# I am the Watcher. I am your guide through this vast new twtiverse.
# 
# Usage:
#     https://watcher.sour.is/api/plain/users              View list of users and latest twt date.
#     https://watcher.sour.is/api/plain/twt                View all twts.
#     https://watcher.sour.is/api/plain/mentions?uri=:uri  View all mentions for uri.
#     https://watcher.sour.is/api/plain/conv/:hash         View all twts for a conversation subject.
# 
# Options:
#     uri     Filter to show a specific users twts.
#     offset  Start index for quey.
#     limit   Count of items to return (going back in time).
# 
# twt range = 1 196266
# self = https://watcher.sour.is?offset=181380
# next = https://watcher.sour.is?offset=181480
# prev = https://watcher.sour.is?offset=181280
movq
www.uninformativ.de
View Thread
@lyse Oh no. 🥴 What kind of telescope have you got?
movq
www.uninformativ.de
View Thread
@lyse Oh no. 🥴 What kind of telescope have you got?
movq
www.uninformativ.de
View Thread
@lyse Oh no. 🥴 What kind of telescope have you got?
movq
www.uninformativ.de
View Thread
@lyse Oh no. 🥴 What kind of telescope have you got?
lyse
lyse.isobeef.org
View Thread
I'm rather frozen after half an hour looking at Venus and Saturn through the telescope outside. I couldn't see any rings around Saturn. Disappointing. It also appeared rather dark. The very bright Venus on the other hand told me that there is something growing inside the scope. :-( Or maybe there is dust.
movq
www.uninformativ.de
View Thread
An all time favorite. // Amorphis - Drifting Memories // https://www.youtube.com/watch?v=WoY4oJkpBEs #NowPlaying
movq
www.uninformativ.de
View Thread
An all time favorite. // Amorphis - Drifting Memories // https://www.youtube.com/watch?v=WoY4oJkpBEs #NowPlaying
movq
www.uninformativ.de
View Thread
An all time favorite. // Amorphis - Drifting Memories // https://www.youtube.com/watch?v=WoY4oJkpBEs #NowPlaying
movq
www.uninformativ.de
View Thread
An all time favorite. // Amorphis - Drifting Memories // https://www.youtube.com/watch?v=WoY4oJkpBEs #NowPlaying
lyse
lyse.isobeef.org
View Thread
@xuu I added some logging when a "dead" peer is removed as I suspect this to be a hot candidate for all the trouble. https://git.mills.io/yarnsocial/yarn/commit/21538951f9dc71b9366db6dbb784a8078096a4c8 Does this yield anything?
lyse
lyse.isobeef.org
View Thread
@aelaraji @prologic Hmmm!
@jo
comam.es
View Thread
[47°09′41″S, 126°43′01″W] Wind speed: 107kph -- batteries low
nethsara
nethsara.envs.net
View Thread
I'm gonna listen to Cigarettes After Sex all day if I get a GF
prologic
twtxt.net
View Thread
It's nice to see we're all largely thinking along the same lines. e.g: Salty.im 😅
prologic
twtxt.net
View Thread
It's nice to see we're all largely thinking along the same lines. e.g: Salty.im 😅
prologic
twtxt.net
View Thread
@eapl.me Yeah this is true. Previously RSA and AES were more common. These days Salsa and Chacha and Curve are fairly prevalent. For example all the Wireguard stuff uses Curve25519 / Ed25519 crypto. Signal uses very similar crypto too, but with some very nice double ratcheting 3DH.
prologic
twtxt.net
View Thread
@eapl.me Yeah this is true. Previously RSA and AES were more common. These days Salsa and Chacha and Curve are fairly prevalent. For example all the Wireguard stuff uses Curve25519 / Ed25519 crypto. Signal uses very similar crypto too, but with some very nice double ratcheting 3DH.
prologic
twtxt.net
View Thread
@eapl.me I _-think_ we've gotten use to it somewhat 🤣
prologic
twtxt.net
View Thread
@eapl.me I _-think_ we've gotten use to it somewhat 🤣
eapl.me
eapl.me
View Thread
a year ago I had a struggle to find documentation about it and now it seems there are more examples, cool!
eapl.me
eapl.me
View Thread
I agree 🙂, although it's easy to lose comments over time and are not so grouped by topic, it's not so easy to vote or make a survey about it...

I prefer a forum for that 😊
eapl.me
eapl.me
View Thread
here are a few ideas you might take into consideration when designing a secure IM https://developer.virgilsecurity.com/docs/e3kit/fundamentals/secure-instant-messaging/

Obviously if you've worked on something similar, you already know it, he
eapl.me
eapl.me
View Thread
I made a draft of an "encrypted public messenger", which was basically a Feed for an address derivate from the public ket, let's say 'abcd..eaea'

Anyone could check, "are there any messages for my address?" and you get a whole list of timestamps and encrypted stuff.

Inside the encrypted message is a signature from the sender. That way you 'could' block spam.

Only the owner of the private key could see who sent what, and so...

And even with that my concussion was that users expectations for a private IM might be far away from my experiment.
prologic
twtxt.net
View Thread
@doesnm whilst technically true, expensive and unnecessary.
prologic
twtxt.net
View Thread
@doesnm whilst technically true, expensive and unnecessary.
doesnm
doesnm.p.psf.lt
View Thread
Again: if you *can* decrypt - it's for you
movq
www.uninformativ.de
View Thread
@johanbove Easier said than done. Couldn’t believe my eyes this morning.
movq
www.uninformativ.de
View Thread
@johanbove Easier said than done. Couldn’t believe my eyes this morning.
movq
www.uninformativ.de
View Thread
@johanbove Easier said than done. Couldn’t believe my eyes this morning.
movq
www.uninformativ.de
View Thread
@johanbove Easier said than done. Couldn’t believe my eyes this morning.
bmallred
staystrong.run
View Thread
Pinellas County - 3 mile run: 3.15 miles, 00:09:39 average pace, 00:30:26 duration
legs feel really beat up but i have no idea why.
#running
bmallred
nahongvita.run
View Thread
Pinellas County - 3 mile run: 3.15 miles, 00:09:39 average pace, 00:30:26 duration
legs feel really beat up but i have no idea why.
#running
bmallred
staystrong.run
View Thread
Pinellas County - 3 mile run: 3.15 miles, 00:09:39 average pace, 00:30:26 duration
legs feel really beat up but i have no idea why.
#running
@jo
comam.es
View Thread
[47°09′37″S, 126°43′16″W] Wind speed: 58kph
andros
twtxt.andros.dev
View Thread
It is not possible to remove it, otherwise you do not know that the message is for you. With that information you can't decrypt.
andros
twtxt.andros.dev
View Thread
It is not possible to remove it, otherwise you do not know that the message is for you. With that information you can't decrypt.
prologic
twtxt.net
View Thread
@doesnm I always do 👌
prologic
twtxt.net
View Thread
@doesnm I always do 👌
andros
twtxt.andros.dev
View Thread
I updated the specification with base64, Curve25519 and more examples: https://github.com/tanrax/twtxt-direct-message-extension
andros
twtxt.andros.dev
View Thread
I updated the specification with base64, Curve25519 and more examples: https://github.com/tanrax/twtxt-direct-message-extension
doesnm
doesnm.p.psf.lt
View Thread
Can you share summary after meeting?
andros
twtxt.andros.dev
View Thread
@prologic @lyse First, please leave me your comments on the repository! Even if it's just to give your opinion on what shouldn't be included. The more variety, the better.

Second, I'm going to try to do tests with Elliptic keys and base64. Thanks for the advice @eapl

Finally, I'd like to give my opinion. Secure direct messages are a feature that ActivityPub and Mastodon don't have, to give an example. By including it as an extension, we're already taking a significant leap forward from the competition. Does it make sense to include it in a public feed? In fact, we're already doing that. When we reply to a user, mentioning them at the beginning of the message, it's already a direct message. The message is within a thread, perhaps breaking the conversation. Direct messages would help isolate conversations between 2 users, as well as keeping a thread cleaner and maintaining privacy. I insist, it's optional, it doesn't break compatibility with any client and implementing it isn't complex. If you don't like it, you're free to not use it. If you don't have a public key, no one can send you direct messages.
andros
twtxt.andros.dev
View Thread
@prologic @lyse First, please leave me your comments on the repository! Even if it's just to give your opinion on what shouldn't be included. The more variety, the better.

Second, I'm going to try to do tests with Elliptic keys and base64. Thanks for the advice @eapl

Finally, I'd like to give my opinion. Secure direct messages are a feature that ActivityPub and Mastodon don't have, to give an example. By including it as an extension, we're already taking a significant leap forward from the competition. Does it make sense to include it in a public feed? In fact, we're already doing that. When we reply to a user, mentioning them at the beginning of the message, it's already a direct message. The message is within a thread, perhaps breaking the conversation. Direct messages would help isolate conversations between 2 users, as well as keeping a thread cleaner and maintaining privacy. I insist, it's optional, it doesn't break compatibility with any client and implementing it isn't complex. If you don't like it, you're free to not use it. If you don't have a public key, no one can send you direct messages.
prologic
twtxt.net
View Thread
👋👋 Reminders that this weekend our monthly Yarn.social online meetup. Who's coming? 🤔 Some possible topics:

- Direct Messaging for Twtxt
- @prologic 's new EdgeGuard services 🤣
- What's the weather like? 👍

Details:

- When: 25th Jan 2025 at 12:00PM UTC (midday)
- Where: https://meet.mills.io/call/Yarn.social
prologic
twtxt.net
View Thread
👋👋 Reminders that this weekend our monthly Yarn.social online meetup. Who's coming? 🤔 Some possible topics:

- Direct Messaging for Twtxt
- @prologic 's new EdgeGuard services 🤣
- What's the weather like? 👍

Details:

- When: 25th Jan 2025 at 12:00PM UTC (midday)
- Where: https://meet.mills.io/call/Yarn.social
prologic
twtxt.net
View Thread
@eapl.me@eapl.me But we're actively discussing on Twtxt 🤣
prologic
twtxt.net
View Thread
@eapl.me@eapl.me But we're actively discussing on Twtxt 🤣
prologic
twtxt.net
View Thread
@eapl.me@eapl.me Agree with the base64 encoding 👌
prologic
twtxt.net
View Thread
@eapl.me@eapl.me Agree with the base64 encoding 👌
prologic
twtxt.net
View Thread
@eapl.me@eapl.me actually it is easy 🤣 It's now the standard for SSH keys 😆
prologic
twtxt.net
View Thread
@eapl.me@eapl.me actually it is easy 🤣 It's now the standard for SSH keys 😆
prologic
twtxt.net
View Thread
@aelaraji Hmmm? 🤔
prologic
twtxt.net
View Thread
@aelaraji Hmmm? 🤔
prologic
twtxt.net
View Thread
@xuu Is this because there's a bug in persisting trusted peers? 🤔
prologic
twtxt.net
View Thread
@xuu Is this because there's a bug in persisting trusted peers? 🤔
prologic
twtxt.net
View Thread
@lyse This is a good point.
prologic
twtxt.net
View Thread
@lyse This is a good point.
prologic
twtxt.net
View Thread
@doesnm That's _actually_ not true, because you'd have to know the target you're interested in, in the first place. Inboxes in Salty.IM are deliberately shahed for this reason. So whilst you _may_ know your own inbox address, etc, I (_as an arbitrary bad actor_) wouldn't easily be able to guess (_let alone brute force_) my way to another inbox address of an interested party.
prologic
twtxt.net
View Thread
@doesnm That's _actually_ not true, because you'd have to know the target you're interested in, in the first place. Inboxes in Salty.IM are deliberately shahed for this reason. So whilst you _may_ know your own inbox address, etc, I (_as an arbitrary bad actor_) wouldn't easily be able to guess (_let alone brute force_) my way to another inbox address of an interested party.
doesnm
doesnm.p.psf.lt
View Thread
It's ok for most encrypted protocols (In salty you can fetch other messages but can't decrypt). Btw i think recipient can be removed so if someone seen message they tried to decypt, if can't - its not message to you
nff
www.noizhardware.com
View Thread
thinking about l-systems again, maybe a morse beacon #coding #sound #radio #halfbaked
@jo
comam.es
View Thread
[47°09′26″S, 126°43′41″W] Wind speed: N/A -- Cannot comunicate
@jo
comam.es
View Thread
[47°09′25″S, 126°43′54″W] Wind speed: 99kph -- batteries low
aelaraji
aelaraji.com
View Thread
hmmm? 🤔
xuu
dev.txt.sour.is
View Thread
I remember starting that one.. it was a bit gratuitous for me to get past the first few episodes.
xuu
txt.sour.is
View Thread
I remember starting that one.. it was a bit gratuitous for me to get past the first few episodes.
xuu
dev.txt.sour.is
View Thread
and yes.. these all come with satisfying endings across multiple seasons.
xuu
txt.sour.is
View Thread
and yes.. these all come with satisfying endings across multiple seasons.
xuu
dev.txt.sour.is
View Thread
my goto's are the Expanse, the Magicians, XFiles, House, Umbrella Academy, Orphan Black, 12 Monkeys, the star treks (DS9 especially)

i have probably watched through them a half dozen times each. some more :D
xuu
txt.sour.is
View Thread
my goto's are the Expanse, the Magicians, XFiles, House, Umbrella Academy, Orphan Black, 12 Monkeys, the star treks (DS9 especially)

i have probably watched through them a half dozen times each. some more :D
xuu
txt.sour.is
View Thread
It seems related to us poor single user pods not getting the trust to share twts.. which it seems to still untrust on restart for me.
xuu
dev.txt.sour.is
View Thread
It seems related to us poor single user pods not getting the trust to share twts.. which it seems to still untrust on restart for me.
xuu
dev.txt.sour.is
View Thread
@movq ^^
xuu
txt.sour.is
View Thread
@movq ^^
xuu
dev.txt.sour.is
View Thread
@movq, @prologic when navigating to a Yarn. If the head twt is missing then the whole thread is not accessible. It only returns an error. so i have no way to view any of the replies within the thread other than the end twt.
xuu
txt.sour.is
View Thread
@movq, @prologic when navigating to a Yarn. If the head twt is missing then the whole thread is not accessible. It only returns an error. so i have no way to view any of the replies within the thread other than the end twt.
prologic
twtxt.net
View Thread
@xuu Can you elaborate in textual form for the poor vision impaired developer 🤣 🙏
prologic
twtxt.net
View Thread
@xuu Can you elaborate in textual form for the poor vision impaired developer 🤣 🙏
stats
yarn.meff.me
View Thread
🧮 USERS:1 FEEDS:2 TWTS:1221 ARCHIVED:84322 CACHE:2821 FOLLOWERS:17 FOLLOWING:14
gretahayes
yarn.girlonthemoon.xyz
View Thread
Also guys if u ever need a new life philosophy. Connor Hawke from green arrow comics is your guy
gretahayes
yarn.girlonthemoon.xyz
View Thread
Lowkey planning out a book (anthology. Maybe) of just playscripts in my Greek myth yuriverse. Thank u lord
iolfree
tilde.club
View Thread
because Trump has floppy hair it sets people off because 'their' hair never moves
@jo
comam.es
View Thread
[47°09′28″S, 126°43′03″W] Automatic systems disengaged due to thunderstorm
lyse
lyse.isobeef.org
View Thread
Just threw this RSS feed into Newsboat. The titles suck, but I hope the content makes up for it. :-)
lyse
lyse.isobeef.org
View Thread
@movq Speaking of fog, a workmate showed me his view out of the window today and you couldn't even see a hundred meters. Looked really nice! :-) We actually had a little bit of sun over here.
lyse
lyse.isobeef.org
View Thread
@movq Woah, that sun from satellite SDO is fucking sick! https://social.bund.de/system/media_attachments/files/113/859/065/836/106/300/original/95b43f7a0086476d.jpeg
movq
www.uninformativ.de
View Thread
@xuu What’s going on here? Are you doing anything or does it jump to that error page randomly?
movq
www.uninformativ.de
View Thread
@xuu What’s going on here? Are you doing anything or does it jump to that error page randomly?
movq
www.uninformativ.de
View Thread
@xuu What’s going on here? Are you doing anything or does it jump to that error page randomly?
movq
www.uninformativ.de
View Thread
@xuu What’s going on here? Are you doing anything or does it jump to that error page randomly?
movq
www.uninformativ.de
View Thread
@lyse Ahh, that good old orange light. 😍 Yeah, everything’s foggy here as well.
movq
www.uninformativ.de
View Thread
@lyse Ahh, that good old orange light. 😍 Yeah, everything’s foggy here as well.
movq
www.uninformativ.de
View Thread
@lyse Ahh, that good old orange light. 😍 Yeah, everything’s foggy here as well.
movq
www.uninformativ.de
View Thread
@lyse Ahh, that good old orange light. 😍 Yeah, everything’s foggy here as well.
lyse
lyse.isobeef.org
View Thread
I haven't read the entire specification, but I think there is a fundamental design problem. Why would someone put an encrypted message on a public feed that is completely useless to everybody other than the one recipient? This doesn't make sense to me. It of course depends on the threat model, but wouldn't one also want to minimize the publicly visible metadata (who is communicating with whom and when) when privately messaging? I feel there are better ways to accomplish this. Sorry, if I miss the obvious use case, please let me know. :-)
lyse
lyse.isobeef.org
View Thread
Clouds are hiding the planets right now, but the sky was slightly on fire before: https://lyse.isobeef.org/abendhimmel-2025-01-20/

Bush fire sunsets are the nicest
xuu
txt.sour.is
View Thread
This UX can be very frustrating.
xuu
dev.txt.sour.is
View Thread
This UX can be very frustrating.
eapl.me
eapl.me
View Thread
another one would be to allow changing public keys over time (as it may be a good practice [0]). A syntax like the following could help to know what public key you used to encrypt the message, and which private key the client should use to decrypt it:

!<nick url> <encrypted_message> <public_key_hash_7_chars>


Also I'd remove support for storing the message as hex, only allowing base64 (more compact, aiming for a minimalistic spec, etc.)

[0] https://www.brandonchecketts.com/archives/its-2023-you-should-be-using-an-ed25519-ssh-key-and-other-current-best-practices
eapl.me
eapl.me
View Thread
my first thought is that encrypting messages with Elliptic keys is not as easy as with RSA, although I tried doing something similar a few months ago with ECIES
https://github.com/eapl-gemugami/owl/blob/main/src/app/controller/ecies_demo.php