Malcolm Gin ☵ is a user on octodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Malcolm Gin ☵ @perigee@octodon.social

I'm tempted to write a book of "magical" recipes of social justice situations/discussions that you can start in order to summon certain types of self-righteous white/privileged people. But I feel like it would fly over the heads of the folks who most need to be impacted by the satire.

Nice!!! The updated Mastodon iPhone app "Amaroq" can now translate any Mastodon post on the fly! (Pushes the post to google translate.) - Other great updates as well!
mastodon.cloud/media/SEbqvm30s

Hey you Show more

Currently in discussion with many social justice activists of my acquaintance on FB where we are framing racism and other prejudices as, simply, abuse. Framing prejudice as abuse and the privileged and defenders of the unjust as abusers seems to be making a lot of headway in forging understanding with yet another cohort of the endless flow of privileged folks.

Finishing up an epic day of shopping. Costco, then BevMo!, then IKEA with a visit to the local Cambodian place (in Emeryville Public Market) for to go, which we will take home to enjoy and then not leave the house until (possibly) tomorrow.

DigitalOcean and Linode are great, but far from cheap. The minimal ELK instance for example requires 4GB RAM, that's 20$ and 40$/month for those two.
That's also what I'm spending on Octodon's 5 servers now (and they have 4GB RAM each). @me @PLA

Setting up to sharpen a friend's slicing knife, I'm soaking two Japanese stones, and setting up the bar mat to catch all the water I'm about to throw around. Should I tighten up some of our duller knives? By duller I mean not razor. Not dull by normal people's standards. :)

... We have floors in our living room and dining room especially that we got a hot water upright cleaner to clean, but we'd also like to refresh the original polish, if this is possible and not too scammy. Any thoughts?

Does anyone with hardwood floors have experience using hardwood floor reconditioning products? It looks like an industry/market segment rife with exploitative pricing and unrealistic reviews. I found an article about the Rejuvenate brand that seems happy with it, but the article also features an Amazon affiliate link, so I'm not sure about it, even though it seems like a side-business. An aspect of the product that speaks negatively about it for me is "As Seen on TV". ...

I forgot to check out possibly registering at witches.town (today, 11 AM my time). But TBH, my connection to witching is kind of low. But my connection to the actual purpose of the community is pretty strong. Oh well. Maybe another day.

As a deep housecleaning aside, it's amazing how the glare from real sunlight (which follows cleaning the front windows and taking our white curtains out of the front window in prep to replace with sheers) highlights my need to clean my laptop's screen. It really is true that once you start cleaning something it makes everything else look dingy, so of course you have to clean everything else.

Just received and assembled the Hoover MAX Extract All-Terrain "steam" cleaner (actually a hot water cleaner) for both our hardwood and carpets (in prep for the deep clean in prep for Dad's memorial open house). I can totally see how it leaks for many/most users. Putting the cleaning solution tank into the rig is completely friction fit and not very foolproof. Have yet to actually supply it with water and try it, but I'm game. It doesn't look that hard.

My conventional normal Chrome just updated itself to 58.0.3029.81 (I had to go to the About page, let it update, and restart). 58.0.3029.81 appears not to be vulnerable to the issue.

FWIW, Mozilla Seamonkey is to Firefox as Chromium is to Google Chrome (open source spinoffs).

A friend of mine reports that Mozilla Seamonkey responds well to the Firefox fix to disable punycode (found in the article I posted in the OP).

Also, the profusion of Google Safe Browsing and other safe browsing extensions make it impossible to predict what any individual's Chrome install is going to do with the testing URL. Best to test and then take measures to fix if you see it as "apple.com/" in whatever is your favorite browser.

... (according to Slashdot, Chrome/Chromium v. 59 handles this and I looked it up; it's due by early June, but according to Google's IDN documentation, it's fixed in 58, which is due at the end of April).

Honestly if you use Chrome, I wouldn't recommend assuming you're safe. Perhaps try Chrome Canary, or use Firefox (after you fix its settings) or Safari until this blows over. And/or avoid unreliable sites with shitty or no security.

It looks like the test URL I posted earlier can show up as invalid in some versions of Chrome and also in Safari. Because of how Chrome updating works, as well as how Google Safe Browsing works, it's hard to tell which versions and configurations of Chrome will show the problem URL and which ones won't. My guess is that Google is busting ass to make sure all known tester URLs are handled by Google Safe Browsing and thinking about accelerating their update schedule ...

Note: Safari will show the attack URL as invalid or invalid.invalid. That's good. It looks like Safari isn't vulnerable because it doesn't support punycode. Chrome and Firefox are vulnerable because they do. I think the fix here is to fix punycode, but I don't know enough about the internals of this exploit to be totally sure.

Here's a tester for the new punycode phishing attack: xn--80ak6aa92e.com/

If your browser takes you to an SSL-secured site that it shows you as apple.com/

then your browser has problems.

More info: thehackernews.com/2017/04/unic

Article has instructions on fixing in Firefox. I tested in Chrome Canary (Chrome v 60) and it's fixed there too.