Mastodawn

Alternative ALT text: Lone OSS maintainer riding the vulnerability wave. Downstream users cheering them on from a distance.

Gorazd 1d ago

Show thread

Brian Honan 3d ago

@PogoWasRight @masek @amvinfe @euroinfosec Where I get that statistic from is from the Hiscox annual Cyber Readiiness Report. They are a cyberinsurance provider and each year provide a country by country report. This year's report on Ireland showed that 70% of companies hit by extortion attacks paid a ransom to prevent sensitive data from being published, yet 29% had their data leaked anyway

https://www.hiscox.ie/crr2025

Hiscox Cyber Readiness Report 2025 | Hiscox Ireland

Now in its ninth year, the annual Hiscox Cyber Readiness Report 2025, which surveyed 500 Irish businesses has revealed the growing scale of cyber threats facing Irish businesses, with new risks emerging from Artificial Intelligence, as well as persistent challenges from ransomware.

Gorazd 3d ago

Show thread

Gabe 5d ago

@EUCommission the only way to enforce age verification of minors is through total internet supervision of everybody. And it won't help with any of the problems on the internet, because facilitating and effectively rewarding terrible behaviour optimises the revenue of the main players.

If you want a better internet, step one is to ban behaviour-based profiling for advertising, with no "consent" loophole. It makes surveillance ("tracking cookies") immediately illegal (no "legitimate interest" excuse, GDPR does the rest). That trashes the direct "more bullying and hate leads to greater revenue" connection, which immediately removes the incentive to put active effort into more vicious online spaces. This applies to Google, Meta, X, Reddit, etc.

Note that the "consent is not an excuse" part is critical. "Ask me later" just means that people are worn down into clicking "yes" eventually, just to get it out of the way, you know yourself the dark patterns, you know yourself the cookie consent forms, where "none of them" is tedious and must be repeated on every visit, but "yes please" is simple and eternal. Try changing that decision later.

Ban the surveillance. Yes, it's many companies' entire business model. That's too bad for them, should have tried being socially positive. Yes, many services will have to start some sort of subscription or pay per use model instead of being fake-free. That's OK, they'll also be disincentivised to enshittify.

It'd make the internet better for everyone, including children, who could continue to find and create so many positive communities online, instead of being blanket-banned.

Gorazd 3d ago

Denys Séguret 6d ago

Here's a strange situation:

thousands of #Rust developers use #bacon, #broot, #dysk, or #lazy-regex every single day — tools I wrote, maintain, and improve for free.

Their companies, though? None of them want to hire their author.

If you use my tools at work and your company does #Rust, I'd really appreciate a hand landing a job or freelance mission. A boost goes a long way. 🙏🦀

https://dystroy.org

dystroy

dystroy - Rust consulting

Gorazd 6d ago

Chris Petrilli May 11

Douglas Adams died 25 years ago today. This has made a lot of people very sad. And has been widely regarded as a very bad thing.

Gorazd May 11

TheJen will not comply May 8

Folks are gonna need to stop with the "grandma on the computer" to mean uneducated users tropes soon.

I was writing and debugging code to a cassette tape drive before a lot of folks who say this nonsense were even born. I have built my own computers from the case up. My first computer class in college was COBOL. I hard coded websites before there were any tools to do it with.

I'm 52.

What I find is that most of the yunguns have no fucking idea how they work and couldn't find a command line if their life depended on it.

So, yanow, maybe stop.

Gorazd May 7

Magenta Rocks May 5

Happy new #MurderBot Book Day to all who celebrate!

#Books

Gorazd May 7

Otmar Lendl May 5

https://www.terrygodier.com/the-boring-internet/ascii

The Boring Internet

The internet you grew up on isn't dying. A commercial veneer glued on top of it is. A visual essay about what actually persists.

Terry Godier

Gorazd May 6

David Bushell 🪿May 4

I'm literally unscrewing lightbulbs to renew their DHCP lease

smart home was a mistake

Gorazd May 5

spaf May 3

My new entry in the CERIAS Blog: After the Buggy Whip
https://www.cerias.purdue.edu/site/blog/

Last week's post pushed back on the myth that AI makes programmers and security analysts optional. This sequel takes the longer view: new technologies do not end fields, they reshape them. The 1898 international urban-planning conference broke up after three days because the delegates could not solve the horse-manure crisis; within fourteen years, the problem had solved itself ...

New Myths for Old - CERIAS - Purdue University

The Center for Education and Research in Information Assurance and Security (CERIAS) is currently viewed as one of the world’s leading centers for research and education in areas of information security that are crucial to the protection of critical computing and communication infrastructure.