@jagedn Pero puedes adjuntar GIFs? O quieres decir algo como tenor.com?

Shout out to @puckipedia for finding CVE-2022-24307, shout out to the European Commission for sponsoring a bug bounty program that incentivized the discovery, and shout out to @Claire for organizing the patch releases!

It’s my birthday! 🙂

"Lufthansa confirmed that 18,000 flights had been flown empty to keep slots"

https://www.airlive.net/lufthansa-group-confirmed-that-18000-flights-had-been-flown-empty-to-keep-airport-slots/

I compiled highlights of the year for #Mastodon in 2021.

https://blog.joinmastodon.org/2021/12/mastodon-recap-2021/

If you ask me, too much top content is still self-referential.

Looking for an Android developer to work together with our UX designers on Mastodon's official Android app. Contract work, only remote. E-mail hello@joinmastodon.org

We're talking about an account that was created through normal means, that is not really distinguishable from just any random account, but contains something like "hello 1.2.3.4|" in its bio. The way they seem to be used is that some botnet software checks the profile to get its commands that way. It is not a Mastodon vulnerability and I don't think its specific to Mastodon either.

I'm terribly sorry for today's downtime. We are now back.

Post-mortem:

Yesterday my hosting provider, Hetzner, received an abuse report for our entire IP due to a user account that apparently was used as a botnet controller. I suspended the account immediately, but forgot to submit a statement to Hetzner.

After 24 hours, the IP to mastodon.social was locked by Hetzner. I've reached out to them as soon as I learned of this.

I want to write about Web 3 being a total misdirection but it feels like such a chore explaining why.

Tolkien estate blocks JRR Token crypto-currency https://www.bbc.com/news/technology-59373968

@stux Hope you like the new UI around hashtags

First episode of #Foundation was good!

God bless

I don't have a problem with most emoji short codes, but:

😄 smile
🙂 slightly_smiling_face

bothers me a lot.

On Oct 26, we sent a formal letter to Truth Social’s chief legal officer, requesting the source code to be made publicly available in compliance with the license.

According to AGPLv3, after being notified by the copyright holder, Truth Social has 30 days to comply or the license may be permanently revoked.

More context: https://blog.joinmastodon.org/2021/10/trumps-new-social-media-platform-found-using-mastodon-code/

A small victory: An hour after we sent a cease & desist letter to #Gab's legal team on Oct 21 regarding their failure to publish up-to-date source code in compliance with Mastodon's AGPLv3 license, they have uploaded a new version.

That is not all that we demanded in the letter, but it is nevertheless a victory in upholding the AGPLv3 license of our project, and a signal to those who doubt that we are willing to show teeth to those who ignore it.

More context: https://blog.joinmastodon.org/2019/07/statement-on-gabs-fork-of-mastodon/

Someone has sent me 10 e-mails worth of what looks like Q-anon type conspiracy drivel mixed in with pictures of me with the subject "Truth Social" so right now I'm wondering if I should delete them and block the sender or keep them as evidence in case it escalates lol

On an unrelated topic, you can do me a favour by playing around with @Eunomia's first public pilot for a bit over on https://mastodon.eunomia.social

Just need some people to post stuff and press buttons and see how it works.

Dealing with spammers right now

I have never heard the term "web 3" used in any context other than trying to sell some cryptocurrency, to the point where I cannot take it seriously at all.