Mar 7, 2022
Heck, Teliva has a big issue 😞

Apps ship with source. To let you run without reading the source, apps run without any privileges by default. No files, no network.

You can grant broad privileges to a single function after reading just its source.

The issue: functions can be over-ridden, so you end up accidentally granting privileges to malicious nooks and crannies.

I need to go back to app-level permissions. Grant narrow privileges to the whole app, without regard to what function uses them.

A concrete use case for permissions by caller (now removed from Teliva)

By its nature, a file browser can list directory contents and open files all over the computer. How could we convince ourselves that it's only using these privileges to meet our requests?

My old solution: app is written in such a way that someone can grant these privileges to a single function after convincing themselves it opens a single file/directory every time the Enter key is pressed.

Now I need something new..

permalink

* *
Mar 1, 2022
AoC 2021, day 8

"Part 2 is tricky. The first output value 'cdfgba' could be either a 0, 6, or 9. To figure out which one it is I could do some fancy constraint satisfaction. That sounds hard. Or I could exhaustively try all permutations of the 7 letters. That sounds easy! Here's my plan.."

Peter Norvig

permalink

* *
Feb 27, 2022
A dilemma in building terminal apps

Most apps use width poorly, with lots of empty space towards the right.

Long lines of text are also less readable.

So more apps should be using some sort of column layout when the window is wide.

However, narrow columns magnify a different problem: urls can't be clicked on if they span multiple lines.

One possible solution: an escape sequence to hyperlink to urls in shorter text. https://gist.github.com/egmontkob/eb114294efbcd5adb1944c9f3cb5feda lists terminals supporting it. Does your terminal?

permalink

* *
Feb 21, 2022
Fun with the kids 

git clone https://github.com/akkartik/teliva
cd teliva
make
src/teliva anagrams.tlv

permalink

* *
Feb 19, 2022
I rewrote a section of Teliva's Readme today:

https://github.com/akkartik/teliva#who-are-we-trusting-by-trusting-you

Small change in text: https://github.com/akkartik/teliva/commit/b36927e35cd26

But a big step in a huge trajectory of maturing thinking.

2010: Dependencies are moving parts, introduce unreliability.

2015: Well, we have to depend on something. Ok, hardware only.

2021: Firmware, management engines, shit, I'll come again. Depend on a narrow waist. Posix, C, Lua.

2022: There's even more I can't do alone. Sqlite, Redis, etc. Reputation is a useful signal.

permalink

* *
Feb 12, 2022
It just occurred to me that I can smush the dependencies of two packages together to visualize them at the same time. Here's libcairo2-dev and libsdl2-dev at once.

permalink

* *
Feb 10, 2022
A little Zettelkasten app on Teliva

https://archive.org/details/akkartik-teliva-2022-02-10 (4 minutes)

Showing off:

  • Protections against malicious apps.
  • Incrementally learning about app internals.
  • How avoiding abstractions can make an app easier to secure. Audit a single function, safely ignore its function calls.
  • Running on OpenBSD thanks to https://tilde.institute

Main project page: https://github.com/akkartik/teliva

Open invitation: I'd be happy to tailor a private copy for your individual needs.

Starting to use my Zettelkasten app for reals

In this clip:

  • Growing cards for more details and shrinking them down to outline view (no collapsing subtrees, though)
  • Structured navigation to children/parents/siblings.

permalink

* *
Feb 6, 2022
Why everyone needs to know some coding: last-mile sandboxing

My talk at FOSDEM this morning: https://archive.org/details/akkartik-2022-01-16-fosdem

Apologies for the low volume of the recording :/ This copy seems slightly louder to me than the version on the official page. However the official page includes (high-quality and audible) Q&A at the end.

https://fosdem.org/2022/schedule/event/lastmilesandboxing

Main project page: https://github.com/akkartik/teliva

Many thanks to all the organizers of FOSDEM '22!

permalink

* *
Feb 5, 2022
This comment πŸ˜‚β€οΈ

https://news.ycombinator.com/item?id=30220443#30223181

"Third, FOSS has become a religion for many. All things must be FOSS because it’s a holy conquest, and if just everything were FOSS all would be perfection because reasons."

If FOSS were actually a religion, the holy conquest you describe would be the most adorable and least bloody holy conquest in the history civilization.

If FOSS were actually a religion, then what is stopping you from joining the least bloody and most adorable religion in the history of civilization?

Come.

Join us.

(Patches accepted.)

permalink

* *
Feb 4, 2022
Zettelkasten

https://github.com/drcode/zek is a neat program <3 and its demo at https://www.youtube.com/watch?v=4W_m176PIdU is inspiring me.. to build my own version 🀦

I think people have lost sight of the essence of Zettelkasten.

  • never having to name notes
  • extremely fine-grained addressing
  • lots of nudges to create cross-links

The tension: links tend to require names.

Any interest in collaborating on or use-testing something malleable but text-only in Teliva?

permalink

* *
archive
projects
writings
videos
subscribe
Mastodon
RSS (?)
twtxt (?)
Station (?)