• 0 Posts
  • 29 Comments
Joined 1 year ago
Cake day: July 1st, 2023
  • ShortFuse@lemmy.worldtoSelfhosted@lemmy.worldWhat self hosting feels like (It's painful, please help 🥲)English
    3·
    2 months ago

    I just recently started working with ImGui. Rewrite compiled game engines to add support for HDR into games that never supported it? Sure, easy. I can mod most games in an hour if not minutes.

    Make the UI respond like any modern flexible-width UI in the past 15 years? It’s still taking me days. All of the ImGui documentation is hidden behind closed GitHub issues. Like, the expected user experience is to bash your head against something for hours, then submit your very specific issue and wait for the author to tell you what to do if you’re lucky, or link to another issue that vaguely resembles your issue.

    I know some projects, WhatWG for one, follow the convention of, if something is unclear in the documentation, the issue does not get closed until that documentation gets updated so there’s no longer any ambiguity or lack of clarity.

  • ShortFuse@lemmy.worldtolinuxmemes@lemmy.world-----BEGIN PRIVATE KEY-----
    151·
    2 months ago

    Yeah, except for the first few bytes. PKCS8 has some initial header information, but most of it is the OCTET_STRING of the private key itself.

    The PEM (human “readable”) version is Base64, so you can craft up a string and make that your key. DER is that converted to binary again:

    /**
 * @see https://datatracker.ietf.org/doc/html/rfc5208#section-5
 * @see https://datatracker.ietf.org/doc/html/rfc2313#section-11
 * Unwraps PKCS8 Container for internal key (RSA or EC)
 * @param {string|Uint8Array} pkcs8
 * @param {string} [checkOID]
 * @return {Uint8Array} DER
 */
export function privateKeyFromPrivateKeyInformation(pkcs8, checkOID) {
  const der = derFromPrivateKeyInformation(pkcs8);
  const [
    [privateKeyInfoType, [
      [versionType, version],
      algorithmIdentifierTuple,
      privateKeyTuple,
    ]],
  ] = decodeDER(der);
  if (privateKeyInfoType !== 'SEQUENCE') throw new Error('Invalid PKCS8');
  if (versionType !== 'INTEGER') throw new Error('Invalid PKCS8');
  if (version !== 0) throw new Error('Unsupported PKCS8 Version');
  const [algorithmIdentifierType, algorithmIdentifierValues] = algorithmIdentifierTuple;
  if (algorithmIdentifierType !== 'SEQUENCE') throw new Error('Invalid PKCS8');
  const [privateKeyType, privateKey] = privateKeyTuple;
  if (privateKeyType !== 'OCTET_STRING') throw new Error('Invalid PKCS8');
  if (checkOID) {
    for (const [type, value] of algorithmIdentifierValues) {
      if (type === 'OBJECT_IDENTIFIER' && value === checkOID) {
        return privateKey;
      }
    }
    return null; // Not an error, just doesn't match
  }

  return privateKey;
}

    I wrote a “plain English” library in Javascript to demystify all the magic of Let’s Encrypt, ACME, and all those certificates. (Also to spin up my own certs in NodeJS/Chrome).

    https://github.com/clshortfuse/acmejs/blob/96fcbe089f0f949f9eb6830ed2d7bc257ea8dc32/utils/certificate/privateKeyInformation.js#L40

    Edit: To be specific, PKCS8 is usually a PKCS1 (RSA) key with some wrapping to identify it (the OID). The integers (BigInts) you pick for RSA would have to line up in some way, but I would think it’s doable. At worst there is maybe a character or two of garbage at the breakpoints for the RSA integers. And if you account for which ones are absent in the public key, then anybody reading it could get a kick out of reading your public certificate.

  • ShortFuse@lemmy.worldtolinuxmemes@lemmy.worldWith GPL, you're programming Freedom. With MIT, you're programming for free.
    2·
    4 months ago

    There is no section 15 or 16 in GPLv3, but I did find section 7 saying:

    Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or

    But that’s an optional thing that you must add onto the GPLv3 license. I’ll have to keep that in mind for the future.

    That would explain why what I’ve read mentioned it’s not guaranteed in GPLv3 (when comparing to MIT). I’ll have to figure out what that notice would look like.

  • ShortFuse@lemmy.worldtolinuxmemes@lemmy.worldWith GPL, you're programming Freedom. With MIT, you're programming for free.
    83·
    4 months ago

    I don’t care if people make money to use my code. I just want my name attached to it somehow, even if you make it closed sourced which is MIT and OpenBSD. I hope you do use my code and even if you heavily reference it to make something new, carry that forward so more can learn and benefit.

    I also don’t understand “better for the end user” arguments either. I have a library that people want to be included in another project, but that project is GPL. They won’t merge my code unless I change my code to be GPL. So everyone who wants them merged is out of luck. I can’t merge their code either with mine. What is supposed to happen is I freely give up my name to the code and restrict it to only being GPL and for GPL projects. Essentially, assimilate and join with the Borg. No, thanks.

    And while that’s from my experience, I’ve also seen good projects get traction, have excitement over it, and fall off the earth because they end up making it GPL. Everyone interested in adopting it, personal or business, just disappear. Then something with less restrictions comes along and gets adopted.

    End-users move to what’s better for them, and if you have a library that is only for GPL, you can end up limiting your options with a wasteful purity test. If you want it to be free you’d give freely with no restrictions. And if you think, “You can contact me to discuss licensing” that doesn’t happen. It’s still a restriction and almost nobody actually bothers.

  • ShortFuse@lemmy.worldtoAndroid@lemdro.idSorry, Google: After Assistant's chaotic evolution, I can't believe in BardEnglish
    11·
    8 months ago

    Maybe I misunderstood the point of data, but I was making the point that they don’t need to perform complex tracking or rely on non-anonymized data. Invading privacy isn’t a very important part of their business model. People still freely feed them data either directly (captcha with OCR scan or Street View images; adding location reviews, photos, and details; YouTube likes and subscriptions) or indirectly (searches and links you click after; YouTube views; places you navigate to and what time; your location when you request navigation directions).

    The tagging of data around specific people (privacy) which the EU is very concerned about, I feel, is grossly overemphasized. Just counters on what gets pinged and when on a transactional basis is very much good enough for Google’s business model.

  • ShortFuse@lemmy.worldtoAndroid@lemdro.idSorry, Google: After Assistant's chaotic evolution, I can't believe in BardEnglish
    3·
    8 months ago

    As you continue to use their services you are shown ads or use services other companies have paid to have linked to. Even when things seem “free” they are never free. Google Maps makes money off charging their API for businesses. They charge what they do because their data quality is high. Their data quality is high because they track usage as well as ask users to improve their data (like ask if a restaurant has table service). Every time you search for a business or call a business because a Google search that gets tracked and compared. Businesses can also pay to appear higher in advertised search rankings.

    TL;DR: You are given free access to improve Google’s data and they sell off that improved data to companies, or charge for higher visibility to their potential customers.

  • ShortFuse@lemmy.worldtoAndroid@lemdro.idSorry, Google: After Assistant's chaotic evolution, I can't believe in BardEnglish
    621·
    8 months ago

    I still code with the mindset of “I need my software to be good or my clients will leave.”

    Google no longer operates like this. None of what you listed has any financial benefit to Google. You’re not going anywhere. All they stand to do is make more money off of you. If they can simplify the software, from being handcrafted by humans perfectly for you, to, instead, generated by an unsalaried AI, they’ll do that. They stand to lose mostly nothing and gain by reducing their workforce.

    The competition for quality doesn’t exist because the money they save by moving to AI is apparent across the industry. Everyone is looking to use it meaning the only competition is who can provide better cheap AI, not who can make a better product for their users.

  • ShortFuse@lemmy.worldtoSelfhosted@lemmy.worldHow to properly setup local certificate authorities for sub domains?English
    3·
    8 months ago

    Years (decades) ago it wasn’t uncommon to create self-signed/local CAs for active directory, but it’s really uncommon today since everything is internet facing and we have things like Let’s Encrypt.

    It’s so old, the “What’s New” article from Microsoft references Windows Server 2012 which is around when I stopped working on Windows Server. I kinda remember it, and you needing to add the server’s cert to your trusted roots. (I don’t know about Linux, but the concept is the same, I’m sure. I never tried generating certificates, but know all the other client -side stuff. Basically you need a way to fulfill CSRs.)

    https://learn.microsoft.com/en-us/windows-server/identity/ad-cs/

    What you’d want to do it in Windows is all there, and Microsoft made that pretty easy back then to integrate with all their platforms and services, but I’d caution, do you really want to implement 10+ year old tech?