hiro:
this is not about just whether something has TLS support, this is
about giving the user choices.
If you can't speak TLS, then use gopher instead of HTTP. I hear HTTPS
sucks, too.
--
ilf
Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
-- Eine In
this is not about just whether something has TLS support, this is
about giving the user choices. And the shitty TLS standard, TLS
implementations and browser interfaces are not giving people anything
remotely useful.
As I said before (and I'm repeating for everybody else, since your
dyslexia might
Paul Menzel:
I understood it the way, that there might be programs not being able
to deal with TLS.
The first version of SSL/TLS became a standard in 1999. TLS 1.2 is from
2008, over nine years ago: https://tools.ietf.org/html/rfc5246
Any software that can't deal with TLS is IMHO broken - an
no, please don't contribute to suckless, your code will suck like usual.
Another funny little detail: You want elitism and require all users to
change/write/contribute C code, but then you think they are too dumb
to realize that they shouldn't 100% trust a http connection?
You think somebody at this level is too dumb to just type the https in
front if they really care a
> Clients who do not wish to connect via HTTPS but HTTP can just ignore
> the STS-header, but browsers who can could expose a configuration
> setting for the user to determine how to behave when being confronted
> with a HSTS-header in an HTTP-context.
>
> This would completely rid us from the need
> These are 2 different issues and HTTP redirection is optional.
Something being optional does not prevent it from having net negative effect.
> Renewing certificates is much easier with LetsEncrypt. All subdomains of
> suckless are known. There are too many subdomains though imho.
Nobody can re
Hi fao_,
> what is suckless' general opinion of GNU Stow. [...] I am asking your
> opinions on the general concept and how it has been implemented.
> Specifically, the idea of installing under a 'package' directory, and
> symlinking from there to the proper install location.
As with many here, I
what makes you think the complexity of trying to replace symlinks with
something slightly less sucky is worth the gain?
is it all just about perceived cleanliness or is there also a
practical advantage?
tinycorelinux packages are "extreme"? why?
On 8/31/17, Anselm R Garbe wrote:
> On 31 August
On Thu, Aug 31, 2017 at 04:15:33PM +0200, Anselm R Garbe wrote:
> On 31 August 2017 at 15:36, Hiltjo Posthuma wrote:
> > On Thu, Aug 31, 2017 at 03:07:11PM +0200, Anselm R Garbe wrote:
> >> well ;)), but I'm also a sceptic of HSTS.
> >
> > Can you explain why you are a sceptic of HSTS?
>
> I'm sc
> I think you mean "I am really glad".
No, you're wrong.
> It sounds like you want to have a discussion about how to do things
> constructively.
Not really, I just do things, discussions are what you do and this is
certainly not constructive, as we can see here.
> Are you sure you would have an
On 2017-08-31 09:19, Thomas Levine wrote:
> it would be acceptable to have something like cp -R that differed
> only in that it made hard links instead of copies
This sentence stood out to me because cp already does that with
the -l switch.
On 31 August 2017 at 15:36, Hiltjo Posthuma wrote:
> On Thu, Aug 31, 2017 at 03:07:11PM +0200, Anselm R Garbe wrote:
>> well ;)), but I'm also a sceptic of HSTS.
>
> Can you explain why you are a sceptic of HSTS?
I'm sceptic of using HSTS on suckless.org. I think it is superfluous.
I really pref
On Thu, 31 Aug 2017 15:36:03 +0200
Hiltjo Posthuma wrote:
Dear Hiltjo,
> There is no issue (anymore) because I fixed the main template.
> An example is the logo.svg had a direct http:// link. This gives a
> "mixed content" warning in your browser. A MITM can abuse plain-text
> traffic, this is n
On Thu, Aug 31, 2017 at 03:07:11PM +0200, Anselm R Garbe wrote:
> On 31 August 2017 at 14:45, hiro <23h...@gmail.com> wrote:
> > Now we have something much worse: letsencrypt and this completely
> > insecure http redirection snake-oil.
> >
> > With letsencrypt you now have to put extra work (can't
On Thu, Aug 31, 2017 at 02:45:03PM +0200, hiro wrote:
> > I agree or just a simple HTTPs browser bookmark. I think thats better on
> > many
> > levels, for example otherwise someone can also spoof a plain HTTP redirect.
>
> Browser distributors had the chance to implement something like this,
> pl
On 2017-08-31 8:19 am, Thomas Levine wrote:
Having trouble installing rcm on some computers, I came up with the
following alternative a couple weeks ago. I have been pleased.
https://thomaslevine.com/scm/lntree/
https://thomaslevine.com/scm/lntree/uv/lntree-0.1.tar.gz
Here is an example of where
> We are really glad to know you've been entertained.
I think you mean "I am really glad".
> this would have been more constructive to address directly Thomas to ask
> about his needs if you're interested at all in this discussion.
It sounds like you want to have a discussion about how to do th
On 31 August 2017 at 14:45, hiro <23h...@gmail.com> wrote:
> Now we have something much worse: letsencrypt and this completely
> insecure http redirection snake-oil.
>
> With letsencrypt you now have to put extra work (can't keep track of
> all the individual subdomains either, wildcards are sudden
> I agree or just a simple HTTPs browser bookmark. I think thats better on
> many
> levels, for example otherwise someone can also spoof a plain HTTP redirect.
Browser distributors had the chance to implement something like this,
plus client side certificate pinning, but they fucked it up.
Now we
> Unlike the OP's four paragraph feature request against software which
> suckless obviously doesn't offer, I have at least found isabella's
> content entertaining and concise.
We are really glad to know you've been entertained.
> While I'm sure it was kind of you to step in to defend your bro, I
> Some privacy-settings clean all states on exit, including cookes and
> HSTS.
You have to make a trade-off here anyway. You can't have perfection at no costs.
And if Eve controls the path between Adam and suckless it simply won't
allow a redirection to https.
There's no significant added securit
On Thu, Aug 31, 2017 at 11:42:51AM +0200, Paul Menzel wrote:
> Dear suckless folks,
>
>
> On 08/31/17 11:36, ilf wrote:
> > Hiltjo Posthuma:
> > > I'm not a fan of automatic http to HTTPs redirects. It would break
> > > support for some text-based clients or some simple scripts as an
> > > exampl
> Can you tell which clients and scripts break and how?
Any client.
Ciphers keep on changing, and whenever you use an older SSL
implementation anywhere, even if you specifically don't need the level
of security you nerds have declared necessary, there might be no way
to access the content at all.
On 31 August 2017 at 09:33, hiro <23h...@gmail.com> wrote:
> The reason symlinks are still being used is that unions on linux are
> an even bigger, unstable piece of shit. The tinycorelinux people tried
> them out for their package system and had to give up and use the
> "hack" instead.
See my oth
> Thanks for all the work!
Same, please keep it up.
> i thought this was a mailing list for hackers?
hahahahahahahaha
> i judge people by their ability to perform basic tasks
define basic.
> i'm fairly confident my grandma could do it too
> maybe she can teach you for a small fee
i'm glad she taught you these very important life skills. i'm sure it
will come in handy when you can install an arschlinux for some
desperate hooker in return for food and LTE traffic.
finally somebody with a legit software requirement! nobody cares about
a nerd's imagined answers to imagined problems.
thanks kamil, it was about time somebody contributed something of
actual value on this list. :)
Background: a close friend is doing subtitling for $, usually for local
film festivals. One festival often means dozens of movies to be
translated and subtitled. Most people doing this are freelance
translators with limited technical background.
> ffplay prints the playback time in centisecond pre
As Felix pointed out (and I had not previously realized), the subtitles
depend mostly on the audio, and the video can largely be ignored.
I thus think it has relatively little to do with blind.
I had looked at mpv and came upon the annoyingly close but still
unhelpful watch-later feature. I consid
> Like trolling on mailing lists, thank you.
Unlike the OP's four paragraph feature request against software which
suckless obviously doesn't offer, I have at least found isabella's content
entertaining and concise.
While I'm sure it was kind of you to step in to defend your bro, I would
have pre
On Thu, Aug 31, 2017 at 08:04:26AM +, Thomas Levine wrote:
> I want to write some subtitles for some videos. I found several subtitle
> editors through web searches, and their documentation doesn't make them
> look very good. What's more, I haven't managed to install any of them
> properly, whi
On 8/31/17, Quentin Rameau wrote:
>> i judge people by their ability to perform basic tasks
>
> Like trolling on mailing lists, thank you.
>
>
https://asciinema.org/a/uxviYMKZbD1FJ2ftRKUo5lVj8
i thought this was a mailing list for hackers?
am i the troll or the guy that can't do this?
On Thu, 31 Aug 2017 11:34:00 +0200
Quentin Rameau wrote:
> Hi Mattias
>
> > I tried it out, it sucked donkey balls; i'd rather just use
> > ffplay and a text editor; the video playback didn't even work
> > for me.
>
> Isn't this something that could be done with blind?
> I wonder if this woul
> i judge people by their ability to perform basic tasks
Like trolling on mailing lists, thank you.
On 8/31/17, Quentin Rameau wrote:
>> 99% of the fansubbers use aegisub
>> they're teens and they all managed to install it properly
>> i'm fairly confident my grandma could do it too
>> maybe she can teach you for a small fee
>
> We're glad to know you judge the quality of a software by its abilit
Dear suckless folks,
On 08/31/17 11:36, ilf wrote:
Hiltjo Posthuma:
I'm not a fan of automatic http to HTTPs redirects. It would break
support for some text-based clients or some simple scripts as an example.
I'm a huge fan of these redirects. A simple 301 Moved Permanently has
been part of
Hiltjo Posthuma:
I'm not a fan of automatic http to HTTPs redirects. It would break
support for some text-based clients or some simple scripts as an
example.
I'm a huge fan of these redirects. A simple 301 Moved Permanently has
been part of RFC 2616 sinde 1999 and anything not able to handle
Hi Mattias
> I tried it out, it sucked donkey balls; i'd rather just use
> ffplay and a text editor; the video playback didn't even work
> for me.
Isn't this something that could be done with blind?
I wonder if this would be within its goal scope.
On Thu, 31 Aug 2017 11:25:21 +0200
Quentin Rameau wrote:
> > 99% of the fansubbers use aegisub
> > they're teens and they all managed to install it properly
> > i'm fairly confident my grandma could do it too
> > maybe she can teach you for a small fee
>
> We're glad to know you judge the qual
> 99% of the fansubbers use aegisub
> they're teens and they all managed to install it properly
> i'm fairly confident my grandma could do it too
> maybe she can teach you for a small fee
We're glad to know you judge the quality of a software by its ability
te be easily installed only.
On Thu, Aug 31, 2017 at 10:17:48AM +0200, Anselm R Garbe wrote:
> Hi Hiltjo,
>
> On 30 August 2017 at 23:06, Hiltjo Posthuma wrote:
> > suckless.org now supports TLS using LetsEncrypt. Cloning git repos over
> > HTTPS
> > works now. Some links on the page have been changed to allow both HTTP and
yOn Thu, Aug 31, 2017 at 10:02:43AM +0200, ilf wrote:
> Hiltjo Posthuma:
> > suckless.org now supports TLS using LetsEncrypt.
>
> Awesome, thanks a lot!
>
> Any chance to implement permanent redirects from http to https?
>
> --
> ilf
>
> Über 80 Millionen Deutsche benutzen keine Konsole. Klick
On 8/31/17, Thomas Levine <_...@thomaslevine.com> wrote:
> I want to write some subtitles for some videos. I found several subtitle
> editors through web searches, and their documentation doesn't make them
> look very good. What's more, I haven't managed to install any of them
> properly, which is
On Thu, 31 Aug 2017 08:04:26 +
Thomas Levine <_...@thomaslevine.com> wrote:
> I want to write some subtitles for some videos. I found several subtitle
> editors through web searches, and their documentation doesn't make them
> look very good. What's more, I haven't managed to install any of th
Hi
Quoting Thomas Levine (2017-08-31 10:04:26)
> Or, does anyone have other recommendations about the editing of
> subtitles?
I haven't editted a lot of subtitles, but for sound synchronization, a
waveform is extremely useful. Instead of hitting a button when you hear
something, you can just sele
Hi Hiltjo,
On 30 August 2017 at 23:06, Hiltjo Posthuma wrote:
> suckless.org now supports TLS using LetsEncrypt. Cloning git repos over HTTPS
> works now. Some links on the page have been changed to allow both HTTP and
> HTTPS.
>
> HSTS is not fully working yet. This will be fixed.
>
> The IPv6 A
I want to write some subtitles for some videos. I found several subtitle
editors through web searches, and their documentation doesn't make them
look very good. What's more, I haven't managed to install any of them
properly, which is both inconvenient and further indicative of suck.
I think that m
Hiltjo Posthuma:
suckless.org now supports TLS using LetsEncrypt.
Awesome, thanks a lot!
Any chance to implement permanent redirects from http to https?
--
ilf
Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
-- Eine Initiative des Bundesamtes für Tast
On Wed, Aug 30, 2017 at 11:06 PM, Hiltjo Posthuma
wrote:
> suckless.org now supports TLS using LetsEncrypt. Cloning git repos over HTTPS
> works now. Some links on the page have been changed to allow both HTTP and
> HTTPS.
Thanks for all the work!
Cheers,
Silvan
> Symlinks have always been a hack due to Unix' lack of a proper
> namespaces approach. Plan 9 later fixed this by introducting a proper
> namespaces approach[1] - but even today unices (incl. Linux) have
> almost ignored the learnings of Plan 9 with some exceptions.
Yes, they are a hack, but linu
Having trouble installing rcm on some computers, I came up with the
following alternative a couple weeks ago. I have been pleased.
https://thomaslevine.com/scm/lntree/
https://thomaslevine.com/scm/lntree/uv/lntree-0.1.tar.gz
Here is an example of where I have used it to compose configurations.
htt
54 matches
Mail list logo
