Bluesky Exploits
https://github.com/qwell/bsky-exploits [github.com]
2023-09-13 20:32
tags:
exploit
security
social
ux
web
web
I have discovered a number of security vulnerabilities in Bluesky and atproto. Each time I’ve found something new, I’ve chosen to report it to Bluesky at security@bsky.app, as requested at https://bsky.app/.well-known/security.txt, and provide them with details. Bluesky has responded to only one of these reports, one time, 4 days after submission, saying “We appreciate the report, and we’ll be taking a closer look at the issue.”. They did not follow up on that report and they have not responded to any of my other reports.
Doom-lexing
https://languagelog.ldc.upenn.edu/nll/?p=60323 [languagelog.ldc.upenn.edu]
2023-08-23 21:54
tags:
hoipolloi
language
social
Susie Dent has an ever growing Twitter following of 1,1 million unique word lovers to whom she shares her daily word of the day. Word search engine Unscramblerer.com went through Susie Dent’s whole Twitter history and analyzed what are the most liked, shared and commented words of the day she has posted.
ingordigiousness, recrudescence, sequaciousness, ...
All the (open) world’s a stage: how the video game Fallout became a backdrop for live Shakespeare shows
https://www.theguardian.com/culture/2023/jan/25/the-open-worlds-a-stage-how-the-video-game-fallout-became-a-backdrop-for-live-shakespeare-shows [www.theguardian.com]
2023-01-27 04:24
tags:
fiction
gaming
hoipolloi
social
The Wasteland Theatre Company is not your average band of thespians. Dotted all across the world, they meet behind their keyboards to perform inside Fallout 76, a video game set in a post-nuclear apocalyptic America.
There are no ticketed seats, and the company makes no money. The majority of audiences stumble across the performances accidentally in the wasteland, and sit to watch the show for free – or tune in on Twitch, where the company broadcasts every performance live. Characters stride across stages that are cantilevered together from in-game objects. Lighting cues provide atmosphere. Soliloquies are passionately delivered.
source: HN
If You Ask Your Friend to Take Your Photo Using Your Camera, Who Owns the Copyright?–Shah v. NYP
https://blog.ericgoldman.org/archives/2023/01/if-you-ask-your-friend-to-take-your-photo-using-your-camera-who-owns-the-copyright-shah-v-nyp.htm [blog.ericgoldman.org]
2023-01-27 03:59
tags:
photos
policy
social
tech
Still, its implications are wide-ranging. The court is basically saying that whoever presses the camera button owns the copyright, even if the button-pusher doesn’t own the equipment, the camera settings are provided to them, and they get some verbal direction from the camera owner/photo subject about when, where, and how to take the photo. Due to that conclusion, Shah does not own the copyrights to the photos on his phone and he can’t register the copyrights or enforce them.
Vigilantes for views: The YouTube pranksters harassing suspected scam callers in India
https://restofworld.org/2023/youtube-scam-call-vigilantes/ [restofworld.org]
2023-01-16 16:41
tags:
article
hoipolloi
social
Los Angeles-based Trilogy Media took “scambaiting” to a new level, but some claim they’re gaining viral fame at others’ expense.
Trilogy’s pursuit of vigilante justice has proved a hit with their many fans, whom they refer to as “the squad.” But for some, their antics lay bare an uncomfortable power dynamic in which YouTubers in Los Angeles gain viral fame at the expense of Indian call center workers, physically harassing people whose situation they may know little about.
‘Every message was copied to the police’: the inside story of the most daring surveillance sting in history
https://www.theguardian.com/australia-news/2021/sep/11/inside-story-most-daring-surveillance-sting-in-history [www.theguardian.com]
2021-09-22 21:51
tags:
opsec
policy
social
tech
Billed as the most secure phone on the planet, An0m became a viral sensation in the underworld. There was just one problem for anyone using it for criminal means: it was run by the police
source: HN
Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective
https://signal.org/blog/cellebrite-vulnerabilities/ [signal.org]
2021-04-21 20:18
tags:
android
defense
exploit
iphone
security
social
storage
As just one example (unrelated to what follows), their software bundles FFmpeg DLLs that were built in 2012 and have not been updated since then. There have been over a hundred security updates in that time, none of which have been applied.
In completely unrelated news, upcoming versions of Signal will be periodically fetching files to place in app storage. These files are never used for anything inside Signal and never interact with Signal software or data, but they look nice, and aesthetics are important in software. Files will only be returned for accounts that have been active installs for some time already, and only probabilistically in low percentages based on phone number sharding. We have a few different versions of files that we think are aesthetically pleasing, and will iterate through those slowly over time. There is no other significance to these files.
Changes to Sharing and Viewing News on Facebook in Australia
https://about.fb.com/news/2021/02/changes-to-sharing-and-viewing-news-on-facebook-in-australia/ [about.fb.com]
2021-02-17 21:54
tags:
media
policy
social
web
In response to Australia’s proposed new Media Bargaining law, Facebook will restrict publishers and people in Australia from sharing or viewing Australian and international news content.
Justice Thomas Writes a Misguided Anti-Section 230 Statement “Without the Benefit of Briefing”–Enigma v. Malwarebytes
https://blog.ericgoldman.org/archives/2020/10/justice-thomas-writes-a-misguided-anti-section-230-statement-without-the-benefit-of-briefing-enigma-v-malwarebytes.htm [blog.ericgoldman.org]
2020-10-20 18:45
tags:
policy
social
web
This statement bears some resemblance to Justice Thomas’ statement in early 2019 that the Supreme Court should reconsider the actual malice standard from New York Times v. Sullivan. Like this statement, that statement was anti-media, pro-censorship, and quite unpersuasive. So far, the Supreme Court hasn’t taken up Justice Thomas’ initiative against the actual malice standard. I hope this statement suffers the same fate.
The Art of the Bad Faith Argument
https://www.thebellows.org/the-art-of-the-bad-faith-argument/ [www.thebellows.org]
2020-07-08 00:16
tags:
essay
hoipolloi
ideas
language
social
The person who types “lol” is never actually laughing; the person who types I’M SCREAMING is silently dabbing at a screen. In the same way, the person who is perpetually shocked and outraged and brimming with righteous fury is almost always lying to themselves. They’re as affectless as the rest of us: play-acting, downloading synthetic emotions, and then passing them on.
source: jwz
Unsubscribe: The $0-budget movie that ‘topped the US box office’
https://www.bbc.co.uk/news/world-us-canada-53099283 [www.bbc.co.uk]
2020-06-19 18:58
tags:
business
movie
social
But on 10 June, one box office-topping movie was watched by just two people, in one cinema. Unsubscribe, a 29-minute horror movie shot entirely on video-conferencing app Zoom, generated $25,488 (£20,510) in ticket sales on that day. Nationwide, the movie hit the top of the charts, according to reputable revenue tacker Box Office Mojo. The budget of the movie: a flat $0. How was that possible?
source: HN
Augmented Reality Is Now Mainstream on Instagram
https://www.theatlantic.com/technology/archive/2020/05/augmented-reality-instagram-zoom/611494/ [www.theatlantic.com]
2020-05-12 05:47
tags:
ai
graphics
social
web
I am alone in my apartment, as always, and I’ve just replaced my left eyeball with an orange springing out of its peel. A mile away, a friend, also home alone, is taking her seat—every seat, actually—at the table in The Last Supper, yelling as the camera pans down the row of disciples and her face replaces that of one man after another. Another friend is watching a mouse dressed as the Pope dance across her kitchen floor. A third is smiling while a strange man wraps his arms around his throat.
The Early History of Usenet
https://www.cs.columbia.edu/~smb/blog/2019-11/2019-11-14.html [www.cs.columbia.edu]
2020-04-10 00:51
tags:
email
networking
retro
series
social
unix
>November 2019 is, as best I can recall, the 40th anniversary of the conception of Usenet. (What’s Usenet? The Wikipedia article is ok but not perfect.) I should have written a proper paper; instead, there will (probably) be an irregular series of blog posts.
I didn’t notice the series concluded a while back, so if you were waiting to read the whole thing, it’s done.
Monitoring And Debunking COVID-19 Panic: The “Haarlem Aldi” Hoax
https://www.bellingcat.com/news/2020/03/13/monitoring-and-debunking-covid-19-panic-the-haarlem-aldi-hoax/ [www.bellingcat.com]
2020-03-25 01:31
tags:
factcheck
investigation
social
web
Knowing how relatively calm the situation has been here in the Netherlands (especially in Haarlem, where there is one reported case), we at Bellingcat felt that the video was likely fake — and set out to prove it.
Hashtag of note
https://languagelog.ldc.upenn.edu/nll/?p=46455&utm_source=rss&utm_medium=rss&utm_campaign=hashtag-of-note [languagelog.ldc.upenn.edu]
2020-03-18 17:18
tags:
social
text
web
You will probably notice immediately that it contains a full-width dash, in other words a Unicode (probably Chinese-origin?) character. For some reason, this is all over Twitter in posts from Anglophone people I am almost completely sure have no input method installed that can actually produce it.
It’s not a real dash at all but a “Katakana-Hiragana prolonged sound mark“:
How Explaining Copyright Broke the YouTube Copyright System
https://www.law.nyu.edu/centers/engelberg/news/2020-03-04-youtube-takedown [www.law.nyu.edu]
2020-03-04 20:41
tags:
policy
social
This is a story about how the most sophisticated copyright filter in the world prevented us from explaining copyright law. It doesn’t involve TikTok dance moves or nuanced 90s remixes featuring AOC. No, it involves a debate at a law school conference over how and when one song can infringe the copyright of another and how exactly one proves in a courtroom if the accused song is “substantially similar” enough to be deemed illegal. In the end, because it was blocked by one of the music companies who owns the song, it also became a textbook study in how fair use still suffers online and what it takes to pushback when a video is flagged. A copyright riddle wrapped up in an algorithmic enigma, symbolic of the many current content moderation dilemmas faced by online platforms today.
source: HN
Welcome to the age of the avatar
https://www.ft.com/content/8ca2f72a-1b4d-11ea-9186-7348c2f183af [www.ft.com]
2019-12-12 07:54
tags:
future
graphics
hoipolloi
social
tech
On the Internet, No One Knows You’re Not Rich. Except This Account.
https://www.nytimes.com/2019/11/11/style/baller-busters-online-scams.html [www.nytimes.com]
2019-11-12 03:27
tags:
factcheck
hoipolloi
social
In February, an Instagram account called @BallerBusters cropped up and began wreaking havoc on the flashy Instagram entrepreneur community.
Its goal: To expose phony entrepreneurs. Using a mix of screen-shotted receipts, memes and crowdsourced information from followers, the account seeks out people who don’t “act their wage.”
More Teenagers Mistakenly Think “Private” Chat Conversations Will Remain Private
https://blog.ericgoldman.org/archives/2019/10/more-teenagers-mistakenly-think-private-chat-conversations-will-remain-private-people-v-jp.htm [blog.ericgoldman.org]
2019-10-08 02:06
tags:
hoipolloi
opsec
policy
social
As you can see, the chat participants–especially 7Up and Lady Gaga–seemingly discuss killing S, his goldfish, and his dog. But in the context of nonsense teen chatter, I don’t think anyone could read this transcript and believe that any of participants actually planned to harm S or any animals.
An unidentified person tipped off S to the thread’s existence. S asked “Me” about it. Me revealed the thread’s name to S. This got back to S’s mom, who told the principal, who brought the girls into his office, seized their phones, and turned them over to law enforcement. Prosecutors brought charges against 7Up/JP for misdemeanor online threats. A jury convicted 7Up. The appellate court reversed.
This is mostly nonsense, although it’s somewhat interesting to see court opinions wrestle with the conundrum of quoting screenshots.
Fixing up KA9Q-unix, or "neck deep in 30 year old codebases.."
http://adrianchadd.blogspot.com/2019/09/fixing-up-ka9q-unix-or-neck-deep-in-30.html [adrianchadd.blogspot.com]
2019-09-28 19:50
tags:
freebsd
networking
retro
social
wifi
Anyhoo, I’ve finally been mucking around with AX.25 packet radio. I’ve been wanting to do this since I was a teenager and found out about its existence, but back in high school and .. well, until a few years ago really .. I didn’t have my amateur radio licence. But, now I do, and I’ve done a bunch of other stuff with a bunch of other radios. The main stumbling block? All my devices are either Apple products or run FreeBSD - and none of them have useful AX.25 stacks. The main stacks of choice these days run on Linux, Windows or are a full hardware TNC.