00:00 <jonesv[m]> Also from the browser, do you always access the sandstorm grain, or do you use a browser extension, or is there a way to get a link to TTRSS without being inside the Sandstorm UI?

00:00 <abliss[m]> i use the ttrss plugin for news+, but it's abandonware

00:06 <jonesv[m]> Oh there is an "HTTP authentication" option in the app!

00:07 <jonesv[m]> I am confused as to how it works. So I entered a URL, user and password in the "connection" settings, and then "sandstorm" and the password (again) in the HTTP Authentication settings, and it worked. No clue why "sandstorm" is a correct user (I guess the grain sets that) or how it deals with the https webkey and the http auth...

00:08 <jonesv[m]> I guess I'll accept that it's just magic for now, but it works 🎉

00:23 <ocdtrekkie> It makes a bit more sense if our mobile app settings page in the app is working. But yeah some clients are weird and ask you to enter the username and password twice effectively.

00:24 <ocdtrekkie> I think I've tried that app before.

00:25 <abliss[m]> yeah, IIRC its auth model doesn't map cleanly onto sandstorm's so this is the compromise. (i believe you can put anything for the user, not just "sandstorm", and it'll get ignored). I just wish the app were better. Its author/maintainer is pretty user-hostile.

00:28 <abliss[m]> e.g. see how a recent feature request was rebuffed here: https://community.tt-rss.org/t/notifications-on-android/304

00:33 <jonesv[m]> Right, not very nice indeed 🤔

00:37 <ocdtrekkie> This thread is an excellent reminder I need to go fix that page and it annoys actual people that it isn't fixed.

00:38 <jonesv[m]> Haha yeah sorry on my end for bothering you :). I had seen the "mobile app" tab but ignored it since it was not working 😇

00:38 <jonesv[m]> Thanks for the help again!

00:38 <jonesv[m]> Time to sleep here 💤

02:31 <ocdtrekkie> We are more than happy to be bothered about it, if Sandstorm isn't providing a great experience we need to fix it, so it's good to see where people are hitting issues, and we're happy to help. :)

10:30 <jonesv[m]> I was thinking again about that "sandstorm linux distro", more specifically the secure boot part. So what would be the threat model there? I mean we need to trust something at some point. Is the goal to support a TPM, or is it to have e.g. a secondary bootloader that would validate the firmware signature (against a hardcoded value) before boot?

10:30 <jonesv[m]> Or is it "just" to design it thinking about secure boot so that someone could integrate it with their specific hardware if they wanted to?

17:31 <isd> tbh I hadn't thought about it much -- but from my perspective the reason to fuss with it is just so people can install it on a machine without having to fuss with secure boot.

17:31 <isd> themselves.

17:32 <isd> I have personally never really done anything with secure boot other than disable it.