Show more

looks like someone is crossposting my toots without authorization to nostr.

if you are reading this at iris.to/npub1s6u73hepwap3wpzvh then you're getting scammed; this account and data is posted only at @sneak on activitypub.

macOS 14.4.0 will phone-home to apple's data collector (xp.apple.com) even with analytics off when doing an update. new behavior however is that it will also do this when only "download updates" (but not install them) automatically is enabled.

it also contacts gs.apple.com to get the signed boot ticket (and transmit your ECID) at download time, which happens background/automatically even if you've told it not to install updates automatically.

this is your periodic reminder that you should:

a) turn off wifi
b) run an ethernet cable to your computer
c) get a WIRED headset with boom mic
d) use an external webcam
e) use a key light

for fuck's sake it's 2024 learn how to make phone calls

today is actually a full moon so i can’t tell if the full moon rising over the ridge in the joshua tree at night “environment” for the AVP is always a full moon, or if some nameless engineer at apple programmed it to dynamically match the actual phase of the moon.

i really need to update my mastodon and mattermost instances, the latest mobile clients don’t like talking to my servers. this sort of attitude toward forcing users onto an api upgrade treadmill is pathological.

sneak boosted

An absolutely bonkers assault on encryption is happening right now in Nevada.

This week, the state AG moved for a temporary restraining order to stop Meta from rolling out default E2EE on Messenger for under-18 Nevadans. The state's brief characterizes E2EE apps as a tool for child predators. It argues that Meta's claims about E2EE protecting privacy & security are deceptive, so this is a CONSUMER PROTECTION VIOLATION. Oh, and half the brief is redacted.

Brief is here:
drive.google.com/file/d/1qq9Zk

for google accounts with advanced protection turned on (aka mandatory hardware FIDO/U2F 2FA), it’s impossible to login on apple vision pro due to the fact that you cannot NFC or USB to your U2F keys. this is a problem.

sneak boosted

A drone that sprays you with "a substance" if it determines that you have an "aggression factor greater than an aggression threshold."
US Patent 11618562

the amazon cunts are putting banner ads inside my order history list now. this angers me beyond words. i am being punished for being a loyal and frequent customer.

wow, AVP is mega mega version 1.0 - i loaded my IMAP email configuration profile on it, and it's "unknown payload" and the account doesn't show up. it doesn't even support adding email accounts from profiles yet, and i see no way to use it to extend a mac desktop across a local lan unless you use icloud on the mac (i don't).

i think visionOS 1.5 or 2.0 is going to make this thing a lot lot lot more useful.

macbook air : ultrabook :: mac mini : nuc

so jwz blocked me (lol, big surprise) but mastodon the software is pathological and now hides all of his *public* posts from me *on my own instance*, even though i can go to the instance he uses and read them all there because they are public. clicking on the notifications of him replying to me now makes them display for a moment then flash away hidden, even though my instance received them. why does mastodon allow remote users to decide what i can read off of my own server? @Gargron

There's a bug in latest/current Mail.app (v 16.0) that sends remote HTTP requests for messages under certain circumstances even when "block all remote content" is checked in the privacy tab in settings. Thank fuck for Little Snitch.

the Apple Business Manager website only supports Safari, Chrome, or Edge. you can't use firefox, it doesn't even show bugs, it just pops a modal saying "unsupported browser" and tells you to FOAD

nPlayer in the iOS app store says it doesn't collect data on its app privacy label, but its privacy policy says it does, and the app privacy report shows it actually exfiltrating data to google APIs in practice. app privacy labels are self-reported.

sneak boosted
sneak boosted

HOLY SHIT
" After a great 25 year relationship Caesars abruptly terminated their contract with DEF CON, leaving us with no venue for DC 32, and just about seven months to Con! "

forum.defcon.org/node/248360

#defcon #infosec

Show more
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!