** 2006-10-31: The default prefix used to be "sqlite_". But then ** Mcafee started using SQLite in their anti-virus product and it ** started putting files with the "sqlite" name in the c:/temp folder. ** This annoyed many windows users. Those users would then do a ** Google search for "sqlite", find the telephone numbers of the ** developers and call to wake them up at night and complain. ** For this reason, the default name prefix is changed to be "sqlite" ** spelled backwards. So the temp files are still identified, but ** anybody smart enough to figure out the code is also likely smart ** enough to know that calling the developer will not help get rid ** of the file. */ #ifndef SQLITE_TEMP_FILE_PREFIX # define SQLITE_TEMP_FILE_PREFIX "etilqs_" #endif

Here is an insane piece of lore inside SQLite's source code

I am researching VACUUM and I was studying their code. In VACUUM, SQLite creates a temp file prefixed with `etilqs_`

Here is why:

The incident Bluesky had on April 4th was one of these cascading failures — a system was missing an appropriate limit which caused a cascade of failures where the system exhausted its memory and network resources, and overwhelmed another system.

April 16th was a DDoS carried out by an attacker.

I *love* everything about this, just read those principles, it’s like, the best of the best standards development knowledge condensed beautifully:

howethomas.github.io/ietf-hackath...

I built an interactive guide on how Shazam (the music identification app) works!

This is the next installment in my newly coined "How The Heck?" series, where we explore everyday tech that can feel like magic (QR Codes, GPS, and now this one).

Hope you enjoy it!

perthirtysix.com/how-the-heck...

say i was building something like goodreads on ATProto but ISBN doesn’t exist. is there an idiomatic way to handle public records in a shared way? i think i want both reviews _and_ books to be on the user’s PDS for true portability, but i also want books to be discoverable and have accurate info

The goal of a DID-level mechanism is to keep as many AT URIs intact as feasible, at the cost of a fixed additional implementation burden in two spots:

- PDS implementations
- DID resolution caches

However, this migrates entire identities, rather than just selected collections or records

Your record-level mechanism works at the cost of tons of app-specific logic to fixup an entire cascade of references -- when I update my references to reflect your DID change, that also updates the CIDs for my records too

I admire you for the effort, but that's a lotta fiddly work for each app

Likely accompanied by "escrow-style" safeguards:

- can "lock down" account to prevent transfers
- delayed effect before DID doc changes actually written (24 hours, 2 business days, +/or written notice)
- etc.

If anybody can figure out practical workable solutions for this, it's the Swiss 😉

But yes, it does increase the PLC's operational burdens for our new Swiss association

... because it implies the need to assume more auditing + reversion responsibilities, beyond whatever logging work the code already performs

The impact of "false tombstone" (or other) attacks on a prominent DID is substantial enough that it'd presumably be quickly detected

However, the "real" PDS is still there + reverting to a prior state of the DID document (given the right credentials) seems like less work than updating DID caches

I was only considering archival scenarios like:

- import resolvable crosslinks for all microblog archives from legacy services like Twitter
- merge content from two accounts (legacy/placeholder vs. real)
- etc.

As for the attack surface, is this worse than other attacks on the DID document?

I was getting up the nerve to think through asking for a DID-level redirect mechanism:

- this here is a dead identity
- I formally cede it to this other DID
- here are our mutual signatures as proof

but never narrowed down the scope enough to formally write up a justification

Ah, you're brute forcing this without asking @bnewbold.net + @dholms.at for the AT equivalent of an HTTP 301 or 308 response

Mad respect

Also, are claims ever revocable?

Or, assuming you're careful enough about properly resolving claims in the first place (no backsies), then is the plan to allow social pressure to deal with claimants whose data goes stale?

When I've tried to whiteboard similar designs in the past, I've imagined creating distinct DIDs for each owner of unclaimed on-protocol records, then updating the DID document to transfer ownership later

But I always got stuck on the issue of owners whose claim arrived with their own existing DID

So cool! Do you have a writeup anywhere about how this system is intended to work?

Where does preloaded data live before it's claimed + migrated to the owner's repo? On-protocol in the app's PDS, or only available via an appview RPC call?

Do refs to this data survive the migration? How?

If I'm understanding your lexicons correctly:

review --> fragrance --> house

Everyone posts their own reviews, adding records for the relevant fragrance +/or house, if you can't find one maintained by someone else

But no incentive yet for houses to become their own maintainers

In terms of design problems, there are "interesting" (pronounced "thorny") coordination issues required to bootstrap these kinds of claim + update solutions from existing data

TBH, venue ownership is so dispersed that it's probably the least likely use case to pioneer such strategies

Hang on. (does double take) Was someone actually proposing to just do this + nothing else? Oh dear

Yeah. Over the long run, the only sane way to publish authoritative venue data on-protocol is to come up with a scalable way for venues to claim + publish their own details using a shared lexicon

Your experiences with the atgeo community seemed somehow relevant to that broader issue, or you wouldn't have jumped in

All I'm trying to do here is catch up -- a day late + a dollar short -- because it wasn't so obvious a connection for me

Again, sorry for poking a sore spot

Sure. For anyone who gets why gazetteers are useful, that site does a fine job of explaining how to use this particular one

I was just seeking pointers to discussions (here or elsewhere) about how + when devs should deal with the temptation to assemble something like an ISBN datastore on-protocol

I'm not challenging the decision, just trying to understand the pattern

Pointers to highlights from that discussion would be very useful to those of us for whom your conclusions aren't immediately obvious

Helps know whether (+ to what extent) it'd be applicable for other use cases

"Putting all venues in the world on network doesn’t make sense."

What kind of claim is this?

ideological = it's a Bad Idea
pragmatic = venues are too volatile
literal = enumerations are incomplete
xkcd = multiple enumerations exist

Or just:

rationale = so let's build a gazeteer

one of the biggest issues with interface design is the tendency for designers (and capital) to optimize for ease-of-use or conforming to the user’s existing mental model and muscle memory

the user’s model, memory, & expectations were fabricated by silicon valley & often need to be disrupted/changed

wait wait wait I've got it. It's the atmosphere, permissioned spaces should be called microclimates.

this reminds me, i don't think SCOTUS should be allowed to choose their own clerks. standardize the hiring schedule, put the applications in a pool, blind reads (perhaps by a panel of former clerks) and random assignments.

For any given service, it's easy to fill in the blank:

"my chats"
"my events"
"my likes"
"my newsletters"
"my photos"
"my posts"
"my repos"
"my rsvps"
"my videos"

But we need a mass noun (like email) which spans beyond all of the above with something less mealy-mouthed than "my content"

Yeah, atmospheric messaging has to keep reinforcing the fundamental pivot from:

apps = they collect + own the data

to:

services = they do things (on your behalf) with
data = you own, control, + grant access to

Yep. We just need the right noun to fill that slot

"that's where _________ lives"

"my personal data" = redundant
"my data" = ambitious
"my social data" = vague
"data for all my Atmosphere services" = wordy
"my Atmosphere data" = brand (tm)
...

Rather than:

"atproto" = technical protocol (verb)

PS: I suspect that our creative juices have been stifled by the socially-unusual feature that all PDS contents are currently public by default

It should be far easier to choose suitable metaphors once permissioned data lands + services enable more control over access to "my personal data"