#todo #rss

Move slow and fix things

This specification defines where these files should be looked for by defining one or more base directories relative to which files should be located.

Hahaha

1. Keyboard accessibility
2. Accessible design tokens
3. Named control
4. Zoom and user preferences
5. Screen reader compatibitlity

SVG filters can be applied to HTML tags with: filter: url(#distort).

There are examples what we can do with a website :)

There is also a list of webrings on it:
https://whitep4nth3r.com/webring/

Text rotating at the borders of an image

If we can reduce the customer base for the dominant players and show there’s a market for a different way of approaching digital technology, that could help incentivize more non-US options and even get governments to put real resources behind a push for digital sovereignty.

Note some alternatives can be based in the US

Suites: Proton, Zoho and in some cases Mailbox, Infomaniak, Framasoft, Nextcloud

Email: Proton, the suites mentioned above, Posteo, Tuta

Search: Ecosia, Qwant, Start page, Mojeek

Browsers: Vivaldi, Opera, Mullvad

Office: some are available in the suites, Cryptpad

Writing: Ulysses, iA Writer, Scrivener

RSS: Inoreader, RSS reader of Vivaldi

Password/2FA: Proton Pass, 1Password, Aegis, KeaePass

Notes, calendar or tasks: Things, Superlist, Bear, Obsidian, Joplin

Social Media: Matodon, PeerTube, Frendica and Pixelfed.

Messaging: Wire, Threema, Element

Video calling: Proton, Mailbox, Infomaniak, Signal, Threema, Whereby, Nextcloud, Jitsi

Maps: Here We Go, TomTomGo, Transit, OpenStreeMap with OmsAnd or Organic Maps, Mapy, Citymapper, Magic Earth.

Translations: DeepL, Reverso, Naver Papago

Streaming video: Crave, CBC Gem, ICI TOU.tv, Britbox, Mubi.

Streaming music: Deezer, Qobuz

Video games: GOG.com, Sony/Playstation, Nintendo

Podcasts: AntennaPod, Anytime player

and more utilities for hardware, web hosting (FullHost), Podcast or newsletter hosting, Cloud or file transfer, ...

Web forms: Tally, Forms.app

Graphic design: Affinity, Canva, GIMP

Money transfer: Wise, I add the european alternative Wero

#project #idee reference them all

A Rick-roll in the source code

The script is available at https://raw.githubusercontent.com/corbindavenport/just-the-browser/main/main.sh

It was disclosed in 2022 and it is part of the SHA-3 design.

The python code

import hashlib
h = hashlib.sha3_224()
h.update(b"\x00" * 1)
h.update(b"\x00" * 4294967295)
print(h.hexdigest())

generates a segmentation fault. The scripts will attempt to write more data to a buffer than it can hold. A small variant cause an infinite loop.

This can be used to violate the cryptographic properties of the hash function to create preimages, second preimages and collisions.

Rust is the best language so far to replace today's most used crypto libraries: OpenSSL, BoringSSL and libsodium.

C libraries often contain a lof of assembly code making them really fast, but potentially unsafe.
pure-Rust libraries benefit from Rust strong typing and generally offer a better API, compile for all platforms including WebAssembly.

It's important to note that pure-Rust libraries might be slightly slower than C and assembly wrappers, but still fast enough for most use cases.

• aws-lc-rs is a cryptograhy create
• libcrux is a Rust wrapper for formally verified C, Assembly and Rust code.
• ring is focused on the implementation, testing, and optimization of a core set of cryptographic operations exposed via an easy-to-use (and hard-to-misuse)
• boring is a safe wrapper around google's boringssl
• dalek-cryptography is a Github organization about pure-Rust elliptic curve cryptography, used by Signal and Diem
• graviola is promising because it's faster than other projects, but not mature enough yet.

There is also blake3

In short, RustCrypto to get pure-Rust implenentations, or aws-lc-rs for linux-servers and best perforamances with FIPS certification.

Reading a file is actually slow.

getCurrentThreadUserTime() uses many syscalls because it reads from /proc.
clock_gettime(CLOCK_THREAD_CPUTIME_ID) has only one syscall and a direct function call chain.

The optimisation can be done, but:

1. The kernel policy is clear: don't break userspace
2. It's undocumented anywhere!
3. Author's take: if glibc depends on it, it's not going away.

This is why I like browsing commits of large open source projects. A 40-line deletion eliminated a 400x performance gap. The fix required no new kernel features, just knowledge of a stable-but-obscure Linux ABI detail.

The lessons:

• read the kernel source. POSIX tells what's portable; the kernel source code tells what's possible.
• check the old assumptions: revisiting them occasionally pays off.

Ainsi, sa « première analyse indique que [les données personnelles de ses clients] ont été consultées, et peuvent inclure :

• Informations d’identité : prénom, nom, date de naissance, sexe ;
• Coordonnées : adresse e-mail, adresse postale, numéro de téléphone, le cas échéant;
• Informations sur le passeport: numéro de passeport, pays d’émission et date d’expiration ».

Soit en moyenne 1€ par contrat

l'autorité a constaté en faisant son contrôle que l'entreprise « n'avait pas mis en place de mesure permettant de trier les données des anciens abonnés qu’elle entendait conserver à des fins comptables durant dix ans » et « qu’une fois cette durée de dix ans atteinte, le mécanisme de purge des données n’était pas complètement opérationnel, de sorte que les données n’étaient jamais supprimées ».

There are multiple examples of database schema

L'alternative IA à ce que Signal est aux messageries.