I got bored, so I decided to implement a blog on my website, and then also wrote a post about how I write code while at school:
I also cleaned up some of my templates and added some opengraph tags
\o/ its booting again, seems like everything's working again now!
I have aquired new RAM, now I just need to fix my broken Arch install
I've been experimenting with embedded linux on Raspberry Pi, using Elixir with https://nerves-project.org and its been quite a pleasant experience overall
After some (self-inflicted) wiring issues, I've written an elixir wrapper around the Rust library for the Blinkt, which I am considering putting open source on Github for anyone interested
It doesn't currently have any web interface or anything yet, its just a command-line task runner.
It can automatically clone and checkout a specific commit, and then all workflow steps are executed inside a docker container which is sandboxed with gvisor. I have no idea where I really want to go with this, as it was mostly just to experiment with the docker API
I've been working on re-doing my website (again lol), and this time I've added a page that's automatically generated from my @PronounsPage profile, containing Lots Of Words™️
So I had this idea earlier in my maths lesson, and so I decided to make it. Its a digital clock that tells the time using the angles of the hands on an analogue clock: https://time.ashhhleyyy.dev
hardening mastodon against scraping
fellow masto instance admins of the fediverse:
by default, mastodon is leaky as fuck and there are a bunch of ways that data can be scraped and indexed from a mastodon instance
there are a few steps you can take to harden your instance against this; since there's an ongoing harassment campaign against trans masto users, now is a good time to review this
the following is not exhaustive, but it's a good start
1. Enable 'Secure Mode' on your instance. Without secure mode turned on, any of the activitypub endpoints of your instance can be scraped without http authentication -- this includes user profiles and users' public posts. This makes it ***absolutely trivial*** for a scripter to scrape all of the profiles of your instance denizens and look for keywords.
From the mastodon docs: 'When secure mode is enabled, all GET requests require HTTP signatures as well.'
It's insane to me that this isn't enabled by default. To enable it, see the 'AUTHORIZED_FETCH' parameter here: https://docs.joinmastodon.org/admin/config/#basic
This makes it more complicated to scrape, since scraping traffic now has to come from an instance that uses http signatures, and not just from some random asshole's computer.
2. Toggle some config options in preferences => administration => site settings. Here you can turn off the profile directory, disallow unauthenticated access to public pages, etc. See the screenshot below this post for the settings I use. You can make up your own mind about how strict you want to be here, but I think turning off the profile directory and the public timeline is a great idea.
3. Recommend your users disable DMs from people they don't follow. This is under preferences => notifications.
Any stuff I've missed, stuff you'd like to add, feel free to reply to this post.
Thanks for reading!
PSA (transphobia meta), please boost
for the past ~4 days there's been lots of mass harassment of trans people
if you're an instance admin:
- please turn off sign ups, at least until this is over
- keep up with #fediblock
if you're on the list, or just worried:
- lock your account
- in web mastodon:
- preferences -> appearance -> always hide media
- preferences -> notifications -> block DMs from people you don't follow
- in tusky:
- account prefs -> download media previews -> off
I made me take quite a big jump too, I think it was the loudest arc of the evening
Student from the UK; trans girl; developer of Minecraft mods among other things.
Expect sporadic and random posts, because I have no idea what I'm doing
*Due to increased bot signup, manual approval is required. Please write some applicable request text on signup with why you want to join. Blank submissions will be denied.*
This Mastodon instance is for tech workers, academics, students, and others interested in tech who are LGBTQIA+ or Allies.
We have a code of conduct that we adhere to. We try to be proactive in handling moderation, and respond to reports.
We're not a free speech absolutist. We're not interested in Nazis, TERFS, or hate speech. No homophobia, transphobia, queerphobia, racism allowed.
This instance is meant to be a friendly, welcoming space to all who are willing to reciprocate in helping to create that environment.
If you’re ever unsure, ask first. Use CWs where required.
If you’re accused of causing harm, either take some responsibility or ask moderators for help.
Our moderators are here to listen and respond to reports.
This instance is funded in part by Patreon donations.