Álex Córcoles (coding)

My "production stuff" is listed at https://github.com/alexpdp7/alexpdp7/blob/master/README.md#other-usable-projects-of-mine

AI is not inevitable. Nothing in human societies is inevitable because we design them. Healthcare can be free for the public. Books can be bought instead of bombs. Universities can be free for students, and they can even receive a stipend to live off. Don't let companies dictate the future.

Read more in section 3.2 here https://doi.org/10.5281/zenodo.17065099

ALT

Twitter is turning 20 years old this month and we are slowly starting to have a debate about social media regulation (in the form of age restrictions).

I’m looking forward to discussing if and how we should regulate generative AI around 2045.

May this serve as a corrective for all of us who have apparently been mispronouncing Google chatbot's name. (sound on)

Support for macOS guests is coming
https://github.com/lima-vm/lima/pull/4595

Two trends in online commenting that make your message much less effective to me:

SOTA: yes, state of the art is catchy, but it always has been a buzzwordy flourish. "Best" works equally well, it's not an acronym, and everyone knows it.

"Load-bearing" or "this word|sentence is doing a lot of work". A clever way of saying something is only clever while it's rare. It just tires me. Get to the point; don't classify, jump straight to the explanation.

Pick the best fallacy

More IRCv3 on Libera! https://libera.chat/news/new-and-upcoming-features-3

When you use shells such as bash (or any other terminal tool that uses readline), there is a magic day when you learn about ctrl+r for incremental search of your history.

Today, I have learned that when you are in a command from history and press ctrl+o, it executes the command and selects the following command in history.

(Unfortunately, IPython has another thing bound to ctrl+o :(

Every time I install a new piece of infrastructure for my homelab as part of becoming more independent from Big Tech, I see a hint on the homepage of that new piece of infrastructure that mentions they received sponsorship from @nlnet almost as if NLNet has been silently preparing Europe for #DigitalSovereignty with Open Source projects ;) I like!

Also not happy that with a Python ssl.SSLSocket, the following code causes issues:

socket.context = ...
socket.context.x

while the following code works:

context = ...
context.x
socket.context = context

sudo ss -a sport $PORT -K

^^ this command seems to work when you're iterating on a network socket daemon and the port is busy when restarting the daemon.

The thing is, there's a big difference between code written by someone who doesn't know what they're doing versus code written by someone who doesn't care about what they're doing.

I rarely venture outside the comfort of the Apache HTTP Server, because it covers most of my needs. (Including automatic Let's Encrypt certificates!)

However, I just needed to run a "personal" configurable HTTPS reverse proxy and decided to try Caddy. You can download Caddy as a self-contained binary and configuration is quite minimalistic.

I still recommend Apache, but I now recommend Caddy for specific scenarios.

Hmmm, apparently QEMU has support for the confidential computing extensions from Intel/AMD. So maybe you would be able to run a tilde and enable people to run small VMs that could not be snooped/tampered with even with root on the host.

I think no one cares about this, but I think it's pretty cool and it would expand what one can do in a tilde.

Exactly one year ago, on 30th December 2024, I laid the foundation of FediMeteo.

I took a VM, installed FreeBSD, and set up the first jail to support Italy. The goal was to create a tool for my own use, support a few countries, and announce it.

Unexpectedly, the enthusiasm was incredible. That pushed me to keep going, support more countries and cities, and turn it into what it is today.

FediMeteo now supports 38 countries and 2,937 cities, with more than 7,700 followers in the Fediverse alone, not counting the many people who follow via RSS feeds or visit the web pages.

If you are curious to read the story and some technical details, you can find it here:
https://it-notes.dragas.net/2025/02/26/fedimeteo-how-a-tiny-freebsd-vps-became-a-global-weather-service-for-thousands/

Today is also Tuesday, a #ThankYouTuesday, so I want to say thanks to:

* OpenMeteo - @openmeteo - for providing accurate, high quality data, without which FediMeteo would be far less useful

* @grunfink - creator of snac, who made all of this possible using very few resources, on a 4 euro per month VM

* FreeBSD, which thanks to the efficiency of the OS and its jail implementation made it possible to run this service in a stable and efficient way with minimal effort

* FediFollows - @FediFollows - that periodically spreads the word about cities, countries, and the enthusiasm around the project

*All of you*, who suggested, encouraged, corrected, and celebrated this project

And forward toward supporting more countries and other interesting features already in the works.

Happy birthday, FediMeteo! 🎉

#FediMeteo #HappyBirthday #Meteo #Weather #FreeBSD #snac #snac2 #OpenMeteo #Fediverse

In a previous job, I joked about people wanting to increase Nagios check_ping thresholds to over five seconds to reduce the volume of alerts.

I replaced Tinc with Wireguard, and I think *I* misconfigured something, but I am seeing some bizarre ping metrics from check_ping, I think the biggest one has been 17.5 seconds.

(Running check_ping in a Germany datacenter to a wireless access point in Barcelona in a domestic ISP connection through Wireguard.)

Oh, nice, seems that @tonofcrates started working on Bene again two months ago!

Demo: https://nota-lang.github.io/bene/?preload=portable-epubs.epub

As I'm against paged documents, glad to see this moving forward!

Having some thoughts about coercing PostgreSQL logical replication into a system for real-time UIs:

https://gist.github.com/alexpdp7/af4cadef3a27bbae7827b4884aed1242

(Curious about "provable" reasons why this is a horrible idea.)

RE: https://infosec.exchange/@tychotithonus/115789615747200172

Raskin’s First Law (emphasis mine):

A program may not harm a user’s data or, through inaction allow a user’s data to come to harm.

If you want people to trust your software, read that law and fully internalise it.

RE: https://hachyderm.io/@fasterthanlime/115730529166857536

For a little bit of historical context: the GitHiub Actions Runner is a fork of the Azure Pipelines Agent. The back-end infrastructure is similar. Azure Pipelines had some nice features that GitHub lacks, such as the ability to trivially connect an Azure Scale Set to dynamically control runners, but it also charged you for self-hosted and hosted runners.

The simpler (and cheaper) pricing was a big part of the reason that even internal teams moved off Azure Pipelines and onto GitHub.

GitHub Actions charging per build minute for *self-hosted-runners*? Shit's about to hit the fan lol

ALT

Self-hosted GitHub Runners were too good to be true. One of my main reasons to defend GitHub usage is gone. https://github.blog/changelog/2025-12-16-coming-soon-simpler-pricing-and-a-better-experience-for-github-actions/

It has been zero (0) days since trying to use my Google Titan security key with Google Chrome to access Google Meet has locked me out of a therapy call because the "device is not supported".

As a security nerd I really, really want to be on board with extensive 2FA and passkeys, but as an actual human being who is constantly getting locked out of their accounts because of totally inscrutable 2FA errors, I honestly want to go back to Just Long Passwords, Please.

Going to all the effort to MITM an Android app and then discovering it's just a webview and I can just get everything I need from Chrome devtools