#dev 2021-07-18

2021-07-18 UTC
[tw2113_Slack_], Seirdy and [jacky] joined the channel
#
@jackyalcine
↩️ ugh true but I'm afraid of that being more impossible without ridiculous hacks like for twitter to anything, that's easy (https://brid.gy for one) but like tiktok? (begs the question of some places should be bridged)
(twitter.com/_/status/1416649477104959489)
hendursa1 joined the channel
#
@sprucekhalifa
↩️ This reply is a test for webmentions
(twitter.com/_/status/1416722614375129088)
#
@bennettbackward
↩️ ActivityPub or Webmentions are "push" based - you get alerted whenever something changes so you don't need to keep checking every 5 minutes or so.
(twitter.com/_/status/1416730150155153410)
#
@bennettbackward
↩️ Totally! Static hosting is cheap (free?) so having a standardized kind of knowledge feed like rss would have a low barrier to entry. The main difficulty with ActivityPub / Webmentions is that you need to have a server + a database.
(twitter.com/_/status/1416729480232529925)
#
superkuh
Hm. Well, have to have a server at least. No need for a database.
#
aaronpk
You need some sort of database to maintain state
#
aaronpk
can be just a filesystem tho
#
GWG
My site feels slow to me... wondering if it is finally time for that VPS upgrade project
[snarfed] joined the channel
#
[snarfed]
measure first
[tantek] joined the channel
#
[tantek]
depends on where the slowness is coming from GWG
#
GWG
[tantek]: I have to do some research
#
GWG
Just an upgrade is overdue before CentOS reaches EOL
#
GWG
[tantek]: Taxes are one of two things certain in this world
#
[tantek]
-> #indieweb-chat
#
petermolnar
upgrading OS is, at this point in technological advancement, is rather natural, and it fairly far from what I'd consider admintax.
KartikPrabhu joined the channel
#
[tantek]
I'd definitely consider upgrading OS an admintax, one that you can often skip for multiple versions
#
[tantek]
for the most part they're nearly a complete waste of time (minutes to hours), with a risk of your current stuff breaking
shoesNsocks joined the channel
#
petermolnar
I'm not going to ague with any part of that, apart from being admintax :) especially with centos; that thing used to be security patch supported for a decade per major version
#
[tantek]
I'm not going to argue with anything centos-specific, I have zero experience there. My statements about OS upgrades are based on iOS and MacOS
#
aaronpk
the threat profile is very different between an internet-facing server and a personal device, so there are very different considerations when upgrading the OS
#
[tantek]
and reviewing /private_posts vs /protected and am wondering if we have rough consensus on the distinction between /private and /protected ?
capjamesg joined the channel
#
capjamesg
Anyone seen the Guardian homepage lately?
#
capjamesg
What is surveillance?
#
Loqi
surveillance is the monitoring of behavior usually unbeknownst to those being monitored, on the web with 3rd party cookies, and possibly even on some IndieWeb sites with analytics trackers like Google Analytics https://indieweb.org/surveillance
#
Loqi
ok, I added "https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus" to the "See Also" section of /smart_speaker https://indieweb.org/wiki/index.php?diff=76440&oldid=73980
#
Loqi
ok, I added "https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus" to the "See Also" section of /surveillance https://indieweb.org/wiki/index.php?diff=76441&oldid=67238
#
petermolnar
capjamesg: that topic is more suited for -chat
#
capjamesg
Ah, indeed. I have just logged onto IRC. I need to research whether I can automatically join channels with irssi.
#
[tantek]
petermolnar, sorta. I'm actually thinking of changing something on my /contact page due to the article
#
[tantek]
that's pretty bad capjamesg
#
petermolnar
what are you changing, [tantek]?
#
[tantek]
I think I'm going to drop my SMS: link since the article says that iMessage is one of the delivery mechanisms for the Pegasus spyware
#
[tantek]
or maybe switch it to IndieAuth-only
#
capjamesg
I have personally never felt comfortable giving away my SMS number publicly.
#
capjamesg
I reserve it for services for confirmation codes (where Yubikey support is not available).
#
capjamesg
And personal friends / family.
#
[tantek]
capjamesg I don't have an SMS number, for this very reason (and a few others)
#
capjamesg
I'm sorry. This should be in chat...
#
[tantek]
in the context of what to put on your /contact page, this is still on topic
#
capjamesg
Indeed. I think my contact page has my Insta and maybe GitHub. I can't remember. It's not something I regularly update.
#
capjamesg
One thing I have noticed is more email spam coming my way so I've moved to readers@jamesg.blog on my site and will probably need to think of some better way to represent my email.
#
[tantek]
yeah I got a few odd messages on my iMessage in the past couple of months (including an unsolicited offer to buy my Twitter handle for some BTC 🙄 )
#
capjamesg
tantek it makes me think that maybe a private /contact page only for friends (at some obscure URL for instance, noindexed, excluded from robots.txt) might be interesting.
#
[tantek]
capjamesg, nah, that's what I meant by IndieAuth'd
#
capjamesg
Yeah. That would work too :)
#
[tantek]
same URL, except when someone is signed in via IndieAuth, it shows additional contact info
#
capjamesg
I just don't have that set up on my blog :)
#
capjamesg
Then there's the question: what should you show to the public? :D
#
[tantek]
what is contact?
#
Loqi
communication in the context of the indieweb refers to using your personal website as a starting point and potentially way for people to contact you https://indieweb.org/contact
#
capjamesg
I think that depends on the person. For me, I am going to keep readers@jamesg.blog for public communication. I'll get the emails in my regular inbox but at least I'm not giving out my main email.
[schmarty] joined the channel
#
capjamesg
Wow you have done a lot of work on contact pages tantek.
#
capjamesg
I read a bit of your piece on markup for people focused mobile communcation and bookmarked it for later reference. Was an interesting read.
#
petermolnar
I've added my email and phone number on my avatar picture for chats/silos I've more or less left
#
petermolnar
I wonder if that is something that gets harvested
#
petermolnar
as for spam: it's been rather bad recently. I had to seriously tighted my spam filter a few weeks ago, because many messages were slipping through.
#
[tantek]
contact << Warning: some contact info (phone number or email/AppleID) may be harvested for nefarious purposes, from time-wasting like spam, to actual security threats like installing Pegasus spyware via [[SMS]]/iMessage per https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus
#
Loqi
ok, I added "Warning: some contact info (phone number or email/AppleID) may be harvested for nefarious purposes, from time-wasting like spam, to actual security threats like installing Pegasus spyware via [[SMS]]/iMessage per https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus" to the "See Also" section of /communication https://indieweb.org/wiki/index.php?diff=76444&oldid=64119
#
capjamesg
There was an article on the BBC about scraping earlier this week which might be relevant.
#
capjamesg
Let me find it.
#
petermolnar
re: the article: oh, one more thing to be proud of Hungary for being on that list ::headdesk::
#
capjamesg
Ah, come on. I don't like how when you copy a Google URL it sometimes sends you through another URL.
#
capjamesg
I'll amend.
#
[tantek]
lol yeah speaking of tracking
#
[tantek]
ok updated my /contact page accordingly
#
[tantek]
thanks for the article capjamesg
#
[tantek]
capjamesg++
#
Loqi
capjamesg has 2 karma in this channel over the last year (3 in all channels)
#
Loqi
does a happy dance!
#
capjamesg
I think there might be more articles to come on the Guardian but I'm not sure.
#
[tantek]
it sounds like the beginning of a series yeah
#
capjamesg
Yeah. It says that in the article I linked a few paragraphs down. They will release "the identities of people whose number appeared on the list in the coming days."
hendursaga joined the channel
#
[tantek]
In case you're a GitHub Copilot user, careful not to accidentally use someone else's API keys that the AI auto-fills for you lol: https://twitter.com/pkell7/status/1411058236321681414
KartikPrabhu, angelo, [tantek] and jjuran joined the channel
#
sknebel
KartikPrabhu: https://kartikprabhu.com/ is unreachable, known/intentional?
#
KartikPrabhu
www should work
#
KartikPrabhu
haven't had time to figure out redirect
#
sknebel
(your user page links to the no-www version, that's how I ended up there)
KartikPrabhu joined the channel