Show more
Jons Mostovojs  

Stand with people of .

Please talk to your friends. Talk to Turkish diaspora, see if you can organise some events to educate yourself and your neighbours about Erdogan's 24 years in power.

I'm disappointed with for not covering it. Millions of people are protesting.

0
Jons Mostovojs boosted
Linux Is Best  

@TimePencil@infosec.exchange @jonn@social.doma.dev @signalapp@mastodon.world @nixCraft@mastodon.social

I cannot say, how much people should or should not trust Signal, but I can confirm, you should not trust, WhatsApp.

0
Jons Mostovojs  

@krolden I just wanted to make a message cannot be decrypted joke.

I bet there is a nerdy p2p system which makes messaging parties untraceable by generating a stable load of random traffic and masking encrypted data in it.

And then clients would best-effort decrypt the incoming stream...

Do you know of a thing like this?

0
Jons Mostovojs boosted
Linux Is Best  

@jonn@social.doma.dev @nixCraft@mastodon.social

I have been making a list of digital service providers outside Us Jurisdiction. Part of that list, includes encrypted messages https://codeberg.org/Linux-Is-Best/Outside_Us_Jurisdiction/src/branch/main/Encrypted_Messages.md

0
Jons Mostovojs boosted
Official Kakistocracy Jester 🪓  

@DemocracyMattersALot HAHAHAHAHAHA!!!! They only made it like 3 days!

A sign that reads, “IT HAS BEEN 0 DAYS SINCE A REPUBLICAN HAS BEEN EXPOSED AS A PEDOPHILE”
0
Jons Mostovojs  

@Linux @nixCraft also, remember that m0xie sold out to twitter at some point (admittedly when it was more or less ok).

I think Signal is like Whatsapp in terms of security, which is fine.

I drag all my friends and dates to Signal as an alternative to Whatsapp, but I am not delusional about it being the e2e holy grail!

I think that Matrix has a potential for M̵̱͙͖͐̓̊̋͛̃̒̏̇͆͊̀͐͑͝ͅe̵̡̟̤͔̲͇̖̰̝̟͆̉̈̀̚ṡ̷̡̧̥͔̜͖̜̼̜̺̫̓̾̓̾͒s̵̡̩̺̹̮̲̄̽̓̐̚͜ą̷̧̩̜̓͊̋̄̇̀g̸̨̛͓͙͈̙̪̬̙͕͑͐͆́̓̂̃̓͐̿̚̚̕ͅê̶̛̖̭̩͕̈́̀͛̊̽͐͋͝͠͝ͅ ̷̨̻͇͇͖̘͎̖̱̪̜̳͎̹͓̐̓͒́̄͗̔̓̾͋̉͒̕̚͝c̴̡̣͈̩̲̜̼̦̘̹̮̘̋́̽͗̅̒͗͜ḁ̴͙̼̎̀̓ņ̵͇̆̄̅̿͑̀̉ņ̴̻̰͇͙͎͍̙͕̙̬̾o̴̠̘͈̳͚͍̊̓͑̄̽̅͐̒̑͌͝t̶͔̫̂̆̔͋͌̑̔̊̚͠͠ ̸͎͎̌̐͊b̶̨̡̡̖̟̰̤̻̩͙̬̙̳̏̓̓͑͛̒̓͝e̶͚̯̹͓͓͐͆̐̀̏͆͊̿̕͘͜ ̸̨̨̡͓̯̺͕̼͔͇̱͎̤̼͌́̌͜d̶͈̆̄̈͌͌̉́̓͋̒͐̐͛͆͝ḙ̶̖̗̘̮̃͂̃̾̏̇́̑̐͑̎c̵̨̨̫̦̜̍̏͑͑͂̕ͅͅr̶̢̩̣̱͎̦͓̺̔̇̇̒̄̍́̕͝͝y̵̙͍̘͖̅̄̒͒p̴͎̿̆̓̑̾̚͠͠t̷̢̨̧̟͚͙͉͗͠ȩ̶̛̛͚̩͓̮̫͇͉̰̮̤̞͇̹̽̂̅́̆̏̐̆͛ͅd̷̪̄̿̓̑̔̈́̑̌̄͠

1+
Jons Mostovojs boosted
HD Moore  

Next.js dropped a CVSS 9.1 authentication bypass vulnerability (CVE-2025-29927) over the weekend. This flaw is trivially exploitable by sending the header `x-middleware-subrequest: true` and causes the request to skip all middleware processing, including any authentication steps.

Shodan reports over 300,000 services with the `X-Powered-By: Next.js` header alone.

You can find links to the advisory and queries for runZero at: runzero.com/blog/next-js/

1
Jons Mostovojs boosted
Information Is Beautiful  

How rich people avoid paying tax

(Originally by Instgram user @newmoney.blog)

This image appears to be a satirical illustration about how wealthy individuals can minimize their tax burden. It depicts a scenario where a CEO receives $1 million in salary and has $1 million worth of company stock. The illustration shows the CEO borrowing money against the value of their stock, spending the borrowed money as if it were income, and then claiming they have no income for tax purposes. The text suggests this strategy allows the CEO to pay significantly less in taxes.
0
Jons Mostovojs  

@amanda you can join mine if you want! 🥺 it's quite cosy there

0
Jons Mostovojs  

@Linux wow, the way you work at meta is the only ethical way to work st meta! Please protect your identity and keep blowing that whistle 💘

0
Jons Mostovojs boosted
Linux Is Best  

Earlier, I reminded people that Dot Com, Net, Org, Info, Us, and Edu are all govern by the United States. I also reminded folks that, word-based domain extensions, for example, Dot Social, are managed by Us Corporations. I suggested, it may be a good idea, if you're looking to start a new website, to not only find an overseas web host, but pick a country level domain.

Someone accused this of "Fearmongering".

I come to the Fediverse to enjoy social media, since I spend 8–12 hours working for Meta (Facebook). The Fedi is a good distraction of the nonsense that I see and encounter at work.

For example, the word "protest" is now being monitoring there. We're actively helping a fascist regime track people. That same fascist regime who is threatening Canada, Greenland, and other such nonsense.

I am not Fearmongering. I am sharing events that are unfolding, along with some valued foresight. Things are changing in our world, and not for the better.

1+
Jons Mostovojs  

The way I give my devices names is this script: github.com/cognivore/fortuneho

0
Jons Mostovojs boosted
Em :official_verified:  

Periodic tiny reminder that you do not have to (and actually shouldn't) give your own name to your devices.

Give them their own unique names.

Your privacy will be better for it,
and they'll be happier :neocat_laptop: ✨

#Privacy

1+
Jons Mostovojs  

@amanda btw, what's your zulip? I use mine as kind of an online orgmode almost because all *my* friends have left

1
Jons Mostovojs  

@amanda zulip is better than discord though! It's not even about the UX it's about familiarity of users with simplified, featureless systems.

The core idea of Zulip – streams, topics and *moveable* messages is *hard for modern computer users* to understand and there is no amount of UI polish that will make this friction go away.

There is a potential to convince users that it's the way to converse using UX and gradual onboarding, but I'm not certain.

1
Jons Mostovojs  

@virtulis haha, yeah, newlining into() is super silly

0
Jons Mostovojs boosted
often frowned upon  

@jonn well as you might remember I do have my own style guide (written version extremely out of date, but still) with some specific reasoning behind it, primarily focusing on things being readable at a glance.

So with that mindset if I do manually break an expression into separate lines, it's probably because I believe that is the best level to break it to outline the logic for the next reader.

I might be wrong in a particular instance, but I'm certainly less wrong than "this fits in one line so fuck you it's one line now, except the .into(), that seems important enough to go on the next one".

1
Jons Mostovojs  

@virtulis fair, I think I'm blinded by the problems that arise from running big teams, where autoformatters are a way to stop conversations that don't matter.

In my personal life I never felt the need for autoformatters, because "look at this perfectly aligned data in a shape of a table uwu".

But I can imagine your use-cases are somewhere between the two!

1
Jons Mostovojs  

@virtulis hot take: if you don't feel this way about your autoformatter, you aren't using autoformatters right!

The whole point of autoformatters is to not configure them and use them as is and be outraged sometimes.

At least rust has a directive to not format sections!

1
Jons Mostovojs boosted
Frederic Jacobs  

🔐✌️ Victory for Privacy and Security in France 🇫🇷

End-to-end encryption will continue to be available in France, as the assembly overwhelmingly voted against (119 votes against, only 24 in favor) an amendment to legislation fighting drug trafficking which required backdoors in encrypted messengers.

lemonde.fr/societe/article/202

0
Show more

doauth

53
Doma Social

Mastodon server of https://doma.dev.

Trending now

0 people talking
0
1 person talking
1
21 people talking
56

Resources

Developers

What is Mastodon?

social.doma.dev

More…