mckinley

twtxt.net

A guy on the internet. https://mckinley.cc/

Recent twts from mckinley
In-reply-to » Epic Games Sues Google and Samsung Over App Store Restrictions Epic Games filed a new antitrust lawsuit against Google and Samsung, alleging they conspired to undermine third-party app stores. The suit focuses on Samsung's "Auto Blocker" feature, now enabled by default on new phones, which restricts app installations to "authorized sources" - primarily Google and Samsung's stores.

Context for those who donā€™t know: Epic Games is the company behind the hugely popular video game Fortnite. As far as I know, the core game is still free-to-play and supported by microtransactions. Itā€™s available on Windows, consoles, and mobile platforms. They sued Apple a few years ago because they felt the 30% cut Apple takes for in-app purchases was unreasonable and that they should be allowed to distribute their software independently of the App Store. It didnā€™t turn out so well for them. https://en.wikipedia.org/wiki/Epic_Games_v._Apple

ā¤‹ Read More
In-reply-to » Epic Games Sues Google and Samsung Over App Store Restrictions Epic Games filed a new antitrust lawsuit against Google and Samsung, alleging they conspired to undermine third-party app stores. The suit focuses on Samsung's "Auto Blocker" feature, now enabled by default on new phones, which restricts app installations to "authorized sources" - primarily Google and Samsung's stores.

@slashdot@feeds.twtxt.net They must have spent such an ungodly amount in legal fees by now that I wonder if theyā€™ll come out of this in the green if they get to keep all the money from in-app purchases. Donā€™t get me wrong, Iā€™m glad theyā€™re doing it, but I think thereā€™s a reason why Epic Games is the only one fighting for app store neutrality.

ā¤‹ Read More
In-reply-to » @lyse that -P is a life saver when running rsync over spotty connections. In my very illiterate opinion, it should always be a default.

@lyse@lyse.isobeef.org If rsync is interrupted, it doesnā€™t delete any files that were transferred completely so it will ā€œresumeā€ from that last complete transfer. However, it does delete any partially transferred file. --partial keeps that partial file around on the destination machine so it can continue right where it left off.

ā¤‹ Read More
In-reply-to » Been trying to get acquainted with rsync(1) but, whenever I Tab for completion and get this:

I usually end up using -rtz because Iā€™m usually not 100% sure all the permissions and ownership information are right and I hate littering directories with inconsistent permissions. For a big transfer, Iā€™ll start with -rtvz --stats --dry-run and make sure itā€™s only transferring the files it should, then Iā€™ll do -rtz --stats --info=progress2 --no-i-r to get one progress bar to watch for the whole transfer.

ā¤‹ Read More
In-reply-to » Tor Project Merges With Tails The Tor Project: Today the Tor Project, a global non-profit developing tools for online privacy and anonymity, and Tails, a portable operating system that uses Tor to protect users from digital surveillance, have joined forces and merged operations. Incorporating Tails into the Tor Project's structure allows for easier collaboration, better sustainability, reduced overhead, and expanded training and outreach program ... āŒ˜ Read more

@slashdot@feeds.twtxt.net This is exciting news! Two of the most important privacy tools joining forces. Now, if we could get a Monero wallet included in Tails alongside Electrum, weā€™d really have something. :)

ā¤‹ Read More
In-reply-to » Been trying to get acquainted with rsync(1) but, whenever I Tab for completion and get this:

@aelaraji@aelaraji.com Rsync has a ton of options and I probably still havenā€™t scratched the surface, but I was able to memorize the options I actually need for day-to-day work in a relatively short time. I guess Iā€™m the opposite of you, because I donā€™t know any scp(1) options.

ā¤‹ Read More
In-reply-to » Ever wondered what it would cost to self-hosted vs. use the cloud? Well I often doubt myself every time I look at hardware prices, and I know I have to do some hardware refresh soonā„¢ for the Mills DC (something I don't have a regular plan or budget for), here's a rough ball park:

@prologic@twtxt.net Youā€™ve done extremely well for ~$125/month, but thatā€™s not figuring in labor. Iā€™m sure youā€™ve put a lot of hours into maintenance in the last 10 years.

ā¤‹ Read More

Can anyone recommend a decent Android ROM that strips out as much of the spyware as possible? Is GrapheneOS a good option? I need to get a new phone anyway so I donā€™t mind buying within a supported device list as long as I can get one on the used market for $300-$400 or less.

If anyone could recommend some learning resources for this stuff Iā€™d really appreciate it.

ā¤‹ Read More
In-reply-to » The tag URI scheme looks interesting. I like that it human read- and writable. And since we already got the timestamp in the twtxt.txt it would be somewhat trivial to parse. But there are still the issue with what the name/id should be... Maybe it doesn't have to bee that stick?

@sorenpeter@darch.dk All valid points. Maybe the correct way to do it should be to start a new feed at the new URL rather than move the feed and break all the hashes.

ā¤‹ Read More
In-reply-to » @sorenpeter

@aelaraji@aelaraji.com

switch a couple of twt timestamps

The hashes would change and your posts would become detached from their replies. Clients might still have the old one cached, so you might just create a duplicate without replies depending on an observerā€™s client.

add in 3 different twts manually with the same time stamp

The existing hash system should be able to keep them separate as long as the content is different. Iā€™m not sure if there are additional implementation-related caveats there.

ā¤‹ Read More
In-reply-to » @prologic Some criticisms and a possible alternative direction:

@falsifian@www.falsifian.org @prologic@twtxt.net @sorenpeter@darch.dk @lyse@lyse.isobeef.org I think, maybe, the way forward here is to combine an unchanging feed identifier (e.g. a public key fingerprint) with a longer hash to create a ā€œtwt hash v2ā€ spec. v1 hashes can continue to be used for old conversations depending on client support.

ā¤‹ Read More
In-reply-to » The tag URI scheme looks interesting. I like that it human read- and writable. And since we already got the timestamp in the twtxt.txt it would be somewhat trivial to parse. But there are still the issue with what the name/id should be... Maybe it doesn't have to bee that stick?

@sorenpeter@darch.dk That could work. There are a few things that jump out at me.

  1. Nicknames on twtxt have historically been set on the client end. The nick metadata field is an optional add-on to the spec. Iā€™m not sure it should be in the reply tag because it could differ between clients.
  2. URLs are safer to use, and we use them in the hash currently, but they can still change and weā€™re back to square 1. Feeds ought to have some kind of persistent identifier for this reason, which is why weā€™ve been discussing cryptographic keys and tag URIs in the first place.
  3. The current twt hash spec mandates collapsing the timestamp to seconds precision. If those rules are kept, two posts made within the same second will not be separate when someone replies.

ā¤‹ Read More
In-reply-to » @prologic Some criticisms and a possible alternative direction:

@falsifian@www.falsifian.org TLS wonā€™t help you if you change your domain name. How will people know if itā€™s really you? Maybe thatā€™s not the biggest problem for something with such low stakes as twtxt, but itā€™s a reasonable concern that could be solved using signatures from an unchanging cryptographic key.

This idea is the basis of Nostr. Notes can be posted to many relays and every note is signed with your private key. It doesnā€™t matter where you get the note from, your client can verify its authenticity. That way, relays donā€™t need to be trusted.

ā¤‹ Read More
In-reply-to » @prologic Some criticisms and a possible alternative direction:

@falsifian@www.falsifian.org

Key rotation

Key rotation is useful for security reasons, but I donā€™t think itā€™s necessary here because itā€™s only used for verifying oneā€™s identity. Itā€™s no different (to me) than Nostr or a cryptocurrency. You change your key, you change your identity.

It makes maintaining a feed more complicated.

This is an additional step that youā€™d have to perform, but I definitely wouldnā€™t want to require it for compatibility reasons. I donā€™t see it as any more complicated than computing twt hashes for each post, which already requires you to have a non-trivial client application.

Instead, maybeā€¦allow old urls to be rotated out?

That could absolutely work and might be a better solution than signatures.

HTTPS is supposed to do [verification] anyway.

TLS provides verification that nobody is tampering with or snooping on your connection to a server. It doesnā€™t, for example, verify that a file downloaded from server A is from the same entity as the one from server B.

feed locations [being] URLs gives some flexibility

It does give flexibility, but perhaps we should have made them URIs instead for even more flexibility. Then, you could use a tag URI, urn:uuid:*, or a regular old URL if you wanted to. The spec seems to indicate that the url tag should be a working URL that clients can use to find a copy of the feed, optionally at multiple locations. Iā€™m not very familiar with IP{F,N}S but if it ensures you own an identifier forever and that identifier points to a current copy of your feed, it could be a great way to fix it on an individual basis without breaking any specs :)

ā¤‹ Read More
In-reply-to » On the Subject of Feed Identities; I propose the following:

My first thought when reading this was to go to my typical response and suggest we use Nostr instead of introducing cryptography to Twtxt. The more I thought about it, however, the more it made sense.

  1. It solves the problem elegantly, because the feed can move anywhere and the twt hashes will remain the same.
  2. It provides proof that a post is made by the same entity as another post.
  3. It doesnā€™t break existing clients.
  4. Everyone already has SSH on their machine, so anyone creating feeds manually could adopt this easily.

There are a couple of elephants in the room that we ought to talk about.

  1. Are SSH signatures standardized and are there robust software libraries that can handle them? Weā€™ll need a library in at least Python and Go to provide verified feed support with the currently used clients.
  2. If we all implemented this, every twt hash would suddenly change and every conversation thread weā€™ve ever had would at least lose its opening post.

ā¤‹ Read More
In-reply-to » Bluesky Adds 2 Million New Users After Brazil's X Ban In the days following Brazil's shutdown of X, the decentralized social networking startup Bluesky added over 2 million new users, up from just half a million as of Friday. "This rapid growth led some users to encounter the occasional error that would state there were 'Not Enough Resources' to handle requests, as Bluesky engineers scrambled to keep the servers stable un ... āŒ˜ Read more

@prologic@twtxt.net Itā€™s pretty hard, actually. There will either be more friction than people will accept (BitTorrent) or it wonā€™t be decentralized in practice (LBRY/Odysee).

@bender@twtxt.net , do you depend on first-party Bluesky servers for the client application?

ā¤‹ Read More
In-reply-to » Samsung TVs Will Get 7 Years of Free Tizen OS Upgrades Samsung Electronics said it will provide Tizen OS updates for its newer TVs for at least seven years, starting with models released in March this year and some 2023 models. Business Korea reports: [Yoon Seok-woo, President of Samsung Electronics' Visual Display Business Division] emphasized that the seven-year free upgrade for Tizen applied to AI TVs would ... āŒ˜ Read more

@slashdot@feeds.twtxt.net Never connect a TV to the Internet and then it will work for even longer than 7 years.

ā¤‹ Read More
In-reply-to » It's a crime that Slow Motion by Supertramp isn't available on any of the streaming services. It might even be the Crime of the Century.

@bender@twtxt.net The whole album, itā€™s pretty good. Itā€™s available on YouTube but itā€™s missing from all the music streaming services (Spotify, Tidal, Qobuz, Deezer, etc). I especially like Tenth Avenue Breakdown.

ā¤‹ Read More
In-reply-to » Transformed four kilograms of blackberries into a bit over three kilograms of blackberry jelly. https://lyse.isobeef.org/brombeergelee-2024-08-19/ The leftover jelly did not fit in prepared canning jars, so I dumped it in a regular drinking glass (which was a mustard glass in its former life): Media The rest is cooling off on the bench outside.

@lyse@lyse.isobeef.org We have some native blackberry species but around here (Northern California) we have Himalayan blackberry bushes which are very invasive. They match your description but I donā€™t know much about the different species. If left unchecked in an area with plenty of sun, theyā€™ll smother all the lower plants and expand until they canā€™t anymore.

ā¤‹ Read More
In-reply-to » @movq There's a lot going on on Usenet, but it's all in alt.binaries and co.

@movq@www.uninformativ.de Right. I wonder if Usenet would have faded away earlier if it wasnā€™t for file sharing. Itā€™s only still in use for that because the annoying parts have been papered over with easy-to-use software and the protocol offers unique characteristics that make it almost perfect for that sort of thing.

ā¤‹ Read More
In-reply-to » Transformed four kilograms of blackberries into a bit over three kilograms of blackberry jelly. https://lyse.isobeef.org/brombeergelee-2024-08-19/ The leftover jelly did not fit in prepared canning jars, so I dumped it in a regular drinking glass (which was a mustard glass in its former life): Media The rest is cooling off on the bench outside.

@lyse@lyse.isobeef.org Nice. Thereā€™s a park here in town with giant blackberry bushes everywhere. Theyā€™re my favorite invasive species.

ā¤‹ Read More
In-reply-to » VPN Apps Vanish from Brazilian App Store Dozens of VPN apps have vanished from Brazil's Apple App Store, including popular services NordVPN, ExpressVPN, and Surfshark. Simone Magliano, Head of Research at Top10VPN, reports that at least 30 VPN apps have become unavailable, though their store listings remained visible. Proton VPN, a major free VPN provider, confirmed the App Store issues, speculating it could be "a bug, or Apple impleme ... āŒ˜ Read more

@slashdot@feeds.twtxt.net This is an arms race the Brazilian government (or any government, for that matter) canā€™t win unless they effectively disconnect their entire country from the Internet.

ā¤‹ Read More
In-reply-to » mp3fs: https://khenriks.github.io/mp3fs/

@prologic@twtxt.net Do you really need FUSE for that? I think that could be done with a process watching a directory on a regular filesystem and deleting the oldest files as the combined size reaches that cap. Iā€™m sure someoneā€™s done that already.

ā¤‹ Read More
In-reply-to » Also, why isn't shellcheck being used here? It would have picked this (contrived) example up?

@bender@twtxt.net They must be statically compiling all those Haskell libraries on Ubuntu. This seems to be how it is with every Haskell package on Arch. Pandoc has 180 of its own un-shared dependencies on my system.

ā¤‹ Read More
In-reply-to » I love shell scripts because theyā€™re so pragmatic and often allow me to get jobs done really quickly.

This one got me. I try to stick to POSIX sh so Iā€™m not super familiar with the behavior of [[]]. I definitely should have gotten -eq, though.

ā¤‹ Read More
In-reply-to » ICANN Reserves .Internal For Private Use at the DNS Level The Internet Corporation for Assigned Names and Numbers (ICANN) has agreed to reserve the .internal top-level domain so it can become the equivalent to using the 10.0.0.0, 172.16.0.0 and 192.168.0.0 IPv4 address blocks for internal networks. From a report: Those blocks are reserved for private use by the Internet Assigned Numbers Authority, which ... āŒ˜ Read more

@bender@twtxt.net If anything was going to be an NFT, a domain name would probably make the most sense, but I donā€™t think that system would be any better than the current one and it would make domain squatting even worse.

ā¤‹ Read More
In-reply-to » ICANN Reserves .Internal For Private Use at the DNS Level The Internet Corporation for Assigned Names and Numbers (ICANN) has agreed to reserve the .internal top-level domain so it can become the equivalent to using the 10.0.0.0, 172.16.0.0 and 192.168.0.0 IPv4 address blocks for internal networks. From a report: Those blocks are reserved for private use by the Internet Assigned Numbers Authority, which ... āŒ˜ Read more

@movq@www.uninformativ.de Weā€™ve had .home.arpa for a while but it just doesnā€™t feel natural to type. Iā€™ve been using .internal.

Side note: I didnā€™t realize the .box TLD was finally live. Looks like domains are super expensive and also NFTs for some reason. Shame. https://my.box/

ā¤‹ Read More
In-reply-to » ICANN Reserves .Internal For Private Use at the DNS Level The Internet Corporation for Assigned Names and Numbers (ICANN) has agreed to reserve the .internal top-level domain so it can become the equivalent to using the 10.0.0.0, 172.16.0.0 and 192.168.0.0 IPv4 address blocks for internal networks. From a report: Those blocks are reserved for private use by the Internet Assigned Numbers Authority, which ... āŒ˜ Read more

@slashdot@feeds.twtxt.net Iā€™m surprised this took so long to become standardized.

ā¤‹ Read More
In-reply-to » @bender The status of the disks and the backup jobs from Scrutiny and Healthchecks respectively. Green means everything is fine, red or orange means it needs my attention.

@prologic@twtxt.net No cloud at all. Healthchecks, which does have a hosted offering, is definitely designed for more serious organizations than ā€œMcKinley Labsā€. It has separate users, permissions, all kinds of crazy features I donā€™t need at all. I definitely wouldnā€™t be using it if there wasnā€™t a linuxserver.io image and Iā€™d like to use something simpler but I donā€™t know of anything else thatā€™s completely self hosted.

ā¤‹ Read More
In-reply-to » I recently installed Scrutiny for disk health monitoring and Healthchecks for cron job monitoring. They both have nice Web UIs and alert functionality, but I hacked together a little status report that runs whenever I log into my server using their APIs.

@bender@twtxt.net The status of the disks and the backup jobs from Scrutiny and Healthchecks respectively. Green means everything is fine, red or orange means it needs my attention.

ā¤‹ Read More
In-reply-to » The end-to-end encryption means very little if you have your messages backed up in iCloud because the encryption keys are also stored with the messages in iCloud according to this FBI document. If that's the case, Apple can definitely read your messages as well as (obviously) any government agency who can make a legal request to Apple.

@bender@twtxt.net Thatā€™s great, actually, but itā€™s a shame you have to opt in to it.

ā¤‹ Read More
In-reply-to » @prologic I thought you were one of the people telling me how great it was. It is a Go project, after all. What do you usually use? I always find myself spending a lot of time making Nginx do what I want and I don't think I've ever had automatic certificate renewal work the first time.

@prologic@twtxt.net Ah yes, the other Go reverse proxy. Caddy seems simpler to me, more like Nginx with better defaults and a built-in ACME client. Traefik seems to have way more bells and whistles for all kinds of crazy setups when I only need to map domain names to containername:port pairs.

ā¤‹ Read More
In-reply-to » I finally gave in and tried out Caddy. It's about as great as everyone says it is.

All the ā€œmagicā€ might be nice in the short term, but as it becomes the default it can paper over some really questionable decisions when itā€™s too late to change them. This can be applied to a number of things in computing but the best example I can think of is networking. (Side note: Thatā€™s one of my favorite blog posts ever.)

Things start out simple and got more complicated until someone figures out how to cover up the mess. Then, since nobody wants to get in there and fix it properly and everyone else has already moved on, we just ignore whatā€™s behind the curtain and hope it all keeps working.

ā¤‹ Read More
In-reply-to » (#dusjj6a) @lyse As far as I know, they're still visible in the Web UI. Although, in the mobile app and youtube.com, I believe it tells you that the video isn't available without having to click on it. They don't tell you that in the RSS feed, and I agree; it gets annoying.

Definitely something going on here. Cloudflare is my main suspect.

ā¤‹ Read More
In-reply-to » I finally gave in and tried out Caddy. It's about as great as everyone says it is.

@prologic@twtxt.net I thought you were one of the people telling me how great it was. It is a Go project, after all. What do you usually use? I always find myself spending a lot of time making Nginx do what I want and I donā€™t think Iā€™ve ever had automatic certificate renewal work the first time.

Caddy just works. I have some self-hosted Web services with easy-to-remember subdomains that only exist on my Wireguard network with a valid Letā€™s Encrypt (wildcard) certificate so browsers donā€™t complain. It should be automatically renewed without my input but weā€™ll see what happens. It took shockingly little effort, even considering I need to customize the Docker image and create API keys so it can solve a DNS challenge using my provider.

Iā€™m still not thrilled about using software that does magic for you (like Docker and Caddy) but it sure makes things easy.

ā¤‹ Read More
In-reply-to » @bender Messages (formally known as iMessages) has always lacked e2e encryption though and often falls back to using SMS which is worse for security and privacy. -- OTOH this might be all changing for the better with Google lounging for a new standard? šŸ¤” (Although I do have to wonder: "What's in it for Google?")

The end-to-end encryption means very little if you have your messages backed up in iCloud because the encryption keys are also stored with the messages in iCloud according to this FBI document. If thatā€™s the case, Apple can definitely read your messages as well as (obviously) any government agency who can make a legal request to Apple.

ā¤‹ Read More
In-reply-to » The ā€œMatrix Experimentā€, i.e. running a Matrix server for our family, has failed completely and miserably. People donā€™t accept it. They attribute unrelated things to it, like ā€œI canā€™t send messages to you, I donā€™t reach you! It doesnā€™t work!ā€ Yes, you do, I get those messages, I just donā€™t reply quickly enough because Iā€™m at work or simply doing something else.

@movq@www.uninformativ.de Group chat is still pretty rough around the edges, especially if you want encryption. I donā€™t use it with my friends. If you need group chat, itā€™s probably better to use something else.

ā¤‹ Read More