SpaceX launches Polaris Dawn crew on daring mission into Earth’s radiation belts
SpaceX launches daring new space mission into radiation belts around Earth. ⌘ Read more
First look at brand new iPhone 16
Apple is set to release its newest iPhone in the next week. ⌘ Read more
Apple launchs slew of new devices
Apple has just launched a slew of new devices at its annual product conference in California. ⌘ Read more
As a Gen Z wanting to get off social media, I lived for a week using a ‘dumb phone’
As a 19-year-old, I’m sceptical about the government’s proposed social media ban. But a more effective alternative is gaining traction among Gen Zers. ⌘ Read more
The five biggest announcements from Apple’s iPhone 16 event
A lot was packed into the pre-recorded announcement video that you might not have caught at first glance. ⌘ Read more
Apple unveils its AI-enabled iPhone 16 with new camera controls, longer battery life
Apple’s new phones are slightly less expensive and more powerful and will arrive in a matter of weeks, though its generative AI features won’t be there at launch. ⌘ Read more
Apple unveils iPhone 16 and new AI features
Apple launches iPhone 16 and Apple Intelligence’ AI technology. ⌘ Read more
Apple unveils its AI-enabled iPhone 16 with new camera controls, longer battery life
Apple’s new phones are slightly less expensive and more powerful and will arrive in a matter of weeks, though its generative AI features won’t be there at launch. ⌘ Read more
On my blog: Developer Diary, Chrysanthemum Day https://john.colagioia.net/blog/2024/09/09/chrysanthemum.html #programming #project #devjournal
On my blog: Holding Universal Access to All Knowledge Hostage https://john.colagioia.net/blog/2024/09/08/internet-archive.html #politics #rant
Google’s folding phone perfects the design Samsung innovated
The Galaxy Z Fold has improved every generation, but Google just leapfrogged it with the Pixel 9 Pro Fold. ⌘ Read more
On my blog: Free Culture Book Club — Aumyr, part 1 https://john.colagioia.net/blog/2024/09/07/aumyr-1.html #freeculture #bookclub
On my blog: Toots 🦣 from 09/02 to 09/06 https://john.colagioia.net/blog/2024/09/06/week.html #linkdump #socialmedia #quotes #week
On my blog: Real Life in Star Trek, The Outcast https://john.colagioia.net/blog/2024/09/05/outcast.html #scifi #startrek #closereading
Why iPhone 16 could be Apple’s biggest leap since Siri
The tech giant is banking on generative AI to bring its phones back on track in the competition on digital assistants. ⌘ Read more
Dad’s ‘third daughter’ always came to look after him. Then a computer said no
Some aged care providers are turning to artificial intelligence to make decisions best made by someone with a heart. ⌘ Read more
MP Ed Husic discusses federal government’s bid to make AI safer
Today federal politics reporter Liz Daniels speaks to MP Ed Husic about the Albanese government’s bid to regulate the booming AI industry. ⌘ Read more
@prologic@twtxt.net I believe you when you say registries as designed today do not crawl. But when I first read the spec, it conjured in my mind a search engine. Now I don’t know how things work out in practice, but just based on reading, I don’t see why it can’t be an API for a crawling search engine. (In fact I don’t see anything in the spec indicating registry servers shouldn’t crawl.)
(I also noticed that https://twtxt.readthedocs.io/en/latest/user/registry.html recommends “The registries should sync each others user list by using the users endpoint”. If I understood that right, registering with one should be enough to appear on others, even if they don’t crawl.)
Does yarnd provide an API for finding twts? Is it similar?
I just manually followed the steps at https://dev.twtxt.net/doc/twthashextension.html and got 6mdqxrq. I wonder what happened. Did @cuaxolo@sunshinegardens.org edit the twt in some subtle way after twtxt.net downloaded it? I couldn’t spot a diff, other than ‘ appearing as ’ on yarn.social, which I assume is a transformation done by twtxt.net.
お知らせ:システムメンテナンスのお知らせ ⌘ Read more
‘A vacuum for your head?’: Dyson makes looking different sound good
Dyson is making plenty of noise with its new OnTrac headphones. So, we put them to the Sabrina Carpenter test. ⌘ Read more
No, your mobile phone is not giving you brain cancer
A World Health Organisation review of more than 5000 studies, led by Australian scientists, found no increased risk of several cancers associated with mobile phone use. ⌘ Read more
The far-right is the only place left for Elon Musk’s X-rated ego
Many are wondering how the poster boy for futurism ended up sounding like a conspiracy-theory-spouting uncle. But what if we’re all missing the point? ⌘ Read more
お知らせ:インシデント対応状況(日時)公開終了のお知らせ ⌘ Read more
On my blog: Developer Diary, Emma Nutt Day, Belated https://john.colagioia.net/blog/2024/09/02/emma-nutt.html #programming #project #devjournal
The free speech billionaires are losing the war
Elon Musk and Pavel Durov have been asking for trouble. It has found them. ⌘ Read more
On my blog: Weird Enough? https://john.colagioia.net/blog/2024/09/01/weird.html #harm #politics #rant
Can this repairable smartphone deliver a perfect social media detox?
The HMD Skyline has a killer pair of special features, which may or may not be as good as they sound. ⌘ Read more
On my blog: Free Culture Book Club — Geiko Eien Ni https://john.colagioia.net/blog/2024/08/31/geiko-eien-ni.html #freeculture #bookclub
Inside Australia’s love affair with the iPhone
The handheld marvel was perhaps the world’s first ‘smartphone’ and it’s more popular here than nearly anywhere else. ⌘ Read more
On my blog: Toots 🦣 from 08/26 to 08/30 https://john.colagioia.net/blog/2024/08/30/week.html #linkdump #socialmedia #quotes #week
‘We have a lot of issues’: Billionaire tech boss lifts lid on staff turnover
Airwallex CEO Jack Zhang says a lack of resources means he can’t compete with the likes of Canva or Atlassian in work perks. ⌘ Read more
On my blog: Real Life in Star Trek, Ethics https://john.colagioia.net/blog/2024/08/29/ethics.html #scifi #startrek #closereading
I’m hearing the call, it’s time to switch back to landline phones
Preferring a text message is fine when the topic of conversation is which mall to hang out, but try telling a potential employer to send you a voice note instead of calling. ⌘ Read more
Star Wars meets Grand Theft Auto in stunning but patchy new heist
The Star Wars underworld is a great fit for Ubisoft’s open-world checklist formula, but this criminal syndicate caper has a few major flaws. ⌘ Read more
@prologic@twtxt.net My pod, which is running the same commit you are, does not return an error like that. It returns the same HTML it always has. Try it. I nuked my cache before restarting.
Edit: Oh wait, the plot thickens. I do get an error if I use curl or if I use a web browser that isn’t logged in. That’s good!
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net I believe you are not seeing the problem I am describing.
Hit this URL in your web browser:
https://twtxt.net/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
That’s your pod. I assume you don’t have a user named lovetocode999 on your pod. Yet that URL returns HTTP status 200, and generates HTML, complete with a link to https://socialmphl.com/story19510368/doujin, which is not a twtxt feed (that’s where the twtxt.txt link goes if you click it). That link could be to anything, including porn, criminal stuff, etc, and it will appear to be coming from your twtxt.net domain.
What I am saying is that this is a bug. If there is no user lovetocode999 on the pod, hitting this URL should not return HTTP 200 status, and it should definitely not be generating valid HTML with links in it.
Edit: Oops, I misunderstood the purpose of this /external endpoint. Still, since the uri is not a yarn pod, let alone one with a user named lovetocode999 on it, I stand by the belief that URLs like this should be be generating valid HTML with links to unknown sites. Shouldn’t it be possible to construct a valid target URL from the nick and uri instead of using the pod’s /external endpoint?
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net @bender@twtxt.net I partially agree with bender on this one I think. The way this person is abusing the /external endpoint on my pod seems to be to generate legitimate-looking HTML content for external sites, using a username that does not exist on my pod. One “semantically correct” thing to do would be to error out if that username does not exist on the pod. It’s not unlike having a mail server configured as an open relay at this point.
It would also be very helpful to give the pod administrator control over what’s being fetched this way. I don’t want people using my pod to redirect porn sites or whatever. If I could have something as simple as the ability to blacklist URLs that’d already help.
Apple announces launch date for new iPhone 16, watches and AirPods. Here’s what to expect
Apple has sent out invitations for a product launch event at its headquarters on September 9 in California, when it’s set to announce details of the iPhone 16 and other new devices. ⌘ Read more
On my blog: Developer Diary, Women’s Equality Day https://john.colagioia.net/blog/2024/08/26/womens-equality.html #programming #project #devjournal
There is a bug in yarnd that’s been around for awhile and is still present in the current version I’m running that lets a person hit a constructed URL like
YOUR_POD/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
and see a legitimate-looking page on YOUR_POD, with an HTTP code 200 (success). From that fake page you can even follow an external feed. Try it yourself, replacing “YOUR_POD” with the URL of any yarnd pod you know. Try following the feed.
I think URLs like this should return errors. They should not render HTML, nor produce legitimate-looking pages. This mechanism is ripe for DDoS attacks. My pod gets roughly 70,000 hits per day to URLs like this. Many are porn or other types of content I do not want. At this point, if it’s not fixed soon I am going to have to shut down my pod. @prologic@twtxt.net please have a look.
Apple’s new iPhone 16, watches and AirPods set to land in weeks. Here’s what to expect
Apple is planning to hold its biggest product launch event of the year on September 10, when the company will unveil the latest iPhones, watches and AirPods, according to people familiar with the situation. ⌘ Read more
Confessions of an e-scooter commuter
Many believe that e-scooters and similar devices will play a big role in how we get around in the future, but the path remains bumpy. ⌘ Read more
On my blog: Free Culture Book Club — Morrisa Jeanine https://john.colagioia.net/blog/2024/08/24/morrisa-jeanine.html #freeculture #bookclub
https://galusik.fr/log/2024-08-23-frm.html Tonight #fridayrockmetal playlist
On my blog: Toots 🦣 from 08/19 to 08/23 https://john.colagioia.net/blog/2024/08/23/week.html #linkdump #socialmedia #quotes #week
The Facebook problem that only hurts Australians
Frances Haugen made global headlines when she blew the whistle on Facebook. She says the company treats Australia differently to other markets. ⌘ Read more
On my blog: Real Life in Star Trek, Power Play https://john.colagioia.net/blog/2024/08/22/power-play.html #scifi #startrek #closereading
Google’s Pixel 9 Pro approaches AI overload, but it’s still a fantastic phone
As well as providing brilliant hardware, the best version of Android and fantastic cameras, the latest Pixel introduces a raft of generative AI. ⌘ Read more
Fresh look at Indiana Jones and the Great Circle
New gameplay and story details have been revealed for the upcoming game Indiana Jones and the Great Circle, set to release on Xbox and PC in December. ⌘ Read more