#BillGates and #LinusTorvalds just met each other for the first time

(The other two are Mark Russinovich and Dave Cutler)

https://www.linkedin.com/posts/markrussinovich_i-had-the-thrill-of-a-lifetime-hosting-dinner-activity-7341857033932914691-f5Kw

#Linux #Microsoft #Windows

Zu heute passt dieser Erobique Banger, finde ich
https://link.deezer.com/s/30g7gGlz7iGFrV35kyocX

Sonntag release party
King Size Dub #Hamburg im/am Hochwasserbassin

https://link.deezer.com/s/30fsHlqfmR3QxAkbCOF7V

@Lorker Ich habe mir ne zeitlang jeden Morgen den Sonnenaufgang angeschaut, das war teilweise spektakulär

More people have been working on blocking whole ranges of IP numbers, since that catches hosting providers that give bots access to the whole range they control. They switch IP numbers all the time so a filter based on IP numbers won't catch them. But if we can determine their autonomous system number (ASN), for example, we can block all the IP number ranges they control.
Now, since these hosting providers also host nice things like other fediverse instances, I don't want to block them forever. I want to block them for 10min, and if they continue after a few of these shorter blocks, I want to block them for a week. Hopefully, their clients have ended their Internet slurping and things are back to normal. This is how fail2ban works, but only for individual IP numbers.
I want code that bridges this gap.

This script here tries to guess (!) IP ranges and bans those using fail2ban. I need to investigate more.
https://github.com/WKnak/fail2ban-block-ip-range

I'm still fascinated by asncounter. It might even work without logfiles, using tcpdump!
https://anarc.at/blog/2025-05-30-asncounter/

There's also the problem of how deep to go into the rabbit hole. Here's somebody who calls whois to determine the networks:
https://unix.stackexchange.com/questions/181114/how-can-i-teach-fail2ban-to-detect-and-block-attacks-from-a-whole-network-block

#ButlerianJihad

Traffic meter per ASN without logs https://anarc.at/blog/2025-05-30-asncounter #debian-planet #python-planet #software #network #sysadmin #tor #censorship #python

Am Sonntag ist es wieder soweit, mit dem #fahrrad über die #Köhlbrandbrücke in #hamburg

😂

"Download festival rockers told to take off smartwatches after moshpits spark emergency alerts

Police received nearly 700 false ‘collision’ 999 calls from Leicestershire heavy metal event in 2023"

https://www.theguardian.com/music/2025/jun/14/download-festivalgoers-warned-accidental-999-calls-moshpit

🇬🇧I can't recommend the EU-funded DNS service #DNS4EU because access is logged. When you override warnings to access "harmful websites" they even log your IP address. https://www.techradar.com/vpn/vpn-privacy-security/the-eu-challenges-google-and-cloudflare-with-its-very-own-dns-resolver-that-can-filter-dangerous-traffic

There are government-free services that do not log: https://www.privacyguides.org/en/dns

Update: I understand now the IP address is kept for 24 hours to prevent the confirmation prompt from showing again.

This week's #ThursDeath is a killer new find, Hyvinkää, Uusimaa Finland's DEATHGOAT and their fucking EXCELLENT new LP 'Dragged Into Realms Below' that Xtreem just put out. This thing is a churning, raging, roaring mass of filthy death metal. Riffs, solos, it's got it all. Finnish death metal doesn't fuck around, man. And there's often a lot of gems via Xtreem. A surprising contender this year and REALLY worth a listen.

https://xtreemmusic.bandcamp.com/album/dragged-into-realms-below

#metal #DeathMetal #Finland #FinnishMetal #Deathgoat #Xtreem #2025Albums #2025Records @wendigo @HailsandAles @rtw @Kitty @lola @umrk @cory

Love the pitch.

Relooted is an Africanfuturist heist experience on PC and Xbox developed by South African studio Nyamakop where players steal cultural artifacts from the west and bring them back to their home.

https://butwhytho.net/2025/06/relooted-nyamakop-day-of-the-devs/

#afrogaming #gaming #linuxgaming #BlackMastodon #BlackFedi #antiWesternism #africanFuturism #africanFuturist #africa

Just a reminder that Nobel-prize winning PCR (1983), used in basically any genetic tech today, was only possible because of an extremophile bacterium discovered in 1964 in Yellowstone funded by a small ~$80k NSF grant with no obvious application at the time. The value of basic #science cannot be predicted and often is realized decades after it's done.

How a discovery in Yellowstone National Park led to the development of PCR - Richmond Scientific
https://www.richmondscientific.com/how-a-discovery-in-yellowstone-national-park-led-to-the-renowned-technique-of-dna-amplification-pcr

Can’t wait for @jwildeboer ’s https://nerdcert.eu/ to take off and be included in the usual bundles like Debian ca-certificates as a big FU to Google, who mandate webbrowser-consumer-only key usages for certificates soon, and to Let’s Encrypt who are following Google mindlessly and try to argue people with these uses to death instead of standing up for people’s freedom and keep existing, working uses of SSL/TLS merely because those are not webbrowser-consumer uses.

#nerdcert #LetsEncrypt #SSL #TLS #X509 #CA

@rufposten
Als ich für die Technik der tagesschau-App zuständig war, hat der damalige zweite Chefred. Nitsche das Benutzen der API durch eine Alternativ-App abgewürgt
@fraunora @OeRR_bewegen

#TheMetalDogArticleList
#Blabbermouth
OZZY OSBOURNE And BLACK SABBATH's Final Show 'Back To The Beginning' To Stream Worldwide

https://blabbermouth.net/news/ozzy-osbourne-and-black-sabbaths-final-show-back-to-the-beginning-to-stream-worldwide

#OzzyOsbourne #BlackSabbath #BackToTheBeginning #FinalShow #Metal #TonyIommi #GeezerButler #BillWard #PrinceOfDarkness #GlobalStream

@me
* Openvibe - unified Mastodon/Bluesky
* AntennaPod - Podcasts
* Pano Scrobbler - LastFM/LibreFM Scrobbler, auch von Mikro
* Voyager - Lemmy Client
* StreetComplete - Openstreetmap vervollständigen
* SeriesGuide - Serien/Movies tracken
* IronFox - Firefox Variante
* Tiny Tiny RSS - RSS Reader
* DeltaChat - Messenger mit SocialGraph auf Email-basierend
* JuiceSSH - SSH Client
* Kvaesito - Homescreen mit neuartigen Bedienkonzept
* Zapp - ÖRR Mediatheken und Livestreams

@mxk @iverbpunkt @rufposten
Und meine Antwort darauf:
https://pinboard.in/u:igorette/notes/583763e9c8ad246c4d7c

@mxk @iverbpunkt @rufposten

es kam eine Antwort, weil zu lang habe ich es woanders abgelegt:
https://pinboard.in/u:igorette/notes/7171d257434087820a69

Signal (and many other messengers) stores push tokens in their database in plain text. Which allows law enforcement to subpoena them (though signal has never publicly admitted this happening) and then law enforcement uses these push tokens to subpoena apple to get personal information associated with it like your full name, address, phone number etc.

This way Law Enforcement can correlate your personal information with your signal account which means participants in conversations are deanonimzed. (Though content is still encrypted).

If you organize in large signal groups (or any Messaging app using push notifications) there is a high chance law enforcement and intelligence agencies can tell that you're part of a group or not.

I don't understand why nobody is talking about this more. It's extremely problematic.

Apple started publishing stats on how often this happens now. They were gag ordered to not speak about it before but they have changed course (https://www.reuters.com/technology/cybersecurity/governments-spying-apple-google-users-through-push-notifications-us-senator-2023-12-06/)

You can find the stats here:

https://www.apple.com/legal/transparency/push-token.html

@mxk @iverbpunkt @rufposten Gerade per Kontaktformular hinterlassen