Category: Tech

Posted on
by

Phishers: Hi, we’re your bank, please click on this attachment for important information.

Security experts: Never click on an unexpected attachment in an email even if you think you know who it’s from. It’s likely to be malware or a scam to steal your login credentials.

Actual banks: Hi, we’re your bank, please click on this attachment for important information. 🤦‍♂️

Seriously, I HATE these systems. The way they keep phishing and malware techniques believable — and have for years! — is worse than any supposed security advantage in not just using email. Half the time the info isn’t any more sensitive than a receipt would be. Or heck, even just “There’s a new message in your account, please log in to see it and use your own bookmarks to get there.” That’s actually more secure!

:sigh:

It’s really too bad all the schemes to add end-to-end security to email over the years have been either too cumbersome to take off for general usage or vendor-specific.

Posted on
by

While I’m griping about Instagram, why the heck are the detailed notification preferences split between the app and the system notification UI?

That’s terrible design.

Well, if it’s intended for usability, anyway.

If your goal is to make people see more notifications, though… 🙄

Yeah.

IMO there are two sensible ways to handle granular push notification preferences:

  1. Use the system’s per-app settings for all of it. (Tusky does this, even putting your per-account preferences in the system UI.)
  2. Use the app’s settings for all of it, and let the system just be an on/off toggle for what you’ve chosen in the app (like it was before Android even had UI for it).

Either way, everything’s in the same spot so you know you haven’t missed anything you want to turn off. Or anything you want to turn on, for that matter.

Posted on
by

One of the things I like about Mastodon and Pixelfed and the rest of the Fediverse vs commercial social networks is that they don’t TRY TO GET MY ATTENTION every time I open the page or app and offer ALL THESE THINGS I SHOULD BE LOOKING AT that might be relevant to what it thinks my interests are, to make sure I stay online and don’t stay away again for sooooo long! (Even if it’s only been a few days.)

Seriously:

  • I opened Instagram for the first time in at least a month and I was bombarded with more ads and recommendations than photos from people I was actually following.
  • I opened an alt profile in Twitter yesterday to post something off the cuff, and all the trending topics, pushing new features, etc. were like walking onto the Las Vegas Strip when all you want is a sandwich.

Never mind the normal “You haven’t logged onto Twitter in a few hours, here’s all the stuff you missed, and look, people are posting new stuff while you’re catching up, you’d better keep scrolling! What, you switched to another app for five seconds? Here, I’ll scroll it for you!”

Compared to Mastodon just showing you the latest that you’re actually following. And if you want to fill in what you missed, that’s up to you.

(There’s also the posting culture. On Twitter, people are used to discussing DOOOOOM all the time, so even curating your timeline isn’t always enough if you want to follow people talking, I don’t know, astronomy or whatever, because they’re also talking doom. And the algorithm reinforces it at both ends in a vicious circle, encouraging doom-posting and encouraging doom-scrolling.)

Choice Complaints

None of these complaints is inherent to the structure or functionality of Twitter, Instagram, Facebook etc. They’re deliberate UI design choices to optimize for the company’s targets. A third party client could bypass it all (which of course is why they basically don’t allow those anymore).

Similarly, Mastodon and Pixelfed and so on could implement UI like this, but they don’t. The project goals aren’t engagement at all costs. And each instance can have its own goals.

Or someone could add an ATTENTION-GRABBING EXPERIENCE on top of the code and launch their own service. And those of us on other instances, running different software, wouldn’t be affected. Unless the site injected ads into the ActivityPub streams going out to people following its users, in which case I imagine a lot of instances would block them really quickly.

Or they could write an app that adds extra popups and keep-scrolling incentives to the phone experience!

I’m not sure many people would consider that an improvement.

Then again, people do use Yahoo mail. 🤷‍♂️

Expanded from Mastodon.

Posted on
by

This looks cool: Mozilla has released a translation tool as an add-on for Firefox that can do web page translation locally instead of sending data to the cloud! It’s based on Project Bergamot and implemented in WebAssembly.

IMO translation is one of those things like speech recognition that ideally should have always have been local (for obvious privacy reasons), but the processing and data just wasn’t there yet when Google Translate and similar services launched.

Posted on
by

In response to girrodocus’s question: #PersonalWebsite creators… what’s your rationale for deciding when to use a subdomain or a subdirectory?

I usually prefer to put sections in subdirectories. That makes it possible to make the entire site portable (depending on authoring tools, anyway). Ideally, I want something that could be zipped up and moved. Or sent to Archive Team. (One of the downsides of dynamic site generators is that you can’t do this.)

When I use subdomains, it’s typically because I want some sort of isolation between the content, or the server apps, etc. But in those cases I’m as likely to use another domain entirely.

I put my main blog in a subdirectory (/journal), but if I set up my own git repository or something like that, I’d probably put it in a subdomain.

That said, I’m currently trying to sort out what I want to keep at the domain I’ve had for the last 20 years and what to move to my IndieWeb identity site.

IndieWeb and Identity

It took 4 or 5 years from me discovering IndieWeb to actually building support into my website(s), because Hyperborea.org, named after a fictional place, felt like a digital home, but not an identity. So I set up KVibber.com as my digital identity instead.

I’ve been considering several approaches:

  • New stuff on KVibber, leave old stuff where it is.
  • Professional stuff on KVibber, fun stuff on Hyperborea.
  • Original work on KVibber, fandom stuff on Hyperborea.

I might move my scenic and nature photos over to KVibber but leave the funny and comic-con photos on Hyperborea, or move my tech articles over but leave the personal posts.

I’m also planning to put together a light microblog, probably on KVibber, to be the canonical location for short posts on Mastodon/Twitter/etc that I want to keep, but don’t feel big enough for a full blog entry. That’ll probably go on KVibber, even though it’ll blur the pro/fun and original/fan distinctions.

Originally on Wandering.shop (and a followup post).

Update September 2022: I guess I’ve tabled the whole question at this point. For now, I’m just using KVibber as a profile page and putting everything else on Hyperborea, like I was doing before.

Posted on
by

One of the things I find fascinating about the Tunguska and Chelyabinsk impacts is that in one case it took decades of scientific research and multiple theories to settle on what probably caused it, while in the other we have video footage and the actual meteorite.

But there were eyewitnesses to Tunguska despite its remoteness, and somehow I’d never read their reports before.

As for the debate about what caused the Tunguska event: it was clearly something from space, but no one has ever found an impact crater or an actual meteorite, just damaged forest. Plus the scientific expeditions weren’t carried out until years later. Current consensus is that it was a meteor, but it exploded in the air before impact, causing the visible fireball across the sky, intense heat, shock waves, atmospheric disturbances and so on but no crater.

Posted on
by

Two hot takes (so to speak):

Auto-updaters shouldn’t run when the system is really busy.

And installers that check to see the whether the same or newer version is “already installed” should either be really thorough about what they’re checking, or offer to do a repair install anyway.

Overheat!

I’d fired up a game of No Man’s Sky, which even after redoing the thermal paste and adding another case fan still pushes the limits of my system’s cooling, especially if I forget to wait for all the background processes to finish loading on Windows startup. I left a space station, landed on a planet, started mucking around with the structure I had found, and hit a waypoint pole to save again—

And the system shut down.

I turned it back on to get the fans running again and help cool off. Which worked. But when I logged in, I had a bunch of errors with Google Drive. Apparently its auto-update launched during my GPU-intensive game and overheated it enough to reach the shutdown threshold.

Fortunately, I’d just saved my game — or so I thought.

I spent about half an hour trying to fix Google Drive before I decided to just go back to the game for now.

No Man’s Sky picked up seamlessly…at the previous save. Maybe the write cache hadn’t been flushed yet or something. I’m glad I only lost about a minute of gameplay, though… I’ve got several hundred hours on this save file, and I’d hate for it to get lost or corrupted!

Anyway, back to Google Drive. I couldn’t reinstall it because I couldn’t uninstall it, and despite my efforts I couldn’t remove enough traces of it for the installer to be willing to run. You can read the whole reinstalling Drive saga on my troubleshooting site, along with the taskbar that lost its icons halfway through.

I eventually fixed it by copying the installed program files from another system and running the uninstaller manually. That resolved both the taskbar icons and the Drive installer being willing to run.

Then I dragged myself into bed.

Yeah, it was a fun Saturday night. 🙄