Gemini* and Gopher

• Personal/Opinions

  • 🔤SpellBinding — BINOXUS Wordo: DIARY

  • Balconia

    Some pictures from the balcony pointing south east, i.e. the sunny one. This is what it looks like: some breakfast ready to eat, with a newspaper on the table, the reeds with all the bees to the left (mostly Osmia), and potted plants all around.

• Politics and World Events

  • To mask, or not to mask

    For anyone who is unfamiliar, masking is when an autistic person pretends to be neurotypical (normal). We mainly do it for social survival because many normal people won't treat us with basic human dignity unless we pretend to be like them. We can't mask continuously however, because pretending to be someone you're not is exhausting and causes a lot of stress and anxiety.

    So in my high-masking autistic experience, one of the most difficult decisions I have to make is when to mask. I've recently come to the conclusion that I've been masking too much, due to sheer number of times I've had the following happen:

    I meet someone. I'm masking. We're getting along. Things seem to be going well. Over time, they start noticing that I have some quirks, that I'm a little bit different. I disclose that I'm autistic, thinking it will clear up their confusion. They either deny it or insist I'm "not that autistic" thinking they're giving me a compliment. They start to critique my differences. Over time, the criticisms become harsher, hateful even. I try to explain to them how what they're criticizing are actually traits of autism. They deny it, and insist that I'm making excuses. This continues until I make the decision to cut them off, because they're just not listening and there doesn't seem to be any other option available.

• Technology and Free Software

  • On Personal Cybersecurity

    I think the recent US government Signal chat leak¹ creates a good opportunity to talk about personal cybersecurity and offer a few high-level tips.

    Signal² is a private messaging application. It prevents specific types of adversaries from accessing the contents of your calls and messages, and their metadata. But if you, the human, choose to use it for adversaries it was never designed to defend against, that's a problem the technology can't fix. The biggest vulnerability in cybersecurity is not the tools, the protocols, nor the cryptography. It's the human.

    Often, it's the human not understanding the limitations of the tools they're using. If you think that using Signal is all you need to do to secure your messages, you are so wrong. Consider that Signal is not designed to protect you against any of the following threats:

  • My Forgejo instance was attacked by LLM crawlers

    This post is a reaction to the attack that my server suffered from, that took place on the weekend of the 29th-30th of March. This happened even though my robots.txt file has the following value on all my subdomains:

    User-agent: *
    Disallow: /
    

    If you’re not familiar with the robots.txt file, the general idea behind it is to tell bots which resources they are allowed to see or not, as well as which bots are allowed to see it. In my case, I don’t want any bot to be able to see anything on my websites.

    It is worth noting that the robots.txt file works in a similar way to the DNT (Do-Not-Track) HTTP header, meaning that it is up to the service provider to decide whether they will respect the user’s choice. Thus, what usually should happen is that bots make a single, initial requests to /robots.txt, see that I don’t want them to crawl my server, so they give up and stop making requests to my server.

    However, it is now well-established that LLM companies do not care about consent at all. In fact, most LLM crawlers simply ignore the content of robots.txt. Many developers are currently struggling with attacks from LLM crawlers, up to the point where some FOSS service providers even had to temporarily block entire countries to deal with it [1].