Is this some sort of public tracker issue I’m too private trackers and Usenet only to understand?

Funny, I’ve also already read that 😄 Good blog and article.

What blog?

Ha, thanks, I’d already read that. And I do, mostly, agree; the OMEMO implementation is not great both from the security perspective discussed in the post, as well as the UX (not being able to decrypt old messages on new devices at all).

That being said, I primarily want a selfhosted, federated messenger which also takes privacy and security seriously, and at least for the former, XMPP is really refreshingly good.

Ugh. I’ve always liked Matrix (and was not bothered too much by the metadata leaks because my home server was not federated anyways), but after noticing some issues and finally reading up on the actual protocol spec a couple of weeks ago… oof. Yeah. No.

Set up XMPP for now. Works really well and the protocol seems so much saner. Unfortunately, it too has some annoyances that are unacceptable to me in the long term. I’m this close to saying “fuck it” and wasting the next couple of years of my life on a new protocol that no one is gonna use. (Cue the XKCD here.)

I mean, how can we feel superior if we are not wasting huge amounts of time setting things up!?

Why, by boasting that it’s so easy, just look at that, it is only two options you need to set thanks to the 80 custom modules I’ve written to abstract the abstractions from nixpkgs!

I WISH I could put an /s here, but I cannot.

Ehm… I’m also on Nixos and I’d say it’s super trivial.

services.openssh = {
  enable = true;
  settings = {
    PasswordAuthentication = false;
    PermitRootLogin = "no";
  };
};

users.users.<name>.openssh.authorizedKeys.keys = [ list of pubkeys ideally read from file in repo ];

Eh, the machine is actually in one of my wireguard nets anyways, but for different purposes.

The nice thing about SSH key-based access is, I either have the key and login succeeds, or I have no business trying to log in.

That’s why my remote root server bans via fail2ban after a single failed login.

Yes I’ve had to write support to get a KVM. Yes it’s still configured like this.

Audiobookbay

Past me had a dick

Sorry, couldn’t resist.

deleted by creator

Or TUI.

Nice, I was able to send an email to that.

You do have a point. TBH I only now realized that the video was posted from Doctorow’s personal account, and without a link to the “original”, which yeah, kinda weird.

The talk itself is still worth it (had the fortune of sitting in the audience), but probably a good idea to use the media.ccc.de link.

Originally/additionally hosted on media.ccc.de

Don’t forget the almighty:

journalctl -fu <servicename>

And yes, I am always reading that as “fuck you, service”.

Company went “here’s your budget for ordering a laptop. Put on it whatever you want”, and so there’s NixOS running on it :)

(To be fair though: small-ish, tech focused company)

Came here for this

You had me cracking up at

parses HTML with regex