So when the whole cookie acceptance buttons came in I pretty much ignored them and accepted everything, I think like most users of the internet. Ignorance is bliss, yes?
Anyway for reasons I do not understand over the last week I have been doing the exact opposite and taking time to reject as many cookies as possible when I get to a site. And my experience has been interesting.
Some sites are very open, transparent and make it easy to reject all cookies. Just click on options or cookie settings and press reject all and then save. The site works as usual and you would never know the difference. But from my anecdotal evidence they are actually in the minority.
Some sites make it incredibly difficult to get to the cookie options to allow you to reject anything. In fact on one site I visited the only option was to accept the cookies. I could find no other options, so I left the site.
Other sites have a very small button to take you to the options, but they are there. Once you get there the buttons for each type of cookie are defaulted to reject and you just have to press save and exit. And that is where the first problem hits you. The accept all cookies button is a big green button (Usually) but the save options button to reject them is normally just the word Save in the same font as the text with no obvious button or link. They do however work.
One of the worst sites I visited had a tiny link to get to you cookie options which was smaller than the normal text. And then when you get to the options all of the cookie types are dfeaulted to accept. You have to go through each option and change it. But they were not simple check boxes, that would be too simple, you had to drag the option from the accept to reject for each cookie option.
At the end of all of this I wondered what the experience of these cookie acceptance forms were for those internet users having to use assistive technology, can’t be easy to get through this shit.
So the first step in my new little project is to get a Matrix Homeserver up and running. Without one I can not start to build a client for it. So the only real choice with this was to use Synapse a Python based server. To do this I wanted to build it locally so that I can play and not interfere with anything else on the internet.
The ansible-docker playbook was too tempting for me to avoid so I thought I would start with that as it covered everything you would want to install to get things fully functional. Because I was trying to run this on my local machine and not on a server I had a few problems with this, the first of which was the version of Ansible I had on my laptop. I got quite far through the process and then hit a problem with certbot not being able to provide a certificate because it was unable to register. Now this had taken me a while to get this far and I suddenly realised I did not need the all singing all dancing implementation. 1 Because the project was supposed to be fun and the fun had stopped and 2 I was trying to build a client for the Homeserver and did not need everything else to do that, so I stopped on that track and just decide to install Synapse on its own locally.
This was as simple as following the instruction on the github repo for synapse. Once you have installed the pre-requisites you can get a prebuilt package. So I had Synapse installed (but not running) in a matter of minutes. Ran the config generator and started the server with zero problems ( Ok that’s a Lie. I had a mistype in one of the filenames). I then check on the local server to see if it was running.
So my next step was to create a user, again using the instructions from the github repo and I had a user. Now I have no idea what to do with it. The next stepis to learn the API and see if I can hack together a client of some sort.
Well I am assuming they are script kiddies, could be anyone really. I just can’t imagine a serious security professional doing what some people appearing to be doing to my poor little Raspberry PI.
I took a cursory glance at the Apache logs for my Raspberry PI which is happily responding to web requests. The vast majority of the requests were just attempts to identify known vulnerabilities in different frameworks/languages etc. The old version would have been war dialling I suppose.
So I have decided to start a new open source project to build a communication platform for any type of organisation. Think Slack but simpler and perhaps a bit more focused on a niche.
At first I thought of taking the same kind of approach as Slack and just basing everything off IRC and putting a nice facade over the top, but then that is simply doing the exact same thing, which is a bit boring really. I did go down the route of setting up an IRC server and writing a few scripts to automate the joining of channels and accepting of messages etc., but why re-invent the wheel when Slack have done such a good job.
I then thought I could do something similar to my day job but then you get into all sorts of problems with IP rights and source code.
So instead I am going to look at doing it using the work done by Matrix. Which will provide me with a couple of things really useful to a new project:- 1. It is a fairly new piece of technology so I will be learning something new. 2. All of the communication infrastructure code has been written I can do a Slack and just piggy back off it. 3. I have no idea what I am doing, which is always a great place to start.
I am going to keep this blog updated with the progress, if I make any at all.
And to comments on blog posts. This blog was not intended as any form of experiment on this but in two years of this blog being active I have created a massive 14 blog posts. Those 14 blog posts have generated 15000 comments. That is an average of over 1000 comments per post.
How many of those comments are spam? Well as I am writing this little rant I have Akismet running in the background filtering out the spam. But my guess is that they are all going to be Spam.
So the other day I was writing some code and needed to know how to do an efficient subquery using eloquent in Laravel. So I dig out a book, which did not really go into enough detail for my needs so I do an internet search.
The first entry in the results was essentially a copy of the details I could find on the Laravel docs but with less detail. So I go to the second record, which is exactly the same as the text on the first. So I try the third and guess what, exactly the same as the first two. I did ask myself why people do this but then I realise it is to get the ad revenue. Bloody useless and Bloody annoying.