@aelaraji@aelaraji.com Yeah and I think I can basically pull the crowssec rules every N interval right and use this to make blocking decisions? – I’ve actually considered this part of a completely new WAF design that I just haven’t built yet (just designing it).

Oh fuck me! I had basically turned off the route to git.mills.io last night and went ot bed at ~2AM after unsuccessfully trying to control the attacks (bad bots) that were behaving like a DDoS attack. Tried to re-enable the route this monring and *BOOM, they’re back! As-if they never stopped?! what da actual fuq?! Anyone have any clever ideas of what I can do here to allows normal users, like you nice folk and block ths obnoxious traffic?!

All my newly added test cases failed, that movq thankfully provided in https://git.mills.io/yarnsocial/twtxt.dev/pulls/28#issuecomment-20801 for the draft of the twt hash v2 extension. The first error was easy to see in the diff. The hashes were way too long. You’ve already guessed it, I had cut the hash from the twelfth character towards the end instead of taking the first twelve characters: hash[12:] instead of hash[:12].

After fixing this rookie mistake, the tests still all failed. Hmmm. Did I still cut the wrong twelve characters? :-? I even checked the Go reference implementation in the document itself. But it read basically the same as mine. Strange, what the heck is going on here?

Turns out that my vim replacements to transform the Python code into Go code butchered all the URLs. ;-) The order of operations matters. I first replaced the equals with colons for the subtest struct fields and then wanted to transform the RFC 3339 timestamp strings to time.Date(…) calls. So, I replaced the colons in the time with commas and spaces. Hence, my URLs then also all read https, //example.com/twtxt.txt.

But that was it. All test green. \o/

@lyse@lyse.isobeef.org @bender@twtxt.net Pfft, they want folks to relocate to Sydney. Fuck that 🤣 Sydney is a bit like San Francisco, I’m not actually sure which is worse. Fuck’n expensive as hell, the only palce you’d be able to afford to buy or rent is at least ~2hrs out of the city by public transport (i.e: train) and by that time you’ve just pissed your life down the toilet, because you’d be expected ot work a 9-10hr day + 2-3hrs of travel each way, buy the time you factor in having to wake up super early to get ready to travel in to work, you basically have zero time for anything else, let alone your ufamily,

Fuck that.

Be it Java with Swing or PyQt6, it takes ~300 ms until a basic window with a treeview and a listbox appears. That is a very noticeable delay.

Is it unrealistic to expect faster startup times these days? 🤔

Once the program is running, a new second window (in the same process) appears very quickly. So it’s all just the initialization stuff that takes so long. I could, of course, do what “fat” programs have done for ages: Pre-launch the process during boot, windowless. But I was hoping that this wasn’t needed. 😞 (And it’s a bad model anyway. When the main process crashes, all windows crash with it.)

@prologic@twtxt.net Let’s go through it one by one. Here’s a wall of text that took me over 1.5 hours to write.

This section says AI should not be treated as an authority. This is actually just what I said, except the AI phrased/framed it like it was a counter-argument.

The AI also said that users must develop “AI literacy”, again phrasing/framing it like a counter-argument. Well, that is also just what I said. I said you should treat AI output like a random blog and you should verify the sources, yadda yadda. That is “AI literacy”, isn’t it?

My text went one step further, though: I said that when you take this requirement of “AI literacy” into account, you basically end up with a fancy search engine, with extra overhead that costs time. The AI missed/ignored this in its reply.

Okay, so, the AI also said that you should use AI tools just for drafting and brainstorming. Granted, a very rough draft of something will probably be doable. But then you have to diligently verify every little detail of this draft – okay, fine, a draft is a draft, it’s fine if it contains errors. The thing is, though, that you really must do this verification. And I claim that many people will not do it, because AI outputs look sooooo convincing, they don’t feel like a draft that needs editing.

Can you, as an expert, still use an AI draft as a basis/foundation? Yeah, probably. But here’s the kicker: You did not create that draft. You were not involved in the “thought process” behind it. When you, a human being, make a draft, you often think something like: “Okay, I want to draw a picture of a landscape and there’s going to be a little house, but for now, I’ll just put in a rough sketch of the house and add the details later.” You are aware of what you left out. When the AI did the draft, you are not aware of what’s missing – even more so when every AI output already looks like a final product. For me, personally, this makes it much harder and slower to verify such a draft, and I mentioned this in my text.

You, @prologic@twtxt.net, also mentioned this in your car tyre example.

In my text, I gave two analogies: The gym analogy and the Google Translate analogy. Your car tyre example falls in the same category, but Gemini’s calculator example is different (and, again, gaslight-y, see below).

What I meant in my text: A person wants to be a programmer. To me, a programmer is a person who writes code, understands code, maintains code, writes documentation, and so on. In your example, a person who changes a car tyre would be a mechanic. Now, if you use AI to write the code and documentation for you, are you still a programmer? If you have no understanding of said code, are you a programmer? A person who does not know how to change a car tyre, is that still a mechanic?

No, you’re something else. You should not be hired as a programmer or a mechanic.

Yes, that is “skill evolution” – which is pretty much my point! But the AI framed it like a counter-argument. It didn’t understand my text.

(But what if that’s our future? What if all programming will look like that in some years? I claim: It’s not possible. If you don’t know how to program, then you don’t know how to read/understand code written by an AI. You are something else, but you’re not a programmer. It might be valid to be something else – but that wasn’t my point, my point was that you’re not a bloody programmer.)

Gemini’s calculator example is garbage, I think. Crunching numbers and doing mathematics (i.e., “complex problem-solving”) are two different things. Just because you now have a calculator, doesn’t mean it’ll free you up to do mathematical proofs or whatever.

What would have worked is this: Let’s say you’re an accountant and you sum up spendings. Without a calculator, this takes a lot of time and is error prone. But when you have one, you can work faster. But once again, there’s a little gaslight-y detail: A calculator is correct. Yes, it could have “bugs” (hello Intel FDIV), but its design actually properly calculates numbers. AI, on the other hand, does not understand a thing (our current AI, that is), it’s just a statistical model. So, this modified example (“accountant with a calculator”) would actually have to be phrased like this: Suppose there’s an accountant and you give her a magic box that spits out the correct result in, what, I don’t know, 70-90% of the time. The accountant couldn’t rely on this box now, could she? She’d either have to double-check everything or accept possibly wrong results. And that is how I feel like when I work with AI tools.

Gemini has no idea that its calculator example doesn’t make sense. It just spits out some generic “argument” that it picked up on some website.

The AI makes two points here. The first one, I might actually agree with (“bad bot behavior is not the fault of AI itself”).

The second point is, once again, gaslighting, because it is phrased/framed like a counter-argument. It implies that I said something which I didn’t. Like the AI, I said that you would have to adjust the copyright law! At the same time, the AI answer didn’t even question whether it’s okay to break the current law or not. It just said “lol yeah, change the laws”. (I wonder in what way the laws would have to be changed in the AI’s “opinion”, because some of these changes could kill some business opportunities – or the laws would have to have special AI clauses that only benefit the AI techbros. But I digress, that wasn’t part of Gemini’s answer.)

Except for one point, I don’t accept any of Gemini’s “criticism”. It didn’t pick up on lots of details, ignored arguments, and I can just instinctively tell that this thing does not understand anything it wrote (which is correct, it’s just a statistical model).

And it framed everything like a counter-argument, while actually repeating what I said. That’s gaslighting: When Alice says “the sky is blue” and Bob replies with “why do you say the sky is purple?!”

But it sure looks convincing, doesn’t it?

This took so much of my time. I won’t do this again. 😂

Understanding JSON Web Token (JWT) Security

Image

From Basics to Breaking Authentication

Continue reading on InfoSec Write-ups » ⌘ Read more

@movq@www.uninformativ.de Uh, that actually looks not that terrible. Somehow, I remember Swing GUIs being way uglier.

As for Visual Basic, I only had to use VBA once in my life. That was in the beginning of my career when I inherited a project from a leaving coworker. Fuck me, was that awful. Just alone the damn compiler error dialog box popping up in my face all the time while editing and the compiler already trying to parse the unfinished and hence of course uncompilable code. Boy, that left a lasting impression on me. I ported everything to Java very quickly. Luckily, the code base wasn’t all that large at that point in time. I had to add a bunch of new features after that, so I was very glad that I convinced my workmate/project manager to do that first. We didn’t even need a GUI, the button in Excel was transformed to a command line program that just generated the large file.

But I cannot comment on the VB GUI designer, I never used that. Your screenshot looks very similar to the Delphi one, though. Only towards the end of my Delphi days I found out about the possibility to make the widgets snap to window edges and corners (I don’t remember how that was called), so that resizing the windows was actually possible without messing up their entire contents.

Switching to Linux, Delphi wasn’t an option anymore. For some reason I couldn’t use Kylix. Maybe it was already dead by the time I changed OSes. Or I couldn’t get it to run. I just don’t remember. I just recall that the unavailability of Delphi was the reason it took me a while to actually settle on Linux. I then fully switched to Java. The GridBagLayout was my absolutely favorite Swing layout manager. I reckon I used it 98% of the time, because it was so powerful and made the windows resize properly, just as I had learned to do in Delphi shortly before.

Up until discovering Swing, I used Java’s AWT for a short amount of time. That was very limited I think and I hit the limits fairly quickly. Later at uni, we had one project making use of SWT. Didn’t convince me either. I could be wrong, but I think there was also a SWT GUI designer plugin for Eclipse. If there really was, that one wasn’t in the same street as Delphi’s (there must be a reason I forgot about it ;-)).

@lyse@lyse.isobeef.org

The one for Delphi was quite good.

It was! I didn’t use Delphi for long, though. Dunno why, I always gravitated towards Visual Basic back then. 😅

These days I don’t deal with GUI programming anymore.

I also avoid it when possible, because … it’s exhausting, because … the tools that I have/know are “subpar”. Doing anything regarding GUIs always feels like a chore. That wasn’t the case in the VB days.

Well, I made this in ~2009 with Java/Swing and it was pretty nice to work with, custom widgets and all:

https://movq.de/v/de26d5edb3/s.png

I wouldn’t dare doing this with GTK.

And maybe I should go back to using GUI designers. Haven’t used those since the Visual Basic days. 🤔 It wasn’t pretty, but you got results very quickly and efficiently.

(When I switched to Linux, I quickly got stuck with GTK and that only had Glade, which wasn’t super great at the time, so I didn’t start using it … and then I never questioned that decision …)

https://movq.de/v/eaa24b109b/vb.png

Just FTR, in case this wasn’t obvious, the “right to repair” (if there ever is one) needs to be more than just “you’re legally allowed to repair stuff”.

I just fixed this thing by replacing two capacitors. Great, but this was an absolute shitshow and it took several days. So many obstacles, everything’s tiny, connectors glued together, … It worked in the end, but I was so close to giving up.

Being legally allowed to do something is basically worthless if it’s not feasible to actually do it.

Ireland plans to make a $1,500 a month basic income for artists permanent ⌘ Read more

@arne@uplegger.eu Yeah SSE + HTMX is basically all you need really. The whole complicated/complex JavaScript ecosystem is overkill.

Unbelievable Security Hole: JWT Secret in a Series-B Funded Company

Image

It started as a routine penetration test. Little did I know I was about to uncover one of the most basic yet catastrophic security…

[Continue reading on … ⌘ Read more

Network Layers Model (Networking Basics) - Computerphile ⌘ Read more

@lyse@lyse.isobeef.org In my case it was a silver necklace, a hummingbird with a wing connected with the cold welding I mentioned using thin brass wires.

It made it in a goldsmithing class (I went to a private craftmanship high-school) so no phones allowed (no photos of it) and no “take home” of the works.

Here’s a rough sketch of it drawn by memory, the dots in the wing is where it connects to the body.

Image

The technique is basically the same as i described, but the scale is much smaller, the whole piece was about 5-6 cm on the largest side.

The rivet was made by drilling a hole through the parts, than with a short and thicker drill you widen the hole on the surface to let the rivet settle flatter on the piece, then with a rubber hammer you hit it to flatten the head until it’s snug on the hole, lock them together by doing the same on the other side.

Note that widening the hole with a thicker drill head won’t make a difference with bigger holes, mine had holes of about 1-2 mm of diameter maximum.

Here’s a sketch of what is going on for clarity.

Image

@bender@twtxt.net We have quite a few that are basically part of our friendly neighborhood. They knew we won’t chase them aware, scare them, etc. In fact some of us find little cockroaches to feed them, tose ‘em up in the air and watch them sweep in and grab the little suckers 🤣

War on America, Chicago Theater of Operations
Ruth Ben-Ghiat ,  Professor of History New York University  -  Reader Support News | Lucid Substack

_Stephan: Ruth Ben-Ghiat is an American history professor and political commentator. She is a scholar on fascism and authoritarian leaders, and a professor of history and Italian studies at New York University. She is absolutely correct. What amazes and saddens me is that millions of Americans sit at home basically reading social media … ⌘ Read more

‘I cannot abide’: Biting dissent blasts Supreme Court for ‘plainly misjudging’ case
Nicole Charky-Chami,  Senior Editor  -  Raw Story

_Stephan: Like the country itself, the Supreme Court is divided between the majority of corrupt justices who are basically helping Trump and the Republicans to make the United States a nation controlled by a fascist authoritarian oligarchy, and a minority of justices who follow precedent and the laws. The minority … ⌘ Read more

Hi everyone, here’s a little introduction of my twtxt client (still WIP).

The client I’m developing is a single tenant project that runs entirely in the browser (it might use an optional backend).

It’s entirely based on native web-components and vanilla JS, it is designed to act closer to a toolkit than a full-fledged client, allowing users to “DIY” their own interface with pure html or plain javascript functions.

Users can also build their own engines by including a global javascript object that implement the defined internal API (TBD).

I’m planning to build a system that is easy enough to build and use with any skill level, using only pure html (with a homebrew minimal template engine) or via plain JS (I’ll be also providing some pre-made templates too).

Everything can be self-hosted on any static hosting provider, this allows to spread twtxt within communities like Neocities and similarly hosted websites (basically any Indieweb/Smallweb/Digital garden website and any of the common GitHub/Lab/Berg/lify Pages).

It will be probably named something like TxtCraft or craf.txt but I’m not really sure yet… 🤔 (Maybe some suggestions could help)

I’m still in the experimental phase, so there’s no decent source-code to share yet, but it will soon enough!

Pretty happy with my zs-blog-template starter kit for creating and maintaining your own blog using zs 👌 Demo of what the starter kit looks like here – Basic features include:

• Clean layout & typography
  
• Chroma code highlighting (aligned to your site palette)
  
• Accessible copy-code button
  
• “On this page” collapsible TOC
  
• RSS, sitemap, robots
  
• Archives, tags, tag cloud
  
• Draft support (hidden from lists/feeds)
  
• Open Graph (OG) & Twitter card meta (default image + per-post overrides)
  
• Ready-to-use 404 page
  

As well as custom routes (redirects, rewrites, etc) to support canonical URLs or redirecting old URLs as well as new zs external command capability itself that now lets you do things like:

$ zs newpost

to help kick-start the creation of a new post with all the right “stuff”™ ready to go and then pop open your $EEDITOR 🤞

#awesome #zs

@prologic@twtxt.net the simplest thing to do is to completely forgo hashing anything because we are communicating using plain text files right now :3 while i agree hashes are incredibly helpful in the backend im not sure it has a place outside of it, it basically eliminates two core design principals of twtxt (human readability and integrating well with unix command line utilities) and makes new clients more difficult to build than it should be

@bender@twtxt.net Yes I did about a week or so ago. It took me a lot of effort to get the content even rendered in the first place. LOL I had to basically export my blog as HTML (can you believe that?!) – The Hugo export just didn’t work at all 🤣

@zvava@twtxt.net love the direction this is heading, hope this soon evolves into a basic Android app, usable with any instance.

@lyse@lyse.isobeef.org I’m looking for an OS that runs better than Windows (🤮) and through which I can do basic stuff like read RSS feeds and browse geminispace; but which I can also learn from.

Hmm, gnu.org is slow as heck. Shorter HTML pages load in about ten seconds. This complete AWK manual all in one large HTML page took a full minute: https://www.gnu.org/software/gawk/manual/gawk.html Is there maybe some anti AI shenanigans going on?

In any case, I find the user guide super interesting. My AWK skills are basically non-existent, so I finally decided to change that. This document is incredibly well written and makes it really fun to keep reading and learning. I’m very impressed. So far, I made it to section 1.6, happy to continue.

@dce@hashnix.club Ooops 😅 Hope you still have enough money for the basics 🤗 I’m doing okay though!

@movq@www.uninformativ.de Right now I’m basically just blocking entire ASN(s) at this point and large blocks of IP(s) from Anthropic, OPenAI, Microsoft and others.

** Make awk rawk **
A friend online recently replied to something I wrote about awk by saying:

[…] it’s a danged shame [awk] didn’t continue to evolve the way Ruby, Python, PHP have evolved over the decades.

I had exactly this thought while working on my slightly unhinged“lets see if I can implement a basic scheme using awk by writing an assembler and VM in awk,” skwak. Which eventually lead me to start noodling on how to layer in some modern niceties into awk, without breaking awk’s portability.
… ⌘ Read more

Desktop SSH->Pinephone->here. This is crazy. Sxmo is the best UI for the Pinephone, and maybe phones in general. Insane: basically dwm on a phone with gestures and built-in yt-dlp + mpv (among others).

@prologic@twtxt.net well, the ones down there (on your list) are pretty minimal, basic even. Yet, their pricing is super high (number wise, haven’t checked the equivalent from AUD to USD).

Someone did a thing:

https://social.treehouse.systems/@ariadne/114763322251054485

I’ve been silently wondering all the time if this was possible, but never investigated: Keep doing X11 but use Wayland as a backend.

This uses XWayland’s “rootful” mode, which basically just gives you a normal Wayland window with all the X11 stuff happening inside of it:

https://www.phoronix.com/news/XWayland-Rootful-Useful

In other words, put such a window in fullscreen and you (more or less) have good old X11 running in a Wayland window.

(For me, personally, this won’t be the way forward. But it’s a very interesting project.)

Hahaha, I’m sure there were well over one thousand fireflies today! Basically at all times I could watch at least 15 of them around me. At better spots where one could see a few meters into the forest, there were easily 30 individuals, probably more. One even landed on my small finger. I didn’t feel anything at all, but my finger glowed. :-) Awwww! After a 20 meters ride it took off.

But it looks like I have to go already at 21:30 at sunset the next days. Today, I left the house at 22:00 and all the above happend in the first half. The second half of the walk was rather boring, maybe just around 70 glowworms in total. The extremely busy route yesterday was virtually dead this time I came around. They all have already gone to sleep, or something like that.

I also encountered two toads. I nearly stepped on the first one, but it luckily jumped to the side in time. No animals harmed.

I did a “lecture”/“workshop” about this at work today. 16-bit DOS, real mode. 💾 Pretty cool and the audience (devs and sysadmins) seemed quite interested. 🥳

• People used the Intel docs to figure out the instruction encodings.
  
• Then they wrote a little DOS program that exits with a return code and they used uhex in DOSBox to do that. Yes, we wrote a COM file manually, no Assembler involved. (Many of them had never used DOS before.)
  
• DEBUG from FreeDOS was used to single-step through the program, showing what it does.
  
• This gets tedious rather quickly, so we switched to SVED from SvarDOS for writing the rest of the program in Assembly language. nasm worked great for us.
  
• At the end, we switched to BIOS calls instead of DOS syscalls to demonstrate that the same binary COM file works on another OS. Also a good opportunity to talk about bootloaders a little bit.
  
• (I think they even understood the basics of segmentation in the end.)
  

The 8086 / 16-bit real-mode DOS is a great platform to explain a lot of the fundamentals without having to deal with OS semantics or executable file formats.

Now that was a lot of fun. 🥳 It’s very rare that we do something like this, sadly. I love doing this kind of low-level stuff.

Okay, here’s a thing I like about Rust: Returning things as Option and error handling. (Or the more complex Result, but it’s easier to explain with Option.)

fn mydiv(num: f64, denom: f64) -> Option<f64> {
    // (Let’s ignore precision issues for a second.)
    if denom == 0.0 {
        return None;
    } else {
        return Some(num / denom);
    }
}

fn main() {
    // Explicit, verbose version:
    let num: f64 = 123.0;
    let denom: f64 = 456.0;
    let wrapped_res = mydiv(num, denom);
    if wrapped_res.is_some() {
        println!("Unwrapped result: {}", wrapped_res.unwrap());
    }

    // Shorter version using "if let":
    if let Some(res) = mydiv(123.0, 456.0) {
        println!("Here’s a result: {}", res);
    }

    if let Some(res) = mydiv(123.0, 0.0) {
        println!("Huh, we divided by zero? This never happens. {}", res);
    }
}

You can’t divide by zero, so the function returns an “error” in that case. (Option isn’t really used for errors, IIUC, but the basic idea is the same for Result.)

Option is an enum. It can have the value Some or None. In the case of Some, you can attach additional data to the enum. In this case, we are attaching a floating point value.

The caller then has to decide: Is the value None or Some? Did the function succeed or not? If it is Some, the caller can do .unwrap() on this enum to get the inner value (the floating point value). If you do .unwrap() on a None value, the program will panic and die.

The if let version using destructuring is much shorter and, once you got used to it, actually quite nice.

Now the trick is that you must somehow handle these two cases. You must either call something like .unwrap() or do destructuring or something, otherwise you can’t access the attached value at all. As I understand it, it is impossible to just completely ignore error cases. And the compiler enforces it.

(In case of Result, the compiler would warn you if you ignore the return value entirely. So something like doing write() and then ignoring the return value would be caught as well.)

@bender@twtxt.net Both Gopher and Mastodon are a way for me to “babble”. 😅 I basically shut down Gopher in favor of Mastodon/Fedi last year. But the Fediverse doesn’t really work for me. It’s too focused on people (I prefer topics) and I dislike the addictive nature of likes and boosts (I’m not disciplined enough to ignore them). Self-hosting some Fedi thing is also out of the question (the minimalistic daemons don’t really support following hashtags, which is a must-have for me).

I’ll probably keep reading Fedi stuff, I just won’t post that much, I think.

Having some fun with SIRDS this morning.

Image

What you should see: https://movq.de/v/dae785e733/disp.png

And the tutorial I used for my C program: https://www.ime.usp.br/~otuyama/stereogram/basic/index.html

How can one write blazing fast yet useful compilers (for lazy pure functional languages)?
I’ve decided enough is enough and I want to write my own compiler (seems I caught a bug and lobste.rs is definitely not discouraging it). The language I have in mind is a basic (lazy?) statically-typed pure functional programming language with do notation and records (i.e. mostly Haskell-lite).

I have other ideas I’d like to explore as well, but mainly, I want the compiler to be so fast (w/ optimisations) that … ⌘ Read more

A bill from our ISP in 1998.

We’re talking about a month here, 1998-07-27 to 1998-08-26.

Basic fee: 7.50 DM (about 6€ today).

Online time: 516 minutes, 23.53 DM (about 20€ today).

That’s just the ISP costs, if I’m not mistaken. The underlying phone calls were pretty pricey as well.

Image

phptop: PHP basic ressource profiler safe and useful for production sites
Comments ⌘ Read more

How to Adjust Font Smoothing in macOS Sequoia & macOS Sonoma
Font Smoothing is a longstanding feature in MacOS that aims to make rendered screen text more legible, and it works by subtly blending the edges of display fonts with the background by using anti-aliasing. The idea is to reduce the jaggedness of screen text, but in practice nowadays it basically makes screen fonts on the … [Read More](https://osxdaily.com/2025/06/04/how-adjust-font-smoothing-macos-sequoia-sonoma-v … ⌘ Read more

Over the past few weeks I’ve been experimenting with and doing some deep learning and researching into neutral networks and evolutionary adaptation of them. The thing is I haven’t gotten very far. I’ve been able to build two different approaches so far with limited results. The frustrating part is that these things are so “random” it isn’t even funny. Like I can’t even get a basic ANN + GA to evolve a network that solves the XOR pattern every time with high levels of accuracy. 😞

Status report on optional Rust in FreeBSD support
Shawn Webb has published a status\
report on work to provide basic support in FreeBSD for userland components
written in Rust.

We introduced a new BSD makefile, located at share/mk/bsd.rust.mk,
that enables building a Rust application during buildworld. As of … ⌘ Read more

How to Use Surfshark DNS on Mac, iPhone, iPad
Did you know that your internet service provider default DNS servers almost certainly track and log your online activity? Basically this means that every time you visit a website or use an internet-connected application from your Mac, iPhone or iPad, your ISP is aware of that. Many ISP’s will not only log and track your … Read More ⌘ Read more

@bender@twtxt.net basically because we don’t readily use or support range hunters when requesting feeds it’s ideal to keep feed small for the time being at least until we think about writing up a formal specification for this, but it’s also only for Http hosted feeds

@bender@twtxt.net Basically the way I’m reading this is 1 RPM. This is a rather aggressive rate limit actually. This basically makes Github inaccessible and useless for basically anything unless you’re logged in. You can basically kiss “pursuing” casually, anonymously goodbye.

Imagine if I imposed that kind of rate limit on twtxt.net?! 🤣

Also spent the morning continuing to think about a new design for EdgeGuard’s WAF. I’m basically going to build an entirely new pluggable WAF that will be designed to only consider Rate Limiting, IP/ASN-based filtering, JavaScript challenge handling, Basic behavioral analysis and Anomaly detection.

The only part of this design I’m not 100% sure about is the Javascript-based challenge handling? 🤔 I’m also considering making this into a “proof of work” requirement too, but I also don’t want to falsely block folks that a) turn Javascript™ off or b) Use a browser like links, elinks or lynx for example.

Hmmm 🧐

i started a little thing on my dreamwidth and called it a flash prompt box. basically it’s a limited time thing where people can prompt me for stuff i’m offering, like short fanfiction, photoshop-edited user icons, music recs, and a bit more! i’m having sooo much fun with it so far it’s been a blast just making stuff for friends :)

also more friends are making their own posts with the same concept which is SO cool to see

Move beyond basic threshold alerts! Define clear Service Level Objectives (SLOs) and measure Service Level Indicators (SLIs) to track real user impact. Use Prometheus to alert when your SLOs are at risk, ensuring you focus on what truly matters to your users. #Monitoring #SRE #Prometheus

Release Candidate of iOS 18.5, MacOS Sequoia 15.5, iPadOS 18.5 Available, Public Release Coming Soon
A release candidate build for iOS 18.5, iPadOS 18.5, and MacOS Sequoia 15.5 is now available for users enrolled in the beta testing programs. For users not in the beta testing programs, what this basically means is that the final versions of these system software releases is coming soon, perhaps even next week. macOS Sequoia … [Read More … ⌘ Read more

@kat@yarn.girlonthemoon.xyz No no, it’s just barks at the slightest thing going on around the neighborhod 😃 like it just goes a bit nuts often 🤣 it was a rescue dog, two years old, and it wasn’t treated very well, a street dog. I think it’s just basically afraid of every human in the world 😢

@kat@yarn.girlonthemoon.xyz Yeah right now I’m trying to see if I can “spread the CPU usage of fetching N feeds across M duration” so basically “smooth” out the spikes in CPU usage.

@prologic@twtxt.net done! hey i got a question, you got any clue why my feeds aren’t updating? maybe it has to do with the new cache flag but i messed with that a bit and didn’t notice a difference. basically it’s like i have to manually restart yarnd to see new posts it’s really weird lol

Republican posts video defending law that declared slaves ‘three-fifths’ of a person
Sarah K. Burris,  Senior Editor  -  Raw Story

_Stephan: I think it is very important to recognize that Donny “2 doll”, as Lawrence O’Donnell called him on his program tonight, when Trump said basically that American children have too many toys, is just the leader of a racist fascist coup, but far from the only person perpetrating this destruction of the feder … ⌘ Read more

i don’t think any of you know what a fan listing is but basically it was a fandom thing in the 2000s where people would make websites that other people could sign up for to show they’re a fan of something. more info here.

anyway i made a fan listing kinda thing in PHP to learn the language. it was fun af

https://bytes.4-walls.net/kat/toys/src/branch/main/fan

RVPC Adds BASIC Interpreter to €1 Open Source RISC-V Computer
The RVPC, a fully open source hardware and software retro-style computer project built around the CH32V003 microcontroller, now supports a BASIC interpreter. This update further expands the capabilities of the €1 RISC-V-based system, which already features VGA output and PS/2 keyboard input, despite its extremely limited resources. Originally conceived as a DIY challenge, the RVPC […] ⌘ Read more

Barnes: Parallel ./configure
Tavian Barnes takes on\
the tedious process of waiting for configure scripts to run.

I paid good money for my 24 CPU cores, but ./configure can only
manage to use 69% of one of them. As a result, this random project
takes about 13.5× longer to configure the build than it does to
actually do the build.

The purpose of a ./configure script is basically to run the
compiler a bunch of times and check which runs succeeded. In this
way it … ⌘ Read more

@xuu@txt.sour.is Hahaha, that’s cool! You were (and still are) way ahead of me. :-)

We started with a simple traffic light phase and then added pedestrian crossing buttons. But only painting it on the canvas. In our computer room there was an actual traffic light on the wall and at the very end of the school year our IT basics teacher then modified the program to actually control the physical traffic light. That was very impressive and completely out of reach for me at the time. That teacher pulled the first lever for me ending up where I am now.

@kat@yarn.girlonthemoon.xyz Yes see UPGRADE.md – I believe @xuu@txt.sour.is is now running this live after a couple of hiccups and a bug fix. So yeah if you can, that would be cool, basically looking for early beta testers (I was the alpha tester 🤣)

@kat@yarn.girlonthemoon.xyz my rule of thumb is try not to drink any caffeine past midday. This is basically based on experience and the half-life of caffeine in your system.

@bender@twtxt.net I use it. It’s not the feature I use the most in the fediverse, but I communicate this way with several friends. For example, it’s the main way I talk to the original creator of the twtxt-el repository, the way people greet me for the first time or the way they notify me of some bugs in the software I maintain. I can even tell you that it’s the main way I talk to some maintainers of the Emacs community. If there are any of you reading my words, speak up!
Why not have the same? There are things I want to say to @prologic@twtxt.net in private, why should I have to send him an email or private IRC? Or an public twt.
Of course, here’s a topic we’ve already talked about: what is twtxt for you? For me it will always be a social network, in microblogging format, but an asynchronous way of communicating. And having a tool to control visibility is basic 😄
I look forward to hearing from you @eapl.me@eapl.me !

@movq@www.uninformativ.de Oh, that’s beautiful!

I opened up all the photos in new tabs and went through them. For a second, I wondered that it was snowing at your place right now. :-D

That made me realize that so far we basically had nearly no April weather whatsoever. May might be full of it then, let’s see. :-)

Basic Orange Cat Activities ⌘ Read more

Burp Suite Beyond Basics: Hidden Features That Save Time and Find More Bugs

Image

📌Free Article Link

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/burp-suite-beyond-basics-hidden-f … ⌘ Read more

@kate@yarn.girlonthemoon.xyz I’ll cut a release soon™, but still a few more things to iron out 🤣 One of the new challenges is figuring out what to do with the “Discover” view now that is has an unconfined limit, on my pod (at least) it’s now basically just “noise” 🤦‍♂️

$10,000 worth GitHub Access Tokens | Secret Search Operators

Image

Secret but basic GitHub dorks & search operators that can lead to $10k bounty worth Acess Tokens.

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/10- … ⌘ Read more

@bender@twtxt.net @ionores@twtxt.net Yep, it’s extremely seldom that a photo turns out looking better than reality. Very rarely does that happen. But basically never with sunsets. ;-) Maybe once a leap year I’m very surprised to wonder how that subject wasn’t better in person but actually on film.

Trump approval rating now? What polls say of president today amid tariffs pause, China trade war
Chris Sims,   Digital Content Producer for Midwest Connect Gannett  -  IndyStar

_Stephan: We are experiencing a coup created by a man who sees himself as above the law, basically the self-appraisal of every aspiring dictator, and yet if you look at the polls reported today you see that between 42 to 47% of Americans still approve what … ⌘ Read more

@abucci@anthony.buc.ci Apologies, the basic summary is as follows:

• Decided to rewrite the cache backend.
  
• It will now be a SQLite backend going forward.
  
• I’m planning on no data migration.

oh out of boredom yesterday i made my blog available via markdown files too so you can use charmbracelet/glow to read them in your terminal :)

basically i just set up a file directory on a path of my blog, organized the MD files by year, and so in theory you can navigate to that path and choose a folder, then copy a link to a markdown post and run this:

glow -p https://bubblegum.girlonthemoon.xyz/md/2025/2025-03-31%20premature%20reflections%20on%20sudden%20responsibility.md

and then as long as you have glow installed, you can read my posts from the terminal :D it’s so cool

This is sooo cool, it reminds me of learning QBasic (and then Visual Basic) in the 90s

Easylang story
https://easylang.online/apps/story.html

@bender@twtxt.net I was a bit confused at first what that is: Apparently, it’s the source code of Altair BASIC: https://gizmonaut.net/soapflakes/EXE-199711.html

(Of course they have a user agent filter. 😂 Can’t download that PDF with wget.)

XMPP Interop Testing: Enabling Tests
Our project creates a framework that allows anyone to easily add XMPP standards compliance tests to the test phase of
their build pipeline. Prior to our most recent release (version 1.5.0) a test execution would basically run all tests
in the test suite. We provided an option to exclude certain tests, but in essence, the bulk of tests would execute.

This behavior is generally preferable when testing an XMPP server implementation. A benefit of exclusion-based
… ⌘ Read more

Erlang Solutions: Elixir Tutorials
Elixir is a functional language that combines modern syntax, broad metaprogramming capabilities and the power of BEAM – Erlang Virtual Machine. It has a vast community which is constantly growing due to its resilient concurrency model and programmer-friendly approach. Our tutorials are focused on showcasing language capabilities and helping any newcomer gain enough knowledge to start actively utilising Elixir in their projects.

In this sec … ⌘ Read more

Hi, So i made a little MVP registry crawler tool for twtxt. It now has a basic UI to play with. It has a somewhat full history back to about 2018-ish. Plus some interesting bits that were timestamped to earlier.

Find it here: https://watcher.sour.is

Code base is found here: https://git.sour.is/sour-is/xt

Hi, So i made a little MVP registry crawler tool for twtxt. It now has a basic UI to play with. It has a somewhat full history back to about 2018-ish. Plus some interesting bits that were timestamped to earlier.

Find it here: https://watcher.sour.is

Code base is found here: https://git.sour.is/sour-is/xt

In Mexico you couldn’t register the word Sonora (state), nor Taqueria (kind of restaurant) as there are two common words, but perhaps the combination of both is trademarkable, I’m not sure, so many ‘taquerias’ here don’t file a trademark request. It’s usually “Taquería [LAST_NAME]” or “Taquería [PLACE]”.

At the same time, the word “taqueria” was trademarked in UK, like it would be “Paris” or “Pub” I guess, so basically Sonora Taqueria didn’t reply to the cease and desist, based on:

[Lizbeth García]: A brand may not use a word that is generic or descriptive of the products or services it is putting into circulation on the market.

Since he (Ismael, Taqueria’s representative) didn’t get any response, he decided to leave it in the hands of his law firm.

In early 2023, after all the noise on the internet and the mobilization caused by this case, an agreement was finally reached with Taquería to settle the matter peaceably.

In March 2023, Michelle and Sam decided to register the Sonora Taquería brand and logo with the UK Intellectual Property Office.

(I didn’t submit a proposal of my own, because it would basically just be a duplicate of another one. 😅)

Anyone interested in the PicoCalc? https://www.clockworkpi.com/product-page/picocalc #basic

Perfect!

Image

I now also implemented basic replying by hitting a as in answering. What’s missing is automatically adding mentions in the message text template. That’s gonna be a bit more tricky, though.

Righto, now with added basic subject support. Hopefully!

i really wanna learn golang it looks fun and capable and i can read it kind of but every time i try it i’m immediately stuck on basic concepts like “what the fuck is a pointer” (this has been explained to me and i still don’t get it). i did have types explained to me as like notes on code which makes sense a bit but i’m mostly lost on basic code concepts

NXP’s FRDM i.MX 91 Board Provides Low-Power Solution for Linux-Based IoT Systems
Following the release of the FRDM i.MX 93 board, NXP has launched the FRDM i.MX 91 development board, a compact platform based on the i.MX 91 applications processor. It is intended for early-stage development and evaluation of industrial and IoT systems that require basic Linux support, integrated connectivity, and hardware-level security. The board features a […] ⌘ Read more

Siri Still Struggles to Answer Very Basic Questions
Siri launched on the iPhone 4S all the way back in 2011, and yet it still struggles to answer some of the most basic questions.

Image

Daring Fireball’s John Gruber today highlighted a recent post from a Reddit user wh … ⌘ Read more

@eapl.me@eapl.me @bender@twtxt.net @prologic@twtxt.net Not including a photo was a stupid move, sorry. There you go:

Image

This particular one is 95mm wide and 185mm high. Fairly compact.

I can only use it figure out distances to other dates and to do some basic calendar math. I’m not able to actually schedule anything. But I grew up with a month calendar like you have there where all appointments of the entire family was recorded.

By far most of my paper use is drawing random stuff on scratch paper during meetings. :-D

Image

PicoCalc Brings Classic Computing to ClockworkPi v2.0 with Raspberry Pi Pico
The PicoCalc is a compact computing platform designed to recreate the experience of early personal computers. Running on 260KB of memory, it allows users to code in BASIC, explore Lisp, interact with a UNIX-like environment, and run retro games and digital music. Its modular and open-source design makes it adaptable for various applications. Built on […] ⌘ Read more

Local and State Police are Joining Trump’s Deportation Force
Francesca D’Annunzio,  David McHam Investigative Reporting Fellow  -  Texas Observer

_Stephan: Here is the fact-based truth about what is going on with deportation. Two things stand out for me. The first is that the Trump coup is actually deporting fewer people than Biden’s presidency did. The second is that Trump is now basically militarizing local and state police exactly as Hitler did. If you track the … ⌘ Read more

Erlang Solutions: Top 5 IoT Business Security Basics
IoT is now a fundamental part of modern business. With more than 17 billion connected devices worldwide, IoT business security is more important than ever. A single breach can expose sensitive data, disrupt operations, and damage a company’s reputation.

To help safeguard your business, we’ll cover five essential IoT security basics: data encryption, strong password policies, regular security audits, employee awareness tr … ⌘ Read more

@prologic@twtxt.net Tolerant yes, but in the right places. This is just encouraging people to not properly care. The extreme end is HTML where parsers basically accept any input. I’m not a fan of that. Whatever.

McMahon Hearing Shows Trump ‘Dead Set on Destroying Public Education’
Jessica Corbett,  Senior Editor  -  Common Dreams

_Stephan: Another MAGAt lackey testifies basically to her intent to destroy public education. It is part of the coup we are undergoing. It has not passed notice of the oligarchs that the less well-educated men and women are the more likely it is that they will vote for Republicans. That’s why they want to end public education. It not only … ⌘ Read more

@andros@twtxt.andros.dev I suggest to not touch it and work on a different project instead. :-D

No, in all seriousness, that’s a tough one. Try to figure out the requirements and write tests to cover them. In my experience, if there is no good documention, tests might also be lacking. It goes without saying that you have to understand the code segments first before you can begin to refactor them. Commit even earlier and more often than usual, this will help you bisecting potentially introduced bugs later on. Basically baby steps.

But it also depends on the amount of refactoring required. Maybe just scrap it entirely and start from scratch. This might not be feasible due to e.g. the overall project size, though.

Pineboards Introduces Modulo Carrier Boards for Raspberry Pi CM5 and CM4
Pineboards has introduced the Modulo4, Modulo5 Basic, and Modulo5 IO PoE+ carrier boards, adapting Raspberry Pi Compute Modules to the Raspberry Pi 5 form factor. These boards maintain compatibility with PCIe HATs, cases, and cooling solutions, with the Modulo5 IO PoE+ adding PoE+ support for network-powered operation. Pineboards indicates that with the release of the […] ⌘ Read more

@arne@uplegger.eu Ohjemine, TYPO3! O_o Lass mich schreiend davonlaufen!

Mit dieser absoluten Katastrophensoftware vor dem Herrn haben wir mal ein Studienprojekt gemacht. Die hat alle Vorurteile komplett übererfüllt. Angefangen von Fehlerseiten, die statt 4xx oder dergleichen immer mit HTTP 200 ausgeliefert wurden oder auch, dass das generierte HTML leider einfach ungültig war. Über die Implementierung von Löschen durch einen Deleted-Schalter in der Datenbank, das Speichern von Passwörtern im Klartext bis hin zu völlig umständlichen Bedienungskonzepten. Alles hat immer brutal viele Schritte gebraucht. Das Zeilennummernrumgeeier im TYPO-Script erinnerte eher an Basic. Uns kam es auch so vor, als ob man damit nicht ernsthaft was sinnvolles machen könnte.

Zu allem Überfluss hatte irgendwer noch ein ganz hundsmiserables Buch ausgegraben, das als Vorbereitung dienen sollte. Ich kann mich zum Glück weder an den Titel noch den Autor erinnern, aber ich weiß noch, wie das komplett inkonsistent geschrieben war. Anfangs gabs mehrere Seiten zu Unicode und UTF-8 wurde angepriesen, aber alle Beispiele haben dann auf ISO-8859-1 gesetzt. Gezeigter Beispielcode war häufig unterste Schublade. Selten hab ich so merkwürdige Erklärungen gelesen: „Wenn Sie die Sicherheitswarnhinweise stören, kommentieren Sie doch bitte im Quelltext die die()-Funktion in $ZEILE aus.“ Oder ein anderer Klassiker: „Ausgeschrieben würde der Code wohl folgendes tun…“. War sich der Autor also nicht ganz sicher, ob sein Codeschnipsel vllt. doch in Wahrheit was ganz anderes tut.

Seit diesem gigantischen Trauma (das hat mich wirklich sehr nachhaltig geprägt, wie man Dinge nicht machen sollte) hab ich erfolgreich einen Bogen um das TYPO3-Universum gemacht.

Ich kann nur hoffen, dass es zwischenzeitlich ein wenig besser geworden ist. Aber Deinem Kurzbericht zufolge scheint da ja immer noch der Wurm drin zu sein. Mein Beileid! :-(

For many years I have found Flask to be too basic a tool for modern development. But since I create APIs using Flask with Pydantic to validate the input data, some middlewares for parsing and Blueprint to separate the code into modules… I must admit that I am super comfortable, fast and easy to test.
#flask #python #pydantic

Federal Judge Temporarily Blocks Trump Administration Freeze On Federal Grants And Loans
JoNel Aleccia, Moriah Balingit, Collin Binkley, Matthew Daly, Lisa Mascaro, Adithi Ramakrishnan, Amanda Seitz, Michael Sisak, Lindsay Whitehurst and Tammy Weber,  Reporters  -  Huffington Post | Associated Press

_Stephan: Criminal Trump basically shut down the government today, despite his administration’s denial, but this move has been blocked by … ⌘ Read more

Federal DEI websites go dark after Trump order and threat of ‘consequences’
Robert King and Ben Leonard,    -  Politico

Stephan: In full accord with Project 2025, the American government is being restructured so that only Whites, and preferably males, are treated fairly. All DEI issues or basic civil rights are no longer protected. The United States is becoming South Africa in the 1960s.

![](https://www.schwartzreport.net/wp-content/uploads/2025/01 … ⌘ Read more

I made a draft of an “encrypted public messenger”, which was basically a Feed for an address derivate from the public ket, let’s say ‘abcd..eaea’

Anyone could check, “are there any messages for my address?” and you get a whole list of timestamps and encrypted stuff.

Inside the encrypted message is a signature from the sender. That way you ‘could’ block spam.

Only the owner of the private key could see who sent what, and so…

And even with that my concussion was that users expectations for a private IM might be far away from my experiment.

@prologic@twtxt.net they post pretty frequently yeah, new articles like every other day basically

@kat@yarn.girlonthemoon.xyz To improve you shell programming skills, I highly recommend to check out shellcheck: https://github.com/koalaman/shellcheck It points out common errors and gives some suggestions on how to improve the code. Some details in shell scripting are very tricky to get right at first. Even after decades of shell programming, I run into “corner cases” every now and then.

E.g. in getlyr’s line 7 it warns:

echo -e $(gum style --italic --foreground "#f4b8e4" "'$artist', '$song'")
        ^-- SC2046: Quote this to prevent word splitting.

For more information:
  https://www.shellcheck.net/wiki/SC2046 -- Quote this to prevent word splitt...

Most likely not all that problematic in this application, but it’s good to know about this underlying concept. Word splitting is basically splitting tokens on whitespace, this can lead to interesting consequences as illustrated by this little code:

$ echo $(echo "Hello   World")
Hello World

$ echo "$(echo "Hello   World")" 
Hello   World

In the first case the shells sees two whitespace-separated tokens or arguments for the echo command. This basically becomes echo Hello World. So, echo joins them by a single space. In the second one it sees one argument for the echo command, so echo simply echos this single argument that contains three spaces.

@kat@yarn.girlonthemoon.xyz definitely a fun way to get better at bash scripting by hand (AKA learn how it works besides the extreme basics i know) and use gum to make them cute too