Hackers' Pub is a place for software engineers to share their knowledge and experience with each other. It's also an ActivityPub-enabled social network, so you can follow your favorite hackers in the fediverse and get their latest posts in your feed.
Surprised Nintendo didn't introduce its new "virtual cartridge" system with a cute mascot. He's called 'Dr. M'. He'll teach you how to download games and if you dare to try and load the same game on two consoles at the same time he'll chew you out and delete your Mario Odyssey save file.
A filmmaker and a crooked lawyer shattered Denmark's self-image
Link: https://www.theguardian.com/world/2025/mar/27/black-swan-denmark-documentary-mads-brugger-amira-smajic
Discussion: https://news.ycombinator.com/item?id=43493159
네크로댄서랑 셀레스트 콜라보했었어???
つづみエグゾルス
V2 BETA IS OUT. Whatever bugs have been plaguing you in Lip Gloss, Bubble Tea, or Bubbles v1 are more than likely already fixed in this release. We have put a lot of design consideration into improving performance and user experience while minimizing the affected API surface.
Let us know whatcha think about it! If there are any changes you'd like to see that may require changes to the existing API, now's the time!
https://github.com/charmbracelet/lipgloss/discussions/506
https://github.com/charmbracelet/bubbletea/discussions/1374
yeah my app's got that dog in them
そういえばここ数年テック系カンファレンスから足が遠のいていたのだけど、最近はトーク中にブレードを振るという文化ができていると聞いて、横転している。
えいえいおー!
Oh no! My friend Scot Kamins died! Four months ago. The nicest curmudgeon you'd ever meet. He'd got a bit hermitish in later years and so I didn't get to visit him.
He wrote the big hypercard book for Apple, back when. Great guy. We were good friends in 80s and 90s. He wrote FIDO THE BOOK, the printed manual for FidoNet.
We were regulars at Cafe Flore in San Francisco back when Doris Fish used to dance on the counter, and Mahmoud still worked there.
He loved dogs. When I knew him his big dog Walter was the laziest dog in the world. But goofy sweet. I think that was the last time Scot put white carpeting in the living room.
https://modernlib.com/FAQpages/modernlibFAQ/faqDogWhoAmI.html
@devarno.com created a new app password and tried to log into @skyflow.me and it just said auth failed. dunno if it's you or me!
鼻づまりのせいで寝れない
I'm excited to share that The Indie Beat has added 
@futzleDeborah Pickett 's "Texts With Void" to the spoken word channel!
https://theindiebeat.fm/spoken-word/
HT to 
@limebar for getting the ball rolling ❤️
Originally recorded for the launch of the Radio Free Fedi Word channel in August 2024, these audio dramatizations depict imagined text message conversations with The Void, into which one screams. And they're funny!
FlaskCon is at PyCon US 2025, and we're currently looking for talk proposals! Anything related to Flask, Quart, Click, or Jinja; such as open source, community, web applications, monitoring, deployment, HTML, CSS, CLI, async, JavaScript, APIs, etc. Submit your talk proposal today: https://www.papercall.io/flaskcon-pyconus2025 #Python #Flask #PyConUS #FlaskCon
I'm excited to share that The Indie Beat has added @futzleDeborah Pickett 's "Texts With Void" to the spoken word channel!
https://theindiebeat.fm/spoken-word/
HT to @limebar for getting the ball rolling ❤️
Originally recorded for the launch of the Radio Free Fedi Word channel in August 2024, these audio dramatizations depict imagined text message conversations with The Void, into which one screams. And they're funny!
How I know I'm getting really old. Have the chance to upgrade from 500Mb/$50/month service to 2Gb/$100/month service and not jumping on it.
8. It’s not just trans and gender nonconforming people who should be worried — most every marginalized group will be impacted by this measure, as well as huge impacts on married women.
y'all should follow 
@GraphicMattMatt Elliott if you care about Toronto
My favorite conservative pastime is when they accidentally describe utopia while trying to scare people about socialism
이게무슨
すべてのスギ・ヒノキを燃やし尽くさなければならない
鼻づまりがひどい
ぬー…
French civil engineer Charles Joseph Minard was born #OTD in 1781. He was known for his contributions to information graphics, including his famous map of the losses suffered by Napoleon during the 1812 Russian campaign.
Writing about Minard's map, Edward Tufte said “It may well be the best statistical graphic ever drawn.”
Image: Charles Minard / Public domain
아이덴티티커피랩의 맛난 디카페인 원두, 콜롬비아 나리뇨 엘 타블론 핑크 버번. 최근 접한 디카페인 중에서는 과일과 같은 산미가 잘 표현되어서 즐겨 마시고 있어요. 아쉽게도 지금은 품절이네요..
hooray! a title slide! I'll be talking at #MonkiGras next week about how we fucked everything up and will be questioning whether anything is retrievable at all. Should be good!
One of my main #web gripes: HTML forms can only use GET and POST methods.
If <form> also supported PUT and DELETE, you could easily map CRUD to HTTP methods and that would feel so much cleaner than splitting functionality for the same types over a bunch of different paths.
[즐겨찾기랑 부스트를 부탁드리는 툿]
vgen에서 아티스트 등록을 하고 싶은데 좋아요(즐겨찾기/커모지 리액션 등) 100개랑 멘션 5개가 필요하다고 해요
연합우주에서만 활동해서 이계정에 올려요 감사합니다!!
부탁해요 연합우주 
https://vgen.co/eugeneart
今天該開冷氣了吧!
The IFTAS CCS project was a pilot project to provide CSAM detection and reporting for Mastodon servers. The bulk of the project ran for 26 weeks, and while we cannot afford to maintain the service any longer, the findings below can inform future projects. All numbers are rounded for readability.
CCS received posts from eight services with roughly 450,000 hosted user accounts, 30,000 active monthly.
Our participants represented a range of service sizes from <10 to >100,000 accounts, and a range of registration options (open registration, open subject to approval, invitation only).
During the pilot period, CCS received 3.9 million posts via webhook, or 23,000 per day. These posts represent messages that were authored by or interacted with by the participating services’ active users, leading to media being stored on the host service.
Just under 40% (1.55 million) of all posts received included one or more media attachments to classify, leading to 1.86 million media files to hash and match. Posts with no media were discarded by the service.
Of the 1.86 million files, small numbers were either unsupported formats (~2,000) or no longer available when CCS attempted to retrieve the media for classification (~1,600). An additional ~3,100 media files failed to download.
In total, of the 1.86 million media files sent to IFTAS for classification, 99.665% were hashed and matched.
The hash matcher flags media for human review if it finds a match, or a near match, and after review IFTAS filed 53 reports related to 80 media files with NCMEC. This works out to 4.29 matches per 100,000 media files. An additional number of media files that matched were beyond our human review expertise to adequately classify, and therefore we elected to not report these files.
All of the matched media and subsequent reports were of real human victims, none were fictional, drawn, or AI generated. We did not receive matches for “lolicon”.
We elected to match against a broad array of databases to ascertain their effectiveness, and we found that databases maintained by child hotline NGOs (e.g. NCMEC, Arachnid) were far more effective than databases available from commercial service providers. We saw a handful of false positives, and the vast majority of them came from commercial providers. If we had continued, we would have narrowed down the databases in use.
All matched media generated a notification to the affected service provider, and IFTAS performed any necessary media retention for law enforcement.
4.29 matches per 100,000 may not sound like a large number. However, to be clear, this is a higher number than many services would expect to see, and it includes a broad range of media, from “barely legal” minors posted publicly, to intimate imagery shared without consent, to the very, very worst media imaginable. In some cases, it was apparent that users were creating accounts on host services to transact or pre-sale media before moving to an encrypted platform, under the belief that Mastodon would not be able to detect the activity.
There are 1.6 billion posts on the ActivityPub network today, and if our numbers hold true, this means there are currently many tens of thousands of copies of known CSAM on the network, likely significantly more as our service adopters by definition do not include providers that are not inclined to mitigate this issue, and criminals looking for anonymous accounts are likely to target less-moderated services.
If IFTAS found it happening so brazenly on the first servers we happened to look at, no doubt this activity is still occurring on servers that have no such protections. Mastodon is – at its simplest – a form of free, anonymous web hosting. The direct messaging feature precludes moderators and administrators from being aware of illegal content (it will never be reported by potential customers), and only a hash and match system is able to find these media and flag them.
Not only does inadvertently hosting CSAM revictimise the children involved, it also serves as an attack vector for the service to be targeted by law enforcement. We are aware of several instances of CSAM being uploaded for the express purpose of causing moderator trauma or an immediate report to law enforcement, leading to a significant amount of legal issues. This is essentially a form of swatting; simply upload CSAM, report it to the authorities, sit back and watch the server get taken down and possible criminal charges for the administrator.
We ensured that all webhooks were disabled by the host services, and once all review and reporting was completed, we hard-deleted all remaining data on the service, excepting the metadata and media required to be held for one year for possible law enforcement action. The AWS environment was then dismantled, deleted, and removed from service.
All associated staff and consultants were removed from the relevant IT services, and IFTAS retains no data nor metadata from any of the activity other than the bare minimum required by law pertaining to the encrypted media stored for law enforcement.
Some observed services that were clearly unmoderated and/or willing to host this content to the degree that federating with them would generate legal concerns were added to the IFTAS DNI denylist.
We hope that Mastodon, Pixelfed, Lemmy and other platform developers will quickly implement safeguards within moderation dashboards to minimise moderator trauma.
Content moderators commonly experience trauma similar to those suffered by first responders. Even though the development team may have never reviewed traumatic content, the app or service will at some point deliver this traumatic content to users of the moderation workflow. When presenting reported content to a service provider or moderator:
If you are a service provider, lobby your web host or CDN provider to perform this service for you, and ask them if they have resources you can use.
Cloudflare offers a free service worldwide, if you are a Cloudflare customer, consider enabling this option.
If you are a web host that hosts a large number of Fediverse providers, consider adding this safeguard at the network level.
Tech Coalition has a program aimed at small and medium services called “Pathways“, and they are very interested to hear from Mastodon and other Fediverse service providers. While this does not offer detection, it does offer background, guidance, and access to experts. Sign up to explore these options, and to demonstrate a good faith effort to address this issue. The more providers they hear from, the more likely we are to get better options.
We are aware of noteworthy efforts to continue this work. @thisismissem is working on a prototype implementation of HMA, and Roost is exploring an open source solution for small and medium size services.
Consider following and monitoring https://mastodon.iftas.org/@sw_isac to receive alerts when services are confirmed to be sources of this content.
A range of services and resources that can help mitigate this issue are available on our CSAM Primer page in the IFTAS Connect Library. We will continue to research and share resources that can help mitigate this issue for service providers. Please let us know if you are aware of additional resources we can add to this guide.
IFTAS intends to continue its relationships with INHOPE, NCMEC, Project Arachnid, Internet Watch Foundation and other organisations to advocate for the Fediverse, and to ensure these entities understand the network and have someone to talk to if they have questions.
To everyone who participated, asked to participate, or supported this project, thank you! We are extremely sad to have to end this project, but we have safeguarded the underlying codebase and – should the opportunity arise – we will restart with this or another resource to provide this service to any who need.
2077あれmacで動くんだ…
코드 리뷰 요정, CodeRabbit이 나타났다 🐰 https://tech.inflab.com/20250303-introduce-coderabbit/
코드래빗에 저렇게 프롬프트를 넣을 수 있는거구나.....
한국의 Clojure 생태계를 책임지는 슈퍼루키 트친도 영입하고 있는 중인데, 이 계정도 추천해야겠다. 아니, 근데.. 클로져리안 모아놓은 인스턴스도 있었네????
#FollowerPower #BuchSuche
Was ist (oder war?) die Edition Ausblick?
Gibt es sie noch?
Ich frage, weil ich gerne das Buch lesen möchte, es aber nirgends finden kann:
Dantes Inferno
Der große Klassiker in jungem Deutsch
übersetzt von Katharina Tiwald
Sie hat dazu einmal einen Podcast gemacht, ich möchte aber gerne das gebundene, illustrierte Buch haben. :)
燃え残った全てを燃やし尽くす必要がある
The IFTAS CCS project was a pilot project to provide CSAM detection and reporting for Mastodon servers. The bulk of the project ran for 26 weeks, and while we cannot afford to maintain the service any longer, the findings below can inform future projects. All numbers are rounded for readability.
CCS received posts from eight services with roughly 450,000 hosted user accounts, 30,000 active monthly.
Our participants represented a range of service sizes from <10 to >100,000 accounts, and a range of registration options (open registration, open subject to approval, invitation only).
During the pilot period, CCS received 3.9 million posts via webhook, or 23,000 per day. These posts represent messages that were authored by or interacted with by the participating services’ active users, leading to media being stored on the host service.
Just under 40% (1.55 million) of all posts received included one or more media attachments to classify, leading to 1.86 million media files to hash and match. Posts with no media were discarded by the service.
Of the 1.86 million files, small numbers were either unsupported formats (~2,000) or no longer available when CCS attempted to retrieve the media for classification (~1,600). An additional ~3,100 media files failed to download.
In total, of the 1.86 million media files sent to IFTAS for classification, 99.665% were hashed and matched.
The hash matcher flags media for human review if it finds a match, or a near match, and after review IFTAS filed 53 reports related to 80 media files with NCMEC. This works out to 4.29 matches per 100,000 media files. An additional number of media files that matched were beyond our human review expertise to adequately classify, and therefore we elected to not report these files.
All of the matched media and subsequent reports were of real human victims, none were fictional, drawn, or AI generated. We did not receive matches for “lolicon”.
We elected to match against a broad array of databases to ascertain their effectiveness, and we found that databases maintained by child hotline NGOs (e.g. NCMEC, Arachnid) were far more effective than databases available from commercial service providers. We saw a handful of false positives, and the vast majority of them came from commercial providers. If we had continued, we would have narrowed down the databases in use.
All matched media generated a notification to the affected service provider, and IFTAS performed any necessary media retention for law enforcement.
4.29 matches per 100,000 may not sound like a large number. However, to be clear, this is a higher number than many services would expect to see, and it includes a broad range of media, from “barely legal” minors posted publicly, to intimate imagery shared without consent, to the very, very worst media imaginable. In some cases, it was apparent that users were creating accounts on host services to transact or pre-sale media before moving to an encrypted platform, under the belief that Mastodon would not be able to detect the activity.
There are 1.6 billion posts on the ActivityPub network today, and if our numbers hold true, this means there are currently many tens of thousands of copies of known CSAM on the network, likely significantly more as our service adopters by definition do not include providers that are not inclined to mitigate this issue, and criminals looking for anonymous accounts are likely to target less-moderated services.
If IFTAS found it happening so brazenly on the first servers we happened to look at, no doubt this activity is still occurring on servers that have no such protections. Mastodon is – at its simplest – a form of free, anonymous web hosting. The direct messaging feature precludes moderators and administrators from being aware of illegal content (it will never be reported by potential customers), and only a hash and match system is able to find these media and flag them.
Not only does inadvertently hosting CSAM revictimise the children involved, it also serves as an attack vector for the service to be targeted by law enforcement. We are aware of several instances of CSAM being uploaded for the express purpose of causing moderator trauma or an immediate report to law enforcement, leading to a significant amount of legal issues. This is essentially a form of swatting; simply upload CSAM, report it to the authorities, sit back and watch the server get taken down and possible criminal charges for the administrator.
We ensured that all webhooks were disabled by the host services, and once all review and reporting was completed, we hard-deleted all remaining data on the service, excepting the metadata and media required to be held for one year for possible law enforcement action. The AWS environment was then dismantled, deleted, and removed from service.
All associated staff and consultants were removed from the relevant IT services, and IFTAS retains no data nor metadata from any of the activity other than the bare minimum required by law pertaining to the encrypted media stored for law enforcement.
Some observed services that were clearly unmoderated and/or willing to host this content to the degree that federating with them would generate legal concerns were added to the IFTAS DNI denylist.
We hope that Mastodon, Pixelfed, Lemmy and other platform developers will quickly implement safeguards within moderation dashboards to minimise moderator trauma.
Content moderators commonly experience trauma similar to those suffered by first responders. Even though the development team may have never reviewed traumatic content, the app or service will at some point deliver this traumatic content to users of the moderation workflow. When presenting reported content to a service provider or moderator:
If you are a service provider, lobby your web host or CDN provider to perform this service for you, and ask them if they have resources you can use.
Cloudflare offers a free service worldwide, if you are a Cloudflare customer, consider enabling this option.
If you are a web host that hosts a large number of Fediverse providers, consider adding this safeguard at the network level.
Tech Coalition has a program aimed at small and medium services called “Pathways“, and they are very interested to hear from Mastodon and other Fediverse service providers. While this does not offer detection, it does offer background, guidance, and access to experts. Sign up to explore these options, and to demonstrate a good faith effort to address this issue. The more providers they hear from, the more likely we are to get better options.
We are aware of noteworthy efforts to continue this work. @thisismissem is working on a prototype implementation of HMA, and Roost is exploring an open source solution for small and medium size services.
Consider following and monitoring https://mastodon.iftas.org/@sw_isac to receive alerts when services are confirmed to be sources of this content.
A range of services and resources that can help mitigate this issue are available on our CSAM Primer page in the IFTAS Connect Library. We will continue to research and share resources that can help mitigate this issue for service providers. Please let us know if you are aware of additional resources we can add to this guide.
IFTAS intends to continue its relationships with INHOPE, NCMEC, Project Arachnid, Internet Watch Foundation and other organisations to advocate for the Fediverse, and to ensure these entities understand the network and have someone to talk to if they have questions.
To everyone who participated, asked to participate, or supported this project, thank you! We are extremely sad to have to end this project, but we have safeguarded the underlying codebase and – should the opportunity arise – we will restart with this or another resource to provide this service to any who need.
Blasting Past WebP - An analysis of the NSO BLASTPASS iMessage exploit
Link: https://googleprojectzero.blogspot.com/2025/03/blasting-past-webp.html
Discussion: https://news.ycombinator.com/item?id=43493056
단독 尹 선고 늦어지자 피로 누적된 경찰... 숙박비만 13억 원
입력 2025.03.27 19:30
1월 초과근무 시간 기동대 1인 113시간
평일 기준 20~30개 지방청 기동대 상경
탄핵 이후 집회 계속… 尹 선고만 기다려
초과근무 수당 제한 없앴지만 '피로감' 우려 www.hankookilbo.com/News/Read/A2...
[단독] 尹 선고 늦어지자 피로 누적된 경찰... 숙박...
I'm kinda surprised the Ghost dashboard doesn't give you very basic stats about what content is being read/looked at / basic inbound traffic.
That seems more important than newsletter stuff?
Then again I often find myself at odds with creator stuff, so maybe I don't understand the platform well enough.
くろでん吸いたい定期
They Might Be Giants Flood EPK Promo (1990) [video]
Link: https://www.youtube.com/watch?v=C-tQSFQ-ESY
Discussion: https://news.ycombinator.com/item?id=43490173
Two queries for you, fedi friends #askfedi 
1) Do any of those "erase your data from the #Internet" tools the YouTube creators are always advertising actually help? I feel like the spam texts are getting oddly specific, and also I have talked my fair share of shit about the Cheeto-in-Charge online which is seeming more dangerous by the day
2) Also, I unfortunately used my real last name when I jumped on Mastodon. Is there any way to change screen name? I know I looked awhile back and the answer seemed to be no but thought I'd ask again 🙏
악 닌다까먹었어
와 버추얼 카드 시스템 넘 좋아서… 패밀리 블친끼리 모집해봐야지
I've been accepted as a speaker at 
@LASLinux Appp Summit (LAS) to talk about GNOME Circle. I was excited to travel to Albania and have my talk there but the Linux App Summit hasn't been answering any of my emails! Since I'm from Iran, I really need an Invitation Letter to be able to get my visa (e-visa) since Albania does not give visas to Iranians so easily, and it needs lots of paperwork (and also no embassy in Iran). I emailed LAS on 11th March...
#Albania #Linux #LinuxAppSummit #LAS #Gnome #Visa #GnomeCircle
Andy Piper
Hugo van Kemenade
@thx@mustard.blog
Glyph
유진🎀 
Emelia 👸🏻
洪 民憙 (Hong Minhee)
@
