I spent hours creating a perfect Prosody config for my most recent XMPP server attempt (about 2-3 years ago now) and I lost that file because I deleted the VPS. That was the only important file on there and I just didn’t think of it when I deleted it. I didn’t have a single backup, not even an old copy I scped back to my PC for editing.

I hope I won’t make that mistake again but I wouldn’t be surprised if I did.

@lyse@lyse.isobeef.org Lack of comments are definitely a shortcoming of JSON. I don’t like TOML because it lets you have nested categories ([foo] [foo.bar] [foo.baz]) and it just feels confusing to me, even with indentation. Simple INI files are okay.

The Prosody XMPP server’s configuration file is just a Lua script because Prosody is written in Lua, and that’s excellent.

@lyse@lyse.isobeef.org key=value\n or JSON. YAML is the worst and I don’t understand why it’s so popular.

@xuu You are absolutely right, that would be terrible. The whole point of Nostr is to own your identity. I don’t know what I was thinking.

Okay, is there at least a JavaScript-free Web client?

@prologic@twtxt.net has there been any development on cas.run?

Seriously, where is the suckless-style Nostr client?

@xuu@txt.sour.is That’s an interesting idea. Twt hashes still need a canonical URL to work, though.

• (3) Does Nostr require clients to download much more data than, say, Twitter? I can see it being a little more because of signatures, etc. However, text compresses well and clients should cache previous posts, anyway.

• (4) NIP-96 does HTTP file upload, XMPP style. There are some other advanced features like tipping on posts, custom emojis, and at least three conventions for selling goods and services.

Of course, not everything is available with every client and some of the specs are still being worked out. It looks promising to me, though. I like its distributed model with dumb servers and smart clients. The software will get better over time.

All three of your points on usability are definitely true, especially #3. I haven’t been able to find a good TUI client.

Regarding the technical points, it seems like there are mechanisms to address each of them. Please tell me if I’m wrong on any one of these. I have only been learning about Nostr for a short time.

1. Relays aren’t a single point of failure because a user can (and should) post to many of them. The attacker in a censorship or sabotage scenario would have to take down every one of your relays at once. If they were taken down gradually, you could replace the bad relay with a new one and advertise that one on all the other relays your followers already use. It’s much more resilient compared to twtxt.

2. Every event contains a signature from your private key, so it’s hard to spoof. NIP-10 provides a method for marking a note as a reply to another note.

Something I’ve noticed about the Nostr people is that they aren’t the same as the software minimalism people. It seems like it’s all JavaScript, Go, and Rust with dependency counts in the hundreds.

@lyse@lyse.isobeef.org

I fear it’s a rather complicated protocol.

The core protocol looks very simple but I’m sure you can get in the weeds with extensions.

you can’t really change your keys without losing your identity

I think you’re right but that seems reasonable to me. Your public key is your identity, similar to certain cryptocurrencies or Tor hidden services. Why would you want to change your key without changing your identity?

@bender@twtxt.net How so?

QOTD: What are your thoughts on nostr?

PSA: If you’re on Arch Linux and you want to use some of your own scripts on multiple machines, it is incredibly easy to write a PKGBUILD. Then, you can scp the built package around and install it with pacman -U. Let Pacman handle your dependencies so they can easily be removed later and only when they’re no longer required.

Hey, it worked! I just had to refresh the conversation page.

@xuu. Let’s see. I just followed @bender@twtxt.net and I only typed @bender just now.

@quark@ferengi.one You’re right. I thought they were addressed and I started doing @nick mentions again out of laziness. Thanks for pointing it out.

@eldersnake@we.loveprivacy.club The Linux kernel package on Arch Linux weighs 130.7 MB on its own. Any live image that fits on a CD is tiny in my book.

@lyse@lyse.isobeef.org I just might have to snag that for my ~/.local/bin. I like that magic spell using sed for --help. That’s a really smart way to do it.

@lyse@lyse.isobeef.org @bender@anthony.buc.ci I do the same. I just thought it was interesting.

@movq@www.uninformativ.de I see. It’s interesting to see commit history visualized that way.

@movq@www.uninformativ.de What happened in March of 2018 with all those commits across your projects?

Congrats!

@movq@www.uninformativ.de Yeah, it seems like that should never happen under any circumstances but that’s the best explanation I can come up with for what happened and once I fixed the space issue the other problems went away. That particular filesystem is on a LUKS device on a disk image served with NBD. The machine in question and the NBD server are both on Arch Linux so it has potentially unstable versions of all the software involved.

It’s a real house of cards and I’m not surprised something like this happened. I’m keeping lots of backups. My setup is pretty unique but I stand by my original post. Running out of space on Btrfs isn’t fun, even when it’s functioning properly.

@movq@www.uninformativ.de Pretty much. In my situation I was able to delete some files and snapshots and run a couple of different btrfs balance commands to move some allocations around. It looked like writes weren’t all committed properly to the disk but nothing told me that explicitly.

I did a system update in this state and I think I remember mkinitcpio throwing more warnings than usual but I was doing something else and I didn’t pay close attention to them. This coincided with a power outage and there was a lot of inconsistency, making me think it was hardware related. It was just btrfs, as far as I can tell, and I fixed it by reinstalling all the packages on the system once there was enough room. Luckily, I hadn’t done anything important with that computer after the system update.

@prologic@twtxt.net That looks pretty nice. It seems like the pricing model is reasonable as well. They don’t try to nickel-and-dime you with features most people would probably need like others I’ve seen. Good luck with it.

@prologic@twtxt.net It’s true that the major players in the WYSIWYG-website-for-dummies industry not only function poorly but are also proprietary SaaS garbage. However, I don’t know if it’s really possible to make them function any better. HTML and CSS just aren’t made for that.

@prologic@twtxt.net Probably not the most helpful reply, but I posted my thoughts in a note. Websites are really complicated and there’s a lot that goes into making one. When you put too many layers of abstraction on it, you have to cut corners somewhere.

@xuu ungoogled-chromium strips out the rest of it. Librewolf is my browser of choice and it has been for a couple years now. I like it a lot. It’s basically un-Mozilla’d Firefox.

@thecanine@twtxt.net That bit about haveibeentrained.com is wild. Do you have a source for that?

@lyse@lyse.isobeef.org I also can’t find the user agent string they use, which seems like it would be important information.

A Good HP Laptop: https://mckinley.cc/blog/20240123.xhtml

I had so many complaints about this Web page it wouldn’t fit in a twt. https://mckinley.cc/notes/20240122-terrible-website.xhtml

@prologic@twtxt.net Well, he did create a file system. That would probably drive a normal person to madness, if you didn’t have to be crazy to do it in the first place.

@movq@www.uninformativ.de Haha, me too. I could have sworn I heard a fiddle when I rebooted.

Basically NBD for DOS, that’s pretty cool.

@eapl.me@eapl.me There is HTTPS but it doesn’t seem to be enforced. My browser always connects with TLS if it’s available and the message is present with or without TLS or extensions, even when using cURL. I would notice if my VPN service injected things like this because I disable JavaScript and cookies by default. I think it’s unlikely I’m being MiTMed because the certificate is definitely from Let’s Encrypt. Also, I don’t see the point in MiTMing me just to put a JavaScript challenge on someone’s personal website.

I still think it’s a hosting provider thing. It doesn’t really matter to me, I’m just curious.

@xuu I caught AT&T doing this last year. They were also hijacking DNS queries if I remember correctly.

@movq@www.uninformativ.de Today I learned this package is installed on my computer. Unnecessary dependencies are really annoying on Arch. If I switch to Gentoo this will be a major reason why.

@sorenpeter@darch.dk If I go to your website, it makes my browser complete a JavaScript challenge and send the result to a special location on your domain using a form called “wsidchk”. After I complete that I get a cookie and I can browse your website freely. It isn’t Cloudflare. I imagine it’s because I’m using a VPN service with somewhat disreputable IP addresses. Is this something your hosting provider does automatically?

@sorenpeter@darch.dk Looks good, but how come I have to enable JavaScript and cookies to “verify” my request? It doesn’t look like Cloudflare.

@lyse@lyse.isobeef.org Ubuntu was the first distribution I used. I didn’t know what I was doing and broke the bootloader trying to do something related to dual booting and I couldn’t figure out how to fix it. I went back to Windows after that.

Many still recommend it as a first distribution. While I’m sure it’s still well polished and easy to use, I don’t like Ubuntu because of Canonical’s shady practices in the past and their move toward Snaps instead of Debian-style packages.

SpiralLinux seems like the best of both worlds. I’m really very impressed. If you are looking for a distribution for some one who isn’t so technical, but also something easy to fix when it breaks, consider looking into it. Use a different password for root, restrict sudo, mount /home with noexec, configure unattended upgrades, and I think it’d be very solid. It is just Debian Stable after all.

First Impressions of SpiralLinux: https://mckinley.cc/blog/20231029.xhtml

Does anyone have any personal experience with Spiral Linux? It is just preconfigured Debian + your choice of DE installed with Calamares. After the installation is completed, you aren’t dependent on anything except the existing Debian infrastructure which is, of course, rock-solid.

@lyse@lyse.isobeef.org I read this as “files” until I realized that you probably aren’t talking about JPEGs of apples.

I just caught a bit flip in a tmpfs. The 42 MiB file only existed for about 3 minutes before the error was first detected by the FLAC decoder. Very unlikely.

$ xxd -b ../08.\ New\ World\ Rising.flac >old
$ xxd -b 08.\ New\ World\ Rising.flac >new
$ diff old new
2959577c2959577
< 010ef510: 11110011 01001010 11111010 10011111 11110011 00111011  .J...;
---
> 010ef510: 11110011 11001010 11111010 10011111 11110011 00111011  .....;

@prologic@twtxt.net They can’t win unless they do it cryptographically, i.e. with real DRM. Even then, I think it’s still easy enough to extract a Widevine L3 key from an Android phone.

An update on the NTFS situation: I got a reproducible ntfs3-related kernel panic on my server just by reading every file with md5sum on the NTFS I actually want to back up with ntfsclone. It very well could have been related to mounting it partition read-only or using a USB to SATA adapter. I’ll try it again another time, probably on a machine that isn’t doing anything else important. I don’t know if I finally encountered the instability they talk about on Arch or if the ntfs3 driver just isn’t there yet. ntfs-3g has been okay for reads in my experience, but I’ve had issues writing.

@xuu As it turns out, btrfs is very cool. I’ve always used one big root partition, but getting the advantages of root+home partitions with no downside is just one reason why I’ll probably use btrfs on my next OS install. It could be a while, I’m a little sentimental about this one on ext4.

$ head -n 1 /var/log/pacman.log 
[2021-08-15T21:36:08+0000] [PACMAN] Running 'pacman -r /mnt -Sy --cachedir=/mnt/var/cache/pacman/pkg --noconfirm base linux linux-firmware networkmanager nm-applet i3wm base-devel vim'