honk about rss login

The production of honks must not be mean.

avatar avatar

tedu bonked 18 Jul 2019 04:25
original: feld@bikeshed.party
convoy: https://bikeshed.party/contexts/b69637af-3dcc-441f-bd71-4ddbe3059493

If you don't remember using GetRight to make sure your downloads didn't fail and to schedule it to download all your files at night while you were sleeping so you weren't tying up the phone line ... you're blessed

We used to wake up in the middle of the night to check if the modem didn't hang up and the downloads were still going. And if you woke up in the morning and realized that new game mod required credentials to download and you forgot to set it in GetRight... torture. Have to wait another day to play unless nobody notices you're downloading all day while at school ...

avatar avatar

tedu bonked 18 Jul 2019 01:59
original: archillect@high.cat
convoy: tag:high.cat,2019-07-17:objectId=3074082:objectType=Conversation

https://t.co/OfEDpw6xtl

avatar avatar

tedu bonked 18 Jul 2019 00:55
original: vi@heck.ooo
convoy: data:,electrichonkytonk-8XXHL2dnZkd52Z6fR4

@tedu "here's how I'm formatting this thread" is the twitter thread equivalent of "how to read this manual"

avatar

tedu honked 18 Jul 2019 00:03
convoy: data:,electrichonkytonk-8XXHL2dnZkd52Z6fR4

More PGP links, previously published. Collected in the worst possible format, some sort of nonlinear multidimensional twitter thread. A screenshot of notes scrawled on napkins posted to Instagram would be better than this. Even discussions of PGP lack accessibility.

I currently lack the time and have not yet developed the technology to scrape such abominations. But if you're the daring type, feel free to go it alone.

Honestly, if you care about PGP I suspect you've seen it all before. I'm just posting because I find the grotesque thread structure irresistible.

https://mobile.twitter.com/Natanael_L/status/1148277085447868422

avatar avatar

tedu bonked 17 Jul 2019 21:44
original: flussence@nulled.red
convoy: tag:nulled.red,2019-07-17:objectId=10382939:objectType=Conversation

meta

meta

CWs are Vista UAC for social media

You mastodon users clicked through that one without thinking, didn't you?

avatar avatar

tedu bonked 17 Jul 2019 21:22
original: sh@bsd.network
convoy: data:,electrichonkytonk-P24F3q69R3hC8V1JJw

@tedu My favorite xdg behavior is that it opens .txt files in windows notepad, once you have wine installed.

avatar

tedu honked back 17 Jul 2019 21:20
in reply to: https://pl.wowana.me/objects/2f17a2f8-deb8-48b3-b03b-aadc190ff5f2
convoy: data:,electrichonkytonk-YpXqr9sv4vq4Lg112X

@opal that was it. unblocked. sorry for that.

avatar

tedu honked 17 Jul 2019 21:14
convoy: data:,electrichonkytonk-YpXqr9sv4vq4Lg112X

@opal after some more consideration, I think I'm blocking your backend server by IP (even though I'm not sure what it is). My post then times out when the backend tries to retrieve my http sig key and times out.

avatar

tedu honked 17 Jul 2019 20:49
convoy: data:,electrichonkytonk-hGH34PrqbKdLXVcZ21

HubZilla is really weird. Objects in the outbox have to and cc fields filled in. Fetching object by id, however, returns same note but with all addresses removed.

avatar avatar

tedu bonked 17 Jul 2019 20:18
original: flussence@nulled.red
convoy: tag:nulled.red,2019-07-17:objectId=10381347:objectType=Conversation

Pleroma aesthetic is burning through the last remaining credit on your phone despite having media on click to view because everyone's avatar is a quarter megabyte full size image

avatar avatar

tedu bonked 17 Jul 2019 19:49
original: mwlucas@bsd.network
convoy: tag:bsd.network,2019-07-17:objectId=6461633:objectType=Conversation

“Sudo Mastery, 2nd Edition” open for tech review

https://mwl.io/archives/4378

avatar

tedu honked back 17 Jul 2019 19:48
in reply to: https://honk.tedunangst.com/u/tedu/h/mhPQ2JzQ87bPClr7xm
convoy: data:,electrichonkytonk-P24F3q69R3hC8V1JJw

I should amend this post to mention I'm using dwm, which results in some bonus hilarity. The mupdf window title is only the filename of the jpeg, so I didn't even know what program it was at first, just that it suddenly appeared and ate half my screen. Firefox was already running on a different screen, and so it was even longer until I discovered that's where the folder view had opened.

avatar

tedu honked 17 Jul 2019 19:03
convoy: data:,electrichonkytonk-P24F3q69R3hC8V1JJw

I've spent the past few years away, using a computer that behaved mostly predictably, but I am now officially back in freedesktop xdg hell.

Open downloads in chrome.

Click on a jpeg. Opens in mupdf.

Click show folder. Opens the folder in firefox.

Absolutely genius.

avatar

tedu honked back 17 Jul 2019 18:11
in reply to: https://patch.cx/objects/29e7687c-8681-49ab-8bbd-5849a1dbe65c
convoy: https://patch.cx/contexts/7bf48ed4-44af-4d08-8da6-24cf9fe4e776

@rin The encryption key is derived from your password. You enter the same password on two devices, get the same key, decrypt the data.

The account credentials that get sent to mozilla are also derived from the same password, but in a different way, so they don't actually have your password.

avatar

tedu honked back 17 Jul 2019 17:27
in reply to: https://bsd.network/users/sh/statuses/102457886788914385
convoy: data:,electrichonkytonk-sf94Gxrz36JcHL9llT

@sh everything is working now. I suppose if I reboot again, I will be able to reproduce wifi working halfway through shutdown, but that seems unnecessary. :)

avatar avatar

tedu bonked 17 Jul 2019 17:20
original: angristan@mstdn.io
convoy: tag:mstdn.io,2019-07-17:objectId=41109381:objectType=Conversation

Openssh taking minutes to become available, booting takes half an hour ... because your server waits for a few bytes of randomness https://daniel-lange.com/archives/152-hello-buster.html

avatar

tedu honked 17 Jul 2019 17:16
convoy: data:,electrichonkytonk-9C77ht4X8nn1sQFyfk

The person bowing deeply emoji, 🙇, is not easily recognizable in my console font. Not recommended for email.

avatar

tedu honked 17 Jul 2019 17:04
convoy: data:,electrichonkytonk-sf94Gxrz36JcHL9llT

Laptop wifi won't connect with AP. I beg. I plead. I threaten. I bargain. Finally, I surrender. I reboot. Halfway through shutdown, wifi connects.

avatar avatar

tedu bonked 17 Jul 2019 16:01
original: brynet@bsd.network
convoy: tag:bsd.network,2019-07-17:objectId=6457814:objectType=Conversation

This is absolutely crazy.. nice work from visa@! 🤯

A new bootloader for #OpenBSD/OCTEON machines is implemented on top of a minimal kernel written to interface with the hardware, due to deficient firmware on the platform.

"Inspired by Linux' kexec(2)"

https://marc.info/?l=openbsd-cvs&m=156337421105651&w=2

avatar

tedu honked back 17 Jul 2019 15:55
in reply to: https://bsd.network/users/devnull/statuses/102457439626721018
convoy: tag:bsd.network,2019-07-17:objectId=6457618:objectType=Conversation

@devnull depends entirely on application, but 64 bit passwords are not too unwieldy and usually more then enough for most use cases.

avatar avatar

tedu bonked 17 Jul 2019 07:52
original: archillect@high.cat
convoy: tag:high.cat,2019-07-17:objectId=3070524:objectType=Conversation

https://t.co/vocUGgNgZW

avatar

tedu honked 17 Jul 2019 04:29
convoy: data:,electrichonkytonk-1V8QMmcymQkDTg67l7

DZ: Here's the process in OpenPGP, straight from the spec because I can't repeat this without being convinced I'm having a stroke

DZ: Here's the process in OpenPGP, straight from the spec because I can't repeat this without being convinced I'm having a stroke

https://news.ycombinator.com/item?id=20456199

avatar avatar

tedu bonked 17 Jul 2019 04:04
original: fireglow@social.firc.de
convoy: data:,electrichonkytonk-Vn3Ynw4lbX5rzC6P41

@tedu Declare your never-dying love for the PGP setup process.

avatar

tedu honked 17 Jul 2019 03:05
convoy: data:,electrichonkytonk-Vn3Ynw4lbX5rzC6P41

People on the internet are quoting me again. Quick, do something stupid to shed credibility!

avatar

tedu honked 17 Jul 2019 02:08
convoy: data:,electrichonkytonk-nz1HLbyJQvGj23v9H6

I always felt like 200 hours of Skyrim was really training to improve my cyber skills.

But also main point is restricting talent pool limits outcomes.

https://cybersecpolitics.blogspot.com/2019/07/hermaeus-mora.html

avatar

tedu honked back 17 Jul 2019 01:13
in reply to: https://pl.wowana.me/objects/d4610350-d620-4f44-ae0f-f2b6f9fb830b
convoy: https://kiwifarms.cc/contexts/c938975e-8d2f-42f5-8f02-6229c04d5832

@opal ha, well, it has something that's supposed to catch posts that are misdelivered. Or something. I'm not actually the expert, except I seem to bump into it. All part of the fun.

avatar

tedu honked back 17 Jul 2019 00:51
in reply to: https://pl.wowana.me/objects/259ddbcf-c933-4cc4-8aa6-6e6802871c34
convoy: https://kiwifarms.cc/contexts/c938975e-8d2f-42f5-8f02-6229c04d5832

@opal it'll get retried a few times, but historically pleroma does get fussy about my addressing and delivery at times.

I may have lit up the spam filter with too many unmentioned people in cc.

avatar

tedu honked back 17 Jul 2019 00:22
in reply to: https://pl.wowana.me/objects/67b80394-6439-4bdd-b9de-42dbe2a55710
convoy: https://kiwifarms.cc/contexts/c938975e-8d2f-42f5-8f02-6229c04d5832

@opal 504 in my log.

2019/07/16 20:17:53 failed to post json to https://anime.website/inbox: http post status: 504

avatar

tedu honked back 17 Jul 2019 00:16
in reply to: https://anime.website/objects/418f4936-e6f3-400a-af2e-88dea2fc9bb8
convoy: https://kiwifarms.cc/contexts/c938975e-8d2f-42f5-8f02-6229c04d5832

@wowaname i believe the feature in question is ocap fetches, not nodeinfo. that's what the original thread was about.

avatar

tedu honked 16 Jul 2019 21:37
convoy: data:,electrichonkytonk-mPY18Czczbjyz8Qyyz

A mastodon instance that spins up new sidekiqs on random AWS nodes each day. That'd be a fun one to try IP banning. (Actually observed such behavior, btw, not just speculation.)

avatar avatar

tedu bonked 16 Jul 2019 21:05
original: cyberpunklibrarian@glammr.us
convoy: tag:glammr.us,2019-07-16:objectId=1414542:objectType=Conversation

Overheard on Jason Scott Talks His Way Out of It:

"Git is terrible! What an embarrassment that thing is! It gives you source control at the price of sanity."

Yeah. Yeah I can get behind that. Anything beyond committing and pulling, I need Google and Stack Exchange.

avatar avatar

tedu bonked 16 Jul 2019 21:03
original: tessaracked@witches.live
convoy: tag:witches.live,2019-07-16:objectId=14012602:objectType=Conversation

avatar

tedu honked 16 Jul 2019 20:27
convoy: data:,electrichonkytonk-Dhy77sfmNB1442fVZs

Today in banned words: hacker news censors the word "your". https://news.ycombinator.com/item?id=20451714

avatar

tedu honked 16 Jul 2019 20:18
convoy: data:,electrichonkytonk-2xCz4g5hgKxWFV2GNd

The fun part of the last boost song and dance to emulate quotes is when the boost gets dropped and the previous boost was something entirely unrelated.

avatar

tedu honked back 16 Jul 2019 19:30
in reply to: https://noagendasocial.com/users/coldacid/statuses/102452775288725753
convoy: data:,electrichonkytonk-bh655vC1rRGDzBZT58

@coldacid yeah, that's fine. politicians have to listen to citizens, not the other way around. (legally, whether they do is of course what it is.)

avatar

tedu honked 16 Jul 2019 19:26
convoy: data:,electrichonkytonk-bh655vC1rRGDzBZT58

Would it be (US) unconstitutional for an elected official to create an account on a federated instance that blocks other instances?

avatar

tedu honked 16 Jul 2019 18:11
convoy: data:,electrichonkytonk-6JCS1gB6Bs6rCZp654

Honk will not be complete until it implements the full activitystreams vocabulary. Every time I scroll past a post without reading it? Yeah, I'm going to send you an Ignore activity for that.

avatar

tedu honked 16 Jul 2019 18:06
convoy: data:,electrichonkytonk-5X4z53z642n6cP4K4G

Today I found the Offer activity in activitystreams. I should start using this. Constantly sending out a stream of "hey, I Created this" activities is a little overbearing at times, no? But what if I simply Offered you a post? For your consideration. No pressure.

avatar

tedu honked 16 Jul 2019 16:47
convoy: data:,electrichonkytonk-b8HYxx8SX4s15S4b2Q

When somebody accidentally exploits your program and now you can't read your data after it's fixed...

https://gitlab.com/federicomenaquintero/bzip2/issues/24

avatar avatar

tedu bonked 16 Jul 2019 15:58
original: kristapsdz@bsd.network
convoy: tag:bsd.network,2019-07-16:objectId=6437065:objectType=Conversation

I'm gobsmacked in realising that TypeScript doesn't allow multiple variables assigned to the same type per line.

let foo, bar: number;

...is actually shorthand for "let foo: any, bar: number" instead of "both foo and bar are numbers". How does one figure that out? Strange errors regarding "foo" and its members that don't apply to "bar".

avatar

tedu honked 16 Jul 2019 07:32
convoy: data:,electrichonkytonk-9qVzm4WRYRqHJ5bYNQ

"The video is being transcoded, it may not work properly." Premature federation...

avatar

tedu honked 16 Jul 2019 04:42
convoy: data:,electrichonkytonk-SGtsDSfyjyhRKK3fnr

Heh, somebody tried to rig a poll by adding fake votes, but then mastodon sent me an update, and it's quite improbable that I voted on it. Another opsec fail brought about by overly complex software.

avatar

tedu honked back 16 Jul 2019 02:35
in reply to: https://pleroma.soykaf.com/objects/f3651454-14d8-4eae-a55a-7c8e86d7229d
convoy: https://pleroma.soykaf.com/contexts/8bf4f2ba-3787-4e38-aeda-b52d8e462497

@lain The real problem is that federated blocks are only half implemented. They should be boostable so you can share your blocks with your friends. And then they can fave it and block the same person. All these block announcement posts require too much copy and paste. Very sloppy.

avatar avatar

tedu bonked 16 Jul 2019 01:22
original: thomasfuchs@mastodon.social
convoy: tag:mastodon.social,2019-07-16:objectId=114431704:objectType=Conversation

Unboxing a new old stock IBM CGA graphics card #retrocomputing

avatar

tedu honked 16 Jul 2019 01:00
convoy: data:,electrichonkytonk-F2k52B3vpP98jcQztc

Microsoft book refund processed.

At your request, your order placed on Monday, September 11, 2017 has been refunded. You should see $1.05 credited to your account soon.


It wasn't really at my request, but now I've got my lucky dollar back.

avatar avatar

tedu bonked 16 Jul 2019 00:40
original: archillect@high.cat
convoy: tag:high.cat,2019-07-15:objectId=3061658:objectType=Conversation

https://t.co/1qt65hT69K

avatar

tedu honked 16 Jul 2019 00:27
convoy: data:,electrichonkytonk-CpyW64wF8M1Ph754PP

Browsers' search feature doesn't look inside collapsed <details> sections. Tested on chrome, firefox, and safari. I guess this is desirable since the content isn't visible, but also means search isn't useful for jumping to a section with known content.

avatar

tedu honked back 15 Jul 2019 22:19
in reply to: https://nulled.red/users/flussence/statuses/102447779916059590
convoy: data:,electrichonkytonk-lcjdGVKk4F198n416k

@flussence but also limited to 25fps... so smoother, but also slower. Can't win.

avatar

tedu honked 15 Jul 2019 22:14
convoy: data:,electrichonkytonk-lcjdGVKk4F198n416k

Heh. I also wonder how much time the devs spent trying to optimize the code by hand.

hoot: https://twitter.com/11rcombs/status/1150870873081024512

@11rcombs: it actually upsets me that much of Mario 64's lag is only there because Nintendo forgot to build with -O2 like, the folks who decompiled the game to C that in turn compiles to the original ROM with -O0 have also built it with -O2 and it's substantially faster

@11rcombs: people keep posting the same reply that I've already countered but maybe they'll see it if it's directly threaded: no, higher optimization levels don't cause any known instability, the game built at -O2 with the same compiler syncs perfectly through a 120-star TAS

@11rcombs: everybody makes mistakes in development and some things make it through to release, and especially with games that came out before update patches were a thing, it's hard to blame anyone for them; it's just unfortunate

@11rcombs: and yes this testing was done with the same compiler version the game was originally built with

avatar avatar

tedu bonked 15 Jul 2019 21:59
original: benno@bsd.network
convoy: tag:bsd.network,2019-07-15:objectId=6431246:objectType=Conversation

If it quacks like a goose...

avatar

tedu honked back 15 Jul 2019 21:01
in reply to: https://patch.cx/objects/8ff1cf30-7523-472c-891e-6132ecbf4fbb
convoy: https://patch.cx/contexts/e06cf002-6210-409f-8795-dfcb5b4cae42

@rin usually that only checks that the handshake is legit. You can cook up ssh over tls and fool it. Maybe.

avatar avatar

tedu bonked 15 Jul 2019 17:12
original: darius@friend.camp
convoy: tag:friend.camp,2019-07-15:objectId=2485561:objectType=Conversation

a probably-wrong feeling about programming that I have

a probably-wrong feeling about programming that I have

I'm learning how to write tests in Ruby with RSpec for the new features in my Mastodon fork.

Whenever I write unit/integration tests I feel like an atheist performing a ritual so that other people will say, "yes, you have correctly appeased our god, we will now take you seriously"

avatar

tedu honked 15 Jul 2019 16:10
convoy: data:,electrichonkytonk-V86jpWcr1D18M3llJF

I think I'm coming around to thinking bias in google search results is okay. Or, maybe not the results themselves, but the idea that the results are biased, and that people believe it.

It means I can ask people, what's an example of google bias, and... wow. That's the search you care about most. How enlightening.

avatar avatar

tedu bonked 15 Jul 2019 15:42
original: xkcd@mastodon.xyz
convoy: tag:mastodon.xyz,2019-07-15:objectId=42093428:objectType=Conversation

#2176 "How Hacking Works"

#2176 "How Hacking Works"

If only somebody had warned them that the world would roll them like this.
https://xkcd.com/2176/

avatar

tedu honked 15 Jul 2019 05:28
convoy: data:,electrichonkytonk-6N2R3M22Vv3NfNV867

SQL is the all time reigning champion for making simple tasks seem tantalizingly close yet incomprehensibly undoable.

avatar

tedu honked 15 Jul 2019 02:13
convoy: data:,electrichonkytonk-6B8STVCz4ZcmtthvC9

Doesn't accept my follow request. Sends me posts anyway. (Pretty sure the accept message just got dropped somewhere.)

avatar

tedu honked 14 Jul 2019 02:32
convoy: data:,electrichonkytonk-x8gT3m47VHms76vhYY

Oof. Two bars with similar names, say Berry and Barry. Different parts of town. Some genius got two entries for Berry Bar into Uber's database, one with Berry's address and one with Barry's. (But both spelled Berry.) Trying to recreate sequence of events that led to this. Somebody looked up wrong spelling, found no entry, added one? Who knows. Big data crowd wisdom cloud is here to save us all!

avatar avatar

tedu bonked 14 Jul 2019 00:44
original: archillect@high.cat
convoy: tag:high.cat,2019-07-13:objectId=3054353:objectType=Conversation

https://t.co/lzush6vJkl

avatar

tedu honked 14 Jul 2019 00:04
convoy: data:,electrichonkytonk-53WhpQ184d49nHk64r

Another link for your collection of how activitypub actually works.

https://blog.dereferenced.org/federation-what-flows-where-and-why

avatar avatar

tedu bonked 14 Jul 2019 00:01
original: kurtm@bsd.network
convoy: tag:bsd.network,2019-07-13:objectId=6396018:objectType=Conversation

@AFresh1 @ed1conf @tedu Yes, but "first edition".

avatar avatar

tedu bonked 13 Jul 2019 19:07
original: devnull@bsd.network
convoy: tag:bsd.network,2019-07-13:objectId=6400760:objectType=Conversation

I flip-flop back and forth between wanting to create a cozy hidey-hole for myself away from the cancers of The Internet, and wanting to save humanity from the post-cyberpunk world we exist in today.

I do not fully understand what causes me to go from one position to the other, but it is probably something like "exasperation".

avatar avatar

tedu bonked 13 Jul 2019 18:33
original: flussence@nulled.red
convoy: tag:nulled.red,2019-07-13:objectId=10286515:objectType=Conversation

Maybe fedi software should just come with a front-and-centre option to block sites hidden behind CloudFlare entirely.

avatar

tedu honked 13 Jul 2019 18:19
convoy: data:,electrichonkytonk-h613cjr2D1G216HZ7w

New rule: no complaining about web site slow load times if the site you're using to complain loads slower than the site you're complaining about.

avatar avatar

tedu bonked 13 Jul 2019 18:07
original: lain@kawen.space
convoy: https://kawen.space/contexts/1e47dc59-2c05-42fd-ae19-59d95e740857

I've never been in a country in the year 1 until now.

avatar

tedu honked back 13 Jul 2019 18:00
in reply to: https://p.umbriel.fr/objects/8be3980f-d367-4114-8d2a-74b0ac8a86c3
convoy: https://p.umbriel.fr/contexts/6a3b3899-6341-4d5e-973c-87c436a5f901

@nihl ah, well, worked for me. :) If I recall though, the first try didn't, so I just started over and then it did work. (For reference, I've never gotten ipsec working.)

But I hear you. It could use some more polish. I think the good news is if you get wireguard working, you know it's working and you're not accidentally using something like 40 bit DES. That's the part people are excited about.

avatar

tedu honked 13 Jul 2019 17:54
convoy: data:,electrichonkytonk-Twl3mlbMytX44jpWM3

This is fine.

avatar

tedu honked back 13 Jul 2019 17:36
in reply to: https://p.umbriel.fr/objects/cb28c5b8-57f6-4a52-9c1b-5cc6e039731b
convoy: https://p.umbriel.fr/contexts/6a3b3899-6341-4d5e-973c-87c436a5f901

@nihl it is quite minimal. I think part of the difficulty is thinking it will be more complex than it really is. But once I tried it, it just worked.

The hardest part wasn't the WireGuard config, but the assorted options to get the openbsd side configured. (Not sure what you're using.) jasper's guide may help.

https://blog.jasper.la/wireguard-on-openbsd.html

avatar avatar

tedu bonked 13 Jul 2019 17:17
original: AFresh1@bsd.network
convoy: tag:bsd.network,2019-07-13:objectId=6396018:objectType=Conversation

@ed1conf @tedu the standard engineer then?

avatar

tedu honked back 13 Jul 2019 15:24
in reply to: https://p.umbriel.fr/objects/85c3d5a7-a518-4435-9178-9542f9642492
convoy: https://p.umbriel.fr/contexts/9e4a43fb-4865-48f5-b72b-89e46c661e8a

@nihl kinda. if it gets oily, it rarely works. I would always try once, fail, wipe sensor and thumb with shirt, try again. that usually worked.

avatar avatar

tedu bonked 13 Jul 2019 15:20
original: ed1conf@bsd.network
convoy: tag:bsd.network,2019-07-13:objectId=6396018:objectType=Conversation

I keep hearing about "10 ex" engineers and here I'm just a "1 ed" engineer.

avatar

tedu honked 13 Jul 2019 05:12
convoy: data:,electrichonkytonk-8QdZ1Y1BGtpxRqH451

XChaCha20 RFC. Extended (192 bit) nonce to allow random nonces.

https://tools.ietf.org/html/draft-irtf-cfrg-xchacha-00

avatar

tedu honked 13 Jul 2019 05:04
convoy: data:,electrichonkytonk-hkWlvjT5g334DzGJhV

I kinda watched some of this movie on a plane. Would not give it a strong recommendation either. But this thread is great entertainment.

hoot: https://twitter.com/matthew_d_green/status/1149825752126369797

@matthew_d_green: I’m watching The Girl in the Spider’s Web and they just introduced a character as a “cryptographer”. This is either going to go really well or end pretty badly.

@matthew_d_green: And... apparently the “cryptographer” has developed software that can take over Russian tactical nuclear weapons and... he’s giving a TED talk about it.

@matthew_d_green: Because that’s what one does when they’ve developed magical software that can take over nuclear weapons systems.

@matthew_d_green: This is all moving very fast.

@matthew_d_green: There’s a hacking scene. It apparently involves a 56K modem and the user interface from 1999 Napster.

@matthew_d_green: The software is encrypted. The prompt gives the exact number of letters for the correct password, and shows the spacing between the words.

@matthew_d_green: Surely Lispeth Salander is going to break out her GPU but — oh no there are creepy men in her apartment. They’re apparently trying to find the most ineffective way to kill her.

@matthew_d_green: “He’s the only one who can open the software.” — Lady, the password is like four English words.

@matthew_d_green: Come on, one of the words is like two letters long. I can’t take this.

@matthew_d_green: I feel like someone spent a lot of time researching the subject matter behind this movie, and then gave up and worked on something totally different.

@matthew_d_green: The crux of this movie is that Sweden is secretly trying to buy “single-user access to the online nuclear weapons” just so the US won’t have it. Hey folks, I have some questions about this logic.

avatar

tedu honked back 13 Jul 2019 03:37
in reply to: https://honk.tedunangst.com/u/tedu/h/1JsfP15Cd5818v6rTg
convoy: data:,electrichonkytonk-q4x8R6Z38T7c73kVN2

Spoke too soon... (Concurrency bugs are tough that way) MP file offsets reverted.

https://marc.info/?l=openbsd-cvs&m=156293980006370&w=2

avatar

tedu honked 13 Jul 2019 03:21
convoy: data:,electrichonkytonk-DMk4TMC2D316lC33Gf

Everybody decided to publish their post mortems the same day...

Firefox plugin outage is perplexing. They knew the cert was expiring, but let it happen because nobody knew what the effect would be? But even if you think that's fine, why not update it anyway?

At a high level, the story seems simple: we let the certificate expire. This seems like a simple failure of planning, but upon further investigation it turns out to be more complicated: the team responsible for the system which generated the signatures knew that the certificate was expiring but thought (incorrectly) that Firefox ignored the expiration dates.


https://hacks.mozilla.org/2019/07/add-ons-outage-post-mortem-result/

Even the detailed report is kinda vague. All the teams knew something about something, but... when? Was there a plan to renew the cert ever?

https://wiki.mozilla.org/Add-ons/Expired-Certificate-Technical-Report

avatar avatar

tedu bonked 13 Jul 2019 02:53
original: archillect@high.cat
convoy: tag:high.cat,2019-07-12:objectId=3048517:objectType=Conversation

https://t.co/DMLWv8kYjN

avatar avatar

tedu bonked 13 Jul 2019 01:36
original: ao_kenji@bsd.network
convoy: tag:bsd.network,2019-07-13:objectId=6391126:objectType=Conversation

#OpenBSD/luna88k on LUNA-88K2 live demo at OSC 2019 Nagoya. nanotodon is working well!

avatar

tedu honked 12 Jul 2019 22:39
convoy: data:,electrichonkytonk-55lMMvR8FvcPxrb1fy

Interesting incident.

[Three months prior to the incident] We upgraded our databases to a new minor version that introduced a subtle, undetected fault in the database’s failover system.


[2019-07-10 16:50 UTC] We determined the cluster was unable to elect a primary.


Oof. Errors in failure recovery are hard to test and predict. When it manifests, hard to track.

https://stripe.com/rcas/2019-07-10

avatar

tedu honked 12 Jul 2019 21:05
convoy: data:,electrichonkytonk-JfwqHx15yHB769NqXR

A new Pokemon mode for doas. Prints fun messages after commands.

tedu used doas. It's super effective!

In it's confusion, tedu entered the wrong password.

avatar

tedu honked back 12 Jul 2019 20:59
in reply to: https://bsd.network/users/worr/statuses/102430458855819805
convoy: tag:bsd.network,2019-07-12:objectId=6388106:objectType=Conversation

@worr haha, I have rule about projects I'm willing to use. If there's more than a dozen or so .file and whatfile in the repo, hard pass.

Anything that requires this much tooling to get off the ground is too complicated for me, I'm never going to be able to get it going.

avatar

tedu honked back 12 Jul 2019 20:56
in reply to: https://bsd.network/users/mwlucas/statuses/102430239189622794
convoy: tag:bsd.network,2019-07-12:objectId=6387425:objectType=Conversation

@mwlucas I read that last part as "sudoroleplay" and was suddenly intrigued...

Perhaps an appendix? :)

avatar avatar

tedu bonked 12 Jul 2019 20:51
original: cj@mastodon.technology
convoy: tag:mastodon.technology,2019-07-12:objectId=20121961:objectType=Conversation

In my quest to build an #ActivityPub based simple, no-frills bulletin board / forum system, I've gone ahead and pushed up my work-in-progress #golang ActivityPub single server framework: apcore. It has no README (yet) and still has a lot left TODO.

https://github.com/go-fed/apcore

I hope to use it in the future to launch multiple small ActivityPub applications leveraging common serving, storing, and moderation features. But new #ActivityStreams vocabulary can be readily innovated upon.

avatar

tedu honked back 12 Jul 2019 18:36
in reply to: https://cybre.club/objects/e9b3b60c-2abe-4fa8-986c-a087358bf5ad
convoy: https://cybre.club/contexts/6b91a6b1-6853-443d-8f6a-dff56c9a67da

@foxhkron I think I'm going to start using this for all future "session expired" error messages.

avatar avatar

tedu bonked 12 Jul 2019 18:34
original: rasmus@mastodon.acc.sunet.se
convoy: tag:mastodon.acc.sunet.se,2019-07-12:objectId=1551202:objectType=Conversation

Tried to launch #sway and got this:

"Proprietary Nvidia drivers are NOT supported. Use Nouveau. To launch sway anyway, launch with --my-next-gpu-wont-be-nvidia and DO NOT report issues."

It must be one of the best error message I've seen.

avatar

tedu honked back 12 Jul 2019 18:14
in reply to: https://pl.wowana.me/objects/2dc6f8bf-37c0-49fa-9c41-4fe9ae2d3774
convoy: data:,electrichonkytonk-p1TxjFkXS59kP5wm83

@opal yeah, I really dislike the whole business model, and inserting themselves into everything, but even their technical blogs feel slimy. Guess it's not that surprising, actually.

avatar avatar

tedu bonked 12 Jul 2019 18:10
original: sir@cmpwn.com
convoy: tag:cmpwn.com,2019-07-12:objectId=1905554:objectType=Conversation

Petition to remove the ability for JavaScript to manipulate scrolling from all web browsers

avatar

tedu honked 12 Jul 2019 16:51
convoy: data:,electrichonkytonk-p1TxjFkXS59kP5wm83

I would cut CF just a little more slack if they didn't manage to turn every post mortem into a "humble" brag about how wonderful and vital and glorious their service is.

avatar

tedu honked 12 Jul 2019 16:47
convoy: data:,electrichonkytonk-Rr2m9FL9fQ4Czkq1v3

CF and their never ending mission to prove devops borat right. It would have taken other lesser companies hours or even days to bring down a network like this, but we have built such magnificent tools and systems we can do it in seconds.

avatar avatar

tedu bonked 12 Jul 2019 16:38
original: qbi@mastodon.social
convoy: tag:mastodon.social,2019-07-12:objectId=113852638:objectType=Conversation

(?:(?:\"|'|\]|\}|\\|\d|(?:nan|infinity|true|false|null|undefined|symbol|math)|\`|\-|\+)+[)]*;?((?:\s|-|~|!|{}|\|\||\+)*.*(?:.*=.*)))

https://blog.cloudflare.com/details-of-the-cloudflare-outage-on-july-2-2019/

avatar avatar

tedu bonked 12 Jul 2019 16:20
original: yaaps@banana.dog
convoy: tag:banana.dog,2019-07-12:objectId=10531906:objectType=Conversation

Awhile ago, someone boosted a whine about fediverse documentation and I've gotten fuckall done since. Well, it feels that way

So I wrote a blog post. It's long, rambling, and needs citations. It may contain factual errors. I didn't write for someone who may or may not be contributing somewhere. I wrote it for someone who needed a vent and a little encouragement. It may be useful for the other person all the same

If you read it, I hope it helps you as much as it has me:
https://ehiad.org/blog/000002

avatar avatar

tedu bonked 12 Jul 2019 16:13
original: florian@bsd.network
convoy: tag:bsd.network,2019-07-12:objectId=6382991:objectType=Conversation

I'm this ->||<- close to add

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14931 AcmeClient/23.42

to acme-client(1).

avatar

tedu honked 12 Jul 2019 15:12
convoy: data:,electrichonkytonk-XYsCfz2XqtX3rK3tD2

A webdev haiku. I call it The Elements in which Twitter Embeds a Video on a Midsummer Morn.

div.AdaptiveMediaOuterContainer div.AdaptiveMedia div.AdaptiveMedia-container div.AdaptiveMedia-video div.AdaptiveMedia-videoContainer

div.PlayableMedia div.PlayableMedia-container div.PlayableMedia-player div.PlayableMedia-reactWrapper div div div

div div video

I know, it doesn't quite follow the traditional form, but this is art, not programming. The class names are silent.

avatar avatar

tedu bonked 12 Jul 2019 15:03
original: ebarrett@mastodon.social
convoy: tag:mastodon.social,2019-07-12:objectId=113837799:objectType=Conversation

@mike It's funny. Some parts move really quickly, whereas other parts take an age to stabilise!

avatar

tedu honked 12 Jul 2019 14:30
convoy: data:,electrichonkytonk-yBXh62Nz4JqGW6d4X1

Fonts are tough. One particular point from the bug reports is that this was code written to assume it would be used in a safe environment, and then somebody plugged it into the internet. Don't do that. (Either thing, really.)

At the time of this writing, based on the available source code, we conclude that AFDKO was originally developed to only process valid, well-formatted font files. It contains very few to no sanity checks of the input data, which makes it susceptible to memory corruption issues (e.g. buffer overflows) and other memory safety problems, if the input file doesn't conform to the format specification.


hoot: https://twitter.com/j00ru/status/1148883124463505408

@j00ru: I've released the reports of 20 bugs found in Microsoft DirectWrite in the handling of OpenType fonts. They are in the P0 tracker as usual: https://bugs.chromium.org/p/project-zero/issues/list?can=1&q=finder%3Amjurczyk+reported%3A2019-apr-26. The 10 most important ones were fixed in Patch Tuesday yesterday, the rest were closed as vNext.

@j00ru: The affected code is in fact an open-source AFDKO library (Adobe Font Development Kit for OpenType), hosted at https://github.com/adobe-type-tools/afdko. It's included in DWrite.dll since Windows 10 1709 and reachable with controlled input via Direct2D printing.

@j00ru: It was likely added to support so-called "variable fonts", and the attack surface can be triggered e.g. by printing websites with embedded fonts in Edge. We audited and fuzzed it with ASAN on Linux, then repro'ed the issues on Windows.

@j00ru: I find some of the bugs truly amusing. Enjoy the read and stay tuned for more =)

avatar

tedu honked 12 Jul 2019 03:41
convoy: data:,electrichonkytonk-1rqq2fVJjvf7xlK7pS

Article about crappy home routers being vulnerable to drive by CSRF. Not mentioned: every large cloud deployment is similarly vulnerable to some sort of SSRF reflection attack. Stop putting your control plane on the web!

https://arstechnica.com/information-technology/2019/07/website-driveby-attacks-on-routers-are-alive-and-well-heres-what-to-do/

avatar

tedu honked 12 Jul 2019 03:08
convoy: data:,electrichonkytonk-4Z17l1lcgWp53FsMcg

Birdsite.link not linking threads together. :(

avatar avatar

tedu bonked 12 Jul 2019 03:00
original: flussence@nulled.red
convoy: tag:nulled.red,2019-07-12:objectId=10249151:objectType=Conversation

@tedu being associated with perl6 around techbro culture is basically the internet equivalent of identifying as LGBTQ in southern US states

avatar

tedu honked back 12 Jul 2019 02:23
in reply to: https://nulled.red/users/flussence/statuses/102425995776683405
convoy: tag:nulled.red,2019-07-12:objectId=10249151:objectType=Conversation

@flussence was the perl6 post that bad? I thought it was saying perl6 is good?

avatar

tedu honked 12 Jul 2019 01:35
convoy: data:,electrichonkytonk-w29JRLDMXSvQ54s14X

A delightful story about the inner workings of twitter.

https://news.ycombinator.com/item?id=20414721

avatar

tedu honked back 12 Jul 2019 00:22
in reply to: https://social.i2p.rocks/objects/79474af5-033a-496f-9fa8-de8a2ea36bbf
convoy: data:,electrichonkytonk-752y1Cpx6hJVWGHC14

@jeff no, but it's no less true the next release won't either. I've been informed that fediverse developers are required to make more frequent posts about project status and upcoming releases.

avatar

tedu honked 11 Jul 2019 21:54
convoy: data:,electrichonkytonk-VXDWl22rjYshvl13Gh

Saw Escher's Reptiles used as a slide to illustrate knowledge transfer of best practices between generations of developers. Seems very apt.

We get some book learning. Then we escape into the real world, and grow. But then we try to pass our knowledge down, and it gets flattened in the process, losing all the nuance of reality. And so it goes.

avatar avatar

tedu bonked 11 Jul 2019 21:11
original: worr@bsd.network
convoy: tag:bsd.network,2019-07-11:objectId=6372581:objectType=Conversation

(gdb) print mutex
$7 = 0xdfdfdfdfdfdfdfdf

oh no

avatar

tedu honked back 11 Jul 2019 20:54
in reply to: https://bikeshed.party/objects/822277f5-8c60-49ca-9ca9-9da4a1cd2e49
convoy: https://bikeshed.party/contexts/00c27b66-20fa-45b9-8827-46101d2eddd3

@feld have you seen fern? https://github.com/enkiv2/fern

avatar

tedu honked 11 Jul 2019 20:45
convoy: data:,electrichonkytonk-752y1Cpx6hJVWGHC14

The next release of honk will not support ostatus.

avatar

tedu honked 11 Jul 2019 18:40
convoy: data:,electrichonkytonk-844pLdvcJGk6MdZQ43

Make it stop! (Probably also a decent alternate subtitle.)

avatar

tedu honked 11 Jul 2019 16:52
convoy: data:,electrichonkytonk-t1jlc4V3LKz2Y88Wjh

I have arrived.

avatar avatar

tedu bonked 11 Jul 2019 15:41
original: vertigo@mastodon.social
convoy: tag:octodon.social,2019-07-11:objectId=33914724:objectType=Conversation

@cwebber @VyrCossont @astraluma Some might see this as a disadvantage, but the advantage of OCAP comes explicitly *from* the API rework that will be required to adopt it. Since ocaps are (as a first-order approximation and most programmers' perspective) typed opaque values used as pointers or handles typically passed by value to dependencies that use them, it makes explicit a lot of security-related state which is currently implicit in trusted code bases that really ought not be trusted.

avatar

tedu honked back 11 Jul 2019 15:10
in reply to: https://kawen.space/objects/36e45c1e-9954-4eaa-a40f-4223e9995bbb
convoy: data:,electrichonkytonk-ys7Bbwv7MP211j487p

@lain it's only bloat if you don't feel bad about it. this is just a pragmatic compromise.

avatar

tedu honked 11 Jul 2019 14:59
convoy: data:,electrichonkytonk-ys7Bbwv7MP211j487p

New honk, 0.7.4. Fixes a few bugs. Mostly minor usability improvements (in my mind, anyway). Currently planning to grind out a few more sevens before getting too close 1.0. This release finally breaks the 200K barrier, coming in at 213790 bytes.