Show newer

Question to everyone using GnuPG: which keyserver do you use?

The most used options now are, apparently, keys[dot]openpgp[dot]org or SKS Keyservers Pool. The former has a problem of being a single failure point, the latter may suffer from certificate spamming.

Do you use any one of this or perhaps a different one (MIT? Ubuntu?). Do you even use one? How do you publish/refresh the keys?

A problem that I have with self-hosting Git — lack of federation.

I can host a Mastodon instance and my posts would be seen elsewhere on the global timeline. But host a Git server — and now you're cut away from the rest of the world. People need to create accounts to contribute, the project will not hard to discover. Even I, a relatively tech-savvy person, hate it, when the development is concentrated on some in-house server — that's why I could never imagine contributing to, say, GNU projects.

Show thread

When GitHub was acquired by Microsoft, people started to look for a freer alternative. Self-hosting is usually the best choice, but those who can't afford it switched mostly to Sourcehut or Codeberg.

But why was GitLab never really mentioned? It's open-source, has a plethora of great features, is independent, can mirror to GitHub, has an incredible CI/CD infrastructure... I personally find it way better. Is there something I don't know or understand?

Follow up: You don't need to feel guilty for choosing proprietary software.

If you prefer to use Spotify over local music because it better fits your listening style, go for it!

Should you look for more secure and privacy-respecting alternatives? Sure. But you don't need to develop a cognitive dissonance when it comes to what your preferences for software are.

Do what you're comfortable with, keep an open mind, and try things whenever you feel like something new.

Show thread

You're not a bad person for liking things that are proprietary. You are not immoral for enjoying things that were made behind closed doors. You are not less of a person for having the desire for XYZ product from a premium company, regardless of whether they contribute to open source or not.

I’ve already been sifting through some stuff in March and April this year, and I was able to reduce my entry count from 400+ to “just” 350! It’s insane how many useless accounts one might have. GDPR is certainly a saviour here — even if you don’t live in Europe, many sites are obliged to implement the corresponding mechanisms for those who do!

Show thread

My checklist includes, but is not limited to:

• do I still need this account?
• does it have a long enough (yet not too long) password with various symbols?
• does the provider support 2FA and if yes, is it enabled?
• does the account use my own (not Google’s) email?
• does the account (for some reason) store too much data on me
• are all the URLs up-to-date?

Show thread

Many recommend doing a spring cleaning of one’s passwords: make sure they’re not leaked, secure enough, and still relevant.

While generally being a good advice, it might be overwhelming for people like me with 300+ passwords in their vault.

That’s why, starting today, every day is a spring cleaning for me. Set a timer for 10–20 minutes and monitor as many accounts as you can!

Today’s “invention”: a Handler for Python’s `logging` that logs to either stdout or stderr based on the log record’s level

Pretty sure there already exists a solution, but I couldn’t find any 🤷‍♂️

Why aren't there any open-source antiviruses? There is ClamAV, which is barely used, and isn't that good to begin with.

Is it because the attackers can easily bypass the security of the code is in the open? Or is it because the market is already oversaturated?

Is there even a reason to try and make an open-source antivirus, that can compete with big players like Avira, Kaspersky, and others?

Took me 5 hours or something 🙄

So long actually, that a newer version came out while I was downloading the older one 😂

Show thread

Mozilla's servers ain't doing great today... :blobcatdizzy:

This is me trying to update my Firefox Dev Edition

My final strategy: use SumatraPDF or XpdfReader for everyday PDF files, use Foxit for XFA support and more functionality

All the programs are magnitudes better than Adobe Reader 🤣

Show thread

Alright, I have done some testing and here's my verdict:

— Sumatra (@sotolf, @iooioio) — really snappy — love it!
— Foxit (@sotolf, @kev) — not open-source, but free and the only one that supports XFA
— muPDF (@yyp) — dead simple (maybe too simple 😅) and doesn't work as good on big PDFs as Sumatra does
— XpdfReader — similar to Sumatra: really snappy and with cleaner (albeit uglier) interface
— Okular (@yyf) — couldn't install since it's only available in MS Store :(

Show thread

Any recommendations for a PDF viewer for Windows? Preferably open-source, of course, but to be honest with you I'm ready to use anything that isn't Adobe Reader 🤮

The final result is:

* R = 25%
* G = 40%
* B = 36%

As expected (and described in the thread), the gamut is pretty low (ie. not an immense possibility of colours, due to fact that masto polls options sum is 100)

0..100 to 0..255 (in gimp) give:

* R = 63.8 (64)
* G = 102
* B = 91.8 (92)

HTML: #40665C

It's a soft, dark, bluish green!

It's complimentary color is #66404A (102,64,74)

Its triadic scheme:
#5C4066 (92,64,102) and #665C40 (102,92,64)

We could call it "Fédi-vert"?

Show thread

So, in January I started using a YubiKey for my PGP needs. I made a new PGP key for it and signed it with my old one (to show that I "acknowledge" my new key)

On April 2nd my old key expired. I didn't care as I don't use it any more. However, Thunderbird didn't allow me to send an email, because my new key was signed with an expired key. So, I had to prolong it before doing so.

Is it a Thunderbird bug or a PGP feature? What is the correct way of dealing with expired keys' signatures?

Rebooting the computer (or even, turning IPv6 on and off) seems to solve the issue every time...

Show thread

Although I can now see, that even IPv6 DNS servers are not accessible. Seems like something is wrong in the whole infrastructure...

Show thread
Show older

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.