Okay, this is pretty cool. My 8086 toy OS running on my old Pentium from an actual floppy disk. 😍 I just love that sound and the feeling of using floppies. This brings back so many memories from my early DOS days.
The cp-unopt program copies a file and intentionally uses small unaligned reads/writes (hopefully triggers more bugs).
The I/O cache works “okay-ish”, I guess. When sha1 runs, it has to do a few reads for the first file and basically none for the second one. Both could have been served entirely from the cache, theoretically. (But even just having an I/O cache in the first place speeds up things dramatically.)
Notice how there’s an EA file. That’s a left-over from OS/2, because I copied some files to the floppy using OS/2. In other words, my FAT12 implementation survives OS/2 writing to it. 🥳 (But I guess it should show up as EA DATA.SF. My current code starts at the left and stops at the first space.)
https://movq.de/v/d4d50d3c74/los86-on-p133-from-floppy-small2.mp4
↳
In-reply-to
»
Imagine if all computer UIs would act like the UI from my NAS system... I feel I need to be waiting for output from the machine like it's 1973.
⤋ Read More
Yeah, @movq@www.uninformativ.de! “Sorry boss, I accidentally removed the bug report, because the button suddenly materialized under my cursor.” :-D
Luckily, I do not have to deal with that UI from hell for three and a half weeks very soon.
Wow! Just Wow! 😮 
Discovered this whilst trying to debug why my Youtube frontend no longer works:
$ youtube-dl 'https://www.youtube.com/watch?v=YpiK1FMy2Mg'
[youtube] YpiK1FMy2Mg: Downloading webpage
WARNING: unable to extract uploader id; please report this issue on https://yt-dl.org/bug . Make sure you are using the latest version; see https://yt-dl.org/update on how to update. Be sure to call youtube-dl with the --verbose flag and include its complete output.
ERROR: unable to download video data: HTTP Error 403: Forbidden
@movq@www.uninformativ.de, having an issue fetching a twtxt context. I am getting:
Trying to fetch "#mowsvgq" from Yarn pod https://txt.sour.is ...
Trying to fetch "#mowsvgq" from Yarn pod https://twtxt.net ...
Twt could not be found
Yet, the twtxt is there: https://twtxt.net/twt/mowsvgq. Bug, or something else?
Reading about browser security measures and getting sad we don’t live in a world where cross-site scripting is a feature instead of a bug.
LMAO 🤣 … I’ve been scrolling through mutt(1) man page and found this:
BUGS
None. Mutts have fleas, not bugs.
↳
In-reply-to
»
@movq going a little sideways on this, "*If twtxt/Yarn was to grow bigger, then this would become a concern again. But even Mastodon allows editing, so how much of a problem can it really be? 😅*", wouldn't it preparing for a potential (even if very, very, veeeeery remote) growth be a good thing? Mastodon signs all messages, keeps a history of edits, and it doesn't break threads. It isn't a problem there.😉 It is here.
⤋ Read More
@prologic@twtxt.net, there is a parser bug on parent. Specifically on this portion:
"*If twtxt/Yarn was to grow bigger, then this would become a concern again. *But even Mastodon allows editing*, so how
+much of a problem can it really be? 😅*"
↳
In-reply-to
»
An alternate idea for supporting (properly) Twt Edits is to denoate as such and extend the meaning of a Twt Subject (which would need to be called something better?); For example, let's say I produced the following Twt:
⤋ Read More
@quark@ferengi.one I don’t really mind if the twt gets edited before I even fetch it. I think it’s the idea of my computer discarding old versions it’s fetched, especially if it’s shown them to me, that bugs me.
But I do like @movq@www.uninformativ.de’s suggestion on this thread that feeds could contain both the original and the edited twt. I guess it would be up to the author.
↳
In-reply-to
»
An alternate idea for supporting (properly) Twt Edits is to denoate as such and extend the meaning of a Twt Subject (which would need to be called something better?); For example, let's say I produced the following Twt:
⤋ Read More
@prologic@twtxt.net I wouldn’t want my client to honour delete requests. I like my computer’s memory to be better than mine, not worse, so it would bug me if I remember seeing something and my computer can’t find it.
On the Subject of Feed Identities; I propose the following:
- Generate a Private/Public ED25519 key pair
- Use this key pair to sign your Twtxt feed
- Use it as your feed’s identity in place of
# url =as# key = ...
For example:
$ ssh-keygen -f prologic@twtxt.net
$ ssh-keygen -Y sign -n prologic@twtxt.net -f prologic@twtxt.net twtxt.txt
And your feed would looke like:
# nick = prologic
# key = SHA256:23OiSfuPC4zT0lVh1Y+XKh+KjP59brhZfxFHIYZkbZs
# sig = twtxt.txt.sig
# prev = j6bmlgq twtxt.txt/1
# avatar = https://twtxt.net/user/prologic/avatar#gdoicerjkh3nynyxnxawwwkearr4qllkoevtwb3req4hojx5z43q
# description = "Problems are Solved by Method" 🇦🇺👨💻👨🦯🏹♔ 🏓⚯ 👨👩👧👧🛥 -- James Mills (operator of twtxt.net / creator of Yarn.social 🧶)
2024-06-14T18:22:17Z (#nef6byq) @<bender https://twtxt.net/user/bender/twtxt.txt> Hehe thanks! 😅 Still gotta sort out some other bugs, but that's tomorrows job 🤞
...
Twt Hash extension would change of course to use a feed’s ED25519 public key fingerprint.
↳
In-reply-to
»
There is a bug in
⤋ Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
@prologic@twtxt.net I believe you are not seeing the problem I am describing.
Hit this URL in your web browser:
https://twtxt.net/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
That’s your pod. I assume you don’t have a user named lovetocode999 on your pod. Yet that URL returns HTTP status 200, and generates HTML, complete with a link to https://socialmphl.com/story19510368/doujin, which is not a twtxt feed (that’s where the twtxt.txt link goes if you click it). That link could be to anything, including porn, criminal stuff, etc, and it will appear to be coming from your twtxt.net domain.
What I am saying is that this is a bug. If there is no user lovetocode999 on the pod, hitting this URL should not return HTTP 200 status, and it should definitely not be generating valid HTML with links in it.
Edit: Oops, I misunderstood the purpose of this /external endpoint. Still, since the uri is not a yarn pod, let alone one with a user named lovetocode999 on it, I stand by the belief that URLs like this should be be generating valid HTML with links to unknown sites. Shouldn’t it be possible to construct a valid target URL from the nick and uri instead of using the pod’s /external endpoint?
There is a bug in yarnd that’s been around for awhile and is still present in the current version I’m running that lets a person hit a constructed URL like
YOUR_POD/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
and see a legitimate-looking page on YOUR_POD, with an HTTP code 200 (success). From that fake page you can even follow an external feed. Try it yourself, replacing “YOUR_POD” with the URL of any yarnd pod you know. Try following the feed.
I think URLs like this should return errors. They should not render HTML, nor produce legitimate-looking pages. This mechanism is ripe for DDoS attacks. My pod gets roughly 70,000 hits per day to URLs like this. Many are porn or other types of content I do not want. At this point, if it’s not fixed soon I am going to have to shut down my pod. @prologic@twtxt.net please have a look.
↳
In-reply-to
»
@stigatle / @abucci My current working theory is that there is an asshole out there that has a feed that both your pods are fetching with a multi-GB avatar URL advertised in their feed's preamble (metadata). I'd love for you both to review this PR, and once merged, re-roll your pods and dump your respective caches and share with me using https://gist.mills.io/
⤋ Read More
@prologic@twtxt.net Try hitting this URL:
https://twtxt.net/external?nick=nosuchuser&uri=https://foo.com
Change nosuchuser to any phrase at all.
If you hit https://twtxt.net/external?nick=nosuchuser , you’re given an error. If you hit that URL above with the uri parameter, you can a legitimate-looking page. I think that is a bug.
↳
In-reply-to
»
Hack of the day: running
⤋ Read More
watch -n 60 rm -rf /tmp/yarn-avatar-* in a tmux because all of a sudden, without warning, yarnd started throwing hundreds of gigabytes of files with names like yarn-avatar-62582554 into /tmp, which filled up the entire disk and started crashing other services.
@prologic@twtxt.net Sure, but why would this start happening all of a sudden today? Nothing like this has happened before. Is this a known bug?
Plus on a de compétences techniques, plus on peut utiliser des technologies “basses”, et plus on est incompétent, plus on utilise une technologie haut niveau qui décide à notre place. Donc il faut essayer d’enseigner la technologie la plus “basse” possible pour permettre aux enfants d’être en mesure de comprendre ce qu’ils font. - Marcello Vitali-Rosati, auteur de “Éloge du bug”.
👋 If y’all notice any weird quirks or UI/UX bugs of late on my pod, please let me know! 🙏 For those that have a Javascript enabled web browser will notice (hopefully) a SPA (single page app) like experience, even in Mobile! No more full page refreshes! All this without writing a single line of Javascript (let alone React or whatever) 😅 – HTMX is pretty damn cooL! 😎 #htmx
I am supposed to come to office today, but I have caught the same cold bug wife has had for the last three days, so I am staying remote to spare cube-mates. Nose stuck, dripping, and a general slight sense of malaise is what I am feeling right now.
↳
In-reply-to
»
OK time to put this to the test, I ended up setting my $VISUAL env
{-here-} variable, so that jenny can launch neovim instead of plain old vi like
{-here-} it is instructed in the code. But as you can see, I still get these
{-here-} wired new lines every ~70th character (marked them with {-here-})
⤋ Read More
I might have found the actual source of my problem.
Jenny uses an .eml file when composing a twt …
and vim kinda auto formats it and inserts in those line breaks every ~70 character.
Then, I stumbled upon this link where Where someone reports that saving a .eml into a .txt might… corrupt the data?
↳
In-reply-to
»
I keep muting accounts here (twtxt.net), and they keep popping back on after some time. It is nuts. :-(
⤋ Read More
↳
In-reply-to
»
KTeaTime: A customizable tea steeping timer application from the KDE project: https://apps.kde.org/kteatime/
⤋ Read More
@mckinley@twtxt.net weird you mentioned my with the anthony.buc.ci account. I am assuming these kind of bugs were never addressed by @prologic@twtxt.net. :-(
Bug Thread
⌘ Read more
↳
In-reply-to
»
@xuu That was one of the horror puzzles where I had to look for help. 🥴 I modelled my solution after this: https://www.youtube.com/watch?v=2pDSooPLLkI (I can’t explain it better than the video anyway.) It takes a second on my machine and that’s with my own hashmap implementation which is probably not the fastest one.
⤋ Read More
i am wondering if maybe i need a better heap like a btree backed one instead of just list sort on Dequeue.
I found a bug where i didnt include an open/closed list that seemed to shave off a little. right now it runs in about 70 seconds on my machine.. it takes over the 300s limit when it runs on the testrunner on the same box.. docker must be restricting resources for it.
I might come back to it after i work through improving my code for day 23. Its similar but looking for the longest path instead of shortest.
↳
In-reply-to
»
The Unreasonable Effectiveness Of Plain Text - YouTube -- This is very good 👌
⤋ Read More
@lyse@lyse.isobeef.org I wish more standardization around distributed issues and PRs within the repo ala git-bug was around for this. I see it has added some bridge tooling now.
↳
In-reply-to
»
Could pumping CO2 under Canada's coast cause earthquakes?
Injecting CO2 underground might increase pressure along geological faults and cause earthquakes, but a report concludes the risk is minimal for a proposed CO2 storage site near Vancouver Island ⌘ Read more
⤋ Read More
@New_scientist@feeds.twtxt.net hello @prologic@twtxt.net here’s another feed that’s spewing multiple copies of the same post. This one above is repeated 8 times. @awesome-scala-weekly@feeds.twtxt.net now has 13 copies of each post every week. This definitely looks like a bug in whatever code is generating these feeds, because the source feeds don’t have multiple copies of the original posts:
- Has 8 copies of the above post: https://feeds.twtxt.net/New_scientist/twtxt.txt
- Has only 1 copy of the above post: https://www.newscientist.com/feed/home/
I forget whether I filed an issue on this before, but can you tell me where I should do that?
I have used Linux for most my life, and it hat been my daily driver for nearly two decades now. I have been bugged recently how when I exit the terminal buffer has not been cleared leaving whatever contents available to the next user to view.
a quick man zsh I found the STARTUP/SHUTDOWN FILES, and then a quick search on resetting the termianl buffer led me to <esc>c or printf "\033c".
In five minutes something which has bothered me for who knows how long was resolved. Just needed some motivation to figure it out.
Bug Bounties May Sound Great, But Aren’t Always Handled Well
Bug bounty programs setup by large corporations to reward and recognize security researchers for properly reporting new bugs and security vulnerabilities is a great concept, but in practice isn’t always handled well. Security researcher Adam Zabrocki recently shared the troubles he encountered in the bug bounty handling at Google for Chrome OS and in turn for Intel with it having been an i915 Linux kernel graphics driver vulnerability… ⌘ Read more
Siphon
⌘ Read more
↳
In-reply-to
»
git-bug
⤋ Read More
Ah git-bug! Ive chatted with the creator when he was working on the graphql parts. Its working with git objects directly sorta like how git-repo does code reviews. Its a pretty neat idea for storing data along side the branches. I believe they don’t add a disconnected branch to avoid data getting corrupted by merging branches or something like that.
↳
In-reply-to
»
@movq yeah.. i rewrote it a few times because i thought there was something breaking.. but was mistaken
though now i am seeing a weird cache corruption.. that seems to come and go.
Media
⤋ Read More
I have found the issue with this very subtle bug.. the cache was returning a slice that would be mutated. The mutation involved appending an item and then sorting. because the returned slice is just a pointer+length the sort would modify the same memory.
CACHE Returned slice
original: [A B C D] [A B C D]
add: [A B C D] E [A B C D E]
sort: [E A B C] D [A B C D E]
fix found here:
https://git.mills.io/yarnsocial/yarn/pulls/1072
↳
In-reply-to
»
Hmmm, after fixing my feeds to move the
⤋ Read More
<author> from <entry>s to <feed>, Newsboat marked all old affected articles as unread. IDs were untouched, of course. Need to investigate that. Had something similar happen with another feed change I did some time ago. Can't remember what that was, though.
Great, last system update broke something, building from current master I get:
/usr/bin/ld: /lib/x86_64-linux-gnu/libm.so.6: unknown type [0x13] section `.relr.dyn'
What the heck!?
And it also appears that I’m not really able to reproduce this unread bug. It only kind of works a single time. And it has something to do with my config. Not sure what it is yet. I also noticed that the <updated> timestamps in the entries somehow shifted between the old and new feed. Da fuq!?
Astronomer Hotline
⌘ Read more
@eldersnake@yarn.andrewjvpowell.com Is there still an issue (sortt was out for most of the day) with the We 💚 Privacy Club pod? 🤔 I hope no weird bug has been introduced 😢 AFIK none of the auth/session handling code has been touched in quite some time.
#BUG (or feature?) when I hit reply twtxt.net no longer fill in the @mention of the persons who’s post I’m replying to…
Oof! I found a bug on Yarn’s Markdown rendering, @prologic@twtxt.net. See OP.
@quark@ferengi.one Pinging @movq@www.uninformativ.de, in case it is a bug.
↳
In-reply-to
»
My kid just uncovered a bug in a program I wrote by grabbing my laptop and smacking the keyboard a bunch. Biological input fuzzing; a real-life chaos monkey.
⤋ Read More
It did! And I fixed the bug last night. And now I’m curious how your pod deals with spam. 👆🏼
My kid just uncovered a bug in a program I wrote by grabbing my laptop and smacking the keyboard a bunch. Biological input fuzzing; a real-life chaos monkey.
Fixed another bug in my finger client: rfc1288 says lines have to end with crlf, but I was just sending lf.
Fixed a bug. Found a new bug in yesterday’s work. Fixed that bug.
@prologic@twtxt.net @jlj@twt.nfld.uk @movq@www.uninformativ.de
/p/tmp > git clone https://www.uninformativ.de/git/lariza.git Mon May 24 23:48:18 2021
Cloning into 'lariza'...
/p/tmp > tree lariza/ 12.5s Mon May 24 23:48:32 2021
lariza/
├── BUGS
├── CHANGES
├── LICENSE
├── Makefile
├── PATCHES
├── README
├── browser.c
├── man1
│ ├── lariza.1
│ └── lariza.usage.1
├── user-scripts
│ └── hints.js
└── we_adblock.c
2 directories, 11 files
↳
In-reply-to
»
I just timed it: 59 seconds for my Raspberry Pi to boot, 33 of which is waiting for my keyboard firmware to initialize. That's just absurd.
⤋ Read More
Unrelated: my first response shows a rendering bug on your site: it’s dropping a backslash. Hard to mix markdown and genuine plain text.
@prologic@twtxt.net Bug in your profile links: it’s repeating a segment. For example, your face tries to get to https://twtxt.net/user/https://twtxt.net/user/prologic/twtxt.txt
@xuu@txt.sour.is @prologic@twtxt.net @thewismit@twtxt.psynergy.io ah.. probably a bug with the re parser. looks like i can do it without the <>’s with lex
Printer bug + Exchange https://dirkjanm.io/exploiting-CVE-2019-1040-relay-vulnerabilities-for-rce-and-domain-admin/