Yeah, it’s dangerous for a community to tolerate and adopt closed-source software. We should have done a better job pressuring them to license it openly.

The OSM wiki pointed me to Maperitive first, but I wish it pointed me to qgis first. We should probably edit the wiki with a huge warning banner that the code is closed, the app is full of bugs, and that it is not (and can not be) updated.

Edit: I took my own advice and added a big red box to the top of the article warning the user and pointing them to QGIS instead.

Edit 2: Do we have any way to know when the latest version of Maperitive (v2.4.3) was released? Usually I’d check the git repo, but…

Edit 3: stat on the Maperitive-latest.zip file says that it’s last modified 2018-02-27 17:25:07, so it’s at least 6 years old.

Can you mention this in your article?

Personally I wouldn’t run a lemmy instance because of this (and also many other concerns)

I recommend [a] letting the lemmy devs know (eg on GitHub) that this issue is preventing you from running a lemmy instance and [b] donating to alternative projects that actually care about data privacy rights.

The fines usually are a percent of revenue or millions of Euros, whichever is higher.

So if your revenue is 0 EUR then they can fine you the millions of Euros instead. The point of the “percent of revenue” alternative was for larger corporations that can get fined tens or hundreds of millions of Euros (or, as it happened to Meta, in some cases – billions of Euros for a single GDPR violation).

The fines usually are a percent of revenue or millions of Euros, whichever is higher.

So if your revenue is 0 EUR then they can fine you the millions of Euros instead. The point of the “percent of revenue” alternative was for larger corporations that can get fined tens or hundreds of millions of Euros (or, as it happened to Meta, in some cases – billions of Euros for a single GDPR violation).

That would be true if their instance wasn’t federating. If the instance is federating, then it’s downloading content from other users, even if the user isn’t registered on the instance. And that content is publicly available.

So if someone discovers their content on their instance and sends them a GDPR request (eg Erasure), then they are legally required to process it.

It’s definitely not impossible to contact all instances; it’s a finite list. But we should have a tool to make this easier. Something that can take a given username or post, do a search, find out all the instances that it federated-to, get the contact for all of those instances, and then send-out a formal “GDPR Erasure Request” to all of the relevant admins.

Did you read the article and the feedback that you’ve received from your other users?

Any FOSS platform has capacity issues. I run my own FOSS projects with zero grant funds and where I’m the only developer. I understand this issue.

What we’re talking about here is prioritization. My point is that you should not prioritize “new features” when existing features are a legal, moral, and grave financial risk to your community. And this isn’t just “my priority” – it’s clearly been shown that this is the desired priority of your community.

Please prioritize your GDPR issues.

Very nice. Unfortunately it doesn’t look like Boost is available on F-Droid.

Fortunately, in my case, my image was “orphaned” and never actually attached to a post or comment, so it wouldn’t have federated.

If the image has already federated then that’s a whole next level problem :(

Unfortunately, the Lemmy devs literally said it would take years to fix this issue. If you think this should be a priority for them, please advocate for them to prioritize it on GitHub:

• https://github.com/LemmyNet/lemmy/issues/4433

Hi, unfortunate author here 😅

The issue happened in Jerboa. I opened a few tickets in the Jerboa app’s GitHub to address this:

• jerboa #1361: UI for deleting uploaded files
• jerboa #1362: Setting to hide "upload media" button
• jerboa #1363: Add "confirm upload" step to UX

Can you please tell us which Lemmy client apps you use that store the delete token and have a UI to delete uploaded images?

You associate everything that can be bought with cryptocurrency as a scam? It sounds like you haven’t even read the post. I spent a lot of time making it easily accessible here on Lemmy. You don’t even have to click the link. Just scroll-up and read :)

Yes, it’s clearly disclosed in my profile that I am the founder of the BusKill project.

This is a PSA that our sale has started. I’ve had inquiries from members of our community asking about Black Friday sales.

10% off is barely any discount anyway.

Sorry, we’re a very small open-source shop. I’ve paid myself nothing so-far. The price just barely breaks-even for the business.

All of this is explained in-detail in “The Finances” section here.

Prices would drop dramatically if we could do production runs (and actually sell) >10,000 units at a time. Currently we only sell a few cables per month. If you want to help, please tell all your security-conscious friends about BusKill :)

How exactly did you come to the conclusion that this is a scam? We’re a fully open-source hardware & software project that’s been around for a few years. If you don’t want to buy from us, we go out of our way to help users build their own 3D-printed BusKill cables (currently in prototype stage).

• https://www.buskill.in/tag/3d-printing/

Our software is free as in speech and free as in beer under the CC BY-SA and GNU GPL licenses.

• https://github.com/buskill/buskill-app

Hi, this is not spam but a useful PSA that’s full of information, not just about the sale.

BusKill is useful for many groups, including human rights defenders, activists, journalists, whistleblowers, etc. You can read more about the use-cases of our community at our documentation here:

• https://docs.buskill.in/buskill-app/en/stable/introduction/what.html#who-uses-buskill

Yes, BusKill works with any USB drive.

• https://github.com/buskill/buskill-app

In fact, the BusKill cable is just a USB Drive. The only thing “fancy” that it has is a magnetic coupler in the middle of the 1-meter cable so that it will breakaway at any angle. But, if you’d like, you can build your own. The instructions are here:

• https://docs.buskill.in/buskill-app/en/stable/hardware_dev/bom.html

It’s run by the folks at dys2p.

Besides running ProxyStore in Leipzig, they have published some pretty great articles:

• Random Mosaic – Detecting unauthorized physical access with beans, lentils and colored rice
• Revealing Traces in printouts and scans
• On the security of the Linux disk encryption LUKS

You can follow them on Mastodon here https://chaos.social/@dys2p

Yes BusKill works similarly – any USB drive can use the BusKill software

• https://github.com/buskill/buskill-app

The BusKill cable is just nice because it includes a magnetic breakaway, so it works when the laptop is snatched-away at any angle. There’s actually a ton of anti-forensics software like usbkill and BusKill; we enumerate them all on our documentation’s Similar Projects section

• https://docs.buskill.in/buskill-app/en/stable/attribution.html#similar-projects

You may want to check ^ it out :)

I made a video of this (demo in Windows, MacOS, Linux, TAILS, and QubesOS) with the old DIY model here (sorry for the terrible audio quality)

• https://www.buskill.in/demo-2/

We’re currently working on an updated video with someone who is much better at video production than me; it should be finished in early 2024.