I went to a talk lately that was mostly about something else, but the speaker came out with:

“If you only remember one thing from this talk, remember this. Everyone in this room who likes helping people, raise your hand.”

Every hand, or nearly every hand, went up.

“If you like asking other people for help, keep your hand up.”

Almost every hand went back down.

“As you can see, people like helping you. When you ask for help, you’re making them feel good, even if you don’t like asking.”

I’ve genuinely forgotten the rest of the presentation but I won’t forget that.

The cost of StarLink and other billionaire pet projects is way too high.

"We find that the population of reentering satellites in 2022 caused a 29.5% increase of aluminum in the atmosphere above the natural level, resulting in around 17 metric tons of aluminum oxides injected into the mesosphere. [...] As aluminum oxide nanoparticles may remain in the atmosphere for decades, they can cause significant ozone depletion."

https://agupubs.onlinelibrary.wiley.com/doi/10.1029/2024GL109280

Das ZAM feiert Eröffnung, dieses Wochenende.

Entdeck das ZAM in dir!

Programm hier:
https://www.zam.haus/projekt/festliche-eroeffnung-30-mai-bis-1-juni-2025/

Announcing: https://justaqrcode.com.

Tired of "free" QR code generators that are full of ads and trackers, that share your data, and that want to sell you something? Me too. Here's my act of resistance: I made a one-page site that works entirely in your browser to generate a simple QR code. And that's all it does. You can download the HTML page and run it locally, even. Read the source; nothing up my sleeves. Just a QR code.

My offer to you -- I will continue to pay for the domain name and web hosting for it, myself. If you find it valuable, you can pay it back by creating your own useful thing for the world and releasing it for free. Let's take back the friendly web, one vexingly-monetized utility at a time!

#QRcode #Free #FriendlyWeb #Resistance

Loving this: "The Copilot Delusion"

Quotes:
"Copilot isn’t that. It’s just the ghost of a thousand blog posts and cocky stack-overflow posts whispering, "Hey, I saw this once. With my eyes. Which means it's good code. Let’s deploy it." Then vanishing when the app hits production and the landing gear won’t come down."

"The problem isn’t just laziness. It’s degradation. Engineers stop exploring. Stop improving. Stop caring. One more layer of abstraction. One more lazy fetch call inside a render loop. Eventually, you’re living in a cathedral of technical debt, and every user pays."

"At that point, you’re not working with a copilot. You’re playing Russian roulette with a loaded dependency graph."

"But even if you're just slapping together another CRUD app for some bloated enterprise, you still owe your users respect. You owe them dignity."

https://deplet.ing/the-copilot-delusion/

What the actual fuck, #LetsEncrypt‽

Let’s Encrypt will no longer include the “TLS Client Authentication” Extended Key Usage (EKU) in our certificates beginning in 2026.

That makes them unusable for SMTP servers. Gah!

Anyone got a usable alternative that doesn’t ruin financially?

Update: I’m in communication with them, let’s hope they recognise the usefulness.

Update 2: turns out it’s Google forcing this down the throat of all CAs that want to be recognised by Chrome as valid. I’m sure Google only accidentally decided on a new policy that breaks some SMTP and probably all XMPP use cases… 🤬

Update 3: not only are people on the Let’s Encrypt side obnoxious in trying to discuss away the problem, and saying hundreds of affected users is of no importance (what a privilegued thing to say…) and that LE is only a web CA… but they now also say that, if someone has a certificate and key for hostname.example.com and has reverse and reverse-forward DNS for their IP addresses matching that, that that should not mean that they are allowed to send out mail as hostname.example.com (?!?!?! I cannot even begin to understand the sick “reasoning” that has to be behind such a statement). They also say they think the removal of the TLS client key usage from server certs to be “years overdue”. This deliberate working against actual users’ needs is… just wrong (I have much stronger words but will refrain, for now).

Time to hope for @jwildeboer ’s https://nerdcert.eu/ to lift off and be included in the usual Root CA bundles (except Google Chrome’s, I suppose).

Wir feiern die Eröffnung des ZAM!

Nach mehr als drei Jahren Planungs- und Umbauzeit, in der wir die Gebäude hergerichtet, die Werkstätten eingerichtet und unser Team aufgebaut haben, freuen wir uns darauf, gemeinsam mit euch am Wochenende 30. Mai bis 1. Juni 2025 das Zentrum für Austausch und Machen in der Hauptstraße 65-67 offiziell zu eröffnen! #Erlangen

https://www.zam.haus/2025/wir-feiern-die-eroeffnung-des-zam-30-05-bis-01-06-2025/