Scorpio Scorpio@datamost.com

Republic of South Africa

I'm a guy interested in Debian, FOSS, actually a alot of things... About Avatar below: Page URL: https://commons.wikimedia.org/wiki/File%3ALewecke-gateport.jpg File URL: https://upload.wikimedia.org/wikipedia/commons/7/76/Lewecke-gateport.jpg Attribution: By Frank Lewecke, http://www.spacelands.de (Own work) [CC BY 3.0 (http://creativecommons.org/licenses/by/3.0)], via Wikimedia Commons

  • Jason Self at 2021-08-22T15:15:04Z

    Diversity is the future. We are all different, and we need each other. #DiversityIsOurFuture

    RiveraValdez, Scorpio likes this.

  • There are 645 tags in the Debtags vocabulary, with 102370 known packages to tag. Of these, 18093 were tagged by humans and 84277 were tagged by robots. #ReleasingDebianBullseye

    Debian Project at 2021-08-14T17:42:10Z

    There are 645 tags in the Debtags vocabulary, with 102370 known packages to tag. Of these, 18093 were tagged by humans and 84277 were tagged by robots. #ReleasingDebianBullseye

    Scorpio likes this.

  • CD testing is a great way to contribute to the release and get stuck into Debian. liz in Brisbane, AU has just filed her first ever bug report testing a live image! #ReleasingDebianBullseye

    Debian Project at 2021-08-14T16:03:11Z

    CD testing is a great way to contribute to the release and get stuck into Debian. liz in Brisbane, AU has just filed her first ever bug report testing a live image! https://wiki.debian.org/Teams/DebianCd #ReleasingDebianBullseye

    Scorpio likes this.

    Panko shared this.

  • The release of Debian 11 "bullseye" is underway! #ReleasingDebianBullseye

    Debian Project at 2021-08-14T07:33:10Z

    The release of Debian 11 "bullseye" is underway! #ReleasingDebianBullseye

    Scorpio likes this.

    GO GO GO GO!! 🀘

    JanKusanagi at 2021-08-14T14:57:59Z

  • FTP-masters have moved "buster" to the oldstable alias in preparation for promoting testing to "bullseye" #ReleasingDebianBullseye

    Debian Project at 2021-08-14T07:39:08Z

    FTP-masters have moved "buster" to the oldstable alias in preparation for promoting testing to "bullseye" #ReleasingDebianBullseye

    Scorpio likes this.

  • The bullseye version of the Debian Installer is being moved into its new home. The installer has a long history, you can read some of it at #ReleasingDebianBullseye

    Debian Project at 2021-08-14T07:48:08Z

    The bullseye version of the Debian Installer is being moved into its new home. The installer has a long history, you can read some of it at https://salsa.debian.org/installer-team/debian-installer/-/blob/master/doc/history.txt #ReleasingDebianBullseye

    Scorpio likes this.

  • Jason Self at 2021-08-03T15:01:10Z

    Diversity is our strength. Let's all work together to make the world more diverse.

    Scorpio, Doug Whitfield likes this.

  • Debian bullseye reaches final milestone and is now fully frozen!

    Debian Project at 2021-07-17T23:36:10Z

    Debian bullseye reaches final milestone and is now fully frozen! https://lists.debian.org/debian-devel-announce/2021/07/msg00002.html

    Tyng-Ruey Chuang, Scorpio, Stephen Michael Kellat likes this.

  • Shakthi Kannan at 2021-06-24T12:16:47Z

    How Richard Feynman helped crack the case on the Challenger disaster https://lithub.com/how-legendary-physicist-richard-feynman-helped-crack-the-case-on-the-challenger-d... #physics

    Scorpio likes this.

    Scorpio shared this.

  • Are we really ready to live with Covid-19?

    PumpCast at 2021-06-24T12:14:22Z

    "Are we really ready to live with Covid-19?" Throughout the pandemic, but increasingly in recent weeks, some senior scientists and politicians have been saying that, at some point, we’re going to have to learn to live with coronavirus. On the other hand, just last week, there was a vote in the Commons to delay the easing of restrictions - a date dubbed by some as β€˜freedom day’. Speaking to Prof SiΓ’n Griffiths and Prof David Salisbury, Ian Sample asks if now is the time to go back to normality or whether a more cautious approach is needed Coronavirus – latest updates See all our coronavirus coverage. Help support our independent journalism at theguardian.com/sciencepod https://www.theguardian.com/science/series/science/60d432f88f08d468da9315f4 ( Feed URL: https://www.theguardian.com/science/series/science/podcast.xml )

    Scorpio likes this.

    Scorpio shared this.

  • Karl Fogel at 2021-03-22T17:50:47Z

    Big congratulations to Bradley Kuhn at @Conservancy for deservedly winning the Award for the Advancement of Free Software -- in the very first year he was eligible to receive it:

    https://sfconservancy.org/news/2021/mar/22/fsf-award-bkuhn/

    His acceptance video is very eloquent and moving, too -- watching it now.

    Scorpio, murph likes this.

  • HPR3296: Spam Bot Honey Pot

    PumpCast at 2021-03-22T00:14:02Z

    "HPR3296: Spam Bot Honey Pot" In this episode of Hacker Public Radio, I will describe the method I chose to combat spam bots filling out my company's contact form. About 99% of the submissions we receive are spam, which makes filtering for valid messages painful. After some research into different methods, I decided to go with the honey pot method. The honey pot method uses an extra text input field to lure the spam bot into filling it out. There are different suggestions for how to hide this extra field from valid users by using either javascript or CSS. With javascript, the honey pot section of the form is removed from the DOM when the page loads, hiding it from your users. The argument for this method is most bots don't implement javascript, so the honey pot field will not be hidden from them. I think that is a valid argument but I didn't want to include extra javascript in my page--so I went with the CSS method. There are references at the end of the show notes to a couple of the articles I read on implementing the honey pot with either javascript or CSS. My take away was, one, don't use the CSS display property set to the value of none to take the input out of the DOM. Sufficiently smart enough bots may know to scan for this, especially if applied directly to the element. Also don't name your classes something obvious to your intent like "anti-spam-filter". My guess is the majority of the bots out there aren't that sophisticated, but I figured it couldn't hurt to follow those suggestions. I was already using Bootstrap CSS for our site, so I decided to use Bootstrap's "sr-only" class. This class is used for elements that you only want visible to screen readers. It takes the element and uses a combination of absolute positioning, setting the size and width to 1 pixel, setting a negative left margin, and hiding content overflow to prevent the honey pot showing up visually. I figured if the bot was scanning CSS for classes or properties, this wouldn't trigger any warnings. It does bring up the issue of how to prevent impacting the experience of people using screen readers. I applied the aria-hidden attribute with a value of true to the label element surrounding the honey pot input field. "[this] removes that element and all of its children from the accessibility tree." So we now have the field hidden both visually in the browser and from assistive technologies. Given the short end of the stick accessibility usually gets, I doubt there are any spam bots scanning for that ARIA attribute. For the minority of users who might be viewing with the classic lynx browser, I put 'For office use' as the label text before the honey pot, hoping this would get the message across without tipping off the bot to the intended purpose of the related input field. The other main issue with this method is the value of the name attribute used for the input field. Some argue to use obfuscated values like "mmxxName" instead of "name", or "sxysPhone" for "phone". Apparently some bots will skip fields they don't recognize. By using more standard names for multiple honey pot fields, it easier to determine if it is a bot. The counter argument to this naming scheme is about the user experience, by obfuscating the name, then browsers won't auto-fill the valid fields of the form. This also brings up the matter of not auto-filling the spam fields by the browser of your users. This is done by setting any of your honey pot input elements' "autocomplete" attributes to "off". So far this spam filtering method is working nicely. I currently send any messages flagged as spam to a different email address with the subject prepended with the words "[Spam review]". Once I am confident there are not that many false positives, I will just skip sending flagged messages. The one issue I have experienced with this method is when using the tab key to move through the form. Since the input field is only visually hidden, it still receives focus as you tab through. If you happen to hit another key while still in the hidden field, it will get captured by the honey pot and then the submission will be flagged as spam. I have created a sample form on my personal site. Please visit URL: http://www.horning.us/hpr/SpamBotHoneyPot.php to try it out. It is a simple PHP page using the GET method when submitting the form. Once you press the submit button you will see the form fields and their values, along with the result messages. I chose to use "URL" as the name for my honey pot input field. I use it on my example form, and I use it for my work form. For my work form, a URL is not something we ask to be submitted, and being a common field in forms, makes it very tempting for bots. In my example code, the CSS for hiding the honey pot section is from the minicss.org websites. Their "visibility-hidden" class is very similar to Bootstrap's "sr-only" class. I would be interested to hear if others have implemented something similar. I would also love to hear from someone who uses a screen reader. Does it prevent the honey pot section from being read? References Better Honeypot Implementation (Form Anti-Spam) https://stackoverflow.com/questions/36227376/better-honeypot-implementation-form-anti-spam Honeypot Technique: Fast, Easy Spam Prevention https://solutionfactor.net/blog/2014/02/01/honeypot-technique-fast-easy-spam-prevention/ Using the aria-hidden attribute https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/ARIA_Techniques/Using_the_aria-hidden_attribute mini.css https://minicss.org/docs#visibility-helpers Spam Bot Honey Pot example http://www.horning.us/hpr/SpamBotHoneyPot.php http://hackerpublicradio.org/eps.php?id=3296 ( Feed URL: http://hackerpublicradio.org/hpr_ogg_rss.php )

    Scorpio likes this.

  • Astronomy Picture of the Day for 2021-03-20 12:30:01.838454

    Astronomy Picture of the Day (Unofficial) at 2021-03-20T17:30:02Z

    Astronomy Picture of the Day

    Discover the cosmos! Each day a different image or photograph of our fascinating universe is featured, along with a brief explanation written by a professional astronomer.

    2021 March 20
    See Explanation.  Clicking on the picture will download
the highest resolution version available.

    The Leo Trio
    Image Credit & Copyright: Francis Bozon

    Explanation: This popular group leaps into the early evening sky around the March equinox and the northern hemisphere spring. Famous as the Leo Triplet, the three magnificent galaxies found in the prominent constellation Leo gather here in one astronomical field of view. Crowd pleasers when imaged with even modest telescopes, they can be introduced individually as NGC 3628 (right), M66 (upper left), and M65 (bottom). All three are large spiral galaxies but tend to look dissimilar, because their galactic disks are tilted at different angles to our line of sight. NGC 3628, also known as the Hamburger Galaxy, is temptingly seen edge-on, with obscuring dust lanes cutting across its puffy galactic plane. The disks of M66 and M65 are both inclined enough to show off their spiral structure. Gravitational interactions between galaxies in the group have left telltale signs, including the tidal tails and warped, inflated disk of NGC 3628 and the drawn out spiral arms of M66. This gorgeous view of the region spans over 1 degree (two full moons) on the sky in a frame that covers over half a million light-years at the trio's estimated distance of 30 million light-years. Of course the spiky foreground stars lie well within our own Milky Way.

    Tomorrow's picture: antikythera


    < | Archive | Submissions | Index | Search | Calendar | RSS | Education | About APOD | Discuss | >

    Authors & editors: Robert Nemiroff (MTU) & Jerry Bonnell (UMCP)
    NASA Official: Phillip Newman Specific rights apply.
    NASA Web Privacy Policy and Important Notices
    A service of: ASD at NASA / GSFC
    & Michigan Tech. U.

    Scorpio likes this.

  • Tom Tishken at 2021-01-02T20:52:36Z

    ok now i went to a real search engine and get away from google/duckduckgo/startpage. i did find on dogpile this:

    https://gnusocial.network


    could not find any links to it on ducjduckgo or startpage. seems like the google bubble has effected them also.

    Scorpio likes this.

  • Note - Finished my 2020 project. Let me call it #6502portable. It closes the loop…

    at 2021-01-03T20:34:36Z

    Finished my 2020 project.
    Let me call it #6502portable.
    It closes the loop between my starting point in 1986 and now. Like a Terminator time line, just backwards.
    It's an Atari 800XL on a USB powerbank, video output captured into a Raspi on a 2nd powerbank.
    Visuals inspired by Alien movie where computers look like they should. Released in 1979, the year of Atari 800.
    I have rarely felt more satisfied.
    #retrocomputing
    #retrohardware
    #atari8bit
    #cyberdeck
    --
    eizen@mastodon.social
    URL: https://mastodon.social/@eiZen/105437929430460729

    Scorpio likes this.

    Nice! A good looking machine, unlike what's produced today πŸ‘

    JanKusanagi at 2021-01-03T21:24:39Z

  • Security Now 808: CNAME Collusion

    PumpCast at 2021-03-03T06:13:50Z

    "Security Now 808: CNAME Collusion" Seven Exchange 0-days, Firefox Enhanced Tracking Protection, SolarWinds Password. Chrome to default to trying HTTPS first when not specified. Firefox's "Enhanced Tracking Protection" just neutered 3rd-party cookies! As easy as "SolarWinds123". Rockwell Automation's CVE-2021-22681 is a CRITICAL 10 out of 10. VMware's vCenter troubles. SpinRite update. Microsoft issues emergency patches for 4 exploited 0-days in Exchange. CNAME Collusion. We invite you to read our show notes at https://www.grc.com/sn/SN-808-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: privacy.com/securitynow Melissa.com/twit itpro.tv/securitynow promo code SN30 https://twit.tv/shows/security-now/episodes/808 ( Feed URL: http://feeds.twit.tv/brickhouse_video_small.xml )

    Scorpio likes this.

    Scorpio shared this.

  • HPR3280: What We Need For the ActivityPub Network

    PumpCast at 2021-02-26T00:14:11Z

    Scorpio likes this.

  • Security Now 807: Dependency Confusion

    PumpCast at 2021-02-24T05:13:57Z

    "Security Now 807: Dependency Confusion"

    SHAREit's security update, Solorigate, Brave's "Private Window with Tor".

    • SHAREit Follow-up
    • This Week in Web Browser Tracking
    • Brave's "Private Window with Tor" was not so private
    • Tracking with eMail Beacons
    • Microsoft's final "Solorigate" update
    • "Good App goes Bad for Profit"
    • SpinRite: RS shows VERY obvious improvement after one pass of SR 6
    • Dependency Confusion

    We invite you to read our show notes at https://www.grc.com/sn/SN-807-Notes.pdf

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:

    https://twit.tv/shows/security-now/episodes/807

    ( Feed URL: http://feeds.twit.tv/brickhouse_video_small.xml )

    Scorpio likes this.

  • HPR3157: Compost

    PumpCast at 2020-09-08T00:13:30Z

    "HPR3157: Compost"

    How to compost food scraps to produce nutrient-rich soil. It's natural!

    http://hackerpublicradio.org/eps.php?id=3157

    ( Feed URL: http://hackerpublicradio.org/hpr_ogg_rss.php )

    Scorpio likes this.