@prologic@twtxt.net @lyse@lyse.isobeef.org First, please leave me your comments on the repository! Even if it’s just to give your opinion on what shouldn’t be included. The more variety, the better.

Second, I’m going to try to do tests with Elliptic keys and base64. Thanks for the advice @eapl@eapl.me

Finally, I’d like to give my opinion. Secure direct messages are a feature that ActivityPub and Mastodon don’t have, to give an example. By including it as an extension, we’re already taking a significant leap forward from the competition. Does it make sense to include it in a public feed? In fact, we’re already doing that. When we reply to a user, mentioning them at the beginning of the message, it’s already a direct message. The message is within a thread, perhaps breaking the conversation. Direct messages would help isolate conversations between 2 users, as well as keeping a thread cleaner and maintaining privacy. I insist, it’s optional, it doesn’t break compatibility with any client and implementing it isn’t complex. If you don’t like it, you’re free to not use it. If you don’t have a public key, no one can send you direct messages.

While the US politicians and tech billionaires are going full-on fascist mode, here is a reminder that there are European alternatives for many well known digital and online services: https://european-alternatives.eu

It seems related to us poor single user pods not getting the trust to share twts.. which it seems to still untrust on restart for me.

Introduction to GrapheneOS
GrapheneOS (written GOS from now on) is an Android based operating system that focuses security. It is only compatible with Google Pixel devices for multiple reasons: availability of hardware security components, long term support (series 8 and 9 are supported at least 7 years after release) and the hardware has a good quality / price ratio. The goal of GOS is to provide users a lot more control about what their smartphone is doing. A main profile is used by default (the owner … ⌘ Read more

I haven’t read the entire specification, but I think there is a fundamental design problem. Why would someone put an encrypted message on a public feed that is completely useless to everybody other than the one recipient? This doesn’t make sense to me. It of course depends on the threat model, but wouldn’t one also want to minimize the publicly visible metadata (who is communicating with whom and when) when privately messaging? I feel there are better ways to accomplish this. Sorry, if I miss the obvious use case, please let me know. :-)

another one would be to allow changing public keys over time (as it may be a good practice [0]). A syntax like the following could help to know what public key you used to encrypt the message, and which private key the client should use to decrypt it:

!<nick url> <encrypted_message> <public_key_hash_7_chars>

Also I’d remove support for storing the message as hex, only allowing base64 (more compact, aiming for a minimalistic spec, etc.)

[0] https://www.brandonchecketts.com/archives/its-2023-you-should-be-using-an-ed25519-ssh-key-and-other-current-best-practices

@slashdot@feeds.twtxt.net Who the F+++ still uses goo’s search engine anyway xD Shout out to all my homies hosting a Searx instance 😂🤘

@movq@www.uninformativ.de That’s so awesome! I really oughta make use of the telescope I was gifted a few years ago…

I tried using Firefox Focus as my default browser for a while but it was to extreme. It’s still the only one on my home screen. 50-60 is sort of my intent, but then it keeps being “just one more…”.

Google begins requiring JavaScript for Google Search
Google says it has begun requiring users to turn on JavaScript, the widely used programming language to make web pages interactive, in order to use Google Search. In an email to TechCrunch, a company spokesperson claimed that the change is intended to “better protect” Google Search against malicious activity, such as bots and spam, and to improve the overall Google Search experience for users. The spokesperson noted that, with … ⌘ Read more

@lyse@lyse.isobeef.org wow what a great story! i still use FTP (well, SFTP) all the time lol, just to transfer files between servers quickly. it’s super handy!

writing your own CMS sounds kickass omg… mysql the legend

@andros@twtxt.andros.dev Nope, unfortunately not. I took a look at Lisp last year (I think I used sbcl), but I haven’t done anything really useful with it. I still want to give it a proper go some time in the future. I do like how flexible it can be. Rather simple, but powerful basic concepts.

What’s your favorite dialect?

@kat@yarn.girlonthemoon.xyz I approve! That’s how I learned HTML (version 4 at the time and XHTML shortly after) and making websites, too. Some of them are still made like this to this day. Hand-written HTML. Hardly any <div> and class nonsense. I can’t remember with which editor I started out with, but I upgraded to Webweaver (later renamed to Webcraft) quickly. Yeah, this were the times when there was just a single computer for the whole family.

Free hosting on Arcor, Freenet and I don’t know anymore how they were all called. Like this author, I uploaded everything via FTP. Oh dear, when was the last time I used that? And I had registered plenty of free .de.vu domains.

Being on Windows at the time, everything was ISO-8859-1 for me. No UTF-8, I don’t think I’ve heard about it back then.

Later, I wrote my own CMSes in PHP. Man, were they bad in retrospect. :-D Of course, MySQL databases were used as backends. I still exactly know the moment I read the first time about SQL injections. I tried it on my own CMS login and was shocked when I could just break in. The very next thing I did was to lock down everything with an .htaccess until I actually fixed my broken PHP code. Hahaha, good memories.

I swear by Atom or RSS feeds. Many of my sites offer them. I daily consume feeds, they’re just great.

@movq@www.uninformativ.de Yes, exactly that. It’s awful! And it’s getting worse from my perspective. Nobody in charge is ever gonna learn anything. I figure we just fully deserve this M$ crap, every single bit. :-(

Luckily, the most important development platform still worked for me, so I could actually do something, review code, pull and push, etc. But the calls with the screenshares were nightmares. Can’t see shit on such a tiny display with today’s extreme monitor sizes people use. Looking at logs, hahahahahahaaa…

Google Begins Requiring JavaScript For Google Search
Google says it has begun requiring users to turn on JavaScript, the widely-used programming language to make web pages interactive, in order to use Google Search. From a report: In an email to TechCrunch, a company spokesperson claimed that the change is intended to “better protect” Google Search against malicious activity, such as bots and spam, and to improve the over … ⌘ Read more

Another infrastructure apocalypse day at work. Linux and Windows users were unable to reach M$ services. No Outlook, no Teams, no intranet (Sharepoint), no Azure, etc. Mac users were lucky, though. Took whoever the whole day to resolve that. Shortly before I called it quits, it worked again. I haven’t read any e-mail today, used Teams mostly on the company phone, but it’s the plague.

And as I’ve forseen the other day, we have to deliver yet another workaround hotfix, once the other team eventually gets their stuff integrated that we should rely on. Good riddance it’s the weekend now!

@prologic@twtxt.net Totally fine with me, I don’t use it. I just have to when hacking on yarnd, because it phones this service.

Only IA from yarn are valid? Can i use https://doesnm.p.psf.lt/auth.py ?

@lyse@lyse.isobeef.org Yeah, what else does one need? 😅

I added more instructions, made it portable (so it runs on my own OS as well as Linux/DOS/whatever), and the assembler is now good enough to be used in the build process to compile the bootloader:

That is pretty cool. 😎

It’s still a “naive” assembler. There are zero optimizations and it can’t do macros (so I had to resort to using cpp). Since nothing is optimized, it uses longer opcodes than NASM and that makes the bootloader 11 bytes too large. 🥴 I avoided that for now by removing some cosmetic output from the bootloader.

@kat@yarn.girlonthemoon.xyz Cool, cool, congrats! I skipped around and noticed that you used some great background music. Do you have a list for me to look up? :-) Also, that’s a nice desktop wallpaper in the end.

@bender@twtxt.net I always schedule the next appointment right away. :-) Yeah, over here, it’s just winter. Nothing really surprising. But it gets us every time. I prefer the ice over the the fire for sure.

@movq@www.uninformativ.de That was the only time I left the house today.

@arne@uplegger.eu nice work with the client.
I also see you are using the Yellow CMS for your website🍋

Cancelled Mastodon because the time spent on it could have been used for reading books instead and the level of interaction is not enough to keep me interested.

I am now using Streamlit at work to build admin interfaces and some internal application. It’s amazing! I recommend it

I’ve been using nile, my alternative WM for #plan9, for over a decade now. I just made some additional improvements and finally gave it a web page: http://a.9srv.net/src/nile/

@doesnm.p.psf.lt@doesnm.p.psf.lt Are you also using https://cabal.chat or just someone else with the same random username?

@prologic@twtxt.net I say we should find a way to support mentions with only url, no nick, as per the original spec.

• For @<nick url> we already got support
  
• For @<nick> the posting client should expand it to @<nick url>, if not then the reading client should just render it as @nick with no link.
  
• For @<url> the sending client should try to expand it to @<nick url>, if not then the reading client should try to find or construct a nick base on:
  
  1. Look in twtxt.txt for a nick =
     
  2. Use (sub)domain from URL
     
  3. Use folder or file name from URL

Your code apparently works just fine. Until it @doesnm@doesnm.p.psf.lt’t. ;-) The shell languages are weird and having some strange properties that one is just not used to when coming from other languages.

@kat@yarn.girlonthemoon.xyz definitely a fun way to get better at bash scripting by hand (AKA learn how it works besides the extreme basics i know) and use gum to make them cute too

been playing with making fun scripts using charm CLI’s gum library :P

one that gets lyrics from an open lyrics database’s API and accepts input for artist & song names: https://asciinema.org/a/697860

and one that uses a user-provided last.fm API key to pull what’s currently playing or what last played on your account :) https://asciinema.org/a/697874

Ugh! Not @david@collantes.us, but this one. I am going nuts. Well, I am nuts!

Or using the same twt hash method, but only for the URL, to generate the nick, if it doesn’t exist, like so, @5vxo4ia@twtxt.net

although I agree that it helps, I don’t see completely correct to leave the nick definition to the source .txt. It could be wrong from the start or outdated with the time.

I’d rather prefer to get it from the mentioned .txt nick metadata (could be cached for performance).
So my vote would to make it mandatory to follow @<name url> but only using that name/nick if the URL doesn’t contain another nick.
A main advantage is that when the destination URL changes the nick, it’ll be automagically updated in the thread view (as happens with some other microblogging platforms, following the Jakob’s Law)

@prologic@twtxt.net If you’ve got the feed URL in yarnd’s cache, you can easily look up a missing nick. If you can’t find it, just show the URL (or maybe just the domain name to be halfway consistent with this @nick@domain thing that yarnd invented) and be done. It’s really that simple.

When yarnds peer with each other, the odds of actually having come across that feed URL in the past are higher than with traditional clients that only have their local set of subscribed feeds. One additional improvment would be to also look at all the mentions and see if somebody used a nick for that URL and go with that.

Yeah, yarnd currently renders some really weird shit when the mention contains just a URL, but I’d call that a bug for sure.

Personally, I do not like the @nick@domain syntax at all. It looks silly to my eyes. What might have also contributed is the fact of this mentions syntax gotten screwed up so many times by yarnd in the past. But that’s a totally different topic.

The editor can launch a new shell now:

https://movq.de/v/6ec68b50dd/los86-edit-shell.mp4

Trivial to implement but super useful. It allows for simple but meaningful dev cycles: Edit source code, run/test it, back to editor. That’s what I do in the video.

(The Brainfuck program is silly, but I got nothing else at the moment.)

The I/O cache is also getting better. All that back and forth doesn’t hit the disk at all, once cached.

This whole thing is much more fun and interesting when you run it from a real floppy disk. It’s a 5.25” floppy in the video (so it’s actually floppy 😅). Disk seek times can be catastrophic and you don’t notice any of this on modern disks.

@kat@yarn.girlonthemoon.xyz i don’t even have like time or space to stream unless it was no mic/video and just me doing stuff on my computer which can be boring without even mic input. plus no way to use camcorder that way. but. it’d be cool if i could so i dream

i wanna try streaming with owncast using my camcorder as the input device because i found out that i might be able to do that and now i really wanna fuckin try it lol

good morning yarn friends. we need a funny name for yarn posters. what’s something that fits the yarn theme…. i mean we quite literally have threads here. yarn threads. how epic is that. now us posters need a funny name too.

@doesnmppsflt@doesnm.p.psf.lt Not sure which bug you’re referring to. 🤔 (Did I forget?)

Those long IDs like (#113797927355322708) are simply part of that feed. Looks like the author just dumps ActivityPub IDs into twtxt. I think this used to work in the past, but the corresponding spec (https://twtxt.dev/exts/hash-tag.html) has been deprecated and jenny doesn’t support – actually, jenny never supported that.

jenny can only group threads by exactly one criterium (because it writes a Message-ID into the mail file) and that’s the regular twt hash. So, anything else, like people doing “#CoolTopic”, isn’t possible.

This is the first screenshot, a simple timeline I’m using to check the fields. Now I’m working on some details: avatar cache, relative dates, simple thread, etc. #emacs #twtxt

@doesnm@doesnm.p.psf.lt LOL sorry which client are you using? 🤔 You can of course have a say! There aren’t that many active/used clients at the moment, and I forget which one you’re using 🤣🤣

Lol only i use discontinued client? (with patches but i’m lost sources so they “proprietary”)

For the record; we consider the new authority on the Twtxt spec(s) going forward (has been for some years actually) to be implementers / primary maintainers of widely used clients. To date that is:

• yarnd @prologic@twtxt.net (me and others)
  
• jenny @movq@www.uninformativ.de
  
• tt @lyse@lyse.isobeef.org
  
• Timeline @darch@neotxt.dk / @eapl.me@eapl.me and others
  
• twtxt-el? – @andros@twtxt.andros.dev
  

Full list of supported and widely used clients can be found at https://twtxt.dev/clients.html – which I note a few above are actually missing from this page haha 🤣

Yeah, @bender@twtxt.net, I absolutely love it! :-D Monty Python just rocks!

This very knight inspired me to make myself a knight helmet with opening visor out of an old washing machine sheet metal years ago for a theater play. It was really great fun, both making the helmet as well as using it during the week in the play as a silly and shady prince who got all his tracts of land by winning dubious games.

I just couldn’t really hear very well in it. And if somebody hit me on the head or just slightly knocked on the helmet, it was incredibly loud. No fine craftmanship by any means and obviously historically extremely questionable at best, but it did the job well enough. One of the running gags was that I had to open the visor when I wanted to talk. Here are some photos in action, you’ll find many more when surfing through the gallery:

• https://wawuwo.de/2016/woche2/montag/017.html#image
  
• https://wawuwo.de/2016/woche2/dienstag/019.html#image
  
• https://wawuwo.de/2016/woche2/mittwoch/156.html#image
  
• https://wawuwo.de/2016/woche2/donnerstag/008.html#image
  
• https://wawuwo.de/2016/woche2/freitag/036.html#image In one lunch break my page and I decided to dress up and play a game of dice against the kids. However, we used badly cogged dice. We just added a few dots of paint on one of the two dice, so that it had two fours, two fives and two sixes or something like that. I always told my opponents: “You can choose whatever dice you want. Except for the red one, that’s my lucky dice!” As well-behaved children, they then selected the blue, unbiased one. And usually lost. However, I remember there was one kid that beat me with four sixes in row. :-D Although we thought, we make it halfway obvious that this game is truly not fair, it took them extremely long to figure out that we had messed with my lucky dice. When they finally did, they got super angry. Some of them were on the brink of beating me up. That was really nice to see their sense of justice kick it. :-)
  
• https://wawuwo.de/2016/woche2/freitag/169.html#image

@suitechic@yarn.girlonthemoon.xyz yeah i’ve also used namecheap, though i will say if you want to do TLS on demand with them then it’s kind of a pain and i think you have to pay more last i checked so i’d try something different.

@movq@www.uninformativ.de That looks neat! In the past I always used some Jitsi instance for screen shares.

I just used screego to help a family member with their Windows PC. Flawless experience! 💚

@movq@www.uninformativ.de Over-ear headphones make moving and turning around quite uncomfortable. But it looks like you’re having a very calm sleep, unlike me, who likes to turn a bit on the side every now and then, too.

When I use noise cancelling devices in bed (absolutely required at scouting events), it’s simple ear plugs. I got myself a big pack of 200 pairs nine and a half years ago (oh wow, didn’t realize I have them this long). A lifetime supply. Especially when I reuse them two, three dozen times or so before they’re worn out and don’t seal properly anymore.

In a rush in getting all my private data off from US - based company servers - the way it is looking, it might be that it would be good for us Rest Of The Worlders, to bring in our sheep and keep them close by.

@prologic@twtxt.net oh this does look interesting, thanks for sharing. i’ve been using namecheap for years with no issues