Does the W3C not actually... exist?
by Bryan Lunduke on YouTube
maiyannah
Tobias
from Qvitter
@mike Not surprised to learn that it's a shady-ass organization.
Charles Roth MPC wrote the following post Mon, 25 Sep 2017 15:25:39 +1000I am loving using LibreOffice to create and edit documents directly in my hubzilla cloud.
Maria Karlsen
paulfree14
Seth Martin
Alex
Sean Tilley
Raymond Monret
Alexandre Hannud Abdo
Haakon Meland Eriksen (Parlementum)
Mario Vavti
Jeroen
last edited: Tue, 26 Sep 2017 23:19:37 +1000
@It's me yes, sure: davfs
try to search for davfs in the guide (like /help/member/member_guide#Personal_Cloud_Storage )
try to search for davfs in the guide (like /help/member/member_guide#Personal_Cloud_Storage )
Einer von Vielen
@mrjive thanks :). I did check that guide before and it didn't provide a way to do it directly via command line, however I realised I can use
The documentation also needs to be updated. It tells you to use for the DAV url
mount -t davfs "https://lastauth.com/dav/hello" /tmp/test which works.The documentation also needs to be updated. It tells you to use for the DAV url
https://<hub-url>/davrather than
https://<hub-url>/dav/<username>
mrjive
Scraping ice off the windshield to full blown bushfire alert and hosing off the dogs to keep them cool. 48 hours.
Aunty Entity: We call it Underworld. That's where Bartertown gets its energy.
Max: What, oil? Natural gas?
Aunty Entity: Pigs.
Max: You mean pigs like those?
Aunty Entity: That's right.
Max: Bullshit!
Aunty Entity: No. Pig shit.
Max: What?
The Collector: Pig shit. The lights, the motors, the vehicles, all run by a high-powered gas called methane. And methane cometh from pig shit.
Power prices puts piggery on the path to poo power
A Victorian piggery operator is using animal effluent to save in energy costs.
Klaus
Jake Moomaw
Couple of things just in case I run out of time,,,
Pubcrawl has a few interop issues with Mastodon, but nobody is willing to look into why on that side. What I've done is to go back to the spec and all the latest working group decisions and I'm trying to implement it faithfully. If there are problems making it work, you may have to wait for a real communications project to try and federate with before things get solved. Once there's interop with somebody/anybody, you can branch off that to open federation to the walled garden. At the moment we're trying to be faithful to the spec so that somebody can read the spec and look at the packets and figure out who's implementation is buggered.
Multimedia content is going to be sent as an 'Article'. There's a good chance Mastodon will never allow multimedia content. Fuck them. Try and find somebody sensible to work with. We'll send plain text and microblog stuff as a 'Note' which is what Mastodon uses. Attachments/images are all separate and appended to the end of the content, so this won't work at all for story-board narratives and signatures will break if you have to modify somebody's content to fit that representation. If you want to get support, look at News organisations of any kind. They know how multimedia content needs to work. The ActivityPub folks all have their noses so far up Eugen's bum that you aren't going to get any support from them and nobody therein has any experience with real world communications or federation issues. They're web people, and most are kids who've never done anything like this before.
Apple appears to have removed third-party cookies entirely in its latest browser release. This is a problem for decentralised permissions; but thankfully only applies to images and media elements. My thinking if other browser vendors follow suit is to re-purpose the 'sslify' module to proxy private photos/videos. These can and should be buffered/streamed. At that point it's probably a good time to abandon the social networking space and concentrate on content management, since openwebauth will still work just fine; but private media in your stream is going to suck up extra resources to proxy. It's still workable but not as elegant.
Hopefully I'll still be around and will take care of all this stuff, but just in case I'm not....
Pubcrawl has a few interop issues with Mastodon, but nobody is willing to look into why on that side. What I've done is to go back to the spec and all the latest working group decisions and I'm trying to implement it faithfully. If there are problems making it work, you may have to wait for a real communications project to try and federate with before things get solved. Once there's interop with somebody/anybody, you can branch off that to open federation to the walled garden. At the moment we're trying to be faithful to the spec so that somebody can read the spec and look at the packets and figure out who's implementation is buggered.
Multimedia content is going to be sent as an 'Article'. There's a good chance Mastodon will never allow multimedia content. Fuck them. Try and find somebody sensible to work with. We'll send plain text and microblog stuff as a 'Note' which is what Mastodon uses. Attachments/images are all separate and appended to the end of the content, so this won't work at all for story-board narratives and signatures will break if you have to modify somebody's content to fit that representation. If you want to get support, look at News organisations of any kind. They know how multimedia content needs to work. The ActivityPub folks all have their noses so far up Eugen's bum that you aren't going to get any support from them and nobody therein has any experience with real world communications or federation issues. They're web people, and most are kids who've never done anything like this before.
Apple appears to have removed third-party cookies entirely in its latest browser release. This is a problem for decentralised permissions; but thankfully only applies to images and media elements. My thinking if other browser vendors follow suit is to re-purpose the 'sslify' module to proxy private photos/videos. These can and should be buffered/streamed. At that point it's probably a good time to abandon the social networking space and concentrate on content management, since openwebauth will still work just fine; but private media in your stream is going to suck up extra resources to proxy. It's still workable but not as elegant.
Hopefully I'll still be around and will take care of all this stuff, but just in case I'm not....
Manuel
Thorsten
Apparently next week the Duke of York is going to be holding a series of meetings downstairs. I might have to work from home.
Waitman Gobble
Hubzilla @ sasiflo
Beni Grind
phellmes
Oliver
elmussol
Michael
Trying to come up with a workaround for Mastodon's brain-dead media behaviour. The only solution I've got currently is
if(your friend is using mastodon)
do the wrong thing
else
do the right thing
The issue is that half the metaverse does the wrong thing; which is basically stripping media from HTML content and adding it back as attachments. This is fine for OStatus and public networks but doesn't work with privacy enhanced services because the messages need to be signed, If you mangle multi-media messages to work on these primitive nets it breaks the signature, so you're basically stuffed. The messages will not federate because the service your friends are using is doing the wrong thing. If you don't mangle the posts to fit that network's policies, the media content will be stripped. If you do mangle the content, the message won't verify and will be discarded.
I do so wish that the people designing these protocols and systems would take a look at what the hell they're doing sometime. They're really screwing up everything for everybody.
if(your friend is using mastodon)
do the wrong thing
else
do the right thing
The issue is that half the metaverse does the wrong thing; which is basically stripping media from HTML content and adding it back as attachments. This is fine for OStatus and public networks but doesn't work with privacy enhanced services because the messages need to be signed, If you mangle multi-media messages to work on these primitive nets it breaks the signature, so you're basically stuffed. The messages will not federate because the service your friends are using is doing the wrong thing. If you don't mangle the posts to fit that network's policies, the media content will be stripped. If you do mangle the content, the message won't verify and will be discarded.
I do so wish that the people designing these protocols and systems would take a look at what the hell they're doing sometime. They're really screwing up everything for everybody.
from Qvitter
@mike Even with a properly-formed spec I think we'd still be having mastodon-related issues, but that's my inner cynic speaking.
Even with a properly-formed spec I think we'd still be having mastodon-related issues, but that's my inner cynic speaking.
@maiyannah Implementing ActivityPub was easy. I did that a month ago. Trying to figure out what Mastodon is doing with the data we send has consumed the last month and will probably consume the next six. The last 3 weeks everything we sent (legal ActivityPub) vanished into the bit bucket. I've only recently seen data arrive intact at the destination and can start working through the other platform quirks. I've told people time and time again that federation isn't about protocols. It's about projects and all their quirky policies that aren't written anywhere but are critical to working communication.
from Qvitter
@mike And that's exactly why I knew from day one ActivityPub isn't going to fix anything - this isn't a protocol problem - or even a technical problem. It's a social problem.
So I think the direction we are ultimately going with Zot VI is to have virtual nomadic identities and identity clusters. Fasten your seat belts.
last edited: Sat, 16 Sep 2017 06:50:43 +1000
What's the difference between a virtual nomadic identity and the nomadic identity used by Hubzilla/Zot currently?
A virtual nomadic identity can include channels on other services and protocols. There are a number of uses when it comes to identity management. We currently base identity on possession of your private key; and most/all other services base it on your server login. I need to completely remove the actual identity from *anything* that could change. You can change your key now, but it's clumsy and involves updates to a lot of tables all over the network. With a virtual identity you just attach a new key to your identity and you're done. We don't have to fix data in 20-30 tables. As a side effect you could also link your identity to a Mastodon account (for instance) and sync posts/comments from there with your Hubzilla channel.
Whole Atlantic Salmon
Farm raised in Tasmania
Somebody needs a geography lesson.
A high tide related to a storm released 162,000 Atlantic Salmon into our Salish Sea (Pacific). What could possibly go wrong?
That Atlantic salmon farm was on its last legs — and Washington state knew it
That Atlantic salmon farm was on its last legs — and Washington state knew it
Cooke Aquaculture and state officials knew at least six months ago that the floating salmon farm that collapsed in August was "nearing the end of
OpenWebAuth is available in red right now.
What is OpenWebAuth? Some of you might be aware of Zot 'magic-auth' which invisibly authenticates people and services across domains using a decentralised network. This is the next generation of that work and paves the way for fully self-sovereign identity. It is not restricted to or dependent on Zot and has been stripped of all the complexities of dealing with zot nomadic identities and account mirroring. It can be used by any web service which desires portable cross-domain authentication and internet scale access control. It requires a web accessible webfinger service and the signing service needs access to the private key of the signer. These do not need to reside on the same machine.
Mike Macgirvin - mike@macgirvin.com
What is OpenWebAuth? Some of you might be aware of Zot 'magic-auth' which invisibly authenticates people and services across domains using a decentralised network. This is the next generation of that work and paves the way for fully self-sovereign identity. It is not restricted to or dependent on Zot and has been stripped of all the complexities of dealing with zot nomadic identities and account mirroring. It can be used by any web service which desires portable cross-domain authentication and internet scale access control. It requires a web accessible webfinger service and the signing service needs access to the private key of the signer. These do not need to reside on the same machine.
Mike Macgirvin - mike@macgirvin.com
OpenWebAuth provides a light-weight form of cross-domain authentication between websites on the open web. The principals involved in the authentication may or may not have any pre-existing relationship. OpenWebAuth utilises webfinger (RFC7033) and HTTP Signatures (draft-cavage-http-signatures-07) with a simple token generation service to provide se...
It's me
Root
Erik Lundin
Zot VI involves a lot more. This is just a teaser - but it's a teaser that folks have been asking for since zot was first unleashed. "How can we integrate this network-scale permission system with other software?".
This is getting really interesting!
Before the Equinox passes, the Zot faithful (you know who you are) shall be rewarded. Thank you for all your support. I have a few things to give back.
Enjoy.
For the non-believers - I've got nothing. Move along.
Enjoy.
For the non-believers - I've got nothing. Move along.
JRandal
I've been trying to push hubzilla or at least federated systems into a small comunity of devs. I'm been involved with a collective who maintain a plattform with ca. 120.000 users in germany and now building a new plattform to turn international.
Under those users are something like 30.000 ppl active in real live as it is a movment dedicated to foodsharing and reducing foodwaste.
To make it short: the devs. are filled with elite way of thinking which don't borther much to really listen if a non dev is speaking in non dev language.
Just some days ago I checked in again, testing where they are standing.
The respons: I looked into diapsora and it doesn't work for what we need. And non federated system comes with detailed ownership managment of the data.
*facepalm
Under those users are something like 30.000 ppl active in real live as it is a movment dedicated to foodsharing and reducing foodwaste.
To make it short: the devs. are filled with elite way of thinking which don't borther much to really listen if a non dev is speaking in non dev language.
Just some days ago I checked in again, testing where they are standing.
The respons: I looked into diapsora and it doesn't work for what we need. And non federated system comes with detailed ownership managment of the data.
*facepalm
Mike Macgirvin wrote the following card Tue, 05 Sep 2017 11:55:25 +1000Zot VI
Zot has been in use continually for over five years, with only a handful of minor upgrades. Most of these involved extending the cryptography mechanisms to allow negotiation and deprecate older/insecure algorithms.
During this time. there have been a many changes in the external landscape and there are now some better ways of doing things which didn't exist in a stable form when zot was created. The goal of Zot VI is to bring the protocol in line with some of these changes. As an example we can now provide server-to-server authentication by making use of HTTP Signatures. There are a couple of other places in the protocol where we can reduce the complexity of interactions by using the same technology (increasing efficiency). As a side effect the entire protocol and message flow will be simplified and easier to integrate with external services.
The proposed delivery method for this work is to expose it through a protocol plugin, (just like the other protocol plugins) and ultimately remove communication protocol implementations from core code. As Zot VI will not be directly compatible with zot, this allows a migration path; and servers will be able to support both.
Zot has been in use continually for over five years, with only a handful of minor upgrades. Most of these involved extending the cryptography mechanisms to allow negotiation and deprecate older/insecure algorithms.
During this time. there have been a many changes in the external landscape and there are now some better ways of doing things which didn't exist in a stable form when zot was created. The goal of Zot VI is to bring the protocol in line with some of these changes. As an example we can now provide server-to-server authentication by making use of HTTP Signatures. There are a couple of other places in the protocol where we can reduce the complexity of interactions by using the same technology (increasing efficiency). As a side effect the entire protocol and message flow will be simplified and easier to integrate with external services.
The proposed delivery method for this work is to expose it through a protocol plugin, (just like the other protocol plugins) and ultimately remove communication protocol implementations from core code. As Zot VI will not be directly compatible with zot, this allows a migration path; and servers will be able to support both.
- Refactor zot-finger
- Refactor Delivery
- Refactor magic-auth
- Refactor Directory Services
- move to plugin
- Release timeline
This looks like a complicated endeavor. Is the idea for people to try using the new protocol by enabling the plugin when it is at least at a "beta testing" stage? How can it coexist with current zot ("Zot V"?) when you enable the plugin? By overriding the relevant core function? Also, will this remain as an addon afterward?
My favorite part of the Cards module is getting better insight into all the interesting things your are working on. The cards also explain the otherwise strange re-sharing of your own "post".
My favorite part of the Cards module is getting better insight into all the interesting things your are working on. The cards also explain the otherwise strange re-sharing of your own "post".
Good questions. At a high level, it is being treated just like an external protocol connector, so internally we won't even see them as zot connections. They will be 'zotvi' connections - using a different protocol. The difference will be that this protocol connector can do literally everything zot can do - plus a bit more (I still have some surprises up my sleeve that I haven't shared). Once any quirks have been sorted out and assuming people are happy with it, we can talk about deprecating the original zot and converting existing connections. We might keep it for quite a while because there are still a fair number of older sites. It will remain as a plugin, though It might be included with the core repo.
Great Work, Great Efforts. For a Great Vision. I am personally far behind of understanding all the implications of all this visionary work.
There seem to be so many use cases. I have to bring my brain on fire to find out what is already solved and may be done with it.
Thank you for all this @Mike Macgirvin !
There seem to be so many use cases. I have to bring my brain on fire to find out what is already solved and may be done with it.
Thank you for all this @Mike Macgirvin !
I've got server-to-server magic-auth and API magic-auth working. You probably won't be able to appreciate what this means until you start seeing magic zot apps and integrations that you never thought possible. I've got a few of these in mind already. It sort of means you can access anything that's visible to you anywhere in zotland from any device anywhere. And not just you. Any of your friends from any other network can access anything that's visible to them in all of zotland from any device anywhere.
I could use some sketching and Alice, Bob and Charly to fully understand the implications but I grasp it more now, thanks!
That sounds super interesting, Mike.
I have been idly wondering about integrations recently, and have been extremely interested in what level of OS integration could be provided. In theory, Hubzilla could be set up as a Gnome Online Accounts (GOA) provider. GOA is kind of reminiscent of how Apple does integrations for social networks, storage platforms, instant messaging, etc, except of course it's free software.
What would be particularly interesting, from my point of view, would be to integrate Hubzilla tightly with a desktop Linux environment. This could include:
Some of these things already work, since Hubzilla uses DAV. Effectively, you could have a drop-in replacement for iCloud, allowing Hubzilla to act as their main data provider for devices and individual applications.
One of the first things that comes to mind is standalone or mobile apps which access some facet of Hubzilla, like photos or file browsing.
I have been idly wondering about integrations recently, and have been extremely interested in what level of OS integration could be provided. In theory, Hubzilla could be set up as a Gnome Online Accounts (GOA) provider. GOA is kind of reminiscent of how Apple does integrations for social networks, storage platforms, instant messaging, etc, except of course it's free software.
What would be particularly interesting, from my point of view, would be to integrate Hubzilla tightly with a desktop Linux environment. This could include:
- Cloud Storage (like DropBox or Google Drive)
- Stream (Corebird-like status app.)
- Contact Sync
- Notifications
- Calendar Sync
- Notes
- Photos
- Events
- Messages
Some of these things already work, since Hubzilla uses DAV. Effectively, you could have a drop-in replacement for iCloud, allowing Hubzilla to act as their main data provider for devices and individual applications.
At least you understand the implications of what we're doing. I think it's lost on a lot of people.
Ironically hubzilla integrates fairly well with KDE since the K web browsers and DAV services share a cookie file. So magic auth works with DAV. Gnome does things a bit differently and it isn't as seamless.
This new capability makes integration with these kinds of services a *lot* easier. You no longer require a zot infrastructure to access private web objects. All you need is your private key.
I wasn't even looking at integration at these layers, but at a much lower level - by tying it to the OS through PAM. But perhaps that's the direction we should be moving - upwards to the application layer.
Ironically hubzilla integrates fairly well with KDE since the K web browsers and DAV services share a cookie file. So magic auth works with DAV. Gnome does things a bit differently and it isn't as seamless.
This new capability makes integration with these kinds of services a *lot* easier. You no longer require a zot infrastructure to access private web objects. All you need is your private key.
I wasn't even looking at integration at these layers, but at a much lower level - by tying it to the OS through PAM. But perhaps that's the direction we should be moving - upwards to the application layer.
I'm seeing some mis-attributed comments from mastodon.social - probably need to look into that. Since it's only one site and Eugen's playground and it started a few hours ago, I'll wait a day or two just in case it's a temporary bug on that side.
This is what I tried to do a year or two ago before I got blindsided.
Start here. When you reach the end, follow the links and keep reading.
Social.coop: A Cooperative Decentralized Social Network
Start here. When you reach the end, follow the links and keep reading.
Social.coop: A Cooperative Decentralized Social Network
Social.coop is a cooperatively run instance of Mastodon, a decentralized social network based on open protocols and free, open-source…
last edited: Fri, 01 Sep 2017 05:54:10 +1000
I was thinking of turning the entire project into a cooperative; as a workable business and organisational model.
I started down this path with some rules of governance which were taken directly from successful co-ops. Unfortunately that was about the time of the 'blabla' rebellion and I had to re-assert control to try and keep the community from fragmenting. Now I'm working outside the project so if such a move were to be attempted again it would probably have to come from within. It would be a refreshing change from the dictatorial or Stallmanesque or corporate-sponsored open source models that are prevalent today - and I've seen cooperatives thrive here in Oz.
I started down this path with some rules of governance which were taken directly from successful co-ops. Unfortunately that was about the time of the 'blabla' rebellion and I had to re-assert control to try and keep the community from fragmenting. Now I'm working outside the project so if such a move were to be attempted again it would probably have to come from within. It would be a refreshing change from the dictatorial or Stallmanesque or corporate-sponsored open source models that are prevalent today - and I've seen cooperatives thrive here in Oz.
US government: We can jail you indefinitely for not decrypting your data
Ex-cop in child abuse case approaching 2 years in the clink
Marshall Sutherland