gemini - kennedy.gemi.dev

💾 Archived View for lists.sh › rss captured on 2022-06-11 at 20:48:28. Gemini links have been rewritten to link to archived content

-=-=-=-=-=-=-

<?xml version="1.0" encoding="UTF-8"?><feed xmlns="http://www.w3.org/2005/Atom">

<title>lists.sh discovery feed</title>

<subtitle>lists.sh latest posts</subtitle>

<name>lists.sh</name>

</author>

<entry>

<content type="text/plain">


## Title
* - [homepage](https://ndo.dev)
* - [work](https://checklyhq.com)

</content>

</entry>

<entry>

<title>IP_Ranges</title>

<id>/timw/IP_Ranges</id>

<content type="text/plain">

* MLHC public IP: 136.181.195.31
* TLN network: 50.233.29.114
=> https://whois.arin.net/rest/net/NET-136-181-0-0-1/pft?s=136.181.195.1 entire SOM subnet
=> https://docs.openathens.net/libraries/redirector-ip-bypass-zones How it works

</content>

</entry>

<entry>

<title>terminal-mail-clients</title>

<id>/erock/terminal-mail-clients</id>

<content type="text/plain">

=> http://www.mutt.org/ mutt
=> https://neomutt.org/ neomutt
=> https://aerc-mail.org/ aerc
=> https://github.com/leahneukirchen/mblaze mblaze
=> https://www.nongnu.org/nmh/ nmh
=> http://sup-heliotrope.github.io/ sup
=> https://www.djcbsoftware.nl/code/mu/ mu
=> https://github.com/pazz/alot alot
=> https://github.com/astroidmail/astroid astroid
=> https://github.com/wangp/bower bower
=> https://github.com/akissinger/dodo dodo
=> https://github.com/emdete/epistula epistula
=> https://github.com/soywod/himalaya himalaya
=> https://wiki.archlinux.org/title/Alpine alpine
=> http://www.instinct.org/elm/ elm

</content>

<summary type="text/plain">a list of MUA terminal mail tools</summary>

</entry>

<entry>

<title>Newsbank</title>

<id>/timw/Newsbank</id>

<content type="text/plain">

=> https://verify2.newsbank.com/Shibboleth.sso/Login?entityID=https://idp.libraryof.michigan.gov/openathens Newsbank Gateway
> https://verify2.newsbank.com/Shibboleth.sso/Login?entityID=https://idp.libraryof.michigan.gov/openathens

</content>

<summary type="text/plain">Right-click & copy a hotlink below or highlight & copy the address below the hotlink</summary>

</entry>

<entry>

<title>Newspaper_Archive</title>

<id>/timw/Newspaper_Archive</id>

<content type="text/plain">

=> https://go.openathens.net/redirector/libraryof.michigan.gov?url=https%!A(MISSING)%!F(MISSING)%!F(MISSING)access.newspaperarchive.com%!F(MISSING) Newspaper Archive
> https://go.openathens.net/redirector/libraryof.michigan.gov?url=https%!A(MISSING)%!F(MISSING)%!F(MISSING)access.newspaperarchive.com%!F(MISSING)

</content>

<summary type="text/plain">Right-click & copy the hotlink below or highlight & copy the address below the hotlink</summary>

</entry>

<entry>

<title>Places to eat in Chicago</title>

<id>/eke/2022-06-09-chicago-eateries</id>

<content type="text/plain">

=> https://kaufmansdeli.com/ Kaufman's Deli
=> https://www.mannysdeli.com/ Manny's Cafeteria
=> https://www.14parish.com/ 14 Parish

</content>

<summary type="text/plain">Two hungry guys passing through...</summary>

</entry>

<entry>

<title>Git Repo Template</title>

<id>/eke/2022-06-08-repo-template</id>

<content type="text/plain">


## Files
=> https://opensource.org/licenses/MIT LICENSE
=> https://infra.apache.org/licensing-howto.html#example-notice NOTICE
* README.md. Some docs!

</content>

<summary type="text/plain">Files for every git repo</summary>

</entry>

<entry>

<id>/athul/days</id>

<content type="text/plain">

* Monday
* Tuesday
* Wednesday
* Thursday
* Friday
* Saturday
* Sunday

</content>

</entry>

<entry>

<title>My websites</title>

<content type="text/plain">

=> https://amarjeet.dev https://amarjeet.dev
=> https://arai.dev https://arai.dev
=> https://sonurai.com https://sonurai.com
=> https://amarjeet.photos https://amarjeet.photos

</content>

<summary type="text/plain">A list of my websites</summary>

</entry>

<entry>

<title>Paris Moderne</title>

<id>/lllist/paris_moderne</id>

<content type="text/plain">

* Claude Monet
* Vincent van Gogh
* Gertrude Stein
* Erik Satie
* Robert Delaunay
* Sonia Delaunay
* Nadar
* Père Tanguy
* Pierre Bonnard
* Man Ray
* Georges Seurat
* Paul Signac
* Marie Laurencin
* Sergei Diaghilev
* Les Ballets Russes
* Igor Stravinsky
* Le Sacre du printemps (première)
* Camille Pissarro
* Eugène Atget
* August Macke
* Henri Matisse
* Juan Gris
* Georges Braque
* Édouard Manet
* Paul Cézanne
* Umberto Boccioni
* Pierre-Auguste Renoir
* Claude Debussy

</content>

<summary type="text/plain">People and events to include in a timeline of the modern in art, music, film, etc. circa 1860-1940, with Paris at its centre.</summary>

</entry>

<entry>

<title>lists</title>

<id>/hibi/lists</id>

<content type="text/plain">


## lists.sh
=> https://lists.sh microblog for lists

### Sandbox
> This is a blockquote.
```

#!/usr/bin/env bash

set -x

echo "this is a preformatted list item!
```

</content>

</entry>

<entry>

<content type="text/plain">

* Sunday
* Monday
* Tuesday
* Wednesday
* Thursday
* Friday
* Saturday

</content>

</entry>

<entry>

<title>opensource_games</title>

<id>/polyglot/opensource_games</id>

<content type="text/plain">

=> https://www.beyondallreason.info/ https://www.beyondallreason.info/
=> https://screeps.com/ https://screeps.com/
=> https://endless-sky.github.io/ https://endless-sky.github.io/
=> https://github.com/dividuum/infon https://github.com/dividuum/infon
=> https://www.chiark.greenend.org.uk/~sgtatham/puzzles/ https://www.chiark.greenend.org.uk/~sgtatham/puzzles/
=> https://teeworlds.com/ https://teeworlds.com/

</content>

</entry>

<entry>

<title>crypto_tutorials</title>

<id>/polyglot/crypto_tutorials</id>

<content type="text/plain">

=> https://cryptocurrencyclass.github.io/ https://cryptocurrencyclass.github.io/
=> https://www.youtube.com/watch?v=xwA2TkcAQgQ&list=PL6TbWIxWsLY0VPlese2_z5xDZZ33ZuvV6 https://www.youtube.com/watch?v=xwA2TkcAQgQ&list=PL6TbWIxWsLY0VPlese2_z5xDZZ33ZuvV6

</content>

</entry>

<entry>

<title>2022-06-02-first-post</title>

<id>/vlladdrakk/2022-06-02-first-post</id>

<content type="text/plain">

* first post!!
* from my blackberry classic!

</content>

</entry>

<entry>

<title>bookmark-supply-chain-security</title>

<id>/erock/bookmark-supply-chain-security</id>

<content type="text/plain">

=> https://socket.dev https://socket.dev
=> https://www.sigstore.dev https://www.sigstore.dev
=> https://in-toto.io https://in-toto.io
=> https://theupdateframework.io https://theupdateframework.io

</content>

</entry>

<entry>

<title>Service Resurrection Attacks</title>

<id>/eke/resurrection-attacks</id>

<content type="text/plain">


## What are the facts?
* A service resurrection attack is when access to a dead service, such as an expired domain or other abandoned resource, grants some degree of access or(or perceived access) to another resource.
* In Maven Central, software packages and related artifacts are organized into namespaces (referred to as groupId).
* The Java convention is to use domain names as part of the namespace.
* Maven Central requires a proof of namespace control in order to register or recover publish access to a namespace.
* There are two types of proof that are currently accepted.
* One type of proof is ability to add a DNS record to the domain.
* Another type of proof is to create a public SCM repository.
* About 80%!o(MISSING)f all new projects use a public SCM URL as the type of proof.
=> https://central.sonatype.org/publish/requirements/coordinates/ Maven Central coordinate reference
* Software packages and related artifacts are published once to Maven Central - they are unable to be altered by publishers after they have been published.

## Why is this important?
* A bad actor may be able to introduce malicious code into other software applications.

### How?
* An SCM organization/account or DNS settings can be modified by a bad actor.
* The bad actor requests and receives publish access to Maven Central by demonstrating proof of namespace control.
* New versions of an existing software packages can be published to that namespace.
* Any software applications which 1) depend on the latest version of the existing software package; and 2) are rebuilt may execute the malicious code.

### Examples
=> https://github.com/manuelstofer/foreach/issues/21 A claimed (but unsubstantiated) takeover in the Javascript / NPM ecosystem.

## Reasons this is not a really big deal
* The risk is generally very low: best practice for Java applications is to specify versions for dependencies. If this is the case, then a newer version of dependencies will not be incorporated into an application.
* Maven Central provides other information, such as PGP signatures, which allows users to validate provenance of software packages they depend on.
* Maven Central provides assertions about control over a namespace and other information about software packages it hosts. But there are no implied guarantees about code quality or suitability to purpose of these packages: it is the responsibility of downstream quality and security toolchains to make this determination.

## What might be done?
* If a revalidation of namespace occurs, Maven Central can make this information readily accessible to downstream quality & security toolchains.
* Maven Central can lock namespaces following a period of inactivity, and require revalidation in order to reuse it. Note this does not prevent a bad actor who controls the namespace from revalidating it.
* Better determine the scope of the problem. For instance, what percentage of packages in Maven Central published in the last 3 years include dependencies without valid, semantic version information? How many revalidations are performed on an annual basis? How many expired domains are associated with active namespaces?

</content>

</entry>

<entry>

<title>Link_Generator</title>

<id>/timw/Link_Generator</id>

<content type="text/plain">

=> https://go.openathens.net/generate/libraryof.michigan.gov/72320862 Link Generator
> https://go.openathens.net/generate/libraryof.michigan.gov/72320862

</content>

</entry>

<entry>

<title>open-source-react-codebases</title>

<id>/erock/open-source-react-codebases</id>

<content type="text/plain">

=> https://github.com/RocketChat/Rocket.Chat https://github.com/RocketChat/Rocket.Chat
=> https://github.com/ProtonMail/WebClients https://github.com/ProtonMail/WebClients
=> https://github.com/pancakeswap/pancake-frontend https://github.com/pancakeswap/pancake-frontend
=> https://github.com/HospitalRun/hospitalrun-frontend https://github.com/HospitalRun/hospitalrun-frontend
=> https://github.com/Automattic/wp-calypso https://github.com/Automattic/wp-calypso
=> https://github.com/keybase/client https://github.com/keybase/client

</content>

</entry>

<entry>

<title>first</title>

<id>/eke/first</id>

<content type="text/plain">


## services
=> gemini://geddit.glv.one gemini://geddit.glv.one
=> gemini://drewdevault.com/cgi-bin/man.sh gemini://drewdevault.com/cgi-bin/man.sh
=> gemini://gemi.dev/cgi-bin/wp.cgi gemini://gemi.dev/cgi-bin/wp.cgi
=> gemini://cryptocrawl.space gemini://cryptocrawl.space
=> gemini://tilde.team/~bqb/awesome-gemini.gmi gemini://tilde.team/~bqb/awesome-gemini.gmi

## fun reading
=> gemini://warmedal.se/~antenna gemini://warmedal.se/~antenna
=> gemini://flounder.online/ gemini://flounder.online/
=> gemini://alex.flounder.online/ gemini://alex.flounder.online/
=> gemini://republic.circumlunar.space/users/flexibeast gemini://republic.circumlunar.space/users/flexibeast
=> gemini://foo.zone gemini://foo.zone
=> gemini://calcuode.com/gmisub-aggregate.gmi gemini://calcuode.com/gmisub-aggregate.gmi
=> gemini://rawtext.club/~sloum/spacewalk.gmi gemini://rawtext.club/~sloum/spacewalk.gmi
=> gemini://gemi.dev/gemlog gemini://gemi.dev/gemlog
=> gemini://medusae.space gemini://medusae.space
=> gemini://review.treeblue.space gemini://review.treeblue.space

## technical
=> gemini://erock.io gemini://erock.io

</content>

<summary type="text/plain">useful or interesting links in the gemiverse</summary>

</entry>

<entry>

<title>pretense</title>

<id>/serious/pretense</id>

<content type="text/plain">

* Prompt. Answer. Repeat sample draw 10000x. How many archetypes can you find after running Doc2Vec & PCA? How many sets are there, and of those, how many are interesting? Within each set, how many are awful pastiche of regurgitated
* opinions that the writers ingested at some primordial time in the womb?
* Basically I'm upset that there's such a thing as the analytical writing section on the GRE.
* The 'Score 6' examples I've seen read like the unhinged ramblings of someone who barely passed AP English Lit. trying to keep it together while forced to manifest barely coherent ideas on some opinion he just read and had two minutes
* to think about. And from this we expect this process we expect that the output is some reliable estimator of the person's analytical abilities and or their writing competencies?
* Awful.

</content>

</entry>

<entry>

<title>vegetables</title>

<id>/m040601/vegetables</id>

<content type="text/plain">

* cabbage
* onions

</content>

</entry>

<entry>

<title>fruits</title>

<id>/m040601/fruits</id>

<content type="text/plain">

* appples
* bananas
* oranges

</content>

</entry>

<entry>

<content type="text/plain">

* BASH(1) General Commands Manual BASH(1)
* NAME
* bash - GNU Bourne-Again SHell
* SYNOPSIS
* bash [options] [command_string | file]
* COPYRIGHT
* Bash is Copyright (C) 1989-2020 by the Free Software Foundation, Inc.
* DESCRIPTION
* Bash is an sh-compatible command language interpreter that executes
* commands read from the standard input or from a file. Bash also incor‐
* porates useful features from the Korn and C shells (ksh and csh).
* Bash is intended to be a conformant implementation of the Shell and
* Utilities portion of the IEEE POSIX specification (IEEE Standard
* 1003.1). Bash can be configured to be POSIX-conformant by default.
* OPTIONS
* All of the single-character shell options documented in the description
* of the set builtin command, including -o, can be used as options when
* the shell is invoked. In addition, bash interprets the following op‐
* tions when it is invoked:

</content>

</entry>

<entry>

<title>containers</title>

<id>/polyglot/containers</id>

<content type="text/plain">

* minikube
=> https://cycle.io/platform/ https://cycle.io/platform/
=> https://kind.sigs.k8s.io/ kind for running local Kubernetes clusters using Docker container “nodes”
=> https://k3d.io/v5.4.1/ https://k3d.io/v5.4.1/
=> https://tilt.dev/ good feedback on HN

</content>

</entry>

</feed>