Terence Eden’s Blog

Book Review: We Are Bellingcat - Eliot Higgins ★★★⯪☆

2024-02-22T08:44:27Z

The problem with autobiographies is that every anecdote ends with "needless to say, I had the last laugh!" This corporate-autobiography is no different - as it details the rise and impact of Bellingcat - a team of investigators and journalists.

I am in awe of Bellingcat - and have seen them give talks on a couple of occasions. This book is a thrilling account of how they perform "open source" investigations; solving crimes with freely available data. But every few pages, I got an uneasy feeling about their methods and motivations. The book is surprisingly incurious about the effectiveness, morality, and legality of what they do.

It is an excellent page-turner. From the origins in the Something Awful forums (!) to a network dedicated to unmasking the shadowy world of international espionage. It is honestly exciting - but strangely voyeuristic.

I don't know how to feel about a sentence like:

Although I spoke no Arabic and had never visited Syria, I became intimately involved in studying its war, observing civilians’ despair worsening every day via YouTube.

It felt a little "White Saviour Industrial Complex" to me. It is impossible to deny just how useful Bellingcat's techniques are, but it feels weird not centring or acknowledging what local people were doing.

I also don't know how to feel about releasing to the public before prosecutors:

For maximum impact, we had timed publication to the day before a report from the Dutch Safety Board, which had been assigned to determine the cause of the downing, although not to identify any culprits.

There are several instances where it seems that chasing headlines (and A/B testing them) was more important than getting evidence into the right hands.

I can't argue against Bellingcat being a force for good but, again, this makes me uneasy:

‘There’s a geolocation challenge for ya,’ I wrote, reposting the Münster photo to the tens of thousands of people who by that stage followed me on Twitter. Resourceful amateurs noted an advertising column in the background, and discovered ...

What's the difference between this and doxxing? Why is it OK for Bellingcat to ask people to help reveal private information about someone? Does it teach the public that this form of journalism is legitimate no matter the target?

It gets murkier:

In the case of the passenger manifest for the Moscow–London flight, we found somebody online with access to the Russian airlines’ booking-data system and paid about €200 for the file. The flight manifest added two crucial datapoints: the suspects’ purported birthdates and passport numbers.

That seems straight-up illegal to me. They bribed someone to breach the privacy of hundreds of travellers because they suspected their target was on board. Again, all for the greater good, right?

A contact at a Russian mobile operator provided us with metadata from a phone number registered under Sergeev’s cover persona, Fedotov. This showed all movements of Sergeev’s phone over the course of two years, from May 2017 to May 2019, including the date of the Skripal attack.

That's not "open source" intelligence. That's closer to industrial espionage.

I found the whole book ethically vague. Their skills are impressive. The crimes they've investigated are horrendous. It is amazing just how easy these data are to obtain. And it is incredible that a small team of loosely-affiliated investigators are able to build up such compelling evidence. But what keeps them honest? How easy would it be for them to turn their ire on someone innocent?

Qui indagatrix inquisitores?

It's a process; not a product

2024-02-18T18:15:53Z

Sometimes a client asks me a question and I'm a little stunned by their mental model of the world.

A few weeks ago, we were discussing the need for better cybersecurity in their architecture. We spoke about several aspects of security, then they asked an outstanding question.

"What should I buy to be secure?"

It took a few moments to tease out exactly what they thought they were asking. In their mental model they could just buy a box which did what they needed. Want to print from any workstation? Buy a big HP network printer. Want to get WiFi in the office? Buy a bunch of access points. Want a website? Buy a WordPress. Want security? Buy a [fill in the blank]?

Their notion is that most things are products. This is a common belief. I've had clients ask "What do I buy to make this accessible?" or "What can I buy to improve usability?"

In all these cases there are unscrupulous people who will sell you a magic cure-all - but the real answer is that these things are a process; not a product.

Yes, you can buy tools which will help improve your security / accessibility / usability etc. But unless you put processes in place to get people to use them effectively, the tools are useless.

People need to understand why something is important. They need processes which support best practices. The business needs a holistic understanding of how these processes improve the business. And that is all underpinned by tools which make it possible.

There's no magic box which can both protect you from your CEO accidentally CCing confidential data to a competitor and stop DDoS attacks. An accessibility overlay won't help you if your staff refuse to incorporate alt text into their workflow. Automated code testing can't stop you building things without testing them with users.

Security is a verb - it is a doing word.
Accessibility is a verb - it is a doing word.
Usability is a verb - it is a doing word.

Buy nouns which support your verbs.

Minority Governments and the Boundary Commission

2024-02-20T20:21:11Z

The UK is almost certain to have a General Election this year¹. The Boundary Commission for England² has reworked the existing Parliamentary constituencies to make them more fair³.

As such, constituencies are generally more equal in terms of electorate. But, of course, geography trumps geometry. So the Isle of Wight now has two constituencies of 56k and 54k, whereas the average constituency has 73k.

I wanted to know if these new boundaries meant that a political party could win the majority of votes, but still not get a majority of seats⁴. So I downloaded the data.

There are 650 seats in The UK. Obviously, if 649 of them had turnouts of 3 people - 2 voting for Party X and 1 for Party Y - and the last seat had 74k people vote for Y, then X wins with a minority of the national vote. But let's go for something more realistic.

The total electorate is 47,558,348⁵. Therefore, a party would need 23,779,175 votes to win a national majority.

If Party X won 100% of the vote in the most populous 316 constituencies, they'd have 23,844,185 votes.
If Party Y won 100% of the vote in the remaining 334 constituencies, they'd have 23,714,163 votes.

So, yes, it is technically⁶ possible for a political party to win the majority of votes but still not win the majority of seats. In fact, a party could win 24,322,616 votes (51.1%) and still be one seat short of a plurality.

But what about…?

Is this probable? No. Even in the wildest fantasies of party faithful, no one is winning 100% of the vote in any constituency. England, Scotland, Wales, and NI each have their own political parties and vastly different electorate.

But is it possible? Yes. If Party X won the 326 least-populous seats with 100% of the vote, they would have a majority in Parliament yet only have 48.6% of the popular vote.

Personally, I think Rishi will hold it in January 2025. Clinging on to power until the very last second, hoping something will happen that will change his fortune. ↩
The UK is a country of four countries. Yes, it is complicated. No, I won't explain it. ↩
Yes, I know your favourite MP has been done dirty by these changes. No, I don't think there are political shenanigans afoot targeting specific MPs. ↩
The UK's "First Past The Post" system means that the national vote share is often wildly different to the number of seats won. But I'm unaware of an election where a party won the most votes but didn't take the most seats. ↩
The Office for National Statistics says "In December 2021, there were 46,560,452 Parliamentary electoral registrations" - but let's not quibble. ↩
The best kind of possible! ↩

Drinking Champagne with the Secretary of State

2024-02-18T18:17:21Z

This is a retropost. Written contemporaneously in February 2019, but published much later.

My life is weird. Again.

Looking out over London from the top floor. The Eye is glittering and the Palace of Westminster is glowing.

Someone pours me a glass of (very expensive¹) champagne, as the Secretary of State laughs at my witty bon mot.

Is this my life now? People of distinction and influence listening to what I have to say? It isn't an oak-panelled room, with deep armchairs, where cigar-smoking men carve up the world. It's a modest and plain office where men (and women!) have gathered for a bit of mutual backslapping. But I am here. I'm in the room and being thanked.

And why not! We've all worked hard on launching NHSX and are rewarded with a little audience. The chit-chat is awkward - despite the geniality, we're all aware that the boss is here.

Naturally, I believe someone is going to tap me on the shoulder and ask me what the hell I think I'm doing in a room full of proper grown-ups. But, no, people keep asking me questions and telling me their well-practiced anecdotes.

It is simultaneously amazing and banal. I've been at this work-party several times in my career, with dozens of companies, with a parade of CEOs. This feels different. A tiny glimmer of "I've made it a difference!"

I eat my fill of crisps - I am driving later - and slip out. I want to savour the moment, but know too well the perils of outstaying my welcome. I float all the way home.

Proximity to power is a powerful glamour. I understand why some are drawn to it, and some are seemingly addicted.

But I'll be different, I'm sure, as I bask in the experience.

The fizz has come from someone's home. No taxpayers' cash was splashed on booze. ↩

ActivityPub Server in a Single PHP File

2024-02-18T11:33:01Z

Any computer program can be designed to run from a single file if you architect it wrong enough!

I wanted to create the simplest possible Fediverse server which can be used as an educational tool to show how ActivityPub / Mastodon works.

The design goals were:

Upload a single PHP file to the server.
No databases or separate config files.
Single Actor (i.e. not multi-user).
Allow the Actor to be followed.
Post plain-text messages to followers.
Be roughly standards compliant.

And those goals have all been met! Check it out on GitLab. I warn you though, it is the nadir of bad coding. There are no tests, bugger-all security, scalability isn't considered, and it is a mess. But it works.

You can follow the test user @example@example.viii.fi

Architecture

Firstly, I've slightly cheated on my "single file" stipulation. There's an .htaccess file which turns example.com/whatever into example.com/index.php?path=whatever

The index.php file then takes that path and does stuff. It also contains all the configuration variables which is very bad practice.

Rather than using a database, it saves files to disk.

Again, this is not suitable for any real world use. This is an educational tool to help explain the basics of posting messages to the Fediverse. It requires absolutely no dependencies. You do not need to spin up a dockerised hypervisor to manage your node bundles and re-compile everything to WASM. Just FTP the file up to prod and you're done.

Walkthrough

This is a quick ramble through the code. It is reasonably well documented, I hope.

Preamble

This is where you set up your account's name and bio. You also need to provide a public/private keypair. The posting page is protected with a password that also needs to be set here.

    //  Set up the Actor's information
    $username = rawurlencode("example");    //  Encoded as it is often used as part of a URl
    $realName = "E. Xample. Jr.";
    $summary  = "Some text about the user.";
    $server   = $_SERVER["SERVER_NAME"];    //  Domain name this is hosted on

    //  Generate locally or from https://cryptotools.net/rsagen
    //  Newlines must be replaced with "\n"
    $key_private = "-----BEGIN RSA PRIVATE KEY-----\n...\n-----END RSA PRIVATE KEY-----";
    $key_public  = "-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----";

    //  Password for sending messages
    $password = "P4ssW0rd";

Logging

ActivityPub is a "chatty" protocol. This takes all the requests your server receives and saves them in /logs/ as a datestamped text file.

    // Get all headers and requests sent to this server
    $headers     = print_r( getallheaders(), true );
    $postData    = print_r( $_POST,    true );
    $getData     = print_r( $_GET,     true );
    $filesData   = print_r( $_FILES,   true );
    $body        = json_decode( file_get_contents( "php://input" ), true );
    $bodyData    = print_r( $body,    true );
    $requestData = print_r( $_REQUEST, true );
    $serverData  = print_r( $_SERVER,  true );

    //  Get the type of request - used in the log filename
    if ( isset( $body["type"] ) ) {
        $type = " " . $body["type"];
    } else {
        $type = "";
    }

    //  Create a timestamp in ISO 8601 format for the filename
    $timestamp = date( "c" );
    //  Filename for the log
    $filename  = "{$timestamp}{$type}.txt";

    //  Save headers and request data to the timestamped file in the logs directory
    if( ! is_dir( "logs" ) ) { mkdir( "logs"); }

    file_put_contents( "logs/{$filename}", 
        "Headers:     \n$headers    \n\n" .
        "Body Data:   \n$bodyData   \n\n" .
        "POST Data:   \n$postData   \n\n" .
        "GET Data:    \n$getData    \n\n" .
        "Files Data:  \n$filesData  \n\n" .
        "Request Data:\n$requestData\n\n" .
        "Server Data: \n$serverData \n\n"
    );

Routing

The .htaccess changes /whatever to /?path=whatever
This runs the function of the path requested.

    !empty( $_GET["path"] )  ? $path = $_GET["path"] : die();
    switch ($path) {
        case ".well-known/webfinger":
            webfinger();
        case rawurldecode( $username ):
            username();
        case "following":
            following();
        case "followers":
            followers();
        case "inbox":
            inbox();
        case "write":
            write();
        case "send":
            send();
        default:
            die();
    }

WebFinger

The WebFinger Protocol is used to identify accounts.
It is requested with example.com/.well-known/webfinger?resource=acct:username@example.com
This server only has one user, so it ignores the query string and always returns the same details.

    function webfinger() {
        global $username, $server;

        $webfinger = array(
            "subject" => "acct:{$username}@{$server}",
              "links" => array(
                array(
                     "rel" => "self",
                    "type" => "application/activity+json",
                    "href" => "https://{$server}/{$username}"
                )
            )
        );
        header( "Content-Type: application/json" );
        echo json_encode( $webfinger );
        die();
    }

Username

Requesting example.com/username returns a JSON document with the user's information.

    function username() {
        global $username, $realName, $summary, $server, $key_public;

        $user = array(
            "@context" => [
                "https://www.w3.org/ns/activitystreams",
                "https://w3id.org/security/v1"
            ],
                                   "id" => "https://{$server}/{$username}",
                                 "type" => "Person",
                            "following" => "https://{$server}/following",
                            "followers" => "https://{$server}/followers",
                                "inbox" => "https://{$server}/inbox",
                    "preferredUsername" =>  rawurldecode($username),
                                 "name" => "{$realName}",
                              "summary" => "{$summary}",
                                  "url" => "https://{$server}",
            "manuallyApprovesFollowers" =>  true,
                         "discoverable" =>  true,
                            "published" => "2024-02-12T11:51:00Z",
            "icon" => [
                     "type" => "Image",
                "mediaType" => "image/png",
                      "url" => "https://{$server}/icon.png"
            ],
            "publicKey" => [
                "id"           => "https://{$server}/{$username}#main-key",
                "owner"        => "https://{$server}/{$username}",
                "publicKeyPem" => $key_public
            ]
        );
        header( "Content-Type: application/activity+json" );
        echo json_encode( $user );
        die();
    }

Following & Followers

These JSON documents show how many users are following / followers-of this account.
The information here is self-attested. So you can lie and use any number you want.

function following() {
        global $server;

        $following = array(
              "@context" => "https://www.w3.org/ns/activitystreams",
                    "id" => "https://{$server}/following",
                  "type" => "Collection",
            "totalItems" => 0,
                 "items" => []
        );
        header( "Content-Type: application/activity+json" );
        echo json_encode( $following );
        die();
    }
    function followers() {
        global $server;
        $followers = array(
              "@context" => "https://www.w3.org/ns/activitystreams",
                    "id" => "https://{$server}/followers",
                  "type" => "Collection",
            "totalItems" => 0,
                 "items" => []
        );
        header( "Content-Type: application/activity+json" );
        echo json_encode( $followers );
        die();
    }

Inbox

The /inbox is the main server. It receives all requests. This server only responds to "Follow" requests.
A remote server sends a follow request which is a JSON file saying who they are.
This code does not cryptographically validate the headers of the received message.
The name of the remote user's server is saved to a file so that future messages can be delivered to it.
An accept request is cryptographically signed and POST'd back to the remote server.

    function inbox() {
        global $body, $server, $username, $key_private;

        //  Get the message and type
        $inbox_message = $body;
        $inbox_type = $inbox_message["type"];

        //  This inbox only responds to follow requests
        if ( "Follow" != $inbox_type ) { die(); }

        //  Get the parameters
        $inbox_id    = $inbox_message["id"];
        $inbox_actor = $inbox_message["actor"];
        $inbox_host  = parse_url( $inbox_actor, PHP_URL_HOST );

        //  Does this account have any followers?
        if( file_exists( "followers.json" ) ) {
            $followers_file = file_get_contents( "followers.json" );
            $followers_json = json_decode( $followers_file, true );
        } else {
            $followers_json = array();
        }

        //  Add user to list. Don't care about duplicate users, server is what's important
        $followers_json[$inbox_host]["users"][] = $inbox_actor;

        //  Save the new followers file
        file_put_contents( "followers.json", print_r( json_encode( $followers_json ), true ) );

        //  Response Message ID
        //  This isn't used for anything important so could just be a random number
        $guid = uuid();

        //  Create the Accept message
        $message = [
            "@context" => "https://www.w3.org/ns/activitystreams",
            "id"       => "https://{$server}/{$guid}",
            "type"     => "Accept",
            "actor"    => "https://{$server}/{$username}",
            "object"   => [
                "@context" => "https://www.w3.org/ns/activitystreams",
                "id"       =>  $inbox_id,
                "type"     =>  $inbox_type,
                "actor"    =>  $inbox_actor,
                "object"   => "https://{$server}/{$username}",
            ]
        ];

        //  The Accept is sent to the server of the user who requested the follow
        //  TODO: The path doesn't *always* end with/inbox
        $host = $inbox_host;
        $path = parse_url( $inbox_actor, PHP_URL_PATH ) . "/inbox";

        //  Get the signed headers
        $headers = generate_signed_headers( $message, $host, $path );

        //  Specify the URL of the remote server's inbox
        //  TODO: The path doesn't *always* end with /inbox
        $remoteServerUrl = $inbox_actor . "/inbox";

        //  POST the message and header to the requester's inbox
        $ch = curl_init( $remoteServerUrl );
        curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
        curl_setopt( $ch, CURLOPT_CUSTOMREQUEST, "POST" );
        curl_setopt( $ch, CURLOPT_POSTFIELDS,     json_encode($message) );
        curl_setopt( $ch, CURLOPT_HTTPHEADER,     $headers );
        $response = curl_exec( $ch );

        //  Check for errors
        if( curl_errno( $ch ) ) {
            file_put_contents( "error.txt",  curl_error( $ch ) );
        }
        curl_close($ch);
        die();
    }

UUID

Every message sent should have a unique ID.
This can be anything you like. Some servers use a random number.
I prefer a date-sortable string.

    function uuid() {
        return sprintf( "%08x-%04x-%04x-%04x-%012x",
            time(),
            mt_rand(0, 0xffff),
            mt_rand(0, 0xffff),
            mt_rand(0, 0x3fff) | 0x8000,
            mt_rand(0, 0xffffffffffff)
        );
    }

Signing Headers

Every message that your server sends needs to be cryptographically signed with your Private Key.
This is a complicated process. Please read "How to make friends and verify requests" for more information.

    function generate_signed_headers( $message, $host, $path ) {
        global $server, $username, $key_private;

        //  Encode the message to JSON
        $message_json = json_encode( $message );

        //  Location of the Public Key
        $keyId = "https://{$server}/{$username}#main-key";

        //  Generate signing variables
        $hash   = hash( "sha256", $message_json, true );
        $digest = base64_encode( $hash );
        $date   = date( "D, d M Y H:i:s \G\M\T" );

        //  Get the Private Key
        $signer = openssl_get_privatekey( $key_private );

        //  Sign the path, host, date, and digest
        $stringToSign = "(request-target): post $path\nhost: $host\ndate: $date\ndigest: SHA-256=$digest";

        //  The signing function returns the variable $signature
        //  https://www.php.net/manual/en/function.openssl-sign.php
        openssl_sign(
            $stringToSign, 
            $signature, 
            $signer, 
            OPENSSL_ALGO_SHA256
        );
        //  Encode the signature
        $signature_b64 = base64_encode( $signature );

        //  Full signature header
        $signature_header = 'keyId="' . $keyId . '",algorithm="rsa-sha256",headers="(request-target) host date digest",signature="' . $signature_b64 . '"';

        //  Header for POST reply
        $headers = array(
                    "Host: {$host}",
                    "Date: {$date}",
                  "Digest: SHA-256={$digest}",
               "Signature: {$signature_header}",
            "Content-Type: application/activity+json",
                  "Accept: application/activity+json",
        );

        return $headers;
    }

User Interface for Writing

This creates a basic HTML form. Type in your message and your password. It then POSTs the data to the /send endpoint.

    function write() {
        //  Display an HTML form for the user to enter a message.
echo <<< HTML


    
        
        Send Message
        
    
    
        
            Your message:

            

            Password

            

             
        
    

HTML;
        die();
    }

Send Endpoint

This takes the submitted message and checks the password is correct.
It reads the followers.json file and sends the message to every server that is following this account.

    function send() {
        global $password, $server, $username, $key_private;

        //  Does the posted password match the stored password?
        if( $password != $_POST["password"] ) { die(); }

        //  Get the posted content
        $content = $_POST["content"];

        //  Current time - ISO8601
        $timestamp = date( "c" );

        //  Outgoing Message ID
        $guid = uuid();

        //  Construct the Note
        //  contentMap is used to prevent unnecessary "translate this post" pop ups
        // hardcoded to English
        $note = [
            "@context"     => array(
                "https://www.w3.org/ns/activitystreams"
            ),
            "id"           => "https://{$server}/posts/{$guid}.json",
            "type"         => "Note",
            "published"    => $timestamp,
            "attributedTo" => "https://{$server}/{$username}",
            "content"      => $content,
            "contentMap"   => ["en" => $content],
            "to"           => ["https://www.w3.org/ns/activitystreams#Public"]
        ];

        //  Construct the Message
        $message = [
            "@context" => "https://www.w3.org/ns/activitystreams",
            "id"       => "https://{$server}/posts/{$guid}.json",
            "type"     => "Create",
            "actor"    => "https://{$server}/{$username}",
            "to"       => [
                "https://www.w3.org/ns/activitystreams#Public"
            ],
            "cc"       => [
                "https://{$server}/followers"
            ],
            "object"   => $note
        ];

        //  Create the context for the permalink
        $note = [ "@context" => "https://www.w3.org/ns/activitystreams", ...$note ];

        //  Save the permalink
        $note_json = json_encode( $note );
        //  Check for posts/ directory and create it
        if( ! is_dir( "posts" ) ) { mkdir( "posts"); }
        file_put_contents( "posts/{$guid}.json", print_r( $note_json, true ) );

        //  Read existing users and get their hosts
        $followers_file = file_get_contents( "followers.json" );
        $followers_json = json_decode( $followers_file, true );     
        $hosts = array_keys( $followers_json );

        //  Prepare to use the multiple cURL handle
        $mh = curl_multi_init();

        //  Loop through all the severs of the followers
        //  Each server needs its own cURL handle
        //  Each POST to an inbox needs to be signed separately
        foreach ( $hosts as $host ) {
            $path = "/inbox";

            //  Get the signed headers
            $headers = generate_signed_headers( $message, $host, $path );

            // Specify the URL of the remote server
            $remoteServerUrl = "https://{$host}{$path}";

            //  POST the message and header to the requester's inbox
            $ch = curl_init( $remoteServerUrl );

            curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
            curl_setopt( $ch, CURLOPT_CUSTOMREQUEST, "POST" );
            curl_setopt( $ch, CURLOPT_POSTFIELDS,     json_encode($message) );
            curl_setopt( $ch, CURLOPT_HTTPHEADER,     $headers );

            //  Add the handle to the multi-handle
            curl_multi_add_handle( $mh, $ch );
        }

        //  Execute the multi-handle
        do {
            $status = curl_multi_exec( $mh, $active );
            if ( $active ) {
                curl_multi_select( $mh );
            }
        } while ( $active && $status == CURLM_OK );

        //  Close the multi-handle
        curl_multi_close( $mh );

        //  Render the JSON so the user can see the POST has worked
        header( "Location: https://{$server}/posts/{$guid}.json" );
        die();
    }

Next Steps

This is not intended to be used in production. Ever. But if you would like to contribute more simple examples of how the protocol works, please come and play on GitLab.

You can follow the test user @example@example.viii.fi

Internationalise The Fediverse

2024-02-16T11:48:17Z

We live in the future now. It is OK to use Unicode everywhere.

It seems bizarre to me that modern Internet services sometimes "forget" that there's a world outside the Anglosphere. Some people have the temerity to speak foreign languages! And some of those languages have accents on their letters!! Even worse, some don't use English letters at all!!!

A decade ago, I was miffed that GitHub only supported some ASCII characters in its project names. There's no technical reason why your repo can't be called "ഹലോ വേൾഡ്".

Similarly, I'm frustrated that Mastodon (the largest ActivityPub service) doesn't allow Unicode usernames and has resisted efforts to change.

So I built a small ActivityPub server which publishes content from an Actor called @你好@i18n.viii.fi - it is only a demo account, but it works!

Some ActivityPub clients report that they are able to follow it and receive messages from it. Others - like Mastodon - simply can't see anything from it. Take a look at the replies on Mastodon to see which services work. You can also see some of its posts on the Fediverse.

What Does The Fox Spec Say?

The ActivityPub specification says:

Building an international base of users is important in a federated network.
Internationalization

I can't find anything in the specifications which limits what languages a username can be written in. But there are a few clues scattered about.

The user's @ name is defined by preferredUsername which is:

A short username which may be used to refer to the actor, with no uniqueness guarantees.
4.1 Actor objects

There's nothing in there about what scripts it can contain. However, later on, the spec says:

Properties containing natural language values, such as name, preferredUsername, or summary, make use of natural language support defined in ActivityStreams.
4. Actors

So it is expected that a preferred username could be written in multiple scripts. Which implies that the default need not be limited to A-Z0-9.

The ActivityStreams specification talks about language mapping.

Finally, the ActivityPub specification has some examples on non-Latin text in names.

So, I think that it is acceptable for usernames to be written in a variety of non-Latin scripts.

But What About...?

There are usually a few objections to "Unicode Everywhere" zealots like me. I'd like to forestall any arguments.

What about homograph attacks?

Well, what about them? ASCII has plenty of similar looking characters. I doubt most people would notice when a capital i is replaced by a lower L - and vice-versa. Similarly the kerning issue of an r and n looking like an m is well known. Are mixed language homographs more dangerous? I don't think so.

What if people make names that can't be typed?

Well, what if they do? Maybe not being found by people who can't type your language is a feature, not a bug. But, anyway, clients can let users search for other people, or copy and paste their names.

What about weird "Zalgo" text?

It is up to a client to decide how they want to render text input. The "problems" of strange Unicode combinations are well known. This is not a hard computer-science problem.

What about bi-directional text?

The spec makes clear this is allowed.

Do people even want a username in their own script?

I have no evidence for this. But I bet you'd get pretty frustrated if you had to switch keyboard just to type your own name, wouldn't you? In any case, why can't I have a username of @😉

What's Next?

If you build ActivityPub software, give some thought to the billions of people who don't have names which easily fit into ASCII.

If your software can see @你好@i18n.viii.fi and its posts, please let me know.

Are we 'appy about change?

2024-02-14T20:38:50Z

Shortly before I left the Civil Service in 2023, I made a complete fool of myself. Someone on Slack was discussing their department's app and I (rather snidely) asked why it was an app rather than a website. After all, one of the seminal blog posts of GDS was about not building apps.

In response, I was given an eye-roll and told "because that's how most people get their information, grandpa!"¹

Last week, I saw this job advert and I got an involuntary shudder.

But I am wrong. Time moves on. Some of us find that difficult to cope with. The world is different and that difference is to be embraced.

Let's take a look at what people were saying about mobile apps in government a decade ago:

government’s position is that native and hybrid apps are rarely justified - make sure your service meets the Digital by Default Service Standard and it will work well on mobile devices (responsive HTML5)
"We're not ‘appy. Not ‘appy at all." (2013)

It wasn't a ban on apps, it was merely saying "if you can't build a decent website, then you're probably not competent enough to build a decent app."²

I came to GDS directly from a decade working in the mobile industry. I'd gone from dumbphones, to BlackBerrys, to the explosion of smartphones. Back in 2013, it wasn't immediately obvious who would win the smartphone wars³. The iPhone app store was only 5 years old. Windows Phone 7 was being heavily pushed by Microsoft. BlackBerry 10 was launching to great fanfare. Symbian was probably dead, but LiMo and Maemo might have had a comeback. Android was a huge fragmented mess. HP was determined to relaunch its fortunes with WebOS while Mozilla were going after the lower-end handsets with Firefox OS.

Government services have to be accessible to everyone. Would departments really have produced apps for half-a-dozen different operating systems? Would they have had the skill and budget to keep them all updated?

Government services shouldn't disturb the market. If the UK had said "Right! You can only submit a tax return using a BlackBerry!" would that have unfairly caused a spike in their market share?

Even still, smartphone penetration was only at about 60% in the UK. Did it make sense to spend huge amounts of money for something which wasn't universally accessible?

Back then, a de-facto ban on apps was a sensible precaution.

But today?

I was involved in the UK's COVID-19 App. By that time, there were really only two smartphone OSes in the game; Android and iOS⁴. The APIs had stabilised such that developing a single app per platform was feasible⁵.

There are also things which the Web just can't do. Apps are needed to read the NFC chips in passports, to use BLE for contact tracing, and to enforce biometric security on accounts.

That contact tracing app, for better or worse, helped show that it was possible for Government to develop national-level apps and that people would install and use them.

Does the world need a "GOV.UK App"? I don't think so. But I'm old and wrong⁶. Research shows that people trust apps more than the web. Lower-income households are more likely to have a shared smartphone than a PC - and an app with multiple accounts is more secure. The web still isn't great at caching data for offline use - so being able to look stuff up when you're out of signal is a must. Apps usually use less data than websites - which is great for people with limited data allowances, or on slow speeds.

Some techies think that we are Keepers of The Sacred Flame. If we rant hard enough, progress will stop and we'll be comfortable that our knowledge isn't obsolete. I think I'm rather happy to be freed of that notion.

Tempus fugit, tu senex fossilium. Esne laetus?

They didn't actually eye-roll and "grandpa" me, of course. They were perfectly polite. But I sure felt that subtext! ↩
Again, implied in subtext. ↩
I'm sure you found it obvious. But most people were sensible and hedged their bets. ↩
Yes, I know you run some weird custom Linux on your phone and are happy recompiling every time there's an update. But you aren't even a statistical blip. ↩
Of course, testing on dozens of different phones with varying ROMs is still expensive and time-consuming. ↩
It is rather liberating knowing that many of the truths we cling to depend greatly on our own point of view. ↩

"I'm sorry, Dave. I'm afraid that computation is too carbon intensive."

2024-02-14T16:59:21Z

An interesting snippet about the future of computation:

Starting with this build, we are introducing the Power Grid Forecast API. This API empowers app developers to optimize app behavior, minimizing environmental impact by shifting background tasks to times when more renewable energy is available in the local electrical grid.
Announcing Windows 11 Insider Preview Build 26052

Some computational processes take a lot of electricity. Back in the old days, batch computing meant that programmers could use "spare" CPU cycles at night. Their code ran when no-one else was using the machine. These days, it is common for computational tasks to be outsourced to where-ever electricity is least polluting. For example, shifting overnight processing to countries on the other side of the planet with excess solar power. With Windows' new APIs, they can wait until electricity is too cheap to meter before doing something computationally expensive.

Computing budgets are usually set in terms of FLOPS, Watts, or seconds. I think it is fascinating that we might soon routinely add CO₂ to that equation.

I've written before about domestic appliances being smart about their electricity use. It would be brilliant if your freezer knew to wait 10 minutes for less-polluting power before running its compressor. Similarly, you could tell a clothes dryer to be finished by the time you get home - but let it decide when to actually run.

I also wonder if a games console could drop its FPS, or outsource some of its processing to the cloud, when domestic electricity becomes too expensive.

Of course, the downside is obvious. Can your code refuse to run if it thinks it will cause harm? Is there an interpretation of the laws of robotics which prevents a machine from polluting?

I don't really think that domestic devices will refuse our requests in the near future. But I am curious what incentives - financial or otherwise - there might be to encourage more efficient resource use.

HOWTO: Sort BitWarden Passwords by Date

2024-02-10T15:47:11Z

I highly recommend BitWarden as a password manager. It is free, open source, and has a great range of apps and APIs.

The one thing it doesn't have is a way to sort your accounts by creation date. I now have over a thousand accounts that I've added - so I wanted to prune away some of the older ones.

So, here's how to do it.

Export your vault

In the desktop version of BitWarden, go to File → Export Vault. Choose the JSON format (this doesn't work for CSV) and follow the on-screen instructions.

NOTE! This will save all of your passwords to disk. Do not do this on a shared machine. Delete the file as soon as you are done with it.

Sort with JQ

Using the jq utility it is possible to search and sort the exported JSON.

This command pipes your export to JQ. It selects all the items, then it sorts by when the item was last edited. It then displays the name of the account and the date, followed by a newline.

cat bitwarden.json | jq -r '.items | sort_by(.revisionDate) | .[] | .name, .revisionDate, " " '

Purge!

You could use the API to delete items based on their ID. Personally, I'd rather go through manually.

What's next?

It would be great if BitWarden allowed sorting by date in their UI. Even better if they could sort by usage. Until then, I'll spend every Valentine's Day manually deleting old and unloved accounts.

VR Game Review: Moss ★★★★☆

2024-02-14T07:20:24Z

It is impossible to describe just how cute this game is. Most VR games take place at "human scale" - you play as a human inside a building, or other human-sized space. But Moss lets you play as a mouse named Quill with you (the player) towering over her. You are a human literally peering down into a mouse-sized kingdom. It is one of the most stunning uses of VR in a game that I've seen.

https://shkspr.mobi/blog/wp-content/uploads/2024/02/mossout.mp4

It is like playing with a dolls house. And yet, the scale of it is epic.

Vast castles, haunted forests, arid deserts - it is a wonderland for a platformer/puzzler.

The puzzles are mostly very good. Move the thing, jump on the whatsit, move another thing, back to the start etc. Most of them take advantage of the 3D environment which leads to some lovely designs. And, if you get stuck, the little mouse will mime a clue to you. Get it right, and she'll demand a high-five. It is lovely.

Except for the combat.

Bugs come out to fight you. You hit them with your sword. Repeat. When the enemy can be manipulated to be part of the puzzle, they become interesting. Otherwise, it is just a slog. A couple of the bosses kept me in a death-loop until I'd hit them enough. It wasn't even an interesting "wait until they rear then hit the underbelly" fight. Just button mashing.

I fully agree with Jennifer Hepler and Dara Ó Briain that games need a "Skip Combat" button. I'm here for the story, the puzzles, and the graphics. Hitting monsters is boring.

The story is fun - and set up nicely for a sequel. There's a bit of replayability with a couple of collectables you can find.

Like all VR games, it is expensive for the length of gameplay. £15 for a few hours. You can get 25% off using my referral link

Book Review: Julia - Sandra Newman ★★★★★

2024-02-08T10:11:21Z

The central schtick of this book is a cliché brilliantly delivered. Take a side-character from a beloved book and retell the story through their eyes.

I only have hazy memories of reading 1984 - where Julia is little more than a femme fatale. This book is an explicit and visceral journey through Julia's life in Airstrip One. We see how, from her point of view, Winston Smith is little more than a pathetic dreamer. His childish fantasies of toppling Big Bother are the last gasp of a snivelling coward. His love nothing but selfishness.

It isn't a radical reworking of 1984 - the themes about totalitarianism are mostly the same - but it is a brilliantly fresh perspective. Feminism wasn't even a subtext in the original whereas this brings it right to the surface. The impact of IngSoc on the psychosexual wellbeing of its subjects is laid bare.

I think it can be enjoyed without having previously read 1984. The original is so influential that you're likely to have absorbed most of it through cultural osmosis. It is a disturbing book - full of violence and pain - but I devoured it eagerly. The ending is far superior to the original.

There should only ever be one way to express yourself

2024-02-05T20:55:28Z

I've been thinking about programming languages and their design.

In her book about the divergence of the English and American languages, Lynne Murphy asks this question:

wouldn’t it be great if language were logical and maximally efficient? If sentences had only as many syllables as strictly needed? If each word had a single, unique meaning? If there were no homophones, so we’d not be able to mix up dear and deer or two and too?

That got me thinking about the creativity which can be expressed in code - and whether its a good thing.

Let's take an incredibly simple and common operation - incrementing an integer variable by one. How would you do that? You've probably see these variations:

$i = $i + 1;

$i = $i++;

$i = 1 + $i;

$i = int( float_adder( float($i), 1.00 ) );

i1, i2 = i1^i2, (i1&i2) << 1

I'm sure you can come up with a few more esoteric methods.

The Python programming language has a list of aphorisms for good programming practice. One of which is:

There should be one-- and preferably only one --obvious way to do it.

Is that right? As described in What is Pythonic?, the Python language itself has multiple ways to accomplish one thing.

But, is it a good idea?

Back to Lynne Murphy again:

No, absolutely not. No way. Quit even thinking that. What are you, some kind of philistine? If Shakespeare hadn’t played with the number of syllables in his sentences, he would not have been able to communicate in iambic pentameter.

Shakespeare wasn't writing Python though, was he?

Forget Technocrats - Let's Get Some Realitycrats

2024-02-10T12:03:28Z

I don't really care about ideology and doctrine any more. I just care about what works.

I'm going to take a few (somewhat controversial) subjects and explain what I mean.

Fundamentally, I believe that all energy companies should be nationalised and there should be a single energy supplier. I don't want to pay a dozen CEOs, a dozen finance teams, and for a dozen advertising campaigns. Privatisation has been a complete waste.

And yet...

When my previous energy company was being shit, I fired them. I moved to a competitor who had a UK-based call centre and would actually reply to emails. Later, I moved to an energy supplier who gave me API access to my account. I genuinely do not believe that British Gas would have introduced anything so innovative if left without competition.

I am fundamentally against privatisation on an ideological level. But I can't ignore that it is useful to be able move to a provider which better fits my needs. I like that I can choose to pay more for something which matters to me. And the same is true of broadband, parcel delivery, supermarkets, travel agents and lots of other services.

This isn't universal. Water privatisation hasn't worked. Trains aren't well suited to competitive pressures. I don't think the NHS should be further privatised. But, in some cases, privatisation has worked and I would be a fool not to adjust my political biases to take account of reality.

Let's take another example. Pretend, just for a moment, that you are anti-abortion. You believe that the ideal number of abortions in a country should be zero. Forget your ideological reasons - which countries have the lowest abortion rates? Well, it turns out to be the ones with high levels of sex education, easy access to contraceptives, excellent pre-natal care, and strong parental leave policies. And they all have legal access to abortion services.

If you truly want to reduce the number of abortions, there are a wide range of policies which actually work and don't involve demonising women and doctors.

On another topic. I fervently believe in the Year Of The Linux Desktop and I know in my heart-of-hearts that the UK Government and NHS would save billions if only they switched away from Google/Microsoft/Apple and embraced LibreOffice! But, realistically, the cost of retraining staff far exceeds any savings on licencing. I look at other governments which have attempted a wholesale switch to a new technology and I can't really see any long-term benefits.

You think that benefits scroungers should be pursued relentlessly because they're draining the budget and causing a moral hazard. But, realistically, far more is lost to corporate tax fraud - every pound invested in tax investigations yields incredible returns. We can probably both agree that the ideal number of fraudulent benefits cases is zero - but the evidence shows we'd lose less if we tackle bigger issues.

I'm all for Constitutional Reform. A written constitution would be much better than the ramshackle collection of "traditions" which make up the UK's elusive operating manual. Although I can't help noticing that the US constitution didn't do anything to prevent Trump's excesses, nor did it oust him, nor is it preventing him from his on-going coup. Whereas the UK dumped two failing and dangerous Prime Minsters without much fuss.

You staunchly argue against the introduction of a minimum wage. You think it will depress the labour market, reduce salaries, and destroy collective bargaining. But you are wrong. We can have a spirited discussion about whether the rate should increase, or whether it should be the same for younger workers, but the evidence shows the introduction of the minimum wage hasn't led to disaster.

Imagine that you fervently believe that the UK should "stop the boats". Have any of the current government policies worked to reduce those numbers? Is there any evidence that countries with "off-shore processing" receive fewer undesirables? Not that I've seen. It looks like faster and fairer processing is both cheaper to the public purse and achieves policy goals better.

And so it goes.

I'm sure you can come up with a hundred more examples at various political extremities. Some things work and some things don't. Getting bogged down in dogma doesn't help anyone. Yes, I know that the founding document of your political philosophy says X - but at some point we have to put theory away and go with something practical.

This isn't me going all "Centrist Dad". I'm not even sure I'd describe myself as a technocrat.

I just want evidence-based policy.

Actually, I do want IoT kitchen gadgets

2024-02-04T12:11:20Z

There's a popular meme that Internet connected domestic appliances are a useless fad that no-one wants. I disagree.

Obviously, a crappy oven with an app that upsells you cleaning products is a bit shit. As is a dishwasher that borks on firmware update and lets itself be hacked by the Eurasians. But those are just a symptom of profit-led development rather than placing a priority on user-needs.

Several years ago, I built an Internet Connected Fridge. This didn't have a touchscreen with a broken calendar integration, and it didn't use AI to scan my yoghurt for expiry dates. All it did was send me an email when I'd left the door open too long.

You see I am old and forgetful. I can't always hear the machine's plaintive beep. My fridge doesn't let me adjust its tip, and I couldn't find a spring-mount which would fit. A simple push-notification is exactly the solution I wanted.

Similarly, my air-fryer, washing machine, dishwasher, bread-maker, and microwave are quiet. I know I could start a timer on my phone every time I use them, but that's a bit of a faff. And doesn't work for non-timer devices like the rice-cooker and tumble-dryer.

IoT notifications are useful to me.

What about control? That's a slightly more difficult subject. Most of my gadgets already have a timer delay built in. That allows me to set them to run when I know electricity is going to be cheaper. So I could set the air-fryer to have dinner ready for me at a specific time. But if my journey home is delayed, I have no way to stop it.

To be honest, it is rare that I want to control something while I'm away from home. I like that I can crank up my heating while on the bus home, that's as far as it goes.

So I can see the utility for some people, but it isn't especially relevant to my needs.

Your arguments are irrelevant

Whenever I talk about stuff like this, some weapons-grade bore feels compelled to pipe up and say "No! IoT is rubbish! The S stands for Security!! How did people cope before this??? Why not get off your arse and check manually???? ENSHITTIFICATION!!!!!!"

Let me be clear - I don't give a fuck about your opinion, random Internet man. You don't get to police what desires people have. I am competent enough to set up my network securely. I am willing to spend a few hours fiddling with HomeAssistant to save me 3 minutes at a later date. Your opinion is unwanted and unnecessary.

I like technology. I enjoy playing and exploring. I want things to be slightly more convenient.

So, I've just bought some Matter smart plugs and am going to retrofit alerting to some of my legacy appliances. Fun times ahead!

The Seven Levels of Open Source

2024-02-07T19:23:24Z

This isn't an original idea, but I needed to get it out of my brain.

There are many different definitions of what "Open Source". We can have a lovely argument over a pint as to whether GPLv3 is too open or if a licence which hasn't been validated by the OSI counts. But, more fundamentally, I think Open Source roughly falls into seven levels.

These aren't in any particular order of importance. And feel free to argue in the comments if you think I've radically misunderstood something.

1. Look but don't touch

This is the bare minimum. The source is "open" in that you can look at it, examine it, and possibly even learn from it. But that' is it.

You can't redistribute it. You can't edit it. You can't build on it. But you can see it.

2. Do What Thou Wilt

The source is yours to do with as you please. You can distribute it, build on it, print it out, eat it, use it in a weapons system. There are no restriction.

Have fun!

3. Do As You Would Be Done By

There is ponderous legal language, but it all adds up to one thing - you have to comply with our requirements.

Perhaps they say "only redistribute with this licence" or maybe "you must make everything this touches open". Either way, you aren't quite as free to do what you want.

Have fun - but don't piss off anyone.

4. I'd rather you didn't

These are less often seen, but becoming more common. You are free to do anything you want with this code... unless you're someone we don't like.

Some code says you can't use it for military purposes, others restrict its usage if you're going to be racist with it, and some say it can only be used by a particular class of people.

These licences are controversial. Openness means this is for everybody. Sure, no one likes the thought of their code being in a bomb. But your agents of imperial oppression are my freedom fighters.

5. Contributors Welcome

We're on GitHub! We actively want you to participate! Not only is the code open - but so is the community! Anyone with an IDE and an idea is welcome to pitch in!

Come play!

6. Blessed Contributors

We're open! But only certain people are allowed to contribute. All others will be shunned.

This is the model Google takes with Android - fully open, but good luck getting even a comma changed. There's also a popular open source project which requires its contributors to be religious!

This is open; but only for the chosen few.

7. The Future

There is something coming that you and I cannot understand. Deep in the darkest trenches of the Internet comes a new breed of hacker. Their social norms diverge from ours. They aren't beholden to the old ways and care not for our pettifogging traditions.

The are building a new form of Open Source. Something that reflects the needs and concerns of their generation, rather than the tired problems of ours. Old farts will harrumph and grumble about how it isn't proper Open Source - and moan that the youngling don't fear their elders any more.

But, make no mistake, the future is coming and it doesn't need your old-fashioned opinions.

VR Game Review: Labyrinth deLux – A Crusoe Quest

2024-02-04T16:35:39Z

I love single player VR puzzle games. Especially ones with no timers, baddies, or jump-scares. I just want to play against myself.

Labyrinth deLux is brilliant. The puzzle is simple enough - point lasers at mirrors, then align mirrors until they point at the target. You've almost certainly played a 2D version of this.

But it has a mind-bending 3D layout which requires you to continually walk on the ceiling to adjust your perspective. The UI is, thankfully, not chunder-inducing. You point and click at a surface and then smoothly float and reorient to it.

The plot is a bit silly - your spaceship crashes and you have a mysterious destiny or some nonsense. But the voice acting is good and you can ignore the story without consequence.

Graphics are lo-fi charming, which helps prevent the usual VR weirdness. Excessive graphics quality just shines a light on how bad the Meta Quest 2 is. But the Minecraft style helps keep the FPS up.

There are 16 levels of increasing difficulty - which took me about 3½ hours to complete:

At £6, it's probably one of the cheapest games on Oculus - and excellent value for money.

Movie Review: Oppenheimer ★★⯪☆☆

2024-02-02T09:56:12Z

Oppenheimer is... fine? I guess? For ever gorgeously composed shot, there's a minute of plodding exposition. For every heart-breaking moment of self-doubt, there's a minute of plodding exposition. For every celebrity cameo, there's a minute of plodding exposition.

That's why this is a decidedly average film. Every single actor is incredible - stuffed as it is with Oscar^©®™ winners and nominees. But some of the dialogue is just risible - for example, the revelation that JFK had a bit-part in the proceedings goes like this:

Aide: A young guy trying to make a name for himself, didn't like what you did to Oppenheimer.
Strauss: What's his name?
Aide: Kennedy. John F. Kennedy!

I mean, the actor delivers it well, but it isn't exactly a masterful plot construct.

Robert Downey JR - freed from the franchise shackles - gets to act once again. He is outstanding - which is incredible seeing as the only dialogue he has is narrating what's happening in flashbacks.

Similarly, when it comes to the naming of the "Trinity" site, Oppenheimer just recites a random bit of poetry. There's no rhyme or reason to it (and it seems none was given in reality) so it sticks out compared to the (endless) exposition in other scenes.

Every single frame is a masterpiece. Nolan and his team know exactly how to get the most out of a film shoot. But the rapid changes to aspect ratio are a constant distraction.

The mini-physics lectures contain less detail than a do-your-own-research YouTube video. Which is fine; this is a piece of entertainment, not a physics lesson. The constitutional implications of Senate confirmation are less educational than a West Wing episode. Which is fine; this is a piece of entertainment, not a civics lesson. The exploration of workers rights and the rise of intellectual communism is dismissed without thought. Which is fine; this is a piece of entertainment, not a political philosophy lecture.

But because the film tries to cram in so much, it ends up not really exploring anything.

And on it goes. For every moment of beauty and delight, there's a moment of clock-watching and eye-rolling.

I preferred Barbie.

Safelinks are a fragile foundation for publishing

2024-02-04T10:00:57Z

Microsoft loves you and wants to protect you. So every time you receive an email with a link in it, Microsoft Outlook helpfully rewrites it so that it goes through their "safelinks" system.

Safelinks allow your administrator, or someone at Microsoft, to stop you visiting a link which is malicious or suspicious. Rather than going to example.com, your link now goes to safelinks.protection.outlook.com/?url=example.com.

Hurrah! If you accidentally click on a naughty link you won't cause chaos and ructions.

Except, there's a tiny problem. People like to copy and paste links that they receive. Someone sends an email which says "here's the link to that report you asked for" which then gets copied into a document or a web page.

For example, I was reading this official document from the UK's Department of Health and Social Care. Slap bang in the middle is a link to another report:

That forces everyone who visits that link to go through Microsoft's proxy. That might protect users if a link later becomes suspicious. But, more likely, it will be used in analytics to further profile users who click on links. It also undermines a user's ability to see the final destination of a link unless they can manually URl-decode content in their head.

It appears that every large organisation which uses Microsoft is prone to this failure. Lots of UK Government departments publish content with safelinks:

The US Military too:

It's all over Twitter:

And there are hundreds of academic works infested:

Look, I get why people do this. They copy a link from an email, paste it in, click it, and it works. No one writes raw HTML by hand, nor should they have to. Our WYSIWYG tools work really well and hide all the mumbo-jumbo. Copy editors look at text; not hypertext. It's only nerds like me who hover over a link before clicking on it.

Perhaps I should stop worrying? Perhaps it is OK that Microsoft intercepts the clicks from people all around the world? Perhaps they can competently run a proxy which detects and blocks inappropriate content? Perhaps they won't ever abuse that facility?

Here's my prediction. In the next five or so years, Microsoft is going to accidentally shut off *.safelinks.protection.outlook.com and a million copy-and-pasted links across the web are going to break.

Think I'm over-reacting? A decade ago, Microsoft got rid of their MS Tag product and, shortly after, all their proxy links were shut off. Similarly, other proxies like McAfee have shut down with little warning.

Or maybe Microsoft's sub-domains will be hijacked?

Either way, if you work in digital publishing, please make sure that your links point directly to the content that you want; not to Microsoft's safelinks service.

Book Review - How Sex Changed the Internet and the Internet Changed Sex: An Unexpected History by Samantha Cole ★★★⯪☆

2024-01-29T17:04:38Z

This book is a rather pleasing wander through two interconnected topics. From the earliest chat rooms (A/S/L?) all the way to haptic-feedback in the Metaverse, this breezes through the way sex has advanced the technology and the resulting impact technology has had on sex.

The book is well illustrated - skirting a fine line between being overly prudish and unnecessarily graphic.

There are diversions into the religious weirdos behind some online dating sites, the original cam-girls, and BBS culture. The scatter-shot approach gives a wide but sometimes shallow look at all the ways the two topics intermingle. There aren't many interviews with the people involved - and it does rather rely on second-hand reporting.

As with a lot of books, only America exists. There are a few scattered mentions of Europe. But, apparently, the Internet didn't change sex for the majority of the world. All the censorship discussion goes via the cultural hegemony.

Weirdly, there's nothing about sexting or about how the Internet has liberated (some) disabled people.

It does point to some other interesting resources, such as the documentary "Losing Lena".

On a separate note - this is a beautifully formatted ebook. I find lots of publishers don't pay much attention to the ways the specific medium works. So it is nice to see some care an attention to images and captions. But, weirdly, the references aren't inline. The reference section links out to https://workman.com/HowSexChangedtheInternet - but that doesn't contain any actual links.

It is a good look through some of the steps (and missteps) which has led us to the Internet we have now.

A (tiny, incomplete, single user, write-only) ActivityPub server in PHP

2024-02-04T10:48:49Z

I've written an ActivityPub server which only allows you to post messages to your followers. That's all it does. It won't record favourites or reposts. There's no support for following other accounts or receiving replies. It cannot delete or update posts nor can it verify signatures. It doesn't have a database or any storage beyond flat files.

But it will happily send messages and allow itself to be followed.

This shows that it is totally possible to broadcast fully-featured ActivityPub messages to the Fediverse with minimal coding skills and modest resources.

Why

I wanted to create a service a bit like FourSquare. For this, I needed an ActivityPub server which allows posting geotagged locations to the Fediverse.

I didn't want to install a fully-featured server with lots of complex parts. So I (foolishly) decided to write my own. I had a lot of trouble with HTTP Signatures. Because they are cursed and I cannot read documentation. But mostly the cursed thing.

How

Creating a minimum viable Mastodon instance can be done with half a dozen static files. That gets you an account that people can see. They can't follow it or receive any posts though.

I wanted to use PHP to build an interactive server. PHP is supported everywhere and is simple to deploy. Luckily, Robb Knight has written an excellent tutorial, so I ripped off his code and rewrote it for Symfony.

The structure is relatively straightforward.

/.well-known/webfinger is a static file which gives information about where to find details of the account.
/[username] is a static file which has the user's metadata, public key, and links to avatar images.
/following and /followers are also static files which say how many users are being followed / are following.
/posts/[GUID] a directory with JSON files saved to disk - each ones contains the published ActivityPub note.
/photos/ is a directory with any uploaded media in it.
/outbox is a list of all the posts which have been published.
/inbox is an external API endpoint. An ActivityPub server sends it a follow request, the endpoint then POSTs a cryptographically signed Accept message to the follower's inbox. The follower's inbox address is saved to disk.
/logs is a listing of all the messages received by the inbox.
/new is a password protected page which lets you write a message. This is then sent to...
/send is an internal API endpoint. It constructs an ActivityPub note, with attached location metadata, and POSTs it to each follower's inbox with a cryptographic signature.

That's it.

The front-end grabs my phone's geolocation and shows the 25 nearest places within 100 metres. One click and the page posts to the /send endpoint which then publishes a message saying I'm checked in. It is also possible to attach to the post a short message and a single photo with alt text.

There's no database. Posts are saved as JSON documents. Images are uploaded to a directory. It is single-user, so there is no account management.

What Works

Users can find the account.
Users can follow the account and receive updates.
Posts contain geotag metadata.
Posts contain a description of the place.
Posts contain an OSM link to the place.
Posts contain a custom message.
Posts autolink #Hashtags (sort of).
Posts can have an image attached to them.
Messages to the inbox are recorded (but not yet integrated).

ToDo

My account only has a few dozen followers, some of whom share the same sever. Even with cURL multi handle, it takes time to post to several servers.
It posts plain text. It doesn't autolink websites
Hashtags are linked when viewed remotely, but they don't go anywhere locally.
There's no language selection - it is hard-coded to English.
The outbox isn't paginated.
The UI looks crap - but it is only me using it.
There's only a basic front-page showing a map of all my check-ins.
Replies are logged, but there's no easy way to see them.
Doesn't show any metadata about the place being checked-in to. It could use the item's website (if any) or hashtags for the type of amenity it is.
No way to handle being unfollowed.
No way to remove servers which have died.
Probably lots more.

Other Resources

I found these resources helpful while creating this project: