Posts by adam@toot.nels.onl
(DIR) Post #AuFsD2nVIjf5VkIS5g by adam@toot.nels.onl
2025-05-19T14:23:52Z
0 likes, 0 repeats
@silverpill I wonder if this is it. When I was setting up my server in Docker, I briefly had my volumes configured wrong and it regenerated all of its settings including the key. This was before I had followed anyone, so I assumed it hadn't federated anywhere and no servers had seen the incorrect key, but maybe somehow it got out? I'm guessing there's nothing I can do about this but wait?Also I wonder if the common thread between the non-federating servers is that they use authorized fetch.
(DIR) Post #AuMXJzmm9vfnGa9IX2 by adam@toot.nels.onl
2025-05-22T19:53:03Z
0 likes, 0 repeats
@mattblaze you will certainly not regret 240 watts
(DIR) Post #AusTcV92qyBv4BhGk4 by adam@toot.nels.onl
2025-06-07T04:08:45Z
1 likes, 0 repeats
@sun Dark Souls style games where 90% of the gameplay is dodge rolling enemy attacks
(DIR) Post #Autit6UhRyoi0VA0I4 by adam@toot.nels.onl
2025-06-07T19:09:20Z
0 likes, 0 repeats
Why do my project name ideas keep getting sniped... 😔So I've been working on a federated chat protocol. Kind of like Matrix, but ideally much easier to implement and not E2EE. The name I had in mind was Chatterbox (which, surprisingly, has not been used for a chat app that I'm aware of) and I already reserved the domains chatterbox.computer, cbox.cx, and cbox.network for the landing page, main public freemium instance, and main bot instance (for features like link previews), respectively.And then I discover a recent AI text-to-speech model called Chatterbox.I think I'm just going to keep using the name anyway, they're in different domains. But it keeps happening!
(DIR) Post #AuzLZ5tOqTIELtxkeW by adam@toot.nels.onl
2025-06-10T13:19:18Z
0 likes, 0 repeats
@vriska Waiting for the inevitable day someone tries to reclaim "slop" and we get an intentional aesthetic called "slopcore" and it somehow becomes Cool With The Youth
(DIR) Post #AvCK0I6HHpc0zy1wGW by adam@toot.nels.onl
2025-06-16T17:15:11Z
0 likes, 0 repeats
@mark I've been thinking about this a lot while designing Fediverse projects. One idea I had a while ago, while writing FEP-fffd[1], was to upload each public post to IPFS and then add a content-addressed IPFS link as a FEP-fffd proxy of the post. Then followers who receive these posts could mirror the IPFS version of the post, making it highly available.But it still has a few problems (besides the fact that I never implemented it):Does anyone still use IPFS outside of crypto? Projects that used it years ago, like Dhall[2], abandoned it because it was too unreliable. Is there a modern alternative?Other instances would still have to fetch the full Activity to see the IPFS proxy URL. Fixing this would require special behavior from compatible ActivityPub servers, like including proxy URLs in Announces, reply lists, etc.Content-addressing doesn't play well with edits (this is why Nostr still doesn't support editing) and there's no guarantee that all nodes mirroring the IPFS data will respect Deletes.[1] https://codeberg.org/fediverse/fep/src/branch/main/fep/fffd/fep-fffd.md[2] https://dhall-lang.org/
(DIR) Post #AwhoydkxYcXMwK7z9M by adam@toot.nels.onl
2025-07-31T22:05:58Z
4 likes, 3 repeats
My ideal package manager design for a programming language:Packages are downloaded over a P2P system, like BitTorrent or IPFSThe package manager runs as a daemon and seeds all downloaded packagesThere is also a centralized site, which is a directory that maps packages to hashes/torrents; also has documentation and searchThe site has an open API that other sites can replicateProject files reference packages by both name/version and hash; the hashes remain valid even if the site goes downThe site has human moderation and handles detecting malware, spam, etc. and removing itPackage names always have a username prefixThe site's staff can choose to bless a package as the preferred implementation of some feature, giving it a non-prefixed name
(DIR) Post #AxAIDZfXNGethewWA4 by adam@toot.nels.onl
2025-08-14T15:46:28Z
0 likes, 0 repeats
@icedquinn Jitsi is peer-to-peer so there's not much advantage to running your own instead of just using https://meet.jit.si.I ran my own Jitsi server in Docker for a while but it was always slower and buggier than the official one.
(DIR) Post #AxGW5jPbpXdHuXPGiG by adam@toot.nels.onl
2025-08-17T15:36:46Z
1 likes, 0 repeats
@wingo gotta go fast
(DIR) Post #AxZMYMM1KYH5G2ykPw by adam@toot.nels.onl
2025-08-26T17:52:06Z
1 likes, 1 repeats
With age verification showing up on a bunch of sites all at once for seemingly no reason (Spotify? Really?) and laws like the EU's Chat Control being seriously considered again, it seems like corporations and governments are conspiring to lock down the open internet.But if that's really their plan, it seems like there would be a more efficient and total way to do it. I can already think of one. Not a suggestion, just... a warning, maybe? Anyway, here's my 5-point evil plan to destroy the open internet (don't blame me if it really happens!):Make large parts of the internet annoying to use because of ID requirements and age gating. This is already being done, so it's step 0.Some company proposes a solution: store your ID securely on your phone, similarly to how Apple/Samsung Pay store credit cards, and use this hardware to provide secure attestations of your age/location/citizenship without actually identifying you to websites. It also uses biometrics to ensure the person currently using the device is the same as the ID. Social media and streaming sites quickly adopt this system as a convenient way to bypass age gating and ID requirements.This secure attestation can't be sent over ordinary HTTP, or it could be reverse engineered and faked. Instead, the tech giants invent a new protocol (I'll call it EvilTP), which is proprietary and a trade secret. It is managed by a consortium which only provides documentation on the protocol to companies that pay a massive licensing fee and sign NDAs. EvilTP has ID attestation, hardware-mediated DRM, and backdoors for various governments built directly in to the protocol, and cannot be used without the required hardware.Tech giants develop a new proprietary app framework on top of EvilTP that finally solves "write once, run anywhere" by essentially reinventing Flash. Chrome and Safari have a new built-in player for this protocol; websites using it download their content as binary blobs over EvilTP, running the same code that would run in a phone app. These browser apps do not support View Source, Inspect Element, or add-ons like adblock. All streaming and social media sites start using this system for their apps, and provide it as an option in the browser, gating some features and higher resolutions behind it.This system is first introduced in either the US or EU but gradually spreads to other governments. Although the EvilTP consortium could easily be seen as an antitrust violation, governments and tech giants have so much to gain from it that they enter into a wink-wink-nudge-nudge agreement to never challenge it; governments want chat backdoors and the ability to look tough on CSAM or terrorism or porn, while tech giants want to finally make piracy and adblock impossible. Each new government that starts using the system also gets backdoors to at least the sites hosted within its jurisdiction.Once EvilTP is supported in most first-world countries and by most current-gen phones, laptops, and smart TVs, the crackdown starts. Streaming and social media sites turn off HTTP access to their sites. Banking and government sites require ID attestation. Some governments forbid the use of the open internet for encrypted content, social media, chat, porn, etc. EvilTP's original promise that it doesn't directly share your ID with websites remains true, but the ID information is still present, encrypted, in every connection, and governments can view it using their backdoors. Turning off HTTP locks some countries out of this part of the internet entirely, but this is also billed as a feature: a foolproof solution to spam, foreign influence operations from Russia and China, and so on. Eventually even phone calls and text messages are sent only over EvilTP; this is also presented as a total solution to robocalls and spam texts. Any attempt to reverse engineer EvilTP is inherently a DMCA violation, and it develops a "silent alarm" system as a deterrent: if a connection fails in ways that look like a reverse-engineering experiment, the police are immediately called to the last known address of the ID associated with that device or connection.
(DIR) Post #Axcy2KJVlEd1OYpzJg by adam@toot.nels.onl
2025-08-26T20:14:13Z
0 likes, 0 repeats
@silverpill The end goal in my scenario, at least the biggest one that makes it concerning, is both "make it impossible to interact online without your every move being tied back to your IRL identity by law enforcement" and "make it impossible to circumvent DRM or ads"; owning the largest communication platforms on the current internet infrastructure and using something like passkeys aren't enough to get there yet.
(DIR) Post #Axhx0Cs3KlQLZJDdFQ by adam@toot.nels.onl
2025-08-30T19:57:58Z
0 likes, 1 repeats
I've been trying to design a new federated chat protocol, Chatterbox, that improves on Matrix and XMPP and is simpler to use and implement than either.But, after a lot of work designing a WebSocket+Protobuf API, I've had to ask myself... why isn't this just REST?https://adam.nels.onl/blog/why-not-rest/I really don't want to make it just a plain old boring REST API, but if I want this to be easy to understand and implement, it seems like the obvious choice. Am I just overcomplicating it?Feedback is appreciated, if you have any.
(DIR) Post #AxmJAV6rLuUSefIXlQ by adam@toot.nels.onl
2025-09-01T23:52:37Z
1 likes, 0 repeats
@phooky server that plays "Takedown" over the PC speaker whenever the OOM killer runs
(DIR) Post #AxqGWP2J5iwaxWlD2e by adam@toot.nels.onl
2025-09-03T21:37:02Z
0 likes, 1 repeats
Are you looking for a better approach to federated chat than #Matrix or #XMPP? I'm working on #Chatterbox, a simple, straightforward federated chat protocol that, ideally, will be more user-friendly (and developer-friendly) than either.https://adam.nels.onl/blog/chatterbox-federated-chat-that-doesnt-suck/The blog post links to a gist with the full API specification, in a single well-commented Protobuf file.I'm working on a reference server that should be available soon. Follow the hashtag if you're interested in updates.
(DIR) Post #AxqH3bYNZbQVKxaskq by adam@toot.nels.onl
2025-09-03T21:52:33Z
0 likes, 0 repeats
@wjmaggos Yeah I've considered ActivityPub-based chat but AP is a complicated API and there wouldn't be any existing software that's compatible with it beyond DMs. (and even DMs are inconsistent! Mastodon handles them differently than Pleroma, etc.)
(DIR) Post #AxqKcUcTe329pVq1z6 by adam@toot.nels.onl
2025-09-03T22:11:49Z
0 likes, 0 repeats
@light Consistency and a full feature set without optional add-ons.Most of XMPP's features, even really basic ones like chat history, are optional enhancements that only some clients support. Different clients' views of the same server can be drastically different. And all of those accumulated specs make XMPP difficult to pick up and work with; one of my biggest goals with Chatterbox is developer-friendliness, hence the whole API being in one Protobuf file.
(DIR) Post #AzCxOGHfJb2gRzQIls by adam@toot.nels.onl
2025-10-14T18:21:02Z
0 likes, 1 repeats
A while ago, I noticed that the media storage of my Mastodon server was close to using up my entire hard drive on this server, so I started running tootctl media remove --days=7 in a daily cron job.I thought, naively, that the deleted media would be re-fetched the next time I viewed it. But it seems like posts with deleted media are just permanently broken; even my own boosts from over a week ago have broken images now.Is there any way to fix this? Or are my local copies of those posts broken for good?#Mastodon
(DIR) Post #B1AhVrAWqoPemGYyEy by adam@toot.nels.onl
2025-08-27T01:25:17Z
1 likes, 0 repeats
@cinebox @catsalad There's a secret boss fight in there and they're trying to keep the difficulty high. No healing for you.
(DIR) Post #B3BUoeHmLYu0Fjk6IC by adam@toot.nels.onl
2026-02-10T16:56:24Z
0 likes, 0 repeats
Seems like I'm not the only one that wants #Chatterbox's core features: https://sporks.space/2026/02/10/a-few-design-decisions-for-a-new-chat-platform/
(DIR) Post #B3KQkJ1IorgHkJLh1E by adam@toot.nels.onl
2026-02-15T00:23:11Z
0 likes, 0 repeats
Valentimes is serious times!https://www.youtube.com/watch?v=ugqniGO4IJc