Aaron Parecki

Scott Hanselman :verified:👸🏽🐝🌮 https://hachyderm.io/@shanselman • Mar 8
@aaronpk But OBS is free

but the premise of the question was to avoid using OBS 😇

Portland, Oregon • 42°F

Tue, Mar 7, 2023 7:04pm -08:00
Scott Hanselman :verified:👸🏽🐝🌮 https://hachyderm.io/@shanselman • Mar 8
@aaronpk ya but ATEM is expensive

$195 for the base model will do it! That's certainly a lot less than the computer cost!

Portland, Oregon • 43°F

1 reply

Tue, Mar 7, 2023 6:18pm -08:00
Johannes Ernst https://social.coop/@J12t • Mar 8
@aaronpk I am a proud owner of a beach tent which was sent to us unsolicited and unannounced in order to get a good review I believe.

well that's a thing.

It is slightly different tho because them sending you a $150 object doesn't actually cost them $150. This is an offer of straight up cash.

Portland, Oregon • 45°F

1 like

Tue, Mar 7, 2023 4:49pm -08:00
Scott Hanselman :verified:👸🏽🐝🌮 https://hachyderm.io/@shanselman • Mar 7
@netwolfuk not without obs or a virtual camera

or you can add the graphics on an external device like an ATEM Mini! No extra CPU load, your computer sees it as just a webcam.

Portland, Oregon • 47°F

1 reply

Tue, Mar 7, 2023 4:27pm -08:00
david celis :official: https://xoxo.zone/@davidcelis • Mar 7
@rabble @aaronpk i'm more curious about how you set up cross-posting tbh; the "Applications model" page in their docs has a reasonable example to create a post but i wish there was more detail about each method. i post a lot of pics and it seems like there's support for blob uploads but i can't find documentation on how to hook everything together

Yeah the docs are rough around the edges still. One tip I got was to look at the tests for examples! https://github.com/bluesky-social/atproto/tree/main/packages/pds/tests

I just did text posts for now, next step will be image uploads.

Portland, Oregon • 42°F

1 like 1 reply

Tue, Mar 7, 2023 10:23am -08:00
rabble https://mastodon.social/@rabble • Mar 7
@aaronpk where is the docs on the custom domains. I couldn’t find it in the app. Just folks talking about doing it.

There's no docs yet, but some people figured out the right API calls to run on their account outside the app. It wasn't too hard, but they're going to add a UI to the app for it soon so there's no point in writing up the workaround instructions anyway

Portland, Oregon • 35°F

1 like

Tue, Mar 7, 2023 6:48am -08:00
Brandon Trebitowski https://brandontreb.com • Mar 3

Idea: Micropub Browser Extension For Replies

It's a great idea! I did a lightweight version of that which is a bookmarklet in my browser toolbar to Quill, where it prefills the reply URL to the page I'm on. It's how i reply to most tweets now actually! (https://quill.p3k.io)

Portland, Oregon • 38°F

1 reply

Mon, Mar 6, 2023 10:13pm -08:00
JoYo :clippy: https://hackers.town/@JoYo • Mar 7
@aaronpk gotosocial is that easy too.

It looks nice! But I'm talking about as easy as adding a DNS record without having to run my own instance at all. Are there many hosting providers for GoToSocial?

Portland, Oregon • 39°F

1 reply

Mon, Mar 6, 2023 8:46pm -08:00
https://mastodon.social/@aswath/109979982544430523

In AP, to use your own domain as your actual identity, you pretty much have to run your own full on instance. You can get half way there with the WebFinger setup so people can search, but even that is harder than a DNS entry. BlueSky got the split between domain and underlying identity and service right.

Portland, Oregon • 40°F

1 reply

Mon, Mar 6, 2023 8:06pm -08:00
David Altizer https://twitter.com/davidaltizeryt • Mar 5
I've heard so many horror stories of YouTube channels getting hacked. What are some steps to prevent this from happening with my own channel? Can I do anything beyond 2-step verification to prevent this? I have multiple channels.

@YouTubeLiaison

The majority of these hacks happen because the victim runs a program they got from a sketchy source. Could be a fake OBS download, could be a fake brand PR contact. Reading emails in gmail is fine, but don't open any attachments other than jpgs. Sadly 2fa doesn't fix this.

Portland, Oregon • 36°F

1 like

Sun, Mar 5, 2023 9:30pm -08:00
M. Brandon Lee | THIS IS TECH TODAY https://twitter.com/thisistechtoday • Mar 6
Only answer emails from a Chromebook, NEVER use a Windows computer to do it, create separate sock puppet accounts for different channels and social profiles. Get a Titan security key, but realize it doesn't stop browser intercept attacks which are happening through brand deal… https://twitter.com/i/web/status/1632543340729352194

👏👏 this sounds paranoid but is actually solid advice ☝️

Portland, Oregon • 36°F

2 likes

Sun, Mar 5, 2023 9:28pm -08:00
Barrett Shepherd 📦🚀 https://twitter.com/BarrettShepherd • Mar 4
I use DoorDash too often probably and feel like I can spot a cloud kitchen from the name/image. I’ve never had a solid experience from a cloud kitchen. Glad they’re adding an indicator!

I'm not a big customer of food delivery apps but I did order a burrito this week on DoorDash from a place that I assumed was a ghost kitchen by the name, but it turns out it was a food truck!

Portland, Oregon • 40°F

1 like

Fri, Mar 3, 2023 8:50pm -08:00
Brandon Trebitowski https://brandontreb.com • Mar 3
True, but it would be tricky.

Wouldn’t the attacker have find a way to extract the code_verifier from local storage and pass it along with the hijacked redirect?

They would have to somehow have the ability to write custom js code on the path they are redirecting to. I guess this is possible on sites that don’t sanitize user inputs.

I was thinking the attacker makes up their *own* `code_verifier` and injects that into the first open redirect

Portland, Oregon • 42°F

1 reply

Thu, Mar 2, 2023 4:16pm -08:00
Brandon Trebitowski https://brandontreb.com • Mar 2
Could using PKCE fix this issue?

Yep! This is exactly the kind of thing PKCE prevents! With PKCE, even if the open redirect were in place, the attacker wouldn't have been able to do anything with the stolen authorization code.

Although now I'm thinking this through and if the open redirects are really open enough, you could probably still pull something off even while using PKCE.

Portland, Oregon • 42°F

1 reply

Thu, Mar 2, 2023 4:03pm -08:00
Charlotte Brandhorst-Satzkorn https://inuh.net/@catzkorn • Mar 2
Ever wanted to use your own choice of OIDC IdP with @tailscale? I'm looking for private alpha testers - new and existing users welcome. DM me!

I would love to check this out actually, I'm working on some documentation to help companies like Tailscale adopt features exactly like this!

I don't have a way to DM you on mastodon but you can email me! https://aaronparecki.com/contact/

Portland, Oregon • 39°F

Thu, Mar 2, 2023 9:40am -08:00
Vittorio https://twitter.com/vibronet • Mar 1
Finally took pics of the @Delta Parallel Reality experience. TL;DR, you scan your BP and a smart billboard uses face recognition to present your information just to you, using a parallactic display to ensure your text can only be seen from your position.
Big Delta fan, Diamond… https://twitter.com/i/web/status/1631049565699813377

Oh but they already have multifactor auth in their login page!

Username, password, and that "last name" box that pops up right before you're about to click log in, which also breaks password managers 😇🤦‍♂️

Portland, Oregon • 42°F

6 likes

Wed, Mar 1, 2023 6:01pm -08:00
alexlindsay https://twitter.com/alexlindsay • Feb 28
I think Apple Keychain

Can't go wrong with that. Also 1Password.

Portland, Oregon • 38°F

2 likes 2 replies

Mon, Feb 27, 2023 8:31pm -08:00
Jake Sloan https://twitter.com/jakesloaninak • Feb 27
I’m starting to get convinced that doing any comparison video between brands will get you called a shill no matter what lol. Nothing gets people riled up like comparing their favorite against something else 😂😂

But hey at least it gets the views!

Portland, Oregon • 40°F

1 like 1 reply

Mon, Feb 27, 2023 5:20pm -08:00
Joel Auterson https://otter.garden/@joel • Feb 27
A bit confused as to how it interacts with #fediverse - rival paradigms? Interoperable? Just totally different things? #indieweb

I don't know what you'd call it, but I built ActivityPub support directly into my website so I can exist on the Fediverse from my own site.

Portland, Oregon • 39°F

1 like

Mon, Feb 27, 2023 11:07am -08:00
Thomas Cantrell https://twitter.com/thomas_cantrell • Feb 25
So basically you usually need a news helicopter?

Yeah the pilot license for a helicopter is a totally separate thing from the "remote pilot license" you get for a drone

Portland, Oregon • 21°F

Sat, Feb 25, 2023 5:54am -08:00

older

Aaron Parecki

Idea: Micropub Browser Extension For Replies