anticrawl
It’s the internet, so there’s crawlers, and it’s the future, so they’re mindless wannabe chatbot scrapers, and it’s the cyberpunk world we always dreamed of, so the cool thing to do is to write your own force field to keep the bots out. Which I did.
For background, I have not actually noticed any load from bot scrapers (other than the google go cache, different story), but found them a different way. There’s a bug in humungus which I’m too lazy to fix that causes it to 500 error whenever a file revision that doesn’t exist is requested. There’s a second bug I’m too lazy to even look for that generates these links for the bots to find. But the punchline is I have a bunch of 500 errors in my log file. The robots file excludes these URLs because I know they’re useless for a crawler. I’m trying to help you, stupid bot, but some bots are beyond help, so we need a bigger hammer. Initially, I banned netblocks in pf, and after eliminating all of BabaWei’s IP blocks, we’re down to Brazilian ISPs, which I don’t want block at the network level.
anticrawl is a simple go http handler. Stick it in the affected service. Then configure a regex because I like problems. I don’t care if you scrape my README 700 times, that’s what it’s for, but leave the other junk alone. Also, I’d rather not bother humans, even a little bit, until they start clicking around deeper.
The challenge is super easy. If you have javascript, you have to find some 42s. (Why is it always zeroes we’re forced to search for?) If you don’t, you have to solve the riddle of the llama. Either way, it’s super trivial because the adversary isn’t exactly basilisk class AI. I was told cookies are evil, so the state is just stored server side. I’m thinking I might change the design so it’s even easier to bypass by starting at a normal entry point. So far, it appears very effective.
There’s also a standalone proxy server for people who can never run enough servers.
Tagged: project
enterprise social
The Honk Foundation is pleased to announce the initial release of Enterprise Social, previously known as Honk Enterprise, previously known as honk3. It’s reworked and retuned, reimagined and remade. A social network for the future.
more...
adding activitypub to humungus
I added ActivityPub support to humungus using the vocabulary defined by ForgeFed so now I can follow my commits with honk. Statements dreamed up by the utterly deranged.
more...
from worst terminal to merely mediocre
Another month of poking around trying to make an almost useful terminal emulator.
more...
vertigo
I wrote my own terminal and you won’t believe what happened next. I called it vertigo.
more...
honk 1.0
It’s been four years since honk 0.1. Before that, the preview, and shortly after the followup. But finally, after a long journey, we’ve reached honk 1.0. (Narrator: honk is a microblog server that federates with other servers via ActivityPub.)
more...
azorius 0.1
Reddit is deddit. Everybody needs to write a replacement. Mine is called azorius.
more...
dechroma
A while back somebody posted some “amazing” images which were black and white except for the stripes that were colored. So, not black and white, but the point was to demonstrate that vision is highly perceptual and the brain will interpolate from what’s there. I thought this might be fun to play around with. I guess it kinda works, but I think some of the demo images were selected carefully.
more...
reliverator
Sometimes I want to send some mail. Sometimes I want to receive some mail. (Much less often than it typically happens, as it were.) But mostly I want to not think too much about it.
Alas, the history of email is rife with people thinking about it, and inventing new problems for their solutions. My needs are much simpler than that. I want to have email that arrives at port 25 go in my maildir. I want email that I send to port 587 to go wherever it should go. That’s about it. I don’t need fancy filtering before it goes in the maildir; I can always do that later. I don’t need fine grained authentication to send; it’s my computer, if I want to send it I’m going to send it.
But nobody makes a mail server just for me. The self hosted email market is kinda small already, because Big Evil has decided that’s bad for you, but it’s also quite a chore just reading the documentation for even simple server setups. How about an smtp server that doesn’t require documentation because it doesn’t have any features? If it doesn’t do anything, it can’t do anything wrong.
Enter the reliverator. It receives email. It delivers email. It’s a deliverator, not written in D.
When an email is received, it goes in the user’s maildir. If there is no maildir, it doesn’t.
When an email is submitted, it goes in the database until it goes somewhere else. There’s no access control because it only listens on localhost and I’ve already got an ssh tunnel open from my laptop.
Mostly I just wanted to see how hard can it possibly be. And after some bludgeoning and tear soaked stackoverflow copy pasta, it kinda came together. There’s a fine mess of a little of everything. It’s about 25% unsafe, though that’s not the part that worries me most. I even used some tokio for bonus points, though it seems overkill for sending and receiving a single UDP packet, but I don’t pack the crates.
If I really wanted to write an smtp server, I’d have made some very different decisions.