Der ganze Vorgang ist archetypisch für die seit Jahrzehnten völlig ohne Not stattfindende politische Selbstverzwergung Europas.

A comment on heise about the recent AWS outage.

https://www.heise.de/meinung/Kommentar-zum-Totalausfall-bei-AWS-Nichts-gelernt-in-den-letzten-30-Jahren-10794622.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

(Too bad there’s no good translation for the great word “Selbstverzwergung”.)

I’m paraphrasing: Europe (and other regions) depend on US IT services, a lot, without an actual need. We saw AWS, Google, and Microsoft build large datacenters and then we thought “welp, shit, nothing we can do about that, guess we’ll just be an AWS customer from now on.” Nobody really went ahead and built German/European alternatives. And now we completely depend on the US for lots of our stuff.

The article even claims that there’s now a shortage of sysadmins in the EU? I’m not so sure. But I’d welcome it, makes my job more secure. 🤣

Hosting services, datacenters, software, everything, it’s all US stuff. Why do we accept this, why not build alternatives …

Hey all 👋 Starring up the monthly social call we used to have 🤞 Please RSVP here if you can make it! 🙏

Behold! 🥳 I consider Gatherly “good enough”™ to use: https://gatherly.mills.io/ 🤟

@bender@twtxt.net I think you’ve asked for that a while ago. 😅 Does that diff actually help? Don’t you have to use A (instead of i) anyway? 🤔

That was a very non-fun day at work.

We’re not using AWS directly, but soooooooooooooooo much other stuff does.

Anyone interested in starting up the monthly social calls we used to have? 👋

@movq@www.uninformativ.de Where the heck did you find that? What is that thing? Yeah, totally looks like an attempt to make some garbage feel more solid. Unless this steel plate is actually used for attaching bolts from the other side or something like that. Which I highly doubt, given that there are muuuuuch cheaper options to install various types of nuts in plastic.

Yeah, this goo makes it just harder to disconnect. I bet it doesn’t add water protection to the connections at all.

@xuu@txt.sour.is Haha 🤣 I’m already have “conversations” with my junior engineers on “how to best use” and “how to avoid” 😂

I noticed Google put out this article: https://android-developers.googleblog.com/2025/09/lets-talk-security-answering-your-top.html it’s very current day Google, but the comments under the YouTube video are pretty on point and I saw a few familiar faces there. There is also, unexpectedly, ways to contact Google.

First a form for “teachers, students, and hobbyists”, that I filled politely, as someone who falls under their hobbyist category. It can be filled both anonymously, or with an e-mail attached, to be contacted by them (I chose the second option).

Also a general feedback and questions form, that I was not as polite in and used to send them the following message:

I have already provided some feedback, in the teacher, student and hobbyists form/questionaire, as well as an open letter I’ve recently sent to the European Commission digital markets act team, as I do believe your proposal might not even be legal, given the fact it puts privacy-focused alternative app stores at risk (https://f-droid.org/cs/2025/09/29/google-developer-registration-decree.html) and it was proposed this early, after Google lost in court to Epic Games, over similar monopoly concerns. Why should we trust Google to be the only authority for all developer signatures, right after the European courts labeled it a gatekeeper?

Assuming this gets passed, despite justified developer backlash and at best questionable legality, can you give us any guarantees, this will not be used to target legal malware-free mods, or user privacy enhancing patchers, like the ones used for applying the ReVanced patches? I have made a few mods myself, but I am in no way associated with the ReVanced team. I just share many peoples concerns, Google Chrome has been conveniently stripped of its manifest v2 support, that made many privacy protecting extensions possible and now you’re conveniently asking for the government IDs, of all the developers, who maintain these kinds of privacy protections (be it patches, or alternative open-source apps) on Android.

🤔 💭 🧐 What if, What if we built our own self-hosted / small-web / community-built/run Internet on top of the Internet using Wireguard as the underlying tech? What if we ran our own Root DNS servers? What if we set a zero tolerance policy on bots, spammers and other kind of abuse that should never have existed in the first place. Hmmmm

@movq@www.uninformativ.de I submitted it via the form on their website (https://digital-markets-act.ec.europa.eu/contact-dma-team_en) and got the following response:

Dear citizen,

Thank you for contacting us and sharing your concerns regarding the impact of Google’s plans to introduce a developer verification process on Android. We appreciate that you have chosen to contact us, as we welcome feedback from interested parties.

As you may be aware, the Digital Markets Act (‘DMA’) obliges gatekeepers like Google to effectively allow the distribution of apps on their operating system through third party app stores or the web. At the same time, the DMA also permits Google to introduce strictly necessary and proportionate measures to ensure that third-party software apps or app stores do not endanger the integrity of the hardware or operating system or to enable end users to effectively protect security.

We have taken note of your concerns and, while we cannot comment on ongoing dialogue with gatekeepers, these considerations will form part of our assessment of the justifications for the verification process provided by Google.

Kind regards,
The DMA Team

@movq@www.uninformativ.de I am betting he will not. The letter was not focused, nor used, politician’s “lingo”. If it was sent via email then it will be even easier to dismiss. I wish I was not such a cynic! 😩

I keep getting this email occadionally:

Your iCloud storage is almost full

Now for various reasons, I don’t want my children to be using iCloud to store data, files, photos or any of the sort. They’re free to use iMessages, and other Apple services like the App Store, etc, but not storage.

So I’ve set about blocking iCloud Storage API(s) via AdGuard Home tonight as well as ensuring that my local network (client users) cannot bypass DNS policies and get out other sneaky ways, because some applications will just use other DNS servers, or DOH or DOT.

@lyse@lyse.isobeef.org In my case it was a silver necklace, a hummingbird with a wing connected with the cold welding I mentioned using thin brass wires.

It made it in a goldsmithing class (I went to a private craftmanship high-school) so no phones allowed (no photos of it) and no “take home” of the works.

Here’s a rough sketch of it drawn by memory, the dots in the wing is where it connects to the body.

The technique is basically the same as i described, but the scale is much smaller, the whole piece was about 5-6 cm on the largest side.

The rivet was made by drilling a hole through the parts, than with a short and thicker drill you widen the hole on the surface to let the rivet settle flatter on the piece, then with a rubber hammer you hit it to flatten the head until it’s snug on the hole, lock them together by doing the same on the other side.

Note that widening the hole with a thicker drill head won’t make a difference with bigger holes, mine had holes of about 1-2 mm of diameter maximum.

Here’s a sketch of what is going on for clarity.

@movq@www.uninformativ.de how do you set your clock to use a specific time signal radio station? I have one wall clock in my office, it works great, but no way to set that.

My open letter, to the European Commission digital markets act team:

Hello,

I am joining other developers, concerned about Googles new plan, to approve every app and effectively destroy most of the competing 3rd party stores this way. The biggest one of these alternative stores, most known for their focus on user and developer privacy, already states, this would make it impossible for them to operate: https://f-droid.org/cs/2025/09/29/google-developer-registration-decree.html
Even communities like the XDA forum, where new developers are often introduced to the world of Android development, would likely be strongly impacted, as making, publishing and installing Android apps is made less accessible.

I am not just writing on their behalf, I run a small website myself (https://thecanine.ueuo.com/), that both provides legal modifications, for some android apps - for example adding an amoled dark theme, to the most popular XMPP chat client for Android, or increasing one of Androids keyboard apps height. This all comes after Googles previous changes to the Android operating system, that prevent users from installing old apps (old to Google, can mean only a couple of months, without an update - https://developer.android.com/google/play/requirements/target-sdk and the target version gets increased every year). I rely on apps developed by a single developer, even for things like making the pixel art presented on my website and sideloading as a way to make these apps work, before developers can catch up to Google’s new requirements - if Google is allowed to slowly kill these options, us digital artists will soon lose the tools we need to create digital art.

i’m torn between git-daemon and using a forgejo to store my flakes. i can do authz using yggdrasil addresses, but that’s basically the limit. maybe that’s not a bad thing.

@bender@twtxt.net We have quite a few that are basically part of our friendly neighborhood. They knew we won’t chase them aware, scare them, etc. In fact some of us find little cockroaches to feed them, tose ‘em up in the air and watch them sweep in and grab the little suckers 🤣

@alexonit@twtxt.alessandrocutolo.it Thanks mate! Ah cool, now I’m curious, what did you make? :-)

You used the rubber hammer to fold the metal, not to set the rivets, right? :-? I glued cork on my wooden mallet some time ago. This worked quite good for bending. But rubber might be even better as it is a tad softer. I will try this next time, I think I have one deep down in a drawer somewhere.

@zvava@twtxt.net @bender@twtxt.net At first I added it without thinking when planning the possible fields based on other UIs I was researching.

I was about to discard it but after thinking about it a bit I noticed that the services allowing to have a separated nick and display_name could unlock some good uses.

For example some added context or at-a-glance information like pronouns or statuses (like Artist [Accepting commissions] or App Name (v2.5)) while other used a more readable version of the nick (blog.domain.com became Person Name's Blog).

Of course it is absolutely optional and it can be safely ignored, but with my vision of being able to build more that a pure twtxt clients, giving it a first-class support just like the other known fields felt right to me.

@lyse@lyse.isobeef.org Great job!

I suggested it because I did it in the past, but never used it on bigger works.

In my case I did it exclusively on really small projects and used a thin rubber head hammer to prevent deforming the metal.

@movq@www.uninformativ.de I can confirm.

An intern practicing with turtle had an error when launching it the first time because it was missing tkinter which it use internally.

I experimented with a 2.4x7mm aluminium rivet I had on hand. As expected, it was quite a bit long. Using my pliers wrench, I was able to crush it down by quite some bit. I should have taken a photo right after the hand riveter for comparison. Now, it’s much smoother and the chance of cutting my hand open is reduced by quite a bit. But breaking the burr with a few file strokes is still necessary. I should get 2.4x4mm rivets and try with them. I reckon they would be more suited for my 0.5mm sheet metal.

With the pliers wrench again, I was able to also crush down the chopped off 3mm copper nail and form a second head. That was surprisingly easy. Now, I need to figure out how to efficiently make a head on the remaining copper nail shaft, so that I can use this again.

Both are rock solid, there’s absolutely no movement at all between the two sheet metal cutoffs.

https://lyse.isobeef.org/tmp/nietenexperiment/

@movq@www.uninformativ.de I never programmed with Tkinter myself and it’s been ages that I ran a program which used it. I always thought that it looks awful. But maybe there are nicer themes these days. I just wanted to give the demo python3 -m tkinter a try, but this module doesn’t exist. I was always under the wrong impression that Tkinter is bundled with Python.

From the chicken archive, 2017.

Not mine, these were more or less free roaming chickens. Farmers didn’t use some of their fields for a while and allowed some other farmer to let the birds live there in the meantime.

(Full resolution, CC BY-SA.)

@lyse@lyse.isobeef.org Xfce is nice, but it’s also mostly GTK. I don’t really know the answer yet. For now, I’ll just avoid anything that uses GTK4.

For my own programs, I might have a closer look at Tkinter. I was complaining recently that I couldn’t find a good file manager, so it might be an interesting excercise to write one in Python+Tkinter. 🤔 (Or maybe that’s too much work, I don’t know yet.)

@movq@www.uninformativ.de can’t you use generic drivers? I did that for an enterprise copier/printer/scanner we used to have at work, and it worked just fine!

All good things come to an end, I guess.

I have an Epson printer (AcuLaser C1100) and an Epson scanner (Perfection V10), both of which I bought about 20 years ago. The hardware still works perfectly fine.

Until recently, Epson still provided Linux drivers for them. That is pretty cool! I noticed today that they have relaunched their driver website – and now I can’t find any Linux drivers for that hardware anymore. Just doesn’t list it (it does list some drivers for Windows 7, for example).

I mean, okay, we’re talking about 20 years here. That is a very long time, much more than I expected. But if it still works, why not keep using it?

Some years ago, I started archiving these drivers locally, because I anticipated that they might vanish at some point. So I can still use my hardware for now (even if I had to reinstall my PC for some reason). It might get hacky at some point in the future, though.

This once more underlines the importance of FOSS drivers for your hardware. I sadly didn’t pay attention to that 20 years ago.

Uuuhhh, that’s rather interesting, I didn’t know about that:

Aachen has been officially certified as “Bad Aachen”, but for alphabetical reasons usually declines to use the prefix

— https://en.wikipedia.org/wiki/List_of_spa_towns_in_Germany#A

That made me chuckle.

Sieht ganz so aus, als hätte die gute @kat@yarn.girlonthemoon.xyz ihre Büchse mit in den Kurort Bad Gateway genommen.

Sorry, this pun only works in German, where “Bad” means spa and is used as prefix for spa towns.

@lyse@lyse.isobeef.org

Waste paper, like an opened envelope, suits a shopping list perfectly fine.

Indeed, I’m drowning in this stuff and I throw it away anyway, so I might just use it.

You’ve got a nice handwriting, I like it.

Thanks. 😅 (It used to be horrible. Gosh, the teachers scolding me in school … Bah. 😂)

@movq@www.uninformativ.de Not sure, if this observation is correct. I know so many techies who also use every latest shit and automate their homes which is scary as hell to me.

@movq@www.uninformativ.de So damn true.

I have a friend that might lock himself out of his home if there’s a power outage while I keep removing apps and devices from my daily lives instead.

I recently switched from all the todo apps I used to sticky notes on my monitors and a pocket notebook for sketching and quick notes.

Hello again everyone! A little update on my twtxt client.

I think it’s finally shaping a bit better now, but… ☝️

As I’m trying to put all the parts together, I decided to build multiple parallel UIs, to ensure I don’t accidentally create a structure that is more rigid than planned.

I already decided on a UI that I would want to use for myself, it would be inspired by moshidon, misskey and some other “social feeds” mock-ups I found on dribbble.

I also plan on building a raw HTML version (for anyone wanting to do a full DIY client).

I would love to get any suggestions of what you would like to see (and possibly use) as a client, by sharing a link, app/website name or even a sketch made by you on paper.

I think I’ll pick a third and maybe a fourth design to build together with the two already mentioned.

For reference, the screens I think of providing are (some might be optional or conditionally/manually hidable):

• Global / personal timeline screen
  
• Profile screen (with timeline)
  
• Thread screen
  
• Notifications screen or popup (both valid)
  
• DM list & chat screens (still planning, might come later)
  
• Settings screen (it’ll probably be a hard coded form, but better mention it)
  
• Publish / edit post screen or popup (still analysing some use cases, as some “engines” might not have direct publishing support)
  

I also plan on adding two optional metadata fields:

• display_name: To show a human readable alternative for a nick, it fallback to nick if not defined
  
• banner: Using the same format as avatar but the image expected is wider, inspired by other socials around
  

I also plan on supporting any metadata provided, including a dynamically parsable regex rule format for those extra fields, this should allow anyone to build new clients that don’t limit themselves to just the social aspect of twtxt, hoping to see unique ways of using twtxt! 🤞

@bender@twtxt.net The first format use the subject extension while the other is a new format that is inspired by mentions format, the first one should be compatible but I’m not sure, if it’s used verbatim by the client it would work, but if we consider the new proposal for it to have an optional part it wont work on clients without changes.

@movq@www.uninformativ.de While using the a frament is pretty nice, I think we can have a twtxt only format if the formatting seems to be a problem.

@lyse@lyse.isobeef.org I think will be bad if handled incorrectly.

The client must reference both properly or it would miss posts, including both this way is a bit pointless if you can’t use the hash or url separately.

Being a highly likely a breaking change anyway I think @zvava@twtxt.net proposal looks much better.

But you know what still works, my squeeze filler (didn’t even refill it) and my old (super cheap) calligraphy set … I’ll just use that.

https://movq.de/v/f48c7cda09/IMG_20251001_200317.jpg.jpg
https://movq.de/v/f48c7cda09/IMG_20251001_202438.jpg.jpg

@movq@www.uninformativ.de huh, firefox actually does seem to tolerate the dashes in the fragment. also, i did propose simply using an anchor link first, but prologic was not a fan of this :p

Spooky season is upon us, so I can take a month break, from being a paper clip.

@zvava@twtxt.net

(#abcdefghijkl https://example.com/tw.txt#:~:text=2025-10-01T10:28:00Z), because it can be simply hacked in to clients currently on hashv1 and provides an off-ramp to location-based addressing

I like that property (an off-ramp to location-based addressing), so I think I could live with that approach. ✅

(I’m not sure why we’re using text fragments, though. Wouldn’t that link to the first occurence of 2025-10-01T10:28:00Z? That’s not necessarily correct. And, to be proper URLs that Firefox and Chromium understand, it would also need to be written as 2025%2D10%2D01T10:28:00Z. The dash carries meaning, sadly. I think all this just creates needless complication. How about we just go with https://example.com/tw.txt#2025-10-01T10:28:00Z?)

@zvava@twtxt.net My clients trusts the first url field it finds. If there is none, it uses the URL that I’m using for fetching the feed.

No validation, no logging.

In practice, I’ve not seen issues with people messing with this field. (What I do see, of course, is broken threads when people do legitimate edits that change the hash.)

I don’t see a way how anyone can impersonate anybody else this way. 🤔 Sure, you could use my URL in your url field, but then what? You will still show up as zvava in my client or, if you also change your nick field, as movq (zvava).

@zvava@twtxt.net Yes, the specification defines the first url to be used for hashing. No matter if it points to a different feed or whatever. Just unsubscribe from malicious feeds and you’re done.

Since the first url is used for hashing, it must never change. Otherwise, it will break threading, as you already noticed. If your feed moves and you wanna keep the old messages in the same new feed, you still have to point to the old url location and keep that forever. But you can add more urls. As I said several times in the past, in hindsight, using the first url was a big mistake. It would have been much better, if the last encountered url were used for hashing onwards. This way, feed moves would be relatively straightforward. However, that ship has sailed. Luckily, feeds typically don’t relocate.

@zvava@twtxt.net Ah okay. Yeah, so far, yarn looks pretty nice and is easy to use. I might even selfhost my own instance too!

@zvava@twtxt.net That was my greatest concern with how it is currently handled, I’m afraid to break threads even by fixing a typo.

Handling it via the pod might work but I think it’s not the best approach, external feeds and clients don’t usually use a pod api but their own implementation, so any workaround won’t work there.

That’s why my proposals addressed those issues:

• the idea of using a “key” instead of the url (with the url as a fallback), the key could even be a public key so it can be used verifieable in crypto functions
  
• using the timestamp to prevent content changes to break threads (plus being simpler to implement)
  
• using an explicit thread reference with an alternative subject format (like [#THREAD_ID] Hello world and replies with (#REPLY_ID) Ahoy) so the content can change without affecting the thread reference, and anyone can use their own schemes freely

@zvava@twtxt.net What is a nice twtxt client to use?

@lyse@lyse.isobeef.org I can suggest you a trick to do a “cold” welding.

Using a copper wire or a similarly malleable material, pass it through a drilled hole, hammer it on one end until flat, then do the same on the other side.

It does the same job of a rivet but it’s flatter and look nicer on both sides, it’s of course weaker but still strong enough for small objects.

It’s sometimes used to reduce risk of deformities due to heat in hand-crafted jewelry and to reduce costs of small tools.

@zvava@twtxt.net CORS is our worst enemy. 🥷

I too had the same issue being a browser-based request, so the only solution is using a proxy.

For testing (and real personal use) I rely on this one https://corsproxy.io/.

In my client, I first check if the source allows me to fetch it without issues first and fallback to prefixing with a proxy if it gives an error.

For security reasons the client don’t give you a readable error for CORS, so you must use a catch-all for that, if it fails again with the proxy you can deal with any other errors it throws as you normally would (preferably outside of the fetch function).

After the fetching responded, I store the response.url value to fetch it again for updates without having to do extra calls (you can store it verbatim or as a flag to be able to change the proxy later).

Here an extract of my code:

export async function fetchWithProxy(url, proxy=null) {
    return await fetch(url).catch(err => {
        if (!proxy) throw err;
        return fetch(`${proxy}${encodeURIComponent(url)}`);
    });
}

// Using it with
const res = await fetchWithProxy('https://twtxt.net/user/zvava/twtxt.txt', 'https://corsproxy.io/?');

// Get the working url (direct or through proxy)
const fetchingURL = res.url;

// Get the twtxt feed content (or handle errors)
const text = await res.text();

I also plan to allow the user to define a custom proxy field, I like the solution used by Delta.chat in their android app, where you can define the URL format with a variable https://my-proxy?$TWTXT_URL since it allows you to define with more freedom any proxy without a prefix format.

If the idea of using a third-party proxy is not to the user liking they can use a self-hosted solution like cors-anywhere or build their own (with twtxt it should just be a GET).

Hopefully I can muster up the energy to start this new project:

Put up lots of thermometers and hygrometers in the apartment, have them report their readings wireless to a database.

I suspect that I’ll have to “build” these myself, because ready-to-use kits most like require some sort of cloud service. Dunno, haven’t checked yet.

@bender@twtxt.net Yes and no.

To build a compliant PWA you need to provide a webmanifest json and a service worker.

Those requirements are not directly part of this project.

You can build the client as a standalone PWA or even as a widget inside an existing page.

The general steps are closer to how you would include a third-party library in an existing project, by importing it as a dependency and using it in your website.

I’m pretty sure most users would expect a PWA (me included) so I plan to provide a ready-made template ready to be deployed as is.