<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Sep 25, 2024 at 2:19 PM Rob Landley <<a href="mailto:rob@landley.net">rob@landley.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 9/25/24 10:48, enh wrote:<br>
> On Wed, Sep 25, 2024 at 11:14 AM Rob Landley wrote:<br>
> > GitHub users are now required to enable two-factor authentication as<br>
> > an additional security measure. Your activity on GitHub includes you<br>
> > in this requirement. You will need to enable two-factor authentication<br>
> > on your account before November 07, 2024, or be restricted from account<br>
> > actions.<br>
> <br>
> So apparently I'm losing access to microsoft github on November 7th. I still<br>
> have <a href="https://landley.net/toybox/git/" rel="noreferrer" target="_blank">https://landley.net/toybox/git/</a> <<a href="https://landley.net/toybox/git/" rel="noreferrer" target="_blank">https://landley.net/toybox/git/</a>> but<br>
> that isn't particularly load-bearing.<br>
> <br>
> Anybody got any suggestions for an alternate git hosting service? I haven't<br>
> looked around recently.<br>
> <br>
> gitlab's even worse --- they wouldn't accept the phone number i use with github<br>
> for some reason, and suggest i give them a credit card instead.<br>
<br>
I asked on mastodon and got <a href="http://sourcehut.org" rel="noreferrer" target="_blank">sourcehut.org</a> suggested, haven't looked yet. We set<br>
up a local gitea for <a href="http://j-core.org" rel="noreferrer" target="_blank">j-core.org</a> a while back but never published it because it<br>
scales TERRIBLY (2 gigs ram per active connection!) Half of what github's used<br>
for is bugzilla, probably need to find one of those...<br></blockquote><div><br></div><div>before you give up on github, can't you use a security key for the 2FA? presumably you wouldn't have the same objections to that that you do to your phone number?</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Sigh, this should not be new. Back before the dotcom crash sourceforge was trying<br>
to handle this. (The geocities of this space.) You'd think in 23 years we'd<br>
have moved forward...<br>
<br>
> (Sorry, I've been really busy in tokyo. Fallen way behind on everything else.<br>
> I'm scheduled to fly back to the states october 1st and hope to catch up then.)<br>
> <br>
> since the last we heard from you before you went quiet was "i have covid again",<br>
> glad to hear you're okay!<br>
<br>
Part of the reason I fell into stunlock is we had a j-core todo list we were<br>
trying to get through while I was here, and then a week got taken out of it. (By<br>
what I initially thought was a mold allergy from all the water getting inside<br>
during the the typhoon. The nice room with the whiteboard had a window leak and<br>
water halfway across the conference table, all down the wall and into the rug...<br>
And my hotel was so damp inside the air conditioner started dripping onto the<br>
bed in the middle of the night and they moved me to another room...)<br>
<br>
Dunno if it was covid again, but it was a week of constant coughing, terrible<br>
sleep, and feeling like I'd been hit by a bus. I've worked through both weekends<br>
since then.<br>
<br>
Amusingly, <a href="https://news.ycombinator.com/item?id=41613786" rel="noreferrer" target="_blank">https://news.ycombinator.com/item?id=41613786</a> was generating traffic<br>
to the <a href="http://j-core.org" rel="noreferrer" target="_blank">j-core.org</a> website while we were trying to catch up, and we WOULD have<br>
pushed new stuff to the git repos already if we hadn't been behind schedule...<br>
<br>
Anyway, sorry for the radio silence. I haven't even been reliably locally<br>
updating my blog. Gonna be big holes in this month...<br>
<br>
I was trying to get out a toybox release when I got sick. I tested linux 6.11<br>
and a half-dozen different architectures were broken although some of them<br>
turned out to be qemu regressions since 7.0.0, and I've got patches for a couple<br>
others. On the toybox side I'd really really REALLY like to get the /etc/passwd<br>
and crypt() changes properly in this release (which requires moving the hashes<br>
to lib), but it's overdue enough I should cut one with what I have and then<br>
start working again...<br>
<br>
I have like 6 open reply windows with list emails I need to finish thinking<br>
about, and a bunch of notes that read like "somebody had an unshare flag combo I<br>
couldn't test on the old kernel and can now test on new laptop, dig that out of<br>
the list archive" where I've made work for myself by being insufficiently organized.<br>
<br>
And I have until the end of the month to move my email off gmail because they're<br>
doing their OWN "you can't keep doing what you've been doing" ultimatum with a<br>
date attached. But dreamhost wants to do everything through the web page (very<br>
hard to contact a human there any other way, and the MTU of some of their stuff<br>
does NOT like being connected to from tokyo...), but the real problem is it<br>
emails me a login link to the page to actually log in to it. Bit of a chicken<br>
and egg problem losing access to email in that case. In PRINCIPLE the move is<br>
straightforward (the button to change the DNS record to point to dreamhost's<br>
servers is labeled "make me regular"), but pushing it is fraught.<br>
<br>
(I should set up the email thing to fetch from and send through dreamhost's<br>
servers, send myself email there and confirm I can get it, and then move where<br>
new mail goes, and fish one last trawl through gmail's spam filter which can<br>
only be done via their web page. Except I strongly suspect if I sent myself<br>
email from dreamhost's server before updating the DNS, it'll go to gmail and I<br>
won't see it through dreamhost's mail sever pop3 fetch...)<br>
<br>
Once upon a time I used to run my own mail server. Greylisting handled like 95%<br>
of spam with a simple trick (which was WAY better than spamassassin, eldrich cpu<br>
hog). I didn't even mind server permitted from, it made sense. But then they<br>
started attaching cryptographic keys to DNS records and it got all bureaucratic...<br>
<br>
<a href="https://www.kickstarter.com/projects/mwlucas/run-your-own-mail-server" rel="noreferrer" target="_blank">https://www.kickstarter.com/projects/mwlucas/run-your-own-mail-server</a><br>
<br>
Sigh.<br>
<br>
Rob<br>
</blockquote></div></div>