I’m an engineer (the applied science kind), formerly an architectural designer, and even more formerly a photographer and videographer. Self-employed.
I spend just enough time in the office to get carpal tunnel and just enough time in the field to wreck my knees. Stupid #meatspace ...
Random sampling of interests: GNU/Linux, bike racing, mapping, urban sketching, remote sensing, web security.
Proficient at many things, master of mostly nothing.
Good to see GNSS system vulnerabilities getting some mainstream interest.
The modern packager’s security nightmare
Building custom systemd services
This is a SUPER helpful "cheatsheet" for creating your own systemd stuff :)
The manual pages are also WAY useful for explaining 98% of the optional things.
Joplin now has quick links to join notes, auto back-links, a reasonable graph, and mostly sensible and clean markdown export. I still wish it would work over a folder of plain text files, and if not I’d like to be able to use more than one database, but at this point I’m happy to say goodbye to Obsidian.
Now I just need to tweak my Python script for publishing a bit. You know, with all that free time.
So, signed binaries on Windows... Can/how do you verify them? I mindlessly check them to see that the signer at least superficially matches who I think packaged the program, but looking at the one for Joplin for example it lists Pogopixels Ltd.
About 10 minutes of web sleuthing leads me to believe the signature is probably legit, though the website is a redirect and projects under that name seem abandoned.
If I really cared though, what’s the right way to verify something like that?
Fiction: Awakening of the Great Ones https://medium.com/@kent-dahlgren/fiction-awakening-of-the-great-ones-776c7fd2637b?source=rss-893a18987bb9------2
I'm not used to PyPi being included in these articles.
A little sci-fi to start your weekend 🚀
We wrote a report on an inventory and recommendations about the use of Free and Open Source Software in the OpenStreetMap Foundation - https://www.openstreetmap.org/user/xamanu/diary/395615
I remember this post from early last year and forgot to book mark. Finally got DDG to cough it up.
Going into the new year trying to spend more interations of my time working on "home cooked" software that just solves problems for me or my friends and doesn't need to have all the nice clean scalability of the day job.
Why is virtually everyone I have to engage with professionally a crook, a liar, or both? Day after day, year after year. You might think you’d get numb to it, but it’s just getting harder and harder to bear.
It’s to the point where government jobs look clean, straightforward, and fair.
Never forget how Oxford wanted to open source their vaccine but the Bill and Melinda Gates foundation stepped in and AstraZeneca got exclusive rights. https://khn.org/news/rather-than-give-away-its-covid-vaccine-oxford-makes-a-deal-with-drugmaker/
Debian ships _real_ minimal vanilla Raspberry Pi images:
It took a ton of years but finally, something usable exists. That sets locales up properly rather than be stupid about it. And sets permissions file/folder properly. And ships pretty handy tools like kpartx. And can handle both 64 and 32-bit ARM libs/code because of dpkg's multiarch support. And doesn't hamfistedly alter packages. And doesn't break packages. And ships debug symbols. And gets newer packages too when using the unstable apt repos. And doesn't have an annoying following...
Weathering the storm, for the moment.
A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.