Show newer

On one hand I think it's naïve to expect that all medicine and disability care can be as straightforward as diy hrt but also I think there's definitely something to be sought out there with the kind of independence it affords us

Show thread

uspol and election meta 

Serious question: do you *need* to follow the elections in the US?

Don't get me wrong, you should do your part and do what you can to prevent a disastrous outcome. But you also need to recognize where "what you can do" ends, and where the doomscrolling loop begins.

We all know how bad things could end up being after this election, we're all aware. Reading up more on analyses and predictions is unlikely to improve our understanding, and even less likely to result in a concrete action that we can take against it - at least, one we didn't already think of.

Maybe it's better to just... detach from it, if you are not actively working on it already, let the chips fall where they may, and instead put your energy into building a sustainable society going forward, with or without the systems currently in place.

There are a lot more productive things you can do with your time and energy, than worrying more about something you already know is bad. And for a lot of those possibilities, it just doesn't really matter what the outcome of this election is.

✏️ Mark your calendars! In just two weeks, I’ll be offering a free Krita workshop (in French) at Capitole du Libre 2024. This session will be a perfect blend of exploring Krita’s features and sharing valuable drawing tips. I can’t wait to see you there and create together! 🎨 :krita:

More info: cfp.capitoledulibre.org/cdl-20

#cdl2024 #krita

okta vulnerability, grumbling about security (2) 

I will give Okta a tiny bit of credit for having used a cryptographic hash for their cache, which is something that many people get wrong. But that doesn't really help you if you then use the *wrong* cryptographic hash...

Show thread

okta vulnerability, grumbling about security 

Another year, another critical vulnerability in Okta's infrastructure - an authentication bypass for users with long usernames, this time.

They ran up against bcrypt's input limit. You know, exactly the kind of footgun that causes people to recommend "don't try to roll your own authentication, outsource it to experts". Like... Okta. Who used bcrypt. And did it wrong.

I would really like for people to stop recommending external authentication providers. It's not actually *that* hard to implement authentication correctly for the vast majority of cases, if you take some time to read up on how to do it. Outsourcing isn't the answer here.

I find myself wishing on a daily basis that I had built @bitfolk database as postgres from the start instead of MySQL (now MariaDB).

Don't be like me. If your new thing needs a relational DB, Just Use Postgres.

#JustUsePostgres #postgresql

Just after posting this I lost 3 hours of my life to MariaDB's unhinged and cursed "utf8 charset/collation isn't really utf8" nonsense.

mathiasbynens.be/notes/mysql-u

Show thread

So, does OVH have an actual internationally-expanded datacenter yet, or are they still just building stuff in the Frenchest places they can find?

Any fonts nerds here who'd offer to help me pick a font design for my homepage? I vaguely know in which direction I want to go, but I don't know a lot about fonts

It's 1214 days since I filed a React Native bug because an external keyboard user on Android cannot get focus into a text input field so can't fill in forms. No-one cares. Except people with access needs, of course. github.com/facebook/react-nati

Tyre mobility kit (spare tyre substitute) says to read the manual for instructions. We check the manual. Not under Tyre. Not under Puncture. Not under Tyre Mobility Kit. Not under Flat.

It's under I. For 'If'. Of course.

#FlatTyre #AccurateButNotUseful #TechnicalWriting #Index

LB (phpc.social/@elazar/1134025684)
Please, as an absolute minimum to participate in society,

*Mask if you know you're sick*

Absolute. Bare. Minimum.

Omg the dominos guy who works next door is dressed up as a ninja turtle to deliver pizzas lmao

This, too, is rail transport. Two miners on infrastructure of the "10 de Noviembre" co-operative are exiting one of Cerro Rico's many adits with a fully loaded mining cart. The hill in Potosí, Bolivia, whose exploitation supplied a great part of the wealth of the Spanish colonial empire, has been continuously mined for almost 500 years, primarily for silver. Today, mining is still conducted without any large machinery through self-employed miners using co-operatively owned infrastructure. Work environments in the mountain are extremely hazardous, and particularly due to the lack of adequate protection from silicosis and poor healthcare, few miners live beyond the age of 45.

Pros of self-hosting:

You're in charge of your server and data

Cons of self-hosting:

You're in charge of your server and data

Trans people! I want to hear your coming-out stories (both to yourself and to others) that didn't fit the usual stereotypes and expectations. I want to hear about wrong assumptions that hurt you and made you repress even more.

Figuring out one's gender identity outside of the "wanted to be a girl in early childhood" and the "cross-dressing realization at Halloween" stories can be pretty lonely. So let's light some lights for our baby queers together
:boost_ok:

it's been a while since we've said this and we suspect it has not yet reached everyone it needs to, so we'll say it again just on general principles

activists should study how movements fail, for the same reason that architects study how buildings fall down

Show older
Pixietown

Small server part of the pixie.town infrastructure. Registration is closed.