We're looking to map out all technical details for how #Android apps are #tracking people, if you have ideas or more info, please submit them to our issue tracker! https://gitlab.com/trackingthetrackers/wiki/issues #TrackingTheTrackers
So I have added an account alias on both of my #Mastodon accounts and nothing seems to have changed or became visible in my profile.
#Whamageddon ? I survived 🎉
I highly recommend this short story (When Alone Was Forgotten by Jeffrey Harrell) to anyone interested in privacy and speculative fiction: https://web.archive.org/web/20070824131557/http://fiction.theshapeofdays.com/2007/07/01/when-alone-was-forgotten/ It’s also sold as part of a short story collection titled “The Glacier With Her Name Carved In It”.
So, what do you folks think of our new official logo?
Credits go to our lovely garbageman @dawidpotocki for the design :)!
In my #gpg complaints, apparently `gpg --fetch-keys` is affected by `keyserver-options` as I get a different result with it and `curl -LO` and `gpg --import`.
The `curl`ed file includes signature from my trusted key, while with `--fetch-keys` requires me to verify the key being correct again without giving me the hint that it may be reliable due to being signed previously.
Remember the name Richard Barnes. Let him forever be known as the man who sold out the internet.
> Aren’t commits from creation to revokation still supposed to be valid?
There is a tiny issue with this — if you revoked your key because the private key has been compromised then the attacker can backdate any signature (see gpg --faked-system-time).
Of course if Github wanted they could provide better UI — for example remembering when then saw the signature first (if it’s before revocation time then it’s good). At the end of the day OpenPGP just lacks proper secure timestamping features and that makes all dates suspect.
GnuPG UI just issues a bunch of WARNINGs: https://www.reddit.com/r/GnuPG/comments/9qhbs0/subkey_expiry_and_issued_signatures_validity/e8ckzs0/
Aren't commits from creation to revokation still supposed to be valid? Commits from after the revokation should obviously be invalid.
I cannot have a public key without revokation certificate available there as it's possible to export it from the API and thus miss the fact that it's revoked.
#Gitea seems to handle this correctly.
There's a petition to Save the .org top level domain. Apparently, ICANN could still stop it from being sold.
I know, petitions rarely work, but I also know that _sometimes_ they do.
Please consider signing if you _run_ anything there, or if you _use_ or _care about_ anything that's on a .org domain. Also, boosting this to others who follow you, would be very much appreciated.
I am a Highly Sensitive Autistic Pirate with Linux experience from 2008. My pronoun.is/she