2024-05-31 16:57:44
This is a really good short article critquing UK Labour Party centrists like Wes Streeting, whom Grace calls 'liberals':
"The contradiction here is very obvious: liberals construct their own tribal political identity based on the claim that they do not appeal to tribal political identities."
#UKLabour
Find And Tell
Great Australian Pods Podcast Directory: #GreatAusPods
Find And Tell
Great Australian Pods Podcast Directory: #GreatAusPods
Entry into force of Digital Identity Regulation | Shaping Europe’s digital future
https://digital-strategy.ec.europa.eu/en/news/entry-force-digital-identity-regulation
Two decades before the war against Ukraine, a “special operation” was launched against #Russian #historical #memory,
aggressively reshaping the nation’s understanding of its history and identity.
The Kremlin’s
My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…
Great read and amazing news actually!
Oh, Zot! Nomadic Identity is Coming to #ActivityPub https://wedistribute.org/2024/03/activitypub-nomadic-identity/
Here, Queer, Everywhere!
Great Australian Pods Podcast Directory: #GreatAusPods
Stunning. 34% of the population in Chinese prisons are #Uyghurs, who make up ~1-2% of the population.
China has a top-down strategy to, basically, criminalize an entire ethnic group and, with time, eliminate their unique cultural, religious, and social identity.
Partnering or working with the Chinese government means supporting these genocidal policies. That includes
#NomadicIdentity: "#OpenWebAuth used to be called #MagicAuth, because of how seamless the experience is...you can jump from one part of the
🔊 #NowPlaying on KEXP's #VarietyMix
X‐Ray Spex:
🎵 Identity
#XRaySpex
https://open.spotify.com/track/4nkYn6fooFedT9r3dRQn8Z
"Uncontrollable Vocabularies: Queer Theory, Sexual Identity, and the Catalog" https://journal.radicallibrarianship.org/index.php/journal/article/view/101
My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…
Any #ruby dev out there willing to do a simple plugin for #discourse?
A handful of indie devs are pitching in with working examples of FedCM, an important new identity standard with direct implications for the #fediverse
•••Settling into my autistic identity is a very “Love me, love my dog” affair.
•••Second #OSB constitutional: Beer pong is the acme of Western civilization.
•••Pork heart chunks were popping in the microwave! 🐷 ❤️ 🦘
👍 New federal rule bars #transgender school bathroom bans, but it likely isn’t the final word
What to know about new federal rule that blocks transgender school bathroom bans | AP News
http…
#Spam des Tages: »Nachricht wichtig :Registrierung für Gebührenfrei Mastercard® Identity Check™«
http://spam.tamagothi.de/?p=25049
Folk This
Great Australian Pods Podcast Directory: #GreatAusPods
Under the current #German "#transsexual #law", people may officially change their first name and gender only after they have been assessed by two psychiatrists and a court has given permission.
The "
When I used ‘Leo Varadker is the Taoiseach’ as an example of a contingent proposition in my lecture the other week, I didn’t realise it would be false before the end of the course!
The same happened with Theresa May when I taught this course a few years ago. I’m now considering putting money on Donald Trump disproving the law of self-identity! 😆 #philosophy
🔊 Auf radioeins läuft...
X-Ray Spex:
🎵 Identity
#NowPlaying #XRaySpex
https://open.spotify.com/track/4nkYn6fooFedT9r3dRQn8Z
https://plasterofparis.bandcamp.com/track/identity
The Rubasha Family Podcast
Great Australian Pods Podcast Directory: #GreatAusPods…
TODAY (27 March) is the deadline to apply for the #Trust & #Identity #Mentorship Programme (TIM)! #Students w…
Können wir mal drüber reden, dass all diese „wir erkennen Sie an der Stimme“-Hotlines ein Sicherheitsrisiko darstellen?
#security #voiceidentifikation #identity
•••Settling into my autistic identity is a very “Love me, love my dog” affair.
•••Second #OSB constitutional: Beer pong is the acme of Western civilization.
•••Pork heart chunks were popping in the microwave! 🐷 ❤️ 🦘
"I knocked on the apartment door of the woman who had given birth to me thirty-nine years before, whose face I had not seen, whose voice I had not heard, whose hands I had not touched, since I was a newborn baby. Whose identity was an official secret I did not unlock until six months before this moment, right now, when she stood in the doorway, her face smiling in the way I've since become accustomed to seeing as she said, 'Hi!'"
Rainbow History Class
Great Australian Pods Podcast Directory: #GreatAusPods
There were two other sessions on the #Fediverse at Internet Identity Workshop this week. One by me, on Identity in the Fediverse and one by @… on Data Portability.
To my surprise, many attendees were not or only very marginally aware of the Fediverse. We need to commun…
A Purim note from Justice Ruth Bader Ginsburg to Rabbi Gurary from Chabad at UB.
(#Mazeldon
Nigeria denies Binance CEO’s claims of $150M bribe demand and criticizes attempt to discredit the government.
"Binance cannot make our country look bad without proof. We strongly demand that they do the needful."
[Well, when one knows how Naija works, it's easy to believe Binance... /s]
#Nigeria #Binance
My home state will be the poorer for it.
“#Alabama Republicans pushed through a sprawling measure on Tuesday that would not only ban state funding for diversity, equity and inclusion programs at public universities, local boards of education and government agencies, but also limit the teaching of ‘divisive concepts’ surrounding race, gender and identity.”
German parliament has just passed the “self-determination act” ( #selbstbestimmungsgesetz) which lets people change their gender and name in official records and legal documents through an administrative procedure based on self-identification. This is a major change from the previous legal status that often treated the identity of trans and nonbinary people as a medical diagnosis. …
It's #Mayday, so as antifascists let's not forget the contributions of the Tunisian trade union movement and the fishing associations in the decline of Generation Identity. #union #solidarity
The National Cancer Institute really needs to do better…
I’m in a study (”Connect”) which has a website for paperwork & they obviously require login: take in an email or phone # and send it a link to a page which requires the user to re-enter whatever the original identity was. Look, no password!
But it requires passing messages over your pick of the 2 least secure comm channels for #security
TOMORROW is the deadline for applications to the #Trust and #Identity Incubator #Mentorship Programme (TIM). #Students
Oh nein, jetzt bin ich zu spät zum Sender losgehetzt wegen #RadioIrrtum! und stolpere draußen ausgerechnet noch über eine alte B-Kante, die mich jetzt noch ewig aufgehalten hat. Hofffffffffentlich schaffe ich es noch; geht ja schon 20 Uhr los...
htt…
The I In Us
Great Australian Pods Podcast Directory: #GreatAusPods
The I In Us
Great Australian Pods Podcast Directory: #GreatAusPods
In an atmosphere where government is less trusted, i understand some reactions to the EU Digital Identity Wallet, at the same time it's in my view much more transparant, privacy-friendly then any Google or Apple solution everybody uses without hesitation everyday.
#EU #DigitalIdentity
Coming soon, views of your databases in your Kitten* app’s Settings page (/💕/settings) pages. And, after that, data export and import.
* #SmallWeb
Medical Flyways
Great Australian Pods Podcast Directory: #GreatAusPods
#AdTech:"Why are we repeating the same mistakes? Today we stand on the dawn of #cookiefree advertising, tasked with reimagining the world. Instead, we are dangerously close to a colossal failure of imagination. Our focus is on identity resolution graphs & hashed emails—the exact kind of tracking …
The #Trust and #Identity #Mentorship Programme enables students to learn from the best in the field. Hear from a student from the 2023 programme:
"Overall, the TIM programme has not only equipped me…
Medical Flyways
Great Australian Pods Podcast Directory: #GreatAusPods
It's #Mayday, so as antifascists let's not forget the contributions of the Tunisian trade union movement and the fishing associations in the decline of Generation Identity. #union #solidarity
Turning Point: The Bomb and the Cold War 1x08 "Moscow Will Not Be Silent" ★★★★★★★★☆☆ https://trakt.tv/shows/turning-point-the-bomb-and-the-cold-war/seasons/1/episodes/8
About to run a session on identity and the open social web / fediverse at #iiw. Lots of unsolved problems.
Today, #DuckDuckGo is launching a new browser-based tool that
🌟automatically scans data broker websites for your name and address
🌟and requests that they be removed.
Gabriel Weinberg, the company’s founder and CEO, says the personal-information-removal product is the first of its kind where users don’t have to submit any of their details to the tool’s owners.
The service will ma…
The #Trust and #Identity #Mentorship Programme enables students to learn from the best in the field. Hear from a student from the 2023 programme:
"Overall, the TIM programme has not only equipped me…
Buyima Gathang
Great Australian Pods Podcast Directory: #GreatAusPods
Introducing the 2024 GÉANT #Community Award shortlisted nominees:
1/4🙋♀️Marina Adomeit
As a #Trust & #Identity Project Manager at @…
His identity has long been a matter of speculation and investigation, but #Banksy may be forced to reveal his real name if a dispute over a print of the late Queen Elizabeth depicted as a bejewelled primate ends up in court.
Two art collectors are taking legal action against the graffiti artist’s company, #Pest
And this happens just a few months after #SirvoStudios, who made #Guildlings, another of my favorite #games, announced that they couldn’t find funding for their new projects. Wish them love and my hugs as well
To everyone on both companies: thank you. Your games are my favorites and they’ve truly become part of me and who I am. They helped me find myself and my identity, and I’ll never forget that. They were magic lights in my dark days and pacific gardens on my harsh days. I’ll keep returning to your games and playing them over and over again. You’re all awesome, and #indieGames are awesome.
✨Thank you✨
Introducing the 2024 GÉANT #Community Award shortlisted nominees:
1/4🙋♀️Marina Adomeit
As a #Trust & #Identity Project Manager at @…
That Was Unexpected
Great Australian Pods Podcast Directory: #GreatAusPods
🚨 3 days left to submit your Lightning Talk and BoFs proposals! Don’t be shy! Take to the stage at #TNC24 hosted by RENATER in Rennes, and use this exciting #opportunity to share your #ideas with the
The Score
Great Australian Pods Podcast Directory: #GreatAusPods
5 days to go⏳ The deadline is fast approaching to apply for the #Trust and #Identity Incubator #Mentorship Programme (TIM). GÉANT #NREN
Ubuntu Voices
Great Australian Pods Podcast Directory: #GreatAusPods
In The Gap
Great Australian Pods Podcast Directory: #GreatAusPods
GayFL: A Queer Footy Podcast
Great Australian Pods Podcast Directory: #GreatAusPods
Grounded & Connected Empowerment
Great Australian Pods Podcast Directory: #GreatAusPods
Blaksiders
Great Australian Pods Podcast Directory: #GreatAusPods
Better Work
Great Australian Pods Podcast Directory: #GreatAusPods
Who We Are
Great Australian Pods Podcast Directory: #GreatAusPods
Out Takes
Great Australian Pods Podcast Directory: #GreatAusPods
Story Globe
Great Australian Pods Podcast Directory: #GreatAusPods
Story Globe
Great Australian Pods Podcast Directory: #GreatAusPods
River To Reef With Sam Thaiday
Great Australian Pods Podcast Directory: #GreatAusPods
CALD Voices In STEM
Great Australian Pods Podcast Directory: #GreatAusPods
Harmony In The Fast
Great Australian Pods Podcast Directory: #GreatAusPods