I came up with a really slick trick to write E2E tests that deal with sending/receiving emails recently. This is the sort of thing that seems like it's probably usually sort of a nightmare — I wanted to write a test for registering a account on a website, where part of the flow was clicking on a validation link in a email.| Wesley Aptekar-Cassels
Many javascript projects have install instructions recommending that people use a CDN like jsdelivr or unpkg to include the code on their website. This has the advantage that it's quicker to get started with, and it's often claimed to load faster. However, it also has downsides when it comes to privacy, security, and systemic risk, and it may actually be slower in some common cases. Here are some reasons not to use a javascript CDN, and some alternatives to consider instead.| Wesley Aptekar-Cassels
Signal uses a protocol called "Extended Triple Diffie-Hellman" (X3DH) for key agreement1. This essentially takes standard Diffie-Hellman key exchange, and enables it to be used where one party may be offline while they're receiving a message, while providing forward secrecy. While the paper clearly explains how to implement X3DH, the why is slightly less clear. In this post, I'll briefly explain how X3DH works, then investigate what security property each of the steps involved is aimed at pro...| Wesley Aptekar-Cassels
A common identity scheme for websites is to give users pages like example.com/username. Twitter, Instagram, Twitch, Pinterest, and many other websites use this model. Reddit, TikTok, Mastodon, Lobsters, and several others use a slightly more conservative version of this, with a prefix (either @ or u/) before the username.| Wesley Aptekar-Cassels
I've long been interested in the decentralization of computing and communication in general, and of the web in particular. The trend of communication and information becoming more and more centralized in large corporations is worrying and worth fighting against, particularly from the perspective of systemic risk. I think it even makes sense in many cases to trade efficiency for resilience, by way of decentralization. How does "web3" do on these axes?| Wesley Aptekar-Cassels
If you were creating a web app from scratch today, what database would you use? Probably the most frequent answer I see to this is Postgres, although there are a wide range of common answers: MySQL, MariaDB, Microsoft SQL Server, MongoDB, etc. Today I want you to consider: what if SQLite would do just fine?| Wesley Aptekar-Cassels
Bluesky is a purportedly-decentralized social media company that spun out of Twitter, beginning in 2019. It makes sense that people are hunting for new social media platforms right now — Elon Musk's disastrous takeover of Twitter has demonstrated how fragile relying on private VC-funded companies is for something so critical as communication infrastructure. BlueSky's answer to this is that they are decentralized — thanks to the AT Protocol, anyone can run a server. Unfortunately, it's dec...| Wesley Aptekar-Cassels
Do you administer a Mastodon instance? Is it falling over all the time now because it's running out of disk space because everyone is joining the network? Here is a quick PSA: tootctl media remove does not remove all the remote media. It removes all remote media more than 7 days old. It used to be that, on the server that I run, recurse.social, that would leave a handful of GB of media. Now it's more like 25GB of media. If you don't want to have to resize your server to deal with the peak of ...| Wesley Aptekar-Cassels
I've been doing a bit of work cleaning up the CSS on this blog in the past couple days — the CSS is from a template that I copied more than five years ago at this point, and it was pretty crufty even when I first got it.| Wesley Aptekar-Cassels
I've recently started having issues with the USB stack on my Linux laptop getting itself wedged. Rebooting fixes the problem, but I'd rather not have to reboot, so I looked into ways to reset the USB stack without needing a reboot. Almost all of the answers on the internet about how to do so either do not work on modern Linux systems, or did not reset at low enough of a level to fix the specific problem I was having.| Wesley Aptekar-Cassels
This is part six of my series on SNES development. You may want to start with the first post.| Wesley Aptekar-Cassels
This is part five of my series on SNES development. You may want to start with the first post.| Wesley Aptekar-Cassels
This is part four of my series on SNES development. You may want to start with the first post.| Wesley Aptekar-Cassels
I've used NixOS as the only OS on my laptop for around three years at this point. Installing it has felt sort of like a curse: on the one hand, it's so clearly the only operating system that actually gets how package management should be done. After using it, I can't go back to anything else. On the other hand, it's extremely complicated constantly changing software that requires configuration with the second-worst homegrown config programming language I've ever used1.| Wesley Aptekar-Cassels