mckinley @twtxt.net

Recent Twts

Recent twts from mckinley

RED ALERT: THE CAMPAIGN AGAINST MONERO HAS BEGUN

And yes, you can argue that there are legal and moral reasons to use a privacy coin. But these coins are running up against the same problem as encryption and other technologies to protect privacy: They can’t allow for dissidents, activists, and people from marginalized communities to stay safe without also sheltering criminals and purveyors of hate.

https://slate.com/technology/2021/11/monero-privacy-coin-racists-cybercriminals.html
https://slate.com/technology/2021/11/monero-privacy-coin-racists-cybercriminals.html


#akolz3q
In-reply-to > Glitchy GTA Re-Release Still Unplayable on PC, Said to Contain Infamous 'Hot Coffee' Mini-Game Kotaku reports: Grand Theft Auto: The Trilogy — Definitive Edition was released on November 11 on all major platforms including the Switch. However, for folks who bought the game on PC, they've been unable to play the game since just shortly after it was released. Now three days lat ... ⌘ Read more

Heh.


#qznph5a
In-reply-to > It’s pretty easy with jenny to use GPG to sign your feed (just do it in your publish_command), but of course, there’s no verification. 🤔 Should this be on the TODO list? Is it overkill? Nobody’s using it at the moment …

Twtxt and Yarn are designed as “Twitter style” systems. Perhaps twtxt can be adapted to a Facebook style system with that kind of access control and end-to-end encryption. Perhaps the result would be incredible. I am skeptical, however, of the idea that it would mix well with the current twtxt/Yarn ecosystem built on openness.


#4rvpirq
In-reply-to > It’s pretty easy with jenny to use GPG to sign your feed (just do it in your publish_command), but of course, there’s no verification. 🤔 Should this be on the TODO list? Is it overkill? Nobody’s using it at the moment …

“Social media” can take several forms.

  • A “Twitter style” open microblogging system that allows people to discard and create identities with little consequences
  • A “Facebook style” closed-off system that is more focused on real people interacting with each other instead of their online personas
  • An “Internet forum style” system that focuses on discussion above all else

#axvov7q
In-reply-to > It’s pretty easy with jenny to use GPG to sign your feed (just do it in your publish_command), but of course, there’s no verification. 🤔 Should this be on the TODO list? Is it overkill? Nobody’s using it at the moment …

Reading this thread, I see two things:

  1. The example of image sharing can easily be solved by creating a private file hosting service that doesn’t suck like @lyse said
  2. We are getting close to the original purpose of Facebook here. A social media service based on identities rather than accounts and designed for people who know each other in meatspace to connect online. Facebook already does what we’re talking about well; it has strong access controls to only show your content to people you choose. The only problem, of course, is that Facebook is evil.

#rtygxwq
In-reply-to > It’s pretty easy with jenny to use GPG to sign your feed (just do it in your publish_command), but of course, there’s no verification. 🤔 Should this be on the TODO list? Is it overkill? Nobody’s using it at the moment …

I think it would be a much harder sell to get people on a weird social media service they’ve never heard of and encrypted feeds (as well as signed feeds) would make clients much more complex. I always have the anti-feature view, though. Maybe there’s something I’m not seeing.


#isyz4va
In-reply-to > It’s pretty easy with jenny to use GPG to sign your feed (just do it in your publish_command), but of course, there’s no verification. 🤔 Should this be on the TODO list? Is it overkill? Nobody’s using it at the moment …

@prologic Whenever I have some pictures I need to share with a few others, I just put them on a web page somewhere that isn’t linked anywhere else and has <meta name="robots" content="noindex, ofollow"> on for good measure. Nobody I’m sharing it with has to sign up for anything, no entity outside my control is compressing the images, screwing with the metadata, or facially recognizing anyone, and you can just right click > save as if you want to download them.


#3xfjgaq
In-reply-to > @fastidious What's this? 🤔 What are you up to? 🤣

I agree with @lyse There could be some confusion if posts appear in people’s clients that are not on the master feed. What if the client keeps retrying and keeps getting the dummy feed over the course of several hours? It would clutter people’s clients very quickly. This is a perfect use for the standard HTTP status codes, there’s no reason to reinvent the wheel.


#b7egt5q
In-reply-to > Q: Does anyone know where one can purchase 2RU to 4RU Rack mounted storage servers with Hot Swap either 2.5" or 3.5" bays but Short Depth to fit a 600mm depth rack? 🤔 Unfortunately the one in my server room is a custom job from iStarUSA from a company that no longer exists, so I doubt they make the chassis anymore...

@prologic You should check out Teddit or Libreddit. They’re privacy and freedom respecting, self-hostable frontends for Reddit.


#em7ejnq
In-reply-to > So… This is an example of what happens if you follow a feed that happens to be served over two different schemes or protocols.

@prologic My apologies. I didn’t interpret the specification correctly. The feeds are supposed to be distinct, with the url field used for hashing and hashing only. I got carried away with separate feeds becoming one and whatnot. Ignore everything I’ve written to this point. Perhaps I should go to bed.


#xvnpa3a
In-reply-to > So… This is an example of what happens if you follow a feed that happens to be served over two different schemes or protocols.

As I’m typing it, though, it seems like an extremely complicated solution to a problem that isn’t all that bad.

Poor wording. Feedjacking would be a pretty bad problem. I meant that it might be best to keep things as they are without adding any crazy url switching.


#3ae4l5q
In-reply-to > So… This is an example of what happens if you follow a feed that happens to be served over two different schemes or protocols.

How about this: The url field is replaced by a canonical field and an alternate field. If the location that the client has of Feed A doesn’t match what it says in Feed A’s canonical field, the client downloads the canonical feed, Feed B, once to make sure that the location of Feed A appears in Feed B’s alternate tags. If so, the client will continue to follow Feed A but it will use the canonical URL for hashing.
As I’m typing it, though, it seems like an extremely complicated solution to a problem that isn’t all that bad.


#fj7s7oa
In-reply-to > So… This is an example of what happens if you follow a feed that happens to be served over two different schemes or protocols.

Hold on. If the standard was implemented verbatim, couldn’t anyone could hijack your feed by adding # url = https://twtxt.net/user/prologic/twtxt.txt to their feed?


#4pilbla
In-reply-to > So… This is an example of what happens if you follow a feed that happens to be served over two different schemes or protocols.

@prologic Yeah, isn’t the idea to make sure twts from the same feed at different locations have the same hash by specifying a canonical feed url? That should solve the http:// https:// problem and the twtxt twtxt-25 problem if the standard is widely adopted.


#fox4h7q
In-reply-to > So… This is an example of what happens if you follow a feed that happens to be served over two different schemes or protocols.

@prologic Ah, I finished editing my post after you already saw it.

I understand how this can create confusion. Does Yarn respect url metadata entries as specified on dev.twtxt.net?


#xurozsa
In-reply-to > So… This is an example of what happens if you follow a feed that happens to be served over two different schemes or protocols.

@prologic You’re correct, but those are actually separate feeds. Green is /twtxt.txt, my “canonical” feed with all my posts. Blue is /twtxt-25.txt, the one with only the most recent 25 posts. I understand how this can create confusion. Does Yarn respect url metadata entries as specified on dev.twtxt.net?


#zzzr2iq
In-reply-to > A Meteorite Crashed Through Somebody's Ceiling and Landed on Their Bed The New York Times reports:

@prologic @slashdot

The Times reports that Peter Brown, a professor at the University of Western Ontario, places the odds of a meteor crashing into someone’s bed at 1 in 100 billion.

I would really like to hear Peter Brown tell us how he came to that conclusion.


#dcezh6q
In-reply-to > See this previous chain got forked! 😁

Let’s just say, I’ve seen this happen with multiple products at work: Step 1, someone builds something which doesn’t support a “reply” feature at all. Step 2, the thing grows, now people want “reply”. Step 3, it gets confusing with all the linear replies and now people want “full threading”. 😁 That’s also basically what happened to twtxt/yarn. Maybe, over time, everything evolves into Usenet. 🤣

@movq was right.


#4xex33q
In-reply-to > Is It Time to Stop Paying For a VPN? "I'm done with paying for a virtual private network," writes the New York Times' lead consumer technology writer. [Alternate URLs here and here.]
The reality is that web security has improved so much in the last few years that VPN services, which charge monthly subscription fees that cost as much as Netflix, offer superfluous protection for most people concerned about privacy, some security researchers said.

@slashdot

Not only is it free to use, but I no longer have to worry about trust, because the operator of the technology is me.

Of course Amazon would never snoop on what you’re doing with the service they provide to you for free. They wouldn’t do that! They’re a “reputable and widely trusted cloud provider” based in a Five Eyes country known for their data security!
Nobody told this guy about Mullvad or iVPN. Plus, if you’re doing it right, you don’t need that Netflix subscription.


#2x6kxoa
In-reply-to > Noisy crow! 😂

@eldersnake> Maybe they’ll need to migrate it to a Chromium base

I’m sure it would be more profitable for them to do so. That just makes me wonder why they haven’t done it already. I wonder if there’s Google money involved (like the default search engine deal with Mozilla) so they can claim they aren’t a monopoly.


#sknvmuq