↳
In-reply-to
»
@prologic Do you have a link to some past discussion?
†Read More
@falsifian@www.falsifian.org The GDPR does not apply to the processing of data for a purely personal or household activity that is not connected to a professional or commercial activity.
@prologic@twtxt.net Do you feel the same about published vs. privately stored data?
For me thereâs a distinction. I feel very strongly that I should be able to retain whatever private information I like. On the other hand, I do have some sympathy for requests not to publish or propagate (though I personally feel itâs still morally acceptable to ignore such requests).
@prologic@twtxt.net Thanks for writing that up!
I hope it can remain a living document (or sequence of draft revisions) for a good long time while we figure out how this stuff works in practice.
I am not sure how I feel about all this being done at once, vs. letting conventions arise.
For example, even today I could reply to twt abc1234 with â(#abc1234) Edit: âŠâ and I think all you humans would understand it as an edit to (#abc1234). Maybe eventually it would become a common enough convention that clients would start to support it explicitly.
Similarly we could just start using 11-digit hashes. We should iron out whether itâs sha256 or whatever but thereâs no need get all the other stuff right at the same time.
I have similar thoughts about how some users could try out location-based replies in a backward-compatible way (append the replyto: stuff after the legacy (#hash) style).
However I recognize that Iâm not the one implementing this stuff, and itâs less work to just have everything determined up front.
Misc comments (I havenât read the whole thing):
Did you mean to make hashes hexadecimal? You lose 11 bits that way compared to base32. Iâd suggest gaining 11 bits with base64 instead.
âClients MUST preserve the original hashâ â do you mean they MUST preserve the original twt?
Thanks for phrasing the bit about deletions so neutrally.
I donât like the MUST in âClients MUST follow the chain of reply-to referencesâŠâ. If someone writes a client as a 40-line shell script that requires the user to piece together the threading themselves, IMO we shouldnât declare the client non-conforming just because they didnât get to all the bells and whistles.
Similarly I donât like the MUST for user agents. For one thing, you might want to fetch a feed without revealing your identty. Also, it raises the bar for a minimal implementation (Iâm again thinking again of the 40-line shell script).
For âwho followsâ lists: why must the long, random tokens be only valid for a limited time? Do you have a scenario in mind where they could leak?
Why canât feeds be served over HTTP/1.0? Again, thinking about simple software. I recently tried implementing HTTP/1.1 and it wasnât too bad, but 1.0 would have been slightly simpler.
Why get into the nitty-gritty about caching headers? This seems like generic advice for HTTP servers and clients.
Iâm a little sad about other protocols being not recommended.
I donât know how I feel about including markdown. I donât mind too much that yarn users emit twts full of markdown, but Iâm more of a plain text kind of person. Also it adds to the length. I wonder if putting a separate document would make more sense; that would also help with the length.
@prologic@twtxt.net I have no specifics, only hopes. (I have seen some articles explaining the GDPR doesnât apply to a âpurely personal or household activityâ but I donât really know what that means.)
I donât know if itâs worth giving much thought to the issue unless either you expect to get big enough for the GDPR to matter a lot (I imagine making money is a prerequisite) or someone specifically brings it up. Unless you enjoy thinking through this sort of thing, of course.
↳
In-reply-to
»
(#5vbi2ea) @prologic I wouldn't want my client to honour delete requests. I like my computer's memory to be better than mine, not worse, so it would bug me if I remember seeing something and my computer can't find it.
†Read More
@prologic@twtxt.net Do you have a link to some past discussion?
Would the GDPR would apply to a one-person client like jenny? I seriously hope not. If someone asks me to delete an email they sent me, I donât think I have to honour that request, no matter how European they are.
I am really bothered by the idea that someone could force me to delete my private, personal record of my interactions with them. Would I have to delete my journal entries about them too if they asked?
Maybe a public-facing client like yarnd needs to consider this, but that also bothers me. I was actually thinking about making an Internet Archive style twtxt archiver, letting you explore past twts, including long-dead feeds, see edit histories, deleted twts, etc.
@movq@www.uninformativ.de Iâm glad you like it. A mention (@<movq https://www.uninformativ.de/twtxt.txt>) is also long, but we live with it anyway. In a way a replyto: is just a mention of a twt instead of a feed/person. Maybe we chould even model the syntax for replies on mentions: (#<2024-09-17T08:39:18Z https://www.eksempel.dk/twtxt.txt>) ?!
A.I. Now Convincingly Replicates a Personâs Handwriting⊠and itâs Just as Creepy as it Sounds.
From JRR Tolkien to Dead Relatives⊠A.I. can now mimic distinct handwriting styles. â Read more
Snikket: Snikket Server - September 2024 release
We hope youâve been having a good summer (at least if youâre up here in the
northern hemisphere). Today weâre back with a new release of the self-hosted
Snikket server software.
This software is whatâs at the core of the Snikket project - a self-hostable
âpersonal messaging server in a boxâ. If you wish for something like
Messenger, WhatsApp or Signal, but not using their servers, Snikket is for
you. Once deployed, you can create invitation links for family, f ⊠â Read more
Beginnerâs guide to GitHub: Setting up and securing your profile
As part of the GitHub for Beginners guide, learn how to improve the security of your profile and create a profile README. This will let you give your GitHub account a little more personality.
The post Beginnerâs guide to GitHub: Setting up and securing your profile appeared first on [The ⊠â Read more
@prologic@twtxt.net Some criticisms and a possible alternative direction:
Key rotation. Iâm not a security person, but my understanding is that itâs good to be able to give keys an expiry date and replace them with new ones periodically.
It makes maintaining a feed more complicated. Now instead of just needing to put a file on a web server (and scan the logs for user agents) I also need to do this. What brought me to twtxt was its radical simplicity.
Instead, maybe we should think about a way to allow old urls to be rotated out? Like, my metadata could somehow say that X used to be my primary URL, but going forward from date D onward my primary url is Y. (Or, if you really want to use public key cryptography, maybe something similar could be used for key rotation there.)
Itâs nice that your scheme would add a way to verify the twts you download, but https is supposed to do that anyway. If you donât trust https to do that (maybe you donât like relying on root CAs?) then maybe your preferred solution should be reflected by your primary feed url. E.g. if you prefer the security offered by IPFS, then maybe an IPNS url would do the trick. The fact that feed locations are URLs gives some flexibility. (But then rotation is still an issue, if I understand ipns right.)
Play the Classic Sci-Fi Shooter âMarathon Infinityâ Free on Steam
The classic science fiction FPS (First Person Shooter) game âMarathon Infinityâ is now available to play for free from Steam, for Mac and Windows. Marathon Infinity, originally released in 1996, is the third game in the Marathon series, and continues the theme of battling hostile aliens in unusual settings. Marathon Infinity introduced some intriguing and ⊠[Read More](https://osxdaily.com/202 ⊠â Read more
↳
In-reply-to
»
There is a bug in
†Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net @bender@twtxt.net I partially agree with bender on this one I think. The way this person is abusing the /external endpoint on my pod seems to be to generate legitimate-looking HTML content for external sites, using a username that does not exist on my pod. One âsemantically correctâ thing to do would be to error out if that username does not exist on the pod. Itâs not unlike having a mail server configured as an open relay at this point.
It would also be very helpful to give the pod administrator control over whatâs being fetched this way. I donât want people using my pod to redirect porn sites or whatever. If I could have something as simple as the ability to blacklist URLs thatâd already help.
There is a bug in yarnd thatâs been around for awhile and is still present in the current version Iâm running that lets a person hit a constructed URL like
YOUR_POD/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
and see a legitimate-looking page on YOUR_POD, with an HTTP code 200 (success). From that fake page you can even follow an external feed. Try it yourself, replacing âYOUR_PODâ with the URL of any yarnd pod you know. Try following the feed.
I think URLs like this should return errors. They should not render HTML, nor produce legitimate-looking pages. This mechanism is ripe for DDoS attacks. My pod gets roughly 70,000 hits per day to URLs like this. Many are porn or other types of content I do not want. At this point, if itâs not fixed soon I am going to have to shut down my pod. @prologic@twtxt.net please have a look.
↳
In-reply-to
»
đ Hello @nigergibe, welcome to Buccipod, a Yarn.social Pod! To get started you may want to check out the pod's Discover feed to find users to follow and interact with. To follow new users, use the
†Read More
âš Follow button on their profile page or use the Follow form and enter a Twtxt URL. You may also find other feeds of interest via Feeds. Welcome! đ€
@mckinley@twtxt.net Heâs signed up three times now even though I keep deleting the account, which is enough for me to permaban this person. I donât technically want open registrations on my pod but up till now Iâve been too lazy to figure out how to turn them off and actually do that, and there hasnât been a pressing need. I may have to now.
Classical Periodic Table
â Read more
Intel Assigns Jewish Israeli Employee to Manager Who Publicly Calls for His Murder
Intel then fires the Jew for complaining⊠replacing him with another person calling for the death of Jews. â Read more
It is good to be off work and have time to spend on my personal projects.
** Dithering the Shire **
In my last post I said that
Iâve had a few ideas for other personal experiments I wanna build on those walks, but havenât actually wanted to do much programmingâââmaybe this fall or winter will be a good time for that?
Welp, it wasnât even an idea when I wrote that, but I made another implementation of pico cam, this time using swift for iOS. I wonât release it to the App Store because I d ⊠â Read more
I learned a #Toronto #hex club just started! Iâve played since â98 or â99, but rarely in person. https://www.hexwiki.net/index.php/Hex_clubs
Join us at KubeDay Japan on August 27 in Tokyo!
Localized and in-person conference will focus on collaboration, discussion, and knowledge sharing around cloud native technologies with a focus on Japan SAN FRANCISCO, Calif. â August 8, 2024 â The Cloud Native Computing FoundationÂź (CNCFÂź), which builds sustainable⊠â Read more
Matter
â Read more
@bender@twtxt.net Is it so maxed out you couldnât fit a pretty small program like Headscale on it? Headscale by itself and only personal home type use as far as amount of peers go, it really isnât noticeable I donât think resource-wise. The Docker version I guess could be a different story.
↳
In-reply-to
»
I setup and switched to Headscale last night. It was relatively simple, I spent more time installing a web GUI to manage it to be honest, the actual server is simple enough. The native Tailscale Android app even works with it thankfully.
†Read More
@prologic@twtxt.net Yes I suppose that is true. There is an article on Tailscaleâs site that explains it all quite a bit: https://tailscale.com/blog/how-nat-traversal-works
To me, with CGNAT, itâs a small miracle that a direct connection can be made between peers (as opposed to going through a relay constantly) but it does indeed work. I guess to host it at home you would need to have it WAN accessible, and if youâve already gone to the trouble of port forwarding etc⊠well đ
Not that I could personally do that, but for those with static IPs etc.
Kubestronaut in Orbit: Eleni Grosdouli
Get to know Eleni This weekâs Kubstronaut in Orbit, Eleni Grosdouli, brings diverse experiences to her role as a DevOps Consulting Engineer at Cisco Systems. Sheâs the go-to person for DevOps and Kubernetes Automation, with a passion for⊠â Read more
A Crossword Puzzle
![Hint: If you ever encounter this puzzle in a crossword app, just [term for someone with a competitive and high-achieving personality].](https://imgs.xkcd.com/comics/a_crossword_puzzle.png)
â Read more
Yeah, though sometimes the most clever devs arenât always the best to deal with on a personal level. I seem to remember the (former?) lead dev on GrapheneOS (IIRC) was an ass hat and threw tantrums at the smallest things and would get stalkery and weird if someone criticised him, but heâs undeniably a brilliant coder and problem solver. Some people need to be more self aware of how their efforts might be harmed with their behaviour though.
WebDAQ Series: Log, Monitor and Control Remotely
The WebDAQ series from Digilent consists of stand-alone data loggers designed for universal input applications, enabling remote system monitoring and control. This series includes three models: WebDAQ 904, WebDAQ 504, and WebDAQ 316, each engineered to cater to specific monitoring needs without the necessity of a personal computer. The WebDAQ 904 model is designed to [âŠ] â Read more
Unsolved Chemistry Problems
â Read more
Google Drive censors files of Pfizer whistleblower
A PowerPoint file was censored on a o personal Google Drive⊠and Googleâs stated reasons were obviously false. Why did this happen? Read the article: https://lunduke.locals.com/post/5682494/google-drive-censors-files-of-pfizer-whistleblower â Read more
(Updated) HealthyPi Move: An Upcoming Open-Source Smartwatch Powered by Nordic nRF5340 SoC
HealthyPi Move: An Upcoming Open-Source Smartwatch Powered by Nordic nRF5340 SoC
CrowdSupply recently showcased the HealthyPi Move, a biometric monitor designed in a convenient wristwatch form factor. Equipped with the Nordic Semiconductorâs nRF5340 SoC and multiple advanced sensors, this portable device is advertised for both personal health tracking and data loggin ⊠â Read more
HackerBox #0103 â Homebrew Showcases Retro Computers and PICO-56 Platform
HackerBox is a monthly subscription service that delivers development kits to hobbyists and students. The âHomebrewâ themed HackerBox 0103 explores the world of retro and homebrew computers, providing a nostalgic and hands-on experience in assembling and programming a computer from the earlier days of the personal computer revolution. The main component of the HackerBox 0103 [âŠ] â Read more
How to Factory Reset Mac (MacOS Sonoma & Ventura)
If you are going to sell, return, or give away a Mac, you almost certainly want to factory reset the computer first. Performing a factory reset on a Mac will erase all data on the Mac, and return it to a clean slate as if the computer were brand new, without any data or personal ⊠Read More â Read more
How to Download & Install VMware Fusion Pro for Mac for Free
VMware Fusion Pro is now available for free for personal use, according to a blog post on the developers website. VMware Fusion Pro is powerful hypervisor software that allows you to create and run virtual machines on your Mac, enabling the capability to do things like run a virtualized Windows installation atop MacOS, or run ⊠Read More â Read more
Play the Retro First-Person Shooter Classics Marathon & Marathon 2 for Free
The Marathon series of video games are classic first-person shooters set in a sci-fi world, and longtime Mac users may have fond memories of playing Marathon, Marathon 2, or Marathon Infinitiy as single-player or multiplayer over a LAN in the mid 1990s. But you donât need a time machine or to run Mac OS Classic ⊠Read More â Read more
ROCK 5 ITX: Now Featuring LPDDR5 Support and Dual 2.5GbE Ports
ROCK 5 ITX: Now Featuring LPDDR5 Support and Dual 2.5GbE Ports
The Radxa ROCK 5 ITX is an ARM-based computer featuring a Mini-ITX motherboard powered by an octa-core Rockchip RK3588 System-on-Chip, making it suitable for use as a personal NAS server, network server, or for light home office applications. â Read more
KubeCon + CloudNativeCon 2024 recap: highlights and takeaways
Community post originally published on Medium by Maryam Tavakkoli This year, I had the opportunity to attend KubeCon + CloudNativeCon Europe in Paris. While this marked my second in-person KubeCon attendance, it was my first experience as an⊠â Read more
The worldâs fair of software: Join us at GitHub Universe 2024
Itâs the 10th anniversary of our global developer event! Celebrate with us by picking up in-person tickets today. Itâs bound to be our best one yet.
The post The worldâs fair of software: Join us at GitHub Universe 2024 appeared first on The GitHub Blog. â Read more
HealthyPi Move: An Upcoming Open-Source Smartwatch Powered by Nordic nRF5340 SoC
HealthyPi Move: An Upcoming Open-Source Smartwatch Powered by Nordic nRF5340 SoC
CrowdSupply recently showcased the HealthyPi Move, a biometric monitor designed in a convenient wristwatch form factor. Equipped with the Nordic Semiconductorâs nRF5340 SoC and multiple advanced sensors, this portable device is advertised for both personal health tracking and data logging for research app ⊠â Read more
What Does the Bell with Line Through It Mean in Messages? Bell Icon on iPhone, iPad, & Mac Explained
You may occasionally see a Messages thread or a conversation in Messages app that shows a bell with a line through it next to the persons name. If youâre wondering what the bell with a line through it means in Messages app, which is the mute symbol, youâre certainly not alone, because not everyone activates ⊠[Read More](https://osxdaily.com/2024/04/05/what-does-bell-line-through-it-m ⊠â Read more
MINIX Z100-AERO Mini PC with 2.5GbE+1GbE ports and NVMe SSD Support
The MINIX Z100-AERO is a compact, high-performance miniPC with an active cooling system and Intel N100 CPU. It supports triple 4K@60Hz displays and offers robust wireless and Ethernet connectivity options making it suitable for everyday tasks or as a personal router. The product page indicates that the Z100-AERO is equipped with the Intel Alder Lake-N [âŠ] â Read more
How to Use ChatGPT-4 for Free with Microsoft Edge
The Microsoft Edge browser offers perhaps one of the best and easiest ways for an average person to access and use ChatGPT-4 for free, without having to pay for ChatGPT-4 access through OpenAI. Best of all, Edge is available for just about every major platform, including Mac, Windows, Linux, iPhone, iPad, and Android. With the ⊠Read More â Read more
XMPP Providers: step.im
Available since
Feb 18, 2011
 ·
Website: JA
Service
Cost: Free of charge
Legal notice:
1
person
Organization:
Private person
Server
Server / Data
location:
đŻđ”
Server software:Â ejabberd 23.10-1~bpo12+1
Account⊠â Read more
XMPP Providers: monocles.eu
Available since
Aug 21, 2021
 ·
Website: DE | EN | ES | FR | HE
Service
Cost: Free of charge
Legal notice:
DE | ENBus factor:
3
persons
Organization:
Commercial person
⊠â Read more
XMPP Providers: projectsegfau.lt
Available since
Feb 7, 2023
 ·
Website: EN
Service
Cost: Free of charge
Legal notice:
2
persons
Organization:
Private person
Server
Server / Data
locations:
đźđł
|
đšđ
Professional hosting
Server software: ejab ⊠â Read more
XMPP Providers: yax.im
Available since
Nov 17, 2013
 ·
Website: EN
Service
Cost: Free of charge
Legal notice:
3
persons
Organization:
Non-governmental
Server
Server / Data
location:
đ©đȘ
Professional hosting
Server software: Prosody 0.12 nightly build 2 ⊠â Read more
XMPP Providers: xmpp.earth
Available since
Aug 1, 2022
 ·
Website: EN
Service
Cost: Free of charge
Legal notice:
2
persons
Organization:
Non-governmental
Server
Server / Data
locations:
đ©đȘ
|
đžđȘ
Professional hosting[Green hosting](https://www.thegreenwebfoundation.org/green-web-check/?url=https%3a%2f%2fapi.thegreenwebfounda ⊠â Read more
XMPP Providers: pimux.de
Available since
Jan 31, 2016
 ·
Website: EN
Service
Cost: Free of charge
Legal notice:
1
person
Organization:
Private person
Server
Server / Data
location:
đ©đȘ
Professional hosting[Green hosting](https://www.thegreenwebfoundation.org/green-web-check/?url=https%3a%2f%2fapi.thegreenwebfoundation.org%2 ⊠â Read more
XMPP Providers: redlibre.es
Available since
Jul 9, 2023
 ·
Website: ES
Service
Cost: Free of charge
Legal notice:
1
person
Organization:
Private person
Server
Server / Data
location:
đȘđž
Professional hosting[Green hosting](https://www.thegreenwebfoundation.org/green-web-check/?url=https%3a%2f%2fapi.t ⊠â Read more
XMPP Providers: worlio.com
Available since
Mar 7, 2023
 ·
Website: EN
Service
Cost: Free of charge
Legal notice:
1
person
Organization:
Company
Server
Server / Data
location:
đșđž
Professional hosting
Server software:Â Prosody 0.12.4
AccountYou can reg ⊠â Read more
XMPP Providers: movim.eu
Available since
Aug 16, 2017
 ·
Website: EN
Alternative Addresses
jappix.com
Service
Cost: Free of charge
Legal notice:
1
person
Organization:
Private person
Server
Server / Data
locations:
đ©đȘ
|
đ«đ·
Professional hosting[Green hosting](https://www.thegreenwebfoundation.org/green-web-check/?url=https% ⊠â Read more