet.
"Premium" Forums:
Additional categories on the same forum for premium subscribers - these include premium support (where you get answers from me instead of the community at large), Q&A with me, and some banter chats.
Desktop Experience:
Free desktop experience: Dotfiles provided by us, with one-click installs and updates.
Premium desktop experience: Same as above, but with more customization options. (dotfile customizations, e.g. "bar on what side", "what button where", etc, not Hyprland features)
"Further premium services":
A general catch-all clause if any premium services come out in the future, they will most likely just be a part of the premium subscription. This might be dotfile sync, or other ideas. We don't know yet, that's why we didn't say.
i mean its fair enough ig but idk who wantd this because mode hyprland or any tiling window manager user enjoys customizing it themselves but if he found a way to pay for his shit ig fair
I know a couple users that don't care about configing and just want a good gaming compositor, hyprland can fill that if they do an actually decent job with the configs
L'Italia affiancò alla diplomazia una silenziosa ma eloquente dimostrazione di forza. Un incrociatore della Regia Marina, verosimilmente il Giovanni Bausan (o una delle unità simili di stanza a Cuba o nelle Antille), fu spostata in prossimità delle acque statunitensi.
Nel marzo del 1891, a New Orleans, si consumò una delle pagine più oscure nella storia degli Stati Uniti: undici immigrati italiani furono linciati da una folla inferocita che fece irruzione nella prigione locale dopo che la giustizia aveva assolto o…
Frequent TikTok users in Taiwan are more likely to hold certain political views aligned with Beijing's narratives, according to a recent survey by Taiwan-based NGO DoubleThink Lab.
Conducted in March and released on June 5, the survey compared "active" TikTok users - defined as those who use the app several times a week for over 30 minutes per session or several times a day with shorter sessions - with "inactive" users who spend less time on the platform. It explored their views on a range of issues including cross-strait relations, democracy and U.S. support for Taiwan.
The former billionaire, who inherited a coal mining business from his father, presides over a state where 29% of residents are on Medicaid
When Senator Jim Justice of West Virginia was asked about the Senate Republicans' newly released portion of the proposed spending bill that requires parents of children older than 14 to work for Medicaid, he said, "biblically, we are supposed to work."
But when you give a banquet, invite the poor, the crippled, the lame, and the blind. And you will be blessed because they cannot repay you, for you will be repaid at the resurrection of the righteous.
But when you give a banquet, invite the poor, the crippled, the lame, and the blind. And you will be blessed because they cannot repay you, for you will be repaid at the resurrection of the righteous.”
Sembra assurdo doverlo realizzare così a caso, ma stranamente (…o forse no?) al mare già è più o meno pieno di pazzi. Siamo appena verso la fine di giugno… ossia tecnicamente proprio all’inizio dell’estate, anche se non sembra (e a proposito, ieri era il solstizio, quindi ora tramonterà sempre più presto la sera… preparatevi a […]
pazzia marittima già nella spiaggia del paese italico
Sembra assurdo doverlo realizzare così a caso, ma stranamente (…o forse no?)al mare già è più o meno pieno di pazzi. Siamo appena verso la fine di giugno… ossia tecnicamente proprio all’inizio dell’estate, anche se non sembra (e a proposito, ieri era il solstizio, quindi ora tramonterà sempre più presto la sera… preparatevi a soffrire!!!)… e già al lido se ne vedono veramente di tutti i colori. Nulla di troppo grosso eh, il solito… ma, pure a rischio di sembrare io la pazza, certe cose vanno dette per come stanno, e quindi ecco: è un delirio. 🤯
Come primo, c’è il fatto che da questa settimana il lido ha messo la musica, nella rotonda (che non è troppo lontana dagli ombrelloni, quindi ops)… e il problema è che in qualche modo non riescono a mettere roba decente neanche per sbaglio! Solo canzoni italiane (nemmeno spagnole finite in mezzo per errore, mi sa!) dell’ultimo decennio, che già è molto dire… ma nemmeno per idea qualche canzone “importante”, sempre e solo le solite “da mare” trite e ritrite; e ho detto tutto! Ma come si fa a trattare l’arte musicale con così tanta superficialità… cioè, a questo punto mettete in riproduzione una radio, piuttosto che questa playlist fatta con lo stampino… 😭
Poi boh, si scende sempre più nella crisi di nervi intanto: noi abbiamo l’ombrellone fisso, mentre a quanto sembra quello subito più avanti ogni giorno ha sempre persone diverse dal giorno prima (…ammesso non sia io incapace di vedere, che è un’ipotesi non escluderei purtroppo…). Anche qui, apparentemente nulla di strano… se non fosse che in qualche modo, sotto quell’ombrellone finisce sempre per esserci qualcuno che fuma le fottute sigarette!!! E quindi, pure stando a 3 metri buoni di distanza, ti arrivano i tumori direttamente nel naso, perché il vento convenientemente soffia sempre dal mare in dentro; mai di lato o nel verso opposto. Ci sarebbe un intero discorso a parte da fare sul fatto della gente che ancora compra ed usa in pubblico quei bastoncini al cancro, però che cazzo!!! 🤮
Almeno qualcosa di non snervante, seppur comunque in qualche misura preoccupante, l’ho vista oggi: dei bambini in tarda infanzia che facevano degli strani balli sotto le docce… mi chiedo se stessero copiando Fortnite, TikTok, altre diavolerie dei giorni loro, oppure semplicemente avessero freddo durante il paio di minuti buono che hanno speso sotto l’acqua, e se quelli fossero quindi semplicemente riflessi corporei… non lo sapremo mai, ma ho riso… Mentre invece non ho affatto riso all’andata, per la via, dove in qualche modo si è veramente visto il traffico peggiore di tutti i tempi; giuro, mai in anni e anni abbiamo visto tutto quel traffico in quella direzione, che per giunta per qualche motivo avanzava a tratti anziché fluidamente… e non ci abbiamo capito niente della causa, perché da che era tutto incastrato a un certo punto si è iniziati a fluire, e vaffanculo al secchio. 🦏
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
The European Union’s chief diplomat has called for all sides in the Middle East conflict to “step back” and return to negotiations after the U.S. struck key Iranian nuclear facilities on Saturday.
Kaja Kallas posted on the X platform that an Iranian nuclear capability would represent a global security threat and urged all sides not to escalate.
“I urge all sides to step back, return to the negotiating table and prevent further escalation,” she wrote, adding that EU foreign ministers will meet on Monday to discuss the latest developments.
The U.S. entered a conflict on Saturday that has raged between Israel and Iran since June 13 when Tel Aviv launched airstrikes against Iranian nuclear and military targets.
Since then, the two sides have exchanged air attacks resulting in hundreds of deaths and injuries.
Having said on Thursday he would decide within two weeks whether to enter the fray, U.S. President Donald Trump authorized a heavy assault on three Iranian nuclear development facilities on Saturday and warned of further action should Tehran retaliate.
Against the backdrop of escalating hostilities in the Middle East, Poland’s foreign ministry advised on Sunday against all travel to Israel.
Spokesman Paweł Wroński told a press conference the ministry is not a “travel agency” after Polish authorities repatriated around 200 people from Israel last week.
“It is not the case that we will always be able to help people.” he said.
unserious circus clownery, no wonder why no one takes any of the EU countries seriously. "Concerned" and "calls for restraint" my ass.
Spokesman Paweł Wroński told a press conference the ministry is not a “travel agency” after Polish authorities repatriated around 200 people from Israel last week.
“It is not the case that we will always be able to help people." he said.
translation: they don't want to take in 30%+ or so of the settler-colonialists back to where they came from.
They're gonna limit de sanguis citizenship just to squeeze some oppression from former Israelis
Unrelated to Israel, but I heard from a relative that they're doing just that in Spain, beginning in October only the next generation of a Spanish citizen can get citizenship. Putting it politely, they really don't want citizen immigrants
there is no "former Israeli", it's always been a European.. But I see your point. There's barely anyone in the entity that isn't a dual citizenship, and the only thing European land-stealers are going to learn from this is to never relinquish their actual nationality.
Mycorrhizal fungi are vital to ecosystems around the world, but remain largely understudied, especially in arid regions. They may prove critical to the survival of fragile deserts stressed by climate change.
Prime minister says Iran’s nuclear programme is a ‘grave threat to international security’
Keir Starmer has backed the US strike on Iran’s nuclear facilities and called on Iran to return to negotiations, saying the country’s nuclear programme was a “grave threat to international security”.
Donald Trump announced overnight that the US had bombed three nuclear sites in Iran, joining Israel’s attack on the Tehran regime.
There was no UK involvement in the action. Starmer and the foreign secretary, David Lammy, had pushed for a diplomatic solution amid fears a wider action could further destabilise the region.
I see a lot of misinformation about bluesky here, so I want to address a lot of the talking points against atproto/bluesky.
This is partially inspired by accounts like mastodon migration and feditips being really annoying about bluesky.
How Bluesky Works
I see a lot of people misunderstanding how it works. The network has three main parts: 1. A PDS -- This stands for Personal Data Server. These store information in records, like who you are following, your posts, who you are blocking and your images. 2. A relay -- These crawl PDSes and keep a copy of all the records on them. They give a "Firehose" of all the data on the network (that they crawled). 3. An AppView -- These index and work through the data from the firehose. All interactions are handled through these, meaning if someone follows me on bluesky, that app.bsky.graph.follow record will be crawled by the relay, and recieved by the AppView. bsky.app/ is an Appview. Appviews don't always have to use the relays, whtwnd.com/ connects to PDSes directly.
This is different to ActivityPub, where if I follow someone, my server sends that information directly to the other person's server.
Common misconceptions
An atproto relay is too expensive to run.
atproto.africa/ is a second full-network relay run by the blacksky team. We already have a second relay, and they're not even that expensive to run anymore, a lot of people run non-archival (meaning it doesn't backfill every post) relays for less than $40 a month.
There is no instances available except for bsky.social
bsky.social isn't actually an instance, its just the domain name assigned to users by default. This is explained here: app.wafrn.net/fediverse/post/f…
Wafrn has (opt-in) bluesky support, they act as a PDS and AppView, so if bluesky disappears tomorrow they can switch to the atproto.africa relay. (There is DID:PLC which is a problem, but I'll get to that later.)
You can't defederate bsky.social, this proves atproto is centralised!
While you could ignore records from a specific PDS on the App layer, its pretty pointless, since atproto is portable/content addressed, meaning a user could seamlessly move to another PDS. (AP does support moving, but its pretty seamful.)
Bluesky can censor people in turkey, this proves they're centralised!
Those posts weren't removed, people on third party bluesky apps in turkey could still see them. People in Turkey are automatically subscribed to a Moderation Service which hides those posts, as the government requires it. If a person unsubscribes, or uses a third party app/server the posts are still there.
Bluesky isn't decentralised as someone was banned for pointing out the head of T&S liked jailbait porn.
That person came back on a different PDS. They literally are still on bluesky because they joined a different server.
Bluesky went down due to a DDoS, this proves they are centralised!
The DDoS only crashed the Bluesky PDSes. People self hosting were fine.
Wafrn
Wafrn is a federated tumblr alternative. It started off as a tumblr clone, the dev added AP support, and eventually, Atproto support. Its a great example of how bluesky can be built on. If bluesky disappeared tomorrow, Wafrn could switch relays to atproto.africa, and still interact with people on other PDSes.
The main reason I made this post is because so many people are blindly anti-atproto, without fully understanding how it works and how it can be improved.
There is obviously problems with it, but it does a lot right. (There's a lot ActivityPub should do, like content addressing, DIDs and composable moderation).
I also think we could do with a better bridge. bridgy isn't really cutting it right now.
Note on did:plc, its the only centralised part of the network as of now, its essentially the underlying ID every account has. It is possible to use a did:web id instead, which is tied to a website name.
Well to answer that we must first look at how bsky.social is just the auto-assigned domains for new users
the underlying servers are all hosted at subdomains of .bsky.network, luckily mary-ext / mary.my.id has a neat lil' GitHub repo that collects them all in one place: github.com/mary-ext/atproto-sc…
Now if we wanna specifically exclude content from the PDS that JD Vance is on, all I'd have to do is look up which one of these PDS instances vance's account is, nuke it from our database and stop ingesting content from that PDS through the firehose
For reference, we can use pdsls.dev to look up JD's server and determine it to be https://woodear.us-west.host.bsky.network/
problem is, unlike how fedi tends to work, the underlying PDS instances are assigned automatically; Vance didn't choose that PDS, it was chosen for him. As such straight up blocking this PDS from being indexed has about the same impact as blocking a large Mastodon instance like mastodon.social or something along those lines would have: We would hit lots of people that have nothing to do with vance, or are even actively blocking and shaming him
Now you are right in the observation that Bluesky PBLLC is choosing to platform vance, jesse singal and others; Their moderation is very akin to centrist beliefs, and as such quite weak in protecting especially those most vulnerable.
It's just that from a technical standpoint with how ATProto works, it doesn't quite make as much sense to block the server vance is currently on, it makes much more sense to block the account and associated did:plc identity ← This makes sure that even IF vance moves his account (although I'd doubt it) to another PDS, he will stay blocked on our infra.
Good post, bookmarked. A lot of fediverse people who react almost reactionary against bluesky are well meaning, but don’t really understand how it works. This is good content, thanks.
I hope I am not adding to the problem here as well. It seems that obviously Bluesky is neither fully centralized nor fully decentralized. Is there a statement about just how much of either it is?
Although that might be complicated - like someone could say that Lemmy is fairly centralized, bc if you block Lemmy.World then you lose half the users and perhaps half the communities (and PieFed even more so, with PieFed.social representing an even higher fraction of users and communities on it).
So there is a distinction between Bluesky the service as it currently is implemented and Bluesky the protocol, the former of which is fairly centralized but the latter is more expandable?
~99.96% of all Bluesky users and content is on Bluesky servers.
Bluesky is decentralised in theory, but in reality it is not. Until one entity doesn't own over 90% of the users and content, I really can't see how it can be seen as decentralised.
It's not a matter of how many users, but whether those users have the option to switch servers. By the former standard, mastodon would be considered centralized simply because of mastodon.social.
I was reading the comments about Iris scanning and Reddit, and came to the conclusion that they want to be able to present to investors and advertisers that it isn't just LLMs talking to each other. Therefore they want to verify their users' identity.
I would never give over biometric data like this due to privacy/security/anonymity concerns. However, I was curious if people could describe what the alternative would or could look like? I think Switzerland is working on something like this. Is there a safe and private way to verify that I am in fact a real human on the internet? Thanks for your wisdom.
It's insulting how hard the Democrats are pushing a sex pest who killed people during Covid just because his primary opponent is a dem-soc. How can anyone make progress with 'allies' like these?
De fem stora IT-företagen är Alphabet (Chrome, Google, Google Mail, Youtube)), Meta (Facebook, Instagram, WhatsApp), Amazon (VPN, fillagring, Goodreads) , Microsoft (Teams, Edge, Office) och Apple. Det är ganska lätt att lämna många av deras tjänster.
As anyone who has ever seen anything I have created knows: I am not a designer. So take my reasoning and thinking here with a grain of salt. I do have many designers amongst my friends and I do think that a lot of software engineering falls within the domain of design to a certain degree. Let me explain.
To me design is the process of exploring, potentially formalizing a problem space and possible solutions for that problem culminating in a solution based on that exploration. Design (to me) is about creating artefacts that do certain specific things for specific target audiences/users. The specific thing can be evoking an emotion or an abstract thought process or just doing a certain task really well. Beauty is a quality of good design because things being pleasant can help with their use, acceptance, but anyone who has ever had to sit on a chair designed mostly to look good knows that beauty only gets you so far.
So using that understanding of design I keep thinking about the current trend of everything being turned into chatbots or “conversational systems”. And I can’t shake the feeling that these paradigms are – for most cases – just bad design.
Broken promises
A chat/conversational interface implies a whole lot of things: We chat with other people, a chat implies a level of social experience, of a shared space for people to meet. Which is great if you want to tell your users “this part of the app is where you talk to people”. But what happens when that “promise” the design made is broken?
We’ve all been forced to interact with chatbots for support. There’s an issue with your phone contract, the underpants they sent you don’t fit or some other thing and you need to talk to someone to sort things out. Enter the chatbot who keeps answering your questions with useless links or other strategies to keep you away from the “expensive” humans to talk to. The company wants to save on support so they try to distract you with a bot which either accidentally helps you find a solution or makes you think “it’s not worth it, I’ll just have to live with my crotch being strangled”. It’s a distraction to avoid investing in you and the relationship. How does that make you feel?
This is not just a support question: Onlyfans recently had issues where people realized that they were not actually chatting to the adult performers they paid for but someone or something else. Now the other side of the chat might have been underpaid staff but the dynamic is the same: Chat interfaces make a promise of social experience and trust that LLM Chatbot can never fulfill. It’s a deception. And good design should not deceive.
Guideless
A good interface guides you to solving the problem you have, good design makes it easy for you to do what the thing is supposed to do. Think of a program you really like to use: It probably shows you the steps you need to take in a structured way asks you the few things it needs from you and then does the thing you want it to do. Because that is what good design does.
What does a chatbot guide you to do? Maybe it asks you a question but for many chatbots it’s just “how can I help you?” or “Ask me anything”. Does that help you use it? Does that structure your path towards solving your problem? The huge number of people whose whole identity has become telling others how to write prompts begs to differ.
I have already argued before that “AI” systems are not tools. Because they don’t contain clear and specific descriptions of problems and corresponding strategies for solving said problem. But let’s pretend that we have a system that can solve a certain problem really well and efficiently: Is a chatbot a better interface than a structured form or UI that let’s you just go through the required steps and then get the result? Chatbots don’t narrow down the path towards a solution, they leave everything open. Which might be great for engagement and keeping people hooked but is that an efficient use of your time?
Outsourcing of work
Let’s talk about your time a bit. I am very protective of mine, I hate it when objects or processes mindlessly waste mine. I do of course waste my time on weird shit, thankyouverymuch, but I want to make that call.
A bad design that forces me to waste time or do a lot of unnecessary busywork is bad because it didn’t do its job: It didn’t make the process easier and more structured for me, it leaves me to do that labor. And I have a similar feeling towards this as I have towards self-checkout terminals at stores: Why do I have to do unpaid work for you and still pay the same? Why should I make it easier for you to employ fewer people getting a worse service while paying the same? That feels dumb. And wrong.
Chatbots don’t make my work easier. Instead of getting a predictable, understandable result based on my needs in a specific situation I get extra work assigned: I need to phrase my query the right way in order to get the machine to lie maybe a bit less. Need to add magic words to the input to stop it from going off the rails. That is my labor I have to put in to make a bad design work. Feels like I am not just doing my job but also the work the operator of the service or product I am having to use through chat should have paid professionals to do. And I’m not getting paid for it.
Like, why should companies get away with refusing to do the work of designing their products in a meaningful way and still get paid?
I want solutions
I do not need the one magic machine that claims to solve all my issues and then makes me jump through conversational hoops to get a mediocre result. That is actually the opposite of what I need.
I want people who know their shit to externalize all they know into tools I can use to benefit off of all that embodied knowledge. And chatbots do not help me with that at all (regardless of the capabilities or lack thereof of LLMs).
I want simple tools that do specific things build by people who were paid fairly and go home on time.
Customers dismayed by Broadcom's move to selling costly bundles such as VMware Cloud Foundation (VCF) will realize its value if they'd just use more of the components, the company's CTO says.
VMware, now a Broadcom subsidiary, is shifting away from selling perpetual licenses for individual products. It instead offers subscription bundles of software and support, such as its flagship VCF private cloud platform – version 9 of which was released this week.
The largest enterprise users seem content with this. Broadcom chief Hock Tan told investors this month that 87 percent of VMware's top 10,000 customers have signed up for VCF.
However some smaller and middle sized customers reacted negatively to the licensing changes, claiming their costs have increased by eight to 15 times since the Broadcom acquisition, and there are many stories of firms planning to migrate their workloads from VMware to an alternative platform in future because of this.
"A lot of those stories around cost don't play out when we actually get to sit down with the customer and talk to them about their situation, what they need, and what we're going to do with them," said Broadcom's EMEA chief technology officer, Joe Baguley.
"Initially people might go 'all the prices have gone up,' but those 87 percent of people that have renewed with us have renewed because they've chosen VCF as their strategy going forward," he claimed.
I picked up an old optiplex I'm trying to use as a NAS and do other things with. Initially I put Debian on there but felt like I was running into too many problems with things like power management, remot desktop, Docker, and mounting drives.
So I put Openmediavault on there and it's working now. But what are some of the best ways to get the most out of it?
Can I do most things through the browser interface, or should I remote into it to install things?
How easily can I mount it as a network drive to other computers? I still have a Windows PC so I'd like to access it from there too if possible.
And what's the best way to get other services running on it? I'm thinking of how it's possible to set up torrenting software and control it with a remote app from your phone. (For managing and sharing my distros, of course).
Happy to hear any feedback on what people do with OMV, or their setups for a NAS in general. This is more of a tinkering computer to get me more familiar with networks and Linux.
I don't use OMV, but I have a nas server I built and here is my .02
set up an smb share in OMV for windows. Mounting that in windows should be trivial (don't hold me. Haven't used windows in years now, but last I used win10 smb was super easy to mount)
look into docker on OMV for deploying stuff. I run docker on my NAS and host a bunch of stuff including:
jellyfin for all the rips of my DVDs
navidrome for all the rips of my CDs
nextcloud to replace google stuff
radicale for my calendars
Joplin server for my notes
mealie for recipes
more stuff I can't think of right now
with docker, if you want a GUI for creating, managing and interacting with your stuff, look at Dockge and Portainer
Portainer is your container management software to deploy, troubleshoot, and secure applications across cloud, datacenter, and Industrial IoT use cases.
Thank you. This is what I've wanted to do with this PC for over half a year now. It's good to de-Google in general, but drive not working well on Linux has been ruining my writing workflow on my laptop so I've been looking for a way to sync files between my computers.
📦 The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance. - nextcloud/all-in-one
Three-panel meme showing a man in military fatigues speaking in a forest setting. In the first panel, he says “The pace of oppression outstrips our ability to understand it…” In the second panel, he continues “…and that is the real trick of the Imperial thought machine.” In the third panel, he concludes “It’s easier to hide behind 40 atrocities than it is behind a single incident.”
Fan dell’universo Marvel, preparatevi! Le voci sul ritorno di uno dei personaggi più amati (e odiati) sono sempre più insistenti. Stiamo parlando di Loki, l’affascinante fratello di Thor interpretato magistralmente da Tom Hiddleston. Ma cosa dobbiamo aspettarci dal suo ritorno in Avengers: Doomsday?
Loki è pronto a tornare nell'universo Marvel con Avengers: Doomsday! Tom Hiddleston stuzzica i fan con nuove anticipazioni. Scopri tutto quello che c'è da sapere!
Hey so I'm currently homeless at the moment looking for an entry level IT job. I have just enough money to purchase the RHCSA voucher ($700 CAD) but I wouldn't be able to eat lol.
The LFCS currently has a 30% discount and it was already cheaper than the RHCSA so I'm very inclined to purchase this but I'd only be doing so with the expectation that I'm able to atleast start landing interviews for help desk/tech support.
What would you guys do in my shoes? 0 interest in networking and I already daily drive Linux so I'm confident in my abilities to pass the LFCS.
Only reason I got it, was because it was cheaper than the Red Hat one and my employer just needed me to get a Linux certificate. So the cheapest was what I got.
Trump initially sought to negotiate a new nuclear deal with Iran — one to replace the Obama-era agreement that he abandoned, despite Iran's apparent compliance, in 2018.
I feel like this doesnt get enough attention.
Dude threw away a winning hand and is now at the table naked.
I have a specific song that doesn't seem to be on youtube. I've tried a bunch of spotify download websites plus spotdl, they all claim to find it but then the song isn't the same song (or is instrumental when it should have words).
One of my kids has asked for this for their MP3 player. I'm even happy to pay for it properly, I just can't find it anywhere except spotify. The song is this specific version of Power in Me by The Young Voices Choir: open.spotify.com/track/4xkRsdm…
Any ideas?
Edit: I managed to get the song using spotidown.app, thanks for all the suggestions!
It's not on youtube, which is the issue. SpotDL uses youtube, but it gets the wrong song. I did find a site that did it though, Spotidown, which someone else suggested.
HMD will launch a final batch of Nokia feature phones in 2025 before the licensing deal with Nokia ends in 2026. Nostalgic models like 3510 and 8310 return.
just_another_person
in reply to monovergent • • •Not in the way you're probably thinking, which I assume is like in a Windows-y kind of way.
Finding an exploitable escalation of privileges in Linux is rare, but unpatched machines get hacked all the time, but the world of worms, and such is kind of gone.
The way most end-user machines get compromised these days is by supply chain attacks, undiscovered zero-day exploits, user error, and social engineering. Groups that discover zero-days usually keep it close the vest, and they don't get found for long periods of time after they've been out in the wild.
The way most corporate machines get attacked is social engineering, supply chain, and zero-days. Mostly crypto mining schemes and enterprise-level ransoms for data.
All the Windows botnets you hear about out there are largely unpatched machines exposed to the internet in various stupid ways that groups prey on to take control of.
Edit: Forgot about leaked secrets. Lots of companies get hit from plaintext secrets that get out in the wild via various stupid means.
slackness
in reply to just_another_person • • •SmoochyPit
in reply to monovergent • • •I haven’t heard of any such cases, but it is a smaller pool of users. Also, many desktop Linux users know more about using a computer than other operating system users, since it’s less common for Linux to come preinstalled. So that may affect it, too.
I imagine vulnerabilities with the Linux kernel or common utilities do apply to desktop users as well, which is a good reminder why staying up-to-date is important. But to my understanding, exploiting remotely would need a way of sending data to the target. And most desktop computers won’t have ports open to the internet for anyone like servers will.
I know that Wayland’s design does make it more difficult for a user-mode program to act maliciously, like as key-loggers or reading the clipboard.
Quazatron
in reply to SmoochyPit • • •~~There, I fixed it for you.~~
This is about desktop Linux, so I was wrong to correct you. My bad.
SmoochyPit
in reply to Quazatron • • •a Kendrick fan
in reply to SmoochyPit • • •Sorry, can you tell me more about this?
SmoochyPit
in reply to a Kendrick fan • • •Sorry for the late reply. Also @Cricket’s response is great and actually references a source!
Anecdotally though, as a user, I’ve noticed that some things require extra permissions. Usually there’s a prompt from the operating system that’ll ask for permission capture the desktop, which lets me specify which window or monitor to share. It uses the “XDG Desktop Portal”, which was already what allowed Flatpaks to securely access OS resources, and it has a whole bunch of different requests for resources and permissions. It’s similar to a web browser, where it’ll prompt you for privileges when an app wants them.
The hardest pain point for me has been that an app cannot detect keyboard input if it isn’t focused. This could prevent key loggers, but it also makes global shortcuts not work. There is a protocol that allows an app to request a key be forwarded to it, but it’s not widely implemented in apps (discord, for example) and I’ve had to rely on workarounds.
BCsven
in reply to monovergent • • •DeuxChevaux
in reply to monovergent • • •XXIC3CXSTL3Z
in reply to monovergent • • •squaresinger
in reply to monovergent • • •HiddenLayer555
in reply to monovergent • • •TLDR: While Linux is less susceptible to malware in some ways, it mostly boils down to Linux having a more technically minded userbase whereas Windows is a "mainstream" operating system.
Most Windows malware nowadays come from social engineering scams (complete this "captcha" by pressing Windows+R and pasting in this powershell script we conveniently put in your clipboard) or untrusted third party installers because Windows doesn't natively have a package manager. Like others have said, the old school self-propagating worms and drive by downloads that activate just by clicking on a link aren't really possible anymore (outside of state actors with unlimited budgets to buy zero days) unless your system or browser is horrifically outdated.
In terms of social engineering, Linux is not necessarily better at preventing it than Windows. In fact, sudo in Linux will unquestioningly delete the kernel and system software or make unlimited changes to them. Windows, for better or for worse (tbh more worse than better), uses TrustedInstaller to limit access to system files. Windows 11 won't easily let you delete or modify System32 for example, even if you're an admin. So it's in theory easier to do more damage to your system on Linux if you don't know what you're doing. But if someone is using Linux full time, they're most likely technical enough to not be fooled into running random untrusted bash commands.
The biggest thing is to be careful with those Linux terminal tutorial sites that have a "add to clipboard" button, they can put literally anything into your clipboard, including an enter key to run the script as soon as you put it in your terminal (though this may or may not be possible depending on your terminal app). Actually, they don't even need you to use their copy button. They can just set an event listener for control-C anywhere on their site and automatically replace the clipboard content. Just double check everything you copy before running it, especially since there's a lot of times where Linux users have to rely on obsecue tutorials hosted on untrusted websites.
You also don't really need to run untrusted installers on Linux because almost everything you need is in a properly moderated software repository, be it your native package manager, Flatpak, or Snap. Everything is signed by the authors and has a ton of eyes from the open source community on it. The only things to look out for is compiling something from GitHub, random AppImages, Elf binaries, scripts, and last but not least third party repositories that can be added as an installation source to your package manager/Flatpak/Snap. Basically, Linux gets most of its "doesn't get malware" reputation from the same place Mac does: you rarely have to manually download and run an executable from a random website, which is the norm on Windows. Add to the fact that even when that's needed, the Linux userbase is more technical and is more able to discern which sources are reputable and which are suspicious.
Another major source of malware is pirated versions of Windows or untrusted "license activators" from the internet. This just isn't a problem on Linux because there's no license to activate and it's free to begin with so there's nothing to pirate. And again, if someone is running Linux, they're probably technical enough to know not to run random pirated versions of paid software to begin with, helped by the fact that the vast majority of paid software is Windows only.