First Work Day of 2023 #letsDoThis #commitAweesome
Unisphere at Sunset
A while ago I did a photo study of the Unispherte in Flushing Meadows Park. Over the next few days, I’ll post some of my favorite shots from that photo study.
#Photography #PhotoOfTheDay #unisphere #queens #NYC #commitAwesome #DailyPhoto #POTD #sunset
Now that I have my #Mastodon Instance up and running I'm thinking of how I better integrate my blog into the #fediverse.
My first thought was just to leverage the MastodonAPI to automagically post to Mastodon on node save. I have that working now, this post will get posted to my Mastodon account when I save it.
I'm considering switching this out and use the Activity Pub #Drupal module to add the site to the fediverse.
I wear New Balance sneakers because they have proper arch support and my feet don’t hurt. A few years back, the CEO of New Balance made some comments agreeing with Trump’s trade policies. “Friends” didn’t understand that wearing NB wasn’t a political statement, it was a pro-walking miles pain-free in NYC statement.
#TIL - #mastodon Edition
When a post is retrieved by a federated server, it’s media files are copied and stored to the federated server. I has assumed, wrongfully, that media was served from the origin server.
This is why this instance is quickly eating disk space. Although I don’t post much, I follow a lot of photographers all of whom are publishing a lot of images.
I need to setup an S3 compatible bucket in the next day or 3 and store media there.
After pushing my #Mastodon Instance’s media into object storage, I shrank the server it runs on to 1CPU, 1Gig Ram, 25Gig storage for $5.00/mo. So far it's running fine. For less than cost of Twitter Blue, I can have my own mastodon server, on my own domain and own my own data.
[Update 12/28/2022] Reposting this because it come up in conversation with a recruiter today.
I’ve commented on this blog about the trend recruiters have where they ask for the last 4 digits of a candidate’s SSN in their first contact email (Along with name, dob, location and other PII). I thought I’d consolidate my thoughts on a post.
Let me explain the format of a SSN:
The first 3 digits are tied to the state where the applicant applied for their SSN. Since most people in the US are born, live and die within a 50 mile radius this becomes guessable.
The next 2 are a group number and can be tied to the year the applicant applied for their SSN. States only issue from a few group numbers a year. Most Americans are issued their SSN in the first couple of years of their life. Where a recruiter doesn’t know a candidate’s age/year of birth, it can be estimated from info on a candidate’s resume (graduation year or when the candidate entered the workforce).
The last 4 are assigned in sequence and isn’t derivable from a candidate’s information. These are the most significant digits for your privacy,
So for a large portion of candidates, someone can whittle SSNs down to 1-25 possible options. You can see why I am concerned that this could be a fishing attack. Someone I don’t know asking for information that can lead to identity theft. Also the thought that you’re submitting the info via email which is insecure by design adds another vector for possible theft.
I understand that firms are using Applicant Tracking Systems where the last 4 digits of a SSN are used to ensure candidates don’t get double submitted, but I think many people are unaware of the risks.
I'm not saying it's cold in here today, but…
I can now post text content on my blog and push it into my personal Mastodon Instance, automagically.
I'll play with media (images and videos) next.