solarbird: (pingsearch)

Well, the task scheduler seems to think we’re caught up. But the post about how we got hopelessly behind on blog federation never actually federated, so let’s see if we’re federating now.

…and we definitely are not. Well. That’s a problem. Can’t refresh the profile from Mastodon, either.

Well.

That’s not great.

What happens if we update this post?

Posted via Solarbird{y|z|yz}, Collected.

solarbird: (pingsearch)

So earlier this week, I decided to set up automated edits on every post to fire off this weekend. I needed to turn off pingback/trackback to shut off a big spam vector.

Then as it started chugging through all the many thousands of entries here, Friday’s new post alerting HHS workers to firing shenanigans went absolutely bonkers viral.

(Hello, 160,000+ exposures!)

This means ActivityPub is now stupidly far behind on federation tasks and I’m not even sure new posts are going to federate out. Some of my replies from last night still haven’t.

Hopefully it’s not as bad as it looks, and this will propagate fine. LET’S FIND OUT!

(If you see this, please do not boost it. NO boosting this please. DO NOT BOOST THIS. It’ll just add to the server load. But a reply would be fine. Thanks!)

At least it’s a holiday weekend, right? Technically. President’s Day. Sure, that’s a holiday. lol.

Posted via Solarbird{y|z|yz}, Collected.

solarbird: (molly-content)

Today Anna and I upgraded all the servers in the servercore with MST3K in the background and had some pizza made by Paul and some pie made by a grocery store.

And it was a really nice day.

I am so pleased that (with the help of the Mastodon discord on that server) we got all the server OSes upgraded and back up and running and cleaned up some stuff while we were at it.

Just being able to… get some stuff done without it being a goddamn nightmare or a huge fight or anything. Just mostly sitting around and chatting some while upgrading stuff and getting things that broke working again without too much of a fuss.

could use days like this more often, not gonna lie

how was your day?

Posted via Solarbird{y|z|yz}, Collected.

solarbird: From moongazeponies on deviantart (pony-pinkie-hax)

Hm, ecovax feels no need to patch this bluetooth exploit that lets you p0wn their robot vacuums and lawnmowers and do things like turn on their built-in cameras and microphones, and have them connect to random servers directly themselves.

It’s on the basis that since it’s bluetooth, you need to be in the area of the device, but, uh, that’s also true for hax0ring your local wifi? So I don’t see how that’s actually better.

Anyway – neat! Maybe don’t buy their stuff.

Posted via Solarbird{y|z|yz}, Collected.

solarbird: (molly-thats-not-good-green)

So, uh… if you use polyfill dot io to help power your websites, are you aware of the bad shit going down?

You should be, because it’s very bad. Malware injection bad. Details here.

(Renaud – the author of this post set – is one of the dev team at the Mastodon nonprofit. He’s not the only one talking about this, I just trust him.)

Posted via Solarbird{y|z|yz}, Collected.

solarbird: From moongazeponies on deviantart (pony-pinkie-hax)

so I had an amusing by which I mean FUCK YOU WINDOWS adventure wherein i went to check to make sure my gaming rig (and only windows box) actually did have the patch for the wifi remote execution bug because I was pretty sure I got the patch late Thursday night but it never hurts to check and I did have it but there was another patch waiting to go so I just went ahead and installed it and that was fine except somehow installing that reactivated a really old update from January for a combination recovery/bitlocker issue which kept trying to install but failing with an obscure error code that turned out to be due to my recovery partition being too small despite having been set up by windows itself (they silently upped the size requirement without telling you or making it bigger thanks gyes) so i had to fix that which meant i had to move around partitions and shrink and grow them like one of those 15-number puzzles but eventually i got there but then Windows Recovery service said it couldn’t start anymore after making my recovery partition bigger but then said it could start again after I tried again so I decided the first failure was just random and tried to install the January windows update once more but it still wouldn’t go so i rebooted in case that would help and somehow that resulted in my machine deciding to boot off a three and a half year old image on another physical device that I forgot was even there so that was exciting, but it was okay because i got that fixed by just taking the other drive out and that got me back to where i just had to fix windows recovery again and it turned out it was broken because it didn’t have a windows recovery source image for some reason (even though a complete integrity check passed) so that was kinda fucked and eventually i managed to find other people with the same problem but everything i could find said i needed a winrm.wim which i most certainly didn’t have and then other people with the same problem said you had to get that off your install iso and I did have that but my install iso didn’t have a winrm.wim and eventually i found out that what i really needed was an install.wim so i could extract the winrm.wim but my iso didn’t have that either, only corporate copies have that, mine only had a install.cra or something I forget and it turns out those .cra or whatever I forget files have stacks of like eight install.wims inside them and you have to extract the right one, and once you’ve figured that out, then you can mount the install.wim you’ve extracted and dig through that for a surprisingly long while to get the winrm.wim that’s right for your system and put it in the special magic place and point windows recovery at it and then finally windows recovery will go “oh look you have a winrm.wim now how nice okay I will run it for you” and once all that’s working then as long as you’ve remembered to make your recovery partition bigger and haven’t accidentally reset it back to default the windows update patch from January will probably run correctly (and it is only probably because sometimes this doesn’t fix it and nobody knows why?) but in my case it did and it worked.

VICTORY FOR TAK!

(i’m not even mad even if every time i get more than like five minutes into a genuine windows problem i am reminded once again that dave fucking cutler came from fucking vms and that vms took perfectly good rsts/e and gave it both anxiety and a desperate need to explain itself through verbosity and i’m a little mad at him about it all over again)

anyway, then i could play overwatch again yay

Posted via Solarbird{y|z|yz}, Collected.

solarbird: (molly-computer-all-lit-up)

I haven’t seen this mentioned here but if you haven’t updated Windows this week, DO THAT NOW

Like seriously, right now.

no

right now

Posted via Solarbird{y|z|yz}, Collected.

solarbird: (molly-computer-all-lit-up)

Don’t install any version of Windows 11 that can run Copilot/Recall if there is or ever will be absolutely anything on the machine you want to keep private in any way. Anything.

Particularly passwords, but in no way just that.

Not even if your hardware theoretically doesn’t support it and theoretically can’t run it. That doesn’t matter. Do not install it.

To be as clear as I can be, I’m not just saying “turn off this feature no matter what,” though if it’s already running, you need to do that right now and also purge your entire history and also see if you can scrub your system drive of all abandoned data files related to Copilot/Recall. I’m saying, literally, do not install any version of Windows that contains recall.

Yes, I am being obscure about why. Deliberately. I get this way when a problem is both too serious and too easy to replicate. This is the kind of shit I have in the past – when I was what one might call not a white hat – gone through trusted third parties to report and get fixed, mostly because of the “too easy” part.

It’s been a while, but I just did this again, some several days ago. I do not know whether anything is coming of it, but at least I have tried. And today, I have received information which – if correct, and that’s always an if – says that the situation is even worse than I thought.

One of the solutions I handed my third-party relay does, at least, address one of the new issues I am absolutely not describing here. However, none of the solutions I brought address the other issues I am also not describing here.

Do not install.

Posted via Solarbird{y|z|yz}, Collected.

solarbird: (pingsearch)

Now that we have substantially more users than just ourselves again – this was a thing back in the day, we had a peak of like 40 users – we kind of need a status page so we can warn people about nontrivial shit or that we’re going offline for some reason like losing power.

So:

  1. Our mail server already has web services on it for list management
  2. Add a local wordpress instance there, which means it’s not on the main web or mastodon servers
  3. Federate that with an address something like at status at status dot murkworks dot net)
  4. Have the mastodon.murkworks.net librarian account follow it
  5. Have posts to it also go to the various mailing lists we host so they know directly

Which means:

  1. If our mastodon server goes down, people could check status dot murkworks dot net and see the wordpress version
  2. If the main web server goes down that wouldn’t affect status
  3. If status itself needs to go down, since it’ll be federated and followed (by the librarian) on mastodon.murkworks.net, people can check the status account there to see what was last posted, which – if we take it down in a controlled manner for things like a major upgrade – they would still be able see, and therefore, they could read the last status message
  4. If anyone not on our instance follows the status user (and I would ask someone to do that for this purpose) then people would be able to do the same thing checking on that system’s server. I think. (As would anyone following it themselves of course.)

This is me using caching to bridge downtime to keep status information available under as many circumstances as possible, basically.

(Well, without having to hire some sort of off-site hosting which we can’t afford right now anyway or using some rando account someplace which is kind of what we’ve been doing and which I’d prefer not to do.)

It’s the “federated wordpress blog” part that makes this viable.

Am I missing anything important?

Posted via Solarbird{y|z|yz}, Collected.

September 2025

S M T W T F S
 123456
789101112 13
14151617 18 1920
21 2223 24252627
282930    

Most Popular Tags

Syndicate

RSS Atom