What could we do against those huge corporations? That's the interesting and hard question
What could we do against those huge corporations? That's the interesting and hard question
Previously we payed for magazines and still received ads. Now we have 'free' services exchanging our data and attention for content. We can read more on how we reached there in "Information doesn't want to be free"
So, my shortcut has been, pay for the services, use adblockers for everything else.
In fact has been surprising it wasn't forgotten into indifference but is being actively used.
There is the W3 as a comitee, but as a commercial media, it will follow interests of people pushing time, money and laws towards it.
There should be a warning like, don't twt if you are tired, hahaha
In other news, my Grandma celebrated 80 years, wow!
I read about the paradox of choice, that when your are free to choose you get blocked, or you choose the mainstream, not the most convenient one.
For me is a representation of the Hobbyst Net, distanced from the commercial one, with all the benefits of the mainstream and the niche obscurity.
I haven't used Raspberry Pi in a while, What distro/windows manager is that?
Perhaps you are looking for a Qwerty keyboard distance for spellchecking where darch, sarch, rarch are closer than march?
Over here ISPs are average compared to Germany, to say something. I'm using a local supplier by wireless antennas (since cable connections were not available when I arrived). It has been good enough, and at least they answer the support chat in seconds.
BTW it seems it's working better after the reset #weird
Full spec
Quick reference
I use it for my blog, renders well enough to HTML, it's extremely easy to remember, and it's easy to parse. Again, minimalism in the markup language, in the protocol, and finally in the communication.
And I knew of twtxt on Gemini (it's used there as a simplified feed format), so I'm here thanks to that hipster protocol ๐
Is heavier than gopher
Is lighter than the web
Will not replace either
I think it has many different things to enounce, some ideological, some practical. Some that I like and some others I don't share that much.
Some people will like the limitations, some others the encryption by default, and I guess some more will like the nostalgic factor of the Web of the 90s.
As a hacker, I like that is a 'modernized Gopher' with some inspiration taken from the Web, and it's something you can actually program with a few libraries in your favourite language, so it's a toy protocol which someone else is actually going to use. Trying to develop something on HTTP 2 or 3 nowadays seems impossible.
Having connections encrypted by default and using login by client certificates is appealing to my crypto side, although really optional (in fact there is an alternative without encryption that I can't recall the name by now)
https://www.ssllabs.com/ssltest/analyze.html?d=eapl.mx&latest
At least I found how Let's Encrypt is interacting with Nginx for the 'recommended' settings. Next step is https://observatory.mozilla.org
gemini://eapl.mx
The only content is the twtxt.txt (mainly for compatibility with hipster protocols :)
eapl.mx/twtxt.txt
Disclaimer: I have a distinction between opt-in semi-anonymous telemetry and spyware, but I get the point.
#prayForMe #randomRandForAWednesday
#randomThoughtOfTheDay
I'm watching that he uses a twtxt format with the newest twts at the start of the txt file.
Besides being easier to read for a human and 'harder' to write for a script, does it have any benefit you've seen?
So I'll say that using a password with a simple function like https://www.php.net/manual/en/function.password-verify.php
is much easier than a whole library requiring communication between the server, the browser and the auth device... There is a security reason for that (mainly to avoid phishing, which is something I like compared to other solutions like SQRL)
https://eapl.mx/webauthn/_test/client.html
And the implementation there:
https://eapl.mx/twtxt/login.html
What's missing in the examples is having an identity tied to your Auth device (Hardware token or OS service like Microsoft Hello, Apple Keychain, Android Fingerprint). The explanation is long, but the abstraction is there. Your identity and private certificates are held for you by some 'magic' device.
I was reading on Hacker News the other day about the collide of different personalities in the same space. Those wanting to give maintenance to existing systems (the stereotype of It guy), the hackers (breaking stuff because why not) and the developers (building thinks to solve problems).
And in an environment of earning money to make a living. Everything together sounds like a recipe for a very 'fun' environment.
I was reading on Hacker News the other day about the collide of different personalities in the same space. Those wanting to give maintenance to existing systems (the stereotype of IT guy), the hackers (breaking stuff because why not) and the developers (building thinks to solve problems).
And in an environment of earning money to make a living. Everything together sounds like a recipe for a very 'fun' place to work.
I was reading on Hacker News the other day about the collide of different personalities in the same space. Those wanting to give maintenance to existing systems (the stereotype of IT guy), the hackers (breaking stuff because why not) and the developers (building thinks to solve problems).
And in an environment of earning money to make a living. Everything together sounds like a recipe for a very 'fun' environment.
And if you have support for WebAuthn, even better.
Both are self-hostable.
I assume you have created an account on twtxt.net and you can see this message.
What have you used on Windows? The twtxt client on Python? (it's broken on newest versions of python), if you want your .txt file to be available publicly you could host it in some server or running the twtxt client from some tilde or VPS.
Or use Twtxt.net (which is a Yarn.social server) to manage following other users, receiving mentions, replying to other twts, and such. It creates and serves the text file for you, from a web and mobile interface.
Or you can use various clients (from a terminal) to insert net lines (twts) to the file, and also to read other users' files. Newest versions have extended the protocol to allow replies, hashtags and such.
I use both, in English I like twtxt.net/yarn.social since it's easy to talk as a community. In Spanish I use the traditional approach of hosting a file, more like a micro log.
I didn't know about https://indieauth.net which seems to be based on OAuth 2.0 (that I have used before), I'll take a look!
If you are able to reset your password by email, it's a pretty similar level of security than receiving an access token by email. Anyone with access to your mail could get access to your accounts.
Adding a second factor of authentication could help, or using something with Public/Private cripto would be better, like Client Certs, Fido2 or even hipster things.
And also giving alerts that someone else is connected in your behalf is great (like is done for some banks or Google) , but that's a UX compromise between convenience and security.
If you are able to reset your password by email, it's a pretty similar level of security than receiving an access token by email. Anyone with access to your mail could get access to your accounts.
Adding a second factor of authentication could help, or using something with Public/Private cripto could help, like Client Certs, Fido2 or even hipster things.
And also giving alerts that someone else is connected in your behalf is great (like is done for some banks or Google) , but that's a UX compromise between convenience and security.
So it's not disabled, but not setup correctly and for that reason doesn't send mails?
I wrote a bit about different approaches for Dynamic passwords and passwordless systems if anyone here is interested
https://text.eapl.mx/promoting-the-use-of-dynamic-passwords
I'd suggest something line "Send an access to your email", "Send a Magic link", etc.
That said, it's a classic alternative
https://sqrl.grc.com/pages/what_is_sqrl/
Also, this is a sandbox, don't take this workflow as an inspiration for any production ready site.
https://eapl.mx/twtxt/signup.html
And then:
https://eapl.mx/twtxt/
If you did that correctly, you'll reach the 'Write your twtxt here' part, (but you'll have to guess the password, muahaha)
That's my progress for today, it took longer than expected, I haven't developed in PHP, and forgot the details on file permissions, binary data for cryptography and such. Besides that, it has been a cool exercise.
#firstWorldProblems
Just joking, I think it could be used for some digital services, Amazon, Digital Ocean, or similar ๐ค
Wild idea, how about using the HTTP response codes https://developer.mozilla.org/en-US/docs/Web/HTTP/Status or from Gemini https://gemini.circumlunar.space/docs/specification.gmi
Like 308/31 for redirections, 410/52 for Gone and such
Wild idea, how about using the HTTP response codes https://developer.mozilla.org/en-US/docs/Web/HTTP/Status or from Gemini https://gemini.circumlunar.space/docs/specification.gmi
Like 308/31 for redirections, 410/52 for Gone and such
Wild idea, how about using the HTTP response codes https://developer.mozilla.org/en-US/docs/Web/HTTP/Status or from Gemini https://gemini.circumlunar.space/docs/specification.gmi
Like 300/3x for redirections, 410/5x for Gone and such
1. I'm out of context, why do we need this? (As a community of users and developers, I think)
2. I'm reading:
The goal is to provide a database that can be fetched periodically to receive a
list of twtxt feed URLs that are known to be wrong for whatever reason.
'Wrong for whatever reason' is too vague in my mind, doesn't help me to understand how it's useful, I think specific reasons would be better like 'File name changed', 'Domain changed', 'URL not available anymore/Gone forever' and such could be easier to understand.
3. What would happen if two URLs have changes, you take the most recent one?
4. Who's gonna be the main user? Systems like Yarnd checking for changes to auto-correct broken links?
These are my first impressions, and not wanting to say something wrong, it looks appealing. Kudos for the initiative!
But I'd like to recommend one of my favorite text based games, pehaps it's something appealing to you
https://github.com/amirrajan/survivingtheappstore/blob/master/manuscript/blind.md
Disclaimer: It's the first playable, ha, and I haven't touched PHP in months
What have you been doing for the last 5 years? ๐
As a scientist, I always have to remind: "Scientists were so preoccupied with whether or not they could, they didn't stop to think if they should."
That's where 'good' intentions like Google with the "don't be evil" motto, suddenly, get evil. A search engine is cool. A whole company designed to sell users' data, not so much. The same thing with anything to store value, it's tightly connected with power, and that *may* show the worst part of humans.
But as with many 'successful' experiments it's going out of control. Currently, there are 9k+ different cryptocurrencies, each one trying to improve over the previous, or at least promising new things, and that's where the promises are not going to be fulfilled. It's easiest to promise a nicer future than to actually achieve it.
I can't say every crypto + currency system is evil or good. That's ideology, oversimplification appealing to our emotions. 'Money is the root of all evil' is BS, the real quote is 'the love of money is the root of all evil'. I'll say it's the same for Cryptocurrencies. Fanaticism and cult behaviour is the bad part IMO.
https://docs.flutter.dev/deployment/android
I'll have to improve the password system, but now should be enough to send a few twts in spanish
https://text.eapl.mx/my-take-for-the-hobbyist-net-in-2022
I was thinking on having the easiest possible way to do it, but I don't want a whole website for it.
I've seen some single PHP script for it, but my server doesn't have support for PHP (yet)...
So, it's a not so painful problem for me, right now
https://join-lemmy.org/docs/en/index.html
On the updates, I'm in the middle, I understand of being always on beta, more if the development model is like that (Google vs Apple mindsets for instance, buying a product vs being the product)
What could we do to avoid that feeling?
That said, yes, I see a planned obsolescence in everything. For instance the topic in my industry today was the discontinuation of Amazon Game Sparks so many important games won't have online matches until the Devs achieve replace on a rush the online system. (I mean in a rush since it's not a priority until it occurs)
Also I updated some Ubuntus I have (Desktop and VPS) and it's the same, dozens of updates which I only say, Yes to all.
P. S. Both run over the 'Internetz'
I've looking for some other alternatives, HckrNews, lobsters, and some decentralized ones. What do you use for your Hobbyst interests?