Feuerfest

Today I read a post on LinkedIn (in german) who was criticising that too few IT people speak about their opinions, their views, their stances on various topics. Who was sad that so much Know-how and stories from real projects were left untold.

And I must admit that, at first, I didn't understand what he meant. I was all like:

"What is he talking about? I read a dozens or so post each day from (former) colleagues, people I met on various IT or CCC events or whom I just happen to follow which are highly political. Or taking a technical deep dive on some obscure technology (sometimes even from the 1970s) in which they have taken an interest. I don't get his point."

Only then I happen to realize: Did he solely refer to LinkedIn?

And that explained a lot. Regerettably I must admit: Instantly I had severel prejuicides against that person.

This lead to my writing the following two comments (which I translated into english):

I have to disagree. The IT bubble, at least the one I'm in, is very political. But not on LinkedIn, because that's completely the wrong place for many people. I also had this experience myself when I was researching the status of various alternatives to Google apps for Android mobile phones and noticed how many Russian open source developers have suddenly gone completely silent in the last 3-4 years. Before, the GitHub activity bars were a bright, lush green. Regular posts in the XDA Developers forum, etc. and then, from one day to the next: Nothing. Silence. Completely.

I wrote about it here on LinkedIn. Made a reference to the Ukraine war and Russian recruitment for their war of aggression. And yes, I also got carried away with a ‘4-letter-word Putin!’. (Note: I meant "Fuck Putin!" which I obviously couldn't write again on LinkedIn.)

The result? Less than 10 minutes later, the post was set to invisible. I objected twice, but each time I was automatically rejected by the system.

So sorry, but if you want to see the politically active IT scene: Get out. Get out of the silos of a Silicon Valley tech company. Into the private blogs, into the Fediverse.

I also have a private blog. I'm generally not very reserved with my private opinions. And fortunately, I've received much more praise and recognition for this than criticism.

But not everyone has this luxury. Many companies have very strict social media guidelines on how I am allowed to appear as an employee of a company. And there are judgements that say that simply mentioning your employer in your profile means that these rules apply and you have to comply with them, as you are no longer 100% private.

And some people simply don't want to express their political opinions under their real name. Be it for protection or because they value privacy.

In addition, many IT professionals have a very well-founded (and justified) aversion to so-called social networks. Their content is too soft. Too auto-moderated. Too undemocratic when it comes to appeals against content offences, TOS, etc.

Plus the fact that many networks like LinkedIn are perceived as nothing more than business horseshow (which, unfortunately, it often is).

Yes, LinkedIn is not a good platform if you are interested in IT. For that I recommend the various blogs, Fediverse accounts, some forums (if they are still alive), Newsgroups (if they are still alive) and IRC channels (if they are.. You get the gist..).

Why?

1. IT people are technical, they dislike business mumbo-jumbo and attention farming. They want to write a text about something they care about and discuss it with like-minded individuals. LinkedIn is the completely wrong platform for that.
   • Also, technical content on LinkedIn gets far fewer views, interactions, etc. Believe me, I can see the views here in on my blog and for my content on LinkedIn.
   • Well, yeah, because IT people usually don't like automated feeds that they can't configure. It's much more enjoyable to look in your RSS reader and see which one of the blogs you follow has posted something new.
   • Would you write huge technical texts on LinkedIn knowing that your audience is on a completely different platform? You wouldn't. That's why I blog here and just do a post on LinkedIn to redirect a few people from LinkedIn towards my blog.
2. IT people are generally very prejudiced towards social networks operated by commercial companies. They are well aware of the downsides of Facebook/Meta, Twitter/X, Google Plus, Instagram, TikTok and yes - also LinkedIn. That these networks are about as far away from a democratic platform as you can get. That moderation is largely automated with no chance of "getting a human on the line". Why should we make ourselves dependent on that?
   • LinkedIn doesn't even provide a button to copy the link from a post into your clipboard! All actions are aimed at keeping people on LinkedIn. LinkedIn/Microsoft don't want you to drive people away from LinkedIn! And IT people seriously hate silos and gatekeeping.
3. Many companies have social media guidelines that make it impossible to engage in meaningful conversations about sensitive topics.
4. IT people value their privacy. If they have a LinkedIn account, it shows their real name and employer. And maybe they don't want a connection between the two.
5. Some may see blogging as a hobby that they do in their spare time, so they stay away from LinkedIn.

And there are maybe more points I forgot to mention..

It happened again. Someone asked an LLM a benign technical question. "How to check the speed of a hard drive?"

And the LLM answered!

Only the human wasn't clever enough to understand the answer. Nor was it particularly careful in formulating the question. Certain details were left out, critical information was not recognised as such. The human was too greedy to acquire this long-sought knowledge.

But... Is an answer to a thoughtlessly asked question a reliable & helpful one?

The human didn't care. He copy & pasted the command directly into the root shell of his machine.

The sacred machine spirit awakened to life and fulfilled its divine duty.

And... It actually gave the human the answer he was looking for. Only later did the human learn that the machine had given him even more. The machine spirit answered the question, "How quickly can the hard drive overwrite all my cherished memories from 20 years ago that I never backed up?"

TL;DR: r/selfhosted: TIFU by copypasting code from AI. Lost 20 years of memories

People! Make backups! Never, ever work on your only, single, lifetime copy of your data while executing potentially harmful commands. Jesus! Why do so many people fail to grasp this? I don't get it..

And as for AI tools like ChatGPT, DeepSeek & others: Yes, they can be great & useful. But they don't understand. They have no sentience. They can't comprehend. They have no understanding of syntax or semantics. And therefore they can't check if the two match. ChatGPT won't notice that the answer it gives you doesn't match the question. Hell, there are enough people out there who won't notice. YOU have to think for the LLM! YOU have to give the full, complete context. Anything left out will not be considered in the answer.

In addition: Pick a topic you're well-versed in. Do you know how much just plain wrong stuff there is on the internet about that subject? Exactly.

Now ask yourself: Why should it be any different in a field you know nothing about?

All the AI companies have just pirated the whole internet. Copied & absorbed what they could in the vague hope of getting that sweet, sweet venture capital money. Every technically incorrect solution. Every "easy fix" that says "just do a chmod -R 777 * and it works".

And you just copy and paste that into your terminal?

If an LLM gives you an answer you do the following:

1. You ask the LLM to check if the answer is correct. Oh, yes. You will be surprised how often an LLM will correct itself.
   • And we haven't even touched the topic of hallucinations...
2. Then you find the documentation/manpage for that command
3. You read said documentation/manpage(s) until you understand what the code/command does. How it works
4. Now you may execute that command

Sounds like too much work? Yeah.. About that...

I switched to a new blog theme. While Solen was great, I didn't like the mandatory article images. It just makes no sense to search for the 20th "Code lines displayed in some kind of terminal or IDE" image for a blogpost. Also the overall look & feel was a bit too much "early 2000s". I wanted something that looked a bit more refined. More clean.

Browsing through https://themes.bludit.com/ I found the Keep It Simple-Theme. Only that it was last modified in 2020 for a 2.x Bludit version, while we are now at 3.16.2. 

Luckily only a few modifications were needed and I finally took the time to create a separate Git-Repository for my theme modifications. Have a look at if you want to use it too: https://github.com/ChrLau/keep-it-simple

Although it contains some CSS changes, but I kept the original CSS in via comments so it should be rather easy to switch back. The changes mostly affect colours, blockquotes, fonts. Not the general layout, hence incorporating updates from the original StyleShout template should be easy.

Some minor tweaks are still coming, as I still have to check mobile & widescreen support and I want a different font used in blockquotes. The current one merriweather-italic doesn't look good as the vertical alignment is too uneven for my liking. Especially the letter "e" is too high and gives every word with an "e" a somewhat strange look.

But in general I am happy with the current look & feel.

I mean, the W3 Validator still isn't completely happy, but there are some things I can't fix directly and the only option I have is to open a pull request: Bludit: Fix canoncial links in siteHead plugin. Sadly alt-tags for images are also not possible and the corresponding Issue in the Bludit repository is closed since 2022 as "this will be fixed with Bludit 4.x". Meanwhile we are still at Bludit 3.x, a 4.x branch doesn't even exist and development really slowed down and there isn't much activity from the only developer. I seriously hope these are not bad omens..

Also no activity on my Cookie security issue Enhance cookie security by setting samesite attribute and adding __Secure- prefix to sessionname (Bludit issue 1582) and at least one unpatched Stored XSS does exist: Bludit - Stored XSS Vulnerability (Bludit issue 1579).

Let's just hope the best for now...

gethomepage.dev: https://gethomepage.dev/assets/homepage_demo_clip.webp

homepage (GitHub) - the dashboard I use to keep an overview of all the services I run in my LAN released their 1.0 version yesterday on March 14th 2025.

With that they introduced a new parameter to limit which hosts can show the dashboard. I haven't yet read about why this was introduced, but it's fixed quickly.

As Watchtower does all the maintenance work for the containers running on my installation of Portainer I was already greeted with the following error message:

In the logfile for the container running homepage I saw the following error:

[2025-03-15T16:54:13.497Z] error: Host validation failed for: portainer.lan:3000. Hint: Set the HOMEPAGE_ALLOWED_HOSTS environment variable to allow requests from this host / port.

As I don't use a separate IP or hostname for the dashboard and just forward the port 3000/tcp towards the homepage-container I access it using the hostname of my Portainer host. Therefore this message makes sense.

Luckily the documentation for the newly required environment variable is already on their homepage: https://gethomepage.dev/installation/#homepage_allowed_hosts

Armed with this knowledge we can change the stack file (Portainers term for a docker-compose file - not to be confused with the docker swarm command docker stack) and introduce the HOMEPAGE_ALLOWED_HOSTS parameter. I added the IP-address too, in case the DNS servers in my LAN should stop working.

services:
  homepage:
    image: ghcr.io/gethomepage/homepage:latest
    container_name: homepage
    ports:
      - 3000:3000
    environment:
      HOMEPAGE_ALLOWED_HOSTS: 192.168.178.21:3000,portainer.lan:3000
    volumes:
      - /opt/docker/homepage.dev/config:/app/config # Make sure your local config directory exists
      - /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations
      - /opt/docker/homepage.dev/icons:/app/public/icons # icons, reference as /icons/picture.png in YAML

After that just hit the "Update the stack" button and it's working again.

Photo by Jonathan Cooper: https://www.pexels.com/photo/animals-head-on-exhibition-9660890/

For years Mastodon had one prominent missing feature. You wouldn't see all replies to a toot (that's the term for "Tweet" in the Mastodon world) because of the federated nature of Mastodon. There were exceptions, but in general it means that you have to open the post on the Mastodon instance it originated from. Only then you would be able to read all comments.

Naturally this feature was sought after for years. One GitHub issue was opened in 2018 (Mastodon #9409: Fetch whole conversation threads).

Now it seems the biggest technical part has been resolved! In Mastodon #32615: Add Fetch All Replies Part 1: Backend user sneaker-the-rat did all the basic work to incorporate that functionality into the backend of Mastodon. And while he mentions that there is still work to do the Mastodon community so far seems happy that this issue is finally getting fixed providing a much smoother experience for everyone.

Photo by Tima Miroshnichenko: https://www.pexels.com/photo/a-computer-monitor-5380589/

Algorithm: Yo, look here! On the start page! A recommendation for a movie/video/song/article from a genre you've never watched/listened to/read! But it's one of our own productions!

Algorithm: Or content you've already consumed 4 weeks ago. You surely like to re-consume it again while that memory is still fresh, right?

Algorithm: On the other hand we have content you rated with a "Like" years ago. - But we completely ignore your recent interests and likes when proposing those.

Me: Uh, where is the notice about this new piece of content, which was released today, from the series I'm watching since months and always consume each new part directly on the day of its release? Do I really have to use the search?

Algorithm: Uh.. Can I interest you in some World War documentation?

*sigh* Every. Single. Time.

Folks! Don't declare your algorithm helps users finding new interesting content, when all it does is advertising.