Iván Sánchez Ortega

Fotograma de la versión francesa del concurso "50x15". El 56% del público opina que el sol gira alrededor de la tierra, mientras que el 42% opina que que es la luna lo que gira alrededor de la tierra.

[IA]

Reflexión sobre esas cosas que la gente llama IAs*:

Son el comodín del público del 50x15.

Te van a dar una respuesta, y te van a dar lo más estadísticamente probable, y nunca te van a decir "no sé". Que para cosas sencillas puede estar bien, pero para […]

[Original post on mastodon.social]

Upgraded two machines to #debian #trixie Perfect upgrade. #debianday

@Shine_McShine O sea, que la lasaña es como la queimada o el reiki: te lo venden como muy antiguo pero se inventó alrededor de 1950.

Y ya puestos, le meto gatitos brasileños a la #listaWoke: "História de uma gata" interpretado por Vanessa da Mata (el original de 1977 no me gusta tanto):

https://www.youtube.com/watch?v=RwrIqesjAGI

«Nós, gatos, já nascemos pobres
Porém, já nascemos livres»

A la #listaWoke hay que añadirle "Living Darfur" de Mattafix.

https://www.youtube.com/watch?v=qQwCCm-H-sU

Caption: REST vs SOAP REST: loaf cat sleeping (looking chill af) SAOP: cat licking bathroom soap (INSTANT REGRET!)

even the cats agree

Someone sent me abusive email about #FOSS software I maintain. My policy is that private abuse yields public shaming, so I posted about him here.
However, he managed to convince the moderator of my Mastodon instance to take down those postings.
I don't begrudge the moderator taking the postings […]

A info poster at the Belgrade airport. The central part is a map from OSM, surrounded by addresses of hospitals and so on.

Do I know any Serbian OpenStreetMappers? It seems that the folks at the Belgrade airport forgot to put the OSM attribution before printing the info posters. Somebody should tell them.

(Compare with OSM mapnik tiles at Z=13 […]

[Original post on mastodon.social]

In today's #gleo news: wind data!

Or, more technically: a 2-band raster covering the globe and properly warped (EPSG:4326→EPSG:3857) containing UV speed data, visualised as a particle trail simulation.

Thanks to the #FOSS4GE2025 for providing the […]

[Original post on mastodon.social]

📢 CRA: #FreeSoftware stewards, maintainers, and manufactures, share your input!

To assess how the #CRA may impact the Free Software ecosystem,we have developed a questionnaire:

💻 https://fsfe.org/news/2025/news-20250717-01.en.html

It will help shape an informed response to the CRA's […]

FOSS4G Europe (@foss4geurope@fosstodon.org) Attached: 1 image 🚀 Want to give an unscheduled lightning talk at FOSS4GE? ✏️ Now's your chance! There’s a sign-up sheet available for the Thursday 16:30–17:30 time slot. 📍 Find the sheet in room EL11 (GeoSolutions room). 😄 And please don’t run off with the pen! #FOSS4GE #FOSS4GE #mostar #osgeo

I just decided that I shall talk for 5 minutes about «Gleo vector field particle trail simulator» in the impromptu #FOSS4GE2025 lightning talk track.

Yes, it's a mouthful.

https://fosstodon.org/@foss4geurope/114862600603849559

Esto me ha recordado mucho mi charla de Solanera/FreeDS de la #opensouthcode25

https://hackaday.social/@hackaday/114861538746259682

Cybersecurity Risk Assessment Request With the new EU legislation Cyber Resiliency Act (CRA), there are new responsibilities and requirements put on _manufacturers_ of digital products and services in Europe. Going forward these manufacturers must be able to know and report the exact contents of their software, called a Software Bill of Material (SBOM) and they have requirements to check for vulnerabilities in those components etc. This implies that they need to have full control and knowledge about all of their Open Source components in their stack. (See the CRA Hub for a good resource on CRA for Open Source people.) As a maintainer of a software component that is widely used, I have been curious to see how this will materialize for us. Today I got a first glimpse of what I can only guess will happen more going forward. This multi-billion-dollar Fortune-500 company that I have no contract with and with which I have had no previous communication, sent me this email asking for a lot of curl information. A slightly redacted version is shown below. Now that my curiosity has been satisfied a little bit I instead await the future and long to see how many more of these that will come. And how they will respond to my replies. CRA_request_counter = 1; ## The request > Hello, > > I hope this message finds you well. > > As part of our ongoing efforts to comply with the EU Cyber Resilience Act (CRA), we are currently conducting a cybersecurity risk assessment of third-party software vendors whose products or components are integrated into our systems. > > To support this initiative, we kindly request your input on the following questions related to your software product “libcurl” with version 7.87.0. Please provide your responses directly in the table below and do reply to all added in this email, > > Additional Information: > > * Purpose: This security assessment is part of our due diligence and regulatory compliance obligations under the EU CRA. > * Confidentiality: All information shared will be treated as confidential and used solely for the purpose of this assessment. > * Contact: Should you have any questions or need further clarification, please feel free to reach out by replying directly to this email. > > > We kindly request your response by Friday, July 25, 2025, to ensure timely completion of our assessment process. Thank you for your cooperation and continued partnership in maintaining a secure and resilient digital environment. ## My reaction and response I am not their _vendor_ without having a more formal relationship established and I am certainly not going to spend a few hours of my spare time gathering a lot of information for them for free for their commercial benefit. They “kindly” want me to respond within two weeks. Their use of double quotes around “libcurl” feels odd, and they claim to be using a version that is now more than 2.5 years old. Most if not all of the information they are asking for is already publicly and openly accessible and readable. I suspect they want the information in this more formal way to make it appear more reliable or trustworthy perhaps. Or maybe it just follows their processes better. (It also reminded me of the NASA emails.) I responded like this > Hello, > > I will be happy to answer all curl and libcurl related questions and assist you with this inquiry as soon as we have a support contract setup. You can get the process started immediately by emailing support@wolfssl.com. > > Thanks, I’m looking forward to future cooperation. > > / Daniel I will let you know if they take me up on my offer . ## The screenshot This snapshot of how it looked also shows the actual nine-question form table. Email screenshot ## Why the company name is redacted I’m looking forward to eventually do business with this company, I don’t want them to feel targeted or “ridiculed”. I also suspect that there will be many more emails like this going forward. The company name is not the interesting part of this story.

Cybersecurity Risk Assessment Request

https://daniel.haxx.se/blog/2025/07/11/cybersecurity-risk-assessment-request/

#curl #CRA

He escrito una cosa sobre BOSCO, @civio, @jdelacueva, el Tribunal Supremo y un abogado del Estado:
https://ivan.sanchezortega.es/politics/2025/07/10/bosco-supremo.html

Text: "Everyone on my floor is coding," beneath a picture of Mr. Scott from Star Trek captioned "Software Engineers," and a picture of Dr. McCoy from Star Trek captioned "Doctors."

okay

fine

i laughed

#coding

Explicación en el toot

Me ha encantado leer el trabajo que se enlaza en este artículo. Destacaría esta figura, que es totalmente magnífica.

En ella vemos la diferencia que marca el uso de la IA en el tiempo de resolución de tareas de programación.

En primer lugar, se muestra el […]

[Original post on neopaquita.es]

Hello, I hope this message finds you well. As part of our ongoing efforts to comply with the EU Cyber Resilience Act (CRA), we are currently conducting a cybersecurity risk assessment of third-party software vendors whose products or components are integrated into our systems. To support this initiative, we kindly request your input on the following questions related to your software product "libcurl" with version 7.87.0. Please provide your responses directly in the table below and do reply to all added in this email,

It has officially begun. The CRA info request counter is no longer at zero.

A map interface. It displays a line of changing colours over a white-ish basemap.

In today's #gleo news: Different per-point colour on Stroke symbols.

And, since Gleo can take a symbol and replace RGBA colour into heatmap intensity, it's easy to make a visualization of a magnitude (e.g. vehicle speed) over a trajectory.

You can try this […]

[Original post on mastodon.social]