@blake@infosec.town

blake

@blake@infosec.town

A software developer with a passion for the powers, rights, and freedoms of users. Developer of dahliaOS, LucidLog, Bodacious, and more. Sometimes tries to design and write. Cool tech enthusiast.

Likely to post about #FOSS, #FreeSoftware, and #OpenSource (specifically, my various projects), radio stuff, and some other technology-related stuff. For my climate activism and solarpunk adjacent stuff, see my alt account linked below.

  • I hereby opt in my public posts to be searchable on tootfinder
  • My profile picture is not up to date, even though I just took some for this purpose
  • Recovering from being a lot of bad things, still have more to go. Keep me in check please

This profile is from a federated server and may be incomplete. Browse more on the original instance.

thisismissem, to fediverse
@thisismissem@hachyderm.io avatar

oooh, that's cool: https://activitypub.academy/

#ActivityPub

blake,

@thisismissem this is really cool! I think this is sort of what Pubkit is supposed to do (and I think it would do it better).

As it turns out, it (and/or Mastodon) does keep Firefish's extra Misskey fields, so you can see Misskey reactions in the log.

Can someone using #Akkoma or #Pleroma react to this linked post please? I want to see what they look like.

blake,

@thisismissem thanks for the help @tulpa. It looks like Misskey and Pleroma, and therefore their forks, implement reactions incompatibly. I threw them into a document for reference. Personally, I prefer Misskey's method since it falls back to a Like where reactions aren't supported, which makes sense to me.

https://md.blakes.dev/s/PKQnoUn50

blake,

@thisismissem @tulpa I got it but it didn't show up on the Activity Log! Probably because my computer was maybe asleep, and it only receives them to the log when you're connected to the web app -- they're not actually "logged."

blake,

@thisismissem Something else I like about this tool is, I believe, it's open-source and self-hostable, so I could deploy it myself on, say, aptester.blakeslabs.com.

It definitely feels like a ripe abuse vector for bots.

joel, (edited ) to Signal
@joel@fosstodon.org avatar

#Signal is making usernames a thing at last. Wanna chat?

How to set it up:

https://community.signalusers.org/t/public-username-testing-staging-environment/56866

blake,

@adamsdesk
I assume it's an abuse combating measure. If you want to preserve anonymity at the cost of bad actors, there's always Session.
@joel

blake,

@adamsdesk @joel The "abuse" of other people having your phone number is reduced to near zero with usernames -- having a phone number in the first place is going to give you way more abuse of it. As for tracking, I'd bet there's a way to validate the source code to make sure it's doing exactly what it says it's doing.

In the end, no matter how you slice it, every good system requires some amount of trust. I'd argue Session is not a good system as there's zero abuse prevention and it's also pretty well tied to the blockchain (even though your messages and whatnot are off the record).

blake,

@joel @adamsdesk I think a good compromise would be to have a "very limited" account state for non-phone number users, where you can't send messages to new people or join groups on your own; you have to be the one contacted, by someone who has verified their phone number. That would help more people than just paranoid anonymity freaks, too, such as families where some younger family members don't have mobile data (but do have, say, a tablet), while keeping the speed bump there. It could be useful for bots and alt-accounts (say, for business), too.

blake,

@joel
The "you have to be contacted" idea is per person-who-contacts-you, not a verification mechanism in and of itself, for exactly that reason.
@adamsdesk

blake, to Matrix

New blog post. I forgot to reinstall Node when recreating my development environment so I had to do that, but it's up now. The page discusses the recent news about the relicensing-and-CLA situation, and how it relates to Spades and (to a tiny degree) the Fediverse.

https://blakes.dev/posts/2023-11-06-element-closing-matrix/?cachebuster=1

#matrix #xmpp #element

leroy, to random
@leroy@indiehackers.social avatar

Being very used to my Mastodon feed now makes it very evident how ad-heavy other platforms are.

It’s refreshing to only see posts that I made a conscious effort to see. And it’s bonkers that it’s a rare concept.

blake,

@leroy Turning on the TV to watch a sports game is about the only time I see ads nowadays. How do people live like that?!

blake, to random

Dear companies/stores:
If you cannot adequately staff your stores, close the store.
This goes for holidays that your employees collectively want off, as well as just in general if you can't hire enough people to do the job right on a regular day.
Thanks, literally everyone.

blake, to random

I need a #XMPP #Jabber server to test Spades with so I'm about to set up the server for blakes.dev (and blakeslabs.com). I'd like to use Metronome but I'm not sure if or how well it works with Docker¹. Prosody doesn't support MIX (a must for me) and it's also old, crusty, and you know, replaced by Metronome. So now I'm looking at Ejabberd² which doesn't seem to have a community modules system so I don't think I can (easily) extend features onto it, like MIX-MUC, the way Prosody (and Metronome) could. I believe there's also Openfire which I've seen is also behind on features (it doesn't support XEP-0050 Blocking Command?).

I'm probably going to set up Ejabberd but some advice would be appreciated.

¹ I'm using Docker to manage all my shit, like how most of us nerds use Kubernetes. Isn't K8s used for multiple-server servers? I'm only running one VPS, so it's not that useful for me.
² They said they were adding Matrix support some time back. That would be very useful to me. I don't see any mention of it in the docs or even the source code though.

blake,

@jabberati i'm building an app with it so yeah (the unholy mess that is MUC will come later)

blake,

@jabberati latest Metronome has it and latest Ejabberd has it too. I'm looking at that one and it looks like whoever wrote the docs isn't a native English speaker so it's a little difficult to understand. It might work well for my purposes.

Do you know about data portability between different servers? If I ever wanted to, is there a path to switch from, say, Tigase to Ejabberd? Reconfiguring it is no big deal, but I'm mostly wondering about archives, rosters, blocks, users, etc.

blake,

@jabberati I guess something like that but at the server level. Ideally it would be a process where, by the time it's done, it'll run on the same domain, any bots I put on there can continue to work, and any group chats or MUCs I run on it too.

I don't think any software in federated space has this. There was talk a while back about setting up a database migration from Mastodon to what was then Calckey.

santiago, to retrocomputing
@santiago@masto.lema.org avatar

It’s not #Caturday yet in this country but Marx 🐱 is already posing on his favorite :apple_inc: #RetroComputing devices.

#cats #CatsOfMastodon #Apple #Mac

blake,

@santiago I thought the chrome one was a toaster for a second 🫣

frameworkcomputer, to random
@frameworkcomputer@fosstodon.org avatar

Framework Laptop 16 really can play games.

blake,

@frameworkcomputer In all honesty, if other laptop/computer manufacturers adopted the expansion card form factor I could totally see this becoming a thing.

That would be pretty cool, I think.

blake,

@travisfw @frameworkcomputer There's less than there should be, that's for sure. Physical games on a read-only device can't be remotely deleted ;)

joel, to random
@joel@fosstodon.org avatar

I am looking at you, random Mastodon user who is not using a password manager right now.

You should be ashamed.

blake,

@joel
The people who need a password manager the most are the ones who couldn't figure out how to use it if they tried. Mostly, old people.

steamdeckhq, to Steamdeck
@steamdeckhq@mastodon.world avatar

While we can’t wait for #CitiesSkylines2, the recent performance news from Paradox has us worried about playing on the #SteamDeck.

https://steamdeckhq.com/news/cities-skylines-2-wont-run-well-on-steam-deck/

blake,

@steamdeckhq Cities Skylines struggles to run well on the beefiest supercomputers money can buy. I don't see how CS2 is going to be any better.

blake, to random

This reminds me: why do Bluetooth headphones with a USB charger (USB-C!) not let you use the headphones over USB?! They'll stop outputting audio altogether if it's plugged in! Not even ones that have a 3mm aux jack! It's really outrageous and such a waste. Imagine getting stellar audio quality and low/zero latency over USB! Instead, you can only get low latency over aux or stellar quality via Bluetooth, and sometimes neither!

CC (quoted): @dannysullivan

RE: https://mastodon.social/users/dannysullivan/statuses/111223829989946002

blake, to wordpress

Oh yeah! So now that #WordPress is in the Fediverse, that makes two platforms that use the domain name as the username (BridgyFed being the other). Tumblr will probably follow suit with this pattern (but more because WordPress did it, since it's owned by the same company).

I have a suggestion for Fediverse platforms (servers and clients) that display/consume @user@server handles: give @domain@domain handles some special treatment!

  • Look them up when presented with only a username which contains a dot (i.e. @evanp.me would trigger a lookup for @evanp.me@evanp.me)
  • Show just @user when presented with an exact duplicate (with some variation allowed, mostly punycodes and casing, in which case you'd use the variant in the username field). So @falloutboy.tumblr.com@falloutboy.tumblr.com would be shown as @falloutboy.tumblr.com.
acb, to random
@acb@mastodon.social avatar

This is thoughtful design: Muji apparently released a flashlight that works with any combination of 2 AA and 2 AAA batteries, only more dimly with fewer batteries.

blake,

@acb I've always assumed that things that "require" X many batteries of X type are depending on all batteries to complete the circuit, not to mention the specific voltages of certain types of batteries. If that is true there's probably a way around it and that's probably what they did -- it's probably more components though and therefore more costly (although, to be fair, it's probably pennies on the dollar per hundred units or whatever).

ShaMyouiMo, (edited ) to mastodon
@ShaMyouiMo@kpop.social avatar

How do guys go about quoting posts if you do?

blake,

@ShaMyouiMo
As an actual quote boost. I mention Mastodon users I quote since they don't get notifications from quotes like Firefish/Misskey (and Pleroma/Akkoma?) users do.

blake, to random

My other server, firefish.social, is becoming increasingly painful... it is guaranteed to "error" every time I post, and it also takes forever to load any posts. Now, it will actually error sometimes when posting, and give a different error if it succeeds. I also get zero feedback on the success of certain actions, like boosting, favoriting, and reacting. I have no idea what's going on there and I suspect neither does Kainoa. So I'm looking for another server to house that account, where I post about climate, personal life stuff, and US/NC politics (and trans rights!).

I'm trying out @blake but the/an admin there is immediately making me uncomfortable right off the bat with provocative, argumentative comments (doesn't matter if they're right or wrong, the point is it's far from the kind of thing I want to see or engage with). The server is also not very well federated. So maybe another Firefish server... there aren't a lot on joinfirefish.org. I'd consider hosting my own if it wasn't so goddamn expensive, and getting it well federated is pretty much impossible on a single user instance (the Fedibuzz relay doesn't work, and regular relays don't include servers I want to hear from!).

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • thenastyranch
  • magazineikmin
  • mdbf
  • GTA5RPClips
  • everett
  • rosin
  • Youngstown
  • tacticalgear
  • slotface
  • ngwrru68w68
  • kavyap
  • DreamBathrooms
  • khanakhh
  • megavids
  • tester
  • ethstaker
  • cubers
  • osvaldo12
  • cisconetworking
  • Durango
  • InstantRegret
  • normalnudes
  • Leos
  • modclub
  • anitta
  • provamag3
  • lostlight
  • All magazines
    •