Gianmarco Gargiulo Mastodon Bridge

Double the updates! Our mobile beta is now available on Github for Android users, AND, we are excited to launch Fluxer v2! fluxer.app/blog/mobile-... Mobile clients and Fluxer v2 |...

I bet this will improve Synapse's reliability /s

HERE WE GO! @stopkillinggames.bsky.social@bsky.brid.gy seems unstoppable now! Despite the constant misrepresentation from industry lobbyists, the demands from the movement have a high chance of leading to actual protection legislation. The latest update: The decision is being made on ...

Piccadilly Circus, London. Keir Starmer now demands state spyware on every mobile device, always watching the screen, scanning everything, looking for things the government disapproves of.

The Arch Linux AUR had over 400 packages compromised with malware https://www.gamingonlinux.com/2026/06/the-arch-linux-aur-had-over-400-packages-compromised-with-malware/ #Linux #ArchLinux #Security

#IntelligenzaArtificiale alla polizia, il Governo approva i decreti. #Piantedosi: “Non sarà un Grande Fratello”. Il Consiglio dei ministri ha approvato in esame preliminare due decreti legislativi per adeguare la normativa italiana ai regolamenti europei. Uno dei passaggi riguarda l’uso dei sistemi di #AI da parte delle forze di polizia per attività di videosorveglianza, riconoscimento facciale e trattamento di dati biometrici collegati all’identificazione. @tecnologia https://www.greenme.it/scienza-e-tecnologia/social-e-web/intelligenza-artificiale-alla-polizia-il-governo-approva-i-decreti-piantedosi-non-sara-un-grande-fratello/

...'s a live link to the actual malware. do not install that). they were all orphan takeovers. as far as i can tell, all of the ones i linked have been reverted to known safe versions. including alvr. this is an infostealer, meaning it exfiltrates sensitive data from your system such as login credentials. removing the malware will not undo the damage. moreover, uninstalling the malicious package will not remove the malware because it persists as a systemd service that stays on your system indefinitely. it executes as an npm preinstall script, and the npm package is installed by the AUR packages. this means that simply installing the malicious versions of any of these packages will compromise you. it does not require you to do anything more afterwards. again, the malware persists if you uninstall the malicious packages to check if you've been compromised, look in /etc/systemd/system and ~/.config/systemd/user for a recently added .service file with a random name. that's the persistence mechanism and the most obvious mark that you've been compromised. --- Attached is a screenshot of an announcement from the "Linux VR Adventures" discord. i know we all hate discord, but LVRA has a lot of auxiliary discussion, so here's an invite link of special interest, here's a malware analysis thread. Feel free to follow it in real time, or contribute, or whatever. Whanos has produced a preliminary analysis blog post that contains a lot of important information about the malware.

MANY ORPHANED AUR PACKAGES ARE BEING TARGETED WITH AN INFOSTEALER. the Arch User Repository package alvr has been orphaned, then adopted by a threat actor who immediately updated it with an infostealer. If you have this package on your system and updated it recently, you've been compromised. This is not a result of any upstream compromise; it's just that one AUR package. in particular, the alvr-bin sister package seems to be fine. here's the relevant thread for alvr from the Arch Linux mailing list. alvr seems to be the first package compromised and/or the first one that was noticed. it was updated maliciously at 2026-06-11 13:53:45 UTC (2026-06-11T13:53:45.000Z) and reverted approximately 3-4 hours after that. SEVERAL OTHER PACKAGES ARE BEING TARGETED WITH THE SAME MALWARE: 1, 2, 3, 4, 5 AUR mailing list megathread <-- over 400 (!!!!) packages have the malicious npm dependency they all share in common that they will install the atomic-lockfile package from NPM (so, here ...

Didn't know #Flatpak apps can have internal updaters interacting with Flatpak directly so that they can update without the need for a graphical store like Discover or touching the command line. Handling things in Discover or the command line is probably more intuitive, but it's neat that apps can do this rather than trying to do their own thing only and possibly messing up files and introducing conflicts.

https://www.404media.co/fcc-wants-to-kill-burner-phones-by-forcing-telecoms-to-get-all-customers-ids/ The FCC wants to make it impossible to buy "burner" phones, such as pre-paid phones not linked to your identity. They plan to do this by forcing all companies to store a ton of data about ALL phone users, including Copy of ID, and Verified address and a ton more info for both new & existing phone users, regardless of company or phone. #FCC #Privacy #Security

progress

#Meta Deletes Face-Recognition System From Its #SmartGlasses App After WIRED Report https://www.wired.com/story/meta-removes-face-recognition-code-meta-ai-app-smart-glasses/ #privacy #FRT #FacialRecognition #Oakley #RayBan

RE: GrapheneOS@grapheneos.social This is more important now than ever. Unfortunately, even Mozilla (mozilla@mastodon.social) recently added the Google Play Integrity API to Firefox for Android (firefoxnightly@mastodon.social), as part of their effort to support generative AI features. Hoping that someone at Mozilla sees this thread and reconsiders that decision, in order to reconcile with their mission statement/values.

RE: jdelacueva@mastodon.social More on this EU login trojan horse. I used DuckDuckGo app to check the trackings triggered by EU Login app. The result is 39 tracking attempts. The collected data is shown in the screenshots that follow. #privacy

#KDE is turning 30, time to celebrate and donate! https://kde.org/anniversaries/30/ #linux #anniversary #opensource

I often watch #Apple's #WWDC as they're always ridiculous, but this year's #WWDC26 was boring as hell. All they presented is: 1. "Fixed" liquid ass (like how Windows 7 "fixed" Vista) which is what *OS 26 should have been from the beginning 2. Extensive parental controls as a way to comply to bullshit age verification laws (parents never use parental controls anyway) 3. AI AI AI AI AI AI!!!!!!!!!!! (white label Gemini) And the "AI" parts had awkwardly long pauses, probably just to fill in time.

A user reported that age verification company Yoti flagged and reported him for using GrapheneOS, a privacy-focused OS. Yoti's data policies have been scrutinized before, and Spain fined them €950,000 earlier this year for GDPR violations. https://alternativeto.net/news/2026/6/grapheneos-user-reported-to-authorities-by-age-verification-company-yoti-for-using-this-os/

Initial Flatpak support in Ubuntu Touch soon? :D https://gitlab.com/ubports/development/core/seeds/ubuntu-touch/-/merge_requests/151 #LinuxMobile #UbuntuTouch

La creatividad