@CustomDesigned voted ``` Log level: notice OpenError: IO error: lock /Users/a/.ssb/db/LOCK: Reso
@CustomDesigned in #books
Re: %Y3ySO6CVs


did you quote from three different literary works? Should I know what "chapter IV, Participation" is? I am... scared/confused/no idea what is going on right now.

Just one work - the mentioned "Saving the Appearances" by Owen Barfield. It does takes a rew readings, however, and introduces some technical words, and a few new ones. It is hard to summarize - but a good exercise to try.

@CustomDesigned in #patchfoo
Re: %9jNoEmstw

@tohl Just tried it, and it only partly works. Maybe try the other site.

Re: %9jNoEmstw

@tohl Use http://gitmx.com/%25M0TrM%2BoJT2i%2FphUJO%2FfZ2wkK2AN2FB1xK0tqR7SNj58%3D.sha256 instead. Unfortunately, url-encoding or not url-encoding message ids makes various proxies and browsers break or start working again. Technically, the message id should be url encoded - and that is what git-ssb requires. But other things (like Apache ProxyPass) break unless only the '%' in the message id is url encoded.

@CustomDesigned voted @ev git-ssb seems to offer download via http, e.g. at http://gitmx.com/%25
@CustomDesigned in #nomic
Re: %yMeVfJwjT


I'm looking forward to a future with self-enforcing smart rules leaving no room for ambiguity, and removing the need for human Judges.

What about bugs/"unforeseen features"?

That said, the Western world empire from Babylon to Persian to Greece until Antiochus Epiphanes had monarchs that could make any decree with only one restriction: any "decree" (which was different from ordinary daily orders, no different than any other master/commander) was binding on the entire empire and could never be revoked. This was intended to make the absolute monarch very sparing in the use of decrees for fear of unforeseen consequences. It also made the laws of these empires an immutable append only log!

The Biblical record includes a decree by Nebuchadnezzar guaranteeing religious freedom for the Jews (in effect outlawing any laws restricting Jewish religious practice with characteristically harsh punishment for the legislator attempting to do so). This was invoked by Mordecai under the Persian empire - showing that these decrees were cumulative, even across regime changes.

There were hasty decrees also. When Haaman coaxes a hasty decree from Ahasuerus, it could not be undone, even after the sponsor was executed. There could only be added another decree mitigating the damage.

Re: %9jNoEmstw

@Howard Klein Patchwork depends on electron, which on Fedora at least, depends on downloading precompiled binaries (verified by hash). When electron eventually gets packaged (should be possible since it is MIT licensed), patchwork would be an option for Fedora.

Second, patchwork as an "all in one" app both simplifies the initial experience, and immediately becomes a stumbling block as soon as you decide to branch out - keeping a piggy GUI app running just so you can use git-ssb is Really Annoying™. Running a background scuttlebot plus clients is far more flexible - even if it requires more steps at startup.

Thirdly, scuttlebot as a background app is much easier to sandbox for security. Running browser based clients like #patchfoo and #minbay then leverage the browser sandbox (for what it's worth).

@CustomDesigned in #film
Re: %K20iNmkKT

Primer 2004

This movie was shot with a budget of $7,000 USD. It was not improvised - the plot explores paradoxes of time travel. Do not expect hard sci-fi, the time travel is essentially magical - but has strict limitations very reminiscent of quantum phenomena. Not to give too much away, four friends find a way to put a seemingly useless form of accidentally discovered time travel to use - but the consequences are unexpected and relatively unique in the time travel genre (no loops, etc). Ok, the consequences are maybe not so unexpected to those familiar with "What could possibly go wrong?" The plot is not Great Literature: what makes this low budget movie acted by amateurs so addicting is working out the full complexly branched plot from the barely sufficient scenes provided in the movie.

@CustomDesigned voted [Coherence 2013](http://www.imdb.com/title/tt2866360/?ref_=tttr_tr_tt) Thi
@CustomDesigned voted Ethan Zuckerman is a patriarch of today’s web and published a report on the
@CustomDesigned in #perception
Re: %Y3ySO6CVs

@wmhilton opined:

Pretty soon we'll be living in an augmented-reality or virtual reality universe, and if "the norm" is for every single human to live in a different reality - if all actions that go into their personal redux store are filtered 100% individually - won't that lead to societal collapse?

We already live in individually perceived "realities". Perception is (hopefully more or less) based on sense data derived from a common objective reality. But our best understanding of that underlying environment models it as particles with mostly empty space. The apparent solidity of your table and chair (or tree stump) and computer are not the underlying particles, but an abstract model built by your brain. The raw sense data is mapped (in a process called "figuration") to symbols (called "representations"). So often we think we see something, but later jump to a different mapping - the basis of optical illusions, or just common misperception:

He thought he saw a Buffalo
Upon the chimney-piece:
He looked again, and found it was
His sister's husband's niece.
'Unless you leave this house,' he said,
'I'll send for the Police!'
-- Lewis Carroll, "Sylvie and Bruno"

The introductory example in "Saving the Appearances" by Owen Barfield is a rainbow. Is a rainbow really there? This mapping of raw sense data to symbols is essential for humans to function, but sometimes those symbols get activated without being prompted by sense data - we call this "hallucination". How can we distinguish hallucination from perception derived from the sense data? We ask other people what they perceive. As a culture we map sense data to symbols in a broadly similar way, which Barfield calls "collective consciousness".

As individuals, we can deviate from the collective consciousness in some ways. Our modifications are then passed on to children we raise - a mental heritage arguably even more important than DNA. This results in a gradually changing collective consciousness, which Barfield calls the "evolution of consciousness".

In more ancient times, people were more aware of the role of perception, and consciously "participated" in shaping how they perceived things. In modern times, we think of our perception as "reality" - hence the subtitle of Barfield's book "A Study in Idolatry".

Thought question

"They thought they saw"

Of course, two people can make the same momentary mistake about the identity of some imperfectly seen object. But the generally acception criterion of the difference between "I thought I saw" and "I found it was" is that the former is a private, and the latter a collective representation. What if 'they' is a whole tribe or population? If the 'mistake' is not a momentary, but a permanent one? If it is passed down for centuries from generation to generation? If it is never followed by "They found it was"? The "mistake" itself becomes a collective representation. (From chapter IV, Participation)

@CustomDesigned voted [@ktorn](@z8aJVHJTc6MM8FwaNE2GIS3AYYt2HYFNWQUO8/iydNw=.ed25519) there is so
@CustomDesigned voted today pigeons ate all my seedlings on the roof, grrrrh, I want to eat sqaub
@CustomDesigned in #patchfoo
Re: %AwBPdgm3L

@cel I have my small fixes (except for the symlink to make ssb-backlinks actually get loaded) in a local "gathman" branch of the patchfoo git-ssb repo. I have not attempted to push my branch for fear of being one of those people to mess up someone else's repo. What is the best practice for proposing my changes?

@CustomDesigned in #privacy
Re: %zhWYSh1Ij

One of the government concerns with #ipfs is that illegal material could end up in your cache. I had the idea of a non-enumerable cache. You can query the cache for a specific hash - but can't list all the hashes in the cache. (Basic idea is to encrypt every entry using a key derived from the hash.) I liked this because it was like a crypto implementation of the 4th amendment to the US Constitution.

The thing that ssb offers (and ipfs could also - If they haven't already, I need to check on the project) is that content is signed. (Is the blob cache also signed?) Thus you can prove the origin of any illegal content to be someone who knows the private key that signed it. While this won't get you very far in courts today, it could with some kind of legal groundwork - to educate court systems before cases come up that they don't understand. (Judges don't understand computers - and I'm guessing I don't really understand law either.)

@CustomDesigned in #patchfoo
Re: %Yz2aH8SVr

Fedora does include npm, and it is pre-configured to pull modules from /usr/share/node_modules (where Fedora puts all the packaged nodejs modules). But somebody has to package them....

@CustomDesigned in #patchfoo
Re: %Yz2aH8SVr

I need to reference - point to where a user can download and compare the source or update his local package without waiting for the official maintainer to get around to it - the sources. Technically, I could do what you suggest by "forking" scuttlebot and all its dependencies (after checking that the licenses were all compatible) and making my own github repo with them all combined for my fork, and pointing to that as the "upstream" vendor. But then, the owner of the repo (moi) would have to track updates to all those modules and keep the repo up to date. I.e. your approach needs to #decentralize.

Logically divided into smaller packages, each package can be independently maintained. Initially, I would submit all 25+ packages - but other proven packagers on Fedora can jump in when they find me too slow (as I have done on other packages - e.g. pgadmin3, which no one wants to maintain because the upstream devs are working on pgadmin4, which is still Real Soon Now™).

Also, Fedora requires special exceptions to "embed" packages - i.e. include a snapshot of some unpackaged source. (Hence my effort to keep cjdns running with libsodium instead of the 6 year old nacl snapshot that @cjd uses). Embedded packages result in a worse maintenance problem than my hypothetical github fork - as there is no official upstream.

Logically, npi i ... could substitute for wget http://..., and we could add an npm: url scheme (does npm offer an http interface somewhere?). I am a newcomer to nodejs (I'm only tackling it because ssb is so important), so it would be a hard sell.

@CustomDesigned voted Trying out patchfoo on the setup at home --- an ancient iPad and macOS comp
@CustomDesigned in #patchfoo
Re: %Yz2aH8SVr

Internet is intentionally blocked when building or installing a Fedora package. Remember, you are supposed to be able to build or install on a desert island - offline. All dependencies have to be prefetched and prebuilt (without internet), and individually referenced as a source. A package with 500+ "sources" is ridiculous. Hence my plan to partition in logical groupings of around 20 packages each.

@CustomDesigned in #patchfoo
Re: %AwBPdgm3L

OK, live does work on firefox - it's just that it's about 15 mins from when a post is available on new until it pops up on live.

BTW, when does patchfoo use my subscription list? I seem to get all channels on public,new,live. I'm not interested in #nomic at the moment, for example - and it is generating a lot of posts. I'd actually like to be able to exclude channels from public/new/live without blocking them entirely.

@CustomDesigned in #patchfoo
Re: %AwBPdgm3L

Live doesn't seem to work on firefox. I click Catchup in new, then immediately clicked live and waited for 10 minutes. Went back to new, and a bunch of stuff had shown up that didn't show on the live tab.

@CustomDesigned in #ssbc
Re: %lelFHBz41

@Dominic Here is a suggested feature: translations. It is a post that references another post and offers a translation into another language. Even if you don't speak the language, you can run it through google translate, touch it up (using context, intelligence, and familiarity with your own native tongue), and post the translation. Off the top of my head:

    "content": {
      "type": "translation",
      "text": "Comrade shifropanka and cryptoanarchists in #russian, I would like to hear your opinion. It is inspired by the speed of the vehicle from https://www.linux.org.ru/gallery/workplaces/13595789.\n\nWhat do you see as the meaning of being "cipher"? Will you use modern, standard methods (even if not described in the RFC and others like that), or rely on the "old and kind of proven"? Will you use Letsencrypt or will you use CACert? Will you communicate using Keybase.io or will you prefer Retroshare / email + GPG?\n\n...",
      "post": "%lelFHBz413MQ7IAAPYih2+mAjyto/xo0etphHCAsrhk=.sha256",
      "language": "en_US"
@CustomDesigned in #privacy
Re: %lelFHBz41


In the US, surveillance with a warrant is unconstitutional.

In the US, surveillance without a warrant is unconstitutional.

@Stanislav The spaces in your self identification broke my mention, at least in #patchfoo.

@CustomDesigned changed something in about
@CustomDesigned in #privacy
Re: %lelFHBz41

@Stanislav N. aka pztrn
Your sentiment would be valid if governments were completely honest and law abiding. Unfortunately, government is made up of the same people whose evil tendencies require a government to discourage evil doers.

In the US, there are 70000 pages of tax code, 100000 pages of immigration code (fully "legal" immigration is practically impossible), and so many pages of general statutes that the government has lost count. Lawyers estimate that US citizens unknowingly commit an average of 3 federal felonies a day. Is is impossible to avoid "violating laws in any manner".

Lavrentiy Beria, head of Joseph Stalin’s secret police, famously said, "Show me the man, and I'll show you the crime." This is made possible by two things:

1) a vast number of laws so that subjects cannot avoid breaking some
2) comprehensive surveillance so that precise laws broken can be quickly identified.

It is common for the party in power in the US to punish political enemies by fishing for such obscure laws. One that has seen a lot of use is the Lacey Act - even though it is no longer obscure. This is because to avoid violating it, you need to be intimimately familiar with all the laws in all the world!

Under the Lacey Act, it is unlawful to import, export, sell, acquire, or purchase fish, wildlife or plants that are taken, possessed, transported, or sold: 1) in violation of U.S. or Indian law, or 2) in interstate or foreign commerce involving any fish, wildlife, or plants taken possessed or sold in violation of State or foreign law.

As you can see, there are two prongs to reducing these injustices. One, is to work for removing most laws from the books. I favor a mandatory 7 year sunset for every US federal law. If it is a good law, Congress can keep renewing it every 7 years. Second, is to resist the surveillance. In the US, surveillance with a warrant is unconstitutional. Mr Beria's "fishing expeditions" would be themselves illegal:

Amendment 4 - Search and Seizure: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Unfortunately, people in the US have been tolerating blatant violation of this restriction, using two major arguments:

1) <enemy du jour> is going to attack!!! We need to suspend the Constitution to keep us "safe"!!!
2) "If you have nothing to hide, you have nothing to fear."

The latter argument, of course, completely misses the point of the 4th amendment, which is to protect honest citizens from fishing expeditions.

@CustomDesigned in #patchfoo
Re: %Yz2aH8SVr

@noffle npm cache-only behaviour is great for an individual install - but does nothing to help actually packaging a node application for a distro like, say, Fedora.

A package has to reference the source. Nodejs is distributed as source, but listing 502 scuttlebot modules as the sources for scuttlebot is not going to fly. I'm planning to create aggregate packages for things like pull-streams - but even then, listing 20 sources is cumbersome at best.

The goal of source RPMs in Fedora is to be able to build the package on a desert island with no internet - and make changes and rebuild. Npm wants to be a centralized resource that you can't live without.

@CustomDesigned voted i have an answer to my question. here are ipfs addresses for the `h.ipfs.io
@CustomDesigned voted The Shortage of Raisins (a Sad Tale of Shifting Addictions) We live simply
@CustomDesigned in #patchfoo
Re: %AwBPdgm3L

I use "new" every day. You just have to click it on the empty screen in a new browser to set the cookie.

@CustomDesigned in #patchfoo
Re: %Yz2aH8SVr

I think there are some people trying to package npm

It is ironic that ssb is currently distributed via npm - which is the most offline unfriendly packaging system I've yet encountered. That plus the total lack of grouping - every module is it's own package in npm, which is like having a separate package for every object module in a C library.

At this point, my plan is to propose some grouped packages to Fedora (e.g. all the pull stream modules). But there are 500+ modules used by scuttlebot - so it will be years before there is some semblence of order.

@CustomDesigned in #privacy
Re: %lelFHBz41

Both CACert and LetsEncrypt are centralized and enable surveillance. Here is an interesting discussion from #namecoin@irc.freenode.net on Aug 15,2017:

(11:00:54 AM) ***: Buffer Playback...
(11:00:54 AM) Jeremy_Rand[m]: [10:34:56] The anti-privacy Fascists who run BitcoinTalk just added mandatory CAPTCHAs on every login.  They can go fuck themselves, I'm not using BitcoinTalk ever again.
(11:00:54 AM) Jeremy_Rand[m]: [10:35:07] midnightmagic: (you might be interest to know that they did that)
(11:00:54 AM) Jeremy_Rand[m]: [10:35:14] s/interest/interested
(11:00:54 AM) hl: [10:48:00] Jeremy_Rand: 'anti-privacy Fascists' -- not familiar with this story, care to summarize?
(11:00:54 AM) deepy: [10:48:28] I'm guessing it's reCAPTCHA which feeds straight to Google?
(11:00:54 AM) Jeremy_Rand[m]: [10:53:56] hl: I've been hearing sketchy stories about BitcoinTalk admins being dicks to Tor users for a while.  At some point they started requiring Bitcoin payment in order to register over Tor (which both constitutes extortion AND bricks the privacy that Tor would have provided).
(11:00:54 AM) hl: [10:54:08] the fuck
(11:00:54 AM) hl: [10:54:16] what jerks.
(11:00:54 AM) Jeremy_Rand[m]: [10:55:41] deepy: yes, it's reCAPTCHA.  Well-known for being designed explicitly to make Tor easy to deanonymize by having traffic patterns that are trivially easy to correlate between entry node and exit node
(11:00:54 AM) deepy: [10:58:34] Is there any blog post/paper/etc detailing the designs used to deanonymize tor traffic?
(11:00:54 AM) Jeremy_Rand[m]: [10:59:42] Is it okay if I post on the @Namecoin Twitter account asking if anyone can provide a 34C3 presale voucher to us because we'd like to have a developer attend?  CC: hl midnightmagic
(11:00:54 AM) hl: [10:59:55] Jeremy_Rand: I don't see any issues there.
(11:00:54 AM) Jeremy_Rand[m]: [11:00:37] ok
(11:00:54 AM) ***: Playback Complete.
(11:01:07 AM) Jeremy_Rand[m]: (sadly my attempts to find someone with vouchers by asking around individually have not been successful)
(11:02:25 AM) Jeremy_Rand[m]: deepy: There are lots and lots of papers about attacks on Tor.  Tor is one of the most well-studied privacy/security systems in the world.
(11:02:57 AM) Jeremy_Rand[m]: Huge numbers of academics spend their time studying Tor
(11:03:27 AM) Jeremy_Rand[m]: I believe there's a nice list of papers on a website called AnonBib
(11:03:57 AM) deepy: I guess my question was more of a 'Do you happen to know one which has details on that specifically and other related ones', I've had absolutely terrible luck with finding any information lately
(11:06:39 AM) Jeremy_Rand[m]: deepy: ah.  I'm pretty sure I read about that specific attack on Cryptome, but I don't have a link or PDF handy.  The gist of the attack is that the Javascript for reCAPTCHA will generate a large number of HTTP requests for fairly large files (images) that are temporally far apart and randomly spaced, which is basically an ideal traffic pattern for making traffic correlation attacks have a low error rate.  In
(11:06:40 AM) Jeremy_Rand[m]: addition, if the attacker collaborates with Google, they can make the Javascript intentionally not let you in (by showing you more pictures) until they've deanonymized you with the desired confidence
(11:07:49 AM) deepy: That last part is nefarious
(11:10:05 AM) Jeremy_Rand[m]: CloudFlare's usage of reCAPTCHA adds another layer to the attack: because CloudFlare has servers all over the world, CloudFlare can intentionally route you to a server that is geographically located such that CloudFlare and your entry node are in the same jurisdiction, and therefore easy to wiretap for traffic correlation purposes
(11:11:03 AM) Jeremy_Rand[m]: Note that CloudFlare inherently MITM's your TLS traffic and can therefore inject Javascript that generates such traffic
(11:11:35 AM) Jeremy_Rand[m]: CloudFlare is the first example of a "global active adversary", which is basically the Godzilla of network attackers.
(11:12:11 AM) Jeremy_Rand[m]: NSA, by contrast, is trying (and failing so far) to be a "global passive adversary" which is much less powerful
(11:13:52 AM) hl: Honestly, the NSA should just acquire CloudFlare at this point. Or rather, they don't need to. I'm sure they're quite in bed with one another.
(11:15:12 AM) Jeremy_Rand[m]: hl: yeah -- while there are probably nice people at CloudFlare (Filippo Valsorda seems like a cool guy), CloudFlare's business model is completely irresponsible given that NSA (and NSL's, etc) exist.  Basically the same reason Google's business model is irresponsible, but worse.
(11:16:38 AM) hl: Well, I don't think it's just academic. CloudFlare is fronting pirate sites and so on, and it's hard to imagine that surviving in the US. But we know the FBI is happy to keep illegal websites up if they can use them to gather even more intelligence.
(11:17:05 AM) hl: I would be amazed if CloudFlare hadn't basically been "we can shut you down, but if you proved a valuable source of everlasting intelligence..."
(11:17:07 AM) Jeremy_Rand[m]: hl: Did you know that CloudFlare, as a matter of policy, obtains a TLS cert for your domain when you sign up for service, even when you don't pay for the TLS interception service?
(11:17:10 AM) hl: Yep.
(11:17:55 AM) Jeremy_Rand[m]: I have had no luck coming up with a non-malicious reason for that policy
(11:18:00 AM) hl: I mean look at what the US did to someone living in NZ, they convinced NZ to SWAT team Dotcom's house. And we're supposed to believe that CloudFlare has had absolutely no pressure from USG about providing service to The Pirate Bay?
(11:18:12 AM) hl: Jeremy_Rand: the justification is posted in a comment on HN somewhere I think
(11:18:16 AM) hl: might have been a thread I posted in
(11:18:33 AM) Jeremy_Rand[m]: hl: what on earth is their claimed reason?
(11:19:02 AM) hl: Jeremy_Rand: their justification is basically I think, they don't know if you're going to be using the certificate ahead of time, and certificate issuance takes time
(11:19:26 AM) hl: so they get a certificate anyway just in case it turns out to be necessary later
(11:19:51 AM) Jeremy_Rand[m]: hl: That's factually horseshit.  Let's Encrypt issues certs so fast that Caddy can literally get a new cert over ACME when it sees an SNI header that it's never seen before.
(11:20:58 AM) Jeremy_Rand[m]: (And then it uses that cert for the TLS handshake before anything times out)
(11:21:40 AM) hl: Jeremy_Rand:
(11:21:43 AM) hl: https://news.ycombinator.com/item?id=12859345
(11:24:10 AM) Jeremy_Rand[m]: hl: yeah, so "non-zero time" is technically true but totally irrelevant to the fact that issuance is fast enough that you can get it done before any TLS handshakes have timed out, therefore there is no downtime
@CustomDesigned in #c
Re: %mpBw+Oi1O

Subscribers to the C channel might want to take a look at this thread too.

@CustomDesigned in #cjdns
Re: %mpBw+Oi1O

Now I have to tackle Sign_signMsg() and Sign_verifyMsg(). It's trickier because for one thing, I'm not sure which type of signature this is (detached signature or not). There is also a discussion in libsodium on integrating signing with encryption - but that decision is made elsewhere in cjdns, I think. So now I have to identify the libsodium call that matches Sign_signMsg(). I'm not sure if ssb is the best platform for this type of thing, but I'm giving it a try.

void Sign_signMsg(uint8_t keyPair[64], struct Message* msg, struct Random* rand)
    // az is set to the secret key followed by another secret value
    // which since we don't have a secret seed in this algorithm is just the
    // hash of the secret key and 32 bytes of random
    uint8_t az[64];
    uint8_t r[64];
    ge_p3 R;
    uint8_t hram[64];

    Bits_memcpy(az, keyPair, 32);
    Random_bytes(rand, &az[32], 32);
    Bits_memcpy(az, keyPair, 32);
    az[0] &= 248;
    az[31] &= 63;
    az[31] |= 64;

    // hash message + secret number
    Message_push(msg, &az[32], 32, NULL);
    crypto_hash_sha512(r, msg->bytes, msg->length);

    // Replace secret number with public key
    Bits_memcpy(msg->bytes, &keyPair[32], 32);

    // push pointMul(r) to message
    Message_shift(msg, 32, NULL);

    crypto_hash_sha512(hram, msg->bytes, msg->length);
    sc_muladd(&msg->bytes[32], hram, az, r);

The Sign_verifyMsg() function calls a public API: crypto_sign_ed25519_open(). So I'm not sure why it was deemed necessary to use private APIs for Sign_signMsg().

@CustomDesigned in #cjdns

Request for assistance

I'm the packager for cjdns on the Fedora distribution. v20 was released June 24, 2017 on github.

Cjdns embeds a version of nacl from 2011, but until v19 that wasn't a problem. I have been packaging it with libsodium, which is actively maintained and has a compatible API with nacl. In v19, Cjdns introduced crypto/Sign.c, which calls private internal functions within nacl. Since Sign.c is only used for the new "supernode" routing scheme, I just disabled it for v19.

With v20, use of Sign.c is much more pervasive - it is not easy to disable. It seems that there is an official API in libsodium for all the things that Sign.c does, and I've taken a stab at replacing the simple ones:

diff -up ./crypto/Sign.c.sign ./crypto/Sign.c
--- ./crypto/Sign.c.sign    2017-06-24 04:39:41.000000000 -0400
+++ ./crypto/Sign.c    2017-07-20 00:29:10.076376963 -0400
@@ -13,12 +13,14 @@
  * along with this program.  If not, see <https://www.gnu.org/licenses/>.

+#include <sodium.h>
 #include "crypto/Sign.h"

-#include "node_build/dependencies/cnacl/crypto_sign/ed25519/ref10/ge.h"
-#include "node_build/dependencies/cnacl/crypto_sign/ed25519/ref10/sc.h"
-#include "crypto_hash_sha512.h"
-#include "crypto_sign_ed25519.h"
+//include "node_build/dependencies/cnacl/crypto_sign/ed25519/ref10/ge.h"
+//include "node_build/dependencies/cnacl/crypto_sign/ed25519/ref10/sc.h"
+//include "crypto_hash_sha512.h"
+//include "crypto_sign_ed25519.h"

 #if crypto_sign_ed25519_open != crypto_sign_ed25519_ref10_open
     Assert_compileTime(crypto_sign_ed25519_open == crypto_sign_ed25519_ref10_open);
@@ -30,9 +32,7 @@ void Sign_signingKeyPairFromCurve25519(u
     keypairOut[0] &= 248;
     keypairOut[31] &= 63;
     keypairOut[31] |= 64;
-    ge_p3 A;
-    ge_scalarmult_base(&A, keypairOut);
-    ge_p3_tobytes(&keypairOut[32], &A);
+    crypto_sign_ed25519_sk_to_pk(&keypairOut[32],keypairOut);

 void Sign_publicKeyFromKeyPair(uint8_t publicSigningKey[32], uint8_t keyPair[64])
@@ -93,20 +93,8 @@ int Sign_verifyMsg(uint8_t publicSigning

 int Sign_publicSigningKeyToCurve25519(uint8_t curve25519keyOut[32], uint8_t publicSigningKey[32])
-    ge_p3 A;
-    fe    x;
-    fe    one_minus_y;
-    if (ge_frombytes_negate_vartime(&A, publicSigningKey) != 0) {
-        return -1;
-    }
-    fe_1(one_minus_y);
-    fe_sub(one_minus_y, one_minus_y, A.Y);
-    fe_invert(one_minus_y, one_minus_y);
-    fe_1(x);
-    fe_add(x, x, A.Y);
-    fe_mul(x, x, one_minus_y);
-    fe_tobytes(curve25519keyOut, x);
-    return 0;
+    return crypto_sign_ed25519_pk_to_curve25519(curve25519keyOut,publicSigningKey);
+#pragma GCC diagnostic ignored "-Wpedantic"
+#endif // SUBNODE


@CustomDesigned voted Bundle dying: I don't have a garden and live in a dense city center, so if
@CustomDesigned voted Fact Update About the Empire: We are now at 3.5 degrees of separation Each
@CustomDesigned voted If you want "slow cooking in oil until spreadable" to sound as delicious as
@CustomDesigned in #politics
Re: %FPF5Cmn8c

... Money provided by the government that is (as opposed to, e.g. bitcoin for example).

@CustomDesigned in #politics
Re: %FPF5Cmn8c

I've always believed that money (which has no/little intrinsic value, as opposed to possessions/property) does in fact belong to the government.

@CustomDesigned voted hey [@dinosaur](@6ilZq3kN0F+dXFHAPjAwMm87JEb/VdB+LC9eIMW3sa0=.ed25519) I fo
@CustomDesigned voted i also learned from [@josh](@4OR/xSKbQ0WWY7QTr7szYizISldc6MqqVScqKMKfdMQ=.e
@CustomDesigned in #politics
Re: %FPF5Cmn8c

There are some roads provided by user taxes, but are they entirely funded that way?


there are not multiple parallel roads that compete.

While I normally ride a bike, I rented a car in Miami this March, and there were indeed multiple parallel roads competing in most places. Same here in the DC area. There are at least 2 parallel freeways going most places - one funded by fuel taxes via government, the other funded by toll transponders (no toll booths).

@CustomDesigned in #politics
Re: %FPF5Cmn8c

@substack said,

When socialists use the phrase "private property" they generally mean ownership of a productive asset: something that can generate returns like a factory or rents like an apartment building. These are social relations which require the enforcement of a state to operate.

That's very interesting. So personal property would not be considered Evil™ "private property"? (Maybe because it's something you could potentially defend yourself with a weapon and skills?)

The phrase "every man under his own vine and fig tree" is also used in a Jewish prophecy with a more community oriented twist.

So the things that make private property evil are:

1) centralized (accumulated wealth of many men's labor)
2) protected by government backed by an army

Am I on the right track?

I personally would make condition 2 a little stricter: government protection against any losses other than outright theft or vandalism (e.g. "too big to fail")

@CustomDesigned followed @emaballarin
@CustomDesigned voted « The working relationships, the religion and the life style changed quickl
@CustomDesigned in #boats
Re: %a+q/sU/nT

Traditionally, chamber pots were made from pottery (if you were poor) or ceramic. (Or dig a hole if you are on land.) The important thing for low tech toilets is that the business is disposed of outside the camp. The medieval practice of emptying chamber pots into the street (or harbor) was a key factor in the spread of the plagues that killed 90% of Europe, and then 90% of the Americas, enabling European domination.

Re: %wvBWjpjy2

You can do it from the command line as described here: %c461FCL...

That prevents your pub (not "hub") from replicating the despised persons rantings. It doesn't prevent their "friends" from continuing to do so, of course.

Personally, unless the pariah is posting huge amounts of data, or posting stuff that could get you in trouble with your government (government prosecutors typically not being technically bright enough to distinguish origination from replication, and good lawyers being expensive), I would continue to replicate them - just so you have documented proof of what a jerk they are should you need it.

You would probably like a way to exclude a list of channels and ids by default from views like "new" or "public". That way, you don't have to look at the really depraved utterances until you really need to. I don't think any clients have that feature currently. It is a simple filter, and you could maybe add it to the client you are using if you can do javascript: a UI to collect the locally censored ids and channels, and a filter for the pull stream feeding the view. Make your changes with git-ssb, and submit them as a pull request!

Re: %8o0vsW3uo

@james The whole point of an append only log is that already posted messages are immutable.

HOWEVER, that doesn't mean you can't post updates. You'll notice that ssb-git is quite "mutable" - this is accomplished by posting immutable "commits" to update previous versions. The version history is always available.

So, the "poor man's" way for ordinary posts with current clients is to post an additional message referencing the post you wish to correct, and giving the changes in some informal syntax (often a regex with replacement, since many users are programmers).

Ideally, clients will eventually support "editing" posts, posting the edits as commits, and displaying edited posts with all changes applied - but with a "history" button to show the changes.

But even after all that is done, everyone will still be able to see and reference your original embarrassing post if they want to! If it's that bad, you might have to kill your identity and start over - but even that won't delete the copies propagated to your followers.

This immutable, append only feature makes SSB a potential basis for legal contracts.

@CustomDesigned voted Edging back into the workshop, now spring is coming, after a long break. Ti
@CustomDesigned in #patchfoo
Re: %d+vQrG2yk

Well, I "fixed" it by symlinking ~/.ssb/node_modules/ssb-backlinks to ~/src/scuttlebot/node_modules (the running copy of scuttlebot). It does not load the ssb-backlinks plugin from ~/.ssb/node_modules.

So now the mentions tab works.

@CustomDesigned subscribed to channel #ipfs
@CustomDesigned followed @Aleksandr
@CustomDesigned voted Let me take this opportunity to recommend *Orality and Literacy* by Walter
@CustomDesigned voted I've been (very slowly) working on a project to make IPFS pins a bit more u
@CustomDesigned subscribed to channel #libertarianism
@CustomDesigned in #politics
Re: %24ahNyZ/+

A sparknotes summary (I didn't feel like typing in the passage) of the description of Camazotz in "A Wrinkle in Time" by Madeleine L'Engle paints a decent enough summary of what "equality" brings to the mind of those of more libertarian persuasion:

In Camazotz, every house is the exact same size, shape, and color. In front of each house, children bounce balls and skip rope in a synchronized rhythm that seems to govern the whole town. One boy drops his ball and when the children knock on the door to return it to the mother, she is horrified by this "Aberration." The children are then confronted by a paper delivery boy on a bicycle, who asks them what they are doing out of doors. He informs them that they live in the most oriented city on the planet, governed by IT in the CENTRAL Central Intelligence. When the boy rides off, Charles Wallace notes that he seems to talk as though the words were not his own. Charles concentrates very hard to try to listen to the thoughts of these people, to figure out who they are, but all he hears is a steady pulsing.

"Equality" is a very overloaded word in English. It needs lots of supporting words to convey the right meaning.

Notice that in the summary (and in the original work), "central" is repeated. #decentralization is one key to preventing this sort of result.

@CustomDesigned in #scuttlebot
Re: %dii5RjWZg

Looks like there is authorization of some description. After opening port 8989 and using a modern invite, #minbay gets a permission error clicking the publc button:

Error: method:createLogStream is not on whitelist
    at Function.perms.pre (/home/stuart/src/scuttlebot/node_modules/muxrpc/permissions.js:88:14)
    at Object.<anonymous> (/home/stuart/src/scuttlebot/node_modules/muxrpc/local-api.js:35:21)
    at PacketStreamSubstream.stream.read (/home/stuart/src/scuttlebot/node_modules/muxrpc/stream.js:67:23)
    at PacketStream._onstream (/home/stuart/src/scuttlebot/node_modules/packet-stream/index.js:230:11)
    at PacketStream.write (/home/stuart/src/scuttlebot/node_modules/packet-stream/index.js:135:41)
    at /home/stuart/src/scuttlebot/node_modules/muxrpc/pull-weird.js:56:15
    at /home/stuart/src/scuttlebot/node_modules/pull-stream/sinks/drain.js:24:37
    at /home/stuart/src/scuttlebot/node_modules/pull-goodbye/node_modules/pull-stream/throughs/filter.js:17:11
    at Object.cb (/home/stuart/src/scuttlebot/node_modules/packet-stream-codec/index.js:111:11)
    at drain (/home/stuart/src/scuttlebot/node_modules/pull-reader/index.js:39:14)
@CustomDesigned in #scuttlebot
Re: %dii5RjWZg

One more newbie question: what are the security implications of opening port 8989 to the world? For instance, does that let random internet entities make web socket connections to arbitrary ips and ports? Is there some sort of authorization? (e.g. listing ssb ids allowed to use web sockets would be sweet)

@CustomDesigned in #patchwork
Re: %24ahNyZ/+

People want voice and pictures.

However, words are much more portable between cultures. Images and sounds cause very different reactions. Thinks of how differently people react to music. (Kids these days! Painful ambient industrial noise is easier to listen to than what they call "music"!)

The meaning of words is adjusted (more, or sometimes less, accurately) to match the culture of the hearer. It's like those stories where the protagonist is magically translated into another realm. Some part of your brain is asking, "Wait a minute, how can their body still function when the laws of physics are different? How can they speak the language? How can ..." - but disbelief is suspended because, after all, that is how words work.

In the same vein, it is a good idea to keep in mind that your words may be evoking very different images in the mind of hearer. For instance, some on ssb might be shocked if they could see how "equality" is pictured by those who disagree with them politically (hint - it doesn't look anything like "diversity" or "freedom"). So it is helpful to paint a word picture to flesh out your vision - and not depend on a single word getting accurately translated to other cultures.

Most people in modern western culture are unaware of the extent to which their perception is an abstraction molded by culture from the underlying raw sense data (mostly millions of channels of pulse coded frequency modulation) - and not "reality" (currently modeled by physicist as quantum wave equations representing "particles"). Your high school physics teacher is hinting at this when he says, "you and the chair you are sitting on are mostly empty space".

A difficult (I had to read it 3 times to really get a handle on the thesis), but rewarding book on this subject is "Saving the Appearances - a Study in Idolatry" by Owen Barfield. The "idolatry" in the subtitle refers to the modern tendency to enshrine perception as "the real world" (as well as to more ancient versions).

@CustomDesigned voted [@howard klein](@A5FqepWjS76C4Hw9idZUyW0T6QgJOjsbQHlIP0A4yu8=.ed25519) this
@CustomDesigned voted [@Dominic](@EMovhfIrFk4NihAKnRNhrfRaqIhBv1Wj8pTxJNgvCCY=.ed25519) I was act
@CustomDesigned in #home-ownership
Re: %vt6olvLlS

I am a mass of conflicting concerns, perhaps not the best to ask for a decision. Ideally, you want pasteurized, but not homogenized, and not more than a day or two old milk. But that raises an interesting question: if you culture grocery milk with decayed lactose, are the microbes able to digest the degalactose and render it harmless to humans? "All" we need to test it is a cheap and rapid test for degalactose…

All things considered, I would go for non-homogenized store milk (hoping the kefir bugs do digest the degalactose), followed by homogenized low-fat store milk (reducing the oxidized buttermilk). I currently buy grocery kefir, which is typically made from pasteurized low-fat milk. I tell myself they get the milk fresher as a whole sale buyer.

@CustomDesigned in #patchfoo
Re: %d+vQrG2yk

Running patchfoo with npm start while sbot server is already running.

So inotify just tells me the scuttlebot/*.js files under patchfoo were read. But you assure me that it doesn't actually run the server code.

Maybe I need to install the ssb-backlinks plugins in the extra copy of scuttlebot? Why does node need so many copies of the same code? Maybe I have to install both scuttlebot and patchfoo under the same directory? Currently, they are separate, since they each have their own git repos. Note, I am new to node.

@CustomDesigned in #patchfoo

ssb-party is up to date. Digging a little deeper, I see that npm installed yet another copy of scuttlebot in patchfoo/node-modules. inotify reveals that patchfoo seems to be using that copy instead of the sbot I am already running. The version under patchfoo does not have ssb-backlinks.
So, with two copies of sbot running, and apparently using the same ~/.ssb, isn't that going to corrupt something?

@CustomDesigned in #cybernomad
Re: %hdssMnvfJ

Fairfax, Virginia

Fairfax County has a wetlands program to create marshy parks, and put paved trails through them. Surprisingly, mosquitoes are less troublesome with open water, because you get dragonflies to eat them during the day (night is another matter - stay away from the marsh at night). When I see those shiny metallic knitting needles darting about in the air, I know I can sit down and work while they keep the blood suckers running for their lives.

@CustomDesigned voted The Air Force and the “Ideal Girl” made real for me the otherwise just anal
@CustomDesigned voted Found objects in Forest: ![typewriter.JPG](&XyDBB8IHyL+4xvnztAd2J03VnruDuY
@CustomDesigned voted this looks promising!!! https://ponzico.win/
@CustomDesigned in #growingfood
Re: %lqgJ1j1VR

Cutting back on meat in industrialized countries would let 9 tenths of farmland go back to the wild (my understanding is that meat production uses 10 times the cropland of equivalent plant products) - and improve health in the bargain. (Temperate zone peoples need less than 5% of calories from animal products. Tropical zones less, arctic zones more. As animal product consumption increases from 5% to 40% of calories for temperate zone peoples, risk of both cancer and heart disease quadruples.)

@CustomDesigned voted Food. How you gonna 3d print food? I know, they got food synthesizers now:
@CustomDesigned voted Honestly I'm really tired of seeing people say variations of this (adlibing
@CustomDesigned voted [@CustomDesigned](@iOyfRmje5LFAErH7M3faTLNMQUTXCnjECbLtniVJ478=.ed25519) Fr
@CustomDesigned in #patchfoo
Re: %kzr4TIwwR

@cel Yes, ssb-backlinks is true in ~/.ssb/config

$ sbot manifest
  "auth": "async",
  "address": "sync",
  "manifest": "sync",
  "get": "async",
  "createFeedStream": "source",
  "createLogStream": "source",
  "messagesByType": "source",
  "createHistoryStream": "source",
  "createUserStream": "source",
  "links": "source",
  "relatedMessages": "async",
  "add": "async",
  "publish": "async",
  "getAddress": "sync",
  "getLatest": "async",
  "latest": "source",
  "latestSequence": "async",
  "whoami": "sync",
  "progress": "sync",
  "status": "sync",
  "getVectorClock": "async",
  "seq": "async",
  "usage": "sync",
  "clock": "async",
  "plugins": {
    "install": "source",
    "uninstall": "source",
    "enable": "async",
    "disable": "async"
  "gossip": {
    "peers": "sync",
    "add": "sync",
    "remove": "sync",
    "ping": "duplex",
    "connect": "async",
    "changes": "source",
    "reconnect": "sync",
    "enable": "sync",
    "disable": "sync"
  "replicate": {
    "changes": "source",
    "upto": "source",
    "request": "sync"
  "friends": {
    "get": "async",
    "createFriendStream": "source",
    "hops": "async"
  "blobs": {
    "get": "source",
    "getSlice": "source",
    "add": "sink",
    "rm": "async",
    "ls": "source",
    "has": "async",
    "size": "async",
    "meta": "async",
    "want": "async",
    "push": "async",
    "changes": "source",
    "createWants": "source"
  "invite": {
    "create": "async",
    "accept": "async",
    "use": "async"
  "private": {
    "publish": "async",
    "unbox": "sync"
  "query": {
    "read": "source"
  "links2": {
    "read": "source"
  "ws": {
    "getAddress": "sync"
  "backlinks": {
    "read": "source"
  "about": {
    "stream": "source",
    "get": "async"
  "fulltext": {
    "search": "source"
  "contacts": {
    "stream": "source",
    "get": "async"
@CustomDesigned in #loopdrop
Re: %eTxQM0H7J

Technical problem: video uses a legally encumbered encoding (looks like h264) - meaning I have to go find codecs from repos in Scandinavia, or else borrow a device locked down by "centralized capitalists" (probably a Chromebook as the lesser of available evils). I actually don't feel like doing that atm, so I can't watch your video!

@CustomDesigned in #ssbc
Re: %u4YBs7lDy

IPFS is trying to replace http, not facebook or twitter. Dog fooding would mean their shiny web site is on ipfs - with an http gateway.

.... makes a note to see if that is the case - tomorrow

@CustomDesigned in #politics
Re: %FPF5Cmn8c

@substack said:

I don't see why it matters getting "taxed twice". It's just two different sources of revenue for the state.

Not getting taxed twice, taxed once via fuel tax, then paying the private company (not the state) for the use of their roads (which are not state roads). There are no tool booths on the private roads, the transponders are read as you drive by.

fuel taxes have the additional benefit of discouraging consumption of fossil fuels.

They have the opposite effect, by making it illegal to get any financial benefit from using (readily available, especially diesel which can be made in your garage) bio-fuels. The fuel tax enforcement serves as government protection for the giant oil corporations. Even the process of paying the tax on your homemade fuel is onerous and expensive. Practitioners are left with less tangible benefits like "this is so cool" and "my exhaust smells like fried food!"

The only benefit of the fuel tax is that it was a fair way to pay for use of roads when tool booths where the only alternative.

@CustomDesigned in #mesh-networking
Re: %rUCyohL35

@lostfile Do you need any #cjdns peers? I have SEA, ATL, DFW, NYC, WAS, PARIS

I've embarked on a similar project (with additional emphasis on restoring communications after an EMP event), and have the same problem. So far, @Adam is the only one who succeeded in getting on ssb, and he isn't actually using it.

I also want to push local mesh using Batman-adv protocol (and #cjdns would run on top of that), as batman bridges any kind of layer 2 network very elegantly. Cjdns is more of a global mesh, and doesn't support broadcast for instance.

I decided that applications have to drive adoption, and besides ssb, the big killer app (protocol) is SIP. With a SIP client (that supports IP6), your cjdns IP is a "phone number" allowing direct voice and calls (and text) with no provider or registration.

@CustomDesigned in #politics
Re: %FPF5Cmn8c

@Dominic I wouldn't consider roads the best example of a problem that "must be solved collectively". What made roads work well with government was that until recently the most efficient way to pay for them based on usage was a fuel tax (toll booths being a huge pain in the rear). If you ride your bike everywhere, you pay zero tax to support roads. Trucks are generally made to pay more via "weigh stations" - since their weight causes more damage to the roads than is reflected in their fuel consumption.

However, modern tech has produced automated toll transponders. An increasing number of roads in American cities are now privately built and maintained - but there are no tool booths. (And no problematic transfers of tax revenue to corporations. There is the issue of eminent domain, however.) Tolls are collected as you pass transponders, and you end up paying for miles traveled. If you don't have a transponder, a camera records your license plate instead, and you pay the same toll - plus $12 for some person to type your license number into a computer from the photo.

The only drawback to the new system (once you get a transponder), is that you are paying for the private roads twice: once in tolls, and again in the fuel tax. For the time being, people are willing to pay twice when the toll roads are less crowded than the public roads. This sort of thing is unavoidable in a transition. The government still provides police and emergency services on the private roads - but those aren't paid for from the fuel tax.

This situation raises an interesting legal and ethical question. If I drive my vehicle exclusively on private roads, can I use homemade biofuel and not pay the fuel tax on it?

@CustomDesigned voted Interesting read on entrepreneurial endeavors: https://hbr.org/2017/06/is-a
@CustomDesigned voted [![snowden-may.jpg](&R9ux2rKhrHAk0sLT9HhrpHwqC1q92ZItihKpg4mAg0I=.sha256)](
@CustomDesigned in #politics
Re: %FPF5Cmn8c

I've noticed that a lot of the developers for decentralized software say they are "anti-capitalism". But if you look closely, they are anti centralized capitalism, and are also against centralized government, including centralized communism. They are not on board with Soviet Union style communism, and would like an independent commune in New Hampshire instead. They are against giant corporations supported by government enforced monopolies and subsidies - which they call "capitalism" (and I would call "fascism").

One important question to ask is whether they support some form of private property. Clearly, they support voluntary communal property, but they also would not be happy if some other group came along and "borrowed" their group's stuff without asking. There is this "occupy wallstreet" movement in the US that is anti centralized capitalism, but could also be described as "anarcho-communists". Their idea is that you should feel free to borrow things without asking if you "really need" it, and reject the notion of property at any level. I can appreciate the anti-elite sentiment, but you can't make progress on a (individual or group) project if some Occupy Wallstreet type keeps "borrowing" your tools and supplies.

In short, I find the traditional labels less than useful. I want to know whether someone wants to force me into their program at gunpoint (whether that be through a centralized government running the economy, or a centralized corporation running the economy). And I need to know what their notions of property are. (And it's not just for or against: many native American tribes had a notion of personal property, your knife and moccasins - but land was considered common property of the tribe.)

To accomplish anything, you need commons. And you need property. You need community, and you need freedom and autonomy (i.e. the freedom to leave or change communities).

@CustomDesigned in #cats

Meet Casey. She is a feral cat with social skills, and the smarts to put them to use in recruiting life partners. This isn't all she does. She kills mice that try to live under the raised floor in the garage, and she kills house sparrows (an invasive species in the US*). She killed a baby cardinal once - but we don't talk about that. She also kills rabbits that attempt to raid our garden. All in all, she earns her keep.


[*] Concern over birds killed by house cats is misplaced. House cats kill small birds. Endangered birds are generally larger (e.g. pileated woodpecker in my area). Small birds are much more numerous, and often invasive.

@CustomDesigned voted From what I'm reading, there are several advantages to using IPFS over torr
@CustomDesigned voted [@CustomDesigned](@iOyfRmje5LFAErH7M3faTLNMQUTXCnjECbLtniVJ478=.ed25519) th
@CustomDesigned voted Marvellous, thanks for the answers on living foods folks; I'm pleased to re
@CustomDesigned voted I think the workflow is not as good. I like `ipfs add` because it connects
@CustomDesigned in #lolashare
Re: %8fgGKzLlG

Also, if IPFS gets a lot of usage, there will be a need for commercial seeding services - which work very much like current CDN services, but without the DNS perversion. You pay someone to keep the files you designate available on their hosts (which would be geographically distributed).

@CustomDesigned voted IPFS has one scalability problem - when you replicate an file, it adds a pe
@CustomDesigned in #cybernomad

This was my office on Thursday.

@CustomDesigned in #home-ownership
Re: %vt6olvLlS

Fermented foods are also considered "living", because the micro-organisms are alive. Gut bacteria are a survival necessity for humans, and every culture has a traditional fermented food to provide pro-biotics. From fermented milk (yogurt, kefir, buttermilk), to fermented raw fish (vikings), fermented cabbage (kimshi,sauerkraut), fermented beets (kava), etc.

Oxidation of oils is a big contributor to artery disease. Oils in raw nuts are locked in a (very slowly) living matrix that resists oxidation for decades - or in some cases millenia. Once the oil is extracted into a liquid - polyunsaturated oils oxidize very rapidly. Either avoid them bottled, or make sure they have vit E added to retard oxidation. Monounsaturated oils like sesame and olive last longer, and saturated oils last the longest. (Lard for the over-wintering win!)

Milk presents special problems. Homogenized milk increases the surface area ratio of the butterfat droplets - greatly increasing the rate of oxidation. Avoid homogenized milk. Furthermore, lactose is unstable, splitting into glucose + galactose over time (days). The galactose is unstable when not paired with glucose, and spontaneously decays into degalactose - which is actively toxic to your arteries. This has been duplicated in a mouse model - which is how the biochemistry was worked out, and is why drinking (grocery store) milk regularly doubles the risk of heart disease compared to those who don't.

On the other hand, lactic acid is quite stable. Hence fermented milk products where most of the lactose has been digested do not have this problem. The studies mentioned above also followed yogurt, buttermilk, and kefir - drinking those actually reduce risk of heart disease.

Back to "living foods" - drink your milk fresh from the goat (or cow) - or else get it fermented ("living" in another way). Avoid homogenization.

@CustomDesigned in #home-ownership
Re: %vt6olvLlS

"Living foods" means still alive. As in a whole raw apple (or kiwi for you NZ people). There is less need for refrigeration with living food, because while your raw apple will eventually spoil,

  1. It take a while
  2. It is self evident when it does spoil

When you cook the apple, now it spoils quickly without refrigeration (unless you dump in a lot of sugar as a preservative, aka jam/jelly). Worse, the spoilage can be invisible, and more toxic (e.g. botulism).

Preserving food can be a necessity to survive a winter, but you pay a cost in lost nutrition (hence the hunger for "spring greens" after a long winter). With living food, you eat what you need. It has "brakes" when you've had enough, unlike chips or other preserved food (where it is recommended to pre-measure a portion, as the lack of "brakes" can make you regret eating so much). In developed countries, we tend to cook more food than we need, stuff ourselves, then when we can't hold anymore, put the left over in the fridge (to snack on later, or get thrown out later after spoilage eventually becomes obvious - because people are afraid to eat it in the mean time). If you are going to cook your food, cook only what you need.

There are people that like to "cook ahead" and put it in the freezer to have convenient meals. This works because

  1. it is pre-measured
  2. it doesn't spoil when kept at 0°F - frozen mammoth meat is still edible

Nevertheless, eating a raw apple/orange/kiwi is just as convenient. Dried grains can add more calories for the physically active and cook very quickly. Oatmeal/corn/wheat/buckwheat "groats" take only a minute.

In summary, I keep some fresh frozen food (fruits and veggies), dried grains and nuts, but very little in the fridge (chilled water is nice). Everything is eaten raw, or cooked to order. No leftovers.

If you do meat/fish, keep it frozen and cook to order (cooking is needed for meat/fish to kill parasites - no, I don't trust sushi or the "carefully inspected" raw pork they serve in Germany).

@CustomDesigned in #new-people
Re: %EoSdKHZ1D


I just saw a nice video about the human era calendar, not based more upon the birth of a single guy, but instead on the history of whole humanity...

Ummm, that is still based on the birthday of a single guy. Call him @Adam or him/her "Human 0", same concept. The Jewish calendar is also a "human era calendar" - the only difference is in the dating of "Adam". The dates are of similar magnitude, 5777 vs 12017. Nearly all world civilizations have history and/or legend giving the start of civilization around 6000 years ago.

My computation give the current year since Adam as 6021. That is based on Biblical data collected in the attached blob (if I did it right), plus history giving the founding of Carthage as 155 years after Hiram of Tyre, which was 12 years before Solomon's temple, The usual Western date for the founding of mainland Carthage is 814 BC (the island fortress being 825). The attached data give Solomon's temple as 3048 years since Adam.

One of these days, I'll investigate why the Jewish calendar gets a different number of years since Adam than I (and others) do. They put the exodus from Egypt at 1313 BC - 135 years later (and our anchor date to BC is Carthage, which could be off). That still doesn't get us to 5777 for 2017, however.

@CustomDesigned voted Hello all, giving this a try, having heard about it from Mastodon. If I wa
@CustomDesigned subscribed to channel #minbay
@CustomDesigned in #patchfoo
Re: %kzr4TIwwR

Next problem, the /mentions tab fails with:

Error: Viewing mentions requires the ssb-backlinks plugin
    at App.streamMentions (/home/stuart/src/patchfoo/lib/app.js:525:47)
    at Serve.mentions (/home/stuart/src/patchfoo/lib/serve.js:447:18)
    at Serve.path (/home/stuart/src/patchfoo/lib/serve.js:299:35)
    at Serve.handle (/home/stuart/src/patchfoo/lib/serve.js:258:26)
    at next (/home/stuart/src/patchfoo/lib/serve.js:165:12)
    at gotData (/home/stuart/src/patchfoo/lib/serve.js:150:10)
    at Serve.go (/home/stuart/src/patchfoo/lib/serve.js:139:5)
    at Server.<anonymous> (/home/stuart/src/patchfoo/lib/app.js:52:31)
    at emitTwo (events.js:106:13)
    at Server.emit (events.js:191:7)

Seems clear - but I do in fact have ssb-backlinks plugin installed in sbot! Does it also need to be installed in patchfoo somehow?

@CustomDesigned in #patchfoo
Re: %kzr4TIwwR

Here is my kludge to make links work:

index e9d4889..8b022a8 100644
--- a/lib/render.js
+++ b/lib/render.js
@@ -190,7 +190,7 @@ Render.prototype.toUrl = function (href) {
   switch (href[0]) {
     case '%':
       if (!u.isRef(href)) return false
-      return this.opts.base + encodeURIComponent(href)
+      return this.opts.base + encodeURIComponent(href).replace("%2F","/")
     case '@':
       if (!u.isRef(href)) return false
       return this.opts.base + href

Such a relief! How I don't have to edit the url every time I click a link!

@CustomDesigned in #minbay
Re: %dii5RjWZg

I must be dense. I can't figure out how to turn an invite from my pub into something minbay can use. Maybe the thing that is supposed to be listening on 3013 is needed for websockets? But your example doesn't use 3013. Should I open 8989 to the world? Currently only 8008 is open to the world on my pub.

As I understand it, js in the browser cannot connect to the network. So you need websockets so it can use Ajax to proxy connections through the server the served the page. Hence, I do need something running on 3013 to provide websockets after serving index.html.

@CustomDesigned in #minbay
Re: %dii5RjWZg

The README says to run sbot with --allowPrivate. What does that do?

@CustomDesigned in #minbay
Re: %dii5RjWZg

If I import my key from sbot server, is it safe to run both patchfoo and minbay (without forking my feed)? Or do I need to be careful to stop patchfoo before playing with minbay? Why does minbay seem to work when I'm not running the thing that listens on 3013 as talked about in README.md ?

@CustomDesigned in #minbay
Re: %dii5RjWZg

So I copied index.html, minbay.css, minbay.png to /var/www/html/minbay and browsed it from another system (with just my regular sbot running in the background and nothing running for minbay on the sbot machine) — it seems to work! So, it has a fresh key. Where is that key stored? My browser doesn't indicate anything used for offline storage. Is it supposed to work this way? Should I go ahead and get a regular invite from my pub? How do a get a private invite? (And what exactly is the difference?)