@movq@www.uninformativ.de That makes a lot of sense. I agree it’s probably a better use of time to maintain a nice, simple website.

@movq@www.uninformativ.de That’s an excellent point, I never thought about it that way before. I have always tried to be very conservative with the CSS on my website and my class names mostly reflect what they are.

Actually, I’ve had a new part of my website almost completed for a while, but I’m hung up on it because flex boxes are pretty much required to do what I want with the home page. My stylesheet has always been valid CSS 2 and I’m not sure I want to ruin that.

@movq@www.uninformativ.de What happened to your Gopher server?

There isn’t anything too far out of the ordinary there, but I like the idea of Chimera Linux. It’s a new independent distribution, free of legacy cruft, aiming to create a simple yet practical modern desktop system. Interestingly, it uses Dinit rather than Systemd or OpenRC.

There are also a small handful of what I call “micro-distributions” like Static Linux, KISS Linux, and Oasis Linux which aim to create the simplest possible desktop Linux system while still having a usable package system. Some might (justifiably) call them toy distros, but I think they’re neat.

@prologic@twtxt.net How could I forget? :)

QOTD: What are some (GNU/|)Linux distributions that think outside the box? I’ll start.

• Bedrock Linux - A “meta distribution” that uses black magic to install packages from any distribution you can think of
  
• GoboLinux - A distribution that uses black magic to eradicate the standard filesystem hierarchy and give each package its own directory tree, e.g. /Programs/GCC/9.2.0. It’s been around for a whopping 21 years.
  

There are also the well-known ones like NixOS, Qubes, and even Gentoo but I don’t see those two mentioned very often.

@movq@www.uninformativ.de Agreed.

Whoops, I started a thread when I meant to reply to the other one. I don’t think I’ve ever done that before.

How does Gitea store repositories? Are they just bare Git repositories on the filesystem that can be cloned separately? Also, how does it handle the upstream force-pushing an empty repository? Will that destroy your archive?

@prologic@twtxt.net I’ve thought about that, but it seems awfully inefficient to host a full code forge with a Web interface just to mirror some Git repositories.

QOTD: Do you keep a personal archive of Git repositories? If so, how? My backup system is a poorly written, inefficient shell script that I run manually when I think about it and I’d like to do something about that. The Yuzu and Citra emulators were taken down recently and I have a ~3 day old backup of Yuzu’s repository but nothing for Citra.

@prologic@twtxt.net So, you’re automatically downloading videos by a select few YouTube channels and putting them into Plex? Interesting. When do you think your kids will figure out how to get around your block? :)

I agree with @sorenpeter@darch.dk. WebFinger and WebMentions are very much in the spirit of Twtxt and both of them are already in use. If we’re going to do much more than that, we should probably just use Nostr instead.

@lyse@lyse.isobeef.org The thing that really unlocked jq for me was learning how to get a TSV output. That was a complete game changer, because it meant I could easily use it in a shell pipeline. I found it to be better than gron for that purpose. Just make an array for each item containing all the values you need and pipe it to the filter @tsv.

$ # Search YouTube using the Invidious API for "never gonna give you up" and write the results to out.json
$ curl -sGL -A 'Mozilla/5.0 (Linux; x86_64) Ladybird/1.0' -o out.json --data-urlencode 'q=never gonna give you up' 'https://farside.link/invidious/api/v1/search' 
$ jq -r '.[] | select(.type == "video") | [ .title, .author, .authorVerified, .videoId ] | @tsv' out.json
Rick Astley - Never Gonna Give You Up (Official Music Video)	Rick Astley	true	dQw4w9WgXcQ
Rick Astley - Never Gonna Give You Up [Lyrics]	GlyphoricVibes	true	QdezFxHfatw
InsurAAAnce & Rick Astley Never Gonna Give You Up	CSAA Insurance Group, a AAA Insurer	true	GtL1huin9EE
[...]

@lyse@lyse.isobeef.org Blank lines help a lot.

@lyse@lyse.isobeef.org gron does something very similar with JSON. I used to use it more, but these days I just reach for jq instead.

@lyse@lyse.isobeef.org Regarding YAML’s readability, I miss the - for list items constantly when reading YAML files. I’ll get confused because I think I’m not in a list or I’m in the previous list item, then I have to go back. List items are all on the same indentation column and one tiny character is the only thing defining a new one. I don’t know if others have this problem.

I spent hours creating a perfect Prosody config for my most recent XMPP server attempt (about 2-3 years ago now) and I lost that file because I deleted the VPS. That was the only important file on there and I just didn’t think of it when I deleted it. I didn’t have a single backup, not even an old copy I scped back to my PC for editing.

I hope I won’t make that mistake again but I wouldn’t be surprised if I did.

@lyse@lyse.isobeef.org Lack of comments are definitely a shortcoming of JSON. I don’t like TOML because it lets you have nested categories ([foo] [foo.bar] [foo.baz]) and it just feels confusing to me, even with indentation. Simple INI files are okay.

The Prosody XMPP server’s configuration file is just a Lua script because Prosody is written in Lua, and that’s excellent.

@lyse@lyse.isobeef.org key=value\n or JSON. YAML is the worst and I don’t understand why it’s so popular.

@xuu@txt.sour.is You are absolutely right, that would be terrible. The whole point of Nostr is to own your identity. I don’t know what I was thinking.

Okay, is there at least a JavaScript-free Web client?

@prologic@twtxt.net has there been any development on cas.run?

Seriously, where is the suckless-style Nostr client?

@xuu@txt.sour.is That’s an interesting idea. Twt hashes still need a canonical URL to work, though.

• (3) Does Nostr require clients to download much more data than, say, Twitter? I can see it being a little more because of signatures, etc. However, text compresses well and clients should cache previous posts, anyway.

• (4) NIP-96 does HTTP file upload, XMPP style. There are some other advanced features like tipping on posts, custom emojis, and at least three conventions for selling goods and services.

Of course, not everything is available with every client and some of the specs are still being worked out. It looks promising to me, though. I like its distributed model with dumb servers and smart clients. The software will get better over time.

All three of your points on usability are definitely true, especially #3. I haven’t been able to find a good TUI client.

Regarding the technical points, it seems like there are mechanisms to address each of them. Please tell me if I’m wrong on any one of these. I have only been learning about Nostr for a short time.

1. Relays aren’t a single point of failure because a user can (and should) post to many of them. The attacker in a censorship or sabotage scenario would have to take down every one of your relays at once. If they were taken down gradually, you could replace the bad relay with a new one and advertise that one on all the other relays your followers already use. It’s much more resilient compared to twtxt.

2. Every event contains a signature from your private key, so it’s hard to spoof. NIP-10 provides a method for marking a note as a reply to another note.

Something I’ve noticed about the Nostr people is that they aren’t the same as the software minimalism people. It seems like it’s all JavaScript, Go, and Rust with dependency counts in the hundreds.

@lyse@lyse.isobeef.org

I fear it’s a rather complicated protocol.

The core protocol looks very simple but I’m sure you can get in the weeds with extensions.

you can’t really change your keys without losing your identity

I think you’re right but that seems reasonable to me. Your public key is your identity, similar to certain cryptocurrencies or Tor hidden services. Why would you want to change your key without changing your identity?

@bender@twtxt.net How so?

QOTD: What are your thoughts on nostr?

PSA: If you’re on Arch Linux and you want to use some of your own scripts on multiple machines, it is incredibly easy to write a PKGBUILD. Then, you can scp the built package around and install it with pacman -U. Let Pacman handle your dependencies so they can easily be removed later and only when they’re no longer required.

Hey, it worked! I just had to refresh the conversation page.

@xuu@txt.sour.is. Let’s see. I just followed @bender@twtxt.net and I only typed @bender just now.

@quark@ferengi.one You’re right. I thought they were addressed and I started doing @nick mentions again out of laziness. Thanks for pointing it out.

@eldersnake@we.loveprivacy.club The Linux kernel package on Arch Linux weighs 130.7 MB on its own. Any live image that fits on a CD is tiny in my book.

@lyse@lyse.isobeef.org I just might have to snag that for my ~/.local/bin. I like that magic spell using sed for --help. That’s a really smart way to do it.

@lyse@lyse.isobeef.org @bender@anthony.buc.ci I do the same. I just thought it was interesting.

@movq@www.uninformativ.de I see. It’s interesting to see commit history visualized that way.

@movq@www.uninformativ.de What happened in March of 2018 with all those commits across your projects?

Congrats!

@movq@www.uninformativ.de Yeah, it seems like that should never happen under any circumstances but that’s the best explanation I can come up with for what happened and once I fixed the space issue the other problems went away. That particular filesystem is on a LUKS device on a disk image served with NBD. The machine in question and the NBD server are both on Arch Linux so it has potentially unstable versions of all the software involved.

It’s a real house of cards and I’m not surprised something like this happened. I’m keeping lots of backups. My setup is pretty unique but I stand by my original post. Running out of space on Btrfs isn’t fun, even when it’s functioning properly.

@movq@www.uninformativ.de Pretty much. In my situation I was able to delete some files and snapshots and run a couple of different btrfs balance commands to move some allocations around. It looked like writes weren’t all committed properly to the disk but nothing told me that explicitly.

I did a system update in this state and I think I remember mkinitcpio throwing more warnings than usual but I was doing something else and I didn’t pay close attention to them. This coincided with a power outage and there was a lot of inconsistency, making me think it was hardware related. It was just btrfs, as far as I can tell, and I fixed it by reinstalling all the packages on the system once there was enough room. Luckily, I hadn’t done anything important with that computer after the system update.

@prologic@twtxt.net That looks pretty nice. It seems like the pricing model is reasonable as well. They don’t try to nickel-and-dime you with features most people would probably need like others I’ve seen. Good luck with it.

@prologic@twtxt.net It’s true that the major players in the WYSIWYG-website-for-dummies industry not only function poorly but are also proprietary SaaS garbage. However, I don’t know if it’s really possible to make them function any better. HTML and CSS just aren’t made for that.

@prologic@twtxt.net Probably not the most helpful reply, but I posted my thoughts in a note. Websites are really complicated and there’s a lot that goes into making one. When you put too many layers of abstraction on it, you have to cut corners somewhere.

@xuu@txt.sour.is ungoogled-chromium strips out the rest of it. Librewolf is my browser of choice and it has been for a couple years now. I like it a lot. It’s basically un-Mozilla’d Firefox.

@thecanine@twtxt.net That bit about haveibeentrained.com is wild. Do you have a source for that?

@lyse@lyse.isobeef.org I also can’t find the user agent string they use, which seems like it would be important information.

A Good HP Laptop: https://mckinley.cc/blog/20240123.xhtml

I had so many complaints about this Web page it wouldn’t fit in a twt. https://mckinley.cc/notes/20240122-terrible-website.xhtml

@prologic@twtxt.net Well, he did create a file system. That would probably drive a normal person to madness, if you didn’t have to be crazy to do it in the first place.

@movq@www.uninformativ.de Haha, me too. I could have sworn I heard a fiddle when I rebooted.

Basically NBD for DOS, that’s pretty cool.

@eapl.me@eapl.me There is HTTPS but it doesn’t seem to be enforced. My browser always connects with TLS if it’s available and the message is present with or without TLS or extensions, even when using cURL. I would notice if my VPN service injected things like this because I disable JavaScript and cookies by default. I think it’s unlikely I’m being MiTMed because the certificate is definitely from Let’s Encrypt. Also, I don’t see the point in MiTMing me just to put a JavaScript challenge on someone’s personal website.

I still think it’s a hosting provider thing. It doesn’t really matter to me, I’m just curious.

@xuu@txt.sour.is I caught AT&T doing this last year. They were also hijacking DNS queries if I remember correctly.

@movq@www.uninformativ.de Today I learned this package is installed on my computer. Unnecessary dependencies are really annoying on Arch. If I switch to Gentoo this will be a major reason why.

@sorenpeter@darch.dk If I go to your website, it makes my browser complete a JavaScript challenge and send the result to a special location on your domain using a form called “wsidchk”. After I complete that I get a cookie and I can browse your website freely. It isn’t Cloudflare. I imagine it’s because I’m using a VPN service with somewhat disreputable IP addresses. Is this something your hosting provider does automatically?

@sorenpeter@darch.dk Looks good, but how come I have to enable JavaScript and cookies to “verify” my request? It doesn’t look like Cloudflare.

@lyse@lyse.isobeef.org Ubuntu was the first distribution I used. I didn’t know what I was doing and broke the bootloader trying to do something related to dual booting and I couldn’t figure out how to fix it. I went back to Windows after that.

Many still recommend it as a first distribution. While I’m sure it’s still well polished and easy to use, I don’t like Ubuntu because of Canonical’s shady practices in the past and their move toward Snaps instead of Debian-style packages.

SpiralLinux seems like the best of both worlds. I’m really very impressed. If you are looking for a distribution for some one who isn’t so technical, but also something easy to fix when it breaks, consider looking into it. Use a different password for root, restrict sudo, mount /home with noexec, configure unattended upgrades, and I think it’d be very solid. It is just Debian Stable after all.

First Impressions of SpiralLinux: https://mckinley.cc/blog/20231029.xhtml

Does anyone have any personal experience with Spiral Linux? It is just preconfigured Debian + your choice of DE installed with Calamares. After the installation is completed, you aren’t dependent on anything except the existing Debian infrastructure which is, of course, rock-solid.

@lyse@lyse.isobeef.org I read this as “files” until I realized that you probably aren’t talking about JPEGs of apples.

I just caught a bit flip in a tmpfs. The 42 MiB file only existed for about 3 minutes before the error was first detected by the FLAC decoder. Very unlikely.

$ xxd -b ../08.\ New\ World\ Rising.flac >old
$ xxd -b 08.\ New\ World\ Rising.flac >new
$ diff old new
2959577c2959577
< 010ef510: 11110011 01001010 11111010 10011111 11110011 00111011  .J...;
---
> 010ef510: 11110011 11001010 11111010 10011111 11110011 00111011  .....;

@prologic@twtxt.net They can’t win unless they do it cryptographically, i.e. with real DRM. Even then, I think it’s still easy enough to extract a Widevine L3 key from an Android phone.

An update on the NTFS situation: I got a reproducible ntfs3-related kernel panic on my server just by reading every file with md5sum on the NTFS I actually want to back up with ntfsclone. It very well could have been related to mounting it partition read-only or using a USB to SATA adapter. I’ll try it again another time, probably on a machine that isn’t doing anything else important. I don’t know if I finally encountered the instability they talk about on Arch or if the ntfs3 driver just isn’t there yet. ntfs-3g has been okay for reads in my experience, but I’ve had issues writing.

@xuu@txt.sour.is As it turns out, btrfs is very cool. I’ve always used one big root partition, but getting the advantages of root+home partitions with no downside is just one reason why I’ll probably use btrfs on my next OS install. It could be a while, I’m a little sentimental about this one on ext4.

$ head -n 1 /var/log/pacman.log 
[2021-08-15T21:36:08+0000] [PACMAN] Running 'pacman -r /mnt -Sy --cachedir=/mnt/var/cache/pacman/pkg --noconfirm base linux linux-firmware networkmanager nm-applet i3wm base-devel vim'

I don’t have this problem :) https://mckinley.cc/blog/20220506.xhtml

I’ve started working on an update to that post at least 3 times in the past year, maybe now is the time to get it out.

The future of the Web, as of 2000: https://mckinley.cc/notes/20231013-xhtml-for-dummies.xhtml

@movq@www.uninformativ.de RFC 3339 is where it’s at

@darch@neotxt.dk Thank you, but the first four of those have no license. I only want to include software with a posted free software license on the list. I will add twtxt-php, though.

Everyone: If I’m missing anything on groovy-twtxt please let me know.

It’s also an opportunity to mess with btrfs, which I hear is also very cool.

@mckinley@mckinley.cc I am testing some of the ntfsprogs with the ntfs3 driver on a drive with unimportant data to make sure they can reasonably be expected to do their jobs. Yesterday evening, I started ntfsresize while SSHed from my laptop right before I realized I needed to go somewhere, with my laptop. Usually, I’m pretty good at starting a tmux session before doing something like that, but reptyr saved me and all the data is intact, which is very cool.

@prologic@twtxt.net Don’t forget https://git.mills.io/mckinley/groovy-twtxt !

@movq@www.uninformativ.de It’s an e-ink display, which makes it a little more practical from a design perspective, but it’s still completely ridiculous.

@prologic@twtxt.net In that paragraph, I was comparing it to iOS devices because you cannot install another operating system on them. That is the point of Microsoft® Secure Boot after all.

Another thing about i{Pad,}OS, it’s impossible to use it without an online account with the operating system vendor. Windows, of course, is getting increasingly harder to use without a Microsoft account. The goal is clear.

@prologic@twtxt.net I wouldn’t want to give away my location, now, would I?

@lyse@lyse.isobeef.org That’s already the case where I live. There are also some DMV kiosks in public places, usually grocery stores, and you can renew your registration right there. If I remember correctly, it will even print your updated registration and give you the sticker for your license plate so you don’t have to wait for the mail.

That article links to this one.

So, you buy a new computer for $800 and you have to pay a subscription just to use it? There’s no doubt the subscription will start out optional, but if things continue the way they’re going we will get there. When that day comes, the general public will get out their credit cards and do what the computer says. I have no faith whatsoever that they won’t.

Of course, by that time, I imagine you won’t be able to turn off Secure Boot or enroll your own keys on most computers, making your computer an appliance completely owned by Microsoft, just like an iPad is completely owned by Apple.

@lyse@lyse.isobeef.org The thing is, if it didn’t connect to the Internet on its own, it would be basically fine. You could make a device like this that communicates directly with an app on your phone. The app would spy on you, I’m sure, but just about all of the user-facing features I can see could be done in the app alone and the plate could be updated over Bluetooth or something. You could prevent people from incorrectly changing their registration year or plate number with cryptographic signatures from either Reviver or the DMV, which I hope they’re doing already.

Of course, on a phone, you have all those pesky permissions that people can turn off.

@movq@www.uninformativ.de Yes, you can only get a number in the US or Canada for now.

@mckinley@mckinley.cc I figured it out: Digital License Plates Considered Harmful

Wireguard is incredible.

I have an old smartphone but it doesn’t leave my house. I plan to switch to jmp.chat soon and start using my laptop instead.

@movq@www.uninformativ.de Maybe you just got better at the game. I hope 2005 isn’t considered “retro” yet.

QOTD: Aside from work, what technology related events do you attend in the real world? Are you part of any social clubs dedicated to technology, e.g. user groups?

@abucci@anthony.buc.ci If Google is suggesting you do something, it’s probably a good idea to do the opposite.

@prologic@twtxt.net It’s more likely that someone gets unauthorized access to your computer and deletes your account through the web UI. You should probably have to type in your password to delete your account.

@stigatle@yarn.stigatle.no I don’t have anything to report. I was wondering if anyone was having a more interesting weekend. Is a busy weekend an interesting one?

@darch@neotxt.dk Maybe I don’t have the right idea of what lists are. Why do they need to be in a user’s public feed in the first place? I thought it was just a function of Yarn as a twtxt client that would allow one to sort their followed feeds into lists to make it easier to digest your timeline.

@darch@neotxt.dk So, the format is based on the metadata extension? Why not just $NICK\t$URL\n?

What are we up to this weekend?

@abucci@anthony.buc.ci I’m glad it’s not just me.

@lyse@lyse.isobeef.org I will occasionally get some command (or even certain arguments for a command) in muscle memory and type it by accident instead of the one I want. It hasn’t been disastrous yet, but it has cost me some time.

I also find that I compulsively type ‘ls’ whenever I’m in a terminal, even if I don’t need it. It’s strange.

I’ve been using Grim to take my screenshots on Sway since I started using it in April 2022 and I don’t recall giving it explicit permission to do so. This issue suggests Sway doesn’t yet support restricting screencopy.

@adi@twtxt.net Huh, you’re right. I never thought about that.

@adi@twtxt.net I see where you’re coming from. There is something to completely understanding a piece of software, reading all the documentation, and writing a config file by hand. However, if you aren’t doing it as a hobby project and you aren’t being paid a lot of money to do it “right” I definitely see the appeal of Docker. I started using it for some of the more annoying software packages when I set up my home server.

@prologic@twtxt.net There’s always Jabber :)

@abucci@anthony.buc.ci Thank you very much. I am paying an absurd amount to my current phone provider and it’s time to start considering other options.