Cold Boot


Read the latest posts from Cold Boot.

from segfault

so you may see this and be like “what the fuck are you talking about”

so recently some person called gaym development.east made a game called astolfo gay sounds but it is not compatible with most modern devices, so i decided to decompile it

part 1: the downloading

so i just went to and downloaded it, there are probably better ways of getting around with this

part 2: the juicy shit

so using apklab on vscode i decompiled the source and just went to java_src/com/fcupchan/astolfogaysounds/ and one of the first things i see is the following:

i also see a lot of references to com.astolfogaysounds.R.raw.gay_sound_X so i will poke into those in the next part coming.. right now

part 3: the assets

well first up here is an image of the gameplay:


gay_sound_1.mp3 – gay_sound_13.mp3


well thats all i hope you found this entertaining as i just wasted a lot of my time


from electron271

so recently i have discovered a page called tiny emulators, which i think is really interesting

it is called “tiny emulators” and using the power of web assembly lets you mess around with a variety of emulators right in your browser, from the 6502 to the z1013

check it out here


from bread-z

Welcome to Cyberia Chats!

This is the start of an interview series here at Cyberia where I, your host, Bread, will be interviewing members of the Cyberia Computer Club about projects they've been working on. The folks here at Cyberia write some top-notch software – often with little to no recognition! They deserve better. We have an enormous wealth of talent here, just dying to shine.

Hopefully, these talks will inspire folks in Cyberia to contribute to each other's projects, or maybe just take a look at the code, or perhaps just talk to each other a bit more. Here to begin the conversation with me is Alena, the talented developer of, an open source website that trans folks can use to find nearby healthcare centers.

We (meticulously!) edited this interview for clarity. If you'd like to hear the original interview, or see the original transcript generated by Whisper, DM me on Matrix at


And hello there! We are live with our very first Cyberia Chat. This is an interview series that I, Bread here, hope to start – where we do deep dives into the amazing projects that all the talented folks in Cyberia are working on and have worked on to try to pick their brains to get a sense of what motivates them – so that they can feel like they're part of the community, that people care about their work, you know? I mean, so much of my whole career is spent doing meaningless bullshit work that no one will ever appreciate, so I'd hope that we developers... [I'd hope that] the stuff that we're doing outside of work gets appreciated, you know?


Yeah, it takes a lot of energy to, if you have a full-time job, really put in that same level of effort in another project, because there's always the fear that you're gonna...burn out on that specific type of skill, you know? I feel that it's important to recognize when you're using a skill too much, or pushing yourself too hard – because it's a lot.


No, what are you talking about? It's easy! It only took you 196 commits... Nooo, it's nothing.


😆 You know, over the course of like three months.


No, whatever!


Working full-time on it. I quit my job to do this for three months.


🤣 Oh my god.




Maybe you'll get some new folks on Ko-Fi or something after this. I hope so, Alena. I've always thought this was a pretty... this was one of those things that when I saw it, I was like, “Whoa! Why is everyone not freaking out? This is crazy! Is no one... what? Is no one...?”


I hope that I'll get a small amount of traffic, and I hope that the site has been useful and is working for the folks that have found it.


I hope so too, you know? I hope you're getting some good user feedback and all that. That'd be cool. I feel like you're making a difference in the community. I guess that is your goal, right?




Could you tell me what drew you to this issue and how you got inspired to start this [project] in the first place?


Yeah, so I've been following the whole legislative storm of different bills that are either restricting or completely outright banning certain types of care in the United States. And specifically, I feel passionate about following what's going on with transgender care and informed consent medical care. I've been following an activist named Erin Reed who provides resources for keeping up-to-date on legislation that affects the transgender community. She also maintains a list of about 900 or so informed consent clinics in the US, which is a colossal amount of work for one person to do.


That's just one person!? 😳


Yeah, clinics in the US and a handful of clinics in a couple of other countries too. It's a very large data set that I've been following for a while. My idea was to see if there was a way to help people search it a little easier, to be able to enter just a couple of location details and have it instantly pull up a list of the clinics from the data set – to make using that resource even easier. Since Erin's map uses Google My Maps, it lacks the same features that you would typically think of Google Maps to have, like searches using your location or advanced searches for things near me. If you want to find clinics near to you on the map, you have to know where you are and find your location which involves scanning over the map to find your region or knowing the latitude and longitude of your town. Then it's a process of visually finding what clinics are close enough. So my goal is to remove that step of having to manually search the map and quickly pull up the closest informed consent clinics. The project first started as pulling in all the clinics from Erin Reed's map to catalog them and make them searchable, but it kind of grew a little more from there.




I was thinking I could also pull in other data sources as well. I added one other data source to my website, which is the Southern Equality Trans in the South list of transgender care providers. My site is only importing their informed consent clinics, but they have a whole lot of other resources not just confined to informed consent clinics. They have a search interface to find more transgender – even general LGBTQ+ friendly – care; they might be a resource to look for.


Glad you're shouting them out. Pretty impressive. You know, a good amalgamation of very important, relevant data sets, you know, data science and data sets... These are words that sound so abstract, I feel like, to a lot of people – but no, this is useful, you know? And this is the kind of thing where inaccessible, bad UX gets in the way of people, especially with the earlier thing, the Erin Reeds map, you know, Google user map. Poorly integrated, old Google project....


😅 Yeah. People could do with a little less Google tracking them, especially when it comes to medical care.


🤯 Whoa – that's also a good point. Privacy side of things. Better to just have your resource, which, you know, is open source. People can see it [without fear of being tracked]. They can deploy the web app themselves, I guess, in theory. But yeah, that's awesome. I didn't realize that that whole Erin Reed dataset was compiled by [just] that one person.


Yeah, Erin is doing an immense amount of work and should be applauded for it - because they are still maintaining that map and still doing very, very good work.


It's not over.


Yeah. The goal is a resource you can quickly find clinics on, quickly find the care you need, all while not having any kind of tracking in the midst. My site's not tracking anyone who comes to it. Well, with the exception of the contact feedback form - Whether HCaptcha is doing any, you know, any particular logging of HTTP traffic when the CAPTCHA handshake is going on – that's the part I'm not as confident about 😬 But at least the main search interface -


Woooooow. Wooow! 😂 Interview over. Terrible app; not private.


Oh no. It's all gone. It's all gone.


Game over, Alena.


It's game over now.


Why'd you blow it like that? 😆


Oh, I know. I know. 😅 I wanted to try to keep bots from spamming my contact form. So I was like, “Dang it! The tried and tested CAPTCHA service.” I suppose one could host their own CAPTCHA. I'm sure there has to be some self-hosted option.


Doesn't Forrest has his own CAPTCHA service? Maybe you can switch to using that.


Ooh, there we go. There we go. Gotta get in contact with Forest.


Right, see!? 🤩 This is why we need more cross-pollination, you know? We have our own Cyberia toolkits going on.


Oooooh – Cyberia CAPTCHA! 😄


Hey-ooo 🤯


Hosted on Capsul. Woo! 🎆


CAPTCHA on Capsul. Oh snap. Alright, now we're cooking... but let's move on. Glad to hear the grounding here – fighting for something you care about.


Yeah :D


This is a field where privacy really matters. I remember last year when Roe v. Wade got overturned because, you know, we live in a 10th, 11th world country -bottom of the barrel country court system; but I digress. You know, when that was overturned, everyone started freaking out about their period trackers [and] stuff like that.


Rightly so, because there's a lot of those medical-oriented applications that are logging all of that data – and while a lot of them might not be blatantly using it for tracking that specific user, those are just goldmines of people's personal health information, too – if those ever get leaked, and if there's anything personally identifiable in them, that's not good, to put it lightly. Yeah.


Overnight, I feel like, a lot of people went from, “Oh, who cares about my data? Everyone has all of my data,” to “Oh my god, wait, I really need some privacy right now[^1],” especially if you are a woman. <sarcasm> And, you know, trans people, well, lord knows, they're certainly not under attack anywhere. Noooo, no, definitely not. </sarcasm>


Yikes. It's a tough time.


It is – but I think that projects like this are important to show that there is good stuff that can happen in the programming space. A lot of the folks I talk to who care about trans rights are generally non-techie people. They're maybe more bookish, artsy types. [In] general, [the] leftist folks I hang out with are oftentimes Luddites. I don't mean to use that [as] a derogatory term.... [I just mean that they're] skeptical of large tech companies. I get that [concern] – so I think it's important that we have stuff like this to [say], “Hey, we can help! Technology is a tool. We can use it. We can do good stuff with it, even if that tool is PHP.” Could you tell me a bit – *bursts into laughter*😆


Ooooh. 🤨 “Even if that tool is PHP”? I feel a little attacked here.


Attacked!? *poorly feigning ignorance* 🤣


😆 You know, PHP is—


All right, tell me about this terrible— na na na 😆 I've been reading some of the docs for PHP, and it seems that PHP has turned around quite a bit in recent years. A lot of new features have been added to the language. It's pretty interesting, some of the stuff that the [language has] these days. I mean, [it has] just-in-time compilation [now]. They're adding Java style [compilation] to PHP. That must be good for performance, right?


PHP is slowly, slowly becoming a more strictly typed, less dynamic programming language. Slowly but surely locking things down – adding a full, strict type system in, if you want to use it. Cleaning up older functions and making them more consistent. Making changes under the hood for performance and things like just-in-time compilation. If you have a web server that's written entirely in PHP, without any use of Apache, features like just-in-time compilation can help immensely with those types of applications. So, yeah, there's a lot of modernization going on in the PHP project. ☺️


Very cool, very cool. I'm sure it must have changed a lot over the years as you've been working [within the ecosystem]. There was quite a lot of neat little aspects of the architecture [that] I saw, [that] I learned about as I was going through this. Stuff like Symfony, and... what's it called, the ORM that you use?


Yes, Doctrine.


Yep, that one. That was pretty interesting. You know, I am someone who is just learning the PHP ecosystem now. It's kind of fun! This is a fun little peek into the [PHP] world to try to learn it[s mysterious ways~]. What are some of your favorite little – in the PHP zone, the PHP space, the environment – what are some interesting little projects happening that have inspired you, as a developer?


Ooh... projects in the PHP space that have inspired me... ...well, I started out doing PHP dev just through work. That's how I kind of started out getting into that zone. And a lot of times in the PHP space, there are quite a lot of projects – particularly ones, you know, that aren't kind of using one of the major frameworks. You know, it's quite a lot of times common to see a PHP project built completely from scratch, without any kind of framework.


Wow. *impressed*


So I came from doing PHP without a framework at the start. I learned the language without a lot of the tools like Laravel and Symfony, and even without an ORM tool like Doctrine, to get started. I'm also thinking, like, how much am I allowed to specifically talk about the code base I worked on in my first job? Since it was a proprietary code base.


Oh, sure, you don't want to have trouble with your former employer.


Oh, that good stuff. But yeah, through getting started with PHP through work, I started investigating the Symfony project for a new JSON API. I've always liked building API applications - specifically APIs paired with some kind of other front end layer; whether you're server-side rendering at that layer, or whether you're using a single page app framework. Since I also came from the Java world before PHP, I was drawn to Symfony because it was very, very close in a lot of syntax and structure to the Spring framework in Java.




That drew me there because I have familiarity with the Spring framework, and it was kind of like, “Oh, I'm back home, but in a language I like a little bit more”. ,*Both Laugh.*


Watch your toes with just in time compilation! Maybe PHP is turning into Java. Oh, God.


Yeah, just in time compilation. It's an interesting topic, because I really think it benefits specific PHP applications that aren't... well, I should probably back up a little bit — The PHP lifecycle. The classic PHP application being the LAMP stack application, where you're using PHP with something like Apache, where Apache has a module that is a PHP module, and Apache has a series of threads and says, “Okay, a request is coming in, I'm going to send it to PHP; PHP will run the code, process the request, spit out a result, and then PHP's done.” So in that typical lifecycle of PHP, PHP starts up, and then it stops. It's not running all the time. It only runs when a request actually comes in. Now, for a server built entirely in PHP... Swoole is one of those ones out there; I think ReactPHP is also a similar kind of application – where the server is entirely built in PHP... ...that's where just-in-time compilation can be very helpful – because the PHP process theoretically is on all the time; thus, the just-in-time compilation is very useful because the application isn't having to bootstrap all the time. It's able to do the parsing of the code base, compile all of that, and have that at the ready throughout the lifecycle of the server. ... That was just a side note; that's probably not particularly super— 😅


No! That's cool. It's redefining what PHP is, what it can be used for. It really expands the possibilities, and I think it's a smart feature to add. It's certainly one of the one of the selling points of Java, right? I mean, if I was told I could have Java without public static void main(String[] args)-ass boilerplate, I'd be like, “Sweet! Sign me up!”. You could have easily slipped a PHP into my dev world, like parents slip broccoli into their kids' brownies.




I would have ate that up. But yeah, maybe PHP just needs a bit of optics help, perhaps.


I think what really doesn't help its reputation these days is... Number one, there's all the existing views of PHP as the old, gross, nasty, WordPressy language. I feel like there's a specific stereotype about PHP in that regard. But then two: I feel like PHP could use some better beginner resources, like those that Python has, for example. If you go to Python's official website, there's a very, very simple tutorial for, “Let's get you started with Python!” immediately on the homepage, to get you started with simple code – whereas there's not really anything like that on PHP's official website. It's kind of like you've got to dive in the docs, you've got to find the Getting Started page, you've got to go through the whole rigmarole of installing a CLI interpreter and all of that... where, with a bit of work, the homepage and the Getting Started resources could be streamlined and improved a whole lot. In fact, there is another project, I don't remember the exact name, but there is another project that is working to try to make a better Getting Started guide for new PHP users.


No way.


Yeah, it's a work in progress, I think.


That's great. I think that's awesome. Accessibility, good documentation, it's the stuff that no dev wants to do if they're doing it for passion, because they just need stuff for themselves. I imagine PHP people often— ...PHP people, there's definitely a recursive acronym you can use for that... But yeah – PHP folks probably think, “Oh, you've been doing this since '97, haven't you? You don't need a beginner's guide.”


Oh. 🙃


I'm glad there are folks who care about that, because that's good, because I've never coded in PHP, and I'm glad I have you [around] to help me out when we get to the next step of this process. That will be pretty cool.


from reese-ipes 🍽

i grew up on my mom's banana bread. it's a great way to use overripe bananas. this recipe was developed from a generic nut bread recipe from her old betty crocker cookbook by both of us making changes along the way.

picture of the finished loaf with a slice taken off of one end to show the inside


wet mix

  • 3 over-ripe bananas [1]
  • 1 egg
  • 1 cup sugar
  • 1 cup oat milk [2]
  • 3 tbsp olive oil
  • 1 tsp vanilla
  • a pinch of salt to taste

dry mix

  • 2.5 cups flour
  • 3.5 tsp baking powder

fillings (optional)

  • up to .5 cup dark chocolate chips, nuts, dates, what-have-you. [3]


pre-heat oven to 350°F and grease a medium-sized loaf pan. combine wet mix and stir/beat until bananas are mostly mashed but still lumpy. sift in dry mix and stir just until combined. do not over-mix. gently fold in your optional fillings. pour the batter into the loaf pan and bake on a center rack for 55 minutes. once done, let it rest for a couple minutes, then turn it out onto a wire rack to cool.


[1] they should have some brown on the outside, maybe 50%, and be soft. don't use if they're rotten. [2] i don't think the type of milk you use is essential. let me know if you try any others! [3] neither my mom nor i like nuts in baked goods but maybe you do. that's fine.


from reese-ipes 🍽


  • 2-3 tbsp vegetable oil
  • 1 small or medium yellow onion, finely sliced [1]
  • 3 cans of different types of beans [2]
  • 1 can corn
  • 1 can diced tomatoes
  • 1 to 1.5 cups chopped carrots
  • 1 bell pepper (choose ur favorite color)
  • 2 cups vegetable stock

spices [3]

  • paprika (regular and smoked)
  • cumin
  • oregano
  • garlic powder
  • cinnamon
  • basil
  • MSG [4]
  • black pepper
  • white pepper
  • cayenne pepper
  • salt


  1. heat vegetable oil in a large pot.
  2. add onions and cook until translucent.
  3. stir in spices and cook for another minute or 2.
  4. empty all the cans into the pot, add veggies and stock.
  5. bring to a boil then let simmer on low for like an hour, loosely covered so steam can vent, stirring occasionally.
  6. add salt to taste and enjoy!


[0] original recipe i based this one off of: [1] size of the onion depends on your preference and FODMAP tolerance. i also threw in a shallot because i had one in the fridge but it probably didn't make much of a difference. [2] i used black beans, garbanzo beans (chickpeas), and great northern beans (about 1 cup after soaking) [3] i just kinda eyeballed the spices, sorry. i tried to put them in order of highest to lowest amount. the ones toward the bottom aren't that important to get right so use whatever you have! [4] you could substitute with extra salt and a pinch of sugar but imo you should really have MSG in your pantry. it Makes Stuff Good™


from Random Access Memories

A fresh start, a blank sheet, untouched digital territory that Cyberia can sully with our awful posts. This is our new blog site. You may sign up for an account; hopefully this will be a place Cyberia users can put their thoughts, share projects in more exhaustive detail, write poetry, whatever strikes your fancy really.

The editor understands markdown and HTML. Play around and see what you can do with it. Documentation is available at the writefreely website, and the writing guide is here. Hopefully bread will add some pretty CSS. Happy writing!


from cyberia

Imported from Originally published: 2021-12-17

rumors of my demise have been greatly exaggerated

Forest 2021-12-17


If you're a wondering “what is capsul?”, see:

Here's a quick summary of what's in this post:

  • cryptocurrency payments are back

  • we visited the server in person for maintenance

  • most capsuls disks should have trim/discard support now, so you can run the fstrim command to optimize your capsul's disk. (please do this, it will save us a lot of disk space!!)

  • we updated most of our operating system images and added a new rocky linux image!

  • potential ideas for future development on capsul

  • exciting news about a new server and a new capsul fork being developed by co-op cloud /



Life happens. Cyberia Computer Club has been hustling and bustling to build out our new in-person space in Minneapolis, MN:

Hackerspace, lab, clubhouse, we aren't sure what to call it yet, but we're extremely excited to finish with the renovations and move in!

In the meantime, something went wrong with the physical machine hosting our BTCPay server and we didn't have anywhere convenient to move it, nor time to replace it, so we simply disabled cryptocurrency payments temporarily in September 2021.

Many of yall have emailed us asking “what gives??”, and I'm glad to finally be able to announce that

“the situation has been dealt with”,

we have a brand new server and the blockchain syncing process is complete, cryptocurrency payments in bitcoin, litecoin, and monero are back online now!

—> <—



Guess what? Yall loved capsul so much, you wore our disks out. Well, almost.

We use redundant solid state disks + the ZFS file system for your capsul's block storage needs, and it turns out that some of our users like to write files. A lot.

Over time, SSDs will wear out, mostly dependent on how many writes hit the disk. Baikal, the server behind, is a bit different from a typical desktop computer, as it hosts about 100 virtual machines, each with thier own list of application processes, for over 50 individual capsul users, each of whom may be providing services to many other individuals in turn.

The disk-wear-out situation was exacerbated by our geographical separation from the server; we live in Minneapolis, MN, but the server is in Georgia. We wanted to install NVME drives to expand our storage capacity ahead of growing demand, but when we would mail PCI-e to NVME adapters to CyberWurx, our datacenter colocation provider, they kept telling us the adapter didn't fit inside the 1U chassis of the server.

At one point, we were forced to take a risk and undo the redundancy of the disks in order to expand our storage capacity and prevent “out of disk space” errors from crashing your capsuls. It was a calculated risk, trading certain doom now for the potential possibility of doom later.

Well, time passed while we were busy with other projects, and those non-redundant disks started wearing out. According to the “smartmon” monitoring indicator, they reached about 25% lifespan remaining. Once the disk theoretically hit 0%, it would become read-only in order to protect itself from total data loss. So we had to replace them before that happened.

We were so scared of what could happen if we slept on this that we booked a flight to Atlanta for maintenance. We wanted to replace the disks in person, and ensure we could restore the ZFS disk mirroring feature.

We even custom 3d-printed a bracket for the tiny PCI-e NVME drive that we needed in order to restore redundancy for the disks, just to make 100% sure that the maintenance we were doing would succeed & maintain stability for everyone who has placed thier trust in us and voted with thier shells, investing thier time and money on virtual machines that we maintain on a volunteer basis.

Unfortunately, “100% sure” was still not good enough, the new NVME drive didn't work as a ZFS mirroring partner at first ⁠— the existing NVME drive was 951GB, and the one we had purchased was 931GB. It was too small and ZFS would not accept that. f0x suggested:

[you could] start a new pool on the new disk, zfs send all the old data over, then have an equally sized partition on the old disk then add that to the mirror

But we had no idea how to do that exactly or how long it would take & we didn't want to change the plan at the last second, so instead we ended up taking the train from the datacenter to Best Buy to buy a new disk instead.

The actual formatted sizes of these drives are typically never printed on the packaging or even mentioned on PDF datasheets online. When I could find an actual number for a model, it was always the lower 931GB. So, we ended up buying a “2TB” drive as it was the only one BestBuy had which we could guarantee would work.

So, lesson learned the hard way. If you want to use ZFS mirroring and maybe replace a drive later, make sure to choose a fixed partition size which is slightly smaller than the typical avaliable space on the size of drive you're using, in case the replacement drive was manufactured with slightly less avaliable formatted space!!!

Once mirroring was restored, we made sure to test it in practice by carefully removing a disk from the server while it's running:

While we could have theoretically done this maintenance remotely with the folks at CyberWurx performing the physical parts replacement per a ticket we open with them, we wanted to be sure we could meet the timeline that the disks had set for US. That's no knock on CyberWurx, moreso a knock on us for yolo-ing this server into “production” with tape and no test environment :D

The reality is we are vounteer supported. Right now the payments that the club receives from capusl users don't add up to enough to compensate (make ends meet for) your average professional software developer or sysadmin, at least if local tech labor market stats are to be believed.

We are all also working on other things, we can't devote all of our time to capsul. But we do care about capsul, we want our service to live, mostly because we use it ourselves, but also because the club benefits from it.

We want it to be easy and fun to use, while also staying easy and fun to maintain. A system that's agressively maintained will be a lot more likely to remain maintained when it's no one's job to come in every weekday for that.

That's why we also decided to upgrade to the latest stable Debian major version on baikal while we were there. We encountered no issues during the upgrade besides a couple of initial omissions in our package source lists. The installer also notified us of several configuration files we had modified, presenting us with a git-merge-ish interface that displayed diffs and allowed us to decide to keep our changes, replace our file with the new version, or merge the two manually.

I can't speak more accurately about it than that, as j3s did this part and I just watched :)



We wanted to upgrade to this new Debian version because it had a new major version of QEMU, supporting virtio-blk storage devices that can pass-through file system discard commands to the host operating system.

We didn't see any benefits right away, as the vms stayed defined in libvirt as their original machine types, either pc-i440fx-3.1 or a type from the pc-q35 family.

After returning home, we noticed that when we created a new capsul, it would come up as the pc-i440fx-5.2 machine type and the main disk on the guest would display discard support in the form of a non-zero DISC-MAX size displayed by the lsblk -D command:

localhost:~# sudo lsblk -D NAME DISC-ALN DISC-GRAN DISC-MAX DISC-ZERO sr0 0 0B 0B 0 vda 512 512B 2G 0

Most of our capsuls were pc-i440fx ones, and we upgraded them to pc-i440fx-5.2, which finally got discards working for the grand majority of capsuls.

If you see discard settings like that on your capsul, you should also be able to run fstrim -v / on your capsul which saves us disk space on baikal:

welcome, cyberian ^(;,;)^ your machine awaits

localhost:~# sudo lsblk -D NAME DISC-ALN DISC-GRAN DISC-MAX DISC-ZERO sr0 0 0B 0B 0 vda 512 512B 2G 0

localhost:~# sudo fstrim -v / /: 15.1 GiB (16185487360 bytes) trimmed

^ Please do this if you are able to!

You might also be able to enable an fstrim service or timer which will run fstrim to clean up and optimize your disk periodically.

However, some of the older vms were the pc-q35 family of QEMU machine type, and while I was able to get one of ours to upgrade to pc-i440fx-5.2, discard support still did not show up in the guest OS. We're not sure what's happening there yet.

We also improved capsul's monitoring features; we began work on proper infrastructure-as-code-style diffing functionality, so we get notified if any key aspects of your capsuls are out of whack. In the past this had been an issue, with DHCP leases expiring during maintenance downtimes and capsuls stealing each-others assigned IP addresses when we turn everything back on.

capsul-flask now also includes an admin panel with 1-click-fix actions built in, leveraging this data:

I acknowledge that this is a bit of a silly system, but it's an artifact of how we do what we do. Capsul is always changing and evolving, and the web app was built on the idea of simply “providing a button for” any manual action that would have to be taken, either by a user or by an admin.

At one point, back when capsul was called “cvm”, everything was done by hand over email and the commandline, so of course anything that reduced the amount of manual administration work was welcome, and we are still working on that today.

When we build new UIs and prototype features, we learn more about how our system works, we expand what's possible for capsul, and we come up with new ways to organize data and intelligently direct the venerable virtualization software our service is built on.

I think that's what the “agile development” buzzword from professional software development circles was supposed to be about: freedom to experiment means better designs because we get the opportunity to experience some of the consequences before we fully commit to any specific design. A touch of humility and flexibility goes a long way in my opinion.

We do have a lot of ideas about how to continue making capsul easier for everyone involved, things like:

  1. Metered billing w/ stripe, so you get a monthly bill with auto-pay to your credit card, and you only pay for the resources you use, similar to what service providers like Backblaze do.

(Note: of course we would also allow you to pre-pay with cryptocurrency if you wish)

  1. Looking into rewrite options for some parts of the system: perhaps driving QEMU from capsul-flask directly instead of going through libvirt, and perhaps rewriting the web application in golang instead of sticking with flask.

  2. JSON API designed to make it easier to manage capsuls in code, scripts, or with an infrastructure-as-code tool like Terraform.

  3. IO throttling your vms: As I mentioned before, the vms wear out the disks fast. We had hoped that enabling discards would help with this, but it appears that it hasn't done much to decrease the growth rate of the smartmon wearout indicator metric. So, most likely we will have to enforce some form of limit on the amount of disk writes your capsul can perform while it's running day in and day out. 80-90% of capsul users will never see this limit, but our heaviest writers will be required to either change thier software so it writes less, or pay more money for service. In any case, we'll send you a warning email long before we throttle your capsul's disk.

And last but not least, Cybera Computer Club Congress voted to use a couple thousand of the capsulbux we've recieved in payment to purchase a new server, allowing us to expand the service ahead of demand and improve our processes all the way from hardware up.

(No tape this time!)

Shown: Dell PowerEdge R640 1U server with two 10-core xeon silver 4114 processors and 256GB of RAM. (Upgradable to 768GB!!)



Yes! We are not the only ones working on capsul these days. For example, another group, has forked capsul-flask and set up thier own instance at

Thier source code repository is here (not sure this is the right one):

Having more people setting up instances of capsul-flask really helps us, whether folks are simply testing or aiming to run it in production like we do.

Unfortunately we don't have a direct incentive to work on making capsul-flask easier to set up until folks ask us how to do it. Autonomic helped us a lot as they made thier way through our terrible documentation and asked for better organization / clarification along the way, leading to much more expansive and organized README files.

They also gave a great shove in the right direction when they decided to contribute most of a basic automated testing implementation and the beginnings of a JSON API at the same time. They are building a command line tool called abra that can create capsuls upon the users request, as well as many other things like installing applications. I think it's very neat :)

Also, just donating or using the service helps support, both in terms of maintaing and reaching out and supporting our local community.

We accept donations via either a credit card (stripe) or in Bitcoin, Litecoin, or Monero via our BTCPay server:

For the capsul source code, navigate to:

As always, you may contact us at:

Or on matrix:

For information on what matrix chat is and how to use it, see:

Forest 2021-12-17


from cyberia

COVIDaware MN app investigation

Imported from Originally published: 2020-11-27

starless 2020-11-27

Greetings to Netizens and Minnesotans!

It's your friendly neighborhood Cyberians here with an update on the new COVIDaware app as announced by the Governor.

You might be wondering: “Hey, how bullshit is this app? Will it track me when I sleep, will it tell the cops where I am for no good reason, will it take my firstborn son?”

We were wondering these things, too. We're hard at work finding answers to all these questions and more, and due to the urgent nature of the pandemic, wanted to give you an update.

Recently, the state of Minnesota released an app to help manage COVID-19 contact tracing, The COVIDaware MN app is based on an open source foss app for something called 'contact tracing', which helps people backtrack the places they've been in the last two weeks, should they later learn that they were contagious but pre-symptomatic for COVID-19. Due to the delicate nature of this sort of app, we reached out to the folks who wrote the open source app that COVIDaware MN is based on, and got a handful of helpful replies back.1 We also reached out to the state of Minnesota, but haven't gotten a response yet.2

The app that COVIDaware is based on is very privacy-friendly and the company behind it seems to have good values, but we still don't know exactly how much that source code was customized before it was released for use by Minnesotans. It's likely that the state's IT folks just added the appropriate assets to customize links to the local health department and that sort of thing, but we won't know that for sure without a response to our inquiry. There's a chance they've inadvertently done more than that, too— we'd love to read over the source code and check the modifications the state of Minnesota made to the FOSS base app.

We'll let you know when we hear back from the state, but for now, the base app looks very promising.

Additionally, should it become feasible (likely dependent on the state of Minnesota releasing the source code for the app), we're already hoping to be an alternative source for the official app, should you prefer something that's built on hardware not managed by the state of Minnesota.

We hope to hear back from our fair state government soon, and until then, wish you all a warm & safe holiday season!

source code:


from cyberia

Imported from Originally published: 2020-05-20

Forest 2020-05-20


Capsul has been operated by hand so far, with business conducted via email. Obviously, this isn't the best user experience. If no one is on the other end at the time, the user might feel as if they are shouting into the void.

Ideally, users could pay for service, create and destroy capsuls, and monitor their capsul's status at any time.

So we set out to create an application enabling that, while keeping things as simple as possible. As of today, you can experience it firsthand!

—> <—


Capsul started out as a “for fun” project to host multiple VMs with different operating systems on the same physical server.

A cloud compute provider experiment to find out:

  • How hard is it to build basic compute-as-service functionality that has been mythologized and commoditized by some of the biggest software businesses of all time.

  • What problems have to be solved in order to do this at a small scale?

  • And last but not least, how much better-than-the-big-boys can we do? :P

I heard about Capsul and I thought, cool, why not.

At first, I was slightly dismissive of the project — why re-invent the wheel? There are lots of established tools for creating cloud services already out there, surely they would be hard for us to measure up to.

Of course, you could argue, that's not the point. It's all about the journey, popping the hood and learning how things are put together.

But on the other hand, Capsul is something that we want to use, not just a pet project.

Can I depend on it?

/⁀\ _/‾⁀|, (‾‾____‾‾) | xx . .| / \ | [ >)
/ \ | ‶` ‾ |

Whether excited or doubtful, the tone of the question expresses the real utility and risk associated with DIY.

We have to make our own seat belts for this, an experience and practice that I personally feel is highly under-rated.

I don't want to give up and just leave it to the experts.

I want to build the confidence necessary to make my own systems, and to measure thier stability and efficacy.

(_/) [. .] ==<.>==

“ Anyone can Cook “

It probably helps that I've never seen a friend get hurt because of a flaw in something I designed, but even if I had, I'd like to think that I'd continue believing in the idea that technology is never “beyond” us. I could never make it through Technoholics Anonymous, because I'd never be able believe a Higher Power will restore sanity to the machine and save us from ourselves.


First step was to chose a language and framework. We made this decision (Python 3, Flask) almost entirely based on which language was the most commonly known in our group. I was the only one who had never used Python before, and I felt up to the task of learning a language as a part of this process.

Next, we had to decide how the system would work.

How would we secure user's accounts? How would users pay for capsuls? Would it be like a subscription, would you buy compute credits, or a receive a bill at the end of the month?

In the interest of simplicity, we opted to use a tumblr-style magic-link login instead of requiring the user to provide a password. So, you have to receive an email and click a link in that email every time you log in.

We also decided to go with the “purchase credits, then create capsul” payment workflow, because it was the easiest way we could accept both credit card and cryptocurrency payments, and we believed that requiring the user to pay first was an appropriate level of friction for our service, at least right now.

I had never worked on a project that integrated with a payment processor or had a “dollars” column in a database table before. I felt like I worked at the Federal Reserve, typing

INSERT INTO payments (account, dollars) VALUES ('forest', 20.00);

into my database during development.

The application has three backends:

  • a postgres database where all of the payment and account data is stored

  • the virtualization backend which lifecycles the virtual machines and provides information about them (whether or not they exist, and current IP address)

  • Prometheus metrics database which allows the web application to display real-time metrics for each capsul.

All of the payments are handled by external payment processors Stripe and BTCPay Server, so the application doesn't have to deal with credit cards or cryptocurrency directly. What's even better, because BTCPay Server tracks the status of invoices automatically, we can accept unconfirmed transactions as valid payments and then rewind the payment if we learn that it was a double-spend attack. No need to bother the user about Replace By Fee or anything like that.

The initial development phase took one week. Some days I worked on it for 12+ hours, I think. I was having a blast. I believe that the application should be secure against common types of attacks. I kept the OWASP Top 10 Web Application Security Risks in mind while I was working on this project, and addressed each one.

  1. Injection We use 100% parameterized queries, and we apply strict validation to all arguments of all shell scripts.

  2. Broken Authentication We have used Flask's session implementation, we did not roll our own sessions.

  3. Sensitive Data Exposure We do not handle particularly sensitive data such as cryptocurrency wallets or credit card information.

  4. XML External Entities (XXE) We do not parse XML.

  5. Broken Access Control We have added the user's email address to all database queries that we can. This email address comes from the session, so hopefully you can only ever get information about YOUR account, and only if you are logged in.

  6. Security Misconfiguration We made sure that the application does not display error messages to the user, we are not running Flask in development mode, we are not running Flask as the root user, the server it runs on is well secured and up to date, etc.

  7. Cross-Site Scripting (XSS) We apply strict validation to user inputs that will be represented on the page, whether they are path variables, query parameters, form fields, etc.

  8. Insecure Deserialization We use the most up-to-date json parsing from the Python standard library.

  9. Using Components with Known Vulnerabilities We did check the CVE lists for any known issues with the versions of Flask and psycopg2 (database connector), requests, and various other packages that we are using, although automating this process would be much better going forward.

  10. Insufficient Logging & Monitoring We may have some room for improvement here, however, verbose logging goes slightly against the “we don't collect any more data about you than we need to” mantra.

If you would like to take a peek at the code, it's hosted on our git server:


from cyberia

Imported from Originally published: 2020-05-01

Subject: Cyberia Services Update: 2020-04 From: j3s Date: 01/05/2020


A lot has happened in services-land this month, and I'm hoping to pack as much of it as I can into this email. I will try to be brief, as there is a lot to cover. I'll also probably miss some stuff, woops!

Capsul ======

We added many new subscribers and many new features to Capsul this month, both technical and financial.

  • OpenBSD 6.6 support Hello puffy! We now fully support OpenBSD 6.6 as an operating system choice on Capsul, and will support future releases of OpenBSD as well.

  • Streamlined BTC/XMR payments Pay with bitcoin or monero? There is now a simple payment processor you may use to make donations or pay for Capsuls. See for details.

  • Guix System 1.1.0 support Guix System support is very near completion! There is one bug left to squash before it's available as a fully supported option! :D

  • IPv6-only support Soon, you will be able to purchase IPv6-only Capsuls at a $2 per month discount from IPv4 prices.

  • Cheaper base prices Pricing will very soon be heavily revised, and all Capsuls will be cheaper. Existing customers will be refunded the difference between the price they paid and the new Capsul price.

  • À la carte disk size selection

    • All instances will start with a fully backed-up 10GB root volume.
    • We will be capable of taking variable disk size requests at 0.2c per GB per month! You are no longer stuck with the disk size your instance came with.
    • These additional disks are not covered by our backup schedule, otherwise we'd run out of disk space almost instantly :D we may offer a paid backup system for these additional disks in the future.

A huge thank you to our early Capsul users, I hope that everything has been running smoothly for you.

Nullhex =======

I have not focused on Nullhex much throughout April, but I do have some exciting ideas to share. Hit me up if you're interested.

  • Reputation Nullhex emails are no longer marked as spam by Protonmail or Gmail, our domain reputation has grown substantially.

Matrix ======

Matrix has cemented itself as the center of our communication platform. If you aren't there already, feel free to register at and join the conversation.

If you don't like Matrix for some other reason, email me directly and we can figure out a way to bridge you into our conversations.

  • Backend updated The backend has been updated & now supports cross-signing.
  • Bridging We are considering bridging specific Matrix rooms with specific Discord rooms; more to come on this front.

Riot ====

  • End to end encryption by default Riot-web is receiving an update next week™ that enables end to end encryption and cross-signing by default for all private conversations. Please prepare thyselves! More deets:

  • New preferences There are two new potentially userful riot-web preferences, in case you may have missed them:

    • sort rooms alphabetically
    • auto-syntax-highlight-detection

Forge =====

Forge is our development and project tool. It is intended to be used by anyone in the Cyberia community to host their projects, and Cyberia will eventually use it exclusively to host our group projects.

Forge is approaching the end of the alpha phase. There is still a bit of rockiness, but we've mostly settled on it as a full-fledged service, supported by Cyberia Services.

Forge handles the following (for now):

  • git repositories
  • mailing lists
  • ticket trackers
  • git-driven wiki pages
  • paste service

Forge may handle the following in the future, if we have need for it:

  • builds
  • continuous integration
  • mercurial repositories

Registration is now open to the public, sign up today!

Mailing Lists =============

There are now three important mailing lists that people might consider subscribing to: = general announcements like this = services branch discussion operational stuff = – everything else

See them and read about them on the Forge:

If you have questions or comments about this announcement letter, feel free to email and ask us about it :)

Misc ====

  • Prometheus awareness We monitor our systems with Prometheus – like everything else Cyberia does, we operate it publically. Check it out at

  • Grafana awareness We recently set up Grafana, and fack has been hacking on some dashboards. It's available at for public consumption. If you'd like a read-write account, email me and I'll set one up for you.

  • deprecated The list has been moved to the list. I moved all previous subscribers to the new list, no action is required.

  • Infra Hackathon There are thoughts about hosting a huge infra hackathon to move our systems from Debian to Alpine, with a giant laundry list of crap to do. We will be targeting a full weekend in the future. Just a heads up.

  • Operations Handbook We have decided that a monorepo for all of our operational-related things is appropriate. See the handbook here:

A final note: our services would be useless without the community that makes use of them. Thanks for all of your valuable feedback and discussion. You're all wonderful. Let's open the next world together.

Your lovely head of services,



from cyberia

Imported from Originally published: 2020-03-11

Subject: Simple trusted compute: Announcing Capsul From: j3s Date: 11/03/2020

+———————————————————————————+ | | | ANNOUNCING CAPSUL | | | +———————————————————————————+

Over the last year we've moved at light speed. Cyberia Computer Club is now an entity. A formal nonprofit organization with a democratic structure.

We organized and bought a server. We crowdfunded, and spent countless nights testing different configurations. We strived to make the service very simple, and very maintainable. We're very proud of what we're announcing today. We think it's a very unique service.

Capsul is a service that provides people with compute in the form of virtual machines. All machines run on very fast solid state storage, and have direct T3 network access on a shared link. We do not collect user data (besides your email address), and discard as many logs as we feasibly can. Every VM is automatically backed up A more official privacy policy and TOS are coming soon.

To get you excited, here's a list of initially supported operating systems:

operating system supported ———————— ————- alpine yes ubuntu18 yes debian10 yes centos7 yes centos8 yes OpenBSD 6.6 planned GuixSD 1.0.1 planned Windows no, never AIX whyyyy

Our prices start at ~$5.99 a month:

type yearly cost cpus memory ssd ——— —————– —— ——— —— f1-s $70 1 512M 10G f1-m $120 1 1024M 25G f1-l $240 1 2048M 55G f1-x $480 2 4096M 80G f1-xx $960 4 8096M 160G f1-xxx $1920 8 16G 320G

Capsul is very easy to use – no signup or registration is necessary. Simply send an email to with your requirements, and you'll have VMs that you can ssh into within a day or so.

Capsul machines are currently paid for on a yearly basis, and we'll make every effort to remind you of payment before your year expires. Capsul is very price-similar to services like Vultr or Digital Ocean.

What sets Capsul apart?

Simply: our organization and our morality.

Cyberia Computer Club values privacy, simplicity, transparency, accessibility, and inclusion. We have no shareholders, investors, or loaners, therefore every change we make is directly beneficial to you. We actually care about your experience, and it will only get better with time – never worse.

We have a lot more coming for Capsul. The next planned features include: – private networking – openbsd support – monthly payments – instant provisioning and decoms – ipv6 support (with a reduced price instance type) – a storage service (for those who want pictures)

That's all for now! Send us an email and get started with Capsul today! :)



additional resources;

Check out the Capsul website: Check out our bylaws here: Donate to the cause: All of our source code: Chat with us on Matrix: Chat with us on IRC: #cyberia on freenode