You should be using an RSS reader

On OCTOBER 23 at 7PM, I'll be in DECATUR, GEORGIA, presenting my novel THE BEZZLE at EAGLE EYE BOOKS.

No matter how hard we all wish it were otherwise, the sad fact is that there aren't really individual solutions to systemic problems. For example: your personal diligence in recycling will have no meaningful impact on the climate emergency.

I get it. People write to me all the time, they say, "What can I change about my life to fight enshittification, or, at the very least, to reduce the amount of enshittification that I, personally, experience?"

It's frustrating, but my general answer is, "Join a movement. Get involved with a union, with EFF, with the FSF. Tell your Congressional candidate to defend Lina Khan from billionaire Dem donors who want her fired. Do something systemic."

There's very little you can do as a consumer. You're not going to shop your way out of monopoly capitalism. Now that Amazon has destroyed most of the brick-and-mortar and digital stores out of business, boycotting Amazon often just means doing without. The collective action problem of leaving Twitter or Facebook is so insurmountable that you end up stuck there, with a bunch of people you love and rely on, who all love each other, all hate the platform, but can't agree on a day and time to leave or a destination to leave for and so end up stuck there.

I've been experiencing some challenging stuff in my personal life lately and yesterday, I just found myself unable to deal with my usual podcast fare so I tuned into the videos from the very last XOXO, in search of uplifting fare:

https://www.youtube.com/@xoxofest

I found it. Talks by Dan Olson, Cabel Sasser, Ed Yong and many others, especially Molly White:

https://www.youtube.com/watch?v=MTaeVVAvk-c

Molly's talk was so, so good, but when I got to her call to action, I found myself pulling a bit of a face:

But the platforms do not exist without the people, and there are a lot more of us than there are of them. The platforms have installed themselves in a position of power, but they are also vulnerable…

Are the platforms really that vulnerable? The collective action problem is so hard, the switching costs are so high – maybe the fact that "there's a lot more of us than there are of them" is a bug, not a feature. The more of us there are, the thornier our collective action problem and the higher the switching costs, after all.

And then I had a realization: the conduit through which I experience Molly's excellent work is totally enshittification-proof, and the more I use it, the easier it is for everyone to be less enshittified.

This conduit is anti-lock-in, it works for nearly the whole internet. It is surveillance-resistant, far more accessible than the web or any mobile app interface. It is my secret super-power.

It's RSS.

RSS (one of those ancient internet acronyms with multiple definitions, including, but not limited to, "Really Simple Syndication") is an invisible, automatic way for internet-connected systems to public "feeds." For example, rather than reloading the Wired homepage every day and trying to figure out which stories are new (their layout makes this very hard to do!), you can just sign up for Wired's RSS feed, and use an RSS reader to monitor the site and preview new stories the moment they're published. Wired pushes about 600 words from each article into that feed, stripped of the usual stuff that makes Wired nearly impossible to read: no 20-second delay subscription pop-up, text in a font and size of your choosing. You can follow Wired's feed without any cookies, and Wired gets no information about which of its stories you read. Wired doesn't even get to know that you're monitoring its feed.

I don't mean to pick on Wired here. This goes for every news source I follow – from CNN to the New York Times. But RSS isn't just good for the news! It's good for everything. Your friends' blogs? Every blogging platform emits an RSS feed by default. You can follow every one of them in your reader.

Not just blogs. Do you follow a bunch of substackers or other newsletters? They've all got RSS feeds. You can read those newsletters without ever registering in the analytics of the platforms that host them. The text shows up in black and white (not the sadistic, 8-point, 80% grey-on-white type these things all default to). It is always delivered, without any risk of your email provider misclassifying an update as spam:

https://pluralistic.net/2021/10/10/dead-letters/

Did you know that, by default, your email sends information to mailing list platforms about your reading activity? The platform gets to know if you opened the message, and often how far along you've read in it. On top of that, they get all the private information your browser or app leaks about you, including your location. This is unbelievably gross, and you get to bypass all of it, just by reading in RSS.

Are your friends too pithy for a newsletter, preferring to quip on social media? Unfortunately, it's pretty hard to get an RSS feed from Insta/FB/Twitter, but all those new ones that have popped up? They all have feeds. You can follow any Mastodon account (which means you can follow any Threads account) via RSS. Same for Bluesky. That also goes for older platforms, like Tumblr and Medium. There's RSS for Hacker News, and there's a sub-feed for the comments on every story. You can get RSS feeds for the Fedex, UPS and USPS parcels you're awaiting, too.

Your local politician's website probably has an RSS feed. Ditto your state and national reps. There's an RSS feed for each federal agency (the FCC has a great blog!).

Your RSS reader lets you put all these feeds into folders if you want. You can even create automatic folders, based on keywords, or even things like "infrequently updated sites" (I follow a bunch of people via RSS who only update a couple times per year – cough, Danny O'Brien, cough – and never miss a post).

Your RSS reader doesn't (necessarily) have an algorithm. By default, you'll get everything as it appears, in reverse-chronological order.

Does that remind you of anything? Right: this is how social media used to work, before it was enshittified. You can single-handedly disenshittify your experience of virtually the entire web, just by switching to RSS, traveling back in time to the days when Facebook and Twitter were more interested in showing you the things you asked to see, rather than the ads and boosted content someone else would pay to cram into your eyeballs.

Now, you sign up to so many feeds that you're feeling overwhelmed and you want an algorithm to prioritize posts – or recommend content. Lots of RSS readers have some kind of algorithm and recommendation system (I use News, which offers both, though I don't use them – I like the glorious higgeldy-piggeldy of the undifferentiated firehose feed).

But you control the algorithm, you control the recommendations. And if a new RSS reader pops up with an algorithm you're dying to try, you can export all the feeds you follow with a single click, which will generate an OPML file. Then, with one click, you can import that OPML file into any other RSS reader in existence and all your feeds will be seamlessly migrated there. You can delete your old account, or you can even use different readers for different purposes.

You can access RSS in a browser or in an app on your phone (most RSS readers have an app), and they'll sync up, so a story you mark to read later on your phone will be waiting for you the next time you load up your reader in a browser tab, and you won't see the same stories twice (unless you want to, in which case you can mark them as unread).

RSS basically works like social media should work. Using RSS is a chance to visit a utopian future in which the platforms have no power, and all power is vested in publishers, who get to decide what to publish, and in readers, who have total control over what they read and how, without leaking any personal information through the simple act of reading.

And here's the best part: every time you use RSS, you bring that world closer into being! The collective action problem that the publishers and friends and politicians and businesses you care about is caused by the fact that everyone they want to reach is on a platform, so if they leave the platform, they'll lose that community. But the more people who use RSS to follow them, the less they'll depend on the platform.

Unlike those largely useless, performative boycotts of widely used platforms, switching to RSS doesn't require that you give anything up. Not only does switching to RSS let you continue to follow all the newsletters, webpages and social media accounts you're following now, it makes doing so better: more private, more accessible, and less enshittified.

Switching to RSS lets you experience just the good parts of the enshitternet, but that experience is delivered in manner that the new, good internet we're all dying for.

My own newsletter is delivered in fulltext via RSS. If you're reading this as a Mastodon or Twitter thread, on Tumblr or on Medium, or via email, you can get it by RSS instead:

https://pluralistic.net/feed/

Don't worry about which RSS reader you start with. It literally doesn't matter. Remember, you can switch readers with two clicks and take all the feeds you've subscribed to with you! If you want a recommendation, I have nothing but praise for Newsblur, which I've been paying $2/month for since 2011 (!):

https://newsblur.com/

Subscribing to feeds is super-easy, too: the links for RSS feeds are invisibly embedded in web-pages. Just paste the URL of a web-page into your RSS reader's "add feed" box and it'll automagically figure out where the feed lives and add it to your subscriptions.

It's still true that the new, good internet will require a movement to overcome the collective action problems and the legal barriers to disenshittifying things. Almost nothing you do as an individual is going to make a difference.

But using RSS will! Using RSS to follow the stuff that matters to you will have an immediate, profoundly beneficial impact on your own digital life – and it will appreciably, irreversibly nudge the whole internet towards a better state.

Tor Books as just published two new, free LITTLE BROTHER stories: VIGILANT, about creepy surveillance in distance education; and SPILL, about oil pipelines and indigenous landback.

If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2024/10/16/keep-it-really-simple-stupid/#read-receipts-are-you-kidding-me-seriously-fuck-that-noise

So with the pandora's box of AI being released into the world, cybersecurity has become kind of insane for the average user in a way that's difficult to describe for those who aren't following along. Coding in unfamiliar languages is easier to do now, for better and worse. Purchasable hacking "kits" are a thing on the dark web that basically streamline the process of deploying ransomware. And generative AI is making it much easier for more and more people to obscure their intentions and identities, regardless of their tech proficiency.

The impacts of this have been Really Bad in the last year or two in particular. For example:

(I'm about to link to sources, and you better be hovering and checking those links before clicking on them as a habit)

Ransomware attacks have become increasingly lucrative for private and state-sponsored hacking groups, with at least one hack recently reported to have resulted in a $75 MILLION payout from the victim. This in combination with the aforementioned factors has made it a bigger and bigger risk for companies and organizations holding your most sensitive data.

In the US, the Salt Typhoon hack over the past year or so has compromised virtually all major phone networks--meaning text and phone calls are no longer secure means of communication. While this won't affect most people in day-to-day, it does make basically all the information you share over traditional phone comms very vulnerable. You should avoid sharing sensitive information over the phone when you can.

CISA updated their security recommendations late last year in response to this compromise. One of the recommendations is to use a separate comms app with end-to-end encryption. I personally prefer Signal, since it's open source and not owned by Meta, but the challenge can be getting people you know on the same service. So... have fun with that.

2FA is no longer as secure as it was--because SMS itself is no longer secure, yeah, but even app-based 2FA has been rendered useless in certain circumstances. One reason for this is because...

A modern version of the early-2000's trick of gaining access to people's accounts via hijacked cookies has come back around for Chromium browsers, and hackers are gaining access to people's Google accounts via OAuth session hijacking. Meaning they can get into your already-logged-in accounts without passwords or 2FA even being needed to begin with. This has been achieved both through hackers compromising chrome browser extensions, and via a reinvigorated push to send out compromising links via email.

Thanks to AI, discerning compromised email is harder now. Cybercriminals are getting better at replicating legitimate email forms and website login screens etc., and coming up with ways to time the emails around times when you might legitimately expect them. (Some go so far as to hack into a person's phone to watch for when a text confirmation might indicate a recent purchase has been made via texted shipping alerts, for example)

If you go to a website that asks you to double-click a link or button--that is a major red flag. A potential method of clickjacking sessions is done via a script that has to be run with the end user's approval. Basically, to get around people who know enough to not authenticate scripts they don't recognize, hackers are concealing the related pop ups behind a "double-click" prompt instruction that places the "consent" prompt's button under the user's mouse in disguised UI, so that on the second click, the user will unwittingly elevate the script without realizing they are doing it.

Attachments are also a fresh concern, as hackers have figured out how to intentionally corrupt key areas of a file in a way that bypasses built-in virus check--for the email service's virus checker as well as many major anti-virus installed on endpoint systems

Hackers are also increasingly infiltrating trusted channels, like creating fake IT accounts in companies' Office 365 environment, allowing them to Teams employees instead of simply email them. Meaning when IT sends you a new PM in tools like Zoom, Slack, or Teams, you need to double-check what email address they are using before assuming it's the real IT person in question.

Spearphishing's growing sophistication has accelerated the theft of large, sensitive databases like the United/Change Healthcare hacks, the NHS hack & the recent Powerschool hack. Cybercriminals are not only gaining access to emails and accounts, but also using generative AI tools to clone the voices (written and spoken) of key individuals close to them, in order to more thoroughly fool targets into giving away sensitive data that compromises access to bigger accounts and databases.

This is mostly being used to target big-ticket targets, like company CSO's and other executives or security/IT personnel. But it also showcases the way scammers are likely to start trying to manipulate the average person more thoroughly as well. The amount of sensitive information--like the health databases being stolen and sold on the darkweb--means people's most personal details are up for sale and exploitation. So we're not too far off from grandparents being fooled by weaponized AI trained off a grandchild's scraped tiktok videos or other public-facing social media, for example. And who is vulnerable to believing these scams will expand, as scammers can potentially answer sensitive questions figured out from stolen databases, to be even more convincing.

And finally, Big Tech's interest in replacing their employees with AI to net higher profits has resulted in cybersecurity teams who are overworked, even more understaffed they already were before, and increasingly lacking the long-term industry experience useful to leading effective teams and finding good solutions. We're effectively in an arms race that is burning IT pros out faster and harder than before, resulting in the circumvention of crucial QA steps, and mistakes like the faulty release that created the Crowdstrike outage earlier last year.

Most of this won't impact the average person all at once or to the same degree big name targets with potential for big ransoms. But they are little things that have combined into major risks for people in ways that aren't entirely in our control. Password security has become virtually obsolete at this point. And 2FA's effectiveness is tenuous at best, assuming you can maintain vigilance.

The new and currently best advice to keeping your individual accounts secure is to switch to using Passkeys and FIDO keys like Yubikeys. However, the effectiveness of passkeys are held back somewhat as users are slow to adopt them, and therefore websites and services are required to continue to support passwords on people's accounts anyway--keeping password vulnerabilities there as a back door.

TLDR; it's pretty ugly out there right now, and I think it's going to get worse before it gets better. Because even with more sophisticated EDR and anti-virus tools, social engineering itself is getting more complex, which renders certain defensive technologies as somewhat obsolete.

Try to use a passkey when you can, as well as a password locker to create strong passwords you don't have to memorize and non-SMS 2FA as much as possible. FIDO keys are ideal if you can get one you won't lose.

Change your passwords for your most sensitive accounts often.

Don't give websites more personal info about yourself than is absolutely necessary.

Don't double-click links or buttons on websites/captchas.

Be careful what you click and download on piracy sources.

Try to treat your emails and PMs with a healthy dose of skepticism--double-check who is sending them etc for stealthily disguised typos or clever names. It's not going to be as obvious as it used to be that someone is phishing you.

It doesn't hurt to come up with an offline pass phrase to verify people you know IRL. Really.

And basically brace for more big hacks to happen that you cannot control to begin with. The employees at your insurance companies, your hospital, your telecomms company etc. are all likely targets for a breach.

In regards to the Windows 10 LTSC thing, the caveat is that it uses build 19044 (version 21H2), so it's very likely that certain programs simply won't be compatible with it

Additionally, one article said that even if they do push out a new LTSC version, there's no way to simply upgrade, you have to reinstall the whole OS just to get that new version. There's also conflicting information that it doesn't need a product key, but if it does, then you have to get it through enterprise vendors who may or may not be willing to sell you a key for a single device (or a small batch of devices, ex: 5)

It could very well be an option for some people to ride out W10 for a little longer, but these are just some things to bear in mind

Thanks for your note! It's clear you've thought about this.

The compatibility thing gets thrown around a lot, but honestly one thing Microsoft gets right with Windows is backwards compatibility. I write software for a living and one aspect of my job is retrotesting new builds of my stuff on older platforms. Currently, everything I do works on Win11 back to WinXP.

Of course, companies can choose to break compatibility. Steam famously stopped working on Win7 awhile back, forcing users to upgrade. But the core Win32 API hasn't changed in 30+ years which is remarkable.

Assuming your software doesn't need the latest build of Windows... why bother?

Bottom line, I personally am not worried about not being able to install something. When's the last time that happened with you?

If you treat Windows as a program launcher (which it is) instead of an ecosystem (which it also is, because Microsoft wants you to live there and pay them $$$) then the 'problem' becomes simpler: will the programs YOU want to run work with an old build of Win10? If so, there's no need to upgrade.

Microsoft has successfully created a religion around Windows Update. You MUST have the latest patches! Otherwise, you are VULNERABLE. Bad Things will Happen if you Don't Upgrade! Be afraid!!

That is simply not true. In my living room I drive our big screen TV with an ancient Dell box (circa 2009) running Win7 and Media Player Classic (MPC). It plays TV shows & movies just fine, exceeding DVD & Bluray resolutions. It hasn't received a Windows Update in a decade, but continues to chug along reliably. I installed Malware Bytes to make up for Windows Defender being out of date, since it has Firefox installed and we do use it to noodle around on the web occasionally. Youtube on a big screen is fun.

Will I ever upgrade that Windows? Probably not. Maybe if the host Dell Optiplex (2009!!) ever dies but otherwise... why would I?

My main workstation is Win10 and I plan to ride this thing until it explodes. Win11 is super annoying, and all the machines I run Win11 on are infested with Copilot and nag screens about OneDrive. I recently downgraded Office 365 to Office 2016 for that very reason.

Sense a pattern here?

tl;dr: Win10, even the older builds, are adequate for the typical user, for the foreseeable future. Installing & activation are stupidly easy. No product keys needed.

Finally: if you're nervous about Win10 there exist stripped down enterprise builds of Win11 available as well.

RT BUILDING QUESTIONS - APPEARANCE & PERSONALITY by @pheedraws 🤍

▶ CERYS VON VALANCIUS

21. Do they have any notable markings? Scars, birthmarks, tattoos, etc.?

Cerys is fully covered in scars. The most notable are on her face: the skin grafting surrounding the plate, and a slice on her right eyebrow - no grand story behind that scar. She fell off a moving tank on her early Guard days while goofing around. Cerys has three defining moles, one by her mouth, and two by her left eyebrow. Her whole left arm is tattooed, the most distinguishing parts of its design being the two suns as homage to Tallarn at her shoulder, and a skull design by her wrist.

more about her scars/augments here!

22. Do they have any augmentations? Were these installed out of necessity, or as a cosmetic choice?

She has many of them, all by necessity. The most visible are the face plate covering the severe damage from her Darkest Hour, and the two interface ports by her brow and nape. There are more throughout her body, most to either enhance her abilities as a soldier or to fix damage during service, but they are not visible.

When she loses two fingers in Commorragh's arena, Cerys gets a fancy replacement that is a little more cosmetic focused, but still done by necessity.

23. How do they hold themselves? Is the persona they show the world different to who they truly are? Who is privy to the ‘real’ them?

Cerys is, for the most part, as authentic as it gets on public and on private. Surely there are aspects and sides of her that are only for a select few, but she's not someone who can disguise her true personality much. Her siblings - and later Heinrix - are the ones who can see the whole map of her persona: more vulnerable, above anything.

24. Do they place value in how their protectorate sees them? Does this sway their decisions at all?

Yes and no. Cerys has a largely more strict approach than Theodora, firstly by the nature of being nearly fully Dogmatic. With a firmer pulse more concerned about instating the Imperium's order and proper worship of the God-Emperor that leaves not much room for leisure indulgence and demands work from her subjects, people who want more than to work for the benefit of expanding Mankind's kingdom don't see her in such good light.

She's still way more lenient and preoccupied with people's security and stability - overall, working masses find her charitable (for dogma's standard), but she runs into issues with nobility and freedom seekers often. She does not care about that (and in fact, most of MoW Heinrix's work circles on that than anything else).

25. Wildcard: Share a fun fact, random thought, or headcanon about them!

Cerys still performs a lot of the rites and customs of her home planet, and with time, that influences the people in her protectorate as well. She does not visit chapels or any of God-Emperor's dedicated worship spaces without covering her head, kneels in a specific way for her prayers, and has a set routine before her main meals.

With Kibellah and her blood wardens taking over protection of the bridge, Cerys introduces the rite of awarding silk sashes for anyone who serves over five standard years (and survives the ordeal). Kibellah is obviously the first to receive, and ends up incorporating the tradition into the Bloodspun Web.

in all seriousness, how would you even administrate a ban of an app? like... they can have it removed from the app stores, sure, or in what i would call extremely unlikely or bizarre circumstances, it could be used as evidence to justify arrest or pressing charges, maybe in the worst case scenario the web domain could be blocked by ISPs or the physical location of US hosting servers could be raided, and of course i'm not trying to downplay the severity of any those things, but like...

you can't... physically prevent anyone from circulating or installing an APK file. i'm sure removing it from app stores WOULD effectively prevent 99% of its userbase from accessing it, and it's not that i want to place the blame on them, but like... i do have to say this is ""totalitarianism"" for ipad babies and ipad babies only.

i think the average user is smarter about software than the house of representatives obviously is but like. if they were 10% smarter it would become impossible to administrate. by which i mean maybe a few hours of learning about it. maybe let's all start doing that, huh? if you can't reinstall a new operating system on your phone, enable unapproved app installation, or access developer mode, you do not really know how to use your phone, do you? all of these things are purposefully easier on android btw. and in a mad twist of irony they DO make you more vulnerable to malware

i would also like to point out i don't know of one comparable instance of historical precedent. what software has ever been banned? yes i know google street view in parts of the EU and facebook in myanmar and pakistan. i would not call those comparable (?) because it's not like a software ban (?). pirate bay i guess is closer (because they did perform physical raids, right). and how's that going for them

STAY CUTE _ UWU ^^

soon > February 3 , h 20;

where : live-streaming on YouTube ,

YT channel : myownoscar

duration : variable length

╱|、

(˚ˎ 。7

|、˜〵

じしˍ,)ノ

Stay Cute UWU

I Am Dancing in a Room, La Fauna 2k25

(online performance and mixed media installation)

'I never expected all these cats'

In 2014, when T.B.L., the creator of the World Wide Web, was asked what they didn't foresee about the internet, they simply said: "kittens”. Kittens and cuteness were considered the unexpected, in a world created for data e information, cuteness and kittens are now ubiquitous online beings. A gigantic primal universal language.

ᕱ⑅ᕱ

₍ᐢ •͈ ༝ •͈ ᐢ₎♡

Cuteness, known as Kawaii in Japanese, extends beyond mere aesthetics; it embodies deeper meanings such as kindness, emotional depth, and vulnerability but also the heritage of a kawaii rebellion to society standards and stereotypes, born in the 70s and nowaday transcended in the e-girls online presence . In a society fixated on strength and tangible outcomes, where imperfections are often shunned, emotions are mistakenly viewed as weaknesses and errors. However, embracing cuteness serves as a weapon for self-acceptance, challenging stereotypes and artificial displays of strength. It's a reminder that it's perfectly acceptable to express one's emotions openly, cause It’s ok to cry . The human body becomes more than just a vessel for perfection and strength; it becomes a ritual field, a canvas, for feelings and emotion and their symbolic enactment .

“ Stay Cute _ UWU “ is the new chapter of the y2k20 series “La Fauna, I Am Dancing in a Room” ; a work about the eternal diffusion of gestures and micro choreography in the era of social algorithms. As millions of bedrooms are uploaded online every day, inside them millions of users perform the same gestures. The online gesture is now a choreography that never ends, a performative expression of a mutual borderless language. The gesture wanders by mimesis from one room to another, often without any or just minimal variation apart from its new habitat: the body of the performer and the room that hosts it. Part of the various habitats regarding La Fauna 2k20, including ROSES, the first habitat presented at RomaEuropa DigitalLive 2020, I Am Dancing in a Room, pursues the contemporary life of online micro choreography, in which the gesture and sets of gestures unite millions of users and their habitats. In the same way we could see a sequence of gestures repeated for days following a single ritual hashtag, thus observing a perennial creative state of the user and the person, repossessed by the gesture and the movement.

The movement thus enters an expanded state of existence, crossing space, time and cultural boundaries, inscribed in the virtual walls of the entire connected planet, projecting us wherever there may be a connected user and his webcam. I Am Dancing In A Room, brings together on the same monitor, a series of performers and friends of the artist, who perform a choreography for webcam. Accompanying this visual flow are aquatic alien landscapes, floating stickers, avatars, memes and motivational statuses, as if virtual worlds could blossom and exist as online life forms.

“Nel passaggio tra un utente e l’altro, come in un macrorganismo i linguaggi e i data diventano eterni remix di una stessa informazione, un continuo spazio temporale di abduction (rapimento alieno) e riti dello user. Allo stesso modo potremmo ballare all’infinito sullo stesso loop per giorni inseguendo una track di rito su Tik Tok.”

credits performance:

main title : Stay Cute UWU

complete title: Stay Cute UWU , I Am Dancing in a Room , La Fauna 2k25

by : Mara Oscar Cassiani, web performance mixed media , ( web, year 2025 );

performing act: Melissa Brutti, Mara Oscar Cassiani, Erika Ciccone, Viola Conti, Cate Gnoli, Franziska Von Guten.

3D art, choreography, streaming : MOC, Mara Oscar Cassiani.

duration: 15/30 mins , variable length.

credits installation:

works titles: Stay Cute UWU + La Fauna 2k25, ( web, year 2020-2025);

by: Mara Oscar Cassiani;

performance video memory + mixed media installation;

glass sticker art : La Fauna, a story of Arizona Tea, Selfcare Habitats and cutenessy ( png art , web 2020, 2025).

——- ITA ———

"Non mi sarei mai aspettato tutti questi gatti"

Nel 2014, quando a T.B.L., il creatore del World Wide Web, è stato chiesto cosa non avesse previsto di Internet, ha semplicemente risposto: "gattini". Gattini e tenerezza erano considerati l'inaspettato, in un mondo creato per i dati e le informazioni, la tenerezza e i gattini sono ora esseri online onnipresenti. Un gigantesco linguaggio universale primordiale.

La tenerezza cuteness , nota come Kawaii in giapponese, si estende oltre la mera estetica; incarna significati più profondi come gentilezza, profondità emotiva e vulnerabilità, ma anche l'eredità di una ribellione kawaii agli standard e agli stereotipi della società, nata negli anni '70 e oggi trascesa nella presenza online delle e-girl. In una società fissata sulla forza e sui risultati tangibili, dove le imperfezioni sono spesso evitate, le emozioni vengono erroneamente viste come debolezze ed errori. Tuttavia, abbracciare la tenerezza serve come arma per l'autoaccettazione, sfidando gli stereotipi e le dimostrazioni artificiali di forza. È un promemoria che è perfettamente accettabile esprimere le proprie emozioni apertamente, perché è ok piangere. Il corpo umano diventa più di un semplice contenitore di perfezione e forza; diventa un campo rituale, una tela, per sentimenti ed emozioni e la loro rappresentazione simbolica.

"Stay Cute _ UWU" è il nuovo capitolo della serie y2k20 "La Fauna, I Am Dancing in a Room"; un'opera sull'eterna diffusione di gesti e micro coreografie nell'era degli algoritmi sociali. Mentre milioni di camere da letto vengono caricate online ogni giorno, al loro interno milioni di utenti eseguono gli stessi gesti. Il gesto online è ora una coreografia che non finisce mai, un'espressione performativa di un linguaggio reciproco senza confini. Il gesto vaga per mimesi da una stanza all'altra, spesso senza alcuna o solo una minima variazione a parte il suo nuovo habitat: il corpo dell'esecutore e la stanza che lo ospita. Parte dei vari habitat riguardanti La Fauna 2k20, tra cui ROSES, il primo habitat presentato a RomaEuropa DigitalLive 2020, I Am Dancing in a Room, insegue la vita contemporanea della micro coreografia online, in cui il gesto e gli insiemi di gesti uniscono milioni di utenti e i loro habitat. Allo stesso modo potremmo vedere una sequenza di gesti ripetuti per giorni seguendo un singolo hashtag rituale, osservando così uno stato creativo perenne dell'utente e della persona, riappropriati dal gesto e dal movimento.

Il movimento entra così in uno stato di esistenza espanso, attraversando confini spaziali, temporali e culturali, inscritto nelle pareti virtuali dell'intero pianeta connesso, proiettandoci ovunque ci siano un utente connesso e la sua webcam. I Am Dancing In A Room, riunisce sullo stesso monitor, una serie di performer e amici dell'artista, che eseguono una coreografia per webcam. Ad accompagnare questo flusso visivo ci sono paesaggi alieni acquatici, adesivi galleggianti, avatar, meme e stati motivazionali, come se i mondi virtuali potessero fiorire ed esistere come forme di vita online.

“Nel passaggio tra un utente e l’altro, come in un macrorganismo i linguaggi e i dati diventano eterni remix di una stessa informazione, un continuo spazio temporale di rapimento (rapimento alieno) e riti dello user. Allo stesso modo potremmo ballare all’infinito sullo stesso loop per giorni seguendo una traccia di rito su Tik Tok.”

titolo principale: Stay Cute UWU

titolo completo: Stay Cute UWU, I Am Dancing in a Room, La Fauna 2k25

a cura di: Mara Oscar Cassiani, web performance mixed media, (web, anno 2025);

interpreti: Melissa Brutti, Mara Oscar Cassiani, Erika Ciccone, Viola Conti, Cate Gnoli, Franziska Von Guten.

Arte 3D, coreografia, streaming: MOC, Mara Oscar Cassiani.

durata: 15/30 min, lunghezza variabile.

installazione:

titoli opere: Stay Cute UWU + La Fauna 2k25, ( web, anno 2020-2025);

di: Mara Oscar Cassiani;

performance video memory + installazione mixed media;

glass sticker art: La Fauna, una storia di Arizona Tea, Selfcare Habitats e cutenessy ( png art , web 2020, 2025).

“nell’ambito di UNA, DOPPIA, COLLETTIVA. L’identità al tempo del Metaverso a cura di Federica Patti e Claudio Musso ;

presso CUBO - Museo d’impresa del Gruppo Unipol”

​

​​Planning to sell physical or digital products online and want to create a website for it in the FASTEST way?

​​If you're starting your e-commerce journey and feeling overwhelmed by all the platform options—don't worry, you're not alone. Two names dominate the conversation: Shopify and WordPress (with WooCommerce).

​​

​​But which one is truly better for newbies, beginners, and dropshippers looking to launch fast and sell efficiently?

​​Let’s break it down and get straight to the point—especially if you're here to build a business, not fiddle with tech headaches.

​​

​​Shopify: Built for E-Commerce from the Ground Up

​​Shopify is a dedicated e-commerce platform. That means everything from product setup to payments, themes, and shipping is purpose-built for one thing: selling online.

​​ Why Shopify is Great for Beginners

​​Zero Coding Required: Just drag, drop, and start selling. Perfect for people who want results, not tutorials.

​​

​​3-Day Free Trial: You can start today and be up and running in hours. ​​

Sign up for Shopify’s FREE trial with this link -

https://shopify.pxf.io/QjzmOa

​​

​​Fast Setup: No plugins, no server setup, no manual installation. Just sign up and start building.

​​

​​Designed for Dropshipping: Integrates easily with apps like DSers, Zendrop, CJdropshipping, and more.

​​

​​Mobile-Optimized: Your store will look great on any device—without touching a line of code.

​​

​​24/7 Support: Real-time help from actual people when you get stuck.

​​Sign up for a Shopify FREE TRIAL Here at ​​https://shopify.pxf.io/QjzmOa

​​

​​WordPress (WooCommerce): Powerful, But Not Beginner-Friendly

​​WordPress is an amazing platform... if you're building a blog or you’re already experienced with web development. But for e-commerce newbies, it can feel like you're building a house from scratch.

​

​​ Why WordPress Might Be a Struggle for Beginners

​​Complex Setup: You'll need to buy hosting, install WordPress, then install WooCommerce, then configure it all manually.

​​Plugin Overload: Want a feature? You’ll likely need to install a plugin. And another. And another. Then update them constantly.

​​Security Risks: If you don’t stay on top of updates and patches, your site could be vulnerable.

​​Slow Support: There’s no dedicated support team—just forums or your hosting provider.

​​Not Built for E-commerce First: WordPress is a blogging tool at heart.

​​WooCommerce makes it work for selling, but it’s not seamless.

​​

​​

​​So Which One Should You Choose?

​​If you're:

​​A beginner with no coding experience,

​​A dropshipper who wants fast supplier integration,

​​Or just someone who wants to get your first product online this week, not next month...

​​Go with Shopify.

​​It’s clean, easy to use, beginner-friendly, and built to sell. You won’t waste time on tech issues—you’ll spend time building a brand.

​​Pro Tip: You can start with a 3-day free trial and see how easy it is. No risk, no commitment.

​​

​​Sign up for a Shopify FREE TRIAL Here - ​​https://shopify.pxf.io/QjzmOa

​​ Manual Setup

​​Shopify was made for people just like you—dreamers and doers ready to launch something real.

​​Don’t get stuck in tech setup and plugin chaos.

​​

Symfony Clickjacking Prevention Guide

Clickjacking is a deceptive technique where attackers trick users into clicking on hidden elements, potentially leading to unauthorized actions. As a Symfony developer, it's crucial to implement measures to prevent such vulnerabilities.

🔍 Understanding Clickjacking

Clickjacking involves embedding a transparent iframe over a legitimate webpage, deceiving users into interacting with hidden content. This can lead to unauthorized actions, such as changing account settings or initiating transactions.

🛠️ Implementing X-Frame-Options in Symfony

The X-Frame-Options HTTP header is a primary defense against clickjacking. It controls whether a browser should be allowed to render a page in a <frame>, <iframe>, <embed>, or <object> tag.

Method 1: Using an Event Subscriber

Create an event subscriber to add the X-Frame-Options header to all responses:

// src/EventSubscriber/ClickjackingProtectionSubscriber.php namespace App\EventSubscriber; use Symfony\Component\EventDispatcher\EventSubscriberInterface; use Symfony\Component\HttpKernel\Event\ResponseEvent; use Symfony\Component\HttpKernel\KernelEvents; class ClickjackingProtectionSubscriber implements EventSubscriberInterface { public static function getSubscribedEvents() { return [ KernelEvents::RESPONSE => 'onKernelResponse', ]; } public function onKernelResponse(ResponseEvent $event) { $response = $event->getResponse(); $response->headers->set('X-Frame-Options', 'DENY'); } }

This approach ensures that all responses include the X-Frame-Options header, preventing the page from being embedded in frames or iframes.

Method 2: Using NelmioSecurityBundle

The NelmioSecurityBundle provides additional security features for Symfony applications, including clickjacking protection.

Install the bundle:

composer require nelmio/security-bundle

Configure the bundle in config/packages/nelmio_security.yaml:

nelmio_security: clickjacking: paths: '^/.*': DENY

This configuration adds the X-Frame-Options: DENY header to all responses, preventing the site from being embedded in frames or iframes.

🧪 Testing Your Application

To ensure your application is protected against clickjacking, use our Website Vulnerability Scanner. This tool scans your website for common vulnerabilities, including missing or misconfigured X-Frame-Options headers.

Screenshot of the free tools webpage where you can access security assessment tools.

After scanning for a Website Security check, you'll receive a detailed report highlighting any security issues:

An Example of a vulnerability assessment report generated with our free tool, providing insights into possible vulnerabilities.

🔒 Enhancing Security with Content Security Policy (CSP)

While X-Frame-Options is effective, modern browsers support the more flexible Content-Security-Policy (CSP) header, which provides granular control over framing.

Add the following header to your responses:

$response->headers->set('Content-Security-Policy', "frame-ancestors 'none';");

This directive prevents any domain from embedding your content, offering robust protection against clickjacking.

🧰 Additional Security Measures

CSRF Protection: Ensure that all forms include CSRF tokens to prevent cross-site request forgery attacks.

Regular Updates: Keep Symfony and all dependencies up to date to patch known vulnerabilities.

Security Audits: Conduct regular security audits to identify and address potential vulnerabilities.

📢 Explore More on Our Blog

For more insights into securing your Symfony applications, visit our Pentest Testing Blog. We cover a range of topics, including:

Preventing clickjacking in Laravel

Securing API endpoints

Mitigating SQL injection attacks

🛡️ Our Web Application Penetration Testing Services

Looking for a comprehensive security assessment? Our Web Application Penetration Testing Services offer:

Manual Testing: In-depth analysis by security experts.

Affordable Pricing: Services starting at $25/hr.

Detailed Reports: Actionable insights with remediation steps.

Contact us today for a free consultation and enhance your application's security posture.

BUGS & METAMORPHOSIS: GLITCHING PHOTOGRAPHY

HASSELBLAD CENTER, GOTHENBURG CURATED BY LOUISE WOLTHERS AND NINA MANGALANAYAGAM

8th Feb - May 4th 2025

Bugs & Metamorphosis: Glitching Photography is an exhibition that explores "bugs" in two intriguing ways: both as technical glitches and as tiny creatures, insects. By combining these two perspectives, the exhibition creates a visual experience that’s playful, critical, and thought-provoking. From digital mishaps to insect-inspired art, the works challenge our understanding of photography and technology.

With more than 15 artworks, the exhibition reveals how glitches can disrupt and question systems of knowledge, classification, and control. Bugs appear both as real creatures—moths, flies, bees, and other insects—and as technical malfunctions with themes like swarming, webbing, symbiosis, and extinction. The exhibition highlights the ecologies between human-made and natural forces.

Bugs & Metamorphosis provides critical insights into contemporary networked and machine-based photography. Bugs emerge through hybridity, camouflage, mimicry, and transformation. Many of the artworks are grounded in decolonial, feminist, queer, and ecological practices, embracing glitching to highlight ambiguity, unruliness, and vulnerability. Other works delve into glitches within archiving, mapping, and visualization processes. Through a mix of technologies—both analogue and digital, screen-based and installation, AI/GAN, and “low-tech”—the exhibition shows how glitches can open new ways of seeing and understanding the world.

Several of the works have been created specifically for this exhibition, and many of the artists are shown in Sweden for the first time. During the exhibition, photography and videoworks by Rashaad Newsome and Amalie Smith are shown at Gothenburg Museum of Art, and at Gothenburg Museum of Natural History works by Joana Moll, Mónica Alcázar-Duarte and Kristina Lenz and Alex Klug are on display.

Participating artists: Mónica Alcázar-Duarte (ME), Taysir Batniji (PS/FR), Jake Elwes (UK), Olle Essvik (SE), Henrik Håkansson (SE), Kristina Lenz och Alex Simon Klug (DE), Nina Mangalanayagam (SE), Joana Moll (ES), Rashaad Newsome (US), Josèfa Ntjam (FR), Amalie Smith (DK), Clare Strand (UK), Hope Strickland (UK), Theopisti Stylianou-Lambert & Alexa Achilleos (CY), Sheung Yiu (HK/FI).

Curators: Louise Wolthers, Hasselblad Foundation and Nina Mangalanayagam, HDK-Valand, University of Gothenburg

An extended public program including performances and film screenings will take place during the exhibition period. Details to follow.

Parts of the exhibition will travel to Kunsthal Aarhus in Denmark, June – August 2025.

In connection with the exhibition, the book Bugs & Metamorphosis:  Field Guide to Glitching Photography will be published by Art & Theory. The book is designed as a field guide and includes an introduction by Nina Mangalanayagam and Louise Wolthers, as well as essays by Cathryn Klasto, Joanna Zylinska, Majken Overgaard, Peter Nielsen, Peter Ole Pedersen, Tintin Wulia.

This day in history

#20yrsago Donate to EFF, send a lump of coal to MPAA and RIAA https://web.archive.org/web/20041218015602/http://www.downhillbattle.org/coal/

116 #20yrsago 65MB of vintage random numbers from 1965 https://www.rand.org/pubs/monograph_reports/MR1418.html

#15yrsago Spite Houses, built to piss off the neighbors https://en.wikipedia.org/wiki/Spite_house#

#15yrsago Bug powder causes male bedbugs to stab each other to death with their penises https://www.medindia.net/news/bedbugs-may-be-on-way-out-with-new-discovery-62273-1.htm

#15yrsago Installing Windows considered as a literary genre https://nielsenhayden.com/makinglight/archives/012008.html#012008

#15yrsago Montage of magic “photo enhancement” in cop shows and movies https://www.youtube.com/watch?v=Vxq9yj2pVWk

#10yrsago No charges for Japanese man who dumped a quarter-ton of porn in a park https://web.archive.org/web/20141225092617/https://www.afp.com/en/node/2965441/

#10yrsago The strange history of Disney’s cyber-psychedelic “Computers Are People Too” https://www.vice.com/en/article/how-disney-was-hustled-into-making-the-trippiest-movie-about-computers-ever/

#10yrsago HOWTO cut paper snowflakes in the likeness of Nobel physics prizewinners https://www.symmetrymagazine.org/article/december-2014/deck-the-halls-with-nobel-physicists

#5yrsago Insulin prices doubled between 2012 and 2016 https://www.usatoday.com/story/news/health/2019/12/09/insulin-prices-double-ohio-lawmakers-looking-answers/2629115001/

#5yrsago Sloppy security mistakes in smart conferencing gear allows hackers to spy on board rooms, steal presentations https://www.wired.com/story/dten-video-conferencing-vulnerabilities/

#5yrsago Bernie Sanders is the only leading Democrat who hasn’t taken money from billionaires https://www.cbsnews.com/news/bernie-sanders-knocks-rivals-for-taking-donations-from-billionaires/

#5yrsago Privacy activists spent a day on Capitol Hill scanning faces to prove that scanning faces should be banned https://fightfortheftr.medium.com/we-scanned-thousands-of-faces-in-dc-today-to-show-why-facial-recognition-surveillance-should-be-3360958a76f1

#5yrsago Foxconn wants Wisconsin to keep paying it billions, but it won’t disclose what kind of factory it will build https://www.theverge.com/2019/12/13/21020885/foxconn-wisconsin-deal-renegotiate-tax-subsidy-lcd-factory-plant

#5yrsago Citing the Panama Papers, Elizabeth Warren proposes sweeping anti-financial secrecy rules https://medium.com/@teamwarren/my-plan-to-fight-global-financial-corruption-b66492583129

Massive Backdoor Infection Hits 1.3 Million Android-Based Streaming Devices

A newly discovered malware infection has raised alarm bells by affecting an estimated 1.3 million Android streaming devices running an open-source version across almost 200 countries. The malware, dubbed "Android.Vo1d," has successfully backdoored these Android-based boxes by inserting malicious code into their system storage areas, allowing for potential updates with additional malware via command-and-control servers at any time.

Scope and Impact

Security firm Doctor Web reported the widespread infection on Thursday, highlighting the extensive reach of the Android.Vo1d malware. The affected devices are operating systems based on the Android Open Source Project (AOSP), a version overseen by Google but distinct from the proprietary Android TV used by licensed device manufacturers. Google representatives have confirmed that the infected devices are not running the official Android TV OS, emphasizing that these are "off-brand devices" without Play Protect certification. This certification process involves extensive testing to ensure quality and user safety. Confirm your TV is running Android TV OS by using the guide posted here.

Unknown Infection Vector

Despite their thorough understanding of the malware and its widespread impact, researchers at Doctor Web are still uncertain about the exact attack vector leading to these infections. They have proposed several possibilities: - An intermediate malware exploiting operating system vulnerabilities to gain root privileges - The use of unofficial firmware versions with built-in root access - Outdated and vulnerable Android versions susceptible to remote code execution exploits - Potential supply chain compromises, where devices may have been infected before reaching end-users

Affected Devices and Variants

The infection has been found on several TV box models, including: TV box model Declared firmware version R4 Android 7.1.2; R4 Build/NHG47K TV BOX Android 12.1; TV BOX Build/NHG47K KJ-SMART4KVIP Android 10.1; KJ-SMART4KVIP Build/NHG47K Researchers have identified dozens of Android.Vo1d variants, each using different code and planting malware in slightly different storage areas. However, all variants achieve the same result: connecting to attacker-controlled servers and installing components that can deploy additional malware on command.

Infection Characteristics

The Android.Vo1d trojan modifies several system files and creates new ones to ensure persistence on infected devices. Key changes include: - Modification of the install-recovery.sh script - Alteration of the daemonsu file - Creation of new files: vo1d, wd, debuggerd, and debuggerd_real These modifications allow the malware to anchor itself in the system and auto-launch during device reboots. The trojan's main functionality is split between two components: vo1d (Android.Vo1d.1) and wd (Android.Vo1d.3), which work together to maintain the infection and execute commands from the control servers.

Geographic Distribution

Geographic Distribution of the Android.Vo1d infections The infection has spread globally, with the highest number of cases detected in: - Brazil - Morocco - Pakistan - Saudi Arabia - Russia - Argentina - Ecuador - Tunisia - Malaysia - Algeria - Indonesia

Detection and Mitigation

Identifying infected devices can be challenging for less experienced users. Doctor Web recommends using their antivirus software for Android, which can detect all Vo1d variants and disinfect devices with root access. More technically inclined users can check for indicators of compromise provided by the security firm. The incident also highlights the risks associated with using non-certified Android devices and emphasizes the importance of regular security updates and proper device vetting. As the investigation continues, it serves as a stark reminder of the ongoing challenges in securing the diverse ecosystem of Android-based devices in the market. Read the full article

Hey there, it's Miss Undercover again!

First of all your latest chapters for LtW were wonderful. As per usual, you spun this genius web where the storyline is far from canon but the characters still ring true. That scene with David accosting our poor Ellie was horrifying and had me on the edge of my seat. I only managed to skim through the last few chapters of this masterpiece of a work, but I'm looking forward to sitting down and reading it thoroughly. I love love love your Joellie. And I appreciated Maria taking accountability and stepping down from her position, as someone who sorely failed to notice the red flags that David gave off. She really grated on my nerves before but she's kinda redeemed herself by being mature and level-headed and apologising.

Also, regarding A Blanket Of Snow, I do have some specific examples in mind regarding Ellie's...inclinations towards Tommy being made clear. I'll spare you the time and tell you now so you don't have to go back and read. Basically, there's a scene where she has a dream where shes encouraging Tommy and Joel to sleep with eachother and then egging them on throughout the process of them getting it on. Definitely threw me for a loop, especially with the incest of it all! 🤣 You can truly find it all on AO3, the "A" in it could alternatively stand for "Adventurous" haha.

Also, her attraction to Tommy is subtly hinted through several other lines throughout the saga. There's a scene where Joel is admiring Ellie while she's unclothed, and Ellie says "Take a picture, it'll last longer." Joel says he would if he had a camera, and Ellie asks, "Would you show it to Tommy?"— then Joel says he would but he'd charge Tommy some money. There are also some lines here and there where in her inner monologue, she mentions having fantasies about having a threesome with Joel and Tommy. It's all very scandalously depraved lmaooo FtW Ellie's got that inner beast in her.

Well hello! I’m sorry it took a hot minute - but between writer’s block (damnit Joel, sit down and let me play) and catching a cold, typing is such a chore.

Joellie discussions below cut

Writing David takes its toll on my brain - it’s hard to write Ellie in such a precarious situation, and it does make me question where these ideas for her come from. I’ve written her into scary situations with David twice and a pregnancy loss - why do keep writing our girl into these situations??

Thank you for your kind words about the relationship I write - I try to shake it up a little with each universe I create but I do especially love them in LtW, both seem a lot more vulnerable and unsure of how to fit into the Jackson standard. They need each other in a different way than the other stories I’ve written.

I was just talking to a friend about Maria - how we love the idea of protective, Mama Bear Maria, but every time I sit down to write her, she opens her mouth and … whoops, she puts her nose where it doesn’t belong. lol, I do love writing her too. I have some interesting (I think) ideas for her in the next LtW installment.

Oh, AO3, you’ve always been a safe haven for the depraved - thank you so much. ABOS was written like a fever dream, and I know it was supposed to read that way; at some points Ellie wasn’t even sure which parts were real and which parts were going on in her mind. I didn’t dislike the story - but it was so convoluted that I couldn’t follow it and didn’t bother to stick with it (sorry, RW Daniels, if you ever see our ramblings).

I know there are a few writers that have explored the idea of Ellie/Tommy, Joel/Tommy and even Joel/Tommy/Ellie - and that’s what AO3 is for, to create a safe space for those writers and then the readers can find them. I just… don’t see it. Again, this isn’t to yuck on anyone’s yum, trust and believe I’m the last person to judge, but for me I like Ellie’s relationship with Tommy to be like a niece or baby sister. That’s kind of why the last installment of FtW made me go 🥴 with those fantasies and what ended up coming to fruition in the epilogue.

Anyway, Miss Undercover, it’s always fun analyzing with you 😘 what’s next??

🫶🏻

VPS Windows Hosting in India: The Ultimate Guide for 2024

In the ever-evolving landscape of web hosting, Virtual Private Servers (VPS) have become a preferred choice for both businesses and individuals. Striking a balance between performance, cost-effectiveness, and scalability, VPS hosting serves those seeking more than what shared hosting provides without the significant expense of a dedicated server. Within the myriad of VPS options, VPS Windows Hosting stands out as a popular choice for users who have a preference for the Microsoft ecosystem.

This comprehensive guide will explore VPS Windows Hosting in India, shedding light on its functionality, key advantages, its relevance for Indian businesses, and how to select the right hosting provider in 2024.

What is VPS Windows Hosting?

VPS Windows Hosting refers to a hosting type where a physical server is partitioned into various virtual servers, each operating with its own independent Windows OS. Unlike shared hosting, where resources are shared among multiple users, VPS provides dedicated resources, including CPU, RAM, and storage, which leads to enhanced performance, security, and control.

Why Choose VPS Windows Hosting in India?

The rapid growth of India’s digital landscape and the rise in online businesses make VPS hosting an attractive option. Here are several reasons why Windows VPS Hosting can be an optimal choice for your website or application in India:

Seamless Compatibility: Windows VPS is entirely compatible with Microsoft applications such as ASP.NET, SQL Server, and Microsoft Exchange. For websites or applications that depend on these technologies, Windows VPS becomes a natural option.

Scalability for Expanding Businesses: A notable advantage of VPS hosting is its scalability. As your website or enterprise grows, upgrading server resources can be done effortlessly without downtime or cumbersome migration. This aspect is vital for startups and SMEs in India aiming to scale economically.

Localized Hosting for Improved Speed: Numerous Indian hosting providers have data centers within the country, minimizing latency and enabling quicker access for local users, which is particularly advantageous for targeting audiences within India.

Enhanced Security: VPS hosting delivers superior security compared to shared hosting, which is essential in an era where cyber threats are increasingly prevalent. Dedicated resources ensure your data remains isolated from others on the same physical server, diminishing the risk of vulnerabilities.

Key Benefits of VPS Windows Hosting

Dedicated Resources: VPS Windows hosting ensures dedicated CPU, RAM, and storage, providing seamless performance, even during traffic surges.

Full Administrative Control: With Windows VPS, you gain root access, allowing you to customize server settings, install applications, and make necessary adjustments.

Cost Efficiency: VPS hosting provides the advantages of dedicated hosting at a more economical price point. This is incredibly beneficial for businesses looking to maintain a competitive edge in India’s market.

Configurability: Whether you require specific Windows applications or custom software, VPS Windows hosting allows you to tailor the server to meet your unique needs.

Managed vs. Unmanaged Options: Depending on your technical ability, you can opt for managed VPS hosting, where the provider manages server maintenance, updates, and security, or unmanaged VPS hosting, where you retain full control of the server and its management.

How to Select the Right VPS Windows Hosting Provider in India

With a plethora of hosting providers in India offering VPS Windows hosting, selecting one that meets your requirements is crucial. Here are several factors to consider:

Performance & Uptime: Choose a hosting provider that guarantees a minimum uptime of 99.9%. Reliable uptime ensures your website remains accessible at all times, which is crucial for any online venture.

Data Center Location: Confirm that the hosting provider has data centers located within India or in proximity to your target users. This will enhance loading speeds and overall user satisfaction.

Pricing & Plans: Evaluate pricing plans from various providers to ensure you’re receiving optimal value. Consider both initial costs and renewal rates, as some providers may offer discounts for longer commitments.

Customer Support: Opt for a provider that offers 24/7 customer support, especially if you lack an in-house IT team. Look for companies that offer support through various channels like chat, phone, and email.

Security Features: Prioritize providers offering robust security features such as firewall protection, DDoS mitigation, automatic backups, and SSL certificates.

Backup and Recovery: Regular backups are vital for data protection. Verify if the provider includes automated backups and quick recovery options for potential issues.

Top VPS Windows Hosting Providers in India (2024)

To streamline your research, here's a brief overview of some of the top VPS Windows hosting providers in India for 2024:

Host.co.in

Recognized for its competitive pricing and exceptional customer support, Host.co.in offers a range of Windows VPS plans catering to businesses of various sizes.

BigRock

Among the most well-known hosting providers in India, BigRock guarantees reliable uptime, superb customer service, and diverse hosting packages, including Windows VPS.

MilesWeb

MilesWeb offers fully managed VPS hosting solutions at attractive prices, making it a great option for businesses intent on prioritizing growth over server management.

GoDaddy

As a leading name in hosting, GoDaddy provides flexible Windows VPS plans designed for Indian businesses, coupled with round-the-clock customer support.

Bluehost India

Bluehost delivers powerful VPS solutions for users requiring high performance, along with an intuitive control panel and impressive uptime.

Conclusion

VPS Windows Hosting in India is an outstanding option for individuals and businesses in search of a scalable, cost-effective, and performance-oriented hosting solution. With dedicated resources and seamless integration with Microsoft technologies, it suits websites that experience growing traffic or require ample resources.

As we advance into 2024, the necessity for VPS Windows hosting is expected to persist, making it imperative to choose a hosting provider that can accommodate your developing requirements. Whether launching a new website or upgrading your existing hosting package, VPS Windows hosting is a strategic investment for the future of your online endeavors.

FAQs

Is VPS Windows Hosting costly in India?

While VPS Windows hosting is pricier than shared hosting, it is much more affordable than dedicated servers and many providers in India offer competitive rates, making it accessible for small and medium-sized enterprises.

Can I upgrade my VPS Windows Hosting plan easily?

Absolutely, VPS hosting plans provide significant scalability. You can effortlessly enhance your resources like CPU, RAM, and storage without experiencing downtime.

What type of businesses benefit from VPS Windows Hosting in India?

Businesses that demand high performance, improved security, and scalability find the most advantage in VPS hosting. It’s particularly ideal for sites that utilize Windows-based technologies like ASP.NET and SQL Server.

Edward Tufte's 'The Visual Display of Quantitative Information' is a fantastic book, and should be required reading for anyone in either the sciences or graphic design.

Blogofractal [Explained]

Transcript Under the Cut

From the makers of the Blogosphere, Blogocube, and Blogodrome comes the Blogofractal

[A large rectangle subdivided into rectangles in a fractal pattern, most with a phrase or word inside. Some subdivisions cannot be seen, as they are too small.]

[Mostly left to right from top-left corner.]

TripMaster Monkey says 118th Post!! Wikiconstitution! OMG DeCSS Casemod your Boyfriend!! FLICKR They're saying on Kos that https://slashdot.org/articl tagCloud Cory Doctorow is a little upset about copyright law. Hey guys what if Google is evil?!? I'll sleep with you for a FreeIpods deal. FirstPsot!! Snakes on an I don't Even Care Anymore KiwiWiki CSS Comments (0) Blogotesseract ¡play games! [RSS icon.] is AYB retro yet? Google Google Google Apple Google Goog Cheney totally shot a dude!!! Watch this toddler get owned by a squirrel!!! Developers Developers Developers Developers I installed a Mac Mini inside ANOTHER Mac Mini! Check out this vid of Jon Stewart 9-11 <-> Trent Lott! Web 7.1 Kryptonite™ locks vulnerable to "keys!" Interesting post! Check out my blog, it has useful info on CARBON MONOXIDE LITIGATION FIREFLY!! HELP ME Engadget Boing Boing Gizmodo MAKE Blog: DIY baby My friend has a band!! Jon released an exploit in the protocol for meeting girls. Internets! Howard Dean? So I hear there's a hurricane. We should elect this dude! Google Maps is da best!! Moderation: +1 Sassy RSS! A-list <3 Trackback URL? I shot a man in Reno check it out on YouTube! HEY LOOK ROBOTS! Net Neutrality! Friends Only. Dupe! AJAX? COMPLY Cowboy Neal Blogodrome Hey look I got Linux running on my tonsils! Look alive, blogonauts! Cafepress cockrings BOOBIES!! MIA A Beowulf Cluster... of BLOGS!! SPOILER ALERT Dupe! You have been eaten by a Grue. Ruby on a monorail Lesbians! DNF Released! Steampunk BLAG PONIES! Xeni found some porn! IRONY LIARS! Linux on Rails! Blogocube del.icio.us! 404 o.O Don't slam the source when you close it.

In today’s digital world, injustice lurks in the shadows of the Facebook post that’s delivered to certain groups of people at the exclusion of others, the hidden algorithm used to profile candidates during job interviews, and the risk-assessment algorithms used for criminal sentencing and welfare fraud detention. As algorithmic systems are integrated into every aspect of society, regulatory mechanisms struggle to keep up.

Over the past decade, researchers and journalists have found ways to unveil and scrutinize these discriminatory systems, developing their own data collection tools. As the internet has moved from browsers to mobile apps, however, this crucial transparency is quickly disappearing.

Third-party analysis of digital systems has largely been made possible by two seemingly banal tools that are commonly used to inspect what’s happening on a webpage: browser add-ons and browser developer tools.

Browser add-ons are small programs that can be installed directly onto a web browser, allowing users to augment how they interact with a given website. While add-ons are commonly used to operate tools like password managers and ad-blockers, they are also incredibly useful for enabling people to collect their own data within a tech platform’s walled garden.

Similarly, browser developer tools were made to allow web developers to test and debug their websites’ user interfaces. As the internet evolved and websites became more complex, these tools evolved too, adding features like the ability to inspect and change source code, monitor network activity, and even detect when a website is accessing your location or microphone. These are powerful mechanisms for investigating how companies track, profile, and target their users.

I have put these tools to use as a data journalist to show how a marketing company logged users’ personal data even before they clicked “submit” on a form and, more recently, how the Meta Pixel tool (formerly the Facebook Pixel tool) tracks users without their explicit knowledge in sensitive places such as hospital websites, federal student loan applications, and the websites of tax-filing tools.

In addition to exposing surveillance, browser inspection tools provide a powerful way to crowdsource data to study discrimination, the spread of misinformation, and other types of harms tech companies cause or facilitate. But in spite of these tools’ powerful capabilities, their reach is limited. In 2023, Kepios reported that 92 percent of global users accessed the internet through their smartphones, whereas only 65 percent of global users did so using a desktop or laptop computer.

Though the vast majority of internet traffic has moved to smartphones, we don’t have tools for the smartphone ecosystem that afford the same level of “inspectability” as browser add-ons and developer tools. This is because web browsers are implicitly transparent, while mobile phone operating systems are not.

If you want to view a website in your web browser, the server has to send you the source code. Mobile apps, on the other hand, are compiled, executable files that you usually download from places such as Apple’s iOS App Store or Google Play. App developers don’t need to publish the source code for people to use them.

Similarly, monitoring network traffic on web browsers is trivial. This technique is often more useful than inspecting source code to see what data a company is collecting on users. Want to know which companies a website shares your data with? You’ll want to monitor the network traffic, not inspect the source code. On smartphones, network monitoring is possible, but it usually requires the installation of root certificates that make users’ devices less secure and more vulnerable to man-in-the-middle attacks from bad actors. And these are just some of the differences that make collecting data securely from smartphones much harder than from browsers.

The need for independent collection is more pressing than ever. Previously, company-provided tools such as the Twitter API and Facebook’s CrowdTangle, a tool for monitoring what’s trending on Facebook, were the infrastructure that powered a large portion of research and reporting on social media. However, as these tools become less useful and accessible, new methods of independent data collection are needed to understand what these companies are doing and how people are using their platforms.

To meaningfully report on the impact digital systems have on society, we need to be able to observe what’s taking place on our devices without asking a company for permission. As someone who has spent the past decade building tools that crowdsource data to expose algorithmic harms, I believe the public should have the ability to peek under the hood of their mobile apps and smart devices, just as they can on their browsers. And it’s not just me: The Integrity Institute, a nonprofit working to protect the social internet, recently released a report that lays bare the importance of transparency as a lever to achieve public interest goals like accountability, collaboration, understanding, and trust.

To demand transparency from tech platforms, we need a platform-independent transparency framework, something that I like to call an inspectability API. Such a framework would empower even the most vulnerable populations to capture evidence of harm from their devices while minimizing the risk of their data being used in research or reporting without their consent.

An application programming interface (API) is a way for companies to make their services or data available to other developers. For example, if you’re building a mobile app and want to use the phone’s camera for a specific feature, you would use the iOS or Android Camera API. Another common example is an accessibility API, which allows developers to make their applications accessible to people with disabilities by making the user interface legible to screen readers and other accessibility tools commonly found on modern smartphones and computers. An inspectability API would allow individuals to export data from the apps they use every day and share it with researchers, journalists, and advocates in their communities. Companies could be required to implement this API to adhere to transparency best practices, much as they are required to implement accessibility features to make their apps and websites usable for people with disabilities.

In the US, residents of some states can request the data companies collect on them, thanks to state-level privacy laws. While these laws are well-intentioned, the data that companies share to comply with them is usually structured in a way that obfuscates crucial details that would expose harm. For example, Facebook has a fairly granular data export service that allows individuals to see, amongst other things, their “Off-Facebook activity.” However, as the Markup found during a series of investigations into the use of Pixel, even though Facebook told users which websites were sharing data, it did not reveal just how invasive the information being shared was. Doctor appointments, tax filing information, and student loan information were just some of the things that were being sent to Facebook. An inspectability API would make it easy for people to monitor their devices and see how the apps they use track them in real time.

Some promising work is already being done: Apple’s introduction of the App Privacy Report in iOS 15 marked the first time iPhone users could see detailed privacy information to understand each app’s data collection practices and even answer questions such as, “Is Instagram listening to my microphone?”

But we cannot rely on companies to do this at their discretion—we need a clear framework to define what sort of data should be inspectable and exportable by users, and we need regulation that penalizes companies for not implementing it. Such a framework would not only empower users to expose harms, but also ensure that their privacy is not violated. Individuals could choose what data to share, when, and with whom.

An inspectability API will empower individuals to fight for their rights by sharing the evidence of harm they have been exposed to with people who can raise public awareness and advocate for change. It would enable organizations such as Princeton’s Digital Witness Lab, which I cofounded and lead, to conduct data-driven investigations by collaborating closely with vulnerable communities, instead of relying on tech companies for access. This framework would allow researchers and others to conduct this work in a way that is safe, precise, and, most importantly, prioritizes the consent of the people being harmed.

personal nitpick completely unrelated to the winrar vulnerability itself, but.

the way this person wrote this pisses me off (probably more than it should), theres hundreds of reasons why a developer wouldnt want to implement self-updating in software, especially since implementing connecting to the internet to auto-install updates could open it up to even more potential security holes, plus it just sucks to develop. my web browser of choice, librewolf (a fork of firefox,) excludes self-updating and requires manual updates (or updates from a package manager) for these sorts of reasons. put your big boy pants on and manually download updates from developers websites and shut up

anyway. regarding winrar specifically just use 7zip instead, its free and open source, back when i used windows it served me well.

it does use unrar code to support decompressing rar archives but from what ive read the vulnerability in winrar shouldnt affect 7zip or any other programs using unrar, only winrar itself