• choose theme
    •
    Greenwich Mean Time GMT

    snootauth

    can i tell you about this thing i wrote? it involves ssh and cookies and the setuid and setgid bits.

    it’s called snootauth.

    what is it?

    it’s a way for sites on snootclub to verify a snootclub user.

    how does it work?

    it is hosted at /auth on any snoot site that wants auth.

    abe.snoot.club/auth/chee showing link labeled “listen”, and an ssh command to run

    when you, a user, click the listen in the browser, it starts a GET request which makes the server open a unix socket that’s owned by your user in /snoot/auth/socks/{your-uid}.sock.

    there is an ssh server running on port 2424, which has ForceCommand set to a program called succeed.

    the ssh command being run in a terminal. “Thank-you, you can return to your browser now.”

    when you run the ssh command, succeed(1) writes the word "success" to the socket belonging to your user then exits.

    Web browser saying “Thank-you! Enjoy your cookie”

    In the http server, listen’s GET request handler receives the "success" in the socket and returns, setting a cookie for you on the snoot subdomain you are on.

    Devtools showing the cookie set for this subdomain.

    and now on the server, there is a file that belongs to the snoot user whose site you are on that contains your token:

    ls -l showing file permission abe:snootauth

    it’s also read-writeable by the snootauth program, so it can delete or replace tokens when the user logs out or reauthenticates.

    so now the server code for the snoot whose site you are on can check any cookies it receives against the token in /snoots/auth/sessions/{their-name}.{my-name} — chee (hi@chee.party) 2020-11-17

    Greenwich Mean Time GMT

    public dump

    i made a website yesterday

    💔 https://cc0.snoot.club/

    i call it the public dump

    if you register as a Copyright Holder, you can create Collections and add Pieces to those Collections

    💔 here (was) an example collection

    it contains some parts of songs i’ve started making but don’t know how to finish. and so they’ve been released to public domain.

    you can upload any kind of file, and it will be added to the Collection and displayed with a CC0 license, dedicating it to the public domain.

    if it’s a sound or a picture or a video it will be displayed with a little preview. registrations are open.

    e-mail me with your legal name (for the dedication mark) and desired username, and i’ll send you a password.

    Greenwich Mean Time GMT

    2020-11-04

    dentite

    today i went to the dental hygenist. they really name that in such a way that if you don’t know what it is, well, i don’t think i would have gone if it had been called “dental scraping”. my mouth bled a lot, there was lots of blood, and flakes. shards flying around the room!

    “calcified yuck” they said, is what the shards were.

    the train home

    on the train home i made this:

    using a cassette recorder, the op-1 and the wired heart which i got with a voucher for doing a marketing interview with bitwig.

    op-1 split drum

    the drum kit on “teeth scrape teeth” is the op1’s built-in AWA Beef kit, which i fed through the tape recorder and back into the op-1 and chopped it up.

    i wanted to share the kit with kara, but the op-1 stores kits as a single AIF instead of separate samples for each drum. luckily people have reverse engineered the drum format plenty. it has some embedded json in it, a bit of (standards compliant!) trickiness with the AIFC spec. the json has the start and end points for each sample (as a frame. like, you take the start value (big number) and divide it by 44100 (for the sample rate) and divide that by 4096 (for the block size) and that’s the start time in seconds).

    so i threw together a scrappy script to parse the json and extract the segments with ffmpeg.

    if you want it, here it is:

    Greenwich Mean Time GMT

    raspberry pi 400

    raspberry pi foundation have announced a new computer that is built into a keyboard.

    https://www.raspberrypi.org/products/raspberry-pi-400/

    rpi-400-with-friends.jpg

    the raspberry pi 400 pictured with the mouse, memory card, power supply and guidebook that come as part of its pack

    this is so good!! it’s like a little amiga!

    it has exposed GPIO pins, a micro SD slot, two micro HDMI, 3 usb-a ports and an ethernet port. usb-c charging. bluetooth 5.0, ble.

    i want this as my work computer.

    they’re £67.50 alone, or about £95 with a mouse, microsd, power supply and beginners guide.

    they’ve added a heatsink and overclocked the CPU so it’s a quad-core 1.8ghz, rather than 1.5ghz.

    rpi400.png

    the raspberry pi 400 pictured from behind showing its ports and pins

    if the office still existed, this would be perfect for it. little 2020 zx spectrum. love that for me.

    they would be so good for school too, everyone gets a keyboard with their name on it at the start of the year. you can keep it in a cupboard, or in your bag if you have a screen at home. the IT room is just a room of monitors.

    i should get one and make it boot straight to a repl. maybe the python repl, and leave some glossy magazine printouts of pygame source code. or a lisp repl. or emacs.

    install emacs as /sbin/init – http://www.informatimago.com/linux/emacs-on-user-mode-linux.html

    — chee (hi@chee.party) 2020-11-02

    Greenwich Mean Time GMT

    tier 3

    One of the exceptions to the tier 3 lockdown is for protests. Protests Organised, with precautions, by a business, charity, public body or political body after a risk assessment

    laughing for a moment at “protests organised by a business”, let’s look at “risk assessment”.

    the The Health Protection (Coronavirus, Local COVID-19 Alert Level) (Very High) (England) Regulations 2020 has this to say baout risk assessment

    1. The first requirement is that the organiser or manager has carried out a risk assessment that would satisfy the requirements of regulation 3 of the Management of Health and Safety at Work Regulations 1999(35) (whether or not the organiser or manager is subject to those Regulations).

    so that’s defined here and essentially means filling out one of these forms

    and what is a “political body”?

    Well, The Health Protection (Coronavirus, Local COVID-19 Alert Level) (Very High) (England) Regulations 2020 says:

    (13) “A political body” means—

    (a)a political party registered under Part 2 of the Political Parties, Elections and Referendums Act 2000(44), or

    (b)a political campaigning organisation within the meaning of regulation 2 of the Health and Social Care (Financial Assistance) Regulations 2009(45)

    okay, so let’s have a look at the Health and Social Care regulations 2009:

    “political campaigning organisation” means any person carrying on, or proposing to carry on activities— (a)

    to promote, or oppose, changes in any law applicable in the United Kingdom or elsewhere, or any policy of a governmental or public authority (unless such activities are incidental to other activities carried on by that person), or (b)

    which could reasonably be regarded as intended to affect public support for a political party, or to influence voters in relation to any election or referendum (unless such activities are incidental to other activities carried on by that person);

    so by protesting, you become a political body. and as long as you have, or somebody has, filled out a risk assessment form you can protest.

    so let’s go. i have an EFF sticker on my laptop, which i have on there to promote policy changes. so as long as i fill out a risk assessment form, i have free reign. i can hunt all the grouse i want.

    i am not a lawyer. this web log entry does not constitute legal advice