Notices by Mike Gerwitz (mikegerwitz@social.mikegerwitz.com), page 18
-
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Sunday, 10-Sep-2017 00:08:28 EDT 
Mike Gerwitz
@maltimore GitHub has had a very positive effect for open source. For free software, it's a bit more complicated---the ease of collaboration comes at an expense that is not just antithetical, but actively works _against_ the goals of the free software movement. And here we now have a situation where one can assume by default (and usually be correct) that a given project is on GitHub, which is hostile toward software freedom while being host to more free software than any site/organization in the world.
https://mikegerwitz.com/about/githubbub
Until recently, they made virtually no mention of software licensing; the consequence is that huge numbers of projects on GitHub are proprietary because they carry no license at all. I don't know if they emphasize choosing a license now or not. I know some changes have been made.
I have nothing against the _idea_ of GitHub---GitLab is a suitable replacement there. There are just changes that need to be made, and changes we in the free software community _want_ them to make. I and many others, including rms, have reached out to them. We need broader community interest and pressure. Avoiding GitHub unfortunately isn't a practical option. -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Saturday, 09-Sep-2017 10:30:34 EDT
Mike Gerwitz
@desaknight Are you referring to GitHub or GitLab? -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Saturday, 09-Sep-2017 01:19:48 EDT
Mike Gerwitz
I can't speak to Gogs. I worked with #GitLab shortly after they acquired Gitorious to ensure that all JS on GitLab.com was free/libre, even though they use EE:
https://about.gitlab.com/2015/05/20/gitlab-gitorious-free-software/ -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Saturday, 09-Sep-2017 00:58:35 EDT
Mike Gerwitz
#GitHub is a plague. You can't fork without non-free JS. You can't send pull requests without non-free JS. And now I find you also can't attach files without non-free JS to comments.
I made a fix to a Minetest mod for my son so it'd stop crashing the server, and I have no more time to devote to getting around this bs. I wanted to send a ~3-line patch. I ended up opening an issue and putting the diff in the body of the comment.
People advocate GitHub to make collaboration easier. Well, I just spent orders of magnitude longer trying to send the person a patch than I did debugging and fixing the issue in the mod. -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Monday, 04-Sep-2017 00:28:32 EDT
Mike Gerwitz
@mangeurdenuage Interesting, I wouldn't have considered that. Thanks for the suggestion. -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Monday, 04-Sep-2017 00:11:30 EDT
Mike Gerwitz
@mangeurdenuage I was actually able to test creating an account without JS a few months ago, and I'm pretty sure I got through. Had to disable CSS to show all form fields and modify the HTML to remove validation attributes on payment fields.
And who says they're not free software friendly.
I haven't explored GitHub recently. Some information is listed on the GNU ethical repo criteria, and I have my correspondence with them from years back where they said they weren't interested in liberating the JS. Things have only gotten worse since then:
https://www.gnu.org/software/repo-criteria-evaluation.html
https://mikegerwitz.com/about/githubbub -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Monday, 04-Sep-2017 00:04:44 EDT
Mike Gerwitz
Was going to recycle an old Dell laptop I scavenged from work a while back because I thought the motherboard was shot (from its diagnostic beeps and non-booting). My soon-to-be-6yo son was playing around with it for an hour, and then I hear a "hey Daddy look what it's doing", and it friggin' POST'd. And I could get into the BIOS. And then I was able to boot into GNU/Linux.
Must have either needed a good charge or it may have been the CD-ROM drive, since he was playing with it. Idk what other hardware he could have somehow coerced.
Show-off. But he earned himself his own laptop, I guess. -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Monday, 04-Sep-2017 00:01:39 EDT
Mike Gerwitz
@cwebber @kitredgrave (I can't see this thread, except for Chris's post)
I feel like I should be on a rehab commercial for Org mode: it has brought order to chaos in my life. Does have a learning curve, but I'm learning more each month.
With that said, the order reveals exactly how much chaos there actually is in my life, which was kinda masked by all the chaos. -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Saturday, 02-Sep-2017 00:10:25 EDT
Mike Gerwitz
On a related note, with WoT discussions going on elsewhere: wide distribution of your key fingerprint and signature on many hundreds of documents (e.g. email, git commits, ...) can be one means of informally authenticating an individual when they're not in your web of trust and you have no means of securely retrieving a public key.
If a malicious GNU mirror replaced an ease.js tarball and signed it with a key that looks to be mine, and you just downloaded that public key, that'd be useless. But I love to ramble about lots of stuff online, so you can dig into mail archives and see the same key used over and over and see that the other is a forgery.
It's not a substitute for proper keysigning in a web of trust, of course. I might not actually be Mike Gerwitz. He's locked in my basement. -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Saturday, 02-Sep-2017 00:05:24 EDT
Mike Gerwitz
Just hit 1500 signatures on my Nitrokey. Sign all the things! -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Friday, 01-Sep-2017 23:28:47 EDT
Mike Gerwitz
@dthompson Based on the anime? I didn't know there was a movie. I don't watch much of anything anymore, but that was one of my favorites when I was a kid.
Sad to hear that it sucks, if it's based on that! -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Thursday, 31-Aug-2017 22:44:59 EDT
Mike Gerwitz
Nothing like taking out my contacts so my eyeballs can breathe, sitting down with some hot coffee and my pens, and marking up a freshly printed copy of #R⁷RS. -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Sunday, 27-Aug-2017 23:49:02 EDT
Mike Gerwitz
@mangeurdenuage I haven't---I forgot that this existed! Thanks for the suggestion; I'll definitely give this a try and see how things go over the next few weeks. -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Sunday, 27-Aug-2017 23:12:00 EDT
Mike Gerwitz
@nc @cbowdon I use Google when DuckDuckGo does not give me results that I'm expecting and know to exist. That is unfortunately rather frequent.
I have ethical objections to Google from a privacy perspective, but I mitigate that, and until this point, I could use their service both anonymously and without proprietary software. Now I have to hope that changing Tor nodes will eventually get me results, otherwise I'm SOL. -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Sunday, 27-Aug-2017 22:56:39 EDT
Mike Gerwitz
I was very disappointed not to see the source code for SkiFree here:
https://ski.ihoc.net/
But I still had to link it, because this game still brings back anxiety and that feeling of extreme nervous anticipation that haunts a child waiting to be eaten by an abominable snowman as he otherwise tries to ski down a damn slope! I was ~5--6yo back then. My son is turning 6 in less than a month. Fascinating perspective. -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Saturday, 26-Aug-2017 23:33:50 EDT
Mike Gerwitz
I noticed that #Google's CAPTCHA that I frequently receive via Tor (for Google searches, that is) no longer serves a static image---it seems to require JavaScript.
This means that, unless I happen to use a Tor node that isn't being flagged by Google, I'm effectively unable to use Google. Wow.
Has anyone else noticed this? CloudFlare CAPTCHAs (so, reCAPTCHAs) are still accessible without JS; Google search always used something different. -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Saturday, 26-Aug-2017 23:11:46 EDT
Mike Gerwitz
AccuWeather iPhone app still leaks geolocation data to advertising company:
https://social.mikegerwitz.com/url/27828
Until proper privacy laws are passed to strongly discourage this sort of behavior, this will keep happening. This isn't a free vs. non-free software argument: free software can spy on you too.
#privacy #spying -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Thursday, 24-Aug-2017 01:34:41 EDT
Mike Gerwitz
Some prices on exploits from Zerodium:
https://social.mikegerwitz.com/url/27677
Brokering exploits is extremely harmful and dangerous, because it makes everyone less safe. We've seen it backfire for government entities and private entities alike (e.g. WannaCry/Petya spawned from NSA exploits leaked by Shadow Brokers).
The article mentions NSO Group targeting human rights activist Ahmed Mansoor, which I had strong words for back then:
https://social.mikegerwitz.com/url/7447
#security -
Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Thursday, 08-Dec-2016 22:27:06 EST
Mike Gerwitz
Ordered my flight tickets for !LibrePlanet 2017 last night!
...if only that were the expensive part. Cambridge hotels are friggin' expensive. I'll deal with that later.
All Jonkman Microblog content and data are available under the