@movq@www.uninformativ.de I’m more worried about Dustin Curtis’s take on Thoughts on Thinking piece 🤔 It’s a worrying time we’re facing, where all human creativity, critical thinking and having to “think” at all just goes out the window 🪟 wow 🤯

@kat@yarn.girlonthemoon.xyz I kind of need some more details if you can. Logs, observations anything! Please 🙏

@movq@www.uninformativ.de I mean are you surprised? 😮

@kat@yarn.girlonthemoon.xyz Watching your vlog right now 😅

@kat@yarn.girlonthemoon.xyz Hmmmm? 🤔

@kat@yarn.girlonthemoon.xyz I just got a bit bored 🥱

@kat@yarn.girlonthemoon.xyz Haha I did that for a couple of days last week 🤣 What was I doing you ask?! 😅 Studying and learning how Artificial Neural Networks with Evolutionary Adaptation work 🤣

@aelaraji@aelaraji.com Cool! 😎 Mind joining the same IRC space? 🙏

Honestly for these types of services, there probably isn’t much point, as the layer4 module in Caddy doesn’t do inspection/filtering anyway I think? 🤔

@bender@twtxt.net It’s still a straight-through to the Eris backend that itself uses a Let’s Encrypt cert now. Haven’t tried to also terminate TLS at the Edge yet.

@aelaraji@aelaraji.com Seems to be fine 🙌

@bender@twtxt.net basically because we don’t readily use or support range hunters when requesting feeds it’s ideal to keep feed small for the time being at least until we think about writing up a formal specification for this, but it’s also only for Http hosted feeds

@lyse@lyse.isobeef.org Very pretry and so sharp! 👌

@movq@www.uninformativ.de You reckon that’s a real possibility? 🤔

@kat@yarn.girlonthemoon.xyz It would right 😅

@bender@twtxt.net 5, 4, 3, 2, 1 🤣

@bender@twtxt.net I normally don’t myself either, but that saide, I think that’s kind of @movq@www.uninformativ.de’s point right? This new unauthenticated rate limit is absurd! 😱 You may as well just fucking 403 Forbidden and be done with it 🤣

@bender@twtxt.net Basically the way I’m reading this is 1 RPM. This is a rather aggressive rate limit actually. This basically makes Github inaccessible and useless for basically anything unless you’re logged in. You can basically kiss “pursuing” casually, anonymously goodbye.

Imagine if I imposed that kind of rate limit on twtxt.net?! 🤣

@movq@www.uninformativ.de Also the so-called “deadline” isn’t set it stone. We’re all busy people with day jobs and lives, so we may have to move it anyway 😅

This ☝️

@xuu@txt.sour.is Good point! What did you have in mind? 🙏

@lyse@lyse.isobeef.org No not yet!

@bender@twtxt.net Good , glad you agree 👍

I’m also thinking of adding eye-off icon next to every Twt that, when clicked, hides that feed (tooltip: “Hide this feed”). This would work with the filters as a “temporary additive filter” to restrict/control the current view.

I’m thinking of bringing back filters (this time not as a feature flag, just baked in): New filters: Hide Feed, Hide Bots, Hide News, Media Only, No Replies, Local Only — toggle to trim noise & surface the Twts you care about.

@javivf@adn.org.es Sorry. 😂 Meet me on IRC at irc.mills.io in #edgeguard 👌 I’m @james@yarn.mills.io there 😅

@bender@twtxt.net Haha fine 🤣

@javivf@adn.org.es Hit me up on IRC or something and we’ll get started 👌

Farrrk me Google search is and these days. Will they please “fuck off” with this Gemini AI garbage at the top that takes forever and is distracting as shit™ 💩 Fark me 🤦‍♂️ #Google #Search #Sucks #AI #Gemini

@movq@www.uninformativ.de Yeah I actually use sift a lot these days for most “searching” – at least code and text searching. For finding files by name I still use find | grep.

@kat@yarn.girlonthemoon.xyz It’s also perfectly safe to nuke your cache as well. i.e: rm data/cache* and it’s all good, things will just get rebuilt 👌

@kat@yarn.girlonthemoon.xyz I totally recommend zs 🤣 It powers all my sites! 😅 https://twtxt.dev https://yarn.socia/ https://prologic.dev etc 😎

@kat@yarn.girlonthemoon.xyz Hmmm Please if this happens again, help me reproduce it. Any clues in the logs? Hmm? 🧐 My own pod has been running flawlessly for weeks now 😅

@movq@www.uninformativ.de Same here, you do get used to things over time and build a sort-of “muscle memory”. But you’re right, maybe they have terrible interfaces and usage options? 🤔

@bender@twtxt.net I like to self-host 🤣

@bender@twtxt.net Yeah I know 😢 Don’t have Disney+, hell I don’t have many streaming services at all really 🤣

Hmmm Star Wars Andor I think it was 🤔

@bender@twtxt.net Ahh I see. That reminds me, I was going to start watching something someone recommended here hmmm 🧐

@bender@twtxt.net Huh? 🤔

Anyone want to help me alpha/beta test the new WAF I’m building? It’s a Caddy module. 🤔

@kat@yarn.girlonthemoon.xyz Ahh but you’re like one of a very few that actually own domains and do interesting things 😅

@bender@twtxt.net How do you explain mine then? Unless it was registered before me, then let go of and I re-registered it later? 🤔

@bender@twtxt.net I’m not sure this is accurate, if you lookup mine:

$ whois shortcircuit.net.au 2>&1 | grep -i creat
created:      1986-03-05

I think this has to be the registrar’s creation date no? 🤔

Yeah I can’t figure out when I registered shortcircuit.net.au 😭

According to a very old email one of my more personal family domains was registered in 2013 making it 12 years old, so I was closed 🤣 my public facing one is much much older 🤣

@anth@a.9srv.net I actually don’t have a clue how old my public-facing domain is 🤣 I have another more personal one that’s probably around ~15 years, but I’m not even sure how to check tbh 😅

@lyse@lyse.isobeef.org I agree with this sentiment 🙌

And yes I’m taking some inspiration from Anubis here 😅

One thing about my design here is that it would no longer incorporate “regex”-based rules like OWASP, mostly because my experience thus far has taught me that these rules are kind of overly sensitive, produce false positives and I’m not sure they are really very effective. For example, why is the point of performing SQL injection detection at the Edge using a WAF if you already handle SQL properly in the first place? (seriously does anyone still construct SQL queries by hand with effectively printf?!)

Also spent the morning continuing to think about a new design for EdgeGuard’s WAF. I’m basically going to build an entirely new pluggable WAF that will be designed to only consider Rate Limiting, IP/ASN-based filtering, JavaScript challenge handling, Basic behavioral analysis and Anomaly detection.

The only part of this design I’m not 100% sure about is the Javascript-based challenge handling? 🤔 I’m also considering making this into a “proof of work” requirement too, but I also don’t want to falsely block folks that a) turn Javascript™ off or b) Use a browser like links, elinks or lynx for example.

Hmmm 🧐