How to Befriend Crows

  • December 28, 2022

Befriending crows is a wonderful thing.

I have many crow friends at home and at work. They bring joy at unexpected moments and can rescue a miserable day even without shaking down the dust of snow that Robert Frost described.

This thread is an updated version of one I posted at the bird site in July 2019.

I am extremely tempted to do this with my neighborhood crows, but I’m not entirely certain how my wife will feel about me bringing crows to the house all the time.

(By “not entirely certain” I mean, that I’m 100% certain that she won’t like it. I think that’s why they call it a murder of crows.)


Post to Mastodon v2.2 - Bug Fixes and Setup Questions

  • December 26, 2022

Another update regarding my Post to Mastodon Apple Shortcut automation, which is now at version 2.2!

Specifically, I’ve learned two things about Apple Shortcuts today:

  1. Their logic for input type sucks and is very buggy.
  2. You can set setup questions so people don’t have to edit the shortcut after they download it!

Both of these issues are now fixed in the latest version of the shortcut, which you can download directly right here.

The original post explaining the shortcut has been updated as well, and can be found here.


Post to Mastodon v2 Shortcut - Image Support

  • December 24, 2022

Yesterday I released an Apple Shortcut (macOS, iOS, and iPadOS) that will allow you to quickly post to your Mastodon instance. As you might imagine, it received a little traction on Mastodon including the following feedback:

A feature request already? Over the holidays?! I don’t have time to figure out…it’s done!

I present to you: Post to Mastodon Shortcut v2 - Now with Image Support

Note that is just supports a single image, with an optional message, or text alone as of today. I didn’t want to make it too easy to blast our Mastodon hosts with lots of high res images from Photos!

You will also need to do the same configuration as before:

Once you install the Shortcut you will need to edit it to add two things:

  1. The domain of your Mastodon server.
  2. The access token for the app you will need to setup in your Mastodon preferences

You can find the full instructions on the previous post, linked above.

Enjoy the shortcut and Merry Christmas!


Posting to Mastodon via Shortcuts

  • December 23, 2022

The best thing to come out of Elon Musk’s Twitter purchase (and then backing out of the purchase, and then purchase, and then massive layoffs, and allowing crazies back on Twitter, and whatever happened today) is that Mastodon has been so much fun! One extremely minor annoyance has been the lack of good Mastodon clients, and while TapBots is hard at work on that right now, it makes posting on Mastodon a little bit harder than it was on Twitter.

Read More

Mike Masnick: Why Would Anyone Use Another Centralized Social Media Service After This?

  • December 22, 2022

If you haven’t been reading Tech Dirt, and specifically Mike Masnick’s post tracking the Twitter saga and what it shows about social media and content moderation in general, you have been missing out on some fantastic and thought provoking writing.

Recently, Masnick is coming to the same conclusion that I am: I think federated social media (Mastodon, etc) might actually stick with the general public and if it does that would make things a lot better for everyone.

Masnick writes…

For years, whenever people talked to me about the protocols, not platforms approach to things, and asked about ActivityPub, I frequently downplayed it and brushed it off as less serious. My vision wasn’t about federation (where you basically have a large number of “mini” centralized players who can all talk to each other), but something that was truly decentralized, where you controlled your own data, and could choose who can connect to it.

However, with millions of new active users rushing into Mastodon, I’m forced to reevaluate that. I think I may have become too focused on what I saw of as the limits of a federated setup (putting yourself into someone else’s fiefdom), without recognizing that if it started to take off (as it has), it would become easier and easier for people to set up their own instances, allowing those who are concerned about setting up in someone else’s garden the freedom to set up their own plot of land.

Mastodon has been a lot of fun and it’s clear that despite a lot of the technology crowd hot taking that the average person won’t understand federation, it’s growing like crazy. I never bought in to the take that people can’t understand federation. Why? Because it’s how email works. When I was explaining Mastodon to my wife not long ago said:

“It’s like email. You can sign up for Hotmail, I can sign up for Yahoo mail, and we can both talk. If Hotmail dies, you can go sign up for a Gmail account and after a brief bit of annoyance moving things over you’re all set.”

“Ah. Ok.”

That was it.

And then, the more I thought about it, the more I realized that it was likely bigger players would enter the market as well. I’ve started wondering about when Mastodon/ActivityPub might have its “Gmail moment.” Some people may not remember, but Google entering the webmail space on on April 1, 2004 completely upended the concept of email. It was so different and so much more useful, that many people legitimately thought it was a classic April Fool’s joke. Prior to that, you either had clunky email from your ISP or you used a slow and complicated webmail provider that would charge you if you used more than 10Mb of storage. And then Gmail showed up with a clean interface, that focused on tags (rather than folders) and drag and drop and (gasp) 1 gig of storage. And the entire email space changed overnight.

Yes, I think it’s a given at this point that if this growth continues someone will come long and be the Gmail for Mastodon. It’s natural, but as long as the federated protocol remains, the choice and the freedom (both in “speech” for the creators and the hosts) stays intact. I’m also very excited to see what other apps and platforms adopt the Activity Pub protocol.

Long link post short: Mastodon has been a lot of fun. You should check it out, if you haven’t already, and you should come say hi: @[email protected]


Tesla Stock Suffers Worst Week Since 2020

  • December 16, 2022

Tesla Inc. shares Friday wrapped up their worst week since 2020, as Chief Executive Elon Musk sold billions in stock and faced a call from a prominent investor to step down from the helm of the electric-vehicle maker.

The recent sales have seemed tied to Musk’s acquisition of the social-media platform Twitter, which he bought for roughly $44 billion this year. It is the second time he has sold stock since closing that deal in October.

@specificmikeflynn #stitch with @klwtts …maybe you need to click all four buttons at once? #elonmusk #twitter #tesla ♬ Aesthetic - Tollan Kim

The Elon Twitter Train Wreck Continues

  • December 16, 2022

No one can keep up with the train wreck that is Twitter, and frankly I don’t want to. I did want to briefly comment on this item though:

Twitter suspended the accounts of more than half a dozen journalists from CNN, the New York Times, The Washington Post and other outlets Thursday evening, as company owner Elon Musk accused the reporters of posting “basically assassination coordinates” for him and his family.

The Post has seen no evidence that any of the reporters did so.

There’s more coverage of this from basically anywhere you can possibly think of, but I think it’s important to remember the first rule of Elon Musk:

Don’t take anything he says seriously.

He doesn’t actually care about free speech. He doesn’t care about bots (remember when we used to talk about bots on Twitter?). He doesn’t have the solution to full autonomous driving. He doesn’t want to dig tunnels under Los Angeles. He doesn’t want to build a competitor to The Onion.

He didn’t event want to buy Twitter.

He bought Twitter when he was forced to (laws are such a drag), and now it’s his. Things don’t seem to be going well, so when people start talking about how he wasn’t paying his bills, he kicked off a bunch of journalists so now no one is talking about how he’s late with the rent.

He bought it, and he can ruin it if he wants to. Don’t fall for his static generator. Come join me on Mastodon!


Hacking an Aqara Door Sensor into a Dead Bolt Sensor

  • December 12, 2022

Here’s an exciting home automation project for you: Can a door sensor work as a way to tell if a door is dead bolted? Yes…but do you have any paperclips? I’m a big fan of home automation, especially since working from home, and I’ve been experimenting with the Aqara sensors. Their door, temp, water, and vibration sensors all work great for me, but what I really need is a way to check if the back door of my garage is locked.

Read More

Bret Taylor steps down as co-CEO of Salesforce

  • November 30, 2022

Bret Taylor, whose career in tech can only be described as prolific, has stepped down as co-CEO of Salesforce.

Salesforce said Wednesday that Bret Taylor will step down as co-CEO on Jan. 31, leaving Marc Benioff alone again at the top of the cloud software company he co-founded in 1999.

Benioff closely embraced Taylor, who joined the company in 2016, when he sold his productivity software startup Quip to Salesforce. … His departure is surprise considering how rapidly he climbed the ranks and gained the trust of Benioff and the board. Two months ago, Benioff and Taylor were speaking together on stage at the company’s Dreamforce conference in San Francisco. … The announcement also calls into question Benioff’s ability to work alongside someone with an equal title.

I Gotta Feeling that Benioff is already working on his next co-CEO: Does that make any sense? Of course not! But that rarely stops any technology company getting involved with, so why start now?


Where are the Passkeys?

  • November 30, 2022

David Sparks, of MacSparky, is wondering where his passkeys are now that iOS 16 and macOS Ventura are out.

With Apple’s latest round of updates, we’ve got a new password feature that lets your computer manage passwords for you in the background. … I’m curious, however, as to when Passkey websites will start showing up. So far, I’ve seen none. For this to work, websites must adopt some new backend technologies, and everyone is now waiting for that to happen. Are website developers untrusting of the new technology? Do they want to see others figure it out first? Do they need the budget for these changes? I expect it is all of the above.

I don’t think developers as a whole are distrusting or in need of inspiration when it comes to implementing passkeys (aka WebAuthn), but there are good reasons why we didn’t see the market flooded with passkey announcements.

Here are my theories speaking as both a developer, and someone who is responsible for a product pipeline:

1. Security is hard and should be adopted slowly.

Every app has password authentication code, and rarely does anyone want to mess with it if it’s working and secure and that’s a good thing. Security should move slowly so it’s been vetted and is ready to go before it’s out there in the world protecting your banking account.

That’s not to say that PassKeys / WebAuthn is some new bleeding edge tech. It’s not. In fact how it works is very familiar to developers who use SSH keys, but the web or app implementations are new and it’s good that no one is rushing it.

2. Waiting on libraries and browser support.

It sucks to release a feature that isn’t supported everywhere. It’s huge that Apple has gone all in on this, but they aren’t the only player and there needs to be some catch up with other browsers, platforms, and apps for things like passkey synching.

Same with web and app libraries that developers use to implement technologies like this. Libraries are important as you can’t expect every small app or web site to write their own implementation. There are some WebAuthn libraries, actually there are a ton, but once the community rallies around one or more of them and polishes them to the point where implementation is easier you’ll see adoption rise.

3. It doesn’t replace legacy password code.

Let’s say you and your development team spend some time and implement a fantastic implementation of PassKeys for your app. Can you get rid of the old password code? No because of people with legacy accounts…or because some people don’t want to use PassKeys…or even more people have never heard of PassKeys. That means you need to have the old password code, and the new PassKey code, along with a new flow so that users can use either route, and probably some UI to explain PassKeys, oh and you’ll need a path to convert a password user to a PassKey user. Anything else? Probably!

The point is that PassKeys are additive for every app out there and that means even more work and more support than just adding PassKeys.

4. It’s the end of the year.

PassKeys are cool, but do you know what’s cooler? That feature that your users are dying for that might make you more money. PassKeys aren’t going to the the focus because of all the other reasons above, but especially because right now the devs are crunching to the new feature that someone wants out “by the end of the year”.

Don’t worry, David. PassKeys and WebAuthn are coming, but it’s going to be slow and that’s a good thing for everyone.


The Hacking Humble Bundle

  • November 29, 2022

No Starch Press has once again worked with Humble Bundle to release a Hacking bundle which is a hell of a deal and raises money for a good cause.

We’ve teamed up with No Starch Press for our newest bundle! Get ebooks like Hacking APIs, Bug Bounty Bootcamp, and The Hardware Hacking Handbook. Plus, your purchase will support National Coalition Against Censorship!

On a side note, how does every one collect, search, and read ebooks? I’m a sucker for these bundles, but I haven’t found ebook software that really works for me to curate my ebook collection and read them across my devices.


We Have Link Posts Now

  • November 28, 2022

Going forward there will be a new post type on C33: The Link Post.

This change won’t make much of a difference to readers, but will allow me to post more frequently and comment on various items that aren’t worthy for a full post.

Link posts will show on the home page (but not in related or featured story lists) and their headlines will link out to the external referenced source. For example, this post links out to the excellent, but still on sabatical,’s link archive.

That is all. Expect more of these kinds of posts going forward!