cover photo

Mike Macgirvin

mike@macgirvin.com

Mike Macgirvin
 High Range, Australia 
Let's get funky



Thank you / Sly & the Family Stone LIVE ! on soul train
by daidai dai on YouTube
Mike Macgirvin
 High Range, Australia 


Does the W3C not actually... exist?
by Bryan Lunduke on YouTube
maiyannah
 from Qvitter
@mike Not surprised to learn that it's a shady-ass organization.
Mike Macgirvin
 High Range, Australia 
:like

Charles Roth MPCCharles Roth MPC wrote the following post Mon, 25 Sep 2017 15:25:39 +1000
I am loving using LibreOffice to create and edit documents directly in my hubzilla cloud.
mrjive
  last edited: Tue, 26 Sep 2017 23:19:37 +1000  
@It's me yes, sure: davfs
try to search for davfs in the guide (like /help/member/member_guide#Personal_Cloud_Storage )
It's me
  
@mrjive thanks :). I did check that guide before and it didn't provide a way to do it directly via command line, however I realised I can use mount -t davfs "https://lastauth.com/dav/hello" /tmp/test which works.

The documentation also needs to be updated. It tells you to use for the DAV url
https://<hub-url>/dav
  rather than
https://<hub-url>/dav/<username>
Marshall Sutherland
  
It seems like this also means a plug-in could be made to connect to Collabora Online, letting you edit your documents in the browser directly from the Hubzilla UI like NextCloud does.
Mike Macgirvin
 High Range, Australia 
Scraping ice off the windshield to full blown bushfire alert and hosing off the dogs to keep them cool. 48 hours.
Seth Martin
  
Sounds like the weather fluctuations I'm accustomed to.
Charles Roth MPC
  
Image/photo
Maria Karlsen
  
Image/photo
Mike Macgirvin
 High Range, Australia 


Aunty Entity: We call it Underworld. That's where Bartertown gets its energy.

Max: What, oil? Natural gas?

Aunty Entity: Pigs.

Max: You mean pigs like those?

Aunty Entity: That's right.

Max: Bullshit!

Aunty Entity: No. Pig shit.

Max: What?

The Collector: Pig shit. The lights, the motors, the vehicles, all run by a high-powered gas called methane. And methane cometh from pig shit.

Power prices puts piggery on the path to poo power

Image/photo

A Victorian piggery operator is using animal effluent to save in energy costs.
Haakon Meland Eriksen (Parlementum)
  
Bringing home the bacon.
Mike Macgirvin
 High Range, Australia 
Couple of things just in case I run out of time,,,

Pubcrawl has a few interop issues with Mastodon, but nobody is willing to look into why on that side. What I've done is to go back to the spec and all the latest working group decisions and I'm trying to implement it faithfully. If there are problems making it work, you may have to wait for a real communications project to try and federate with before things get solved. Once there's interop with somebody/anybody, you can branch off that to open federation to the walled garden. At the moment we're trying to be faithful to the spec so that somebody can read the spec and look at the packets and figure out who's implementation is buggered.

Multimedia content is going to be sent as an 'Article'. There's a good chance Mastodon will never allow multimedia content. Fuck them. Try and find somebody sensible to work with. We'll send plain text and microblog stuff as a 'Note' which is what Mastodon uses. Attachments/images are all separate and appended to the end of the content, so this won't work at all for story-board narratives and signatures will break if you have to modify somebody's content to fit that representation. If you want to get support, look at News organisations of any kind. They know how multimedia content needs to work. The ActivityPub folks all have their noses so far up Eugen's bum that you aren't going to get any support from them and nobody therein has any experience with real world communications or federation issues. They're web people, and most are kids who've never done anything like this before.  

Apple appears to have removed third-party cookies entirely in its latest browser release. This is a problem for decentralised permissions; but thankfully only applies to images and media elements. My thinking if other browser vendors follow suit is to re-purpose the 'sslify' module to proxy private photos/videos. These can and should be buffered/streamed. At that point it's probably a good time to abandon the social networking space and concentrate on content management, since openwebauth will still work just fine; but private media in your stream is going to suck up extra resources to proxy. It's still workable but not as elegant.

Hopefully I'll still be around and will take care of all this stuff, but just in case I'm not....
Einer von Vielen
  
Hopefully I'll still be around and will take care of all this stuff, but just in case I'm not....
Hmm, health? Just in case, ALL THE BEST!
Adam Robertson
  
End of the world on September 23rd?
Raymond Monret
  
All my wishes of better health Mike.
Mike Macgirvin
 High Range, Australia 
Apparently next week the Duke of York is going to be holding a series of meetings downstairs. I might have to work from home.
Haakon Meland Eriksen (Parlementum)
  
Because of the security fuzz or because you want to? ;-)
Mario Vavti
  
Image/photo
Mike Macgirvin
  
The building is "going into lockdown". Still awaiting confirmation of what exactly this means. I may be turned away.
Waitman Gobble
  
thanks
Mike Macgirvin
 High Range, Australia 
Trying to come up with a workaround for Mastodon's brain-dead media behaviour. The only solution I've got currently is

if(your friend is using mastodon)
  do the wrong thing
else
  do the right thing

The issue is that half the metaverse does the wrong thing; which is basically stripping media from HTML content and adding it back as attachments. This is fine for OStatus and public networks but doesn't work with privacy enhanced services because the messages need to be signed, If you mangle multi-media messages to work on these primitive nets it breaks the signature, so you're basically stuffed. The messages will not federate because the service your friends are using is doing the wrong thing. If you don't mangle the posts to fit that network's policies, the media content will be stripped. If you do mangle the content, the message won't verify and will be discarded.

I do so wish that the people designing these protocols and systems would take a look at what the hell they're doing sometime. They're really screwing up everything for everybody.
maiyannah
 from Qvitter
@mike Even with a properly-formed spec I think we'd still be having mastodon-related issues, but that's my inner cynic speaking.
Mike Macgirvin
  
Even with a properly-formed spec I think we'd still be having mastodon-related issues, but that's my inner cynic speaking.


@maiyannah Implementing ActivityPub was easy. I did that a month ago. Trying to figure out what Mastodon is doing with the data we send has consumed the last month and will probably consume the next six. The last 3 weeks everything we sent (legal ActivityPub) vanished into the bit bucket. I've only recently seen data arrive intact at the destination and can start working through the other platform quirks. I've told people time and time again that federation isn't about protocols. It's about projects and all their quirky policies that aren't written anywhere but are critical to working communication.
maiyannah
 from Qvitter
@mike And that's exactly why I knew from day one ActivityPub isn't going to fix anything - this isn't a protocol problem - or even a technical problem.  It's a social problem.
Mike Macgirvin
 High Range, Australia 
So I think the direction we are ultimately going with Zot VI is to have virtual nomadic identities and identity clusters. Fasten your seat belts.
Haakon Meland Eriksen (Parlementum)
  
Identity clusters - is this Formula 1 Privacy Groups or something else which requires champagne?
It's me
  last edited: Sat, 16 Sep 2017 06:50:43 +1000  
What's the difference between a virtual nomadic identity and the nomadic identity used by Hubzilla/Zot currently?
Mike Macgirvin
  
A virtual nomadic identity can include channels on other services and protocols. There are a number of uses when it comes to identity management. We currently base identity on possession of your private key; and most/all other services base it on your server login. I need to completely remove the actual identity from *anything* that could change. You can change your key now, but it's clumsy and involves updates to a lot of tables all over the network. With a virtual identity you just attach a new key to your identity and you're done. We don't have to fix data in 20-30 tables. As a side effect you could also link your identity to a Mastodon account (for instance) and sync posts/comments from there with your Hubzilla channel.
Mike Macgirvin
 High Range, Australia 
Whole Atlantic Salmon
Farm raised in Tasmania


Somebody needs a geography lesson.
Charles Roth MPC
  
A high tide related to a storm released 162,000 Atlantic Salmon into our Salish Sea (Pacific). What could possibly go wrong?

That Atlantic salmon farm was on its last legs — and Washington state knew it

Image/photo

Cooke Aquaculture and state officials knew at least six months ago that the floating salmon farm that collapsed in August was "nearing the end of
Mike Macgirvin
 High Range, Australia 
OpenWebAuth is available in red right now.

What is OpenWebAuth? Some of you might be aware of Zot 'magic-auth' which invisibly authenticates people and services across domains using a decentralised network. This is the next generation of that work and paves the way for fully self-sovereign identity. It is not restricted to or dependent on Zot and has been stripped of all the complexities of dealing with zot nomadic identities and account mirroring. It can be used by any web service which desires portable cross-domain authentication and internet scale access control. It requires a web accessible webfinger service and the signing service needs access to the private key of the signer. These do not need to reside on the same machine.

Mike Macgirvin - mike@macgirvin.com

Image/photo

OpenWebAuth provides a light-weight form of cross-domain authentication between websites on the open web. The principals involved in the authentication may or may not have any pre-existing relationship. OpenWebAuth utilises webfinger (RFC7033) and HTTP Signatures (draft-cavage-http-signatures-07) with a simple token generation service to provide se...
Haakon Meland Eriksen (Parlementum)
 
Zot VI is alive at Parlementum - we can follow OWT. :-)
Erik Lundin
  
Zot VI involves a lot more. This is just a teaser - but it's a teaser that folks have been asking for since zot was first unleashed. "How can we integrate this network-scale permission system with other software?".

This is getting really interesting!
Charles Roth MPC
  
Mike's site opened so fast with OWA I have cyber whiplash.
Mike Macgirvin
 High Range, Australia 
Before the Equinox passes, the Zot faithful (you know who you are) shall be rewarded. Thank you for all your support. I have a few things to give back.

Enjoy.


For the non-believers - I've got nothing. Move along.
paulfree14
 
I've been trying to push hubzilla or at least federated systems into a small comunity of devs. I'm been involved with a collective who maintain a plattform with ca. 120.000 users in germany and now building a new plattform to turn international.
Under those users are something like 30.000 ppl active in real live as it is a movment dedicated to foodsharing and reducing foodwaste.

To make it short: the devs. are filled with elite way of thinking which don't borther much to really listen if a non dev is speaking in non dev language.
Just some days ago I checked in again, testing where they are standing.
The respons: I looked into diapsora and it doesn't work for what we need. And non federated system comes with detailed ownership managment of the data.

*facepalm
paulfree14
 
* with a collective I was involved :-p
Sean Tilley
  
Every day is Christmas here.
Mike Macgirvin
 High Range, Australia 
Mike MacgirvinMike Macgirvin wrote the following card Tue, 05 Sep 2017 11:55:25 +1000
Zot VI
Zot has been in use continually for over five years, with only a handful of minor upgrades. Most of these involved extending the cryptography mechanisms to allow negotiation and deprecate older/insecure algorithms.

During this time. there have been a many changes in the external landscape and there are now some better ways of doing things which didn't exist in a stable form when zot was created. The goal of Zot VI is to bring the protocol in line with some of these changes. As an example we can now provide server-to-server authentication by making use of HTTP Signatures. There are a couple of other places in the protocol where we can reduce the complexity of interactions by using the same technology (increasing efficiency). As a side effect the entire protocol and message flow will be simplified and easier to integrate with external services.

The proposed delivery method for this work is to expose it through a protocol plugin, (just like the other protocol plugins) and ultimately remove communication protocol implementations from core code. As Zot VI will not be directly compatible with zot, this allows a migration path; and servers will be able to support both.


  • Refactor zot-finger
  • Refactor Delivery
  • Refactor magic-auth
  • Refactor Directory Services
  • move to plugin
  • Release timeline
Andrew Manning
  
This looks like a complicated endeavor. Is the idea for people to try using the new protocol by enabling the plugin when it is at least at a "beta testing" stage? How can it coexist with current zot ("Zot V"?) when you enable the plugin? By overriding the relevant core function? Also, will this remain as an addon afterward?

My favorite part of the Cards module is getting better insight into all the interesting things your are working on. The cards also explain the otherwise strange re-sharing of your own "post".
Mike Macgirvin
  
Good questions. At a high level, it is being treated just like an external protocol connector, so internally we won't even see them as zot connections. They will be 'zotvi' connections - using a different protocol. The difference  will be that this protocol connector can do literally everything zot can do - plus a bit more (I still have some surprises up my sleeve that I haven't shared). Once any quirks have been sorted out and assuming people are happy with it, we can talk about deprecating the original zot and converting existing connections. We might keep it for quite a while because there are still a fair number of older sites. It will remain as a plugin, though It might be included with the core repo.
Hubzilla @ sasiflo
  
Great Work, Great Efforts. For a Great Vision. I am personally far behind of understanding all the implications of all this visionary work.

There seem to be so many use cases. I have to bring my brain on fire to find out what is already solved and may be done with it.

Thank you for all this @Mike Macgirvin !
Mike Macgirvin
 High Range, Australia 


David Hasselhoff - Hooked on a Feeling
by Haraldur Óskarsson on YouTube
Maria Karlsen
  
Image/photo
Mike Macgirvin
 High Range, Australia 
Hooboy, what a shitfight over in sectors 3 and 7.  

Image/photo
Mike Macgirvin
  
Now it seems to have spilled over into sector 6.
Mario Vavti
  
Sigh... :facepalm
Mike Macgirvin
 High Range, Australia 
I've got server-to-server magic-auth and API magic-auth working. You probably won't be able to appreciate what this means until you start seeing magic zot apps and integrations that you never thought possible. I've got a few of these in mind already. It sort of means you can access anything that's visible to you anywhere in zotland from any device anywhere. And not just you. Any of your friends from any other network can access anything that's visible to them in all of zotland from any device anywhere.
Raymond Monret
  
I could use some sketching and Alice, Bob and Charly to fully understand the implications but I grasp it more now, thanks!
Sean Tilley
  
That sounds super interesting, Mike.

One of the first things that comes to mind is standalone or mobile apps which access some facet of Hubzilla, like photos or file browsing.


I have been idly wondering about integrations recently, and have been extremely interested in what level of OS integration could be provided. In theory, Hubzilla could be set up as a Gnome Online Accounts (GOA) provider. GOA is kind of reminiscent of how Apple does integrations for social networks, storage platforms, instant messaging, etc, except of course it's free software.

What would be particularly interesting, from my point of view, would be to integrate Hubzilla tightly with a desktop Linux environment. This could include:

  • Cloud Storage (like DropBox or Google Drive)
  • Stream (Corebird-like status app.)
  • Contact Sync
  • Notifications
  • Calendar Sync
  • Notes
  • Photos
  • Events
  • Messages



Some of these things already work, since Hubzilla uses DAV. Effectively, you could have a drop-in replacement for iCloud, allowing Hubzilla to act as their main data provider for devices and individual applications.
Mike Macgirvin
  
At least you understand the implications of what we're doing. I think it's lost on a lot of people.

Ironically hubzilla integrates fairly well with KDE since the K web browsers and DAV services share a cookie file. So magic auth works with DAV. Gnome does things a bit differently and it isn't as seamless.

This new capability makes integration with these kinds of services a *lot* easier. You no longer require a zot infrastructure to access private web objects. All you need is your private key.

I wasn't even looking at integration at these layers, but at a much lower level - by tying it to the OS through PAM. But perhaps that's the direction we should be moving - upwards to the application layer.
Mike Macgirvin
 High Range, Australia 
I'm seeing some mis-attributed comments from mastodon.social - probably need to look into that. Since it's only one site and Eugen's playground and it started a few hours ago, I'll wait a day or two just in case it's a temporary bug on that side.
Mike Macgirvin
 High Range, Australia 
This is what I tried to do a year or two ago before I got blindsided.

Start here.  When you reach the end, follow the links and keep reading.

Social.coop: A Cooperative Decentralized Social Network

Image/photo

Social.coop is a cooperatively run instance of Mastodon, a decentralized social network based on open protocols and free, open-source…
Adam Robertson
  
You were thinking of having some cooperativley run servers for Hubzilla?
Mike Macgirvin
  last edited: Fri, 01 Sep 2017 05:54:10 +1000  
I was thinking of turning the entire project into a cooperative; as a workable business and organisational model.

I started down this path with some rules of governance which were taken directly from successful co-ops. Unfortunately that was about the time of the 'blabla' rebellion and I had to re-assert control to try and keep the community from fragmenting. Now I'm working outside the project so if such a move were to be attempted again it would probably have to come from within. It would be a refreshing change from the dictatorial or Stallmanesque or corporate-sponsored open source models that are prevalent today - and I've seen cooperatives thrive here in Oz.
Andrew Manning
  
All that stuff about BlaBlaNet and now it's totally offline as far as I can tell.
Mike Macgirvin
 High Range, Australia 
US government: We can jail you indefinitely for not decrypting your data

Image/photo


Ex-cop in child abuse case approaching 2 years in the clink