JTI

@[email protected]
16 Followers
294 Following
346 Posts

Everything in FOSS that isn't code.
#isolveproblems #thisisreallygoodcoffee

Sat on the Berlin wall the day it fell. From the walled in side. Sat on an Ambulance roof the day the bells rang.

JTI1d ago
Niclas2d ago

The most interesting supply chain attack I've ever seen: #trivy

The attack is really bizarre. I learned a lot about GitHub Actions and how the attack was performed.

- https://www.aquasec.com/blog/trivy-supply-chain-attack-what-you-need-to-know/
- https://www.stepsecurity.io/blog/hackerbot-claw-github-actions-exploitation
- https://ramimac.me/trivy-teampcp/#timeline
- https://snyk.io/articles/trivy-github-actions-supply-chain-compromise/

#cybersecurity #supplychain #github #glassworm #githubactions #attack #TeamPCP #c2

Update: Ongoing Investigation and Additional Activity

Open Source Security Advisory Update: Monday, March 23, 2026 Boston, MA 2:00 AM ET  We are providing this update to share new developments identified during our ongoing investigation into the Trivy open source incident described below.  Over the weekend, the Trivy team continued analysis of the previously reported incident and started implementing additional security measures across repositories and automation …

Aqua
JTI1d ago
universeinthelab1d ago
Heute wurde zum ersten Mal Antimaterie in einem LKW transportiert! Wie dieses Experiment am #CERN durchgeführt wurde und was der Beitrag von GSI/FAIR dazu war: https://www.gsi.de/start/aktuelles/detailseite/2026/03/24/base-experiment-am-cern-gelingt-transport-von-antimaterie
#Wissenschaft #Antimaterie #Darmstadt
© CERN
JTI2d ago
Show threadAnn Lipton2d ago

In the 80s, company pays stock compensation to a bunch of employees, in the form of physical stock certificates. At the time, the comp received by one employee was worth about $7K.

He put the certificates away, forgets about them.

*Jaws theme plays*

Show threadJTI2d ago

2 days later the first attempt at professional networking on ActivityPub, Flockingbird [2] archived their repositories.
Nolto states a similar reason for stopping their efforts:

"As the platform grew, the criticism grew too. Some of it was fair and helpful. Some of it was not. Some of it became personal. Projects like Flockingbird have gone through similar experiences. Small, independent efforts can quickly be treated as if they were fully staffed institutions.

Nolto was never that. It was one person building something interesting to see what would happen.

At this point I have decided to shut it down." [1]

We should learn from these two great prototypes and start the third one right to finally deliver on the idea proven by them. It should be possible in a sovereign, proper FOSS and economically viable and self-sustainable way.

[1] https://codeberg.org/Tensetti/Nolto/src/commit/d4020977444922374916715031af486d1a8981c7/src/pages/Index.tsx
[2] https://github.com/Flockingbird

Nolto/src/pages/Index.tsx at d4020977444922374916715031af486d1a8981c7

Nolto

Codeberg.org
JTI2d ago

A quick note on Nolto.
On 15 March 2026 its creator Jonathan Tensetti intentionally closed the service and deleted his Fediverse account.

What he built - Europe’s second decentralised LinkedIn alternative on ActivityPub - was gloriously vibecoded but effective. It showed, with hard data and testimonials, that the demand for a sovereignty-respecting professional platform is real.

I had been working in parallel: detailed research on technical choices, product mechanics, business-model viability under distributed/FOSS conditions, and how to test everything in practice for such a product. Nothing yolo — but nothing yet proven in production either. Jonathan precluded me by just yolo'ing the Nolto MVP. Thanks for that.

To move from proven demand to a solid, maintainable product I need proper capital, runway and possibly 1-2 additional people.
I'm looking for European-aligned funding - preferably from Germany, Poland or Denmark - networks that value independence and data protection without the usual bureaucratic overhead.

If you know the right people in those circles, please connect me with them before the current momentum fades.

Serious replies and boosts appreciated.

#Nolto #noltosocial #ActivityPub #DigitalSovereignty #Fediverse #linkedin #opensource #foss #networking

JTI2d ago
Zhuowei ZhangMar 1
Who called it "prompt injection" and not "Escape from Markov"
JTI3d ago
u880d4d ago
Alter! Der beste Post bei #heise im Forum seit Wochen.
https://www.heise.de/forum/heise-online/Kommentare/Europaeische-Cloudanbieter-Broadcom-setzt-zum-Todesstoss-an/An-alle-VMware-Admins-die-gerade-flennen-Haltet-die-Fresse-und-lest/posting-46107573/show/
heise online

News und Foren zu Computer, IT, Wissenschaft, Medien und Politik. Preisvergleich von Hardware und Software sowie Downloads bei Heise Medien.

heise online
JTI6d ago
TobbsnDec 3
I am not sorry.
JTIMar 17

Yet another banger in "FOSS is free rite" land:
https://ifross.org/?q=node/1678

Ich sage: 2 🍺 dass es kommentarlos durchgeht. Auch immer wieder schlau das "C&D" abzuzeichnen in solchen Fällen weil die Gegenseite ja dann nicht das Blatt was sie offensichtlich in der Hand haben runter spielen wird.  

Es gefällt auch dass es hier zwei Anbieter von IT-Sicherheitsprodukten als Gegner hat.

#itsecurity #compliance #foss #fosscompliance #ceaseanddesist #popcorn #banger

German Court: Linking a GPL-2.0 licensed Library triggers Copyleft | ifrOSS

JTIMar 16

The very, uh, special find of the day.
Looking at the bright side: This is going to advance jurisdiction if real and employed enough 🤣  

https://malus.sh/

However, something tells me that this is clearly the equivalent hoax grade of klausprogrammieren...

#llm #ai #foss #compliance #hoax #notsureiftrolling

MALUS - Clean Room as a Service | Liberation from Open Source Attribution