Klaus on Tilde Town

Latest status updates and micro updates

In between a Twitter/Mastodon feed and a full-fledged blog, except it's all static-generated and no tracking! Click a timestamp for a permalink to a specific status.

There's also an Atom feed now here, so it might read out more or less like social media feed on your favorite reader.

Comments? Get in touch through my tilde.town mailing address!


Happy 29th Birthday, Debian!

Today August 16 marks the 29th anniversary of the Debian project. Congratulations to all of the involved!

Happy 29th Birthday, Debian!
Artwork by Juliette Taka

It's interesting to see that Debian is almost as old as the Linux kernel itself. I already knew it was one of the oldest distributions still around (perhaps Slackware is older, I guess?), but I didn't realize it was that close to the kernel.

Debian has and always will have a special place in my heart because even though it wasn't my first Linux distro, it was my first "big-boy" distro that I switched to when I finally mustered enough courage to hop away from the Ubuntu safety net - way back when Jessie (8) was released. And since then, I learned quite a lot.

Though no longer my main, daily-driver OS, I still use Debian to this day in some of my machines that I liberated and, more recently, in my Raspbery Pi desktop (where i think it's hands down the #1 OS for that platform). Hence, I'm very thankful for the community for keeping this distro still running to this day.

So, before the day closes with me forgetting it: Happy Birthday, Debian!

Permalink 20220816_1935

Irresponsibility with data that you shouldn't even have in first place

Another day, another data breach: personal information for 5.4 million Twitter accounts exposed and offered for sale at hacker forums.

This is a read that only gets better as it goes. The quoted comment in the article nails it in the head: Twitter requests information not necessary for operations from users (like a phone number) and then mishandles it carefree. And then that information - unnecessary but highly personal and potentially correlating - surfaces elsewhere to bite back at users while Twitter plays the clueless "what could I have done" card.

Schneier himself has stated previously that "data is a toxic asset, so why not throw it out?" which is the plainest truth around, and yet it takes more and more cases like this to make the world see what's really abuse by a corporation.

I personally don't have skin in this case for I have never used Twitter, but opted for free software and distributed networks instead. For the millions of other (sometimes anonymous or pseudonymous) users, however, Twitter's solace is embarassingly canned (emphasis mine):

If you operate a pseudonymous Twitter account, we understand the risks an incident like this can introduce and deeply regret that this happened. To keep your identity as veiled as possible, we recommend not adding a publicly known phone number or email address to your Twitter account.

Good job, Twitter! :facepalm:

Permalink 20220814_1013

In case Artix doesn't recognize your wired connection after suspending

Lately all my posts here seem to be a note to self or something, but since I don't have a better way to jot it down, here it goes again.

After getting gigabit ethernet installed and wired in my place, I was all cavorting about the speeds, even if only through the LAN port of the router. Everything was going great until I suspended the machine for the night and found out the morning after that the connection was dead. I was surprised to find out that the eth0 interface was in a very curious state. connman read it as "connection failure," but upon closer inspection, it apparently had everything one would need to connect to the internet: a link, a local IP address, and even assigned DNS servers.

Even weirder was the fact that the browser was not completely offline: I could still browse searx, Wikipedia and a handful other sites, including the Arch Forums - which proved very handy. After reading a few posts stating it was about drivers of some kernel module I have never even heard of, I decided to go a little bit raw and deal with the devices themselves. Because ip link showed me that there was a connection available, I thought that it could be a problem with DNS. And indeed it was. I backed up my resolv.conf file, removed it, then let dhclient as root work its magic. After it was done, I had full connectivity again.

Funnily enough, connman still reports the connection as a failure, but since everything is working, I'm gonna take it as a false alarm this time ;)

connman error message on eth0

The joys of working with Linux. The things you have to fix are often the ones you broke in first place!

Permalink 20220801_1310

In case you can't connect OpenVPN in Alpine Linux due to '/dev/net/tun not found'

Quick posting for a quick fix regarding Alpine: earlier today I wasn't able to reach my VPN servers with it via the openvpn command-line tool. The message indicated that the device file /dev/net/tun was not found in the system, to which I initially attributed to an unattended kernel upgrade (I had ran apk upgrade in the same session previously and noticed that the kernel was also in the line to be upgraded).

When a reboot didn't fix it, I started to wonder what could be happening and went out to search for a possible fix. The results pointed me to this SO page which, despite sounding like quite an ugly hack, managed to fix the whole thing seamlessly to me. Here's the TL;DR:

First off, yes, the file is indeed missing, so you can't create the VPN tunnel. However, you can create one on behalf of a process! To do so correctly, these are the commands:

# as root, of course.
mkdir -p /dev/net
mknod /dev/net/tun c 10 200
chmod 600 /dev/net/tun

And bingo, just run openvpn yourconfig.ovpn and watch the connection go through, just as intended. The rest of the answer concerns making the commands above into a cron job script so that every reboot the file is recreated, but that's enough for me as it is.

Wonder what happened in first place so that OpenVPN doesn't create the file by itself. But oh well, this one seems good enough to me!

Permalink 20220706_1544

Make the Home, End and F-keys work correctly in URxvt

Just sharing a quick tip to make URxvt aka rxvt-unicode a little more usable as a lightweight, fast and decent Terminal emulator.

If you've ever went past the first step of configuring urxvt away from its ugly white-background, scrollbar on the left mess, you've probably ended up with another annoying problem: lack of F-keys working, which extends to other important keys such as Home, End and Page up and down.

Searching around the interwebz, I couldn't quite figure out a solution for it, as most of the times it presented a program-specific (ex: vim, etc) solution, or something stretching all the way to ancient definitions of VT-100 and its emulation, so this annoyance persisted for a while. Thankfully, a tip came in in the IRC that solved everything. Simply add the following line to your .Xresources file:

URxvt.termName: rxvt-unicode-256color

Then update your X configurations via xrdb -load ~/.Xresources, re-open urxvt and surely enough, it will magically restore the behavior of your keys.

Sounds strange to me that simply changing the terminal name makes its behavior change like this, but I guess it has to do with how some programs try to "sniff" the terminal's "User Agent" to activate certain features, like colors. Oh well, works well enough for me the time being, so guess it's alright!

What other tip do you know about configuring URxvt that makes it better to use? Let me know in mastodon!

Permalink 20220604_2019

Sending secure "email" from a public / shared computer

These days I did a little thought experiment concerning a situation in which I don't have access to a machine I own and still would like to securely relay messages (or even small files) to myself for when I get back to my own machines. Here's the blurb of it:

Imagine you're on a public shared computer i.e. hotel business lounge or public library and you've found some information online or produced a kind of document that you want to send it to yourself.

You could trust the machine you're using or your network to log into your own webmail, type in your password and send an email as usual. But maybe the information is sensitive or you don't trust too much that computer, or maybe your access to your webmail is restricted for whatever reason. How do you send that information securely in that case? You don't have your gpg or your keyring to encrypt it.

Here's one way that I thought:

  1. Visit the online demo of CyberChef, or download a local copy of it (it's a purely Javascript webapp).
  2. Get a copy of your public PGP key from one of many online keyservers, like Ubuntu's.
  3. Open CyberChef, select PGP encrypt from the recipes, paste your public key into the required field.
  4. Type or paste your message / information into the input field, click Bake.
  5. Copy the ciphertext output.
  6. Go to some kind of pastebin service, like Debian's and paste your ciphertext there. I'd avoid using Pastebin.com for this.
  7. Make a note of the paste's URL - it could be as simple as writing down the ID with pencil and paper.
  8. When you are back in range of a machine you do control, download the paste and decrypt it with your private key. You can now read your important message securely!

Of course, this is a silly experiment and does not consider the aggressiveness of nation-state adversaries, but could be much more "low-key" than using email traffic to send your information against a passive average opponent. Plus no need to use any sort of secrets (no passwords, public key available on internet, publicly-available cipher engine, etc) to securely send the message.

What would you do in the face of a similar situation? Let me know on Mastodon!

Permalink 20220418_0951

Fix the "Broken Window Borders" issue in Fluxbox after a Firefox update

Quick note to self again here: if you are a fluxbox user, sometimes after a Firefox update it reopens without the Window Decorations and remain unresponsive to your Fluxbox keybindings. This results in a very ugly result and very annoying experience, but do not despair for the solution is quick and (much) easier than it appears.

Simply close Firefox, right-click the desktop and choose Restart from the context menu.

The WM will restart from zero, but your session will remain running (I'd save my work just in case). After everything has resumed running, open Firefox again - it should come up normally as ever.

It seems Mozilla has changed a little bit the way that Firefox interacts with GTK / X11 bindings and it doesn't play the same way as before, which is why a lesser-maintained WM like Fluxbox occasionally behaves this way. But no need to go nuclear and reboot the machine, a quick fix like this should be more than enough (in both FreeBSD and Linux it was).

Permalink 20220114_2345

I've created a "Rocks" page too

Hell yeah, Suckless doesn't have a monopoly on laying out on the web what kinds of thing suck or rock. Since so many other aficionadoes have been jumping in the wagon, I've also taken the liberty to make my very own "Rocks" page. Check it out here.

Permalink 20220108_0357

On the origin of the infamous 'rockyou.txt' wordlist...

Holy crap, it never appeared to me that this was the actual origin of the infamous rockyou.txt wordlist used in many a password cracking applications:

Back in 2009, a company named RockYou was hacked. This wouldn't have been too much of a problem if they hadn't stored all of their passwords unencrypted, in plain text for an attacker to see. They downloaded a list of all the passwords and made it publicly available.

Source

The Wikipedia entry for a web company called 'RockYou' also seems to sort of confirm this. And so it began... probably later aided by countless database breaches from reckless companies to form the 14-million+ gargantua we have today.

Lessons learned? A teeny-tiny password can go a long way to become a huge liability itself. If not for your website, for everyone else's!

Permalink 20211202_0208

Setting timezones in Linux the raw way

Another sort of note-to-self thing: this is how you can change timezones in Linux easily, and without the need to delve into GUI settings applications or the lore - the /etc/localtime file.

Whereas Debian-based distros take the package tz-data as the source of their timezone config, and a quick reinstall through dpkg-reconfigure tz-data would guide you step-by-step in selecting a new one, Arch is spartan: just point the /etc/localtime file to the desired timezone file under /usr/share/zoneinfo. Afterwards, it's only a matter of re-syncing your hardware clock (rtclock).

In terms of commands:

ln -s /usr/share/zoneinfo/Your/Timezone /etc/localtime
hwclock --systohc

And that's it! No need to keep clicking and looking for settings, and can be done even from the console. Definitely a great one to keep in the belt. And of course, source for the whole thing.

Permalink 20211123_1800

Collection of new vulnerabilities found in BusyBox

So it has just been made public that 14 new vulnerabilities involving BusyBox, the "swiss-army knife" of Linux utilities compiled tightly in a single binary, have been found.

This headline may sound pretty scary at first, especially due to the way BusyBox is used in embedded systems that most likely see little to no maintenance work after they're installed, but the impact to me is much lower than it sounds. Granted, BusyBox does make the core of both Alpine Linux and Puppy Linux, so here's me hoping a fix comes soon for them, but otherwise, I'm not worried. Perhaps it's a nice time to check the router firmware for updates, and such, but as I don't depend on it for my internet-facing servers, I take it as an acceptable risk.

Also, I can't help but remember some of the stuff that I read on the Alpine IRC channel about BusyBox being a quite complicated black box kind of thing despite its apparent small size. Something about only the original developers were able to fix it because they were the only ones who spent enough time to understand the spaghetti of code that it had become. Maybe it's finally coming back to bite them? :S

Permalink 20211111_2257

Notes from attempting to sys-mode Alpine Linux on the Raspberry Pi 4

A quick-and-dirty set of notes that perhaps will become a real essay in the future:

Installing Alpine Linux sysmode (that is, directly on the disk unlike the traditional load-to-RAM approach) on the Pi is... complicated. The whole thing ultimately feels like a hack and there's always a lingering sensation that you might mess something up and have to start all over from scratch. There's a very complete guide available on the Alpine wiki, thankfully, but even then some of the steps don't always work one-to-one. The overall procedure is summarized as follows:

Except that you still need to configure your desktop (Xorg drivers where?) and the other stuff and in the end, the Pi is still throttled down to 600MHz when idle! Oh well, leave to further investigation in the future...!

Permalink 20211013_2350

Getting xsane network scanning right with HP devices

Sort of a note-to-self kind of thing, but this turned a lot of head-banging on the wall and frustration from non-explanatory error messages into solid gold when scanning with my HP multi-function printer and xsane.

Trying to scan via IP or http directly will not work with the HP devices: you'll have to take one step further and turn your IP into a full URI scheme to have xsane correctly find it. To do so, install the package hplip (or similar from your distribution) and lots of hp-* programs will be installed. Then run the following:

hp-makeuri $PRINTER_IP_ADDRESS

This command will generate two URIs for your device, one for CUPS (printing) and one for SANE (scanning). Grab the one for SANE (mine looked like hpaio:/net/Photosmart_5520_series?ip=192.168.1.6), and then run the following in a terminal:

xsane $YOUR_URI

This will make xsane look up your HP device and open correctly. Happy network scanning!

Permalink 20211012_1305

kzimmermann's podcast Episode 023 - using Puppy Linux like a Pro!

Puppy Linux is probably somewhere in your "already tried" distribution list, but likely is not the first distro that comes to mind when you think about "daily-driving material." Chances are that you downloaded it once, used the live session a few times and then sort of forgot about it, choosing other "mature" distros instead.

But what if I told you that, with a few simple tweaks, you could turn it into a robust desktop disto to-go, one that would save your files and shape it exactly to how you like it, enabling you to use your own unique OS in any computer you could boot?

Yes, there's a lot more to Puppy than a rescue boot medium. And I showcase this Pro-level usage in this episode.

Link to PeerTube episode

What is your choice for a "to-go" distro in a USB stick, and why? Let me know in Mastodon!

Permalink 20210910_0840

Fixing the SSL Certificate issues in Raspup (Puppy Linux for the Raspberry Pi)

In my quest to find the perfect desktop-like distro for my Raspberry Pi, I've been back in black with good ol' Puppy Linux, the original live medium, old computer-oriented, loads-to-RAM and flies distribution that probably pretty much everyone who distrohopped for a while must have tried at least once. Puppies (yes, now a family of like-thinking distributions rather than a single one) have been built for a myriad of platforms and flavors, and nowadays also feature a custom-build one for the Pi, under the name of Raspup.

It works great, detects all the hardware, but there is one bone to pick with it: HTTPS support is sort of broken. In some applications like Browsers, which seem to do use their own SSL stack, this passes unnoticeable, but others that use the OS's stack keep failing, proven by a simple curl request to an HTTPS website. After banging my head quite a while with it, I finally was able to narrow it down: there are no SSL certificates anywhere to be found in the system. This is actually not that obvious upon inspection because what you do have in /etc/ssl/certs/ are symlinks pointing to other (nonexistent) locations where the actual certificates were supposed to be. Touché.

Bug? Filesystem mismatch from when booting on the Pi? Who knows. The important part is that I found a way to fix it. Basically:

  1. Download this consolidated, up-to-date CA Certificate from the cURL project (either use wget or pass -k to curl to force insecure connections) and save it to /etc/ssl/certs/.
  2. Then, in some startup file (.bashrc, .profile, etc) add this line:

    export SSL_CERT_FILE="/etc/ssl/certs/cacert.pem"

Restart the shell and session, and everything now is working. You can join IRC and download everything again. Raspup has got a whole lot nicer now. Let's see how it turns out in the next days.

Permalink 20210828_0407

Happy 30th birthday, Linux!

There you have it: exactly thirty years ago a 21-year old Finnish Computer Science student named Linus Torvalds announced in a usenet board the creation of his Unix-like kernel. Version 0.01 of Linux was released. And the rest, as they say, is history.

A logo by the Linux Foundation celebrating 1991-2021, 30 years of Linux

Who knew what could've happened in the next 10, 20 and now 30 years? I'm so glad to have entered the story back when it turned 20 and now, as a seasoned adult, Linux is more mature, powerful and fun than ever. And it's evolving daily, together with the greater Free Software Ecosystem.

I have a soft spot for the timeline of Linux as it's almost as old as I am, and having discovered it about the same time as I entered my own adulthood, I feel that I have s sort of personal connection to it. "It grows with me," or something like that.

So, to celebrate, what shall we do? Wear our penguin suits, waddle outside with signs showing our favorite Linux distributions and offer free CDs for those curious enough to ask? Play our favorite Free Software Games with Tux or penguin-like characters? You name it, I'm curious on how we should mark this splendid day besides the big corporations backing its development.

How are you going to celebrate Linux's birthday? What do you expect until its 40th one? Let me know on Mastodon!

Permalink 20210825_0614

The "Screeching Minority" and the need for real privacy

In an insider leak that is now already somewhat old news, Apple decided to start scanning and monitoring pictures uploaded to its iCloud service for Child Pornography, and condescendingly called opposers of such move the "Screeching Minority".

Condescending, infuriating, and worrying move perhaps, but one thing this announcement is not is "surprising." After all, Apple owns the service, and also in this case they own the endpoints, too. Where is the surprise that they can steer their products any way they want?

And besides, we have seen this sort of "broken promise" more than once before: Protonmail handing over a user's data to law enforcement and Tutanota downright backdooring a user after being served a court order (g-gasp! H-how could they??). Lavabit chose death over dishonor when facing a national security letter over the emails of Edward Snowden in 2013, but it belongs to a rarer breed.

In this episode, I discuss these implications while playing some awesome Nexuiz:

So what's the real solution here? Reject the "pretend privacy" loosely offered by big tech and practice real privacy. That is: the privacy that only yourself have control over via End to End Encryption.

What would you offer as an alternative to someone who currently uses iCloud? Let me know on Mastodon!

Permalink 20210813_0919

If you can't download it, you don't own it.

A recently published article by The Atlantic seems to be bringing back into the light some age-old concerns about keeping all your media inside DRM-laden proprietary applications.

The author seems concerned about the possibility of losing access to a personal collection of music due to changes imposed by the service provider, but the reality is that this isn't anything new. It's actually exactly how streaming services were designed to be.

In this episode I talk more about how a simple test (can you download it?) will tell whether you really own something or not in a digital sense, while playing some good ol' OpenArena.

Link for episode in PeerTube

What do you think about the ordeal of streaming services? What's your favorite freedom-respective alternative? Let me know on Mastodon!

Permalink 20210803_0733

Looking for a non-systemd distro that supports Secure Boot. Any ideas?

So I finally decided that a Core i7 laptop with 32GB of RAM is too precious to waste on an OS with systemd, especially since the very thing that it tried to address (faster boot time) has ironically failed miserably for me.

The big hurdle in my case is this: if not for Ubuntu and its derivatives, what other OS exists out there that works with secure boot? A quick search within DistroWatch returns the aforementioned candidates and a plethora of rather obscure distros that I had never heard of, and seem pretty outdated. I'm also sort of surprised that the list of distros do not include Manjaro or Arch derivatives, yet FreeBSD is there. I thought that at least Manjaro used to support it?

And just in case someone come with the bUt kZimMeRmAnN, y dOn'T u DiSaBlE iT??? argument, please see this post.

So that's my question that I sincerely ask the fediverse for help: what OS out there both supports Secure Boot out of the box and does not come with systemd? I know that in some distros, it's possible to "unofficially" add systemd support by signing the bootloader manually, but everywhere I see this process is listed as unsupported, so if I bork it, that's it for me. If there's a distro that does support that, though, I'm listening.

I've been also reminded that it's possible to give secure boot "the boot" and forcefully eject it from a system install despite not having the password, but I'm not sure that I wanna go down that path, it seems that the risk of non-recoverability is even higher. If anyone knows of a less risky way of doing it, I'm also all ears for that.

Thanks in advance, fediverse!

Permalink 20210728_0241

Is this the lightest modern Operating System ever created?

Minimalist computing enthusiasts, what was the lightest and fastest distribution you have ever used? Puppy Linux? SliTaz? Perhaps Alpine Linux? Whatever it was, did it fit in 8MB of RAM?

I bet not, and you might be thinking, could anything fit into this little RAM? Believe it or not, apparently Kolibri OS can. According to its own website:

KolibriOS is a tiny yet incredibly powerful and fast operating system. This power requires only a few megabyte disk space and 8MB of RAM to run. Kolibri features a rich set of applications that include word processor, image viewer, graphical editor, web browser and well over 30 exciting games. Full FAT12/16/32 support is implemented, as well as read-only support for NTFS, ISO9660 and Ext2/3/4. Drivers are written for popular sound, network and graphics cards.

Pretty hard to believe at a glance, especially when even a web browser is involved (take that, Firefox!), but if true, this is pretty damn impressive. Props to the developers for working on almost exclusively in assembly language!

Have you ever tried this OS? I wonder if it's x86_64 compatible, then I'd try it in a VM!

Permalink 20210724_0507

Privacywashing: the marketing threat to software freedom

After seeing an ad at the train station I usually commute through that said Privacy: that's iPhone, I couldn't help but feel triggered, given Apple gave users' data to the NSA and has been using forms of telemetry for a while, the latest of which probably being the newest release of OS X that required an internet connection to "authenticate" apps before you could use them.

In the meantime, it looks like every big tech company out there has taken to embrace an "I <3 Privacy" approach and point their fingers mainly at Google to make themselves look good and try to win back consumer trust.

I don't buy it - I know better. In fact, if you use Free Software and you're reading this post right now, you probably know too. But what about the close people that I care about? I'm wondering what's the best way to explain the issue to them. How would you explain this the most concise way possible? Let me know!

Link for the episode on Peertube

Permalink 20210715_1043

Starting to get a hang of digital artwork

So over the last week I got a hold of a drawing tablet while dumpster diving and decided to try my hand on it with good ol' GIMP, just to see how would it be.

The result: a week's worth of some wobbly artwork, with some Free Software jokes and puns to go with it. Here's some:

What's the magic word?

btw

Freedom Dealer

I'm quite enjoying the process of learning how to use this tool, and would like to try to deepend my skill to produce some more sophisticated artwork someday. In the meantime, though, I'm thinking about establishing my own webcomic of sorts. Just need to think about where I could host it - pixelfed, perhaps? Alternatively, I could open a new section here to hold that series. That could be a fun practice, I guess!

I will try to post every three days or so in the beginning, more to exercise my skills in the beginning.

Permalink 20210710_0942

TFW I'm old enough to participate in the RetroChallenge!

So I just found out about this website: RetroChallenge.org

It seems to align well with my passion for lightweight software and my newfound hobby for old computers, of which I have a few. Ok, maybe they're not that old, but still, giving new life to these once thought useless machines is my new hobby - especially when they are salvaged, not purchased.

Emulate or put to use an older machine? Let's do this - with lotsa Freedom!

The site doesn't exactly state some strict rules, especially in the PC area where the only thing stated is "at least 10 years old or older." And that's a great thing: it means my 2006 Dell Latitude qualifies for it! Come to think of it, it's not that much of a grandpa compared to what some of the winners of the challenge are, but the experiment should be fun regardless. Time to find a new challenging operating system to breathe some life in that ole feller once again - will it be Linux or BSD?

And I couldn't agree more with the statement regarding "winning" the challenge:

Seriously, participating in RetroChallenge is it's own reward. No, I really mean it!

You bet. A self challenge, a learning experience, enjoying the process... you name it. Plenty of personal growth and enjoyment for the anti-consumerist hacker!

Permalink 20210707_1252

Sxmo: impressive demo of an X environment for Linux-based Smartphones

Just saw this demo of Sxmo (Simple X mobile), a lightweight X environment for Linux smartphones, showcased somewhere in the first AlpineConf this year.

It's pretty impressive what you can do with a ported dwm inside the smartphone screen and environment, where you depend on gestures and key clicks to make stuff happen. I'm still generally against mobile phones, but a fully-free Linux handheld would still pass on my book. If only they became more accessible (in terms of ease of buying, not exactly price)...

Do you own a Linux mobile device (phone or otherwise)? How usable is it, enough to daily drive? Let me know on Mastodon!

Permalink 20210706_1413

Audacity goes Poo-Poo...

Audacity, the once go-to solution for all sorts of audio edits small and large, has pretty much dug its own grave in terms of cred with the Free Software community: it's draconian and reeking of lawyerspeak privacy policy states they will downright collect and even share your information with law enforcement.

All for the noble purpose of... telemetry and "UX research."

Note that this is coming from a program that has zero need to ever have an internet connection in first place. For chrissakes, it's an audio editor, not a web browser or streamer. And yet, current and next versions will start collecting a myriad of personal data from you and your computer and sharing it with the new overlords of the WSM group in Kaliningrad, Russia with the following kicker: if law enforcement asks for it, they will share with them too.

Again, they will snitch on you with your data that they didn't even need to collect in the first place to work, but did so anyway because fuck-you-that's-why.

Well, so long, old friend. It was great while you were free and sane, and didn't think that "telemetry" would be something necessary (necessary for fucking what, anyway? An edge? In a world where software is free? Please...), but now I'm convinced I'll never use you again to record things and do quick edits in exchange of my privacy.

In the meantime, I'm out looking for an alternative to it. I'm mostly going to use it for recording podcasts and other audio, and maybe do simple cuts. Anybody has a good recommendation? I'm all ears!


There is an issue open on Github with a lot more of information on this update, including that it might actually even violate the GPL. Definitely recommend reading.

Permalink 20210704_0712

MikeRoweSoft.com and shilling

So today I learned that a teenager fond of programming named Mike Rowe in Canada registered the domain mikerowesoft.com and was swiftly approached by the Microsoft legal team.

Some Streisand Effect followed shortly, but unfortunately, this time the dude ended up shilling on Microsoft's side afterwards, for a bribe that included - and I shit you not - a programming course at Microsoft's campus with all expenses paid, free subscription to MDN and an Xbox full of games.

This reminded me of Mike Cameron's case, who entered a Coca Cola-sponsored school event wearing a Pepsi shirt, but unfortunately for him, he didn't get anything in exchange but detention.

Oh well, I guess that a vacation trip and some videogames can still be cheaper than legal fees.

Permalink 20210703_0341

Damm you again, Javascript!

Unaccessible web design struck me again last evening, but this time hitting me where it actually hurts: money.

After some sort of update, apparently my bank's website became unusable on my computers. I can't yet tell so far if it's an issue on Firefox, Firefox on Linux or just Linux itself (ungoogled-chromium faced the same problems). Upon loading the CPUs go all to 100% and Firefox states that scripts on the page make the page unresponsive. From that point and on, it's either kill the page or lose the browser.

For any other service, this situation would entail an immediate boycott of the site. However, this is my bank and, well, I really need it from time to time. For now, I had to settle for the worst of the worst: the bank's app. But the fight isn't over - why this BS with Javascript? Yet more tracking embedded in the code? Makes me think that maybe the site could even have been hacked (or XSS'ed) and things like cryptominers were embedded.

At any rate, good job, modern web design and Javascript!

Permalink 20210629_2134

What is up with "Apps" for the Linux Desktop?

There has been a trend, especially after the release of the Steam platform for Linux, of some software developers creating Linux versions of their "apps." These supposedly run natively on a select few Linux distribuitions thus enabling said developers to claim that they have "Linux versions" of their programs, but offering no way to enjoy the remaining Software Freedoms.

Gaming is the major offender here, but with the additional restrictions adopted by DRM, a whole lot of other streaming and other applications fit the "App model" for Linux. This is ludicrous and an app will never suffice for Software Freedom just because "it runs natively." A nonfree App store? Even worse.

In this episode, I talk more about this problem while - ironically - playing a game that falls in this exact model: Ravenfield.

Link to PeerTube episode

Do you think that the "Free App" model is acceptable for Free Software and Linux? What is your experience regarding it? Let me know on Mastodon!

Permalink 20210621_1046

Email has come full circle back to the 90s...

Back in the early nineties, email was still something of a rarity, usually as something part of your work or academia, or something you had to pay for like a subscription package from your ISP. Showcasing an email address was a little hipsterlike, almost flauntable. Then came Hotmail.

Free Email providers started appearing slowly but surely, requiring nothing more than just a desired username and password, and the magical "ooh" of personal email started dying out. Webmail became a commonplace thing, with people checking in at work, the library or their own PCs back home. Google temporarily raised the bar with the 1GB storage limit at a time most HDDs fit about 20 of it, but other providers followed suit later, and personal email no longer was anything special. Anyone could have one with their own combination of username/password.

And then something interesting happened: personal email became rare and scarce again! Well, at least in the sense of "give me your desired username/password and you'll have an inbox." Providers started asking for full names, "backup addresses" for confirmation purposes, and the obvious cell phone number. Sometimes you aren't even able to sign up because "too many people have used your IP address." And here's the kicker: if you want to avoid all of this red tape or have just a little more privacy, you must pay for the service!

I can't help but feel that Email, like some other recentralized parts of the web, has come back to its scarce origins of the early 90s - only that this time, the scarcity is artificial.

Permalink 20210620_0653

Browse the Free version of the web with Redirector!

Earlier this year, I started curating a list of privacy-friendly and Javascript-less frontends of popular web sites. This resulted in the creation of an entirely new repository being created and lots of interesting projects added there.

Making the good practices automatic is a good thing, and up until shortly, I used to manually substitute the original prefixes, in a more or less tiresome manner, prone to error. This all changed when I stumbled upon the Redirector Firefox extension, which does exactly that: substitute a URL fragment for another based on a set of rules. Couple that with frontends like Teddit, that subs in pretty nicely instead of Reddit, and you have a very smooth experience. Plus you can even apply it to things like iFrames, so an YouTube embed can cleverly become an Invidious embed with no change in the experience!

Thus, I highly recommend using this add-on for browsing the Tracking-Free version of the Web, or at least as tracking-free as it can get. You can see my simple example redirector file for an example on where to begin. Enjoy the freedom!

Permalink 20210617_0637

SimpleScreenRecorder - probably the best desktop recorder available for Linux

I just found out SimpleScreenRecorder, the lightweight minimalistic but powerful desktop recorder for Linux, that has been likened to the equivalent of Fraps for Linux.

After months of doing my PeerTube podcast on a very basic setup on Ubuntu (consisting of recordmydesktop and a shell script to get dimensions and framerate correctly), I wanted to get something a little more complete. Sometimes, it would even chop off the audio halfway, making me end up with only half an episode's worth of content. So began my quest for a new recorder. Luckily, it didn't take long: many recommendations on the internet pointed me to the package which fortunately was available in the Arch Repos (the development version can be compiled from the AUR). Here's a test recording of it, while I play AssaultCube Reloaded:

Link to the video on PeerTube

What do you use to record your desktop on Linux? Let me know on Mastodon!

Permalink 20210614_1119

Hacking isn't just a computer-related process

A very interesting talk by Bruce Scheneier on the HOPE 2020 conference. Unlike his previous technical security talks, Schneier this time goes on the concept of hacking itself, how it's an ocurring concept that humans will naturally attempt once faced with a given set of rules, and what that means in the future, as even AI might be starting to be doing the same hacking back on humans.

I think that everyone who thinks the word hacker is a taboo or instantly criminal in nature or flocks to authority for protection should listen to this talk. Once again a great talk by the timeless security guru.

Link to video on Peertube

Permalink 20210612_0131

Would you use a laptop that only works with Secure Boot?

Previously, I explored the boot time of an Ubuntu machine that I thought was pretty slow. The question that remained was: if I was dissatisfied with an apparently slow and bloated operating system, why stick with it? Why didn't I switch to something lighter?

The short answer: secure boot. In this episode, I explain how I ended up with this "between a rock and a hard place" situation, while doing some bad AssaultCube gameplay.

Link to episode in PeerTube

What would you have done if this had happened to you? Let me know on Mastodon!

Permalink 20210610_1302

Testing two-in-one for ungoogled-chromium browser

Go into any neckbeard Archlinux forum and you'll see a common recommendation of the presumably ultimate browser ever: ungoogled-chromium. The promise, apparently, is all the power and security from a multi billion-dollar corporation minus all the evils of the tracking and advertising it promotes for a living. Sounds like the ultimate freeloading, and the epitome of the true power of free software - but is it for real? Only way to find out is to get down and use it.

Unfortunately, main distros don't share the same love for privacy-protecting software, and don't include what's an unofficial spin of another main package. The closest we have is this entry on the Arch User Repository, which apparently takes quite a while and effort to compile from source. So what to do?

Luckily, there's an alternative to all that work: flatpak. I don't exactly agree with its tremendous use of resources usually, but for this use case, the sandboxed application itself - a browser! - is already pretty bloated, so why not? Plus, it makes removing it much easier if I don't like it later.

So from now on, I'll be testing two things for one use case: ungoogled-chromium via flatpak. This could become an interesting post in the future, too, so let's see. :)

Permalink 20210610_0327

Happy 32nd birthday, Bash!

The Bourne-again Shell, default in the vast majority of Linux distributions, turned 32 yesterday! Can you imagine your life in Linux without it?

I certainly can't, as it was the first shell I used when I first started using Linux, and definitely the reason why I learned how to not be discouraged from using the command-line, but actually be motivated every day to learn more about it, and how powerful it could be, if you just learned how to use it.

In celebration, here's a nice Reddit thread where people share some very nice tips and tricks for working with bash. I learned lots of new things from that thread, but in particular, the following will be very helpful when developing new scripts:

Source

What are some of your favorite bash tips? Let me know replying on my Mastodon post! Happy Birthday, Bash, and soon it will be Linux's!

Permalink 20210609_0507

Recommendation of algorithm for a new PGP key?

I've noticed that gpg (at least the version here in Artix) has been "recommending" other algorithms than RSA to create your new keys by default - namely the Elliptic Curve ones.

As a non-cryptographer, I see no particular advantage of using these over the classic RSA algorithm except that apparently ECC makes much smaller keys for the same equivalent cryptographic strength. But again, I'm no cryptographer and can't see much more advantage beyond that. Is ECC faster? More convenient for some reason?

I created an ECC keypair just for a change and to try it out and don't see much difference from RSA. Messages are slightly smaller, but not significantly so, and I have not benchmarked anything seriously yet. What are some reasons why I would choose ECC over RSA or otherwise?

Permalink 20210606_0804

Freenode vs Libera drama and IRC

Late to the party with this notice, perhaps, but I also decided to leave Freenode as my go-to IRC network and join the folks at Libera.Chat like many, many, many - many! - other Free Software projects.

I have no more to add to the huge amount of news material explaining over and over the PR disaster that the "Crown Prince of Korea" has done to even innocent bystander channels in the network, and will simply let my actions speak for me. From now on, you may get in touch with my by running /query kzimmermann in irssi on irc.libera.chat

I think this is also a good time to consider other options of multi-user chat to avoid future Freenodizations of development and support discussions of FOSS projects. Both Matrix and XMPP have webchat clients similar to KiwiIRC and federate for resilience. I'm even told that Matrix may share room ownership across multiple instances, even more protection. And this whole lore makes me reconsider again running an XMPP node with my Pi with good ol' Prosody.

Permalink 20210604_0944

Is Ubuntu boot time slow?

A few weeks ago, I complained about one of my machines running Ubuntu taking a very long time to boot. It certainly felt long, like a good 3 minutes, but since I wasn't measuring it, I couldn't tell for sure. This time, I decided to put it to a live test.

Turns out it wasn't as bad as I thought, but also definitely not fast by any standards today. What could be causing this slowdown?

I should probably do a writeup later on why am I running Ubuntu on that machine in first place, if it's not performing to my requirements. Without going in too many details: Secure Boot. More to come on this one later, though.

Link to Episode on Peertube

Permalink 20210525_0654

Opinion: you don't like Linux, you like being free!

Unpopular opinion, but with a tad (or large amount) of truth: if you use Windows at work and hate it, you look forward to using Linux back home not because it's Linux, but because you have the freedom to do whatever you want on those machines.

I never worked (i.e. in an office, etc) with Linux in my life, with the closest being a Mac in a quick gig back in 2017 - everything else was Windows. Ironically, deeply inside I secretly hope that situation never changes. The reason is that if I ever got to use it, it probably would be just as locked up and limited in permissions as with the Windows machines corporate IT issues us today (no root, sudo, etc). Even worse: after repeatedly having to use it for daily work, I could actually grow tired (!!!) of using Linux both at work and home.

However, as this has never happened yet in my professional life, I cannot attest if this would actually happen. Still, I think that really shows that my appreciation is for the freedom that the OS can give me - a point greatly enabled by using Free Software!

(But come to think of it, dotfiles do help make the system very comfy)

Have you ever used Linux for work? Was the experience better or no different than using Windows? Let me know on Mastodon!

Permalink 20210521_0922

Happy 13th Birthday, Fediverse!

Wow, thirteen years! Who could imagine that the fediverse was really that old? Although I don't consider myself a sort of a latecomer to this party (joined ca. 2014), I can't imagine how hard and small things must have been waaay back in 2008, and a whole lot less people cared or knew about Privacy on the internet.

This is a good time to reflect back on how far we've come since then, and the memories of our classic times pre-Mastodon and Pleroma. You know, back when the bang ! notation denoted groups and oracle.skilledtests.net produced funny bots. So check this post I wrote a while ago for some storytelling about my history in the federated network on this time of celebration. Lots of "boomer" nostalgia there...

Happy 13th Birthday, Fediverse, and loud honking thank you to anyone ever involved in this saga of decentralizing online socialization. You who you are and you are all heroes.

Permalink 20210518_0946

How to enable suspend-hibernate in Alpine Linux

Yes, I'm still trying and experimenting with Alpine Linux and gave it a full install (sys mode) it in the machine I found from the trash a few months ago. FreeBSD is still safe and sound since I'm using another HDD that I also found on the trash.

A laptop is not a virtual machine, so power management is necessary to keep sessions alive as human beings go to sleep or to work. Can you do that in Alpine? You bet. Here's how I did it:

  1. Edit /etc/apk/repositories and uncomment the lines containing the community and edge/testing repositories to enable them (along with 90% of all the packages available for Alpine).
  2. Install elogind from the community repos with apk add elogind. This is the clone of systemd's elogind but only the bare minimum to play nicely with Alpine's OpenRC.
  3. Start the elogind service with rc-service elogind start
  4. You now can suspend the system with sudo loginctl suspend and hibernate to RAM with sudo loginctl hibernate.

The end result is a power management system similar to Artix, with one difference: you need to sudo it. I'm not sure how you can remove this requirement, though I know it's possible (in Artix a regular user can do without it). The closest I've got was to edit sudoers and remove the password requirement (sudo is still required).

Anybody got any ideas?

Permalink 20210428_1255

Happy World Penguin Day!

April 25th is World Penguin Day, the day when Adélie Penguins from Antartica begin their migration northwards in search for food, giving continuity to the species interesting lifecycle of hunting, mating, birthing and raising their own.

Tux, the Linux Mascot

Though the similarities are little in my view, I feel we Linux Users should pay more attention to this amazing bird that we have taken mascot of, not only for the Tux connection but also due to the fact that climate change extinction will likely start affecting those guys first before other species realize it's too late.

So this Sunday, take the time to appreciate a little more of these amazing species, just like we usually stop to appreciate the impact of Linux and the Free Software movement in our lives. Perhaps have a look at the March of the Penguins documentary, perhaps there are some full videos available on YouTube.

Me, I'm going to try out Alpine Linux on another machine and see how it goes as a desktop.

Happy World Penguin Day 2021!

Permalink 20210425_0523

Podcast episode 13: Installing and Setting up Alpine Linux

I've been recently talking a lot about Alpine Linux, my newfound love in Free Software, and my favorite distro at the moment. Some people are curious about trying it, but are not sure where to start. To that, my recommendation is always this: try it in a VM. The image is about 100MB in size and you need less than 300MB RAM to run it. You can't go wrong!

In this episode, I explain some of the different modes of install of Alpine and walk through the install steps (spoiler alert: it's really easy).

013 - Installing and Configuring Alpine Linux

Permalink 20210423_1107

"How Linux works

I remember reading this book way back in 2016 and it helped me understand quite a bit what makes Linux click together:

How Linux Works by Brian Ward

However, only reading is not a good exercise as actually getting your hands dirty, and implementing, changing and operating stuff. This means that a follow-up exercise of sorts should happen later... maybe with Alpine or even Linux From Scratch! I might even re-read the whole book.

(Onion link is Tor-only)

Permalink 20210421_1057

Giving Alpine a try on the Raspberry Pi

After trying Alpine Linux on a virtual machine and pretty much falling in love with it, I decided to step my game up and try it on some bare metal, and installed it on my Raspberry Pi model B from 2012. After all, at a single core and 512 MB, it seems to be the right match for it.

I couldn't be more right. Snappy, light and versatile, this distribution is amazing for the resource-slim platform and it seems to run even more smoothly than FreeBSD on it. And the package management is blazing-fast.

There's only one small tricky bit, though: the installation itself. Unlike other Raspberry Pi-oriented distros, where you pretty much burn the boot-ready contents to the SD card, you must pretty much do everything from scratch with Alpine. It's not exactly "hard," just a little more work compared to the others. The steps are greatly detailed on their Wiki, and are roughly as follows:

And with that, you can insert the SD card on the Pi and then you'll be ready to setup-alpine and do an installation on it normally. Just don't forget to lbu commit at the end of it and you'll be ready to rock after reboot!

Permalink 20210419_2302

kzimmermann goes back to 2010

I must've gone back in time with respect to my computing these last weeks. Evidence includes:

Distrohopping... never thought I would actually do it again, but it's really more fun than it seems. Linux may not be for games, but who needs games when you have Linux.

Permalink 20210417_0147

The "technical philosopher" and the IT market

As much as I enjoy or write about it, I still don't see myself as a "technical" person when it comes to Free Software. Time using it does help it a lot, but come down to it, there's lots of things I don't understand how they work or perhaps more precisely, haven't had the motivation to look up.

I think my position is better described as: a Technical "Philosopher" kind of person, who writes about how free software can help individuals and perhaps even change the world, while providing some tips and tricks that can become technical themselves. However, I'm not much of a developer type and perhaps of limited Sysadmin knowledge so I wonder if there are still spaces for people like me in the world of IT.

Will job offerings for "Unix Hacker" or "In-house helpful hacker" start appearing? Because that would be I think the most appropriate title for me, but I wonder if any HRs would approve of such titles.

Do you consider yourself a technical philosopher type? How best do you fit the "corporate" IT world - or do you think it even matters?

Permalink 20210416_0903

Quick publishing test

Just a test status to see if the automation script to Mastodon worked. If it did, this means that I've achieved full write-only mode with it, and can do all my posting from Tilde Town instead while the content ends up reproduced in my feeds and Mastodon.

That's so much more fulfilling, productivity-wise, and aligned with the hacker ethos of chaining small tools together!

Permalink 20210413_2329

Fixing mouse issues with VirtualBox

Sharing this just in case if you get this issue when test-driving OSes with Virtualbox (my favorite choice in trying out new Linux distros and OpenBSD): how to restore the mouse on the guest in VirtualBox

Happened to me and freaked me out for a moment. Turns out that the solution, like the previous issue of maximizing the screen, is much more low-tech than it seems. No fiddling with config or command-line options, just go to "System," "Motherboard" and change the Pointing device from Tablet to PS/2 Mouse. Reboot the guest and voila.

But why the fuck was this switched to Tablet mode as a default in first place? It doesn't even make sense however you look at it. PC emulates PC, guys...

Permalink 20210413_1148

Free Learning Programming resources to start hacking on a budget

Just came across this Free-as-in-freedom collection of Programming Languages resources (books, guides, etc) in the form of a Github Awesome list, of which most if not all are freely available on the internet.

EbookFoundation/free-programming-books

I wouldn't exactly call some of them "books" as per quality and quantity, but most are very concise guides, or cover specific aspects of programming that physical books tend to oversee, like Graphics Toolkits or platform specific stuff.

Oh, and this is not limited to programming either, though, just browse the parent repository and have a look yourself (you're welcome). I know I will.

Permalink 20210412_0846

Analysis paralysis with Linux

I'm currently running on what I believe is a case of analysis-paralysis with Linux: too many things that I want to learn/try, but due to a limited time shared with my other responsibilities of life, I don't know where to begin. This might be some kind of "first world problems" I know, but it still sort of sucks. But it's sort of the good suck, where my attention is divided into things that are constructive.

Some things that are in the backlog so far:

What is in your learning backlogs so far?

Permalink 20210412_0815

Akihabara Live Tooting finished

Thanks to everyone who followed up the live tooting at Akihabara where I went around looking for interesting computer stuff and parts to look and buy. I had fun, and hope you did too.

It was fun doing, but I sorta feel a little guilty for using my phone so much (but then, if it was with an old fashioned camera, it wouldn't be exactly "live"). Perhaps I'll make a writeup about the experience later in the articles. In the meantime, you can catch up with the main thread here, on Mastodon:

https://fosstodon.org/@kzimmermann/106032742203024345

Happy Friday and a good weekend to everyone!

Permalink 20210409_0529

Live tooting Friday Apr 9th at Akihabara

I'll be "live tooting" a visit to Akihabara, Tokyo's famous Geek/Tech/Otaku district and hub, where I'll be showcasing what you can find of older but still greatly usable computer hardware and parts from its many used stuff stores.

There's also a store that is specialized in Raspberry Pis and SBCs, which I also plan on visiting, so let's see what else I can find of old, vintage and useful hardware for a Free Software hacker.

Tentative time and date are 10AM~1PM JST of April 9th, so sorry Europe/US, I guess, but that's my only window available. I'll post the "results" in an article here too, so you can read it later too.

Permalink 20210408_0705

If you don't host it, how can you be sure you own it?

"We get all of this great stuff, and for free! I mean, how do they manage it?"

ZDNet: Yandex said it caught an employee selling access to users’ inboxes

Another reason why ownership of your own data, and its protection through the means of encryption, is paramount in importance. Technology may mask this point, and abstract away who else has access to the stuff you upload, but the importance has been and always will be there.

And by the way, this is not the kind of stuff that can get guaranteed protection with the "Protonmail approach" of "supposedly end-to-end encryption" either: even the German "champion" provider Tutanota was forced to backdoor one of its users too.

Part of the reason why this problem is allowed to exist is how email itself is structured: thanks to spam, it's practically impossible to self-host, so you have to defer it to the "Big Three." I don't know the solution to this yet, but I presume it has to do with going with a peer-to-peer model, where you own both the data and the infrastructure required to use it.

Permalink 20210406_0304

Featherweight and lightweight browsers

Getting to use the Raspberry Pi Model B from 2012 in a graphical mode again makes it feel like I'm coming back full circle back to 2010 and looking for lightweight Graphical programs to do my computing in any platform I want, independently of how many resources I have there.

This time, it's up to browsers. Going command-line only for a week did teach me that it's possible to survive there, but sometimes seeing other colors and images does add to the whole experience. So here's a quick list summarizing my findings about lightweight graphical browsers:

More to come in a future post!

Permalink 20210405_0548

Insulting move, even more insulting explanation

If there's one thing that pisses me off that pisses me off more about corporate PR people than their marketingspeak is when they try to "talk down" to customers to hide their true message and intention.

"We're sunsetting $SERVICE starting from next month"

Oh yeah, that kind of crap. This though, seems to be the latest, and really does take the cake in my opinion: ISP imposes data cap, explains it to users with condescending pizza analogy (from Ars Technica).

"You've already had your share of bits and bytes (pun intended!!1) of $SITE this month, Billy! Gotta wait until your next allowance comes in!

Not only they're doing an apples-to-orange comparison (scarce physical goods like food vs digital bits that by definition cannot be scarce), but their way of handling the whole situation is absolutely insulting.

Once there was silent traffic shaping: you'd notice that "something" was going slower with your browsing, but wasn't quite sure, and the ISP sort of shrugged it off. Now, though, thanks to the obliteration of Net neutrality, they don't have to hide it. But hey, don't be surprised if your customers start giving you the finger when you patronize and talk down to them.

Permalink 20210404_0821

2021/04/04, 05:45: Beginning OpenBSD

I might have come full circle in my trial of OSes yesterday night by trying out OpenBSD for the first time, after about 11 years of Linux and about one month of FreeBSD usage.

I frankly have no expectations of what to find in this interesting and apparently much more secure OS, but just want to have some fun and see what I can do with it. So far, the install was very straightforward, very much like the FreeBSD installer, and there were some interesting install messages explaining where to get help, documentation, etc signed by the man himself - Theo de Raadt. Granted, this is just like an automated email sent out after a purchase, but still, seeing his name welcoming you does give some warming to the whole thing.

Let the learning (and fun) begin again!

Permalink 20210404_0545

2021/04/03, 09:33: yet another documentary on Social Media manipulation

A subject that has been overexposed and almost overblown (much like privacy after the Snowden Leaks in 2013), manipulation of social groups on Social Media has had a fair share of its reports and documentaries along the years.

Here's another one, though, plainly available on YouTube (link points to an Invidious instance). At this point, "The Creepy Line" is more of grab-the-popcorn and head-nodding for those of us literate about privacy in the modern world, but at least I think I can use this for my "weekend watching." Plus, it's pretty easy to obtain, with tools like youtube-dl.

What are your other favorite documentaries? Share with us at the fediverse!

Permalink 20210403_0933

2021/04/02, 08:58: This Feed is also going live!

So I went ahead and did it: kzimmermann's Collection of Thoughts is made into an Atom feed. This will help me out further in communicating in a more write-only manner, and share what's going on more frequently with the outside world.

To subscribe, point your feed readers to: https://tilde.town/~kzimmermann/articles/updates.xml

Sorry that right now the feed has the same title as the main one, but it should work.

Permalink 20210402_0858

2021/03/31, 10:04 - loosenin' up the web

As part of my journey to try to limit my mindless wandering of the web without a goal, I realized that the barebones model of plain web pages without barriers (ex: having to use a certain device, a platform, or even a specific protocol) is the best way to make the web more "writable" and unfiltered.

Plain text files hosted in a web server that serves HTTP requests. That's all you need to "speak" today.

No distraction, no hiding, no manipulation and almost no way to track you. That's my goal in publishing from now on, and in obtaining interesting content. Therefore, I'll build a web feed for this so you can read it absolutely barrier-free, and only integrate Mastodon/Diaspora for convenience.

This essentially makes my content write-only as this backend is purely static, but that's part of the goal. And while there are similar propositions for this goal including twtxt, I think mine is a simpler (and more modest) goal.

Permalink 20210331_1004

2021/03/31, 07:08: "Write-only"

To fight the "addictions" that dealing with a lot of web content has caused to me, I'm trying to make an effort to from now on adopt a write-only stance to my interaction with the Internet.

I find that too much of the internet nowadays is exactly the opposite: designed and carefully engineered so that you can may only consume it like a TV feed. Not only that way providers can dominate your attention, but they also are able to passively manipulate you with feelings like lust, fear, guilt or envy to keep consuming more of it. And unlike TV, they don't have to force you to keep watching the show - you will voluntarily keep going back for more.

How do you break away from this? How do you rid your mind of this distraction and start getting more meaning in your life? Jolly good question, but I think part of the answer lies in becoming more active and creating rather than consuming.

From now on, I'll switch to a more "write-only" approach to my internet experience, posting more and reading less. This feed will be my communication with the outer world, and I may make an RSS Feed just for it.

See you around!

Permalink 20210331_0708

Status on 2021/03/30, 03:14

Some of us like to say they "left" the reach of Social Media because they don't participate in those surveillance-laden websites, but in reality, they're still in the net and they just don't realize it. How?

Messaging apps.

You can't name a single major messaging app nowadays that is not tied in any way to a major tech giant, which means that any time you use it, you are providing them with your data one way or another. And what's worse, this is a much harder trap to escape from because they have pretty much all the people you care about held in ransom (family, friends, potential employers...). And let's not forget that all messenger apps today are some sort of a social network themselves (status, follows, broadcasts...)

This is an ugly, but important truth that exists nowadays that we don't like to admit: unless we quit messaging apps as well, we'll remain in the hands of surveillance capitalists. I am yet to find a solution for this, but it seems pretty clear that asking people to use proper messaging solutions that respect your freedom is a losing battle - they won't switch.

In the meantime, I'm letting everyone else know that I'll be on my email address. No privacy? None in those "encrypted" messaging apps either, so might as well.

Permalink 20210330_0314

Status on 2021/03/24, 09:45

Found this great cheat sheet on Imgur chock full of useful commands and other terminal tricks that can be used in GNU/Linux.

Though aimed at beginners and those not familiar with the command-line, I guess everyone can learn something with it, even people with years of experience. I know for a fact that I'll be trying the following to record things on my podcast:

ffmpeg -f x11grab -s wxga -r 30 -i :0.0 -sameq /tmp/capture.mpg

What new command have you learned from that cheat sheet today?

Permalink 20210324_0945

Status on 2021/03/18, 12:51

And the saga continues - learning FreeBSD one command at a time.

Turns out that suspending the system is not that bad, in fact you can do it via command-line even on the console, like this:

acpiconf -s 3 # must be root

My guess is that you can probably edit your /etc/sudoers file to include yourself and that command specifically as a NOPASSWD entry, and then be able to issue that command without hassle (a-la Linux's loginctl), which then would allow you to run the following to "lock" the screen upon suspending:

acpiconf -s 3; logout

Next step is to bind this to some action and run this graphically. Or use it with a power manager, that's probably better.

Permalink 20210318_1251

Status on 2021/03/02, 06:13

Learning FreeBSD one command at a time: if your sound isn't coming from the right speaker, or you want to change its source, the sysctl hw.snd command is your friend.

For example, to set the sound to go through the 3.5mm jack, run:

sysctl hw.snd.default_unit=1

And to switch back to the the other PC speakers:

sysctl hw.snd.default_unit=0

There's actually a lot more you can do with sysctl, which is great. That way you don't have to memorize the syntax of many different programs for administration tasks. Off to learn more, I guess!

Permalink 20210302_0613

Status on 2021/02/26, 11:50

Using FreeBSD for the first time after 10 years of Linux usage - what have I learned so far?

Find out in my newest article

Permalink 20210226_1150

Status on 2021/02/23, 03:52

Learn something, try something, fail at something, create something, achieve something, enjoy something.

Hell, just do something.

But do it for the sake of yourself, and yourself only. No one else will care or enjoy it nearly as much as yourself, and doing for "them" will only land you in frustration. There's a reason why it's called personal development.

What will you do today?

Permalink 20210223_0352

Status on 2021/02/22, 07:15

Learning FreeBSD has been a great, fun exercise. Looks like having learned the Linux Console has helped plenty, but still the two are a little different.

Thank god for the excellently-documented FreeBSD handbook, that is available even as an epub!

Permalink 20210222_0715

Status on 2021/02/19, 05:13

Increasing eye candy when performing work in a console-only environment: change the prompt cursor back to the blinking block like in graphical terminals. Run the following command as root:

# echo 6 > /sys/module/vt/parameters/cur_default

Valid values are anywhere from 0 to 7, and you can try different solutions to best fit your needs. This may only seem to be a small thing, but it helps bring back that old familiar feeling of graphical terminals into a workflow done completely inside the Linux Console.

Permalink 20210219_0513

Status on 2021/02/16, 23:12

Following my adventures in Project 128, I finished the first batch of my "revised" backups.

Surprisingly, it took much less space than I thought after "compressing" and reducing most of my media. The first backup was finished at about 60GB of data and fit into a MicroSD card with plenty of space left.

Next task is to mirror that backup into a second medium and store it away.

Permalink 20210216_2312

Status on 2021/02/13, 10:47

It's getting clearer to me now that the ZIM format is the future of information storage. Spearheaded by the Kiwix Project originally as a way to read Wikipedia offline, its reaches are now far beyond the original scope, and virtually any content (text or not) can become compressed and quickly-searchable knowledge.

Just have a look at the collections listed by the Kiwix wiki to see how much information is out there, ready to be read in an offline manner without the need for a connection. There are ZIM files for Stack Exchange QA sites, and even TED talks (!).

Other great resources listing ZIM files can be found here:

Not to mention that you too can create your own ZIM file from basically anything, which makes me crave making a ZIM out of all my ebooks right now.

Do you use ZIM? What program do you use to read it?

Permalink 20210213_1047

Status on 2021/02/09, 23:20

The Linux Console is a tool, not just an interface. And thanks to the constant improvements and updates it receives, it remains to this day a modern and effective way to do work. And you can even do some graphical stuff in it, like viewing an image:

fim -a image.jpg

Or even watch a video: (!!!)

mpv -vo drm video.mp4

"User-friendly" is relative. Learn the interface and you'll gain power.

Permalink 20210209_2320

Status on 2021/02/03, 09:36

After searching so long for a solution as to how can I pipe content in and out of the tmux buffer, I finally found a sane, simple answer. And what's best, it is built-in inside the tmux functions.

Simply put, I wanted a way to load the "clipboard" of tmux by piping output into it, much like you can do with xclip or xsel like command | xsel -ib and then that output would be available for you to paste with standard Ctrl+V. And yes, you can do it using only the tmux buffer too:

command | tmux loadb -

Now you can paste the output of command into any tmux pane with the Prefix Seqquence + ] combination. Now, why would I want to do that? For cases where I'm ssh'ing into a server with its own tmux session and need to pass data along different panes, or when I'm down to just bare Linux console.

Pretty neat trick!

Permalink 20210203_0936

Status on 2021/02/02, 11:43

kzimmermann's podcast episode 012 - CyberChef review.

This is a great application for anyone who needs access to commonly-available Unix tools but are stuck with some work machine where they can't install free software. With Cyber Chef, all you need is a modern browser!

The downside? Developed by the GCHQ - no joke!

Have you ever used Cyber Chef? Do you know any similar alternative that does cryptography etc locally with a web browser? Let me know on Mastodon!

Permalink 20210202_1143

Status on 2021/01/26, 12:59

Took one (relatively) small step towards asserting my independence from cloud platforms by self-hosting a git repository in my own house.

What originally sounded to me like a huge, complicated task, actually turned out to be quite simple - if only for a very simple implementation of the protocol. Thanks to this easy guide, I was able to get my Raspberry Pi hosting a few repositories in less than 30min (I spent more because I had to do some debugging to get it up and running).

The final solution is pretty clever, and uses SSH as the backbone for transport and authentication. So if you want to learn more about how the git protocol works and the "innards" of something like GitLab works, the above is definitely a good read.

Permalink 20210126_1259

Status on 2021/01/25, 07:05

kzimmermann's Podcast Episode 011: Is Data the new Proprietary Software?

Everyone is publishing their software in Github nowadays, but does that automatically makes all software alright? What about the data these applications are storing away from their users?

Watch this episode now via Peertube.

Permalink 20210125_0705

Status on 2021/01/19, 08:58

Silly game of dice that you can play in your browser or over the network (tis just a simple python WSGI application):

#!/usr/bin/env python3
#
# Single-file dice game over the network
#

import wsgiref.simple_server
import random

PORT = 8000

def application(environ, start_response):
    start_response('200 OK', [('Content-Type', 'text/html;charset=utf-8')])

    my_number = random.randint(1, 6)
    your_number = random.randint(1, 6)

    if my_number > your_number:
        result = "You lose!"
    elif my_number == your_number:
        result = "It's a draw."
    else:
        result = "Ack, you win!"

    response = '''<!DOCTYPE html>
<html>
    <head>
        <title>Roll the dice</title>
    </head>
    <body>
        <p>
            Your number was: %s
        </p>
        <p>
            My number was: %s
        </p>
        <p>
            <strong>%s</strong>
        </p>
        <p>
            To play again, just refresh the page.
        </p>
    </body>
</html> ''' % (your_number, my_number, result)
    return [response.encode('utf-8')]

server = wsgiref.simple_server.make_server('', PORT, application)
print("Now listening on port %s..." % PORT)
server.serve_forever()

Do I recommend this to anyone wanting to build a proper, scalable web application? Likely not, but it's good to know that Python has the capability to do this kind of thing already built-in.

Permalink 20210119_0858

Status on 2021/01/18, 08:39

The way you extinguish privacy from the ordinary everyday life is by pretending it's outdated and irrelevant. Let's not allow that to happen.

New video by kzimmermann on Peertube with some cheating gameplay of FreeDOOM

Permalink 20210118_0839

Status on 2021/01/13, 00:37

I've decided to convert the great, but lengthy Hitchhiker's Guide to Anonymity into a nicely readable EPUB file.

Anonymity is a hard topic, even for experts, due to the sheer number of moving parts that can interfere with it. Everyone who cares a little bit about their own protection online should take some time to learn or recycle knowledge about it. Since that resource is pretty lengthy to be read as a web page, an EPUB that can be read offline helps.

Available here, from this very website.

Permalink 20210113_0037

Status on 2021/01/11, 05:58

Went dumpster diving this weekend (an incredibly fun and rewarding hobby for a hacker!) and found these two interesting pieces of hardware lying there. They have a microUSB input jack as well as a 3.5mm output jack, and though I'm not sure ergonomic they might be as keyboards, I want to know if I can use it for something else.

arduino keyboard 1

arduino keyboard 2

Does anybody know what they are, or have used them ever? Upon connecting them via USB, they have IDs 2341:8036 and 2341:0036 respectively, which points them to some kind of Arduino board. What can I do with them?

Permalink 20210111_0558

Status on 2021/01/08, 08:12

Haha! just found one of the first images I drew after learning how to use GIMP ten years ago after just starting to use Linux.

Internet - Piracy Rocks!

Interesting to see how Free Software really fosters an atmosphere of "learn it, master it, enjoy it." Before, when I used Windows, I had no incentive to learn how to use my computer other than games and browsing. With Linux, I feel that the mindset is (and always has been): "you can do anything here, as long as you're willing to learn."

And learn here is really the key; I have an understanding on what a computer is and how it works (skills which were turned necessary even for my career at one point) that I'd quite frankly never have had I not discovered Free Software.

Permalink 20210108_0812

Status on 2021/01/06, 14:07

Whew! Turns out that maintaining an awesome-* project in git is pretty tiresome, even if it's a simple text list.

Thanks to everyone to have contributed to finding privacy-respecting alternative frontends regardless! The work here is never done, but it's going!

Permalink 20210106_1407

Status on 2021/01/06, 06:34

I'm not sure if anyone made this before, so I decided to just go with it myself: a curated list of alternative frontends to many websites

Probably not complete or comprehensive at this point, but does the job to cover most of the popular websites today, giving browserless alternatives when possible.

Hooray!

Permalink 20210106_0634

Status on 2021/01/05, 07:17

"Why do people keep using slack at work? There are so many better alternatives that are free and federating out there."

"I wish we could use Linux in our office. That way, our computers would be so much more efficient and IT incidents would be cut down."

"I hate Office365, the company should've self-hosted Nextcloud so we could collaborate efficiently and with freedom."

All of these are valid arguments, and frankly I've thought of them myself for quite the longest time of my professional career. However, this Linux user-centric view shadows away a very important and often overlooked thing for an IT department: availability of support.

Say what you want, support for Microsoft stuff comes almost built-in for enterprise, and with centralized services, you can always put the blame on them instead of your internal IT organization. If I want to get help setting up my Nextcloud service in my NAS, though, I better hope there are enough motivated people in IRC to help me out.

Am I praising centralized services? Absolutely not. But this area of professional support provision is definitely something that Free Software needs to improve on if it must tackle the enterprise beast. Canonical, Red Hat, etc all noticed this already. Who's missing next?

Here's a good, but brief writeup on why so many IT organizations shy away from Free Software alternatives.

Permalink 20210105_0717

Status on 2021/01/03, 03:36

Happy belated new year! Lots of new things in my mind and plans for this year, including what I'd like to learn, improve, try and contribute to Free Software.

What are your plans for this year (that hopefully will be better than the last one!)?

Permalink 20210103_0336

Status on 2020/12/25, 07:19

I've been thinking about a sort of "semi-disposable" (think: burner) means of communication can be made using temporary and disposable email addreses such as GuerrillaMail or YOP Mail and a combination of GPG and Tor.

Once anonymous identities are established via Tor, two people with mutually-recognized PGP keys could start exchanging messages over these services, with a (brief) history until they burn these identities (and start over in the future).

Of course it could be done with something like Mastodon DMs or even XMPP, but the "burnable" part of the stack is a little questionable. These email providers, however, would probably gladly throw away everything related to the account once you're done with it (GuerrillaMail at least seems to be Open Source).

Permalink 20201225_0719

Status on 2020/12/22, 02:16

The Copyright Police has just been given superpowers: meet the COVID-19 bill.

Now with two big surprises for unsuspecting netizens: illegal streaming becomes a felony, and you can issue DMCA takedowns way more easily - as long as you have the right money backing you up.

Only in crazy times like this would watching a movie illegally (how do you define this anyway???) be equal to committing a murder or assaulting someone in terms of punishment.

Privacy is becoming more and more a requirement for self-defense rather than an afterthought.

Permalink 20201222_0216

Status on 2020/12/20, 08:36

The more you use, the more you learn... that's a good Linux metaphor, and a genuine truism. Having switched to Artix Linux, an Arch-based rolling-release distro without the use of systemd, I recently found myself struggling to understand how to start and stop services in it. Turns out that one of the goals of becoming systemd-free is to restore a classic init system a-la BSD, with a start and stop script for such "daemons."

So, if anyone has been having this same problem, here's how you can solve it (with OpenRC):

  1. Install the software you want to run as daemon. Example: tor.
  2. Install its init package. In Artix, this follows package-openrc convention, which, for Tor, would be tor-openrc.
  3. To start the service in a systemctl fashion, run as root: rc-service tor start

And that's about it! It's so great to be able to learn and solve things yourself in Linux!

Permalink 20201220_0836

Status on 2020/12/05, 07:26

The more I read about this COVID pandemic, the more I'm assured that this has been completely engineered.

Not the virus, that's a whole other can of worms, but the response? Definitely. Everyone has been played here: upon the fear and uncertainty, those with "power" come up with ways to profit from and control the situation so as to place themselves in the higher ground.

Your reality is being engineered...

Permalink 20201205_0726

Status on 2020/12/04, 06:27

Successfully added a way to put a simple title in these statuses, now not only the permalink pages look better (more explanatory) but I'll also be able to merge them into this site's atom feed.

Soon I'll be able to do all my posting from one place only - the Tilde.town command-line!

Permalink 20201204_0627

It's almost 2021 and IT organizations still are not shipping their end-user computers with a password manager.

Look, how about we all just agree that people downright suck at picking passwords and remembering multiple ones? Just pick one strong one that you can remember well and let your computer do rest for you: generating a distinct strong password, assigning a different one to each service you access on the internet, and backing them up so you'll never lose them.

That's exactly what a password manager does, and if everyone uses them, we will never have to implement stupid password policies or worse: rotate passwords every three months.

Permalink 20201201_0453

It really amuses me how some seemingly simple things can spur an enourmous amount of arguments. Take password strength, for instance.

When Randall Munroe posted this famous comic about how correct horse battery staple can be a much stronger password than your l33t_h4xoR666-style passwords, an entire new category of discussions arose, dragging in even people like Bruce Schneier in the mix.

xkcd's "Correct Horse Battery Staple"

The simpler something is, the better it is to use, adapt, and study, and a password policy is no different. People suck at generating random values; let the computer do this for you. And if you need one master password to manage these for you, use Diceware.

What do you use to manage your passwords?

Permalink 20201130_0732

They say "too good an offering, too good to be true." MEGA, an online storage service and spiritual successor to Kim Dotcom's MegaUpload, offers 15GB presumably end-to-end encrypted storage services (it's 35 + 15GB for the first month or so, later it drops to 15 and you have to invite others to get it back).

As usual, without an auditing, there is no way to confirm Dotcom's promises (Free Softwre should make this moot). But thankfully, there's still a chance to guarantee that you won't have to trust him, or any other host as a matter of fact: preventive encryption.

If you PGP-encrypt your data before it gets uploaded, you won't have to ever care about what the host can read. For stuff that changes little or never (images, etc), this is borderline perfect.

Permalink 20201126_1436

I think I really need to find a way to integrate these smaller updates into my RSS feed somehow. That way, I can also ensure they get posted into mastodon via toot (available in tilde.town via pip) and then I can just keep posting everything from one position :D

This could be a shell script, a python program, etc. I can do anything from the infrastructure that Tilde.town offers. Free Software is really limitless, and that's the true power of it!

Permalink 20201123_0411

Just found out about Tildes.net, a content aggregator that looks similar to Reddit and probably works in a similar way as well. The difference, though, is in the whole ethics of the platform and its operations: see their Philosophy for an example.

I think this is a great step forward for the fediverse in general, as I had not seen a service like this anywhere before. The only downside is that it doesn't seem to federate (yet?) unless it uses the tildeverse ID as credentials.

Great job, Tildeverse!

Permalink 20201122_0302

Made some laptop stickers with Free Software-related projects and organizations.

It was super easy to do once I bought some sticker paper and just printed the logos I copied from the internet. I should release this as a CC-BY-SA work of art here some time.

A laptop with lots of Free Software projects and organizations' stickers

Permalink 20201116_0924

Something tells me that I should get more serious about my online presence in the web. Should I try to self-host this very website? I'm thinking about some of the options here among the order of convenience over price here.

What could be the options when my ISP does not do port forwarding?

Permalink 20201107_0403

I'm now accepting donations through my LiberaPay account!

As always, my work is and always will remain free to consume, share and remix. You are encouraged to do all the three! However, if you'd like to support me so I can make more great content here, please sponsor me!

Content will come more often and with greater quality, both here and in my PeerTube Channel!

Permalink 20201103_1143

Loving how Free Software uses already known-to-work things to complement and add even more functionality to software instead of rewriting the wheel. And I'm not just talking about shell scripts either. Programs integrating code and plugins following the Unix principle are the best.

No freeware with a premium version at all here!

Permalink 20201102_0832

Although perhaps the RIAA did "win" the case and took down youtube-dl from Github, the wonderful Streisand Effect made a pyrrhic victory out of it. Witness the tens of new repositories that sprung from it, as complete as possible with even commit history, and the hundreds of anonymous copies (like this one in IPFS) that were made following the announcement.

People will not be silenced by corporations, that's for sure. Now we need to work the other side: how do we switch away from a culture that worships big corporations to one where our culture gets made by the people and for the people? That's the key question. And the answer will essentially disrupt any influence the RIAA and MPAA might have on the media.

Permalink 20201027_0202

This copyright madness can't continue. Github does not have a monopoly on youtube-dl source code, and go the RIAA does not have a monopoly on free speech.

If you care the slightest bit about Internet Freedom, please take 10 seconds to run the following command in your terminal:

git clone https://codeberg.org/polarisfm/youtube-dl

Even if you're not going to develop or distribute it, having the source with yourself means that the program will not disappear and it will become much harder to censor. You can take this one step further and redistribute it, either in clearnet or alternative networks, like in IPFS, where it's now available through this hash:

QmdZFnkyzP5w8vzt2Us641ZKn8SaXvm3eNTNGMvXXPy4dY

Do not let others take the freedom to share away from you. Do your part to keep the internet free.

Permalink 20201024_0247

I'm loving to become a PeerTuber (is this even a thing yet? At any rate fuck youtube) and share some of my work regarding the Free Software community.

My next step is to become a persistent seeder of all of my works I upload there. To do so, I'll do it like this:

  1. Record the stuff the same way I do today (i.e. recordmydesktop etc)
  2. Upload and publish the episode in my instance (diode.zone).
  3. Delete my original file on my computer.
  4. Download my own video through torrent (essentially becoming my own seeder).
  5. Contribute to the persistence of the federation.

I wonder if other Peertubers do the same?

Permalink 20201023_0941

This might be one of the coolest things ever: a terminal-based spreadsheet editor! As much as I hate excel and wish people knew that spreadsheets are for storing moderate ammounts of DATA, not making small operating systems, sometimes you need something a little better than a text editor.

This is where SC-IM comes in.

Permalink 20201022_0823

P2P is a good model for software implementation.

Seriously, this is the next step in empowering users!

Permalink 20201020_1259

Learning C has been one of the best experiences of this (lost year). It has been a while since I learned a program language, so this is really refreshing. I wonder where I'll go to, next: Go, Rust, something else?

Permalink 20201019_1323

This is important: All privacy and basically the whole bedrock of digital security is under one huge threat right now: the Five Eyes are demanding that Technology companies remove End to End Encryption from their software.

This is quite literally the unthinkable and, if done, will demise every single form of security in the digital world today - no more privacy and no more any expectation of digital security online.

Fight this: use encryption, promote it, teach it, develop it. Do not let this pass silently.

Permalink 20201015_0549

New video from my Podcast on Peertube published:

002 - How did you start in Linux and Free Software?

Unfortunately no IPFS link this time :(

Permalink 20201013_0754

Maybe I'm becoming a digital minimalist of sorts, but what the hell is wrong with the size of FILES these days?

Do you really need 3000+ pixels for a picture that you're not gonna see outside your 5-inch phone screen? 1080p for a video that never leaves the computer? Seriously, what the hell, I'm gonna write a script to reduce everything to half, then delete all this big-ass crap.

Permalink 20201011_1429

It's good to be back to the Fediverse with a new Mastodon account.

Part of me wishes to keep exploring a "side-fediverse," that of the Tildeverse. When I signed up for the town, I didn't originally know that there were so many other tildes around, they form like a real parallel federation by themselves. Previously, the closest thing I had experienced was the Peers community, and it's pretty small by comparison.

I guess it's time to go exploring this weekend too!

Permalink 20201009_0557

Ok, it's finally done. My new Mastodon account is under Fosstodon, and you may follow me there at @kzimmermann@fosstodon.org.

I initially was a little reluctant about using that instance as it has more than 13k members, and didn't want to unbalance the federation by overloading a single server. However, unlike the old Quitters, Fosstodon seems to be doing just fine and has an extensive history dating back from 2017. Also, see Mastodon.social doing just fine with 500k members.

Let the tooting begin!

Permalink 20201008_0900

Eureka! I'm loving to "reboot" my programming study and learn C for real this time. Perhaps next on I'll tackle Rust.

Here's the repo of things I've already written. It's a bunch of simple programs that I used to practice things like reading things and files, using includes and other things of the standard library. Not massive or huge, but it's been real fun!

Permalink 20201006_0910

Ok, it looks like my Mastodon account at Awoo.pub has gone under. I'm not sure if it's gonna come back (I never see anyone else in that instance ever post anything, maybe they just don't care anymore), so I might set up a different account at a different instance afterwards.

Perhaps that will even be better, a more popular instance might show me some new accounts to follow.

Permalink 20201005_0226

Sweet! Looks like my plant in botany has matured to a real Venus Flytrap! That's awesome.

It's games and programs like these that really help nurture a sense of belonging in the town.

Permalink 20201005_0216

Hah, this is so cool! I just discovered the qrcode module in Python, which apparently comes preinstalled in Ubuntu (?) and allows you to generate ASCII terminal-printable QRs of any string you want.

Here's this website, for example:

                                     
    █▀▀▀▀▀█  ▄█▀▄  ▀▀▀█▀▀ █▀▀▀▀▀█    
    █ ███ █ █ █▀▄ ▀ █▄ █▄ █ ███ █    
    █ ▀▀▀ █ █▄█  ███▄▀▀▀█ █ ▀▀▀ █    
    ▀▀▀▀▀▀▀ █▄▀▄▀▄▀▄▀ ▀▄▀ ▀▀▀▀▀▀▀    
    █▄▀▀██▀▄▄█▄▀▄ ▀█▄█▄█▄▄███▀▀ ▄    
    ▀▀▀▀█▀▀▀▀██▀  ▄ ▄  ▄▄  ▄█▄ ▄     
    ▀█▀▄▄ ▀ ▀▄▀▄█▄▄▄▀▀▄███▄▄▄▀▀ ▄    
    ▄█▀▄█ ▀ ▄ ▄  █▀█▀  ▄█▄█▄▀▀▀▄     
    ▄███▀▀▀█▄▀▄   ▀█▄▀ █  ▄▄▄▀█ ▄    
    █ █ ▀ ▀▀ ▄██▄ ▄ ▄▀█▄▄▄ ▀▀ ▀▄     
    ▀ ▀▀▀▀▀ ▄  ▀▄▄▄▄ █▄▀█▀▀▀█▄███    
    █▀▀▀▀▀█ ▄▄█▄▄█▀▀▄  ██ ▀ █▀▀ ▄    
    █ ███ █ █ ▀▀  ▀ ▄▀▄▄█▀▀▀▀▄█ ▀    
    █ ▀▀▀ █ ▀▀█▀▀  ▀▄ ▀█▄▀█▀██▀█     
    ▀▀▀▀▀▀▀ ▀  ▀     ▀ ▀  ▀▀▀▀▀

And it works, you can even scan it with your phone. Pretty cool!

And happy October too, btw!

Permalink 20201001_0655

Ran the town nicethings command and, to my surprise, had this excellent stoic quote to greet me. Coincidence? Pretty nice, regardless.

It’s unfortunate that this has happened. No. It’s fortunate that this has happened and I’ve remained unharmed by it—not shattered by the present or frightened of the future. It could have happened to anyone. But not everyone could have remained unharmed by it. - Marcus Aurelius

Permalink 20200929_0500

Aaaand it's done! The first usable version of the static page generator is published in github. Obviously it needs a lot of work, still, and probably won't be as feature-rich as Jekyll, but it was a fun little project to work on. Check it out!

Permalink 20200929_0456

Some voiceover comedy I did parodying all those pill commercials... but for programmers! What if there was a programming pill that solved all your problems?

NILism - a new way to nil

Also available through this IPFS DAG: QmXZiEEQ6wTCeZ6FP1x5RUQBJ1BFC5pgbmuBBwTZF5pTyg

Permalink 20200928_0737

Re-mirrored the pinned IPFS content into IPNS, the naming system. Dunno how this is going to work, but the difference is that supposedly it preserves updates i.e. serves always the latest version.

Find it out through this web gateway link or this DAG:

/ipns/k51qzi5uqu5dju508dqev94eroilnka36ofdnfa06fgt0442yaam1usyqzeyv8

Permalink 20200927_1339

It's done: this web page is now mirrored in IPFS! Available through this DAG: QmatGsZLELXZPmiPJtrDUB1dNhKhPhK5dhWSsF6hpmMN5R

You can also try through this IPFS Gateway. Hooray for distributed platforms!

Permalink 20200927_0305

Aaaaaand it's done. Klaus Zimmermann is now on video. Let's see how this turns out!

Also available in IPFS through this DAG: Qmf8TZm4cqTTzG7wHoeX4JdFdJU5vLTfvz1JgUE4iFDUc5

Permalink 20200926_0728

That's it: as my next "home project" I'm gonna mirror my entire site on tilde.town in IPFS. I've been planning to study it closer for a couple of months already, and besides, it's all static HTML anyway.

What better way to make your content available forever than to immortalize it in the global distributed file system of the world?

Permalink 20200926_0643

I have the slight feeling that my page-creation scripts in bash have become too spaghetti for maintenance, and I'll need something more organized to keep publishing my blog.

Perhaps it's python time again?

Permalink 20200926_0147

Cool, my plant in town botany is a venus flytrap! There's something therapeutic in raising and caring for a virtual plant here in the town!

Permalink 20200925_1401

Ah, so this is how ~vilmibm does the passwordless authentication thing with SSH.

I'm surprised by how simple it is, actually. Doesn't even need to be root if there's already sshd installed.

Permalink 20200923_0802

At last. I know can post here and the updates will find themselves in the main homepage. Check?

Permalink 20200923_0719

Zenity gives some new life into otherwise boring shell scripts, and allow you to make small GUI programs without requiring you to pull out another programming language.

Sure, it doesn't do everything a framework can do, but it's pretty awesome as lightweight as it is.

Permalink 20200923_0655

Man, I love cold weather. Say what you want, hot weather all year long and sweating sucks. I welcome Fall coming in and cooling everything down.

Permalink 20200923_0008

What is your favorite Darknet or Deep Web Network? I've been a user of I2P for a good 7 years now, before I even heard of Tor, which I've been using for about 5 years as well.

And then there is ZeroNet, which although the focus is not anonymity, does a great job in ensuring distribution and longevity through seeding a-la torrent. This concept got expanded in IPFS, though I used it mostly with files instead of web pages.

I'm still curious about the likes of GNUNet (which I hear it's a complete stack with even its own DNS) or FreeNet on which I2P was based. Got any other I didn't cover?

Permalink 20200922_0910

Learning is something you do best by doing rather than studying. Never broke anything? Why, that's probably because you never tried. Pile up your mistakes, learn from them, improve.

Consider them your battle scars that make you a better human. What are you taking from your life besides your experience, after all?

Permalink 20200922_0311

RAM and CPU are fragile, scarce resources. Protect them and use them with caution! The less you use the more you can share.

Permalink 20200921_1546

The command line is the most powerful computer resource and interface you'll ever use. Why? Because it abstracts itself, allowing work to be done even in the absence of a user!

Permalink 20200921_1545

Privacy and security go hand in hand. Can't have privacy due to "security concerns?" Bullshit. That means you deserve neither, ahem, Microsoft and all other big tech that capitalizes on data.

Permalink 20200921_1544

Linux teaches you more than just system administration or "computer literacy" (Whatever that means). It teaches you how to be self-sufficient and proficient within whatever you have and know. Some interpret this as hard to use and "user unfriendly" but in reality, this is power.

Pure, unfettered power, derived directly from knowledge. If you truly understand this, you'll change forever your life.

Permalink 20200921_1541