evenwicht

There is a periodic meeting of linux users in my area where everyone brings laptops and connects to a LAN. Just wondering if I want to share files with them, what are decent options? Is FTP still the best option or has anything more interesting emerged in the past couple decades? Guess I would not want to maintain a webpage so web servers are nixed. It’s mainly so ppl can fetch linux ISO images and perhaps upload what they have as well.

Translating the Debian install instructions to tor network use, we have:

  torsocks wget https://apt.benthetechguy.net/benthetechguy-archive-keyring.gpg -O /usr/share/keyrings/benthetechguy-archive-keyring.gpg
  echo "deb [signed-by=/usr/share/keyrings/benthetechguy-archive-keyring.gpg] tor://apt.benthetechguy.net/debian bookworm non-free" > /etc/apt/sources.list.d/benthetechguy.list
  apt update
  apt install makemkv

apt update yields:

Ign:9 tor+https://apt.benthetechguy.net/debian bookworm InRelease
Ign:9 tor+https://apt.benthetechguy.net/debian bookworm InRelease
Ign:9 tor+https://apt.benthetechguy.net/debian bookworm InRelease
Err:9 tor+https://apt.benthetechguy.net/debian bookworm InRelease
  Connection failed [IP: 127.0.0.1 9050]

Turns out apt.benthetechguy.net is jailed in Cloudflare. And apparently the code is not developed out in the open -- there is no public code repo or even a bug tracker. Even the forums are a bit exclusive (registration on a particular host is required and disposable email addresses are refused). There is no makemkv IRC channel (according to netsplit.de).

There is a blurb somewhere that the author is looking to get MakeMKV into the official Debian repos and is looking for a sponsor (someone with a Debian account). But I wonder if this project would even qualify for the non-free category. Debian does not just take any non-free s/w.. it's more for drivers and the like.

Alternatives?

The reason I looked into #makemkv was that Handbrake essentially forces users into a long CPU-intensive transcoding process. It cannot simply rip the bits as they are. MakeMKV relieves us of transcoding at the same time as ripping. But getting it is a shit show.

Love the irony and simultaneous foreshadowed embarrassment of Elon denying availability and service as a way to be more efficient.

The irony

Cloudflare enables web admins to be extremely bloated. Admins of Cloudflared websites have no incentive to produce lean or efficient websites because Cloudflare does the heavy lifting for free (but at the cost of reduced availability to marginalized communities like Tor, VPNs, CGNAT, etc). So they litter their website with images and take little care to choose lean file formats or appropriate resolutions. Cloudflare is the #1 cause of web inefficiency.

Cloudflare also pushes countless graphical CAPTCHAs with reckless disregard which needlessly wastes resources and substantially increases traffic bloat -- all to attack bots (and by side-effect text-based users) who do not fetch images and thus are the most lean consumers of web content.

The embarrassment

This is a perfect foreshadowing of what we will see from this department. “Efficiency” will be achieved by killing off service and reducing availability. Certain demographics of people will lose service in the name of “efficiency”.

It’s worth noting that DOGE is not using Cloudflare’s default configuration. They have outright proactively blacklisted Tor IPs to ensure hard-and-fast fully denied service to that demographic of people. Perhaps their PR person would try to spin this as CAPTCHA avoidance is efficient :)

The other embarrassment is that they are using Cloudflare for just a single tiny image. They don’t even have enough competency to avoid CF in the normal state & switch it on demand at peak traffic moments.

The microblog discussion

Microblog chatter here.

A lot of gov services use the same shitty social networks. But it’s just a bit extra disgusting when the FCC uses them along with the not-so social platforms. It’s an embarrassment.

The FCC privacy policy starts with:

“The FCC is committed to protecting the privacy of its visitors.”

Fuck no they aren’t. And we expect the FCC in particular to be well aware of the platforms that would make their privacy claim a true statement.

In particular:

• MS Github (98 repositories and maybe a bit strange that they are hosting UK stuff there.

• MS LinkedIn: “Visit our LinkedIn profile for information on job openings, internships, upcoming events, consumer advice, and news about telecommunications.” ← At least it’s openly readable to non-members. But I clicked APPLY on an arbitrary job listing (which had no contact info) and I was ignored, probably for not having a LinkedIn account. Which is obviously an injustice. Anyone should be able to access government job listings without licking Microsoft’s boots.

• Facebook: “Keep informed and engaged about consumer alerts, Commission actions and events.” ←Non-Facebook members cannot even view their page. And they are relying on it for engagement and consumer alerts.

• Twitter: “Follow @FCC for updates on upcoming meetings, helpful consumer information, Commission blog postings, and breaking FCC and telecommunications news with links to in-depth coverage.” ← At least it’s openly readable to non-members. But despicable that non-Twitter users cannot engage with the FCC. It’s an assult on free speech in the microblogging context. If you don’t lick Elon’s boots and give Twitter a mobile phone number (which they have been caught abusing before twtr contractors were caught spying on old accts, which came before Twitter was breached [twice in fact]), you cannot microblog to your government.

• YouTube: “Playback recorded webcasts of FCC events and view tutorials, press conferences, speeches and public service announcements on the FCC's YouTube channel.” ← One of the most atrocious abuses of public resources because Youtube is no longer open access. You cannot be on Tor, you cannot use Invideous. Due to recent extreme protectionism by Google, you are subject to surveillance advertising tied to your personal IP address.

Public money finances the FCC to make whatever videos the FCC produces. Since we already paid for the videos, they should be self-hosted by the FCC, not conditional upon entry into an paid-for-by-advertising walled garden with Google as a gatekeeper. It should be illegal to do that -- and we would expect the FCC to drive a just law in that regard. We would also expect the FCC to have the competency to either stand up their own peertube instance or simply put the videos on their website. People should be fighting that shit for sure.

What a shitty example they set for how government agencies should implement comms.

I am certain this community is not instantly popular. Even in the fediverse most people are fine with walled-gardens (we know this from Lemmy World). So just pointing out it’s interesting that 35 bots instantly monitor new communities as soon as they are created.

(BTW: “metapost” in the subject means it’s an off-topic post about the community itself. It’s not a reference to that shitty corp that has hijacked a generic word for commercial exploitation)

Facebook is used to make announcements to RUC students. The internal RUC website (outside of Facebook) is littered with FB references.

There are social events that are officially school-sanctioned which appear exclusively on Facebook.

Some might say “fair enough” because social events are non-essential and purely for entertainment. However, RUC has organized all the coursework around group projects. A culture of social bonding is considered important enough to justify having school-sanctioned parties on campus. The organisers have gone as far as to strategically divide student parties and to discourage intermingling across the parties so that students form more bonds with the peers they work with academically. Social bonding is an integral component of the study program.

Announcing these social events exclusively on Facebook creates an irresistible temptation for non-Facebook users to join. Students face an ultimatum: either become a serf of Facebook, or accept social isolation. It also destroys any hope of existing FB users who want to break away from a Facebook addiction from doing so. Students without Facebook accounts are naturally in the dark. Facebook non-patrons may be able to catch ad-hoc hallway chatter about school events but this is a reckless approach.

When the official class schedule is incorrectly published, students who discover the error in advance announce it on Facebook. Facebook then stands as the only source of information for schedule corrections, causing Facebook non-patrons to either miss class or show up for a class that doesn't exist.

Unofficial student-led seminars and workshops are sometimes announced exclusively on Facebook. These workshops are optional but academic nonetheless.

Sometimes information exists on the school website and is duplicated on Facebook. The information becomes very well buried on the poorly organized school website because the maintainers are paying more attention to the Facebook publication that they assume everyone is reading. Specifically the study abroad program has two versions of the document that lists all the foreign schools for which there is an exchange program. One version is obsolete showing schools that no longer participate. Both versions appear in different parts of the website. The schedule of study abroad workshops is so buried that a student relying on the school website is unlikely to know that the workshops even exist. Removing the Facebook distraction would perhaps mitigate the website neglect.

RUC does not instruct students to establish Facebook accounts. There is simply a silent expectation that students are already Facebook serfs. Some of the above mentioned problems can come as a surprise because Facebook excludes non-members from even viewing the content, so non-patrons don’t even have a way to see what kind of information they are missing. There is an immense undercurrent of pressure for RUC students to become addicted loyal patrons of Facebook's corporate walled-garden.

MAFF (a shit-show, unsustained)

Firefox used to have an in-house format called MAFF (Mozilla Archive File Format), which boiled down to a zip file that had HTML and a tree of media. I saved several web pages that way. It worked well. Then Mozilla dropped the ball and completely abandoned their own format. WTF. Did not even give people a MAFF→mhtml conversion tool. Just abandoned people while failing to realize the meaning and purpose of archival. Now Firefox today has no replacement. No MHTML. Choices are:

• HTML only
• HTML complete (but not as a single file but a tree of files)

MHTML (shit-show due to non-portable browser-dependency)

Chromium-based browsers can save a whole complete web page to a single MHTML file. Seems like a good move but then if you open Chromium-generated MHTML files in Firefox, you just get an ascii text dump of the contents which resembles a fake email header, MIME, and encoded (probably base64). So that’s a show-stopper.

exceptionally portable approach: A plugin adds a right-click option called “Save page WE” (available in both Firefox and Chromium). That extension produces an MHTML file that both Chromium and Firefox can open.

PDF (lossy)

Saving or printing a web page to PDF mostly guarantees that the content and representation can reasonably be reproduced well into the future. The problem is that PDF inherently forces the content to be arranged on a fixed width that matches a physical paper geometry (A4, US letter, etc). So you lose some data. You lose information about how to re-render it on different devices with different widths. You might save on A4 paper then later need to print it to US letter paper, which is a bit sloppy and messy.

PDF+MHTML hybrid

First use Firefox with the “Save page WE” plugin to produce an MHTML file. But relying on this alone is foolish considering how unstable HTML specs are even still today in 2024 with a duopoly of browser makers doing whatever the fuck they want - abusing their power. So you should also print the webpage to a PDF file. The PDF will ensure you have a reliable way to reproduce the content in the future. Then embed the MHTML file in the PDF (because PDF is a container format). Use this command:

$ pdfattach webpage.pdf webpage.mhtml webpage_with_HTML.pdf

The PDF will just work as you expect a PDF to, but you also have the option to extract the MHTML file using pdfdetach webpage_with_HTML.pdf if the need arises to re-render the content on a different device.

The downside is duplication. Every image is has one copy stored in the MTHML file and another copy separately stored in the PDF next to it. So it’s shitty from a storage space standpoint. The other downside is plugin dependency. Mozilla has proven browser extensions are unsustainable when they kicked some of them out of their protectionist official repository and made it painful for exiled projects to reach their users. Also the mere fact that plugins are less likely to be maintained than a browser builtin function.

We need to evolve

What we need is a way to save the webpage as a sprawled out tree of files the way Firefox does, then a way to stuff that whole tree of files into a PDF, while also producing a PDF vector graphic that references those other embedded images. I think it’s theoretically possible but no tool exists like this. PDF has no concept of directories AFAIK, so the HTML tree would likely have to be flattened before stuffing into the PDF.

Other approaches I have overlooked? I’m not up to speed on all the ereader formats but I think they are made for variable widths. So saving a webpage to an ereader format of some kind might be more sensible than PDF, if possible.

(update) The goals

1. Capture the webpage as a static snapshot in time which requires no network to render. Must have a simple and stable format whereby future viewers are unlikely to change their treatment of the archive. PDF comes close to this.
2. Record the raw original web content in a non-lossy way. This is to enable us to re-render the content on different devices with different widths. Future-proofness of the raw content is likely impossible because we cannot stop the unstable web standards from changing. But capturing a timestamp and web browser user-agent string would facilitate installation of the original browser. A snapshot of audio, video, and the code (JavaScript) which makes the page dynamic is also needed both for forensic purposes (suitable for court) and for being able to faithfully reproduce the dynamic elements if needed. This is to faithfully capture what’s more of an application than a document. wget -m possibly satisfies this. But perhaps tricky to capture 3rd party JS without recursing too far on other links.
3. A raw code-free (thus partially lossy) snapshot for offline rendering is also needed if goal 1 leads to a width-constrained format. Save page WE and WebScrapBook apparently satisfies this.

PDF satisfies goal 1; wget satisfies goal 2; maff/mhtml satisfies goal 3. There is likely no single format that does all of the above, AFAIK. But I still need to explore these suggestions.

I recall an inspirational story where a woman tried many dating sites and they all lacked the filters and features she needed to find the right guy. So she wrote a scraper bot to harvest profiles and wrote software that narrowed down the selection and propose a candidate. She ended up marrying him.

It’s a great story. I have no link ATM, and search came up dry but I found this story:

https://www.ted.com/talks/amy_webb_how_i_hacked_online_dating/transcript?subtitle=en

I can’t watch videos right now. It could even be the right story but I can’t verify.

I wonder if she made a version 2.0 which would periodically scrape new profiles and check whether her husband re-appears on a dating site, which could then alert her about the anomaly.

Anyway, the point in this new community is to showcase beneficial bots and demonstrate that there is a need to get people off the flawed idea that all bots are malicious. We need more advocacy for beneficial bots.

I’ve noticed this problem on infosec.pub as well. If I edit a post and submit, the form is accepted but then the edits are simply scrapped. When I re-review my msg, the edits did not stick. This is a very old Lemmy bug I think going back over a year, but it’s bizarre how it’s non-reproducable. Some instances never have this problem but sdf and infosec trigger this bug unpredictably.

0.19.3 is currently the best Lemmy version but it still has this bug (just as 0.19.5 does). A good remedy would be to install an alternative front end, like alexandrite.

A home insurance policy offers a discount to AAA members. The discount is the same amount as the cost of membership. I so rarely use a car or motorcycle that I would not benefit significantly from a roadside assistence plan. I cycle. But there are other discounts for AAA membership, like restaurant discounts. So my knee-jerk thought was: this is a no-brainer… I’m getting some benefits for free, in effect, so it just makes sense to get the membership.

Then I dug into AAA a bit more. The wiki shows beneficial and harmful things AAA has done. From the wiki, these points stand out to me:

Even though the roadside assistence is useless to me, the AAA membership comes with 2 more memberships. So I could give memberships to 2 family members and they would benefit from it. But it seems I need to drop this idea. AAA seems overall doing more harm than good.

(edit) And doesn’t it seem foolish to oppose mass transit even from the selfish car driver standpoint? If you drive a car, other cars are in your way slowing you down and also increasing your chances of simultaneously occupying the same space (crash). Surely you would benefit from others switching from car to public transport to give you more road space. It seems to me the anti mass transit move is AAA looking after it’s own interest in having more members paying dues.

I also noticed most AAA club’s websites block Tor. So the lack of privacy respect just made my decision to nix them even easier.

This is what my fetchmail log looks like today (UIDs and domains obfuscated):

fetchmail: starting fetchmail 6.4.37 daemon
fetchmail: Server certificate verification error: self-signed certificate in certificate chain
fetchmail: Missing trust anchor certificate: /C=US/O=Let's Encrypt/CN=R3
fetchmail: This could mean that the root CA's signing certificate is not in the trusted CA certificate location, or that c_rehash needs to be run on the certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manual page. See README.SSL for details.
fetchmail: OpenSSL reported: error:0A000086:SSL routines::certificate verify failed
fetchmail: server4.com: SSL connection failed.
fetchmail: socket error while fetching from [email protected]@server4.com
fetchmail: Query status=2 (SOCKET)
fetchmail: Server certificate verification error: self-signed certificate in certificate chain
fetchmail: Missing trust anchor certificate: /C=US/O=Let's Encrypt/CN=R3
fetchmail: This could mean that the root CA's signing certificate is not in the trusted CA certificate location, or that c_rehash needs to be run on the certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manual page. See README.SSL for details.
fetchmail: OpenSSL reported: error:0A000086:SSL routines::certificate verify failed
fetchmail: server3.com: SSL connection failed.
fetchmail: socket error while fetching from [email protected]@server3.com
fetchmail: Server certificate verification error: self-signed certificate in certificate chain
fetchmail: Missing trust anchor certificate: /C=US/O=Let's Encrypt/CN=R3
fetchmail: This could mean that the root CA's signing certificate is not in the trusted CA certificate location, or that c_rehash needs to be run on the certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manual page. See README.SSL for details.
fetchmail: OpenSSL reported: error:0A000086:SSL routines::certificate verify failed
fetchmail: server2.com: SSL connection failed.
fetchmail: socket error while fetching from [email protected]@server2.com
fetchmail: Query status=2 (SOCKET)
fetchmail: Server certificate verification error: self-signed certificate in certificate chain
fetchmail: Missing trust anchor certificate: /C=US/O=Let's Encrypt/CN=R3
fetchmail: This could mean that the root CA's signing certificate is not in the trusted CA certificate location, or that c_rehash needs to be run on the certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manual page. See README.SSL for details.
fetchmail: OpenSSL reported: error:0A000086:SSL routines::certificate verify failed
fetchmail: server1.com: SSL connection failed.
fetchmail: socket error while fetching from [email protected]@server1.com
fetchmail: Query status=2 (SOCKET)

In principle I should be able to report the exit node somewhere. But I don’t even know how I can determine which exit node is the culprit. Running nyx just shows some of the circuits (guard, middle, exit) but I seem to have no way of associating those circuits with fetchmail’s traffic.

Anyone know how to track which exit node is used for various sessions? I could of course pin an exit node to a domain, then I would know it, but that loses the benefit of random selection.

And if you try to visit the archive¹, that’s also fucked.

Not sure who these people are.. maybe they are actually watchdogs in opposition to open data.

¹ https://web.archive.org/web/20240925081816/https://www.opendatawatch.com/