otter

joined 1 year ago
MODERATOR OF
[–] otter@lemmy.ca 19 points 2 days ago* (last edited 2 days ago) (7 children)

Oh nice, the Android app is out!

I can give it a try now

Link to download page within the account settings, for those that have been onboarded already: https://loops.video/dashboard/get-the-app

Edit: it feels very smooth

[–] otter@lemmy.ca 3 points 2 days ago

As an unrelated point, when I searched again just now, most of the entries in the search engine were from Lemmy/Mbin, followed by Mastodon. Mostly this post and others like it

[–] otter@lemmy.ca 3 points 2 days ago* (last edited 2 days ago) (2 children)

So you got this survey in an email. Was the link intended to be shared like this? Can I find the survey link somewhere on Mozilla’s own websites?

The email was through their newsletter and I would have offered to forward it, if it didn't have personal information in it. Maybe someone else who is subscribed to the newsletter can back up the claim instead?

I actually searched for the website link to put in the post body before sharing, and went through a similar thought process as yours when I didn't find it. My reasons for sharing it anyway were:

  • Sometimes these emails say to not share it further, but this one didn't
  • I see it shared already in a few places unofficially (Mastodon, Reddit, Twitter)
  • It mentioned 'Mozilla Community' and not a more specific group, so this audience seemed appropriate
  • People here might have better feedback than I could write up, so it should be a net positive for Mozilla

It would be nice if they did post about it on an official account to resolve any concerns. If it helps, it looks like "mozillafoundation.tfaforms.net" has been used for other surveys in the past and so you might find a link to that domain from an official source


edit:

their website has links to that domain based on a search of the GitHub repo

For example, the 'Submit a product here' link on this page: https://foundation.mozilla.org/en/privacynotincluded/

It's also possible to submit without filling in the demographic questions if people are concerned but still want to submit

[–] otter@lemmy.ca 7 points 3 days ago* (last edited 3 days ago)

~~I see a textbox saying "What do you want to see from Mozilla in the future?" You could add it there, as justification for why you want them to focus less on it~~

There is a text box part way through, I included my more general thoughts there

(my comment was getting rambly)

[–] otter@lemmy.ca 3 points 3 days ago* (last edited 3 days ago)

Specific to generative AI, I think client side generation can be a good thing, such as sentiment analysis or better word suggestions/autocomplete.

A number of other helpful tasks have negative outcomes, but if someone is going to use it, then I prefer they use the version of the tech that minimizes those negative outcomes. Whether Mozilla should be focussing on building that is a different matter though

AI that isn't generative AI has a lot of positive uses, but usually that's not what these discussions are about

 

I got a copy of the text from the email, and added it below, with personal information and link trackers removed.

Hello [receiver's name],

I’ve long dreamed about working for Mozilla. I learned how to send encrypted e-mail using Mozilla Thunderbird, and I’ve been a Firefox user since almost as long as I can remember. In more recent years, I’ve been an avid follower of Mozilla’s advocacy work, and was lucky enough to partner with Mozilla on investigative journalism in my last job.

In many ways, Mozilla was the dream – and now, as the leader of the Foundation, my job is to make my dreams for Mozilla come true. What that means, though, is making your dreams come true – for a trustworthy and open future of technology; for tech that is a tool for liberation, not limitation; and for tech that values people over profit.

So I’m reaching out to technologists, activists, researchers, engineers, policy experts, and, most importantly, to you – the people who make up the Mozilla community – to ask a simple question.

[receiver's name]. What is your dream for Mozilla? I invite you to take a moment to share your thoughts by completing this brief survey.

Let’s start with this question:

Question 1: What is most important to you right now about technology and the internet?

  • Protecting my privacy online
  • Avoiding scams
  • Choosing products, apps, technology, and services that I can trust
  • Keeping children safe online
  • Responsible use of AI
  • Keeping the internet is open and free
  • Knowing how to spot misinformation
  • Other (please specify)

Take the survey now →

With your help, together we can imagine and create the Internet we want. Thank you for being a part of this.

Always yours,

Nabiha Syed Executive Director Mozilla Foundation

[–] otter@lemmy.ca 3 points 1 week ago

Very cool, and thank you for taking the time to make such a detailed post!

[–] otter@lemmy.ca 12 points 1 week ago (4 children)

If you are using any Synology products with your setup, you should go ahead and apply the recommended updates

 

As Synology explains in security advisories published two days after the flaws were demoed at Pwn2Own Ireland 2024 to hijack a Synology BeeStation BST150-4T device, the security flaws enable remote attackers to gain remote code execution as root on vulnerable NAS appliances exposed online.

"The vulnerability was initially discovered, within just a few hours, as a replacement for another Pwn2Own submission. The issue was disclosed to Synology immediately after demonstration, and within 48 hours a patch was made available which resolves the vulnerability," Midnight Blue said.

From a different source:

Synology proactively sponsors and works with security researchers as part of product security initiatives. At this year's Pwn2Own Ireland 2024 event, which took place in late October, we successfully discovered and resolved multiple security vulnerabilities.

While these vulnerabilities are not being exploited, we recommend all Synology device administrators immediately take action to secure their systems by updating due to the scope and severity of specific issues.

[–] otter@lemmy.ca 9 points 1 week ago

I'd imagine it's the same as personal finance apps. A spreadsheet can be enough, and it is enough for a lot of people, but a custom app can make things easier:

  • reducing the friction of keeping track
  • built in visualizations
  • alerts
  • integrating the data with other tools

etc.

[–] otter@lemmy.ca 17 points 1 week ago* (last edited 1 week ago)

Something being FOSS doesn't necessarily mean it's safe / ethical, but a LOT of FOSS apps are designed with those principles in mind.

However, being FOSS means that if an app claims that it is safe / ethical (ex. In this case, not storing data anywhere but on your device), you or an experienced peer can check the code to verify that fact.

 

This release has fixed some CVE Reports reported by a third party security auditor and we recommend everybody to update to the latest version as soon as possible. The contents of these reports will be disclosed publicly in the future.

cross-posted from: https://lemmy.eco.br/post/8758930

If you're using Vaultwarden, you should update because of security fixes.

[–] otter@lemmy.ca 30 points 1 week ago* (last edited 1 week ago)

Good note, I didn't notice that in the original post. I edited the title

 

cross-posted from: https://lemmy.ml/post/22332949

JD Vance said that ‘American power comes with certain strings attached’

Archive link

[–] otter@lemmy.ca 7 points 1 week ago* (last edited 1 week ago) (6 children)

I wonder if there is any pattern to those numbers

edit: ah I didn't notice, thanks all :)

[–] otter@lemmy.ca 33 points 1 week ago

There was the attack on the Internet archive recently, are there any good options out there to help mirror some of the data or otherwise provide redundancy?

 

I saw this post and I was curious what was out there.

https://neuromatch.social/@jonny/113444325077647843

Id like to put my lab servers to work archiving US federal data thats likely to get pulled - climate and biomed data seems mostly likely. The most obvious strategy to me seems like setting up mirror torrents on academictorrents. Anyone compiling a list of at-risk data yet?

 

cross-posted from: https://lemmy.ca/post/31947651

definition: https://opensource.org/ai/open-source-ai-definition

endorsements: https://opensource.org/ai/endorsements

In particular, which tools meet the requirements and which ones don't:

As part of our validation and testing of the OSAID, the volunteers checked whether the Definition could be used to evaluate if AI systems provided the freedoms expected.

  • The list of models that passed the Validation phase are: Pythia (Eleuther AI), OLMo (AI2), Amber and CrystalCoder (LLM360) and T5 (Google).
  • There are a couple of others that were analyzed and would probably pass if they changed their licenses/legal terms: BLOOM (BigScience), Starcoder2 (BigCode), Falcon (TII).
  • Those that have been analyzed and don't pass because they lack required components and/or their legal agreements are incompatible with the Open Source principles: Llama2 (Meta), Grok (X/Twitter), Phi-2 (Microsoft), Mixtral (Mistral).

These results should be seen as part of the definitional process, a learning moment, they're not certifications of any kind. OSI will continue to validate only legal documents, and will not validate or review individual AI systems, just as it does not validate or review software projects.

 

Privacy advocates got access to Locate X, a phone tracking tool which multiple U.S. agencies have bought access to, and showed me and other journalists exactly what it was capable of. Tracking a phone from one state to another to an abortion clinic. Multiple places of worship. A school. Following a likely juror to a residence. And all of this tracking is possible without a warrant, and instead just a few clicks of a mouse.

 

cross-posted from: https://sh.itjust.works/post/27020356

We are officially finished with The Book. Now onto something that matters.

Today is an exploratory session to explore the lemmy codebase, see how well it's documented for contribution, and make a targets for contribution.

If anyones following along this week is dedicated to familiarizing ourselves with the codebase. Pull it down, set up our dev environment, run the code. After that pick a directory and attempt to explain a few functions to a duck. If a duck is not present find a google search result for the term "duck" will suffice.

As always, a stream will be available at the following link of myself doing this for around 2 hours starting one hour after this post is made. https://www.twitch.tv/deerfromsmoke

 
 

The code that runs Redbox DVD rental machines has been dumped online, and, in the wake of the company’s bankruptcy, a community of tinkerers and reverse engineers are probing the operating system to learn how it works. Naturally, one of the first things people did was make one of the machines run Doom.

As has been detailed in several great articles elsewhere, the end of Redbox has been a clusterfuck, with pharmacies, grocery stores, and other retailers stuck with very large, heavy, abandoned DVD rental kiosks. To many people’s surprise, many of the kiosks remain operational even with the bankruptcy of Redbox’s parent company, which has led some people to “liberate” DVDs from the abandoned kiosks. Reddit is full of posts by people who say they have taken dozens of DVDs from kiosks all over the country.

In a Discord community called “Redbox Tinkering,” a FAQ states “just ask the store manager if you can have it. They will most likely tell you to just take it, but don’t just take it without asking.”

“Use heavy or appliance hand-trucks/dolly to wheel it onto your trailer or out to your truck,” the FAQ says. “It is heavy, so be prepared. I pull it right onto the trailer and strap it down standing up. You can lay them down, but know that most of the discs will be in disarray when you open it. Take everything having to do with Redbox, don’t leave a mess.” The FAQ also contains information about how to disconnect the Redbox from its power supply and how to cut through the bolts that secure the kiosk to concrete with a grinder. It also has information about how to open and disassemble the device at home.

“Unlike most tinkerer's my main goal isn't to reverse engineer the Official Software more than I have to. I am mainly interested in carousel movement, movie retrieving/returning, etc. I am using the machine to make my own version of the App to effectively do the same thing the original software does, but with my own spin on it. I mainly want to use it to create a massive DVD/Blu-Ray storage machine with ease of use for retrieving the movies.”

“I work in IT and have a decent sized Homelab and I've always been interested in making things work again once they break,” they added.

view more: next ›