I made a set of phone wallpapers with an assortment of Pride flags and hormone molecules
Continue reading “Pride flag wallpapers”Knuckle Tats
I made this a while back for a Fedi shitpost, and it’s still fun.
https://roosenmaallen.com/tats
Let me know if you do something fun with it!
New Toy: Towne Crier
Following up on a fedi post, I made a website shell to display random article summaries/links.
https://gitlab.com/eroosenmaallen/towne-crier
Articles are input as text files, the a build script compiles them into JSON and puts them into the site; the repo includes a gitlab-ci script to publish the output to GitLab Pages.
I hope it might be useful to somebody.
CheerLights 2024
After some configuration sadness, the CheerLights fedi bot is back up and running, now at @CheerLights@mastodon.art.
In a Fedi post, mention the bot or the hashtag #CheerLights along with a colour (blue!), and connected RGB lights all over the world will change together.
Remember, even when things seem bad, we are all connected.
2024, the Great Bot Migration
With the announced shutdown of botsin.space, I have moved my stable of friendly bots over to https://mas.to.
Continue reading “2024, the Great Bot Migration”Statistically Probable Ancient Wisdom
I’m pleased to announce the launch of my latest Mastodon bot, Sun Tzu’s The Art of eBooks . It’s a Markov chain bot trained on (you guessed it) The Art of War.
Continue reading “Statistically Probable Ancient Wisdom”Mutual Aid Options in Canada
“We support us”
This is the punk ethos running through so many of the communities I’m a part of or associated with. We take care of each other, and in a capitalist hellworld that means moving money around.
Continue reading “Mutual Aid Options in Canada”Unix Principle: Don’t prevent foolish things, because that prevents clever things
Application group at dayjob ran into a guardrail today.
They need an FE-generated ID token, low-security, unique in a low-volume setting. Sounds like a UUID to me!
But.
`crypto.randomUUID()`, in order to prevent low-security IDs being used where high-security is needed, is not accessible outside a secure context, and the application in question runs in an insecure context.
On the core team, our go-to “unique-enough id” is nanoid. nanoid is pretty spiffy; if available, it’ll use the browser crypto API to generate good-quality entropy and good random numbers. But! If not available, it’ll fall back, all the way to Math.random() if it needs to.
Secure? No! But not everything is a health info transfer, sometimes we just need a quick and handy number to tie some stuff together.
Moral of the story:
If you prevent your user (user-developer) doing dangerous things, you’ll also prevent them doing clever things. Document the scary bits and mark the holes, but don’t put up impassible guardrails or users will just find another way.