Stavros' Stuff

On programming and other things.

I made an e-ink display that shows my calendar

Time to relax? Think again.

There’s an old saying I just made up, it goes “a man has a problem. Give him a solution, now he has two problems”, and that’s how I felt when I came across the LilyGo T5, a beautiful e-ink display with an ESP32 microprocessor and an 18650 battery holder.

I needed to find something to make with it.

The idea

I realized that one thing that’s missing from my life right now is more time pressure. I have a job, which got me most of the way there, but I’m bad at remembering the time of each of the twenty meetings I have every day. I really needed something that would allow me to see my daily calendar at a glance, and I realized that a 4.7” e-ink screen was the perfect thing for that use case, so I quickly started working on making this a reality.

The result was…

The Timeframe

Continue reading…

Hacking my appetite

This must be how normal people feel

Recently, my weight shot up again, and I’ve gone over the weight where I start snoring in my sleep. Since my BMI is now somewhere in the range where I get my own orbit, I decided to do something about it. I recently found out about Semaglutide, and I figured I should give it a shot.

Semaglutide is a new drug for weight loss, or, more accurately, an old drug for diabetes. However, the diabetics who were taking it reported suppressed appetite, so the pharma company thought “hmmmmmm…”, and we got a nice weight loss drug.

Since I don’t like snoring or being overweight, I was curious to try it and see what happens, so I talked to a medical professional and got some prescribed, more out of curiosity than out of need. I think it’s going to be an interesting experiment, and am eager to see whether (and how) it works.

Continue reading…

Making a security key for the Framework laptop

I'm loving the Framework

I was searching for a laptop to replace my 5-year-old Dell XPS, and I came across the Framework laptop. I had heard good things about it, and I liked the hackability, so I thought I’d give it a shot, and ordered it. My first impression was extremely positive, it came with the RAM sticks in boxes, and I had to use the built-in screwdriver to open the laptop up and install the RAM. All the components inside have QR codes with guides on how to install things, and opening the laptop is a matter of unscrewing five (captive, yay!) screws and popping up the magnetic keyboard, it took twenty seconds to slot the RAM sticks in and be ready to go.

Unfortunately, I made a grave mistake

Continue reading…

Block non-Cloudflare IPs with ufw

DDoS and DDon'ts

Note: To skip the story and immediately go to the script that will fetch Cloudflare IPs and whitelist them using ufw, scroll down.

An interesting thing happened today: Someone contacted one of my clients and told them that he found a catastrophic regex backtracking vulnerability in one of their apps. This was interesting, because the app is a simple Next.js site that doesn’t use regex. Also, as far as I could see, Next.js doesn’t have any such vulnerabilities reported against it, so we were curious to figure out what was going on.

My client asked him to demonstrate the vulnerability, and he did. Sure enough, it brought the service down, but it also brought down the entire server, which was a bit odd. “Oh well”, I thought, “maybe it took up enough CPU to make the machine unresponsive”. The reporter then asked for a fee of 6 ETH to give my client information about the vulnerability and how to fix it, and gave references from other services. He even asked about possibly being hired by my client in a full-time position, to help with security.

Observing the vulnerability first-hand

I wanted to see the request for myself, though, so I could figure out which path it hits, reproduce it, and fix it. I asked my client to put the reporter in touch with “their security person” (me), so I could ask for another demonstration, this time being ready with logs to see what was going on.

The reporter agreed, and I logged onto the server to look around for

Continue reading…

Compressing images with Stable Diffusion

You get the gist

Images are just too big. A 3 MB bitmap compresses down to a 500 KB JPEG, which, don’t get me wrong, 16% of the original size is great, but why 500 KB? That’s still pretty large.

This is 2022, we shouldn’t have to put up with large images. Our websites might load 60 MB of stuff for a pageview, but that stuff shouldn’t be images, it should be Javascript, as Brendan Eich intended.

We shouldn’t have to put up with fat images, but, until now, we had no choice.

Now we do.

Continue reading…

Poop analytics

The poop analytics I've always wanted

As you may remember from a previous post, I have a blind cat whom I made some eyes for (which, incidentally, were a great success). One of the perennial and enduring problems every couple faces when they have a cat is how to divide the poop scooping. At least, that’s what I imagine, extrapolating from a sample size of 1.

Over the years, I have tried to come up with various equitable solutions that would be fair to both me and my partner. A few days after implementing the first solution, “just leave poop where it is”, we realized that we needed to add “be fair to the cat too” to the above equation, and I went back to the drawing board.

In this post, I will guide you through the various solutions

Continue reading…

Better communication with other drivers

Expressive, soulful communication

You know the problem: You’re driving through winding city streets, minding your own business, immersed in your thoughts about the kind of poor road planning that leads to a city having winding streets. Suddenly, what you can only assume is an inconsiderate, egotistic driver who revels in causing mild annoyance to everyone around them rudely cuts you off.

What can you do?

Pretty much the only recourse is available to you is to honk your horn at him, hoping he gets the exact meaning behind your honks. This, however, has always struck me as a crude and uncouth instrument. My elaborate, intricate feelings towards which exact plague should befall him are too nuanced for a simple horn to express.

I needed something more. Something succinct, yet expressive. Something complex, yet simple. Something unique, yet recognizable.

Luckily, someone solved the problem long before me:

Continue reading…

Making an AI-generated sleep podcast

Falling asleep is more fun with an AI in your ear

When I was a teenager, I had a CD player in my room, and I used to listen to fairy tales to fall asleep. The narrator’s voice would relax me and I’d fall asleep quickly. Fast forward to yesterday, I was playing with Google Text-To-Speech for an unrelated project, and had gotten one of their code samples to generate some speech for me. I had also played around with OpenAI’s GPT-3, which I had found wonderfully surrealist, and it had stuck in my mind, so I thought I should combine the two and create a podcast of nonsensical stories that you could listen to to help you fall asleep more easily.

Having already played with Google’s speech synthesis, I thought it would be pretty quick and easy to create this, as all I’d have to do is generate some text with GPT-3 and have Google speak it. GPT-3 is an AI model that can generate very convincing text from a sample. You basically give it a topic and a few sentences, and it continues in the same vein, writing very natural-sounding prose. Half an hour later, I had an AI-generated logo, AI-generated soundscapy background music, an AI-generated fairytale, and an AI-narrated audio file. A day later, I have seven:

The Deep Dreams podcast.

Here’s how I did it:

Continue reading…

How to write a modern Slack bot in Python

It took me SO LONG to find this info

This post is going to be short, but hopefully will help you avoid the troubles that befell me. I wanted to make a Slack bot using Python. “How hard can it be?”, I thought. “I’ve done it many times before”, I thought.

Think again.

The problem is that Slack has changed the way their APIs work. The old way is now referred to as a “classic app” with a “bot scope”, and that way is deprecated and you can’t really create apps like that now, so you have to do a whole other thing.

In this post, I will detail the steps necessary to create a simple bot that will listen for messages and reply to them. That’s all the scaffolding you’ll need (or that I needed) to create your apps, but I had to search for many hours to discover this information. Hopefully Google will be kinder to you and

Continue reading…

How to ask for help

It's harder than it sounds

As you may be aware, I very much like building things. Almost by definition, this means that I’m very often in situations where I’m out of my depth, as I always try to do new things that I don’t quite know how to do yet. Luckily, I have a whole bunch of knowledgeable friends whom I can ask for help.

However, I noticed a pervasive problem when asking for someone’s help: It takes way too long to describe the issue I’m having. To make matters worse, conversations are usually synchronous (either chat or phone calls), which means that I’m wasting a bunch of the limited time they’re gracious enough to give me on trying to get my thoughts in order and describe the problem well.

This is very suboptimal, and I’d like to propose a better

Continue reading…