š¾ Archived View for idiomdrottning.org āŗ Sandra captured on 2023-09-28 at 15:33:38. Gemini links have been rewritten to link to archived content
ā¬ ļø Previous capture (2023-09-08)
ā”ļø Next capture (2023-11-04)
-=-=-=-=-=-=-
Impermanent echoes, sketches, and scratches for various Idiomdrottning components and libraries can be found here.
This, on the other hand, claiming that Proton wasnāt vulnerable in the efail era, is misleading because an encrypted message sent from Proton to a vulnerable client like Thunderbird couldāve been cracked; Proton can only protect in the other direction. It takes two to tango.
(Of course, thatās in the Magical Christmasland scenario that the mail got intercepted through TLS and DKIM [but thatās what an email provider can do, and protecting from malicious providers is the one remaining use case for PGP], then craft a faux email with HTML and glitter, then trick the reader to open that email on a vulnerable client. So the only people who couldāve exploited efail woulda been your own email provider.)
Again, itās so odd that as many as 10 out of 28 muas were concatenating parts this way (or rather, that they were doing decrypt-region before parsing the MIME). To me that tells me something mightāve been a liāl messed up in the GPG API, affordance-wise.
pgp-vulnerability-efail at Proton
Just one more reason to leave it in the ground:
After a Pittsburgh coal processing plant closed, ER visits plummeted | Grist
I hate this speech/reach model. Nostr has a similar model. Not happy about that.
On email, āreachā is defined by spam milters and blocklists, but even then if some MTA would start sending out sick stuff it might get shut down totally. For example spam (UCE) mail servers have been held legally culpable.
Overall the BSky idea is to try and make one big super scaled audience of billions on the same feed. (If they manage to make that federated I guess thatās better than it not being federated but still existing.)
Not into it; on Fedi Iāve been retreating into groups and thread servers and smaller cozier spaces. Bringing the smolnet feel back to Fedi. Not looking forward to having to live in fear of a tweet.
Protocol Overview | AT Protocol
Iāve never had a song be āruinedā by listening to it after a breakup. No matter how many times āI will always love youā have spun, itās an unbreakable diamond of a song.
No.
The songs thatāll kick my ass are the songs from when times were good. The songs that played when things were at their best and beautifullest.
Issue that is tracking atom feeds for Friendica groups:
Group atom feeds donāt have any posts Ā· Issue #13471 Ā· friendica/friendica Ā· GitHub
The Milliwhack metric for campaign lethality. Iāve lost track. What usually happens with D&D is that the lethality is higher in the lower levels of the campaign. Which is pretty appropriate & good design š¤·š»āāļø
Trilemma Adventures: A Metric for Campaign Lethality
Classic article in Worldwatch arguing that animal ag is at least half of greenhouse emissions.
Eat plants.
c7a0777c82357704d82b9ae8007c1197cb07.pdf at Archive
This article is misleading since a lot of email does use TLS. I get my electricity bills over TLS email and Iām happy with that. Iād never ever consent to getting them over plaintext email.
Seems to me that Mailvelope is one of the easier ways to get with the program for users of Hotmail or Google Mail on desktop web. š¤·š»āāļø
If you wonder why you have to jump through flaming hoops of daggers and zebras in order to encrypt a message when sending with Thunderbird, itās by design apparently š¤¦š»āāļø
K-9 was so good at this (if you set autocrypt to mutual in the settings, which shouldāve been the default).
The network externality is a hell of a drug šš»āāļø
Dinosaur Comics - September 25th, 2023 - awesome fun times!
Iāve been recommending K-9 mail on Android but apparently it hasnāt existed for nine months š¤¦š»āāļø
So out of the loop.
āNotwithstanding any other terms in this License, this
License is not available to You if You and/or your
employer develop, produce, sell, and/or resell a
product which contains substantially similar capabil-
ities of the BitKeeper Software, or, in the reason-
able opinion of BitMover, competes with the BitKeeper
Software.ā š¤¦š»āāļø
So glad the BitKeeper days are over
Linux-kernel mailing list archive 2002-39,: New BK License Problem?
Iāve found that sometimes when someone comes across as empathy deficient, itās because they are suffering so intensively that it drowns out their awareness of whatās going on inside other people. They might come across as self-centered, even cruel, but they canāt help it given what theyāre going through.
āLetās free ourselves from the story of economic growthā
Skep Sci late to the party as per ushe. But glad theyāre onboard with degrowth.šš»
2023 SkS Weekly Climate Change & Global Warming News Roundup #38
I donāt know who this blogger is buuut this method of grabbing rando Proton Mail keys worked pretty great! šš» I jammed it into a shell function that imports āem directly into GPG.
Find the Public Key of a ProtonMail User
Fun fact: the plain text file of a YouTube pageās full DOM with the JavaScript loaded expressed as HTML with angle bracket notation (but excluding any images, videos, audios or other external filesāweāre only talking about the actual web page here) doesnāt fit on a floppy. It doesnāt even fit on two floppies. Itās three times as long as the unabridged edition of Moby Dick.
Is there an app (daemon or cli) already that I can run on a linux server and pipe stuff to to get custom web push notifications on my own iPad?
Fellow sprawlbrains, can you relate to this? (Or better yet, solve it.)
When I have one place to check online, I can check once and then go about with my day.
But when I have multiple places, Iāll go āOK, Iāll just check here before I goā and then Iāll do that same thing for the next site and the next site and the next site and then back to the beginning in a never-ending circle.
Thatās why notifications are really good for me because I donāt have to check something thatāll notify me, and I can easily mute all notifications when I need to buckle down. And even on silent mode, all the notifications count as āone place to checkā which is really good.
Itās also why multiple tabs in an RSS reader isnāt that healthy for me unless I can unlearn this bad habit or set the RSS refresh rate to once a day or something.
When I am writing prose in Emacs and I have sprawlbrain, I usually type one or more spaces at the end of all the places I know I need to continue writing or editing, and theyāll show up because of how show-trailing-whitespace is on.
So I can write a few words about things I need to remember to address without losing my place. It helps me ābookmarkā what Iām doing.
Plant-based patties that look super real with red blood and stuff can please die. I get & appreciate the visceral appeal but a lot of us get paranoid that weāre being served the wrong thing. Iām worried that I mightāve been tonight. (More worried that Iāll get sick than I am about any kinda purity culture.)
Also the whole ātrick the meateatersā is not OK. Vegans, probably better known as the people who most hate being tricked about food of all time, should have some sympathy there. And allergies exist, with some legume allergies being pretty dang scary. And that cuts both ways, donāt trick vegans either obviously.
A text summarizer that uses heuristics rather than neural networks:
GitHub - miso-belica/sumy: Module for automatic summarization of text documents and HTML pages.
Weird that iPad OS still doesnāt support opus and vorbis natively after all these years (outside of the āpaste the link into VLCā solution).
CW orange, but:
āCaddy is amazing, but on production machines remember to disable the unauthenticated and enabled by default JSON-based admin API bound to localhost:2019, as it can be a serious security risk in certain deployments.ā
Caddy is amazing, but on production machines remember to disable the unauthentic... | Hacker News
Sometimes I hear people talking about the new hotness in an app and Iām like āshould I switch to it? Ugh, what a schlepā¦ā and I put it off for years feeling guiltier and guiltier and procrastinatinger and procrastinatinger until I finally read up on the newer (by then pretty mature app) and realize that it canāt do what I need and that I shouldnāt switch and never had any reason to fret or stress in the first place compared to staying with the tried & true tool. Notmuch suits my own weird workflow better than mu4e, and nginx still has stuff I need over Caddy.
Next on the chopping block is Prosody, which certainly has some issues (my certbot hooks are still broken), but the ease of integrating it with Jitsi has been pretty great.