@skinshafi@thunix.net Haha 😆

The purpose of this paper is to characterize simple sabotage, to outline its possible effects, and to present suggestions for inciting and executing it.

Sabotage varies from highly technical coup de main acts that require detailed planning and the use of specially-trained operatives, to innumerable simple acts which the ordinary individual citizen-saboteur can perform. This paper is primarily concerned with the latter type. Simple sabotage does not require specially prepared tools or equipment; it is executed by an ordinary citizen who may or may not act individually and without the necessity for active connection with an organized group; and it is carried out in such a way as to involve a minimum danger of injury, detection, and reprisal.

You scared me! 🤣

@skinshafi@thunix.net Argggg! 😱

@movq@www.uninformativ.de Interesting… 🧐 Can you elaborate on why and your workflows? 🙏

I’m not a fan of IMAP (I don’t want my server to create/keep data)

@lyse@lyse.isobeef.org Ita a terrible operator that makes code hard
Yo read as @kat@yarn.girlonthemoon.xyz difhtidu points out 😆

So glad I decided to move my project’s off GitHub 🤣

@lukas@lukasthiel.de No worries 😌

@lukasthiel.de@lukasthiel.de Welcome to Twtxt / Yarn.social 😅

My take on the discussion to introduce an ? operator in Go 👈 No. For so many reasons.

Speaking of “yapping”…. Seriously, do companies like microsoft.com and bird.com think they’re above the law or something? Do they really think they can get away with not actioning abuse reports from pip squeaks like me? 😅 Just watch me… 🤣

@aelaraji@aelaraji.com Ahhh! That one doesn’t even render any useful logo on mobile anyway 🤦‍♂️

@aelaraji@aelaraji.com that’s why I just speak my mind on Twtxt 🤣

@kat@yarn.girlonthemoon.xyz Glad you’re having fun in the real world 🙌

phew 😮‍💨

File system:  EXTFS
Device size:   29.8 GB = 7287552 Blocks
Space in use:   7.3 GB = 1789413 Blocks
Free Space:    22.5 GB = 5498139 Blocks
Block size:   4096 Byte
Elapsed: 13:01:07, Remaining: 00:00:00, Completed: 100.00%, Rate:   9.38MB/min,
Current block:    6823440, Total block:    7287552, Complete: 100.00%
Total Time: 13:01:07, Ave. Rate:   9.38MB/min, 100.00% completed!
Syncing... OK!
Partclone successfully cloned the device (/dev/sda1) to the image (/dev/sdb1)
Cloned successfully.
[root@sysrescue ~]#

@andros@twtxt.andros.dev Oh this is Lisp right? 🤔 Well done! 👍

Just run FrakenPHP or Road Runner 😀

[root@sysrescue ~]# partclone.ext4 -c -s /dev/sda1 -o /dev/sdb1
...
Elapsed: 00:05:32, Remaining: 23:46:57, Completed:   0.39%,   5.12MB/min,
Current block:       6912, Total block:    7287552, Complete:   0.09%

Bloody hell 😆

@xuu@txt.sour.is I think it’s about time we start blocking invalid SPF and DMARC 🤣

Check this out 😅😅

Authentication-Results: mail.mills.io;
	spf=temperror (mail.mills.io: error in processing during lookup of msprvs1=20121HZ44a1Eg=bounces-367050@irp.stuartkenzie.com: responses is not iterable) smtp.mailfrom="msprvs1=20121HZ44a1Eg=bounces-367050@irp.stuartkenzie.com" smtp.helo=us.proxy.mills.io;
	dkim=neutral (invalid public key) header.i=@irp.stuartkenzie.com header.s=scph1124 header.a=rsa-sha256 header.b=BOHvtOsv;
	dmarc=none header.from=stuartkenzie.com
Received-SPF: temperror (mail.mills.io: error in processing during lookup of msprvs1=20121HZ44a1Eg=bounces-367050@irp.stuartkenzie.com: responses is not
 iterable) client-ip=172.30.0.5;
Received: from us.proxy.mills.io ([172.30.0.5])
	by mail.mills.io (Haraka) with ESMTP id 3CD19639-8117-48DB-8137-5B29E3732B5E.1
	envelope-from <msprvs1=20121HZ44a1Eg=bounces-367050@irp.stuartkenzie.com>;
	Sun, 26 Jan 2025 22:23:33 +0000
Received: from mta-174-87-76.smtp-out.sparkpostmail.com
 (mta-174-87-76.smtp-out.sparkpostmail.com [192.174.87.76]) by
 us.proxy.mills.io (envelope-sender
 <msprvs1=20121HZ44a1Eg=bounces-367050@irp.stuartkenzie.com>) with ESMTPS id
 74a301f9; Sun, 26 Jan 2025 22:23:33 +0000

How fucking dumb as these spammer little assholes?! 🤦‍♂️ Not only does the domain in the Fron: have a bad TLS certificate, the domain in the Reply-To is a blank page. Wut dua fuw?! 🤣 And seriously, how du fuq did this even get through my Mail proxies? 🤔 @xuu@txt.sour.is 😅

@doesnm@doesnm.p.psf.lt Threema is also known to be crippled to state actors and the five eyes. It has known crypto protocol weaknesses that can leak metadata.

@johanbove@johanbove.info Why not Signal? 🤔

@johanbove@johanbove.info It’s a good movie! 👌

@lyse@lyse.isobeef.org Soon™ soon™ my friend 🤣

At a gold club today for a friend’s birthday 🥳

Why are we touting such garbage anyway?! 🤔 Why is Apple even entertaining this nonsense?! 🤦‍♂️

Apple’s so-called “Apple Intelligence” is also pretty shit™

Honestly Apple’s Image Playground is pretty shit™

@arne@uplegger.eu I do 😅 Despite some opinions, I actually love HTMX and use it in many of my projects, including yarnd to give it that nice SPA-like UX feel without all this Javascript React nonsense 😅

Online meetup Yarn.social call is on! Come join us!

=> https://meet.mills.io/call/Yarn.social

@arne@uplegger.eu Nice! 👌

@doesnm@doesnm.p.psf.lt @xuu@txt.sour.is will nuke it with prejudice I’m sure 👍

@doesnm@doesnm.p.psf.lt Oh yeah @xuu@txt.sour.is found his “Open Registrations” got reverted somehow 🤔

@andros@twtxt.andros.dev that’s the one used on https://twtxt.dev 🤣

@doesnm@doesnm.p.psf.lt What do you mean? Hmm? 🤔

See here

Anyone coming to the call today? 12:00 UTC (+/- 2hrs)

@andros@twtxt.andros.dev Sounds a bit like what you would do when writing normal Go code to me 😅

@andros@twtxt.andros.dev Just to be clear, you’re only talking about the logo for twtxt.dev? 🤔

@terron@duque-terron.cat Cute 🥰

The other alternative is to just integrate with Salty.im itself 😅

@movq@www.uninformativ.de It’s all good 👍 Just discussing two things really a) Publishing private/encrypted messages to target recipients on a Twtxt feed (Direct Messages) and b) A new/alternative logo for https://twtxt.dev 😅

@movq@www.uninformativ.de Haha 🤣

@andros@twtxt.andros.dev I never really understood this “CLEAN” architecture… 😅 Can you explain it in your own words as you understand it to mean? 🤔

@doesnm@doesnm.p.psf.lt I don’t think this has anything to do with yarnd, but SSH keys in general 😅

@andros@twtxt.andros.dev Could not agree more! 🙌

1. Make sure the machine is off. ✅ (confirmed via remote IPMI)
   
2. Unplug the power cables.
   
3. Unrack the machine.
   
4. Bring to office bench.
   
5. Unscrew the cover.
   
6. Plug in a new SATA DOM on a spare SATA cable.
   
7. Boot a bootable Live Linux Rescue system
   
8. Login and confirm both SATA DOM(s) are visible
   
9. Use dd to copy the contents of the old SATA DOM to the New.
   
10. Power off
    
11. Remove old SATA DOM
    
12. Confirm the machine comes back in it’s original state.

Took today off work. My workplace has a special form of leave called “My Day” that you can take in addition to your usual Annual leave. So nice! 😊 I’m using one of them today to take advantage of the long weekend coming up (Australia Day). Planning on making repairs to one of my Hypervisor nodes that is currently down and powered off for repairs. The SATA DOM (Disk on Module) boot disk is kind of dead and the controller refusing to take any new writes. It’s about ~5 years old 🤣

Plan is to take the machine out of the Rack, place it on my office desk to open it up. Plug in a new 2nd SATA DOM on another SAtA cable. Boot it back up with a Linux Rescue bootable ISO and do a dd of the old to the new. Then swap ‘em around and hope 🤞 for the best 😅

@movq@www.uninformativ.de Docker Swarm to the rescue! 🤣

So am I 🤣

@doesnm@doesnm.p.psf.lt It stores it in the devices secure store, whatever that is on the device. It’s different for Android and iOS.

@aelaraji@aelaraji.com Haha don’t ask me 🤣 I don’t do PHP 😆

It’s nice to see we’re all largely thinking along the same lines. e.g: Salty.im 😅

@eapl.me@eapl.me Yeah this is true. Previously RSA and AES were more common. These days Salsa and Chacha and Curve are fairly prevalent. For example all the Wireguard stuff uses Curve25519 / Ed25519 crypto. Signal uses very similar crypto too, but with some very nice double ratcheting 3DH.

@eapl.me@eapl.me I -think we’ve gotten use to it somewhat 🤣

@doesnm@doesnm.p.psf.lt whilst technically true, expensive and unnecessary.

@doesnm@doesnm.p.psf.lt I always do 👌

👋👋 Reminders that this weekend our monthly Yarn.social online meetup. Who’s coming? 🤔 Some possible topics:

• Direct Messaging for Twtxt
  
• @prologic@twtxt.net ’s new EdgeGuard services 🤣
  
• What’s the weather like? 👍
  

Details:

• When: 25th Jan 2025 at 12:00PM UTC (midday)
  
• Where: https://meet.mills.io/call/Yarn.social

@eapl.me@eapl.me@eapl.me@eapl.me But we’re actively discussing on Twtxt 🤣

@eapl.me@eapl.me@eapl.me@eapl.me Agree with the base64 encoding 👌

@eapl.me@eapl.me@eapl.me@eapl.me actually it is easy 🤣 It’s now the standard for SSH keys 😆

@aelaraji@aelaraji.com Hmmm? 🤔

@xuu@txt.sour.is Is this because there’s a bug in persisting trusted peers? 🤔

@lyse@lyse.isobeef.org This is a good point.

@doesnm@doesnm.p.psf.lt That’s actually not true, because you’d have to know the target you’re interested in, in the first place. Inboxes in Salty.IM are deliberately shahed for this reason. So whilst you may know your own inbox address, etc, I (as an arbitrary bad actor) wouldn’t easily be able to guess (let alone brute force) my way to another inbox address of an interested party.

@xuu@txt.sour.is Can you elaborate in textual form for the poor vision impaired developer 🤣 🙏

@andros@twtxt.andros.dev 🤩😍

It would also be great if you put up a PR against twtxt.dev 🙏

@andros@twtxt.andros.dev My only comment so far is to use Ed25519 keys for crypto.

@bender@twtxt.net planning on being around in 10 years 🤔 😅

Multihull of the year Winner: 2024 ILIAD 53F Power Catamaran Yacht Tour - YouTube👈 Really loving this Multihull Power Catamaran 👌 Very nice yacht! 🛥️

@kat@yarn.girlonthemoon.xyz Do you want to stand it up on your own or use it as a service? 🤔🤔

@kat@yarn.girlonthemoon.xyz sounds intriguing 🤔

EdgeGuard Update:

I am now in a position where I’m no longer having any ports open on my firewall at the Mills DC. 🥳 All services (Gopher, SMTP, IRC, SSH, HTTP) are being proxied through my edge network 💪

@xuu@txt.sour.is Speaking of TV Shows, can anyone recommend anything good of late? Hmm 🤔

@doesnm@doesnm.p.psf.lt Hmmm yhe flow doesn’t look right to me hmm 🤔

@doesnm@doesnm.p.psf.lt Is that implementing IndieAuth? 🤔

@bender@twtxt.net Aye aye 🙌

Would anyone object to the feeds.twtxt.net service having auth soon™ ? 🤔 I’m tired of the garbage feeds that it has accumulated over tie (spammers) and I want to a) clean it up b) lock it down somewhat.

The idea would be that you’d login with your Yarn.social account on some pod you control/operate or share with a nice person 🤣 – For those unfamiliar, this is called IndieAuth or IndieLogin. ALL Yarn.social pods are in fact valid (have been for years now) IndieAuth Providers. So I can just ust that. This also technically means you could login with your own domain too (more on that later…)

@hacker-news-newest@feeds.twtxt.net TL;DR:

The author recounts their experience with a “no calls” policy in enterprise sales, finding it surprisingly effective. They attribute this success to addressing common reasons for calls—lack of understanding, onboarding issues, pricing uncertainty, and trust concerns—through clear messaging, self-serve onboarding, transparent pricing, and robust security documentation. While acknowledging potential limitations, the author advocates for a #nocalls approach, emphasizing the benefits of efficiency and alignment with their values.

@lyse@lyse.isobeef.org Who does right 🤣 I wonder if anyone read the ToC(s) of any Yarn pod? 🤔

@news-minimalist@feeds.twtxt.net Ahh now I like to read news like this in my feed. THis is perfect! 🤩 Thank you @bender@twtxt.net and so far this is such a nice quite way to be “informed” without the noise and sensational crappy clickbait shit™

@kat@yarn.girlonthemoon.xyz Evening 👋

@arne@uplegger.eu True! 👌👌

@kat@yarn.girlonthemoon.xyz I also happen to use it to run https://mbox.blue as well as to front SSh access to https://git.mills.io 👌

@arne@uplegger.eu To be honest I don’t really understand why anyone would use Facebook™, X/Twitter™, TikTok™ Instagram™, etc… When it clearly states in their Terms of Conditions that the content you “enter” into their systems, is NOT yours.

@kat@yarn.girlonthemoon.xyz That was https://git.mills.io/prologic/sshbox

@aelaraji@aelaraji.com Fuck sorry!

@arne@uplegger.eu Haha nice one 😆

@andros@twtxt.andros.dev Created. Can you try logging in via Github? I had to take a stab/guess at your Email address, which is very clearly wrong, but hopefully you an just update it when you login 🤣🤣

Actually. it’s probably fine if you just drop your Github username/profile here. They’re all public info anyway 🤣🤣

@andros@twtxt.andros.dev I believe I disabled new registrations by default due to increase in levels of “spam accounts”. If you could email me, or DM me (IRC) your Github username, I’ll add an account for you that matches your Github profile and you can sign-in that way.

Respectfully, I will not move any of my projects back to Github after this blog post; hope you can understand, but I’d prefer to stick to my moral values here as much as I can 😅

@kat@yarn.girlonthemoon.xyz Any ideas of the volume coming out of their RSS feed? 🤔

@kat@yarn.girlonthemoon.xyz Now you just need to front this with sshbox and protect your precious little SSh resource 💪

@xuu@txt.sour.is Haha 🤣🤣🤣

@bender@twtxt.net Yeah I think I follow the Hacker News top N feed already. So taht’s fine.

Well it imported nicely into the feeds service, so I’ll give it a try 👌

@kingdomcome@yarn.girlonthemoon.xyz Hey 👋 Ya know, working, etc 🤣

@bender@twtxt.net What’s the other ?🤔