I just successfully performed concussive maintenance on a recalcitrant smart speaker.

Me: Hey Siri, play music for me.

HomePod: Here is some music just for you… Sorry, there was a problem with Apple Music.

Me: bops the HomePod in frustration

HomePod: Here is some music just for you… 🎵🎵🎵

Me: That worked?

(If I asked it other questions, like “Hey Siri, what’s my next appointment?”, it’d correctly answer with my personal information. It only affected Apple Music.)

I’m not a huge fan of OSI — I prefer my software Free — but their idea of Open Source is the only one I’ll accept. I’m frustrated by the number of companies who want to claim their proprietary shared source licenses are open source just because you can look at the code.

No. You cannot convince me.

My house has old plaster and lath walls, aka “a Faraday cage”. My kid’s bedroom is 20 feet from a Firewalla AP7 Wi-Fi radio, but their PC still only got a 2.4Mbps speed test result.

I bought them a $20 external Wi-Fi antenna and that jumped to 5.8Gbps.

I highly endorse this upgrade.

I just got this email from someone who’s definitely not a North Korean agent seeking to work for American companies.

Screenshot of an email from someone who wants to work remotely as me because of "certain regional limitations".

Text of the email:

Hello,

I’m Akira Nakao, a Senior Software Engineer with over 10 years of experience in full-stack development, system design, and leading technical teams.

Due to certain regional limitations, it’s been challenging for me to access higher-paying roles that align with my skill set. To navigate this, I’m looking for a trustworthy U.S.-based partner to help establish a compliant and straightforward collaboration setup.

I’ll handle all technical work and delivery. Your role would involve minimal administrative support — mostly acting as a point of presence for registration or formalities required by some clients. The structure would be simple, legal, and transparent.

What’s in it for you:

  • A passive revenue-sharing arrangement
  • No coding or tech experience required
  • Clear, low-effort expectations

If this resonates with you, I’d be happy to share more details and answer any questions. There’s no obligation — just an open and honest conversation.

Thank you for your time and consideration.

Best regards,
Akira Nakao
Senior Software Engineer

Yep, seems totally legitimate.

Microsoft released a new PostgreSQL IDE for VS Code. It has a proprietary license with deal-breaking terms:

The software is licensed, not sold. Microsoft reserves all other rights. Unless applicable law gives you more rights despite this limitation, you will not (and have no right to):[…] d) use the software for commercial, non-profit, or revenue-generating activities

Oops. Better not install this on your work laptop! Too bad. It looks nifty, and might be fun to play with if it weren’t illegal to use in must cases where you’d want to use it.

Thanks for letting me know, Signal!

Screenshot of a Signal notification saying “You may have new messages”

Pocket is Saying Goodbye: What You Need to Know | Pocket Help

We’ve made the difficult decision to shut down Pocket on July 8, 2025. Thank you for being part of our journey over the years—we’re proud of the impact Pocket has had for our users and communities.

This is a bummer. It’s the only built-in way to get articles onto my Kobo Libra 2 ereader. So much for bookmarking a long, interesting article to read later on that device.

Kim Jong Un’s New Warship Capsizes at Launch Due to ‘Absolute Carelessness’ - The Wall Street Journal www.wsj.com/world/asi…

Kim, who witnessed the mishap unfold at a Wednesday launch event, lambasted officials for their “absolute carelessness, irresponsibility and unscientific empiricism” in causing the “serious accident,” North Korea’s state media reported. The 41-year-old dictator equated the gaffe to a criminal act.

Thought you were having a bad day?

Dr. Phil’s Son Jay McGraw Is Tied to Minto Money’s 700% APR Loans — ProPublica

McGraw settled a federal civil suit that had accused him of playing a key role in CreditServe Inc., a financial technology consulting firm […] with interest rates that can exceed 700%

If you borrowed $100 at 700% APR, compounded daily, and let it sit for a year, you’d owe $2,452.

Dr. Phil’s kid is a dirtbag.

A Swift Cloud - Things Blog - Cultured Code culturedcode.com/things/bl…

This is so frustrating. Things is really neat, but they went through all the effort of rewriting its backend from scratch with no mention of end-to-end encryption. You just have to trust that they’re not selling your data, training AIs with it, giggling at your notes to buy flowers for your SO, or whatever. I’m pretty sure they’re not, but having to trust that they’re not is a dealbreaker.

I’ve learned way more than I wanted to about houseplants, spider mites, and neem oil.

Forgejo Runner in rootless Podman on Debian

I wanted to experiment with Forgejo’s Actions as a DIY alternative to GitHub Actions, using a nearby Raspberry Pi as a build server. I also wanted to deviate slightly from their Runner installation process by executing the Runner and rootless Podman as a regular, non-privileged user and without using the system-level systemctl. It was pretty easy once I wrapped my head around it.

  1. Set up the runner user. Since I was using Podman, not Docker, I didn’t have to add it to the docker group. As root:
root# useradd --create-home forgejo-runner

This created user number 1001 on my system. Remember that number later when it’s time to configure systemd.

  1. Allow that user to run commands via systemctl without logging in and launching them manually:
root# loginctl enable-linger forgejo-runner
  1. Use machinectl instead of su to become the forgejo-runner user. Without this, most systemd commands will fail with the Failed to connect to bus: No medium found message. I’m certain there’s a way to get su or sudo to play nicely with dbus but I had more interesting problems to solve today than this.
root# apt install systemd-container
root# machinectl shell forgejo-runner@
  1. Run podman-system-service as the forgejo-runner user:
$ systemctl --user enable podman.socket
$ systemctl --user start podman.socket
  1. Run the forgejo-runner program as the forgejo-runner user. I lightly modified the standard forgejo-runner.service file:
$ cat > .config/systemd/user/forgejo-runner.service <<EOHD
[Unit]
Description=Forgejo Runner
Documentation=https://forgejo.org/docs/latest/admin/actions/
After=podman.socket

[Service]
ExecStart=/usr/local/bin/forgejo-runner daemon
ExecReload=/bin/kill -s HUP $MAINPID
# 1001 is the forgejo-runner user's UID
Environment="DOCKER_HOST=unix:///run/user/1001/podman/podman.sock"

# This user and working directory must already exist
WorkingDirectory=/home/forgejo-runner
Restart=on-failure
TimeoutSec=0
RestartSec=10

[Install]
WantedBy=default.target
EOHD
$ systemctl --user daemon-reload
$ systemctl --user enable forgejo-runner.service
$ systemctl --user start forgejo-runner.service

I rebooted my RPi to make sure it would start on its own and it did. Yay! Now I can run Forgejo Actions on my little server and everything works as documented.

How California sent residents’ personal health data to LinkedIn – The Markup:

As visitors filled out forms on the website, trackers on the same pages told LinkedIn their answers to questions about whether they were blind, pregnant, or used a high number of prescription medications.

Do not, ever, use a web browser without an ad-blocker. Even the FBI and NSA officially recommend it.

Gitea vs Forgejo development activity

I was curious whether Gitea or its recent fork, Forgejo, has had more development activity. I cloned both repos (Gitea’s from GitHub; Forgejo’s from Codeberg, which runs on Forgejo) and ran this command:

$ git log --since="1 year ago" --format="%an" | sort | uniq -c | sort -n | wc -l

to get an overview of things. That showed 153 people (including a small handful of bots) contributing to Gitea, and 232 people (and a couple of bots) contributing to Forgejo. There are some dupes in each list — showing separate accounts for “John Doe” and “johndoe”, that kind of thing — but the numbers look small and similar to me so I think they can be safely ignored.

Some commenters have suggested that Gitea’s development model rebases pull requests onto the main branch instead of applying the individual commits, and that Forgejo does the opposite. This would make it artificially look as though Forgejo has more commit activity.

However, it looks to me like Forgejo is using a similar process of combining lots of smaller PR commits into a single merge commit. The wide majority of its commits since June 2024 or so seem to be 1-commit-per-PR. Changing the above command to --since="2024-07-01" reduces the number of unique contributors to 136 for Gitea and 217 for Forgejo. It also shows 1,228 commits for Gitea and 3,039 for Forgejo, and I do think that’s a legitimately apples-to-apples comparison.

If we brute force it and run

$ git log --since="1 year ago" | rg '\(\#\d{4,5}\)' | wc -l

to match lines that mention a PR (like “Simplify review UI (#31062)” or “Remove title from email heads (#3810)”), then I find 1,256 PR-like Gitea commits and 2,181 Forgejo commits.

I also wondered how many committers were in both repos. I got this from:

$ git log --since="2024-07-01" --format="%an" | sort | uniq > /tmp/users.{whichever}
$ comm -12 users.gitea users.forgejo | wc -l # Users with commits in both
      67
$ comm -13 users.gitea users.forgejo | wc -l # Users with Forgejo commits, but not Gitea
     150
$ comm -23 users.gitea users.forgejo | wc -l # Users with Gitea commits, but not Forgejo
      69

67 users committed to both. Without digging into it, the likeliest explanation to me is that this is mostly due to the projects pulling commits from each other, although nothing I know of keeps an author from sending patches to both. 69 contributors participated in Gitea and not Forgeo. Another 150 contributed to Forgejo but not Gitea.

And finally, their respective activity pages (for Gitea and for Forgejo) show a similar story.

I’m not an expert in methodology here, but from my initial poking around, it would seem to me that Forgejo has a lot more activity and a larger variety of contributors than Gitea does.

Updated rate limits for unauthenticated requests - GitHub Changelog

Summary: Microsoft is locking down access to FOSS source code unless viewers create accounts and log in. This is an excellent time to move projects you own to something you can actually control, like Forgejo.

I just noticed that Forgejo 11 LTS is out now. It’s time to upgrade my older v7 LTS setup!

Released Wonk v0.8.0

I just pushed Policy Wonk v.0.8.0.

There are no code changes, just dependency updates and other cleanups. Now requires Python 3.9+, the oldest supported version. Migrated from poetry=>uv, black/flake/pylint=>ruff. Fixed minor typing deprecations.

Send help, can’t move, besieged by wildcats.

A tiny, orange kitty is sound asleep against someone’s leg.

Happy Mother’s Day to anyone who’s ever been Mom!

Trump’s national security adviser Mike Waltz and his deputy to leave posts in White House, sources say - CBS News

In March, Waltz came under scrutiny after he put together a Signal chat and mistakenly included The Atlantic’s Jeffrey Goldberg, disclosing discussions with top national security officials about plans for a military strike on Houthi targets in Yemen.

Part of being a security adviser is being, you know, competent at security.