I’m really into CloudEvents because I love event-driven systems, and since events can come from, or be consumed by, so many different services, having a robust spec is super duper useful.
So what problem is this solving? What are some event-driven systems that need to interoperate? Seems like even if you have a common encapsulation method, you still need code to understand and deal with the message body. Just seems like an extra layer around a JSON blob.
You’re going off-topic from the OP question :-) But to answer your new question : I do not trust Matrix enough when it comes to privacy. I know that this link is old but still. disroot.org/en/blog/matrix-closure
Then again I do not trust Signal that much either but sometimes compromises need to be made to get things done. With XMPP the end user can host their own server if they wish to, without meta data going to a centralized point. And video calls via XMPP and Conversations were a pleasure to use when I used it during the Covid-19 pandemic.
Why should this be at the editor level? There should be a linter that applies all these stylistic formatting changes to all files automatically. If the developer’s own editing tools or personal workflow have a chance to introduce non-standard styles to the codebase, you have a deeper problem.
I want both. When I am typing code in my editor I want it to follow the styles of the project. Then when I run the linter/formatter it will fix the mistakes.
The last thing I want is to start a new if foo { statement and the indent is half of the indent of the if above. That would be too distracting.
Bazillions of motherboards and SBCs support I2C and many have the ability to use it via GPIO pins or even have connectors just for I2C devices (e.g. QWIIC). Yet there’s very little in the way of things you can buy and plug in. It feels like such a waste!
There’s all sorts of neat and useful things we could plug in and make use of if only there were software to use it. For example, cheap color sensors, nifty gesture sensors, time-of-flight sensors, light sensors, and more.
There’s lmsensors which knows I2C and can magically understand zillions of temperature sensors and PWM things (e.g. fan control). We need something like that for all those cool devices and chips that speak I2C.
I2C is a bit goofy though. As a byproduct of being an undiscoverable bus you basically just have to poke random addresses and guess what you’re talking to. The fact lmsensors i2c detection works as well as it does is a miracle. (Plus you get the neat issue where even the act of scanning the bus can accidentally reconfigure endpoints)
Yeah, the lack of proper discoverability on i2c truly sucks. You have to just poke random addresses and hope for the best to see if an i2c device exists on the bus. It’s a great standard but I wish it would get updated with some sort of plug and play autodetection feature. Standardized device PID/VID system like USB and PCI would be acceptable or a standardized register that returns a part string. Anything other than blindly poking registers and hoping you’re not accidentally overvolting the CPU or whatever because the register on your expected device overlaps with the overvolt the CPU register on the same address of a different device.
I’m curious. There was some i2c connected memory devices before. Is there some forgotten spec that allows for a flexible device lookup / logging capability. Something that acts like device tree but stays specific to the bus. It wouldn’t be practical for a lot of applications but I could see it being useful for some niche stuff.
Except that in the case of VGA (and DVI, HDMI, and DisplayPort) the i2c interface is intended for use over the cable. All of those ports have a pair of i2c pins and corresponding wires in their cables. The i2c interface is used for DDC/EDID which is how the computer can identify the capabilities and specifications of the attached display. DDC even provides some rarely-used control functionality. Probably the most useful of which is being able to control the brightness of the display from software. I use the ddcci module on Linux and it lets me control my desktop monitor brightness the same way a laptop would, which is great. I have no idea why this isn’t widely used.
Edit:
This i2c interface is widely used to control the lighting on modern graphics cards that have RGB lighting. We’ve spent a lot of time reverse engineering these chips and their i2c protocols for OpenRGB. GPU chips usually have more i2c buses than the cards have display connectors, so the RGB chip is wired to one of the unused buses. I think AMD GPUs tend to have 8 separate i2c buses but most cards only use 4 or 5 of them for display connectors. There is also an i2c interface present on RAM slots normally used for reading the SPD chip that stores RAM module specifications, timings, etc. This interface is also used for RAM modules with controllable RGB lighting.
WebSub (formerly PubSubHubbub). Should have been a proper replacement for RSS with push support instead of polling. Too bad the docs were awful and adopting it as an end user was so difficult that it never caught on.
No I’m sorry, I pull my feeds manually using a barebones reader. I’m guessing your best bet is one of the web-based readers as it would require a client with a TCP port that’s reachable from the web. I have never seen a feed who provided the rssCloud feature though.
I wouldn’t say that it never caught on. I run a feed reader and ~6% of feeds have WebSub. Most of these are probably wordpress.com blogs which include it by default.
YouTube also sort of supports it, but they don’t really follow the standard so I don’t think it counts.
But the nice thing about WebSub is that it is sort of an invisible upgrade to the existing feed (or any other HTTP URI) so it just works when blogs enable it.
Most major feed reader services support it. One problem is that you need a stable URL to receive the notifications. So it is hard to make work with client-side readers. But I don’t think there is really a way around this other than holding a connection open to every feed you follow. So I would say that it does its job well. I don’t really see a need to get to 100% adoption or whatever. If you have a simple static-site blog that updates every month or so I don’t think it is a big deal that it doesn’t support WebSub.
Theres quite a few sites that still use it and existing ones in the Fediverse have it built in (which is really cool). But your right, the general public have no concept of having something download and queue up on a service rather than just going to the site. And the RSS clients are all over the place with quality…
I second Matrix, though I’ve been waiting for e2ee direct p2p (the Dendrite project) do be worked on for a while. Having something like that, that’s truly decentralized while secure and hiding metadata where possible, would be a dream.
Yeah I’ve been following that. It seemed at the time the project didn’t implement nearly all the specs as dendrite which was still lagging synapse.
Might take another look though. I really did want to use it since it was written in rust. Seemed it should probably be more performant, everything else being equal.
RSS (RDF Site Summary or Really Simple Syndication) It is in use a fair amount, but it is usually buried. Many people don’t know it exists and because of that I am afraid it will one day go away.
I find it a great simple way to stay up to date across multiple web sites the way I want to (on my terms, not theirs) By the way, it works on Lemmy to :)
Honestly there is rarely a blog I want to follow that doesn’t have it. I do think it would be great to have more readers using it so that it becomes more significant, but for my reading it is actually pretty great.
i wish all the big players would agree on one of the many open chat and IM protocols. it’s like kindergarten where the toddlers don’t want to share toys
They are humorous IETF standards published on 1 April over the years. These are specifically about implementing internet protocols using carrier pigeons instead of more traditional media like wires or optical fiber.
I wish people used email for chat more. SMTP is actually a pretty great protocol for real time communication. People think of it as this old slow protocol, but that’s mostly because the big email providers make it slow. Gmail, by default, waits ten seconds before it even tries to send your message to the recipient’s server. And even then, most of them do a ridiculous amount of processing on your messages that it usually takes several seconds from the time it receives a message to the time it shows up in your account.
There’s a project called Delta Chat that makes email look and act like a chat app. If you have a competent email service, I think it’s better than texting. It doesn’t stomp on the images you send like SMS and Facebook do, everyone has it unlike all the proprietary services, and you can run your own server for it that interacts with everyone else’s servers.
Unfortunately, Google, Microsoft, etc all block you if you try to run your own server “to protect against spam”. Really, I’m convinced that’s just anticompetitive behavior. The fewer players are allowed to enter the email market, the less competition Gmail and Outlook will have.
As much as I like ProtonMail too, unfortunately their encryption models prevents it from working with Delta Chat. I’d love to see Proton make a compatible chat app that works with their service.
I made an email service called Port87 that I’m working on making compatible with Delta chat too. I’d love to see people using email the way it was originally meant to be used, to talk to each other, without being controlled by big businesses.
Oh, another awesome thing about email is that you can ensure that your address is always yours, even if you use an email service provider like Gmail. Any provider that supports custom domains will allow you to use your own domain for your address, then if you want to change your provider, you keep your address. So, since I own hperrin.com, I can use the address me@hperrin.com, and I know it’ll always be mine as long as I pay for that domain.
This is a much better model than anything else. Even on the fediverse, you can’t have your own address unless you run your own instance.
If your email service provider goes out of business or gets sold off (skiff.com, anyone?), as long as you’re on your own custom domain, your address is still yours.
I’m working on custom domains for Port87. It’s definitely a feature I think every email provider should offer.
Yes, I shifted to my own domain after my default ISP of 20 years decided that email was just too hard, you know? They didn’t outright say it, they just started batch processing emails so that I’d get all my daily emails at around 2 am the next day. Super handy for time limited password reset emails!
A few hours reading a guide and setting up a $5/mo linode email server with SPF and dmarc, a few more hours transferring 20 years of IMAP mail from my old account to a folder, and a month or so of changing a few site contact emails over each day when they emailed something to my old account, and now I’ve got an email server on my own domain that is 10 times faster at sending/receiving mail than my old ISP ever was.
And now I can have amazon@mydomain.com and career@mydomain.com and random other disposable addresses so that when they are inevitably sold off for the $$$ I can just dump them and maintain a spam free inbox.
greylisting will typically only be applied to people who you haven’t interacted before, so I don’t think it is a big deal. It would be similar to how many major chat apps hide away suspicious messages from new people in some “invites” section that is often hidden by default.
If you’re relying on the remote server to delete something, you can’t trust it no matter what protocol you’re using.
For a regular email, the chance to undo might be fine, but for real time communication, it’s just an unnecessary road block.
Maybe if it was optional per recipient, or per conversation, or better yet, depending on the presence of a header, it might be fine. Gmail only supports all-on or all-off.
If you’re relying on the remote server to delete something, you can’t trust it no matter what protocol you’re using.
I mean yeah I wouldn’t bet my life on it, but for the 99% of regular communication it’s fine. That’s no reason to not have it in the protocol and muck around with 10 second delays instead.
SMTP is a terrible protocol. Text based for sending effectively binary data with complex header wrapping and “generate a random delimiter” framing. We really need a HTTP/2 of SMTP.
That being said I agree that it exists and works. The biggest blocker to more IM-style communication is largely the UI and user expectations. I have no problem having quick back-and-forths over email but most people don’t expect it.
Honestly my biggest complaint is header wrapping. Technically you need to wrap lines at 998 bytes (not that any reasonable server actually cares). But in order to wrap a header you need to add spaces (because you can only break a line after whitespace). But where spaces are unimportant depends on each specific header. So you need to have custom wrapping rules for each header.
In practice no one does this. They just hope that headers naturally have spaces or break them in random locations (corrupting them) because the protocol was too stupid.
Binary protocols are just so much simpler. Give the length, then the data. Problem solved. Maybe we could even use a standard format for structured headers. But that would be harder to do while maintaining backwards compatibility.
IPv6. Lack of IPv4 addresses it’s a problem, specially in poorer countries. But still lots of servers and ISPs don’t support it natively. And what is worse. Lots of sysadmins don’t want to learn it.
If computers connect to others through the internet, the IPv6 address can reveal how many computers there are on the local network, and if certain traffic to different destinations are coming from the same computer, but also if one of the computers has gone offline but then resumes from sleep/hibernation.
To me their comment means they want to avoid that, and I agree, I want to avoid that too. To fix these, I would need to configure NAT on my router for IPv6.
Yes IPv6 address privacy extensions help somewhat, but
computers won’t use a different v6 address for every distinct destination, they will just start using a new one from time to time
computers won’t stop using the old v6 address immediately after wakeup
With v4 addresses these did not really matter, because everything was being sent from the same public IP, and and outside observer could only see what a “network” is doing collectively. But with v6 an address identifies a computer, across websites/services. Even if it’s just for a "short’ time, even if the address is randomized.
If you want privacy, you need some kind of VPN or onion routing. Even if everything you list were correct, the difference between IPv4 and 6 for privacy would be marginal.
I don’t think this is so black and white. I’m a regular tor user, but so often it’s not worth it to load webpages through a dial-up connection, and then there are the sites that block access for tor users for some reason.
Even if everything you list were correct
Which parts weren’t?
the difference between IPv4 and 6 for privacy would be marginal
You’re thinking of a firewall. NAT is just the thing that makes a connection appear to come from an IP on the internet when it’s really coming from your router, and it’s not needed with IPv6. But you would not see any difference with IPv6 without it.
You’re thinking of a firewall. NAT is just the thing that makes a connection appear to come from…
That connection only “appears to come from” if I explicitly put a rule in my NAT table directing it to my computer behind the router doing the NAT-ing.
Otherwise all connections through NAT are started from internal->external network requests and the state table in NAT keeps track of which internal IP is talking to which external IP and directs traffic as necessary.
So OP is correct, it does apply a measure of security. Port scanning someone behind NAT isn’t possible, you just end up port scanning their crappy NAT router provided by their ISP unless they have specifically opened up some ports and directed them to their internal IP address.
Compare this to IPV6 where you get a slice of the public address space to place your devices in and they are all directly addressable. In that case your crappy ISP router also is a “proper” firewall. Strangely enough it usually is a “stateful” firewall with default deny-all rules that tracks network connections and looks and performs almost exactly like the NAT version, just without address translation.
So OP is correct, it does apply a measure of security. Port scanning someone behind NAT isn’t possible, you just end up port scanning their crappy NAT router provided by their ISP unless they have specifically opened up some ports and directed them to their internal IP address.
You end up just port scanning their crappy router on IPv6 as well because ports that are not opened are stuck at the firewall either way, no matter if you use IPv4 or IPv6.
Just because every device gets a public IP does not mean that IP is publicly accessible.
An advantage that IPv6 has against port scanning is the absurdly large network sizes. For example, my ISP gives me a /56 prefix, that is 4,722,366,482,869,645,213,696 IPv6 addresses. Good luck finding the used ones with the port open you need.
Even with just a /64 prefix you get 18,446,744,073,709,551,616 addresses, way outside the feasibility of port scanning.
Compare this to IPV6 where you get a slice of the public address space to place your devices in and they are all directly addressable. In that case your crappy ISP router also is a “proper” firewall. Strangely enough it usually is a “stateful” firewall with default deny-all rules that tracks network connections and looks and performs almost exactly like the NAT version, just without address translation.
realistically, it wouldnt surprise me if ISPs started NATing on residential IPV6 networks, just for the simplicity, but still allowed end users to assign their own IPs if they so pleased. Given the surge in shitty IOT devices, that’s probably a good thing for most people. Though a firewall would also accomplish this as well.
My isp decided to put me behind a CGNAT and broke my access to my network from outside my network. Wanted to charge me $5 a month to get around it. It’s not easy to get around for a layman, but possible. More than anything it just pissed me off that I’d have to pay for something that 1 day ago was free.
Set up a reverse proxy on another machine (like one of those free oracle cloud things). I can’t go into detail because I don’t know exactly how. I think cloudflare also has options for that for free. Either way it’s annoying.
Lots of really large sites are horribly misconfigured. I had intermittent issues because one of the edge hosts in Netflix ‘s round robin dns did not do MTU discovery properly.
My university recently had Internet problems, where the DHCP only leased Out ipv6 addresses. For two days, we could all see which sites implemented ipv6 and which didn’t.
Many big corpo sites like GitHub or discord Apperently don’t. Small stuff like my personal website or suikagame.com do.
Say this to my very large Canadian ISP who still doesn’t support IPv6 for residential customers. Last I checked, adoption in Canada was still under 50%.
50%?? I fucking wish. In Spain we are at 5%. I finally got IPv6 in my phone this year, but I want it in my home, which is still only available as IPv4 even if they’re the same ISP.
Add comment