clojure-europe

For people in Europe... or elsewhere... UGT https://indieweb.org/Universal_Greeting_Time
dharrigan 2020-10-22T06:26:26.123600Z

Good Morning!

ordnungswidrig 2020-10-22T06:44:23.124100Z

The early worm gets eaten...

dominicm 2020-10-22T07:08:24.124300Z

Morning :)

borkdude 2020-10-22T07:24:30.124500Z

morning

slipset 2020-10-22T07:33:37.124700Z

God morgen, ja?

jasonbell 2020-10-22T07:56:07.124900Z

Morning

2020-10-22T08:01:47.125100Z

Morning

thomas 2020-10-22T11:28:08.125300Z

mogge

2020-10-22T13:09:03.125800Z

going through my old vector editing code and using pop and peek a lot more. I just wish it worked on transient vectors

2020-10-22T15:14:12.126300Z

if you wish that, surely you should be using Java mutable datastructures

2020-10-22T15:14:24.126600Z

that's exactly what they are for

borkdude 2020-10-22T15:18:14.127500Z

that's what also crossed my mind

2020-10-22T15:18:15.127600Z

there is that. The clojure transient ones have conj! and assoc! which do most things. I just wish I had the rest of the api from the persistent ones

2020-10-22T15:18:41.127800Z

update!

2020-10-22T15:18:48.128100Z

pop!

2020-10-22T15:18:57.128400Z

peek shouldn't need a bang tho

borkdude 2020-10-22T15:21:15.128800Z

@otfrom Maybe look into that zach tellman Java lib?

borkdude 2020-10-22T15:21:43.129300Z

https://github.com/lacuna/bifurcan

2020-10-22T15:21:57.129700Z

I've been stung by abandonware there a few too many times (lots of good thought tho. lots to learn from)

borkdude 2020-10-22T15:23:41.129900Z

you mean ZT abandonware?

2020-10-22T15:27:12.130100Z

yes

borkdude 2020-10-22T15:28:57.130500Z

We're still using yada on aleph, runs pretty well. I wonder what libs have stung you @otfrom

2020-10-22T15:29:38.130700Z

automat

borkdude 2020-10-22T15:30:14.130900Z

never heard of it

2020-10-22T15:30:26.131300Z

I needed some state machine help

borkdude 2020-10-22T15:30:28.131500Z

(I did google it now)

2020-10-22T15:30:55.131900Z

just lots of archived repos on https://github.com/ztellman?tab=repositories

2020-10-22T15:31:06.132200Z

it is good smart stuff

borkdude 2020-10-22T15:33:00.132800Z

some things just don't stand the test of time I guess (in terms of wanting to invest time and energy). also it doesn't help that he's not working on Clojure anymore

borkdude 2020-10-22T15:34:23.133400Z

the bifurcan thing he still seems to be working on. maybe there's similar mutable/functional collections in Java world

2020-10-22T16:05:52.134100Z

yeah, the move away from clojure doesn't help much. There is a lot of good stuff in there (aleph and manifold being good examples)

2020-10-22T16:10:27.134500Z

aleph and manifold seem to have reasonable communities around them

2020-10-22T16:12:33.136Z

part of it for me is having had other tools disappear underneath me in the past (tho those were proprietary). I think that is part of what I like about the conservative slow moving nature of clojure

borkdude 2020-10-22T16:13:52.136300Z

I think I've heard you talk about this on defnpodcast :)

borkdude 2020-10-22T16:16:05.137500Z

I've seen a tweet yesterday of someone whose google account was deactivated and he lost access to all his mail, etc. This seems like a nightmare to me. I do use gmail/google docs etc a lot.

2020-10-22T16:19:49.138Z

yeah, at least mail services are reasonably replaceable. I do worry that I'm too dependent on big G atm

2020-10-22T16:20:12.138400Z

self hosted email while possible is difficult atm

borkdude 2020-10-22T16:20:30.139Z

I discovered Google Takeout which sends all your data as zip files

2020-10-22T16:20:37.139300Z

slightly easier for individuals but tricky for companies with spam filtering et al

2020-10-22T16:21:05.140200Z

my behaviour is basically a large pile of scar tissue

2020-10-22T16:21:09.140400Z

and laziness

borkdude 2020-10-22T16:21:11.140600Z

so now at least I've got a backup. But the loss of access to certain accounts which I may not be able to recover... I do have a dedicated password manager, but I'm not sure if it's 100% accurate...

2020-10-22T16:21:42.141100Z

I keep my important passwords encrypted locally

borkdude 2020-10-22T16:21:49.141300Z

yeah, I do have that too

borkdude 2020-10-22T16:22:08.141800Z

but you know how it goes, create a new account, let your browser save it and forget to update PW manager...

borkdude 2020-10-22T16:22:30.142200Z

anyway, now I'm scared but I'm not certain yet what to do.

2020-10-22T16:22:53.142600Z

now it is a battle between fear, laziness, and hubris

2020-10-22T16:23:02.142900Z

(hubris is believing that you will do it later)

borkdude 2020-10-22T16:23:17.143200Z

and undecidedness/ignorance

borkdude 2020-10-22T16:23:41.143600Z

Be in the here and now* (battle between fear etc.)

borkdude 2020-10-22T16:27:30.144400Z

Don't let laziness escape your try... you will finally catch the error before you die! (Clojure proverbs)

2020-10-22T16:32:31.144700Z

finally, finally

borkdude 2020-10-22T16:34:16.145Z

(added)

orestis 2020-10-22T16:42:04.146300Z

I’m using 1Password and have disabled as much as I can all browser password prompts. Also http://fastmail.fm for email, I migrated my google mail some years ago and it’s nice.

2020-10-22T16:49:39.146800Z

I should probably migrate my personal email to fastmail or similar I really need google apps for the business tho

2020-10-22T16:49:57.147300Z

given my customers, perhaps Office 365 would make more sense

2020-10-22T16:50:41.148100Z

tho who do I trust more? Google doing some kind of AI experiment as a hobby (to see how they can work in more advertising) or MS and their muddled product thinking

2020-10-22T16:50:45.148300Z

I'm not sure

2020-10-22T16:51:13.148900Z

the only real fall back is as always FLOSS, but then I lose a lot of collaboration features and UX sugar

2020-10-22T16:51:45.149500Z

if everyone knew git and emacs and org it would be fine (it wouldn't actually, I've tried it before and it was painful)

orestis 2020-10-22T17:02:59.150400Z

Moving emails to Fastmail is easy. I still have a google account and we pay for a family office 365 license so there’s that too.

2020-10-22T17:38:52.150600Z

congrats on the release @slipset πŸ™‚

slipset 2020-10-22T17:39:19.151Z

Thanks. Took some time to figure out what the problem really was.

2020-10-22T17:39:45.151300Z

I lost about 30 minutes today to not reading properly

slipset 2020-10-22T17:41:25.152100Z

Funny thing is that deps-deploy is a somewhat contradictory piece of tooling.

slipset 2020-10-22T17:41:57.152800Z

If you live in the clj-tooling space, there is really no need to deploy your things to clojars.

2020-10-22T17:43:25.153Z

github ftw!

2020-10-22T17:43:45.153400Z

maybe clojars could move over to a content addressing system for the source code?

borkdude 2020-10-22T17:53:09.153900Z

@orestis also using 1password (still the one time pay version from years ago, it still works!)

dharrigan 2020-10-22T17:57:44.154100Z

I use bitwarden

dharrigan 2020-10-22T17:57:46.154300Z

I run it locally

borkdude 2020-10-22T17:58:31.154900Z

Fastmail looks good but maybe doesn't make sense when you're from the EU as it seems a US based company?

dharrigan 2020-10-22T17:58:42.155200Z

I use Protonmail πŸ™‚

borkdude 2020-10-22T17:58:58.155500Z

how is their web ui? I usually don't use a desktop client

dharrigan 2020-10-22T17:59:03.155700Z

It's very very nice

dharrigan 2020-10-22T17:59:10.155900Z

They've put a lot of thought into it

2020-10-22T17:59:54.156400Z

I'd actually quite like SMTP and IMAP, but then I want to have it ALL IN EMACS!

dharrigan 2020-10-22T18:06:56.156600Z

I also run mail-in-the-box

dharrigan 2020-10-22T18:07:17.157100Z

which is super simple to setup and gives you a fullly controlled email system, hosted by yourself on some vm somewhere.

borkdude 2020-10-22T18:08:48.157400Z

I also run a mail server on a VM but I don't want to rely on that

dharrigan 2020-10-22T18:17:03.158200Z

It does do automatic backups, which one can transfer (securely) somewhere. I've restored a fresh install of mail-in-the-box from a previous backup with no issues (actually a migration from a digital ocean vm to an aws vm)

dharrigan 2020-10-22T18:17:27.158700Z

All depends I suppose on the effort one is willing to put into hosting one own's email system πŸ™‚

ordnungswidrig 2020-10-22T18:19:46.159100Z

I’m thinking of migrating my custom setup to mail-in-the-box

borkdude 2020-10-22T18:26:03.159800Z

Hmm, what if Protonmail goes bankrupt though? I guess mail is never safe unless you do it yourself, but then again, my VPS can get hacked

ordnungswidrig 2020-10-22T18:29:11.160300Z

I think they might a better at protecting their servers than the random guy

ordnungswidrig 2020-10-22T18:29:28.160700Z

E2E encryption is the only solution

dharrigan 2020-10-22T18:45:53.161500Z

There's always a risk they may go bankrupt, but there are no signs of that occuring. They seem to be pretty up-front about things.

dominicm 2020-10-22T19:02:00.161600Z

Doesn't proton not support smtp? :)

dominicm 2020-10-22T19:02:50.161700Z

Proton have always seemed a bit shady to me. There was that whole ransom business. It also feels weird to claim the email is E2E, email is only E2E within their service. I can do better than that with XMPP etc.

dharrigan 2020-10-22T19:10:46.162100Z

That's not completely true about end-to-end encryption only within their service

dharrigan 2020-10-22T19:11:19.162900Z

All email has that issue, at the edges, it'll just be plain text - and I use gpg extensively, but once it's decrypted on the client (and you have to trust the client), then it's just plain text

dharrigan 2020-10-22T19:11:44.163500Z

Anyhooo, they have ProtonMail bridge which enrypts email on the client before sending to their servers.

dharrigan 2020-10-22T19:12:07.164Z

aka like gpg encrypting the email before sending it across t'interwebs

dominicm 2020-10-22T19:17:22.164200Z

Must admit I don't keep up. For me, GPG + JavaScript is a nono :)

dharrigan 2020-10-22T19:17:38.164400Z

Can you explain?

dominicm 2020-10-22T19:18:02.164500Z

Ah, just looked up the bridge. Doesn't solve use-cases like Android :)

dominicm 2020-10-22T19:19:16.164600Z

The deployment model of the web isn't particularly amenable to user-consenting deploys, verification, etc. Nothing stops me from being delivered a special bundle which uploads the plaintext as well. Browsers aren't really all that safe. Not to mention the fact the client could steal my whole gpg key.

dharrigan 2020-10-22T19:20:01.164800Z

Ah true that

dharrigan 2020-10-22T19:20:13.165200Z

Good thing I use (neo)mutt

dharrigan 2020-10-22T19:20:20.165500Z

I'm a cli kinda guy πŸ™‚

dharrigan 2020-10-22T19:20:56.165900Z

browsers (and their vunerabilities) are certainly a weak link in the chain

dominicm 2020-10-22T19:21:29.166Z

Not so much browsers, but browsers assume you trust the server, which I don't when it comes to encryption. Client->Client encryption only pls.

dominicm 2020-10-22T19:21:37.166100Z

With protonmail android client (assuming there is one) how do you get your GPG key across?

dharrigan 2020-10-22T19:22:45.166500Z

Must admit (myself) that I don't use proton email on android

dharrigan 2020-10-22T19:24:32.166800Z

I don't think they do gpg on the mobile

dominicm 2020-10-22T19:27:40.167Z

So is plain text on mobile?

dharrigan 2020-10-22T19:28:03.167300Z

I would imagine it is encrypted before sending

dharrigan 2020-10-22T19:28:14.167500Z

and decrypted upon receiving.

dharrigan 2020-10-22T19:28:46.168Z

However, if it's sent over ssmtp, then that would also be encrypted in transit

dharrigan 2020-10-22T19:29:01.168300Z

then you just have to trust your mobile phone πŸ˜‰

dominicm 2020-10-22T19:29:25.168400Z

Well yes, the Play Store update cycle is nefarious in itself. But that's what F-Droid is for :)

dominicm 2020-10-22T19:30:13.168500Z

GPG is supported on mobile. I'm guessing they generate a key on the client, upload the public component so that messages are encrypted for all devices, and you don't get access to history.

dharrigan 2020-10-22T19:30:38.168700Z

<https://f-droid.org/en/packages/ch.protonvpn.android/>

dharrigan 2020-10-22T19:30:41.168900Z

interesting πŸ™‚

dominicm 2020-10-22T19:30:53.169200Z

Free VPNs

dharrigan 2020-10-22T19:30:58.169400Z

<https://github.com/ProtonVPN/android-app> their source code is there

dharrigan 2020-10-22T19:31:11.169800Z

personally, I use wireguard and run my own vpn service

dharrigan 2020-10-22T19:31:13.170Z

just for moi

dominicm 2020-10-22T19:31:18.170100Z

You're all finding out about the size of my tin foil hat

dharrigan 2020-10-22T19:31:45.170700Z

Oh, I'm pretty careful when it comes to leaking my data too πŸ™‚ Can't prevent all leakage, but I try to contain as much as I can.

dominicm 2020-10-22T19:33:13.170800Z

Admittedly I'm terrible with email, I use gmail. But I'm always pretty skeptical about anything that makes bombastic claims that mean they make compromises.

borkdude 2020-10-22T19:35:12.171300Z

@dominicm Did you see that tweet yesterday about that guy whose account was closed?

dominicm 2020-10-22T19:40:08.171400Z

@borkdude No. But I hear about it all the time. It's an active anxiety of mine. I'm worried they'll decide I'm a bad person and shut down my account.

dominicm 2020-10-22T19:40:42.171600Z

I just don't know that I'm yet happy with alternatives. I'll definitely be moving to something under my own domain in future (as I have with XMPP) so that I can always move elsewhere if the need arises.

borkdude 2020-10-22T19:40:46.171800Z

that's my main worry, the randomness of it

dominicm 2020-10-22T19:42:33.171900Z

I don't worry too much because I don't comment on YT or anything like that, so there's no real leverage they have over me. I'm hoping for now they won't scan my emails and decide I'm bad because of that (or I guess if I emailed someone who became a spammer? dunno)

dominicm 2020-10-22T19:49:49.172Z

@borkdude what did that guy on twitter get banned for?

borkdude 2020-10-22T19:50:40.172500Z

that's the whole problem: he doesn't know and google doesn't say. https://twitter.com/dhh/status/1318999696006926343

dominicm 2020-10-22T19:53:01.172800Z

Oh, dhh :P

borkdude 2020-10-22T20:06:23.173Z

@dominicm actually this guy: https://twitter.com/Cleroth/status/1318911490863337472

dominicm 2020-10-22T20:11:58.173200Z

Yeah, I saw the link. Just rolled my eyes a little at dhh bringing it up :p He's on an anti-google path at the moment (not wrongfully)

dominicm 2020-10-22T20:14:03.173300Z

Well, anti big-tech. It's pretty cool how he went to congress & such