now | writings | rss | github | twitter | contact
What is the best practice for doing customer support when a user loses their 2FA device/token? Tell them they're SOL? Just reset manually and confirm by e-mail?
The last thing I backed is a year past its delivery estimate and they just e-mailed all of us to advertise that they're now selling the product from their own website (before sending out any product to backers).
I really need to stop backing things on Kickstarter. Aside from the Pebble and Thimbleweed Park, everything else I've backed has ended up being garbage.
Artisanal ethernet cables
I was inspired by @bradfitz to put all my home equipment in a rack
July 2018 →
My bitwarden-ruby project has been renamed to Rubywarden and now uses ActiveRecord on the backend
https://github.com/jcs/rubywarden
Chicago BSD Users Group is meeting on August 8th, come out and eat pizza with us

https://chibug.org/updates/20
retweet  @rob_pike: Things should just work.
Do any services notify the account owner when an account login succeeds but 2FA fails/times out?
It's a `git reset --hard` kind of day.
I'd just assume never update anything once it works, but Google is mandating that apps target Android 8 or they won't be able to be updated in Google Play in a few months. And of course Android 8 changes everything about notifications and services that Pushover relies on.
Android Studio kept bugging me that stuff was out of date, so I let it update. Then nothing built because some deprecated things in the Gradle config needed to be changed, so I do that and now nothing builds but in a completely different way.
Halfheartedly considering using one of those crappy cross-platform frameworks to rewrite Pushover for Android just so I never have to deal with Android Studio and all of this Java crap ever again. So much time wasted with tooling upgrades that break stuff I care nothing about.
"OpenBSD still uses [CVS], and it's the main reason I've only rarely contributed patches. CVS is just that crappy."

Yeah, I'm sure that's why. #shithnsays
Schadenfreude-as-a-service: monitor eBay auctions you got sniped on and lost, then later notify you if that auction resulted in negative feedback because the thing being sold was garbage anyway
Pizza delivery guy: Here you go, enjoy
Me: Thanks, you too
Adventures in Open Source
June 2018 →
Working in standing mode today
Crystal now works with OpenBSD's MAP_STACK protection
https://github.com/crystal-lang/crystal/commit/c9f449c6fc9c5d1afdaf920e301377ab0312036b
Installing OpenBSD 2.8 via a PCMCIA network card, booted from floppy
"What kind of asshole lives on an island and doesn't even have a boat?"
A ZMODEM implementation has not been properly tested until it's been used to courier some warez over a modem
retweet  @jcs: @eduyayolalo It's "the paw"!
Hanging out in East Shanbar
Fetching node status from AirPort APs
You can enable SSH on it and it appears to use DJB's daemontools for some local services.

root 86 0.0 0.3 16388 804 tty00- S 5:28PM 0:00.02 svscan /var/sv
root 89 0.0 0.3 16388 760 tty00- I 5:28PM 0:00.00 supervise dnscache
Huh, the Airport Extreme runs NetBSD

NetBSD 6.0 (build.kernel-target.conf) #0: Thu Nov 2 10:49:34 PDT 2017
root@xapp29.apple.com:/BuildRoot/Library/Caches/com.apple.xbs/Sources/J28E/AirPortFW-77900.2/Embedded/Firmware/NetBSD/Targets/J28E/release/obj/build.kernel-target.conf
May 2018 →
The router soldiers on, at least for one more day

ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)

gw_1800 uptime is 4 years, 1 week, 3 days, 1 hour, 7 minutes
System returned to ROM by power-on
System image file is "flash:c1841-ipbase-mz.124-1c.bin"
$ uname -srpv
OpenBSD 5.1 GENERIC#160 i386
$ uptime
10:20AM up 1469 days, 21:38, 2 users, load averages: 1.13, 1.00, 0.66
$ sudo halt
The hidden webcam is neat though. I'd never use it so it's one less thing to worry about.
Trying out OpenBSD on the new Huawei Matebook X Pro, but this as far as it gets (reboots as soon as the kernel loads). Unfortunately it has terrible coil whine, on par with the XPS 13. I seriously thought it had a spinning disk in it, it's so noisy.
hello, world
April 2018 →
retweet  @OpenBSD_src: jcs@ modified sys: rasops: implement scrollback activate it for efifb and inteldrm ok kettenis
Can you put a ZIL interpreter in an ASIC chip?
There should be a cryptocurrency called Zorkmid and its proof-of-work will be completing a text adventure
ZF0_EMO
So knowing that, I could have saved myself all the time of writing and debugging a ZMODEM implementation and just used lrzsz by escaping its output, but I guess at least I know how ZMODEM works now (and boy is it complex).
0xFF is IAC in telnet land which starts an internal command, so sending one 0xFF was getting read by the receiver's telnet handler and looking for a command following instead of passing it and the next byte(s) to the ZMODEM code.
I hooked up lrzsz to something to do ZMODEM transfers and the receiver kept showing CRC errors, so I wrote a ZMODEM implementation and it still erred. A day of debugging later, I realized the receiver thought it was talking over telnet so 0xFF needed to be escaped on the sender.
"We have forwarded your ticket to our networking department for further review. Please note that your request will be handled during office hours, which are: 8.30 am – 5.30 pm CET/CEST, Monday-Friday."

Not a response you want to hear from your server provider on a Saturday...
Apparently I was pretty concerned about copy protection for my stupid VB apps in 1997 (when I was 14)
Watched
The Post (2017)
★★★★☆
Funny how software ported to OpenBSD often needed patches because our GCC was so old, but now lots of software needs patches because our Clang is so new.
retweet  @openbsdjournal: OpenBSD 6.3 Released https://undeadly.org/cgi?action=article;sid=20180402135554
March 2018 →
I loved these isometric drawings in the Windows 95 installer
Dolch PAC 64
retweet  @Level29_BBS: Jcs just logged on to http://bbs.fozztexx.com at 12000 bps using a real #modem over dialup! ☎👴🏫👍 Fri 17:42
This was my bedroom as a teenager. My BBS ran on the Compaq just out of frame on the left, its monitor showing X11 and Window Maker and the VT510 next to it was used for IRC.
I used the L0pht BBS in the 90s and liked its software (Eagle BBS) which made me want to use it for my own telnet-based board since I had a nailed-up ISDN line. I needed an OS to run it on which brought me to OpenBSD, and I've been using it ever since.
https://twitter.com/dotMudge/status/971071619870478336
Because surely human traffickers and exploiters of children can't afford $20
https://twitter.com/EFF/status/970104035335225344
For OpenBSD on a MacBook Air, the longer BCM93602CS FullMAC card from a Macbook Pro will fit in place of the Air's BCM9360CS2 SoftMAC card (enough to secure the bottom lid) and it works with bwfm(4). I used J1 and J2 for the antennas and it seemed to work ok.
February 2018 →
The next time someone complains that using Vim is hard...

https://youtube.com/watch?v=bGjTZxRdYD8
"But the license allows for it" - sure, and if you're ok with someone doing that, then choose such a license. If not, you may want to choose a license that restricts binary redistribution for your iOS/Android app code vs a more permissive one for a library or command-line tool.
GPL'd code would, in theory, protect against the author hiding malware in it, but even if all of their changes are in the open and all they're doing is charging for or taking credit for it (by distribution/branding, not at a copyright-level), they're still being an asshole.
This is exactly why Endless Browser has a weird license (https://github.com/jcs/endless/blob/master/LICENSE). The "app store" distribution model makes it really easy for some asshole to repackage open source iOS/Android apps and make lots of money deceiving people.

https://www.reddit.com/r/Android/comments/80cogw/that_developer_just_rips_off_opensource_apps/
Hard to believe I've been working on @PushoverApp for 6 years
https://pushover.net/clients/changelog
Retweets have turned into the "Fwd: FW: Re: Fwd:" garbage from e-mail. I follow people because I want to read what they think, not what strangers they follow think.
Oh no where did @mtigas go
retweet  @romanzolotarev: Will it work?

http://no-color.org

"All command-line software which outputs text with ANSI color added should check for the presence of a NO_COLOR environment variable that, when present (regardless of its value), prevents the addition of ANSI color."
This problem might not be so bad if users just had to check their Spam folder but these e-mails totally disappear after reaching Microsoft's email servers. The only solution is for users to manually add my address as a "Safe Sender" /before/ expecting to receive the e-mail.
Load more...