↳
In-reply-to
»
There is a bug in
⤋ Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net I believe you are not seeing the problem I am describing.
Hit this URL in your web browser:
https://twtxt.net/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
That’s your pod. I assume you don’t have a user named lovetocode999 on your pod. Yet that URL returns HTTP status 200, and generates HTML, complete with a link to https://socialmphl.com/story19510368/doujin, which is not a twtxt feed (that’s where the twtxt.txt link goes if you click it). That link could be to anything, including porn, criminal stuff, etc, and it will appear to be coming from your twtxt.net domain.
What I am saying is that this is a bug. If there is no user lovetocode999 on the pod, hitting this URL should not return HTTP 200 status, and it should definitely not be generating valid HTML with links in it.
Edit: Oops, I misunderstood the purpose of this /external endpoint. Still, since the uri is not a yarn pod, let alone one with a user named lovetocode999 on it, I stand by the belief that URLs like this should be be generating valid HTML with links to unknown sites. Shouldn’t it be possible to construct a valid target URL from the nick and uri instead of using the pod’s /external endpoint?
↳
In-reply-to
»
There is a bug in
⤋ Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net sounds fair. Let’s see how it works for @abucci@anthony.buc.ci. Speedy fix, that’s awesome! :-)
There is a bug in yarnd that’s been around for awhile and is still present in the current version I’m running that lets a person hit a constructed URL like
YOUR_POD/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
and see a legitimate-looking page on YOUR_POD, with an HTTP code 200 (success). From that fake page you can even follow an external feed. Try it yourself, replacing “YOUR_POD” with the URL of any yarnd pod you know. Try following the feed.
I think URLs like this should return errors. They should not render HTML, nor produce legitimate-looking pages. This mechanism is ripe for DDoS attacks. My pod gets roughly 70,000 hits per day to URLs like this. Many are porn or other types of content I do not want. At this point, if it’s not fixed soon I am going to have to shut down my pod. @prologic@twtxt.net please have a look.
Return of beloved local iceblock soured by fact it’s now made overseas
A fruit iceblock once made in the Victorian town of Mildura from local oranges is back on shelves, but the manufacturer’s decision to make the product in Argentina has left devotees of the sweet treat feeling “let down”. ⌘ Read more
@xuu@txt.sour.is I hope everything is sorted out with your ISP. Please let me know if there’s anything I can do to help. I sincerely did not mean to cause you any trouble.
JMP: Newsletter: Calls from SIP; Potential New SIM Plan
Hi everyone!
Welcome to the latest edition of your pseudo-monthly JMP update!
In case it’s been a while since you checked out JMP, here’s a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone numbers, one app; Free as … ⌘ Read more
Erlang Solutions: The Strategic Advantage of Outsourcing with Erlang and Elixir
We’re in the midst of some rapid technological changes (AI, IoT, machine learning etc) and businesses are facing new obstacles. There is now a demand to balance company time and budgets amid all day-to-day responsibilities. Because of this, outsourcing services have become a strategic move for many.
Let’s look into how Erlang and Elixir programming languages help with business outsourcing … ⌘ Read more
Erlang Solutions: Let Your Database Update You with EctoWatch
Elixir allows application developers to create very parallel and very complex systems. Tools like Phoenix PubSub and LiveView thrive on this property of the language, making it very easy to develop functionality that requires continuous updates to users and clients.
But one thing that has often frustrated me is how to cleanly design an application to respond to database record updates.
A typical pattern that I’ve used is t … ⌘ Read more
Fiverizer: convert a website from XHTML 1.0 to HTML5
If you have one or more websites written in XHTML 1.0,
this program (which may be
downloaded and used free of charge) lets you convert them to HTML5 without having to muck around
with rewriting HTML and adding CSS. ⌘ Read more
Fiverizer: convert a website from XHTML 1.0 to HTML5
If you have one or more websites written in XHTML 1.0,
this program (which may be
downloaded and used free of charge) lets you convert them to HTML5 without having to muck around
with rewriting HTML and adding CSS. ⌘ Read more
** The story of life **
Or at least the story of life as I implemented it in swift recently as a little learning project because I haven’t written any swift since walking away from mobile dev a few years ago (no regrets)!
First there was the universe! Well, first there was some requisite boilerplate, but then there was the universe! A 2 dimensional grid, an array of 10 columns and 10 rows.
”`hljs swift
import Foundation
let rows: IntRead more”`
Erlang Solutions: Exploring Key Trends in Digital Payments
Digital payments are essential to the global economy and have seen rapid and significant changes in recent years.
Let’s take a look at the key trends of this change and some of the emerging digital trends are broadening the payments ecosystem. We’ll look at how payments work and the broader payments ecosystem.
The look into the digital payments landscapeEvolving customer expectations and technological advances are drivin … ⌘ Read more
Experiment in Digital minimalism
I recently read Cal Newport’s book Digital Minimalism. It really
resonated with me, despite (or because of?) being glued to my computer
many hours of the day.
Cal suggests a month of digital decluttering, at first cutting off
everything that your job and other obligations don’t depend on. At the
end of the month you evaluate what, if anything, is to be let back
inside.
I did a decluttering plan for April. It ended up being an ongoing
project when I’m writing this in June.
🚭
One of the things I hate, yes, I really hate it, is cigarette smoke. I get angry when I smell the smoke of the neighbors who are smoking directly in front of the entrance door of our apartment build, while we are trying to let fresh air in. But situations like smelling smoke at train stations or bus stops make me feel really uncomfortable as well. ⌘ Read more
New Bike Day: My new Cube Hyde Race
On Thursday, or better, let’s say yesterday on Friday, was New Bike Day for me. I finally got my new bike, which I bought after doing a lot of research. ⌘ Read more
10 years of the GitHub Security Bug Bounty Program
Let’s take a look at 10 key moments from the first decade of the GitHub Security Bug Bounty program.
The post 10 years of the GitHub Security Bug Bounty Program appeared first on The GitHub Blog. ⌘ Read more
Develop Kubernetes Operators in Java without Breaking a Sweat
Discover testing possibilities that let developers consider Java as the language of choice for Kubernetes-related projects. ⌘ Read more
just pushed a quick fix… let me know if it is still dorked up! thanks for calling it out, too!
Update multiple Kubernetes objects/configmaps in one go!
Community post originally published on dev.to by Sunny Bhambhani There may be cases wherein we just need to update a Kubernetes configmap or any other Kubernetes object based on our requirements. And let’s say it’s just one or… ⌘ Read more
What is Git? Our beginner’s guide to version control
Let’s get you started on your Git journey with basic concepts to know, plus a step-by-step on how to install and configure the most widely used version control system in the world.
The post What is Git? Our beginner’s guide to version control appeared first on The GitHub Blog. ⌘ Read more
How to Change the Voice of ChatGPT on iPhone, Mac, iPad
ChatGPT for iPhone, iPad, and Mac, all include a very impressive Voice Chat feature, that lets you have voice chats and full on conversations with the advanced AI Large Language Model. One of the fun ways to customize Voice Chat with ChatGPT is to change the voice to something you prefer, and there are multiple … Read More ⌘ Read more
How to Change the Voice of ChatGPT on iPhone, Mac, iPad
ChatGPT for iPhone, iPad, and Mac, all include a very impressive Voice Chat feature, that lets you have voice chats and full on conversations with the advanced AI Large Language Model. One of the fun ways to customize Voice Chat with ChatGPT is to change the voice to something you prefer, and there are multiple … Read More ⌘ Read more
Erlang Solutions: Balancing Innovation and Technical Debt
Let’s explore the delicate balance between innovation and technical debt.
We will look into actionable strategies for managing debt effectively while optimising our infrastructure for resilience and agility.
Balancing acts and trade-offsI was having this conversation with a close acquaintance not long ago. He’s setting up his new startup, filling a market gap he’s found, rushed before the gap closes in. It’s a common starting … ⌘ Read more
How to Search Google Without AI Rubbish & Clutter
Remember when you used to use Google search and it would only return a list of links for web results, letting you easily find what you’re looking for? Google was once the best way to search the web, but as almost all Google users have noticed, the web search engine has become less of an … Read More ⌘ Read more
JMP: Newsletter: SMS Routes, RCS, and more!
Hi everyone!
Welcome to the latest edition of your pseudo-monthly JMP update!
In case it’s been a while since you checked out JMP, here’s a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone numbers, one app; Free as in Freedom; … ⌘ Read more
Ocean Loop
⌘ Read more
Ocean Loop
⌘ Read more
Erlang Solutions: A Comprehsive Guide to Ruby v Elixir
Deciding what programming language is best for your long-term business strategy is a difficult decision. If you’re tossing the coin between Ruby and Elixir, or considering making a shift from one to the other, you probably have a lot of questions about both languages.
So let’s compare these widely popular and dynamic languages: Elixir and Ruby. We’ll explore the advantages and disadvantages of each language, as well as their optimal use … ⌘ Read more
Pinellas County - Base: 4.15 miles, 00:08:43 average pace, 00:36:09 duration
letting the work day frustrations out! the leg felt pretty good today actually. it was HOT (88F) and humid!
#running
Open source software in AI and cloud trends to watch in 2024: thoughts from the Netris community
Member post originally published on Netris’s blog Let’s face it: The world of open source software can feel boring – in a good way. Open source has become so pervasive, and so deeply entrenched within modern software stacks… ⌘ Read more
Erlang Solutions: Technical debt and HR – what do they have in common?
At first glance, it may sound absurd. Here we have technical debt, a purely engineering problem, as technical as it can get, and another area, HR, dealing with psychology and emotions, put into one sentence. Is it possible that they are closely related? Let’s take it apart and see.
What is technical debt, anyway? A tongue-in-cheek definition is that it is code written by someo … ⌘ Read more
In the summer of ‘22 I upgraded my perfectly working soundcore Liberty 2 Pro to the Liberty 3 Pro because they have ANC and have been using them ever since. But since the L2P are still working perfectly, I connected them to my phone again and use them sometimes. Too sad to let them rot in the closet, and I guess nobody wants to buy used in-ear headphones. ⌘ Read more
DOS Week Part II Begins!
Modern computing? Bah! Bah, I say! Let’s toss aside our fancy-shmancy Linux, Windows, & Mac machines and focus on the king of Operating Systems: DOS! All the fun happens at https://lunduke.locals.com/ ⌘ Read more
Which Operating System has the Most Vulnerabilities?
Serious question. Is it Windows? iOS? Ubuntu Linux? Which system is the least / most secure? And, while we’re at it, are computers more or less secure now than before? Let’s look at hard stats (on CVEs) and find out. The (free) article: https://lunduke.locals.com/post/5467882/which-operating-system-has-the-most-vulnerabilities ⌘ Read more
Periodic Table Regions
⌘ Read more
Periodic Table Regions
⌘ Read more
Extended content warning
I realized recently that I wrote some cringe (to put it mildly) posts in my late adolescent phase. On the one hand, I would of course like to banish these posts from my blog, after all, my opinion has changed completely in some cases since then. But on the other hand, it would be a shame to let this part of my personal development simply disappear. ⌘ Read more
Compare Loans Easily on iPhone, Mac, iPad, with Numbers App
If you’re shopping for a loan, let’s say for buying a car, you’ll undoubtedly have a few loan options. Comparing loans can be intimidating and daunting, and it’s hard to know which option is right for you, or which loan may make the most sense for your particular situation, especially when the pressure is on … Read More ⌘ Read more
JMP: Newsletter: eSIM Adapter (and Google Play Fun)
Hi everyone!
Welcome to the latest edition of your pseudo-monthly JMP update!
In case it’s been a while since you checked out JMP, here’s a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone numbers, one app; Free as i … ⌘ Read more
ProcessOne: Matrix gateway setup with ejabberd
As of version 24.02, ejabberd is shipped with a Matrix gateway and can participate in the Matrix\
\
federation. This means that an XMPP client can exchange messages with Matrix users or rooms.
Let’s see how to configure your ejabberd to enable this gateway.
Configuration in ejabberd HTTPS listenerFirst, add an [HTTP h … ⌘ Read more
JMP: Newsletter: JMP is 7 years old — thanks to our awesome community!
Hi everyone!
Welcome to the latest edition of your pseudo-monthly JMP update!
In case it’s been a while since you checked out JMP, here’s a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone numbers … ⌘ Read more
Research Account
⌘ Read more
Research Account
⌘ Read more
Ignite Realtime Blog: XMPP Summit 26 & FOSDEM
On February 1st and 2nd, the 26th XMPP Summit will take place in Brussels. Immediately afterwards, the FOSDEM event will take place on the 3rd and 4th of February.
I’ll be attending both (although I won’t be present for the second day of FOSDEM). If you happen to be in Brussels, let me know! Maybe we can meet up!
1 post - 1 participant
[Read full topic](https://discourse.igniterealt … ⌘ Read more
Wine grape growers drive tractors through Riverland streets in protest against below-cost prices
Growers in Australia’s largest wine grape producing region are calling for more government support, along with a mandatory code of conduct to ensure the sustainability of their industry, with many letting their fruit rot due to below cost prices. ⌘ Read more
det er dyrt at have så billig en hobby.
det er i hvert fald virkelig let at at købe en masse udstyr man mååske ikke har brug for 😅 ⌘ Read more
Deals: AirPods from $99, Apple Watch 9 for $329, iPads from $249, MacBook Air 15″ for $1099, etc
Amazon continues to offer some great hardware deals on Apple gear, so if you’re in the market it’s a great place to check first. Why pay full MSRP when the same hardware is discounted? From deals on AirPods, iPads, Apple Watch, MacBook Air 15″… let’s take a look! M2 MacBook Air 15″ for $200 Off … [Read More](https://osxdaily.com/2024/01/25/deals- … ⌘ Read more
JMP: Newsletter: JMP Data Plan
Hi everyone!
Welcome to the latest edition of your pseudo-monthly JMP update!
In case it’s been a while since you checked out JMP, here’s a refresher: JMP lets you send and receive text and picture messages (and calls) through a real phone number right from your computer, tablet, phone, or anything else that has a Jabber client. Among other things, JMP has these features: Your phone number on every device; Multiple phone numbers, one app; Free as in Freedom; Share one … ⌘ Read more
Frenemies to friends: Developers and security tools
When socializing a new security tool, it IS possible to build a bottom-up security culture where engineering has a seat at the table. Let’s explore some effective strategies witnessed by the GitHub technical sales team to make this shift successful.
The post Frenemies to friends: Developers and security tools appeared first on [The GitHub Blog](http … ⌘ Read more
How to Use Voice with ChatGPT on iPhone
The official ChatGPT app for iPhone includes a voice feature, letting you speak with the chat bot and hear answers back from high quality voice options. Voice chat with ChatGPT lets you have hands-free interactions with ChatGPT, and can be very useful for a wide variety of purposes. If you haven’t used voice chat with … Read More ⌘ Read more