Notices tagged with javascript

LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Tuesday, 07-Sep-2021 00:28:49 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

https://thehackernews.com/2021/09/protonmail-shares-activists-ip-address.html

I did not anticipate this, because I figured they’d have learned from Lavabit and designed their systems such that there was no way for them to have any metadata (user’s IP address, user’s ‘user agent’, timestamps of users’ correspondence, pretty much everything except what is required to send and receive messages). Any information your system has, however briefly, can be the subject of a government order.

My issue over the years has been that both Protonmail and Tutunota send you the JavaScript used to “end-to-end encrypt” your message. At any time, they could be ordered to modify that JS to cache the encryption keys for later reuse by government agencies.

Tags: #Protonmail, #surveillance, #government_over_reach, #metadata, #encryption, #JavaScript
In conversation about a month ago from Shoyu permalink
Attachments
1. ProtonMail Shares Activist's IP Address With Authorities Despite Its "No Log" Claims
  
  from https://www.facebook.com/thehackernews
  
  Despite its "no logs" policy, ProtonMail discloses an activist's IP address to authorities.
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Wednesday, 25-Aug-2021 02:55:57 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
in reply to
- simsa04
He did, but he kept control of them, so when his funds ran short, most of them disappeared. I've thought about deploying a Federati #Pump.io instance, but it runs atop #Node.js. I'd want to rent a completely separate server ( #VPS ) for it, so nothing else is affected if a poorly understood #JavaScript engine goes haywire.

In conversation about 2 months ago from web permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Tuesday, 10-Aug-2021 04:31:39 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
in reply to
- LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
It looks like it has been some months since I looked at #jsish. As #JavaScript interpreter projects go, it looks relatively good.

In conversation about 2 months ago from web permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Tuesday, 10-Aug-2021 03:54:13 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

Playing with "jsish":{https://jsish.org/} a little bit. If I get very far, I'll probably try to create a minimal project to demonstrate its use.

#JSISH is a #JavaScript like interpreter + websocket server + sqlite + C extension interface

In conversation about 2 months ago from web permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Saturday, 31-Jul-2021 01:21:49 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
in reply to
- LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
It took forever for YouTube's ton* of #JavaScript to load, but yeah, that does look like fun.

* Even after the video starts playing, the controls don't work until the last piece of #JabbaShit loads. Not even the "don't autoplay the next video" button. The actual video was already over by that time. WTH YouTube?

In conversation about 3 months ago from web permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Saturday, 24-Jul-2021 07:37:36 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

Wow. There looked to be about twenty different sites pushing #JavaScript on that job application site. Even after I allowed all (except CloudFlare Insights and Google Analytics), the submit button wouldn't work. There was a defective Date object somewhere that threw the 'then' clause of an if statement into a tizzy.

Switched browsers and it went right through. Same set of extensions, I think.

Both browsers have built in ad-blocking, so I'm going to guess that some difference in their ad filters caused the different behavior.

In conversation about 3 months ago from web permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Monday, 19-Jul-2021 03:57:06 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

#Manyverse ( mobile #SSB client ) is having another one of its “can’t connect to a pub server, so you’re basically operating standalone” periods. It seems the last successful connection was two weeks ago.

I know one of Secure ScuttleButt’s features is not needing Internet at all, but if you’re not connecting via LAN occasionally, you need a way for #peer-to-peer software to bootstrap a pool of connections into the network overlay over the Internet. I think pubs (and the new implementation that is just getting started) are a sign that a P2P project is not designed for real life usage.

I realize that many “Butts”, including the developers, are leftish anarchists, so when things work, they are able to discuss the dream world they hope to implement. But the majority of people are not breathing such rarified air, and #Secure_ScuttleButt needs to just work for regular people also.

Probably needs some concepts from Jami … and to be implementable without using Node.js … which I’ve seen people saying is not currently possible.

An aside: I do wonder whether it depends on peculiarities of #JavaScript or of #Node.JS itself. If the first is true, one may be able to implement SSB with #Deno or #JSI / #JSISH.

In conversation about 3 months ago from Shoyu permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Tuesday, 06-Jul-2021 18:59:58 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
- Alexandre Oliva
@lxo RE: https://gnusocial.net/notice/9688345

When I saw Aral's post, I thought he couldn't mean what he said in https://mastodon.ar.al/@aral/106532380339054212 ... surely he knows that generally, #JavaScript is hosted (and thus controlled) from the server, but runs on the local client. And therefore is only as trustworthy as the server's owner/operator.

A high JS front-end requires a high-spec client machine (see all the people complaining about PleromaFE's slowness and browser crashes) and as soon as the organization hosting the JS determines that their interests require data centralization, that scripting can send it all back to the server without the user ever knowing anything changed.
In conversation about 3 months ago from web permalink
Attachments
1. Invalid filename.
  
  mensaje de Alexandre Oliva (lxo@gnusocial.net), el Tuesday, 06-Jul-2021 09:54:17 CEST - gnusocial.net
  
  it's not javascript per se that is dangerous. it's software delivered to you by the WWWorst App Store that is, because it's effectively under someone else's control, and running on your computer
2. Aral Balkan (@aral@mastodon.ar.al)
  
  from Aral Balkan
  
  @dheadshot@mastodon.social @rustygopher@distrotoot.com No, it doesn’t mean that because there is nothing inherent in JS that “isn’t good for privacy” or runs badly on older machines. On the contrary, keeping your secrets on the client (which you control) *requires JS* and requires that all logic runs on the client and that the server (which you don’t control) is as dumb as possible and never has your secrets. Sadly this generic dogma about “JS is dangerous” is perpetuated by folks like the FSF and it’s both wrong and harmful.
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Monday, 07-Jun-2021 23:13:08 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

https://github.com/ekzhang/rustpad Cooperative online text / document editor. Looked interesting until I saw that it requires #Node.JS.

I'm also still a little leery of letting WASM run in my browsers. Not that people can read obfuscated minified #JavaScript, but if you could obtain the pre-minified source, you might be able to tell what it was doing. With WASM, you're totally just letting unauditable and untrusted code run in your browser.

(I know this has a "Get off my lawn" flavor, but that's not what is happening here. Just wait until a GRU-sponsored malware gang starts inserting malicious WASM into popular sites around the Web.)
In conversation about 4 months ago from web permalink
Attachments
1. ekzhang/rustpad
  
  Efficient and minimal collaborative code editor, self-hosted, no database required - ekzhang/rustpad
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Friday, 04-Jun-2021 01:08:48 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

Time to switch back to #Palemoon. I've been using #Falkon as my main browser for a few days.

Plus: Unlike Palemoon, when Falkon decides to have an issue, one or more tabs fail to load, but the browser itself doesn't crash.

Minus: It really needs something like NoScript, where all #JavaScript is off, except for specific sites you authorize; it cannot load PleromaFE and cannot log in with Soapbox. I should have tried Bloat, but I didn't. Although I don't knowingly have any Snaps installed, snapd randomly spins all CPU cores at 100% for a few minutes ... this was never observed with Palemoon.

In conversation about 5 months ago from web permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Wednesday, 21-Apr-2021 06:28:58 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
in reply to
- LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
https://nu.federati.net/url/280765 [www latimes com]

(NOTE: The "turn off your adblocker or pay money" depends on #JavaScript. If you turn #JabbaShit off, you can read the article.)
In conversation about 6 months ago from mustard permalink
Attachments
1. At flashpoint of George Floyd protests, Fairfax Avenue reacts to verdict with relief
  
  from https://www.latimes.com/people/julia-wick
  
  At flashpoint of George Floyd protests, Fairfax Avenue praises verdict and hopes for justice
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Wednesday, 07-Apr-2021 04:29:44 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
in reply to
- Billy
@storm #Pleroma comes with PleromaFE and MastoFE. I know PleromaFE is high in #JavaScript. If the #JabbaShit interferes with your assistive technologies, there is a separate front end called “Bloat”, which is supposed to be much less JavaScript-y.

I have not seen Bloat myself (I don’t even know the project’s URL), so this is all hearsay.

In conversation about 6 months ago from Shoyu permalink
Douglas A. Whitfield (musicman@nu.federati.net)'s status on Tuesday, 06-Apr-2021 13:58:40 UTC Douglas A. Whitfield

One of two positions coming out on my team. These two positions are a little different than those on my team currently, but I should still be able to answer questions about it. My team is 100% remote, and was pre-pandemic, but there are office locations available if you prefer an office.

Role: JavaScript Solutions Architect ( #AngularJS)
Location: Minneapolis, MN, Burlington, MA, Louisville, CO, Alameda, CA or Remote for the Candidate

Position Summary:

Perforce is seeking an Open Source Software Support Engineer (with deep AngularJS experience) to join our OpenLogic team, responsible for providing support and services on Open Source technologies to our OpenLogic customers.

This critical position demands a software engineer with a strong programming skills and some networking capabilities. You would be responsible for ensuring the success of our customers by effectively providing dependable and timely resolutions related to open source software. The ideal candidate is expected to be self-motivated, proactive, results-oriented and able to provide a high level of customer satisfaction through the delivery of world-class technical support service

Responsibilities:
Interact with end users on technical problems
Tier 4 support for open source JavaScript products and tangential technologies
Drive resolution of those problems, which include:
Open source software issues
Questions around open source software usage
Questions around use and best practices
Review of the architecture and design where software is implemented
Conduct professional services and training engagements
Research, understand, and advocate open source software
Interact with various open source communities
Drive early resolution of issues
Present knowledge via articles, blogs, and conference presentations

Requirements:
Minimum of 10 years of software development and design, systems administration, or level 3-4 technical support experience
Minimum 5 years development, design, implementation, and troubleshooting experience on AngularJS
At least 2 years in a senior position ( senior/lead developer, engineer, or software architect)
Experience resolving remotely exploitable CVEs & cross-site scripting vulnerabilities
10+ years of hands on experience working w/ JavaScript technologies:
Highly-skilled JavaScript developer with extensive knowledge of theoretical Angular software engineering

Strong expertise w/ HTML, CSS, & writing cross-browser compatible code

Understanding of AJAX and #JavaScript DOM manipulation Techniques

Experience w/ RESTful services

Experience in JavaScript build tools like #Gulp or #Grunt

Familiar with JavaScript testing frameworks
Virtualization and cloud experience with qemu/kvm, #Azure, #AWS, VirtualBox, #Vagrant
Experience working in production environments, especially enterprise/carrier environments
Technical knowledge, skills & expertise in complex infrastructure, web-based software and enterprise software
Preference given to candidates with
implementation and troubleshooting experience on one or more of the following: #Node.js, #npm, #React, #Redux, Vue.js, Aurelia, Apache Cassandra, Jenkins CI, #DockerCE, #ElasticSearch, #Kubernetes, or #MongoDB

Experience migrating AngularJS to Angular

Experience transitioning AngularJS to other modern JavaScript solutions
Committer status on AngularJS product

Configured, installed, & maintained JavaScript applications at scale in a production environment

Experience tuning JavaScript for reliability & speed

https://nu.federati.net/url/280588
In conversation about 6 months ago from web permalink
Attachments
1. Now Hiring: Perforce Software, JavaScript Solutions Architect (AngularJS) - Minneapolis, MN
  
  Role: JavaScript Solutions Architect (AngularJS) Location: Minneapolis, MN, Burlington, MA, Louisville, CO, Alameda, CA or Remote for the Candidate Perforce develops DevOps tools that improve software quality and security as well as team productivity for several of the world's leading companies, such as PIXAR, CD Projekt Red, NASA, Verizon, Honda, NVIDIA. Position Summary: Perforce is seeking an Open Source Software Support Engineer (with deep AngularJS experience) to join our OpenLogic team, responsible for providing support and services on Open Source technologies to our OpenLogic customers. This position will work closely with members from Support, Sales and Professional Services to assist in resolving a wide variety of customer issues. This critical position demands a software engineer with a strong programming skills and some networking capabilities. You would be responsible for ensuring the success of our customers by effectively providing dependable and timely resolutions related to open source software. The ideal candidate is expected to be self-motivated, proactive, results-oriented and able to provide a high level of customer satisfaction through the delivery of world-class technical support service OpenLogic provides enterprise services for hundreds of open source projects, including OpenJDK, Kubernetes, CentOS, and MariaDB. With OpenLogic, teams boost efficiency and reduce risk. Responsibilities: Interact with end users on technical problems Tier 4 support for open source JavaScript products and tangential technologies Drive resolution of those problems, which include: Open source software issues Questions around open source software usage Questions around use and best practices Review of the architecture and design where software is implemented Conduct professional services and training engagements Research, understand, and advocate open source software Interact with various open source communities Drive early resolution of issues Present knowledge via articles, blogs, and conference presentations Requirements: Minimum of 10 years of software development and design, systems administration, or level 3-4 technical support experience Minimum 5 years development, design, implementation, and troubleshooting experience on AngularJS At least 2 years in a senior position ( senior/lead developer, engineer, or software architect) Experience resolving remotely exploitable CVEs and cross-site scripting vulnerabilities 10+ years of hands on experience working with JavaScript technologies: Highly-skilled JavaScript developer with extensive knowledge of theoretical Angular software engineering Strong expertise with HTML, CSS, and writing cross-browser compatible code Understanding of AJAX and JavaScript DOM manipulation Techniques Experience with RESTful services Experience in JavaScript build tools like Gulp or Grunt Familiar with JavaScript testing frameworks Virtualization and cloud experience with qemu/kvm, Azure, AWS, VirtualBox, Vagrant Experience working in production environments, especially enterprise/carrier environments Technical knowledge, skills and expertise in complex infrastructure, web-based software and enterprise software Preference given to candidates with implementation and troubleshooting experience on one or more of the following: Node.js, npm, React, Redux, Vue.js, Aurelia, Apache Cassandra, Jenkins CI, Docker CE, ElasticSearch, Kubernetes, or MongoDB Experience migrating AngularJS to Angular Experience transitioning AngularJS to other modern JavaScript solutions Committer status on the AngularJS product Configured, installed, and maintained JavaScript applications at scale in a production environment Experience tuning JavaScript for reliability and speed If you are passionate about the technology that impacts our day-to-day lives and want to work with people as talented and dedicated as yourself, apply today! www.perforce.com Perforce is an equal opportunity employer. We value diversity and celebrate its strengths.
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Monday, 05-Apr-2021 02:33:27 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

I should probably go ahead and close my #Twitter account. I keep saying I'm going to log in again, but I haven't ... partly because they've now made it impossible to use without turning on #JavaScript / #JabbaShit ... together with all the other unpleasing things about the site, I just don't want to deal with it anymore.

In conversation about 7 months ago from web permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Tuesday, 09-Feb-2021 02:42:23 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

So I took a cursory look around https://dart.dev/ ... I think #Dart resembles #Java ... this may be why it has far less mindshare than #TypeScript and #CoffeeScript among "compiles to #JavaScript" languages.
In conversation about 8 months ago from web permalink
Attachments
1. Dart programming language
  
  Dart is a client-optimized language for fast apps on any platform
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Sunday, 07-Feb-2021 18:10:09 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

Also on hold:

I had just started an exploration push with “Deno”:{https://deno.land/} and “JSI/jsish”:{https://jsish.org/} ... but despite being interesting (as interesting as #JavaScript gets, IMO, but with seemingly less of the security nightmare that is Node.js and the NPM package repository), I think it is better to pause it along with the other learning projects.

#jsi #jsish #deno #node.js
In conversation about 8 months ago from Shoyu permalink
Attachments
1. Deno
  
  Deno, a secure runtime for JavaScript and TypeScript.
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Sunday, 10-Jan-2021 04:29:50 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

I suppose it could be worse. They could clone #PayPal. It's been a few years since I closed my account, but at the time, #PreyPal used #JavaScript during password change time to prevent you from pasting a password in from a password manager. I can't remember whether they also prevented pasting during the process of logging in.

In conversation about 9 months ago from web permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Thursday, 03-Dec-2020 22:15:20 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
in reply to
- mangeurdenuage
It is irritating that so many #socnets think they have to be entirely depending on #JavaScript. Mastodon and #Pleroma both require #JabbaShit before they display anything or have even basic functionality.

It is bad, anti-human design.

In conversation about 11 months ago from web permalink
Doug Whitfield Loadaverage (dawsports@loadaverage.org)'s status on Wednesday, 02-Dec-2020 21:17:15 UTC Doug Whitfield Loadaverage
Remote profile options...

Anybody got any good #ReduxJS podcasts? #Redux #javascript

In conversation about 11 months ago from loadaverage.org permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Wednesday, 04-Nov-2020 03:16:43 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

I've reloaded the #NBCNews page so many times that their "please turn off your adblocker" interstitial stopped giving me the view site anyway option. Turning off #JavaScript got rid of that, but no more nice election results map. Switching to #CNN.

#USPol #Politics #Election2020

In conversation about a year ago from web permalink

Before

Public

Notices tagged with javascript

Feeds