Searching yarn

Twts matching #Protocol
Sort by: Newest, Oldest, Most Relevant

Anyone using XMPP? I’ve been hearing a lot about how it is the OG messaging protocol. That G00gle Talk used to use it as a back-end, that FB messanger and w_hatsapp use some modified version of it or something; And that setting up a server (or even using a public one) would be a better alternative to the aforementioned apps, so I did. Now the question is: ā€œWhere the Fu__ are my video calls at!!? šŸ¤£ā€ … The protocol supports videoconferencing and I’m yet to find a decent Desktop/Mobile client that implements it. I wish I knew enough Code-Fu to contribute/help implement some, somewhere.

⤋ Read More
In-reply-to » @lyse @tftp Someone has pointed out that there’s OpenRsync:

Actually, I’m stupid: I’m using the normal rsync on OpenBSD as well.

And regarding OpenRsync’s general usability:

https://marc.info/?l=openbsd-misc&m=178090751524547&w=2

Right now openrsync is limited in functionality and is primarily present
for rpki-client. The limited functionality makes it unusable for generic
use and so any diff or change like the above will not be considered since it
is simply not ready.

First problem to solve is to remove the mmap usage in openrsync. After
that modern protocol versions need to be added. Once that is in place one
can start a discussion about using openrsync as a default on OpenBSD.

⤋ Read More
In-reply-to » @movq That's a great effect! šŸ‘

@itsericwoordward@itsericwoodward.com I just want to let you know that your mention completion seems to be broken. :-) The URL is duplicated with a comma in between. Actually, the protocols differ. I suspect that you extract all url metadata fields from the feed, not only the canonical one used for hashing (the first one) and join them. I’m not completely sure, I would need to read up on the specs (it’s already past bed o’clock, though), but I guess that there is no explicit rule for picking the mention URL. Without having thought about it too much, I reckon the safest bet is to stick to the hashing URL when in doubt and the URL that was used to subscribe to the feed is not available for whatever reason. The URL from the subscription list is probably even better.

⤋ Read More

What do the Gopher Troopers think of the following? The Gopher protocol is a nearly-forgotten network protocol from the early 1990s, designed to serve and navigate text-based menus and documents over the Internet. While itĀ’s far less common than HTTP/HTTPS today, there are still some security risks associated with Gopher and Gopher space. LetĀ’s break them down carefully: 1. Lack of Encryption Problem: Gopher was designed long before widespread use of SSL/TLS. All dataĀ—including credentials, file transfers, and menu selectionsĀ—is transmitted in plaintext. Impact: Anyone intercepting traffic (e.g., via a network sniffer, public Wi-Fi, or a compromised router) can read sensitive information, including usernames and passwords. 2. No Authentication or Access Control Problem: Gopher servers rarely implement robust authentication; access control is usually limited or non-existent. Impact: Unauthorized users might browse sensitive directories or download private files, particularly if servers are misconfigured. 3. Server Software Vulnerabilities Problem: Modern OSes can still run legacy Gopher servers, but the software is often unmaintained. Impact: Old software may contain buffer overflows, directory traversal bugs, or command injection vulnerabilities that attackers could exploit. 4. Malicious Gopher Links Problem: Gopher menus can contain links that point to scripts or other servers, similar to hyperlinks in HTTP. A client following a malicious link could inadvertently: Download malware Access sensitive internal network resources (server-side request forgery) Impact: Could serve as a vector for attacks if a user opens content from untrusted sources. 5. Legacy Protocol Weaknesses Problem: Gopher lacks modern web security mechanisms like: Content security policies Same-origin policies Cross-site request forgery protection Impact: If Gopher is bridged to other services (like modern browsers via gateways), old vulnerabilities may be exposed. 6. Information Leakage Problem: Gopher servers often provide directory listings without restriction. Impact: Sensitive files, backup directories, and internal documents may be exposed unintentionally. 7. Bridging Risks Problem: Some modern browsers access Gopher via gateways (HTTP-to-Gopher proxies). These bridges may: Expose sensitive internal resources to the gateway Introduce logging or tracking that wouldnĀ’t exist on pure Gopher Impact: Attacks could occur indirectly through insecure intermediaries. Key Takeaways Gopher is inherently insecure due to its design in a pre-HTTPS era. Main threats: eavesdropping, unauthorized access, malware delivery, and exploitation of unpatched server software. Safe practice: Use Gopher only in isolated, trusted environments, or through secure HTTP(S) gateways with proper sanitization.

⤋ Read More

Okay, I had heard of ā€œRiverā€ before but I was not aware of this:

https://codeberg.org/river/river

River defers all window management policy to a separate window manager implementing the river-window-management-v1 protocol. This includes window position/size, pointer/keyboard bindings, focus management, window decorations, desktop shell graphics, and more.

This sounds promising and it follows the old X11 model. River does all the nasty Wayland work and I can make just the WM? šŸ¤”šŸ¤Æ

⤋ Read More

Just a small update, on my birthday (on the 5th), I accidentally deleted the main page, of my website, so I’m using that as an opportunity, to try something new, at https://thecanine.smol.pub or gemini://thecanine.smol.pub - depending on your preferred protocol.

Any feedback is welcome!

⤋ Read More
In-reply-to » For the innocent bystanders (because I know that I won’t change @bender’s opinion):

@movq@www.uninformativ.de Gemini liked your opinion very much. Here is how it countered:

1. The User Perspective (Untrustworthiness)

The criticism of AI as untrustworthy is a problem of misapplication, not capability.

  • AI as a Force Multiplier: AI should be treated as a high-speed drafting and brainstorming tool, not an authority. For experts, it offers an immense speed gain, shifting the work from slow manual creation to fast critical editing and verification.
  • The Rise of AI Literacy: Users must develop a new skill—AI literacy—to critically evaluate and verify AI’s probabilistic output. This skill, along with improving citation features in AI tools, mitigates the ā€œgaslightingā€ effect.
2. The Moral/Political Perspective (Skill Erosion)

The fear of skill loss is based on a misunderstanding of how technology changes the nature of work; it’s skill evolution, not erosion.

  • Shifting Focus to High-Level Skills: Just as the calculator shifted focus from manual math to complex problem-solving, AI shifts the focus from writing boilerplate code to architectural design and prompt engineering. It handles repetitive tasks, freeing humans for creative and complex challenges.
  • Accessibility and Empowerment: AI serves as a powerful democratizing tool, offering personalized tutoring and automation to people who lack deep expertise. While dependency is a risk, this accessibility empowers a wider segment of the population previously limited by skill barriers.
3. The Technical and Legal Perspective (Scraping and Copyright)

The legal and technical flaws are issues of governance and ethical practice, not reasons to reject the core technology.

  • Need for Better Bot Governance: Destructive scraping is a failure of ethical web behavior and can be solved with better bot identification, rate limits, and protocols (like enhanced robots.txt). The solution is to demand digital citizenship from AI companies, not to stop AI development.

⤋ Read More
In-reply-to » @zvava I am getting [2025/09/11 12:56:01.816] ⇒ please set config.host when trying to run "bbycll". How to bypass that tiny hurdle?

Woot, thank you! Using a config.json like this:

{
  "host": "localhost:31212",
  "protocols": ["http"]
}

Indeed did the trick! I know it isn’t production ready, but I wanted to see with my own eyes, locally, how did it look. :-) I like where you are going! It is looking very nice, and polished. Can’t wait for an alpha, beta, and release!

⤋ Read More
In-reply-to » @zvava I am getting [2025/09/11 12:56:01.816] ⇒ please set config.host when trying to run "bbycll". How to bypass that tiny hurdle?

@bender@twtxt.net as the host (eg twtxt.net) determines the canonical url of the instance in generated feed url metadata as well as every hash of every post made on the instance internally, i added this error message to make sure people don’t accidentally set up their instance on localhost :p for testing i set it to localhost:31212 and protocols to ["http"], it’s a recent addition that could definitely do with documenting in the getting started section

⤋ Read More
In-reply-to » @prologic @movq My metadata only has my HTTPS URL. I didn't consider having multiple. I was talking about my config.yaml. Jenny sounds like a good client, so I might give that a try.

@dce@hashnix.club No worries 😌 It’s all documented in our soecs, it’s not such a common thing that we’ve felt the great need to really solve, we’re aware folks want to sometimes have their feed on several protocols, and that’s totally fineā„¢ šŸ˜…

⤋ Read More
In-reply-to » It might just be my client, but it seems that I cannot track multiple URLs at once. As such, all three of my twtxt URLs will work for following, but mentions will only reach me at my HTTPS URL (https://hashnix.club/~dce/twtxt.txt). If there is a client that can cope with twtxt mirrors, I would love to know about it.

@dce@hashnix.club Ah, oh, well then. 🄓

My client supports that, if you set multiple url = fields in your feed’s metadata (the top-most one must be the ā€œmainā€ URL, that one is used for hashing).

But yeah, multi-protocol feeds can be problematic and some have considered it a mistake to support them. šŸ¤”

⤋ Read More
In-reply-to » The original twt is unavailable. It may have been edited or deleted, or is from an unknown or muted feed.

@lyse@lyse.isobeef.org They are optional dependencies and listed as such:

$ pacman -Qi pinentry
Name            : pinentry
Version         : 1.3.1-5
Description     : Collection of simple PIN or passphrase entry dialogs which
                  utilize the Assuan protocol
Optional Deps   : gcr: GNOME backend [installed]
                  gtk3: GTK backend [installed]
                  qt5-x11extras: Qt5 backend [installed]
                  kwayland5: Qt5 backend
                  kguiaddons: Qt6 backend
                  kwindowsystem: Qt6 backend

And it’s probably a good thing that they’re optional. I wouldn’t want to have all that installed all the time.

⤋ Read More

The WM_CLASS Property is used on X11 to assign rules to certain windows, e.g. ā€œthis is a GIMP window, it should appear on workspace number 16.ā€ It consists of two fields, name and class.

Wayland (or rather, the XDG shell protocol – core Wayland knows nothing about this) only has a single field called app_id.

When you run X11 programs under Wayland, you use XWayland, which is baked into most compositors. Then you have to deal with all three fields.

Some compositors map name to app_id, others map class to app_id, and even others directly expose the original name and class.

Apparently, there is no consensus.

⤋ Read More
In-reply-to » @bender Both Gopher and Mastodon are a way for me to ā€œbabbleā€. šŸ˜… I basically shut down Gopher in favor of Mastodon/Fedi last year. But the Fediverse doesn’t really work for me. It’s too focused on people (I prefer topics) and I dislike the addictive nature of likes and boosts (I’m not disciplined enough to ignore them). Self-hosting some Fedi thing is also out of the question (the minimalistic daemons don’t really support following hashtags, which is a must-have for me).

@bender@twtxt.net Yeah, well, it’s a bit like twtxt. There is a Gopher community, but it’s small. I actually don’t like that HTTP is so easily accessible. I don’t like it that much when people post links to my site on HackerNews or something like that. Too much exposure.

Gopher is a small world. It’s slow and cozy.

And much like twtxt, the protocol is simpleĀ®, so it’s easier to tinker with it.

⤋ Read More

When I chose the MIT license for all of my software, I thought:

ā€œShould I use GPL, which I don’t really understand? Is that worth it? Yeah, there is a theoretical possibility that some company might use my code in their proprietary product … and then what? Should I sue them to enforce the GPL? I’m not going to do that anyway, so I’ll just use the MIT license.ā€

And now we have those LLM scrapers and now it’s suddenly a reality that these companies (ab)use my code. I can see it in my logs. I didn’t expect that back then.

GPL wouldn’t help, either, of course. (Regardless, I now think that GPL would have been the better choice anyway.)

I’m honestly considering taking my code and website offline. Maybe make it accessible through some obscure protocol like Gopher or Gemini, but no more HTTP.

(Yes, Anubis might help. Temporarily.)

I’m just tired.

⤋ Read More
In-reply-to » I've just released version 1.0 of twtxt.el (the Emacs client), the stable and final version with the current extensions. I'll let the community maintain it, if there are interested in using it. I will also be open to fix small bugs. I don't know if this twt is a goodbye or a see you later. Maybe I will never come back, or maybe I will post a new twt this afternoon. But it's always important to be grateful. Thanks to @prologic @movq @eapl.me @bender @aelaraji @arne @david @lyse @doesnm @xuu @sorenpeter for everything you have taught me. I've learned a lot about #twtxt, HTTP and working in community. It has been a fantastic adventure! What will become of me? I have created a twtxt fork called Texudus (https://texudus.readthedocs.io/). I want to continue learning on my own without the legacy limitations or technologies that implement twtxt. It's not a replacement for any technology, it's just my own little lab. I have also made a fork of my own client and will be focusing on it for a while. I don't expect anyone to use it, but feedback is always welcome. Best regards to everyone. #twtxt #emacs #twtxt-el #texudus

@andros@twtxt.andros.dev Thanks for consolidating a lot of good ideas. Especially how you have deiced to just extend the mention syntax for location-based treads. This might even be backward compatible with older (pre-yarn) clients.
What about using Z for UTC +00:00- is that allowed in your specs?
Regarding url = I would suggest to only allow one and the maybe add url_old = or url_alt = !?
I’m still not a fan of a DM feature, even thou it helps that i have now been split out into a separate feed file. Instead if would suggest a contact = field for where people can put an email or other id/link for an established chat protocol like signal or matrix.

⤋ Read More
In-reply-to » Confession:

@movq@www.uninformativ.de @kat@yarn.girlonthemoon.xyz @quark@ferengi.one In 2014 one person created protocol ii. Later it forked in IDEC. Why i said this? Because it’s simple ā€œfederatedā€ forum-like protocol where from your station fetch another every 5-10 minutes. Stations has topic-based channels like idec.talks, linux.16, haiku.os, zx.spectrum. In short it’s FIDO but.. more modern? Documentation: https://github.com/idec-net/new-docs (mostly Russian, but you can use translator, also protocol already translated to english)

⤋ Read More

Confession:

I’ve never found microblogging like twtxt or the Fediverse or any other ā€œmodernā€ social media to be truly fulfilling/satisfying.

The reason is that it is focused so much on people. You follow this or that person, everybody spends time making a nice profile page, the posts are all very ā€œego-centricā€. Seriously, it feels like everybody is on an ego-trip all the time (this is much worse on the Fediverse, not so much here on twtxt).

I miss the days of topic-based forums/groups. A Linux forum here, a forum about programming there, another one about a certain game. Stuff like that. That was really great – and it didn’t even suffer from the need to federate.

Sadly, most of these forums are dead now. Especially the nerds spend a lot of time on the Fediverse now and have abandoned forums almost completely.

On Mastodon, you can follow hashtags, which somewhat emulates a topic-based experience. But it’s not that great and the protocol isn’t meant to be used that way (just read the snac2 docs on this issue). And the concept of ā€œlikesā€ has eliminated lots of the actual user interaction. ā˜¹ļø

⤋ Read More
In-reply-to » Finally I propose that we increase the Twt Hash length from 7 to 12 and use the first 12 characters of the base32 encoded blake2b hash. This will solve two problems, the fact that all hashes today either end in q or a (oops) šŸ˜… And increasing the Twt Hash size will ensure that we never run into the chance of collision for ions to come. Chances of a 50% collision with 64 bits / 12 characters is roughly ~12.44B Twts. That ought to be enough! -- I also propose that we modify all our clients and make this change from the 1st July 2025, which will be Yarn.social's 5th birthday and 5 years since I started this whole project and endeavour! 😱 #Twtxt #Update

that said, and reading to @sorenpeter@darch.dk and @andros@twtxt.andros.dev I have new thoughts. I assume that this won’t change anyone’s opinions or priorities, so it makes no harm sharing them.

It’s always tempting to use something that already exists (like X, Masto, Bsky, etc.) rather that building anything through effort and disagreement until reaching to something useful and valuable together. A ā€˜social service’ is only useful if people is using it.

I’ll add that I haven’t lost interest on the ā€˜hacky’ part of twtxt about developing tools, protocols, and extensions as a community. It’s the appealing part! It’s a nice hobby to have, shared with random people across the world.
But this is not the right way for me, and makes me feel that I’m unwelcome to propose something different (after watching replies to my previous twt). Feels like ā€œIf you don’t agree, you are free to leave, we’ll miss you.ā€ Naah, not cool. I’ve lived that many times before, and nowadays I don’t have enough spare time and energy for a hobby like that.

Let’s see what happens next with the micro-community!

⤋ Read More

Nobody writes emails by hand using RFC 5322 anymore, nor do we manually send them through telnet and SMTP commands. The days of crafting emails in raw format and dialing into servers are long gone. Modern email clients and services handle it all seamlessly in the background, making email easier than ever to send and receive—without needing to understand the protocols or formats behind it! #Email #SMTP #RFC #Automation

⤋ Read More

I’m thinking of building a hardened peering protocol for Yarn.social’s yarnd: pods establish cryptographic identities, exchange signed /info and /twt payloads with signature verification, ensuring authenticity, integrity, and spoof-proof identity validation across the distributed network.

⤋ Read More

exwm: Emacs X Windows Manager
EXWM (Emacs X Window Manager) is a full-featured tiling X window manager for Emacs built on top of XELB. ↫ exwm GitHub page It supports both tiling and stacking windows, dynamic workspaces, RandR, a system tray, and a lot more. XELB stands for X protocol Emacs Lisp Binding, and it’s a ā€œpure Elisp implementation of X11 protocol based on the XML description files from XCB projectā€. ⌘ Read more

⤋ Read More
In-reply-to » My twtxt feed is now also available at gemini://roccodrom.de/twtxt.txt

well, I assume by syntax you mean Gemtext (which I like a lot, my personal blog is built on top of it), so I think it might work for twtxt clients…

I knew of twtxt in Gemini Antenna, so at least the 2017 spec might work on that protocol. I think the main issue with extensions is that they weren’t designed with many URLs and protocols in mind.

Also I have to admit that the Gemini community significantly reduced in the last few years. I don’t know how worth it is to add support for Gemini now.

⤋ Read More
In-reply-to » What is twtxt for me? It is a community of users sharing plain text following a specification that can be readable by both humans and machines.

well… it has been an opportunity to build an artisanal microblogging client on top of a minimalist protocol. I agree on the hacker toy part.

And of course it’s about being part of a niche community which is (mostly) amazing, and nurturing. As there is almost no one writing in my native spanish, it has been an interesting challenge to share my thoughts in english, as well.

I couldn’t say it’s a ā€˜social network’ per se, I think it lack many engagement things usually associated with social networks, although it has a social part of igniting discussions, learnings and behavioral changes, which is the meaning of social for me.

⤋ Read More

What would happen if we didn’t use TCP or UDP?
At some point, I wondered—what if I sent a packet using a transport protocol that didn’t exist? Not TCP, not UDP, not even ICMP—something completely made up. Would the OS let it through? Would it get stopped before it even left my machine? Would routers ignore it, or would some middlebox kill it on sight? Could it actually move faster by slipping past common firewall rules? No idea. So I had to try. ↫ Hawzen Okay so the end result is that i … ⌘ Read more

⤋ Read More

12 years of incubating Wayland color management
The Wayland color-management protocol extension has landed on Feb 13th, 2025, in upstream wayland-protocols repository in the staging directory. It was released with wayland-protocols 1.41. The extension enables proper interactions between traditional (sRGB), Wide Color Gamut (WCG), and High Dynamic Range (HDR) image sources and displays once implemented in Wayland compositors and used in applications. Of course, a protocol is just a la … ⌘ Read more

⤋ Read More