Mastodon

It's live! New single on Bandcamp
frontalot.bandcamp.com/track/c

With playable music video RPG:
frontalot.com/loot

an album cover for the digital single. The text MC FRONTALOT is at top, COMMON LOOT at bottom. Center is a large pixel-art inventory grid loaded with vendor trash.

BREAKING: Signal, the #1 privacy protecting messaging app many of us rely on, is saying they will pull out of ๐Ÿ‡จ๐Ÿ‡ฆ ENTIRELY if they're scoped into #BillC22 without large changes.

This should be our final alarm bell: we can have digital privacy or we can have legislation this broad and broken, not both!

theglobeandmail.com/politics/a

Signal warns it would pull out of Canada if made to comply with lawful access bill
Signal warns it would pull out of Canada if made to comply with lawful access bill
Secure messaging service says it will not weaken its encryption, privacy safeguards for government

"Canadaโ€™s Bill C-22 Is a Repackaged Version of Last Yearโ€™s Surveillance Nightmare" Canadians deserve better, so stop with it already.

eff.org/deeplinks/2026/05/cana

Awesome HN comment from Embarrassed help:
Both the mandatory data retention and encryption backdoor requirements will cause encrypted messaging services like Signal, WhatsApp, iMessage, Matrix, and others to block both Canadians and Canadian businesses from their services.

If you live in Canada or are impacted by this legislation, then you need to tell both your MP and the Minister of Public Safety of Canada to reject this legislation.

The Canadian Civil Liberties Association (CCLA) published information about Bill C-22 here just over a week ago:
ccla.org/privacy/coalition-to-

The blanket metadata retention and encryption backdoor requirements of Bill C-22 are illegal in the European Union.

Multiple groups have made easy to use tools for sending your MP and (other members of government) an email about rejecting this terrible legislation in its current form:

* The Internet Society's tool:
internetsociety.org/our-work/i

* OpenMedia's messaging tool: action.openmedia.org/page/1887

* ICLM's messaging tool:
iclmg.ca/stop-c-22/

I would also recommend emailing the Minister of Public Safety of Canada (Gary Anandasangaree: gary.anand@parl.gc.ca) and the Minister of Justice (Sean Fraser: sean.fraser@parl.gc.ca).

Canadaโ€™s Bill C-22 Is a Repackaged Version of Last Yearโ€™s Surveillance Nightmare
Canadaโ€™s Bill C-22 Is a Repackaged Version of Last Yearโ€™s Surveillance Nightmare
Last year, the Canadian government pushed Bill C-2, which would erode Canadian digital rights in the name of โ€œborder security.โ€ The bill was so bad it didnโ€™t even make it to committee because of the backlash from the privacy community. Now, the springโ€™s worst sequel, Bill C-22, aka The Lawful Access Act, is trying it again.

The Milky Way photo contest is your annual reminder that the universe is big and beautiful ๐Ÿ’ซ

thisiscolossal.com/2026/05/mil

#photography #nature

a stunning photo of the vibrant milky way in a star studded sky
a stunning photo of the vibrant milky way in a star studded sky
a stunning photo of the vibrant milky way in a star studded sky

New, from me: Canvas Breach Disrupts Schools and Colleges Nationwide

"An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the serviceโ€™s login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions."

"Canvas parent firm Instructure responded to today's defacement attacks by disabling the platform, which is used by thousands of schools, universities and businesses to manage coursework and assignments, and to communicate with students."

Lots more here:

krebsonsecurity.com/2026/05/ca

A screenshot taken and shared by a reader showing the extortion message that was shown on the Canvas login page today. The message reads: ShinyHunters has breached Instructure (again.) Instead of constacting us to resolve it they ignored us and did some "security patches." If any of the schools in the affected list are interested in preventing the release of their data, please consult with a cyber advisory firm and contact us privately at Tox to negotiate a settlement. You have until the end of the day by May 12 2026 before everything is leaked."

RE: indieweb.social/@tg/1165225634

"Personal sites are coming back. RSS feeds are coming back. Webrings are coming back. People are remembering that a website can be a home or a place instead of a profile."

๐Ÿ”ฅ๐Ÿ”ฅ๐Ÿ”ฅ Give this a read, friends (there's a link to switch to plain text if you prefer).

"Foreign actors producing more false content about Alberta separatism" Hmmm... who would do this, you wonder? "the campaigns are coming out of Russia and the United States" Yep, story checks out.

ctvnews.ca/edmonton/article/fo

Foreign actors producing more false content about Alberta separatism: report
Foreign actors producing more false content about Alberta separatism: report
A report says foreign actors are increasingly generating articles, podcasts and social media posts riddled with disinformation about Albertaโ€™s separatist movement.

W3C is very pleased to announce that the @sovtechfund has launched a pilot program to support independent #OpenSource maintainers participation in the work of our groups, including training, mentoring, and financial support to make sustained engagement possible. It is really wonderful to see efforts from organizations to recognize the role that open standards play.

The call for applications is open until 19 May.
More information available at sovereign.tech/programs/standa
Apply now!
#FOSS

Sovereign Tech Standards | Sovereign Tech Agency
Sovereign Tech Standards | Sovereign Tech Agency

๐Ÿ‹๏ธ ๐—ก๐—ผ๐—ฟ๐˜๐—ต๐—ฆ๐—ฒ๐—ฐ ๐Ÿฎ๐Ÿฌ๐Ÿฎ๐Ÿฒ ๐—™๐—ผ๐—ฟ๐—บ๐—ฎ๐˜๐—ถ๐—ผ๐—ป๐˜€/๐—ง๐—ฟ๐—ฎ๐—ถ๐—ป๐—ถ๐—ป๐—ด๐˜€ (๐Ÿฎ/๐Ÿญ๐Ÿฎ): "Beyond Whiteboard Hacking: Master AI-Enhanced Threat Modeling" ๐—ฝ๐—ฎ๐—ฟ/๐—ฏ๐˜† Steven Wierckx (Toreon)

๐Ÿ“… Dates: May 11 and 12, 2026 (2 days)
๐Ÿ“Š Difficulty: Medium
๐Ÿ–ฅ๏ธ Mode: On-Site

Description: "๐˜›๐˜ฉ๐˜ช๐˜ด ๐˜ต๐˜ณ๐˜ข๐˜ช๐˜ฏ๐˜ช๐˜ฏ๐˜จ ๐˜ต๐˜ข๐˜ฌ๐˜ฆ๐˜ด ๐˜บ๐˜ฐ๐˜ถ ๐˜ฅ๐˜ฆ๐˜ฆ๐˜ฑ ๐˜ช๐˜ฏ๐˜ต๐˜ฐ ๐˜ต๐˜ฉ๐˜ฆ ๐˜ฑ๐˜ณ๐˜ข๐˜ค๐˜ต๐˜ช๐˜ค๐˜ข๐˜ญ ๐˜ธ๐˜ฐ๐˜ณ๐˜ญ๐˜ฅ ๐˜ฐ๐˜ง ๐˜ต๐˜ฉ๐˜ณ๐˜ฆ๐˜ข๐˜ต ๐˜ฎ๐˜ฐ๐˜ฅ๐˜ฆ๐˜ญ๐˜ช๐˜ฏ๐˜จ, ๐˜ค๐˜ฐ๐˜ฎ๐˜ฃ๐˜ช๐˜ฏ๐˜ช๐˜ฏ๐˜จ ๐˜ฉ๐˜ข๐˜ฏ๐˜ฅ๐˜ด-๐˜ฐ๐˜ฏ ๐˜ฆ๐˜น๐˜ฆ๐˜ณ๐˜ค๐˜ช๐˜ด๐˜ฆ๐˜ด ๐˜ข๐˜ฏ๐˜ฅ ๐˜ณ๐˜ฆ๐˜ข๐˜ญ-๐˜ธ๐˜ฐ๐˜ณ๐˜ญ๐˜ฅ ๐˜ด๐˜ค๐˜ฆ๐˜ฏ๐˜ข๐˜ณ๐˜ช๐˜ฐ๐˜ด. ๐˜›๐˜ฉ๐˜ช๐˜ด ๐˜ฉ๐˜ข๐˜ฏ๐˜ฅ๐˜ด-๐˜ฐ๐˜ฏ ๐˜ต๐˜ฉ๐˜ณ๐˜ฆ๐˜ข๐˜ต ๐˜ฎ๐˜ฐ๐˜ฅ๐˜ฆ๐˜ญ๐˜ช๐˜ฏ๐˜จ ๐˜ต๐˜ณ๐˜ข๐˜ช๐˜ฏ๐˜ช๐˜ฏ๐˜จ ๐˜ฐ๐˜ง๐˜ง๐˜ฆ๐˜ณ๐˜ด ๐˜ข๐˜ฏ ๐˜ช๐˜ฎ๐˜ฎ๐˜ฆ๐˜ณ๐˜ด๐˜ช๐˜ท๐˜ฆ ๐˜ฆ๐˜น๐˜ฑ๐˜ฆ๐˜ณ๐˜ช๐˜ฆ๐˜ฏ๐˜ค๐˜ฆ, ๐˜จ๐˜ณ๐˜ฐ๐˜ถ๐˜ฏ๐˜ฅ๐˜ฆ๐˜ฅ ๐˜ช๐˜ฏ 25 ๐˜บ๐˜ฆ๐˜ข๐˜ณ๐˜ด ๐˜ฐ๐˜ง ๐˜ฑ๐˜ณ๐˜ข๐˜ค๐˜ต๐˜ช๐˜ค๐˜ข๐˜ญ ๐˜ฆ๐˜น๐˜ฑ๐˜ฆ๐˜ณ๐˜ต๐˜ช๐˜ด๐˜ฆ, ๐˜ข๐˜ฏ๐˜ฅ ๐˜ณ๐˜ฆ๐˜ง๐˜ช๐˜ฏ๐˜ฆ๐˜ฅ ๐˜ง๐˜ฐ๐˜ณ ๐˜ฐ๐˜ท๐˜ฆ๐˜ณ ๐˜ข ๐˜ฅ๐˜ฆ๐˜ค๐˜ข๐˜ฅ๐˜ฆ ๐˜ฐ๐˜ง ๐˜ฅ๐˜ฆ๐˜ญ๐˜ช๐˜ท๐˜ฆ๐˜ณ๐˜บ ๐˜ข๐˜ต ๐˜‰๐˜ญ๐˜ข๐˜ค๐˜ฌ ๐˜๐˜ข๐˜ต, ๐˜ข๐˜ท๐˜ฐ๐˜ช๐˜ฅ๐˜ช๐˜ฏ๐˜จ ๐˜ข ๐˜ญ๐˜ฆ๐˜ค๐˜ต๐˜ถ๐˜ณ๐˜ฆ-๐˜ฉ๐˜ฆ๐˜ข๐˜ท๐˜บ ๐˜ข๐˜ฑ๐˜ฑ๐˜ณ๐˜ฐ๐˜ข๐˜ค๐˜ฉ (70% ๐˜ฐ๐˜ง ๐˜ต๐˜ฉ๐˜ฆ ๐˜ค๐˜ฐ๐˜ถ๐˜ณ๐˜ด๐˜ฆ ๐˜ช๐˜ด ๐˜ง๐˜ฐ๐˜ค๐˜ถ๐˜ด๐˜ฆ๐˜ฅ ๐˜ฐ๐˜ฏ ๐˜ฆ๐˜น๐˜ฆ๐˜ณ๐˜ค๐˜ช๐˜ด๐˜ฆ๐˜ด ๐˜ต๐˜ฐ ๐˜ณ๐˜ฆ๐˜ช๐˜ฏ๐˜ง๐˜ฐ๐˜ณ๐˜ค๐˜ฆ ๐˜ญ๐˜ฆ๐˜ข๐˜ณ๐˜ฏ๐˜ช๐˜ฏ๐˜จ). ๐˜‰๐˜บ ๐˜ต๐˜ฉ๐˜ฆ ๐˜ฆ๐˜ฏ๐˜ฅ ๐˜ฐ๐˜ง ๐˜ต๐˜ฉ๐˜ช๐˜ด ๐˜ต๐˜ณ๐˜ข๐˜ช๐˜ฏ๐˜ช๐˜ฏ๐˜จ, ๐˜บ๐˜ฐ๐˜ถ ๐˜ธ๐˜ช๐˜ญ๐˜ญ ๐˜ธ๐˜ข๐˜ญ๐˜ฌ ๐˜ข๐˜ธ๐˜ข๐˜บ ๐˜ฏ๐˜ฐ๐˜ต ๐˜ซ๐˜ถ๐˜ด๐˜ต ๐˜ธ๐˜ช๐˜ต๐˜ฉ ๐˜ฌ๐˜ฏ๐˜ฐ๐˜ธ๐˜ญ๐˜ฆ๐˜ฅ๐˜จ๐˜ฆ, ๐˜ฃ๐˜ถ๐˜ต ๐˜ต๐˜ฉ๐˜ฆ ๐˜ข๐˜ฃ๐˜ช๐˜ญ๐˜ช๐˜ต๐˜บ ๐˜ต๐˜ฐ ๐˜ฑ๐˜ณ๐˜ข๐˜ค๐˜ต๐˜ช๐˜ค๐˜ฆ ๐˜ต๐˜ฉ๐˜ณ๐˜ฆ๐˜ข๐˜ต ๐˜ฎ๐˜ฐ๐˜ฅ๐˜ฆ๐˜ญ๐˜ช๐˜ฏ๐˜จ ๐˜ฆ๐˜ง๐˜ง๐˜ฆ๐˜ค๐˜ต๐˜ช๐˜ท๐˜ฆ๐˜ญ๐˜บ ๐˜ช๐˜ฏ ๐˜บ๐˜ฐ๐˜ถ๐˜ณ ๐˜ฐ๐˜ณ๐˜จ๐˜ข๐˜ฏ๐˜ช๐˜ป๐˜ข๐˜ต๐˜ช๐˜ฐ๐˜ฏ. "
๐Ÿ”— Full Training Details: nsec.io/training/2026-beyond-w

๐Ÿ‘จโ€๐Ÿซ About the trainer:
Steven Wierckx (Toreon) is a seasoned software and security tester with 15 years of experience in programming, security testing, source code review, test automation, functional and technical analysis, development, and database design. Steven shares his web application security passion by writing about and through training on testing software for security problems, secure coding, security awareness, security testing, and threat modeling. Heโ€™s the OWASP Threat Modeling Project Lead and organises the BruCON student CTF. Last year, he spoke at Hack in the Box Amsterdam, hosted a workshop at BruCON, and provided threat modeling training at OWASP AppSec USA and Oโ€™Reilly Security New York.

Media attachment
Media attachment
Media attachment

The Canadian Centre for Cyber Security has designed the Critical Infrastructure Resilience and Escalated Threat Navigation (CIREN) initiative to drive immediate preparedness across organizations to reinforce and protect Canadaโ€™s sovereignty and essential services.
cyber.gc.ca/en/cyber-security-

Critical infrastructure resilience and escalated threat navigation initiative - Canadian Centre for Cyber Security
Critical infrastructure resilience and escalated threat navigation initiative - Canadian Centre for Cyber Security
The time to act is now: Strengthening critical infrastructure cyber readiness for a resilient Canada.