Here's what I worked on today: https://gitlab.com/soapbox-pub/ditto/-/merge_requests/14
A Nostr event pipeline. Events from all sources (firehose, client, relay, API) pass through it, and maybe get stored. It will later support policy filters.
Bath & Bodyworks Rose Water foamy handsoap reminds me of a time when I was very production, so whenever I use it the neurons start firing again.
Nihongo, gakusei
Linus Tech Tips is spiraling.
WHY
nostr:npub18994crjwnldrukwym5lz3y2nae84s84v20m2rkngtjnyg549lr6qvxmd6m question, how TF do I prevent SSRF without setting up an outbound proxy server? Doing DNS lookup I assume will destroy performance, and caching the lookup makes it vulnerable to timing attacks. The internet is broken
That's exactly what I was gonna say. Maybe in the 90s, but certainly not in 2023, and especially not in software development.
The spec was written by academics. Academics don't build things.
It relies on the same underlying concept (to aggregate data from as many sources as possible into a single stream). But it's used for building caches and tracking stats, not for displaying a feed. Although the data it stores then becomes used is feeds.
Here's what I worked on today: https://gitlab.com/soapbox-pub/ditto/-/merge_requests/9
I just patched the Mostr bridge, because apparently Deno's fetch implementation is vulnerable to fetching "file://" URIs. Thankfully I was parsing the response data before returning anything, but TIL the Deno devs implemented this as a "feature" on purpose. 🤦♂️ Nobody is safe from Rust.
nostr:npub1wfvuzlcg08v2kz04pzed9jwpdv84rlxsd26eyy6q9m0ldn37swjq0hyfp8 nostr:npub108pv4cg5ag52nq082kd5leu9ffrn2gdg6g4xdwatn73y36uzplmq9uyev6 nostr:npub1ajw6axeack23437kedc8pkwghneenrkh9ljfxxgxumr6t6k4rtvqecaj8d :thunkd: how do other providers work? I imagine it's the same concept.
They're simply authorized by the government to do so. I don't think we can solve this problem in a truly decentralized way. We need a single nonprofit org with a license to do this, running a scraping tool across the whole network.
This project collects hashes, voted on by users. According to the IWF even holding the hashes is illegal... and I don't know about the concept of voting.
nostr:npub108pv4cg5ag52nq082kd5leu9ffrn2gdg6g4xdwatn73y36uzplmq9uyev6 Luke "Vim Diesel" Smith has started a CSAM-Buster project that's supposed to do what it says on the title, and it's using Nostr for has distribution. Were you involved by any chance?
https://gitgud.io/lukesmithxyz/csam-buster/-/blob/master/spec/spec.md
Wow! This is the first I'm hearing of this.
ChatGPT tells me about itself: https://chat.openai.com/share/7175f864-240c-4c12-8165-70520dd5383f
It's built in Python. The codebase is not nearly as large as Chromium. It's more similar in size to Mastodon.
There's a Kiwi Farms playing card in this set. https://www.heterodorx.com/gender-wars-cards/
What I actually meant: aggregating events from as many decentralized social media servers as possible into a single realtime stream.
This is a perfect visualization.
Time to build a firehose.
He left that lady's head behind my shoulder