The interesting thing about IT security is that it simultaneously requires you to both broaden and narrow your scope/thinking.
Broaden, because attackers are not constrained by organizational boundaries and fair play.
Narrow because there is no such thing as security without context: security against whom, under what assumptions and constraints? Threat modeling is just a way of systematically thinking about this.
technical details of the x0r.be outage
Ok, so DigitalOcean had an outage/migration event in the datacenter x0r.be is running in and after migration the server didn't come up.
It turned out to be a broken grub version and yesterday evening I was too tired to fix it. So I had to reinstall grub from a rescue environment and did that this morning and now we're back.
Literal nazis using Fedilab infrastructure* to organize: [ *crickets* ]
Servers starting to disallow the app because of the developer stance on letting nazis use their infrastructure: WE MUST IMMEDIATELY CHANGE THE CODE TO EVADE SERVER BANS
*yes an iOS/Android app is infrastructure as it’s in app stores and provides a much smoother way to access a platform. Developing such an app takes time and effort
The Fedilab developer just admitted to acting in bad faith by removing the user agent identification from their client.
I can understand a browser changing the user agent to something else for compatibility reasons, but for a client to deliberately remove identification to evade the wishes of the servers they connect to?
That’s not something well-behaved clients usually do...
Btw I’m so not here for bad-faith arguments. White supremacists love throwing any argument against the wall to get what they want, there is no consistency in their positions or any sincerely held beliefs about neutrality or freedom of speech or about echo chambers or intolerance.
Don’t fall for this. Don’t be a useful idiot and tolerate people who think taking a giant dump in your living room is normal. You don’t debate people like that.
hatespeech-friendly clients, blocking, x0r.be
Given the stance that Fedilab is taking, I will be blocking that client from being able to access x0r.be in the future. If you're using that client, now is the time to switch to a multitude of capable ones.
There should be a cost for Fedilab for enabling hate speech.