@movq@www.uninformativ.de it is.

@movq@www.uninformativ.de That’s really cool! I wanted to experiment with Landlock in tt as well. But other than just thinking about it, nothing really happened.

Depending on the available Landlock ABI version your kernel supports, you might even restrict connect(…) calls to ports 80, 443 and maybe whatever else has been configured in the subscription list.

@prologic@twtxt.net Yeah, it’s not a strong sandbox in jenny’s case, it could still read my SSH private key (in case of an exploit of some sort). But I still like it.

I think my main takeaway is this: Knowing that technologies like Landlock/pledge/unveil exist and knowing that they are very easy to use, will probably nudge me into writing software differently in the future.

jenny was never meant to be sandboxed, so it can’t make great use of it. Future software might be different.

(And this is finally a strong argument for static linking.)

@movq@www.uninformativ.de Nice! 👍

PSA: setpriv on Linux supports Landlock.

If this twt goes through, then restricting the filesystem so that jenny can only write to ~/Mail/twt, ~/www/twtxt.txt, ~/.jenny-cache, and /tmp works.

@iolfree@tilde.club Oh dear! All the best to this feller. I wouldn’t want to trade places with him.

@lyse@lyse.isobeef.org Haha 🤣

@prologic@twtxt.net @bender@twtxt.net That’s what I thought as well, sounds way too expensive to me. But I have no idea what the prices are over here. Probably also astronomical. Campers sit around most of the time, one really would need to use them a lot to justify spending so much money on them.

But yeah, each to their own (expensive) hobbies. :-) I, for example, burn my money on tools that I don’t really™ need. :-P

@bender@twtxt.net An older Firefox on Debian.

@prologic@twtxt.net well, the ones down there (on your list) are pretty minimal, basic even. Yet, their pricing is super high (number wise, haven’t checked the equivalent from AUD to USD).

@bender@twtxt.net are they really though when you factor in the weaker AUD? 🧐

@lyse@lyse.isobeef.org which browser do you use? Chrome, Edge, and Firefox, under Ubuntu, all show it fine.

@movq@www.uninformativ.de This one is too bleeding edge for me, not even my browser can render it.

@kat@yarn.girlonthemoon.xyz I dislike him big time. It was a sad day when Tumblr felt on his hands.

@lyse@lyse.isobeef.org Yeah, if there’s no stable API, then it’s not a lot of fun … Bah. :|

@kat@yarn.girlonthemoon.xyz Ok 👌

@prologic@twtxt.net i’ll email you!

@movq@www.uninformativ.de I couldn’t agree more! It’s far from easy. I’m not free of this guilt either. But I’m hardly trying.

@movq@www.uninformativ.de I’d love to have a Python script pushing my local CSV, too. But that’s never gonna fly, not in a thousand years. I can’t imagine that ever becoming reasonably stable without having to fix everything after the reverse-engineered API changes again.

@lyse@lyse.isobeef.org dmenu is a great example.

There have been several attempts at porting dmenu from X11 to Wayland. Well, not exactly “porting” it, more like rewriting it from scratch. Turns out: It’s not that easy.

dmenu is super fast and reliable. None of the Wayland rewrites are (at least none of the popular ones that I know of). They are either bloated and/or slow.

It takes a lot of discipline and restraint to write simple software and not blow up the codebase. This is much harder than people think. It’s a form of art, really.

@lyse@lyse.isobeef.org I do my timetracking in a little Python script, locally. Every now and then, I push the data to our actual service. Problem solved – but it’s a completely unpopular approach, they all want to use the web site. I don’t get it. Then, of course, when it’s down, shit hits the fan. (Luckily, our timetracking software is neither developed nor run by us anymore. It’s a silly cloud service, but the upside is that I’m not responsible anymore. 🤷)

Some of our oldschool devs tried to roll out local timetracking once, about 15 years ago. I don’t remember anymore why they failed …

This is developed inhouse, I’m just so glad that we’re not a software engineering company. Oh wait. How embarrassing.

Oh to be anonymous on the internet. That must be nice. 😅

@prologic@twtxt.net Ta!

@movq@www.uninformativ.de Yeah, luckily, there is the suckless project. I couldn’t live without dmenu!

@movq@www.uninformativ.de Yeah, it’s a shitshow. MS overconfirms all my prejudices constantly.

Ignoring e-mail after lunch works great, though. :-)

Our timetracking is offline for over a week because of reasons. The responsible bunglers are falling by the skin of their teeth: https://lyse.isobeef.org/tmp/timetracking.png

1. The error message neither includes the timeframe nor a link to an announcement article.
   
2. The HTML page needs to download JS in order to display the fucking error message.
   
3. Proper HTTP status codes are clearly only for big losers.
   
4. Despite being down, heaps of resources are still fetched.
   

I find it really fascinating how one can screw up on so many levels. This is developed inhouse, I’m just so glad that we’re not a software engineering company. Oh wait. How embarrassing.

@movq@www.uninformativ.de This is a really good example of “simplicity” but achieves the intent and goals 👌

(Now, I don’t know if your screen reader can work with this. Let me know if it doesn’t.)

I don’t use a screen reader fortunately (actually they’re pretty garbage). So all good 👍 (I juse use full-screen zoom).

@prologic@twtxt.net Yeah, this really could use a proper definition or a “manifest”. 😅 Many of these ideas are not very wide spread. And I haven’t come across similar projects in all these years.

Let’s take the farbfeld image format as an example again. I think this captures the “spirit” quite well, because this isn’t even about code.

This is the entire farbfeld spec:

farbfeld is a lossless image format which is easy to parse, pipe and compress. It has the following format:

╔════════╤═════════════════════════════════════════════════════════╗
║ Bytes  │ Description                                             ║
╠════════╪═════════════════════════════════════════════════════════╣
║ 8      │ "farbfeld" magic value                                  ║
╟────────┼─────────────────────────────────────────────────────────╢
║ 4      │ 32-Bit BE unsigned integer (width)                      ║
╟────────┼─────────────────────────────────────────────────────────╢
║ 4      │ 32-Bit BE unsigned integer (height)                     ║
╟────────┼─────────────────────────────────────────────────────────╢
║ [2222] │ 4x16-Bit BE unsigned integers [RGBA] / pixel, row-major ║
╚════════╧═════════════════════════════════════════════════════════╝

The RGB-data should be sRGB for best interoperability and not alpha-premultiplied.

(Now, I don’t know if your screen reader can work with this. Let me know if it doesn’t.)

I think these are some of the properties worth mentioning:

• The spec is extremely short. You can read this in under a minute and fully understand it. That alone is gold.
  
• There are no “knobs”: It’s just a single version, it’s not like there’s also an 8-bit color depth version and one for 16-bit and one for extra large images and one that supports layers and so on. This makes it much easier to implement a fully compliant program.
  
• Despite being so simple, it’s useful. I’ve used it in various programs, like my window manager, my status bars, some toy programs like “tuxeyes” (an Xeyes variant), or Advent of Code.
  
• The format does not include compression because it doesn’t need to. Just use something like bzip2 to get file sizes similar to PNG.
  
• It doesn’t cover every use case under the sun, but it does cover the most important ones (imho). They have discussed using something other than RGBA and decided it’s not worth the trouble.
  
• They refrained from adding extra baggage like metadata. It would have needlessly complicated things.

@lyse@lyse.isobeef.org Nice shot! 😳

@movq@www.uninformativ.de Yeah that’s why I’m striking this conversation with you 😅 Not only do I respect your opinion quite highly 🤣 But like you say (and I’ve read their philipshpy) it can be a bit “elitism” for sure. I’m genuinely interested in what we think of as software that “doesn’t suck”. Tb be honest I haven’t really put thought to paper myself, but I reckon if I did, I’d have some opinions/ideas…

@prologic@twtxt.net Hm, I wouldn’t say that. Go code could fall into that category as well.

Maybe this topic could use a blog post / article, that explains what it’s about. I’m finding it hard to really define what “suckless-like software” is. 🤔 (Their own philosophy focuses too much on elitism, if you ask me.)

@movq@www.uninformativ.de So you wouldn;t consider things written in Go to be “suckless”-esque? 🤔

@prologic@twtxt.net Ah, I’m referring to software that’s similar to that of suckless.org: Small, minimal codebases, small tools, but still useful. dmenu is probably the best example and also farbfeld.

Here’s the author of Anubis talking about some of their experiences:

https://xeiaso.net/blog/why-i-use-suckless-tools-2020-06-05/

(You can skip the long config and keybinds part.)

@eldersnake@we.loveprivacy.club Yeah well when you put it like that 🤣

@movq@www.uninformativ.de Curious what you would define as “suck less” software? (language agnostic of course!)

@movq@www.uninformativ.de Happy birthday and good health! :-)

@eldersnake@we.loveprivacy.club This wasn’t always the case, though. Quake3, Quake4, Unreal Tournament 99 and 2004 are examples of games that used to run very well as native Linux games. But that was 20+ years ago …

@eldersnake@we.loveprivacy.club Yeah for sure! The thing that annoys me about a lot of this, is the sheer fact you can’t really self-host let alone self-train these things I’ve been playing around with AI at home over the past few months and building my own neural networks from scratch (in Go) with genetic algorithms on a few tasks and training sets, but man it’s hard™ 🤣 I feel like we’re doing something wrong here…

@eldersnake@we.loveprivacy.club This was an interesting read for sure! 👍 I don’t think it had anything I hadn’t already considered in terms of the ethical/moral points of view. I’m not sure where I stand myself either to be honest. I’ve forced myself to get familiar with the ecosystem and tooling, because in my line of work as a tech lead (staff engineer in sre) you don’t want to be that one guy that ya know 😉 Ethically/Morally though, I’m definitely with the sentiment of this post 😅 Much like the whole Crypto hype yaers back (if y’all remember?!) this is also one of the most energy hungry pieces of “tech” (if you can call it that?) in a while. Then there’s these other issues “stealing people’s work”, “reliance is causing humans to become cognitively weak and neural connections to shrink”, to name a few…

@kat@yarn.girlonthemoon.xyz Yea I can! I

@lyse@lyse.isobeef.org (It’s either that, or the fact that it’s women’s football and “nobody wants to see that anyway”.)

@lyse@lyse.isobeef.org I have to say, this sounds much worse than our stuff at work. 🫩 (We don’t use any Microsoft services, at least not for core tools.)

@lyse@lyse.isobeef.org HahahHh 🤣

@movq@www.uninformativ.de https://www.youtube.com/watch?v=Y8wyZIKQo9U

I hear you, @movq@www.uninformativ.de! :‘-(

At work, too. For a few weeks now when I try to log into this horrible Outlook web intershit (Because why would they fix the Evolution integration?! It’s cactus for well over a year now. Probably more like two.), it forwards me to the corporate weblogin, I enter my credentials, even do the bloody MFA crap and get redirected back to Outlook. “Loading mailbox…” “Please wait for us to log you out, do not close this window while this process is underway.” Fuck you! I have to delete the cookies for this damn domain each and every fucking time. Otherwise, this goes in circles forever. I tried the game for 15 minutes, no joke.

But wait, there’s more! Why just fuck it up only a little bit? This week I get logged out at the middle of the day. Every. Single. Day. Not even close to eight hours since I started, no. What the hell!? I reckon I just don’t even bother reauthenticating anymore in the arvo. No more e-mails for Lyse after lunch. Fuck it. It’s just distraction, anyway, right?!

@lyse@lyse.isobeef.org Uffpuh. Es Wetter spielt verrückt. 🫤

@movq@www.uninformativ.de Willsch a bissle Eis schlotza? https://www.tagesschau.de/inland/regional/badenwuerttemberg/swr-schwere-hagelgewitter-weisse-strassen-in-sipplingen-100.html

@prologic@twtxt.net That too, yeah. 🥴😩

@movq@www.uninformativ.de Because we keep fucking with the planet’s environment and climate patterns? 🤔

@prologic@twtxt.net Bah! Why can’t we all have mild weather. 🥲

Feeling a bit bad for the folks and Coffs Harbor and on the coast of Sydney right now 🤯

@movq@www.uninformativ.de @bender@twtxt.net I never saw that. Neither the website nor the logo. I like the old one more, although I have to admit the story behind the new one is actually really cool: https://www.sudo.ws/about/logo/

@aelaraji@aelaraji.com Yay, heat. 🫠

@prologic@twtxt.net Heey… Welcome back!! 🫡 How was the trip? I Hope you’ve had a good time!

@prologic@twtxt.net I like the last two, on the first three you sent. I looked up “Canarvon Gorge”, and read more about it. Thanks for introducing me to it!

@movq@www.uninformativ.de Hahaha, I love them! :-D

@prologic@twtxt.net This looks really nice! I love the view. For a brief second, the rock in the left bottom corner of the first photo reminded me of a croc tail. These are some massive cliffs, I get the impression that walking down there feels cool during the heat. Yeah, it’s winter over there, but it cooled me off by just looking at it. :-) Oh no, somebody lost their hat.

A few more…

As promised, here’s some photos of love you!! camping trip to Canarcon George in QLD, Australia.

@movq@www.uninformativ.de I first wondered how the lists could be ever improved, but then b.png shows the better approach with the inset boxes on the left. No surprises there. Very clearly communicated.

@kat@yarn.girlonthemoon.xyz Ah! I see there is now some competition going on between the Tux avatars. ;-)

@kat@yarn.girlonthemoon.xyz That’s an interesting concept I never heard of before. Though, as a German, my data protection kicks in. ;-)

@lyse@lyse.isobeef.org

These are lists in your Inkscape example, right?

The font stuff? Yeah, that’s a scrollable list where you can select the current font.

@eldersnake@we.loveprivacy.club so real lol

@lyse@lyse.isobeef.org i’ve been playing with h-card stuff lately! got one marked up and validated with indiewebifyme and it all checks out :D you can see it on my about page at the bottom

@kat@yarn.girlonthemoon.xyz Which one(s) are you looking right now?

@prologic@twtxt.net hello!!!

@prologic@twtxt.net Oh cool, completely disconnected is the best! Looking forward to the photos. :-)

@movq@www.uninformativ.de We did indeed! 😅 I’ll share photos soon™ 🔜 Was completely “off-grid”, no connectivity to anything anywhere 🤣

@movq@www.uninformativ.de Yeah, the crash killed it.

@movq@www.uninformativ.de Yes, flat UIs are broken! I’m used to that by now, but it’s still more work to recognize than when there are borders around buttons, etc.

These are lists in your Inkscape example, right? (I’m too lazy to start Inkscape myself and look at it. And writing this took longer than just seeing for myself, but here we are. I met up with one of my best schoolmate this morning and it’s fucking hot already. So I blame the heat.) Nested tabs are probably an own death sin in itself. I know, I know, the upper ones can be made into windows and dragged around, but still.

@prologic@twtxt.net Heyho, welcome back. 👋 Did you guys have a nice trip? 😊

@lyse@lyse.isobeef.org Probably. :-) I just saw that the account on Yarn is also gone. Maybe it didn’t survive the crash earlier this year.

@movq@www.uninformativ.de Yeah, it’s been a while. Didn’t feel this long, though. Not at all, I’m quite surprised. :-O

But like with every quality content, there is no publishing schedule. Eventually, @mckinley@mckinley.cc will write another article for all of us. :-)

@lyse@lyse.isobeef.org Wow. Just like Skyrim! 😃

@mckinley@mckinley.cc’s blog appears to have gone stale, hm.

Thanks @bender@twtxt.net! Yeah, so super cute. I couldn’t pet them, though. Despite very curious, they were also very restless.

I persuaded my dad to check out the fireflies with me tonight. He only wanted to go for a short trip, so we came just across a couple hundred of them. Otherwise, the thousands mark would have been exceeded in no time. He was super glad I talked him into that. :-)

It was also my first time to see them over the meadows. Those numbers don’t compare to the ones inside the forest, no question, but we probably saw 60 or so. Haven’t come across them there before, I only heard and read about that.

Note to future-Lyse next year: Leaving at 21:45 seems like a good time. We left earlier and had to wait just a few more minutes for them to come out in masses.

Too bad it’s impossible to share photos or videos. My camera isn’t made for that at all, not even close.

@lyse@lyse.isobeef.org such a beautiful goooooooat! Those eye, and the ear I would love to pet… Nice click, mate!

@lyse@lyse.isobeef.org it’s so bad!!!

@movq@www.uninformativ.de @kat@yarn.girlonthemoon.xyz It’s awful, “just” 32°C here. When I rode my bike into town I came across some spots where the heat was stationary built up and really intense. The airflow felt like the sauna attendant poured water over the heated rocks and severely fanned the hot air with his towel.

@movq@www.uninformativ.de That short segment is fairly close to reality, even though it obviously looks heaps better in person: https://youtu.be/u8YVorNRcDM?t=66

@kat@yarn.girlonthemoon.xyz Oh dear. 😩

@thecanine@twtxt.net awww so cute and silly!!!

@movq@www.uninformativ.de OMG SLEEPY LITTLE GUY!!!

@movq@www.uninformativ.de it’s sooo bad here on the east coast of the US omg 102F/38C heat here!!

@movq@www.uninformativ.de I also don’t think that I’m a particularly good speaker. :-) The workshop model is a good idea, I like that.

Yeah, it’s really good fun. I can highly recommend it. This is also a good way to train (new) developers to think like attackers, how to break in, destroy something or raise awareness of some classes of bugs. Then you can avoid them next time. It’s surprising to me what vulnerabilities come up during this event every time. So, absolutely worth it, win, win.

@movq@www.uninformativ.de Oh, really!? You should come visit. :-)

As far as I know females are sitting in the shrubs and males fly around, but they’re not all that quick. They are slowly moving glowing dots that you can easily follow with your eyes. The bigger problem might be that they turn off and then on again. So, one could count duplicates. However, there’s typically a bit of distance between them (at least 30-50 cm I’d say, often more). Counting the same individual multiple times is not all that common (assuming that they don’t speed up when turned off). My counting was also conservative I believe.

Ah, Die Maus also covered them a few days ago: https://www.youtube.com/watch?v=OVGD5QEvtoc At the end, there’s a video were you can see the speeds a bit.

@movq@www.uninformativ.de Tada, cool! :-)

@arne@uplegger.eu Stattdessen rutscht er seitlich vom Tisch? 🤪

@lyse@lyse.isobeef.org I can confidently say that I don’t remember ever having seen fireflys. (Nor Firefly.) 😳 I’m most surprised that you could count them. Naively, I would assume that these guys move around a lot and you’d lose track of them?

After drawing the bigger canine stickers, I also want to change my profile picture for summer, to something more fluffy, shaded and a bit smug looking.

@kat@yarn.girlonthemoon.xyz NEVER MIND WE ARE SO BACK MAMDANI WON

@lyse@lyse.isobeef.org

They’re all talks, not real hands-on trainings like you did.

I love listening to good, well-structured talks. Problem is, not everybody is a good speaker and many screw it up. 🥴 I’m certainly not a great speaker, which is why I gravitate more towards “workshops”, in the hopes that people ask questions and discussions arise. Doesn’t always work out. 🤣 At the very least, I almost always have some other person connect to the projector/beamer/screenshare and then they do the stuff – this avoids me being wwwwaaaaaaaaayyyy too fast.

We are usually drowned in stress and tight deadlines, hence events like today are super rare … We used to do it more often until ~10 years ago.

Once a year the security guys organize a really great hacking event, though.

Oh dear, I’d love to participate in that. 🤯 That sounds like a lot of fun. (Why don’t we do this?!)

@movq@www.uninformativ.de Interesting internal education sessions are way too infrequent here as well. There are a bunch of “knowledge transfer” meetings actually, but 90% of the topics already sound totally boring to me. The other 9% talks turned out to be underwhelming, sadly. I only attended a single one where it was delivered what has been promised. They’re all talks, not real hands-on trainings like you did.

Once a year the security guys organize a really great hacking event, though. Teams can volunteer to hand in their software dev instances and all workmates are invited to hack them and report security vulnerabilities. That’s a lot of fun, but also gets frustrating towards the end when you don’t make any progress. :-) There’s also some actual hands-on training in advance for preparation of the two days. Unfortunately, I missed the last event due to my own project being very stressful at the time.

When I had a Do What You Want Day I also show my direct teammates what I learned in the hopes of this being interesting to them as well. I’m the only one in my team using this opportunity, sadly.

@prologic@twtxt.net This person isn’t particularly happy with this study:

https://mastodon.social/@grimalkina/114717549619229029

I don’t know enough about these things to form an opinion. 🫤 I sure wish it was true, though. 😅

@lyse@lyse.isobeef.org Multi-Threading. Is. Hard. 🤯 And yes, that blog is great. 👌

@aelaraji@aelaraji.com awww :(((

@lyse@lyse.isobeef.org Not intended as a vampire thing, at least not this time. 😅 His canine teeth are usually one pixel long, when visible, but on this one, he’s making a face, that makes them more exposed.

@lyse@lyse.isobeef.org lol – I explicitly kept them in there so that the code is easier to understand for non-Rust people 🤪😂

@prologic@twtxt.net Bon voyage! I hope you’ll find some well-needed rest.

@movq@www.uninformativ.de All the returns tell me that you’re not a real Rust programmer. :-D Personally, I would never omit them either. They make code 100 times more readable.

@movq@www.uninformativ.de Yeah, not too bad. I completely agree with you on completeness. Also, I hate complexity without having to learn that during on-calls. :-)