What is Hackers' Pub?

Hackers' Pub is a place for software engineers to share their knowledge and experience with each other. It's also an ActivityPub-enabled social network, so you can follow your favorite hackers in the fediverse and get their latest posts in your feed.

Échec complet de la manif d'extrême droite organisée à Bruxelles, en face du Consulat général de France, appelant à la "Justice pour Quentin* et dénonçant les "antifas assassins". Moins de 20 personnes. Durée 8 minutes.

0
3
0
0
23
1
0

Before creating and publishing FEDERATION.md for I wanted to understand what existing practice looked like across the Fediverse.

FEP-67ff describes the requirements of the FEDERATION.md file in loose terms and provides a non-normative template. I scraped the URLs of FEDERATION.md files from FEP-67ff itself and confirmed I could fetch them. The FEP listed 30 accessible projects (31 total, but one project—FIRM—does not appear to exist).

If a file had a section with the heading "Supported FEPs" per the non-normative template, I only looked there for supported FEPs. Otherwise I scanned the entire document.

Implemented FEPs, ranked by the number of implementations that attest support, are:

FEP   Name                                                        #
----  ---------------------------------------------------------  --
67ff  FEDERATION.md                                              18
f1d5  NodeInfo in Fediverse Software                             16
8b32  Object Integrity Proofs                                     7
044f  Consent-respecting quote posts                              7
2677  Identifying the Application Actor                           7
e232  Object Links                                                6
1b12  Group federation                                            6
3b86  Activity Intents                                            6
521a  Representing actor's public keys                            5
2c59  Discovery of a Webfinger address from an ActivityPub actor  5
7888  Demystifying the context property                           5
5feb  Search indexing consent for actors                          5
4adb  Dereferencing identifiers with webfinger                    4
d556  Server-Level Actor Discovery Using WebFinger                4
fb2a  Actor metadata                                              4
ef61  Portable Objects                                            4
8fcf  Followers collection synchronization across servers         4
844e  Capability discovery                                        4
7628  Move actor                                                  3
61cf  The OpenWebAuth Protocol                                    3
c390  Identity Proofs                                             3
400e  Publicly-appendable ActivityPub collections                 3
c0e0  Emoji reactions                                             3
0151  NodeInfo in Fediverse Software (2025 edition)               3
fffd  Proxy Objects                                               2
f228  Backfilling conversations                                   2
fe34  Origin-based security model                                 2
eb48  Hashtags                                                    2
171b  Conversation Containers                                     2
a5c5  Web Syndication Methods                                     2

There are obvious flaws in the methodology. Or maybe in the data. Only 18 out of the 30 projects I could access had a FEDERATION.md that attested FEDERATION.md support. Only 19 mentioned "FEDERATION.md". Only 21 mentioned "67ff". The remaining projects clearly did support FEP-67ff—the file itself was evidence. (FEDERATION.md is not meant to be machine readable—there's an issue about that).

It was more difficult to rank implemented federation protocols. I extracted keywords from documents with a  "Supported federation protocols and standards" section and created a dictionary of terms. If a file had a section with the heading "Supported federation protocols and standards", I only looked there. Otherwise I scanned the entire document.

Feature            #
----------------  --
activitypub       26
webfinger         24
http_signatures   21
nodeinfo          19
json_ld            2
ld_signatures      2
ostatus            2
authorized_fetch   1
atproto            1

If time allows, I'm going to try to rank these documents by "utility", though I haven't yet determined the exact metric. These documents clearly provide valuable information, but their lack of standardization makes them harder to analyze systematically.

0

@daliasCassandrich @divVerent @Em0nM4stodonEm :official_verified: Knowing how old someone is does not limit their speech nor their ability to vote (we verify age for that already, and for many other reasons). Age verification isn’t state censorship. I suppose it could be a way to limit anonymous speech. That isn’t a Right where I am from (nor is ‘free’ speech). I doubt anonymous speech is a Right anywhere.

I have no doubt it’s absolutely technically feasible in a way that infringes on no one’s privacy. Ultimately though, yes, it could be abused by bad actors. Like everything else in civilisation we need some balance of enforcement to deal with those people.

@edwiebe @divVerent @Em0nM4stodonEm :official_verified: There is no way to know how old someone is without attestation by some authority who knows their identity. This precludes participation by anyone not known to such an authority (undocumented, outside of jurisdiction, etc.) or for whom it is not safe to let that authority know they are participating. And this is only the tip of the iceberg.

You are dangerously wrong, and you should stop advocating about things you're dangerously wrong about.

0

The LLM discourse on the Fediverse has really irked me the last few days.

Refusing to read writing made with the use of LLMs and refusing to give time to writers who use, promote or justify the use of LLMs is not purity culture, it's a boycott. It's a political act of withdrawing my time, resources and support for something that I find deeply morally wrong. It's protest. I have a choice and I refuse.

LLMs are exploitative, destructive, biased, mediocre parroting machines. Using them has a negative impact on the climate, the arts, the quality of the internet, the job market, the economy, the accessibility of electronics, even on skill development, creativity and mental health. LLMs are made and trained on the unpaid labour of millions -if not billions- of people who didn't consent. Their generic output litter the path to finding anything by true human creators.

Wherever I can, for as long as I can, I reject LLMs and anything that is related to them. I'm boycotting.

0
50
0
0

@film_girlChristina Warren it wasn't intended that way. We are all more than a little sensitive up here given what's been going on with your government lately. My comment seemed unhinged because you lack the necessary context to understand that this was more than just a game to many Canadians.

I get sports trash talk... but this isn't the year for it. Your comment sounded a lot like stuff we hear from your politicians about us, and we're just so tired of it.

0
0
1
0

This N.J. Trump voter’s husband was detained by ICE: ‘I thought they’d focus on criminals.’

nj.com/mosaic/2026/02/this-nj-

Sandra Hafraoui, who identified as MAGA and voted for Trump three times, now says the president's immigration policy has "ruined our lives."

Abdellatif arrived in the United States at 22. He has now lived here for more than 38 years — longer than he lived in Morocco.

During one visit, Abdellatif reached over to brush crumbs from her sleeve. A guard intervened, shouting obscenities and threatening to end the visit. “There was no compassion,” Sandra said. “Just constant humiliation.”

About two and a half weeks after his arrest, Abdellatif said officers pressured him to board a commercial flight and sign away his rights. “They told me if I didn’t get on the flight, I would be punished,” he said.

He refused.

The punishment was 10 days in solitary confinement.

0

Steal this idea: an app that combines YouTube and @peertube into a single YouTube-like interface that treats content from both as equals. Where duplicates exist, PeerTube gets priority by default. Throw in some options for patronizing creators on PeerTube, and it could motivate them to migrate to and stay on decentralized platforms.

Even better if self-hosted with Invidious on the backend.

0
1
0
0
1

洪民憙さんのこの記事、ブーストしてたが読んでなかった。

めちゃくちゃおもしろかった。 https://writings.hongminhee.org/2026/01/histomat-foss-llm/

ベンヤミンが、映画技術が少数の権力に寡占されていることに対して、市民による再領有を要求したことを思いだしながら読んだ(「複製技術時代の芸術」)。ベンヤミンが生きているころに、まだ技術の再領有は実践的にはかなり困難だったとおもう(というか方法論もなにもなかった)けど、いま同じ問題が実践的に解決可能な課題として問われているのだなと思う。

1

洪民憙さんのこの記事、ブーストしてたが読んでなかった。

めちゃくちゃおもしろかった。 https://writings.hongminhee.org/2026/01/histomat-foss-llm/

ベンヤミンが、映画技術が少数の権力に寡占されていることに対して、市民による再領有を要求したことを思いだしながら読んだ(「複製技術時代の芸術」)。ベンヤミンが生きているころに、まだ技術の再領有は実践的にはかなり困難だったとおもう(というか方法論もなにもなかった)けど、いま同じ問題が実践的に解決可能な課題として問われているのだなと思う。

1

Remember how SQL (still called SEQUEL) was supposed to make non-techies able to talk to computers?

> there is also a large class of users who, while they are not computer specialists, would be willing to learn to interact with a computer in a reasonably high-level, non-procedural query language. Examples
of such users are accountants, engineers, architects, and urban planners
dl.acm.org/doi/epdf/10.1145/80

How quaint!

Anyway, tell me again how LLMs are making non-techies able to talk to computers. 👀

0
6
0
0
0
0
0

A new edition of ~ this week in security ~ is now out, featuring stories on: Ivanti's private equity cuts cost it security; Copilot summarizing confidential emails; ATM jackpotting hacks on the rise and netting hackers millions; Def Con bans Epstein-linked technologists from its conference; and much more.

Plus, a new two-for-one cyber-cat special, and good news in the happy corner.

Thanks so much for reading!

Read online: this.weekinsecurity.com/this-w

Sign up/RSS: this.weekinsecurity.com

0
0
14
0
0
0
0
0

Looks like Palantir may have fallen into the Streisand trap;

in seeking their right to reply (under Swiss media law) via the courts, they have drawn a lot more attention to two articles (based on Freedom of Information requests) that reveal why the Swiss state refused to do a deal with Palantir for some military software; they were worried data would be obtained by the US Govt.

Now a story, originally limited to the Swiss is gaining traction across Europe; oops.


h/t FT

0
4
0
0
1
0
0
1
0
0
0
0
3
0

@film_girlChristina Warren @zedtech yeah… I get what you’re saying, but I have friends in Canada who used to come here annually who will not be back until there’s a change at 1600 Pennsylvania Ave. Ours has been the offending side. The bully. I get Canadian sensitivity this year. We’re one bad comedy sketch from the U.S. starting something with Canada. Our govt. is threatening their sovereignty. Might’ve been a better year for a “good game” message. (Respectfully yours, etc.)

0
1
1
1
0
0

Fedify 2.0.0 is here!

This is the biggest release in Fedify's history. Here are the highlights:

  • Modular architecture — The monolithic @fedify/fedify package has been broken up into focused, independent packages: @fedify/vocab, @fedify/vocab-runtime, @fedify/vocab-tools, @fedify/webfinger, and more. Smaller bundles, cleaner imports, and the ability to extend ActivityPub with custom vocabulary types.
  • Real-time debug dashboard — The new @fedify/debugger package gives you a live dashboard at /__debug__/ showing all your federation traffic: traces, activity details, signature verification, and correlated logs. Just wrap your Federation object and you're done.
  • ActivityPub relay support — First-class relay support via @fedify/relay and the fedify relay CLI command. Supports both Mastodon-style and LitePub-style relay protocols (FEP-ae0c).
  • Ordered message delivery — The new orderingKey option solves the “zombie post” problem where a Delete arrives before its Create. Activities sharing the same key are guaranteed to be delivered in FIFO order.
  • Permanent failure handlingsetOutboxPermanentFailureHandler() lets you react when a remote inbox returns 404 or 410, so you can clean up unreachable followers instead of retrying forever.

Other changes include content negotiation at the middleware level, @fedify/lint for shared linting rules, @fedify/create for quick project scaffolding, CLI config files, native Node.js/Bun CLI support, and many bug fixes.

This release includes significant contributions from Korea's OSSCA participants. Huge thanks to everyone involved!

This is a major release with breaking changes—please check the migration guide before upgrading.

Full release notes: https://github.com/fedify-dev/fedify/discussions/580

3
5
0
0
2
0
0
0
19
0