IndieWeb post types

This content type is full of IndieWeb post types, which are all content types which allow me to take greater ownership of my own data. These are likely unrelated to my blog posts. You can find a better breakdown by actual post kind below:

 Listen

Listened to Decipher Podcast: Dan Lorenc Returns
Post details
Dan Lorenc, co-founder and CEO of Chainguard, joins Dennis Fisher to dig into the recent XZ Utils backdoor incident, the implications for the open source ecosystem, and what can be done to avoid similar incidents in the future. Then they discuss the problems facing NIST’s National Vulnerability Database and the CVE ecosystem.

 Repost

Reposted Meredith Whittaker (@Mer__edith@mastodon.world)
Post details
I have a lot more to say, but I'll hold it for now and simply wonder aloud... Which BigTech clouds are the "Lavender" & "Where's Daddy?" AI systems running on? What APIs are they using? Which libraries are they calling? What work did my former colleagues, did I, did *you* contribute to that may now be enabling this automated slaughter? (Also, content warning. This is some of the sickest shit I've ever read.) https://www.972mag.com/lavender-ai-israeli-army-gaza/

 Like

Liked Ariadne Conill 🐰 (@ariadne@treehouse.systems)
Post details
get into computers, they told me when i was a kid, you'll have fun and possibly a rewarding career! reality: my computers have been interdicted by intelligence agencies to install god knows what on them before i receive them, presumably in the hope of extricating my signing keys, i have to deal with something called "docker", and another thing called "kubernetes", there is a whole profession called DevOops and i have to deal with entitled pricks who say my projects are "dead" because i did not review their error-ridden patches fast enough for their liking

 Repost

Reposted Mike McQuaid (@mikemcquaid@mastodon.social)
Post details
Your belated reminder, in the aftermath of the xz backdoor, that open source maintainers still owe you nothing: https://mikemcquaid.com/open-source-maintainers-owe-you-nothing/ Not only do they owe you nothing but: if they are running a large open source project at scale and have been doing so for a while: in almost every case they know vastly more about doing so than almost anyone else in the world does. Open source users and contributors: show some more gratitude and, frankly, deference to the maintainers who keep OSS alive.

 Listen

Listened to On-call was just the beginning—reflecting on Q1 2024 at incident.io by The Debrief by incident.io
Post details
Q1 2024 is officially behind us. So we figured that it was a great time for a bit of reflection on the exciting start to the year. In this episode, we sit down with our founders, Stephen, Chris, and Pete, to get a bit of perspective on how the last three months played out. We chat about On-call, our AI launch, and the hundreds of other features, bug fixes, and bits of polish and delight that we've shipped over the last 12 weeks. We also chat about the state of the company as a whole, our growth, and ultimately what's on the horizon.

 Like

Liked jacobian (@jacob@jacobian.org)
Post details
I really can only shitpost about the #xv debacle because the whole thing just makes me tired and sad. Anyone paying even a tiny bit of attention to the conversation about open source sustainability could have told you this was inevitable. And now we're watching people blame a volunteer trying to step back, and rehashing all the same old tired arguments we've been having literally for decades. It's just so tired and predicable and boring and sad.

 Like

Liked Dr. Maddkap, Werepsychologist (@drmaddkap@meow.social)
Post details
My favorite Ren Faire story: I knew a guy who kept a Starfleet insignia pinned to the inside of his garb. A few times per season, some folks would come to the Faire cosplaying as a Star Trek landing party, investigating a “primitive” world. He would take them aside, show his insignia, and identify himself as a Starfleet officer on a cultural research mission. He’d call them out for breaking the Prime Directive and ruining his research. Then he’d demand to know what ship they’re from, and threaten to get them court martialed if they didn’t change into something less conspicuous.

 Repost

Reposted Marko Karppinen (@karppinen@mastodon.online)
Post details
There’s a combo hot take brewing in my head about the #xz and #redis debacles. It goes something like: When the shit hits the fan and part of the reason appears to be an overworked and underpaid maintainer, lots of people come out of the woodwork to demand more respect and money for them. But when a maintainer recognizes that they’re in an unsustainable situation and dares to make a proactive change, well FUCK THAT GUY. WHO THE HELL DOES HE THINK HE IS?

 Like

Liked danielle 🏳️‍🌈 (@endocrimes@toot.cat)
Post details
Anyone who thinks commit signing is the answer to malicious actors, at a time when the web of trust has been killed by a lil green verified box, is foolish. Like sure they verify that someone who can log into a particular GitHub account is the author of a commit, but that… don’t mean shit when the author is malicious 🙃