Searching yarn

Twts matching #twtxt.txt
Sort by: Newest, Oldest, Most Relevant

@prologic@twtxt.net

#!/bin/sh

# Validate environment
if ! command -v msgbus > /dev/null; then
    printf "missing msgbus command. Use:  go install git.mills.io/prologic/msgbus/cmd/msgbus@latest"
    exit 1
fi

if ! command -v salty > /dev/null; then
    printf "missing salty command. Use:  go install go.mills.io/salty/cmd/salty@latest"
    exit 1
fi

if ! command -v salty-keygen > /dev/null; then
    printf "missing salty-keygen command. Use:  go install go.mills.io/salty/cmd/salty-keygen@latest"
    exit 1
fi

if [ -z "$SALTY_IDENTITY" ]; then
    export SALTY_IDENTITY="$HOME/.config/salty/$USER.key"
fi

get_user () {
    user=$(grep user: "$SALTY_IDENTITY" | awk '{print $3}')
    if [ -z "$user" ]; then
        user="$USER"
    fi
    echo "$user"
}

stream () {
    if [ -z "$SALTY_IDENTITY" ]; then
        echo "SALTY_IDENTITY not set"
        exit 2
    fi

    jq -r '.payload' | base64 -d | salty -i "$SALTY_IDENTITY" -d
}

lookup () {
    if [ $# -lt 1 ]; then
    printf "Usage: %s nick@domain\n" "$(basename "$0")"
    exit 1
    fi

    user="$1"
    nick="$(echo "$user" | awk -F@ '{ print $1 }')"
    domain="$(echo "$user" | awk -F@ '{ print $2 }')"

    curl -qsSL "https://$domain/.well-known/salty/${nick}.json"
}

readmsgs () {
    topic="$1"

    if [ -z "$topic" ]; then
        topic=$(get_user)
    fi

    export SALTY_IDENTITY="$HOME/.config/salty/$topic.key"
    if [ ! -f "$SALTY_IDENTITY" ]; then
        echo "identity file missing for user $topic" >&2
        exit 1
    fi

    msgbus sub "$topic" "$0"
}

sendmsg () {
    if [ $# -lt 2 ]; then
        printf "Usage: %s nick@domain.tld <message>\n" "$(basename "$0")"
        exit 0
    fi

    if [ -z "$SALTY_IDENTITY" ]; then
        echo "SALTY_IDENTITY not set"
        exit 2
    fi

    user="$1"
    message="$2"

    salty_json="$(mktemp /tmp/salty.XXXXXX)"

    lookup "$user" > "$salty_json"

    endpoint="$(jq -r '.endpoint' < "$salty_json")"
    topic="$(jq -r '.topic' < "$salty_json")"
    key="$(jq -r '.key' < "$salty_json")"

    rm "$salty_json"

    message="[$(date +%FT%TZ)] <$(get_user)> $message"

    echo "$message" \
        | salty -i "$SALTY_IDENTITY" -r "$key" \
        | msgbus -u "$endpoint" pub "$topic"
}

make_user () {
    mkdir -p "$HOME/.config/salty"

    if [ $# -lt 1 ]; then
        user=$USER
    else
        user=$1
    fi

    identity_file="$HOME/.config/salty/$user.key"

    if [ -f "$identity_file" ]; then
        printf "user key exists!"
        exit 1
    fi

    # Check for msgbus env.. probably can make it fallback to looking for a config file?
    if [ -z "$MSGBUS_URI" ]; then
        printf "missing MSGBUS_URI in environment"
        exit 1
    fi


    salty-keygen -o "$identity_file"
    echo "# user: $user" >> "$identity_file"

    pubkey=$(grep key: "$identity_file" | awk '{print $4}')

    cat <<- EOF
Create this file in your webserver well-known folder. https://hostname.tld/.well-known/salty/$user.json

{
  "endpoint": "$MSGBUS_URI",
  "topic": "$user",
  "key": "$pubkey"
}

EOF
}

# check if streaming
if [ ! -t 1 ]; then
    stream
    exit 0
fi

# Show Help
if [ $# -lt 1 ]; then
    printf "Commands: send read lookup"
    exit 0
fi


CMD=$1
shift

case $CMD in
    send)
        sendmsg "$@"
    ;;
    read)
        readmsgs "$@"
    ;;
    lookup)
        lookup "$@"
    ;;
    make-user)
        make_user "$@"
    ;;
esac

⤋ Read More
In-reply-to » For instance I normally use the same RSA key/pair on all my workstations for my ssh client, because that's me, no-matter where I am. The only exception to this rule is I usually create a separate key for any "work" / " company" I am a part of.

@prologic@twtxt.net I have seen single use keys that are signed by a central PKI .. Keybase has one that uses a chatbot to generate the keys on the fly.

It just comes down to your threat model :)

⤋ Read More

@prologic@twtxt.net Re: Chat system, What if the base specification included a system for per-user arbitrary JSON storage on the server? Kind of like XEP-0049, but expanded upon. Two kinds of objects: public and private. Public objects can be queried by anyone, private objects cannot and must be encrypted with the user’s private key. Public keys could be stored there, as well as anything else defined by extensions. Roster, user block list, avatar, etc.

⤋ Read More

@prologic@prologic://twtxt.net/user/prologic/twtxt.txt The news first broke several days ago, but I didn’t see photo confirmation until today. I might have just been late :P

⤋ Read More
In-reply-to » Another day, another 5m outage 🤬

@prologic@twtxt.net

Not sure if Starlink satellites are in orbit around/over Australia yet, but I wouldn’t go with that option anyway due to the latency alone.

I believe it is being trialled in some places in Aus already. I will admit, I’ve been signed up for the beta for a while and it’s supposed to be coming to my area sometime in 2022, though that may be delayed due to the chip shortage stuff.

I think the latency is supposed to be 45-60ms on average, which while not as good as fixed line obviously, is leagues better than old fashioned high orbit satellite broadband which is about 600~ms.

⤋ Read More
In-reply-to » I'm not 100% certain @quark but 🤞 that revert works...

@prologic@twtxt.net, who calls me name when I am busy profiting? 😂 In a less serious note—because nothing is more serious than making profit, of course—yes, it seems your avatar issue has been fixed. I am kind of sad, I looked forward each day to see which random one was going to show. LOL.

⤋ Read More
In-reply-to » @quark Fixed the "Enter" key issue, sorry about that. I'm dumb 🤦‍♂️ Also I hate Javascript! 🤬

@prologic@twtxt.net you be the man! I can’t remember the last time something gave as much troubles as this. The mention and the way to handle images are two things that have stuck in my head. Hopefully this is the last time there is an issue with this one! 🤞🏻

⤋ Read More
In-reply-to » @prologic I am seeing a problem in which not-so-active users, such as myself, are ending up having a blank "Recent twts from..." under their profiles because, I assume, the cache long expired. What can be done about it? Business personalities such as myself can't be around here that often! Could something be implemented so that, say, the last 10 or 20 twts are always visible under one's profile? Neep-gren!

@prologic@twtxt.net let us take the path of less resistance, that is, less effort, for now. I am going to be a great-grandfather before search ever get implemented locally, least one to search on “all pods”. In other words, let us don’t bite more than we can chew. 😹 Neep-gren!

⤋ Read More
In-reply-to » @prologic I am seeing a problem in which not-so-active users, such as myself, are ending up having a blank "Recent twts from..." under their profiles because, I assume, the cache long expired. What can be done about it? Business personalities such as myself can't be around here that often! Could something be implemented so that, say, the last 10 or 20 twts are always visible under one's profile? Neep-gren!

@prologic@twtxt.net I fully agree with making it a pod-level setting (forget about user-level, let us not complicate things too much; we all know users know nothing). Should I send a latinum over for this, or will an issue just suffice? Neep-gren!

⤋ Read More

@prologic@twtxt.net I am seeing a problem in which not-so-active users, such as myself, are ending up having a blank “Recent twts from…” under their profiles because, I assume, the cache long expired. What can be done about it? Business personalities such as myself can’t be around here that often! Could something be implemented so that, say, the last 10 or 20 twts are always visible under one’s profile? Neep-gren!

⤋ Read More
In-reply-to » The Feds Are Investigating a YouTuber Accused of Crashing a Plane For Views A YouTuber and former Olympic snowboarder has been accused of crashing his plane on purpose for clicks, and the FAA has opened an investigation to get to the bottom of the growing mess. The Drive reports: Trevor Jacob has been the subject of online criticism after posting a YouTube video where he parachuted from a Taylorcraf ... ⌘ Read more

@fastidious@arrakis.netbros.com, I am sure profit—or the search for it—was involved. Most likely that pilot was a Ferengi in disguise. We are known to visit lesser planets seeking to exploit. Sometimes it works out, sometimes it doesn’t. Hoping my fellow Ferengi fares well or, at the very least, lets me know where his Latinum is.

⤋ Read More

Thank you for bringing this to our attention, Mr. Fastidious. We fully agree with you.

@lyse@lyse.isobeef.org Sir, you really should have forked that conversation long back to keep our environment clean and tidy. Unfortunately, you did not attend the meeting earlier, so we have to advise you in writing to be prudent. Please keep in mind the fork lockdown is currently not in place. There are currently no plans to enforce it in the near future.

⤋ Read More
In-reply-to » Netflix Raises Monthly Subscription Prices in US, Canada Netflix has raised its monthly subscription price by $1 to $2 per month in the United States depending on the plan, the company said on Friday, to help pay for new programming to compete in the crowded streaming TV market. From a report: The standard plan, which allows for two simultaneous streams, now costs $15.49 per month, up from $13.99, in the Unite ... ⌘ Read more

@fastidious@arrakis.netbros.com I am not Amish.. i am Xuu!

⤋ Read More
In-reply-to » @fastidious Oh But somehow @lyse saw the old Twt and replied to that 🤦‍♂️

@prologic@twtxt.net I have thought about this because even though it doesn’t happen often, when it does it bothers me greatly. I haven’t found a solution. How about you? What could be done to avoid this from happening?

I know we have been over this in more than one occasion. Ideas about editing timeouts, or not allowing to edit/delete came up, but were quicky discarded as absurd.

⤋ Read More
In-reply-to » @lyse that is a horrible idea. A mobile device isn't a server. Having a mobile device pull raw twtxt feeds from everywhere on an ongoing bases, will be, at the very least, tolling on the device's battery. Just at you, or even further, I will never use such thing.

@fastidious@arrakis.netbros.com Oh But somehow @lyse@lyse.isobeef.org saw the old Twt and replied to that 🤦‍♂️

This is the downside of not fetching often enough or refreshing just in case a feed has changed your replying to hmmm 🤔

⤋ Read More
In-reply-to » @prologic sorry about the spelling mistakes. English is my third language. Also I didn't mean to question the vision as such. Just ment a mobile up that pulls in files directly from the users follow list would line up better with the idea of decentralizing personal data. Since not everyone will be running a pod, but most everyone can have a public facing folder. Specially now with services like Skynet coming online. Sorry hope I didn't offend you too much.

@lyse@lyse.isobeef.org that is a horrible idea. A mobile device isn’t a server. Having a mobile device pull raw twtxt feeds from everywhere on an ongoing bases, will be, at the very least, tolling on the device’s battery. Just at you, or even further, I will never use such thing.

⤋ Read More
In-reply-to » @tamer We're not trying to compete with anything... If you've read About Yarn.social -- In a nutshell I want to create an open, transparent social platform that respect's folks privacy and freedoms. It must also be easy to use and down-to-earth where human interactions actually matter. None of this rubbish of manipulating what you see, driving up engagement numbers to serve your advertisers and all that garbage

@prologic@twtxt.net sorry about the spelling mistakes. English is my third language.
Also I didn’t mean to question the vision as such.
Just ment a mobile up that pulls in files directly from the users follow list would line up better with the idea of decentralizing personal data. Since not everyone will be running a pod, but most everyone can have a public facing folder. Specially now with services like Skynet coming online.
Sorry hope I didn’t offend you too much.

⤋ Read More
In-reply-to » Sorry if anyone saw my last Yarn here... I deleted it, I was wrong. Looks like everything is encrypted attachments phew but my other concerns above still stand.

@tamer@twtxt.net We’re not trying to compete with anything… If you’ve read About Yarn.social – In a nutshell I want to create an open, transparent social platform that respect’s folks privacy and freedoms. It must also be easy to use and down-to-earth where human interactions actually matter. None of this rubbish of manipulating what you see, driving up engagement numbers to serve your advertisers and all that garbage

⤋ Read More

Autocrypt - Wikipedia

Just reading in-depth and trying to understand the security model of Delta.Chat a bit more… There’s a few things that really concern me about how Delta.Chat which relies on Autocrypt work:

  • There is no Perfect Forward Secrecy
  • No verification of keys
    • Is therefore susceptible to Man-in-the-Middle attacks
  • Metadata is a BIG problem with Delta.Chat:
    • The To and From and Date are trackable by your Mail provider (amongst many other headers)

Hmmm 🤔 cc @deebs@twtxt.net

⤋ Read More