2025-01-20 23:30:00
Security questions like "what is your mother's maiden name?" are so fucking bad. Here's what I do to make them slightly more secure.
Whenever I get forced to add a "security" question to an online account, I immediately begin to rage. The reason being is that they add very little in terms of security, as the answers are often out there in the ether, thanks to our pervasive need to share too much on social media. Plus, unlike passwords, these answers are usually stored in plaintext. So any sausage with access to the database -- be it legitimate or malicious -- can see all your answers.
Brilliant.
So instead of entering my Mum's actual maiden name, I'll generate a random dictionary string using my password manager, or an online tool and I save those answers in said password manager, so I can refer to them later.
For example, my answer to "what is your Mum's maiden name?" may be laziness-scribing-sprang8 For another site with the same requirement, it might be commute4-juniper-unhinge. Due to being random and unique per site, it's far more secure.
So when the stupid site that's forcing me to answer a "security" question gets popped, I don't have a load of legit personal info out there on web for any Tom, Dick, or script-kiddie to pick up.
Same thing goes for sites that force me to enter a memorable word (because they're too fucking lazy to implement a proper MFA mechanism).
Simple, ey?
Thanks for reading this post via RSS. RSS is great, and you're great for using it. ❤️
2025-01-17 15:50:00
Keenan reflects on being mocked for liking Britney Spears’ “Toxic” to embracing their love for pop music and their identity. Ultimately, I think this post celebrates self-acceptance and finding joy in things like pop music, which Keenan (and I) proudly enjoy without shame.
I've been catching up on the unread items in my RSS reader over the last few weeks, and this one from Keenan is from alllllllll the way back in May (yeah, the backlog is real).
Anyway, as with a lot of Keenan's posts, this one went on all kinds of wonderful tangents. I have some thoughts on the sexuality side of their post, but that's a post for another day that I'll probably never write as it's a bit too personal for me, I think.
Where was I? Oh yeah, pop music. Fuck those guys. I love all kinds of music, including pop music. I mean "pop" is literally short for "popular" sooooo, you know? 🤷🏼♂️
I used to get a lot of shit in school for loving Hero by Enrique Inglesias. I played the shit out of that song everywhere I could. I too got the "this is such a gay song" shit. But I fucking love that song, even today. Along with lots of other pop music, rock music, country music, metal, folk, and goodness knows what else.
So yeah, fuck those guys and read Keenan's post. 🙃
Oh and for the record, Toxic has a place in my music library, too. 👌🏻
Thanks for reading this post via RSS. RSS is great, and you're great for using it. ❤️
2025-01-12 19:45:00
I have a number of GitHub repositories on my Mac and I wanted a way to auto-pull them on a regular basis. Here's how I did it.
Any regular readers of my waffle will know that I'm not the sharpest tool in the box. Git is a core part of my workflow for a number of my projects, but being the sausage that I am, I often forget to pull the latest changes from GitHub before doing some work locally. Git then inevitably gets itself confused and it becomes a whole thing to resolve the conflict(s).
So I needed a way to bypass my sausageness, by automatically pulling from all my repositories on a regular basis. I ended up doing this in 2 steps:
My first instinct was to build a shell script, then run that script regularly with a cron. All very simple, and something like this would have worked:
#!/bin/sh
cd ~/GitHub/
cd 100daystooffload.com/
git pull
cd ..
cd 512kb.club/
git pull
cd ..
cd kevquirk.com/
git pull
cd ..You get the idea. The problem with this solution is that I would need to update the script every time I added or removed a repository.
I'm too lazy for that shit, so I hit up Kagi to see if I there was a better option out there.
There was.
find ./GitHub -mindepth 1 -maxdepth 1 -type d -print -exec git -C {} pull \;Honestly, I don't really understand what this command is doing in its entirety, but from what I can gather, it's looking in my ./GitHub folder (which is where all my repos live), then going a maximum of 1 folder level deep, and doing a git pull.
It's not perfect, as it tries to pull from every folder within ./GitHub, some of which aren't git repositories. But that's fine, it just skips over them.
While I was there, I went ahead and added an alias to my .zshrc file so I can run the command quickly on demand:
nano .zshrc
alias pullall="find ./GitHub -mindepth 1 -maxdepth 1 -type d -print -exec git -C {} pull \;"Now when I run the pullall command from my terminal window, my Mac will pull everything. Nice.
Ok, so now that I've solved the pulling issue, I want to automate it. I could have gone with Mac Automator, but to be honest, that thing confuses the shit out of me. Instead, I went with good old crontab.
So I opened up my terminal and entered crontab -e only to be faced with a Vim window. Yeah, screw that; I'm a Nano guy. So first I had to fix that.
Another quick Kagi search later, I added this to my .zshrc file to force Nano as my default editor in terminal:
# Set default file editor to nano
export EDITOR=nano
export VISUAL="$EDITOR"I restarted my terminal window (so .zshrc was reloaded) and tried crontab -e again. Huzzah! It loaded in Nano and I added a cronjob for my pull command that runs every 2 mins:
# Pulls git repos every 2 mins
*/2 * * * * find ./GitHub -mindepth 1 -maxdepth 1 -type d -print -exec git -C {} pull \;Final thing to do was to make a change on the live website, push it, and wait. A minute or so later the changes silently appeared in my local repo, so everything is working as expected. Niiiiice.
So there you go, a quick guide on how to automate pulling multiple Git repositories on a Mac. All very basic and easy to find online, but thought I'd combine it into a single post, more for my use that anything else.
Thanks for reading this post via RSS. RSS is great, and you're great for using it. ❤️
2025-01-11 01:35:00
Automattic plan to fuck themselves over further (and by proxy, fuck their customers over) by reducing the contributions they're going to make to their own project.
So I read this post after it was shared on the fedi (as I no longer subscribe to any of Matt's RSS feeds) and honestly, it left me dumbfounded. There's a couple of quotes from the post that I want to print here and opine on, but please, before you reader further, go read the original post.
Additionally, we’re having to spend significant time and money to defend ourselves against the legal attacks started by WP Engine and funded by Silver Lake, a large private equity firm.
Are you for real, Matt? You started this mess!
We’ve also faced intense criticism and even personal attacks against a number of Automatticians from members of the “community” who want Matt and others to step away from the project.
I've spoken to a number of people who work for Automattic and none of them felt attacked. They were all just disappointed in you, Matt. Say it as it is, you've been called out for your bullshit and you don't like it.
Having said the above, and knowing the internet, you probably have been personally attacked, and that I don't agree with. I think you're a dick, but I also think that nobody should be personally attacked.
Automattic will match its volunteering pledge with those made by WP Engine and other players in the ecosystem, or about 45 hours a week that qualify under the Five For the Future program as benefitting the entire community and not just a single company.
Judging by the amount of companies and services Automattic is buying up, WordPress is doing all right - it's certainly not "just a single company" that benefits from WordPress.
These hours will likely go towards security and critical updates.
So no more feature releases for the open source project then? Glad I'm on Kirby...
We’ve made the decision to reallocate resources due to the lawsuits from WP Engine. This legal action diverts significant time and energy that could otherwise be directed toward supporting WordPress’s growth and health.
Yeahhhh and definitely nothing to do with the fact that you offered to buy out anyone in the company and 20% of them called your bluff.
We will redirect our energy toward projects that can fortify WordPress for the long term—ensuring its resilience, relevance, and vitality for the next generation of users and contributors. Part of this will be making WordPress.com much closer to a core WordPress experience, instead of having a different interface.
This is good news. Wordpress.com is a shit show (in my opinion) and .org is far better. I have no idea why you guys decided to bastardise vanilla WordPress in the first place.
This realignment is not an end, but a new beginning—one that will ultimately strengthen the foundation of WordPress.
Hmmmmm, I'm not so sure, Matt.
Thanks for reading this post via RSS. RSS is great, and you're great for using it. ❤️
2025-01-05 16:55:00
I saw a post from Brandon about a blog questions challenge doing the rounds on Bear Blog and figured, even though I'm not on Bear Blog, I'd do my own. 🙃
I know some people hate this kind of meta post, but I really like them. I find it fascinating learning how other people who manage their site and workflow. Mainly to see if there's something I can steal.
So anyway, I've adapted the original questions from Ava to be more generic ,and I'll tag a few people at the end who I hope will take part too. I'd love it if they in turn tagged others.
The questions are:
So without further ado, here's my answers to the questions...
I started blogging back in 2011 for a couple of reasons. My written English was piss-poor (it's still not great). Like, so bad that I didn't know the difference between your and you're, or there, they're, and their. I decided I needed to improve those skills, so I went to night school and did a written English fundamentals course.
As part of that course, I learned that I actually enjoyed writing - even though I hated English in school. At this time I was also getting more into tech, and wanted a way to share some of my thoughts and opinions on these topics as there was no-one in my friends/family group who were interested in it. So I decided to start a blog. I spun up a Blogger site and the rest is history.
I'm currently using Kirby for this site. I've said, many times how much I love Kirby as a platform. It's lightweight, easy to use, and hugely flexible.
Flexibility is the main reason for me choosing Kirby though. I like to be able to customise the workflow of my writing, and I don't like UI clutter, so Kirby is perfect for my needs.
Oh god yes. I've tried them all. To name a few, I've tried Blogger, WordPress, Ghost, Grav, Jekyll, Blot, and many others.
Before discovering Kirby, I changed blogging platform as often as I changed my underpants. Mainly because none of these options ticked all my boxes. Kirby does, however, and I don't see myself moving any time soon though.
I write all my posts in the Kirby Panel. The Panel can be customised so much that at this point I pretty much have a CMS that's tailored to my exact needs, so using the Panel is a joy for me.
It's mostly when I'm doing something completely unrelated to writing, like walking the dogs, lying in bed, or getting a shower. It's times when my mind is free to wander, I think. Obviously I can't write at these times, so when an idea hits, I jot it down in Apple Notes, where I maintain a list of high level drafts.
A fair chunk of my posts are also in response to things I've read by other people too. This post is a perfect example that.
As for when I actually write, that's usually in my lunch break in work, when I'm working from home, or during the evenings once the kids are in bed.
Most of the time I publish right after writing the post. I tend to give them a quick proofread, then hit the publish button. Occasionally I'll let posts sit, especially if I only have time to bash out some text and not proofread (that's the bit that takes most time for me).
Immediate publishing is to my detriment though, I think, as I often publish posts with ideas that aren't fully formed and therefore poorly articulated. I should try to let things marinade sometimes.
I have no idea. I've published hundreds of posts over the years, most of which are meandering thoughts/opinions, or technical posts on how to do something.
I don't get too far into my personal life or profound topics on this blog, although I do have a couple of posts in draft that go into that more. I'm concerned they're a bit too personal though, so have never gone ahead and written them.
Not really, but I'm always tinkering. I re-wrote the dark version of this site last night as I wasn't happy with it, but after a recommendation from Pete Moore, I re-did the colours using the Nord theme and now I'm really happy with it.
I'd like to improve my open graph images too, but they're good enough for now. So that work tends to fall down the list.
Ok, so those are my answers to the questions; now I want to hear you answer them. I'm tagging Jack, Sara & Jarrod. I'd love to see Manu do this challenge too, but I know he's not a fan of meta posts. So I'll leave this open invite out there, just in case you fancy doing this challenge, Manu.
If you haven't been tagged and just want to take part, be my guest - the more, the merrier. 🙃
Thanks for reading this post via RSS. RSS is great, and you're great for using it. ❤️
2025-01-03 22:30:00
Some thoughts from me about virtue signalling and why I think it's a pointless exercise.
There's been a bit of confusion about this post, maybe it wasn't clear because it was written in haste, but this post is about people who choose not to use a product for whatever reason, trying to impose that decision on others.
I think it's right that folk boycott services if they feel strongly about the social or political opinions of the people involved, but I also think that attempting to impose those opinions on others is bad.
For example, saying "I would never buy a Tesla because Musk is a dick" vs "you shouldn't buy a Tesla because Musk is a dick."
For the record, Musk is a dick and I'd never buy a Tesla. 🙃
I've had this one in my drafts for a few months now, but I haven't got around to writing it. I decided to change that after reading Grubz's post on his thoughts on Kagi.
In the post, he says:
I swore off of them for a while after the little bit of drama about integrating Brave Search, but who really gives a shit, you know? You gotta pick your battles. Separate the art from the artist.
I couldn't agree more, and this was the point of the post I've had in draft. Some of the virtue signalling I've seen in recent times include:
There's definitely more, but these are just the ones I've had noted down recently. I'm not saying that the issues people raise are not important. Because they most definitely are. If you're homophobic, I'm probably going to think you're a scumbag and we're unlikely get along. Same if you have extreme political views. But I'm not going to stop using your product just because I think you're an arsehole.
Having said that, if you choose not to use these products because of said arseholes, that's your perogative; I won't tell you otherwise. I'm just saying I don't understand it.
Now, what does get on my tits is when people tell me I shouldn't be using [product] because the founder/CEO/whatever is a dick. And it gets even worse -- and I've seen this happen many times on the fedi -- when folk imply that as users of the product we're also a bad people, just for using the product.
That's usually the point at which I make use of the mute button with reckless abandon.
Anyway, all this reminds me of a great post by Nigel on Virtue Signals, it's a great read and was the impetus for me creating the draft in the first place.
Ultimately, if you feel strongly about not using a product, that's up to you. But trying to impose your views on others is not cool. Instead, why not try politely letting them know about your concerns in case they weren't aware, and then leave them to make up their own mind.
As far as Kagi is concerned, I didn't like it first time around, but I've been giving it another go for a few months now, and so far I'm really happy. I'll probably write a follow up post about that soon.
Thanks for reading this post via RSS. RSS is great, and you're great for using it. ❤️