Med-Mastodon

rexi<a href="https://www.eff.org/deeplinks/2025/06/protect-yourself-metas-latest-attack-privacy" rel="nofollow noopener" translate="no" target="_blank">https://www.eff.org/deeplinks/2025/06/protect-yourself-metas-latest-attack-privacy</a><a href="https://mastodon.social/tags/Meta" class="mention hashtag" rel="nofollow noopener" target="_blank">#Meta</a>’s <a href="https://mastodon.social/tags/trackingpixel" class="mention hashtag" rel="nofollow noopener" target="_blank">#trackingpixel</a> was secretly communicating with Meta’s apps on <a href="https://mastodon.social/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#Android</a> devices. This violates a fundamental security feature <a href="https://mastodon.social/tags/sandboxing" class="mention hashtag" rel="nofollow noopener" target="_blank">#sandboxing</a> of <a href="https://mastodon.social/tags/mobileOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#mobileOS</a> that prevents <a href="https://mastodon.social/tags/apps" class="mention hashtag" rel="nofollow noopener" target="_blank">#apps</a> from communicating with each other. Meta got around this restriction by exploiting <a href="https://mastodon.social/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a>, a feature meant for developer testing. This allowed Meta to create a hidden channel between mobile browser apps and its own apps.

Martin SchmittCW Meta spyware

Hacker NewsCovert Web-to-App Tracking via Localhost on Android<a href="https://localmess.github.io/" rel="nofollow noopener" translate="no" target="_blank">https://localmess.github.io/</a><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#HackerNews</a> <a href="https://mastodon.social/tags/Covert" class="mention hashtag" rel="nofollow noopener" target="_blank">#Covert</a> <a href="https://mastodon.social/tags/Web" class="mention hashtag" rel="nofollow noopener" target="_blank">#Web</a>-to-App <a href="https://mastodon.social/tags/Tracking" class="mention hashtag" rel="nofollow noopener" target="_blank">#Tracking</a> <a href="https://mastodon.social/tags/Localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#Localhost</a> <a href="https://mastodon.social/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#Android</a> <a href="https://mastodon.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Privacy</a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a>

Hacker News.localhost Domains<a href="https://inclouds.space/localhost-domains" rel="nofollow noopener" translate="no" target="_blank">https://inclouds.space/localhost-domains</a><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#HackerNews</a> <a href="https://mastodon.social/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a> <a href="https://mastodon.social/tags/Domains" class="mention hashtag" rel="nofollow noopener" target="_blank">#Domains</a> <a href="https://mastodon.social/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mastodon.social/tags/web" class="mention hashtag" rel="nofollow noopener" target="_blank">#web</a> <a href="https://mastodon.social/tags/development" class="mention hashtag" rel="nofollow noopener" target="_blank">#development</a> <a href="https://mastodon.social/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#tech</a> <a href="https://mastodon.social/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a> <a href="https://mastodon.social/tags/domain" class="mention hashtag" rel="nofollow noopener" target="_blank">#domain</a> <a href="https://mastodon.social/tags/names" class="mention hashtag" rel="nofollow noopener" target="_blank">#names</a>

adingbatponder<a href="https://mastodon.social/@nixCraft" class="u-url mention" rel="nofollow noopener" target="_blank">@nixCraft</a> I cannot get <local_LAN_ip_address>:8000 , opened in a browser, to work on my Android phone to open a GUI served by a computer linked to phone by <a href="https://fosstodon.org/tags/wifi" class="mention hashtag" rel="nofollow noopener" target="_blank">#wifi</a> on the <a href="https://fosstodon.org/tags/LAN" class="mention hashtag" rel="nofollow noopener" target="_blank">#LAN</a>. iOS is ok. <a href="https://fosstodon.org/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#Android</a> not. Is there a fix ? <a href="https://fosstodon.org/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a> Cheers!

Alx 🐈Hello <a href="https://mastodon.design/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fediverse</a> <a href="https://a.gup.pe/u/academicchatter" class="u-url mention" rel="nofollow noopener" target="_blank">@academicchatter</a> I need your help for a privacy-focused local-host (run offline from my computer) transcription software. I am (luckily?) collecting more interviews than I planned and transcribing manually is becoming a giant task, so it would really be helpful to have an automatic assistance. Any suggestions? <a href="https://a.gup.pe/u/phdstudents" class="u-url mention" rel="nofollow noopener" target="_blank">@phdstudents</a> <a href="https://mastodon.design/tags/academia" class="mention hashtag" rel="nofollow noopener" target="_blank">#academia</a> <a href="https://mastodon.design/tags/research" class="mention hashtag" rel="nofollow noopener" target="_blank">#research</a> <a href="https://mastodon.design/tags/AcademicMastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#AcademicMastodon</a> <a href="https://mastodon.design/tags/AcademicFedi" class="mention hashtag" rel="nofollow noopener" target="_blank">#AcademicFedi</a> <a href="https://mastodon.design/tags/transcription" class="mention hashtag" rel="nofollow noopener" target="_blank">#transcription</a> <a href="https://mastodon.design/tags/software" class="mention hashtag" rel="nofollow noopener" target="_blank">#software</a> <a href="https://mastodon.design/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a> <a href="https://mastodon.design/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a> <a href="https://mastodon.design/tags/interviews" class="mention hashtag" rel="nofollow noopener" target="_blank">#interviews</a> <a href="https://mastodon.design/tags/OralHistory" class="mention hashtag" rel="nofollow noopener" target="_blank">#OralHistory</a> <a href="https://mastodon.design/tags/help" class="mention hashtag" rel="nofollow noopener" target="_blank">#help</a> <a href="https://mastodon.design/tags/tips" class="mention hashtag" rel="nofollow noopener" target="_blank">#tips</a>

Radio Azureus1. ping localhost2. ping 127.0.0.13. ping ::1Fourty Five years ago I wrote 1 When I progressed further I wrote 2 Now I write 3Pinging home just became simpler and simpler<a href="https://fuzzies.wtf/@altbot" class="u-url mention" rel="nofollow noopener" target="_blank">@altbot</a><a href="https://en.wikipedia.org/wiki/Ping_%28networking_utility%29?wprov=sfla1" rel="nofollow noopener" translate="no" target="_blank">https://en.wikipedia.org/wiki/Ping_%28networking_utility%29?wprov=sfla1</a><a href="https://mastodon.social/tags/Networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#Networking</a> <a href="https://mastodon.social/tags/basics" class="mention hashtag" rel="nofollow noopener" target="_blank">#basics</a> <a href="https://mastodon.social/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a> <a href="https://mastodon.social/tags/IPV4" class="mention hashtag" rel="nofollow noopener" target="_blank">#IPV4</a> <a href="https://mastodon.social/tags/IPV6" class="mention hashtag" rel="nofollow noopener" target="_blank">#IPV6</a>

Aral Balkan@small-tech/https version 5.3.0 released• Uses Auto Encrypt 4.1.1 (removes OCSP stapling support because Let]s Encrypt has removed OCSP support).<a href="https://www.npmjs.com/package/@small-tech/https" rel="nofollow noopener" translate="no" target="_blank">https://www.npmjs.com/package/@small-tech/https</a>This module is a drop in replacement for Node HTTPS module that automatically handles TLS certificate provisioning and renewal both at localhost (via Auto Encrypt Localhost¹) and at hostname (via Auto Encrypt with Let’s Encrypt certificates²).So, this is how you create a HTTPS server in Node.js that uses this module and automatically handles TLS certificate provisioning and renewal for you both at localhost (during development) and at hostname (during production):```js import https from '@small-tech/https'const server = https.createServer((request, response) => { response.end('Hello, world!') })server.listen(443, () => { console.log(' 🎉 Server running at https://localhost.') }) ```(Yes, that’s it! I wrote a metric shit-tonne of meticulously-tested code so you don’t have to.) :)💡 Note that the localhost certificate support via Auto Encrypt Localhost is 100% JavaScript and does NOT rely on an external binary like mkcert or certutil.Needless to say, Kitten³ uses this module under the hood and it’s a big part of why Domain⁴ can deploy servers so easily that don’t require any day-to-day maintenance.In case you’re wondering why I’m spending so much time releasing all these modules, it’s because I believe in sharing every brick of the house I’m building so others can easily build different houses if they want to. I’m not saying that what I’m building with Kitten, Domain, and Place⁵ will be the end all be all of the Small Web⁶ (the peer-to-peer web). And I want others to be able to experiment by building their own tools without having to go through the grueling development process I’ve had to in the past six years to build basic infrastructure.Enjoy!💕¹ <a href="https://codeberg.org/small-tech/auto-encrypt-localhost" rel="nofollow noopener" translate="no" target="_blank">https://codeberg.org/small-tech/auto-encrypt-localhost</a> ² <a href="https://codeberg.org/small-tech/auto-encrypt" rel="nofollow noopener" translate="no" target="_blank">https://codeberg.org/small-tech/auto-encrypt</a> ³ <a href="https://kitten.small-web.org" rel="nofollow noopener" translate="no" target="_blank">https://kitten.small-web.org</a> ⁴ <a href="https://codeberg.org/domain/app" rel="nofollow noopener" translate="no" target="_blank">https://codeberg.org/domain/app</a> ⁵ <a href="https://codeberg.org/place/app" rel="nofollow noopener" translate="no" target="_blank">https://codeberg.org/place/app</a> ⁶ <a href="https://ar.al/2024/06/24/small-web-computer-science-colloquium-at-university-of-groningen/" rel="nofollow noopener" translate="no" target="_blank">https://ar.al/2024/06/24/small-web-computer-science-colloquium-at-university-of-groningen/</a><a href="https://mastodon.ar.al/tags/SmallWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#SmallWeb</a> <a href="https://mastodon.ar.al/tags/SmallTech" class="mention hashtag" rel="nofollow noopener" target="_blank">#SmallTech</a> <a href="https://mastodon.ar.al/tags/AutoEncrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#AutoEncrypt</a> <a href="https://mastodon.ar.al/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#LetsEncrypt</a> <a href="https://mastodon.ar.al/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a> <a href="https://mastodon.ar.al/tags/TLS" class="mention hashtag" rel="nofollow noopener" target="_blank">#TLS</a> <a href="https://mastodon.ar.al/tags/SSL" class="mention hashtag" rel="nofollow noopener" target="_blank">#SSL</a> <a href="https://mastodon.ar.al/tags/HTTPS" class="mention hashtag" rel="nofollow noopener" target="_blank">#HTTPS</a> <a href="https://mastodon.ar.al/tags/Kitten" class="mention hashtag" rel="nofollow noopener" target="_blank">#Kitten</a> <a href="https://mastodon.ar.al/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> <a href="https://mastodon.ar.al/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://mastodon.ar.al/tags/servers" class="mention hashtag" rel="nofollow noopener" target="_blank">#servers</a> <a href="https://mastodon.ar.al/tags/web" class="mention hashtag" rel="nofollow noopener" target="_blank">#web</a> <a href="https://mastodon.ar.al/tags/dev" class="mention hashtag" rel="nofollow noopener" target="_blank">#dev</a> <a href="https://mastodon.ar.al/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#FOSS</a>

HoldMyTypeHow an I make such a mindless error Testing html on <a href="https://mathstodon.xyz/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a> forget to prefix a hyperlink with https:// It's rendered as localhost://url.com

happyborgWhat's the easiest way to set up (e.g. using a nice script or other program) a local <a href="https://fosstodon.org/tags/DNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#DNS</a> on a range of platforms, and configure it to handle wildcard subdomains on <a href="https://fosstodon.org/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a>?😆A quick search shows <a href="https://fosstodon.org/tags/dnsmasq" class="mention hashtag" rel="nofollow noopener" target="_blank">#dnsmasq</a> can be used on Linux and Windows at least, but I wonder if anyone has faced this problem before and made a neat cross-platform solution?I want <anything>.localhost to resolve to localhost and be handled by a server which runs on the local device (ideally Win, Mac, Linux and Android).

Ville#flux1dev with specific lora

Avoid the Hack! :donor:0.0.0.0 Day: Exploiting <a href="https://infosec.exchange/tags/Localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#Localhost</a> APIs From the BrowserWebsites can can communicate with services running on the local network by using 0.0.0.0. This could lead to arbitrary code execution on the site visitor's device.Fixes by different <a href="https://infosec.exchange/tags/browsers" class="mention hashtag" rel="nofollow noopener" target="_blank">#browsers</a> are on the way and in different stages:WebKit (<a href="https://infosec.exchange/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#Apple</a>) blocks access to 0.0.0.0 for Private Network Access.<a href="https://infosec.exchange/tags/Firefox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Firefox</a> now blocks 0.0.0.0 but has not implemented Private Network Access.Chromium browsers strting with 128 will be updated to block access to 0.0.0.0<a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a><a href="https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser" rel="nofollow noopener" translate="no" target="_blank">https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser</a>

Axel ⌨🐧🐪🚴😷 | R.I.P NatenomAus gegebenem Anlass. <a href="https://chaos.social/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a>

Martin Pughand.... we're up and running.My blog has moved to a server at home and appears to be running OK.What did I do differently from yesterday? Glad you asked. I took it very slowly..I started by enabling connectivity over http and waited patiently for DNS to propagate and test OK before proceeding. I think I broke DNS yesterday (didn't use the FQDN in the CNAME even though that's not how it's displayed once saved) which didn't help.Once it was OK serving http pages, I checked all the settings for acme-client and I was missing a couple of directories which I created. The first acme-client test worked and we had a cert. I removed the comments from the TLS config in httpd.conf and restarted and things are happy again.If anyone's interested in my random life notes and occasional home automation and solar posts, you can find me at <a href="https://martin.hatstand.org.uk" rel="nofollow noopener" target="_blank">https://martin.hatstand.org.uk</a> (/braces for the server onslaught as both of my followers click the link....)<a href="https://bsd.network/tags/SelfShost" class="mention hashtag" rel="nofollow noopener" target="_blank">#SelfShost</a> <a href="https://bsd.network/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#SelfHosted</a> <a href="https://bsd.network/tags/LocalHost" class="mention hashtag" rel="nofollow noopener" target="_blank">#LocalHost</a>

Linux Is BestI am going to download a localized copy of Sharkey. Not to run it, so much as to understand how it works. <a href="https://sakurajima.social/tags/Sharkey" rel="nofollow noopener" target="_blank">#Sharkey</a> <a href="https://sakurajima.social/tags/LocalHost" rel="nofollow noopener" target="_blank">#LocalHost</a>

Michal Bryxí 🌱What I should be doing: Ticking off tasks from my personal ToDo list 🤩 What am I doing instead: Reporting severe, yet very easy to catch <a href="https://veganism.social/tags/bugs" class="mention hashtag" rel="nofollow noopener" target="_blank">#bugs</a> to big-ass corporations 🤦‍♂️ <a href="https://veganism.social/tags/Localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#Localhost</a> <a href="https://veganism.social/tags/Testing" class="mention hashtag" rel="nofollow noopener" target="_blank">#Testing</a> <a href="https://veganism.social/tags/iCanBreakItForYou" class="mention hashtag" rel="nofollow noopener" target="_blank">#iCanBreakItForYou</a>

Funny Konstantin :bheartrainbow: Btw, did you know that JavaScript/WASM scripts can scan for open ports on localhost when you visit a website? Here is someone making a Go port scanner compiled to wasm: <a href="https://infosecwriteups.com/identify-website-users-by-client-port-scanning-using-webassembly-and-go-e9798b4aa05c" rel="nofollow noopener" target="_blank">https://infosecwriteups.com/identify-website-users-by-client-port-scanning-using-webassembly-and-go-e9798b4aa05c</a> <a class="hashtag" href="https://m.iamkonstantin.eu/tag/localhost" rel="nofollow noopener" target="_blank">#localhost</a> <a class="hashtag" href="https://m.iamkonstantin.eu/tag/security" rel="nofollow noopener" target="_blank">#security</a>

Ryuno-KiIt's good to know that <a href="https://layer8.space/tags/fail2ban" class="mention hashtag" rel="nofollow noopener" target="_blank">#fail2ban</a> actually works.But does it have to be on <a href="https://layer8.space/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a>? 🫤And only because I forgot to comment <a href="https://layer8.space/tags/HSTS" class="mention hashtag" rel="nofollow noopener" target="_blank">#HSTS</a> in the provision against the <a href="https://layer8.space/tags/vagrant" class="mention hashtag" rel="nofollow noopener" target="_blank">#vagrant</a> VM.

Aral BalkanToday I learned that cookies do not provide isolation by port.I guess that’s because, in 30 years of web development, I had never locally tested multiple instances of a peer-to-peer web app that used cookies for sessions before.PS. You can just test from different loopback addresses. e.g., 127.0.0.1:443, 127.0.0.2:444, etc. Of course, your local TLS certificate has to include those IPs or you’ll see certificate errors if testing over HTTPS.<a href="https://mastodon.ar.al/tags/SmallWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#SmallWeb</a> <a href="https://mastodon.ar.al/tags/cookies" class="mention hashtag" rel="nofollow noopener" target="_blank">#cookies</a> <a href="https://mastodon.ar.al/tags/sessions" class="mention hashtag" rel="nofollow noopener" target="_blank">#sessions</a> <a href="https://mastodon.ar.al/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a> <a href="https://mastodon.ar.al/tags/web" class="mention hashtag" rel="nofollow noopener" target="_blank">#web</a> <a href="https://mastodon.ar.al/tags/dev" class="mention hashtag" rel="nofollow noopener" target="_blank">#dev</a>

Aral BalkanJust released version 8.2.0 of Auto-Encrypt LocalhostAll status changes are now communicated via events instead of console messages.Think I’m pretty much done with v8 now.Next: update https (<a href="https://codeberg.org/small-tech/https" rel="nofollow noopener" target="_blank">https://codeberg.org/small-tech/https</a>) to use it and then update Kitten (<a href="https://codeberg.org/kitten/app" rel="nofollow noopener" target="_blank">https://codeberg.org/kitten/app</a>) to use the updated https. (Which should make Kitten cross-platform, including on ARM.)<a href="https://www.npmjs.com/package/@small-tech/auto-encrypt-localhost" rel="nofollow noopener" target="_blank">https://www.npmjs.com/package/@small-tech/auto-encrypt-localhost</a><a href="https://mastodon.ar.al/tags/SmallWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#SmallWeb</a> <a href="https://mastodon.ar.al/tags/SmallTech" class="mention hashtag" rel="nofollow noopener" target="_blank">#SmallTech</a> <a href="https://mastodon.ar.al/tags/AutoEncryptLocalhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#AutoEncryptLocalhost</a> <a href="https://mastodon.ar.al/tags/cli" class="mention hashtag" rel="nofollow noopener" target="_blank">#cli</a> <a href="https://mastodon.ar.al/tags/TLS" class="mention hashtag" rel="nofollow noopener" target="_blank">#TLS</a> <a href="https://mastodon.ar.al/tags/SSL" class="mention hashtag" rel="nofollow noopener" target="_blank">#SSL</a> <a href="https://mastodon.ar.al/tags/https" class="mention hashtag" rel="nofollow noopener" target="_blank">#https</a> <a href="https://mastodon.ar.al/tags/localhost" class="mention hashtag" rel="nofollow noopener" target="_blank">#localhost</a> <a href="https://mastodon.ar.al/tags/NodeJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NodeJS</a> <a href="https://mastodon.ar.al/tags/web" class="mention hashtag" rel="nofollow noopener" target="_blank">#web</a> <a href="https://mastodon.ar.al/tags/dev" class="mention hashtag" rel="nofollow noopener" target="_blank">#dev</a>

Recent searches

Search options

Administered by:

Server stats:

#localhost