lethe
/
mayvaneday
1
0
Fork 0
Code Releases Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
pages
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '636afa09fe'
${ noResults }
mayvaneday/feed.xml

266 lines
57 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>MayVaneDay: Latest Updates</title>
<link href="https://mayvaneday.org/feed.xml" rel="self" />
<link href="https://mayvaneday.org" />
<id>https://mayvaneday.org/feed.xml</id>
<icon>https://stats.letsdecentralize.org/count?p=/feed.xml</icon>
<logo>https://stats.letsdecentralize.org/count?p=/feed.xml</logo>
<author>
<name>Vane Vander</name>
<email>vanevander@mayvaneday.org</email>
</author>
<entry>
<title>The death of Kiwi Farms doesn't mean the end of free speech</title>
<link href="https://mayvaneday.org/blog/2022/august/kiwi.html" />
<id>https://mayvaneday.org/</id>
<published>2022-08-28</published>
<summary type="html"><![CDATA[<article>
<p>My female readers, have you ever menstruated so hard that you butterfly-effect caused the downfall of one of the Internet's most notorious forums? One trash bin begets another, it seems.</p>
<p>A few days ago, Kiwi Farms went down because of another DDoS. I won't recount all of the details of what went down here because it's a tangled mess of disinformation on the mainstream news, trans-identified males making hormones to illegally disseminate to minors, and a long-running game of hot potato with Internet service providers. The important part is that, on the <a href="https://archive.ph/TvUnw#selection-107.1-107.362">downtime update page</a> that currently makes up the entire website, "Jersh" wrote the following:</p>
<blockquote>The mob has already planned subsequent targets. Should we stay down, they will then attack 'gender critical' communities - especially those ran by and for women. No place can exist online which allows criticism of their fetishistic lifestyle, and nothing would excite them more than this power and domination struggle being inflicted on a female space instead.</blockquote>
<p>This has naturally whipped <a href="https://web.archive.org/web/20220828155002/https://ovarit.com/o/GenderCritical/146668/owner-of-kiwifarms-releases-a-statement-on-the-downtime">the users of Ovarit into a frenzy</a> of wondering if they are next should Kiwi Farms be taken down, given that their site falls into the aforementioned category of "gender critical" and there have been (pitiful, but existent) <a href="https://web.archive.org/web/20220828155724/https://ovarit.com/o/GenderCritical/126029/tra-redditor-plans-to-infiltrate-ovarit">attempts to "infiltrate" it in the past</a>. Most of Ovarit's praise of Kiwi Farms centers around the collection of "receipts" (screenshots and other proof) of trans-identified individuals preying on minors and sexually harassing other members of society, with the occasional remembering of the racism, sexism, and other "-isms" rampant elsewhere on the site. I mean, hell, one only needs to listen to <em>literally any</em> <a href="https://web.archive.org/web/20220826125050/https://madattheinternet.com/">episode of the admin's podcast</a> to hear <em>plenty</em> of examples of why no self-respecting user of Ovarit (or anywhere, really) should touch Kiwi Farms with a ten-foot pole.</p>
<p>Personally, I am not concerned about a potential death of Kiwi Farms or that it would impact "free speech" on the internet for two reasons:</p>
<ol><li>Joshua Moon, the admin of Kiwi Farms, has promised ad nauseam that, if Kiwi Farms were ever to go down permanently, he would zip the whole site up into a torrent and distribute it.</li></ol>
<p>This would involve somehow flattening the database of XenForo (the current forum software Kiwi Farms runs, although they were in the process of moving to a different one developed by the admin) into static HTML pages. This solves the whole concern about, if Kiwi Farms disappears from the Internet, all the "receipts" and archives gathered on the site would disappear as well. Of course, this depends on Mr. Moon both keeping his promise and having the time and resources to be able to do this... which may not happen in the case of legal action happening against the site.</p>
<ol start="2"><li><strong>You all remember Tor exists, right?</strong></li></ol>
<p>I wrote <a href="https://mayvaneday.org/blog/2022/may/divide.html">a post earlier this year</a> where I analyzed <em>all</em> the sites indexed by the <a href="http://juhanurmihxlp77nkq76byazcldy2hlmovfu2epvl5ankdibsot4csyd.onion">Tor search engine Ahmia</a> and found that a great deal of them were illegal pornography sites. One would think that this would be a major cause of concern for law enforcement, and yet police <a href="https://archive.ph/vl72O">don't seem able to mobilize fast enough</a>. (Not that I'm advocating for an increase in law enforcement power...) While <a href="https://web.archive.org/web/20220828162805/https://www.zdnet.com/article/tor-project-to-fix-bug-used-for-ddos-attacks-on-onion-sites-for-years/">DDoS attacks against Tor</a> hidden services are still possible, so long as the admin takes pains to make themselves anonymous, the fact that hidden services cannot be easily, if at all, traced back to their hosting point of origin would negate many of the ways that Kiwi Farms has gone down over the years, mainly by bad actors contacting their hosting/domain providers and demanding that they drop the forum as a customer. Because <code>.onion</code> domains are not bought but instead generated by cryptography, there is no domain to be revoked and no financial penalty for switching to a new one should the Tor Project ever develop the ability to wholesale blacklist hidden services from being resolved on the network.</p>
<p>If one forum on the Internet dies, it does not logically follow that all free speech everywhere is suddenly revoked. I've seen mountains of evidence otherwise with my own eyes in the course of putting together <a href="https://letsdecentralize.org/rollcall/tor.html">Let's Decentralize</a>. <em>Plenty</em> of sites that would immediately get nuked on the clearnet reside happily (well, as happy as hate-filled sites can be) and without issues on the darknet. So if you're truly worried about not being able to share receipts of predators without facing legal or physical threats from said predators, <a href="https://letsdecentralize.org/setup.html">learn how to host a site on the darknet</a>. Use Tor. Use I2P. Use Freenet if you can't afford keeping a computer online 24/7. Hell, even use ZeroNet in a VM if you have to. <strong>You have options</strong>, and lying down and crying about "muh freeze peach" and giving up is <em>not</em> a productive one.</p>
</article>]]>
</summary>
</entry>
<entry>
<title>I uninstalled my RSS feed reader</title>
<link href="https://mayvaneday.org/blog/2022/august/beres.html" />
<id>https://mayvaneday.org/blog/2022/august/beres.html</id>
<published>2022-08-17</published>
<summary type="html"><![CDATA[<article>
<div class="box">
<p>I almost bricked my Kobo a few days ago trying to upgrade <code>libc</code> to get some dependencies written in C to function. When trying to get <a href="https://web.archive.org/web/20220627012432/https://www.w3.org/Tools/HTML-XML-utils/man1/hxselect.html"><code>hxselect</code></a> and its sibling commands to function, I repeatedly got the same error on execution: <code>libc.so.6: version 'GLIBC_2.34' not found</code>. Being that the Kobo is an "embedded Linux" device, it has no package manager, so asking the system to <em>pretty please update</em> this <em>one</em> package wasn't an option. Remembering how I had previously gotten <code>tree</code> to run with limited functionality by copying some <code>arm32</code>-architecture libraries stolen from my Raspberry Pi (now running a 64-bit OS), I stole a copy of <code>libc.so.6</code> from a Debian chroot I had lying around, moved <code>libc.so.6</code> on the Kobo to <code>libc.so.6.bak</code>, and...</p>
<p>...broke every single program running on the device.</p>
<p><code>mv</code> and <code>cp</code> wouldn't work to put the file back. <code>cat</code> wouldn't let me view a few critical files to retrieve them in case the device was toast. While <a href="https://archive.ph/https://github.com/koreader/koreader/wiki/SSH">Dropbear</a> was running in the background, I couldn't SFTP into it from my desktop computer because Dropbear couldn't contact the <code>libc</code> library to open a new process. Even though I knew the file existed on the device and <em>where</em> it was, I had no way of moving it back to where the system expected it to be. <a href="https://web.archive.org/web/20220817011337/https://goodereader.com/blog/kobo-ereader-news/the-kobo-libra-h2o-sd-card-is-soldered-onto-the-motherboard">The damn internal storage is soldered onto the motherboard</a>, so taking it apart to mount the storage on a different device and manually move the file (or just giving up and re-flashing it) wasn't (and will never be) an option.</p>
<p>A panic attack and a furious untimely shit in the bathroom later, the original Dropbear process I was using to debug over SSH still running, my wife reminded me I had previously installed <a href="https://archive.ph/https://github.com/henderjon/kurly">Kurly</a> to make (and fail to make) a line-based browser since the Busybox <code>curl</code> on the device apparently doesn't support TLS, and maybe <em>that</em> would still work to push data around in the filesystem. Binaries written in Golang apparently don't give a shit about <code>libc</code> unless they need to do some wacky low-level stuff in the operating system. So imagine my surprise, and sudden stroke of hope, when Kurly was the only damn program still functional. I quickly spun up a simple web server <a href="https://web.archive.org/web/20220817002902/https://gist.githubusercontent.com/mildred/67d22d7289ae8f16cae7/raw/214c213c9415da18a471d1ed04660022cce059ef/server.py">(the one from Python, but patched to support HTTP PUT)</a>, pushed <code>libc.so.6.bak</code> to my desktop, renamed it to the proper <code>libc.so.6</code>, then retrieved it again from the Kobo.</p>
<p>And then everything <em>magically</em> started working again. (Well, except for KOReader, whose UI had crashed... but that could just be fixed with a power cycle.) And I let myself cry for a few minutes in relief. And I did <em>not</em> go on eBay and spend another $200 or so on a replacement, and I spent the next half-hour scouring the bottom of the barrel of GitHub to find <a href="https://web.archive.org/web/20220817172827/https://github.com/tomwright/dasel">an equivalent XML parser but written in Golang</a> so I wouldn't be tempted to break any more critical system libraries.</p>
<p>I wasn't canoodling in the intestines of my device for fun. I was working on my latest project, <a href="https://codeberg.org/lethe/beres">Beres</a>: a Bash script that takes a list of URLs and dumps to plaintext (formatted Markdown) files all articles that happened yesterday. (Well, maybe "Bash" is a lie: Beres seems to run just fine when called as <code>sh /bin/beres</code>, but changing the shebang to <code>#!/bin/sh</code> fills the screen with errors.) Even though it may seem like it from my more creative work, I don't hate myself <em>quite</em> enough to attempt to implement an XML parser in <code>sed</code>/<code>awk</code>/whatever, thus the necessary external dependencies. By only pulling articles that happened yesterday, Beres doesn't have to keep "state" of when it was last run, thus reducing code complexity at the cost of the user potentially missing articles if they don't run Beres for a few days.</p>
<p>It's a lovely little script. No database, barely any config, no requirement for a VPS. I'm quite proud of it, really. After reading an article, if I don't care about it anymore, I can just delete it instead of merely marking it read and hoping the RSS feed reader will eventually run garbage collection to prevent the database from growing obese and unusable from latency. However, since reading articles means manually opening every one with <code>less</code> and Beres doesn't fetch external resources like images, I've found that using it is incredibly frustrating for use with feeds that publish more than, say, two articles a day. Like social media feeds, for example. It soft-limits me to only subscribing to news and maybe a handful of personal sites I care about and can trust to put out high-quality articles... or, at least, ones I would want to expend the effort of typing in KOReader's terminal emulator to read.</p>
<p>Said social media feeds were the reason I originally went with Tiny Tiny RSS because of the "scroll to mark as read" feature to consume as many articles as quickly as possible. It probably also helped that I could just <a href="https://web.archive.org/web/20220817173016/https://git.tt-rss.org/fox/ttrss-docker-compose.git/tree/README.md?h=static-dockerhub">throw it inside Docker</a> instead of having to deal with the monstrosity that is manually creating a database in Redis or PostgreSQL or installing seven kajillion PHP dependencies and hoping they'll run nicely with Caddy. (I hate you specifically, Miniflux. "MUH MINIMALISM!!1!" Okay then, where's SQLite support? What's more simple to handle than a single file? You're already a single file, being written in Golang. Can't you go one step further?) And technically I only deleted Newsboat and Tiny Tiny RSS; I kept <a href="https://f-droid.org/en/packages/org.decsync.flym/">Flym</a> on my phone(s) to track a handful (an admittedly large handful, but still one) of artists on Twitter whose artwork I would rather not go without. I would have gone one step further and imported these onto desktop to fully cut off the ability to constantly swipe for updates on my phone like a dopamine slot machine, but none of the options for Linux that I know of really mesh well with my sneakernet setup and I often move among two or three devices for writing as I go about the day.</p>
<p>But nobody cares about these minor implementation details. What's more important is, <em>why am I doing this to myself?</em></p>
<p>And the answer, paradoxically, is that <a href="https://mayvaneday.org/blog/2021/december/exhausted.html">I'm exhausted.</a> I'm tired of dealing with Docker, so I wrote a program that would completely negate the need for it. I'm tired of eye strain from reading on my phone, so I wrote a program that would work on my e-reader. I'm tired of being exposed to the opinions of thousands of strangers on a daily basis, so I wrote a program that would keep me up-to-date on the current state of the apocalypse while being so unwieldy that it de facto excludes all those other strangers with ultimately nothing worthwhile to say.</p>
<p>I'm tired of being online, so I gave myself one less reason to boot up my computer.</p>
<p>I wanted to retire from public life, I thought the night before I almost accidentally killed my Kobo. Leave only my books publically accessible and remove access to all the rest and delete all my other social accounts elsewhere. A woman I had never seen before had come up to me in a dream a few nights prior and demanded I stop being so neurotic about my website, to decide once and for all whether I was staying on the Internet or leaving.</p>
<p>I don't think I've made my choice yet. Some part of me thinks I may never. That's my response to everything that ever goes wrong in my life, isn't it, Jett? Do nothing and wait for the problem to get worse?</p>
<p>I wonder what creative wrench the Eschaton will try to throw into my gears next.</p>
</div>
<hr>
<div class="box">
<p>A few days after I write this, and I awake to find that yet another asshole has scraped the entirety of my website and then gutted all but the front page for the sole purpose of stealing my CSS. This I only know because apparently they forgot to remove the <a href="https://letsdecentralize.org/about.html">GoatCounter tracking pixel</a> I have on the bottom of the homepage, so I keep seeing them in my referers. I don't know whether to be incensed that users from Lainchan (I'm 99.9% sure that's where the scraping keeps coming from) don't have a single creative bone in their bodies and so apparently need to pretend to be me, or full of schadenfreude that apparently I'm the only one worth trying to ape. Something something "imitation is flattery" with a dash of "males yet again trying to skinwalk as women they hate".</p>
<p>My wife says to <a href="https://deadendshrine.online/p3.html">keep going</a>. So I think I will. I can trust no one else with this most sacred of missions.</p>
</div>
</article>]]>
</summary>
</entry>
<entry>
<title>Urbit is still basically just a glorified chatroom</title>
<link href="https://mayvaneday.org/blog/2022/august/urbit.html" />
<id>https://mayvaneday.org/blog/2022/august/urbit.html</id>
<published>2022-08-06</published>
<summary type="html"><![CDATA[<article>
<div class="box">
<h2>preparing for launch</h2>
<p><a href="https://web.archive.org/web/20220805155749/https://en.wikipedia.org/wiki/Urbit">According to Wikipedia</a>, Urbit is a "decentralized personal server platform." It seeks to "deconstruct the client-server model in favour of a federated network of personal servers in a peer-to-peer network with a consistent digital identity." In other words, it's a piece of software you run on your computer that <em>supposedly</em> lets you communicate and share data without the need for a server that's online 24/7 or a static IP. Going on the <a href="https://web.archive.org/web/20220706083257/https://urbit.org/">project homepage</a> immediately hits any visitor over the head with a ton of cruft about DAOs, however, so it is clear from the get-go that this isn't a replacement for something like ZeroNet but instead a web3 project with a paywall.</p>
<p>As I stated <a href="https://mayvaneday.org/blog/july/web3.html">a few posts ago</a>, the apparently inherent paywall requirement of web3 projects excludes low-income and other disenfranchised people who don't have additional money to spend on getting into these citadels. Unlike other web3 projects, however, an identity on Urbit seems to be a one-time purchase (as I will detail later) instead of requiring tokens to fund every action taken on the network, and being a part of the network doesn't require hosting a local copy of a gigantic and computation-heavy blockchain. In addition, owners of <a href="https://web.archive.org/web/20220805160909/https://urbit.org/overview/urbit-id">"stars"</a> can issue 216 "planets" each and either sell them or give them away to, ahem, <a href="https://mayvaneday.org/blog/2022/july/web3.html"><em>broke dumbasses</em></a> like yours truly.</p>
<p>I got an Urbit planet out of the blue from a man I used to be internet friends with back in 2019. I was kind of an ass to him, but there was an understanding at the time that most of it was just joking and banter. I eventually ended up cutting off contact with him because he had given me admin permissions over his XMPP group chat and I had taken it upon myself to ban a "coomer" who was constantly putting simulated CSAM in the chat and sexually harassing me in DMs. Said "friend" kept adding the coomer back despite my protestations, so, disgusted, I decided that my mental health was more important than maintaining what little of the friendship remained at that point.</p>
<p>Apparently nowadays he LARPs as a gross stereotype of a woman and spends his entire online presence fetishizing lesbians, so whatever guilt I felt for calling him cringe for being an Urbit fanatic instantly dissipated.</p>
<p>For whatever reason, although I had no intentions of ever using it again, I kept my Urbit passport, two JPEGs containing my "master ticket" and "management phrase". When cleaning out the downloads folder on my phone a few months ago, I discovered that it was still there, sitting at the top of the file listing. And hey, it's been three years... so surely Urbit is now more than just a nonsensical terminal, right?</p>
</div>
<hr>
<div class="box">
<h2>blasting off</h2>
<blockquote><a href="https://web.archive.org/web/20220730135412/https://urbit.org/getting-started">Getting on Urbit isn't always easy, either. The onboarding process hasn't been optimized by product managers in search of maximal profit. There's no checkbox for your interests—you have to discover them yourself.</a></blockquote>
<p>You mean... onboarding hasn't been made easy for non-technical people? The same people all these grand overtures of "escaping from MEGACORP" are supposed to save? Or is this one of those "citadel" projects where all the benefit is for the early adopters safe inside and the masses are supposed to be locked outside to suffer whatever computing apocalypse will come?</p>
<p>Urbit has a free version of an identity called a "comet", but apparently <a href="https://archive.ph/pOszH#selection-293.184-293.206">it can't download any apps or interact with much of the network</a>,<!-- https://urbit.org/getting-started/desktop -->
which is confusingly later <a href="https://web.archive.org/web/20220805172516/https://urbit.org/getting-started/cli#boot-your-planet">contradicted in the CLI install instructions: "There are currently few differences between using a comet-level identity and a planet-level one."</a> To do anything of substance, you'll "need a to get a planet". Because I already had my Urbit passport from three years ago, the post doesn't end here, and I was able to continue my research without spending any money. Otherwise, judging from the <a href="https://web.archive.org/web/20220730150142/https://urbit.org/getting-started/get-planet">recommended planet resellers</a> that were functional, prices for a Layer 2 planet range from about $15 to $50, which isn't an "I am now destitute and living on the streets" amount of money... but still, that's a lot of groceries.</p>
<p>The desktop GUI, according to the documentation, requires <code>snap</code> to be installed, but some digging reveals <a href="https://github.com/urbit/port/releases">there are also <code>.dpkg</code> packages and raw binaries</a>... which, par for the course of web3 bullshit, are written in Node.js. However, these seem to only be available for x86_64, unless you're using a Mac, in which case you also get <code>arm64</code>, or a Raspberry Pi, in which case you get shunted to a <a href="https://web.archive.org/web/20220730152509/https://github.com/OdysLam/home-urbit">a third-party solution</a>. You could also attempt to compile it yourself, but given the aforementioned Node.js dependency, you're more likely to see the sun explode tomorrow than <a href="https://mayvaneday.org/blog/2020/february/32bit.html">get the damn thing to compile properly</a>.</p>
<p>Because I wasn't sure how much bandwidth Urbit would use, even though I have a Wi-Fi repeater in my bedroom now and thus an actually decent connection, I instead opted for the server install, which entails <a href="https://urbit.org/getting-started/server#install-urbit-via-the-command-line">downloading a shady-looking CLI binary</a> and feeding it a keyfile... which supposedly comes with the passport, but mine didn't have one, and the setup instructions make it too easy to accidentally skip over the part where you can redownload said keyfile at <a href="https://bridge.urbit.org">bridge.urbit.org</a> in the "OS" menu at the bottom of the page.</p>
<p>It took what felt like forever (at least ten minutes; I timed it) to get to a prompt after running <code>~/urbit/urbit -p 57323 -w socleb-fosrut -k ./socleb-fosrut.key</code>. The web interface, the port to run on specified with the <code>-p</code> option, completely ignored this argument and instead decided to run on port 8081, which thankfully wasn't claimed by any other process at the time. You still need the CLI running in a separate window, though, because you'll need to run <code>+code</code> in the "dojo" (Urbit speak for the CLI) to generate a code to log in to the web interface.</p>
<p>On first run, there are only three options in the web UI: "Terminal", "Groups", and "Bitcoin". I tried Terminal first. It appeared that whatever I typed into it was immediately mirrored in the CLI window. I typed <code>help</code> thinking it would give me a list of commands like it does in Bash, but instead I got the nonsensical string <code>&lt;1.lqz [* &lt;232.hhi 51.qbt 123.ppa 46.hgz 1.pnw %140&gt;]&gt;</code>. (At least it has an angel number...?)</p>
<p>Unintuitively, "installing" more apps means opening the search bar instead of a dedicated "install" button (even a little plus sign would have been more helpful) and pasting in a long unmemorable string from an external <a href="https://web.archive.org/web/20220730142727/https://urbit.org/ecosystem?type=applications">app directory</a> that has right-clicking disabled, just like the Urbit project blog I sifted through to try to get more information on how the project had grown over the past three years. (There are only so many times I can right-click a tab and duplicate it before I give up out of frustration.) The web UI provides neither app discovery nor progress on app installation: all logs instead get output to the CLI window, and the web UI just gives the web3 equivalent of a middle finger with an endlessly-spinning wheel icon. Once I got some apps installed, I attempted to interact with them:</p>
<ul>
<li><code>~dister-norsyr-torryn/canvas</code>: Like r/place, but stupider. I definitely had A Time vandalizing a few doodles on the preinstalled public canvas. I wouldn't call it a "fun" time... just A Time.</li>
<li>There's a <a href="https://web.archive.org/web/20220805170810/https://urbit.org/applications/~ribben-donnyl/funes-notes">notes app</a>, which I showed some initial interest in, but the only frontend is for... iOS.</li>
<li><code>~magped-magped-rabsef-bicrym/wrdu</code>: I don't play Wordle, but I got the general gist of the game pretty quickly. I got three green letters and then lost, but the app didn't tell me what the winning word was.</li>
<li><code>~tirrel/studio</code>: Took forever to install. It requires you make a "notebook" first, but it doesn't show where to do that. It also requires a clearnet domain to mirror to.</li>
<li><code>~dister-nocsyx-lassul/sphinx</code>: It required me to install another app in order to have "friends". I added the star ID of the person I got the Urbit planet from and returned to Sphinx, but still nothing showed up. I left it alone and then returned to it about a week later, but still nothing had appeared in the feed.</li>
<li><code>~dister-fabnev-hinmur/escape</code>: This is the titular chat app. A small handful of popups directed me to some rooms that, from the chat history, appeared to have a small handful of active users. Emphasis on <em>small</em>. I sent a few test messages, but nobody responded to me. Presumably most of the users had hidden themselves away in non-default groups, none of which I bothered joining because... I mean, if I wanted to talk to random techbros, I'd just boot up any old IRC client, no blockchain required.</li>
</ul>
<p>There is a <a href="https://web.archive.org/web/20220730152301/https://github.com/matildepark/urbit-static-page/">static site app</a>, but the files inside of it don't seem accessible from inside Urbit itself, instead using the user's "pier" (the Urbit storage) to serve on the clearnet. (That is what I could glean from the sparse documentation.) At least, that <em>seems</em> to be the intention, as the clearnet gateway timed out when I tried it. At that point, one could just install any web server instead and get better results.</p>
<pre>
> exit
-find.exit
dojo: hoon expression failed
> quit
-find.quit
dojo: hoon expression failed
> bye
-find.bye
dojo: hoon expression failed
</pre>
<p>Turns out "|exit" or Ctrl-D is the "get me the hell out of here" key combo.</p>
</div>
<hr>
<div class="box">
<h2>coming back down to earth</h2>
<p>I'm not interested in a convoluted chat app to talk with complete strangers, much less the kind of "techbros" that are attracted to web3 like moths to a lamp or flies to candy. I already have DecSync for decentralized calendars and an increasingly convoluted web of devices running Syncthing for my notebook. And I can just open the Firefox Klar shortcut on my phone's homescreen for the weather... or, you know, look outside my bedroom window. (I need to go outside more often. Stupid humidity, making me wilt at even the slightest bit of sweat... Ah, the joys of having sensory issues.)</p>
<p>I don't see the point of any "alternative Internet" project that doesn't allow me to share my writing in some form. Hell, even Secure Scuttlebutt allows for <a href="https://web.archive.org/web/20220730153520/https://github.com/hackergrrl/ssb-webify">in-network website hosting</a>, albeit broken last time I tried. The closest thing to Urbit's promise of a "personal server platform" with a "consistent digital identity" that actually functions without the paywall is ZeroNet, but just as Urbit is hamstrung by the utter insanity of the "Hoon" and "Nock" programming languages, ZeroNet is held back by its lack of documentation and spaghetti-tier Python code, both of which make it diffcult for programmers to contribute new applications to their respective platforms. Which is a shame. The idea of being able to host one's entire Internet presence, with private keys and being able to run on (nearly) any computer anywhere, is quite attractive to me.</p>
<p>While I admit Urbit holds a lot of promise, and a lot of effort has been made to smooth out the technological rough edges that often prevent non-technical users from using "alternative Internet" projects, the apps required to replace many of the functions of Urbit's self-proclaimed enemy "MEGACORP" in the eyes of "normies" simply aren't there yet. I see no shared file storage or long-form mailing system or website hosting or even just a Facebook/Twitter/Instagram/whatever-social-media clone. Unlike ZeroNet, Urbit doesn't seem resilient in the face of intermittent connections to the outside world or situations where one has access to other peers inside the LAN but not outside. In the face of the looming climate crisis and the computing challenges that will no doubt accompany it, Urbit seems needlessly fragile, too little too late.</p>
</div>
</article>]]>
</summary>
</entry>
<entry>
<title>Separatism: Redux</title>
<link href="https://mayvaneday.org/blog/2022/august/separatism-redux.html" />
<id>https://mayvaneday.org/blog/2022/august/separatism-redux.html</id>
<published>2022-08-01</published>
<summary type="html"><![CDATA[<article>
<p>More than three years ago, I wrote <a href="https://mayvaneday.org/blog/2019/june/separatism.html">a post about female separatism</a>, or the concept that only by women divesting themselves of the need, or even the presence, of men in their lives and by working to build female-only institutions and otherwise centering women in their lives can they truly achieve liberation from the male-built structures, most of which fall under the term <em>patriarchy</em>. Because many of the structures in today's society require interacting with males- to name a few, college professors, plumbers and other home maintenance professionals, businesses- with no viable alternative, it is considered the work of every female separatist to contribute in some way to providing female-owned equivalents. At the time, after considering the concept, I ultimately rejected it because I was still struggling to reconcile my individualist belief that no person should be held responsible for crimes they did not commit with the radical feminist truth that men as a class are responsible for almost all problems faced by women. I only wanted to see the world as a collection of unrelated and coincidental events that <em>maybe sometimes</em> had deleterious effects in my life instead of burdened by an unconscious machination working to keep every woman oppressed at all costs. I stated that, if I were to flee to a separatist land, a Second Realm, I would choose one ran by libertarians (despite their <a href="https://web.archive.org/web/20220727005549/https://www.agoristnexus.com/seasteading-case-studies-learning-from-the-failed-attempts-of-the-past-practical-liberated-lifestyles-on-the-high-seas/">continued failures</a>) rather than by women, radfem or not, because I believed that lip service to the concepts of freedom and bodily autonomy would be enough to keep me safe from said misogynist machinations that employ every man alive.</p>
<p>But after having spent time in online women-only spaces and of pouring effort into the friendships with the women in my life, I think I have changed my mind.</p>
<p>The Internet as it currently stands is no place for a woman, no matter her mental fortitude. I have gone through many a social media site throughout my time in this hellscape, from mainstream places like Twitter to the Fediverse to "Reddit runoff" link aggregators like Ramble to <a href="https://mayvaneday.org/blog/2022/june/purity.html">indie forums</a>. Inevitably what happens is some male comes in, convinced that he knows better than me despite, from his words and the way he conducts himself, having <em>clearly</em> misinterpreted my argument, and starts "dick-swinging" until I get tired of attempting to put out the flames of his tantrum or arguing with a brick wall and decide to go do something more productive with my time, at which point he declares himself the "winner" of the "debate". As I have gotten older and less desperate for validation on the Internet, I have found myself opting for this "walk away" approach more and more. <em>Every</em> social media site that is not explicitly for females is rife with misogyny: Reddit's <a href="https://web.archive.org/web/20220726231916/https://www.reddit.com/r/BanFemaleHateSubs/wiki/index/">legion porn subreddits</a> and <a href="https://web.archive.org/web/20220726232429/https://ovarit.com/o/TransLogic/121648/first-thing-i-saw-on-r-actuallesbians">male infestation of formerly female-centered places</a>, "tradcaths" and "coomers" on Twitter and Tumblr, blatant calls to violence against women on literally <em>every</em> imageboard I've ever seen...</p>
<blockquote>All space becomes male space unless females maintain a concerted effort to mark a space for themselves.<br>- Sheila Jeffreys</blockquote>
<p>For a long <em>long</em> time I have wished for a female-only lowercase-I internet. Even just a darknet, an overlay network a la Yggdrasil, a place no man could ever traverse. (Of course, it would be difficult without some kind of centralization to verify that only females are accessing the network, but this post is not concerned with implementation details.) A place without the cruft and scum and constant fighting for recognition of my worth as a person that defines the male-dominated Internet. From what I have seen of the few spaces like this on the clearnet I have found, I can extrapolate what this new network would look like: far less (maybe even no) pornography being spammed everywhere, less needless software complexity in the name of "dick-swinging" to pad out one's programming portfolio or resume, less soulless corporatist minimalism, fewer threats of violence, less harassment (sexual or otherwise), less SEO spam and blog chum... kinder interactions, more vibrant personality on personal websites...</p>
<p>Less energy spent "proving" my worth as a (physically) human being.</p>
<p>As far as socializing with strangers online goes, I have within the past few months taken up refuge in Ovarit (and ThePinkPill when the former doesn't have an appropriate "circle" for what I want to post or when said thing has already been posted but the discussion is dead and archived). In the process, I have discovered that <strong>I don't hate social media, I'm just tired of interacting with men.</strong> I have literally never had an argument on Ovarit in my time there. Plenty of disagreements and differences in opinion, sure, but no actual <em>fights</em> in the same way I did on an obscure forum in June when some "moid" was insultingly dismissive of my anxiety over the fall of <em>Roe v. Wade</em>. All my interactions on Ovarit have been respectful, if not warm and friendly and supportive. The archetypal social media user who only logs on to stir up shit and be a contrarian has a hard time taking root, quickly banned as a troll uninterested in arguing in good faith or contributing to a productive conversation. The women there (and maybe outside, if I were brave enough to share some of my writing away from the keyboard) just seem to understand my writing in a way that men appear to be fundamentally incapable of: the latter maybe a few key concepts here and there, but rarely, if ever, in its complex totality.</p>
<p>It's funny the respect among users that naturally forms when you're surrounded by people who have already implicitly agreed on the value of your life and your words and your <em>personhood</em>.</p>
<p>Despite it being a public website, I feel safe there in a way I haven't felt online in a long time. It is the same overwhelming feeling of sudden safety oft documented by women entering womyn's festivals for the first time (I think specifically of <a href="ipfs://QmUT6pjdhn6tC3GD1am64TAzpoqPD7hmjbG8hBGncyTkaY"><em>The Disappearing L</em> by Bonnie J. Morris</a>) and every time thereafter. Being in an environment of all women when one has been living in the world of men all their lives, suddenly cognizant of the male voyeur implanted in their brains since birth demanding they stay "pretty" and "consumable" all the time and how utterly useless it is there. It fills me with sorrow and yet hope at the same time: hopeful because the safety and camaraderie and solidarity expressed in the journals and snippets within prove that female separatist micro-societies <em>can</em> in fact function without men, sorrowful because many of them were shuttered before I came out and ever knew of them, but hopeful again because what once was can be yet again - and <em>is</em>, now, today, in many places throughout the world.</p>
<p>What levels of freedom can I not even conceive of because of the weight of misogyny I've carried all my life? What does a truly liberated female who has never known male-caused violence, male-caused sexualization, male-caused <em>dehumanization</em> look like?</p>
<p>I may never know in my lifetime.</p>
<p>And it <em>infuriates</em> me.</p>
<p>I'm tired of this world of men. Of being caught in the tangle of their lives. And even if I am never able to leave the Golden Cage of the house of my parents, what with the climate crisis and the housing bubble and an unlivable wage and the simple fact of me being incompatible with this world, I wish to build this female Second Realm (which exists <a href="https://web.archive.org/web/20220727005918/https://www.vice.com/en/article/jpmdky/whos-killing-the-womens-land-movement">now</a>, despite everything) in the ways that I can with the knowledge that I have. To build this world that does not question my basic worth, that does not ask me to live in servitude to any person, that wholeheartedly seeks my development and fruition as a whole and complete person in and of myself free from the bonsai-esque trimming male society imposes on every woman.</p>
<p>After all, in the end, I can only save myself. And this world of men offers no true salvation.</p>
</article>]]>
</summary>
</entry>
<entry>
<title>The state of darknet access on Android</title>
<link href="https://mayvaneday.org/blog/2022/july/android_darknet.html" />
<id>https://mayvaneday.org/blog/2022/july/android_darknet.html</id>
<published>2022-07-11</published>
<summary type="html"><![CDATA[<article>
<div class="box">
<p>Although I've been publishing things on the internet since I was about eleven, it took me until I was seventeen to get reliable access to a computer of my own and nineteen to set up my first Tor hidden service, back when v2 addresses were a thing and one had a hope of memorizing the URL to share to others. Meaning, up until then, I was sharecropping on someone else's server: Blogger at first, then WordPress once I realized how evil Google was, then Neocities until I was harrassed off one day.</p>
<p>If I knew back then what I do now, then obviously I would have never put anything on the clearnet to begin with. What creative ideas did I let wither inside me because I had to constantly toe the line of being grounded and electronics confiscated for something innocuous? (So my brothers can openly joke about porn and violence against women and my parents refuse to do anything, but I wrote <em>one</em> poem about my ex-girlfriend that I had when I was fourteen- and while it wasn't very good by my current standards, I certainly wasn't wishing violence against the teenager- and they took all my devices and isolated me from my friends for a week...?) I can only guess how much better at writing I would be today if I hadn't had to constantly bite my tongue.</p>
<p>But Tor hidden services require a server, being that Tor is a client-server model. And while I cannot remember whether or not Orbot had hosting support back in 2014 when I was using it to get past my middle school firewall, I can attest that not only does Orbot have hosting support nowadays, but there are also <em>many more</em> options for publishing content on the "dark web" with nothing more than a phone and a little technical expertise.</p>
<p>For this post, I attempted to do as much as possible with that same device I spent so many hours typing into the WordPress editor on: a Motorola Moto X, Verizon edition, Android codename "ghost". It has not seen system updates in about five years, forever stuck on Android 5.1, and I have neither the bandwidth nor the patience to <a href="https://web.archive.org/web/20220708192015/https://wiki.lineageos.org/devices/ghost/build">attempt to compile an abandoned version of LineageOS</a> just so I can have Android 6.0 instead. For apps that require a more recent version of Android or otherwise crashed on the Moto X, I instead used the phone I had after it, a Samsung Galaxy Note 3 with the latest nightly of LineageOS (meaning some minor point version of Android 11 at the time of writing). For client-server darknets, I used <a href="https://f-droid.org/en/packages/com.example.flutter_http_server/">ServeIt</a>, available on F-Droid, as the backend server; it only supports static hosting from a directory of files, meaning no dynamic applications, but that would have been all I needed back then.</p>
</div>
<hr>
<div class="box">
<h2>Tor</h2>
<p>Once upon a time, there was a "Tor Browser" app named Orweb which was little more than an Android WebView wrapped in a very poorly-made UI. That eventually got abandoned and replaced with Orfox, which was slightly better and also allowed for niceties like bookmarks and tabs. (I am going off my memory from about a decade ago, so don't bother emailing me if I got something wrong.) Nowadays we are a bit more spoiled with an <a href="https://www.torproject.org/download/#android">official Tor Browser</a>. However, it seems to crash a lot, so I prefer to browser Tor hidden services on Android using <a href="https://f-droid.org/en/packages/com.stoutner.privacybrowser.standard/">Privacy Browser</a> instead.</p>
<p><a href="https://github.com/guardianproject/orbot/releases">Orbot</a> is best in class as far as "Tor on Android" goes, and I know of no other (non-proprietary) solution that doesn't come coupled to a browser. In Orbot, you can set up a hidden service by going to the meatball (three dots) menu, pressing "Onion Services", then "Hosted Onion Services". Ensure that "User services" is selected and then press the plus button in the lower-right corner. "Local port" should be the port ServeIt is running on, and "Onion Port" should be 80 as that is the default HTTP port. (You can make it something else, but then you would need to share that as part of the URL.) Long-pressing the service URL once created will show an option to backup the keys or copy the URL to the clipboard.</p>
</div>
<hr>
<div class="box">
<h2>I2P</h2>
<p>There are two I2P apps on F-Droid that I know of and have used. The primary one is slow and buggy and features a built-in browser that is even worse than Orweb was back in the day. Therefore I recommend using <a href="https://f-droid.org/en/packages/org.purplei2p.i2pd/">i2pd</a> instead. Any browser can be the "I2P browser" if set to use localhost port 4444 as HTTP proxy; the aforementioned "Privacy Browser" has a preset in the proxy menu to use I2P without messing with port numbers.</p>
<p>Unlike Orbot, i2pd stores all of its settings and keys in the filesystem instead of in the app settings. (This may or may not be a security risk depending on your threat model.) In your device's home directory will be a folder named "i2pd". Inside is the file <code>tunnels.conf</code>. If your file manager has the option to manually open the file as text, use that and open it in your favorite text editor; otherwise temporarily rename the file to <code>tunnels.txt</code> to edit it.</p>
<p>At the end of the file, add the following:</p>
<pre>
[server]
type = http
host = 127.0.0.1
port = 8888
keys = http.dat
</pre>
<p>Please note that port 8888 in this example is what ServeIt was running on. If yours is on a different port, then change the number in the above config accordingly.</p>
<p>If you renamed the file, change it back to <code>tunnels.conf</code>. Go back to the i2pd app, press on the meatball menu and then "Reload tunnels", then "Open Web Console" and "I2P tunnels" to get the new URL of your eepsite.</p>
</div>
<hr>
<div class="box">
<h2>Yggdrasil</h2>
<p>There is a <a href="https://f-droid.org/en/packages/io.github.chronosx88.yggdrasil/">Yggdrasil</a> app which I have successfully used to navigate Yggdrasil sites before on my main phone, but it continuously crashed on both my Moto X and Note 3. On my main phone (a Samsung Galaxy S9) it was hard to see the full IP address... and the request to ServeIt from a different device also running Yggdrasil on the same network (so autopeering would have occurred) timed out. As Yggdrasil runs on Linux by creating a new virtual network adapter so that it can coexist with an existing network stack (instead of using proxies for access like Tor) and none of my devices are rooted, it does not make sense to attempt to compile and run it in Termux or UserLAnd.</p>
</div>
<hr>
<div class="box">
<h2>Lokinet</h2>
<p>There exists a <a href="https://oxen.rocks/oxen-io/lokinet/">dump of Lokinet binaries</a>, including APKs for Android, run by the developers... but I was immediately greeted with the following message:</p>
<blockquote>Builds from this server may work, may fail, may wipe your hard drive without asking, and are entirely unsupported.</blockquote>
<p>Being that Lokinet has a personal reputation of being clunky and inelegant at best and downright non-functional at usual, I did not go on with high expectations. My hopes were not bolstered by the fact that half of the Android binaries were named "anrdoid". Very classy. Truly the attention to detail I want to see in an anonymity network.</p>
<p>The Lokinet app white-screened and then crashed on the Moto X. It ran on the Note 3 (at least, it said it was running...?) but no pages loaded.</p>
</div>
<hr>
<div class="box">
<h2>Freenet</h2>
<p>There is a version of <a href="https://f-droid.org/en/packages/org.freenetproject.mobile/">Freenet mobile</a> on F-Droid that I've found works wonderfully on my current phone. As it uses the same FProxy interface as the desktop version, everything works the same, from adding bookmarks to managing peered friends to browsing sites. Although the app ran on the Moto X, it hung at "Starting up". It also seemed to make Orbot in the background go berserk, constantly crashing and bringing itself back up again.</p>
<p>As for publishing, jSite, which I use to publish freesites on the desktop, is a no-go unless one wants to spend several hours setting up a Java runtime environment and an X server and a desktop environment in either Termux or AnLinux. While I could probably do this on my current phone with little issue using desktop mode and my wireless mouse and keyboard, for most of the Moto X's useful lifetime (the battery has been shot and nonfunctional for a few years now) I did not have even so much as a Bluetooth keyboard and was stuck to tapping on the screen.</p>
<p>The Freenet devs, however, have provided a simpler method of freesite publishing for those unable to access an X server. Run the following in Termux:</p>
<pre>
termux-setup-storage
pkg install git python3
git clone https://github.com/freenet/pyFreenet
cd pyFreenet
</pre>
<p>To upload a single file. run the following command: <code>python ./fcpupload ~/storage/shared/path/to/file</code></p>
<p>(You can also just use the FProxy interface from a browser.)</p>
<p>To make an updatable freesite:</p>
<pre>
python ~/pyFreenet/freesitemgr add
python ~/pyFreenet/freesitemgr listall
python ~/pyFreenet/freesitemgr update NAME_OF_FREESITE
</pre>
<p>Please note that it may take a great while depending on the CPU speed of your phone, your internet speeds, and the size of the freesite.</p>
</div>
<hr>
<div class="box">
<h2>ZeroNet</h2>
<p>There have been several ZeroNet apps for Android. The most feature-packed is <a href="https://github.com/ZeroNetX/zeronet_mobile/releases">ZeroNetX Mobile</a>, which does not seem to be on F-Droid. Please keep in mind, however, that the latest public build as of writing is from December 2021. It hung on first start on my Moto X, but worked on the Note 3.</p>
<p>After the app downloads all assets, the UI <em>should</em> start in settings. Make sure to enable "Public DataFolder" and "Disable Battery Optimization".</p>
<p>After initialization and first start, go to ZeroHello and then open the left side menu. Wait for all zites to finish updating, then click the meatball menu by "Scribe" and then "Clone". If you're not good at HTML and want an in-browser editor and built-in comment support, you're done and can get to writing. If you want to drop your own HTML files into the zite, open your file manager and go to <code>Android/Data/in.canews.zeronetmobile/files/ZITEHASHHERE</code> and edit/add/delete to your delight. (Just leave <code>content.json</code> alone, as that contains some of your private keys.) Go back to your zite in whatever browser you're using and hit the "Sign &amp; Publish new content" button. It may fail since the zite is new and has no seeders, but that can be fixed by sharing the zite URL with some others who may be interested in your content.</p>
</div>
<hr>
<div class="box">
<h2>IPFS</h2>
<p>The <a href="https://f-droid.org/en/packages/threads.server/">official IPFS client</a> requires Android 9.0 or newer, so it can't run on my Moto X. <a href="https://f-droid.org/en/packages/com.termux/">Termux</a> to compile the CLI binary won't run on the Moto X either since it requires Android 7.0 or newer. I did not attempt to compile it in UserLAnd, and back in 2014 I wouldn't have known how to compile anything anyway. The IPFS app in my experience does not run well on any device and has issues with retrieving data, even from peers on the same network as it. (Plus the QR code scanner makes an annoying beep.)</p>
<p>To compile IPFS in Termux, run the following:</p>
<pre>
pkg install golang build-essential file git
git clone https://github.com/ipfs/go-ipfs/
cd go-ipfs
make build
./ipfs init --profile=lowpower
</pre>
<p>From there, all IPFS commands work as usual, but you must find a way to run the daemon in the background.</p>
</div>
<hr>
<div class="box">
<h2>Hypercore</h2>
<p><a href="https://gitlab.com/gateway-browser/gateway/#building-from-source">Gateway Browser</a>, which attempted to be "Beaker Browser but for Android", was last updated a year ago, and the developer never provided any publically available binaries, testing or not. The repo was so large that I had issues downloading it from my home connection; I had to clone it on my VPS and then move the git tree elsewhere and download the other files through SFTP to reduce it from <em>half a gigabyte</em> to only a few megabytes.</p>
<p>The README's instructions to compile it were absolutely awful and vague. When I finally got <code>npm</code> and Node.js working on my machine, I ran <code>node ci</code> to install the dependencies for the app, and at the end I got:</p>
<blockquote>76 vulnerabilities (2 low, 34 moderate, 24 high, 16 critical)</blockquote>
<p><em>I love unmaintained software!!</em></p>
<p>The build failed. What did you expect from Node.js?</p>
<p>Hypercore, the protocol Beaker Browser started using once they abandoned Dat, apparently provides <a href="https://hypercore-protocol.org/guides/hyp/">its own CLI</a>... unsurprisingly also written in Node.js like so much other "next internet" garbage. This was slightly easier to install, although I don't see how my early-teenage self would have even known how to look for this.</p>
<p><a href="https://f-droid.org/en/packages/tech.ula/">UserLAnd</a> failed every <code>npm</code> command with "Illegal instruction". <a href="https://f-droid.org/en/packages/exa.lnx.a/">AnLinux</a> in a Termux install got as far as running <code>npm install -g @hyperspace/cli</code> before <code>npm</code> crashed at the end with the message "Exit handler never called!"</p>
<p align="center"><img src="https://mayvaneday.org/img/node.png" alt="I HATE NODE.JS!!!" /></p>
</div>
<hr>
<div class="box">
<p>Hosting on mobile comes with two obvious challenges:</p>
<ol>
<li>When using a client-server model, the phone will likely have less "uptime" as far as the network is concerned than an actual server running somewhere. Not everyone has the benefit of a persistent Internet connection, much less one fast enough to handle more than a light load of traffic, or the battery life to safely have one's device connected to a network and pumping data 24/7. While mobile data can help alleviate network availability, not everyone has an "unlimited" data plan, and even "unlimited" ones often have a set amount of data at high speeds usable every month before the user is kicked to a subpar speed for the rest of that billing month, which may not be fast enough for hosting purposes. These mobile servers would be even more vulnerable to DDoS attacks. Being that phones are used for a hell of a lot more than just hosting and the trend of using chat apps instead of traditional SMS, network congestion and increased battery drain caused by a flood of traffic to one's hidden service could lead to a life-threatening situation.</li>
<li>When using a peer-to-peer model, not all mobile networks are friendly or accomodating towards peer-to-peer traffic. In some networks, whether mobile data or WiFi, said traffic may be filtered or blocked or even illegal in some jurisdictions. With ZeroNet, for instance, a VPN can be used to circumvent any blocks for the purposes of <em>viewing</em> content, but until one gets a substantial amount of peers on their own zite, said zite's availability is restricted by one's ability to get a certain port open on the network, which is often not possible with free VPNs or on mobile networks.</li>
</ol>
<p>Despite these challenges, the state of hosting one's content on darknets via Android is much more stable and accessible than it was several years ago. But many of these darknets still depend on being able to access the wider Internet to reach the servers responsible for controlling the darknet: Tor is heavily centralized in the sense that the network depends on the existence of a few <a href="https://web.archive.org/web/20220708210031/https://consensus-health.torproject.org/">consensus nodes</a>, and the app used in the ZeroNet section of this post depends on Github to retrieve the Python 3 runtime and other dependencies, and Yggdrasil requires at least one public peer configured in order to talk to devices outside of the local network. As much as I dislike the state of ZeroNet's development, it would probably be the most functional in a situation where Internet access is limited and one only has an Android device and needs to share information, followed by Freenet.</p>
<p>As far as creating that information, whether webpages or books or other media? Well, that is a problem for a later post.</p>
</div>
</article>]]>
</summary>
</entry>
</feed>
View Git Blame Copy Permalink