I'm sure @leo is hearing this everywhere, but looks like there's a 0-day in a font-rendering library, and it's currently in use for specific targets. As always, be very careful about attachments, but for now, also disable the preview pane in Windows Explorer.

Additional mitigations if you're at risk:
portal.msrc.microsoft.com/en-u

Looking forward to SN tomorrow. "Interpreters are hard." :steve:

"Windows code-execution zeroday is under active exploit, Microsoft warns

There's no patch available now. Here's what to do until Microsoft issues one."

arstechnica.com/information-te #infosec

Is there a good tutorial out there for getting started with the Pico CMS add-on to Nextcloud? Usually the Nextcloud add-ons are intuitive but I can't seem to get custom themeing/templating/plugins/content going

Whats the best way to play boardgames online with friends?

Call for help: In order to talk to my grandma I need an extremely simple device on which video calls run and which, after being switched on, immediately dials into a excising #Jitsi room. Is there such a thing? Has anyone ever built / flashed something like this ? Challenge: It has to be really easy to use for a non technical person, without any help. RTs are welcome! #followerpower

@z428 Funny you should ask :) - we use BigBlueButton & Jitsi Meet, Rocket.Chat, NextCloud + OnlyOffice, and Mailcow - I just wrote this up for people's reference : ) - tech.oeru.org/working-home

I cut my own hair the other day, because: social distancing.

After observing responses to my bad haircut, here's what I have to say for myself.
Closed/WontFix: This is a novel feature, not a bug. Product "Social Distancing Haircut" working as intended.

I would not use it simply because it's Google, but it's hard to beat free and without port forwarding. Alternative product recommendation: 

Show thread

I would not use it simply because it's Google, but it's hard to beat free and without port forwarding. Alternative product recommendation: 

I recently turned on DoH in Firefox, but then I read someone's privacy concerns about using cloudflare and had second thoughts.
I switched to NextDNS as the DoH servers in Firefox. Are there any problems NextDNS? can they be trusted?

Bruce Schneier has signed on to TBL's "Solid" distributed self-host-capable social media platform company, Inrupt.

This was one of the more interesting (though not yet ready for prime-time) options we looked at in the #Plexodus G+ shutdown migration.

HN discussion:
news.ycombinator.com/item?id=2

Reddit:
old.reddit.com/r/plexodus/dupl

schneier.com/blog/archives/202

#socialMedia #distributedNetworks #Federation #BruceSchneier #TimBernersLee #SolidProtocol #Inrupt

My mom wants a smart door bell. I don't think I can talk her down to just getting a doorbell w a PA system, bc she wants to be able to check who is at the door with her phone.

Is there a way to set this up without amazon and google as the middleman who sells your consumer data and rats out to the police w/o your knowledge?

OpenPush - A Free, #Decentralized Push Messaging Framework for #Android

"Push messages are an essential part of connected mobile devices. They are also one of the critical missing pieces in the #opensource Android ecosystem. Until now, free Android apps would either need to implement their own push notification system, do without any push messaging or use the proprietary Google Cloud Messaging service."

f-droid.org/en/2020/02/03/open

TWiT.social

A Mastodon instance dedicated to TWiT listeners. Think of a Twitter just for geeks, sharing content with other Mastodon servers all over the world. If you're a TWiT fan, consider this your home! Our TWiT Forums live at TWiT Community. Post conversation starters there. TWiT.social is for quick thoughts, fun pictures, and other ephemera. Keep it clean, keep it friendly. Looking forward to your Toots!