Interesting spam/phish technique: Look for subdomains with CNAMEs or SPF records that point to abandoned domains that you can…

Interesting spam/phish technique: Look for subdomains with CNAMEs or SPF records that point to abandoned domains that you can then register…and effectively take control of the subdomain or SPF.

They haven’t seen any cases where it’s been used to host a phishing site at, say, an msn.com subdomain, but they’ve seen thousands of cases where it’s been used to pass email verification checks.

The article describing “SubdoMailing” gives a detailed example of a spam that made use of an msn.com subdomain that was used for a sweepstakes way back in in 2001 that used a CNAME pointing to the long-abandoned domain name for the contest, but the subdomain was never actually deleted.

Lesson: check your DNS for any dangling references to outside domains that might not exist anymore!

#

health

Looking forward to seeing my allergist so I can get a replacement asthma medication that my insurance still covers and get back to the base level of chronic coughing that I had before it ran out.

#

California Burclover…is native to the Mediterranean

I got an email today from a local conservation society that does both habitat restoration and recommendations for gardening with native plants. One of the non-native plants they mentioned was… “California Burclover.” Apparently it’s native to the Mediterranean. (No surprise that it grows well here!)

#plants #medicinalPlants #invasivePlants #California

#

Database

Every time my websites’ database server goes down, two things cross my mind:

– Would it be worth managing the server myself so I can at least troubleshoot it?
– Would it be worth migrating two decades’ worth of WordPress blog posts to a static site generator and just ditching the DB going forward?

OK, three:

– What changed that is causing the server to go down every couple of weeks instead of once a year?

Relevant: https://indieweb.org/database-antipattern

Something I’d be interested in that I can’t seem to find

Something I’d be interested in that I can’t seem to find:

A low-powered Linux laptop with an e-ink display, that I could use for long-form writing or coding.

What I’ve found so far are mostly either
– Tablets intended for note-taking (like the ReMarkable or BOOX’s various lines)
– Higher-end where the e-ink display is an extra (like Lenovo’s swivel designs where you rotate the display to use either an OLED or e-ink).

Some of the tablets do have keyboard cases, which would be better than just hooking up a random Bluetooth keyboard, but it doesn’t look like I can just install programs on them, except for the Android ones, which aren’t going to be ideal for things like coding or running build scripts or anything like that.

The closest I found was the Modos Paper Laptop, but seems to still be in the prototype phase.

Does this form factor exist yet? Am I just having trouble finding them because of the current state of search?

#laptops #notebooks #eink #epaper
#

I should add that I started looking because of the mention of the Linux-based, but still early in development PineNote in the latest Pine64 update:

https://fosstodon.org/@PINE64/112112723757342384

https://pine64.org/2024/03/17/march-update-making-waves/

Again it’s a tablet meant for handwritten note taking, but a general-purpose Linux distribution is going to be a lot more flexible
#

And this is where I can tell you it’s user error!

And this is where I can tell you it’s user error!

Apparently when I was testing block and unblock back when I set up the server, I managed to leave threads.net blocked.

I unblocked it, and now I can follow a user in the web interface via @user@threads.net, but not by their profile URL, which I guess is a peculiarity of Threads that it doesn’t return any actor information from that URL.

Thanks for checking in on this, and for, you know, building the thing!
#

This is interesting: In Snac, I can see a Threads

This is interesting: In Snac, I can see a Threads post boosted via a Mastodon account. It’s a post from a few days ago on the account I tried to follow earlier. And according to the timeline and API, I am following them from Snac. But they aren’t showing up on the list of people I follow.

This suggests that Snac is able to interact with Threads posts, and is able to follow Threads accounts, but runs into trouble retrieving Threads profiles.

Partial federation is a more interesting problem IMO than no federation, so now I really want to take a look at the logs!
#

Image Descriptions

Reply to a thread on image descriptions. Most recent post suggested including what it is and what it looks like.

I usually try to describe what I want the image to convey.

In the waxwing case I’d definitely describe the bird, and probably add that it’s perched on a bare twig in front of a wide expanse of clear blue sky, and maybe add that only the blurred shape of the moon breaks the background.

Trying to get the mood across, since it looks like it’s intended to be an artistic photo.

On the other hand, if I was posting only to demonstrate the appearance of the bird itself, I would probably have cropped it further and would only describe the bird itself.

So I guess I use a combination of what it is, how it looks, and what it means. # (not visible on web)

The hard part there, of course, being that not everyone is going to agree on what it means, even when the context is the same.

And even when it’s a purely informational image, I might not notice, or decide not to include, let’s say a detail in the feathers that seems inconsequential to me, but someone else is using that feather shape to identify members of two different populations of waxwings, or something like that.

I’ve run into similar issues with iNaturalist with just the images, even before descriptions come into play. For example, several times I’ve taken photos of a plant, and when I posted them it turned out that the only way to tell which of two related species it is, is to look at a pattern on the lower part of the stem, or the bottom of the leaves, or some part I didn’t think to take a photo of in the first place!

Google Photos app on Android doesn’t offer a way to mass-download

Apparently the Google Photos app on Android doesn’t offer a way to mass-download a bunch of photos to the local device (which you might want to do for, just to pull an example out of thin air, taking GPS-tagged photos with your phone for reference while walking around a park and then saving them to a tablet where you can use an OpenStreetMap editing app that will show GPS-tagged photos on the local device on the map you’re editing).

You can download local copies individually.

You can remove the local copies of a selected group.

For this batch I just downloaded them one at a time. It took less than a minute. For bigger batches, though?

Huh… I bet Nextcloud has a download-a-bunch-at-once option.
#

I should also look into desktop OSM editors that’ll show GPS-tagged images. It wouldn’t surprise me if JOSM could do it.

Now I wonder if I can run Vespucci on Waydroid and copy photos to someplace it can access…

Whatever. Something to dig into after work, not just during a break.
#

Re: trying to get away from using Google Photos

Same. It’s very good at pulling your data in!

I keep meaning to look into something that would work as a complete replacement, but so far I just have Nextcloud auto-uploading to S3 storage at Linode. That way I at least have an offsite/online copy I can get at through the app, web interface and DAV mounts. I think link-based sharing should work with the S3 backend. Something to test.

The main problem I have is that there isn’t a good way to sync deletes AFAIK. So every so often I have to go into those folders and clear out a bunch of temporary photos I already deleted from my phone and Google.
#