cover photo

Mike Macgirvin

mike@macgirvin.com

Mike Macgirvin
 High Range, Australia 
Hint: use the smudge tool to avoid embarrassing copy/paste artifacts.

  Katy Perry criticised over advert telling her dog to 'chase koalas' in Australia

Image/photo

Katy Perry has been criticised after telling her dog to "go chase some koalas" in an advert for an Australian department store chain.
Mike Macgirvin
 High Range, Australia 
I can't find the original post (which may have been deleted). Anyway, a question was recently asked about what tools Hubzilla provides to help administrators enforce legal compliance of content on their sites.

The answer is that it does not. We've generally considered the creation of any tools which enable spying on the private communications of site members as malware; and this is somewhat in conflict with the Hubzilla core missions of privacy and providing code which is both ethical and transparent.

That said, a site administrator has every right to maintain legal compliance on their site with their local laws. Nobody is questioning or disputing this. It just has never been part of our core mission to provide those tools.

I recommend creating a plugin to do this kind of task since producing malware is likely to be rejected as a core feature/enhancement. I also highly recommend notifying site members in your terms of service if such a plugin is installed.

A place to start would be the existing authentication plugins. In order to have unfettered access to any of a channel's content, the simplest mechanism is to be able to 'sudo' or login as that channel with the system admin's credentials. Be warned that this may be detectable - as several content areas automatically mark items "seen" once they have been loaded into the channel's browser. In order to browse undetected one would also need to provide plugin hooks in core code to allow a plugin to disable this automatic flag setting if such a monitoring operation was in progress.

Also w/r/t end-to-end encrypted content: Hubzilla provides no mechanism to access this content through a back door. There are multiple ways that end-to-end encryption could be used and by definition Hubzilla site administrators will not have access to any keys which can be used to render this content in plaintext. If you have a legal requirement to allow law enforcement access to all your site content, you may need to disable the creation of end-to-end encrypted content on your site.

I'm not certain how you would go about doing such a thing since encrypted content could lurk in uploaded files or wiki pages or even embedded in text posts and there is no single distinguishing characteristic one could use to reliably filter or block it. If you are a developer and would like to create such a tool please consult with other community developers before proceeding.
Mike Macgirvin
 High Range, Australia 
Monopoly was invented to demonstrate the evils of capitalism

Image/photo

Monopoly's inventor, Elizabeth Magie, would have sent herself straight to jail if she’d lived to see just how influential today’s twisted version of her game turned out to be.
Klaus
  
Very interesting story behind the inventor of this game.
Mike Macgirvin
 High Range, Australia 
Anybody here with a NextCloud ActivityPub installation? I need to look at some other servers and examine their data structures and it seems that this is the only one out there. I'm not ready to connect yet - just want to poke around and look at the packets.
Andrew Manning
  
So who wants to wager how long it'll take Mike to pwn our Nextcloud servers? Oh wait, I'm the only one who gave him a URL :-/
Mike Macgirvin
  
After all this hoopla, the NextCloud ActivityPub implementation is just barely anything at all, hardly usable, and it certainly doesn't adhere to the specs. I'm looking at the source. It's actually a stripped down ActivityStreams interface and whoever called it an ActivityPub implementation must've been smoking crack. So it seems there are actually zero (zip, zilch, nada) spec-compliant ActivityPub instances on the planet earth; which makes it a bit difficult to test federation code in any kind of real-world scenario. There's nobody to federate with. Nextcloud sends some basic file activities back and forth but there's no channel discovery. I'll have to look closer but I'm guessing the instanceID has some kind of registry using some other protocol. They don't supply the required 'id' attribute you need to connect, not to mention inbox and outbox and follow messages. So you couldn't federate with them if you wanted to.

The same thing happened with Diaspora. People hassled me for over a year with increasing hysteria and "the sky is falling" urgency to implement the 'new protocol' and once I did, found that nobody in the world was actually using it - not even Diaspora.

On the bright side, since I'm unapologetically disregarding the published ActivityPub spec (as it is anti-federation) it's not like you can claim that I'm breaking compatibility with anything.
Sean Tilley
  
The whole situation with ActivityPub is kind of fucking depressing.
Operation Pub Crawl

Mike Macgirvin
 High Range, Australia 
You wouldn't expect to go into a pub and be asked for a membership card - or you can't get in to have a beer and talk to your mates.

Neither would I.

Announcing Operation Pub Crawl. It's kind of like ActivityPub, but you can participate without being an ActivityPub member. Operation Pub Crawl is based on and is compliant with ActivityStreams2 (JSON-LD). It is also somewhat compatible with ActivityPub, but has no membership requirement; so you'll find people in the Pub Crawl that you won't find in ActivityPub. We have to break some rules to do this, but these rules serve no useful purpose except to restrict membership and prevent members from communicating with non-members. Other ActivityPub sites and projects may decide that they want to restrict membership and enforce the rules strictly. This is OK. You can still communicate with them. They'll just miss out on half the party. If you're in the Pub Crawl, you can talk to anybody you wish, on any network you wish. Pub Crawl will be available as a plugin to red/hubzilla in Q3 2017.
Mike Macgirvin
 High Range, Australia 
Pass the vodka...



It's my life (Russian version)
by Dav1d on YouTube
Mike Macgirvin
 High Range, Australia 


Chorus
by Dvein on Vimeo
Seth Martin
  
Image/photo
Mike Macgirvin
 High Range, Australia 
Word association game.

Here's the word: ActivityPub

What's the first thing that comes to mind?

Image/photo

One ring to rule them all, one ring to find them,
One ring to bring them all and in the darkness bind them.
  
Ah yes, this old thing.
Haakon Meland Eriksen (Parlementum)
  
The Grand Antiprism - apparently made with this - http://www.jenn3d.org/
Mike Macgirvin
  
I'm only reflecting on the fragility of the open web. If you have one ring to rule them all, you will also have somebody whose desire in life is to own the ring (and in so doing rule them all).
Mike Macgirvin
 High Range, Australia 
Finally starting to understand why I have so much trouble getting along with other people on the free web - especially the architects and designers.

Soy zurdo. I'm left handed. By default I look at everything from a different perspective. I look at the ActivityPub spec and to me it was designed from the wrong direction - from the bottom up. It's backwards. "Here's a message". Much later, "here's how we share a message." Up finally to the top level, "Here's how a person interacts with a message." But you see, it's all based on a message because that's the direction they're coming from. They can't see a world outside the message. It is the basis for their world view.

Being left-handed I do it all in reverse. What is a person? How does a person interact with others online? If they need a server, can they have more than one for redundancy? How exactly? How do they share posts, photos, videos, profiles - and only with whom they want? How does a person block unwanted stuff?

It isn't until much, much later I get to "What exactly is a message?" And in fact, this part isn't important to me. I'm defining *how* people communicate, not *what* they communicate. I don't really care what's in the message or how it is constructed and am more concerned with people and identity and sharing "stuff" because that's the direction I'm coming from. The person is at the core of my world view, not the message.

Anyway, I wish I acknowledged this difference in thought processes much earlier, it might've saved a lot of hassles and misunderstandings.
Hubzilla @ sasiflo
  
Most of us tend to the engeneering perspective with the focus on technical aspects. IT people often miss the social and real world aspects.
Mike Macgirvin
 High Range, Australia last edited: Fri, 21 Jul 2017 11:53:52 +1000  
Laughing at this headline...

Single women choosing DIY pregnancy methods over IVF clinics, sperm banks


... as they do.

And especially...

A friend of Hannah Slootjes offered to donate his sperm.


... as they do.

Anyway, the article is interesting.

http://www.abc.net.au/news/2017-07-21/women-choosing-diy-ivf-sperm-inseminsation-to-become-mums/8702818
Mike Macgirvin
 High Range, Australia 
In America it seems the news is about MN cops shooting an Aussie girl (and a damm fine one at that).

Here our news is so much more sophisticated.

Stand by your ram: Lost sheep befriends giant statue

Image/photo

A lost sheep befriends a giant ram statue at a saleyard in Western Australia, standing by its side for the past nine days.
Andrew Manning
  
Nine days? I hope someone is able to find the poor thing a new home with other real sheep soon.
Alexandre Hannud Abdo
  
It looks fine by itself... Perhaps it's some kind of sheep monk.
Mike Macgirvin
 High Range, Australia 
The ActivityPub folks are going to hate me for this (big time), but here goes....

One can solve a wide range of short-comings and issues in ActivityPub and work around a lot of "TBD"s in the  spec by doing this:

Accept: application/magic-envelope+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"

and it doesn't stop anybody from implementing OAuth2/JWS or Linked Data Signatures whenever they get around to defining how these things are going to work. It just gives you something that is well defined, proven, easily implemented (we all have the components to do this right now), but most of all works today.
Mike Macgirvin
  
In fact that works incredibly well.
Seth Martin
  
I like the way you get people hating you when they should love you for it.
Mike Macgirvin
 High Range, Australia 
Steady progress on the ActivityPub plugin. It's a mountain of work and I'm certainly not going to bust my ass, but it's moving along at a satisfactory pace.  

Now move along.
Mike Macgirvin
 High Range, Australia 
This is freaking hilarious

Proposal for improving private toot security · Issue #4208 · tootsuite/mastodon

Image/photo

Elaborating on #4205 (comment)
Problem description: When a private toot lands on a non-Mastodon server, that server handles it like a public toot. When does this happen? When a Mastodon user has no...
Marshall Sutherland
  
Sorry. I obviously didn't think that through.

Image/photo
Alexandre Hannud Abdo
  
Image/photo
Raymond Monret
  
Might originate in a play on words : "toot suite" sounds like "tout de suite" which means "right now" in French.
Mike Macgirvin
 High Range, Australia 
I have to admit I was really worried about how to implement privacy in ActivityPub as there was no clear direction in the spec. I'm not worried any more. It's really easy. Forget about encryption and all that stuff.
They have a really elegant and simple solution to a very hard problem.

You just pretend you have privacy.
Mike Macgirvin
  last edited: Sat, 15 Jul 2017 09:02:23 +1000  
Followup: In fairness we do that anyway, but the difference is that we at least try to protect it during transport and provide minimal metadata, so it's only the endpoints one needs to be concerned with and not the porous backbones. In activitypub you just accept the porosity of the backbone (and protecting the metadata is pointless since adversaries can see the entire content anyway).
Seth Martin
  
About an hour ago, someone asked me to help her install facebook messenger on her smartphone because a coworker informed her that it's more private than the text messaging provided by the phone service provider. I told her that I believe the opposite is true because I've at least read the facebook terms and conditions but do as you wish, the install button is in front of your face right now, you've been warned. She almost pressed it but started to argue. I repeated myself and said it's up to you how much privacy you wish to lose, you won't be communicating with me through it because I read for myself what I'm required to give up in exchange, and the service provider didn't scare me as much. She didn't press it while I was there but I suspect she will without reading. I could tell she really wanted to.
Mike Macgirvin
  
This does pose some difficult UI/UX decisions for us though. If you select a privacy group for delivery and that group contains members from other networks, we may need a slider to adjust your security expectations. On a scale of 0-5, if you select 0, we'll include GNU-Social folks (so your privacy group really isn't a privacy group at all, but just a group). If you select 1, you'll include mastodon. 2 will include activitypub, 3 includes diaspora, and 4-5 - networks with strong transport encryption (perhaps 5 would require encrypted storage). On the inbound side we might change the colour of the lock icon to indicate to potential commenters how private it really is.
Mike Macgirvin
 High Range, Australia 
'Just got slimed': Truck carrying eels overturns on Oregon highway

Image/photo

A carrying carrying hagfish, commonly known as slime eels, overturns on an Oregon highway, turning the coastal road into a slimy mess.
Marshall Sutherland
  
Obviously, a half-assed attempt to compete with Florida.

Truck carrying 4 sharks crashes on Florida highway

Image/photo


Rescue workers raced to scene; 18-wheeler was taking the sharks to an aquarium in Coney Island, New York
Haakon Meland Eriksen (Parlementum)
  
Ouch and double-ouch.
Fabio
  
Image/photo
Mike Macgirvin
 High Range, Australia 
You can either make your home an "open to all" party space where you have to kick out drunk and disorderly people after they break the furniture; or invite some friends and people from the office and maybe a few other folks from the neighbourhood over for drinks and a barbie.

I suppose that's the key conceptual difference between networks like [Mastodon/GNU-Social and Diaspora] and networks like [Hubzilla/red (and even Friendica)].

One invests a lot of time/energy into tools and policies to block undesirable people, and the other invests a lot of time finding better ways to connect with interesting people (no matter what software they use).
Jeroen
  
different strokes for different folks
Mike Macgirvin
 High Range, Australia 
International borders often provide stark contrasts of the disparate conditions on both sides, for instance desolation and misery on one side versus abundance and a vibrant lifestyle on the other.

Image/photo

Here we see the US/Mexico border, with Tijauna on one side and San Diego on the other. You could hardly come up with a more striking contrast.

That's San Diego on the left.
Marshall Sutherland
  
North and South Korea
Image/photo
Mike Macgirvin
 High Range, Australia 
The loadaverage.org migration is taking even longer than the memorable identi.ca migration. And on that topic, identi.ca has also been down for days now.

Nomadic identity, folks. It's not just a good idea. It's a bloody great idea.
Maria Karlsen
  
Image/photo
Mike Macgirvin
 High Range, Australia 
Here's an interesting idea. Create a channel; and in it, describe/document one cool Hubzilla feature every day for a year. Maybe a paragraph or two. I can pretty much guarantee there are (at least) 365 different cool features if you look for them. Once a week could also be interesting - and that could go on for years. Anybody interested?
mrjive
  last edited: Thu, 13 Jul 2017 01:13:12 +1000  
@Haakon Meland Eriksen (Parlementum) I get the point. Just, when advertising something that already exists, keep in mind how others do the same thing, because comparison is inevitable. I experienced this many time trying to show people how linux does things they're used to do under windows, and, in my experience, direct comparison fails if we don't do the same thing better. So, for me, better to point out Hubzilla's highlights. That said, my opinion counts very little ;)
paulfree14
 
yes I like propaganda. Spreading in regular through mastodon, as they already understood the pill of why federated networks are great. ....all the next steps aren't far anymore. :-)

May someone likes to join in for a "official propaganda day"?
Why a specific day? Cause it creates more attention to a thirten topics if multible ppl are engaged in it.

(that doesn't mean all the other days aren't propaganda days, just this specific day would be more intense)
 
This sounds like a worthwhile challenge.