Lmst

One week in Valencia

https://friendica.world/display/84b6ef2b-1167-cbfd-9e66-c04020264832

@kreideland Ich hab eine manuelle Nudelmaschine und die muss man kaum reinigen. Einfach nach dem Nudel-Meckern mit einem feuchten Tuch alles abwischen. Wenn man einen Aufsatz mit Zacken hat (z. B. für Linguine) dann setzt sich manchmal was rein, aber fließendes Wasser und eine Spülbürste reichen.

@happyhippie

Photo of flowers and text saying: Happy Birthday, Wilhelmina!

Petra boosted:

The domain mirage.foxb612.com and IP address 65.108.53.178 have been blocked (defederated) from Enby.Life. These are part of a fediverse crawler system that indexes servers based on the country where they are physically located. This wouldn't normally be against our rules, but the crawler goes to great lengths to de-anonymize instances, including sending fake-signed ActivityPub probes to obtain the server's true IP address. Requests from the crawler use a web browser's User Agent to evade filters, and documentation on the website mentions that CloudFlare bypasses are also in use.

Given the complexity of setting up something like this, we believe that the crawler is likely operating with bad intentions. While there could be some use for an index of instances based on community region, tracking the actual physical location of the server backends is highly suspicious. I'd encourage all instance admins to consider whether something like this poses a threat, and to take appropriate action.

For anyone interested in going beyond a simple domain block, please see these log excerpts typical of being crawled via AP probes. Logs are taken from a non-standard Sharkey deployment and may not directly translate to other software, but I've tried to include as much detail as possible anyway.

Sharkey admins can check whether you've been scanned by searching for backend log patterns like this (make sure to replace your instance hostname where appropriate):

Feb 17 20:10:21 campsite run-sharkey.sh[241576]: INFO *        [apserv sigcheck]        req-yzi /users/9fpwmts9tv (by Mozilla/5.0 (X11; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0) apparently from mirage.foxb612.com: we don't know the user for keyId https://mirage.foxb612.com/kiite/key/enby.life/1739823020/NHc8pVYoNGmLk3My/main-key, trying to fetch via https://mirage.foxb612.com/kiite/key/enby.life/1739823020/NHc8pVYoNGmLk3My/main-key

Alternately, anyone with Activity Logging in place can check for AP fetch errors like this:

id,at,duration,host,request_uri,object_uri,accepted,result,object,context_hash
a4n23pddff,2025-02-24 20:10:24.433000 +00:00,894.86,mirage.foxb612.com,https://mirage.foxb612.com/kiite/key/enby.life/1740427823/Y93ZjgZHZlxNSuxa/main-key,,false,Error: invalid content type of AP response - content type is not application/activity+json or application/ld+json: https://mirage.foxb612.com/kiite/key/enby.life/1740427823/Y93ZjgZHZlxNSuxa/main-key,,

A final indicator is reverse-proxy logs showing this domain as part of an HTTP Signature header. Here's an example from our Caddy server:

Feb 24 20:10:25 campsite caddy[916]: 2025/02/24 20:10:25.329        ERROR        http.log.access.log0        handled request        {
  "request": {
    "remote_ip": "65.108.53.178",
    "remote_port": "53964",
    "client_ip": "65.108.53.178",
    "proto": "HTTP/1.1",
    "method": "GET",
    "host": "enby.life",
    "uri": "/users/9fpwmts9tv",
    "headers": {
      "Accept-Encoding": [
        "gzip, deflate"
      ],
      "Accept": [
        "application/activity+json"
      ],
      "Connection": [
        "keep-alive"
      ],
      "Content-Type": [
        "application/activity+json"
      ],
      "Date": [
        "Mon, 24 Feb 2025 20:10:23 GMT"
      ],
      "Signature": [
        "keyId=\"https://mirage.foxb612.com/kiite/key/enby.life/1740427823/Y93ZjgZHZlxNSuxa/main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) host date\",signature=\"5umGzjOXHeV8DdI4NjQqwbag6ChMKYS6\""
      ],
      "User-Agent": [
        "Mozilla/5.0 (X11; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0"
      ]
    },
    "tls": {
      "resumed": false,
      "version": 772,
      "cipher_suite": 4865,
      "proto": "http/1.1",
      "server_name": "enby.life"
    }
  },
  "bytes_read": 0,
  "user_id": "",
  "duration": 0.901198418,
  "size": 254,
  "status": 500,
  "resp_headers": {
    "Date": [
      "Mon, 24 Feb 2025 20:10:25 GMT"
    ],
    "Access-Control-Allow-Origin": [
      "*"
    ],
    "Alt-Svc": [
      "h3=\":443\"; ma=2592000"
    ],
    "Content-Type": [
      "application/json; charset=utf-8"
    ],
    "Strict-Transport-Security": [
      "max-age=15552000; preload"
    ],
    "Access-Control-Allow-Methods": [
      "GET, OPTIONS"
    ],
    "Content-Length": [
      "254"
    ],
    "Access-Control-Allow-Headers": [
      "Accept"
    ],
    "Server": [
      "Caddy"
    ],
    "Access-Control-Expose-Headers": [
      "Vary"
    ],
    "Cache-Control": [
      "private, max-age=0, must-revalidate"
    ]
  }
}

#FediBlock #BlockRecommendation #Moderation #Crawler #Scraper

RE: https://enby.life/notes/a4vj8c2xq1

@Sven_Holger_Wolf Ich finde das auch toll. Der Dank gilt aber auch den tollen Schwestern, die diese Beleuchtung mit organisiert haben, eine davon ist Saliha Bektas. Ich schließe mich den guten Wünschen an! ☺️ #ramadan #köln

@ruud @nathan Haha, I also have the impression the logo is upside down but actually it's still the same. The coloured space and the white space/yellow space both form an "f", one the right way round and one upside down. I never noticed, until I changed the theme.

Sunday morning walk

https://friendica.world/display/84b6ef2b-1767-c463-84c9-47e285227172

@remcolee You're welcome! I'm glad it worked. I speak German and English. I do understand quite a lot of Dutch (and love it) but I don't really speak it.

@d_zwoelfer @read_and_riot Ich auch, im öffentlichen Nahverkehr und in Arztpraxen.

@ruud @nicopunktse Ah, now I read your instructions again, I need to be in the account settings... That is well hidden, indeed!

@ruud @nicopunktse The >> take me to different things depending on whether I'm in the NEW or CONVERSATIONS or COMMUNITIES tab, but there's never any settings! Your link works, though, thank you!

@ruud @nicopunktse I can only find account settings. Where are general settings?

Petra boosted:

Make sure you let your representatives know how important it is to keep supporting Ukraine! 🇺🇦

#SlavaUkraini

@remcolee Kopier de hele URL van zijn Mastodon-profiel in het zoekfenster in friendica, dann opent het in friendica en je kan volgen. Excuseer voor mijn slechts Nederlands...

@ruud Is there a way to change to Bookface on my phone?

@Lady_Amalthea Ich habe keine Empfehlung für ein Handy, aber mein Vater benutzt zum Tippen auf dem Smartphone einen Stylus mit einer speziellen Spitze. Das findet er offensichtlich einfacher, als seine Finger zu benutzen. Vielleicht wäre das auch was für Deinen Opa und dann hat er eine große Auswahl an Handys.

@FotoVorschlag @agsn_photo Ah, danke! Da habe ich ihn auch noch nicht gesehen, aber auch nicht drauf geachtet! Das werde ich in Zukunft tun.

@FotoVorschlag @agsn_photo Wo bekommst Du den her? Den und Mönchsbart finde ich großartig, aber die sind schwer zum selber ziehen (jedenfalls auf meinem Balkon) und ich finde sie nirgendwo zu kaufen. Mönchsbart haben wir mal vor ein paar Jahren auf Sardinien im Supermarkt entdeckt, aber seither nie wieder, auch nicht im selben Supermarkt.

@katharinehayhoe.com That's funny! 😄 Though I understand the idea behind it, bear in mind that 95 % of the EU Europeans (and probably 80 % Brits) wouldn't be able to tell the difference. Also, most of us have a very strong far right party in our country (here in Germany we just had elections and our extreme right party won 20 % and the candidate of the "regular" right wing one will in all probability be chancellor), so we sympathize.

Petra boosted:

Buy Nothing Friday

https://friendica.world/display/84b6ef2b-5667-bffc-0ab4-349215462267

Client Info