↳
In-reply-to
»
(#2qn6iaa) @prologic Some criticisms and a possible alternative direction:
†Read More
HTTPS is supposed to do
ODROID-M2 Leverages RK3588S2 SoC and Supports LPDDR5 Memory
The ODROID-M2 builds on the success of the Hardkernel ODROID-M1 series, offering enhanced computing power for industrial embedded systems. Powered by the RK3588S2 SoC, the ODROID-M2 provides significant improvements in both processing power and memory performance. Like the Radxa 5C and Lite models, the ODROID-M2 is equipped with the RK3588S2. This system features an octa-core
↳
In-reply-to
»
Out camping with the family this weekend for my birthday đ„ł Media
†Read More
Many thanks!
↳
In-reply-to
»
@sorenpeter !! I freaking love your Timeline ... I kind of have an justified PHP phobia đ
but, I'm definitely thinking about giving it a try!
†Read More
@aelaraji@aelaraji.com Have you considered https://git.mills.io/yarnsocial/twtxt2html
On my blog: Toots 𩣠from 09/09 to 09/13 https://john.colagioia.net/blog/2024/09/13/week.html #linkdump #socialmedia #quotes #week
The #readchristie2024 for #September is âOrdeal by Innocenceâ, and in this #fridayreads Iâm reading the Portuguese translation, than changes itâs title to âcabo da vĂboraâ.
↳
In-reply-to
»
(#rh6gtwq) @prologic can't one just link to a keyoxide profile with a link to their Twtxt feed for identity or something?
†Read More
you can just have a web address.. i added mine.. though i think they have changed up the protocol so my key doesnât seem to work anymore. https://key.sour.is/id/me@sour.is
↳
In-reply-to
»
Out camping with the family this weekend for my birthday đ„ł Media
†Read More
@bender@twtxt.net Thanks! đ€ â I know it will đ€Ł
Out camping with the family this weekend for my birthday đ„ł
↳
In-reply-to
»
@xuu What's the keyoxide thingy you wrote/built? đ€ What's your URI/profile? đ€
†Read More
I think so đ Thanks$!đââïž
The Fediverse Files â https://notiz.blog/a/9L7
ASRock Industrial SBC-374: A Versatile Platform Accommodating Meteor Lake-PS Intel Processors
The ASRock Industrial SBC-374 is a robust single board computer designed for embedded applications. It features Intel Core Ultra Processors (Meteor Lake-PS) on an LGA 1851 socket and is supported by an AMI SPI BIOS with secure flash options, suitable for demanding tasks in secure environments. According to the product specifications, the SBC-374 supports Inte ⊠â Read more
MSIâs MS-CF17: An Ultra-Low-Power 3.5âł SBC with Intel Raptor Lake-P Processors
The MS-CF17 from MSI is an advanced single-board computer that combines high performance with a compact, fanless, ultra-low-power design. Featuring Intelâs latest 13th Gen Raptor Lake-P processors, the board is also available in an industrial-grade variant, making it suitable for demanding applications. This SBC is equipped with Intel Mobile 13th Gen Raptor Lake-P U Series
↳
In-reply-to
»
(#pvju5cq) @lyse This looks like a nice way to do it.
†Read More
@aelaraji@aelaraji.com Hah interesting đ€
been rather uninterested in technology lately for some reason. itâs probably the US Electionâs fault, since I live in the US and all
JĂĄ nĂŁo fazia um toot sobre #traduçÔes hĂĄ muito tempoâŠ
@xuu@txt.sour.is Whatâs the keyoxide thingy you wrote/built? đ€ Whatâs your URI/profile? đ€
↳
In-reply-to
»
(#rh6gtwq) @prologic can't one just link to a keyoxide profile with a link to their Twtxt feed for identity or something?
†Read More
@aelaraji@aelaraji.com Sounds like it would work đ Though Iâve not tried or invested anytime into proofs and claims type things so far đ€
On my blog: Real Life in Star Trek, Cause and Effect https://john.colagioia.net/blog/2024/09/12/cause-effect.html #scifi #startrek #closereading
↳
In-reply-to
»
(#rh6gtwq) @aelaraji how would that work exactly? Does that mean then that every user is required to have a cox side profile? Who maintains cox site? Is it centralized or decentralized can be relied upon?
†Read More
@aelaraji@aelaraji.com Nice write up!
I just received a thought⊠When you visit a server home page, or any page, why canât the server sent you a page full of images, asking the human to click on three ants, or four ducks, or two trees, or five cars?
Can an AI machine do such a thing? After a few seconds of human time, the page they wish is downloaded for them. Would this work all you computer experts? (I am getting sick of bots reading my content and stealing my copyright)
aujourdâhui, jâai configurĂ© un serveur caldav pour Ă©viter les oublis de rendez-vous avec ma chĂ©rie, et jâai configurĂ© unbound pour quâil fasse le rĂ©solveur DNS en mĂȘme temps quâĂȘtre le point de sortie de mon VPN #wireguard. Ăa traĂźnait depuis trop longtemps. CâĂ©tait pas une si mauvaise journĂ©e ^^
quelquâun peut me dire pourquoi https://buymeacoffee.com/ ça serait mieux que https://liberapay.com/ ?
Cette nuit, jâai rĂȘvĂ© de PV Nova qui reprenait RATM et modifiait trĂšs lĂ©gĂšrement le rythme, câĂ©tait vraiment excellent. Jâai maintenant la musique dans la tĂȘte :)
↳
In-reply-to
»
(#pvju5cq) @lyse This looks like a nice way to do it.
†Read More
@aelaraji@aelaraji.com how would that work exactly? Does that mean then that every user is required to have a cox side profile? Who maintains cox site? Is it centralized or decentralized can be relied upon?
Summer, going too fast. :(
↳
In-reply-to
»
Ford Seeks Patent For Tech That Listens To Driver Conversations To Serve Ads
Ford is seeking a patent for technology that would allow it to tailor in-car advertising by listening to conversations among vehicle occupants, as well as by analyzing a car's historical location and other data, according to a patent application published late last month. The Record: "In one example, the controller may moni ... â Read more
†Read More
Ford, the company can honestly go fuck themselves! No one ever asked or even thought to themselves:
Gee I wish my car would listen to my in-car conversations and serve me ads.
↳
In-reply-to
»
Ford Seeks Patent For Tech That Listens To Driver Conversations To Serve Ads
Ford is seeking a patent for technology that would allow it to tailor in-car advertising by listening to conversations among vehicle occupants, as well as by analyzing a car's historical location and other data, according to a patent application published late last month. The Record: "In one example, the controller may moni ... â Read more
†Read More
@slashdot@feeds.twtxt.net iâll get fucked! The US patent office should ban this immediately.
↳
In-reply-to
»
(#liwqpqq) @bender Yes, they do đ€Ł Implicitly, or threading would never work at all đ
Nor lookups đ€Ł They are used as keys. Think of them like a primary key in a database or index. I totally get where you're coming from, but there are trade-offs with using Message/Thread Ids as opposed to Content Addressing (like we do) and I believe we would just encounter other problems by doing so.
†Read More
@xuu@txt.sour.is True đ I guess it comes down to our risk appetite and the attack vectors weâre trying to solve for đ€
↳
In-reply-to
»
(#rh6gtwq) IMO we just have to fix the identity problem and figure out how to detect or support edits.
†Read More
@bender@twtxt.net yes I agree.
Fall is in the air now in Minnesota.
↳
In-reply-to
»
(#liwqpqq) @bender Yes, they do đ€Ł Implicitly, or threading would never work at all đ
Nor lookups đ€Ł They are used as keys. Think of them like a primary key in a database or index. I totally get where you're coming from, but there are trade-offs with using Message/Thread Ids as opposed to Content Addressing (like we do) and I believe we would just encounter other problems by doing so.
†Read More
@prologic@twtxt.net a signature IS encryption in reverse. If my private key becomes compromised then they can impersonate me. Being able to manage promotion and revocation of keys needed even in a system where its used for just signatures.
↳
In-reply-to
»
(#pvju5cq) @falsifian In my opinion it was a mistake that we defined the first
†Read More
url
field in the feed to define the URL for hashing. It should have been the last encountered one. Then, assuming append-style feeds, you could override the old URL with a new one from a certain point on:
@bender@twtxt.net there is a certain simplicity to that. đ
Iâm not sure if itâs possible to have unwind listening on a routing table != 0. It would be handy with my wireguard vpn set up on rdomain 2 (as example) si I can resolve domain names without setting up public DNS server in /etc/resolv.conf #openbsd.
↳
In-reply-to
»
(#pvju5cq) @falsifian In my opinion it was a mistake that we defined the first
†Read More
url
field in the feed to define the URL for hashing. It should have been the last encountered one. Then, assuming append-style feeds, you could override the old URL with a new one from a certain point on:
I was not suggesting to that everyone need to setup a working webfinger endpoint, but that we take the format of nick+(sub)domain as base for generating the hashed together with the message date and content.
If we omit the protocol prefix from the way we do things now will that not solve most of the problems? In the case of gemini://gemini.ctrl-c.club/~nristen/twtxt.txt
they also have a working twtxt.txt at https://ctrl-c.club/~nristen/twtxt.txt
⊠damn I just notice the gemini.
subdomain.
Okay what about defining a prefers protocol as part of the hash schema? so 1: https , 2: http 3: gemini 4: gopher ?
Ford Seeks Patent For Tech That Listens To Driver Conversations To Serve Ads
Ford is seeking a patent for technology that would allow it to tailor in-car advertising by listening to conversations among vehicle occupants, as well as by analyzing a carâs historical location and other data, according to a patent application published late last month. The Record: âIn one example, the controller may moni ⊠â Read more
↳
In-reply-to
»
(#liwqpqq) @bender Yes, they do đ€Ł Implicitly, or threading would never work at all đ
Nor lookups đ€Ł They are used as keys. Think of them like a primary key in a database or index. I totally get where you're coming from, but there are trade-offs with using Message/Thread Ids as opposed to Content Addressing (like we do) and I believe we would just encounter other problems by doing so.
†Read More
@xuu@txt.sour.is itâs not really strictly required if weâre just talking about identity though right? If weâre talking about encryption then yes I agree rotate and keys becomes very important if you want to have attributes like perfect forward secrecy.
↳
In-reply-to
»
(#mhtocjq) > the right way to solve this is to use public/private key(s) where you actually have a public key fingerprint as your feedâs unique identity that never changes.
†Read More
@xuu@txt.sour.is that could work too, but that requires a random value, a set of keys and signature verification of the value, which I donât really have a problem with.
↳
In-reply-to
»
(#rh6gtwq) IMO we just have to fix the identity problem and figure out how to detect or support edits.
†Read More
@xuu@txt.sour.is yes Iâm less concerned about solving the integrity part of the problem of whether we can trust that the content of a feed is actually written by certain author, however, thatâs not to say that we shouldnât think about also leveraging keys to be able to do that maybe itâs an optional feature?
↳
In-reply-to
»
Interesting.. QUIC isn't very quick over fast internet.
†Read More
What were the recommended mitigations?
↳
In-reply-to
»
(#rh6gtwq) @prologic do that mean that for every new post (not replies) the client will have to generate a UUID or similar when posting and add that to to the twt?
†Read More
@sorenpeter@darch.dk There was a client that would generate a unique hash for each twt. It didnât get wide adoption.
↳
In-reply-to
»
(#rh6gtwq) IMO we just have to fix the identity problem and figure out how to detect or support edits.
†Read More
@prologic@twtxt.net identity and content integrity are two different problems.
↳
In-reply-to
»
(#liwqpqq) @bender Yes, they do đ€Ł Implicitly, or threading would never work at all đ
Nor lookups đ€Ł They are used as keys. Think of them like a primary key in a database or index. I totally get where you're coming from, but there are trade-offs with using Message/Thread Ids as opposed to Content Addressing (like we do) and I believe we would just encounter other problems by doing so.
†Read More
Key rotation is a very important feature in a system like this.
↳
In-reply-to
»
(#liwqpqq) @bender Yes, they do đ€Ł Implicitly, or threading would never work at all đ
Nor lookups đ€Ł They are used as keys. Think of them like a primary key in a database or index. I totally get where you're coming from, but there are trade-offs with using Message/Thread Ids as opposed to Content Addressing (like we do) and I believe we would just encounter other problems by doing so.
†Read More
the right way to solve this is to use public/private key(s) where you actually have a public key fingerprint as your feedâs unique identity that never changes.
i would rather it be a random value signed by a key. That way the key can change but the value stays the same.
Asus X7433RE-IM-A is a 3.5âł Single Board Computer with Intel Atom X7433RE Processor
The X7433RE-IM-A is a 3.5â industrial single board computer designed for industrial applications, featuring the Intel Amston Lake System-on-Chip. It integrates Intel Deep Learning Boost and Advanced Vector Extensions 2 to enhance AI inference and accelerate workloads at the edge, specifically targeting IoT applications. This SBC is available with the x7433RE processor, offering ⊠â Read more
↳
In-reply-to
»
Interesting.. QUIC isn't very quick over fast internet.
†Read More
@xuu@txt.sour.is Thanks for the link. I found a pdf on one of the authorsâ home pages: https://ahmadhassandebugs.github.io/assets/pdf/quic_www24.pdf . I wonder how the protocol was evaluated closer to the time it became a standard, and whether anything has changed. I wonder if network speeds have grown faster than CPU speeds since then. The paper says the performance is around the same below around 600 Mbps.
To be fair, I donât think QUIC was ever expected to be faster for transferring a single stream of data. I think QUIC is supposed to reduce the impact of a dropped packet by making sure it only affects the stream itâs part of. I imagine QUIC still has that advantage, and this paper is showing the other side of a tradeoff.
Interesting.. QUIC isnât very quick over fast internet.
QUIC is expected to be a game-changer in improving web application performance. In this paper, we conduct a systematic examination of QUICâs performance over high-speed networks. We find that over fast Internet, the UDP+QUIC+HTTP/3 stack suffers a data rate reduction of up to 45.2% compared to the TCP+TLS+HTTP/2 counterpart. Moreover, the performance gap between QUIC and HTTP/2 grows as the underlying bandwidth increases. We observe this issue on lightweight data transfer clients and major web browsers (Chrome, Edge, Firefox, Opera), on different hosts (desktop, mobile), and over diverse networks (wired broadband, cellular). It affects not only file transfers, but also various applications such as video streaming (up to 9.8% video bitrate reduction) and web browsing. Through rigorous packet trace analysis and kernel- and user-space profiling, we identify the root cause to be high receiver-side processing overhead, in particular, excessive data packets and QUICâs user-space ACKs. We make concrete recommendations for mitigating the observed performance issues.
↳
In-reply-to
»
On the Subject of Feed Identities; I propose the following:
†Read More
So this is a great thread. I have been thinking about this too.. and what if we are coming at it from the wrong direction? Identity being tied to a given URL has always been a pain point. If i get a new URL its almost as if i have a new identity because not only am I serving at a new location but all my previous communications are broken because the hashes are all wrong.
What if instead we used this idea of signatures to thread the URLs together into one identity? We keep the URL to Hash in place. Changing that now is basically a no go. But we can create a signature chain that can link identities together. So if i move to a new URL i update the chain hosted by my primary identity to include the new URL. If i have an archived feed that the old URL is now dead, we can point to where it is now hosted and use the current convention of hashing based on the first url:
The signature chain can also be used to rotate to new keys over time. Just sign in a new key or revoke an old one. The prior signatures remain valid within the scope of time the signatures were made and the keys were active.
The signature file can be hosted anywhere as long as it can be fetched by a reasonable protocol. So say we could use a webfinger that directs to the signature file? you have an identity like frank@beans.co
that will discover a feed at some URL and a signature chain at another URL. Maybe even include the most recent signing key?
From there the client can auto discover old feeds to link them together into one complete timeline. And the signatures can validate that its all correct.
I like the idea of maybe putting the chain in the feed preamble and keeping the single self contained file.. but wonder if that would cause lots of clutter? The signature chain would be something like a log with what is changing (new key, revoke, add url) and a signature of the change + the previous signature.
# chain: ADDKEY kex14zwrx68cfkg28kjdstvcw4pslazwtgyeueqlg6z7y3f85h29crjsgfmu0w
# sig: BEGIN SALTPACK SIGNED MESSAGE. ...
# chain: ADDURL https://txt.sour.is/user/xuu
# sig: BEGIN SALTPACK SIGNED MESSAGE. ...
# chain: REVKEY kex14zwrx68cfkg28kjdstvcw4pslazwtgyeueqlg6z7y3f85h29crjsgfmu0w
# sig: ...
↳
In-reply-to
»
(#pvju5cq) @lyse This looks like a nice way to do it.
†Read More
IMO we just have to fix the identity problem and figure out how to detect or support edits.
↳
In-reply-to
»
(#pvju5cq) @lyse This looks like a nice way to do it.
†Read More
@sorenpeter@darch.dk No, this is what I want to avoid. For many reasons I stated before, content addressing or hashing is far better here for threading in a decentralized way.
↳
In-reply-to
»
(#pvju5cq) @lyse This looks like a nice way to do it.
†Read More
@prologic@twtxt.net do that mean that for every new post (not replies) the client will have to generate a UUID or similar when posting and add that to to the twt?
HaloMax Product Line for Long-Range, Low-Power Wireless Solutions
Teledaticsâ HaloMax, recently featured on CrowdSupply, is a long-range wireless module designed for applications like smart agriculture, industrial control, and HAM radio. Operating in the sub-1 GHz band, it delivers reliable, power-efficient communication over extended distances with FCC-allowed maximum output power. The HaloMax product lineup offers a range of modules and accessories tailored for long-range
MINIX U8K-ULTRA: 8K UHD Media Hub Powered by Android
MINIX U8K-ULTRA: 8K UHD Media Hub Powered by Android â Read more
↳
In-reply-to
»
(#pvju5cq) @lyse This looks like a nice way to do it.
†Read More
@lyse@lyse.isobeef.org I personally think that we just go with a magic timestamp approach. Itâs simpler and easier to implement across the major clients that are still actively developed.
The question is how much time do we give ourselves as weâre all a bit time poor and I canât imagine we would do this quickly.
↳
In-reply-to
»
Itâs one of those days.
†Read More
@movq@www.uninformativ.de if you do win the lottery, donât forget to include us so we can all join in and share the things that we like to tinker with instead of this whole rat race. đ€Ł
↳
In-reply-to
»
Getting ready for the Apple Event. Are you watching it live, @prologic, or afterwards? :-P
†Read More
@bender@twtxt.net Big photo capability upgrade?
↳
In-reply-to
»
(#mp6ox4a) @cuaxolotl Ah, thanks for reporting back! Okay, so youâre basically manually âcrawlingâ feeds right now. đ€ What do you think about the idea of adding something like
†Read More
# follow_notify = gemini://foo/bar
to your feedâs metadata, so that clients who follow you can ping that URL every now and then? How would you even notice that, do you regularly read your gemini logs? đ€
@aelaraji@aelaraji.com Nice hack! đ
↳
In-reply-to
»
Getting ready for the Apple Event. Are you watching it live, @prologic, or afterwards? :-P
†Read More
@bender@twtxt.net I doubt Iâll be able to watch it live đ€Ł But by all means, please Yarns all the goodies đ
↳
In-reply-to
»
(#c3ii7gq) @bender Ahh yeah sorry about that đ€Ł You were getting confused between salty.im and salty. The later of which salty.im actually uses and formed the basis of everything else. It's a simple robust library and command-line tools with good test coverage. The lowest building block đ
†Read More
@bender@twtxt.net Kind of mirrored the ssh
and ssh-keygen
utilities. No reason really.
↳
In-reply-to
»
(#fvxcc3q) For example:
†Read More
$ echo 'hello world' | ./salty -i ./test_ed25519 --ssh-key --sign
↳
In-reply-to
»
(#fvxcc3q) For example:
†Read More
@bender@twtxt.net Ahh yeah sorry about that đ€Ł You were getting confused between salty.im and salty. The later of which salty.im actually uses and formed the basis of everything else. Itâs a simple robust library and command-line tools with good test coverage. The lowest building block đ
↳
In-reply-to
»
(#2qn6iaa) @mckinley To answer some of your questions:
†Read More
@prologic@twtxt.net excellent, thanks!
↳
In-reply-to
»
Itâs one of those days.
†Read More
@movq@www.uninformativ.de That bad eh? đ
↳
In-reply-to
»
(#2qn6iaa) @mckinley To answer some of your questions:
†Read More
For example:
$ echo 'hello world' | ./salty -i ./test.key -s | ./salty -i ./test.key -v
# signed by: kex1yfzzthmsdlqhgwzafy9zpjze6a0asxf6y552dp4yhvq66a4jje0qxqapvd
hello world
↳
In-reply-to
»
(#2qn6iaa) @mckinley To answer some of your questions:
†Read More
@bender@twtxt.net Yes of course it can đ Sorry I missed your question on IRC đą
#MaradoWeekly #WeeklyRecord Week 37
@jmjl@tilde.green howdy! Sorry for mistaken you with https://blog.nfld.uk/ (jlj), but glad to connect. Cheers!
↳
In-reply-to
»
On the Subject of Feed Identities; I propose the following:
†Read More
@mckinley@twtxt.net To answer some of your questions:
Are SSH signatures standardized and are there robust software libraries that can handle them? Weâll need a library in at least Python and Go to provide verified feed support with the currently used clients.
We already have this. Ed25519 libraries exist for all major languages. Aside from using ssh-keygen -Y sign
and ssh-keygen -Y verify
, you can also use the salty
CLI itself (https://git.mills.io/prologic/salty), and Iâm sure there are other command-line tools that could be used too.
If we all implemented this, every twt hash would suddenly change and every conversation thread weâve ever had would at least lose its opening post.
Yes. This would happen, so weâd have to make a decision around this, either a) a cut-off point or b) some way to progressively transition.
↳
In-reply-to
»
đ§ź USERS:1 FEEDS:2 TWTS:1087 ARCHIVED:78676 CACHE:2491 FOLLOWERS:17 FOLLOWING:14
†Read More
@bender@twtxt.net Holy shit that pod is still alive?! đ€
↳
In-reply-to
»
(#pvju5cq) @falsifian In my opinion it was a mistake that we defined the first
†Read More
url
field in the feed to define the URL for hashing. It should have been the last encountered one. Then, assuming append-style feeds, you could override the old URL with a new one from a certain point on:
@sorenpeter@darch.dk WebFinger requires additional setup that whilsts helps to solve the âidentityâ problem in an âabstractâ way, that extra infra that needs to be setup a) isnât trivial and b) hard to support on âshared hostingâ.
Sharing hosting is also the reason why you canât just use part of a URL really.
On my blog: Developer Diary, Chrysanthemum Day https://john.colagioia.net/blog/2024/09/09/chrysanthemum.html #programming #project #devjournal
↳
In-reply-to
»
(#pvju5cq) @falsifian In my opinion it was a mistake that we defined the first
†Read More
url
field in the feed to define the URL for hashing. It should have been the last encountered one. Then, assuming append-style feeds, you could override the old URL with a new one from a certain point on:
how little data is needed for generating the hashes? Instead of the full URL, can we makedo with just the domain (example.net) so we avoid the conflicts with gemini://
, https://
and only http://
(like in my own twtxt.txt) or construct something like like a webfinger id nick@domain
(also used by mastodon etc.) from the domain and nick if there, else use domain as nick as well
Where all folks?!