1
0
Fork 0
mayvaneday/blog/2019/december/death-of-a-gopher.html

58 lines
10 KiB
HTML
Executable File

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Death Of A Gopher - Archive - MayVaneDay Studios</title>
<link href="../../../style.css" rel="stylesheet" type="text/css" media="all">
<meta name="author" content="Vane Vander">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body class="mayvaneday">
<script src="../../../checktor.js"></script>
<article>
<div class="box">
<p><h1>Death Of A Gopher</h1></p>
<p>published: 2019-12-14</p>
</div>
<hr>
<div class="box">
<p>The wire bars of the <a href="../../../poetry/g/the-golden-cage.txt">golden cage</a> bend open just a little farther, enough for me to stick my head out: I have a job now! A part-time job, I should clarify, so I won't be able to move out anytime soon, but the tiny sprout of <em>something</em> is better than the black hole of <em>nothing</em>.</p>
<p>The new revenue stream means that, unless something catastrophic happens like a mass deplatforming or getting fired, MayVaneDay can stay on its own stable VPS indefinitely.</p>
<p>Thanks to college payments, my bank balance dropped below a comfortable amount sometime in October, so I moved everything to the Raspberry Pi on my desk in my room for the following two months since it would be free. Surprisingly enough, even though IPv4 was blocked to hell, IPv6 was completely open, so I could run whatever the hell I wanted!</p>
<p>Except for pygopherd. Because pygopherd only supported IPv4. So my Gopher mirror was shot to hell, and because there's no point in updating a mirror that nobody can use, I let the whole thing fall into disrepair. Everything else I struggled to keep online since the router at home likes to periodically disconnect every device and refuse to let them back on for hours on end, so I put a line in the crontab to reboot the Pi at midnight every night to force it to reconnect and crossed my fingers that the ZeroNet mirror would finally get some seeders.</p>
<p>Which it did, thanks to <a href="https://archive.md/20200821214932/http://misc-stuff.terraaeon.com/articles/miss-old-internet.html">a little exposure</a>! And it was easier to maintain than Gopher, since all I had to do was change all the absolute links to relative links, as opposed to Gopher where I had to also strip out all the images and CSS (since most everyone views Gopher in a terminal, and what would be the point of transmitting things they couldn't see?) That would be "bloat". And everyone hates <a href="../august/consumption.html">"bloat"</a>.</p>
<p>Why? Why should I care about bloat? Who even defines "bloat", anyway? Some <a href="https://archive.md/20200821215101/https://regularflolloping.com/posts/slow-down/">authoritarian jerk who can't even be fucked to use proper grammar</a>? Is "bloat" defined by lines of code, or megabytes of RAM used, or the mental strain required to remember how to use the program? Sure, most of us can agree that Windows 10 with all the spyware options enabled with five browsers and seventeen autostart-on-boot programs <del>and one of those unironically being Discord</del> is bloat, but where do we draw the line from there? Where does the red side of the spectrum line officially turn blue? At the beginning, where it's no longer pure #FF0000? Only when it's pure #0000FF, and we've devolved into cavemen using stick figure pictures to communicate with each other? But aren't pictures bloat? Or is it language? Speaking? Writing? <em>Thinking?</em></p>
<p>It can't be <a href="../april/run-every-day.html">being dead</a>, for part of decomposing is <a href="https://archive.md/20200821215250/https://sciencing.com/the-stages-of-the-human-decomposition-process-12757794.html">intestinal bacteria producing gases</a>, which makes one rather... bloated.</p>
<p>Maybe I want decadence! Maybe I want lavish websites with pleasing color schemes and little image icons as buttons! (Given that the buttons have alt text, of course.) Maybe I want reflowable text and custom fonts that won't break the UI! Maybe I want <a href="https://weirdiverse.mayvaneday.art">pages with a thousand faces</a> that reinvent themselves every page load! Maybe I want websites that I can zip up in a single archive and throw wherever I damn please, instead of asking permission from some purposely convoluted database!</p>
<p>Maybe I want the crazy and macabre, the <a href="../../../poetry/l/lumo-en-vivo.html">spirited and alive</a>!</p>
<p>And maybe I want transport security too, which Gopher seems to have a <a href="https://archive.md/20200821215459/https://gopher.tildeverse.org/zaibatsu.circumlunar.space/0/~solderpunk/phlog/why-gopher-needs-crypto.txt">little problem with</a>. And the <a href="https://archive.md/20200821215625/https://gopher.tildeverse.org/zaibatsu.circumlunar.space/1/~solderpunk/gemini">proposed fix</a>, which I must admit is the best fix to Gopher possible without scrapping the whole thing and reinventing HTTP, can't be easily implemented because of all those ancient machines bogging everyone else down. And heaven forbid we leave <em>them</em> out. Seriously, a protocol with <em>absolutely no transport security</em>- what kind of a braindead idea is Gopher? Are you okay with having every word thrown down the pipe accessible to your ISP to log and peer into and inject whatever they want into it? And signing every post with PGP won't help, since your key would also be transmitted in plaintext: if your government <em>really</em> wanted to fuck you over, they could just make your ISP reroute all requests to that particular Gopher server to their own and substitute their own PGP keys, and you'd be none the wiser. There would be no possible trust that a specific post was written by a specific person, unless you'd received their keys through a different, more secure channel. In which case: what's the point?</p>
<p>Security through obscurity is no security at all, and I've lived enough of my life as an insecure sniffling little imitation of a human being.</p>
</div>
<hr />
<div class="box">
<p>In tangentially related news, I'm deleting my Github and Keybase accounts.</p>
<p>I've already known of the <a href="https://archive.md/20200821215750/https://www.theverge.com/2018/10/26/17954714/microsoft-github-deal-acquisition-complete">Microsoft acquisition</a> for some time now. But the main problem with Github is the network effect: without an account, one can't easily submit bug reports or pull requests. My Github page has mainly sat abandoned since that one Python class I took last year at college, the exception being the aforementioned bug reports.</p>
<p>I signed up for Keybase at the start of <a href="../../../poetry/o/october-7-2018.txt">October of 2018</a>, right after the explosive aftermath of the Lucine saga, where I was worried that one of the Tumblrites I'd pissed off would start impersonating me in attempts to get me in trouble with the law. My line of thought was that, if I had some kind of centralized official service where I could prove exactly what websites and social media accounts I was in control of, the likelihood of someone else to successfully put on my personage like a meat puppet would be effectively zero.</p>
<p>So why leave now?</p>
<p>Long story short:</p>
<ul>
<li>Keybase made a big deal about their <a href="https://web.archive.org/web/20190915210946/https://keybase.io/a/i/r/d/r/o/p/spacedrop2019">Stellar airdrop</a>. Woo! Everyone gets up to $500 in free cryptocurrency! I wake up one morning, and suddenly I'm $20 richer.</li>
<li>A shitton of spam bots sign up for Keybase, Github, and Hacker News. The latter two complain to Keybase, who <a href="https://web.archive.org/web/20191009002412/https://keybase.io/a/i/r/d/r/o/p/spacedrop2019">cancels the October airdrop</a> and changes the requirements to receiving an SMS from a relatively short list of countries, notable for essentially saying "fuck you" to anyone living in Canada.</li>
<li>Stellar, the cryptocurrency they were giving out, peaks for a few days (around $0.08) and then plummets (to $0.05).</li>
<li>The spam bots <a href="https://archive.md/20200821220001/https://www.whiskey-tango.org/2019/11/keybase-weve-got-privacy-problem.html">get</a> <a href="https://web.archive.org/web/20200408155300/https://github.com/keybase/keybase-issues/issues/3546">worse</a>, sending unsolicited messages and requests for payment. Yours truly got a few spam followers, but no weird messages.</li>
<li>Keybase, feeling the heat, says "fuck it" and <a href="https://web.archive.org/web/20191213195655/https://keybase.io/a/i/r/d/r/o/p/spacedrop2019">cancels the whole airdrop</a> so nobody gets anything after 2019 ends.</li>
</ul>
<p>Which would be all fine and dandy if Keybase had <em>asked</em> users if they had wanted to participate first, instead of automatically adding a Stellar wallet to every account the first month of the airdrop. <b>Keybase took the private keys of its users and <a href="https://archive.md/20200821220224/https://sneak.berlin/20190929/keybase-backdoor/">automatically signed a payment address onto their profiles without their consent</a>, which <i>they themselves</i> <a href="https://archive.md/20200821220516/https://keybase.io/blog/2014-10-08/the-horror-of-a-secure-golden-key">define as a backdoor</a>. And <a href="https://archive.md/20200821220646/https://github.com/keybase/client/issues/15555">there is currently no way to remove the Stellar wallet from one's profile</a>.</b></p>
<p>And while Keybase technically lets you have the secret keys to the Stellar wallet, meaning one could theoretically use a different wallet app, the issue remains that none of this should have happened without the users' consent- and that Keybase violated it for a glorified promotion.</p>
<p>If they have the ability to do <em>this</em>, even if it's for (disputably) benevolent purposes, what's to stop them from getting malicious in the future?</p>
<p>There are smaller issues with Keybase as well. The desktop app doesn't work on Tails, for one. The FUSE filesystem mounts automatically and doesn't seem to be removable, which can mess up <code>df -h</code> counts, even though technically Ubuntu's Snap system has the same problem. And, the most egregious one in my eyes, is that <em>it's centralized</em>.</p>
<p>There is no further reason for me to be using Keybase or Github, and the upcoming new decade is the perfect excuse to do some <del>spring</del> winter cleaning.</p>
</div>
<hr>
<div class="box">
<p align=right>CC BY-NC-SA 4.0 &copy; Vane Vander</p>
</div>
</article>
</body>
</html>