https://youtu.be/EuUyROUN-Bg?si=YboaUH-iSE_8mPTo&t=573

Alt...

Cartel del certamen

Comprar LA ATALAYA RECORTADA CONTRA EL CIELO (editorial Libros del Futuro)

Sinopsis:

Bran tuvo una adolescencia complicada, y su vida adulta no es mejor. Una sucesión de pérdidas familiares, una gran cicatriz en la cara y sus circunstancias personales han forjado en ella una personalidad esquiva.

Y como si fuera una maldición añadida, la protagonista hereda y debe hacerse cargo de una casa familiar, epicentro de buena parte de las desgracias que se abatieron sobre sus seres queridos.

Una visita a la enmohecida y arruinada vivienda, ubicada en un pequeño pueblo madrileño, sumergirá a Bran en una travesía angustiante por túneles oscuros, estancias claustrofóbicas y seres terroríficos.

Alt...

Portada de LA ATALAYA RECORTADA CONTRA EL CIELO

#foxesInLove #comic

Source: https://foxes-in-love.tumblr.com/post/778904096243662848
Copyright: https://foxesinlove.net

Alt...

A comic of two foxes, one of whom is blue, the other is green. In this one, Blue is hanging from a ceiling lamp, as Green sits below, looking up at him. Green: Alright, get down from there and let me see. Blue: No. Green: Just let me have a look and see if I can help. Blue: I will not. Green frowns in frustration. Green: You know, when you let people help you, you're doing them a favour as well. Blue closes his eyes, with a self-satisfied expression on his face. Blue: Well, you know me. Never been a people-pleaser.

I don’t know who needs to hear this, but “I was only following orders” was rejected as a defense at the Nuremberg Trials.

CC: @stefano@bsd.cafe @justine@snac.smithies.me.uk

CC: @ParadeGrotesque@mastodon.sdf.org

Hi, I'm Nicole! But you can call me the Fediverse Chick :D

Alt...

Nicole, but you're in a hotel, and it's in the dead of winter.

Cat's Guide to a Successful Day

Alt...

9-Panel Comic by War and Peas Panel 1: Title card with a wide-eyed black cat and the words “Cat’s Guide to a Successful Day.” Panel 2: "Rise Early" - The cat wakes its owner by sitting on their head as the sun rises. Panel 3: "Get Some Exercise" - The cat enthusiastically climbs a curtain, shredding it in the process. Panel 4: "Take a Break" - The cat relaxes on the owner's lap while they read a book. Panel 5: "Eat Healthy" - The cat bites a houseplant, looking guilty but determined. Panel 6: "Voice Constructive Criticism" - The cat meows aggressively at its owner, who is trying to work at the computer. Panel 7: "Smash the Patriarchy" - The cat scratches the side of a green armchair, staring defiantly. Panel 8: "Make New Allies" - The cat shakes paws with a small mouse, both looking pleased. Panel 9: "Unwind with Loved Ones" - The cat cuddles with the owner, all looking content.

CC: @pebo@digitalcourage.social @simondassow@masto.ai @NebulaTide@bsd.cafe @ricardo@bsd.cafe

We're looking forward to watching your talk if it's published.

Recordad, compañeros de armas: si una "editorial" te pide dinero por publicar tu libro, no es una editorial, es UNA ESTAFA.

@liaizon in the novel The City And The City, written by China Mieville, there are two cities divided by a zone that’s not exactly one city, and not exactly the other. The cities have different languages, different political leanings, different cultures. The nod to Berlin is very much implied.

Your photo, with the screen showing what looks like two designs competing to display the same information, looks like it could be from two same (but different) cities.

Y aprovechando que esto salió hace poco y que me encanta esta editorial no podéis dejar pasar esta súper oferta que tienen en ebook. Ojo que hay más de 80 ebooks por menos de 30€ a día de hoy. ( Y juro que Cerbero no me paga nada, es sólo devoción como lectora!)
https://lektu.com/l/editorial-cerbero/bundle-ignotus-2023-obras-ignotables/21326?af=kyr

Pero siempre se pierden porque existe gente que abandona cuentas y se quedan como que te siguen

CC: @jesusmargar@mastodon.social @Shine_McShine@paquita.masto.host @VaryIngweion@neopaquita.es

El hombre que posee un cabello abundante o, como mínimo, peculiar, ya tiene media polla dentro del poder

¿Habrá soporte para libros de pago en el futuro?

Integrar un sistema de pagos no está en los planes a corto plazo ni es el objetivo principal de esta plataforma.

Waybackify-WP.

I've finally cleaned up and posted something I've been using for a few years: wayback-wp.php is a script that you run from cron to replace any old links in your blog posts and comments with contemporaneous Wayback Machine URLs. I do this on all of my posts older than 5 years...
https://jwz.org/b/ykkS

Alt...

Screenshot

Bluesky To Sell Your Content To AI Data Miners

So it begins. Hidden in the Jay Graber's recent charm offensive is this innocuously framed initiative: Bluesky is weighing a proposal that gives users consent over how their data is used for AI (https://techcrunch.com/2025/03/10/bluesky-is-weighing-a-proposal-that-gives-users-consent-over-how-their-data-is-used-for-ai/)

Not so fast.

1) Shows they are planning on doing content deals with AI companies.
2) Seems like it is Opt-out vs. Opt-in (see below).
3) It is just a voluntary robots.txt file

h/t @Lydie https://tech.lgbt/@Lydie/114149023344861046

more...

#Bluesky

One of the things I've been advocating for years - and where I want to raise my voice even louder - is the importance of owning your data. #OwnYourData

Over the past few days, I’ve come across two examples of how misinformation is causing immense damage, leading people to believe that there's no alternative but to hand over their data to big corporations, putting themselves entirely in their hands.

- A well-known lawyer, just before a meeting, warned about using Teams and its new "virtual assistant," which joins conferences before anyone else and transcribes everything. When I pointed out that it would be wise to use alternative tools (like Jitsi, for example, but there are others), he abruptly ended the conversation, saying, "We've lost this war. There's no alternative anymore."
That wasn’t the right moment for a detailed discussion, so I just noted that alternatives do exist - but if no one starts using them, and if we passively accept certain behaviors from certain companies, things will never improve for us.

- Just now, I received another one of those emails that hurt more in the heart than in the wallet: "Our e-commerce is taking off, so we’re moving it to Shopify to better manage our growth."
I replied, trying to explain that handing over a growing e-commerce business to a third-party company (right now, they have full access to their own server - meaning all their databases, data, etc., are under their control) means losing ownership of it. Prices could change at any moment, contract terms could shift negatively, and, worst case scenario, if Shopify itself faced issues (which seems impossible today, but think of giants like Kodak), they could lose everything. Of course, they’ll do what they think is best, but I feel obligated to warn them.

Luckily, others are making the opposite choice. But I keep wondering: since these big platforms aren’t exactly cheap, rather than "selling themselves" to them just for (potentially) fewer headaches, wouldn’t it be worth paying someone (not me, of course, but someone working exclusively for them) to handle these things - ensuring they retain full ownership of their business and their data?

#DataOwnership #Decentralization #BigTech #DataRights #MyDataMyChoice #TakeBackControl

Buenos días! ☀️ Comienzan a llegar los primeros ejemplares, y yo ni siquiera lo he visto todavía! 😍 Hoy termina la preventa!

Alt...

No soy yo, libro y marcapáginas

No me parece un proyecto trivial de poner en marcha, pero por aquí hay gente muy válida y estoy seguro de que conseguiréis el talento necesario.

En el buzón de sugerencias mando la idea de que estaría genial que federara via ActivityPub, pero eso ya lo sabes 😉

Mucha suerte.

@angel Todo preparado para leerlo

GRACIAS Y DESGRACIAS DEL OJO DEL CULO por D. FRANCISCO DE QUEVEDO Y VILLEGAS

Regresa la Feria del Libro Antiguo y de Ocasión a #Malaga en la Alameda Principal, el paraíso de los clásicos y los facsimiles. Estará hasta el 16 de marzo.

Alt...

Casetas de la feria

Alt...

Selección de libros

Alt...

Libros de esgrima

Alt...

Facsímiles variados

CC: @exemplaire_editions@mastodon.social

Solo hasta el 12 de marzo. ¡Se agradece un impulso! 🥰

➼ https://www.letrareditorial.es/producto/no-soy-yo-2081/

#nosoyyo2081

Alt...

Preventa "No soy yo -2081-". una novela de ciencia ficción distópica (cyberpunk) Preventa activa del 6 al 12 de marzo. Tiene un 10% de descuento en web con el código "PREVENTA". Las 5 primeras copias se llevarán un llavero futurista. Enlace de compra: https://www.letrareditorial.es/producto/no-soy-yo-2081/

Bueno pues una editorial y muchos sellos a la que no dar mis dineuros ni mi apoyo.

DENUNCIAMOS que Grupo Planeta está implementando IA generativa en el sector editorial – Arte es Ética
https://arteesetica.org/denunciamos-grupo-planeta-implementa-ia-generativa/

Edit: aquí la lista de todos sus sellos
https://www.planetadelibros.com/editoriales

#literaverso #libros #boycot #boicot

Del autor de "Yo no soy Pavel" llega por sorpresa este otro librazo. Material de primera.

If your criticism of "big tech" is merely a result of the unhappiness about the fact that Meta, Google and Microsoft aren't EU-corporations you are missing the point.

There is nothing that indicates that SAP or Deutsche Telekom would hesitate a second at the chance of becoming the equally violent and exploitive forces.

The solution to Big Tech isn't EU Big Tech. It's de-commercialisation and democratization of tech.

Incluye enlaces a Internet Archive con los contenidos de los libros. De niño para mí eran mágicos, podía pasarme horas leyendo y mirando y soñando sus páginas.

Es una lástima, porque era un sitio muy necesario y deja un hueco importante.

https://talesoftimesforgotten.com/

She's an specialist in Ancient Greek culture, but the posts cover many other old history topics.

@tedu, using the old trick of “This is why Linux sucks!”, I see. Well, it's working!

If you use bash,

```bash
export EXECIGNORE='*/sqf*'
```

Did you know? By replacing your coffee with green tea, you can lose up to 92% of what little joy you still have left in your life.

USA's #Maxar isn't just cutting off classified satellite imagery to #Ukraine, but commercial unclassified services. How long until Starlink follows?

I'm not sure if the White House has thought thru the signal this is sending the world:

If you use American tech, cloud or telecoms, it can be turned off on a whim *while you're being invaded & bombed* to strongarm your country to sign a deal you don't want.

Imagine how many govts are currently frantically trying to migrate away from US services.

Alt...

Oliver Alexander - @oalexanderdk.bsky.social - Maxar has cut off satellite imagery access to Ukraine, undoubtedly due to pressure from the U.S. government. This means that not just classified, but commercially available unclassified intelligence products are being cut off. I now fully expect Starlink to be next. 7 March 2025 at 07:56

Comprar LA ATALAYA RECORTADA CONTRA EL CIELO (editorial Libros del Futuro)

Sinopsis:

Bran tuvo una adolescencia complicada, y su vida adulta no es mejor. Una sucesión de pérdidas familiares, una gran cicatriz en la cara y sus circunstancias personales han forjado en ella una personalidad esquiva.

Y como si fuera una maldición añadida, la protagonista hereda y debe hacerse cargo de una casa familiar, epicentro de buena parte de las desgracias que se abatieron sobre sus seres queridos.

Una visita a la enmohecida y arruinada vivienda, ubicada en un pequeño pueblo madrileño, sumergirá a Bran en una travesía angustiante por túneles oscuros, estancias claustrofóbicas y seres terroríficos.

Alt...

Portada de LA ATALAYA RECORTADA CONTRA EL CIELO

"Abolish the Canadian laws that protect US Big Tech companies from Canadian competition. Make it legal to reverse-engineer, jailbreak and modify American technology products and services. Don't ask Facebook to pay a link tax to Canadian newspapers, make it legal to jailbreak all of Meta's apps and block all the ads in them, so Mark Zuckerberg doesn't make a dime off of us."

https://pluralistic.net/2025/02/26/ursula-franklin/#

#tariffs #IP #CdnPoli

CC: @stefano@bsd.cafe @credativde@mastodon.social

#DanteAlighieri #DivinaComedia

FediMeteo: How a Tiny €4 FreeBSD VPS Became a Global Weather Service for Thousands

https://it-notes.dragas.net/2025/02/26/fedimeteo-how-a-tiny-freebsd-vps-became-a-global-weather-service-for-thousands/

#Fediverse #FreeBSD #RunBSD #Hosting #ITNotes #Networking #NoteHUB #Server #Snac #Snac2 #Social #Web

Rogatons Rediffusions - 31/01/2023 - "Aux Petits Soins"

Source: https://www.bouletcorp.com/rogatons/2023/01/31

(Ce strip est en fait beaucoup plus tardif, mais ayant le même nom de fichier que la note précédente, il s'est glissé à sa suite par erreur.)

Alt...

Case 1: Natalie et Boulet sont au lit. Boulet est en train de lire, tandis que Natalie est en train de regarder son planning sur son téléphone. Natalie: "Urgh. Je dois encore me lever à 7h demain matin !" Boulet: "Je peux me lever et préparer le petit déj, comme ça tu dors plus longtemps !" Case 2: Natalie a posé son téléphone et ferme les yeux, la tête sur l'oreiller, tandis que Boulet continue à lire. Natalie: "Non, tu plaisantes ? Tu n'as pas besoin de te lever, toi ! Tu peux te reposer ! Boulet: "Haha ! Tu verras ! Demain tu seras réveillée par la douce odeur de ton café sur la table de nuit !

Alt...

Case 3: Boulet en gros plan, profondément endormi sur son oreiller. On entend l'alarme du téléphone de Natalie qui fait "Beep-beep-clic" Boulet (dans son sommeil): "Ah ! Voilà le réveil ! Il s'est coupé tout de suite, elle n'a pas dû l'entendre !" Case 4: Boulet dort profondément. On voit Natalie quitter le lit de dos. Au dessus de la scène, on voit le rêve de Boulet, qui se voit discrètement quitter le lit. Boulet (dans son rêve): "Il faut juste que je fasse attention à ne pas la réveiller en me levant ! Doucement... Voilà !"

Alt...

Case 5: On voit Boulet qui dort toujours tandis que les mains de Natalie lui remontent délicatement les couvertures sur les épaules. Dans son rêve, il flotte au dessus du sol Boulet (dans le rêve): "Je sais ! Pour ne pas faire de bruit, je vais flotter jusqu'à la cuisine !" Case 6: Boulet dort toujours profondément. On voit des petites lignes de vapeurs lui caresser le visage. Dans son rêve, il respire une bonne tasse de café. Boulet (dans le rêve): "Mmh! La bonne odeur du café ! Plus qu'à lui apporter ça au lit pour la réveiller en douceur !"

Alt...

Boulet en train de dormir. Sur la table de nuit, Natalie a posé une tasse de café. Il semble sourire dans son sommeil Boulet (dans son rêve): "Hi hi hi ! J'ai hâte de voir sa tête quand elle va se réveiller ♥"

Why are QR Codes with capital letters smaller than QR codes with lower-case letters?

https://shkspr.mobi/blog/2025/02/why-are-qr-codes-with-capital-letters-smaller-than-qr-codes-with-lower-case-letters/

Take a look at these two QR codes. Scan them if you like, I promise there's nothing dodgy in them.

Left is upper-case HTTPS://EDENT.TEL/ and right is lower-case https://edent.tel/

You can clearly see that the one on the left is a "smaller" QR as it has fewer bits of data in it. Both go to the same URl, the only difference is the casing.

What's going on?

Your first thought might be that there's a different level of error-correction. QR codes can have increasing levels of redundancy in order to make sure they can be scanned when damaged. But, in this case, they both have Low error correction.

The smaller code is "Type 1" - it is 21px * 21px. The larger is "Type 2" with 25px * 25px.

The official specification describes the versions in more details. The smaller code should be able to hold 25 alphanumeric character. But https://edent.tel/ is only 18 characters long. So why is it bumped into a larger code?

Using a decoder like ZXING it is possible to see the raw bytes of each code.

UPPER

20 93 1a a6 54 63 dd 28   
35 1b 50 e9 3b dc 00 ec
11 ec 11

lower:

41 26 87 47 47 07 33 a2   
f2 f6 56 46 56 e7 42 e7
46 56 c2 f0 ec 11 ec 11   
ec 11 ec 11 ec 11 ec 11
ec 11

You might have noticed that they both end with the same sequence: ec 11 Those are "padding bytes" because the data needs to completely fill the QR code. But - hang on! - not only does the UPPER one safely contain the text, it also has some spare padding?

The answer lies in the first couple of bytes.

Once the raw bytes have been read, a QR scanner needs to know exactly what sort of code it is dealing with. The first four bits tell it the mode. Let's convert the hex to binary and then split after the first four bits:

Type

HEX

BIN

Split

UPPER

20 93

00100000 10010011

0010 000010010011

lower

41 26

01000001 00100110

0100 000100100110

The UPPER code is 0010 which indicates it is Alphanumeric - the standard says the next 9 bits show the length of data.

The lower code is 0100 which indicates it is Byte mode - the standard says the next 8 bits show the length of data.

Type

HEX

BIN

Split

UPPER

20 93

00100000 10010011

0010 0000 10010

lower

41 26

01000001 00100110

0100 000 10010

Look at that! They both have a length of 10010 which, converted to binary, is 18 - the exact length of the text.

Alphanumeric users 11 bits for every two characters, Byte mode uses (you guessed it!) 8 bits per single character.

But why is the lower-case code pushed into Byte mode? Isn't it using letters and number?

Well, yes. But in order to store data efficiently, Alphanumeric mode only has a limited subset of characters available. Upper-case letters, and a handful of punctuation symbols: space $ % * + - . / :

Luckily, that's enough for a protocol, domain, and path. Sadly, no GET parameters.

So, there you have it. If you want the smallest possible physical size for a QR code which contains a URl, make sure the text is all in capital letters.

#qr #QRCodes

CC: @reginasbread@homo.promo

At the time it's an unfair comparison as my old instance is two years old and its discovery is way wider, dozens of instances chime in every minute. I have subscribed to relays with snac2 and so far it fares very well.

If you use "AI" generated illustrations on your blog, I immediately suspect you also use "AI" like ChatGPT or DeepSeek to write your blog entries and I will close the browser tab. Ain't nobody got time for slop :)

CC: @rl_dane@polymaths.social

Asteroid name: 2024 YR4
Probability: 3.07%
Impact date: 2032-12-22.59

Asteroid name: 2010 RF12
Probability: 10.24%
Impact date: 2095-09-05.99

Asteroid name: 2017 WT28
Probability: 1.10%
Impact date: 2104-11-24.69

Source: NASA/JPL Sentry Data API

University professor, circa 2010 : You can’t trust Wikipedia. You cannot use it for your essay.

University professor, circa 2025 : Here are powerpoint sildes on how to use ChatGPT to do your essay.

Personal conclusion: the only problem with Wikipedia was that it was not corporately owned and that it had no marketing budget.

Asteroid name: 2024 YR4
Probability: 2.21%
Impact date: 2032-12-22.59

Asteroid name: 2017 WT28
Probability: 1.10%
Impact date: 2104-11-24.69

Asteroid name: 2010 RF12
Probability: 10.24%
Impact date: 2095-09-05.99

Source: NASA/JPL Sentry Data API

«Troquelar es crear el vínculo entre el mastín y el rebaño».

all of David Lynch's feature length works are now available at the internet archive

https://archive.org/details/filmography-david-lynch/

i'm especially noticing that the unsold pilot for the TV series version of Mulholland Drive is in that batch. 👀

It gives a daily report of those asteroids with a reasonable probability of crashing into Earth, in case you are not already afraid enough of the future. Of course, using #snac, what else.

It takes its data from a very cool NASA site, so (again) in these days of uncertanty, I'm not sure how long will it work.

Everyone, take care, and have a great week.

Asteroid name: 2024 YR4
Probability: 2.21%
Impact date: 2032-12-22.59

Asteroid name: 2017 WT28
Probability: 1.10%
Impact date: 2104-11-24.69

Asteroid name: 2010 RF12
Probability: 10.24%
Impact date: 2095-09-05.99

Source: NASA/JPL Sentry Data API

In the span of just weeks, the US government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. And the implications for national security are profound.

The person who signed me up for all these parent-teacher conferences is not the same person who has to go to them today. PAST ME IS ALWAYS FUCKING UP SHIT FOR FUTURE ME

Asteroid name: 2024 YR4
Probability: 2.21%
Impact date: 2032-12-22.59

Asteroid name: 2017 WT28
Probability: 1.10%
Impact date: 2104-11-24.69

Asteroid name: 2010 RF12
Probability: 10.24%
Impact date: 2095-09-05.99

Source: NASA/JPL Sentry Data API

Codeberg - We stay strong against hate and hatred

https://blog.codeberg.org/we-stay-strong-against-hate-and-hatred.html

Discussions: https://discu.eu/q/https://blog.codeberg.org/we-stay-strong-against-hate-and-hatred.html

#linux #opensource #unix

Everyone, have a great Friday!

#DanteAlighieri #DivinaComedia

All the bad things have won the war.

CC: @nuintari@bsd.cafe

Being an open source software developer is like:

[Writes a new feature]
“Omg you never fix bugs! Clearly not a serious project.”

[Fixes bugs]
“Omg dead project. No new features boring”

[Tries to raise funds]
“Wow greedy! If you wanted to make money get a job”

And you just do this forever because there’s probably something wrong with you

difficult questions

Enjoy this Wednesday, Stefano, everyone!

Seguire il meteo direttamente sul proprio account del Fediverso

FediMeteo è un interessante progetto che permette di seguire il meteo di diverse città sul proprio profilo federato (come Mastodon).

https://www.lealternative.net/2025/02/12/seguire-il-meteo-direttamente-sul-proprio-account-del-fediverso/

Alt...

Seguire il meteo direttamente sul proprio account del Fediverso

#foxesInLove #comic

Source: https://foxes-in-love.tumblr.com/post/775097401542426624
Copyright: https://foxesinlove.net

Alt...

A comic of two foxes, one of whom is blue, the other is green. In this one, two cars are passing, a brown and a red car. The red comes to a screeching halt, braking hard to avoid hitting the brown one. Green, inside the brown car: Watch out!! Inside the brown car, Blue is driving, angry, as Green sits on the passenger seat, startled. Green: That other car almost hit us! Blue: They should be more careful. We had the right of way. Now Green also frowns. Green: They don't write it on your tombstone that you were right in the crash, you know. Blue: They should. Green: "Here lies Blue fox, who was righteous in traffic." Blue: Sounds excellent.

CC: @jana@social.jsteuernagel.de

CC: @EricAlper@mastodon.social

CC: @jwz@mastodon.social

Ok, so i've been reading the wikipedia entry on nazi economy for... obvious reason: https://en.wikipedia.org/wiki/Economy_of_Nazi_Germany

It's quite fascinating, actually. I got three main takes out of it:

(1) The so-called "nazi economic miracle" of 1933-1939 was a complete fabrication. It was a ponzi scheme. They were fudging the numbers, hard. And even the looting of jewish properties, the slave labor, the looting of conquered land, they couldn't make it.

By September 1939, they *had* to be at war with Britain and France because their bonds were coming due and they had no money to pay them back.

Or in other words, don't invest in fascist shit. They lie all the time, why do you think they'd stop lying in their economic reports?

(2) So, 1933 was pretty much the bottom of the barrel of the Great Depression, right? Working condition in 1933 must have been terrible, but thing would be going better (well for the white non-jewish, non-queer males, anyway), right?

Wrong. The average salary of the workers went *down* 25% from 1933 to 1939, mostly due to the elimination of unions. That so-called "miracle" never reached down to the actual people.

Or in short, you think things are bad? They'll get a lot worse.

(3) We can't blame the factory owners at the time, they had to follow orders, right? It was obey or be shot, right?

Turns out that wasn't the case. The nazis didn't put pressure on factory owners because they didn't have to. The great capitalists were quite happy with the new regime, and almost to a T they supported what they did. They didn't even flinch when slave labor was introduced, heck most of them complained that they didn't get enough of them slaves!

Or in other words, eat the rich, because they sure have no qualms about eating you.

So, this is a wikipedia reading, don't quote me on this stuff. But it's worth doing your own reading i think, given where we're headed.

#RepublicansAreNazis #FuckNazis #MakeTheWorldABetterPlacePunchANaziInTheFace #FuckTrump

https://it-notes.dragas.net/2025/02/08/caching-snac-proxied-media-with-nginx/

#Data #Fediverse #Hosting #ITNotes #Networking #Nginx #NoteHUB #Ownyourdata #Server #Snac #Snac2 #Social #Tipsandtricks #Tutorial #Web

CC: @quux@mastodon.social

Thank you very much for sharing.

I have long loathed Oracle, mostly for their draconian licensing practices and litigious proclivities. However, occasionally I get tempted by their "hey, we offer a free tier for VPS instances" and think, maybe just maybe it could be fun.

But then I read a thread like this one¹ from @ErikUden and it's a bucket of ice-water to the face, steeling my resolve. No. Never Oracle. Not ever, no matter how tempting "free" may seem.

⸻
¹ https://mastodon.de/@ErikUden/113930010311998246

A few days ago, a client of mine asked me to install an open-source software (which I won’t name for now). The software has only one official installation method: Docker. This is because, as they themselves admit, it has a huge number of dependencies - some quite outdated - that need to be carefully managed and forced into place; otherwise, nothing works.

I tried replicating the same setup on FreeBSD but didn’t succeed, as some dependencies either aren’t compatible or simply refuse to run. I could try finding workarounds, but I can already picture the chaos every time an update is needed.

So, I decided to build it via Docker to get a better sense of what we’re dealing with. The sheer number of dependencies that Node pulls in is impressive, but even more staggering is the number of warnings and errors it spits out: deprecated and unsupported packages, security vulnerabilities, generic warnings- you name it, and there’s plenty of it.

Since my client needs to launch this service but is subject to audits, they want to be fully compliant and ensure security. Given their substantial budget, they offered financial support to the developers (a company, not just a group of hobbyists) to help improve the project either by making it FreeBSD - compatible or, at the very least, by reducing dependencies with critical vulnerabilities. The client was willing to pay a significant sum, and since the improvements would be open-source, everyone would benefit.

The response from the team? A flat-out refusal. They claimed they couldn’t accept any amount of money because many of these dependencies are "necessary and irreplaceable, as parts of the code relying on them were written by people who no longer work on the project, and we can’t rewrite the core of the software.” Then came the part that really got under my skin: they stated they would rather deal directly “with my client, not with me, because in the end, my concerns are just useless and irrational paranoia.”

Translation? Just pay, and you’ll pass compliance checks - never mind the fact that underneath, it’s a tangled mess of outdated and insecure components. And don’t make a fuss about it.

While I can understand some of the challenges the team faces, I might have accepted this response if it had come from a group of volunteers or hobbyists. But if you’re a company whose sole business revolves around a single software product (with no real competition at the moment), this approach is not just short-sighted - it’s outright dangerous for your users’ security and for your own survival as a business.

The result? They lost a paying client who was ready to invest a significant budget into their software. That budget will now go elsewhere. My client is considering hiring developers to build a similar project with better security (they have both the time and the money for it). I’ll do my best to convince them to release it as open-source - at which point, a new “competitor” will emerge in the market.

#IT #SysAdmin #OSS #Security #Infosec

The Debian Publicity Team will no longer post on X/Twitter. We took this decision since we feel X doesn't reflect Debian shared values as stated in our social contract, code of conduct and diversity statement. X evolved into a place where people we care about don't feel safe. You are very much invited to follow us on https://bits.debian.org , on https://micronews.debian.org/ , or any media as listed on https://wiki.debian.org/Teams/Publicity/otherSN #debian

"OpenAI shocked that an AI company would train on someone else's data without permission or compensation."

https://www.404media.co/openai-furious-deepseek-might-have-stolen-all-the-data-openai-stole-from-us/