sneak @sneak@sneak.berlin

@abdulocracy note that this toot was written at 9pm on a saturday while i rebuild my mailserver container because ubuntu sucks

@abdulocracy no because i have a life

@quixote @jessicawildfire tbh we probably won't find out, most people so affected will just die unstudied

ubuntu including rspamd packages (which are so out of date as to be an active hazard) in ubuntu is really sad and caused me a lot of wasted time today. i literally would have been better off if they didn't have the package in the repo, i would not have to redo this work today.

mediaanalysisd seems to not phone home on image preview in 13.2, with live text on or off. then again, who knows if it only does so if its database is a certain age or something?

ok, we've had siri suggestions turned off for ages. now live text is turned off too. let's see what other bullshit this computer does now.

@xorman oh, i didn't know it's that locked up. :( lame. bullshit IP protectionism making our tech worse unnecessarily once again

@tard neither. it's real but photoshopped.

@jessicawildfire the anti-minimizing-disease-risk is something i can get behind, though. people are fools, generally speaking.

@jessicawildfire there's nothing in your account to support the conclusion you put forth in the title. maybe it was EBV, maybe it wasn't. people go nuts without EBV too.

yet another new apple phone-home process you can block all network for: ndoagent, the new device outreach agent, which as far as i can tell only exists to upsell spam you. it phones home to fetch https://cdsassets.apple.com/library/APPLE/asset/ndoV2.plist which doesn't have much in it.

more info at

/System/Library/PrivateFrameworks/NewDeviceOutreach.framework/ndoagent

I just observed a regression on CVE-2022-32857 (plaintext TSS signing during OS update, leaking unique identifiers to the network via http/80 connections to gs.apple.com) on 13.1 (M1) when updating to 13.2. My system's ECID was transmitted in plaintext.

@thegibson every time i hear this meme i think of kaminsky

apparent apple software update (13.1 -> 13.2 on M1) phoning home (xp.apple.com is telemetry AFAIK) admittedly via private relay (to obscure client ip) but this is happening with analytics OFF.

@jb61 your friend

apple is using their private relay service (which presumably obscures client ip from apple APIs, but let's take them at their word on this) for a lot of macos-to-apple connections these days.

...including the connections to xp.apple.com from the T2/M1/M2 updater process during macOS updates. however, i have analytics off, and no telemetry from my machine should be going to xp.apple.com regardless, IP address obscured or not. :/