@prologic@twtxt.net I’ve been there yesterday w/o success.

@arne@uplegger.eu Hi! I love that you’re implementing it! Maybe, when we’re both done, we could test the clients by communicating both.
I don’t think I’m going to be able to help you much, my knowledge of OpenSSL and PHP is not as high as I’d like it to be.
Maybe the OpenSSL version uses SHA-1 by default in PHP. Or that the IV is derived together with the key (not generated separately). But I’m not able to answer your questions, sorry.
I’m invoking the commands directly, without any libraries in between. Maybe that would help you?

@arne@uplegger.eu Well, just for my understanding. The command:
echo "Lorem ipsum" | openssl enc -aes-256-cbc -pbkdf2 -iter 100000 -out message.enc -pass file:shared_key.bin
will take the input string from echo to openssl. It then will

1. use the content of shared_key.bin as password
   
2. use PBKDF2 with an iteration of 100000 to generate a encryption key from the given password (shared_key.bin)
   
3. use the PBKDF2 generated key for an aes-256-cbc encryption
   

The final result is encrypted data with the prepended salt (which was generated by runtime), e.g.: Salted__q�;��-�T���"h%��5�� ....

With a dummy script I now can generate a valide shared key within PHP ‘openssl_pkey_derive()’ - identical to OpenSSL.
I also can en-/decrypt salted data within my script, but not with OpenSSL. There are several parameters of PBKDF2 unknown to me.

Question:

1. Is the salt, used by aes-256-cbc and PBKDF2 the same, prepended in the encrypted data?
   
2. Witch algorithm/cipher is used within PBKDF2: sha1, sha256, …?
   
3. What is the desired key length of PBKDF2 (https://www.php.net/manual/en/function.openssl-pbkdf2.php)?
   

To be continued …

@arne@uplegger.eu

Image

@andros@twtxt.andros.dev I have really tried to get behind it. For an implementation for my TwtxtReader (PHP) I simply lack the knowledge of the standard-openssl parameters.
All my solution approaches require “nonce” or “initialization vector” on one or the other side. In addition, the “magic numbers” (“Salted__”) were not consistent in my tests.

@prologic@twtxt.net I wish getting a static IP and a (more) stable internet connection wasn’t so hard over here. Then I could do proper self-hosting as well. But as it stands, I need some rented VPS.

I could go ahead and just use the VPS for the IP, i.e. forward all traffic through Wireguard to a box here at home. Big downside is that the network connection would be even slower than it already is and my ISP breaks down all the time for a few minutes … it’s just bad overall and much easier/better to rent a VPS. 🫤

Thanks, @falsifian@www.falsifian.org! I’ll definitely start with the latter one then. Let’s see how far I make it. :-)

@falsifian@www.falsifian.org Phew, okay. So, it took a few months to grow that big. I feared that it could have been just a week or so. Yeah, insulation always is a good idea.

@prologic@twtxt.net Holly, didn’t know bots and crawlers could do comedy now… they should’ve added “Dave Chappelle/69.420” to their UA.

@prologic@twtxt.net I’m speculating, but if I had to guess I’d say it’s probably asking for your user password in order to access some user keyring (or whatever your OS uses to manage user secret credentials) used to safely store your passkeys related data in order to do its passkeys /ME doing air quotes Magic™ … you could try with a different password manager to avoid said scenario.

Also, passkeys UX sucks.

@lyse@lyse.isobeef.org I don’t remember exactly. They might have been growing all winter. The trick is to have a badly insulated extension to the house.

@falsifian@www.falsifian.org Hahaha, that’s sick, I love it! :-D I envy you a bit. On the other hand, I have to admit I’m glad that I don’t have to chisel down giant blocks of ice from the house.

@lyse@lyse.isobeef.org I am a big fan of “obvious” math facts that turn out to be wrong. If you want to understand how reusing space actually works, you are mostly stuck reading complexity theory papers right now. Ian wrote a good survey: https://iuuk.mff.cuni.cz/~iwmertz/papers/m23.reusing_space.pdf . It’s written for complexity theorists, but some of will make sense to programmers comfortable with math. Alternatively, I wrote an essay a few years ago explaining one technique, with (math-loving) programmers as the intended audience: https://www.falsifian.org/blog/2021/06/04/catalytic/ .

@falsifian@www.falsifian.org Mate, what an amazing video, holy cow! :-D We only get complete jokes of icicles compared to what you had there ealier today. It’s a giant wall. For how many days did that grow on your roof?

@lyse@lyse.isobeef.org Still melting!

@falsifian@www.falsifian.org Oh, that’s neat! Interesting how “obviously” isn’t all that obvious at all, even to the contrary. I reckon I have to read up on that subject on the weekend. :-)

I like how Ian’s and your photo complement each other, winter and summer join forces for something special. :-)

@falsifian@www.falsifian.org Wooooaaaahhh! That is BY FAR the biggest icicle I’ve ever seen. Really cool! :-) How long did it take to melt in your sink? The video download is still dripping in, looking forward to that.

@eapl.me@eapl.me I couldn’t care less about ActivityPub, but twtxt is the thing for hackers by design. That’s the appealing part for me, personally. I actually do enjoy that not everybody and their dogs are here. :-)

@thecanine@twtxt.net I agree!

@movq@www.uninformativ.de @prologic@twtxt.net I don’t know, I don’t see this happening all that often. Very rarely. The problem I encounter much more often is that tech folks are blindly adopting every new hype without thinking the slightest bit what the consequences might be.

But maybe that also means I’m one of these “told you so” guys. Not sure.

@andros@twtxt.andros.dev 4

Today is an important day. We have a new extension: Direct message 🪇🗨️🚀🥳❤️
https://twtxt.dev/exts/direct-message.html
#twtxt

@sorenpeter@darch.dk Sorry, I realized that shortly after posting. Here’s another attempt to post the images:

@eapl_en@eapl.me Good idea

4, but I like the idea of @eapl_en@eapl.me

What would you like the new twtxt logo to be?
Comments: https://git.mills.io/yarnsocial/twtxt.dev/issues/9#issuecomment-18960

Image

@prologic@twtxt.net All the URL are missing the protocol part (https://) and my markdown parser does not know how to handle but I see yarnd does it just fine.

@falsifian@www.falsifian.org
it look like your markdown image tags are missing the protocol part (https://) so they don’t render at least on my server: https://darch.dk/timeline/conv/3vtnszq

@prologic@twtxt.net Have you tried Google’s robots.txt report? https://support.google.com/webmasters/answer/6062598?hl=en . I would expect Google to be pretty good about this sort of thing. If you have the energy to dig into it and, for example, post on support.google.com, I’d be curious to hear what you find out.

Something interesting to think about for twtxt, the microblogging for hackers and friends…

The biggest challenge of ActivityPub is that it’s too technical to easily explain to regular people. Nobody is interested in a jargon-laden diatribe about servers and federation. When simple questions have overly complex answers, people tend to switch off.
https://activitypub.ghost.org/your-thoughts-on-onboarding/

@bender@twtxt.net @prologic@twtxt.net the markdown list in #jr6ywrq is a “loose” list, e.g. https://github.com/erusev/parsedown/issues/474#issuecomment-280874843
My markdown parser (parsedown PHP) renders the list with p-tags also.

@andros@twtxt.andros.dev Thank you :-)

@andros@twtxt.andros.dev screenshots plz :=!

Yesterday I was doing a lot of research on how #hyperdrive and the #holepunch project work. Would it be possible to use it to make #twtxt an easier gateway for new users? Could we stop using web servers?
My conclusion: We would end up being a #nostr. On the one hand it would become more complex to use, it would force the user to have software installed, and on the other hand the community would need a central proxy to make the routes accessible via HTTP. In other words, it’s not a good idea.
However, it’s an AMAZING technology. I want to start playing with it.

@prologic@twtxt.net 🤣🤣🤣 thanks! I didn’t even notice 😅

@prologic@twtxt.net It seems like the typical problem of an unneutered cat 😂

@prologic@twtxt.net That boycott didn’t last very long, eh!?

Yeah, sounds like another hype train arriving at the station.

@doesnm@doesnm.p.psf.lt I’ll let you know once it reaches a point where it might be barely usable by someone else than myself. There are long ways to go, though. Right now, you don’t wanna even look at it. :-)

Thinking about trying tt. If it really usable i will abandon twtxtdon (service to read twtxt feeds from mastodon client), which currently has only authorization implemented

I’m continuing my tt rewrite in Go and quickly implemented a stack widget for tview. The builtin Pages is similar but way too complicated for my use case. I would have to specify a mandatory name and some additional options for each page. Also, it allows me to randomly jump around between pages using names, but only gives me direct access the first, however, not the last page. Weird. I don’t wanna remember names. All I really need is a classic stack. You open a new fullscreen dialog and maybe another one on top of that. Closing the upper most brings you back to the previous one and so on.

The very first dialog I added is viewing the raw message text. Unlike in @arne@uplegger.eu’s TwtxtReader, I’m not able to include the original timestamp, though. I don’t have it in its original form in the database. :-/

Next up is a URL view.

@movq@www.uninformativ.de That’s what I immediately thought as well. :-D @eapl.me@eapl.me Unfortunately, no fancy buttons. What does your model do?

Added support for uploading images to to #Timeline

Image

@prologic@twtxt.net Of course you don’t notice it when yarnd only shows at most the last n messages of a feed. As an example, check out mckinley’s message from 2023-01-09T22:42:37Z. It has “[Scheduled][Scheduled][Scheduled]“… in it. This text in square brackets is repeated numerous times. If you search his feed for closing square bracket followed by an opening square bracket (][) you will find a bunch more of these. It goes without question he never typed that in his feed. My client saves each twt hash I’ve explicitly marked read. A few days ago, I got plenty of apparently years old, yet suddenly unread messages. Each and every single one of them containing this repeated bracketed text thing. The only conclusion is that something messed up the feed again.

@eapl.me@eapl.me I like this idea. Another option would be to show a limited number of posts, with an option to see the omitted ones by user. Either way, I wonder how well that works with threading.

@movq@www.uninformativ.de Ja, völlig behämmert. Schade, vertane Chance für einen „Doch“-Knopf.

@prologic@twtxt.net Tolerant yes, but in the right places. This is just encouraging people to not properly care. The extreme end is HTML where parsers basically accept any input. I’m not a fan of that. Whatever.

@prologic@twtxt.net The issue is that all bracketed text in the entire feed has been duplicated again two days ago. The bug is not fixed. Or it’s a new one.

@movq@www.uninformativ.de I can relate to that. :-/

Thanks @prologic@twtxt.net @eapl_en@eapl.me @lyse@lyse.isobeef.org ! I take note

@aelaraji@aelaraji.com You can update the package 😀

@andros@twtxt.andros.dev I suggest to not touch it and work on a different project instead. :-D

No, in all seriousness, that’s a tough one. Try to figure out the requirements and write tests to cover them. In my experience, if there is no good documention, tests might also be lacking. It goes without saying that you have to understand the code segments first before you can begin to refactor them. Commit even earlier and more often than usual, this will help you bisecting potentially introduced bugs later on. Basically baby steps.

But it also depends on the amount of refactoring required. Maybe just scrap it entirely and start from scratch. This might not be feasible due to e.g. the overall project size, though.

@andros@twtxt.andros.dev I’m all for elegant solutions. I prefer when the computer helps me to really achieve my goal and solve it completely, not where I still have to manually filter a list by hand. Anyway. :-)

@eapl.me@eapl.me Yeah, you need some kind of storage for that. But chances are that there’s already a cache in place. Ideally, the client remembers etags or last modified timestamps in order to reduce unnecessary network traffic when fetching feeds over HTTP(S).

A newsreader without read flags would be totally useless to me. But I also do not subscribe to fire hose feeds, so maybe that’s a different story with these. I don’t know.

To me, filtering read messages out and only showing new messages is the obvious solution. No need for notifications in my opinion.

There are different approaches with read flags. Personally, I like to explicitly mark messages read or unread. This way, I can think about something and easily come back later to reply. Of course, marking messages read could also happen automatically. All decent mail clients I’ve used in my life offered even more advanced features, like delayed automatic marking.

All I can say is that I’m super happy with that for years. It works absolutely great for me. The only downside is that I see heaps of new, despite years old messages when a bug causes a feed to be incorrectly updated (https://twtxt.net/twt/tnsuifa). ;-)

Exactly, @bender@twtxt.net, just like yours and prologic’s, too. :-( Subsequent Brackets Considered Harmful™.

@eapl.me@eapl.me Read flags are so simple, yet powerful in my opinion. I really don’t understand why this is not a thing in most twtxt clients. It’s completely natural in e-mail programs and feed readers, but it hasn’t made the jump over to this domain.

@mckinley@twtxt.net Yeah, all this JS and HTMX garbage messes up a lot of things which used to work better in the earlier days.

@prologic@twtxt.net @xuu@txt.sour.is There:

Image

Just search for ][ in https://twtxt.net/user/mckinley/twtxt.txt and you’ll see.

@movq@www.uninformativ.de @prologic@twtxt.net @bmallred@staystrong.run @andros@twtxt.andros.dev Thank you all! I don’t have emacs installed, so I’ll try lagrange and see. According to my shell history, I must have played around with amfora ages ago.

@xuu@txt.sour.is People should just fix their feeds. :-)

@aelaraji@aelaraji.com Sorry I’m late! I still have to work on the mention system, I don’t get some of the messages. I’ll look into your case and get back to you shortly 😄
If it’s a problem that ruins your experience, don’t hesitate to create an issue.

@xuu@txt.sour.is Thank you! A common mistake is to see Emacs as a text editor but it’s a Lisp interpreter with a text editor (among other software), so the limit is your imagination 😋. I’m glad you like it! 🙌

i made a little twtxt feed fixer for when a feed uses other whitespace instead of tabs.

https://git.mills.io/yarnsocial/go-lextwt/pulls/32

@prologic@twtxt.net the code block is the cause of https://txt.sour.is/twt/zn2kg7q

and the second? i get POST errors when i try to submit the webform.

@lyse@lyse.isobeef.org c

@andros@twtxt.andros.dev lol nice! emacs is wild. text and graphics all inline.

@andros@twtxt.andros.dev Broke on me for having alt-urls I think 🥲

twtxt---profile-layout: Wrong type argument: char-or-string-p, ("https://aelaraji.com/twtxt.txt" "gemini://box.aelaraji.com/twtxt.txt" "gopher://box.aelaraji.com/0/twtxt.txt")

@movq@www.uninformativ.de Yeah, maybe. What browsers are you using again for these two?

@mckinley@twtxt.net And there is the bracketed text duplication bug again… Actually with lots of twts. Did you edit a twt? Do you remember? /cc @prologic@twtxt.net

@mckinley@twtxt.net b

@bmallred@staystrong.run Surprisingly, my

User-agent: *
Disallow: /

seems to work. Or maybe those bastards change their user agent and claim to be someone nice. In any case, I just added a bunch of

location = /robots.txt {
    add_header Content-Type text/plain;
    return 200 "User-agent: *\nDisallow: /\n";
}

in my nginx config. No need for any bot to visit, crawl and index most of my sites.

@movq@www.uninformativ.de Photographic memory, eh?

@movq@www.uninformativ.de I also thought that I have a new Linux friend the other day. But it was just a fake KDE look from Redmond. :-(

Totally agree @jost@jost.sdfeu.org @prologic@twtxt.net

I have uploaded a new version of #twtxtel 🥳. It’s now possible to view profiles, either your own or others. #twtxt #emacs

Video

Did you want to mine Chia? Or Twtxt Coin? 😂

@jost@jost.sdfeu.org Yeah, this AI crap is a big reason not to blog.

@andros@twtxt.andros.dev The article is a good reminder of the true blogging mindset. But let’s try to think beyond. 2 ideas: (1) writing “forces clarity, structures your thoughts, sharpens your perspective”. But it also generates thoughts in the sense of Heinrich von Kleist (1805). (2) You’re writing for “the future you, one right person, one day” but you are also writing for the AI. The idea of AI as an audience.

@movq@www.uninformativ.de It happens to the best of us :-) On a more serious note: I’m relieved to hear that I’m not the only one who is completely perplexed by his own projects when returning back to them after a short hiatus.

@movq@www.uninformativ.de So they say. :-D

@prologic@twtxt.net Ha,ha :-) I do not maintain anything! In the context of that post I was just an ordinary citizen. So the ‘we’ refers twice to “we, the citizens of the Baltic States”. (Classical case of social media ‘talk at cross purposes’. Now I understand, why they do this Introduction-thing over on mastodon ;-)

@prologic@twtxt.net we need to remove: https://git.mills.io/yarnsocial/go-lextwt/src/branch/main/ast.go#L776-L784

apparently i can’t make the edit via gitea.. i am guessing its hitting one of your firewall rules.

@andros@twtxt.andros.dev Awesome! I’ve seen the demo earlier on mastodon, things are getting better and better with each update 👌 Good luck!

I’m realizing that my performance bottleneck is @prologic@twtxt.net ! It is actually calculating the hash to make the replicas, and specifically users with very long feeds 😂 . I’m seriously thinking about enabling replies via configuration.

I have infinite scroll now! I can finally focus on replies and mentions 😋

Video

Well, that’s another bug: The search https://twtxt.net/search?q=%22LOOOOL%2C+great+programming+tutorial+music%22 yields the wrong hash. It should have been poyndha instead.

@prologic@twtxt.net hmm this isnt right..

@thecanine@twtxt.net Lol… I just don’t change my default profile pictures. (Well, only when my teammates ask me to.)

@doesnm@doesnm.p.psf.lt Haha, that’s great! :-D

hmm interesting work here.. ill give it a look.. @lyse@lyse.isobeef.org do you know if it is even storing the url into the AST object? afair the code to parse tags url should be the same as the mention url.

@thecanine@twtxt.net Some precious cloud space. Probably the Atlassian one.

How does one end up with an avatar of that weird size to begin with? :-D

@falsifian@www.falsifian.org Do you want me to reconfigure my nginx to look at the User-Agent in order to serve you a different file for the time being? ;-) Good luck with your paper!

@movq@www.uninformativ.de Open-plan offices are just a giant mistake. I’ve never seen a single working one where people can actually concentrate. Except when I was the first one around in the morning.

@prologic@twtxt.net @bender@twtxt.net Looks like something for /dev/null.

@movq@www.uninformativ.de Schön mal noch eine Querreferenz zu haben. Danke!
Beide O-Maten haben ähnlich Ergebnisse für mich. Das bestätig mich in meiner bereits getroffenen Wahlentscheidung für den 23. Februar.

While I now have a somewhat working fix for it in yarnd (https://git.mills.io/yarnsocial/yarn/pulls/1232), I also have the feeling that I should fix literal formatting in lextwt as well. This also uncovered more bugs I believe: https://git.mills.io/yarnsocial/go-lextwt/pulls/28

But then there is also the question why the textarea is populated with @<url> in the first place rather than @<nick url> or yarnd’s own @nick@domain/@nick syntax. It indeed has to do something with whether I follow the mentioned feed or not.

Anyway, something to investigate for future Lyse or maybe @prologic@twtxt.net and/or @xuu@txt.sour.is. G’night!

@movq@www.uninformativ.de This time it works! (For the first time). Using mutt, yes, and the config is yours. I’ll contact you later, when I have more data. Some time needed to experiment. Thanks!

@bender@twtxt.net @prologic@twtxt.net I can reproduce this locally, too. But it doesn’t matter if I follow the feed or not. With JS enabled, hitting “Reply” opens a textarea with @<url>. Submitting this writes @<domain url> instead of @<nick url> in the feed.

However, when I have JS disabled, “Reply” jumps to the top of the page, but the the textarea is at the bottom. So, after scrolling down, the textarea is not filled with anything. Which is expected I reckon. Entering @nick@domain or just @nick resolves to the correct @<nick url> in the feed.

@prologic@twtxt.net @movq@www.uninformativ.de I sadly agree.

@movq@www.uninformativ.de Whether in the office or at home, I get nothing done. ;-) Well, while this is almost true, I actually tried to respond to the other thread I started myself, but starting the editor it switched immediately to this one. Any idea why this happens?

@movq@www.uninformativ.de So true! Either I’m hanging around with my direct teammates socializing in person in a meeting room or some other workmates are making so much noise in the open-plan office that I cannot concentrate at all. In any case, completely unproductive. :-D Luckily, I very rarely have to go to the office.

@bender@twtxt.net Bwhahahahaaaahaaaahaaaaahaaaaaaa! :-D Oh man, my cheeks are hurting and eyes are watering. :-D I love it!