Group Chats

This caught my eye:

In some ways, group chat feels like a return to the halcyon era of AOL Instant Messenger, once the most widespread method of messing around with your friends on the internet.

Group Chats are Making the Internet Fun Again

 

It’s probably not a good look to admit that you’ve been experimenting on your friends, but for the last couple of years i’ve been badgering people into using Signal, and creating group chats for circles of friends / acquaintances. Periodically i’ll create a temporary group to help plan a specific event or to aide collaboration on a task.

In the time that i’ve been doing this nobody in my circle has ever invited me to join a group they have created. It’s possible that they all hate me, or at the very least resent me setting the venue. More likely (i hope) it is still simpler to do everything publicly on a platform like Twitter / Facebook / Instagram.

I found that there were things that it would be better to communicate to a specific subset of my “followers” (such a creepy term!) on Twitter, but most seem quite comfortable with the broadcast model. Now i’m a little more isolated online, but less overwhelmed by interruptions.

Oh, and sorry about the experiments. Friends don’t experiment on friends… or do they?

Advertisements

Wireguard

There have been a couple of times where it would be have been useful to be able to fake the origin of my internet traffic. Services that geo-block, differentiated regional pricing, etc.

To some extent this can be done with Tor, requesting new circuits until you get an exit node in the locale you need. However, many exit nodes get blacklisted, or made difficult to use by the “saints” (hello Cloudflare!) running some of the largest virtual hosting environments.

Time for a VPN?

The thing about VPNs is that, unless you are very careful, they provide only an incremental improvement in privacy. Still, if the goal is to be able to defeat geo-blocking it’s not a bad answer… except that the OpenVPN, the software supported by most VPN providers doesn’t have a stellar record for security (due to it’s size, it presents a large act surface), has relatively high-over head, and kills batteries.

Wireguard is a proposed answer to these issues. It’s new code, but is building on modern security libraries freeing it from some of the baggage that OpenVPN has been lugging around since 2001, and is small enough that it can realistically be reviewed / validated. Conceptually it’s a lot simpler than what came before it… i’d emphasise the “conceptually” part – making no claims to have truly understood the implications of the security choices that have been made.

And there are now VPN providers out there that are supporting Wireguard. Having signed up with one of them to experiment, it seems to be a big step forward. For my home connection (100MBit / 50MBit) it’s possible to saturate the downlink when connected to VPN… when using a server exit in Germany. Leaving it connected on my laptop there isn’t any noticeable change in battery life. I’d assume there is a change, but it’s not enough for me to worry about it.

The clients i’m using (macOS / iOS) are from the respective AppStores, and have been straightforward to configure.

All that said, not sure that i’m going to carry on paying for a VPN. The most compelling reason to do so is using it from my phone over sketch “free” WiFi… but if that is the only thing i care about it would be just as easy to install Wireguard at home and route all the traffic via that connection. The only thing stopping me doing that is laziness.

Wireguard on Synology. That’s the thing!

Building PaulStretch on Mojave in 2019

It’s a weakness. Software archeology. The topic of PaulStretch came up during the week, and of course i wanted to play with it again.

Back in 2013 there were downloadable binaries, but it seems they probably stopped working a few macOS releases ago. And besides, where is the fun in that!

The good news is that despite not being touched for years the code does actually compile.   There is no bad news, it’s working perfectly, and i’m listening to the Alien Sex Fiend track ‘I Walk The Line’ stretched out to 35mins.

After cloning the code from GitHub, it’s just a matter of installing the right libraries. I’m using MacPorts and the other dependency that was missing was mini-xml. That is also on GitHub, but the latest release isn’t compatible, fortunately the v2.12 release is fine.

Work from the script here:

https://github.com/paulnasca/paulstretch_cpp/blob/master/compile_linux_fftw.sh

  • install FLTK (available in MacPorts)
  • run the two fluid commands
  • run the g++ command (changing $outfile to paulstretch
  • install the missing libraries until you get a binary

The missing libraries were:

  • audiofile
  • libmad
  • portaudio
  • fftw-3-single (this is suggested as optional, but it wasn’t hard to include)
  • mini-xml

To install mini-xml it was the usual:

./configure –prefix=/opt/local ; make ; sudo make install

Everything else was just:

sudo port install

Screenshot 2019-03-23 at 17.26.21.png

Aint it pretty!

$ fluid -c GUI.fl
$ fluid -c FreeEditUI.fl

$ g++ -ggdb GUI.cxx FreeEditUI.cxx *.cpp Input/*.cpp Output/*.cpp `fltk-config –cflags“fltk-config –ldflags`-laudiofile -lfftw3f -lz -logg -lvorbis -lvorbisenc -lvorbisfile -lportaudio -lpthread -lmad -lmxml -o paulstretch

FTW, i tried to statically link it but it start to complain about missing libraries. Perhaps i’ll be motivated to learn how to package a .dmg file if there is interest. Surely it can’t be that difficult… right?

Update: it doesn’t look that difficult to create a ‘PaulStretch.app’, there is some Info.plist to create, copy all the libraries into the directory structure:

$ otool -L paulstretch
paulstretch:
/opt/local/lib/libfltk.1.3.dylib
/usr/lib/libSystem.B.dylib
/System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
/opt/local/lib/libaudiofile.1.dylib
/opt/local/lib/libfftw3f.3.dylib
/opt/local/lib/libz.1.dylib
/opt/local/lib/libogg.0.dylib
/opt/local/lib/libvorbis.0.dylib
/opt/local/lib/libvorbisenc.2.dylib
/opt/local/lib/libvorbisfile.3.dylib
/opt/local/lib/libportaudio.2.dylib
/opt/local/lib/libmad.0.dylib
/opt/local/lib/libmxml.dylib
/usr/lib/libc++.1.dylib

and then update the paths with ‘install_name_tool -change’ to update the paths to reference the copy in the App directory structure.

Check back tomorrow!

Update: after a few more shenanigans fixing library references in libraries that reference libraries (it’s turtles all the way down, etc) there is now a “nicely” packaged ‘PaulStretch.app’ that can be distributed in a DMG image. It has even been tested off my machine!

$ tree PaulStretch.app
PaulStretch.app
└── Contents
    ├── Info.plist
    ├── MacOS
    │   ├── libFLAC.8.dylib
    │   ├── libaudiofile.1.dylib
    │   ├── libfftw3f.3.dylib
    │   ├── libfltk.1.3.dylib
    │   ├── libmad.0.dylib
    │   ├── libmxml.dylib
    │   ├── libogg.0.dylib
    │   ├── libportaudio.2.dylib
    │   ├── libvorbis.0.dylib
    │   ├── libvorbisenc.2.dylib
    │   ├── libvorbisfile.3.dylib
    │   ├── libz.1.dylib
    │   └── paulstretch
    └── Resources
        └── PaulStretch.icns

Key Expiration / Rotation

It’s probably a good idea to check if you PGP key has expired. The easiest way to do this is in the tools that you use to manage your keys.

Another is to go to somewhere like pgp.mit.edu, and search for your mail address. Doing this lately have been an exercise in frustration as the servers always seem to be offline, slow, or out of sync.

My most recent key was old and short, so i’ve generated a new one, and expired the old one. As linking to the key servers seems to be hit-and-miss, here it is:

-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFwniY4BEAC1IK1bY6Rs8jDBgbFFBeSgvMcvq6qsFrRNAxZoECMh3bO+RcMi
ZSUZsaawsVWOnHzsQUFhNhzge8RKOYR+LQvKSZ0aLDVPOmDuBJQgM17UJSP0BYDv
IwORMrPeHlwC7TlNCNsVUidt8HfFFJINHg8XVolx5QM4EfioD6M2p8UmfK6UQa9h
YhRNnC0mm18hcc91rhNpHw3LzElLGqZR9e9/vyjAskh9cxNodCAMYx3bBKLq4AM5
p5e7CPgBfV6WgKdLxF6lZcMWIt/lfEDygRU1S8RJD4yGPlb08F3iePM+1CBOT3sU
oCwoeC2+FJCxzSBVRB32tMquO7DJOSjqi30yS2d5z9KYJL8A9JgBmsxD3a5Lcwgr
+wtIPW5j1nulcxlC2WFmQrmvQ01Yl5BEt8hMGwoT1ZDCgdfpeYMn1/mmjXfWrRjn
wpFOU6eY7s1uF58q9aaUmQ6EHnfO6l/UHOW1V5Ao3tMUGlW7U33GlNqU+JszDzHg
gOvWmEDZRacFhrlFP2t/kk4Bkb1hYI6fzrcDQabZcoIKVQmyURMag/QV/ehmyT4R
ps7PU7/0SKUawsFjQwe5xpwh67o8k99Kk5L/gEvPoIqiYVQkfsYG4+BqVYcBqdTt
vj/fxRAlrEIRKTB+DtCuetgVX9iT0hetP7LazU9ScOhXpygMu3lWyMCNmQARAQAB
tDRKb24gRWxsaXMgKFJlcGxhY2VzIDdENjlFRTkxKSA8am9uQHBsYW5ldC1lbGxp
cy5uZXQ+iQJUBBMBCAA+FiEEKJCjresbzn2uFRZukmftqRJz8R8FAlwniY4CGwMF
CQeGH4AFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQkmftqRJz8R/hqBAAkpO8
eo53bGogtgOR6VcPlqGnAgRU/KVXU5jFDkFqEUcWM0/AlJ19S2+ORZ9N8QheQHFP
ii8HPwiZx57YCHvwFVbI117D6q4TY8u6kwRzfNwQKVNhCTns+xcdGk1g9q6lSbUE
qB2PqylNKNLa73b89syPk9YQ2sxL/WSeaVi3iNFHSVR7HaQGOD9V+81Ez9SS5se0
GrxktxCJJ5/LI+OmlOqdkk+R5QG33LmQM8sBB2myBqMXAluxO0HeVFRo3jGongnm
BomUTYBxrR852rR9AEBisL8AAhJw2/79tSyCLjlhTD1zVZhziIH6UVLpiJPq2JEa
rOjTU2hVFj4P59VcZCqAQ7Vd/XA/ny0JfSZhJLc2rQK6Ix1dN2c3PvLqGvL/F+86
VWIC+K1QTmCTcJutW2aIjgFbFcd5+zaPgWud0Ccczv/HdmORIbg8jsqIVZmmL7K3
NF70jZf59hNUkS93GUnPDyxwd7KgCfl+xZQohgqYifrT/s3W0fJl/1eHat4wPFcu
2vEQBpNJpAQVXYLKXnrLUwtosFOWTQDVAXSFyYmiYhIhQXEeHsAVCDWeIsPY1DJu
xoGDOtwnz87xfzKKsb9iW1MTWsvFOVBofhPoOpbC67S0FKyV1sxEFkb80RnNDaoU
Pxa8IGBQDCkfbpv494z8Y9sbwqgM4i7IMBQXbrGJATMEEAEIAB0WIQRmhOHrleZy
5zv6GydA1RUbfWnukQUCXCeMiAAKCRBA1RUbfWnukcwnB/93Py95PFZ0w7mhGYoR
40GqxPyG5ADZ3W9d007eijn4uJ9XCZ8TSQeyZjexPfyPtHi4ouLDnAHz2iisvvk9
egNdnyOMBIA/JoTskT79Ny3yaCBdX1AObCyTrxKX0hcfI/K+T3FlfIwTZAK4riJ8
SGsSzGmglVI5df9H61hpSex9ua4W1EczWXyD3tI37qQXc4XhJLPfdqtO+ABEfL6h
uRF53cLDvGcJp6KSVcJJhP9yE+kD40J1ynoaTWH0znG54Xq8c1RWqKzQV8jNC3Ip
uI4Si/9uG09ti0CyvsvPeR/GFNzb17CBZoXAhOhcyAlBeHQngjP1UnrqytTfE9HC
QIQFuQINBFwniY4BEACfcZ6tRsBV1dDTjfl6V9f/joWpvx2fvJqKll+EAL0jKTfA
n+VpXvUmlG//voN8fT+QbRhg8HA1QeTrxYqbsr/JDILd3wg+hzWrUlXt6ynQnDKr
p6m04EzE8P+Cl4pol79Y+Ew1TjLO2sUifoo8BOlLPgp2S5PH1T2uuWa74+pjTqsv
NLpot3aLZZ8MMss13ZZL8hpokJnExqT1QjY3YNhE4u6vvmK5jfK7gd05nL9UhCdZ
A28qxcisztAD2O0QOSvNPLJfyJ1Hj+7xynDv72BlMCk6YDqZB3bFwUX06YpOuDa1
piaQ51uty/RQw97cn046h2KYssP2SHDBQgnMhNUzqC3MnR1qSVHDvFwSlqXpjTJc
aH4z5/XH7FDR+okK2qlLRC0JjbICfBTpKNk355RfCTUneExVvkGXp8pOZQsj6f/5
67x87nDKqzTL0p1ThSBKwhPwQT2rpJ+jzV8OHya4zyKgXMnXKTiGh3+IdJxMOLNe
Hw3yg5smL+4w6bBiUXR/tNr6D3E5k5hPP8b4wIMYvbZGwEXHNY4Owq0hAwm6gJgx
Ew3ruSszSLdzyQHFVLBMck8L1dt0r7G3BLSl8LC3cUQOZtSQJAfSrwmCOEqwlI6Q
utSpubrLkR94t92uW9Ln1FtQWOyF5eUUJRpr6rx9vPuf/zO/B61ApXgMYE35LQAR
AQABiQI8BBgBCAAmFiEEKJCjresbzn2uFRZukmftqRJz8R8FAlwniY4CGwwFCQeG
H4AACgkQkmftqRJz8R/nKw//Wj59vryVXeaeJoit/zRDhh9tkSeE8nBqnSjcpJX9
C0eZ5LxXDXoY52yj1QZ5Ro0damh6WqzwgZGni7Z8CgbRwVwObK4oid2DVsYYyt8+
vvOIlI0QddF8dyVI/YHp4iV9busCGF2N9LZ9A5KBnhY+QEh6y5yp7hFwh/5yjbAl
tfHUkgSgZHU+2AeKmU37hJeUI1Y8e0eHQZkteKe5t3k5VzmnYLJZO9Ss6s1oKeuq
PSneTuYUk6WpXh09sW/XqmO/LXPfgS4bwEEJ2QlvmvYkjJQkKit3T/hXhUF3vgoX
lhmfAR+7f9tVBQcghkDaXirfbp5U37WTNJLWWzgul+0foU29YK8OoRG0VPNAQ3tl
64ToS5I4zf3A69AZqVyVTT72rpmrNxvG6isf8m98wLQ8qOJ0PJALIj93tSlyXWxN
G8UZNdoIQnNb/+WnDCyTrIczN/Dg5+rtEla3kAt66rJtiQrdTHuswEIeEF4goblA
BIArf2y21OEAt9QjhsSixPbEAnJKhS0KJ9ISQnNUW09c9CqViWotznBzw9SdIf8F
EKGeYJiMfIsafHShu89k7OAiQVsQk38ldfBLPLeik8eCrI2/ul2MfsCDhjHmmbUR
sGrnTuyPg1rf55P+ofV9cH0d7Dij4Skk22FSw1YWcwk5m56FbXwJU8cyrfEa8uW3
INU=
=hsAZ
-----END PGP PUBLIC KEY BLOCK-----

This (0x1273F11F) replaces my previous key (0x7D69EE91), and you should now get warnings when using the old one… assuming that you can update keys from the key servers at some point in the future.

On macOS i’ve been using GPG Tools, and had considered giving them money to continue to use it. However, having watched a 35c3 talk titled, “Attacking end-to-end email encryption” which covers all the ways that PGP is broken in mail clients (“except mutt!”) i’m more convinced than ever that secure mail with PGP is essentially a disaster waiting to happen.

Signal, despite its lack of UI / UE polish, remains a much better option if you can get the other party to agree to use it. If you have to send and receive PGP mail of any import, do as the experts suggest and compose it outside of a mail client. And, for the love of gub, don’t do it anywhere near a browser!

 

MacBook Pro 2018 “Review”

My work has provided me with a 2018 MacBook Pro. This is my reaction to living with it for a couple of days. For perspective, i’ve been using Apple machines, pretty much exclusively, for 20 years. Much of that time they were glorified terminals to solaris or linux systems, but more recently (the last decade..) as my primary development environment.

The Good

  • the screen is amazing.
  • the speakers are a huge improvement over the already pretty good speakers in the 2014 model

The Bad / Ugly

  • no magsafe charging… who thought that was a good idea? For years it has been possible pick up a laptop and safely knock the charge cable off the machine with your thumb, but now it’s a cable to pull, and an easy way to drag a machine off a desk. At least usb-c is physically better than thunderbolt 1/2 connector… which is actually negative as it’s now more of a hassle to disconnect the thing!
  • in order to plug in almost anything you need a stupid dongle. Can’t even charge an iPhone without buying a new cable! I get that everything is wireless now, but i don’t want a wireless keyboard that will inevitably need to be charged, have a battery that gets worse over time. It only has a battery because it’s wireless and that’s dumb. Who are these crazy people who are desperate for free movement of keyboards and trackpads? Idiots.
  • on the subject of keyboards – this one sucks. Just looking at it you can tell it’s bad – the keys have no travel, are comically large, and stupidly flat. To make things worse they make a stupid amount of noise when struck. Is that supposed to trick me into thinking they have some kind of sturdy mechanism? It’s not working. Feels like a toy.
  • still on the subject of keyboards, the fn keys are missing. Not there. The replacement for this is a strip of plastic that provides no physcical feedback, and blinks distractingly as if it has some useful purpose. Part of the collateral damage here is that the Escape key is missing. What a fucking joke.

It seems unlikely that i’ll be using this machine as a true laptop for any extended period of time. In order to use it at all i’m connecting a keyboard (wired, obviously), a trackpad (which has batteries that will fail when it is least convenient), and will probably hook it up to a monitor at some point.

Due to the vagaries of corporate IT and Security weenies it’s hard to say if the proceeding four years have yielded any performance improvement. It certainly doesn’t feel any faster, even if it does now handle builds with spinning up fans. However, that could be the slew corporate spyware installed. Hard to say.

In my opinion it’s a hateful thing. A disaster of form over function. A miscarriage of design to hit the wrong targets. I don’t care if it’s n millimeters thinner, don’t care if it’s a couple of grams lighter – the primary interface (the keyboard) is an abomination. Couldn’t give a fuck about a new physical interface in search of a reason to exist – the Touch Bar is utterly pointless and distracting.

Would not recommend this machine, as a pure laptop, to my worse enemy.

Back to NetNewsWire?

I’ve been trying various RSS readers over the last couple of months. Initial Vienna (which felt dated), then Cappuccino (buggy), and now Evergreen… thus far has been lovely.

As noted here, Evergreen is going to be the new NetNewsWire 5.0:

You probably know that I’ve been working on a free and open source reader named Evergreen. Evergreen 1.0 will be renamed NetNewsWire 5.0 — in other words, I’ve been working on NetNewsWire 5.0 all this time without knowing it!

This move back to RSS or feeds in general was a side-effect of getting away from Twitter. Wanting to get away from Twitter was… it’s not important. The end result is that i send less time being interrupted driven, but also miss more things that might be interesting.

My move to Mastodon is a rather lonely affair – without millions of users it lacks the essential “reach” that motivates people’s engagement with Twitter. In order to keep up with friends on Twitter, but without the Twitter “drama”, i’m using TwitRSS.me to scrape RSS feeds.

The RSS returned is a little funky, but Evergreen is doing a reasonable job of rendering. There seem to be alternatives (RSSHub, FetchRSS, etc), although none of them seems to be focused on keeping Twitter at arms length.

Anyway, it’s nice the NetNewsWire is coming back, and if we’re lucky some renewed interest in RSS in general.

Mastodon & Whalebird

There is very little going on (for me) on Mastodon, but it’s still interesting to see how it develops.

My latest thing is leaving a a desktop client called Whalebird open. Another Electron app… which obviously isn’t ideal, but becoming a trend – it’s quick to throw together a standalone app wrapped around the existing browser interfaces. Unfortunately it’s essentially running a full browser for every app. That probably isn’t as bad as it sounds (modern o/s have on demand page loading, etc) but it makes every Electron app an easy target for accusations of bloat.. one of those mind-numbing discussion killers, which is increasingly at odds with the amount of memory available (and generally sitting unused).

Meanwhile there is more discussion, beyond “It’s federated! It’s good!”, focusing on the practical reasons for avoiding Twitter:

The Why: Twitter Is in the Outrage Business; Mastodon Isn’t a Business

Though i don’t think it will happen, it would be interesting to see if Mastodon could survive, in it’s current rather open / tolerant form, an influx of Twitter’s current user base. Perhaps it doesn’t need to, and multiple communities can form on unconnected instances. Do we really need to suffer brands? Will instance owners actively manage their communities, and resist the “freeze peach” pressure to which Twitter has so easily yielded?

When all is said and done, i don’t think Mastodon is ever going to escape it’s niche and challenge Twitter. It might be that it’s too similar for most people’s level on engagement, and a more radical / gimmicky alternative is needed. Until that happens i’m stuck between worlds, with a curated set of Twitter friends followed via RSS!

Edit: