The Unclear Impact

Krist贸f Marussy ferdium馃巰 |

I'm a PhD student working on the extra-functional requirements and formal verification of cyber-physical system architectures.
I also like free (as in liberty) software, privacy enhancing technologies, and cryptography.

I may not be trans but transgender hating script kiddies are too incompetent to tell the difference. Donkey Kong says trans rights = human rights.

@sotolf @floppy i had to open node and check this, because i couldn鈥檛 believe. blobfoxtableflip this is so wild


public education was transferred to the ministry of interior, and the minister stated that he 鈥榙oesn鈥檛 tolerate civil disobedience鈥 and considers it 鈥榓 question of discipline鈥 when asked about teachers striking for better pay

yeah, i鈥檓 sure law&order thinking and discipline is what we鈥檒l need to foster creativity and innovation鈥 blobfoxdoubt

re: free software rant adjacent

@floppy @mastodon @mte90 i suppose a PWA runs in the same chromium profile as the webpages you visit, so it at least shares a bunch of background processes (network service and GPU process at least) with the main browser

sandboxes services run in separate chromium 鈥榩rofiles鈥 (persistent partitions), but still shared the network and GPU processes with the host electron app. so there鈥檚 one kind of overhead (vs PWA) due to running a second browser, and another kind due to the multiple partitions (but not as severe as running a separate browser / electron app for each service)

here鈥檚 the blog post from slack about the 鈥榮lim-slack鈥 they implemented in their electron app:

looks like the architecture has changed somewhat recently and they moved the slim-slack into the main process:

re: free software rant adjacent

@floppy @mastodon @mte90 (sorry for the late reply, i had a bunch of stuff to deal with at uni)

manifest v3 is likely to change the extension API in a way that makes, e.g., ad blocking less effective:

afaik currently chromium can still load v2 extensions, and firefox has indicated that they wish to maintain support for ad blocking ( ), but the situation might change in the future

in that case, going the route that brave went (erhm, minus the questionable choices about crypto and affiliate links) might be feasible: a library like or or could be integrated natively into an electron-based app (without any chromium webextension API involved)

鈥榤essaging browsers鈥 kinda have their own extension API, anyways (鈥榬ecipes鈥 and user scripts), so the wheel seems to be at least partially already reinvented blobcatshrug

@e88 @aral is generally lighter weight than mastodon (basically you only need a postgres db, and pleroma itself runs as a pretty lightweight erlang/elixir app). i run it as a single-person instance with minimal issues is even more minimal

re: free software rant adjacent

@floppy @mastodon @mte90

So in other words, Electron-based solutions scale badly regarding extensibility

not necessarily. you could offload some processing into the electron main process (risky from a sandboxing pov), into a background page for all services (a single renderer process), or even many background pages for different kinds of processing with a single origin (afaik still a single renderer process, but more strict isolation than a single background page). but it鈥檚 a pain to implement

Do you know how many extensions run in background by default?

i don鈥檛 think any extensions would be loaded by default 鈥 the heavy resource usage might come from having a renderer process for each service (but that鈥檚 just process isolation for origins, which is also the default in firefox since quantum) or, more likely, from having a whole different persistent partition per service (this is where firefox could be more lightweight). but the issue is worsened if a 鈥榤essaging browser鈥 wants to support webextensions (they use background pages for processing and data that is shared between tabs, like a filter list trie in adblock)

not that you鈥檇 really want webextensions if manifest v3 hits 鈥 a custom add-on mechanism could get around this an direct all IPC requests to a single background page from all partition (but again, pain to implement)

I have some less frequently used apps configured, but disabled.

the main issue here is that process isolation and separate persistent partitions need a lot of resources for loaded pages, but are crucial for proper security (and messaging apps are likely to be higher-value targets than just browsing, so disabling security features is probably a bad idea)

one way to solve this is to move most services into a single partition (i.e., container). cross-origin isolation can still isolate most of the cookies, but multiple instances of the same webapp (with different accounts) still have to live in different partitions. i think wavebox started to push this approach after they went proprietary (they also forked chromium instead of building on electron)

the other way is to just unload most of the webpages and just load them on demand, or maybe periodically to check for new messages. ferdi(um) implements this, but obviously, there is some delay for the notifications

the last option would be to unload the webpages, then implement 鈥榤ini鈥 versions (the slack electron app calls them like this in their blog) that are much lighter weight than a full webpage. unfortunately, for proprietary webapps, this requires reverse engineering, and may even lead to a banned account if the official client is not properly impersonated

Btw, fyi, this is one good DIY guide for Firefox.

thanks! this looks really cool

re: free software rant adjacent

@floppy @mastodon @mte90 in fact, firefox might even have and edge here, because extensions have a single background page that can communicate with any container. chromium afaik (or at least electron) can install extensions per persistent partition (~container), so each extension needs a separate background page per partition, leading to higher resource use

(somewhat foolishly, one of my side projects is implementing an electron 鈥榤essaging browser鈥 from scratch, with 鈥榤odern鈥 electron security practices. realizing that i can鈥檛 really have browser extensions with any semblance of efficiency was quite a disappointment)

re: free software rant adjacent

@floppy @mastodon @mte90 yeah, it鈥檚 fighting fire (overengineered web platforms and javascript fingerprinting) with more fire (overengineered javascript workarounds). i鈥檇 consider it a 鈥榟arm reduction鈥 measure, mostly: folks are often forced to use webapps by employers/schools, and having a single client still beats installing a bunch of proprietary apps that could spy on them

free software rant adjacent

@kristof @floppy @mastodon I translate in a single word: javascript.

free software rant adjacent

@floppy @mte90 @mastodon the 鈥渕essaging browser鈥 space seems awfully fragmented, and projects often implode (go proprietary, or just unmaintained)

i think the latest development is the ferdi maintainer (already itself a fork of franz) kicking everyone off that project, which led to the creation of (disclaimer: i was a ferdi contributon, and got invited to ferdium)

i don鈥檛 quite understand while this area of free software has a higher than average rate of developer burnout (or maybe it hasn鈥檛, just the area is a bit niche)

annoyingly, some webapps have nonsensical limitations when run outside of chrome (probably just user agent sniffing / fingerprinting nowadays), so going DIY with firefox containers would require spoofing user agents and other browser APIs. so starting from something already on chromium (i.e., electron) might be the most sensible option, even if electron development (while maintaining any semblance of security and sandboxing) is a lot of pain blobfoxannoyed

@jookia it鈥檚 not exactly the same thing, but i think sway (or wlroots) does have an X11 backend

apparently, systemd likes to print wall messages now by default when the system is going down:

i guess i will just add --no-wall, then blobfoxpeekcomfy


my horrible setup with nat66鈥檇 network namespaces and bridge adapters breaks with wireguard, somehow.

not unexpected, but i guess i鈥檒l just stick with openvpn until I can figure something else out blobfoxbongo


today, I鈥檓 lecturing for 3 people (out of 30 on the course). much better than last week鈥檚 0 blobfoxangrylaugh

and yet again, my arse is saved by typescript errors


integration testing an electron app by running jest inside a fully fledged (not ELECTRON_RUN_AS_NODE) electron process, with require('electron') injected from outside the vm sandbox

i think i have made an abomination blobfoxfloofdevil

uspol, hot take

i guess if you go back far enough, not paying taxes to the british crown isn鈥檛 鈥渄eeply rooted in history鈥, either blobfoxdealwithitfingerguns

re: academia

@meisam formal methods (timed automata and Petri nets). but this semester, i鈥檓 only a substitute teacher for a few lectures

it鈥檚 a relatively smaller course (30 people) and all the lectures are available online, too, so it鈥檚 conceivable no one decides to come during midterms week, but they should at least tell in advance blobfoxannoyed