„Bei den #Normen und #Standards müssen wir uns auf die sicherheitsrelevanten fokussieren. Der Blütenteppich an immer neuen DIN-Normen trägt nicht dazu bei, dass #Bauen einfacher, schneller und preiswerter wird“, betont Bauministerin
#Geywitz. #Wohnungsbautag
Recent searches
Search options
Administered by:
#Standards
11 posts9 participants0 posts today
ARIA in HTML, by @scottohara and @patrick_h_lauke (@w3c):
www.w3.orgARIA in HTMLThis specification defines the authoring rules (author conformance requirements) for the use
of Accessible Rich Internet Applications (WAI-ARIA) 1.2 and Digital Publishing WAI-ARIA Module 1.0 attributes on [HTML] elements.
This specification's primary objective is to define requirements for use
with conformance checking tools used by authors (i.e., web developers). These requirements will aid authors
in their development of web content, including custom interfaces and widgets, which make use of ARIA to
complement or extend the features of the host language [HTML].
Is there anyone with access to the IEC 62396-1:3016? My university library does not have it 
#standards #iec #radiation #aviation #academia
Continued thread
#DigitalSovereignity needs #StructuralPower
"Who enforces digital standards such as those that come from the #IETF or the #W3C?
In a few cases, it is state power (e.g. accessibility in some jurisdictions) but that's rare. In some other cases, it's market discipline… But most of the important areas of the #digitalsphere have stopped being open, competitive markets over a decade ago so that the market no longer has a credible disciplining function to enforce #standards. What matters is who has the #structuralpower to deploy the standards they want to see and avoid those they dislike."
@robin
Robin BerjonDigital SovereigntyDigital sovereignty has a bad reputation. In internet governance circles, sovereignty is considered awkward enough to be referred to by as the "s-word." It is often associated with misguided attempts at returning to the era of national champions, like building a French search engine or a European Google, or worse with the eternal boogeyman that is the "splinternet." It doesn't have to be this way!
"Both for #datagovernance and #standards, what matters is #structuralpower. If you have it, you can meaningfully steer both, if you don't, you can't. I am not claiming that discussing these topics today isn't useful, it can be, but hoping that they will have transformative impact without access to structural power is wishful thinking.
The #urgency created by the #technoauthoritarian alignment between #BigTech and the #Trumpregime is the driving priority: first, reclaim structural power. Once that's done, we can debate the rest."
@robin
Robin BerjonDigital SovereigntyDigital sovereignty has a bad reputation. In internet governance circles, sovereignty is considered awkward enough to be referred to by as the "s-word." It is often associated with misguided attempts at returning to the era of national champions, like building a French search engine or a European Google, or worse with the eternal boogeyman that is the "splinternet." It doesn't have to be this way!
Replied in thread
@Dianora And I'm shure #Canada is more able and willing to align it's #standards to the #EU (which is an upgrade) than the EU would even consider #downgrading to #ChlorinatedChicken & #YellowNumber5 standards that were already bad 50 years ago!
Maybe the EU could rebrand to like #LeagueOfFreeNations or #UnionOfFreeNations and define itself by common #Values beyond #economy, like #HumanRights and #CivilRights!
- Something the #USA is illegally attacking even beyond it's borders which is as much of a violation of diplomatic conduct as an ambassador personally insulting the head of a government.
Infosec.SpaceKevin Karhan :verified: (@kkarhan@infosec.space)@RachelC_Y@piaille.fr @thorsheim@mastodon.social just demanding that would likely be a *triple felony* in #Germany:
- #Blackmail
- #Extortion
- #Discrimination
I just hope @Bundesregierung@social.bund.de , @AuswaertigesAmt@social.bund.de and @antidiskriminierung@social.bund.de [remind](https://infosec.space/@kkarhan/114290467686346855) the #US #Ambassador they are mere #Guests and that #Diplomats are expected to *comply with local laws and customs* or they get expelled!
#NotLegalAdvice #Sarcasm #DEpol #USpol
iX-Workshop IT-Grundschutz-Praktiker mit Zertifikat
Erhalten Sie einen umfassenden Einblick in die Praxis der IT-Grundschutz-Methodik des BSI. Mit anschließender Prüfung und Zertifizierung.
heise online · iX-Workshop IT-Grundschutz-Praktiker mit Zertifikat
New national #standards for #residential projects launched; #Qingming Festival observed; major #oilfield with reserves of over 100 million tonnes discovered; and more. Try these questions and visit our website for the complete #weeklyquiz on #China #news and answers!
https://news.cgtn.com/news/2025-04-06/China-Weekly-News-Quiz-March-31-April-6-2025-1ClEHZPt37q/p.html
news.cgtn.comChina Weekly News Quiz: March 31-April 6, 2025Do you know what happened in China last week? Take our weekly news quiz to test your knowledge and get up to speed on the latest developments in case you missed something.
The #XMPP Newsletter for March 2025 is out!
Read about the latest XMPP universe updates and the latest updates on our #standards!
https://xmpp.org/2025/04/the-xmpp-newsletter-march-2025/
Enjoy reading! 
#jabber #chat #interoperability #rtc
#opensource #decentralization
The #XMPP Newsletter for February 2025 is out!
Read about the latest XMPP universe updates and the latest updates on our #standards!
https://xmpp.org/2025/03/the-xmpp-newsletter-february-2025/
Enjoy reading!
#jabber #chat #interoperability #rtc
#opensource #decentralization
️
Two big problems in #IT that I don't see anyone trying to solve, and very few people even thinking about, let alone talking about:
1. a comprehensive set of #professional #standards regarding the #ethical operation, administration, moderation, and #oversight of public discussion forums.
2. a comprehensive set of professional standards regarding the ethical storage and transmission of personal #data and #information.
I don't think people even understand why these are #problems.
Designing the future of entertainment means understanding that standards are its backbone. Networks and hardware only play part of the role; it’s the standards like video compression and streaming protocols that truly make the magic happen.
#DigitalEntertainment #Standards #StreamingInnovation
https://www.youtube.com/watch?v=j6DgvQ1RaTQ #byAI
I mean, let’s be real, fellow human beings. . . There’s no one single person responsible for this god forsaken dumpster fire that is current global society. It takes a subconscious group consensus manufactured by media and self-indulgence to even commit to a “societal norm”.
Also,
„Wir müssen die Planungsprozesse deutlich beschleunigen.“
Im Berlin Playbook Podcast erläutert Bauministerin #Geywitz, wie durch einfachere #Standards, serielle Bauweise, #Digitalisierung und Planungsbeschleunigung die #Baukosten gesenkt werden können.
https://www.politico.eu/podcast/berlin-playbook-podcast/
#Business #Guides
Comparing WCAG, EAA, and EN 301 549 · What they mean for businesses/organizations worldwide https://ilo.im/1633sg
_____
#Accessibility #Standards #Legal #WCAG #EAA #EN301549 #Development #WebDev #Frontend
TPGi · What’s the Difference Between WCAG, the EAA, and EN 301 549?Learn how WCAG, the EAA, and EN 301 549 differ and intersect to shape digital accessibility laws, standards, and compliance in the EU and beyond.
First day of the #stapi sprint at #developmentseed was fueled by lots of interesting discussions on issues like intersections with #stac and #ogcapi . Looking forward to more, tomorrow! 
#standards #geospatial #eo
North Macedonia: Media coverage of tragedy in Kočani must respect journalistic ethics https://www.byteseu.com/883757/ #AnthonyBellanger #ethics #GlobalCharterOfEthics #IFJ #journalism #Journalist #MediaFreedom #NorthMacedonia #PressFreedom #professionalism #solidarity #Standards #tragedy #Union
The Microsoft-Dilemma - #Europe as a #Software Colony (43min)
https://kolektiva.media/w/cbb9f78a-9705-41f6-b7a3-e869e1a0e7f2 (or
https://www.youtube.com/watch?v=duaYLW7LQvg if you don't mind YT using/stealing your data)
This is how the #EU is paying a secret number of Millions to #Microsoft in order to stay less secure, more dependend, less self-empowered, and more corrupt.
And this was known even before the US went totally crazy, risking our future big time.
So let's change and take back control using #FOSS software and open standards for true competition and actually according to our own rules for a change.
How to prevent Payment Pointer fraud
https://shkspr.mobi/blog/2025/03/how-to-prevent-payment-pointer-fraud/
There's a new Web Standard in town! Meet WebMonetization - it aims to be a low effort way to help users passively pay website owners.
The pitch is simple. A website owner places a single new line in their HTML's <head> - something like this:
<link rel="monetization" href="https://wallet.example.com/edent" />That address is a "Payment Pointer". As a user browses the web, their browser takes note of all the sites they've visited. At the end of the month, the funds in the user's digital wallet are split proportionally between the sites which have enabled WebMonetization. The user's budget is under their control and there are various technical measures to stop websites hijacking funds.
This could be revolutionary0.
But there are some interesting fraud angles to consider. Let me give you a couple of examples.
Pointer Hijacking
Suppose I hacked into a popular site like BBC.co.uk and surreptitiously included my link in their HTML. Even if I was successful for just a few minutes, I could syphon off a significant amount of money.
At the moment, the WebMonetization plugin only looks at the page's HTML to find payment pointers. There's no way to say "This site doesn't use WebMonetization" or an out-of-band way to signal which Payment Pointer is correct. Obviously there are lots of ways to profit from hacking a website - but most of them are ostentatious or require the user to interact. This is subtle and silent.
How long would it take you to notice that a single meta element had snuck into some complex markup? When you discover it, what can you do? Money sent to that wallet can be transferred out in an instant. You might be able to get the wallet provider to freeze the funds or suspend the account, but that may not get you any money back.
Similarly, a Web Extension like Honey could re-write the page's source code to remove or change an existing payment pointer.
Possible Solutions
Perhaps the username associated with a Payment Pointer should be that of the website it uses? something like href="https://wallet.example.com/shkspr.mobi"
That's superficially attractive, but comes with issues. I might have several domains - do I want to create a pointer for each of them?
There's also a legitimate use-case for having my pointer on someone else's site. Suppose I write a guest article for someone - their website might contain:
<link rel="monetization" href="https://wallet.example.com/edent" /><link rel="monetization" href="https://wallet.coin_base.biz/BigSite" />Which would allow us to split the revenue.
Similarly, a site like GitHub might let me use my Payment Pointer when people are visiting my specific page.
So, perhaps site owners should add a .well-known directive which lists acceptable Pointers? Well, if I have the ability to add arbitrary HTML to a site, I might also be able to upload files. So it isn't particularly robust protection.
Alright, what are other ways typically used to prove the legitimacy of data? DNS maybe? As the popular meme goes:
@atax1a@infosec.exchange
mx alex tax1a - 2020 (5)
@jwz @grumpybozo just one more public key in a TXT record, that'll fix email, just gotta add one more TXT record bro
5
8520:49 - Sun 23 March 2025
Someone with the ability to publish on a website is less likely to have access to DNS records. So having (yet another) DNS record could provide some protection. But DNS is tricky to get right, annoying to update, and a pain to repeatedly configure if you're constantly adding and removing legitimate users.
Reputation Hijacking
Suppose the propaganda experts in The People's Republic of Blefuscu decide to launch a fake site for your favourite political cause. It contains all sorts of horrible lies about a political candidate and tarnishes the reputation of something you hold dear. The sneaky tricksters put in a Payment Pointer which is the same as the legitimate site.
"This must be an official site," people say. "Look! It even funnels money to the same wallet as the other official sites!"
There's no way to disclaim money sent to you. Perhaps a political opponent operates an illegal Bonsai Kitten farm - but puts your Payment Pointer on it.
"I don't squash kittens into jars!" You cry as they drag you away. The police are unconvinced "Then why are you profiting from it?"
Possible Solutions
A wallet provider needs to be able to list which sites are your sites.
You log in to your wallet provider and fill in a list of websites you want your Payment Pointer to work on. Add your blog, your recipe site, your homemade video forum etc. When a user browses a website, they see the Payment Pointer and ask it for a list of valid sites. If "BonsaiKitten.biz" isn't on there, no payment is sent.
Much like OAuth, there is an administrative hassle to this. You may need to regularly update the sites you use, and hope that your forgetfulness doesn't cost you in lost income.
Final Thoughts
I'm moderately excited about WebMonetization. If it lives up to its promises, it could unleash a new wave of sustainable creativity across the web. If it is easier to make micropayments or donations to sites you like, without being subject to the invasive tracking of adverts, that would be brilliant.
The problems I've identified above are (I hope) minor. Someone sending you money without your consent may be concerning, but there's not much of an economic incentive to enrich your foes.
Think I'm wrong? Reckon you've found another fraudulent avenue? Want to argue about whether this is a likely problem? Stick a comment in the box.
To be fair, Coil tried this in 2020 and it didn't take off. But the new standard has a lot less cryptocurrency bollocks, so maybe it'll work this time? ↩︎
Terence Eden’s Blog · How to prevent Payment Pointer fraud
More from 
Terence Eden