home tags events about login

absc rss

I'm a systems engineer, and not even a good one.

I'm on the fediverse to have fun. So, if what you want to discuss with me is superficial, or boring, don't waste your time.

The LOL;) is the most important thing, down here.

Languages: EN, IT
Site: https://www.abiscuola.com
Religion: Dudeism (I'm an officially ordained dude priest), pastafarianism.

absc bonked 15 Jul 2025 20:46 +0200
original: briankrebs@infosec.exchange

And from the WTAF dept, quite a bombshell from ProPublica today:

"Microsoft is using engineers in China to help maintain the Defense Department’s computer systems — with minimal supervision by U.S. personnel — leaving some of the nation’s most sensitive data vulnerable to hacking from its leading cyber adversary, a ProPublica investigation has found."

"The arrangement, which was critical to Microsoft winning the federal government’s cloud computing business a decade ago, relies on U.S. citizens with security clearances to oversee the work and serve as a barrier against espionage and sabotage."

"But these workers, known as “digital escorts,” often lack the technical expertise to police foreign engineers with far more advanced skills, ProPublica found. Some are former military personnel with little coding experience who are paid barely more than minimum wage for the work."

https://www.propublica.org/article/microsoft-digital-escorts-pentagon-defense-department-china-hackers?utm_source=bluesky&utm_medium=social&utm_campaign=propublica-bsky&utm_content=7-15

absc honked back 15 Jul 2025 15:08 +0200
in reply to: https://infosec.exchange/users/david_chisnall/statuses/114856486369020947

re: Long thread/59

re: Long thread/59

@david_chisnall @pluralistic

When you say this:

Build software where extending, modifying, and redistributing modified versions of the software are easy things that most users are at least able to do, even if they don't need to most of the time.

Do you also literally mean it in a technical sense? So creating software using languages and tools with the explicit objective of allowing, as easily as possible, users to work on it?

absc honked back 15 Jul 2025 11:04 +0200
in reply to: https://infosec.exchange/users/david_chisnall/statuses/114855914046589569

re: Long thread/59

re: Long thread/59

@david_chisnall @pluralistic

Oh, I get your point (I think).

However, at least the EUPL removes the issues around using code licensed as such.

But I agree that when it comes to extending a program under that license, people have a bunch of legalese still to understand.

Speaking for myself, I had issues with the former, where redistributing some GPLv3 code, unmodified really meant understanding what was going on. The EUPL simplifies on that front.

However it's true. The concept of copyleft is not something social norms fully agreed upon and thus, it's strange for many developers.

absc honked back 14 Jul 2025 22:25 +0200
in reply to: https://infosec.exchange/users/david_chisnall/statuses/114852361506845626

re: Long thread/59

re: Long thread/59

@david_chisnall @pluralistic

In fact I don't understand many arguments given by the FSF about licensing.

Looks a bit too abstract to me and that's probably because I'm stupid.

In the end, I've found the EUPL (European Union Public License) to be a better copyleft license than the GPL. I have issues with the latter and, after years I'm still unable to understand when and how I can combine artifacts with different licenses with something released as GPLv3.

At least the EUPL has the following properties:

  • It was created by the EU itself.
  • It has a nice set of easy to understand guidelines.
  • It really reflect what the social norms (and boundaries) are among users.
  • Last but not least: being created by the EU, has a much higher credibility compared to other options.

For projects that I don't care at all, I use the ISC license. For some bigger things I'm working on, the EUPL still allows you to use the code however you wish as I like to just give it away, but to me, it's then nice to get some code back for something I've spent a lot of time on.

That's the thing the EUPL gives me:

  • You are free to use the code however you wish (ISC-like).
  • However, if you change and improve my code, you are compelled to release the changes in the open.

absc bonked 12 Jul 2025 20:14 +0200
original: jwz@mastodon.social

Big Beautiful Bald Boarding.

Bald Baby J.D. Vance Meme Can Now Be Your Boarding Pass: James Steinberg has designed an app that allows you to change the background your digital airplane boarding pass to display a now-infamous image of the vice...
https://jwz.org/b/ykrL

Screenshot

absc honked back 12 Jul 2025 18:03 +0200
in reply to: https://x.keinpfusch.net/notes/aa3z6oumncw600ow

@uriel @cicerchia

A me piace la Happy Cola!

Contiene anche erbe, che non sono male.

Parentesi: In repubblica Ceca si beve la Kofola, che cazzo è buona! Inoltre ha poco zucchero rispetto alla Cola occidentale.

In ogni caso, voto anch'io per birra. Del vino decente ha davvero prezzi fuori di testa.

absc bonked 12 Jul 2025 10:54 +0200
original: robpike@hachyderm.io

GMail:

"Be careful with this message.
This message appears to be sent from your account but Gmail couldn't verify this. Someone might be impersonating your account. If you're not sure the message is from you, use caution when clicking links, downloading attachments, or replying with personal information."

I sent it while logged in to GMail using multiple authentication steps from my home network using a secure laptop. What are they talking about? Serious question: how could they not verify it? It's either an idiotic engineering problem on their end or I'm terrified that security is meaningless. Probably both.

absc bonked 12 Jul 2025 01:42 +0200
original: davidho@mastodon.world

Holy cow, as an American, I wasn't aware of the Horizon IT scandal. ~1,000 postal workers were wrongfully prosecuted for theft and other crimes, imprisoned, and forced to repay tens of thousands of pounds. 13 of them committed suicide! But it was an IT error! AI will make this worse.
https://www.nytimes.com/2025/07/10/world/europe/uk-post-office-scandal-report.html?unlocked_article_code=1.Vk8.LKk8.BbcHfblN3WM4&smid=url-share

absc honked 12 Jul 2025 01:23 +0200

Ok a stopgap solution

My website (and blog) ia back online at:

https://www.abiscuola.com

I did it because breaking people links if they reference your content is never nice.

So, as a good internet kid, the site is back up in a strictly static fashion.

I will not add new content to it for now and also, currently the RSS feed is no more, but given you'll not see articles for a bit, you're not gonna lose your sleep, right?

I'm working on a new project that'll host everything in the future, that's why I don't have time to write.

Plus, ehhhhh....

absc honked back 10 Jul 2025 19:07 +0200
in reply to: https://mastodon.bsd.cafe/users/cage/statuses/114829616815199085

@cage @ericsfraga

Crappy mouses are a pain.

I've spent, years ago, some good money on an evoluent vertical mouse 4.

Best money spent ever.

I used to also have some minor pain due to the mouse, but I noticed that it was because:

  • The mouse was always too small.
  • The wrist was pushing down the table, causing pressure on the carpal region.

Buying a good vertical mouse, rightly sized along with a good keyboard made miracles
for me.

absc bonked 10 Jul 2025 19:03 +0200
original: beyondmachines1@infosec.exchange

The program you DON'T WANT TO INSTALL!

Share and educate people!

From the company that took all digitized content without permission to build their product, now we have a browser.

So the company can use your data and behavior and to lock you in to their statistical parrot (AI)

#AI #privacy

engadget article: OpenAl's own web browser could arrive within weeks The company is reportedly aiming to vacuum up more data from its users. OpenAl is said to be almost ready to unleash its own web browser, which could be out in the wild within weeks. According to Reuters sources, the company is aiming to more deeply integrate its services into users’ work and personal lives, and the browser is part of that strategy (as is its push into hardware). Naturally, the browser is slated to have a ChatGPT-style chatbot baked in. OpenAl is reportedly looking to use the browser to capture more user data — a strategy that has worked out to Google's benefit with Chrome.