@lyse@lyse.isobeef.org … because you, me, and that guy over there in the corner are the only three people left using plain-text email. 🫤 (And probably Stallman.)

OpenBSD has the wonderful pledge() and unveil() syscalls:

https://www.youtube.com/watch?v=bXO6nelFt-E

Not only are they super useful (the program itself can drop privileges – like, it can initialize itself, read some files, whatever, and then tell the kernel that it will never do anything like that again; if it does, e.g. by being exploited through a bug, it gets killed by the kernel), but they are also extremely easy to use.

Imagine a server program with a connected socket in file descriptor 0. Before reading any data from the client, the program can do this:

unveil("/var/www/whatever", "r");
unveil(NULL, NULL);
pledge("stdio rpath", NULL);

Done. It’s now limited to reading files from that directory, communicating with the existing socket, stuff like that. But it cannot ever read any other files or exec() into something else.

I can’t wait for the day when we have something like this on Linux. There have been some attempts, but it’s not that easy. And it’s certainly not mainstream, yet.

I need to have a closer look at Linux’s Landlock soon (“soon”), but this is considerably more complicated than pledge()/unveil():

https://landlock.io/

@bmallred@staystrong.run Ahhh this is an agent I’m tryining to play the game of Connect3. It uses a library written in Go I’ve been working on that supports Neuroevolution using Genetic Algorithms. Some features include: Mutation, Speciation, Lamarckian Evolution/Inheritence.

So I was using this function in Rust:

https://doc.rust-lang.org/std/path/struct.Path.html#method.display

Note the little 1.0.0 in the top right corner, which means that this function has been “stable since Rust version 1.0.0”. We’re at 1.87 now, so we’re good.

Then I compiled my program on OpenBSD with Rust 1.86, i.e. just one version behind, but well ahead of 1.0.0.

The compiler said that I was using an unstable library feature.

Turns out, that function internally uses this:

https://doc.rust-lang.org/std/ffi/struct.OsStr.html#method.display

And that is only available since Rust 1.87.

How was I supposed to know this? 🤨🫩

@bender@twtxt.net I know I know! I don’t know why I ever signed up and used it and still continue to pay for the silly thing. Twtxt/Yarn is so much better in every way 🤣

@prologic@twtxt.net yes, I never understood you using micro.blog (and paying for it, nonetheless!). I don’t like it (as a platform), and have an unexplainable dislike for its creator.

@prologic@twtxt.net do you remember Hamachi? Tailscale/Headscale is Hamachi on steroids. They are used primarily for creating a VPN among all your devices so they can talk to one another as if they were on the same LAN, even when they’re not. That was, mostly, my WireGuard usage.

I still have WireGuard running—because it is so lite that it doesn’t matter—to use as regular VPN, but Headscale keeps all my devices connected forming their own “mini-Internet” 100% of the time.

@bender@twtxt.net What’s awesome about it btw? I use WireGuard pretty heavily here. And my entire family also use it to keep a VPN connection back to our home network

@prologic@twtxt.net Yeah, it’s difficult, you often don’t get what you’d expect. They also make heavy use of 3rd party libraries. IIUC, for random numbers, they refer to this library. I’ve read many times that the Rust stdlib is intentionally minimalistic (to make it easier to maintain and port and all that).

I’m struggling with this, using 3rd party libs for so many things isn’t really my cup of tea. I’ll probably make my own tiny little “standard library”. It’s silly, but I don’t see any other options. 🤷

@aelaraji@aelaraji.com got new screenies? Show them for the rest of us! Last I saw them was at the very early development stage.

@movq@www.uninformativ.de Thanks. It’s already over, the heat got us. :-(

Of Pointlessware and CEOs
Had a moment, to check up on some of the companies, I stopped following, get to The Browser Company and see their newest product - it’s just Chrome, with an AI chat window pop-up and that’s it. Something Canary Chrome, come with already.
I see Theo from T3.gg, making fun of it on YouTube and promoting “his” product - an AI chat app, where you can choose from multiple models, by all the popular AI companies. Something I already have a worse version of, at work and I don’t even use it.
There’s also an interview, about the future of virtual keyboards, surely this is at least actually a real thing and not more pointless horse shit. I check the website of the keyboard SDK, and it’s around 20 identical apps, that just copy the same keyboard SDK/api and slap chatgpt features on top - in the App Store, these are surrounded by chatgpt clones, that just feed the users prompts, into the real thing and put ads, next to the answers.

@kat@yarn.girlonthemoon.xyz toally forgiven, and welcome back! :-) What’s new? Tell us all about it!

been a while! i’ve been using my laptop more to kind of change my workflow, but without my browser bookmarks to remind me to check some sites, i’ve forgotten to check yarnverse! forgive me friends T_T

Having some fun with SIRDS this morning.

What you should see: https://movq.de/v/dae785e733/disp.png

And the tutorial I used for my C program: https://www.ime.usp.br/~otuyama/stereogram/basic/index.html

@lyse@lyse.isobeef.org LOL. I barely use my mother tongue. 😫

@kat@yarn.girlonthemoon.xyz I don’t do a lot of CSS and tried to use flexboxes recently, couldn’t find a great explanation. I somehow managed to get the desired effect, but am I using them correctly? Who knows.

@lyse@lyse.isobeef.org I cannot / could not imagine that, either – but if it’s publicly available on the internet and something links to it, they’ll eventually find, scrape it, use it. ☹️

totally understandable.

i used to drive a car which has the entertaining system display on digital-clock like screen, and all the asian song name goes [][][][][] 😄

lol a fren called me nigalee and somehow i liked the name, started to use as a new alias

@lyse@lyse.isobeef.org oh it wouldn’t be very long, maybe that’d make for a fun blog post! i just used the same tool that the nerd font people use to add glyphs, but for a “custom glyph set” i just added. the whole noto font LMAO

@movq@www.uninformativ.de I hear you! I’d also love to forbid any use in military software (development). Even though I cannot imagine anything of my stuff ending up there.

When I chose the MIT license for all of my software, I thought:

“Should I use GPL, which I don’t really understand? Is that worth it? Yeah, there is a theoretical possibility that some company might use my code in their proprietary product … and then what? Should I sue them to enforce the GPL? I’m not going to do that anyway, so I’ll just use the MIT license.”

And now we have those LLM scrapers and now it’s suddenly a reality that these companies (ab)use my code. I can see it in my logs. I didn’t expect that back then.

GPL wouldn’t help, either, of course. (Regardless, I now think that GPL would have been the better choice anyway.)

I’m honestly considering taking my code and website offline. Maybe make it accessible through some obscure protocol like Gopher or Gemini, but no more HTTP.

(Yes, Anubis might help. Temporarily.)

I’m just tired.

i saw folks in #lowendtalk are discussing about which password managers are worth using?. should have summary people’s opinion and my own into a blog post, had this idea for a while, the purpose is to tell my people how to be more secure & easier in life.

me liked the tech me using at the moment. pretty decent for production & daily use.

utilize HetrixTools for servers monitoring, then use a small one for UptimeKuma all the running websites.

the number of servers are increasing, free plan is going to be exploded.

that’s why i have to think of a solution to have separated monitoring solutions. one for the (virtual) machines, one for the websites

still haven’t had my decision on which location & VM will be use for the VPN gateway.

next up: authentication center / for both work & personal use.
for the work project, the customers (of my client) are unhappy with the account login flow and I need a fast & easy SSO for them.

for personal use: just a gateway to lock all the apps and provide access to friends.

i slowly realize the power of 1% everyday on what i am doing.

On QRs, as long as they work (and they are quite resilient), it doesn’t matter. Their design, and colours, will be based on theme in which they are included. They are getting used more now in the US. They are king on East Asia. They are awesome.

@movq@www.uninformativ.de this is mind boggling. How come it looks just fine under Mosaic, and not under IE3? Man, am I glad I don’t use a Microsoft browser!

Maybe you’ll enjoy this as well:

I still have one of my first modems, a Creatix LC 144 VF:

I think this was the modem that I used when I first connected to the internet, but I’m not sure.

I plugged it in again and it still works:

The firmware appears to be from 1994, which sounds about right. I don’t think we had internet access before that. We certainly did use local mailboxes, though. (Or BBS’s, as you might call them.)

I now want to actually use that modem again. For the moment, I can only use a phone to dial into it, I lack a second modem to actually establish a connection. Here’s a video:

Not spectacular, but the modem does answer after me entering ATA.

I bought another cheap old modem on eBay and am now waiting for it to arrive. Once it’s here, I want to simulate an actual dial-up session, hopefully from OS/2 or Windows 3.x.

@prologic@twtxt.net yeah, that will work perfectly. Because you are using “please”—which we all know is a magic talisman word of obedience—all uploads of your code to Github will be automatically paused, until such magic word is removed. 😂

@kat@yarn.girlonthemoon.xyz Ah, I see. I would assume that you’ll get used to it at some point. 🤔 But yeah, a lot of meaning is packed into these symbols. (It’s much, much worse with languages like Rust. 😅)

I sent you my QR code, please respond!

*for context: long ago, there were some complaints, about some of my sitting drawings, where the legs are apart, not using dithering/more shading and one of my favourite artists, made a video, exploring the use of QR codes, in art
P.S.: the code just redirects to my websites

My vision with this newsletter is to have a slower medium for communicating about my art as well as ideas and projects I’m working on regarding how we can use digital technology to our own benefits instead of being exploited by big tech.

Twtxt not sloe enough for you? 🤣

@prologic@twtxt.net What I meant, is that I will not say that someone is not really a writer, if they choose to have what they wrote, ran through some spelling and sentence structure checker, like the one included in MS Word, the average phone keyboard, or on reverso.net - given that they look over the output and make sure the corrections make sense.

Similarly, I won’t complain much, if someone uses AI, to remove backgrounds from images, where the AI can preform this task, as well as a human would and makes sure to check it afterwards, or use ai as a way to sort large quantities of images - usually done for science. An example of this, would be having terabytes of plant photos, from some cities camera system and having an AI analyse them, in an attempt to detect notable changes, like mold, parasites, or the plants needing more water.

@movq@www.uninformativ.de Regarding https://www.uninformativ.de/blog/postings/2025-05-21/0/POSTING-en.html: Hahaha, that’s what I immediately thought, too! The pain of going back to CVS. :-D I used that back in school. Quickly after, I upgraded to SVN and even that was terrible in comparison to a modern VCS, such as git.

In any case, happy hacking!

Again, I was simply pointing out that, if he used AI to correct misspellings, and improve grammar, then this isn’t true:

“This post was written entirely by a human, with no assistance from AI. (Other than spell- and grammar-checking.)”

@bender@twtxt.net @prologic@twtxt.net Jokes aside, I don’t think that’s the right approach either. We had spell checkers, since I can remember, as well as other tools, like the smart image select, used mostly to remove backgrounds. These are tools, that just simplify the process of either opening up a dictionary and looking up a word, you can’t remember the spelling of, or the process of placing a billion little dots around the part of an image you want to select - none of these are creative or enjoyable tasks, we already had tools for them, decades before AI. I don’t think we need to go back to cave paintings, to be free of AIs influence on our creative work.

@prologic@twtxt.net to err is human, to forgive is divine, right? I say let us err, and forgive. My grammatical errors make me me. Misspellings? Well, we need no stinky AI for that!

@thecanine@twtxt.net @movq@www.uninformativ.de So I actually agree with you! I think Dustin is taking a bit of a “deep and dark” path here (depression), and there are many parallels to other types of activities that we can all talk to. “AI” or “LLM”(s) here should be no different. Use them, Don’t use them. I don’t really see how it takes away our creativity or critical thinking.

Wanna read something very scary?

Your future doctor is using ChatGPT to pass medical school, so you better start riding a bike and eating healthy now.

😨😨😨

https://infosec.exchange/@duanegran/114531604486731084

@bender@twtxt.net It’s still a straight-through to the Eris backend that itself uses a Let’s Encrypt cert now. Haven’t tried to also terminate TLS at the Edge yet.

@prologic@twtxt.net I forgot to ask you about this. Did you ended up using TLS with Caddy, or you used something else?

Buying a TV these days, means trying to avoid endless enshitification:
-Spyware and adware
-Shitty AI upscaling/ frame interpolation
-HW that breaks after 2 - 3 years
-One off OS, dead on arrival
-Android OS, that starts lagging after the third update
-8 buttons worth of ads, on your remote

You probably have to make some kind of a compromise. I thought that was buying from some other brand like Hyundai, but that one also felt into some of those categories and just broke, after less than 3 years of use. At this point I’ll probably go back to LG and hope their HW is still reliable and the rest manageable… It has AI bullshit and knowing LG, probably some spyware you have to try your best to get rid of, can buy a remote with “only” 2 ads on it, some web-based OS shared between all their TVs, that usually gets 4 - 5 years worth of updates and works decently enough afterwards.

At this point, I’ll probably settle for anything that doesn’t literally fall apart, not even 3 years in, like the Hyundai did.

@bender@twtxt.net basically because we don’t readily use or support range hunters when requesting feeds it’s ideal to keep feed small for the time being at least until we think about writing up a formal specification for this, but it’s also only for Http hosted feeds

Sail Physics
⌘ Read more

@lyse@lyse.isobeef.org yep! that one is my favorite… @movq@www.uninformativ.de I hope you don’t mind me snatching that one, I’d love to use it as Wallpaper.

@kingdomcome@yarn.girlonthemoon.xyz AHHHHHHHHHHHHH OH MY GOD THIS IS HILARIOUS I’M USING THIS FOR LOVE4EVA TYSM LMFAO

@javivf@adn.org.es use 6697 as port, make sure it is using TLS to connect.