it’s “open core”.

Gitea has gone open core; it is still free software but its development is controlled by a for-profit company which is developing non-free features. So, Forgejo is the community-run fork of it which people outside the Gitea company are contributing to instead now. You can read more about their divergence here.

the guy in the middle is a pro at photobombing

Authorities don’t need to ask Signal for metadata; Signal promises they don’t log any themselves and that is probably true.

But, they outsource their server operation to Jeff Bezos, and then they do some absurd security theater to pretend that cryptography makes it so that the server (Amazon) couldn’t possibly log metadata - which is obviously false.

today: “Bulgarian Prime Minister Rosen Zhelyazkov told parliament that the Commission president’s plane had not been disrupted but had only experienced a partial signal interruption, the kind typically seen in densely populated areas. […] But just hours later, the government again changed its position, with Zhelyazkov holding an impromptu news conference early afternoon to revert the official line to the electronic warfare happening in Ukraine once again.”

This blog post has some details about the bad reporting around this story (claiming they used paper maps, and that they were circling for an hour) but it ultimately does agree that the “some issue with the GPS” reported by the pilot (the post includes radio recordings from the air and again from the ground after landing where the pilot says “GPS issues”) must in fact be some type of GPS interference.

Meanwhile flightradar24 says “Yes, and we’re also saying there is no evidence of spoofing. There are numerous issues that could have affected the crew’s ability to perform a GPS-based approach that aren’t related to jamming or spoofing.”

🤷

ADS-B is quite far away from GPS frequencies, so yeah.

ADS-B packets include coordinates from GPS as well as several values related to the estimated accuracy of said coordinates (which is how flightradar24 is reporting that they had good GPS signal throughout the flight).

We Need To Talk About “Authoritarianism”

Flight24 indicates that there was a strong GPS signal throughout the flight. Is there some other type of signal which you think they jammed instead of GPS?

you’re suggesting they jammed the pilots’ GPS but not the transponder’s?

Flightradar24 says “The aircraft’s transponder reported good GPS signal quality from take-off to landing” 🤔

(via)

something from the “stable ports” list at https://www.rockbox.org/

Can someone tell me what vibe coding is?

a term coined 6 months ago for writing software using an LLM https://en.wikipedia.org/wiki/Vibe_coding

if they do something, it’s not in your interest

this is often true, but sometimes (like in this case) they are actually doing things that are in (almost) everyone’s interest: making browsers more secure 🙄

(see my other comment in this thread for details)

deleted by creator

fuck google generally, but in this case that mastodon post’s characterization that “Respondents overwhelmingly reject the suggestion” is not accurate - lots of people in that thread are in favor of removing it and those who aren’t aren’t making a strong case to keep it.

imo client-side XSLT never needed to be implemented; afaict its primary use is styling RSS feeds and I doubt many people ever actually read RSS feeds styled that way even if millions of feeds are/were.

tldr: This obscure “feature” is a significant source of vulnerabilities which attackers are able to compromise endpoints with right now. The GNOME project’s libxslt is used by all modern browsers and has been largely unmaintained for a long time, and it is a pretty sure bet that it has lots more remotely-exploitable bugs (in addition to those which have already been discovered and not yet fixed, or for which fixes are not yet widely distributed).

it sounds like there is also a mostly-working JS replacement for this C++ code; if it is actually possible to ship that and avoid breaking any sites it would be preferable, but, otherwise, i for one would certainly be in favor of dropping browsers’ XSLT support (which was only ever for XSLT 1.0 anyway!) completely ASAP.

CoMaps is “offline-first” and they’re working on a deskop version, but it is alpha right now and they don’t appear to be distributing binaries of it (the desktop version) yet so you’ll need to compile it yourself. There are instructions here. I haven’t tried it yet myself but I think it looks promising!

Another option is to run CoMaps, OsmAnd, or another Android app under Waydroid.