• 15 Posts
Joined 2Y ago
Cake day: Jun 25, 2021


Rochko said at the time he was unaware of the connotation. “Probably not a lot of people know this now, but Mastodon’s web app started out with ‘Publish’. In 2016, a famous YouTuber jokingly offered to support Mastodon’s Patreon forever if I changed the button to say ‘Toot’ instead. Needless to say, this was a really early, and not very informed decision. The first glimpse of attention and financial support. As a non-native speaker I had no idea there was another meaning,” Rochko said in a post last May.

Source: https://www.gizmodo.com.au/2022/11/mastodon-has-officially-retired-the-toot-its-version-of-the-tweet/

The EU accelerates sustainable urban transformation. It commits to create 100 climate neutral and smart cities by 2030.

I have been using BÉPO on my phone since a few years. It is a keyboard layout optimised for French, based on the principle of Dvorak. https://wikiless.org/wiki/BÉPO I still use AZERTY on all my physical keyboards as the switch is much harder, especially with my company or customers ones… The switch from a layout on a phone to a different one on a physical keyboard is transparent.

One simple way to have an idea if an app is not respectful of private data is Exodus Privacy. There are limits as it’s only for Android apps and it won’t alert you that the end-to-end encryption has a flaw or is a plain lie for example. But I think it is a useful resource especially for “non tech” people to have a global idea with just a quick glance, without spending too much time searching for reliable information. In this Stardust case, the MixPanel tracker is cited by Exodus Privacy, among two others. One could then think twice about using this app for sensitive data.

I am happy with the simple mobile apps suite on F-Droid, including the Simple Caméra app. The package name is com.simplemobiletools.camera I am not a camera power user though, and I only need basic functions. OpenCamera may be better; I don’t know.

The real one is the first result on Qwant.

Lawmakers in the European Parliament plenary voted Wednesday to mandate that all new car and van sales should be zero emissions from 2035 as part of efforts to clean up road transport.

My guess would be FreeCAD but I’ve never used it so I’m not sure.

Did not know about this. GeoNature is interesting to find places where a specific animal is often seen. It’s very cool these tools are open source. I wish they will be adopted more broadly.

I use Blabber.im but I never tried anything else.

Through a post about Lemmy on Reddit.

Active, with my feed configured on my subscriptions. In a post, I systematically switch on “top”, which is annoying to repeat this action every time. I would love to be able to configure independantly the sorting method for the feed and for the posts.

publication croisée depuis : https://lemmy.ml/post/197440 > Crowdfounding project on KissKissBankBank > BE

publication croisée depuis : https://lemmy.ml/post/197440 > Crowdfounding project on KissKissBankBank

Crowdfounding project on KissKissBankBank

It red Wayland is an improvement on security. https://en.m.wikipedia.org/wiki/Wayland_(display_server_protocol) https://www.secjuice.com/wayland-vs-xorg/ Wayland allows application isolation. Keystrokes are not shared among all applications.

Users have been warned against a new malware designed to steal crypto from browser extension wallets such as MetaMask and Coinbase Wallet.

Elsevier embeds a unique code in every academic journal article users download. Security researchers fear this could be used to identify people who share PDFs.

The Austrian Data Protection Authority has decided that the use of Google Analytics violates the General Data Protection Regulation (GDPR). Other EU member states could follow suit, as regulators cooperate in a task force in the European Data Protection Board.

How ironic to share a “bring back web1” message on a web2 platform…

Your Fingerprint Can Be Hacked For $5. Here’s How. - Kraken Blog
Fingerprint authentication is a convenient alternative to passwords and PIN codes. Who wants to spend time typing in a lengthy string of numbers, letters and characters when a simple tap will suffice? Unfortunately, that convenience comes at a cost. Because, unlike a regular password, you leave your fingerprint on taxi doors, iPhone screens, and glasses of wine at your local restaurant. In this article, the Kraken Security Labs Team demonstrates just how easy it is for malicious actors to bypass your favorite login method. Stealing the Fingerprint To compromise your device or account, we don’t even need direct access to your fingerprint. A photo of a surface you’ve touched (from a table at the local library to the equipment at your nearest gym) will do. With this photo at our disposal, an hour in Photoshop yields a decent negative: Next, we’ll print the image onto an acetate sheet with a laser printer — the toner creates a 3D structure of the fingerprint on the sheet. For our final step, we add some wood glue on top of the print to bring to life a fake fingerprint that we can use on a scanner. Launching the Attack With the fingerprint in hand, all we need to do is place it on the scanner. We were able to perform this well-known attack on the majority of devices our team had available for testing. Had this been a real attack, we would have had access to a vast range of sensitive information. Protecting Yourself From the Attack A fingerprint should not be considered a secure alternative to a strong password. Doing so leaves your information — and, potentially, your cryptoassets — vulnerable to even the most unsophisticated of attackers. It should be clear by now that, while your fingerprint is unique to you, it can still be exploited with relative ease. At best, you should only consider using it as second-factor authentication (2FA).

An analysis of the /e/OS app installer
"Apps", the /e/ app installer, downloads applications from CleanAPK.org, an intermediary which provides apps that originate from F-Droid and elsewhere. Since apps are not downloaded directly from F-Droid or Google Play, the installer takes certain measures to protect against tampering. Unfortunately, these measures can be bypassed in the majority of cases. This means that CleanAPK.org (or whoever compromises it) can get maliciously modified apps installed on /e/ users' devices, either when the user is installing a new app or during the update process. Edit: This website is mentioned in the last release notes of /e/ OS v 0.19-q: https://gitlab.e.foundation/e/os/releases/-/releases

I guess it comes from the French « Système débrouille ». It makes sense in French, though I understand it could be confusing in English for tech people. https://wikiless.org/wiki/System_D?lang=en

I red that reverse DNS is needed to not be considered as spammer, but my internet provider does not allow it yet. So in the meantime, I use Protonmail because of the first point you stated.

It seems surprising to be greeted by a cookies banner on such a website. There isn’t even the option to reject them.