#dev 2021-07-18

2021-07-18 UTC
[tw2113_Slack_], Seirdy and [jacky] joined the channel
# 06:45 
@jackyalcine ↩️ ugh true but I'm afraid of that being more impossible without ridiculous hacks

like for twitter to anything, that's easy (https://brid.gy for one) but like tiktok? 

(begs the question of some places should be bridged) (twitter.com/_/status/1416649477104959489)
hendursa1 joined the channel
# 11:35 
@sprucekhalifa ↩️ This reply is a test for webmentions (twitter.com/_/status/1416722614375129088)
# 12:05 
@bennettbackward ↩️ ActivityPub or Webmentions are "push" based - you get alerted whenever something changes so you don't need to keep checking every 5 minutes or so. (twitter.com/_/status/1416730150155153410)
# 12:05 
@bennettbackward ↩️ Totally! Static hosting is cheap (free?) so having a standardized kind of knowledge feed like rss would have a low barrier to entry. The main difficulty with ActivityPub / Webmentions is that you need to have a server + a database. (twitter.com/_/status/1416729480232529925)
# 13:23 
superkuh Hm. Well, have to have a server at least. No need for a database.
# 14:17 
aaronpk You need some sort of database to maintain state
# 14:17 
aaronpk can be just a filesystem tho
# 14:27 
GWG My site feels slow to me... wondering if it is finally time for that VPS upgrade project
[snarfed] joined the channel
# 14:29 
[snarfed] measure first
[tantek] joined the channel
# 14:40 
[tantek] depends on where the slowness is coming from GWG
# 14:41 
[snarfed] ^ yup
# 14:51 
GWG [tantek]: I have to do some research
# 14:52 
GWG Just an upgrade is overdue before CentOS reaches EOL
# 15:00 
[tantek] smells like /admintax
# 15:01 
GWG [tantek]: Taxes are one of two things certain in this world
# 15:02 
[tantek] -> #indieweb-chat
# 15:40 
petermolnar upgrading OS is, at this point in technological advancement, is rather natural, and it fairly far from what I'd consider admintax.
KartikPrabhu joined the channel
# 15:59 
[tantek] I'd definitely consider upgrading OS an admintax, one that you can often skip for multiple versions
# 16:00 
[tantek] for the most part they're nearly a complete waste of time (minutes to hours), with a risk of your current stuff breaking
shoesNsocks joined the channel
# 16:07 
petermolnar I'm not going to ague with any part of that, apart from being admintax :) especially with centos; that thing used to be security patch supported for a decade per major version
# 16:07 
[tantek] I'm not going to argue with anything centos-specific, I have zero experience there. My statements about OS upgrades are based on iOS and MacOS
# 16:17 
aaronpk the threat profile is very different between an internet-facing server and a personal device, so there are very different considerations when upgrading the OS
# 16:19 
[tantek] agreed
# 16:28 
[tantek] just read the notes on the pop-up: https://indieweb.org/2021/Pop-ups/Very_Sensitive_Data_on_Your_Personal_Website
# 16:30 
[tantek] and reviewing /private_posts vs /protected and am wondering if we have rough consensus on the distinction between /private and /protected ?
capjamesg joined the channel
# 16:49 
capjamesg Anyone seen the Guardian homepage lately?
# 16:49 
capjamesg Headline story: https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus
# 16:50 
capjamesg What is surveillance?
# 16:50 
Loqi surveillance is the monitoring of behavior usually unbeknownst to those being monitored, on the web with 3rd party cookies, and possibly even on some IndieWeb sites with analytics trackers like Google Analytics https://indieweb.org/surveillance
# 16:50 
capjamesg Surveillance << https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus
# 16:50 
Loqi ok, I added "https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus" to the "See Also" section of /smart_speaker https://indieweb.org/wiki/index.php?diff=76440&oldid=73980 
# 16:50 
capjamesg surveillance << https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus
# 16:50 
Loqi ok, I added "https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus" to the "See Also" section of /surveillance https://indieweb.org/wiki/index.php?diff=76441&oldid=67238 
# 16:51 
petermolnar capjamesg: that topic is more suited for -chat
# 16:53 
capjamesg Ah, indeed. I have just logged onto IRC. I need to research whether I can automatically join channels with irssi.
# 16:55 
[tantek] petermolnar, sorta. I'm actually thinking of changing something on my /contact page due to the article
# 16:55 
[tantek] that's pretty bad capjamesg
# 16:56 
petermolnar hm?
# 16:56 
petermolnar what are you changing, [tantek]?
# 16:57 
[tantek] I think I'm going to drop my SMS: link since the article says that iMessage is one of the delivery mechanisms for the Pegasus spyware
# 16:57 
[tantek] or maybe switch it to IndieAuth-only
# 16:59 
capjamesg I have personally never felt comfortable giving away my SMS number publicly.
# 16:59 
capjamesg I reserve it for services for confirmation codes (where Yubikey support is not available).
# 16:59 
capjamesg And personal friends / family.
# 17:00 
[tantek] capjamesg I don't have an SMS number, for this very reason (and a few others)
# 17:00 
capjamesg I'm sorry. This should be in chat...
# 17:00 
[tantek] in the context of what to put on your /contact page, this is still on topic
# 17:01 
capjamesg Indeed. I think my contact page has my Insta and maybe GitHub. I can't remember. It's not something I regularly update.
# 17:01 
capjamesg One thing I have noticed is more email spam coming my way so I've moved to readers@jamesg.blog on my site and will probably need to think of some better way to represent my email.
# 17:02 
[tantek] yeah I got a few odd messages on my iMessage in the past couple of months (including an unsolicited offer to buy my Twitter handle for some BTC 🙄 )
# 17:03 
capjamesg tantek it makes me think that maybe a private /contact page only for friends (at some obscure URL for instance, noindexed, excluded from robots.txt) might be interesting.
# 17:04 
[tantek] capjamesg, nah, that's what I meant by IndieAuth'd
# 17:04 
capjamesg Yeah. That would work too :)
# 17:04 
[tantek] same URL, except when someone is signed in via IndieAuth, it shows additional contact info
# 17:04 
capjamesg I just don't have that set up on my blog :)
# 17:05 
capjamesg Then there's the question: what should you show to the public? :D
# 17:05 
[tantek] what is contact?
# 17:05 
Loqi communication in the context of the indieweb refers to using your personal website as a starting point and potentially way for people to contact you https://indieweb.org/contact
# 17:05 
capjamesg I think that depends on the person. For me, I am going to keep readers@jamesg.blog for public communication. I'll get the emails in my regular inbox but at least I'm not giving out my main email.
[schmarty] joined the channel
# 17:06 
capjamesg Wow you have done a lot of work on contact pages tantek.
# 17:06 
capjamesg I read a bit of your piece on markup for people focused mobile communcation and bookmarked it for later reference. Was an interesting read.
# 17:07 
petermolnar I've added my email and phone number on my avatar picture for chats/silos I've more or less left
# 17:07 
petermolnar I wonder if that is something that gets harvested
# 17:08 
petermolnar as for spam: it's been rather bad recently. I had to seriously tighted my spam filter a few weeks ago, because many messages were slipping through.
# 17:09 
[tantek] contact << Warning: some contact info (phone number or email/AppleID) may be harvested for nefarious purposes, from time-wasting like spam, to actual security threats like installing Pegasus spyware via [[SMS]]/iMessage per https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus
# 17:09 
Loqi ok, I added "Warning: some contact info (phone number or email/AppleID) may be harvested for nefarious purposes, from time-wasting like spam, to actual security threats like installing Pegasus spyware via [[SMS]]/iMessage per https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus" to the "See Also" section of /communication https://indieweb.org/wiki/index.php?diff=76444&oldid=64119 
# 17:10 
capjamesg There was an article on the BBC about scraping earlier this week which might be relevant.
# 17:10 
capjamesg Let me find it.
# 17:10 
capjamesg social media << Information you post on social media might be scraped: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjLndSkju3xAhXHCWMBHXJJB-gQFjABegQIBxAD&url=https%3A%2F%2Fwww.bbc.co.uk%2Fnews%2Fbusiness-57841239&usg=AOvVaw0a4EhEpwAl6QcbEUD2o5TE
# 17:10 
Loqi ok, I added "Information you post on social media might be scraped: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjLndSkju3xAhXHCWMBHXJJB-gQFjABegQIBxAD&url=https%3A%2F%2Fwww.bbc.co.uk%2Fnews%2Fbusiness-57841239&usg=AOvVaw0a4EhEpwAl6QcbEUD2o5TE" to the "See Also" section of /social_media https://indieweb.org/wiki/index.php?diff=76445&oldid=76093 
# 17:10 
petermolnar re: the article: oh, one more thing to be proud of Hungary for being on that list ::headdesk::
# 17:10 
capjamesg Ah, come on. I don't like how when you copy a Google URL it sometimes sends you through another URL.
# 17:11 
capjamesg I'll amend.
# 17:16 
[tantek] lol yeah speaking of tracking
# 17:16 
[tantek] ok updated my /contact page accordingly
# 17:16 
[tantek] thanks for the article capjamesg
# 17:16 
[tantek] capjamesg++
# 17:16 
Loqi capjamesg has 2 karma in this channel over the last year (3 in all channels)
# 17:20 
capjamesg Yay!
# 17:20 
Loqi does a happy dance!
# 17:20 
capjamesg I think there might be more articles to come on the Guardian but I'm not sure.
# 17:21 
[tantek] it sounds like the beginning of a series yeah
# 17:22 
capjamesg Yeah. It says that in the article I linked a few paragraphs down. They will release "the identities of people whose number appeared on the list in the coming days."
hendursaga joined the channel
# 18:03 
[tantek] In case you're a GitHub Copilot user, careful not to accidentally use someone else's API keys that the AI auto-fills for you lol: https://twitter.com/pkell7/status/1411058236321681414
# 18:03 
@pkell7 Fucking lol 😆😆😆 https://pbs.twimg.com/media/E5UV8jtWYAAt-BI.jpg (twitter.com/_/status/1411058236321681414)
# 18:04 
[tantek] More here: https://www.theregister.com/2021/07/06/github_copilot_autocoder_caught_spilling/
KartikPrabhu, angelo, [tantek] and jjuran joined the channel
# 23:08 
sknebel KartikPrabhu: https://kartikprabhu.com/ is unreachable, known/intentional?
# 23:08 
KartikPrabhu www should work
# 23:08 
KartikPrabhu haven't had time to figure out redirect
# 23:08 
sknebel ah
# 23:10 
sknebel (your user page links to the no-www version, that's how I ended up there)
KartikPrabhu joined the channel