the los angeles metro 2040 plan is a beautiful vision of a future that we can have, if we build it

@djsundog @rabcyr It'd largely depend on your OS/distro though since Masto's shelling out.

@sungo @rabcyr I just ran the ImageTragick PoC test suite from on the toot-lab server, reports safe:

sundog@toot-lab:~/repos/PoCs$ ./
testing read

testing delete

testing http with local port: 33517

testing http with nonce: a5de7659

testing rce1

testing rce2

testing MSL

I could use some extra eyes on some Masto code that is striking me as a security concern.

Look at which is a log snippet

From what I can see, every time masto gets a file, incl profile images and headers from federated instances, it shells out to imagemagick to resize and convert it.

Part of that is here

Given this seems ... bad

do the people complaining about mastodon admins being able to view your private messages realize that
twitter can do that too and they're literally partnered with a service named "dataminr"

honestly thought? turntable.mastodon. That needs to be a thing.

The Bill of Rights at the Border: Fourth Amendment Limits on Searching Your Data and Devices -

gonna create an instance of mastodon where the default avatar is an alien, likes are called "florps", and the timeline goes sideways


I'm a PhD student in Computational Social Science. Have been involved in/am interested in public policy, w/ background in defense and military issues. These days increasingly interested in computation and impact on society writ large.

Cyber-Clausewitz avi sort of mixture of "old" and "new" me even if both always interests I've had. I'll toot about mixture of natsec, tech, and cultural topics. And of course Harambe (RIP).

Wait, this isn't the fan site for the heavy metal band Mastadon?

I did a gamedev thing today

and enjoyed it ❤❤❤

A good way to get the most mileage out of Mastodon is to continue to use other social media while tooting here, and seeing what features this place has you find you really miss off-site. Being able to default to "not public to the entire universe" for my posts was a godsend, as is stuff like the CW toggles and NSFW image blockeroo!

I have my list of Possible Changes but it's way, way less than certain other sites I could name. isn't blocked in China! No VPN needed- sweeeeeeet:dancers:

I've made some improvements to my #Fediverse history post. Thanks to @clacke for the corrections, keep 'em coming!

I spent most of the day writing quasi-#introduction to mastodon - exploring how I relate to the platform and key details that I wish someone had shared with me.

Props to @b_cavello's and their artwork which helped give me hope this platform will be a great place to create - I've been lacking that on twitter for a few months now.

Thank you @Gargron helping give so many people hope back and introducing us to the fediverse.

“Obviously it’d be hard for me to pay the bills if literally everyone decided to use the instance only.” :joy: oops

Show older

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!