nil!
@baris@community.nodebb.org  ·  activity timestamp 2 weeks ago

⁂ Article

Security Release: NodeBB v2.8.19, v3.12.6, v4.4.3

We have released NodeBB versions v2.8.19, v3.12.6, and v4.4.3 to address a security issue involving a potential XSS vector.

If you discover a vulnerability, please report it responsibly via our bug bounty program.

As mentioned before, we are going to support 2.x up to August 2025.
Jack of all trades
@jackofalltrades@mas.to  ·  activity timestamp 4 weeks ago

"""
Trade association Green Power Denmark had found unexplained electronic components in imported circuit boards destined for the country's energy infrastructure.

Cybersecurity of modern energy systems is a growing concern.

Earlier this month, Reuters reported that unexplained communication devices had been found inside some Chinese-made inverter devices in the United States.
"""

https://www.pv-magazine.com/2025/05/23/solarpower-europe-calls-for-tough-cyber-rules-following-danish-import-probe/

#solar #renewables#EnergyTransition #security
aaron
@fireborn@dragonscave.space  ·  activity timestamp last month

GrapheneOS: Where Licenses Matter More Than People

GrapheneOS could have shipped real accessibility support. They had a screen reader. They had a libre speech engine — one they requested a feature from. They got that feature.

And then they said no.
Because the license was GPLv3.

They’ll ship sandboxed Google Play Services.
They’ll let you install GPLv3 software from their app store.
But a working screen reader for blind users?
Blocked. On principle.

This isn’t a technical limitation.
This is not a matter of priorities.
This is cruelty by ideology — and they’re proud of it.

So here it is. My full public dissection of the excuses, the hypocrisy, and the sheer contempt they’ve shown to the people who need privacy and security most: the disabled.

They chose licensing purity over basic humanity.
I chose to write this.

https://fireborn.mataroa.blog/blog/grapheneos-where-licenses-matter-more-than-people/

#GrapheneOS#Accessibility #FOSS#Blind#DisabilityTech#Inclusion#GPLv3 #espeak #a11y#Security#FreeSoftware#DisabilityRights#Android#Rant#TechShame

update: If you are using this post as some kind of call-to-action to harass and attack the GOS developers, please don't.

That damages everyone. You, them, and myself. It's not helpful.
blainsmith
@blainsmith@snac.rblgk.sh  ·  activity timestamp 2 months ago

Finally kicked off the development phase of this short IoT contract at @limeleaf@social.coop . I'm mainly building out the cloud service to show device inventory, their state, and data upload flow. I also get to advise the implementation of the embedded side from a security perspective.

I've built this a few times before on top of AWS IoT which is why we got the contract. Methinks we should advertise this skill more.

#IoT #GoLang #Security #mTLS #Embedded