Searching yarn

Twts matching #software
Sort by: Newest, Oldest, Most Relevant

Auf LinkedIn erzƤhlt mir gerade jemand: "Dein sauberer Code kostet dich jetzt bares Geld."Die grandiose Idee: Tests weglassen, Team reduzieren, QA weg … alles Overhead> Es gilt: Weniger Code = weniger Tokens = weniger Kosten.> Beweis: fertiges Produkt, 2 Wochenenden, ~40 % meines Claude-Limits.Das sind Leute, die jetzt Software und Services bauen, die wir nutzen sollen und die wahrscheinlich schon genutzt werden. Gruselig.

⤋ Read More

Installing software was (is?) such an incomprehensible mess on Windows … Why did you allow any program to install files anywhere in the system? Why was this considered normal and okay? With no chance of ever cleanly removing that stuff again?

And now we’re back to the trend of curl | bash these days … same thing.

⤋ Read More
In-reply-to » @lyse In what way was KDE 3’s menu organized? KDE 1 is the only KDE version I ever used. šŸ˜… We’re talking about this one, right?

@movq@www.uninformativ.de Yes, this screenshot. However, not the Dutch but rather the German version, no wonder it looks so crazy!!1!11

It’s been a hot minute or two since I last used KDE, so I don’t remember exactly. I just vaguely recall that I found myself thinking multiple times that the KDE application categories were better matching or there were more or something like that. Most of my classmates were on Windows and had one giant long list of all sort of stuff in there. You even had to scroll in the menu. Sure, they installed all kind of garbage, which didn’t exactly help. Where in KDE, they were actually grouped by Office, Internet, Graphics, Multimedia, Games, etc. In Windows, applications usually hid themselves in a sub folder named after the software vendor. At least in the later (?) days.

I only used Win 95, 98 and XP at home. For maths class with computer algebra system (Maple), we had a Cassiopeia with Win CE: https://en.wikipedia.org/wiki/Casio_Cassiopeia At school, there was probably also Win 2000, but I don’t know anymore for sure.

⤋ Read More
In-reply-to » Oh boy, I absolutely hate this stupid trend of not writing changelogs anymore! Why the fuck would one seriously consider it to be a viable option to just let some shitty bot spew all merge requests on a goddamn GitHub release?! First of all, these merge request titles suck balls. The order of the changes in this "changelog" is completely random (well, probably merge time, which is as useless as the dick on the Pope). They are not grouped by anything at all. Additions, changes, removals, deprecations, etc. randomly mixed up in one giant list. And then "Add feature X", seventeen kilometers further down "Revert 'Add feature X'". Fuck you! Don't include this shit in the first place!

@lyse@lyse.isobeef.org Thanks!

On the AI changelog part, though, I’d rather recommend to just not have a changelog at all.

I’m afraid that ship has sailed. You can rest assured that someone who uses AI/LLMs for their code (which is almost everybody at this point) will most certainly also use it for changelogs.

I actually considered not mentioning AI output at all, because this just opens a huge can of worms … šŸ˜ž

While going through these terrible GitHub release pages, I also found these ā€œNew Project Contributorsā€ sections

Yeah, they play on a nerd’s pride.

Now, it’s just the same auto shitshow with MR titles in a rolling date-versioned release scheme. It’s just our team who has to deal with that, though. I think I’m the only one who is not a fan of it.

I’ve found that this whole situation is much worse at work than it is in the Free Software world. At work, it’s literally work and hardly anybody actually cares. We still don’t have all people convinced that writing good commit messages or using good branch names is worth the time. It’s … oh god, no, I’m going to stop here, this is bad for my mental health. šŸ˜…

Suffice it to say, all release notes at work are now AI-generated. Nobody gives a fuck.

⤋ Read More
In-reply-to » @prologic As have I. šŸ¤” I mean, since I left GitHub, I got basically 0 pull requests anyway.

@movq@www.uninformativ.de Honestly I think you build the team before you need the PRs šŸ¤” Start with relationships — people who’ve been using your software, filing good bug reports, asking smart questions. Those are your future maintainers. The PR comes later as a formality, not a tryout šŸ˜…

⤋ Read More
In-reply-to » @prologic As have I. šŸ¤” I mean, since I left GitHub, I got basically 0 pull requests anyway.

(#vixabsa) @movq@www.uninformativ.de Honestly I think you build the team before you need the PRs šŸ¤” Start with relationships — people who’ve been using your software, filing good bug reports, asking smart questions. Those are your future maintainers. The PR comes later as a formality, not a tryout šŸ˜…

⤋ Read More
In-reply-to » Okay. I have lost the ā€œbattleā€ against ā€œAIā€ at work and I will no longer try to ā€œfightā€ any of it.

@movq@www.uninformativ.de Related reading (if you’re interested): Let’s Talk about LLMs by James Bennett

First, it quotes the DORA report on the ā€œState of AI-assisted Software Developmentā€:

The research reveals a critical truth: AI’s primary role in software development is that of an amplifier. It magnifies the strengths of high-performing organizations and the dysfunctions of struggling ones.

At the end, it quotes the late Fred Books:

The first step toward the management of disease was replacement of demon theories and humours theories by the germ theory. That very step, the beginning of hope, in itself dashed all hopes of magical solutions. It told workers that progress would be made stepwise, at great effort, and that a persistent, unremitting care would have to be paid to a discipline of cleanliness. So it is with software engineering today.

⤋ Read More
In-reply-to » Apologies to anyone who's seen an uptick in twtxt pings from me today... I've been working on shoe-horning my twtxt reader (TwtStrm) into my editor (TwtKpr, aka the express-twtkpr npm library), and it kind ran amok a few times. So again, sorry - I've added a minimum 10-minute cool-down period between pulls which should help (I hope šŸ™‚).

@itsericwoordward@itsericwoodward.com Haven’t noticed anything either. These request numbers are well below some other software. :-)

⤋ Read More
In-reply-to » @lyse Oh, nice. That was quite the ride. :-) And all that because of locales. 😳

@movq@www.uninformativ.de Hahaha, a ride indeed. Exactly, this affected each and every Atom feed and only Atom feeds. All RSS feeds worked like nothing ever happened. This std::string to time_t to std::string to time_t dance only happens for Atom feeds. RSS feeds, on the other hand, go right from std::string to time_t and be done. That’s precisely what the second option is aiming to propose for Atom feeds, too.

I will clarify that tomorrow in the article.

It’s very interesting what kind of quirks accumulate in software over the years. Especially quirks, the basically noone knows of anymore. Until something explodes and gets rediscovered. Luckily, that doesn’t happen all that often.

⤋ Read More
In-reply-to » @lyse Yes, and that’s why I’m 100% convinced that we’ll see a massive brain drain in a couple of years. This will affect young people even more, because they don’t have all the ā€œoldā€ knowledge to fall back on.

@movq@www.uninformativ.de I couldn’t agree more! I also have the feeling that it causes more people to just accept ā€œit’s a software problem, there’s nothing that can be done about itā€. Which is very frightning to me.

Up until now, I was successful in refusing to actively use that crap. I had to do one mandatory AI training, but even our hippest AI enthusiasts found it absolutely terrible. Probably also nailed together by the same rubbish they want us to now use everyday as much as possible.

Code reviews are the part that I have to deal with most. And I believe that the code quality is degrading.

Let’s hope the bubble bursts sooner than later. It will definitely burst at some point. That’s for sure.

⤋ Read More

What do the Gopher Troopers think of the following? The Gopher protocol is a nearly-forgotten network protocol from the early 1990s, designed to serve and navigate text-based menus and documents over the Internet. While itĀ’s far less common than HTTP/HTTPS today, there are still some security risks associated with Gopher and Gopher space. LetĀ’s break them down carefully: 1. Lack of Encryption Problem: Gopher was designed long before widespread use of SSL/TLS. All dataĀ—including credentials, file transfers, and menu selectionsĀ—is transmitted in plaintext. Impact: Anyone intercepting traffic (e.g., via a network sniffer, public Wi-Fi, or a compromised router) can read sensitive information, including usernames and passwords. 2. No Authentication or Access Control Problem: Gopher servers rarely implement robust authentication; access control is usually limited or non-existent. Impact: Unauthorized users might browse sensitive directories or download private files, particularly if servers are misconfigured. 3. Server Software Vulnerabilities Problem: Modern OSes can still run legacy Gopher servers, but the software is often unmaintained. Impact: Old software may contain buffer overflows, directory traversal bugs, or command injection vulnerabilities that attackers could exploit. 4. Malicious Gopher Links Problem: Gopher menus can contain links that point to scripts or other servers, similar to hyperlinks in HTTP. A client following a malicious link could inadvertently: Download malware Access sensitive internal network resources (server-side request forgery) Impact: Could serve as a vector for attacks if a user opens content from untrusted sources. 5. Legacy Protocol Weaknesses Problem: Gopher lacks modern web security mechanisms like: Content security policies Same-origin policies Cross-site request forgery protection Impact: If Gopher is bridged to other services (like modern browsers via gateways), old vulnerabilities may be exposed. 6. Information Leakage Problem: Gopher servers often provide directory listings without restriction. Impact: Sensitive files, backup directories, and internal documents may be exposed unintentionally. 7. Bridging Risks Problem: Some modern browsers access Gopher via gateways (HTTP-to-Gopher proxies). These bridges may: Expose sensitive internal resources to the gateway Introduce logging or tracking that wouldnĀ’t exist on pure Gopher Impact: Attacks could occur indirectly through insecure intermediaries. Key Takeaways Gopher is inherently insecure due to its design in a pre-HTTPS era. Main threats: eavesdropping, unauthorized access, malware delivery, and exploitation of unpatched server software. Safe practice: Use Gopher only in isolated, trusted environments, or through secure HTTP(S) gateways with proper sanitization.

⤋ Read More
In-reply-to » Can anyone recommend a command-line SQL query formatter? Unfortunately, sqlparse is also unsuitable for me: https://github.com/andialbrecht/sqlparse/issues/688

I’m supporting incremental SQLite schema changes to just upgrade from an older database version to whatever the current software version supports. In the past, I already noticed that this is quite expensive in unit tests when each test case runs through the entire schema patches and applies them one by one.

To speed up test execution I now decided that I finally go through the troubles of maintaining both a set of incremental patches and a full schema setup in one go. A unit test verifies that both ways end up with the same structure. This gives me a set of SQLs to check the structures:

SELECT type, name, tbl_name, sql
FROM sqlite_schema
ORDER BY type, name, tbl_name

Unfortunately, the resulting CREATE TABLE SQL queries are formatted differently, depending on whether the full schema was set up in one big step or the structure had been modified with ALTER TABLE. Mainly, added columns are not on their own lines but appended in one physical line. That’s why I wanted an SQL formatting tool. Since I didn’t find one that works decently, I’m now doing some simple string manipulation. Joining consecutive whitespace into a single space character, removing spaces before commas and closing parentheses and spaces after opening parentheses. This works surpringly good enough. Of course, if it fails, the ā€œdiffā€ is absolutely horrendous.

Now for the cool part, my test execution dropped from around 5:05 minutes to just 1:32 minutes! I call that a win.

I just stumbled across PRAGMA table_info('tablename') https://sqlite.org/pragma.html#pragma_table_info, PRAGMA foreign_key_list('tablename') and friends. I guess, I have to play with that, now. It’s probably much better to use than the SQL text approach.

⤋ Read More

Last year, I made a huge mistake. I repeated on here, what multiple sourcea at Google told me, and what is to this day, written on their blog about Android.
I failed to take into consideration, that people who work at Google, often just lie, or present things intentionally vaguely, so they do not have to follow through with their promises.
I would like to apologize to everyone, who took my previous posts here, as assurance software not explicitly approved by Google, will continue working on Android, past this year (or even just a couple months from now) and that everything has been resolved, as things are now in fact even worse, than they were before. To follow the current state of ā€œOpen Androidā€, please check: https://keepandroidopen.org/

⤋ Read More

HEY! I think we all noticed that privacy is dying. Government and corporate entities around the world are building the laws and tools to track you, from everything you write, to the media you consume, to where you drive your car and the people you associate with. Gopher I believe Is one of the last bastions of freedom away from what I call ā€œCorpo webā€. GopherSpace is free, I wrote my client so I know it’s safe, and I can route my traffic over tor or any proxy of my choosing. I think we should use gopher as a means to communicate and get out of the modern corpo web because soon everything you do and say on the modern web or possibly corporate owned devices is under scrutiny, even more so than it ALREADY IS. Right now I can use tor and my custom gopher cli to communicate privately here. With the ways the laws are going they are going to implement things like age verification to track you and they’ll deem privacy focused open source software as tools for circumventing these rules. It’s a slippery slope. I need to stop writing before I sound really crazy.

⤋ Read More

@movq@www.uninformativ.de Nice, it’s coming together! Despite it being ages ago that I used a hex editor or viewer, these different representations of information appear very handy to me. If I had to mess around on binary formats, I’d definitely appreciate them. I can’t remember if the hex viewer back then had these options. Don’t even recall what software that was. :-)

I, too, only very, very rarely use the mouse in the terminal. Apart from selecting text to copy into the clipboard. But that probably has the potential for trouble and interference with button clicks, etc. If one isn’t careful.

How did the startup times develop?

⤋ Read More
In-reply-to » Btw @movq you've inspired me to try and have a good 'ol crack at writing a bootloader, stage1 and customer microkernel (µKernel) that will eventually load up a Mu (µ) program and run it! 🤣 I will teach Mu (µ) to have a ./bin/mu -B -o ... -p muos/amd64 ... target.

@prologic@twtxt.net I’d love to take a look at the code. šŸ˜…

I’m kind of curious to know how much Assembly I need vs. How much of a microkernel can I build purely in Mu (µ)? šŸ¤”

Can’t really answer that, because I only made a working kernel for 16-bit real mode yet. That is 99% C, though, only syscall entry points are Assembly. (The OpenWatcom compiler provides C wrappers for triggering software interrupts, which makes things easier.)

But in long mode? No idea yet. šŸ˜… At least changing the page tables will require a tiny little bit of Assembly.

⤋ Read More

I think my widget toolkit will have an amber theme by default:

https://movq.de/v/22662db9b2/amber.png

My first PC had a monochrome amber screen and I just love looking at this. 😃

(It looks even better with redshift enabled, but I can’t screenshot that.)

Only downside is that there aren’t that many amber shades in the standard 256 color palette. Or well, maybe that’s actually a good thing, as it probably helps to keep the theme more minimal and less cluttered/noisy. šŸ¤”

⤋ Read More

I think this is finally a good metaphor to talk about ā€œsimpleā€ software:

https://oldbytes.space/@psf/115846939202097661

Distilled software.

I quote in full:

principles of software distillation:

Old software is usually small and new software is usually large. A distilled program can be old or new, but is always small, and is powerful by its choice of ideas, not its implementation size.

A distilled program has the conciseness of an initial version and the refinement of a final version.

A distilled program is a finished work, but remains hackable due to its small size, allowing it to serve as the starting point for new works.

Many people write programs, but few stick with a program long enough to distill it.

I often tried to tell people about ā€œsimpleā€ or ā€œminimalisticā€ software, ā€œKISSā€, stuff like that, but they never understand – because everybody has a different idea of ā€œsimpleā€. The term ā€œsimpleā€ is too abstract.

This is worth thinking about some more. šŸ¤”

⤋ Read More

very good blog post that reminded me why it’s taking so long to ship bbycll — previously i had computed the hashes of every post before storing them in the database, after realizing it’s a much better idea to compute the hashes during runtime and only store the post content & timestamp i’m now having to rewrite every function that reads & writes data. i hope the reason as to why i lost motivation is obvious — thankfully i caught it early enough so that once i’m done rewriting just those functions i shouldā„¢ be able to finalize 1.0-rc with little hassle

⇒ the cardinal sin of software architecture: the unnecessary distribution, replication, or restructuring of state, both in space and time.

⤋ Read More
In-reply-to » it is really annoying and degrading to find that you need to upgrade to payed subscription to enable 2fa on your account, cmon ppl those are basic things...

@klaxzy@klaxzy.net do you know what I also find equally just as stupid and dumb is having to upgrade the software license on something just to be able to get OIDC or OAuth support ffs šŸ¤¦ā€ā™‚ļø

⤋ Read More

I’m contemplating the idea of switching my activity pub instance from Gootosocial to a Pleroma one. While GTS is kinda cute (lightweight and easy to manage) of a software, the inability to fetch/scroll through people’s past toots when visiting a profile or having access to a federated timeline and a proper search functionality …etc felt like handicap for the past N months.

⤋ Read More

https://fokus.cool/2025/11/25/i-dont-care-how-well-your-ai-works.html

AI systems being egregiously resource intensive is not a side effect — it’s the point.

And someone commented on that with:

I’m fascinated by the take about the resource usage being an advantage to the AI bros.

They’ve created software that cannot (practically) be replicated as open source software / free software, because there is no community of people with sufficient hardware / data sets. It will inherently always be a centralized technology.

Fascinating and scary.

⤋ Read More
In-reply-to » There are no really good GUI toolkits for Linux, are there?

@movq@www.uninformativ.de Yeah, give it a shot. At worst you know that you have to continue your quest. :-)

Fun fact, during a semester break I was actually a little bored, so I just started reading the Qt documentation. I didn’t plan on using Qt for anything, though. I only looked at the docs because they were on my bucket list for some reason. Qt was probably recommended to me and coming from KDE myself, that was motivation enough to look at the docs just for fun.

The more I read, the more hooked I got. The documentation was extremely well written, something I’ve never seen before. The structure was very well thought out and I got the impression that I understood what the people thought when they actually designed Qt.

A few days in I decided to actually give it a real try. Having never done anything in C++ before, I quickly realized that this endeavor won’t succeed. I simply couldn’t get it going. But I found the Qt bindings for Python, so that was a new boost. And quickly after, I discovered that there were even KDE bindings for Python in my package manager, so I immediately switched to them as that integrated into my KDE desktop even nicer.

I used the Python KDE bindings for one larger project, a planning software for a summer camp that we used several years. It’s main feature was to see who is available to do an activity. In the past, that was done on a large sheet of paper, but people got assigned two activities at the same time or weren’t assigned at all. So, by showing people in yellow (free), green (one activity assigned) and red (overbooked), this sped up and improved the planning process.

Another core feature was to generate personalized time tables (just like back in school) and a dedicated view for the morning meeting on site.

It was extended over the years with all sorts of stuff. E.g. I then implemented a warning if all the custodians of an activitiy with kids were underage to satisfy new the guidelines that there should be somebody of age.

Just before the pandemic I started to even add support for personalized live views on phones or tablets during the planning process (with web sockets, though). This way, people could see their own schedule or independently check at which day an activity takes place etc. For these side quests, they don’t have to check the large matrix on the projector. But the project died there.

Here’s a screenshot from one of the main views: https://lyse.isobeef.org/tmp/k3man.png

This Python+Qt rewrite replaced and improved the Java+Swing predecessor.

⤋ Read More

Der ganze Vorgang ist archetypisch für die seit Jahrzehnten völlig ohne Not stattfindende politische Selbstverzwergung Europas.

A comment on heise about the recent AWS outage.

https://www.heise.de/meinung/Kommentar-zum-Totalausfall-bei-AWS-Nichts-gelernt-in-den-letzten-30-Jahren-10794622.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

(Too bad there’s no good translation for the great word ā€œSelbstverzwergungā€.)

I’m paraphrasing: Europe (and other regions) depend on US IT services, a lot, without an actual need. We saw AWS, Google, and Microsoft build large datacenters and then we thought ā€œwelp, shit, nothing we can do about that, guess we’ll just be an AWS customer from now on.ā€ Nobody really went ahead and built German/European alternatives. And now we completely depend on the US for lots of our stuff.

The article even claims that there’s now a shortage of sysadmins in the EU? I’m not so sure. But I’d welcome it, makes my job more secure. 🤣

Hosting services, datacenters, software, everything, it’s all US stuff. Why do we accept this, why not build alternatives …

⤋ Read More
In-reply-to » Well, it sure has been a while since I last posted here. Just up late doing yet another Linux installation. Debian turned out to be about as stable as a plutonium Jenga tower, and Alpine refused to boot, so I gave it the boot. Here's to hoping that Arch fares better. Oddly, I've always found Arch to be considerably more stable than other distros...

@dce@hashnix.club Arch is the most stress-free OS I’ve ever run (I last reinstalled it 14 years ago, only rolling updates since then) – but to be honest, I sometimes wonder what role my general choice of software plays. I mostly run minimalistic software or programs that I wrote myself. I guess that greatly reduces the chance of breakage. šŸ¤”

⤋ Read More

use lagrange mobile app or Kristall software at pc, than search with kennedy or TLGS Gemini ,keyword : ā€œMaskuga Treasureā€ that have portal to Gemini,Gopher,nex,spartans,finger & www World,

⤋ Read More

It happened.

ā€œCan you help me debug this program? I vibe coded it and I have no idea what’s going on. I had no choice – learning this new language and frameworks would have taken ages, and I have severe time constraints.ā€

Did I say ā€œnoā€? Of course not, I’m a ā€œnice guyā€. So I’m at fault as well, because I endorsed this whole thing. The other guy is also guilty, because he didn’t communicate clearly to his boss what can be done and how much time it takes. And the boss and his bosses are guilty a lot, because they’re all pushing for ā€œAIā€.

The end result is garbage software.

This particular project is still relatively small, so it might be okay at the moment. But normalizing this will yield nothing but garbage. And actually, especially if this small project works out fine, this contributes to the shittiness because management will interpret this as ā€œhey, AI worksā€, so they will keep asking for it in future projects.

How utterly frustrating. This is not what I want to do every day from now on.

⤋ Read More
In-reply-to » My open letter, to the European Commission digital markets act team:

@movq@www.uninformativ.de I submitted it via the form on their website (https://digital-markets-act.ec.europa.eu/contact-dma-team_en) and got the following response:

Dear citizen,

Thank you for contacting us and sharing your concerns regarding the impact of Google’s plans to introduce a developer verification process on Android. We appreciate that you have chosen to contact us, as we welcome feedback from interested parties.

As you may be aware, the Digital Markets Act (ā€˜DMA’) obliges gatekeepers like Google to effectively allow the distribution of apps on their operating system through third party app stores or the web. At the same time, the DMA also permits Google to introduce strictly necessary and proportionate measures to ensure that third-party software apps or app stores do not endanger the integrity of the hardware or operating system or to enable end users to effectively protect security.

We have taken note of your concerns and, while we cannot comment on ongoing dialogue with gatekeepers, these considerations will form part of our assessment of the justifications for the verification process provided by Google.

Kind regards,
The DMA Team

⤋ Read More
In-reply-to » @lyse Thanks, I think I fixed it now. Sorry for the spam.

@itsericwoodward@itsericwoodward.com No worries, all good, mate! We all have to start somewhere. Other software requests my feed several orders of magnitude more often.

I can confirm, the User-Agent header appears to be fixed. \o/

Two other things I noticed, though:

  1. There’s now an OPTIONS request for my feed coming from something that claims to be Firefox, pointing to your feed URL in the query. No clue what this is about. In any case, it’s rejected with a 405 Method Not Allowed.

  2. Not that these few requests bother me at all, but you might wanna implement caching next with either the If-Modified-Since or If-None-Match request headers. This way, if the feed hasn’t changed, the web server can reply with a 304 Not Modified and no body at all, saving unnecessary traffic. But again, this is really not an issue for me at all. I just wanted to make sure you’re aware of it, that’s all. It might be even already on your agenda. Or you might decide to never do anything about it, which is also fine for me. :-)

⤋ Read More
In-reply-to » Here is just a small list of thingsā„¢ that I'm aware will break, some quite badly, others in minor ways:

@prologic@twtxt.net I know we won’t ever convince each other of the other’s favorite addressing scheme. :-D But I wanna address (haha) your concerns:

  1. I don’t see any difference between the two schemes regarding link rot and migration. If the URL changes, both approaches are equally terrible as the feed URL is part of the hashed value and reference of some sort in the location-based scheme. It doesn’t matter.

  2. The same is true for duplication and forks. Even today, the ā€œcannonical URLā€ has to be chosen to build the hash. That’s exactly the same with location-based addressing. Why would a mirror only duplicate stuff with location- but not content-based addressing? I really fail to see that. Also, who is using mirrors or relays anyway? I don’t know of any such software to be honest.

  3. If there is a spam feed, I just unfollow it. Done. Not a concern for me at all. Not the slightest bit. And the byte verification is THE source of all broken threads when the conversation start is edited. Yes, this can be viewed as a feature, but how many times was it actually a feature and not more behaving as an anti-feature in terms of user experience?

  4. I don’t get your argument. If the feed in question is offline, one can simply look in local caches and see if there is a message at that particular time, just like looking up a hash. Where’s the difference? Except that the lookup key is longer or compound or whatever depending on the cache format.

  5. Even a new hashing algorithm requires work on clients etc. It’s not that you get some backwards-compatibility for free. It just cannot be backwards-compatible in my opinion, no matter which approach we take. That’s why I believe some magic time for the switch causes the least amount of trouble. You leave the old world untouched and working.

If these are general concerns, I’m completely with you. But I don’t think that they only apply to location-based addressing. That’s how I interpreted your message. I could be wrong. Happy to read your explanations. :-)

⤋ Read More

Great. Yet another messed up plain text e-mail part. The URL was actually HTML-escaped. Took me five attempts to figure this out, because of course it had to be several kilometers long. In fact, the e-mail stated: ā€œPlease do not be surprised that the link is particularly long. It contains your personal configuration.ā€

A normal person is completely lost (that’s why I got involved). Visting the broken URL opens a popup dialog suggesting to deactivate script blockers. Which I had already done upfront as a matter of prudence.

Fun bonus on top: The JWT in the link has identical iat (issued at) and exp (expiry) claims. The expiry is definitely not checked, it’s well in the past.

Medical software just has to be horrible. It’s a law.

⤋ Read More

Hmm, gnu.org is slow as heck. Shorter HTML pages load in about ten seconds. This complete AWK manual all in one large HTML page took a full minute: https://www.gnu.org/software/gawk/manual/gawk.html Is there maybe some anti AI shenanigans going on?

In any case, I find the user guide super interesting. My AWK skills are basically non-existent, so I finally decided to change that. This document is incredibly well written and makes it really fun to keep reading and learning. I’m very impressed. So far, I made it to section 1.6, happy to continue.

⤋ Read More
In-reply-to » We use all the Microsoft programs at work - Teams and Outlook especially.

@thecanine@twtxt.net I hate it when businesses do this. As well as being annoying and unreliable, Microsoft software is known to have a hell of a lot of security vulnerabilities, and the AI features increase the attack surface. One can use a client like Thunderbird for the email, but Teams doesn’t really have an alternative. Awful stuff.

⤋ Read More
In-reply-to » To combat malware and financial scams, Google announced today that only apps from developers that have undergone verification can be installed on certified Android devices starting in 2026.

@bender@twtxt.net That is a noble goal. We can talk about that – as long as it doesn’t mean giving up essential freedoms like choosing which software you can run on your device (without having to ask someone for permission).

⤋ Read More

RIP Android:

https://9to5google.com/2025/08/25/android-apps-developer-verification/

Since nobody is going to push back on this (I don’t even know if that would be possible), this is going to be a reality on every platform sooner or later.

I’d guess in 20, 30 years, there won’t be ā€œPCsā€ anymore. No more home computing, no more ā€œI just write my own softwareā€. You won’t own devices anymore, it’ll all be rented and the landlord will tell you what you can do with it.

I hope that I’m wrong, but given where we are today, I don’t think that I will be.

⤋ Read More

The GPG signatures of my software tarballs have been wrong for years (because I’ve been using rsync wrong, funny enough, it wasn’t a GPG issue) and nobody ever noticed. (They still are wrong at the moment, because I haven’t pushed the fix, yet.)

This confirms that this is just a total waste of time. Nobody ever checks this. Maybe this matters if you’re a distro, but why even bother as a single person …

⤋ Read More