() @movq@www.uninformativ.de / @ well, I was wrong. It doesn’t merit congratulations. Boy, that 2032 asteroid is starting to look quite appealing…

I spent this Monday afternoon back from work, drawing myself as the “you made it to Friday sailors” dog. Totally unrelated to the 3 hours wasted on meetings, pretending to discuss great suggestions from high management, nobody else wants to implement.
Link to OG meme: https://youtu.be/z8x3JS7pP14

@falsifian@www.falsifian.org Neat, I got the principle, so mission accomplished. :-)

I have configured my vim to use a tab width of four. So, I noticed that especially https://www.falsifian.org/blog/2021/06/04/catalytic/reachability_with_stack.cc (but also partially the other C++ file) mixes tabs and spaces for indentation. :-)

@movq@www.uninformativ.de I didn’t, so it’s working fine. :-) I should rotate me as well.

Na, you’re spot on, @movq@www.uninformativ.de! The result is an expected, terrible disaster. It just seems the absolute catastrophy is delayed for another four years.

Even though I’m the last one who wouldn’t be glad about banning the nazis, I’m not a fan of banning parties in general. I believe that a healthy democracy has to withstand extremists. Whether it’s still healthy is debatable. To me it appeared that the failed attempts to ban NPD in the past actually helped them gain more supporters.

The big established parties are all bad traitors. I blame them and their actions to help raise AfD. They just give a fuck about the ordinary people, they’re only concerned about their private gain and power. I bet nothing will change, to the contrary, it will only get worse. The winners do have the chance to turn it for the better, but they just will not. No way, unfortunately.

But then, we must not forget that people are just dumb and stupid, too. Also, that won’t change. AfD won’t help these idiots either, but they still vote for them. I also don’t understand how there is still so much support for the other big parties left. Education is important. Very important. But I have the impression that we’re lacking it.

@bender@twtxt.net @prologic@twtxt.net The outcome was to be expected but it’s still pretty catastrophic. Here’s an overview:

Image

East Germany is dominated by AfD. Bavaria is dominated by CSU (it’s always been that way, but this is still a conservative/right party). Black is CDU, the other conservative/right party.

The guy who’s probably going to be chancellor recently insulted the millions of people who did demonstrations for peace/anti-right. “Idiots”, “they’re nuts”, stuff like that. This was before the election. He already earned the nickname “Mini Trump”.

Both the right and the left got more votes this time, but the left only gained 3.87 percentage points while the right (CDU/CSU + AfD) gained 14.72:

Image

The Green party lost, SPD (“mid-left”) lost massively (worst result in their history). FDP also lost. These three were the previous government.

This isn’t looking good at all, especially when you think about what’s going to happen in the next 4 years. What will CDU (the winner) do? Will they be able to “turn the ship around”? Highly unlikely. They are responsible for the current situation (in large parts). They will continue to do business as usual. They will do anything but help poor/ordinary people. This means that AfD will only get stronger over the next 4 years.

Our only hope would be to ban AfD altogether. So far, nobody but non-profit organizations is willing to do that (for unknown reasons).

I don’t even know if banning the AfD would help (but it’s probably our best/only option). AfD politicians are nothing but spiteful, hateful, angry, similar to Trump/MAGA. If you’ve seen these people talk and still vote for them, then you must be absolutely filled with rage and hatred. Very concerning.

Correct me if I’m wrong, @lyse@lyse.isobeef.org, @arne@uplegger.eu, @johanbove@johanbove.info.

@arne@uplegger.eu

Image

@andros@twtxt.andros.dev Sweet! can’t wait to play with that. Good luck!

@andros@twtxt.andros.dev I believe you have just reproduced the bug… it looks like you’ve replayed to a twt but the hash is wrong. I can see the hash here from Jenny, but it doesn’t look like it corresponds to any{twt,thing}. if you check it out on any yarn instance it won’t look like a replay.

@prologic@twtxt.net Looks great with the new logo.

Image

@andros@twtxt.andros.dev yes, that usually happens when twts get edited and we just made a gentlemen agreement to avoid edits as much as possible (at least for the time being). But the thing is, That is not what’s happening with my broken twts’ hashes. Since I’ve bee mostly replaying to my own twts as a test and I know for sure that I haven’t edited any. (I usually fork-replay instead of edit a twt when needed)

@prologic@twtxt.net No party? where’s the cake!? 🥳

@andros@twtxt.andros.dev yeah, sorry I couldn’t get back to you sooner. I’ve already made an account on codeberg in order to file in an issue but, I just can’t get myself to concentrate with everything going on with the family lately. I’ll do my best and get things done properly and soon

@arne@uplegger.eu @eapl_en@eapl.me I’m sorry if I don’t respond to a reply. I don’t have a notification system for mentions at the moment. The work is manual!

I added to my bookmark. Good job @arne@uplegger.eu 🙌

The people have spoken! 🥳 twtxt.dev shall have a new logo of:

@arne@uplegger.eu Nur gebrauchtes Lego ist gutes Lego!

@arne@uplegger.eu Right, they’re great for upcycling. I knew you’d love that part. ;-)

@aelaraji@aelaraji.com Can you give me examples of hashes that you have detected wrong between Emacs client and twtxt.net?
Perhaps there is some character, some space, that is creating the discrepancy.

@bender@twtxt.net Y U Relpy @twtxt.net@twtxt.net?

@prologic@twtxt.net Agreed! But clients can hallucinate and generate wrong hashes aka Lies 🤣 Also, If you chheck your own twt on twtxt.net, it looks like a root twt instead of a replay.

@aelaraji@aelaraji.com hashes don’t lie 🤣

@andros@twtxt.andros.dev Here’s that twtxt-el test replay to my last twt! let’s see how it goes.

@andros@twtxt.andros.dev hmmm… pretty strange, isn’t it? replaying to threads worked perfectly, I’ve only had that problem trying to replay to a twt that was part of a thread.

As an example, this one is a Fork-Replay from Jenny. My next twt will be a replay to this exact twt but from twtxt-el as a test.
Then I’will file an issue if it doesn’t behave the way it’s supposed to. Cheers!

@prologic@twtxt.net Are you sure? xD … it was supposed to be a replay to another twt, but the twt hash is wrong (I think).

Heute waren das Ziehkind und ich zwei Stunden lang auf drei Spielplätzen und quer durch die Stadt unterwegs. Ein riesiger Spaß!
Vorab habe ich im hiesigen Spielzeugladen ein Konvolut von Klemmbausteinen erstanden, welche wohl zu einer Polizeistation gehörten!?

Image

@bender@twtxt.net Don’t panic. I’ve just been testing my implementation. The great advantage of Twtxt is it’s openness, I think. So DM spamming would contradict to this feature I like. ❤

@xuu@txt.sour.is Hahaha, this is great! :‘-D

@lyse@lyse.isobeef.org The best part is: “I found four skyrocket sticks in premium quality.” 🎇 One can never has enough skyroket sticks!

@bender@twtxt.net Oh dear!

@sorenpeter@darch.dk @kirch.sdf.org@kirch.sdf.org

@falsifian@www.falsifian.org That’s cool, dedicated parking for snow. :-) There are also some rather large icicles. Thanks for sharing this photo! <3

@sorenpeter@darch.dk @emile.space@emile.space

@prologic@twtxt.net I’ll have you know it took me minutes of time to get the mouse suspended like that by that rats nest!

@prologic@twtxt.net Not too shabby.

@andros@twtxt.andros.dev Here is everything written down I know to this stuff: https://github.com/upputter/testing-twtxt-dm/blob/main/README.md

@arne@uplegger.eu Amazing!!! 😋

@eapl.me@eapl.me @andros@twtxt.andros.dev Eureka! It works! https://github.com/upputter/testing-twtxt-dm
PBKDF2_KEY_SIZE = 48 was the turning point! My dirty little crypt.class.php can en- and decrypt, accoridng to the OpenSSL standard and options used in https://twtxt.dev/exts/direct-message.html

I really like the concept of “twt”. It’s the perfect blend of txt and twtxt. An abbreviated form. Even though it’s the name given to posts, I personally find it very nice.
#twtxt

@eapl_en@eapl.me Your notes are amazing! I’m going to save them for when I do my implementation. Great job!

@aelaraji@aelaraji.com Works 👌

@andros@twtxt.andros.dev is it me or twtxt-el generates a wrong twt hash when I use the [ ↳ Reply to twt ] button?

@prologic@twtxt.net huh.. i added sour.is and img.sour.is to my whitelist but its not showing inline for me

@prologic@twtxt.net Those aren’t actually serving anything public-facing. I’ve thought about it, but for now I’m sticking with VPSs, partly because I don’t relish the risk of weeks of downtime if something goes wrong while I’m travelling.

@prologic@twtxt.net Here’s mine.

Edit #issuecomment-18968

@eapl.me@eapl.me @andros@twtxt.andros.dev here’s another variant as per eapl’s suggestion (#issuecomment-18968)[https://git.mills.io/yarnsocial/twtxt.dev/issues/9#issuecomment-18968]

@bender@twtxt.net Hmmm, does that mean it’s not that popular in the US? 🤔

I hope not, @bender@twtxt.net! I haven’t checked, but I’d reckon it to be at most a single digit MiB number. How wrong am I?

@off_grid_living@twtxt.net No right click thing, but in the terminal:

convert -strip -quality 70 -resize 300x original.jpg resized.jpg

“original.jpg” being the filename of the input file and “resized.jpg” the filename of the output. You can play around with the width, “300x” means 300 pixels wide and the height is determined automatically to still remain in the same ratio. The quality is how much to compress it. The closer to 0 the value gets, the worse the result, but also smaller in file size. More towards 100 and the quality improves together with a larger file size.

You have to install the package “imagemagick” for this to work, I believe.

@off_grid_living@twtxt.net Oh, I’m ready for my retirement, too. :-D Still have some decades to go, unfortunately.

@off_grid_living@twtxt.net You could try starting it in the terminal in order to spot errors. Just open the GNOME Terminal or something like that and then type in “kolourpaint” and hit Enter.

@bender@twtxt.net Lol! :-D

here is my progress so far: https://github.com/eapl-gemugami/twtxt-direct-message-php
The encryption part seems to work, if I decrypt it the message with OpenSSL.
I think it can help you for some key parts not well explained in OpenSSL documentation.

@andros@twtxt.andros.dev reading your spec I wrote a few notes here: https://github.com/eapl-gemugami/twtxt-direct-message-php/blob/main/direct_message_spec.md

@arne@uplegger.eu I haven’t check your repo yet, although you are using sodium, right?

@arne@uplegger.eu Here are the results of the german jury:

Known salt (B64): Tb9oj07UhwU= (8)
Known key (B64): MII0yj+MC0mHNx254Voar80bi9P7jmocs0+x+inaxBE=
Known iv (B64): l/PvkDjOKMFZe73KptrvWw== (16)
Shared Key (B64): ql8zvN03p6kroSwNrcKbxk4zSBQFkgQZEumvqVIDMAE=
** DECRYPT **
Encrypted Message: ...
Decoded Salt (B64): Tb9oj07UhwU= (8)
PBKDF2 KEY (B64): MII0yj+MC0mHNx254Voar80bi9P7jmocs0+x+inaxBE=
iv (B64): JanbU1jI30lb6yfjq/adjA== (16)
Decrypted Message: 

😭

@eapl.me@eapl.me Here is what I’ve got so far: https://github.com/upputter/testing-twtxt-dm

There is a “00_well_known_message.enc” file, which I have the encryption paremters for (https://github.com/upputter/testing-twtxt-dm/blob/9fdf3be6aa8fe810a4cb275375dbb3d4a2a958ee/wellknown_test.php#L28).

According to my finding, I assume, that the saltsize in openssl is “8” and the PBKDF2 algo is “sha256”.

@andros@twtxt.andros.dev Could you share (perhaps in the extension document) the private key for alice?

I want to compare that I can read the encrypted message both from OpenSSL CLI and from the PHP OpenSSL library, following the spec.

@arne@uplegger.eu With the OpenSSL option -p one can get an output of salt, key and iv. My stupid PHP-code can get everything right from the encrypted data (from OpenSSL) - except the iv! Damn “evpKDF” 😔

@prologic@twtxt.net I’ve been there yesterday w/o success.

@arne@uplegger.eu I think you want to use the sodium_crypto functions/modules for PHP 🤔🤔

@arne@uplegger.eu Hi! I love that you’re implementing it! Maybe, when we’re both done, we could test the clients by communicating both.
I don’t think I’m going to be able to help you much, my knowledge of OpenSSL and PHP is not as high as I’d like it to be.
Maybe the OpenSSL version uses SHA-1 by default in PHP. Or that the IV is derived together with the key (not generated separately). But I’m not able to answer your questions, sorry.
I’m invoking the commands directly, without any libraries in between. Maybe that would help you?

@arne@uplegger.eu Well, just for my understanding. The command:
echo "Lorem ipsum" | openssl enc -aes-256-cbc -pbkdf2 -iter 100000 -out message.enc -pass file:shared_key.bin
will take the input string from echo to openssl. It then will

1. use the content of shared_key.bin as password
   
2. use PBKDF2 with an iteration of 100000 to generate a encryption key from the given password (shared_key.bin)
   
3. use the PBKDF2 generated key for an aes-256-cbc encryption
   

The final result is encrypted data with the prepended salt (which was generated by runtime), e.g.: Salted__q�;��-�T���"h%��5�� ....

With a dummy script I now can generate a valide shared key within PHP ‘openssl_pkey_derive()’ - identical to OpenSSL.
I also can en-/decrypt salted data within my script, but not with OpenSSL. There are several parameters of PBKDF2 unknown to me.

Question:

1. Is the salt, used by aes-256-cbc and PBKDF2 the same, prepended in the encrypted data?
   
2. Witch algorithm/cipher is used within PBKDF2: sha1, sha256, …?
   
3. What is the desired key length of PBKDF2 (https://www.php.net/manual/en/function.openssl-pbkdf2.php)?
   

To be continued …

oh cool @lyse@lyse.isobeef.org !! and thanks, got rid of that empty line. ATM I’m using twtxt very much in an experimental way, only manual editing or writing my tools. curious to see how it will evolve. #meta #twtxt

Love my new shed, getting ready to retire

@lyse@lyse.isobeef.org call the @ call the @yarn_police@twtxt.net! 😂

@arne@uplegger.eu

Image

@andros@twtxt.andros.dev I have really tried to get behind it. For an implementation for my TwtxtReader (PHP) I simply lack the knowledge of the standard-openssl parameters.
All my solution approaches require “nonce” or “initialization vector” on one or the other side. In addition, the “magic numbers” (“Salted__”) were not consistent in my tests.

@prologic@twtxt.net I wish getting a static IP and a (more) stable internet connection wasn’t so hard over here. Then I could do proper self-hosting as well. But as it stands, I need some rented VPS.

I could go ahead and just use the VPS for the IP, i.e. forward all traffic through Wireguard to a box here at home. Big downside is that the network connection would be even slower than it already is and my ISP breaks down all the time for a few minutes … it’s just bad overall and much easier/better to rent a VPS. 🫤

hey @lyse@lyse.isobeef.org I’ve seen your mention from uhhmmm 4months ago just now using my crawler -__-’ / curious to know, do you see my mention now? #meta #twtxt

Thanks, @falsifian@www.falsifian.org! I’ll definitely start with the latter one then. Let’s see how far I make it. :-)

@falsifian@www.falsifian.org Phew, okay. So, it took a few months to grow that big. I feared that it could have been just a week or so. Yeah, insulation always is a good idea.

@prologic@twtxt.net Holly, didn’t know bots and crawlers could do comedy now… they should’ve added “Dave Chappelle/69.420” to their UA.

@prologic@twtxt.net I’m speculating, but if I had to guess I’d say it’s probably asking for your user password in order to access some user keyring (or whatever your OS uses to manage user secret credentials) used to safely store your passkeys related data in order to do its passkeys /ME doing air quotes Magic™ … you could try with a different password manager to avoid said scenario.

Also, passkeys UX sucks.

@lyse@lyse.isobeef.org I don’t remember exactly. They might have been growing all winter. The trick is to have a badly insulated extension to the house.

@falsifian@www.falsifian.org Hahaha, that’s sick, I love it! :-D I envy you a bit. On the other hand, I have to admit I’m glad that I don’t have to chisel down giant blocks of ice from the house.

@lyse@lyse.isobeef.org I am a big fan of “obvious” math facts that turn out to be wrong. If you want to understand how reusing space actually works, you are mostly stuck reading complexity theory papers right now. Ian wrote a good survey: https://iuuk.mff.cuni.cz/~iwmertz/papers/m23.reusing_space.pdf . It’s written for complexity theorists, but some of will make sense to programmers comfortable with math. Alternatively, I wrote an essay a few years ago explaining one technique, with (math-loving) programmers as the intended audience: https://www.falsifian.org/blog/2021/06/04/catalytic/ .

@falsifian@www.falsifian.org Mate, what an amazing video, holy cow! :-D We only get complete jokes of icicles compared to what you had there ealier today. It’s a giant wall. For how many days did that grow on your roof?

@lyse@lyse.isobeef.org Still melting!

@falsifian@www.falsifian.org Oh, that’s neat! Interesting how “obviously” isn’t all that obvious at all, even to the contrary. I reckon I have to read up on that subject on the weekend. :-)

I like how Ian’s and your photo complement each other, winter and summer join forces for something special. :-)

@falsifian@www.falsifian.org Wooooaaaahhh! That is BY FAR the biggest icicle I’ve ever seen. Really cool! :-) How long did it take to melt in your sink? The video download is still dripping in, looking forward to that.

@eapl.me@eapl.me I couldn’t care less about ActivityPub, but twtxt is the thing for hackers by design. That’s the appealing part for me, personally. I actually do enjoy that not everybody and their dogs are here. :-)

@thecanine@twtxt.net I agree!

@movq@www.uninformativ.de @prologic@twtxt.net I don’t know, I don’t see this happening all that often. Very rarely. The problem I encounter much more often is that tech folks are blindly adopting every new hype without thinking the slightest bit what the consequences might be.

But maybe that also means I’m one of these “told you so” guys. Not sure.

@andros@twtxt.andros.dev 4

Today is an important day. We have a new extension: Direct message 🪇🗨️🚀🥳❤️
https://twtxt.dev/exts/direct-message.html
#twtxt

@sorenpeter@darch.dk Sorry, I realized that shortly after posting. Here’s another attempt to post the images:

@eapl_en@eapl.me Good idea

4, but I like the idea of @eapl_en@eapl.me

What would you like the new twtxt logo to be?
Comments: https://git.mills.io/yarnsocial/twtxt.dev/issues/9#issuecomment-18960

Image

What would you like the new twtxt logo to be?

Image

@prologic@twtxt.net All the URL are missing the protocol part (https://) and my markdown parser does not know how to handle but I see yarnd does it just fine.

@falsifian@www.falsifian.org
it look like your markdown image tags are missing the protocol part (https://) so they don’t render at least on my server: https://darch.dk/timeline/conv/3vtnszq

@prologic@twtxt.net Have you tried Google’s robots.txt report? https://support.google.com/webmasters/answer/6062598?hl=en . I would expect Google to be pretty good about this sort of thing. If you have the energy to dig into it and, for example, post on support.google.com, I’d be curious to hear what you find out.

Something interesting to think about for twtxt, the microblogging for hackers and friends…

The biggest challenge of ActivityPub is that it’s too technical to easily explain to regular people. Nobody is interested in a jargon-laden diatribe about servers and federation. When simple questions have overly complex answers, people tend to switch off.
https://activitypub.ghost.org/your-thoughts-on-onboarding/

@bender@twtxt.net @prologic@twtxt.net the markdown list in #jr6ywrq is a “loose” list, e.g. https://github.com/erusev/parsedown/issues/474#issuecomment-280874843
My markdown parser (parsedown PHP) renders the list with p-tags also.

@andros@twtxt.andros.dev Thank you :-)

@andros@twtxt.andros.dev screenshots plz :=!

Yesterday I was doing a lot of research on how #hyperdrive and the #holepunch project work. Would it be possible to use it to make #twtxt an easier gateway for new users? Could we stop using web servers?
My conclusion: We would end up being a #nostr. On the one hand it would become more complex to use, it would force the user to have software installed, and on the other hand the community would need a central proxy to make the routes accessible via HTTP. In other words, it’s not a good idea.
However, it’s an AMAZING technology. I want to start playing with it.

@prologic@twtxt.net 🤣🤣🤣 thanks! I didn’t even notice 😅