pleroma.debian.social

jlines | @jlines@pleroma.debian.social

.

jlines jlines
re: The problem of proving 'real' identity

I have written more on The Proof of Identity Problem on my blog

jlines jlines
The problem of proving 'real' identity

As the world becomes more digital increasing numbers of organisations want us to “prove” that we are who we claim to be. There is a fundamental problem there, in that, in a digital world, if I give organisation X the proof that I am some particular person, there exists the possibility that someone will use this same information to “prove” to organisation Y that they are me.

jlines jlines

@lcamtuf I was looking for steganographic software within Debian, and came across snowdrop, and although it did not meet my needs I appreciated the diversion into vacuum tubes and banknotes

john john@social.paladyn.org
Where is the simple standard for Health Measurements?

Health and Privacy are both very important to me. In relation to mediclog I would like a way to send the latest set of measurements preferably by #XMPP. It seemed a simple idea, find an XEP which would transmit common items, such as blood pressure, weight etc in an XMPP message. The nearest I can find is LOINC - but I was hoping for something like an ISBN, a widely used code which ensures everyone means the same item.

David Carroll profcarroll@federate.social

Don’t miss @justinhendrix interview @kissane for Sunday’s discussing Governance Report co-authored with @darius supported by @DigInfFund
📝https://fediverse-governance.github.io
🎙️https://player.captivate.fm/episode/aaf1f847-89df-4a72-8bef-9c828876b2d0

jlines jlines
@stefano there are many good things about cloud technology, but clouds do not *have* to be remote and run by some external cloud provider. There are also advantages for privacy and security about putting more thought into where data should be, which need not be the same place for all data. Also a more local cache, fetched in advance from a central location would allow things to proceed in the event of a comms issue.

jlines jlines
@jwildeboer @EUCommission I have been following them for some time. Although I am not an EU citizen they often demonstrate understanding of areas such as software freedom and the need for social media platforms which are not controlled by giant commercial entities. I wish more government level entities had the same level of awareness.

jlines jlines
re: Another reason to dislike WhatsApp

@john as well as concerns about Who pays for WhatsApp

jlines jlines
Monitoring for mail delivery problems

After an issue where a large mail provider stopped accepting mail from my default outgoing mail server (detected by my wife, who sends more mail than I do) I decided I had better know if this happens again, and have written it up as Monitoring for email delivery problems in case it is useful to someone else.

jlines jlines
RFC 9518 - Centralization, Decentralization, and Internet Standards

RFC 9518 is another thoughtful document from Mark Nottingham @mnot regarding the balance of Centralization and Decentralization in standards. I would add Network Time to that, were I not writing from Oxford (famous for Oxford Time) and https://xkcd.com/2867

jlines jlines
Federated attacker/trust information
I am pondering the use of ActivityPub for distributing information about bad actors on the internet. Something like a fail2ban action which would publish on securitybot@social.examplle.com a structured message carrying the meaning "192.168.12.7 has just blocked 10.1.99.5 for SSH bad password attempts". It could follow, for example securitybot@social.example.net etc, and so on and decide to add possible attackers to its own blocklists.

jlines jlines
@nik @fsf as a general case I find it alarming how many web sites (almost all) on the Internet, run Javascript from external sites, so that even if you are visiting a site you trust you are running code from, from Meta (Facebook), Twitter (or X or whatever they are today), Google, and often a dozen tracking companies without your knowledge - unless you use NoScript, or 'Use the Source, Luke' - often an alarming experience.

jlines jlines

@dannyjpalmer This is why journalists should be wary of Commercial Social Media, and why news media should be running their own federated instances.

jlines jlines
re: pleroma on social.paladyn.org upgraded to 2.5.5
@gantua @john I am, but some of this is an experiment to find a route to package projects, such as pleroma, where verifying Freeness is an obstacle to even starting the process.

jlines jlines
re: pleroma on social.paladyn.org upgraded to 2.5.5

@gantua @john There is certainly a lot to do, both in the copyright file and in a source package for the front-end. However making access to the Fediverse simpler seems an important goal, and I am trying to find a way to a usable and maintainable package in bite sized chunks. Would love to see some Fediverse packages in trixie.

jlines jlines
re: pleroma on social.paladyn.org upgraded to 2.5.5
@john @gantua I wonder if a pleroma-deps package containing all the currently unpackaged erlang dependencies, in experimental/non-free would be a stepping stone towards a package in experimental/contrib. They could move to main by a mixture of modules being packaged if they were independently useful, or the process of working through the copyright file.

jlines jlines
@GossiTheDog Their offer of a year's 'Free' access to Experian credit monitoring for those affected does not feel like an adequate response to anyone who has looked up Experian's history of data breaches.

jlines jlines
@GossiTheDog Non technical people will not want to set up and manage such instances if the administrative burden of maintaining and upgrading an instance is too great. Threads (I assume - have not tried it, but I do have a Facebook account which I try not to use, but do sometimes as it does keep in touch with people) takes away the technical administration of setting up a community, at the cost of advertising and loss of privacy.

jlines jlines
@GossiTheDog Not everybody *wants* a social network which changes all the time. Mastodon is part of an ecosystem, composed of many instances, each independent, and some Fediverse instances, like this one, run other software, in this case Pleroma. I would like it to be easier to set up smaller, more focussed instances in non technical areas. Too much of the Fediverse discusses the Fediverse (and cat pictures!). We need instances for gardening, knitting, kayaking ...

jlines jlines
@GossiTheDog I really hope somewhere there is a team having fun inventing bad inputs for NATS - as well as the obvious syntax errors and null values, how about flight paths which do not intersect UK air space, impossible distances, etc. Their aim should be (in simulation) to find other scenarios which could cause the system to be unable to handle the situation.

»