Hackers' Pub is a place for software engineers to share their knowledge and experience with each other. It's also an ActivityPub-enabled social network, so you can follow your favorite hackers in the fediverse and get their latest posts in your feed.
진짜... 깡패 그 이상은 아니네 미국 진주만에 화낸 건 대체 뭐였음? 자기보다 약한 놈이 까불거리니까 열받아서 친 것 말고 아무 명분도 남지 않았다 미국은 힘을 잃는 순간 몰락할 것이다
ねむ…
#FediLUG はじまってます
いいいい
”학창 시절부터 경쟁에서 도태된 이대남은 자신의 실패를 여성, 외국인, 엘리트, 삼팔육 탓으로 돌리고 "다 망했으면, 죽었으면, 소멸됐으면 좋겠다"고 소망할 만큼 반사회적이다. 또 남성 중심적 문화에서 남성성이 약해 무시받는 남자들은 상대적으로 아래에 있다고 인식하는 존재인 여성과 성소수자를 억압하는 데 열중하게 된다.“ 여기에 대해 여러 차례 언급했는데, 커뮤에서 말하는 팔육세대, 혹은 스윗영포티는 왜곡된 오개념입니다. 원래 86세대는 30대, 80학번, 60년대생을 일컫는 90년대 신조어였죠. 이걸 무리하게 확장한겁니다.
TP- Link大概知道這波閃不掉了及早因應 ?
https://share.google/4mJdi9k5xTqvq0su8
저능해지는 기분이라는 표현이 저지능자 비하가 된다는 사실을 알고 계셨습니까 모르셨으면 지금부터 알고 쓰지 않는 편을 추천합니다
Danyl Strype @strypey@socialhub.activitypub.rocks
Disclaimer: I am not a security professional, just a greying Direct Action activist, and this is not security advice. Just some information to add to the mix when you're evaluating your options.
---
There's a reason both the OStatus fediverse and BlueSky started as public-only networks. It's much easier to build software for public discussions than for private messages.
For a start, there's a whole lot less to build, especially when your software is intended to work in a decentralised network. But more importantly, there's a whole galaxy of Trust & Safety and security headaches you don't have to deal with.
Posting to a traditional web forum is widely understood to be making a public statement. It's fine to quote it elsewhere, link to it, index it for search, and so on. A system for private messages between forum members can be as simple as just forwarding to their email address. Which is pretty much the only private data you need to secure.
Your interface needs to make it crystal clear to people when they're posting publicly vs. privately, and your back-end needs to reliably keep the promises it makes. But there's a hard limit to how badly your forum software can accidentally violate people's privacy.
Federating forums are a bit trickier than traditional, centralised ones. But you're only sending public comments - intended to be shared with the world - from one server to another. Unless your email sender starts posting private messages over the federation protocol you're using (which would be a critical bug!), there aren't too many other ways it can go wrong privacy-wise.
If you start hosting private messages on the server itself, suddenly there's a lot of ways it can go sideways. You need to make sure those stored messages are securely stored. You need to make sure the sender and intended recipients can access them, and only them.
You need to balance making them easy to access with a range of browser apps, OS, and devices, with the need to keep them opaque to unintended recipients. Even more so if you start federating private messages with other servers. If you use End-to-End Encryption to do that, it adds a bunch of complicated code to write and maintain, and a whole new range of ways it can all go wrong (see the chronic "Unable to Decrypt" errors that have plagued Matrix 1.0).
In summary, it's great that the fediverse supports some level of quiet interaction. As long as your server admins are trustworthy and competent, posts using the 'Only People Mentioned' are probably private. Probably.
But building a privacy-respecting replacement for something like FarceBook, so people can safely share the most intimate details of their lives with specific people, and only them, is a huge project. It can't be done properly by just bolting stuff onto existing fediverse software.
It can be done, as demonstrated by apps in the Hubzilla branch of the fediverse, although they tend to be hamstrung by confusing interfaces. If people are posting private stuff, the controls need to be even easier to understand than for public posting apps. Projects like Bonfire Social, and the SocialCG's work on MLS encryption so we can encrypt private posts, are big steps in the right direction. But if we want to do it right we need to take our time.
In the meantime, there are folks who need to have reliably private conversations right now. I encourage them to check out some of the decentralised chat options that already support encrypted messaging, using variants of Signal's protocol. With apps for all major OS.
Delta.Chat: private text messaging, media-sharing, group chats, etc, using your email account (encrypted using AutoCrypt).
Snikket: All of the above, plus public groups, and voice/video calling, using an XMPP account (encrypted using OMEMO)
Element: All of the above using the Matrix protocol (encrypted using MegOLM), plus groups and their messages are stored on every participants' server, not just the one it was started on.
결국 도람뿌가 세계 평화를 위협한다는 점에서 조지고 부시기를 능가하는 건 기정사실이 되었고
RE: https://bsky.app/profile/did:plc:oeors5le2tmvqzojsjxxqwro/post/3ls5r2mqjx22o
너거들끼리 메타버스에서 싸우고 지면 대통령본캐 캐삭하는거로 쇼부 봐주라 제발 부탁이다
그런데 이런 생각을 하는 이유가 있다. 여기서부터는 지독한 망상의 영역이며, 이 망상은 내 심적 세계에서 오는 지리멸렬한 공포에서 기원한다.
1. 어쨌든 적성국가로 분류되는 나라의 시설, 그것도 핵시설을 직접 때렸다. 상식적으로 본다면 개전선언이고, 어떤 식으로든 보복이 있음을 예측할 것이다.
2. 그런 이유로 어떤식으로든 미군의 경비태세는 격상될거다. 몇번의 공습이 더 있을지 모른다. 군사작전이라는 이름으로.
3. 그리고 그런 분위기는 미국인들의 무의식에 숨어있던 단어를 끌어 올릴것이다.
"테러."
RE: https://bsky.app/profile/did:plc:de27rm6eyuf5ez6gmvjdmilq/post/3ls5toxedos2i
TP- Link大概知道這波閃不掉了及早因應 ?
https://share.google/4mJdi9k5xTqvq0su8
投票done
Social media platforms, collaborative online tools, and encrypted messaging are all helping to power a massive, decentralized resistance to the #Trump administration 🥷🤺#resist #NoKings #TeslaTakedown #Musk https://www.wired.com/story/technology-tools-donald-trump-resistance/
내 생각이다. 근거는 없다. 그리고 내 생각은 보통 틀릴때가 많았다.
1. 이번 공습에 대한 자화자찬일것이다. 트루스 소셜에 올린 내용을 길게 늘린 라이브일거다.
2. 전쟁이라는 말은 "전쟁의 위협에서 벗어났다." 정도를 설명하기 위해서만 쓰일거다. 이번 공습은 "군사작전"이며 이는 "전쟁이 아니기 때문이다." 전쟁 선포는 어쨌든 의회의 권한이다. 더불어 트럼프 지지자들의 상당수는 전쟁을 원하지 않는다. 그들이 평화주의자이기 때문이 아니라 돈이 들기 때문이다.
RE: https://bsky.app/profile/did:plc:g23eq6mc3wh6nk5kmxbobm6i/post/3ls5sfmcpcs27
이게 무슨 말이냐, 의회의 승인도 없이, 국방장관은 패스하고, 미국 대통령이 하려고 마음 먹는다면 세계 어느곳이든 폭력을 행사할 수 있다는 뜻입니다. 트럼프는 이 일련의 과정을 "협상"이라고 하고요.
그리고 트럼프는 북한과도 "협상"하고 싶어합니다.
RE: https://bsky.app/profile/did:plc:de27rm6eyuf5ez6gmvjdmilq/post/3ls5xrzgvxs2i
대통령제는 독재위험성이 크다는 걸 미국과 우리나라가 번갈아 증명하고잇음
ブロックされた日時から理由も大体察せられたりして興味深い。ああ、あれは「エコーチェンバー」への言及によるものだなとか(?)
fedicat shared the below article:
洪 民憙 (Hong Minhee) @hongminhee@hackers.pub
LogTape 1.0.0 has been released, marking a significant milestone for this zero-dependency logging library designed for the modern JavaScript ecosystem. This release emphasizes API stability and introduces high-performance features such as non-blocking sinks for console, stream, and file logging, along with the `fromAsyncSink()` function for integrating asynchronous logging operations. New sink integrations include packages for AWS CloudWatch Logs and Windows Event Log, enhancing LogTape's versatility. The update also brings a visually appealing console logging experience with the `@logtape/pretty` package, and seamless integration with existing Winston or Pino setups through adapter packages. Key developer experience enhancements include programmatic access to log levels and improved browser compatibility. LogTape 1.0.0 streamlines logging infrastructure with a comprehensive package ecosystem, offering specialized packages for various logging needs. This release provides a stable and mature logging solution, making it easier to manage and optimize logging in JavaScript applications.
Read more →Key serialization formats can be - uh - the source of "interesting" issues. It appears the whole internet technically uses DKIM the wrong way, but it's more or less the fault of the standard.
DKIM uses public keys in DNS, usually RSA, but how are they encoded? There are two common RSA public key formats, SPKI and PKCS#1.
The DKIM spec RFC 6376 says this should be an RSAPublicKey and references RFC 3447, which is PKCS #1. So it's PKCS #1, right?
Well... there's an "INFORMATIVE" part of the RFC that lists openssl commands to encode a key, with an example. And that's... the openssl command to generate SPKI. The example shown is also an SPKI key.
The Internet has voted with its feet and everyone uses SPKI. From previous research, I had a collection of ~35k DKIM keys, and there are zero PKCS#1 keys in there.
This appears to be known and is mentioned in the errata.
It's quite an unfortunate situation. Technically, everyone's doing it wrong. However, if you would happen to be so brave to try to do it right, you'll probably just run into problems. While I haven't tested it, my best guess is that you will almost certianly find some receivers accepting PKCS#1 and others not. (Many crypto library APIs autodetect the format, but given *noone* is using PKCS#1, I'm sure there will be ones only accepting SPKI.)
#TIL about 
@fediversity;
"... a comprehensive effort to bring easy-to-use, hosted cloud services with service portability and personal freedom to everyone. We aim to provide high-quality, secure IT systems for everyday use. Without tracking, without exploitation, in a way that runs everywhere and scales effortlessly.
... based on NixOS, a disruptive Linux distribution with a unique approach to package and configuration management."
カントー地方長らく行ってない
Basically Waxlimbs is the kind of band that you go to exactly one of their shows and you walk out going "well I guess now I'm the kind of person who goes to every Waxlimbs show"
いいいい
Oliver guarding Mom’s travel pack!
#caturday #catsofmastodon #catsofthefediverse
JavaScript broke the web (and called it progress) https://www.jonoalderson.com/conjecture/javascript-broke-the-web-and-called-it-progress/
The Hamburger-Menu Icon Today: Is it Recognizable? https://www.nngroup.com/articles/hamburger-menu-icon-recognizability/
HTML spec change: escaping and in attributes | Blog | Chrome for Developers https://developer.chrome.com/blog/escape-attributes
It’s not too late for European Accessibility Act activities | Bogdan on Digital Accessibility (A11y) https://cerovac.com/a11y/2025/05/its-not-too-late-for-european-accessibility-act-activities/
A new way to style gaps in CSS | Blog | Chrome for Developers https://developer.chrome.com/blog/gap-decorations
The Role of Captions and Transcripts in Accessibility - AFixt https://afixt.com/the-role-of-captions-and-transcripts-in-accessibility/
By the way, the US striking Iran’s nuclear facilities and infrastructure gives Russia the green light to strike Ukraine’s nuclear facilities & infrastructure. This is another reason it’s forbidden under international law. Trump is escalating danger everywhere.
미국 연방하원의원 알렉산드리아 오카시오코르테스(AOC; 뉴욕 제14구; 민주당), 도널드 트럼프의 이란 폭격 지시에 대해 트럼프 탄핵 소추 제안
RE: https://bsky.app/profile/did:plc:xlqcxpk53spbhlypj6wmvvke/post/3ls5z5qm73k2j
bgl gwyng shared the below article:
洪 民憙 (Hong Minhee) @hongminhee@hackers.pub
LogTape 1.0.0 has been released, marking a significant milestone for this zero-dependency logging library designed for the modern JavaScript ecosystem. This release emphasizes API stability and introduces high-performance features such as non-blocking sinks for console, stream, and file logging, along with the `fromAsyncSink()` function for integrating asynchronous logging operations. New sink integrations include packages for AWS CloudWatch Logs and Windows Event Log, enhancing LogTape's versatility. The update also brings a visually appealing console logging experience with the `@logtape/pretty` package, and seamless integration with existing Winston or Pino setups through adapter packages. Key developer experience enhancements include programmatic access to log levels and improved browser compatibility. LogTape 1.0.0 streamlines logging infrastructure with a comprehensive package ecosystem, offering specialized packages for various logging needs. This release provides a stable and mature logging solution, making it easier to manage and optimize logging in JavaScript applications.
Read more →求めてないアプリインストールされた。
Xiaomi怖い。
What ever happened to Vidzy?
I remember 2003. My English teacher had us all make personal book binders for our journals. Mine was covered in anti war decals criticizing Bush. I got called in to the office and lectured by my principal about how Sadam was a terrorist and told I was a terrorist sympathizer and got detention.
"Clearsky"でなく"ClearSky"だったわ
ClearSkyは`block`レコードや`listitem`レコードのURIを教えてくれないから、APIの返答の妥当性を検証しようと思うと困る気がしたけど、そもそもClearskyを使わずともconstellationで十分だということに気づくなどした
討論最近台灣發生的共諜事件,覺得孫子兵法很厲害,從以前就知道要「用間」
可惜我只要嘴巴很賤 QQ
@技術・雑談 
しゅいろ
MJ+
Chris Siebenmann
tenjuu99(天重誠二)
ゼケ(ベ)
