Karl Voit  Sep 29, 2023

After basically the whole #Microsoft #Azure cloud was hacked (see list of related sources on https://karl-voit.at/cloud/ ), the first follow-up incidents went public caused by missing containment actions:

60,000 emails were stolen from 10 #USA #StateDepartment accounts
https://www.reuters.com/world/us/chinese-hackers-stole-60000-emails-us-state-department-microsoft-hack-senate-2023-09-27/

If you didn't understand until now: basically EVERYTHING at Microsoft got hacked and Microsoft can't (or won't) get rid of the intruders. Everything authenticated by Microsoft is tainted. Even #Windows auth.

You Can't Control Your Data in the Cloud

Show threadstdevelSep 29, 2023
@publicvoit We really need an user-friendly alternative to #GitHub. Love seeing that both @forgejo and #GitLab work on ActivityPub support. Can't wait to try it out.
Show threadContradiction FinderOct 1, 2023
I have really been baffled by the widespread loyalty to Microsoft by the #FreeSoftware community. I wonder if you have the answer… is it really user-friendliness that causes FOSS devs to embrace #Github with such strong loyalty as to ignore marginalization of people communities excluded by MS? I think of developers as quite technical so I would not have thought user-friendliness is that critical to a forge. #askFedi
Show threadDobody has movedOct 1, 2023
@batalanto my first guess is they embrace GH because it's been here for ages, and it's the largest global platform you can contribute to. Having 20 accounts in different instances just so you can help with projects sounds tedious. I'm not much for a dev, and i love selfhosted git platforms but a central one is often much more... dang... "user friendly"
Show threadContradiction FinderOct 1, 2023

@dobody The lazy login theory has to be the most popular one I keep hearing. I don’t really grasp it because #Github is login-hell for me:

1) submit login creds over tor
2) go to bogus disposable email provider for the address on GH files
3) possibly get blocked by captcha
4) get 2fa code if not captcha-blocked
5) go back to Github to enter code

Every Github login is more cumbersome than a #gitea *registration* process.

Are most Github users using a real email address (thus giving up privacy) to login? Or using clearnet? I’m not sure if tor triggers special treatment that imposes 2FA.

Show threadContradiction FinderOct 1, 2023

Why are #freeSoftware developers so loyally hooked on #Microsoft #Github?

(lazy login theory: users have little tolerance for multiple accounts regardless of how easy gitea registration is)

#poll

/cc @dobody @stdevel @publicvoit

lazy login theory, primarily
25%
github is the most user-friendly by far
20%
mutually critical combination of the above 2
30%
other
25%
Poll ended at .
Show threadDobody has movedOct 1, 2023
@batalanto /cc @stdevel @publicvoit
why isn't it possible that they are loyally hooked because it's the most widely used centralised git site, since even before it was acquired?
EDIT: this is vendor lock-in and it's a bad thing, but it's explicable
Show threadContradiction Finder

@dobody It would be ideal if I had a network-effect voting choice. Perhaps I’ll re-run the poll when this one ends.

But note that the network-effect & lazy login theory kind of go hand-in-hand. I probably need to bring in a more complex voting system (like median ranked voting) to sort out those differences.

Oct 1, 2023 at 5:38pmWeb