Welcome to Kirsle.net!

For the past few years, on and off (sometimes more off than on), I've been working on a videogame called Sketchy Maze and had been taking screenshots of it along the way. This blog post will be a bit of a retrospective and a series of screenshots showing it from its very first prototype up to the state that it's in now.

I wasn't even sure I was going to get very far on this project. I had once attempted programming a game in Perl and lost steam after barely having a working prototype. I had dabbled a few times getting started programming a game but then decided my brilliant idea of an RPG game wasn't worth all the programming. Stubbornly, I never wanted to just use a game engine like Unity or Unreal but wanted to program it all myself. And programming from scratch is considerably the harder way to go, so your game idea had better be worth it in the end!

The game idea that won out is a personal and nostalgic one. Back in the 90's when I was growing up with videogames like Sonic the Hedgehog and Super Mario Bros., I would often draw my own "mazes" or levels like on a 2D platformer game, with pencil and paper and then "play" it with my imagination. I'd imagine the player character advancing through my maze, collecting keys that unlock doors, pushing buttons that activate traps somewhere else on the page. I'd write little annotations about which button did what, or draw a dotted line connecting things together. My mazes borrowed all kinds of features from videogames I liked, all your standard platformer stuff: buttons, trapdoors, conveyor belts, slippy steep slopes, spikes and water and whatever I wanted.

So my game concept was basically:

• Players can draw their own mazes completely freehand, with w/e colors they want
• Players can drag 'doodads' like buttons and keys into their level, and link buttons to devices, etc.
• And it should be mod-friendly af: players can make custom doodads with custom behavior (programming)

See the full blog post to read how I even got this started and see screenshots of progression between the "Before and After" pictured below. My first target goal was just a stupid simple white window that I can click on to turn pixels black and save it as a PNG image. If I could get that far, I could do all the rest.

Read more...

It's been a while since I last wrote about my videogame project, Project: Doodle, which has now been given a proper name: Sketchy Maze. There have been a few releases of the game since I last wrote about version 0.4.0 and they bring some exciting new features!

Read more...

On forums like r/privacy people often discuss the role of open source software when it comes to privacy and end-to-end encrypted messaging applications. The general consensus is: a privacy focused app must be open source so that people can get their eyes on the source code and audit it for security vulnerabilities, verify it's doing what it says in the tin and without any secret government backdoors built in that would undermine the security and reveal peoples' private chats.

These are all well and good: if the source code is not open, you can't verify the code isn't doing something sneaky like uploading your encryption keys to the service provider or whatever. But, open source alone isn't a silver bullet to help guarantee the security of the app:

• Just because the code is readable and somebody could audit it for bugs, doesn't actually mean anybody does. Some vendors of such software may hire security firms to deliberately audit their code, but for random small projects that haven't been formally audited, "open source != automatically secure" -- but still, it is better than closed source where nobody can audit the code.
• Just because the source code is available doesn't mean the program you download from the App Store is built on exactly the same code. Google Chrome, for example, is built on top of the open source Chromium browser but after Google injects a few proprietary services and features; the Chrome program released by Google has features not found in the Chromium source code. This can be helped by so-called "reproducible builds" and I'll cover that below, but reproducible builds do not come "for free."

In this post I'll address a few common tired things I hear people on r/privacy say in regards to this topic and how it's never quite that simple.

Read more...

Have you ever wondered basically how blockchains work and what it means to "mine a Bitcoin" and why it's a time-consuming (and energy-intensive) process to mine one? In this blog post I'll summarize what basically drives blockchains and how they work, from my understanding of them anyway.

If you're anywhere close to a novice web developer or have ever hashed a password in your life, you already know the basic technology at play here. And even if you haven't, I think I can get you caught up pretty quickly.

The explanation I give below is surely super simplified and is based on my reading of how these work, along with several "Create your own blockchain in under 200 lines of code" type of tutorials which you could find for Python, or JavaScript or anything. It doesn't cover how the decentralized networking aspects work or any of those details, but just the basics on the cryptography side.

Read more...

Among my many diverse interests, one thing that fascinates me is to contemplate the nature of the universe and what Reality is made of, or at least, what my perception of Reality is made of and how the inner mind works.

To that end, topics such as quantum physics, simulation theory, and esoteric writings from the world's oldest religions like Hinduism and Gnosticism are interesting to me, and I like to talk crazy about that sort of thing from time to time.

In this post, though, I'm going to write strictly about visual perceptions that I've experienced at different times in my life. Many are related to psychotropic compounds, including cannabis, but now I'm able to experience some crazy things just by meditating while sober too.

Stories on the full blog post:

Read more...

I didn't find this documented very many places but it's possible to get a VNC server running for "remote desktop" to access and control your Pinephone display from your laptop.

Quick list of related technologies:

• To take screenshots of your Pinephone, use the grim command.
• To record videos of your Pinephone's screen, use wf-recorder.
• To run a VNC Server, use wayvnc.

Mobian already packages grim and wf-recorder so these are just an apt install away, and these are documented on Mobian's wiki. But wayvnc is not yet packaged in Mobian and you gotta build it from source code yourself.

Follow the directions on the git repo, including cloning down the neatvnc and aml dependencies. The README has instructions to build it for Fedora and Arch but the Debian instructions are missing! I found by trial-and-error the dependencies I needed to install to build this program for Debian:

sudo apt install gcc meson ninja-build pkg-config libpixman-1-dev \
  libdrm-dev libxbcommon-dev libwayland-dev

I ran the built binary like wayvnc 0.0.0.0 to start the server and connected with the TigerVNC client from my desktop.

It has a couple of quirks to watch out for:

• The mouse cursor only appears on the Pinephone's screen, but not in the VNC viewer window, making some UIs hard to work with (the lock screen in particular). Edit: use -r --render-cursor options to get the cursor to work. Thanks, anonymous commenter!
• The Pinephone display was "too tall" to fit on my screen when in portrait orientation. My desktop monitor is 1920x1080 but the Pinephone display is 720x1280 so it ran off the bottom of my screen by 200 pixels. Switching the display to Landscape fit better.

This is a general idea or concept I've had kicking around in my head about a way that a federated social network could work, wherein the user's own local device controls their identity rather than having a username on somebody's server.

To understand what I'm talking about, first let's run through what a federated social website even is. Briefly:

1. Facebook, Twitter, Instagram and so on are all centralized social networks. You register a username on Twitter.com, their database holds your profile and user information, and you can follow and talk to other Twitter users that are on the same website. But from your Twitter page you can not comment on an Instagram post; you need to go make an account on Instagram to use their centralized social network instead.
2. So then you have the Fediverse and for a specific example, Mastodon is a federated Twitter-like web app. It's open source, there's hundreds of servers, each run by various individuals or small companies, and you can install the Mastodon server on your own machine if you like. No matter which Mastodon server you sign up a username on, you can like, follow and comment on anybody's posts on any Mastodon server you like. I could be "@kirsle" on the "mastodon.online" server and you can be "@soandso" on the "toot.online" server and we can follow each other all the same. It's decentralized, but each server does still have their own user account base.
   • But what if my chosen Mastodon instance decides to shut down? My profile goes down with it. Sure, I can sign up on another instance but I lose all my history and gotta start over from scratch!
3. What if there was a way to own my own profile on my local device, but still be able to interact with users on a decentralized fediverse of different servers?

How would it look? With typical websites, there's a database and everyone has a user ID in it along with their email, username, bio text and whatever other details, and each website has their own database. What if you could move that user authentication to the client side? So instead of, "I log in as @kirsle with my password, so your back-end database can attest to my identity" it's instead "I'm telling you who I am, using a profile stored on my phone and not on your database."

The technologies to make this work on the client-side apps would be:

• Public/private key cryptography. Each user device would roll its own encryption keys, keep the private key to itself, and the fingerprint of the public key becomes your "globally unique user identity token" -- in exactly the same way that Bitcoin wallets work, or how Tor .onion hidden-service domains work, and so on. You can't spoof my public key fingerprint unless you have the exact private key that goes with it.
• My local device holds a JSON blob of my profile data: my nickname, my avatar picture, my bio text for my profile page, and any other personal account info.
• When my device connects to your server: I send my public key fingerprint, + my blob of personal account information, + a cryptographic signature of my account blob signed by my private key which matches my public key fingerprint.
  • When your server sees me the very first time, it could create a row in its database using my public key signature as "user ID" or w/e as needed for the server's operation, e.g., so if I create a post, the "user ID author" of the post is my public key. Or it might cache my account info to be shown in comment threads to others (for my avatar URL and display name, etc.)
  • When I come back to your site later, your site still remembers me and I still 'own' the posts I made (can edit or delete them if I want, etc.); nobody else can spoof as me unless they have my private key.
  • If I spam your server you can ban my public key signature, and I'd need to roll a new account. The landscape of spam problems on the Internet is not any different to the current status quo (ppl can just sign up new usernames...)
• For the technically inclined: think JSON Web Tokens except each individual client app is attesting to their own identity: the client tells the server who it is, without passwords or anything, and the server just takes their properly formed message as-is and uses their public key fingerprint as user identifier for any back-end purposes.

Now, what kind of site would this support? Not a site like Twitter or Instagram where users have a timeline and you host decades worth of pictures for them; these sort of sites require too much back-end state around user accounts.

Think instead of a site more like Reddit. Reddit is a "forum of forums" with tons of sub-communities but it's all on a centralized site. Imagine instead, that instead of subreddits on one site, each subreddit was its own separate server altogether, each server operated by different individuals on the Internet?

The server only hosts the forums and comment threads, not the user profiles. The user profiles are kept with the client app. If a server disappears, only its discussions are lost, not the users too.

So with my "self-authenticated client app" I could connect to a dozen different servers, each hosting their own communities, using my own local device identity to seamlessly authenticate to each server and post messages to their boards. The long-term state of each server, then, is only to do with the forum messages and less to do with maintaining profile pages and timelines. If a particular server decides to shut down and close up shop, nothing is lost, no user accounts were centrally tied to that server, users will just find replacements for their particular community discussions.

This idea is free for grabs, I don't think there's any money to be made from it, and I wouldn't mind if somebody made it a reality, I'll probably be too lazy to develop it myself. :)

The Adobe Flash Player is finally dead, and so the Flash animations I made back in high school don't play in Chrome anymore, so it was finally time to convert them to standard videos. Fortunately, there was such a thing as a "Standalone Flash Player" that could open my .swf files and it runs perfectly on Linux under Wine! So I just used vokoscreen to record the playback as a video to preserve these old animations for posterity.

The Kanian/Azulian War is the best animation I ever created in Macromedia Flash 5 when I was 15 years old. It features two classes of character I made up, the Kanians and the Azulians, going to war with each other and was inspired by various Newgrounds Flash cartoons that were popular in that era, such as Mario vs. Sonic.

Here is the Flash cartoon, featuring my awful voice acting. Read the full blog post to understand just what the f*ck is going on and who the Azulians and Kanians are, as I imagine this cartoon won't make much sense to people who weren't in my head at the time I made it.

Read more...

There are many advantages to running a GNU/Linux operating system over something like Windows 10 (performance, privacy/lack of telemetry, security) but one under-appreciated aspect of Linux is that it's easy to repair.

It's like one of those old cars where you can pop the hood and get into the engine and repair it yourself, as compared to many of the modern vehicles out there which have sealed components and require special tools to get into and you need to take them in to a specialist.

Every operating system "breaks" sometimes. When Windows breaks, it boots in to a blue screen of death with a frowney face :( and it offers some "automated troubleshooting tools" which never work. They just spin for a while before saying: sorry! And how do you even begin to fix something like that? What if "Safe Mode" doesn't even load up?

For a specific example, it's been an annual tradition for me that my Windows 10 install gets "stuck": it can not install the new Windows 10 update due to "reasons" that it can't troubleshoot away. It'll do the whole pomp and circumstance: reboot, attempt to install, fail, roll back install, reboot, and tell me how it failed. Only to keep retrying every time I reboot from that point onwards. And I'm a rather light user of Windows (perhaps too much so), I rarely boot into it and even then only to play a few games like Skyrim.

Linux "breaks" sometimes, too, and maybe one day it doesn't boot into the graphical desktop because your nVIDIA drivers got borked somehow or your WiFi stops working after an update. What do you do? First, you can try booting into an older kernel from the bootloader menu; most distros keep the last couple of kernels as options for exactly this case.

Or you can boot into single user (text mode) and have a shell prompt logged in as root, so you can troubleshoot the issue: check log files, edit configuration, install or uninstall programs, and fix it yourself. Everything is very modular in Linux distributions, so it's hard to take down the whole thing. Very rarely is your bootloader so broken that you can't get get into a working single user mode.

Granted, this does require you to have some knowledge about how Linux works, but the great thing is there's lots of good documentation out there. Just google for "your distro name + thing you want to do". The Arch Wiki is great no matter which distro you run, though some small details may differ if you're using Fedora or Ubuntu, so prefer the wiki closest to your own distro of choice. Information from the Debian Wiki and Fedora Wiki tend to be broadly applicable to other Debian and Fedora downstream distros, like Ubuntu and CentOS.

Some of the most important skills to learn that gets you 90% of the way to fixing a broken Linux OS:

• Get comfortable with the command line. It's not so scary, and it's so efficient I find myself using one quite a lot even when I could have done the same steps, much more slowly, using the GUI.
• Firsly: learn about Ctrl-Alt-F1 through Ctrl-Alt-F7 (or so). On most Linux distributions these key combinations swap between several Virtual Terminals (text mode login screens). Usually, F7 or F6 is where your graphical desktop is running so you can switch back to that. Sometimes, if your GUI freezes solid, you can Ctrl-Alt-F1 into a text mode shell, log in, check running processes and maybe fix it yourself without a hard power-down, or if all else fails, run a graceful sudo reboot.
• Learn how to use your bootloader (usually grub2) and boot your system into single user mode. On Fedora this is editing the kernel arguments to add the word "single", it may vary from distro to distro.
• Learn about "Run Levels" and how to switch between them. Notable Run Levels include "single user text mode", "networked text mode" and "graphical desktop" and switching them may vary by whether your distro runs SysVinit or systemd.

In single user mode, basically only the Linux kernel and bash command line shell need to work, and it's very difficult for these to fail. No networking services start, no graphical desktop starts, and all video cards support text mode output regardless of any driver issues.

I basically never have to reinstall a Linux OS from scratch to fix any problems, and the times when I did, it was because I messed up and I learned to respect root privileges and double-check my commands. 🤣

or: 6 tangible ways that my personality suddenly shifted in 2018.

When people hear the words "spiritual awakening" they think of woo-woo magical things like Buddhism and enlightenment. But really a spiritual awakening can be explained in practical, ordinary terms as a moment in your life where you suddenly get a new outlook on the world.

In a spiritual awakening, you may suddenly realize that life is inherently meaningless, but that this is somehow a very freeing insight because it means you can create your own meaning. You don't have to be who you're expected to be but are free to be who you want, and you don't care what others think because you're also not even thinking about them. Or maybe a near-death experience, or grappling with your own mortality can trigger an awakening. It's really the same stuff: you'll be gone and all of your accomplishments forgotten, so what really matters in the world, what are we doing?

I had my spiritual awakening in early 2018, and in very practical terms, a lot of things changed in my personality quite suddenly:

• I stopped judging others. We're all just humans and we have our strengths and weaknesses and none of us is objectively better than the rest of us. Live and let live. We're all just silly hairless apes trying to figure it all out.
• I don't take myself so seriously anymore. This I think comes generally with age, you pick your battles more carefully and don't sweat the small stuff. And it's all small stuff.
• I no longer look anxiously toward the future. It isn't here yet, and when it does get here, I'll be able to handle it. I've handled everything else in life so far.
• I don't dwell too much and regret my past. I'm always free to change my habits and pick up a new hobby. The past doesn't drive me; it all starts now.
• I'm very slow to anger. I may not control what happens to me, but I am in control of my emotions, and my emotions can quite figuratively be the difference between heaven or hell on earth when I see it all through the lens I choose.
• I consciously live my life now. Almost everything in life requires consent, and I stopped saying yes all the time and getting myself into life situations I didn't desire. And yes, that also means I'm free to consciously choose to waste some time with videogames once in a while, because time enjoyed is not time wasted.

But a BIG one is that I feel free to just not take the whole Human Game too seriously. What's the Human Game? It's all of the traditions and social norms we humans have come up with. The life plan of birth, marriage, kids, retirement; gender norms; the "9 to 5" work week; the scourge of social media on society; basically everything we do to distract ourselves from the fact that nobody knows what the fuck is going on or why the universe even exists at all.

It's all optional. You don't need any of it. You play along with the game because you find it fun for now. But it's just a ride. Some choose to go sit on top of a mountain for the rest of their days.

Since 2018 I've been more consciously choosing which parts of the game I play, and not worrying about the rest of it. I've been "de-googling" and don't, or can't, use many popular social networks or messaging apps. Not as many people can message me anymore, but that's just fine for me as an introvert. I can only manage so many relationships anyway, and the people who put in the effort to keep in touch are the ones worth keeping around.

Having 500 friends on Facebook never meant I had 500 friends.

But what is it like?

Now, when somebody goes through a spiritual awakening, a common side effect is that they get some crazy thoughts in their head. They may then go down rabbit holes of woo-woo magical nonsense, which all suddenly takes on a lot more meaning, in search of answers, but I think there are no answers. Just people who've experienced something ineffable that escapes language, and they came up with lots of symbols and stories to try and communicate the feeling. None of it makes any sense until it does.

I can't describe what it feels like, just the practical effects it had on me in real life. And I'm not really out to 'convert' anybody, either, as I know that everybody is already where they need to be right now and everybody wakes up at their own pace. Maybe your spirit wants to experience what it's like to be you for a while before you can wake up and take the wheel. There's no words anybody could write that would 'pop your bubble', and when people try, that's how you get religions and spiritual woo-woo nonsense.

So be nice, have fun, and don't sweat the small stuff.

And it's all small stuff.