first draft

.gitattributes

@@ -1,7 +1,5 @@
 # SPDX-FileCopyrightText: 2025 Ncam Gnrvngu <info@ncamgnrvngu.eu>
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
+
 *.mp3 filter=lfs diff=lfs merge=lfs -text
-*.png filter=lfs diff=lfs merge=lfs -text
-*.ase filter=lfs diff=lfs merge=lfs -text
-*.tiff filter=lfs diff=lfs merge=lfs -text

config.toml

@@ -26,7 +26,5 @@ highlight_theme = "Catpuccin Mocha"
 
 [extra]
 # Put all your custom variables here
-mastodon_url = "https://nerdculture.de/@NcamGnrvngu"
-mastodon_user = "@NcamGnrvngu@nerdculture.de"
-matrix_user = "@ncamgnrvngu:stratum0.org"
-bookwyrm_url = "https://bookrastinating.com/user/NcamGnrvngu"
+mastodon_url = "https://mstdn.social/@Ncamgnrvngu"
+matrix_user = "@ncamgnrvngu:matrix.org"

content/post/about-my-name.md

@@ -1,31 +0,0 @@
-+++
-title = "About my name"
-date = "2025-11-26"
-+++
-As you probably know since you landed here I have a really weird name. Naturally this confuses a lot of beings so heres the looong explanation of what's up with my name.
-
-# How it all began
-In the summer of 2021 younger me made a new Discord account. As younger me always did with new accounts I wanted to give it a new unique name. But not just any boring name. It had to be something special. Something meaningful. Younger me had an idea: How about I take this very sophisticated makeshift encryption I thought of (It really was makeshift and it really isn't sophisticated) and encrypt something as my username. So younger me did that. I threw *something* through that encryption cypher and out popped this abomination: "Ncam Gnrvngu".
-
-# The consequences
-Being cyphertext it really looks like I hit my head a little too hard on the keyboard. While it might have looked cool in the begining this username does have some downsides that I discovered since I started using it more and more:
-
-1. Nobody can pronounce it (Including me lol)
-1. It regularly confuses other beings
-1. Nobody can remember it
-
-Even though this username is confusing and complicated it's still very near and dear to my heart. It's something I've lived with for a relatively long time and its cleartext is also still relevant to me (and weirdly getting more relevant).
-
-# The solutions
-So as I don't want to get rid of this name anytime soon, I (and others) had to come up with some solutions
-### Nobody can pronounce it
-This is one of the most common questions I get about this name: *How the heck do I pronounce that?* I genuinely had no real answer to this for a long time. But then I registered an account on [schenklradio.de](https://schenklradio.de), a web radio station with lots of community involvment, mostly consisting of community members voting on what songs should be played next. That presented a relatively hard problem for the hosts on Schenklradio: When a song gets played, the hosts usually read out the names of the users that whished fo it. That of course gets quite complicated with a username like mine. However being a really kind and welcoming community, I was presented with a very creative solution: If you ignore the first part of my name, throw in ungodly amounts of imagination and gently stir you could see "Guru" in there. Which is great. It's short. Everybody knows how to pronounce it. Sure its kind of complicated to get from "Ncam Gnrvngu" to "Guru" but hey: It does its job.
-
-**Disclaimer:** "Guru" is not supposed to mean that I claim to be a guru at anything. It simply is the best solution I have found for pronouncing my name.
-### It regularly confuses other beings
-You're reading the solution to this problem right now! Having a blog gives me the opportunity to create this article as a reference that I can point people to in case of confusion. A comprehensive ressource covering everything from how I got here to how to use it. Being a webpage I also have the option to update this article to improve it: So if this thing needs aditional context, clarification or leaves a question unanswered: Do hit me up so I can improve it!
-### Nobody can remember it
-This honestly is the hardest problem to solve. I don't think theres a real solution for it. I can however make life less cumbersome for everyone by making, again, this webpage. It provides a central hub from which I can link to all socials and whatnot so you just have to click a link and don't have to type in everything. Of course you also have to get here. To make that easier I will try to link to this page from as many places as possible so you can just click on it and voila: You're here.
-
-# So what does it mean?
-Having already written down a lot of things I still haven't answered the most important question: *But what does it mean??* Now of course I could just write it down here and call it a day. But where's the fun in that? The encryption really isn't hard to break so I present you with an offer: If you manage to decrypt whatever the heck young me encrypted in my name, I will tell you what it means. So if you manage to decrypt it, text me on Matrix, Fedi or Signal! I just have one demand: Please don't spoil the fun for other beings and tell them what it means. 

content/post/links-in-emails.md

@@ -0,0 +1,31 @@
++++
+title = "Rant: Links in Emails"
+date = "2025-06-02"
++++
+
+
+# Phishing
+A phishing attack requires two steps. 
+
+1. Bring users onto a fake website
+2. Ask for their credentials
+
+This means there are two ways of stopping phishing for your service. You can either implement secure, phishing resistent 2FA like FIDO-2 or Passkeys or you can prevent useres from getting onto fake websites.
+There are of course a lot of ways how an individual can be phished. The more obvious ones are for example typosquatting, where malicious actors register common typos of popular domain names. A phisher would for example register aamazon.com and hope someone mistypes amazon.com.
+This is of course a very inefficient way of aquiring targets and can be easily prevented by just registering these typos yourself. gooogle.com for example redirects to google.com.
+There is however another highly efficient way of getting people onto your phishing website: E-Mails. Just send the user a fake security alert with a nice little "More info" button et voila: You have a victim.
+
+# Why this works
+This method, of course, only works because the users are used to the pattern of links in E-Mails. For years companys have been sending email confirmations, 2FA mails and security alerts with a link that contains a long token and that users can just conveniently click on.
+From a security standpoint this is great. Links allow you to use really long tokens because there is no need to type them into your website. Users can just click and go. Links can however be faked. The link text has no relationship with the actual URL it points to.
+"But E-Mail clients show the URL when you hover over a link". Yes they do. Do you always check the link?. And is live.com an official Microsoft domain? Yes you should always check the links you click on. This can however be difficult, especially in the stress situations that spam mails seek to create.
+So how could this be prevented.
+
+# How can we fix it
+There are of course multiple solutions to this problem. You could just stop sending E-Mails in favour of more secure communication channels or 2FA methods. This solution would be nice in a utopia where everything is secure and everyone cares about security, but is not possible in our current world.
+We can however fix this with another pattern that is commonly used for 2FA: Codes in E-Mails. Security codes require the user to navigate to the website the're for manually. Sure you could send someone a fake code via E-Mail. But if they enter that code on the official website you gain nothing.
+This pattern is nowadays mostly used for 2FA. That does not have to be so. Instead of sending a link with a token in your security warning you could then just ask the user to log in and ask for a code that is then sent to their inbox.
+Of course these codes are shorter and therefore eaier to bruteforce than long tokens in links. This can however be circumvented by expiring the token after a couple of minutes. As a bonus the expiration also minimises the amount of time that a sensitive token is stored on an unencrypted E-Mail server.
+Paired with a warning that "<insert company name here> will never send you links in E-Mails" this could irradicate most phishing scams.
+
+I think thats enough gramatically questionable screaming into the void for now. I hope you enjoyed my first little blog post. Let me know on Mastodon what you think of it.

content/project/pixel-pride/index.md

@@ -1,50 +0,0 @@
-+++
-title = "Pixel Art Prideflags"
-date = "2025-09-15"
-updated = "2025-10-26"
-[extra]
-image = "sticker-box.webp"
-+++
-
-As you can maybe guess from my magnificent profile picture I really like pride flags. I also really like pixel art. So why not throw these two together, gently stir and create some beautiful images in different resolutions (12, 24 (*new!*), 30 and 42 pixels high) for you and me to use and enjoy.
-
-So I did that.
-
-Here are the original .ase files I created using [Libresprite](https://libresprite.github.io) (Which is awesome btw; Go check it out!). The files are organized in 4 layers: A basic rainbow flag, the progress "arrow", the intersex circle and a try to include the non-binary flag in the intersex arrow (credits to [Gender Transition For Dummies](https://www.dummies.com/book/body-mind-spirit/relationships-family/sex-gender/gender-transition-for-dummies-302707/) for the idea!).
-
-Click on the images to download them.
-
-<a href="Pride-12.ase" download>
-  <img src="Pride-12.png" class="pixelart"/>
-</a>
-<a href="Pride-24.ase" download>
-  <img src="Pride-24.png" class="pixelart"/>
-</a>
-<a href="Pride-30.ase" download>
-  <img src="Pride-30.png" class="pixelart"/>
-</a>
-<a href="Pride-42.ase" download>
-  <img src="Pride-42.png" class="pixelart"/>
-</a>
-
-You can also download these images as a png:
-
-<a href="Pride-12.png" download>12px (with non-binary)</a>
-<a href="Pride-12-non-nb.png" download>12px (without non-binary)</a>
-
-<a href="Pride-24.png" download>24px (with non-binary)</a>
-<a href="Pride-24-non-nb.png" download>24px (without non-binary)</a>
-
-<a href="Pride-30.png" download>30px (with non-binary)</a>
-<a href="Pride-30-non-nb.png" download>30px (without non-binary)</a>
-
-<a href="Pride-42.png" download>42px (with non-binary)</a>
-<a href="Pride-42-non-nb.png" download>42px (without non-binary)</a>
-
-If the CC BY-NC-SA license on these images would prohibit your use of them, do hit me up so we can find a solution for your specific use.
-
-On a related note: I also really like stickers. So I made some! 
-
-<img src="sticker-box.webp"/>
-
-I will bring these to the next chaos events I'm attending so feel free to ask me for some! You can download the file I used to order these stickers (CMYK colors; DIN A8 600dpi; includes 3mm margin on all sides) <a href="Pride-30-a8.tiff">here</a>

sass/_base.scss

@@ -129,7 +129,3 @@ code {
 #license a {
   margin: 0;
 }
-
-.pixelart {
-  image-rendering: pixelated
-}

sass/post/page.scss

@@ -14,9 +14,3 @@
   font-size: 40pt;
   margin-bottom: 10px;
 }
-
-img {
-  width: 600px;
-  max-width: 90%;
-  margin-bottom: 10px;
-}

sass/style.scss

@@ -24,7 +24,6 @@
 }
 
 #greeter img {
-  image-rendering: crisp-edges;
   width: 20%;
   height: auto;
   margin: auto;
@@ -42,7 +41,7 @@
   margin-bottom: 5px;
 }
 #greeter div h2 {
-  font-size: min(2.7cqw, 18pt);
+  font-size: min(2.9cqw, 20pt);
   font-weight: 600;
   color: c.$subtext1;
   margin-top: 5px;

templates/base.html

@@ -36,9 +36,6 @@
                     {% if config.extra.matrix_user %}
                         <a href="https://matrix.to/#/{{ config.extra.matrix_user }}">Matrix</a>
                     {% endif %}
-                    {% if config.extra.bookwyrm_url %}
-                        <a href="{{ config.extra.bookwyrm_url }}">Bookwyrm</a>
-                    {% endif %}
                     <p id="license">
                         Except where otherwise noted, the content on this site is licensed under <a href="https://creativecommons.org/licenses/by-nc-sa/4.0/">CC BY-NC-SA 4.0</a>
                     </p>

templates/index.html

@@ -2,10 +2,10 @@
 {% block title %}Ncam Gnrvngu{% endblock title %}
 {% block content %}
 <div id="greeter">
-    <img src="/logo.png">
+    <img src="/logo.jpg">
     <div>
         <h1>Hey I'm Ncam Gnrvngu</h1>
-        <h2>I cosplay as a programmer and musician</h3>
+        <h2>I'm a programmer and musician</h3>
     </div>
 </div>
 <div id="categories">

templates/post.html

@@ -13,23 +13,4 @@
 <div id="page_content">
 {{ page.content | safe }}
 </div>
-
-{% if config.extra.mastodon_user %}
-<meta name="fediverse:creator" content="{{ config.extra.mastodon_user}}"/>
-{% endif %}
-<meta name="og:title" content="{{ page.title }}"/>
-<meta name="og:type" content="article"/>
-<meta name="article:published_time" content="{{ page.date }}"/>
-{% if page.updated %}
-<meta name="article:modified_time" content="{{ page.updated }}"/>
-{% endif %}
-{% if page.authors[0] %}
-<meta name="og:article:author" content="{{ page.authors[0] }}"/>
-{% elif config.author %}
-<meta name="og:article:author" content="{{ config.author }}"/>
-{% endif %}
-<meta name="og:url" content="{{ page.permalink }}"/>
-{% if page.extra.image %}
-<meta name="og:image" content="{{ page.permalink }}{{ page.extra.image }}"/>
-{% endif %}
 {% endblock content %}