This was a fantastic talk.
The production of honks must not be mean.
This was a fantastic talk.
@jeff Falsehoods programmers wish they could believe: the network is reliable.
The number of unreliable servers in the federation is too damn high!
And so it begins.... https://marc.info/?l=openbsd-cvs&m=155847486523311&w=2
Are you okay htop?
A joyous quote from Anathem copyright 2008.
> “Yes—a technical term. So crap filtering became important. Businesses were built around it. Some of those businesses came up with a clever plan to make more money: they poisoned the well. They began to put crap on the Reticulum deliberately, forcing people to use their products to filter that crap back out. They created syndevs whose sole purpose was to spew crap into the Reticulum. But it had to be good crap.”
Looks like I need to decouple inbox processing from reception. The easy thing was to just fetch attachments and save messages as received. But some remote servers are slow, which causes my proxy to think the request has timed out. Damn ActivityPub making me gradually implement things correctly.
vi f<tab> in the wrong directory, opened firefox.core.
Less dummy, less dumb.
@kaniini famous last words.
When will ning support federation with honk???
How mature is the field of software engineering? We're still benchmarking
Nothing quite like a database upgrade that only upgrades half the relevant rows.
@sblaydes @ab I do have one, a lot of things don’t work atm. I did a write up here: https://deftly.net/posts/2018-10-15-openbsd-on-lenovo-a485.html
@stsp Reading chatter about ifconfig up -> up transitions the idea popped into my head to make it a counter. Then figured while I was making magic wishes, I should make it a useful magic wish. I have not yet lost any files today.
Feature wish request: Ability to
link a file to itself. Each link will increment the link count, requiring another call to
unlink to remove. Important file? Give it ten links; protection from nine stray
When signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. Certificates signed by RSA keys will therefore be incompatible with OpenSSH < 7.2 unless the default is overridden.
@lain At the moment, I have faith in the goodness of the people of the federation. Yes, I should probably at least check for same origin. There are some forgery checks in other paths, but not this particular one.
@lanodan can you confirm if pleroma actually tries to fetch the object if it's embedded? I noticed a few weeks ago I would sometimes get announces where the object was an object instead of a link, but I just save it. At the time, I didn't know what caused it, just figured more AP weirdness.
summary: DZ: paper folding, squish, boom
@foxhkron have a look at https://kodachrome.club/objects/3c6f8292-1dbf-4adc-8915-8e0b5fe3113e? It's missing context (not to be confused with @context).
(I see the inreplyto now, that's good.)
@foxhkron two things I notice missing from notes, if they're not already on your todo list, are inReplyTo and context (which big M calls conversation) which would help threading.
Slides for my talk "Road Warrior Disaster Recovery" posted to the @bsdcan website and github.
@foxhkron Should work. Let me know if there's any trouble.
Random thought, probably not the intended lesson, from road warrior disaster recovery: putting /usr at front of disk, and / (with /etc) somewhere after that, gives you a minor buffer against wild dd appearances.
All of the text below is copied from https://twitter.com/danluu/status/1129519029192757249. Pasted here to unthread.
Since 2016, I've been thinking about how clear, informative, non-academic talks don't seem very popular.
In 2016, @garybernhardt gave a talk on reproducibility at StrangeLoop which I thought was quite good. It clearly explained a non-obvious idea and came in well under time.
Literally everyone I talked to at the conference gave the talk a lukewarm to negative review. One person even walked out.
The reason everyone told me that talk was lame was that it was so obvious there was no point in giving a talk on the idea.
This is interesting because a couple years earlier, I saw a talked that covered the same topic, wildly popular (most YT viewed talked from the conference of all time) but incomprehensible.
I didn't even know what the talk was about until I saw Gary's talk 2 years later.
After watching the wildly popular talk, I asked about twenty people at the conference if they could explain what the talk was about and how the 2nd half related to the 1st half.
Literally zero people told me they thought they understood the talk.
I kept asking about the popular talk for about a year and eventually found one person who said they understood the talk, but after talking to them at length, they couldn't explain the talk.
This talk was widely loved and is still highly cited today.
Gary's talk was so good, so clear, that everyone I talked to thought the talk was bad.
If there was more vague ranting or talking around the point instead of actually conveying the point, I suspect people would've liked the talk.
This also happens at work! A friend of mine went up for "senior staff" promo (and succeeded), but someone on the promo committee objected b/c "that could've been done by a SWE-2", as if figuring out a simple way to do something valuable makes it less valuable.
[From Dan Luu https://twitter.com/danluu]
When the microcode is no longer quite so micro...
Philip (guenther@) just committed the necessary mitigation for Intel's Microarchitectural Data Sampling vulnerability to #OpenBSD -current. Once again worth noting that OpenBSD disabled SMT by default in 6.4.
unwind, the relaxed unbound.
Many lessons from accessibility talk by @stsp but one key point is that unreliable software is inaccessible. e.g. If the login manager crashes, we just enter our password again. If entering passwords is difficult, however, this becomes a serious barrier.
Can confirm the BSDcan network blocks lots of ports. Can also confirm ssh over https works for me.
@_xhr_ just north of Parliament in Ottawa, looking south.
"This is a design for a simple file encryption CLI tool, Go library, and format. It’s meant to replace the use of gpg for encrypting files, backups, streams, etc. It’s going to be called “age”, which might be an acronym for Actually Good Encryption."
My service restart "^C, up, enter" ninja technique works less on a laggy packet dropping connection.
@sir not yet...
@sir I too am writing an email client in go, and in a sense, it has been in development since before go existed.
@mwlucas If someone hasn't been to bsdcan in five years, does their old timer status elapse?
Curious (ironic?) note about MDS mitigation. Enabling fast strings may make things faster for those systems where it's not already enabled? Not sure how many systems are affected though, most probably default to having it enabled by BIOS.
I know that Kurt considered working with people on it during the #g2k19 and finally getting it in a big achievement.
This does not take away from that achievement. It adds to it.
Kurt got it very widely tested and got people to look at the code and start to improve it. Well done!
A revert is not a mark of failure, we do it all the time when things are not ready yet or cause too much noise.
New and improved caesar supports **rot-13** encryption.
Awesome. The dropbox login page doesn't work in chrome. Try in firefox: crashes the tab. It's a login form. Two inputs. How do you screw this up? (And/or how do you make this so complicated it breaks browsers?)
I've just synchronised OpenBSD's openrsync with https://github.com/kristapsdz/openrsync and added in a portability shim for compiling on other architectures. I won't officially endorse any other system til it has the security measures ported, but there ya go.
@phessler Probably? It's too early for me to know who I'm trying to talk to. :) I figure the message gets around eventually. Heh.
@phessler once we ship the new microcode firmware package, I don't think the bios update matters. But not every CPU may be fixed by microcode either.
@kaniini yeah, same here, though it doesn't seem right. I'd argue such posts are broken (even though I send them sometimes.)
@https://pleroma.site/users/kaniini fun fact: big M treats summary as plain text, escaping and preserving html. So if you put your list there, the
<li> will show up.
Incidentally I think pleroma has a bug here as well. You can open a tag in the summary and close it in content, which doesn't seem right.