Holos announced they're working on adding custom domain support to their server. It's a really cool development, and I figured I'd share it here real quick.
If you're unfamiliar with Holos, it's an Activity Pub server that aims to be more relay like (somewhere between AT/Nostr and a standard Activity Pub account). The server acts as a relay, keeping a public copy of your posts and profile data online, but it delegates most operations to your client.
When I wrote about it a month ago it sounded like it was a possible consideration, but having it confirmed as something that's actually going to be the case is really cool to see. At the cost
... show more
Holos announced they're working on adding custom domain support to their server. It's a really cool development, and I figured I'd share it here real quick.
If you're unfamiliar with Holos, it's an Activity Pub server that aims to be more relay like (somewhere between AT/Nostr and a standard Activity Pub account). The server acts as a relay, keeping a public copy of your posts and profile data online, but it delegates most operations to your client.
When I wrote about it a month ago it sounded like it was a possible consideration, but having it confirmed as something that's actually going to be the case is really cool to see. At the cost of being a bit more technical, the idea of owning your identity on Activity Pub is really cool (you 'own' your own domain, plus are able to migrate even if the server is down since your client can make outgoing connections).
Anyway, figured it was worth a share, I'm looking forward to seeing Holos continue to be developed.
I'm experimenting with what I've deemed a 'mini blog' – smaller posts and different mediums separate from normal posts, while experimenting with different platforms/protocols, all linked together via a page and RSS link. If you want to see more you can follow here.
Custom domain support for #Holos is in development and coming along nicely! Use @user@your-domain.com instead of @user@holos.social, just point your DNS to a relay (changeable anytime). Actor URIs and post URIs stay stable forever, so switching relays requires no migration. Your RSA keys + domain = portable identity. Optional feature for users wanting relay independence.
Custom domain support for #Holos is in development and coming along nicely! Use @user@your-domain.com instead of @user@holos.social, just point your DNS to a relay (changeable anytime). Actor URIs and post URIs stay stable forever, so switching relays requires no migration. Your RSA keys + domain = portable identity. Optional feature for users wanting relay independence.
better yet: enable holos over tor. A tor address is a custom domain which you can actually own. Unlike a regular web address which you can only rent and is subject to potentially LE taking over, a tor address is yours forever once you register it. Holos over tor where I can register my own tor domain would be actually the Mastodon dream: truly descentralized
Every day, #Holos proves you can run your own ActivityPub server on your phone. We approached the problem differently: instead of copying existing platforms, you're in control. No imposed style - not Twitter-like, Instagram-like, or YouTube-like. Enjoy everything the Fediverse offers and contribute your way.
"Kirill Ilin's construction company Amcrete constructed the concrete walls of their ground-breaking new four-bedroom prototype 'layer by layer by layer' right on its Waiuku site.
He says houses made with concrete poured by a computer-controlled 3D printer are energy-efficient, quick to construct, and, because of their durability and recyclability, also sustainable."
"Every Activity Pub server duplicates content. Without it there'd be no seeing posts from anybody on servers other than their home server. It's literally the thing that makes the protocol work. If being on a protocol that specifically is designed to duplicate content isn't permission enough to duplicate content then the Fediverse goes poof. Zilch. Zero. Nada."
So a thing happened and I'm kinda flabbergasted. There appears to be a campaign to shut down the Mostr (Nostr <> ActivityPub bridge). Dunno how big it is, but apparently at least one DMCA complaint has been filed.
without knowing the specific dmca i remember people getting takedowns for files they didn't even host before. someone just sees it and files the papers and doesn't bother to check who it is.
ipfs gateways have a similar thing where they have to just block random CIDRs because
This was the DMCA prompted my mini crash out. There was something of a campaign to get bridges taken down, and the DMCA referenced standard federation. It was seperate from the 'yeet a bunch of automated DMCA alerts to random gateways' (lol, which could also probably get me going on a rant, but just a different rant about different things).
Not quite true, literally or otherwise. The protocol doesn't require caching. For performance reasons, most, if not all, ActivityPub server implementations cache remote content, but they could also just dereference the remote URIs when remote content is accessed.
Unless I'm misunderstanding something (fairly likely), theoretically, bridges could do the exact same, right?
Bob (Mastodon.Social) wants to see content from Alice (Tchncs.de). Mastodon.social dereferences a copy of Alice's profile/post & the replies/likes to said posts, creates a local copy that it serves to Bob, then deletes the local copy until another request is made.
Bob (Mostr Bridge) wants to see content from Alice (Tchncs.de). The Mostr bridge dereferences a copy of Alice's profile/post & the replies/likes to said posts, creates a local copy that it serves to Bob, then deletes the local copy until another request is made.
Even if an Activity Pub instance doesn't cache remote content long term (be it a standard instance or a bridge using the protocol), it's still gotta duplicate content to serve it to other users.
@eyeinthesky > they could also just dereference the remote URIs when remote content is accessed
They could. But arguably they're still duplicating content. They're just doing it every time someone wants to get the same post or profile through the bridge. So from a user POV nothing is different, it just increases resource consumption for the bridge *and* the origin server.
Yes and no. From a legal or technical standpoint, all this is true. It is legally allowed, technically necessary. But this doesn't mean it's ethical and that it doesn't violate consent.
I can walk up to two people speaking in "public" to eavesdrop on their conversation. But just because I can, doesn't mean it's right. I can scrape endless pfp images from WhatsApp through their contacts API. But doesn't mean it's right.
So no, just because it's possible it doesn't mean "permission enough". It' just means that it's necessary and people have accepted the risk. Explicit permission is something different entirely. This is about consent, a human property, not about technological or legal constructs.
Bridges are a bit different than scraping content or listening into a conversation. A bridge that bridges Activity Pub to AT/Nostr acts like any other ActivityPub instance, requesting a copy of the bridged user's profile in the same way another ActivityPub native server would. Same with Friendica (that I'm using right now to reply), it requested a copy of your post over Activity Pub, despite being native to DFRN (although, unlike Bridgy Fed/Mostr, Freindica bridges internally via plugin instead of using a dedicated standalone bridge). I'd argue that using a protocol designed for federation, on a server that defaults to federating with any instance not proactively blocked, is rather explicit permission to federate.
However, since it's just federating normally, it's easy to stop. If you block the bridges (at the user level or instance wide) they won't federate, just like any other Activity Pub instance. While I think bridges are important for the ecosystem, the beauty of something that's not centralized is that you can choose exactly what you do and don't want to interact with.
Absolutely, there's this difference. But I'd argue it can only be consensual if whatever happens is somewhat "expected". And depending on the service in question, this isn't always the case. Some people go to the Fedi because they don't want to have their stuff on AT...
@ljrk > I can walk up to two people speaking in "public" to eavesdrop on their conversation
That's not a valid metaphor for Public posts on a federated network. It's more like 2 people speaking on a stage using microphones, connected to a global livestream.
If you don't want strangers to listen to your conversation, that's easy! Just get off the stage. If you want to have a private conversation in a public space that people won't eavesdrop on, that's what Direct posts are for.
@ljrk > it can only be consensual if whatever happens is somewhat "expected"
That's like saying that striking up a conversation with someone at a speed dating event isn't consensual, if that person didn't expect to be spoken to at the event. If people choose to go into a situation, not expecting things that can be reasonably expected, that's on them. Not on everyone else for not being mindreaders.
But none of that will help if people refuse to learn about the options available and how to use them. Or insist that everyone else magically know what they intended, even if their app usage choices suggest the opposite.
Coda: If I stand in the street wearing a "free hugs" sign, it's reasonable for people to expect a free hug. Say someone hugs me, and I claim it was non-consensual because I only expected my friends to take up the offer made on the "free hugs" sign. Is that reasonable on my part?
When you post something as "Public" (instead of "Followers only", or "Private mention", to use the current Mastodon app terms), that's like the "free hugs" sign. People can reasonably expect to take that literally.
> unlike Bridgy Fed/Mostr, Freindica bridges internally via plugin instead of using a dedicated standalone bridge
At the risk of splitting hairs, I think you're stretching the definition of "bridge" beyond breaking point there.
A bridge connects any instance to any instance (of whatever it is they bridge). An AP plugin adds native federation to a single instance, allowing it to connect directly with any remote service federating over AP. Two quite different things.
New blog post, a bit of an addendum to my older microblogging protocols comparison post(s) until I do an updated version at some point. It mostly just goes over a handful of big events and shifts I've personally noticed since my last post in the summer of 2024.
OK, I've read some of that. Worth reading, thanks. You may care to note that "effected" means "brought about", not the same as "affected" (changed a bit), and that "its" is a possessive meaning "of it", as distinct from the abbreviation "it's" (it is or it has). (|
Oops, thanks. I'd usually run my posts through Grammarly, but I've just been relying on spell check for some of my writing lately that doesn't catch that sort of stuff. Probably should get back in the habit it that.
Hi, I was going to be writing a blog post mentioning Holos, and was hoping I could bug you guys with a couple questions. First, are there any plans to/consideration of adding support for custom domains? E.g. I setup a Holos server, but a buddy who registers on my server could use a separate custom domain they own for their handle?
Also, I noticed that the source code link on holos.social 404s. Is that intentional (e.g. relocation, I'm sure things are sort of in flux with it being new), or is there a working link to the repo?
Custom domains aren't planned yet but it's an interesting idea. Technically possible, but adds complexity. For now, self-hosting your own relay is the simplest path for a custom domain.
The link is correct, repo is just still private hence the 404. Will be public very soon.
Feel free to reach out if you have more questions!
Toying around with trying to create a "standard" social media style app on Nostr, focused on posts shared within circles instead of the fully public microblogging that most stuff is focused on. Made a custom NIP nostrhub.io/naddr1qvzqqqrcvypz…And vibe coded a proof if concept (beware mobile users, the mobile view is not good atm) npub1nj7tj7wr2zl69mdc02x24j2js…Just a proof of concept, posts there aren't private since they're custom events but are being publicly broadcast (would need a custom relay setup). But it seems to be working. Could use advice from people who know what they're doing, if there's any issues with the formatting of the custom NIP or a better way about going about things I'd greatly appreciate feedback. #asknostr #nostr #vibestr #vibecoding
Discover official Nostr Implementation Possibilities (NIPs) and publish your own custom NIPs on the Nostr network. Browse, search, and contribute to the Nostr protocol ecosystem.
Made a #blog post about different non standard ways to host a website or content. Touches on: * #I2P * #Tor * #ipfs * Decentralized Domains + the microblogging protocols
A based design that makes a web that’s true
ICANNs and NATs embrace shall be no more
Behind a Pi or in the cloud for you
We use that tool be I2P or Tor …
If I may add to footnote 4, i2p outproxies are also statically defined in your configuration, vs tor which has automatically dynamic exit nodes. The typical advice if you're going to host an outproxy is to bridge it into tor to maintain anonymity.
Plus, a neat effect of bridging i2p into tor is you can use both eepsites and onion sites, as well as anonymous browsing the clearweb from the same browser without having to swap proxy configurations. Of course this comes with its own cautions.
Thanks, I think I maybe mention somewhere that could can use tor+i2p if you setup the right proxy config (unless I didn't and only thought I did and am expecting people to just read my mind lol). But never had a setup like that myself so can't personally say any more than that I've heard that others have done it.
We are working on motion graphics for the Fediverse promotional video... and we would love to do a sequence at the end with a mosaic of people's profile photos. For that, I need your consent.
If you'd like to have a small cameo in our video, can you let us know if we can use your profile pic?
#microsoft #edge is now supporting some desktop extensions on their Android browser in their main branch. /begin browser rambling So, on mobile, I've got two browsers. My default browser - Fennec - always clears cookies upon being closed and has most of the features I'm looking for. It's 'usually' compatible with most sites, and yoinks all the Mozilla junk out of Firefox while still supporting extensions and not being part of the chromium monopoly. Things like SponsorBlock, webpage archiving (SingleFile, Brave's mht feature, etc), and Nostr signing extensions are nice, but I'm looking for three specific things: * Good adblock * Decent privacy * A read aloud feature/extension I've also got a second browser, Brave, which I remain signed into stuff and sync bookmarks & cookies via the E2E sync feature. I also use incognito on it sometimes - especially when sites break in fennec - but on mobile if you want a no cookies browser you almost need two since you... show more
#microsoft #edge is now supporting some desktop extensions on their Android browser in their main branch. /begin browser rambling So, on mobile, I've got two browsers. My default browser - Fennec - always clears cookies upon being closed and has most of the features I'm looking for. It's 'usually' compatible with most sites, and yoinks all the Mozilla junk out of Firefox while still supporting extensions and not being part of the chromium monopoly. Things like SponsorBlock, webpage archiving (SingleFile, Brave's mht feature, etc), and Nostr signing extensions are nice, but I'm looking for three specific things: * Good adblock * Decent privacy * A read aloud feature/extension I've also got a second browser, Brave, which I remain signed into stuff and sync bookmarks & cookies via the E2E sync feature. I also use incognito on it sometimes - especially when sites break in fennec - but on mobile if you want a no cookies browser you almost need two since you can't ctrl + N upon start or open clicked tabs in incognito. Anyway, #Fennec has broken on a couple of websites as of late. So far it seems to have dodged the memory leaks and incompatibility that had me move away from Firefox forks on desktop - but there's been a few breakages lately. Could be a one off, or could be the staggered development finally hitting #Firefox for mobile. Am planning on continuing to use fennec for now, but beginning to wonder if I should scope out alternatives. Edge actually has built in adblock + support for further adblocking extensions. Though unlike Brave/Fennec which have manifest v2 style adblock support (built in & extensions respectively) it'd still presumably be fairly close in actual effectiveness. Archiving pages and TTS can be done through extensions which'll presumably be supported soon if they're not already supported via extensions and/or internal features. As crazy as it is to think, Edge - or better a de-Microsofted fork of Edge - might actually be something I seriously consider using. That, or maybe Brave can finally introduce a TTS feature and/or yoink the extension compatibility from Edge or the ChromeOS extension support (could do regular+beta for effectively two profiles). /end browser ramblings tldr: To my surprise, Edge for Android seems to be shaping up to be a decent option of a browser (minus some telemetry)
AI is transforming software development, shifting programmers from writing code to collaborating with AI in an intent-driven workflow—this is vibe coding.
people should really read up on O'Reilly. They were a crucial part of the whole Web 2.0 grifting and ruining of the Web and networked computing as a whole.
With a tagline like "leverage your experience in the age of AI", this honestly makes me think this book is more about fixing the blunders of AI and making an income that way rather than actually using AI. that and possibly using ai to make like filler uncomplicated stuff, essentially just autocomplete.
I feel like this could genuinely be a useful book depending on what is inside it.
I just skimmed the first chapter, and it seems fairly balanced. It says (I paraphrase) "think of AI coding like a keen junior developer hopped up on stimulants, producing huge amounts of code quickly but of questionable quality".
having tried it today with a programming language i did not know today. I have to say it was enjoyable. Definetly not straight forward but a hell lot more eonjoyable than to have to dig through docs of very language specific docs to find out how that rust feature is named in C# with the agent and some manual tweaking it makes the most infuriating tasks enjoyable.
please tell me every page is just "you fucking rube. You absolute mook. You goddamn mark. You fell for this bullshit, and you spent money on a book to teach you to be an even BIGGER sucker. What the fuck is WRONG with you?!" over and over again
@europlus I thought this must be a sh!tpost but looked it up on their own site, and it’s true. Way to tank your career as an author, Addy Osmani. O’Reilly have fallen so far; so sad. We’ll be tidying up after GenAI for years - perhaps I should market myself as a Legacy / GenAI Code Fixer?
OK, so the book isn't complete and sections are missing, but I've read through the preview and I'm not as mad as I thought I might be
There is definitely a bias that LLMs will have to be adopted by developers, and it's just a question of how. With citations from those selling LLM solutions about how effective it is, of course (Github say it'll make you 55% more efficent, just send us $39 a month please!) 1/4
New blog post - a combination of how I got into emulation, that I pre-ordered the Retroid Flip 2, and some other notes about different handhelds and controllers I looked into before settling on the purchase.
UPDATE: Officially the problem has been "fixed". But lets see....we will look for another provider and in case we will be forced to move, we should be able to do so in a day or two.
Our TROM.tf server was flagged by the hosting company as "Abuse: NetscanOutLevel: scansnarf-ng detected Netscan from: We have indications that there was an attack from your server." - and we have a few hours to fix the issue else they are going to shut down the server....
Please be aware of that since the websites may go down and we may have to move to another hosting provider...
This is very bad news but unaware what it can be. Please keep an eye on status.tromsite.com
We will try to update there in case anything happens.
We had a custom search with some JS scanning searx.space/ for best instances to search with. Maybe that was a red flag for the hosting. We have removed that and redirect now to searx.neocities.org. Lets see...
i have a feeling that wouldn't hold up in court but i'm not a lawyer and judges are professional morons
Anders Norén
in reply to Holos Social • • •h1dden
in reply to Holos Social • • •