Why everyone is quitting social media β Read more
Erlang Solutions: MongooseIM 6.4: Simplified and Unified
MongooseIM is a scalable and efficient instant messaging server. With the latest release 6.4.0, it has become more powerful yet easier to use and maintain. Thanks to the internal unification of listeners and connection handling, the configuration is easier and more intuitive, while numerous new options are supported.
New features include support for TLS 1.3 with optional channel binding for improved security, single round-trip authent β¦ β Read more
↳
In-reply-to
»
@lyse @kat Colorized manpages have been a thing for a very long time:
β€ Read More
(Just for fun, SuSE Linux 6.4 from ~25 years ago: https://movq.de/v/dc62d0256c/s.png )
↳
In-reply-to
»
Speaking of manpages:
β€ Read More
@lyse@lyse.isobeef.org @kat@yarn.girlonthemoon.xyz Colorized manpages have been a thing for a very long time:
https://movq.de/v/81219d7f7a/s.png
Problem is, hardly anybody knows this, because you configure this by β¦ drumroll β¦ overwriting TERMCAP entries of less in your ~/.bashrc:
export LESS_TERMCAP_md=$'\e[38;5;3m' # Bold⨠export LESS_TERMCAP_me=$'\e[0m' # End Bold
export LESS_TERMCAP_us=$'\e[4;38;5;6m' # Underline⨠export LESS_TERMCAP_ue=$'\e[0m' # End Underline
export GROFF_NO_SGR=1 # Needed since groff 1.23
↳
In-reply-to
»
wrote a script to make epic aesthetic half tone images and i was impressed with myself how fast i did it but to be fair i already had the commands noted down and i just had to script it lmfao
β€ Read More
@kat@yarn.girlonthemoon.xyz https://snippets.4-walls.net/kat/890f9db00b1940679161d0348b28c339
↳
In-reply-to
»
Do I buy a new monitor or do I live with the burn-ins all the time? Itβs getting annoying. When I edit images in GIMP, I have to double check if something is a pixel or a burn-in.
β€ Read More
@lyse@lyse.isobeef.org 4 years. π«€
i am having fun with dmenu
https://bytes.4-walls.net/kat/dotfiles/src/branch/main/config/.local/bin/dict
https://bytes.4-walls.net/kat/dotfiles/commit/b5ca2e0eaba3cbc0cf0898926ffcb0bb064d17c7
↳
In-reply-to
»
i wanna figure out more things to do with dmenu but i don't really know man the emoji picker is hard to beat
β€ Read More
@kat@yarn.girlonthemoon.xyz NVM i stole other peoples code to make a dictionary lookup script https://bytes.4-walls.net/kat/dotfiles/src/branch/main/config/.local/bin/dict
↳
In-reply-to
»
Xfce does one thing very right: It stores its settings in plain-text XML files. This allows me to easily read, track, and maybe even distribute these settings to other machines.
β€ Read More
@lyse@lyse.isobeef.org @kat@yarn.girlonthemoon.xyz I spent so much time in the past figuring out if something is a dict or a list in YAML, for example.
What are the types in this example?
items:
- part_no: A4786
descrip: Water Bucket (Filled)
price: 1.47
quantity: 4
- part_no: E1628
descrip: High Heeled "Ruby" Slippers
size: 8
price: 133.7
quantity: 1
items is a dict containing β¦ a list of two other dicts? Right?
It is quite hard for me to grasp the structure of YAML docs. π’
The big advantage of YAML (and JSON and TOML) is that itβs much easier to write code for those formats, than it is with XML. json.loads() and youβre done.
The WM_CLASS Property is used on X11 to assign rules to certain windows, e.g. βthis is a GIMP window, it should appear on workspace number 16.β It consists of two fields, name and class.
Wayland (or rather, the XDG shell protocol β core Wayland knows nothing about this) only has a single field called app_id.
When you run X11 programs under Wayland, you use XWayland, which is baked into most compositors. Then you have to deal with all three fields.
Some compositors map name to app_id, others map class to app_id, and even others directly expose the original name and class.
Apparently, there is no consensus.
↳
In-reply-to
»
This aggressive auto-logout on my bankβs website β¦
β€ Read More
@movq@www.uninformativ.de Yeah, itβs a shitshow. MS overconfirms all my prejudices constantly.
Ignoring e-mail after lunch works great, though. :-)
Our timetracking is offline for over a week because of reasons. The responsible bunglers are falling by the skin of their teeth: https://lyse.isobeef.org/tmp/timetracking.png
- The error message neither includes the timeframe nor a link to an announcement article.
- The HTML page needs to download JS in order to display the fucking error message.
- Proper HTTP status codes are clearly only for big losers.
- Despite being down, heaps of resources are still fetched.
I find it really fascinating how one can screw up on so many levels. This is developed inhouse, Iβm just so glad that weβre not a software engineering company. Oh wait. How embarrassing.
↳
In-reply-to
»
The lack of suckless-like simple, hackable software these days is appalling.
β€ Read More
@prologic@twtxt.net Yeah, this really could use a proper definition or a βmanifestβ. π Many of these ideas are not very wide spread. And I havenβt come across similar projects in all these years.
Letβs take the farbfeld image format as an example again. I think this captures the βspiritβ quite well, because this isnβt even about code.
This is the entire farbfeld spec:
farbfeld is a lossless image format which is easy to parse, pipe and compress. It has the following format:
ββββββββββ€ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Bytes β Description β
β βββββββββͺββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ£
β 8 β "farbfeld" magic value β
ββββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ’
β 4 β 32-Bit BE unsigned integer (width) β
ββββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ’
β 4 β 32-Bit BE unsigned integer (height) β
ββββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ’
β [2222] β 4x16-Bit BE unsigned integers [RGBA] / pixel, row-major β
ββββββββββ§ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
The RGB-data should be sRGB for best interoperability and not alpha-premultiplied.
(Now, I donβt know if your screen reader can work with this. Let me know if it doesnβt.)
I think these are some of the properties worth mentioning:
- The spec is extremely short. You can read this in under a minute and fully understand it. That alone is gold.
- There are no βknobsβ: Itβs just a single version, itβs not like thereβs also an 8-bit color depth version and one for 16-bit and one for extra large images and one that supports layers and so on. This makes it much easier to implement a fully compliant program.
- Despite being so simple, itβs useful. Iβve used it in various programs, like my window manager, my status bars, some toy programs like βtuxeyesβ (an Xeyes variant), or Advent of Code.
- The format does not include compression because it doesnβt need to. Just use something like bzip2 to get file sizes similar to PNG.
- It doesnβt cover every use case under the sun, but it does cover the most important ones (imho). They have discussed using something other than RGBA and decided itβs not worth the trouble.
- They refrained from adding extra baggage like metadata. It would have needlessly complicated things.
** Om nom nom LLMs, in which I respond to Simon Willisonβs analogy **
I am hesitant to wade into the tumultuous waters that are the discourse around generative AI and LLMs, but this morning I came across a thing that so thoroughly melted my brain I feel uncontrollably compelled to respond.
This morning, at evidently 4:10 AM (no mention of timezone), Simon Willison shared the following blog post, quoted here in full:
Quitting programming as β¦ β Read more
Saw this on Mastodon:
https://racingbunny.com/@mookie/114718466149264471
18 rules of Software Engineering
- You will regret complexity when on-call
- Stop falling in love with your own code
- Everything is a trade-off. Thereβs no βbestβ 3. Every line of code you write is a liability 4. Document your decisions and designs
- Everyone hates code they didnβt write
- Donβt use unnecessary dependencies
- Coding standards prevent arguments
- Write meaningful commit messages
- Donβt ever stop learning new things
- Code reviews spread knowledge
- Always build for maintainability
- Ask for help when youβre stuck
- Fix root causes, not symptoms
- Software is never completed
- Estimates are not promises
- Ship early, iterate often
- Keep. It. Simple.
Solid list, even though 14 is up for debate in my opinion: Software can be completed. You have a use case / problem, you solve that problem, done. Your software is completed now. There might still be bugs and they should be fixed β but this doesnβt βaddβ to the program. Donβt use βsoftware is never doneβ as an excuse to keep adding and adding stuff to your code.
↳
In-reply-to
»
https://threadreaderapp.com/thread/1935344122103308748.html Interesting article on how ChatGPT is rotting your brain π€£
β€ Read More
@prologic@twtxt.net β¦ or just bullshit.
Iβm Alex, COO at ColdIQ. Built a $4.5M ARR business in under 2 years.
Some βC-levelβ guy telling people what to do, yeah, I have my doubts.
@movq@www.uninformativ.de make that 4 people! i use plain text when i can because this page convinced me lmfao
↳
In-reply-to
»
@bender Both Gopher and Mastodon are a way for me to βbabbleβ. π
I basically shut down Gopher in favor of Mastodon/Fedi last year. But the Fediverse doesnβt really work for me. Itβs too focused on people (I prefer topics) and I dislike the addictive nature of likes and boosts (Iβm not disciplined enough to ignore them). Self-hosting some Fedi thing is also out of the question (the minimalistic daemons donβt really support following hashtags, which is a must-have for me).
β€ Read More
@movq@www.uninformativ.de Me too π β Speaking of which i know youβve lost a bit of βmojoβ or βenergyβ (so have i of late), rest assured, I want to keep the status quo here with what weβve built, keep it simple and change very little. What weβve built has worked very well for 5+ years and we have at least 3 very strong clients (maybe 4 or 5?).
↳
In-reply-to
»
I wanted to port this to Rust as an excercise, but they still have no random number generator in the core library: https://github.com/rust-lang/rust/issues/130703
β€ Read More
@movq@www.uninformativ.de Ahh but it kind of is mine π Or at least Iβve done this kind of thing at least 3 or 4 times now π€£
Ghost in the Network β Read more
Cracking JWTs: A Bug Bounty Hunting Guide [Part 6] β Read more
GraphQL Gatecrash: When an Introspection Query Opened the Whole Backend οΈ
Free Link π
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/graphql-gatecrash-when-an-intro β¦ β Read more
Practical study material OSWP Part 3: WEP Walkthrough β Read more
Practical study material OSWP Part 2: WPA2-MGT Walkthrough β Read more
Practical study material OSWP Part 1: WPA2-PSK Walkthrough β Read more
Could XSS Be the Hidden Key to Account Takeover
What if I told you that a simple Cross-Site Scripting (XSS) vulnerability could be the golden ticket to a full Account Takeover (ATO)? Noβ¦
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups β¦ β Read more
OSWE Web Hacking Tips (IPPSEC): Java Reversing href=βhttps://we.loveprivacy.club/search?q=%232β>#2** β Read more
Crafting Standalone Python Proof of Concept Exploits
Creating standalone proof of concept exploits implementing a zero-to-hero method, requiring a single action to run.
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/craf β¦ β Read more
$560 Bounty: How Twitterβs Android App Leaked User Location
A Silent Broadcast That Let Any App Spy on You Without Asking
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/560-bounty-how-twitters-android-app-leaked- β¦ β Read more
Mexican Police kill 4 gunmen, cross into Guatemala in dramatic border shootout. β Read more
Illicit tobacco crop worth $4.4m discovered near Shepparton after tip-off
Authorities seize a 20-tonne crop of mature tobacco being grown on 2.4 hectares, an area equivalent to more than 450 tennis courts, in Victoriaβs north. β Read more
50 Command Line Tools You Wish You Knew Sooner
Master the terminal with these essential commands that will transform your Linux experience from novice to power user.
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/50-command-line-tools-you-wis β¦ β Read more
My Laptop Died, So I Hacked with My Phone. No Excuse β Read more
ToolHive Tutorial: Securely Deploy and Manage MCP Servers β Read more
**οΈ Deloitte Virtual Internship Cyber Sim Victory ** β Read more
Nintendo Switch 2 Hacked in 48 HoursβββBut Hereβs Why Itβs Just the Beginning
A harmless green line on the screen may have just opened the floodgates for hackersβββinside the first real exploit on Nintendoβ β¦ β Read more
When you play the Game of RBAC, You either validate, or the world denies your existenceβββlike a King behind the wall.
OIDC: The Digitally signed Pinky Swear βItβs Meβ (Part I)
Whenever an Elbow-Shake Protocol is being established, thereβs always Users try to communicate safely during Corona pandemic!
[Continue reading on InfoSec Write-ups Β»](https://infosecwrit β¦ β Read more
WebSocket Wizardry: How a Forgotten Channel Let Me Sniff Private Chats in Real-Time οΈββοΈ
Hey there!π
[Continue reading on InfoSec Write-ups Β»]( β¦ β Read more
I went out with my friends last night and came back late. My cat missed me and proceeded to cuddle for 4 hours β Read more
** Stinky **
This morning I set up our new composter. This entailed shoveling a lot of compost from the old one into the new so that it can actually finish cooking. Shoveling 4 years worth of mostly kitchen scrap compost is a very very stinky endeavor. Despite wearing gloves I donβt know if my hands will ever not smell again. β Read more
π βI wasnβt an adminβ¦ until I became one with just a JSON object.β
Rethinking the guest network to improve my home network security β Read more
Business logic allows any user to be blocked from creating an account
FREE READ
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/business-logic-allows-any-user-to-be-blocked-from-creating- β¦ β Read more
Understanding Misconfiguration Exploits: A Beginnerβs Guide to Offensive Security Thinking.
Misconfigurations are among the most commonβββand most dangerousβββvulnerabiliti β¦ β Read more
Cracking JWTs: A Bug Bounty Hunting Guide [Part 5] β Read more
**Abuse-ception: How I Turned the Abuse Report Feature Into a Mass Email Spammer **
Hey there!π
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/abuse-ception-how-i-turned-the- β¦ β Read more
$1,000 Bug: Firefox Account Deletion Without 2FA or Authorization
How a Missing Backend Check Let Attackers Nuke Accounts With Just a Password
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/1-000-bu β¦ β Read more
The 5 Cybersecurity Roles That Will Disappear First
Think your job is safe from AI? Think again. These are the first cybersecurity roles AI will eat.β
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/the-5-cybersecurity-role β¦ β Read more