julian

@julian@fed.foad.me.uk

FOSS dev, self-hosting fan, Matrix, degoogling, small tech, indie tech, friendly tech for families and schools. Let's own our own identity & data.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

smallcircles, to fediverse
@smallcircles@social.coop avatar

"Can improve the user experience of decentralized ecosystem?"

https://www.liquid.surf/2024/2/7/Can-FedCM-improve-Solid-login-flow

This article by folks working on a based app called Liquid Surf mentions the specs of the Federated Identity Community Group.

And in particular how this CG - having Big Tech members - could improve their specs so that small identity providers are also taken into account properly.

Idk relevance to and , but the work looks interesting:

https://github.com/fedidcg/FedCM/issues/240

julian,

@smallcircles Yes ... My own blog post tries to bring the issue to light succinctly: https://wrily.foad.me.uk/sign-in-with-big-tech-only-or-sign-in-with-whom-i-prefer ... In short, the proposed new standard is to make a slicker browser flow for Sign-In-With-Xxx buttons. The critical defect is the present proposed standard threatens to bolster the BigTech identity providers: if this becomes a standrad as-is, then sites will only offer "Sign in with Google" and "with Facebook" and the like. We need an amendment to make the browser offer, as additional options, the user's choice of identity provider(s), be it large or small players. Our help is sought to review, test and push for this amendment.

foss_events, to foss
@foss_events@fosstodon.org avatar

No matter the background, for humans or cats: Tell us about your and help everyone by adding an event to the list for 2024: https://foss.events/new-event

On this occasion, read how to reuse existing entries and save yourself a lot of time: https://foss.events/about.html#contributing

julian,

@foss_events I'm feeling refreshed on seeing a row of icons on your web site for "social" contact methods, source code, etc., that are all FOSS. So rare, even in the freedom software community. So beautiful!

aral, to DaftPunk
@aral@mastodon.ar.al avatar

Daft is so apt.

What the fuck state are those switches in, Daft?

julian,

@aral @devnull I saw the screen shot before reading the comment, and my first thought was, "Hurray! At last someone has seen sense and not presumed to provide a default, because this is meant to be a deliberate choice." BTW, my junk box contents includes some physical toggle switches that have a centre off position.

julian, to random

@EC_DIGIT asks, at today’s OSOR Turns 15 event, how to “enhance the use of open source for the benefit of all”.

How? First show people open-source-based non-proprietary digital services. Because people still don’t know such things exist. They think Twitter is a public service, for example. We must train the public to see, to think differently.

I’m going to point my finger. Somebody has to start the process. Could you start with your visitors right here? Every page of OSOR Turns 15 promotes Twitter. Why? “For reach”, ok, but why promote it as if it’s the one and only standard public messaging service? For your next event, vow to stop that! Promote your Fediverse channel instead, and demote the twitter icon. Put an explanatory note on it for the curious to learn more. Twitter is .

Or tackle using EU Video (PeerTube) instead of YouTube/Vimeo.

I’m sure it’s not as easy as it should be, but that’s what we’re all here for, to make it normalised and easier. One step at a time, and keep stepping.

Can we do it? I think we can!

(I noticed and appreciate that the site uses Matomo open source analytics. Now we need things the public can see!)

josh, to fediverse
@josh@josh.tel avatar

deleted_by_author

    •
    julian,

    @eibhear @josh @reflex Matrix moving to external standard auth (OIDC) is a fantastic thing for us self-hosters. As someone struggling to host multiple services, each with its own different auth system, I can’t wait: SSO capability will simplify the UX, closer to the mainstream experience that Big Tech users find so convenient, so friends and family might stand a chance of using our services.

    No need to fear being left to figure out the migration alone. Thousands of us will be doing the migration together when it happens, with an upgrade path and plenty of support, I’m sure. It’s not there yet but search for example for “matrix-authentication-service” in the FAQ section of the https://areweoidcyet.com/ web page to get a feel for how it’s likely to be done.

    smallcircles, to mastodon
    @smallcircles@social.coop avatar

    Should ?

    I can't hear you..

    SHOULD MASTODON GIVE UP GITHUB???

    Now I hear you! 😃

    https://sfconservancy.org/GiveUpGitHub

    Serious now. is becoming a one-stop-shop for , that uses to expand its dominant position. Gradually locking people in, with rich feature sets. Good alternatives exist, and can soon integrate with the via protocol.

    Weigh in on the discussion, add upvotes, emoji and feedback to:

    https://github.com/mastodon/mastodon/discussions/27765

    julian,

    @roland @smallcircles What we need is for each hosting site to allow a project to Bring Your Own Domain. For example my project would bring git.my.example.org to a hosting provider and adjust our DNS records to point to it, and visitors to my project would see only my domain not the hosting provider’s domain. Right now that’s possible (by paying the hosting provider to run a whole instance of any software forge) but it’s not efficient (we want our project to use just small additional resources inside an existing forge) and multiple single-project forges also don’t currently have a way to share user accounts for collaboration, and cross-project search and “stars” and so on. Wish we could upgrade to the bring-your-own-domain model, like is commonly available from email providers.

    Brendanjones, to UX
    @Brendanjones@fosstodon.org avatar

    Maybe I'm behind the times but I just came across https://www.tldraw.com/ and it looks amazing. If you're familiar with then it's basically an open source Miro clone.

    In essence, an infinite digital whiteboard that you can add anything to.

    According to the docs https://tldraw.dev/ you can "use the Tldraw React component to embed a fully featured and extendable whiteboard in your app." That's very cool.

    One for the / / people?

    julian,

    @Brendanjones My first question these days for a new collaboration tool, more than what features it currently has, is: what's their attitude to inter-op? Is it like, "obviously we include a chat feature, our own little chat silo which we invented here, and obviously we provide a server for you to share drawings, our own little silo server"? Or is it like, "obviously we make it easy to plumb in to your own matrix chat rooms, and obviously we make it easy to plug in to your open file sharing protocol (WebDav, NextCloud) for sharing your drawings"?

    julian, to random

    Open tech, be afraid. Be very afraid. Microsoft owns both Visual Studio Code “VSCode” and MS-GitHub, two intertwined and utterly proprietary product-service ecosystems with a bit of open-source in their core to lure us in. Because they love open source? Yeah, no.

    Soon after leaving GitPod whose technology links the two, Geoffrey Hunt last year explained their strategy and what it’s doing to our open tech world, in a great and “harrowing” article, “Visual Studio Code is designed to fracture” https://ghuntley.com/fracture/

    “The future of software development tooling that is being built is closed as ****, and people seem to be okay with it…”

    This is why MS-GitHub is not our friend.

    This is why falling for their trick, disguising MS-VSCode as a neat “free” editor, will come back and haunt and hurt us.

    Vendor lock-in double-whammy. Using open source as “a financial weapon”.

    “… the biggest challenge for Gitpod, GitLab, Datacoves, OpenBB, Foam, et al lies ahead - developing open language tooling for each community where Microsoft has forked the communities over to proprietary language servers…”

    If we have a grain of public spirit, if we are motivated at all by the Freedom that’s supposed to be afforded by Free-Libre Open-Source Software, we must , we must recognise the trap, we must choose truly open .

    julian, to random

    Mid November, time once again to remind our Friends, Family & Followers that is the way to avoid harmful . Let's repeat: Don't Fall for the Surveillance Tech Trap: learn How To Buy a Freedom-Respecting Gadget. Seek out a Good Gadget Giving Guide. Let's reach out to the uninitiated: where should someone begin who isn't already immersed in Freedom Tech? I'll try to put out something. Can you too join the movement, maybe post your own recommendations, write a short article, a round-up of the issues and the alternatives that respect our freedom, link to existing guides? Who's in?

    julian, to random

    @openandroidinstaller Lovely to be able to install a freedom-OS like /e/-OS or LineageOS in this way. One thing I want to add is functionality to install apps (especially system apps), and disable some pre-installed apps, after installing the OS. Especially to install things like f-droid, f-droid privileged extension, Titanium Backup, DAVx5, syncthing, nextcloud, bitwarden, authenticator, tailscale, etc. as system apps, and to replace some default app choices.

    julian,

    @openandroidinstaller I've previously written Bash scripts to install and tweak LineageOS and apps so have an idea where I'm heading.

    julian, to random

    @openandroidinstaller My first little contribution to OpenAndroidInstaller: Show error details when selecting wrong image or recovery, a.k.a. on your github repo.

    When selecting an image or recovery that does not match the device codes, I was bothered by the lack of transparency and specificity in the error message, which just said the files “don’t work with the device”.

    We now show an error message that gives the user a better clue about why we rejected the file they chose. It explicitly shows the discovered and expected device codes.

    If you like, you can review the diff of my branch and merge it to your dev branch like this (why not a github PR?):

    git pull <a href="https://lab.trax.im/fork/github/openandroidinstaller-dev/openandroidinstaller.git" rel="ugc">https://lab.trax.im/fork/github/openandroidinstaller-dev/openandroidinstaller.git</a> 1-show-error-details-when-selecting-wrong-image-or-recovery
    smallcircles, to foss
    @smallcircles@social.coop avatar

    a e-signing alternative to the proprietary , and .

    https://www.opensignlabs.com

    -licensed. More info, see the blog:

    https://www.opensignlabs.com/post/opensign-the-enterprise-grade-open-source-docusign-alternative

    See also HN discussion:

    https://news.ycombinator.com/item?id=38052344

    julian,

    @smallcircles Nice to have this alternative. I think. I've recently discovered and deployed our own instance of SignaturePDF: https://wrily.foad.me.uk/our-own-signaturepdf-awesome-open-source , https://pdf.24eme.fr/

    Whereas SignaturePDF is just a web-app, and less sophisticated, OpenSign looks like a commercial service (OK, that's fine) that just published its code (last week, 55 k lines). I hope it is not just "published source" but that the team behind it keep it "open" in spirit and keep up the self-hosted option as a viable option.

    floledermann, to mastodon
    @floledermann@mapstodon.space avatar

    At a recent department meeting discussing social media, I was shocked how few fellow researchers were aware of .

    I would therefore like to do a brief intro talk to Mastodon & / on next opportunity.

    Are there any open slide sets or other resources out there I could build upon?

    julian,

    @openedtech @CEDO Some possibly useful outreach materials, introducing organisations to the idea of open tech. I've talked recently about how I feel a big part of our challenge is introducing the principle and existence of open tech to people who simply haven't heard or thought of it. These materials introduce open social media; I'm thinking we could adapt them to introduce ed tech. Personally I find it far easier to adapt than to start afresh.

    1. The list of articles Brendan Jones shared, that I'm replying to: https://fosstodon.org/@Brendanjones/111119773440043860

    2. The https://fedigov.eu/ web page, about which I blogged my enthusiasm and adaptation ideas: https://wrily.foad.me.uk/fedigov-social-media-links-for-government-websites

    @Brendanjones

    EC_NGI, (edited ) to random
    @EC_NGI@social.network.europa.eu avatar

    Event announcement: NGI FORUM 2023
    Mark your calendars for 15-16 November 2023 and register now for the NGI Forum in Brussels!

    For more information: https://www.ngi.eu/event/ngi-forum-2023/

    julian,

    @EC_NGI YouTube -> , 's PeerTube -> .

    cc @smallcircles

    smallcircles, to GuildAlpha
    @smallcircles@social.coop avatar

    @theruran @garbados

    Interesting. @csdummi and @tomat0 started at social coding movement. The idea is to have a group of collaborating people who together select a project to work on for a period of time and make a significant improvement. Then move on to the next project.

    They started with . Here are Guild reports: https://discuss.coding.social/t/weekly-guild-reports/304

    I'm iterating on a slightly different concept called Prosperity Guilds aimed at collab in grassroots movements, work in progress

    julian,

    @csdummi @smallcircles @theruran @tomat0 Congratulations! That looks like a nice way of working together and getting something valuable done quickly.

    oblomov, to random
    @oblomov@sociale.network avatar

    I really wish you could classify bookmarks in Mastodon

    julian,

    @smallcircles @oblomov @flancian Been thinking myself how I want my browser bookmarks and my fediverse bookmarks and my matrix bookmarks (not implemented) and my ... bookmarks all saved in my personal bookmarking/read-it-later/reference-tracking storage, that's independent and not tied to any particular source app (such as web browser) or protocol (fediverse, matrix, etc.). Features like adding tags/categories and notes, and whether to save the associated content in a read-it-later cache or in a personal content archive, and tracking whether I've read it and how old it is, should be common features across all input sources. Bookmarking as a ?

    julian,

    @eichin @flancian @smallcircles @oblomov It's vital to frame personal generic bookmarking, like anything in this class of , as an open protocol. The protocol might be inspired by an existing service API such as https://pinboard.in/api/ . But the protocol must be more than just open-licensed: I would also require it must perform zero-config discovery of one's own personal service end-point.

    jens, to random
    @jens@social.finkhaeuser.de avatar

    I'm seriously considering defederating from at this point. I'm applying a limit for now, which means if you're on that instance, I may not see you.

    Mike Stone (effectively) doubles down on moderation principles based on keyword, not context. Additionally, he confirms limiting accounts without notification is part of the policy, effectively shadowbanning accounts.

    https://social.finkhaeuser.de/@jens/110690324938661563

    (The screenshots just capture the main part of the linked thread.)

    See linked thread.
    See linked thread.

    julian,

    @jens This whole sorry situation just reminds me that the moderation "story" and tooling is weak and in need of development, both socially and technically.

    J12t, to random
    @J12t@social.coop avatar

    How long should social media posts be retained? That's an interesting question.

    Facebook, for example, retains everything forever, not just posts, but also searches and private messages. Some newer social media protocols are based on an append-only log (which means old posts can never be deleted).

    But much we say on-line -- not all -- is really similar to a conversation with friends over a beer, and we'd be appalled if we'd record each other then and keep for years.

    What's best?

    julian,

    My framing for message retention:

    1. A communication is distributed property. (It's my data and your data at the same time.)
    2. My data, my rules. (Your data, your rules.)
    3. Retention is non-binary. (There are degrees of accessibility and modes of retention.)

    I like real-world analogies.

    When I send you a paper letter, I choose whether to keep a copy, and you choose whether to keep the copy you receive. Together we agree how confidential it is, whether we should share it or publish it or destroy it. In light of that agreement I decide where to keep my copy, perhaps in my office, or pinned to my front door where any passer-by can read it, or in a vault that will only be unlocked once I die. If we publish it, we accept there's a public copy out of our direct control but still subject to laws and our stated wishes.

    Any electronic system should give me and you those options, no matter how it's structured internally, if it claims to be serving us well.

    @J12t

    julian, to random

    Observations on LLDAP. As someone wanting to get LDAP and SSO on my self-hosted services, but never studied LDAP, I jumped on LLDAP eagerly, a few months ago. https://github.com/nitnelave/lldap

    • It's close to the ideal level of simplicity for beginning like this, with sensible defaults (or rather hard-coded decisions) for the schema (i.e. which attribute cn/dn/ou/etc. is used for uids, group-names, real names, etc.).
    • It's lacking a display or documentation showing which schema/attribute it is actually using for those things, which makes it hard to configure real apps. It would be ideal if the UI would show the results in standard "ou=xxx,cn=xxx" format for quick reference.
    • It comes with lots of app example configs but they're of random mixed quality, some spot-on, some rubbish, so can't rely on any of them.
    • As soon as the product of (n_users x n_groups) exceeds about 10, then the simple admin interface is cumbersome; it would be helpful to see the group assignments per user displayed (and editable) in a grid formation rather than having to go into each one one at a time.
    • Lacks import/export/configuration-as-code.
    julian, to random

    "Let's Forge!" is a thought theme, on how we can think of our community all building the friendly tech world together: "Friendly Forging: Shared (technology) vision" writes @smallcircles at https://discuss.coding.social/t/friendly-forging-shared-technology-vision/328
    Free Software Development Lifecycle

    julian, to random

    @J12t I just discovered from your bio https://dazzle.town . Great initiative! It aligns with principles I'm working towards. I'm all in with the concept and would be interested to follow. But I noticed it currently invites participation on Telegram, Discord, Zoom. You can guess what I'm going to say. "No, thanks!" But you don't need me to call out the incongruity, we're both well aware. What I want to ask, what I want to understand, is what are your thoughts and wishes on that? Because this occurs in lots of projects. Is it simply not targeted at those of us already "owning our own digital self"? Is it because you feel it's the best way to engage "mainstream" people? Are the most useful routes to engaging potential users the same as for engaging potential collaborators?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • kavyap
  • DreamBathrooms
  • khanakhh
  • magazineikmin
  • InstantRegret
  • tacticalgear
  • thenastyranch
  • Youngstown
  • rosin
  • slotface
  • modclub
  • everett
  • ngwrru68w68
  • anitta
  • Durango
  • osvaldo12
  • normalnudes
  • cubers
  • ethstaker
  • mdbf
  • provamag3
  • GTA5RPClips
  • cisconetworking
  • Leos
  • tester
  • megavids
  • lostlight
  • All magazines
    •