@adulau@infosec.exchangePost-quantum defaults and GnuPG
@… email is a very insightful overview of where the standards, implementations, and openness of the community.
After years of using OpenPGP, the PQC discussions are a good opportunity to rethink what we should prepare for next and especially which community we should work with.
…
@fanf@mendeddrum.orgis there a way on wikipedia to reset all of my account settings to the defaults?
i have a mess of display preferences that don’t work properly and i’m pretty sure there are some old settings in my account that the current ui doesn’t expose
at least, anything i do to change the font size has no effect
@kubikpixel@chaos.socialThe hidden cost of Google's AI defaults and the illusion of choice
Google says it respects user privacy in AI, but the reality is not so black and white.
Many people are hoping—nay, praying—that the potential AI bubble will burst soon.
🫤 https://arstechnica.com/a…
@michabbb@social.vivaldi.net🛡️ The project has been externally audited twice – the most recent audit in August 2025 found zero security vulnerabilities
⚠️ Critics argue asterisks reveal password length to 'shoulder surfers' – #Ubuntu marked the bug
report as 'Won't Fix', no rollback planned
⚙️ Disable the new behavior via: Defaults !pwfeedback in the sudoers configuration file
🔄…
@frankel@mastodon.topThe State of #Java on #Kubernetes 2026: Why Defaults are Killing Your #Performance
@socallinuxexpo@social.linux.pizzaMichael Stahnke will speak on 'When Everything Looks Like a Container: Rethinking 15 Years of Cloud-Native Defaults' as part of our Cloud Native Days track at SCaLE 23x. Full details: https://www.socallinuxexpo.org/scale/23x
@gyp_vokag@social.linux.pizzaDefaults at AtSite will shape place. Scope the world to fit the moment. Rate-limit week by default.
@j_honegger@swiss.socialFrom #AnnafromUkraine @AnnafromUkraine@youtube.com
RUSSIA MASS #DEFAULTS: OLIGARCHS DON’T TRUST PUTIN ANYMORE Vlog 1326: War in #Ukraine
russian
@kubikpixel@chaos.socialVibe Coding Has a Security Problem, and Shipping Code You Do Not Understand Is Not a Strategy
AI-assisted coding is speeding up software development, but it is also making it easier to ship insecure defaults, weak access controls, poisoned dependencies, and code nobody on the team can confidently defend.
🧑💻
@digitalnaiv@mastodon.social„Eine ganze Generation ist zum Versuchslabor der Plattformökonomie geworden“, schreibt Carsten Knop #FAZ(€). Doch ein Verbot für U16 bekämpft Symptome. Wer Identitätspflicht fordert, öffnet Überwachung Tür und Tor. Stattdessen: Produktregulierung, restriktive Defaults, Schluss mit algorithmischer Manipulation. #Jugendschutz
@gray17@mastodon.socialfinally got around to "move my archive of scanned documents out of google drive" with the help of a lovely program "ocrmypdf", which is basically a python wrapper around tesseract and various pdf tools, but it's a really well done wrapper.
the simple invocation:
`ocrmypdf input.pdf output.pdf`
does what I want. the defaults are sensible. and now I can pdfgrep when I need to find that thing from 20 years ago that I still have for questionable "I do…
@fanf@mendeddrum.orgfrom my link log —
Some better defaults for Emacs.
https://git.sr.ht/~technomancy/better-defaults/blob/main/better-defaults.el
saved 2026-04-08
@datascience@genomic.social{ggblanket}, a wrapper around #ggplot for quick, explorative plots with sensible defaults and less code. https://davidhodge931.github.io/ggblanket/
@chrysn@chaos.socialFunny how people, in light of the LiteLLM compromise, jump to the conclusion that the solution is to make your supply chain even more intransparent by vendoring in dependencies through an LLM's processing, rather than just using pinned and vetted dependencies by default over tools' defaults "yolo there has been an update and it claims to be semver compatible" attitude.
@ellie@ellieayla.net
@mgorny@social.treehouse.systemsFun post pointed out by Werner Koch on the GPG "post-quantum defaults" thread:
#cryptography #QuantumCryptography #security
@al3x@hachyderm.ioMy recent experience with #VSCode started very badly.
Since, it improved immensely. Now I have a couple of days of coding on some small Go projects that felt good.
I am still struggling with shortcuts. In particular `F12` and `Ctrl- -`. I am sticking with the defaults for now.
@jackie@social.linux.pizzaisn't it crazy how I can write an essay with a pen and paper or a typewriter or a computer and it still sounds like me but the second I copy-and-paste a wikipedia article it sounds different? what gives? I thought plagiarism was just another tool?
@theodric@social.linux.pizzaHave tidied up kwin_wayland patch to change the hardcoded gestures to sensible defaults, and I am working my way through implementing a file-based configuration interface for all possible inbuilt gestures that kwin_wayland can send. I'm not sure if this is all going to work thanks to Wayland's certifiably insane paranoid security model, but at least I should be able to let you decide how many fingers to swipe with what direction of swipe triggers a built-in gesture in the wm.
@jswright61@ruby.socialMade a change, the clone I’ve been working on is now at https://left-wordle.com. The old url should redirect.
There are some changes - please report any bugs.
check out the prefs - you can add custom text to the share text header line, defaults to (Left Wordle), and add a line below the grid, default is bl…
@grahamperrin@bsd.cafe @ellie@ellieayla.net
@gla@mastodon.socialI wrote about getting rid of #bartender, #ice, #thaw… In short, everything I was using to work around the notch of my #mac
@lepire@social.linux.pizzaBeen trying to cook up a systemd-sysext for crowdsec crowdsec firewall bouncer to extend the base flatcar container linux image. Surprisingly straightforward with the sysext bakery.
However, crowdsec needs a mutable folder where it can write stuff (e.g logs etc.). This defaults to /var/crowdsec/data. I can create the /var/crowdsec/data folder but when crowdsec attempts to create and write to the logs folder below this I see a permission error.
Am I missing something obvious? A…
@tiotasram@kolektiva.socialIn the interests of starting a more productive dialogue than yesterday's main character was interested in, let's make a #brainstorm thread about design changes to ActivityPub and/or client UI that could actually help address drive-by (often racist) harassment on the fediverse.
Feel free to discuss pros/cons but don't feel an idea needs to be perfect to suggest it. Also since this is a brainstorm don't worry about complexity/implementation cost. If you have a great-but-hard-to-implement idea someone else may think of a way to simplify it.
Note that the underlying problem *is* a social one, do there won't be a technological fix! But tech changes can make social remedies easier/harder.
I've got some to start:
1. Have a "protected mode" that users can voluntarily turn on. Some servers might turn it on by default. In protected mode, users whose accounts are less than D days old and/or who have fewer than F followers can't reply to or DM you. F and D could have different values for same-sever vs. different-server accounts, and could be customized by each user. Obviously a dedicated harasser can get around this, but it ups the activation energy for block evasion and pile-ons a bit. Would be interesting to review moderation records to estimate how helpful this might or might not be. Could also have a setting to require "follows-from-my-server" although that might be too limiting on private servers. Restriction would be turned off for people you mention within that thread and could be set to unlimit anyone you've ever mentioned. Would this lock new users out of engagement entirely? If everyone had it on via a default, you'd have you post your own stuff until someone followed you (assuming F=1). One could add "R non-moderated replies" and/or "F favorites" options to soften things; those experiencing more harassment could set higher limits. When muting/blocking/reporting someone who replied to your post, protected mode could be suggested with settings that would have filtered the post you're reporting.
2. Enable some form of public moderation info to be displayed when both moderator and local server opt-in. Obviously each server would be able to ignore federated public tags. I'm imagining "banned from X server for R reason (optional link to evidence)" appearing on someone's profile & an icon on their PFP in each post viewed by someone on server Y *if* the mods of server X decide it's appropriate *and* server Y opts in to displaying such tags from server X specifically. Alliances of servers with similar moderation preferences could then have moderation action on one server result in clear warning propagation to others without the other mods needing to decide whether to also take action immediately. In some cases different moderation preferences would mean you wouldn't take action yourself but would keep the notice up for your users to consider. Obviously the "Scarlet Letter" vibe ain't great, but in some cases it's deserved, and when there's disagreement between servers about that, mods on server Y could either disable a specific tag or disable federation of mod tags from that server in general. Even better shared moderation tools are of course possible.
3. Different people/groups have different norms around boosting. Currently we only have a locked/public binary. Without any big protocol changes, adding a "prefers boosts/doesn't" setting which would warn in the UI before a viewer chooses to boost if the preference is "doesn't" could help. This could be set per-post, but could also have defaults and could have different values for same-server or not, or for particular servers. For example, I could say "default to prefer boosts from users on my server but not from users on other servers" or "default to prefer boosting on all servers except mastodon.social." Last option might be harder to implement I guess.
#ActivityPub #Meta #Harassment
