Fediverse

2 Articles

MS-DOS Meets The Fediverse

August 9, 2023 by 30 Comments

By now, most Windows users are set up with decently functional machines running Windows 10 or 11. Of course there are a few legacy machines still lagging behind on Windows 7 or 8 and plenty of computers in industrial settings running ancient proprietary software on Windows XP. But only the most hardcore of IBM PC users are still running DOS, and if you have eschewed things like Unix for this command-line operating system this long you might want to try using it to get online in the Fediverse with Mastodon.

The first step is getting DOS 6.22, the most recent version released in 1994, set up with all the drivers and software needed to access the Internet. At the time of its release there were many networking options so the operating system didn’t include these tools by default. [Stephen] first sets up an emulated NE2000-compatible networking card and then installs the entire TCP/IP stack and then gets his virtual machine set up with an IP address.

With a working Internet connection set up, the next step on the path of exploring federated social media is to install DOStodon (although we might have favored the name “MastoDOS”) which is a Mastodon client specifically built for MS-DOS by [SuperIlu]. There are pre-compiled packages available on its GitHub page for easy installation in DOS but the source code is available there as well. And, if this is your first time hearing about the Fediverse, it is mostly an alternative to centralized social media like Facebook and Reddit but the decentralization isn’t without its downsides.

This Week In Security: Your Car’s Extended Warranty, Seizing The Fediverse, And Arm MTE

August 4, 2023 by 15 Comments

If you’ve answered as many spam calls as I have, you probably hear the warranty scam robocall in your sleep: “We’ve been trying to reach you about your car’s extended warranty.” That particular robocalling operation is about to run out of quarters, as the FCC has announced a nearly $300 million fine levied against that particular operation. The scammers had a list of 500 million phone numbers, and made over five billion calls in three months. Multiple laws were violated, including some really scummy behavior like spoofing employer caller ID, to try to convince people to pick up the call.

Now, that record-setting fine probably isn’t ever going to get paid. The group of companies on the hook for the amount don’t really exist in a meaningful way. The individuals behind the scams are Roy Cox and Aaron Jones, who have already been fined significant amounts and been banned from making telemarketing calls. Neither of those measures put an end to the problem, but going after Avid Telecom, the company that was providing telephone service, did finally put the scheme down.

Mastodon Data Scooped

There are some gotchas to Mastodon. Direct Messages aren’t end-to-end encrypted, your posts are publicly viewable, and if your server operator gets raided by law enforcement, your data gets caught up in the seizure.

The background here is the administrator of the server in question had an unrelated legal issue, and was raided by FBI agents while working on an issue with the Mastodon instance. As a result, when agents seized electronics as evidence, a database backup of the instance was grabbed too. While Mastodon posts are obviously public by design, there is some non-public data to be lost. IP addresses aren’t exactly out of reach of law enforcement, it’s still a bit of personal information that many of us like to avoid publishing. Then there’s hashed passwords. While it’s better than plaintext passwords, having your password hash out there just waiting to be brute-forced is a bit disheartening. But the one that really hurts is that Mastodon doesn’t have end-to-end encryption for private messages. Continue reading “This Week In Security: Your Car’s Extended Warranty, Seizing The Fediverse, And Arm MTE”