@neil Not really sure.
On one hand there are websites dedicated to displaying the regex'd URLs that have been submitted by users. A visitor would be presented with a whole bunch of images that have been hotlinked from elsewhere.
Then there are websites where everything is done clientside via JS so a visitor would need to know of / construct a regex yourself but your browser does all the work.
Then there's e.g. if you wrote this code on your desktop and loaded it locally;
<!DOCTYPE HTML>
<head></head>
<body>
<img src="https://networksaremadeofstring.com/ico.jpg"/>
</body>
@neil what if it's a https://en.wikipedia.org/wiki/Fusker where "you" neither host nor publish the content?
(TL;DR: users submit regexes for hotlinking images which are then rendered on "your" website)
privacy is another good reason for paying with cash. What's the point of using encrypted comms or ad blockers or taking other privacy-preserving measures and then buying everything with a payment card? Payment cards allow data brokers to track every purchase you make, every business you visit and when. When you split a check with someone else, it lets them know who your friends and coworkers are. The amount of privacy lost using payment cards is astounding.
@neil €5.75/mo (payable annually) to get a VM in Amsterdam running OpenBSD and €10 of that goes to the OpenBSD foundation; https://openbsd.amsterdam/
Their setup is publicly documented allowing you to replicate on your own metal if you so wished; https://openbsd.amsterdam/setup.html
New from Brass Horn Communications; https://over18.uk - the worlds first Privacy Focused Age Verification system that relies on the passage of time.
No need for AI inspected selfies, no uploading passport scans or bills, no phrenology. Just plain simple time and patience.
- Register
- Wait 18 years
- Verified!
What makes it privacy focused?
Site operators download a list of hashed account IDs on a regular basis and perform the matching locally on their server - no communication with the over18.uk servers is needed. No HTTP referrers, no API keys, no signing in, nothing.
We'll never know what websites you visited, what websites checked your account ID, hell, we won't even know what websites use the service.
So... 18 year old bearer tokens?
Yes, we've learnt nothing about the problems with JWTs
What if you lose your bearer token?
Signup for a new one and wait 18 years again!
What's stopping someone sharing their bearer token?
People do that? We'll put something in the T&Cs
@neil Ah, I was offline yesterday and only just catching up. Apologies.
@neil I may have mentioned this before but mwl@io.mwl.io has recently written https://www.tiltedwindmillpress.com/product/ryoms-ebook/ and will likely have useful feedback (and a possibly wider audience for said question ;) )
@bloor oh, those look nice! Semi-regretting having just (~1 week ago) ordering a racks worth of Pylontechs :/
@bloor what batteries are you thinking of going with?
A very quick perusal of https://en.wikipedia.org/wiki/ActivityPub found https://libervia.org/ which claims;
Libervia is a all-in-one tool to manage all your communications needs: instant messaging, (micro)blogging, file sharing, photo albums, events, forums, tasks, etc.
@neil well back in the day you'd have "tweeted" a link to your blog post for folks who didn't have your RSS feed.
It's not too different now.
AIUI what 'should' happen is that all of these various 'objects' (https://www.w3.org/TR/activitypub/#obj) are represented in your ActivityPub software of choice.
So you could opt to 'toot' a microblog, or write a 'long form article' or advertise a thing for sale, or publish a photo, or a video, or a video short etc etc.
@neil Are you talking about auth (e.g. using https://www.keycloak.org/ and Oauth for 'single sign on') or are you talking about a sort of "hub" that is distinct from the act of logging into an account?
Introduction to GrapheneOS
In this blog post, you will learn about the security oriented smartphone operating system GrapheneOS
https://dataswamp.org/~solene/2025-01-12-intro-to-grapheneos.html
gemini://perso.pw/blog/articles/intro-to-grapheneos.gmi
#android #security #privacy
@solene
@neil "interesting times" ahead.
@neil well quite.
So forgive me but if a 'service' was configured such that 'users' cannot view content uploaded by other 'users' if they are logged in but any (unauthenticated) 'visitors' can view all the content then the 'service' is out-of-scope?
Even if the uploads were pornographic or s.61/s.62?
@neil I'm surprised by this.
How does the act handle a child visiting a single-user Mastodon instance filled with s.61 / s.62 content?