Aaron Parecki

Aaron Parecki https://aaronparecki.com/ • Jan 28
Spent the afternoon at the city permit office researching building codes and land use review. There's a lot of parallels between building codes and software specs.

Can you imagine if there was a similar permitting process for building websites and apps?

what if companies had to get a demolition permit before they could shut down a website

Delight, Arkansas • 40°F

5 likes 2 replies

Tue, Jan 29, 2019 1:51pm -06:00
ablaze https://micro.blog/ablaze • Jan 29
@aaronpk Last time I took a call on a plane, the flight attendant interrupted me and told me I was violating FAA regulations and subject to a $25,000 fine if I didn't hang up immediately.

hah wait what. My phone was still in airplane mode, no cellular service at all. Or is this specifically about VOIP too?

Mena, Arkansas • 42°F

5 replies

Tue, Jan 29, 2019 1:46pm -06:00
Benjamin Reid https://twitter.com/benjaminreid • Jan 28
Seems the cookie banner was left out, could of been worse 🙄

It's hiding behind the google sign in popup 😛

Portland, Oregon • 47°F

2 likes

Mon, Jan 28, 2019 6:33pm -08:00
Ricky Mondello https://twitter.com/rmondello • Jan 28
You can tap and hold on the Safari Reader button to enable it for all compatible pages on a particular website. https://twitter.com/aaronpk/status/1083937393407713280

1) this crap still exists even when the website is hosted by medium but served from a custom domain, so that won't stop it everywhere

2) that's not the point

Portland, Oregon, USA • 48°F

4 likes

Mon, Jan 28, 2019 5:39pm -08:00
Ben Werdmuller https://mastodon.social/@benwerd • Jan 25
Here’s what I’ve been working on lately, as part of the Unlock team: a decentralized, permissionless protocol for creators to get paid for their work on the web. https://link.medium.com/nWzQlSj8LT

Wait why is this posted on Medium? Is that supposed to be some sort of irony?

Portland, Oregon • 40°F

1 like 1 reply

Fri, Jan 25, 2019 7:41pm -08:00
dietrich https://mastodon.social/@dietrich • Jan 25
Last day at Mozilla today.
Just a couple of weeks shy of 13 years (!?!!), I've decided to keep pushing for a free and open internet in other ways in different places.
Much ❤️ to all the amazing people I got to spend time with over the years.

😯 I hope congrats are in order! What's next?

San Francisco, California • 61°F

1 reply

Fri, Jan 25, 2019 11:14am -08:00
https://chrisbeckstrom.com/2019/01/25/33517/

That would be amazing! I'm always looking for good music libraries to use as background music in videos and podcasts.

You could try something that Kevin MacLeod does, which is to make all the music available Creative Commons attribution, and then also sell a downloadable pack of all the music for some amount. That way you'll get your name mentioned any time people use it in videos and podcasts, and if someone wants to give you some cash, they have a way to do that which also ends up being more convenient for them by having all the music already downloaded when they need it.

San Francisco, California, USA • 51°F

1 reply

Fri, Jan 25, 2019 7:12am -08:00 #music
https://2019.indieweb.org/austin

Looking forward to IndieWebCamp Austin this year!

San Francisco, California, USA • 56°F

Wed, Jan 23, 2019 7:06pm -08:00
http://tantek.com/2019/023/e1/homebrew-website-club-sf

Attending

San Francisco, California, USA • 47°F

Wed, Jan 23, 2019 8:17am -08:00
Darius Kazemi https://friend.camp/@darius • Jan 23
Tomorrow I go to San Francisco for a few days. Then home for a week. Then back to San Francisco for a week

Come to home brew website club tomorrow night! I will hopefully be there too! http://tantek.com/2019/023/e1/homebrew-website-club-sf

San Francisco, California • 57°F

1 like 1 reply

Tue, Jan 22, 2019 6:19pm -08:00
Soni L. https://cybre.space/@SoniEx2 • Jan 23
@aaronpk idea:
... don't use oauth?

... now you've got 2^128 problems

San Francisco, California • 60°F

Tue, Jan 22, 2019 4:45pm -08:00
alianora https://cybre.space/@nightpool • Jan 23
@aaronpk I agree, but there's a whole section on "HTTPS requests can be intercepted from mobile apps" that most developers will just ignore because they believe they Figured It Out

ah yeah fair point. i'll mention that when i do the video version of this :-)

San Francisco, California • 59°F

Tue, Jan 22, 2019 4:41pm -08:00
alianora https://cybre.space/@nightpool • Jan 23
@aaronpk also, your blog post doesn't immediately address the pinning case—lots of mobile apps pin their certificates now (which, again, is only as secure as far as the computing platform is .....)

that solves a completely different problem (and creates new problems), but isn't related to the challenge of how to avoid embedding secrets

San Francisco, California • 59°F

1 reply

Tue, Jan 22, 2019 4:38pm -08:00
alianora https://cybre.space/@nightpool • Jan 23
@aaronpk ....... who would ever assume this

you'd be surprised how much of web security is not immediately obvious to people

San Francisco, California • 59°F

1 reply

Tue, Jan 22, 2019 4:33pm -08:00
Fred Emmott https://twitter.com/fredemmott • Jan 14
Does anyone have an approachable article for "don't trust the client"? Best I've found is the OAuth threat model RFC (RFC 6819), but it's a bit too long to ask others to read for a quick overview :) (not work related)

I just wrote this up since I couldn't find a good answer online! https://developer.okta.com/blog/2019/01/22/oauth-api-keys-arent-safe-in-mobile-apps

Hope it helps!

San Francisco, California, USA • 69°F

1 like 1 repost

Tue, Jan 22, 2019 3:47pm -08:00
Vincent Pickering https://twitter.com/vincentlistens • Jan 22
Or Is it just that it only holds on to a fixed number of mentions?

Even though my site uses webmention.io as its endpoint, I use the web hooks to push all the responses to my site where it stores its own copy of them.

San Francisco, California, USA • 59°F

1 like

Tue, Jan 22, 2019 1:32pm -08:00
Vincent Pickering https://twitter.com/vincentlistens • Jan 22
Or Is it just that it only holds on to a fixed number of mentions?

Neither. The dashboard only shows the latest few, but that's just me being lazy and not giving you a UI to page through older ones. It stores them all forever, and I have no plans to delete old ones there.

But you're right that you should copy that data to your own site somehow!

San Francisco, California, USA • 59°F

1 like

Tue, Jan 22, 2019 1:31pm -08:00
John Kary https://twitter.com/johnkary • Jan 19
Is there an authentication provider besides “Login with Facebook” or “Login with Google” that isn’t tied to a large social network?

Basically a single place to setup a username/password and use it to login across the internet.

That's basically the idea with https://indieauth.net to let you bring you own identity and authentication mechanism when logging in to sites. There's a fair number of providers and support for it but nothing at the scale of Facebook yet.

Portland, Oregon, USA • 42°F

4 likes 1 repost

Sat, Jan 19, 2019 9:12am -08:00
RianVDM https://micro.blog/RianVDM • Jan 17
@aaronpk No, unfortunately not. I can post text-only without issues, but when I try to add a photo, this error happens.

hmm, that library is definitely supposed to support that, so try posting an issue there. I'm not sure what's going on, maybe something with a proxy before the node app?

San Jose, California • 55°F

1 reply

Thu, Jan 17, 2019 9:57am -08:00
RianVDM https://micro.blog/RianVDM • Jan 17
@aaronpk Hey Aaron, random question about Quill (hope that's ok). I use Jekyll + Github Pages + webpage-micropub-to-github to add a micropub endpoint to that. But that micropub endpoint doesn't have support for a media endpoint yet, so I can't use native photo publishing from Quill. I'm wondering if you're aware of anyone who has found a workaround for that issue? Thanks!

Quill should fall back to uploading files directly to the Micropub endpoint if it doesn't find a media endpoint. Is that not working?

San Jose, California • 55°F

3 replies

Thu, Jan 17, 2019 9:11am -08:00

older