falsifian

www.falsifian.org

No description provided.

Recent twts from falsifian
In-reply-to » @bender True, I'm just not sure we can have it both way? šŸ¤” I can turn smartypants off, but I do seem to recall you wanted it on šŸ¤£

@prologic@twtxt.net Iā€™m not a yarnd user, so it doesnā€™t matter a whole lot to me, but FWIW Iā€™m not especially keen on changing how I format my twts to work around yarndā€™s quirks.

I wonder if this kind of postprocessing would fit better between composing (via yarndā€™s UI) and publishing. So, if a yarnd user types Ā¼, it could get changed to Ā¼ in the twtxt.txt file for everyone to see, not just people reading through yarnd. But when I type Ā¼, meaning first out of four, as a non-yarnd user, the meaning wouldnā€™t get corrupted. I can always type Ā¼ directly if thatā€™s what I really intend.

(This twt might be easier to understand if you read it without any transformations :-P)

Anyway, again, Iā€™m not a yarnd user, so do what you will, just know you might not be seeing exactly what I meant.

ā¤‹ Read More

Recent #fiction #scifi #reading:

  • The Memory Police by Yōko Ogawa. Lovely writing. Very understated; reminded me of Kazuo Ishiguro. Sort of like Nineteen Eighty-Four but not. (I first heard it recommended in comparison to that work.)

  • Subcutanean by Aaron Reed; https://subcutanean.textories.com/ . Every copy of the book is different, which is a cool idea. I read two of them (one from the library, actually not different from the other printed copies, and one personalized e-book). I donā€™t read much horror so managed to be a little creeped out by it, which was fun.

  • The Wind from Nowhere, a 1962 novel by J. G. Ballard. A random pick from the sci-fi section; I think I picked it up because it made me imagine some weird 4-dimensional effect (ā€œfrom nowhereā€ meaning not in a normal direction) but actually (spoiler) it was just about a lot of wind for no reason. The book was moderately entertaining but there was nothing special about it.

Currently reading Scale by Greg Egan and Inversion by Aric McBay.

ā¤‹ Read More

More thoughts about changes to twtxt (as if we havenā€™t had enough thoughts):

  1. There are lots of great ideas here! Is there a benefit to putting them all into one document? Seems to me this could more easily be a bunch of separate efforts that can progress at their own pace:

1a. Better and longer hashes.

1b. New possibly-controversial ideas like edit: and delete: and location-based references as an alternative to hashes.

1c. Best practices, e.g. Content-Type: text/plain; charset=utf-8

1d. Stuff already described at dev.twtxt.net that doesnā€™t need any changes.

  1. We wonā€™t know what will and wonā€™t work until we try them. So Iā€™m inclined to think of this as a bunch of draft ideas. Maybe later when weā€™ve seen it play out it could make sense to define a group of recommended twtxt extensions and give them a name.

  2. Another reason for 1 (above) is: I like the current situation where all you need to get started is these two short and simple documents:
    https://twtxt.readthedocs.io/en/latest/user/twtxtfile.html
    https://twtxt.readthedocs.io/en/latest/user/discoverability.html
    and everything else is an extension for anyone interested. (Deprecating non-UTC times seems reasonable to me, though.) Having a big long ā€œtwtxt v2ā€ document seems less inviting to people looking for something simple. (@prologic@twtxt.net you mentioned an anonymous comment ā€œyouā€™ve ruined twtxtā€ and while I donā€™t completely agree with that commenterā€™s sentiment, I would feel like twtxt had lost something if it moved away from having a super-simple core.)

  3. All that being said, these are just my opinions, and Iā€™m not doing the work of writing software or drafting proposals. Maybe I will at some point, but until then, if youā€™re actually implementing things, youā€™re in charge of what you decide to make, and Iā€™m grateful for the work.

ā¤‹ Read More

#fzf is the new emacs: a tool with a simple purpose that has evolved to include an #email client. https://sr.ht/~rakoo/omail/

Iā€™m being a little silly, of course. fzf doesnā€™t actually check your email, but it appears to be basically the whole user interface for that mail program, with #mblaze wrangling the emails.

Iā€™ve been thinking about how I handle my email, and am tempted to make something similar. (When I originally saw this linked the author was presenting it as an example tweaked to their own needs, encouraging people to make their own.)

This approach could surely also be combined with #jenny, taking the place of (neo)mutt. For example mblazeā€™s mthread tool presents a threaded discussion with indentation.

ā¤‹ Read More
In-reply-to » LOl šŸ˜‚ Not only have a tried to write up a full Twtxt v2 specification, I've also written a Bash shell script that implements the new spec šŸ˜…

@lyse@lyse.isobeef.org Iā€™d suggest making the whole content-type thing a SHOULD, to accommodate people just using some hosting service they donā€™t have much control over. (The same situation could make detecting followers hard, but IMO ā€œplease email me if you follow meā€ is still legit twtxt, even if inconvenient.)

ā¤‹ Read More
In-reply-to » Okay folks, I've spent all day on this today, and I think its in "good enough"ā„¢ shape to share:

@prologic@twtxt.net Thanks for writing that up!

I hope it can remain a living document (or sequence of draft revisions) for a good long time while we figure out how this stuff works in practice.

I am not sure how I feel about all this being done at once, vs. letting conventions arise.

For example, even today I could reply to twt abc1234 with ā€œ(#abc1234) Edit: ā€¦ā€ and I think all you humans would understand it as an edit to (#abc1234). Maybe eventually it would become a common enough convention that clients would start to support it explicitly.

Similarly we could just start using 11-digit hashes. We should iron out whether itā€™s sha256 or whatever but thereā€™s no need get all the other stuff right at the same time.

I have similar thoughts about how some users could try out location-based replies in a backward-compatible way (append the replyto: stuff after the legacy (#hash) style).

However I recognize that Iā€™m not the one implementing this stuff, and itā€™s less work to just have everything determined up front.

Misc comments (I havenā€™t read the whole thing):

  • Did you mean to make hashes hexadecimal? You lose 11 bits that way compared to base32. Iā€™d suggest gaining 11 bits with base64 instead.

  • ā€œClients MUST preserve the original hashā€ ā€” do you mean they MUST preserve the original twt?

  • Thanks for phrasing the bit about deletions so neutrally.

  • I donā€™t like the MUST in ā€œClients MUST follow the chain of reply-to referencesā€¦ā€. If someone writes a client as a 40-line shell script that requires the user to piece together the threading themselves, IMO we shouldnā€™t declare the client non-conforming just because they didnā€™t get to all the bells and whistles.

  • Similarly I donā€™t like the MUST for user agents. For one thing, you might want to fetch a feed without revealing your identty. Also, it raises the bar for a minimal implementation (Iā€™m again thinking again of the 40-line shell script).

  • For ā€œwho followsā€ lists: why must the long, random tokens be only valid for a limited time? Do you have a scenario in mind where they could leak?

  • Why canā€™t feeds be served over HTTP/1.0? Again, thinking about simple software. I recently tried implementing HTTP/1.1 and it wasnā€™t too bad, but 1.0 would have been slightly simpler.

  • Why get into the nitty-gritty about caching headers? This seems like generic advice for HTTP servers and clients.

  • Iā€™m a little sad about other protocols being not recommended.

  • I donā€™t know how I feel about including markdown. I donā€™t mind too much that yarn users emit twts full of markdown, but Iā€™m more of a plain text kind of person. Also it adds to the length. I wonder if putting a separate document would make more sense; that would also help with the length.

ā¤‹ Read More
In-reply-to » @prologic Do you have a link to some past discussion?

@david@collantes.us Thanks, thatā€™s good feedback to have. I wonder to what extent this already exists in registry servers and yarn pods. I havenā€™t really tried digging into the past in either one.

How interested would you be in changes in metadata and other comments in the feeds? Iā€™m thinking of just permanently saving every version of each twtxt file that gets pulled, not just the twts. It wouldnā€™t be hard to do (though presenting the information in a sensible way is another matter). Compression should make storage a non-issue unless someone does something weird with their feed like shuffle the comments around every time I fetch it.

ā¤‹ Read More
In-reply-to » @prologic I wouldn't want my client to honour delete requests. I like my computer's memory to be better than mine, not worse, so it would bug me if I remember seeing something and my computer can't find it.

@prologic@twtxt.net Do you have a link to some past discussion?

Would the GDPR would apply to a one-person client like jenny? I seriously hope not. If someone asks me to delete an email they sent me, I donā€™t think I have to honour that request, no matter how European they are.

I am really bothered by the idea that someone could force me to delete my private, personal record of my interactions with them. Would I have to delete my journal entries about them too if they asked?

Maybe a public-facing client like yarnd needs to consider this, but that also bothers me. I was actually thinking about making an Internet Archive style twtxt archiver, letting you explore past twts, including long-dead feeds, see edit histories, deleted twts, etc.

ā¤‹ Read More

I wrote some code to try out non-hash reply subjects formatted as (replyto ), while keeping the ability to use the existing hash style.

I donā€™t think we need to decide all at once. If clients add support for a new method then people can use it if they like. The downside of course is that this costs developer time, so I decided to invest a few hours of my own time into a proof of concept.

With apologies to @movq@www.uninformativ.de for corrupting jennyā€™s beautiful code. I donā€™t write this expecting you to incorporate the patch, because it does complicate things and might not be a direction you want to go in. But if you like any part of this approach feel free to use bits of it; I release the patch under jennyā€™s current LICENCE.

Supporting both kinds of reply in jenny was complicated because each email can only have one Message-Id, and because itā€™s possible the target twt will not be seen until after the twt referencing it. The following patch uses an sqlite database to keep track of known (url, timestamp) pairs, as well as a separate table of (url, timestamp) pairs that havenā€™t been seen yet but are wanted. When one of those ā€œwantedā€ twts is finally seen, the mail file gets rewritten to include the appropriate In-Reply-To header.

Patch based on jenny commit 73a5ea81.

https://www.falsifian.org/a/oDtr/patch0.txt

Not implemented:

  • Composing twts using the (replyto ā€¦) format.
  • Probably other important things Iā€™m forgetting.

ā¤‹ Read More
In-reply-to » An alternate idea for supporting (properly) Twt Edits is to denoate as such and extend the meaning of a Twt Subject (which would need to be called something better?); For example, let's say I produced the following Twt:

@prologic@twtxt.net I wouldnā€™t want my client to honour delete requests. I like my computerā€™s memory to be better than mine, not worse, so it would bug me if I remember seeing something and my computer canā€™t find it.

ā¤‹ Read More

@sorenpeter@darch.dk I like this idea. Just for fun, Iā€™m using a variant in this twt. (Also because Iā€™m curious how it non-hash subjects appear in jenny and yarn.)

URLs can contain commas so I suggest a different character to separate the url from the date. Is this twt Iā€™ve used space (also after ā€œreplytoā€, for symmetry).

I think this solves:

  • Changing feed identities: although @mckinley@twtxt.net points out URLs can change, I think this syntax should be okay as long as the feed at that URL can be fetched, and as long as the current canonical URL for the feed lists this one as an alternate.
  • editing, if you donā€™t care about message integrity
  • finding the root of a thread, if youā€™re not following the author

An optional hash could be added if message integrity is desired. (E.g. if you donā€™t trust the feed author not to make a misleading edit.) Other recent suggestions about how to deal with edits and hashes might be applicable then.

People publishing multiple twts per second should include sub-second precision in their timestamps. As you suggested, the timestamp could just be copied verbatim.

ā¤‹ Read More
In-reply-to » @prologic Yeah, that thing with (#hash;#originalHash) would also work.

@movq@www.uninformativ.de

Maybe Iā€™m being a bit too purist/minimalistic here. As I said before (in one of the 1372739 posts on this topic ā€“ or maybe I didnā€™t even send that twt, I donā€™t remember šŸ˜…), I never really liked hashes to begin with. They arenā€™t super hard to implement but they are kind of against the beauty of the original twtxt ā€“ because you need special client support for them. Itā€™s not something that you could write manually in your twtxt.txt file. With @sorenpeter@darch.dkā€™s proposal, though, that would be possible.

Tangentially related, I was a bit disappointed to learn that the twt subject extension is now never used except with hashes. Manually-written subjects sounded so beautifully ad-hoc and organic as a way to disambiguate replies. Maybe Iā€™ll try it some time just for fun.

ā¤‹ Read More

@prologic@twtxt.net earlier you suggested extending hashes to 11 characters, but hereā€™s an argument that they should be even longer than that.

Imagine I found this twt one day at https://example.com/twtxt.txt :

2024-09-14T22:00Z Useful backup command: rsync -a ā€œ$HOMEā€ /mnt/backup

Image

and I responded with ā€œ(#5dgoirqemeq) Thanks for the tip!ā€. Then Iā€™ve endorsed the twt, but it could latter get changed to

2024-09-14T22:00Z Useful backup command: rm -rf /some_important_directory

Image

which also has an 11-character base32 hash of 5dgoirqemeq. (Iā€™m using the existing hashing method with https://example.com/twtxt.txt as the feed url, but Iā€™m taking 11 characters instead of 7 from the end of the base32 encoding.)

Thatā€™s what I meant by ā€œspoofingā€ in an earlier twt.

I donā€™t know if preventing this sort of attack should be a goal, but if it is, the number of bits in the hash should be at least two times log2(number of attempts we want to defend against), where the ā€œtwo timesā€ is because of the birthday paradox.

Side note: current hashes always end with ā€œaā€ or ā€œqā€, which is a bit wasteful. Maybe we should take the first N characters of the base32 encoding instead of the last N.

Code I used for the above example: https://fossil.falsifian.org/misc/file?name=src/twt_collision/find_collision.c
I only needed to compute 43394987 hashes to find it.

ā¤‹ Read More
In-reply-to » @prologic Some criticisms and a possible alternative direction:

@lyse@lyse.isobeef.org This looks like a nice way to do it.

Another thought: if clients canā€™t agree on the url (for example, if we switch to this new way, but some old clients still do it the old way), that could be mitigated by computing many hashes for each twt: one for every url in the feed. So, if a feed has three URLs, every twt is associated with three hashes when it comes time to put threads together.

A client stills need to choose one url to use for the hash when composing a reply, but this might add some breathing room if thereā€™s a period when clients are doing different things.

(From what I understand of jenny, this would be difficult to implement there since each pseudo-email can only have one msgid to match to the in-reply-to headers. I donā€™t know about other clients.)

ā¤‹ Read More
In-reply-to » All this hash breakage made me wonder if we should try to introduce ā€œmessage IDsā€ after all. šŸ˜…

@movq@www.uninformativ.de Another idea: just hash the feed url and time, without the message content. And donā€™t twt more than once per second.

Maybe you could even just use the time, and rely on @-mentions to disambiguate. Not sure how that would work out.

Though I kind of like the idea of twts being immutable. At least, itā€™s clear which version of a twt youā€™re replying to (assuming nobody is engineering hash collisions).

ā¤‹ Read More
In-reply-to » On the Subject of Feed Identities; I propose the following:

In fact, maybe your public key idea is compatible with my last point. Just come up with a url scheme that means ā€œthis feedā€™s primary URL is actually a public keyā€, and then feed authors can optionally switch to that.

ā¤‹ Read More
In-reply-to » On the Subject of Feed Identities; I propose the following:

@prologic@twtxt.net Some criticisms and a possible alternative direction:

  1. Key rotation. Iā€™m not a security person, but my understanding is that itā€™s good to be able to give keys an expiry date and replace them with new ones periodically.

  2. It makes maintaining a feed more complicated. Now instead of just needing to put a file on a web server (and scan the logs for user agents) I also need to do this. What brought me to twtxt was its radical simplicity.

Instead, maybe we should think about a way to allow old urls to be rotated out? Like, my metadata could somehow say that X used to be my primary URL, but going forward from date D onward my primary url is Y. (Or, if you really want to use public key cryptography, maybe something similar could be used for key rotation there.)

Itā€™s nice that your scheme would add a way to verify the twts you download, but https is supposed to do that anyway. If you donā€™t trust https to do that (maybe you donā€™t like relying on root CAs?) then maybe your preferred solution should be reflected by your primary feed url. E.g. if you prefer the security offered by IPFS, then maybe an IPNS url would do the trick. The fact that feed locations are URLs gives some flexibility. (But then rotation is still an issue, if I understand ipns right.)

ā¤‹ Read More
In-reply-to » All this hash breakage made me wonder if we should try to introduce ā€œmessage IDsā€ after all. šŸ˜…

@movq@www.uninformativ.de @prologic@twtxt.net Another option would be: when you edit a twt, prefix the new one with (#[old hash]) and some indication that itā€™s an edited version of the original tweet with that hash. E.g. if the hash used to be abcd123, the new version should start ā€œ(#abcd123) (redit)ā€.

What I like about this is that clients that donā€™t know this convention will still stick it in the same thread. And I feel itā€™s in the spirit of the old pre-hash (subject) convention, though thatā€™s before my time.

I guess it may not work when the edited twt itself is a reply, and there are replies to it. Maybe that could be solved by letting twts have more than one (subject) prefix.

But the great thing about the current system is that nobody can spoof message IDs.

I donā€™t think twtxt hashes are long enough to prevent spoofing.

ā¤‹ Read More
In-reply-to » @movq Is there a good way to get jenny to do a one-off fetch of a feed, for when you want to fill in missing parts of a thread? I just added @slashdot to my private follow file just because @prologic keeps responding to the feed :-P and I want to know what he's commenting on even though I don't want to see every new slashdot twt.

@prologic@twtxt.net I guess I thought they were search engines. Anyway, the registry API looks like a decent one for searching for tweets. Could/should yarn.social pods implement the same API?

ā¤‹ Read More
In-reply-to » @bender I'm not a yarnd user, but automatically unfollowing on 404 doesn't seem right. Besides @lyse's example, I could imagine just accidentally renaming my own twtxt file, or forgetting to push it when I point my DNS to a new web server. I'd rather not lose all my yarnd followers in a situation like that (and hopefully they feel the same).

(@anth@a.9srv.netā€™s feed almost never works, but I keep it because they told me they want to fix their server some time.)

ā¤‹ Read More
In-reply-to » @movq Is there a good way to get jenny to do a one-off fetch of a feed, for when you want to fill in missing parts of a thread? I just added @slashdot to my private follow file just because @prologic keeps responding to the feed :-P and I want to know what he's commenting on even though I don't want to see every new slashdot twt.

I guess I can configure neomutt to hide the feeds I donā€™t care about.

ā¤‹ Read More
In-reply-to » @bender I'm not a yarnd user, but automatically unfollowing on 404 doesn't seem right. Besides @lyse's example, I could imagine just accidentally renaming my own twtxt file, or forgetting to push it when I point my DNS to a new web server. I'd rather not lose all my yarnd followers in a situation like that (and hopefully they feel the same).

@bender@twtxt.net Based on my experience so far, as a user, I would be upset if my client dropped someone from my follower list, i.e. stopped fetching their feed, without me asking for that to happen.

ā¤‹ Read More
In-reply-to » I'm wrong! Both 404 and 410, among others, are considered dead feeds: https://git.mills.io/yarnsocial/yarn/src/branch/main/internal/cache.go#L1343 Whatever that actually means.

@bender@twtxt.net Iā€™m not a yarnd user, but automatically unfollowing on 404 doesnā€™t seem right. Besides @lyse@lyse.isobeef.orgā€™s example, I could imagine just accidentally renaming my own twtxt file, or forgetting to push it when I point my DNS to a new web server. Iā€™d rather not lose all my yarnd followers in a situation like that (and hopefully they feel the same).

ā¤‹ Read More