If you prefer subtle manipulations to jokes that make you think, you should not use free software, just open source.
Repair is awesome, but equally important is to take good care of stuff in the first place. Look after things to prevent them breaking. Learn how they work and how to make them last. (e.g. learn how to keep batteries in good condition.) Get a good case. Keep things clean. Look after stuff!
Interesting fact about HTTP:
One of the little known status codes is 451, named as you might have guessed after Ray Bradbury's novel Fahrenheit 451. It is used when something on the web is "Unavailable for Legal Reasons".
@Liberapay is indeed our favourite donation platform ❤. You can read more about the #fdroid liberapay integration here: https://f-droid.org/en/2018/03/02/liberapay-support.html
And you can support us via liberapay here: https://liberapay.com/F-Droid-Data
Have you heard of StreetComplete? It's an Android app that shows you open questions/issues with OpenStreetMap in your area, and asks you to answer them.
It's made for people with no experience with #OpenStreetMap, so it shows only very simple questions that can be answered very clearly. ("What is printed on this street sign?", "What's the number on this house?")
GDPR Shield, "Visionary" package (actually free) 😂 (source https://www.donationcoder.com/forum/index.php?topic=45495) https://t.co/NAlwDiQuYJ
Starbucks vs. coffee houses... ☕️
"[...] it wasn’t necessary to buy food or even coffee 200 or 300 years ago, but everyone had to pay an entrance fee: one penny. 'They were called ‘penny universities’ because of the idea they were alternative educational structures.'"
Every fucking company saves your password without encryption. Few days ago I had a talk with Vodafone customer support and on the phone the guy asked me: "I can see your password here, can you tell me your last 3 letters of your password please?" As I said: "What?? You know that this is illegal?" he changed subject.
FOSS situation, yet again
Remind me that luajit was maintained by only one person and decided to stop one day while a whole industry was relying on it.
New Spectre NG vulnerabilities in Intel CPUs https://borncity.com/win/2018/05/03/new-spectre-ng-vulnerabilities-in-intel-cpus/
Of course the fact that the logging code used for debugging ended up in the production server should count as gross incompetence...
It might be genuinely useful if for example a middleware is sanitising user input. Test if your code receives a < character instead of an < character representation.
@MatejLach During development, a few cases come to mind:
1. Making sure the "wrong password" message is actually because of a wrong password given.
2. problems with passwords containing special characters in different charsets.
3. Unit testing of the password routines without exposing too much of the innards to the Unit testing framework.
Keeping this logging on in production is the real fuckup.
@MatejLach I've personally encountered a scenario where it happened by accident - bad auth attempt resulted in writing to the error log with the params, including plaintext pre-hash password. (Not saying it's ok, just that we're human and sometimes don't anticipate things well enough).
@MatejLach I don't want to assume incompetence over malice, but..
I've seen Apache+PHP log erroring function calls with arguments in plaintext, so it's possible that it might have been (partly) unintentional.
Hi there! I am a free software developer. I enjoy working on useful software, as well as advocating for software freedom and the use of open standards, promoting data ownership, decentralization and privacy. If this is important to you, I may be worth following. If you like Go, Rust, or Swift, it may be worth following me as well. Besides computing, I enjoy metal, a good read and occasionally some gaming, (not much time for that these days).