Welcome to Kirsle.net!

This is a general idea or concept I've had kicking around in my head about a way that a federated social network could work, wherein the user's own local device controls their identity rather than having a username on somebody's server.

To understand what I'm talking about, first let's run through what a federated social website even is. Briefly:

1. Facebook, Twitter, Instagram and so on are all centralized social networks. You register a username on Twitter.com, their database holds your profile and user information, and you can follow and talk to other Twitter users that are on the same website. But from your Twitter page you can not comment on an Instagram post; you need to go make an account on Instagram to use their centralized social network instead.
2. So then you have the Fediverse and for a specific example, Mastodon is a federated Twitter-like web app. It's open source, there's hundreds of servers, each run by various individuals or small companies, and you can install the Mastodon server on your own machine if you like. No matter which Mastodon server you sign up a username on, you can like, follow and comment on anybody's posts on any Mastodon server you like. I could be "@kirsle" on the "mastodon.online" server and you can be "@soandso" on the "toot.online" server and we can follow each other all the same. It's decentralized, but each server does still have their own user account base.
   • But what if my chosen Mastodon instance decides to shut down? My profile goes down with it. Sure, I can sign up on another instance but I lose all my history and gotta start over from scratch!
3. What if there was a way to own my own profile on my local device, but still be able to interact with users on a decentralized fediverse of different servers?

How would it look? With typical websites, there's a database and everyone has a user ID in it along with their email, username, bio text and whatever other details, and each website has their own database. What if you could move that user authentication to the client side? So instead of, "I log in as @kirsle with my password, so your back-end database can attest to my identity" it's instead "I'm telling you who I am, using a profile stored on my phone and not on your database."

The technologies to make this work on the client-side apps would be:

• Public/private key cryptography. Each user device would roll its own encryption keys, keep the private key to itself, and the fingerprint of the public key becomes your "globally unique user identity token" -- in exactly the same way that Bitcoin wallets work, or how Tor .onion hidden-service domains work, and so on. You can't spoof my public key fingerprint unless you have the exact private key that goes with it.
• My local device holds a JSON blob of my profile data: my nickname, my avatar picture, my bio text for my profile page, and any other personal account info.
• When my device connects to your server: I send my public key fingerprint, + my blob of personal account information, + a cryptographic signature of my account blob signed by my private key which matches my public key fingerprint.
  • When your server sees me the very first time, it could create a row in its database using my public key signature as "user ID" or w/e as needed for the server's operation, e.g., so if I create a post, the "user ID author" of the post is my public key. Or it might cache my account info to be shown in comment threads to others (for my avatar URL and display name, etc.)
  • When I come back to your site later, your site still remembers me and I still 'own' the posts I made (can edit or delete them if I want, etc.); nobody else can spoof as me unless they have my private key.
  • If I spam your server you can ban my public key signature, and I'd need to roll a new account. The landscape of spam problems on the Internet is not any different to the current status quo (ppl can just sign up new usernames...)
• For the technically inclined: think JSON Web Tokens except each individual client app is attesting to their own identity: the client tells the server who it is, without passwords or anything, and the server just takes their properly formed message as-is and uses their public key fingerprint as user identifier for any back-end purposes.

Now, what kind of site would this support? Not a site like Twitter or Instagram where users have a timeline and you host decades worth of pictures for them; these sort of sites require too much back-end state around user accounts.

Think instead of a site more like Reddit. Reddit is a "forum of forums" with tons of sub-communities but it's all on a centralized site. Imagine instead, that instead of subreddits on one site, each subreddit was its own separate server altogether, each server operated by different individuals on the Internet?

The server only hosts the forums and comment threads, not the user profiles. The user profiles are kept with the client app. If a server disappears, only its discussions are lost, not the users too.

So with my "self-authenticated client app" I could connect to a dozen different servers, each hosting their own communities, using my own local device identity to seamlessly authenticate to each server and post messages to their boards. The long-term state of each server, then, is only to do with the forum messages and less to do with maintaining profile pages and timelines. If a particular server decides to shut down and close up shop, nothing is lost, no user accounts were centrally tied to that server, users will just find replacements for their particular community discussions.

This idea is free for grabs, I don't think there's any money to be made from it, and I wouldn't mind if somebody made it a reality, I'll probably be too lazy to develop it myself. :)

The Adobe Flash Player is finally dead, and so the Flash animations I made back in high school don't play in Chrome anymore, so it was finally time to convert them to standard videos. Fortunately, there was such a thing as a "Standalone Flash Player" that could open my .swf files and it runs perfectly on Linux under Wine! So I just used vokoscreen to record the playback as a video to preserve these old animations for posterity.

The Kanian/Azulian War is the best animation I ever created in Macromedia Flash 5 when I was 15 years old. It features two classes of character I made up, the Kanians and the Azulians, going to war with each other and was inspired by various Newgrounds Flash cartoons that were popular in that era, such as Mario vs. Sonic.

Here is the Flash cartoon, featuring my awful voice acting. Read the full blog post to understand just what the f*ck is going on and who the Azulians and Kanians are, as I imagine this cartoon won't make much sense to people who weren't in my head at the time I made it.

Read more...

There are many advantages to running a GNU/Linux operating system over something like Windows 10 (performance, privacy/lack of telemetry, security) but one under-appreciated aspect of Linux is that it's easy to repair.

It's like one of those old cars where you can pop the hood and get into the engine and repair it yourself, as compared to many of the modern vehicles out there which have sealed components and require special tools to get into and you need to take them in to a specialist.

Every operating system "breaks" sometimes. When Windows breaks, it boots in to a blue screen of death with a frowney face :( and it offers some "automated troubleshooting tools" which never work. They just spin for a while before saying: sorry! And how do you even begin to fix something like that? What if "Safe Mode" doesn't even load up?

For a specific example, it's been an annual tradition for me that my Windows 10 install gets "stuck": it can not install the new Windows 10 update due to "reasons" that it can't troubleshoot away. It'll do the whole pomp and circumstance: reboot, attempt to install, fail, roll back install, reboot, and tell me how it failed. Only to keep retrying every time I reboot from that point onwards. And I'm a rather light user of Windows (perhaps too much so), I rarely boot into it and even then only to play a few games like Skyrim.

Linux "breaks" sometimes, too, and maybe one day it doesn't boot into the graphical desktop because your nVIDIA drivers got borked somehow or your WiFi stops working after an update. What do you do? First, you can try booting into an older kernel from the bootloader menu; most distros keep the last couple of kernels as options for exactly this case.

Or you can boot into single user (text mode) and have a shell prompt logged in as root, so you can troubleshoot the issue: check log files, edit configuration, install or uninstall programs, and fix it yourself. Everything is very modular in Linux distributions, so it's hard to take down the whole thing. Very rarely is your bootloader so broken that you can't get get into a working single user mode.

Granted, this does require you to have some knowledge about how Linux works, but the great thing is there's lots of good documentation out there. Just google for "your distro name + thing you want to do". The Arch Wiki is great no matter which distro you run, though some small details may differ if you're using Fedora or Ubuntu, so prefer the wiki closest to your own distro of choice. Information from the Debian Wiki and Fedora Wiki tend to be broadly applicable to other Debian and Fedora downstream distros, like Ubuntu and CentOS.

Some of the most important skills to learn that gets you 90% of the way to fixing a broken Linux OS:

• Get comfortable with the command line. It's not so scary, and it's so efficient I find myself using one quite a lot even when I could have done the same steps, much more slowly, using the GUI.
• Firsly: learn about Ctrl-Alt-F1 through Ctrl-Alt-F7 (or so). On most Linux distributions these key combinations swap between several Virtual Terminals (text mode login screens). Usually, F7 or F6 is where your graphical desktop is running so you can switch back to that. Sometimes, if your GUI freezes solid, you can Ctrl-Alt-F1 into a text mode shell, log in, check running processes and maybe fix it yourself without a hard power-down, or if all else fails, run a graceful sudo reboot.
• Learn how to use your bootloader (usually grub2) and boot your system into single user mode. On Fedora this is editing the kernel arguments to add the word "single", it may vary from distro to distro.
• Learn about "Run Levels" and how to switch between them. Notable Run Levels include "single user text mode", "networked text mode" and "graphical desktop" and switching them may vary by whether your distro runs SysVinit or systemd.

In single user mode, basically only the Linux kernel and bash command line shell need to work, and it's very difficult for these to fail. No networking services start, no graphical desktop starts, and all video cards support text mode output regardless of any driver issues.

I basically never have to reinstall a Linux OS from scratch to fix any problems, and the times when I did, it was because I messed up and I learned to respect root privileges and double-check my commands. 🤣

or: 6 tangible ways that my personality suddenly shifted in 2018.

When people hear the words "spiritual awakening" they think of woo-woo magical things like Buddhism and enlightenment. But really a spiritual awakening can be explained in practical, ordinary terms as a moment in your life where you suddenly get a new outlook on the world.

In a spiritual awakening, you may suddenly realize that life is inherently meaningless, but that this is somehow a very freeing insight because it means you can create your own meaning. You don't have to be who you're expected to be but are free to be who you want, and you don't care what others think because you're also not even thinking about them. Or maybe a near-death experience, or grappling with your own mortality can trigger an awakening. It's really the same stuff: you'll be gone and all of your accomplishments forgotten, so what really matters in the world, what are we doing?

I had my spiritual awakening in early 2018, and in very practical terms, a lot of things changed in my personality quite suddenly:

• I stopped judging others. We're all just humans and we have our strengths and weaknesses and none of us is objectively better than the rest of us. Live and let live. We're all just silly hairless apes trying to figure it all out.
• I don't take myself so seriously anymore. This I think comes generally with age, you pick your battles more carefully and don't sweat the small stuff. And it's all small stuff.
• I no longer look anxiously toward the future. It isn't here yet, and when it does get here, I'll be able to handle it. I've handled everything else in life so far.
• I don't dwell too much and regret my past. I'm always free to change my habits and pick up a new hobby. The past doesn't drive me; it all starts now.
• I'm very slow to anger. I may not control what happens to me, but I am in control of my emotions, and my emotions can quite figuratively be the difference between heaven or hell on earth when I see it all through the lens I choose.
• I consciously live my life now. Almost everything in life requires consent, and I stopped saying yes all the time and getting myself into life situations I didn't desire. And yes, that also means I'm free to consciously choose to waste some time with videogames once in a while, because time enjoyed is not time wasted.

But a BIG one is that I feel free to just not take the whole Human Game too seriously. What's the Human Game? It's all of the traditions and social norms we humans have come up with. The life plan of birth, marriage, kids, retirement; gender norms; the "9 to 5" work week; the scourge of social media on society; basically everything we do to distract ourselves from the fact that nobody knows what the fuck is going on or why the universe even exists at all.

It's all optional. You don't need any of it. You play along with the game because you find it fun for now. But it's just a ride. Some choose to go sit on top of a mountain for the rest of their days.

Since 2018 I've been more consciously choosing which parts of the game I play, and not worrying about the rest of it. I've been "de-googling" and don't, or can't, use many popular social networks or messaging apps. Not as many people can message me anymore, but that's just fine for me as an introvert. I can only manage so many relationships anyway, and the people who put in the effort to keep in touch are the ones worth keeping around.

Having 500 friends on Facebook never meant I had 500 friends.

But what is it like?

Now, when somebody goes through a spiritual awakening, a common side effect is that they get some crazy thoughts in their head. They may then go down rabbit holes of woo-woo magical nonsense, which all suddenly takes on a lot more meaning, in search of answers, but I think there are no answers. Just people who've experienced something ineffable that escapes language, and they came up with lots of symbols and stories to try and communicate the feeling. None of it makes any sense until it does.

I can't describe what it feels like, just the practical effects it had on me in real life. And I'm not really out to 'convert' anybody, either, as I know that everybody is already where they need to be right now and everybody wakes up at their own pace. Maybe your spirit wants to experience what it's like to be you for a while before you can wake up and take the wheel. There's no words anybody could write that would 'pop your bubble', and when people try, that's how you get religions and spiritual woo-woo nonsense.

So be nice, have fun, and don't sweat the small stuff.

And it's all small stuff.

Signal is an end-to-end encrypted messenger app for smartphones that has been recommended by the likes of Edward Snowden and has seen an especially large influx of new users in recent months who are suddenly more concerned about Facebook or other tech companies reading or censoring their chat messages.

It's a fairly good app for what it does and it would probably fit the needs of your "average user" very well, but it doesn't work well for my needs and I still use Telegram in its place.

Now, I would like to use Signal instead of Telegram, because Signal's technology is more sound and the chats are truly end-to-end encrypted (where Signal Co. would be incapable of reading my chats even if they wanted to). Telegram in comparison uses some home-made cryptography (and you should never roll your own crypto) and their chats are not end-to-end encrypted by default, but Telegram does have some good quality-of-life usability features that makes it more appealing to me than Signal for now.

Read more...

Apparently, Work Naked Day is a thing and it's today (first Friday of February).

...not that I really need an excuse to work naked.

I don't widely publicize it, on this blog especially, but one of the two major 'pillars' of my life (in terms of years invested), apart from chat bots and RiveScript is that I'm a nudist. I like to go naked around the house or (outside of pandemics) go to social nude events; it's not even a sexual thing, but about the freedom of not wearing clothes and all the benefits that come with that (body positivity, fostering good community in a social context, etc.)

In my ideal world, nudity would be normalized and you could be able to drive to the office and work naked and for others to not even really notice or care, and treat you the same as they do when you wear any other random outfit for the day. I have dreams about this exact situation sometimes, and they're always nice. Everybody has naked dreams, many find such dreams embarrassing, but not me -- my dream characters don't care and neither do I; apart from my clothing (or lack thereof) the 'story' of the dream is all the same as normal.

I'm also interested in spirituality topics in recent years, and a thing I often hear from people in those circles goes like this:

"The reason you don't know what you want is because you already have it."

I want to be able to work naked, and -- though it isn't exactly the way I envisioned it -- I already can. I've been working full-time from home since even before the pandemic, and with nobody here to see and with no risk of an HR complaint, I can work naked if I want to. For the odd video call I can throw on a T-shirt and "Donald Duck it" and otherwise get to work in the way that feels the most comfortable for me.

The state of the apps for Pinephone is looking good enough lately that I could actually consider daily-driving the GNU/Linux smartphone, but how reliable would it be as a phone if I put my T-Mobile SIM card into it?

My main concern was around the deep sleep mode of the Pinephone: to conserve battery life the phone suspends and turns off networking and everything. Would this affect reliable delivery of incoming text messages and phone calls?

As it turns out, everything works well enough except that MMS picture and group messaging is still not ready yet and you might miss surprise phone calls when the phone is sleeping (but you can just call them back later).

What works:

• Dialing a number works perfectly fine: earpiece speaker and microphone work, audio quality is fine, can dial DTMF tones to navigate phone menus.
• Incoming calls while the phone is awake (e.g. plugged in to charge) ring the phone right away and the call works as expected. But in deep sleep the phone is slow to wake (I counted 11 seconds!) and you may miss the call. But you'll be notified about your missed calls.
• SMS text messaging works reliably, sending and receiving, waking the phone up quickly even from deep sleep.
• 4G data connection for web browsing and apps.
• 4G Hotspot sharing via Wi-Fi

See the full blog post for my notes and details for the Mobian OS running the Phosh shell and a T-Mobile (US) SIM card. If you have a Pinephone, try it out on your own carrier.

Read more...

The Pinephone is a smartphone that runs mainline GNU/Linux software instead of Android, and the software is still a work in progress. I've had a Pinephone since about May of 2020 and have been watching the rapid growth of the software ecosystem for it, so this blog post is kind of a "status update" in the form of screenshots of various apps that are already running great on this device.

I'm not a software developer in that space, so props to the whole open source community that's making this all come together!

The question is: "is this phone daily driver capable yet?" and to that I say: it's getting close! I haven't yet tested putting my SIM card into the phone and trying voice calls and SMS texts, but I've heard from others that these are working and reliable for a long time. MMS picture messages are still a work in progress though, and they say the phone doesn't wake up quickly if an incoming phone call comes in while the phone is sleeping.

All that aside, the big apps for me to have working to call this a daily driver phone should include:

• A password manager (KeePass compatible, ideally).
• A web browser capable of using web apps for the sorts of Twitter, Reddit, and Doordash.
• Contacts & Calendars that sync to my Nextcloud server.
• An email app.
• Messenger applications (Telegram especially).
• Maps & GPS application.
• The basic utilities: calculator, flashlight, camera, etc.
• Full disk encryption, for peace of mind in case I lose my phone!

And: I have basically all my bases covered and then some! This blog post goes through some of my favorite apps that work well on Linux mobile.

Update (Jan 24 2021): Chromium works very well and with better performance than Firefox + webapp support. Screenshots and info added to this post.

Read more...

The game I've been working on, Project: Doodle now runs a little bit better on the Pine64 Pinephone, an upcoming smartphone that runs mainline GNU/Linux instead of Android.

On previous Pinephone Linux distributions, SDL2 applications like mine were not communicating well with the on-screen keyboard (it was reading completely wrong key symbols, so arrow keys and keyboard input weren't recognized). It seems they ironed out some of those kinks so the keyboard input works and the game is more or less playable:

The "Play Mode" is not super great because it seems only one keypress can be registered at a time (so Up arrow to jump can't be combined with Left or Right arrow to move). But levels can be drawn and you can interact with pop-up windows like the Doodad Dropper to drag things into your level. "Right-click" support is uncertain, but if you want to remove a doodad from your level you could drag it back onto the Doodad Dropper window since the normal right-click to delete doesn't seem working yet.

Project: Doodle is not initially designed for mobile but may get there some day. This is the desktop Linux version of the game running on Pinephone and may be useful for me to design somewhat mobile-friendly interfaces ahead of actually attempting an Android OS build of the game. (Android support is pretty far off, don't hold your breath!)

In case you have an ARM64 Linux device like the Pinephone and wanna check it out, a download for the recent 0.4.0 release is available here:

• doodle-0.4.0-linux-arm64.tar.gz (19.5MB)

Tip: run it like `./doodle -w maximized` for it to maximize its window and fit best on the screen size of Pinephone.

This was built on Mobian and should work on most distros but may not be working on postmarketOS, as its Alpine Linux base doesn't use GNU libc.

Here is another alpha release of the videogame I've been working on, code named Project: Doodle.

New Guidebook Site

I've updated the user documentation that ships with the game. It now has tons of good information and screenshots showing various features of the game. I recommend checking it out to get a feel for what this game is about.

I'm working on a proper website for this game, but for now the Guidebook is a good stand-in!

What is Project: Doodle?

This is a "draw your own levels and play them" kind of game, like Mario Maker but completely free form. In the level editor you can draw whatever level you want, pick which colors are solid and which are fire, and drag-and-drop 'doodads' into your level to add interactive elements like keys and buttons.

And those doodads you can drag into your level? There will be some built-in ones but you can also create your own -- and program them with JavaScript to do whatever you want. This game is designed to be super mod friendly. In the future you'll be able to bundle your custom levels, with your custom doodads, and share them easily with others: your level will bring its custom doodads with it and "just work" on another computer.

See the About Page of the user manual for an introduction.

Note: "Project: Doodle" is just its code name while it's in early alpha and looking ugly.

Read this blog post for changes and download links.

Read more...