Pinned ping

What's up with me? (you most probably didn't ask)

I'm in my fourth decade, located somewhere in the old world. This account is a splinter of my presence in the fediverse (although my only other account has a really low profile, with a handful of followers -- 16 as yet).

I dabble in , I hack on stuff and occasionally suffer through the PR process. I try to help people close to me by .

I have academic interest in paganism and witchcraft.

--continued--

food 

Why, pray, are so many websites and web apps so adamant to use remote fonts from a Google server?

I'm watching a presentation on how to write tests for a specific environment;

Presentation starts with "What are tests and why do you want to test?";

Uuuugh yeah, cool, I guess not every talk about testing should necessarily spend a whole 15 minutes on why testing is good, maybe?

Ran my small backup program into and found out it costs $113k to develop from scratch!

Shocking stuff. Also certainly wrong lol

people committing to their companies' repositories over the weekends and fostering a toxic culture of peer pressure at work, we see you

Maybe the most daunting thing about being a freelance dev is not having the structure to conduct proper code reviews.

I'm having nightmares about deploying my code in production.

Splitting my days between hacking on backup software and shoveling manure AMA

«Ui alors j'utilise France Connect pour me connecter au site des impôts, changer ou mettre à jour ma carte grise et pour aller sur PornHub»

😂 😂

senat.fr/amendements/2019-2020

I made a C++ tool for creating brute force lists out of fair guess passwords using a genetic algorithm gitlab.com/terceranexus6/jock_ I felt like making hand-written lists on txt was a poor option :blobnervous:

Anyway here's a blog entry about it too, but I didn't explain a lot tbh dev.to/terceranexus6/genetic-a

ukpol; bitter sarcasm (-) 

Maintenant que est lancée, comment se passe la supervision et l'audit de la plateforme d'exploitation ?

Back to INRIA, I have just learned that they had published a few weeks ago an updated protocol named DESIRE, that is touted to address some privacy concerns that were made against ROBERT by combining the "best of both worlds" between centralised and decentralised models...

hal.inria.fr/hal-02570172

But tough, it's already too late and the development efforts are all based on ROBERT.

Not to worry though, the biggest flaws remained untouched in DESIRE, so we're not missing much.

Show thread

PS:

as for my own opinion as to whether there MUST be a technological response to derail the epidemic, I'm more than skeptical in the absence of a cohesive response from govt (wrt masks, ICU beds, de/confinment and general chaos is getting a message through) since the beginning of the crisis; and this episode is just one of many that add to a heap of problems.

The proposed app only works if a significant part (> 60%) of the population adopts it, but you must have a compatible smartphone (which costs money), sufficiently charged and with the app running in foreground, etc etc...

Show thread

Which in summary, is all theatre to me.

INRIA has a very high reputation in scientific circles, it's a national institution, a public, state-funded university.

I can only regret that it falls short of its stated mission objective to bring a fully privacy preserving solution to the table by lacking transparency in key areas.

5/X

Show thread

"Conspirationism" set-aside, this is yet another example of a good faith front lacking actions to back it up; when it comes to code and programs, opening the source code is only the first and easiest step, and even there they fail to open the full code -- let's not think to hard about what could be so critical that it can't be shown in public (do they hardcode the cipher keys??).

And what happens after the code is published matters as much if not more: how it is built, how it is deployed and how it is administered are additional concerns that impact the software's lifecycle (of which are many fediverse friends well aware, what with all the rogue instances and all that).

Of course, never has the concept of transparently overseeing such system been whispered among, or dare we say, fathomed in the minds of, its ultimate masters.

4/X

Show thread

I don't know if "National Cybersecurity Agencies" or similar count as "external trusted and neutral authorities" when the risk involved with misusing the platform "results in [exposing] the social graphs of the users" in a situation where people are wary of govt overreach wrt surveillance.

There have been precedents with the anti-terror powers of the Police, temporarily granted in 2015 and permanently enshrined in law in 2017 against all that was promised -- powers that have been vastly more often used to silence and harass climate activists, social activists and independent journalists.

And it doesn't take a huge imagination to fathom what can be done with a system that can build a map, schedule and contact graph of anyone using the app, if the uptake is high, as is hoped by govt.

3/X

Show thread
Show more
Cybrespace

Cybrespace is an instance of Mastodon, a social network based on open web protocols and free, open-source software. It is decentralized like e-mail.