SCOTUS just ruled unanimously that ISPs are not contributorily liable for #copyright infringement just because they don’t terminate internet access for alleged #p2p users.

https://www.supremecourt.gov/opinions/25pdf/24-171_bq7d.pdf

RE: https://infosec.exchange/@deepfield/116284754769568339

The operator built triple-layer crypto, fast-flux DNS across 30+ ASes, biweekly C2 rotation — then shipped an unstripped debug build on port 8090, a couple of ports over from production. 300+ symbols, project name, internal module names, all right there in readelf.

Anyway here's the full writeup.

https://github.com/deepfield/public-research/blob/main/jackskid/report.md

#threatintel #ddos

Welp, finally got that new video done

https://www.youtube.com/watch?v=mmCfOazZCNQ

Hi #fediverse. We need to talk about something.

While talking to a colleague about how I recently learned most people have never sat on a cow it came up that she has never sat on a horse. Like, not even once during childhood.

Another colleague admitted they also have never sat on a horse.

My hypothesis is that most people have at one point in their life sat on a horse.

🏇 🐎 🐴

Have you sat on a horse?

Please boost for scientific accuracy.

RE: https://flipboard.com/@bbcnews/top-stories-hc55lmo2z/-/a-_tO-agcvR3usl5DZvWi0Zw%3Aa%3A3199692-%2F0

This is not just about forced language assimilation, it is also providing the basis for complete cultural erasure, forced detention, and mass internment, far beyond what has already been happening in East Turkestan (Xinjiang) and Tibet

"The law also provides a legal basis to prosecute parents or guardians who may instil what it described as "detrimental" views in children which would affect ethnic harmony and it calls for "mutually embedded community environments" which some analysts believe could result in the break up of minority-heavy neighbourhoods."

The "we are 56 ethnicities all living in harmony" image that China tries to project to the world has been a lie for a long time

Big news for Mastodon GmbH. They have formally joined forces with the World Wide Web Consortium (W3C).

If you’re not in the design/tech world, trust me when I say this is a big step for the fediverse. The W3C establishes the standards used for the internet.

This is a solid path forward for small tech.

https://github.com/w3c/socialwg/blob/main/meetings/2026/2026-03-06-WG-kickoff.md

#Mastodon #News #Technology #Fediverse #W3C #SmallTech #FOSS

Fairphone put out a document that takes a holistic look at the environmental impact of electronics. Everything detailed by component, material, process, etc. Really interesting for those looking to dig deeper

https://www.fairphone.com/wp-content/uploads/2026/03/The-impact-of-consumer-electronics-on-nature-and-biodiversity.pdf

You're paying AI companies a monthly subscription fee to be fingerprinted like a parolee.

I got bored and ran uBlock across Claude, ChatGPT, and Gemini simultaneously.

Claude:

• Six parallel telemetry pipelines.
• A tracking GIF with 40 browser fingerprint data points baked into the URL, routed through a CDN proxy alias specifically to make it harder to block.
• Intercom running a persistent WebSocket whether you use it or not.
• Honeycomb distributed tracing on a chat UI because apparently your conversation needs the same observability stack as a payments microservice.

ChatGPT:

• proxies telemetry through their own backend to hide the Datadog destination URL from blockers.
• uBlock had to deploy scriptlet injection — actual JS injected into the page to intercept fetch() at the API level — because a network rule wasn't enough.
• Also ships your usage data to Google Analytics. OpenAI. To Google. You cannot make this up.
• Also runs a proof-of-work challenge before you're allowed to type anything.

Gemini:

• play.google.com/log getting hammered with your full session behavior, authenticated with three SAPISIDHASH token variants, piped directly into the Google identity supergraph that correlates everything you've ever done across every Google product since 2004.
• Also creates a Web App Activity record in your Google account timeline. Also has "ads" in one of the telemetry endpoint subdomains.

When uBlock blocks Gemini's requests, the JS exceptions bubble up and Gemini dutifully tries to POST the error details back to Google. uBlock blocks that too. The error messages contain the internal codenames for every upsell popup that failed to load.

KETCHUP_DISCOVERY_CARD.
MUSTARD_DISCOVERY_CARD.
MAYO_DISCOVERY_CARD.

Google named their subscription upsell popups after condiments and I found out because their error handler snitched on them.

All three of these products cost money.
One of them is also running ad infrastructure.

Touch grass. Install @ublockorigin

#infosec #privacy #selfhosted #foss #surveillance