• Love Letter (1995)
  • Three Seasons (1999)
  • The Fountain (2006)
  • Akira (1988)
  • The Last of the Mohicans (1992)
  • The Secret Garden (1993)
  • Apocalypto (2007)

Heard one of the prowling cats in our unit complex jump up on our screen door, and shood it away. This is what it was after. Biggest stick insect I've ever seen. Banana for comparison, as is tradition. Hopefully the damn cat doesn't come back.

back to bingeing . is more amazing with each listen. i missed for some reason. making up for that now.

managed to get running under on my laptop. started playing in ultra graphics setting in 1080p, all going fine, but all of a sudden the laptop's fans started absolutely screaming and ubuntu helpfully auto shut down. seems i will need a laptop cooler for cyberpunk shenanigans.

Which look to go for next ...

What I would like is something like @dev@microblog.pub for publishing posts, but a single-user instance of for interaction. Microblog's interaction tools are still quite cumbersome. I think I'm going to try to cobble together an enabled WordPress instance and hang a Mastodon instance off a subdomain. It appears one can provide a WEB_DOMAIN env var to Mastodon (https://docs.joinmastodon.org/admin/config/#web_domain) to alias it to a different domain to is primary domain, but I still have to work out how all the webfinger verification shenanigans work.

I've started divesting myself from all the trappings of my association as web administrator of Brisbane Bushwalkers club. managed to remove myself from all admin accounts (Facebook, Instagram etc) over the weekend, and have withdrawn a quote for redevelopment of the website as I was actually dreading having it accepted. I'm winding down all my freelance work for that reason. If anyone knows a developer who would be willing to upgrade a Drupal 7 membership website (about 800 members) to Drupal 10, give me a shout so I can refer them on. Still supporting the website for a while but not doing any ongoing development.

our toaster blew up a few weeks ago, and since, i have been using our sandwich press to make toast.

Today was a bit bright for photos but I did try. Some pretty blown highlights in this but what can you do. Twin Falls, National Park.

Yes, , I am indeed.

Attempting to remove myself as an admin of some Facebook pages. I have yet to successfully navigate its labyrinthine hellscape of a management console in order to do so. I am not even listed as an admin of one of the pages, and lo, there I am, administering it.

I think I'm done with freelancing while holding down a day job. Stress levels need managing.

Shaun's avatar Shaun shared 1 year, 3 months ago

I've seen things you people wouldn't believe. @Horse_ebooks on fire off the timeline of @DevonCow. I watched @Stevemartintogo glitter in the dark near the Covfefe tweet. All those moments will be lost in time, like tears in rain.

A crab spider found in our garden, perched on a paper daisy. I think it is a White Crab Spider (Thomisus spectabilis).

Shaun's avatar Shaun shared 1 year, 3 months ago

The latest Mastodon update lets you follow hashtags. When you follow, posts with a tag appear in your timeline automatically.

Try following #Gardening to make posts about gardening appear in your timeline.

This can be REALLY useful for discovering interesting accounts.

To follow a hashtag:
1. Log in through your server's website
2. Search for hashtag
3. Click it to see its results
4. Click on 👤+ icon in top right (click again to unfollow)

Posts from followed tags are visible in the apps too.

Shaun's avatar Shaun shared 1 year, 3 months ago

And there it is a view of Earth not seen for 50 years.#Artemis #MoonMission

Shaun's avatar Shaun shared 1 year, 3 months ago

Y’all, if you’re getting frustrated you’re not seeing the content you want to like news or intel you need on Mastodon, you really need to shift your thinking from algorithmic social media. Follower counts don’t matter much here. Likes do not matter to post reach. Without your interaction, you will just see a live FIFO firehose. Some quick fixes:

Hashtag your posts liberally and consistently, and follow key hashtags of interest to you. Hashtags matter a ton here to being seen.

Follow and also alert on accounts you always want to see content from.

Consider using the built in RSS feature for your feeds and for specific hashtags.

Consider switching to the more advanced UI in your preferences, so you can watch multiple filtered and unfiltered feeds. Or a different mobile app.

Use Fedifinder to follow all the accounts you followed on Twitter, and sync up your follow and block lists.

Avail yourself of the multiple public lists of hundreds of journalist accounts on Mastodon.


Shaun's avatar Shaun shared 1 year, 3 months ago

Lol, when a bunch of hackers migrate to new services, they tend to kick the tires a bit 😂​.

Here, some hackers found a way to steal Mastodon passwords by manipulating the way Mastodon allows (and sidestepping the way Mastodon protects) HTML imbedded into posts.

It also highlights the ways that third party plugins (here Glitch, found on the Mastodon server infosec(dot)exchange and others) introduce interesting attack vectors that core maintainers don't initially control (thoughts go out to Wordpress).

The hackers then reported the issues to the Mastodon team and the Glitch team so they could issue security patches.

Big shoutout for finding/reporting the vuln:

Kudos to the Mastodon & Glitch teams for coordinating and issuing a timely security patch.

I expect we'll see a lot of more of these initially (this is good, means the website is getting more secure).


  • Users: Consider changing your Mastodon password. Implement Multi-Factor Authentication.
  • Admins: Update to the latest Mastodon version. Update any plugins as well.

Full writeup here: https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp

#infosec #WebAppPentesting #hacking #BugHunting