In case you were blissfully unaware: https://utcc.utoronto.ca/~cks/space/blog/unix/XLibreIsExplicitlyPolitical
Erlang Solutions: Supporting the BEAM Community with Free CI/CD Security Audits
At Erlang Solutions, our support for the BEAM community is long-standing and built into everything we do. From contributing to open-source tools and sponsoring events to improving security and shaping ecosystem standards, we’re proud to play an active role in helping the BEAM ecosystem grow and thrive.
One way we’re putting that support into action is by offering free CI/CD-based security … ⌘ Read more
Prosodical Thoughts: Debian repository key change
We have been working on some changes to our Debian/Ubuntu package repository.
If you use our repository to keep up to date with new Prosody packages, you
need to take action before 4th August 2025 to continue receiving updates
smoothly.
The ‘apt’ utility has been moving towards a new format for specifying package
repositories. If you are familiar with putting deb lines in a sources.list
file, [that method is changing](ht … ⌘ Read more
37C3 and New Year’s Eve 2023
Another one from the vaults. The 37C3 conference took place in
December, 2023. This report was mostly written in January, 2024.
Mostly finished it at night in my cottage between 28 and 29th
December, then edited and added some stuff in July, 2025. So… Only
1.5 years late?
It was a little ironic, and a little sad, that I was finishing the
37C3 report during 38C3. I didn’t manage to get any tickets for me and
#3 for 38C3 and had to make do with watching the stream.
The links to the talks go to [C … ⌘ Read more
↳
In-reply-to
»
I was drafting support for showing “application icons” in my window manager, i.e. the Firefox icon in the titlebar:
⤋ Read More
@movq@www.uninformativ.de According to this screenshot, KDE still shows good old application icons:
And GNOME used to have them, too:
I like the looks of your window manager. That’s using Wayland, right? The only thing on this screenshot to critique is all that wasted space of the windows not making use of the full screen!!!1 At least the file browser. 8-)
This drives me nuts when my workmates share their screens. I really don’t get it how people can work like that. You can’t even read the whole line in the IDE or log viewer with all the expanded side bars. And then there’s 200 pixels on the left and another 300 pixels on the right where the desktop wallpaper shows. Gnaa! There’s the other extreme end when somebody shares their ultra wide screen and I just have a “regularish” 16:10 monitor and don’t see shit, because it’s resized way too tiny to fit my width. Good times. :-D
Sorry for going off on a tangent here. :-) Back to your WM: It has the right mix of being subtle and still similar to motif. Probably close to the older Windowses. My memory doesn’t serve me well, but I think they actually got it fairly good in my opinion. Your purple active window title looks killer. It just fits so well. This brown one (
) gives me also classic vibes. Awww. We ran some similar brownish color scheme (don’t recall its name) on Win95 or Win98 for some time on the family computer. I remember other people visting us not liking these colors. :-DProcessOne: XMPP: When a 25-Year-Old Protocol Becomes Strategic Again
After twenty-five years, XMPP (Extensible Messaging and Presence Protocol) is still here. Mature, proven, modular, and standardized, it may well be the most solid foundation available today to build the future of messaging.
And now, XMPP is more relevant than ever: its resurgence is driven by European digital sovereignty efforts, renewed focus on interoperabil … ⌘ Read more
gomdn: Yet another Static Site Generator
Yet another Static Site Generator (SSG), but this one is mine.
It’s a stupidly simple Go program ( wc says 229 lines), more like a
hack, really, but I don’t need something like Hugo. Most of the real
work is done by the goldmark package, of course. This is mostly just a
wrapper, deciding if something needs to be rebuilt.
I’ve been using a Perl script together with cmark (originally
Markdown.pl) since forever. And before that the old [txt2tags](htt … ⌘ Read more
@movq@www.uninformativ.de I fully agree with you on https://www.uninformativ.de/blog/postings/2025-07-22/0/POSTING-en.html!
Although, in the first screenshot, the window title background is much darker in the new version than the old one!1!1 :-P Kidding aside, the contrast in the old one is still better.
Also, note the missing underlines for the Alt hotkeys now. I just think that the underline in the old one is too thick.
Status 2025-07-21
Morning, computer! Spending my days off trying to figure things out.
Some of them will occur in this post. I think best when I’m writing,
after all.
I’m back from a short vacation since a couple of weeks. I’m still
going to take a few days off every week for a while. I need the break.
It’s been way too many 12-16 hour workdays. I’m nominally working 80%
(~6 hour days), so I figure I’ve been working a lot for free.
Yeah, well, I like the TKey project to succeed. The ideas behind it
have implicatio … ⌘ Read more
HTTP referrers are quite broken, aren’t they?
Because of that recent storm on my blog, I had a peek at them. There’s a lot of garbage in there. For example, https://docs.freebsd.org/en/books/handbook/disks-virtual.html is supposed to refer to one of my blog posts …
What’s going on here?
Erlang Solutions: What is Remote Patient Monitoring?
Remote Patient Monitoring (RPM) is changing how care is delivered. By tracking health data through connected devices outside traditional settings, it helps clinicians act sooner, reduce readmissions, and focus resources where they’re most needed. With rising NHS pressures and growing demand for digital care, RPM is becoming central to how both public and private providers support long-term conditions, recovery, and hospital-at-home mod … ⌘ Read more
TKey: The Next Generation
Not speaking for my employer, just as an interested developer in an
interesting open source project.
As you might have noticed, the platform repo of the Tillitis TKey has
some alpha tags for the next generation, Castor:
https://github.com/tillitis/tillitis-key1/tags
An alpha tag means that all planned features for the platform are in
place, but there’s not yet a complete audit and a lot of testing … ⌘ Read more
ProcessOne: ejabberd 25.07
Release Highlights:
This release focus on integration in a wider federated network, with support for spam fighting features, better compliance with Matrix network and native support for PubSub Server Information to have your server count as part of the wider XMPP network (for example, you can register your server on XMPP Network Graph).
- **Spam filter … ⌘ Read more
How to Mount a Balcony Awning
Hi Kris,
I’ve been reading your website for quite a while. It’s one of my favourite blogs. Thank you for what you are doing!
We are currently experiencing a heat wave in Germany, so I drew inspiration from Low-tech Magazine’s article “ How to Dress and Undress your Home” and built an awning on my balcony. I documented the process so that other readers can install one themselves.
The ov … ⌘ Read more
↳
In-reply-to
»
The lack of suckless-like simple, hackable software these days is appalling.
⤋ Read More
@prologic@twtxt.net Hm, I wouldn’t say that. Go code could fall into that category as well.
Maybe this topic could use a blog post / article, that explains what it’s about. I’m finding it hard to really define what “suckless-like software” is. 🤔 (Their own philosophy focuses too much on elitism, if you ask me.)
↳
In-reply-to
»
The lack of suckless-like simple, hackable software these days is appalling.
⤋ Read More
@prologic@twtxt.net Ah, I’m referring to software that’s similar to that of suckless.org: Small, minimal codebases, small tools, but still useful. dmenu is probably the best example and also farbfeld.
Here’s the author of Anubis talking about some of their experiences:
https://xeiaso.net/blog/why-i-use-suckless-tools-2020-06-05/
(You can skip the long config and keybinds part.)
Ignite Realtime Blog: Empowering Digital Sovereignty with Openfire: A Secure and Customizable Communication Platform
In today’s interconnected world, digital sovereignty has become increasingly important for individuals and organizations seeking to maintain control over their data, infrastructure, and technologies. Openfire, an open-source, real-time collaboration (RTC) server that uses the XMPP (Extensible Messaging and Presence … ⌘ Read more
A good blog post that makes some good points: Can I ethically use LLMs?
Okay, now this is a very interesting Rust feature:
https://blog.rust-lang.org/2025/07/03/stabilizing-naked-functions/
This (and inline assembly) makes Rust really interesting for very low-level stuff. 🥳
** Om nom nom LLMs, in which I respond to Simon Willison’s analogy **
I am hesitant to wade into the tumultuous waters that are the discourse around generative AI and LLMs, but this morning I came across a thing that so thoroughly melted my brain I feel uncontrollably compelled to respond.
This morning, at evidently 4:10 AM (no mention of timezone), Simon Willison shared the following blog post, quoted here in full:
Quitting programming as … ⌘ Read more
@mckinley@mckinley.cc’s blog appears to have gone stale, hm.
Not Too Active Here
As you can see, I am not too active around here. I am elsewhere writing notes, which are short, silly, but fun. I am keeping this around for, mostly, two reasons. Old stuff, though bad, is part of me, a record of my past. I also may decide to come by, eventually, and write something in a longer format.
So, here I leave this blog—which I insisted on calling “weblog” for a while—frozen in time. ⌘ Read more
I did a “lecture”/“workshop” about this at work today. 16-bit DOS, real mode. 💾 Pretty cool and the audience (devs and sysadmins) seemed quite interested. 🥳
- People used the Intel docs to figure out the instruction encodings.
- Then they wrote a little DOS program that exits with a return code and they used uhex in DOSBox to do that. Yes, we wrote a COM file manually, no Assembler involved. (Many of them had never used DOS before.)
- DEBUG from FreeDOS was used to single-step through the program, showing what it does.
- This gets tedious rather quickly, so we switched to SVED from SvarDOS for writing the rest of the program in Assembly language. nasm worked great for us.
- At the end, we switched to BIOS calls instead of DOS syscalls to demonstrate that the same binary COM file works on another OS. Also a good opportunity to talk about bootloaders a little bit.
- (I think they even understood the basics of segmentation in the end.)
The 8086 / 16-bit real-mode DOS is a great platform to explain a lot of the fundamentals without having to deal with OS semantics or executable file formats.
Now that was a lot of fun. 🥳 It’s very rare that we do something like this, sadly. I love doing this kind of low-level stuff.
↳
In-reply-to
»
OpenBSD has the wonderful
⤋ Read More
pledge() and unveil() syscalls:
@lyse@lyse.isobeef.org Multi-Threading. Is. Hard. 🤯 And yes, that blog is great. 👌
On my blog: Short Fiction — Transgender Athlete Bans https://john.colagioia.net/blog/2025/06/22/title-ix-hope.html #fiction #freeculture #lgbtpridemonth #politics
On my blog: Free Culture Book Club — First Woman — Dream to Reality https://john.colagioia.net/blog/2025/06/21/first-woman-1.html #freeculture #bookclub
On my blog: Toots 🦣 from 06/16 to 06/20 https://john.colagioia.net/blog/2025/06/20/week.html #linkdump #socialmedia #quotes #week
On my blog: Real Life in Star Trek, Gambit part 1 https://john.colagioia.net/blog/2025/06/19/gambit-part-1.html #scifi #startrek #closereading
Comment on Find ASCII Emoji Easily with this GNOME Shell Applet by tempemail
I appreciate you sharing this blog post. Thanks Again. Cool. ⌘ Read more
https://blog.garambrogne.net/kloset.html #kloset disséqué une histoire de #plakar un outil de sauvegarde qui utilise déduplication compression chiffrage et signature
OpenBSD has the wonderful pledge() and unveil() syscalls:
https://www.youtube.com/watch?v=bXO6nelFt-E
Not only are they super useful (the program itself can drop privileges – like, it can initialize itself, read some files, whatever, and then tell the kernel that it will never do anything like that again; if it does, e.g. by being exploited through a bug, it gets killed by the kernel), but they are also extremely easy to use.
Imagine a server program with a connected socket in file descriptor 0. Before reading any data from the client, the program can do this:
unveil("/var/www/whatever", "r");
unveil(NULL, NULL);
pledge("stdio rpath", NULL);
Done. It’s now limited to reading files from that directory, communicating with the existing socket, stuff like that. But it cannot ever read any other files or exec() into something else.
I can’t wait for the day when we have something like this on Linux. There have been some attempts, but it’s not that easy. And it’s certainly not mainstream, yet.
I need to have a closer look at Linux’s Landlock soon (“soon”), but this is considerably more complicated than pledge()/unveil():
On my blog: Developer Diary, Day of the African Child https://john.colagioia.net/blog/2025/06/16/african-child.html #programming #project #devjournal
On my blog: Go Nowhere Fast https://john.colagioia.net/blog/2025/06/15/go-nowhere-fast.html #harm #rant #politics #harm
↳
In-reply-to
»
@prologic I am finding writing my Notes very therapeutic. Just create a markdown file and commit, push, and it’s live. Whatever comes to mind, whatever I want to keep as relevant. Silly things, more like a dump.
⤋ Read More
@prologic@twtxt.net yes, I never understood you using micro.blog (and paying for it, nonetheless!). I don’t like it (as a platform), and have an unexplainable dislike for its creator.
↳
In-reply-to
»
@prologic I am finding writing my Notes very therapeutic. Just create a markdown file and commit, push, and it’s live. Whatever comes to mind, whatever I want to keep as relevant. Silly things, more like a dump.
⤋ Read More
@bender@twtxt.net Maybe one day I’ll take back over my prologic.blog domain from µBlog and redoit with my handy zs tool with some nice CSS 🤣
↳
In-reply-to
»
@movq why Gopher to babble, and not just HTTP? I mean, may as well just write plain text files on your machine, and leave them there, right?
⤋ Read More
@bender@twtxt.net I just babble on Twtxt 🤣 I honestly find that I don’t realy have the time nor the energy to “blog” in full really, I rarely do 😢
On my blog: Free Culture Book Club — Tag Team https://john.colagioia.net/blog/2025/06/14/tag-team.html #freeculture #bookclub
On my blog: Toots 🦣 from 06/09 to 06/13 https://john.colagioia.net/blog/2025/06/13/week.html #linkdump #socialmedia #quotes #week
Great article from Tailscale about how security policies we’ve often seen in many large complex organizations that we all love to hate don’t actually provide the security that we assumed.
On my blog: Real Life in Star Trek, Interface https://john.colagioia.net/blog/2025/06/12/interface.html #scifi #startrek #closereading
My Journey to KubeCon + CloudNativeCon 2024: A Story of Volunteering and Growth
My name is Oscar Ayra and I am from Lima, Peru. In 2024, I had the privilege of being part of the volunteer team at Kubernetes Community Days (KCD) Lima. It was an enriching experience where… ⌘ Read more
Newbie No More: Lessons from My First KubeCon + CloudNativeCon as a Speaker
Introduction April in London has never felt so electric. From the first footstep in the ExCeL halls to the hallway conversations, KubeCon + CloudNativeCon Europe 2025 was a whirlwind of new ideas, familiar faces, and those… ⌘ Read more
GitOps in 2025: From Old-School Updates to the Modern Way
1. Introduction: Why Everyone’s Talking About GitOps in 2025 It’s 2025, and building software is more cloud-driven than ever. Cloud computing offers incredible speed and flexibility, but it also brings complexity. Companies are expected to ship… ⌘ Read more
Makefile.md - Possibly Use(ful|less) Polyglot Synthesis of Makefile and Markdown
Comments ⌘ Read more