bbbhltz

C'est l'histoire d'une dame qui décide d'adopter un chat errant. Mais il ne s'agissait pas d'un chat, mais d'une chatte... enceinte.

SEVERAL MONTHS LATER [^1]

C'est l'histoire d'une dame qui a plus de 30 chats et chatons chez elle et comme vous pouvez imaginer, la situation n'est pas idéale.

Elle ne sait pas quoi faire ni qui appeler. Donc, elle ne fait rien.

Mais, une lueur d'espoir. La dame est en voyage et son fils est chez elle. Il veut trouver une solution.

Avez-vous des idées ?

Problèmes

• donner les chats : ça veut dire les pucer et l'argent n'est pas là
• donner les chats sans les pucer : on peut le dénoncer, ce qui me semble un peu normal
• refuges : il n'en a pas trouvé dans son coin qui accepte les chats
• la loi : apparemment, il y a une limite de 9 chats/chiens par personne et il faut identifier les chats avec les dates de naissance, etc.---choses que la dame n'a pas faites.

[^1]: je ne sais pas combien, on ne veut pas me dire...

Screenshot is a few days old, but nothing has changed on my desktop in months.

Just a boring LXQt w/Openbox installation on Alpine Linux. Only fun thing is that I did this without qt5ct or kvantum.

• pfetch
• cmus
• cava
• wallpaper made with ImageGoNord
• list of software I use

It is perhaps another sign of how bad things have become with Google's search results—full of algorithmically generated junk sites—that publications like CNET are driven to such extremes to stay above the sea of noise.

Archive.org / Archive.is

Archive link

Not a big fan of the title (asking question in the title isn't a great idea) but the conclusions give a good summary:

The Cyber Resilience Act (CRA) represents a significant step in Europe’s efforts to enhance cybersecurity. However, its potential implications for the open source software community have raised serious concerns. Critics argue that the legislation, in its current form, could impose undue burdens on open source contributors and inadvertently increase the risk of software vulnerabilities being exploited.

New insights from GitHub’s blog post highlight additional concerns. The CRA could potentially introduce a burdensome compliance regime and penalties for open source projects that accept donations, thereby undermining the sustainability of these projects. It could also regulate open source projects unless they have “a fully decentralised development model,” potentially discouraging companies from allowing their employees to contribute to open source projects. Furthermore, the CRA could disrupt coordinated vulnerability disclosure by requiring any software developer to report to ENISA all actively exploited vulnerabilities within a timeline measured in hours after discovering them.

The Fairphone 4 will be launching across the pond. It will sport the /e/OS "deGoogled" ROM.

The past few days, I've seen more and more users mentioning flashing their devices or changing ROMs because they may have fallen down the rabbit hole.

Here is a quick list of different custom ROMs for Android phones. I don't use any, so don't take anything written here as endorsement or suggestion.

Alternative/Custom ROMS

In no particular order, these ROMs usually change the UX/UI and maybe add some security enhancements.

• LineageOS – LineageOS Android Distribution: successor to CyanogenMod, a good place to start

• BlissRoms: Close to stock with "some" added privacy

• OmniROM: Android with custom enhancements

• ArrowOS: An AOSP project that is light and promises longer battery life

• Evolution X: Android 13 with the Pixel UI

• Paranoid Android: Android with custom enhancements

• PixelExperience: Another Android 13 with the Pixel UI

Privacy|Hardened ROMS

Security-wise, LineageOS is a start but (correct me if I am wrong) you need to unlock the bootloader, which is not great. These ROMs purport heightened privacy or "hardened" security.

• iodéOS: "deGoogled" LineageOS fork, uses lots of blacklists for ad- and tracker-blocking. Sells pre-installed devices.

• CalyxOS: Provides a fair amount of privacy. Limited device support. microG is optional. Uses F-Droid and Aurora Store.

• DivestOS: Soft fork of LineageOS. "Hardened" with things like the Mulch WebView, uses F-Droid repositories for updates. Comes loaded with a tracker blocker, Mull browser, removal of proprietary blobs to reduce attack surface. ROMs available for many devices.

• /e/OS: A "deGoogled" Android experience. Uses microG, no telemetry sent to Google, modified NTP and DNS servers, modified GPS service. Uses the "App Lounge" which combines the Aurora Store with F-Droid and PWAs. Has a tracker blocker. Requires you to have an @murena.io account for some functionalities.

• Replicant: Android distribution with an emphasis on freedom and privacy/security.

• GrapheneOS: Private, secure, hardened... has a long list of features. Updates are fast, exploitations are quickly mitigated, non-profit. Probably the most recommended, but Pixel-only.

Yesterday while browsing the front page of that other site I came across a video of a TikTok user who finds people based on short videos.

Their TikTok page can be viewed here: https://proxitok.privacy.com.de/@the_josemonkey

(and they also have a webpage https://josemonkey.wordpress.com/)

I find it amazing, geeky, fascinating, and creepy that a single person with a computer — not a government organisation — is able to do this.

It all reminds me of that Wired article from 2009 about the man who tried to go off grid and was eventually found by internet sleuths.

TL;DR doxxing has never been easier, don't say or share anything on the web that you wouldn't want printed on the front page of a newspaper.

An official FBI document dated January 2021, obtained by the American association "Property of People" through the Freedom of Information Act.

This document summarizes the possibilities for legal access to data from nine instant messaging services: iMessage, Line, Signal, Telegram, Threema, Viber, WeChat, WhatsApp and Wickr. For each software, different judicial methods are explored, such as subpoena, search warrant, active collection of communications metadata ("Pen Register") or connection data retention law ("18 USC§2703"). Here, in essence, is the information the FBI says it can retrieve:

• Apple iMessage: basic subscriber data; in the case of an iPhone user, investigators may be able to get their hands on message content if the user uses iCloud to synchronize iMessage messages or to back up data on their phone.

• Line: account data (image, username, e-mail address, phone number, Line ID, creation date, usage data, etc.); if the user has not activated end-to-end encryption, investigators can retrieve the texts of exchanges over a seven-day period, but not other data (audio, video, images, location).

• Signal: date and time of account creation and date of last connection.

• Telegram: IP address and phone number for investigations into confirmed terrorists, otherwise nothing.

• Threema: cryptographic fingerprint of phone number and e-mail address, push service tokens if used, public key, account creation date, last connection date.

• Viber: account data and IP address used to create the account; investigators can also access message history (date, time, source, destination).

• WeChat: basic data such as name, phone number, e-mail and IP address, but only for non-Chinese users.

• WhatsApp: the targeted person's basic data, address book and contacts who have the targeted person in their address book; it is possible to collect message metadata in real time ("Pen Register"); message content can be retrieved via iCloud backups.

• Wickr: Date and time of account creation, types of terminal on which the application is installed, date of last connection, number of messages exchanged, external identifiers associated with the account (e-mail addresses, telephone numbers), avatar image, data linked to adding or deleting.

TL;DR Signal is the messaging system that provides the least information to investigators.