nileshtrivedi

Light-weight Identity for the Web using Browser Sync and Push

(This is just a rough idea intended to trigger a discussion. Details need to be fleshed out for a proper evaluation.)

Signing up and logging into website continues to be painful. For a while, there were attempts like the Mozilla Persona project but those were discontinued and that has led to social logins gaining prominence, with all the concerns of centralization, privacy, surveillance etc as valid as ever. In fact, more and more websites are now adopting Google's One Tap login because the convenient UX is giving them better conversions.

However, some things have changed in recent years:

• Push notifications are now widely supported in browsers. This is relevant because one of the main reasons why websites insist on user registration is so that they can communicate with the users via email or phone when they are offline.

nileshtrivedi

WorldView

This is the idea for an app I have wanted to build for many years. This would be a database of personal beliefs (also known as a "Propositional Knowledge Base"), connected via logical arguments of various kinds: deductive, inferential and Bayesian. Any new facts you learn should update the certainties of the involved beliefs and propagate that through the graph. You could build a social network around it, giving all users a chance to learn from each other's worldview. This would also help one detect inconsistencies and contradictions. The challenge here is to allow local contradictions without blowing up the system as Principle of Explosion implies.

Related links:

• Probabilistic Graphical Models_ course on Stanford
• Automated reasoning software tools like Samiam
• Sentential Decision Diagram

nileshtrivedi

Raspberry Pi on Internet via reverse SSH tunnel

HackerNews discussed this with many alternative solutions: https://news.ycombinator.com/item?id=24893615

I already have my own domain name: mydomain.com. I wanted to be able to run some webapps on my Raspberry Pi 4B running perpetually at home in headless mode (just needs 5W power and wireless internet). I wanted to be able to access these apps from public Internet. Dynamic DNS wasn't an option because my ISP blocks all incoming traffic. ngrok would work but the free plan is too restrictive.

I bought a cheap 2GB RAM, 20GB disk VM + a 25GB volume on Hetzner for about 4 EUR/month. Hetzner gave me a static IP for it. I haven't purchased a floating IP yet.

nileshtrivedi

To bring some sanity to your twitter feed, add these words to your muted list here: https://twitter.com/settings/muted_keywords

Needless to say, this is highly subjective and may not be applicable to how you want to use Twitter. Many of these conversations are important, but I have those on other platforms, not Twitter.

Other people's likes

suggest_recycled_tweet_inline

suggest_activity_tweet

nileshtrivedi

The Composable Web Proposal

Serverless infrastructure like AWS Lambda and Google Cloud Functions have made it much cheaper for developers to offer server-side code for public consumption without keeping a server always running.

If these functions could be declared as stateless or deterministic, costs can be brought down even more because only the first invocation needs to be executed. Cached response could be returned for future invocations with the same input arguments.

All modern browsers support URL lengths of thousands of characters, even on mobile. A lot of data can be embedded and passed around directly in the URLs (instead of passing identifiers which requires a look-up which costs server time).

So here's a thought:

nileshtrivedi

HyperTrackCore.requestLocationPermissions(this, new LocationPermissionCallback() {
            @Override
            public void onLocationPermissionGranted() {
                // Handle location permission granted 
            }
​
            @Override
            public void onLocationPermissionDenied() {
                // Handle location permission denied
            }

nileshtrivedi

# This script can be used standalone
# So it doesn't depend on filesystem or Google Cloud for the credentials

from google.cloud import firestore
from google.oauth2 import service_account

key = 'your_credentials_json_string'

info = json.loads(key)
creds = service_account.Credentials.from_service_account_info(info)

nileshtrivedi

CREATE EXTENSION IF NOT EXISTS plpythonu;

-- plpython is untrusted. Access needs to be controlled carefully

CREATE OR REPLACE FUNCTION py_test () RETURNS varchar AS $$
  return 'hi'
$$ LANGUAGE plpythonu;

CREATE OR REPLACE FUNCTION py_create_ed25519_keypair ()
  RETURNS varchar[]

nileshtrivedi

Keybase proof

I hereby claim:

• I am nileshtrivedi on github.
• I am nileshtrivedi (https://keybase.io/nileshtrivedi) on keybase.
• I have a public key ASDS2qJDEl9_uy-LwMNZItAdCCU9ct2v6V57tlhS80cErgo

To claim this, I am signing this object:

nileshtrivedi

Programming: Mostly A Hate Story

I wanted to do digital signatures validation, preferably ed25519, inside PostgreSQL triggers. Here is how it went:

Surely pgcrypto must be supporting it, right? Most Postgres cloud hosting providers already support pgcrypto so this would be perfect. Right?

Well, pgcrypto only supports PGP and that too excludes digital signatures. Let's give PGP a try anyway and see how far can we go.

Installed gpg to generate the keys and the experience is less than pleasant. Sometimes it gets stuck at the passphrase prompt. The keys are too big, but still I can make pgcrypto's pgp_pub_encrypt and pgp_pub_decrypt methods work. Just remeber to convert keys in ASCII to binary and vice-versa using armor()/dearmor(). I hate the big key size in RSA, even though GPG defaults to 2048-bit keys and not the more secure 4096-bit ones. Let's look into ed25519 now.