https://archive.ph/Y7MVs

News article: https://www.msn.com/en-in/money/news/google-backed-dotpe-s-apis-expose-sensitive-data/ar-AA1ra3xx

This startup provides a shitty digital menu for restaurants. You scan a qr code that takes you to a terrible website where you submit your order. Once its ready the waiter brings it to you.

Someone opened their ordering webpage on a PC and looked at the API calls being made using their browser's dev tools. Turns out the entire API is public. This person was able to order on behalf of another table and view records of all the sales that took place at the restaurant.

The funniest thing is, instead of disclosing this to DotPe, the person instead wrote a blog post and posted it on Hacker News for the updoots. While describing this situation as a "vulnerability" feels extremely charitable, I think he should have covered his bases to avoid lawsuits.

https://ghostarchive.org/varchive/YLQGYZK-8J4

Yesterday I accidentally wiped my Firefox profile. Upon creating a new one I was hit with the realisation of just how many shit defaults Firefox has. This made me consider using a fork which un-enshittifies Firefox.

There is only one that I know of, LibreWolf. Thankfully it seems actively maintained. So on Windows I have started using that for now. On Linux I still use Firefox because the enlightened repository maintainers don't allow any Firefox/Chromium forks and I don't wanna use Flatpak or pacakge it myself.

Are there any other forks worth considering?

https://archive.is/2AfDy

https://archive.is/2024.09.16-214410/https://interestingengineering.com/innovation/china-starlink-detect-stealth-fighters#selection-373.0-373.86

https://archive.is/5mr2C

https://archive.is/AQMn6

Looking to get a new laptop and this is what I'm thinking about.

Also do they overheat quickly?

A list of grievances of the US government and I think that they are directing the arrest of Pavel durov

"The company can gain access to messages unless users select a secret chat option with end-to-end encryption, according to two former employees. On at least two occasions, the company has retrieved the messages of former employees, one person said." LOL, the pretend privacy branding

A new browser with a "new engine" apparently ("that being chromium, gecko and webkit" according to one comment).

Your overall thoughts on it? The video is less than 20 minutes so far. Looks 'ight so far too, afaik. But I'm no expert.

https://archive.is/c1ZIc

https://archive.is/4byIc

cross-posted from: https://hexbear.net/post/3384817

link that was attached to original post (1st ever ActivityPub), original post is linked in this post

The obvious choice for ActivityPub’s birthday would be the 23rd of January 2018 - the day it was annointed as a W3C recommendation. That doesn’t seem quite right though - its not as if the spec came into existence in any sense upon that date. In fact, Mastodon implemented it before thne.

There are several possible dates you might pick, but for me it will always be September 5th 2014 - when I committed the first sketch of a specification I called ActivityPump [github.com] and pushed it to Github

It wouldn’t be until November that I actually submitted (a revised and enhanced version of) that draft to the working group, but even then I had the very nucleus of the specification written down.

Happy 10th birthday, ActivityPub. 🍰