Maybe you didn't know, but I run an IRC network called MadIRC.

It seems like it got quite famous among Tor users since we allow completely anonymous access via onion addresses.

Today I had to rework the channel ranks of the main darknet channel "" after quite some abuse of power. Of course, the abusers are unhappy with this situation and declared it the end of the channel.

Feel free to prove them wrong:

Tor direct tor web access:

Sheogorath boosted

The web is capable of so much more than people are doing with it nowadays. A lot of the problems are business incentives (ads, trackers, third-party junk) and cargo cult (bloated toolchains, bloated deps, a main thread that doesn't scale).

We're waiting for the next Ajax/Web2.0/whatever revolution where somebody comes up with a bold new design that's better than everything that came before.

Sheogorath boosted

@sheogorath Facebook uses some pretty damn mind tricks to bind people to it. This is deep psychology and hard to overcome. That's why I think it's in the democratic states responsibility to boost more fediverse services for such important digital infrastructure. Obviously these services hit a nerve and provide us something we want, but how it's implemented right now is horrible and a good example for a single money-driven entity in control that emphasises money over humanity.

Mhm, while sharing this article with someone (it's from 2017, but still interesting):

I started to wonder: Is there even a point where people decide to stop using Facebook(-owned) Services even when "their friends are there"? I mean, we have a lot of people on the Fediverse that deleted their account, but I wonder if some Facebook users are so dependent on it, that they decide "no matter what Facebook does, as long as they can 'hang out' with their friends it's fine".

Nice article about and it's pros and cons.

It's not very technical and still provides a reasonable insight into the problems and chances of DoH in the way it's currently rolled:

If you are waiting for CentOS 8 since RHEL 8 came out in May, you might be interested in why it's still not there:

TL;DR: There was RHEL7.7 which becomes CentOS 7.7 and since CentOS already has tons of active users, it's more important to ship CentOS 7.7 than CentOS 8.

And also a follow up on my traefik story, where an upgrade of the go version dropped the defaults for TLS connections down to SSLv3, instead of TLS1.0.

The wonderful team around traefik solved the problem and released a new version within 2 days:

That's how things should work!

Little follow up on my earlier statement about Desktop and the `--no-sandbox` argument they force on linux now.

I didn't just made noise on my social media but of course also (tried to) work with the upstream project. Sadly it seems like they don't care:

5 work days and no one even had a look at it. Great Maybe I should write a PR this weekend in hope it gets more attention.

Sheogorath boosted

Peer Heinlein (CEO,

PGP ist nach wie vor eine sichere und bew瓣hrte Technologie, deren Tage noch lange nicht gez瓣hlt sind 色

#AusSicherheitsgr羹nden #pgp #gnupg /c

Sheogorath boosted

School has an annual fundraiser, organized by an outside company. One parent did the math. You'll be *shocked*[1] how that turned out.

[1] not really

Hey developers,

it's time to support your Fedora Userbase as simple as possible.

Packit-as-a-service is here, which simply integrates with your upstream repository and allows builds on the latest version of Fedora, so all your project can be automatically picked up by latest Fedora release engineers and integrate it into the next version of the OS.

(More docs should follow soon)

Sheogorath boosted
Sheogorath boosted
Sheogorath boosted

Today we welcomed a new member of our family - Laura 兩抽把

Sheogorath boosted

If you are selling your SEO services, why do you have to resort to email?


Sheogorath boosted

Seriously, verify your systems after an update. Only continuous monitoring of security features will make sure you don't expose people to insecure systems over time.

This morning I had to notice that my traefik setup decided to downgrade its defaults to SSLv3 due to a bug in the go TLS library.

So yeah, if you run anything server-side that provides TLS and is build with go 1.12.x you might want to verify it.

For those who wonder about the article:

The problem with DNS is: It's so fundamental that you want humans to have a word in it. (So probably no blockchain)

And you also don't want in-memorable hashes as domain names, since you already have IPs for that. (So not like .onion addresses)

I'm open for ideas, feel free to have suggestions.

Huh, over (or more general DNS that is based on cryptography) It's an interesting idea especially for the root DNS servers, but there is a fundamental problem:

Key management.

The article I read used as an example. What if an attacker obtains the private key for this domain? He can now control it or even transfer it.

Right now, you can get a court rule that undoes that. But with DoB this would mean everyone has to learn a new domain. Good luck with that

If you wonder how I spend the last hour: Improving other people's container image build instructions.

Providing postfix with MTA-STS is a nice thing. But when you do it, please do it not as root

A container is no excuse to run software as root.

Show more
Sheogorath's Microblog

This instance is the microblog to my blog. You'll probably find more recent content here while finding more elaborated content on the blog. Impressum / Datenschutz / Privacy