Skip to main content



The fact that AI people say "AI is here to stay" before any other point tells me a lot

we're AI Gonna Make It



Question - is the rise of people listening to music aloud related to the headphone jack dying?

It's a common and likely hypothesis, yes.

Although I feel like these days I'm more likely to run into people taking video calls on speakerphone in public than blasting their music.

I want the parallel universe where phones kept the headphone jack and it was the cameras getting pushed out into dongles/BT.

@⛅ w chance of bears the alternate universe where electronics die to light exposure


Played the second mystery of the game Suspects, and the writing was so abyssmal I quit. It was so bad I looked at the author in order to scream, and it's literally the fucks who sued the internet archive. I'm livid.
@silverwizard Thanks for the pointer, and ugh at the whole ordeal.

@Hypolite Petovan I didn't want to link originally since no advertising.

But yeah - I also just want to be clear - the game is one of the most awful I've ever played. It was hell.



HomeAssistant is too much power for a dad to have. Every day before I go downstairs to work - I toggle all the kids lights off and grumble about them not turning off the lights.
@silverwizard French has an expression for this: “It’s not Versailles here!” after the eponymous Renaissance castle counting 2,300 rooms.
Automate the grumbling too

silverwizard reshared this.



So my project planning document at work is a wiki page called "Looming Disasters". It's just stuff that might explode.

I just had to add a slack thread to one of these disasters as illustration. >.<



The problem with being a sysadmin and a dad is I accidentally say to my 5yo "All minutes are 60 seconds except for the 61 second minutes"

reshared this


@silverwizard I always assumed you couldn't have a numeric TLD for [em]exactly this reason[/em].

I'm sure it'll break some obscure piece of software somewhere.

@silverwizard I see my prediction held true (though it's not exactly obscure).


nmap will accept it, dig will accept it, firefox refuses to open 192.168.90.256, even if I straight up type: https://192.168.90.256/

@silverwizard I thought they were an ad tech company.

...same thing these days, though.

Next, do a non-contiguous netmask.
@David Schuetz hmmmm, how do you represent that, you could probably do it wth redirect rules or clever folder structure

I think it'd be like 255.255.255.3? So the nets are (say) 192.168.1.0, 1.1, 1.2, and 1.3, and the hosts are ... jesus, this is why nobody's tried this.

Bitwise, it'd be: xxx00, xxx01, xxx10, xxx11

0 net: .4, .8, .12, .16, .20…
1 net: .5, .9..yeah, that makes sense.
2 net: .6, .10…
3 net: .7, .11, .15, .19, .23…

and so on.

This was asked in a meeting with NeXT engineers while I was a contractor at a government agency in the early 90’s. I think their answer was... "We support it...maybe? Why would you want to?”

I've always wanted to try, just for the hell of it, but I suspect 99% of networking gear would break.

@David Schuetz I have managed to be mostly self taught, and get into the game after CIDR notation, so I completely never learned actual subnet masks, so I don't fully understand the issue you're even seeing.

It used to be (I guess this was before CIDR became popular) that netmasks were expressed as literal bitmasks. So a /24 would actually be written as "192.168.1.0, netmask 255.255.255.0” where the "24" represents the leading 24 bits representing the network (192.168.1).

So a /28 would be..255.255.255.240 (11110000).

But it was always a consecutive string of “1” bits, and the hosts were the remaining block of lower-most "0" bits. Usually 8, for a /24, but often smaller (for, say, a small block of public IPs your ISP gives you). I remember the net my office desktop was on in school that was 255.255.254.0 (or /23). That network used 9 bits for 512 hosts. (ish - router and broadcast addresses are still needed out of that 512).

A non-contiguous netmask would mean that consecutive final octets would be on consecutively different networks.

255.255.255.3 would be all 1s, then 00000011, so the NET portion is .0, .1, .2, and .3. So hosts .4, .5, .6, .7, .8, .9, .10, .11, .12... would be on networks 0, 1, 2, 3, 0, 1, 2, 3, 0….

Like I said, I doubt much of anything would support it now. Even when we wrote netmasks as bitmasks, it's likely most gear would've just failed using this approach.

It really is a cursed idea. :)

This wiki page may help, too. Once you see it, it's ... logical? (I won't say "easy”). https://en.wikipedia.org/wiki/Subnet

@David Schuetz Oh, I see, a subnet mask bitmap with non-contiguous 1s - that makes sense.Gross.

So something like 192.168.90.256/192.255.148.45, not just a wall of 1s.

(I know enough to set subnet masks on weird ancient gear ;), but I almost always am setting 255.255.255.0 and 255.255.255.255 because /24s rule everything around me. But yeah - reasonable)

I just don't know if I have any gear that would parse subnet masks like that enough to confuse it.

@Jonathan Lamothe @David Schuetz my RPG friends claimed it was less cursed than DoublePlusUnzip (github link since my gitea is apparently being non-responsive)

@Jonathan Lamothe @David Schuetz Are you aware of the RFC 864 Compliant Dungeons and Dragons Character Generator I worked on?

@Dave worked on a bunch of it and I need to replace his work (not because I don't like it -but because I want to do the actual work not just crib his, the goal was to learn socket code).



As much as I love writing on it, my reMarkable2 (which has already been annoying me with its response to being caught out in the rain a couple years ago, two laptops and another tablet in the same backpack shrugged it off with no trouble but the rM2 now gets days on a full battery charge instead of months) has a jammed power button and no other way to wake it from sleep, so it's time to retire it.

Samsung makes tablets with the same stylus technology so I picked up one of those, and it's... adequate. At least it's half the price and should be durable enough to handle living in a backpack and not just sitting on a desk and never going anywhere (and if this one dies, for the same price as a rM2 I can get a ruggedized one with a bigger screen)

The device I really want is the guts of the new color reMarkable in an enclosure that's actually as durable as a reasonable person would expect from a consumer electronics device at that price point, but capitalism says nobody will buy that, so I can't buy it.



In light of our praise of the Internet Archive - can we make sure to use Indigo as an example of another org that did the right thing after a databreach?

Took everything down, fixed it, and improved the process.

I'm not caping for Indigo. I just know people who still haven't forgiven them, and this is the attitude we need to be encouraging, and putting into people's minds as a good thing.

Staying up during a breach investigation should be seen like running with a broken leg.


The kids helped, they definitely got distracted, but they helped!

They, most importantly, got to see inside a computer and were allowed to touch all the pieces.

My kids have been able to use their computers for lots of little things

And to be clear:
the 5yo is playing Mario and a few other small games, mostly micro-indie games
the 3yo is listening to audiobooks and lullabies using a device he's built.

This isn't full hacking - this is still kids.

I'm looking at sourcing some classic lego motors to see if I can use these as the brains of a lego robot.



70% of the email I get is Zscaler outage and maintenance notifications

How do people handle this software?!

as a Service! 🥁
I will show myself out.


I am looking for a computer, that can be thrown in a backpack, and has a battery. Ideally no screen or keyboard inbuilt.
depending on what you're doing, the other hackish suggestion I have is to hit up Build-a-Bear for those record-a-message modules they sell for their stuffies

@Michael Brown lol - that's also a pretty good option.

My goal is to make an ebook reader that will start playing when a CF card is inserted. And then bulk buy 128MB cards and put books on them.



When creating a clock display - never forget the sleep in your code >.<


Why does the SecTor app contain several trackers?! I mean - I'm not installing it because of this, and that's a pain in the ass?

Shouldn't we, as security people, be able to notice this shit and be better than it?

points at the number of security folks who went to in-person cons without even the most rudimentary PPE during covid upswings

@Dave "Wear A Goddamn Mask" Cochran :donor: One day the risk management discipline will manage risk

Uuuug, I'm already so concerned about SecTor, vaxing, nitrite nasal spray, and an N95 mask, baaaaah



/usr.slice/user-1000.slice/session-38.scope is not a snap cgroup

Ya know what Ubuntu, I actually don't care.

Just... make my shit work. If you want to make linux a hellscape - at least... function.



I'm thinking @mwl has a whole untapped market... :flan_think:
A picture of a baby holding a book with the original title of "CSS for Babies", except it has been 'shopped to read "ZFS for Babies".  While cute, the kid looks a little shell-shocked.

reshared this

He must be a Windows user.

@sirwumpus
He's far too young to have chosen a preferred OS.

Give him ten years, and he'll experiment with Inferno just because he think it'll piss off Dad.

@Michael W Lucas¹ :flan_mail: @SirWumpus His grandpa's university friend wrote Inferno, so uh... he has the access

My dad wrote Coherent, so I rebelled against my OS dev dad by becoming a sysadmin, so I hope he makes better decisions than me

Or he'll try to install SystemD on Dad's BSD work station.


For @Becky 's birthday, our 5yo wanted to make a custom PvZ mod where everything is rainbows.

So our first attempt all the work we did got eaten because the game didn't like the files. So we redid it, and then had to test.

And my son is being a proper game dev, having all his work ruined and needing to fix it

Ben Zanin reshared this.

@silverwizard it was such a thoughtful gift!! I love rainbows!


Trying to put my 5yo to bed and he said "Does the solar system that Arda is in have a planet called Middle Mars?"
@thanos cosmatos Don't worry - we got there. He's being read The Hobbit and he needs pretty deep backstory to stop his intrusive thoughts - but Tolkien has my back.


The greedflation crisis is so bad, getting the fanciest cheese I can at the specialty cheese store is *cheaper* than buying brie at the grocery store


I wonder if Tim Pool will have to give back his Russian propaganda funded skatepark

This is a sentence I just idly thought, this is a glimpse into madness



I made Pumpkin Spice Chocolate Chip cookies with my 3yo - and that was a mistake. Now I just want to eat those all day.


Thinking about Bandcamp and incentives.

So I just bought music from https://derinaharveyband.bandcamp.com/album/waves-of-home and you should too. You should buy it all and leave a tip. But, let's talk incentives.

So I want to buy Derina's music, because (he way she sings makes me want to scream, weep, join the chorus, and somehow fly. And if she releases a new anything, I want to know one second after, if not early enough I can preorder.

But I don't buy a lot of music, I have extensive ear damage and most music falls flat for me. So I don't care about much other music.

Derina Harvey Band doesn't care what music I buy, as long as I buy theirs (they are probably good people and hope I support their community though, back there in a second).

So Derina Harvey Band and I have a relationship (I want to give them money), but they want to make more, so they use Bandcamp for discoverability. I found their bandcamp before I found their website! So bandcamp is good! It fascilitated a relationship, and I get to hear about the sea.

But now Bandcamp wants to spam me about not-Derina-Harvey, they want me to learn about Nathan Evans or whoever, bands I really don't want to engage with, since I might buy their music. And this has lead me to turn off all communications from Bandcamp. This means I miss when bands I like release music.

So, because there's a broker (platform) who is going to meditate my relationship with Derina Harvey Band, I am going to lose out. Bandcamp turned a new fan into a new customer, but made it harder for a customer to stay a customer.

And, I want to be clear here, there was not even regular Enshittifiation. It's bandcamp Friday, I sent the band slightly over full price for all their albums and they're probably getting, as cash, the full price of all their albums, the platform took nothing. But they band also doesn't have a POSSE style setup, I need to use a platform to learn about tours and releases, and I don't.

I dunno, this is just a tragic story, there's no lesson we don't all know, and there's no solution that isn't to tell a band to manage their own mailing list. The obvious solution is to create a platform that isn't evil, but even then, I don't think that's possible because of all this.

Abolish capitalism so I can revel in a shanty about how capitalism ruins sailing.

Bandcamp won't let you, but one "Paweł Grzybek" has set this service up based on another. It's limited to 100,000 daily requests, so he requests people don't hammer it too much.

https://pawelgrzybek.com/generate-rss-feed-for-bandcamp-artists-using-deno-deploy

I guess that means you can't get notified the very second another album comes out, but I bet once per day wouldn't strain Paweł's limits too much.



Phlogging the paper tape

If you don't know, my SSG supports RSS, Web, and Gopher, all on obscuritus.ca


@silverwizard I'm even more confused now, UBI = Universal Basic Income?

@Hypolite Petovan yeah

The point is that if we gave people access to money they would be more able to make software and maintain it




Zscaler has a hard dependency on systemd on linux

This causes so many issues, any minor change in modules and defaults causes my user's computers to lock up and completely lose internet. A basic local vpn (which is all zscaler is) is trivial to implement without systemd.

By depending on systemd, they are making my life worse as an admin, for no gain.

I don't get the systemd cult.

it's running as a service or daemon right? So you need a system that controls your daemons....

Like a firewall, or any other service.

How's the tunnel know when to come up if something doesn't tell it?

@furicle what? What do you mean?! it's just a tunnel. Use a sensible init system


New funding model for Open Source just dropped.

InfoSec starts screaming about a 9.9 CVSS and then the open source maintainer sells the vuln on the dark web.

@silverwizard [Captain America] I understood that reference!
@Hypolite Petovan Sean Howard: my personality is posting things for no one


Does anyone have any experience with syncing a #bandcamp library to a location. I just want to make sure my purchases and my jellyfin library match and automatically download items if they aren't.
that's the one! I only used it a couple of times, but I was impressed both times.



The best IMDB pages are these kinds
https://www.imdb.com/name/nm0870439/

Just a jobber who has acted in shows I'd love, it's like a To Watch List and a Resume

@Hypolite Petovan it's a term I mostly know in wrestling, someone who does a lot of work but is never the star



remember, it's not Surfing the Web

You cerf the net

You berners-lee the web

neb 🇳🇴 reshared this.



So the Hamburgler used to steal burgers, mostly for redistribution, but after years realized he needed to make systemic change. This is why he disappeared, he attempted to unionize several McDonalds.

McDonalds Corporation cannot stand a Robblerouser.


Ran into family friends from childhood while out last night, and all they could talk about is that my dad had a heart attack a few months ago.

My family is downplaying it so much, and it was the first time I got to talk to someone who took it seriously (except my wife), and it was nice.

@Jonathan Lamothe oh, I don't know if I've mentioned it that much online. And you're mostly an online friend these days. He's doing better, just one of those things.
@silverwizard Glad to hear he's doing better at any rate.


My friend is watching Past Tense (the DS9 episode about the Bell Riots), and is like "Sisko is in the present. It is all normal"


I moved my work laptop from Devuan to Debian because Zscaler doesn't know you can launch an program without systemd, but somehow Thunderbird on Debian is eye searingly, upsettingly, bad.

All the other Thunderbirds I've seen are great, but Debian is doing something that I can't turn off.



I am reading my kid The Hobbit at bedtime, and this feels like the most authentic and fun way to read it
@Mason Loring Bliss this is making me realize I can use this as an excuse to start The Dark is Rising, a series I never read as a kid
@silverwizard Oh, absolutely. There's no better excuse in the world. Reading about it, it reminds me of a similar-sounding story I read when I was young, but I can't remember the name now. I'll have to dig around. Something that might help me find it was that it existed as of somewhere between 1980 and 1984.
https://en.wikipedia.org/wiki/The_Dark_Is_Rising



I have a friend who is being harassed and threatened semi-anonymously via Facebook. She knows *who* it is, but Facebook and Police are characteristically being uselss.

I am kinda useless at this side of deanonymization, but does anyone have advice or resources for deanonymizing enough to get cops to move?

#infosec #batsignal

if you can host a file on a site where you can look at the access logs and then post a link to that file, you might be able to bait them into downloading the file which could give you their IP address in the access logs. A whois search for the IP address.could get you their ISP and geolocation information on the IP could get you the general area.

That's a lot of "ifs" and "coulds", though.

here is a Forbes article (that also points to more sources) on how to do it. Beware that it isn't a quick fix, but it can work if they are persistent (and it require some legal action, which isn't always affordable). https://www.forbes.com/sites/kashmirhill/2012/09/28/how-to-bait-and-catch-the-anonymous-person-harassing-you-on-the-internet/
the method in the Forbes article uses a blog and site statistics apps to gather the IP information. Same principal.

from there, if the police still won't do something, it turns to filing court orders to get information from the IP holders about who had the IP at the time of access and harassment.

Good luck.

This entry was edited (2 months ago)