John Goerzen: NNCPNET Can Optionally Exchange Internet Email [Planet Debian]
A few days ago, I announced NNCPNET, the email network based atop NNCP. NNCPNET lets anyone run a real mail server on a network that supports all sorts of topologies for transport, from Internet to USB drives. And verification is done at the NNCP protocol level, so a whole host of Internet email bolt-ons (SPF, DMARC, DKIM, etc.) are unnecessary.
Shortly after announcing NNCPNET, I added an Internet bridge. This lets you get your own DOMAIN.nncpnet.org domain, and from there route email to and from the Internet using a gateway node. Simple, effective, and a way to get real email to and from your laptop or Raspberry Pi without having to have a static IP, SPF, DMARC, DKIM, etc.
It’s a volunteer-run, free, service. Give it a try!
This Week in Seattle Food News [The Stranger]
8 at
Ping Yang
This Thai fusion charcoal grill concept soft opened in the former
OOLA
space last Friday, April 18, serving dishes like Dungeness crab
cakes, coconut clam chowder, lobster khao soi, and green curry
pasta.
Capitol Hill
WordLand v0.5.6: You can customize the menu that pops up when you select text. and we now handle sites with large category lists, the previous limit was 100.
Bits from Debian: Debian Project Leader election 2025 is over, Andreas Tille re-elected! [Planet Debian]
The voting period and tally of votes for the Debian Project Leader election has just concluded and the winner is Andreas Tille, who has been elected for the second time. Congratulations!
Out of a total of 1,030 developers, 362 voted. As usual in Debian, the voting method used was the Condorcet method.
More information about the result is available in the Debian Project Leader Elections 2025 page.
Many thanks to Andreas Tille, Gianfranco Costamagna, Julian Andres Klode, and Sruthi Chandran for their campaigns, and to our Developers for voting.
The new term for the project leader started on April 21st and will expire on April 20th 2026.
The VTech Socratic method [OSnews]
We’ve had a lot of fun with VTech’s computers in the past on this blog. Usually, they’re relatively spartan computers with limited functionality, but they did make something very interesting in the late 80s. The Socrates is their hybrid video game console/computer design from 1988, and today we’ll start tearing into it.
↫ Leaded Solder web log
Now we’re in for the good stuff. A weird educational computer/game console/toy thing from the late ’80s, by VTech. I have a massive soft spot for these toy-like devices, because they’re always kind of a surprise – will it be a stupidly simple hardcoded device with zero input/output, or a weirdly capable computer with tons of hidden I/O and a full BASIC ROM? You won’t know until you crack it open and take a peek!
VTech still makes things like this, and I still find them ever as fascinating.
Torvalds states the obvious: file systems should be case-sensitive [OSnews]
Apparently, the Bcachefs people are having problems with case-folding, and Linus Torvalds himself is not happy about it. Torvalds holds the only right opinion in this matter, which is that filesystems should obviously be case-sensitive.
Case-insensitive names are horribly wrong, and you shouldn’t have done them at all. The problem wasn’t the lack of testing, the problem was implementing it in the first place.
[…]Dammit. Case [in]sensitivity is a BUG. The fact that filesystem people still think it’s a feature, I cannot understand. It’s like they revere the old FAT filesystem so much that they have to recreate it – badly.
↫ Linus Torvalds on the LKML
It boggles my mind that a modern operating system like macOS still defaults to being case-insensitive (but case-preserving), and opting to install macOS the correct way, i.e. with case-sensitivity, can still lead to issues and bugs because macOS isn’t used to it. In 2025. Windows’ NTFS is at least case-sensitive, but apparently Win32 applications get all weird about it; if you have several files with identical names save for the case used, Win32 applications will only allow you to open one of them. I’m not sure how up to date that information is, though.
Regardless, the notion that Readme.txt is considered the same as readme.txt is absolutely insane, and should be one of those weird relics we got rid of back in the ’90s.
Friday Squid Blogging: Squid Facts on Your Phone [Schneier on Security]
Text “SQUID” to 1-833-SCI-TEXT for daily squid facts. The website has merch.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
[$] Debian debates AI models and the DFSG [LWN.net]
The Debian project is discussing a General Resolution (GR) that would, if approved, clarify that AI models must include training data to be compliant with the Debian Free Software Guidelines (DFSG) and be distributed by Debian as free software. While GR discussions are sometimes contentious, the discussion around the proposal from Debian developer Mo Zhou has been anything but—there seems to be consensus that AI models are not DFSG-compliant if they lack training data. There are, however, some questions about the exact language and questions about the impact the GR will have on existing packages in the Debian archive.
My Sunderfolk and Expedition 33 impressions [Penny Arcade]
Over the last couple of days I’ve checked out two games that were not even on my radar a few weeks ago and I now love. I figured I’d pop in here and give you my quick impressions of Sunderfolk and Clair Obscur: Expedition 33.
Simon Josefsson: GitLab Runner with Rootless Privilege-less Podman on riscv64 [Planet Debian]
I host my own GitLab
CI/CD runners, and find that having coverage on the
riscv64
CPU architecture is useful for testing things.
The HiFive Premier
P550 seems to be a common hardware choice. The P550 is possible
to purchase online. You also need a (mini-)ATX chassi, power supply
(~500W is more than sufficient), PCI-to-M2 converter and a NVMe
storage device. Total cost per machine was around $8k/€8k for
me. Assembly was simple: bolt everything, connect ATX power,
connect cables for the front-panel, USB and and Audio. Be sure to
toggle the physical power switch on the P550 before you close the
box. Front-panel power button will start your machine. There is a
P550 user manual available.
Below I will guide you to install the GitLab Runner on the pre-installed Ubuntu 24.04 that ships with the P550, and configure it to use Podman in root-less mode. Presumably you want to migrate to some other OS instead; hey Trisquel 13 riscv64 I’m waiting for you! I wouldn’t recommend using this machine for anything sensitive, there is an awful lot of non-free and/or vendor-specific software installed, and the hardware itself is young. I am not aware of any other riscv64 hardware that has been proven to be able to run a libre OS, all of them appear to require special patches and/or non-mainline kernels.
sudo -i
and
change the hostname:echo jas-p550-01 > /etc/hostname
apt-get update &&
apt-get dist-upgrade -u
.apt-get install minicom
minicom -o -D /dev/ttyUSB3
#cmd: ifconfig
inet 192.168.0.2 netmask: 255.255.240.0
gatway 192.168.0.1
SOM_Mac0: 8c:00:00:00:00:00
SOM_Mac1: 8c:00:00:00:00:00
MCU_Mac: 8c:00:00:00:00:00
#cmd: setmac 0 CA:FE:42:17:23:00
The MAC setting will be valid after rebooting the carrier board!!!
MAC[0] addr set to CA:FE:42:17:23:00(ca:fe:42:17:23:0)
#cmd: setmac 1 CA:FE:42:17:23:01
The MAC setting will be valid after rebooting the carrier board!!!
MAC[1] addr set to CA:FE:42:17:23:01(ca:fe:42:17:23:1)
#cmd: setmac 2 CA:FE:42:17:23:02
The MAC setting will be valid after rebooting the carrier board!!!
MAC[2] addr set to CA:FE:42:17:23:02(ca:fe:42:17:23:2)
#cmd:
apt-get install openocd
wget https://raw.githubusercontent.com/sifiveinc/hifive-premier-p550-tools/refs/heads/master/mcu-firmware/stm32_openocd.cfg
echo 'acc115d283ff8533d6ae5226565478d0128923c8a479a768d806487378c5f6c3 stm32_openocd.cfg' | sha256sum -c
openocd -f stm32_openocd.cfg &
telnet localhost 4444
...
echo 'ssh-ed25519 AAA...' > ~/.ssh/authorized_keys
sed -i 's;^#PasswordAuthentication.*;PasswordAuthentication no;' /etc/ssh/sshd_config
service ssh restart
parted /dev/nvme0n1 print
blkdiscard /dev/nvme0n1
parted /dev/nvme0n1 mklabel gpt
parted /dev/nvme0n1 mkpart jas-p550-nvm-02 ext2 1MiB 100% align-check optimal 1
parted /dev/nvme0n1 set 1 lvm on
partprobe /dev/nvme0n1
pvcreate /dev/nvme0n1p1
vgcreate vg0 /dev/nvme0n1p1
lvcreate -L 400G -n glr vg0
mkfs.ext4 -L glr /dev/mapper/vg0-glr
Now with a reasonable setup ready, let’s install the
GitLab Runner. The following is adapted from gitlab-runner’s
official installation instructions documentation. The normal
installation flow doesn’t work because they don’t
publish riscv64
apt repositories, so you will have to
perform upgrades manually.
# wget https://s3.dualstack.us-east-1.amazonaws.com/gitlab-runner-downloads/latest/deb/gitlab-runner_riscv64.deb
# wget https://s3.dualstack.us-east-1.amazonaws.com/gitlab-runner-downloads/latest/deb/gitlab-runner-helper-images.deb
wget https://gitlab-runner-downloads.s3.amazonaws.com/v17.11.0/deb/gitlab-runner_riscv64.deb
wget https://gitlab-runner-downloads.s3.amazonaws.com/v17.11.0/deb/gitlab-runner-helper-images.deb
echo '68a4c2a4b5988a5a5bae019c8b82b6e340376c1b2190228df657164c534bc3c3 gitlab-runner-helper-images.deb' | sha256sum -c
echo 'ee37dc76d3c5b52e4ba35cf8703813f54f536f75cfc208387f5aa1686add7a8c gitlab-runner_riscv64.deb' | sha256sum -c
dpkg -i gitlab-runner-helper-images.deb gitlab-runner_riscv64.deb
Remember the NVMe device? Let’s not forget to use it, to
avoid wear and tear of the internal MMC root disk. Do this now
before any files in
/home/gitlab-runner
appears, or you
have to move them manually.
gitlab-runner stop
echo 'LABEL=glr /home/gitlab-runner ext4 defaults,noatime 0 1' >> /etc/fstab
systemctl daemon-reload
mount /home/gitlab-runner
Next install gitlab-runner
and configure it.
Replace token glrt-REPLACEME
below with the
registration token you get from your GitLab project’s
Settings -> CI/CD -> Runners -> New project runner. I used
the tags ‘riscv64‘ and a runner
description of the hostname.
gitlab-runner register --non-interactive --url https://gitlab.com --token glrt-REPLACEME --name $(hostname) --executor docker --docker-image debian:stable
We install and configure gitlab-runner to use podman, and to use non-root user.
apt-get install podman
gitlab-runner stop
usermod --add-subuids 100000-165535 --add-subgids 100000-165535 gitlab-runner
You need to run some commands as the gitlab-runner
user, but unfortunately some interaction between sudo/su and
pam_systemd makes this harder than it should be. So you have to
setup SSH for the user and login via SSH to run the commands. Does
anyone know of a better way to do this?
# on the p550:
cp -a /root/.ssh/ /home/gitlab-runner/
chown -R gitlab-runner:gitlab-runner /home/gitlab-runner/.ssh/
# on your laptop:
ssh gitlab-runner@jas-p550-01
systemctl --user --now enable podman.socket
systemctl --user --now start podman.socket
loginctl enable-linger gitlab-runner gitlab-runner
systemctl status --user podman.socket
We modify /etc/gitlab-runner/config.toml
as
follows, replace 997
with the user id shown by
systemctl status
above. See feature
flags documentation for more documentation.
[[runners]]
environment = ["FF_NETWORK_PER_BUILD=1", "FF_USE_FASTZIP=1"]
...
[runners.docker]
host = "unix:///run/user/997/podman/podman.sock"
Note that unlike the documentation I do not add the ‘privileged = true‘ parameter here. I will come back to this later.
Restart the system to confirm that pushing a
.gitlab-ci.yml
with a job that uses the
riscv64
tag like the following works properly.
dump-env-details-riscv64:
stage: build
image: riscv64/debian:testing
tags: [ riscv64 ]
script:
- set
Your gitlab-runner should now be receiving jobs and running them
in rootless podman. You may view the log using
journalctl
as follows:
journalctl --follow _SYSTEMD_UNIT=gitlab-runner.service
To stop the graphical environment and disable some unnecessary services, you can use:
systemctl set-default multi-user.target
systemctl disable openvpn cups cups-browsed sssd colord
At this point, things were working fine and I was running many successful builds. Now starts the fun part with operational aspects!
I had a problem when running buildah to build a new container from within a job, and noticed that aardvark-dns was crashing. You can use the Debian ‘aardvark-dns‘ binary instead.
wget http://ftp.de.debian.org/debian/pool/main/a/aardvark-dns/aardvark-dns_1.14.0-3_riscv64.deb
echo 'df33117b6069ac84d3e97dba2c59ba53775207dbaa1b123c3f87b3f312d2f87a aardvark-dns_1.14.0-3_riscv64.deb' | sha256sum -c
mkdir t
cd t
dpkg -x ../aardvark-dns_1.14.0-3_riscv64.deb .
mv /usr/lib/podman/aardvark-dns /usr/lib/podman/aardvark-dns.ubuntu
mv usr/lib/podman/aardvark-dns /usr/lib/podman/aardvark-dns.debian
My setup uses podman in rootless mode without passing the –privileged parameter or any –add-cap parameters to add non-default capabilities. This is sufficient for most builds. However if you try to create container using buildah from within a job, you may see errors like this:
Writing manifest to image destination
Error: mounting new container: mounting build container "8bf1ec03d967eae87095906d8544f51309363ddf28c60462d16d73a0a7279ce1": creating overlay mount to /var/lib/containers/storage/overlay/23785e20a8bac468dbf028bf524274c91fbd70dae195a6cdb10241c345346e6f/merged, mount_data="lowerdir=/var/lib/containers/storage/overlay/l/I3TWYVYTRZ4KVYCT6FJKHR3WHW,upperdir=/var/lib/containers/storage/overlay/23785e20a8bac468dbf028bf524274c91fbd70dae195a6cdb10241c345346e6f/diff,workdir=/var/lib/containers/storage/overlay/23785e20a8bac468dbf028bf524274c91fbd70dae195a6cdb10241c345346e6f/work,volatile": using mount program /usr/bin/fuse-overlayfs: unknown argument ignored: lazytime
fuse: device not found, try 'modprobe fuse' first
fuse-overlayfs: cannot mount: No such file or directory
: exit status 1
According to GitLab runner security considerations, you should not enable the ‘privileged = true’ parameter, and the alternative appears to run Podman as root with privileged=false. Indeed setting privileged=true as in the following example solves the problem, as I suppose running as root would too.
[[runners]]
environment = ["FF_NETWORK_PER_BUILD=1", "FF_USE_FASTZIP=1"]
[runners.docker]
privileged = true
Can we do better? After some experimentation, and reading open
issues with suggested
capabilities and configuration
snippets, I ended up with the following configuration. It runs
podman in rootless mode (as the gitlab-runner
user)
without --privileged
, but add the
CAP_SYS_ADMIN
capability and exposes the /dev/fuse device.
Still, this is running as non-root user on the machine, so I think
it is an improvement compared to using
--privileged
and also compared to
running podman as root.
[[runners]]
environment = ["FF_NETWORK_PER_BUILD=1", "FF_USE_FASTZIP=1"]
[runners.docker]
host = "unix:///run/user/997/podman/podman.sock"
privileged = false
cap_add = ["SYS_ADMIN"]
devices = ["/dev/fuse"]
Still I worry about the security properties of such a setup, so I only enable these settings for a separately configured runner instance that I use when I need this docker-in-docker (oh, I meant buildah-in-podman) functionality. I found one article discussing Rootless Podman without the privileged flag that suggest –isolation=chroot but I have yet to make this work. Suggestions for improvement are welcome.
Happy Riscv64 Building!
IRS-ICE Immigrant Data Sharing Agreement Betrays Data Privacy and Taxpayers’ Trust [Deeplinks]
In an unprecedented move, the U.S. Department of Treasury and the U.S. Department of Homeland Security (DHS) recently reached an agreement allowing the IRS to share with Immigration and Customs Enforcement (ICE) taxpayer information of certain immigrants. The redacted 15-page memorandum of understanding (MOU) was exposed in a court case, Centro de Trabajadores Unidos v. Bessent, which seeks to prevent the IRS from unauthorized disclosure of taxpayer information for immigration enforcement purposes. Weaponizing government data vital to the functioning and funding of public goods and services by repurposing it for law enforcement and surveillance is an affront to a democratic society. In addition to the human rights abuses this data-sharing agreement empowers, this move threatens to erode trust in public institutions in ways that could bear consequences for decades.
Specifically, the government justifies the MOU by
citing
Executive Order 14161, which was issued on
January 20, 2025. The Executive Order directs the heads of several
agencies, including DHS, to identify and remove individuals
unlawfully present in the country. Making several leaps, the MOU
states that DHS has identified “numerous” individuals
who are unlawfully present and have final orders of removal, and
that each of these individuals is “under criminal
investigation” for violation of federal law—namely,
“failure to depart” the country under
8 U.S.C. § 1253(a)(1). The MOU uses
this basis for the IRS disclosing to ICE taxpayer information that
is otherwise confidential under the tax code.
In practice, this new data-sharing process works like
this: ICE makes a request for an individual’s name and
address, taxable periods for which the return information pertains,
the federal criminal statute being investigated, and reasons why
disclosure of this information is relevant to the criminal
investigation. Once the IRS receives this request from ICE, the
agency reviews it to determine whether it falls under an exception
to the statutory authority requiring confidentiality and provides
an explanation if the request cannot be processed.
But there are two big reasons why this MOU fails to pass
muster.
First, as the NYU Tax Law Center
identified:
“While the MOU references criminal investigations, DHS recently reportedly told IRS officials that ‘they would hope to use tax information to help deport as many as seven million people.’ That is far more people than the government could plausibly investigate, or who are plausibly subject to criminal immigration penalties, and suggests DHS’s actual reason for pursuing the tax data is to locate people for civil deportation, making any ‘criminal investigation’ a false pretext to get around the law.”
Second, it’s unclear how the IRS would verify the
accuracy of ICE’s requests. Recent events have demonstrated
that ICE’s deportation mandate trumps all else—with ICE
obfuscating, ignoring, or outright lying about how they conduct
their operations and who they target. While ICE has fueled
narratives about deporting “criminals” to a notorious
El Salvador prison,
reports have repeatedly shown that most of those deported had
no criminal histories. ICE has even
arrested U.S. citizens based on erroneous
information and blatant
racial
profiling. But ICE’s lack of accuracy
isn’t new—in fact, a recent
settlement in the case Gonzalez v. ICE
bars ICE from relying on its network of erroneous databases to
issue detainer requests. In that case, EFF filed an
amicus brief identifying the dizzying array
of ICE’s interconnected databases, many of which were out of
date and incomplete and yet were still relied upon to deprive
people of their liberty.
In the wake of the MOU’s signing, several top IRS
officials
have resigned. For decades, the agency expressed interest in
only collecting tax revenue and promised to keep that information
confidential. Undocumented immigrants were encouraged to file
taxes, despite being unable to reap benefits like Social Security
because of their status. Many did, often because any promise of a
future pathway to legalizing their immigration status hinged on
having fulfilled their tax obligations. Others did because as part
of mixed-status families, they were able to claim certain tax
benefits for their U.S. citizen children. The MOU weaponizes that
trust and puts immigrants in an impossible situation—either
fail to comply with tax law or risk facing deportation if their tax
data ends up in ICE’s clutches.
This MOU is also sure to have a
financial impact. In 2023, it was estimated that undocumented
immigrants contributed $66 billion in federal and
payroll taxes alone. Experts anticipate that due to the
data-sharing agreement, fewer undocumented immigrants will file
taxes, resulting in over $313 billion in
lost tax revenue over 10 years.
This move by the federal government not only betrays
taxpayers and erodes vital trust in necessary civic
institutions—it also reminds us of how little we have learned
from U.S. history. After all, it was a piece of legislation passed
in a time of emergency, the
Second War Powers Act, that included the
provision that allowed once-protected census data to
assist in the incarceration of Japanese Americans during
World War II. As the White House wrote in a
report on big data in 2014, “At its
core, public-sector use of big data heightens concerns about the
balance of power between government and the individual. Once
information about citizens is compiled for a defined purpose, the
temptation to use it for other purposes can be considerable.”
Rather than heeding this caution, this data-sharing agreement seeks
to exploit it. This is yet another attempt by the
current administration to
sweep up and disclose large amounts of sensitive and confidential
data. Courts must put a stop to these efforts to destroy data
privacy, especially for vulnerable groups.
Gabriel's family, stuffed as it is with gamers, boardgamers, and wargamers of all stripes, seems uniquely subject to what Sunderfolk is trying to do.
Leaders Must Do All They Can to Bring Alaa Home [Deeplinks]
It has now been nearly two months since UK Prime Minister Starmer spoke with Egyptian President Abdel Fattah el-Sisi, yet there has been no tangible progress in the case of Alaa Abd El Fattah, the British-Egyptian writer, activist, and technologist who remains imprisoned in Egypt.
In yet another blow to his family and supporters, who have been tirelessly advocating for his release, we’ve now learned that Alaa has fallen ill while on a sustained hunger strike protesting his incarceration. Alaa’s sentence was due to end last September.
Alaa’s mother, Laila Soueif, initiated a hunger strike beginning on his intended release date to amplify demands for her son’s release. Soueif, too, is facing deteriorating health, having to shift from a full hunger strike to a partial strike allowing for 300 liquid calories a day after being hospitalized in London, and following Starmer’s subsequent call with el-Sisi. Risking serious complications, today marks the 208th day of her hunger strike in protest at her son’s continued imprisonment in Egypt. Calling for her son’s freedom, Soueif has warned that she will resume a full hunger strike if progress is not made soon on Alaa’s case.
As of April 24, Alaa is on Day 55 of a hunger strike that he began on 1 March. He is surviving on a strict ration of herbal tea, black coffee, and rehydration salts, and is now being treated in Wadi El-Natrun prison for severe stomach pains. In a letter to his family on April 20, Alaa described worsening conditions and side effects from medications administered by prison doctors: “the truth is the inflammation is getting worse … all these medicines are making me dizzy and yesterday my vision was hazy and I saw distant objects double.”
Responding to Alaa’ illness in prison, Alaa’s sister Sanaa Seif stated in a press release: “We are all so exhausted. My mum and my brother are literally putting their bodies on the line, just to give Alaa the freedom he deserves. Their health is so precarious, I’m always afraid that we are on the verge of a tragedy. We need Keir Starmer to do all he can to bring Alaa home to us.”
Alaa’s case has galvanized support from across the UK political spectrum, with more than 50 parliamentarians urging immediate action. Prime Minister Starmer has publicly committed to pressing for Alaa’s release, but these words must now be matched by action. As Alaa’s health deteriorates, and his family’s ordeal drags on, the need for decisive intervention has never been more urgent. The time to secure Alaa’s freedom—and prevent further tragedy—is now.
EFF continues to work with the campaign to free Alaa: his case is a critical test of digital rights, free expression, and international justice.
Going Up in Smoke [The Stranger]
Grammy Award-winning tenor Freddie Ballentine and (equally accolade-laden) Indian-American pianist Kunal Lahiry premiered their recital Our People, a celebration of LGBTQ and Black artists and histories, at Washington, D.C.’s Kennedy Center in December 2021. It’s a production that Ballentine, who is Black, says was a response to the Black Lives Matter movement following the death of George Floyd. “It was something that represented the times, and represented us, and represented as many queer and Black people as we could imagine in one setting,” Ballentine says.
Things have changed and things haven’t changed since that 2021 debut. For one, Ballentine and Lahiry, who both grew up in the US, now live in Berlin, which is home to a “gorgeous” music scene, three great opera houses, and parties Ballentine says feature “everything that my wild little heart desires.”
The Kennedy Center, meanwhile, is a hyperpoliticized version of the institution it once was following President Donald Trump’s purge of and ensuing self-appointment to the Center’s board, placing an executive director of allegedly “unhinged” nature at its helm. All of that against the backdrop of continuously worsening political and social conditions for many Black people, queer and trans people, immigrants, and others, who historically and presently confront fascism’s entrenchment.
Our People comes to Seattle Opera’s Tagney Jones Hall on Sunday, April 27, marking its first return to the US since 2021. And, like the political conditions to which the performance is a response, parts of the recital have changed while maintaining its core qualities.
The recital is centered around four core pillars, tracking—the way I see it—the life cycle of many political movements. The first chapter, “Shut me out (Isolation),” highlights otherness and exclusion. Starting with the traditional spiritual “Sometimes I feel like a motherless child,” Ballentine and Lahiry also perform pieces by composer Aaron Copland (who, using present-day terms, was arguably “closeted”), as well as Black composer Margaret Bonds, whose music, Ballentine says, sometimes touches on exclusion.
“Going up in smoke (Damnation)” looks at the AIDS crisis and at oppression as vectors of death and damnation. This section includes “The ’80s Miracle Diet” by David Krakauer and the well-known anti-lynching piece “Strange Fruit” by Abel Meeropol (recorded by Billie Holiday in 1939). Ballentine and Lahiry see the mpox epidemic as one example among many of these forms of oppression continuing today. “I got monkeypox back when [it] was going around, and I have never felt so alone,” says Ballentine. “It was shocking how quickly the government in Germany just locked us all down saying, You can't leave your houses. I never felt so close to death. If it wasn't for my really great Ukrainian refugee roommate at the time, who had a smallpox vaccine so he was protected, I don't know how I would have pulled through on that."
They follow this up with “Requiem (Remembrance),” where the performers “pay homage to those in the first and second sections” using pieces like “The Man I Love” by Earl Wild and “Dido’s Lament (When I am laid in earth)” from Henry Purcell’s opera Dido and Aeneas.
The final chapter, “So Loud, So Proud (Revolution),” includes songs like “My People” by Ricky Ian Gordon (lyrics by Langston Hughes),” Backlash Blues” by Nina Simone, and “Mr. Brown,” a piece written by Zach Redler for Ballentine and Lahiry, which honors Ballentine’s “proud, loud, and audacious” childhood chorus teacher.
If the repertoire sounds heavy, that’s because it often is. At its Kennedy Center debut, the concert was “longer” and “sadder,” according to Ballentine, in part because of the social movements and specific injustices to which Our People was responding. The performers have truncated the sets and introduced breaks, but say “it’s almost heavier singing it now.” In addition to redoubled authoritarianism in the US, Ballentine mentioned political conditions in Germany, where four people who protested against the genocide in Gaza are potentially facing deportation. Ballentine and Lahiry also don’t know if the Kennedy Center would allow them to perform the repertoire today.
But the recital travels on more than one wavelength. That heaviness is a means toward awareness and coalescing around shared ideas for what the human experience should look like, and offers space for levity and creativity in the process. Lahiry, for his part, just performed at the Kennedy Center, making a point to get make-up done by a drag queen before going on stage. “It is a revolution at this point in time, and that is because we as a queer community are a revolution. We are always fighting to be heard and fighting to let our natural joy and uniqueness take precedent and not be pushed down by society,” Ballentine says.
The performers said they want to see people of all stripes at the performance, noting that parts of the recital focused on AIDS remembrance have been especially poignant for older members of the audience. At the same time, seeing the girls and the queens show up matters to the artists. (Heaviness and levity going hand in hand.) “I want the queens there. We did this for us. When we did it in Berlin, I felt so happy because Kunal and I took a peek out into the audience … and all of the people there were just our friends and loved ones from Berlin,” Ballentine says. “It was all the girls from the parties, like, they were all there ready to sit through their first fucking recital.”
Seattleites have—at least relatively speaking—a decent number of opera performances focused on social-justice issues and Black and queer culture they can attend. Last year saw drag queen Anita Spritzer perform a recital; McCaw Hall, meanwhile, was home to X: The Life and Times of Malcolm X. Seattle Opera also just announced its first full production of a queer-focused opera in February 2026. Our People is in line with that repertory trend.
“I am a strong believer that artists have the obligation to be a reflection of the times and to protest whenever possible, and I think that this is a really solid way for me to use a platform and to protest,” Ballentine says. “I'm happy to sing this recital. I think it's a gorgeous collection of pieces. I think it tells a really powerful story. I think it still tells a very relevant story to what we're going through today.”
The Best Bang for Your Buck Events in Seattle This Weekend: Apr 25–27, 2025 [The Stranger]
This weekend will deliver the perfect weather (not too hot, not too cold) to run around to events from Seattle Independent Bookstore Day to the 22nd Annual White Center Khmer New Year Street Festival and from SOUK سياتل Charity Pop-up Market to the Seattle/King County Clinic. For more ideas, check out our top event picks of the week.
FRIDAY PARTIES & NIGHTLIFESZA
Dance Night
Are you considering killing your ex?
Redirect that energy with this SZA-centric dance party featuring
your favorite songs from CTRL and SOS, as well as
jams from fellow R&B/hip-hop queens like Doechii, Jorja Smith,
Rihanna, and Summer Walker. AUDREY VANN
(Chop Suey, Capitol Hill, $15)
Film Review: The Shrouds Is a Shallow Grave [The Stranger]
With his latest film The Shrouds, the 82-year-old Canadian filmmaker homes in on the reality that these bodies of ours will one day rot away or be reduced to ashes. It’s an unsettling truth that's easy to stuff aside, even as we watch a loved one lowered into the earth. by Robert Ham
This review originally appeared in the Portland Mercury.
David Cronenberg’s chief cinematic obsession has long been the human body and all the painful, pleasurable, and generally fucked up things that people do with their corporeal forms. But in every case—from the 1970 Crimes of the Future to the 2022 Crimes of the Future (which was not a remake of the 1970 film), the beings at the center of his work deal with unusual growths, wild physical transformations, or the hunger to be penetrated in any number of ways.
With his latest film The Shrouds, the 82-year-old Canadian filmmaker homes in on the reality that these bodies of ours will one day rot away or be reduced to ashes. It’s an unsettling truth that's easy to stuff aside, even as we watch a loved one lowered into the earth.
The Shrouds' central character Karsh (Vincent Cassel) chooses to face this fate head on. After his beloved wife passes, he develops a high-tech cerecloth to wrap her corpse in that allows him to watch every step of her decay. The grieving billionaire is not alone in this bizarre postmortem voyeurism; he operates a series of cemeteries where other mourners can check in on their loved one’s decomposition via a smartphone app and a screen on the headstone.
As ever, Cronenberg presents all of this as beautifully as possible. Prototypes of the shrouds look like sexy wraiths, hanging on the walls of a restaurant built next to the cemetery where Karsh’s wife is buried. And the lines of tall markers for each gravesite look like a gorgeous, brutalist cityscape. It’s only when the director wraps a dramatic story arc around this rough skeleton of a concept that The Shrouds gets grubby.
Beginning with a group of possibly-Icelandic eco-activists upending several tombstones at Katch’s Toronto cemetery, including that of his wife, the story spins in a half-dozen dizzying directions. Katch’s sister-in-law (Diane Kruger) and her ex-husband (a dithering, miscast Guy Pearce) figure prominently, as does a potentially dangerous AI avatar called Hunny (voiced by Kruger). There’s also the young wife of a dying billionaire negotiating the opening of a new cemetery in Budapest, and the former lover turned palliative care doctor of Katch’s wife—who may (or may not) be wrapped up in the whole mess.
What makes the shower of ideas splattering the screen slightly easier to swallow is the knowledge that Cronenberg initially conceived The Shrouds as a TV series for Netflix. When the streaming service passed on it, he apparently built this film by fusing the scripts for that show’s first two episodes. With a larger canvas, stretched over 10 hours, there’s every chance Cronenberg could have explored this dark and profound territory in more depth. But with only two skittish hours at his disposal, the director barely cracks the topsoil.
The Shrouds opens today, Fri April 25, in theaters around Seattle.
Slog AM: Washington Considers a Tesla Tax, Reykdal Shows Up for DEI, the FBI Arrests a Judge [The Stranger]
Seattle's Only News Roundup by Hannah Murphy Winter
Good morning! We’ve got three more days of this perfect weather, and the universe very kindly made two of them a weekend. These are the days that out-of-towners don’t know exist here. Go hang out at a street-end park. Look for mushrooms in the arboretum. (But only eat them if you know what you’re doing!) Lock down a grill at Golden Gardens at an absurdly early hour, and text everyone you know.
But before all that, let’s stock up on the news so you can put it out of your mind for a few days.
Tesla Tax: We’re in the last few days of our state legislative session, and Dems came up with a delightful new way to help close our budget shortfall: a tax on Elon Musk. Oooobviously it doesn’t call him out by name. Instead, it specifically taxes the companies that made “windfall profits” from our state’s “cap and trade” style system for car manufacturers. (It’s way easier for companies to accrue emissions credit when they never made combustion engines in the first place.) State Republicans are calling it a targeted attack on Tesla; the bill’s sponsor, House Majority Leader Joe Fitzgibbon, said the data on our car-emission credits shows “one outlier” (Tesla) who is “very profitable,” and has built up most of the credits under the state’s program. “I don’t care who the CEO is,” Fitzgibbon said. I do. He’s been profiting off of American taxpayers for a decade, and he’s now literally the richest man in the world. Let’s get him.
Flip Flop: But in a good way. As of yesterday, eight international students at UW and Seattle U had gotten their legal status back. The reversals seemed to happen out of the blue—not as the result of a judge’s order. It’s a huge relief for the students, but one of the students’ lawyers reminded the Seattle Times that even though they’ve regained their status, there is “still plenty of damage” done by the administration to these students—including damage to their reputations and disruption of their studies. “[The government] might just be trying to brush it under the rug,” another lawyer warned. The Trump administration not taking responsibility for their actions? Never.
FBI Arrests Judge: This can’t be good. Kash Patel, the director of the FBI, tweeted and then deleted a post on X saying that they’d arrested Wisconsin Judge Hannah Dugan for obstructing the ICE arrest of an immigrant in her court (ally). According to local reports, Eduardo Flores-Ruiz was in Dugan’s courtroom for a pre-trial conference last week, for three misdemeanor counts of battery. When ICE arrived with an arrest warrant for him, Dugan took Flores-Ruiz and his lawyer to a side door in the courtroom, directed them down a private hallway, and into a public area. He didn’t evade arrest for long—ICE pursued him on foot and arrested him shortly after. CNN reports that Dugan’s in federal custody, waiting for her first appearance.
Target on ActBlue: Trump is siccing his administration on the main fundraising platform used by Democratic campaigns, and liberal and progressive orgs. In a memo to the AG and the treasury yesterday, he claimed that ActBlue is facilitating "illegal 'straw donor' and foreign contributions in American elections." This is all part of an explicit effort by Trump and Republicans in Congress to undermine Democrats’ and the left’s ability to campaign, and it’s already spooking organizations around the country that depend on this infrastructure.
LOL DOGE: Elon really is the punchline that keeps on giving. A new report from a nonprofit organization that studies the federal workforce called the Partnership for Public Service came up with a rough estimate of the cost of DOGE’s firings, re-hirings, lost productivity, and paid leave of thousands of workers. The total? Upward of $135 billion this fiscal year. What did Elon say he was ultimately saving the American taxpayers? $150 billion. Thanks for shaving that $15 billion off, bro. Looking forward to that $440 DOGE dividend check.
Superintendent Reykdal Showed the Fuck Up: Yesterday was the Trump administration’s deadline for K-12 schools to certify that they would not implement DEI programs, dangling the threat of their federal funding. In return, Washington state Superintendent Chris Reykdal told him where to shove it. “We will not sign additional certifications that lack authority, lack clarity, or are an assault on the autonomy of states and local school districts,” he wrote when the order first came down earlier this month. “We’re not going to walk away from teaching authentic history or supporting our students with disabilities or any of our DEI and equity work,” he told the Seattle Times yesterday. And we’re in good company: We’re joined by 18 other states who have refused to certify. Who’re the bootlickers? New Hampshire got an extra special shout-out from the Secretary of Ed for not just certifying that they wouldn’t do the “illegal DEI,” but building a whole website to tout each district’s certification. Ew.
Tomorrow is Indie Bookstore Day, and Seattle takes it seriously. Starting tomorrow, you’ve got 10 days to hit all 29 participating local lit shops. If you fill your passport, you get a 25 percent one-time discount at every store.
Parents Bill of Rights Heads to Ferg: The state Democrats’ version of the so-called Parents Bill of Rights is headed to the governor's desk. The new bill actually adheres to state law by eliminating language that grants parents access to their child's school-based medical and mental health records—protecting vulnerable kids like LGBTQ students. State Republicans threw a proper fit over the bill. One even delayed the vote by just standing up and yelling a lot. But it ultimately passed on party lines.
Remember George Santos? The 36-year-old gay Republican who lied his way to Congress and was then kicked out of it less than a year in? The disgraced New York representative and sunglass icon was sentenced today to 87 months in prison. Last year, he pleaded guilty to deceiving donors and stealing the identities of nearly a dozen people, including his family members, to fund his (totally made up) winning campaign. At the time, he agreed to pay roughly $580,000 in penalties, and today, the judge decided what kind of prison time is going to be tacked onto that. His attorneys thought two years is reasonable, but prosecutors pushed for seven because he “remains unrepentant.” I’m guessing plugging his $100 Cameo profile right before sentencing probably didn’t help. Neither did calling them a “cabal of pedophiles.”
Festival News: It’s been a weird year for festivals. Capitol Hill Block Party is down to two days, and Day In Day Out announced that they’re taking 2025 off, but Modest Mouse won’t be deterred: they’re starting their very own music festival at Remlinger Farms. Called the Psychic Salamander Festival, it’s co-presented by the Seattle Theatre Group and will run on September 13 and 14. They even have a lineup already: Both nights will be headlined by Modest Mouse, but before that, you can see The Flaming Lips, Courtney Barnett, Built to Spill, the Vaudevillian and Mattress, Sleater-Kinney, Yo La Tengo, Friko, and Sun Atoms. Single-day tickets are $125, or you can go for the whole weekend for $225.
Here’s a little La Lom to ease you into Friday. And speaking of Remlinger Farms, they’ll be there next month!
Political philosophy of UK Labour Party [Richard Stallman's Political Notes]
The political philosophy of the UK Labour Party seems to be "we must convince businesses to invest here by giving them all the power they want, no matter how this puts us in danger from them."
"Professional failures" over Gaza paramedic killings [Richard Stallman's Political Notes]
*Israeli military admits "professional failures" over Gaza paramedic killings.*
This admission is such an understatement that it amounts to continued denial of the facts. The PR brigade has pulled back to the next line of defensiveness, but not all the way back to where it would confess the truth.
Pope Francis allowed Vance to visit [Richard Stallman's Political Notes]
Pope Francis allowed Vance to visit, then died the next day.
An overdose of disgust?
Here is how he stated his disapproval about Vance.
Tunisia's activists sentenced to decades in prison [Richard Stallman's Political Notes]
Tunisia's dictatorship has sentenced opposition activists to decades in prison for political opposition.
It makes me very sad to see Tunisia's new-formed democracy fall into a dictatorship as bad as before.
Severity of climate disaster in unequal society [Richard Stallman's Political Notes]
For the present stage of climate disaster, "The more unequal the society is, the more severe the climate disaster".
That is plausible in the short term, while the disasters are within what society can cope with if it is well organized to do so. Thus, the people who are truly crushed are the poor. Make fewer people poor, and the local climate disasters are survivable.
But that won't apply if climate disaster reaches the stage at which globalized industrial production collapses, each region is reduced to what it can produce locally, the level of technology is sinking, and most humans die.
(satire) Bringing back extinct species [Richard Stallman's Political Notes]
(satire) *Pros And Cons Of Bringing Back Extinct Species.*
Judge blocks shuttering Consumer Financial Protection Board [Richard Stallman's Political Notes]
*Federal judge blocks [muskrat's] effort to shutter [Consumer Financial Protection Board].*
(satire) DOJ Plants Gun On Maine [Richard Stallman's Political Notes]
(satire) *DOJ Plants Gun On Maine.* The state's population is now in jail.
US measles outbreak growing [Richard Stallman's Political Notes]
The US measles epidemic is spreading so fast that the CDC, after being gored by the t-usk, is unable to keep up with them.
RFK defends his harmful propaganda by saying that "We can't rely simply on the vaccine. We also have to know how to treat measles." That, in itself, is true but it is also changing the subject.
If his idea is that it's good to discourage vaccination so as to ensure plenty of patients for doctors to maintain their skill, that is sick.
It would be nice to have ChatGPT available in the terminal app on the Mac. I could use it as a stenographer.
If we can have std::atomic<std::shared_ptr>, why not std::atomic<com_ptr>? [The Old New Thing]
Some time ago, we peeked inside the atomic
shared_ptr to see how it worked. Can we apply these same
principles to create
an atomic com_ptr
?
Recall that the atomic shared_ptr operates by using the bottom
bit of the control block pointer as a lock flag, so that nobody can
change the value while we’re copying the pointer and
incrementing the reference count. Can we do this with a
com_ptr
?
We could use the same trick of using the bottom bit of the raw
COM pointer as a lock flag. This is acceptable because COM pointers
must be pointer-aligned (since they point to a vtable), so we know
that the bottom bit of a valid COM pointer is clear. However, we
run into trouble when trying to increment the reference count: The
call to IUnknown::AddRef
happens while the lock is
held, but the AddRef
is a call out to external code,
and we don’t know what it’s going to do. We know what
it’s supposed to do (namely, increment the reference
count), but it may take a circuitous route to get there, including
passing through aggregated controlling unknowns, tear-off stubs,
tear-offs of aggregated objects,
weak outer pointers, and other fanciful characters.
We know that holding a lock while calling out to external code
is a source of deadlocks, so holding a lock while calling out to a
mystery implementation of IUnknown::AddRef
is probably
not a good idea.
Sorry.
The post If we can have <CODE>std::atomic<std::shared_ptr></CODE>, why not <CODE>std::atomic<com_ptr></CODE>? appeared first on The Old New Thing.
Version 15.1 of the GNU Compiler Collection has been released. Changes include implementing the C23 dialect by default, a number of new C++26 features, experimental support for unsigned integers in Fortran, a new COBOL front end, and more. See the GCC 15 changes page for details.
Security updates for Friday [LWN.net]
Security updates have been issued by AlmaLinux (thunderbird), Debian (libbpf), Fedora (golang-github-openprinting-ipp-usb, ImageMagick, mingw-libsoup, mingw-poppler, and pgbouncer), SUSE (glib2, govulncheck-vulndb, libsoup-2_4-1, libxml2-2, mozjs60, ruby2.5, and thunderbird), and Ubuntu (linux, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, linux-aws, linux-aws-5.4, linux-gcp-5.4, linux-iot, linux-aws-fips, linux-azure-fips, linux-fips, linux-gcp-fips, linux-hwe-6.8, linux-ibm-5.4, linux-oracle-5.15, openssh, and php-twig).
Error'd: Que Sera, Sera [The Daily WTF]
It's just the same refrain, over and over.
"Time Travel! Again?" exclaimed David B. "I knew that Alaska is a good airline. Now I get to return at the start of a century. And not this century. The one before air flight began." To be fair, David, there never is just one first time for time travel. It's always again, isn't it?
"If it's been that long, I definitely need a holiday," headlined Craig N. "To be fair, all the destinations listed in the email were in ancient Greece, and not in countries that are younger than Jesus."
An anonymous reader reports "Upon being told my site was insecure because insufficient authorization, I clicked the provided link to read up on specifics of the problem and suggestions for how to resolve it. To my surprise, Edge blocked me, but I continued on bravely only to find...this."
Footie fan Morgan has torn his hair out over this. "For the life of me I can't work out how this table is calculated. It's not just their league either. Others have the same weird positioning of teams based on their points. It must be pointed out that this is the official TheFA website as well not just some hobbyist site." It's too late for me, but I'm frankly baffled as well.
Most Excellent Stephen is stoked to send us off with this. "Each year we have to renew the registration on our vehicles. It is not something we look forward to no matter which state you live in. A few years ago Texas introduced an online portal for this which was an improvement, if you didn't wait until the last minute of course. Recently they added a feature to the portal to track the progress of your renewal and see when they mail the sticker to you. I was pleasantly surprised to see the status page."
Ian Wienand: Avoiding layer shift on Ender V3 KE after pause [Planet Debian]
With (at least) the V1.1.0.15 firmware on the Ender V3 KE 3d printer the PAUSE macro will cause the print head to run too far on the Y axis, which causes a small layer shift when the print returns. I guess the idea is to expose the build plate as much as possible by moving the head as far to the side and back as possible, but the overrun and consequent belt slip unfortunately makes it mostly useless; the main use of this probably being to switch filaments for two colour prints.
Luckily you can fairly easily enable root access on the control pad from the settings menu. After doing this you can ssh to it's IP address with the default password Creality2023.
From there you can modify the /usr/data/printer_data/config/gcode_macro.cfg file (vi is available) to change the details of the PAUSE macro. Find the section [gcode_macro PAUSE] and modify {% set y_park = 255 %} to a more reasonable value like 150. Save the file and reboot the pad so the printing daemons restart.
On PAUSE this then moves the head to the far left about half-way down, which works fine for filament changes. Hopefully a future firmware version will update this; I will update this post if I find it does.
Cryptocurrency Thefts Get Physical [Schneier on Security]
Long story of a $250 million cryptocurrency theft that, in a complicated chain events, resulted in a pretty brutal kidnapping.
Go to the store, look at the five kinds of mustard on offer, and pick the one that’s best for you. This is not controversial.
Go to Amazon and search for wireless headphones. There are more than 400 types to choose from. Compare rankings and ratings and price and choose the ones that are best for you. Amazing, but not shocking.
Now, consider an architect designing an addition for the nearby school. She has specced the windows (there will be 200 of them). Autodesk could have the ability to poll every qualified window manufacturer and have them bid for that work, based on how busy they are, what they have in stock and how eager they are to grow their market share. And the building plans could change in response. Reputable companies and reputable architects could connect over better service, timing or pricing, creating a virtuous cycle.
Applying to college? Why not apply to all of them? Your AI bot takes all of your qualifications, recommendations and preferences and the colleges of the world have their AI optimizers consider all available options and put together the best available class, offering incentives and options to the potential students that are most likely to lead to a successful match.
And a job? What’s the point of applying to just a few when the software is already treating you like a cog in the machine as it reviews resumes? What if every job seeker was seen by every employer? The seeker’s AI agent could rank based on location, employee satisfaction, retention, workplace, pay, etc. And the employers could focus on skills and attitudes instead of false proxies like background.
One more: we know a lot about real estate agent performance. We can see how long their houses have been on the market and how likely they are to sell for above estimate. We can measure buyer and seller satisfaction. So, when it’s time to put a house on the market, why not have every broker make a bid instead of choosing the one who has a lot of signs around town?
More market information is not always a good thing. It can cause gaps, unfair access and dislocations. But more market information has been on an inevitable one-way road for generations, and it’s unlikely to go away.
And we should be prepared for asymmetrical competition–companies will hire MBAs and lawyers to create fine print, subscriptions and loopholes that are to their advantage when their AI agents start bidding on projects or hiring people. It’s rare to see this with a loaf of bread, but really common when we buy a cell phone or loan. Human beings are easy to trick. Hopefully, our AI agent will be at least as smart and careful as the company’s.
The thing about wasted slack is that we don’t notice it until we imagine that there’s a productive way for it to disappear.
Joe Marshall: Get Over It (ai content) [Planet Lisp]
I'm tired of people complaining about all the parentheses in Lisp, so I told Gemini to vent for me. This came out pretty good.
I suppose I'm guilty of contributing to the glut of AI slop, but while the text and tone are generated, the core idea and sentiment is mine, so it isn’t pure slop.
Alright, let's drop the hand-holding. You — yes, you — the one still whimpering about the parentheses in Lisp. It's time someone told you bluntly: Get over it.
Your constant refrain about "too many parentheses" isn't some profound insight into language design; it's a confession of intellectual laziness. It screams that you encountered something different, something that didn't conform to the aesthetic you were spoon-fed, and you threw up your hands rather than engage your brain.
Are parentheses really an insurmountable cognitive barrier? Are matching pairs of symbols truly beyond your capacity to track? Let's be honest. The core issue isn't difficulty; it's unfamiliarity coupled with a stubborn refusal to adapt. You've decided what code ought to look like, and anything else is dismissed as "hard" or "ugly" without genuine effort.
Thousands upon thousands of programmers — people with brains presumably no bigger than yours — have not only managed Lisp's syntax but have thrived with it. They've built complex, powerful systems. They didn't possess some secret anti-parenthesis superpower; they simply possessed the willingness to learn and adapt. They saw the structure, the consistency, the power behind the syntax, instead of getting stuck on the superficial shape of the characters.
Your complaint isn’t about usability; it’s about preference, and a remarkably shallow one at that. It’s like refusing to read a brilliant novel because you don’t like the font. It demonstrates a lack of curiosity, an unwillingness to look past the surface.
So, here's the unvarnished truth: The parentheses aren't the problem. Your rigid thinking is. Your demand that every language cater to your pre-existing biases is.
Stop whining. Stop making excuses based on trivial syntax. Either put in the minimal mental effort required to see the structure beneath the curves, recognise the direct representation of the abstract syntax tree, and understand why it is the way it is - or don't. But don't pretend your aesthetic preference is a legitimate technical critique.
The Lisp world isn't waiting for you to overcome your parenthesis phobia. It's moving on, building things, leveraging a unique and powerful paradigm. You can either engage your intellect and join in, or you can stay on the sidelines complaining about the punctuation.
Frankly, it's time to grow up and get over the parentheses.
Desperate Measures, p9 [Ctrl+Alt+Del Comic]
The post Desperate Measures, p9 appeared first on Ctrl+Alt+Del Comic.
New Comic: Gloom Having
Oh, Look, the Full Love Death + Robots Volume 4 Trailer [Whatever]
I can now tell you that I have two episodes in this volume. If you can’t guess which ones they are, this article in Variety will tell you. It comes out May 15. This is gonna be fun.
Girl Genius for Friday, April 25, 2025 [Girl Genius]
The Girl Genius comic for Friday, April 25, 2025 has been posted.
Marco Antoniotti: Emacs Lisp Programming with DeepSeek: A New Widget [Planet Lisp]
The Emacs widget
library is useful; alas its guts
are ... semi-documented and most of its inner working a bit
mysterious. I wanted a column widget where I could insert and
remove a few "line-like" widgets. The
editable-list
widget does not cut it (too many extra
things: the INS and DEL buttons) and the
group
widget is too inflexible.
After too much time trying to understand all the intricacies of
the widget
library (see my rant in my previous blog post, which perfectly applies
in this case) I asked DeepSeek to help me out. The result, the
dynamic-group
widget (after several iterations and
mistakes on part of DeepSeek) is below. It works satisfactorlly,
although it could be improved by anybody with a better
understanding of the widget
library. What is does is
to manage a colimn of line-like widgets adding and removing from
the end of the :children
list. Check the
demo-dynamic-group
for a test run.
It has been fun. Although I still want a better widget! That's why I am posting this for anybody to pitch in. Any help is welcome.
BTW. There still are some warts in the code. Can you spot them?
;;; Code: (require 'widget) (require 'wid-edit) (define-widget 'dynamic-group 'default "A container widget that dynamically manages child widgets in a column." :format "%v" :value () :tag "Dynamic Group" :args nil ;; Core widget methods :create (lambda (widget) (let ((inhibit-read-only t)) (widget-put widget :from (point)) (dolist (child (reverse (widget-get widget :children))) (widget-create child)) (widget-put widget :to (point)))) :value-get (lambda (widget) (mapcar (lambda (child) (widget-apply child :value-get)) (widget-get widget :children))) :value-set (lambda (widget value) (widget-put widget :value value)) :value-delete (lambda (widget) (dolist (child (widget-get widget :children)) (widget-apply child :value-delete))) :validate (lambda (widget) (let ((children (widget-get widget :children))) (catch :invalid (dolist (child children) (when (widget-apply child :validate) (throw :invalid child))) nil))) ) (defun dynamic-group-add (widget type &rest args) "Add a new widget (of TYPE and ARGS to the WIDGET group." (let ((inhibit-read-only t)) (save-excursion (goto-char (widget-get widget :to)) (let ((child (apply 'widget-create (append (list type) args)))) (widget-put widget :children (cons child (widget-get widget :children))) (widget-put widget :to (point)) (widget-value-set widget (cons (widget-value child) (widget-value widget))))) (widget-setup))) (defun dynamic-group-remove (widget) "Remove the last widget from the WIDGET group." (when-let ((children (widget-get widget :children))) (let ((inhibit-read-only t) ;; (child (car children)) ) (save-excursion (goto-char (widget-get widget :from)) (delete-region (point) (widget-get widget :to)) (widget-put widget :children (cdr children)) (dolist (c (reverse (widget-get widget :children))) (widget-create c)) (widget-put widget :to (point)) (widget-value-set widget (mapcar 'widget-value (widget-get widget :children))) (widget-setup))))) (defun demo-dynamic-group () "Test the dynamic-group widget." (interactive) (switch-to-buffer "*Dynamic Group Demo*") (kill-all-local-variables) (let ((inhibit-read-only t)) (erase-buffer) (widget-insert "* Dynamic Group Demo\n\n") ;; Now I create the `dynamic-group'. (let ((group (widget-create 'dynamic-group))) (widget-insert "\n") ;; The rest are just two buttons testing the widget's behavior, ;; invoking`dynamic-group-add' and `dynamic-group-remove'. (widget-create 'push-button :notify (lambda (&rest _) (dynamic-group-add group 'string :format "Text: %v\n" :value (format "Item %d" (1+ (length (widget-get group :children)))))) "(+) Add Field (Click Anywhere)") (widget-insert " ") (widget-create 'push-button :notify (lambda (&rest _) (dynamic-group-remove group)) "(-) Remove Last") (widget-insert "\n")) ;; Wrap everything up using the `widget-keymap' and `widget-setup' ;; functions. (use-local-map widget-keymap) (widget-setup))) (provide 'emc-dynamic-group)
'(cheers)
Dirk Eddelbuettel: RQuantLib 0.4.26 on CRAN: Small Updates [Planet Debian]
A new minor release 0.4.26 of RQuantLib arrived on CRAN this morning, and has just now been uploaded to Debian too.
QuantLib is a rather comprehensice free/open-source library for quantitative finance. RQuantLib connects (some parts of) it to the R environment and language, and has been part of CRAN for nearly twenty-two years (!!) as it was one of the first packages I uploaded to CRAN.
This release of RQuantLib brings updated Windows build support taking advantage of updated Rtools, thanks to a PR by Tomas Kalibera. We also updated expected results for three of the ‘schedule’ tests (in a way that is dependent on the upstream library version) as the just-released QuantLib 1.38 differs slightly.
Changes in RQuantLib version 0.4.26 (2025-04-24)
Use system QuantLib (if found by pkg-config) on Windows too (Tomas Kalibera in #192)
Accommodate same test changes for schedules in QuantLib 1.38
Courtesy of my CRANberries, there is also a diffstat report for the this release. As always, more detailed information is on the RQuantLib page. Questions, comments etc should go to the rquantlib-devel mailing list. Issue tickets can be filed at the GitHub repo.
This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. If you like this or other open-source work I do, you can now sponsor me at GitHub.
Debian Project Leader Election 2025 results [LWN.net]
The Debian Project Leader election results have been announced. Andreas Tille has been re-elected and will serve another term through April 2026. LWN looked at the election and candidates in early April.
Oddly, in defense of Google keeping Chrome [OSnews]
As much as I’m a fan of breaking up Google, I’m not entirely sure carving Chrome out of Google without a further plan for what happens to the browser is a great idea. I mean, Google is bad, but things could be so, so much worse.
OpenAI would be interested in buying Google’s Chrome if antitrust enforcers are successful in forcing the Alphabet unit to sell the popular web browser as part of a bid to restore competition in search, an OpenAI executive testified on Tuesday at Google’s antitrust trial in Washington.
↫ Jody Godoy at Reuters
OpenAI is not the only “AI” vulture circling the skies.
Perplexity Chief Business Officer Dmitry Shevelenko said he didn’t want to testify in a trial about how to resolve Google’s search monopoly because he feared retribution from Google. But after being subpoenaed to appear in court, he seized the moment to pitch a business opportunity for his AI company: buying Chrome.
↫ Lauren Feiner at the Verge
Or, you know, what about, I don’t know, fucking Yahoo!?
Legacy search brand Yahoo has been working on its own web browser prototype, and says it would like to buy Google’s Chrome if the company is forced by a court to sell it.
↫ Lauren Feiner at the Verge
If the courts really want Google to divest Chrome, the least-worst position it could possibly end up is in some sort of open source foundation or similar legal construction, where no one company has total control over the world’s most popular browser. Of course, such a construction isn’t exactly ideal either – it will become a battleground of corporate interests soaked with the blood of ordinary users – but anything, anything is better than cud peddlers like OpenAI or whatever the hell Yahoo! even is these days.
As users, we really should not want Google to be forced to divest Chrome at this point in time. No matter the outcome, users are going to be screwed even harder than if it were to stay with Google. I hate to say this, but I don’t see an option that’s better than having Chrome remain part of Google.
The big problem here is that there is no coherent strategy to deal with the big technology companies in the United States. We’re looking at individual lawsuits where judges and medieval nonsense like juries try to deal with individual companies, which, even if, say, Google gets broken up, would do nothing but strengthen the other big technology companies. If, I don’t know, Android suddenly had to make it on its own as a company, it’s not users who would benefit, but Apple. Is that the goal of antitrust?
What you really need to deal with the inordinate power of the big technology companies is legislation that deals with the sector as a whole, instead of letting random courts and people forced to do jury duty decide what to do with Google or Amazon or whatever. The European Union is doing this to great success so far, getting all the major players to make sweeping changes to the benefit of users in the EU. If the United States is serious about dealing with the abusive behaviour of the big technology companies, it’s going to need to draft and pass legislation similar to the European Union’s DMA and DSA.
Of course, that’s not going to happen. The United States Congress is broken beyond repair, the US president and his gaggle of incompetents are too busy destroying the US economy and infecting children with measles, and the big tech companies themselves are just bribing US politicians in broad daylight. The odds of the US being able to draft and pass effective big tech antitrust regulations is lower than zero.
OpenAI Chrome. You feeling better yet about the open web?
Ticket Alert: Thing, Band of Horses & Iron and Wine, and More Seattle Events Going On Sale This Week [The Stranger]
Ready for another round of ticket drops? Carnation music fest Thing is switching things up this year with a series of concerts featuring Father John Misty, Rainbow Kitten Surprise, Mon Laferte, and the Roots. Longtime friends Band of Horses & Iron and Wine, who recorded a covers album together in 2015, are teaming up once again for a joint headline tour. Plus, we’re giving you a heads up to snag tickets next week for Modest Mouse’s Psychic Salamander Festival featuring the Flaming Lips, Courtney Barnett, Sleater-Kinney, Yo La Tengo, and more. Read on for details on those and other newly announced events, plus some news you can use.
ON SALE FRIDAY, APRIL 25MUSIC
Andy Bell of Erasure: Ten Crowns Tour
The Showbox (Thurs Dec 4)
Autoheart: The Heartlands Tour
Neptune Theatre (Fri Nov 14)
Band of Horses & Iron and Wine
Marymoor Park (Thurs Sept 18)
I Saw U: Celebrating a Birthday at Phish, Getting Caught in a Hailstorm, and Attending Mariners Games with Your Big Dog [The Stranger]
Did you see someone? Say something! by Anonymous
Friday Phish show, Row X, 50th Bday party
I was in your row at Phish, lame dude was being “aggressively enthusiastic” and you asked me to stand between him and ya’ll. Would love to see you!
Hailstorm Hottie (ugh)
You were walking your dog when we were caught in that freak 3/13 hailstorm. The hail was cold, your smile was warm - would love to grab some hot cocoa
Nerdy Weird Nice Guy
Hey Andrew from Ozzie’s. Don’t red shirt yourself again. Find me on Bumble. - Debbie
Thai Crochet cardigan
You: dark beard, crochet cardigan eating pork belly at Thaiku and reading a book. I thought you were cute and sweet. Me: gray sweater & cool leg brace
Rite of Spring smiles
You sat 3 rows in front of me (Orchestra Right, Row P) at the symphony 3/15. You-Patrick Stewart vibes. Me-auburn hair, big smiles.
Roanoke Inn
You said my hair made me look like a mermaid. You were so pleasant + nice, great vibes! I am looking for more lady friends - want to share some tots?
Mariners Man with Mountainous Mutt
I've seen you at several Mariners Bark at the Park games. You: tall lumberjack with a matching Newfy. Me: also tall, no dog but want to pet you both.
Pussy riot show
We both had leather jackets and talked a little. You (kat) me (zuzu). You were older than me (femme late 20s) We talked about the show and our jackets as well as the beer we drank wish I saw you again.
Is it a match? Leave a comment here or on our Instagram post to connect!
Did you see someone? Say something! Submit your own I Saw U message here and maybe we'll include it in the next roundup!
I've got Crazy Fingers in my brain. Can't stop humming it.
Steam to highlight accessibility support for games on store pages [OSnews]
The Steam store and desktop client will soon be able to help players find games that feature accessibility support. If your game has accessibility features, you can now enter that information in the Steamworks ‘edit store’ section for your app.
↫ Steam announcements page
I have a lot of criticism for the Steam client application – it’s a overly complex, unattractive, buggy, slow, top-heavy Chrome engine wrapped in an ugly user interface – but this is a great change and very welcome addition to Steam. Basically, with this, game developers can indicate which accessibility features their game has, allowing users to specifically search for those features, create filters, make sure they can play the game before buying, and so on.
The client-side part of the feature is not yet available – it seems Valve is giving developers some time to fill in the necessary information – but once it is, you’ll be able to tell at a glance what accessibility a game has. Such information on the store page of games tends to be a great marketing tool, with reviews quickly pointing out if certain expected features are not present. Any game that lacks support for the Steam Deck or Proton, for instance, will often have a few reviews at the top mentioning as such, and games with invasive DRM can’t get away with that either without reviews on Steam pointing it out. I wouldn’t be surprised if these accessibility feature listings well quickly become another thing users will simply expect to be there.
Regardless, this is great news for people who rely on such features, but even if you don’t specifically – accessibility features are often just useful features, period.
A tour inside the IBM z17 [OSnews]
Welcome to a photo-driven tour of the IBM z17. I’ve scoured the image library to pull dig deep inside these machines that most people don’t get an opportunity to see inside, and I’ll share some of the specifications gleaned from the announcement and related Redbooks.
↫ Elizabeth K. Joseph at the IBM community website
These IBM mainframes don’t have to be beautiful, but they always are. I wish I could see a z17 up close – hopefully IBM will release a detailed video walkthrough of one of these at some point, including taking one apart and putting it back together.
Joe Marshall: Lisp Debugger Wins [Planet Lisp]
I'm gathering statistics from thousands of pull requests in GitHub. I wrote a little Lisp program to do that. It's taking a long time because it has to make a lot of API calls to GitHub and the calls are rate limited.
After about half an hour, I got an unexpected error. A user who made the pull request I was looking at had deleted their account. No problem. I used the Lisp debugger to walk up the stack to a convenient frame and returned NIL from that frame, causing that particular PR to be skipped. The program continued running from where it left off. I didn't have to restart from the beginning and lose a half hour of work.
The Lisp debugger for the win!
Fedora change proposal would remove the X11 GNOME session from Fedora 43 [OSnews]
I’m sure this won’t make anybody mad, and we can all have a reasonable discussion about this. A change proposal for Fedora suggests Fedora should drop the X11 GNOME session from Fedora 43, moving GNOME’s target of removing X11 in GNOME 50 to the Fedora release carrying GNOME 49. Fedora 43 will be released in roughly six months.
The reasoning behind the proposal should be no surprise.
This Change effectively implements the GNOME 50 target in GNOME 49 because there is no one to support any issues with GNOME X11 upstream. The X11 session is already quite buggy, with serious unfixed issues in Mutter (like rhbz#2179566 and glgo#GNOME/mutter#3868) and recently Phoronix could not benchmark GNOME X11 vs Wayland because “GNOME on X11 wasn’t even working due to bugs”.
Dropping the GNOME X11 session now allows us to reconcile with reality that the GNOME X11 session is simply not supported anymore (either by us or upstream GNOME).
↫ Fedora change proposal
If you’re still using legacy X11 on Fedora GNOME for some reason, upgrading to Fedora 43 would mean being moved to Wayland. If you would want to continue using X11, you’d need to install a different login manager than GDM, and a desktop environment that still supports X11 (like Cinnamon or Xfce). Since all of this is the plan anyway, what this proposal effectively does is move the removal of X11 from Fedora GNOME ahead by six months. Do note that this is only a change proposal for now, and it will have to be voted on and agreed upon before it becomes official policy.
This is just yet another nail in the coffin of X11 on Linux, as more and more distributions and desktop environments move to eliminate it entirely from their installations and stacks in favour of Wayland. Big concerns here for some X11 users are definitely accessibility, where tools are still relatively young, and to a lesser degree NVIDIA users, whose GPU drivers are a bit of a mess when it comes to Wayland. To this day, NVIDIA with Wayland can be very hit or miss.
Regardless, we all know which way the wind’s blowing.
TacOS: an x86_64 UNIX-like OS from scratch [OSnews]
TacOS is a UNIX-like kernel which is able to run DOOM, among various other smaller userspace programs. It has things like a VFS, scheduler, TempFS, devices, context switching, virtual memory management, physical page frame allocation, and a port of Doom. It runs both on real hardware (tested on my laptop) and in the Qemu emulator.
↫ TacOS GitHub page
TacOS – great name – is written in C, and explicitly a hobby and toy project. The code’s licensed under the Mozilla Public License 2.0.
New Linux Rootkit [Schneier on Security]
The company has released a working rootkit called “Curing” that uses io_uring, a feature built into the Linux kernel, to stealthily perform malicious activities without being caught by many of the detection solutions currently on the market.
At the heart of the issue is the heavy reliance on monitoring system calls, which has become the go-to method for many cybersecurity vendors. The problem? Attackers can completely sidestep these monitored calls by leaning on io_uring instead. This clever method could let bad actors quietly make network connections or tamper with files without triggering the usual alarms.
Here’s the code.
Note the self-serving nature of this announcement: ARMO, the company that released the research and code, has a product that it claims blocks this kind of attack.
Jonathan McDowell: Local Voice Assistant Step 1: An ATOM Echo voice satellite [Planet Debian]
Back when I setup my home automation I ended up with one piece
that used an external service: Amazon
Alexa. I’d rather not have done this, but voice control
is extremely convenient, both for us, and guests. Since then
Home Assistant has
done a lot of work in developing the capability of a local voice
assistant - 2023 was their Year
of Voice. I’ve had brief looks at this in the past, but
never quite had the time to dig into setting it up, and was put off
by the fact a lot of the setup instructions were just
“Download our prebuilt components”. While I admire the
efforts to get Home Assistant fully packaged for Debian I accept
that’s a tricky proposition, and settle for running it in a
venv
on a
Debian stable container. Voice requires a lot more binary
components, and I want to have “voice satellites” in
more than one location, so I set about trying to understand a bit
better what I was deploying, and actually building the binary bits
myself.
This is the start of a write-up of that. I’ll break it into a bunch of posts, trying to cover one bit in each, because otherwise this will get massive. Let’s start with some requirements:
My house server is an AMD Ryzen 7 5700G, so my expectation was that I’d have enough local processing power to be able to do this. That turned out to be a valid assumption - speech to text really has come a long way in recent years. I’m still running Home Assistant 2024.3.3 - the last one that supports (but complains about) Python 3.11. Trixie has started the freeze process, so once it releases I’ll look at updating the HA install. For now what I have has turned out to be Good Enough, but I know there have been improvements upstream I’m missing.
Finally, before I get into the details, I should point out that if you just want to get started with a voice assistant on Home Assistant and don’t care about what’s under the hood, there are a bunch of more user friendly details on Home Assistant’s site itself, and they have pre-built images you can just deploy.
My first step was sorting out a “voice satellite”. This is the device that actually has a microphone and speaker and communicates with the main Home Assistant setup. I’d seen the post about a $13 voice assistant, and as a result had an ATOM Echo sitting on my desk I hadn’t got around to setting up.
Here, we ignore a bit about delving into exactly what’s going on under the hood, even if we’re compiling locally. This is a constrained embedded device and while I’m familiar with the ESP32 IDF build system I just accepted that using ESPHome and letting it do it’s thing was the quickest way to get up and running. It is possible to do this all via the web with a pre-built image, but I wanted to change the wake word to “Hey Jarvis” rather than the default “Okay Nabu”, and that was a good reason to bother doing a local build. We’ll get into actually building a voice satellite on Debian in later posts.
I started with the default upstream assistant config and tweaked it a little for my setup:
diff of my configuration tweaks
$ diff -u m5stack-atom-echo.yaml assistant.yaml
--- m5stack-atom-echo.yaml 2025-04-18 13:41:21.812766112 +0100
+++ assistant.yaml 2025-01-20 17:33:24.918585244 +0000
@@ -1,7 +1,7 @@
substitutions:
- name: m5stack-atom-echo
+ name: study-atom-echo
friendly_name: M5Stack Atom Echo
- micro_wake_word_model: okay_nabu # alexa, hey_jarvis, hey_mycroft are also supported
+ micro_wake_word_model: hey_jarvis # alexa, hey_jarvis, hey_mycroft are also supported
esphome:
name: ${name}
@@ -16,15 +16,26 @@
version: 4.4.8
platform_version: 5.4.0
+# Enable logging
logger:
+
+# Enable Home Assistant API
api:
+ encryption:
+ key: "TGlrZVRoaXNJc1JlYWxseUl0Rm9vbGlzaFBlb3BsZSE="
ota:
- platform: esphome
- id: ota_esphome
+ password: "itsnotarealthing"
wifi:
+ ssid: "My Wifi Goes Here"
+ password: "AndThePasswordGoesHere"
+
+ # Enable fallback hotspot (captive portal) in case wifi connection fails
ap:
+ ssid: "Study-Atom-Echo Fallback Hotspot"
+ password: "ThisIsRandom"
captive_portal:
(I note that the current upstream config has moved on a bit since I
first did this, but I double checked the above instructions still
work at the time of writing. I end up pinning ESPHome to the right
version below due to that.)
It turns out to be fairly easy to setup ESPHome in a
venv
and
get it to build + flash the image for you:
noodles@sevai:~$ python3 -m venv esphome-atom-echo
noodles@sevai:~$ . esphome-atom-echo/bin/activate
(esphome-atom-echo) noodles@sevai:~$ cd esphome-atom-echo/
(esphome-atom-echo) noodles@sevai:~/esphome-atom-echo$ pip install esphome==2024.12.4
Collecting esphome==2024.12.4
Using cached esphome-2024.12.4-py3-none-any.whl (4.1 MB)
…
Successfully installed FontTools-4.57.0 PyYAML-6.0.2 appdirs-1.4.4 attrs-25.3.0 bottle-0.13.2 defcon-0.12.1 esphome-2024.12.4 esphome-dashboard-20241217.1 freetype-py-2.5.1 fs-2.4.16 gflanguages-0.7.3 glyphsLib-6.10.1 glyphsets-1.0.0 openstep-plist-0.5.0 pillow-10.4.0 platformio-6.1.16 protobuf-3.20.3 puremagic-1.27 ufoLib2-0.17.1 unicodedata2-16.0.0
(esphome-atom-echo) noodles@sevai:~/esphome-atom-echo$ esphome compile assistant.yaml
INFO ESPHome 2024.12.4
INFO Reading configuration assistant.yaml...
INFO Updating https://github.com/esphome/esphome.git@pull/5230/head
INFO Updating https://github.com/jesserockz/esphome-components.git@None
…
Linking .pioenvs/study-atom-echo/firmware.elf
/home/noodles/.platformio/packages/toolchain-xtensa-esp32@8.4.0+2021r2-patch5/bin/../lib/gcc/xtensa-esp32-elf/8.4.0/../../../../xtensa-esp32-elf/bin/ld: missing --end-group; added as last command line option
RAM: [= ] 10.6% (used 34632 bytes from 327680 bytes)
Flash: [======== ] 79.8% (used 1463813 bytes from 1835008 bytes)
Building .pioenvs/study-atom-echo/firmware.bin
Creating esp32 image...
Successfully created esp32 image.
esp32_create_combined_bin([".pioenvs/study-atom-echo/firmware.bin"], [".pioenvs/study-atom-echo/firmware.elf"])
Wrote 0x176fb0 bytes to file /home/noodles/esphome-atom-echo/.esphome/build/study-atom-echo/.pioenvs/study-atom-echo/firmware.factory.bin, ready to flash to offset 0x0
esp32_copy_ota_bin([".pioenvs/study-atom-echo/firmware.bin"], [".pioenvs/study-atom-echo/firmware.elf"])
==================================================================================== [SUCCESS] Took 130.57 seconds ====================================================================================
INFO Successfully compiled program.
(esphome-atom-echo) noodles@sevai:~/esphome-atom-echo$ esphome upload --device /dev/serial/by-id/usb-Hades2001_M5stack_9552AF8367-if00-port0 assistant.yaml
INFO ESPHome 2024.12.4
INFO Reading configuration assistant.yaml...
INFO Updating https://github.com/esphome/esphome.git@pull/5230/head
INFO Updating https://github.com/jesserockz/esphome-components.git@None
…
INFO Upload with baud rate 460800 failed. Trying again with baud rate 115200.
esptool.py v4.7.0
Serial port /dev/serial/by-id/usb-Hades2001_M5stack_9552AF8367-if00-port0
Connecting....
Chip is ESP32-PICO-D4 (revision v1.1)
Features: WiFi, BT, Dual Core, 240MHz, Embedded Flash, VRef calibration in efuse, Coding Scheme None
Crystal is 40MHz
MAC: 64:b7:08:8a:1b:c0
Uploading stub...
Running stub...
Stub running...
Configuring flash size...
Auto-detected Flash size: 4MB
Flash will be erased from 0x00010000 to 0x00176fff...
Flash will be erased from 0x00001000 to 0x00007fff...
Flash will be erased from 0x00008000 to 0x00008fff...
Flash will be erased from 0x00009000 to 0x0000afff...
Compressed 1470384 bytes to 914252...
Wrote 1470384 bytes (914252 compressed) at 0x00010000 in 82.0 seconds (effective 143.5 kbit/s)...
Hash of data verified.
Compressed 25632 bytes to 16088...
Wrote 25632 bytes (16088 compressed) at 0x00001000 in 1.8 seconds (effective 113.1 kbit/s)...
Hash of data verified.
Compressed 3072 bytes to 134...
Wrote 3072 bytes (134 compressed) at 0x00008000 in 0.1 seconds (effective 383.7 kbit/s)...
Hash of data verified.
Compressed 8192 bytes to 31...
Wrote 8192 bytes (31 compressed) at 0x00009000 in 0.1 seconds (effective 813.5 kbit/s)...
Hash of data verified.
Leaving...
Hard resetting via RTS pin...
INFO Successfully uploaded program.
And then you can watch it boot (this is mine already configured up
in Home Assistant):
$ picocom --quiet --imap lfcrlf --baud 115200 /dev/serial/by-id/usb-Hades2001_M5stack_9552AF8367-if00-port0
I (29) boot: ESP-IDF 4.4.8 2nd stage bootloader
I (29) boot: compile time 17:31:08
I (29) boot: Multicore bootloader
I (32) boot: chip revision: v1.1
I (36) boot.esp32: SPI Speed : 40MHz
I (40) boot.esp32: SPI Mode : DIO
I (45) boot.esp32: SPI Flash Size : 4MB
I (49) boot: Enabling RNG early entropy source...
I (55) boot: Partition Table:
I (58) boot: ## Label Usage Type ST Offset Length
I (66) boot: 0 otadata OTA data 01 00 00009000 00002000
I (73) boot: 1 phy_init RF data 01 01 0000b000 00001000
I (81) boot: 2 app0 OTA app 00 10 00010000 001c0000
I (88) boot: 3 app1 OTA app 00 11 001d0000 001c0000
I (96) boot: 4 nvs WiFi data 01 02 00390000 0006d000
I (103) boot: End of partition table
I (107) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=58974h (362868) map
I (247) esp_image: segment 1: paddr=0006899c vaddr=3ffb0000 size=03400h ( 13312) load
I (253) esp_image: segment 2: paddr=0006bda4 vaddr=40080000 size=04274h ( 17012) load
I (260) esp_image: segment 3: paddr=00070020 vaddr=400d0020 size=f5cb8h (1006776) map
I (626) esp_image: segment 4: paddr=00165ce0 vaddr=40084274 size=112ach ( 70316) load
I (665) boot: Loaded app from partition at offset 0x10000
I (665) boot: Disabling RNG early entropy source...
I (677) cpu_start: Multicore app
I (677) cpu_start: Pro cpu up.
I (677) cpu_start: Starting app cpu, entry point is 0x400825c8
I (0) cpu_start: App cpu up.
I (695) cpu_start: Pro cpu start user code
I (695) cpu_start: cpu freq: 160000000
I (695) cpu_start: Application information:
I (700) cpu_start: Project name: study-atom-echo
I (705) cpu_start: App version: 2024.12.4
I (710) cpu_start: Compile time: Apr 18 2025 17:29:39
I (716) cpu_start: ELF file SHA256: 1db4989a56c6c930...
I (722) cpu_start: ESP-IDF: 4.4.8
I (727) cpu_start: Min chip rev: v0.0
I (732) cpu_start: Max chip rev: v3.99
I (737) cpu_start: Chip rev: v1.1
I (742) heap_init: Initializing. RAM available for dynamic allocation:
I (749) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
I (755) heap_init: At 3FFB8748 len 000278B8 (158 KiB): DRAM
I (761) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
I (767) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
I (774) heap_init: At 40095520 len 0000AAE0 (42 KiB): IRAM
I (781) spi_flash: detected chip: gd
I (784) spi_flash: flash io: dio
I (790) cpu_start: Starting scheduler on PRO CPU.
I (0) cpu_start: Starting scheduler on APP CPU.
[I][logger:171]: Log initialized
[C][safe_mode:079]: There have been 0 suspected unsuccessful boot attempts
[D][esp32.preferences:114]: Saving 1 preferences to flash...
[D][esp32.preferences:143]: Saving 1 preferences to flash: 0 cached, 1 written, 0 failed
[I][app:029]: Running through setup()...
[C][esp32_rmt_led_strip:021]: Setting up ESP32 LED Strip...
[D][template.select:014]: Setting up Template Select
[D][template.select:023]: State from initial (could not load stored index): On device
[D][select:015]: 'Wake word engine location': Sending state On device (index 1)
[D][esp-idf:000]: I (100) gpio: GPIO[39]| InputEn: 1| OutputEn: 0| OpenDrain: 0| Pullup: 0| Pulldown: 0| Intr:0
[D][binary_sensor:034]: 'Button': Sending initial state OFF
[C][light:021]: Setting up light 'M5Stack Atom Echo 8a1bc0'...
[D][light:036]: 'M5Stack Atom Echo 8a1bc0' Setting:
[D][light:041]: Color mode: RGB
[D][template.switch:046]: Restored state ON
[D][switch:012]: 'Use listen light' Turning ON.
[D][switch:055]: 'Use listen light': Sending state ON
[D][light:036]: 'M5Stack Atom Echo 8a1bc0' Setting:
[D][light:047]: State: ON
[D][light:051]: Brightness: 60%
[D][light:059]: Red: 100%, Green: 89%, Blue: 71%
[D][template.switch:046]: Restored state OFF
[D][switch:016]: 'timer_ringing' Turning OFF.
[D][switch:055]: 'timer_ringing': Sending state OFF
[C][i2s_audio:028]: Setting up I2S Audio...
[C][i2s_audio.microphone:018]: Setting up I2S Audio Microphone...
[C][i2s_audio.speaker:096]: Setting up I2S Audio Speaker...
[C][wifi:048]: Setting up WiFi...
[D][esp-idf:000]: I (206) wifi:
[D][esp-idf:000]: wifi driver task: 3ffc8544, prio:23, stack:6656, core=0
[D][esp-idf:000]:
[D][esp-idf:000][wifi]: I (1238) system_api: Base MAC address is not set
[D][esp-idf:000][wifi]: I (1239) system_api: read default base MAC address from EFUSE
[D][esp-idf:000][wifi]: I (1274) wifi:
[D][esp-idf:000][wifi]: wifi firmware version: ff661c3
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1274) wifi:
[D][esp-idf:000][wifi]: wifi certification version: v7.0
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1286) wifi:
[D][esp-idf:000][wifi]: config NVS flash: enabled
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1297) wifi:
[D][esp-idf:000][wifi]: config nano formating: disabled
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1317) wifi:
[D][esp-idf:000][wifi]: Init data frame dynamic rx buffer num: 32
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1338) wifi:
[D][esp-idf:000][wifi]: Init static rx mgmt buffer num: 5
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1348) wifi:
[D][esp-idf:000][wifi]: Init management short buffer num: 32
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1368) wifi:
[D][esp-idf:000][wifi]: Init dynamic tx buffer num: 32
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1389) wifi:
[D][esp-idf:000][wifi]: Init static rx buffer size: 1600
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1399) wifi:
[D][esp-idf:000][wifi]: Init static rx buffer num: 10
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1419) wifi:
[D][esp-idf:000][wifi]: Init dynamic rx buffer num: 32
[D][esp-idf:000][wifi]:
[D][esp-idf:000]: I (1441) wifi_init: rx ba win: 6
[D][esp-idf:000]: I (1441) wifi_init: tcpip mbox: 32
[D][esp-idf:000]: I (1450) wifi_init: udp mbox: 6
[D][esp-idf:000]: I (1450) wifi_init: tcp mbox: 6
[D][esp-idf:000]: I (1460) wifi_init: tcp tx win: 5760
[D][esp-idf:000]: I (1471) wifi_init: tcp rx win: 5760
[D][esp-idf:000]: I (1481) wifi_init: tcp mss: 1440
[D][esp-idf:000]: I (1481) wifi_init: WiFi IRAM OP enabled
[D][esp-idf:000]: I (1491) wifi_init: WiFi RX IRAM OP enabled
[C][wifi:061]: Starting WiFi...
[C][wifi:062]: Local MAC: 64:B7:08:8A:1B:C0
[D][esp-idf:000][wifi]: I (1513) phy_init: phy_version 4791,2c4672b,Dec 20 2023,16:06:06
[D][esp-idf:000][wifi]: I (1599) wifi:
[D][esp-idf:000][wifi]: mode : sta (64:b7:08:8a:1b:c0)
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1600) wifi:
[D][esp-idf:000][wifi]: enable tsf
[D][esp-idf:000][wifi]:
[D][esp-idf:000][wifi]: I (1605) wifi:
[D][esp-idf:000][wifi]: Set ps type: 1
[D][esp-idf:000][wifi]:
[D][wifi:482]: Starting scan...
[D][esp32.preferences:114]: Saving 1 preferences to flash...
[D][esp32.preferences:143]: Saving 1 preferences to flash: 1 cached, 0 written, 0 failed
[W][micro_wake_word:151]: Wake word detection can't start as the component hasn't been setup yet
[D][esp-idf:000][wifi]: I (1646) wifi:
[D][esp-idf:000][wifi]: Set ps type: 1
[D][esp-idf:000][wifi]:
[W][component:157]: Component wifi set Warning flag: scanning for networks
…
[I][wifi:617]: WiFi Connected!
…
[D][wifi:626]: Disabling AP...
[C][api:026]: Setting up Home Assistant API server...
[C][micro_wake_word:062]: Setting up microWakeWord...
[C][micro_wake_word:069]: Micro Wake Word initialized
[I][app:062]: setup() finished successfully!
[W][component:170]: Component wifi cleared Warning flag
[W][component:157]: Component api set Warning flag: unspecified
[I][app:100]: ESPHome version 2024.12.4 compiled on Apr 18 2025, 17:29:39
…
[C][logger:185]: Logger:
[C][logger:186]: Level: DEBUG
[C][logger:188]: Log Baud Rate: 115200
[C][logger:189]: Hardware UART: UART0
[C][esp32_rmt_led_strip:187]: ESP32 RMT LED Strip:
[C][esp32_rmt_led_strip:188]: Pin: 27
[C][esp32_rmt_led_strip:189]: Channel: 0
[C][esp32_rmt_led_strip:214]: RGB Order: GRB
[C][esp32_rmt_led_strip:215]: Max refresh rate: 0
[C][esp32_rmt_led_strip:216]: Number of LEDs: 1
[C][template.select:065]: Template Select 'Wake word engine location'
[C][template.select:066]: Update Interval: 60.0s
[C][template.select:069]: Optimistic: YES
[C][template.select:070]: Initial Option: On device
[C][template.select:071]: Restore Value: YES
[C][gpio.binary_sensor:015]: GPIO Binary Sensor 'Button'
[C][gpio.binary_sensor:016]: Pin: GPIO39
[C][light:092]: Light 'M5Stack Atom Echo 8a1bc0'
[C][light:094]: Default Transition Length: 0.0s
[C][light:095]: Gamma Correct: 2.80
[C][template.switch:068]: Template Switch 'Use listen light'
[C][template.switch:091]: Restore Mode: restore defaults to ON
[C][template.switch:057]: Optimistic: YES
[C][template.switch:068]: Template Switch 'timer_ringing'
[C][template.switch:091]: Restore Mode: always OFF
[C][template.switch:057]: Optimistic: YES
[C][factory_reset.button:011]: Factory Reset Button 'Factory reset'
[C][factory_reset.button:011]: Icon: 'mdi:restart-alert'
[C][captive_portal:089]: Captive Portal:
[C][mdns:116]: mDNS:
[C][mdns:117]: Hostname: study-atom-echo-8a1bc0
[C][esphome.ota:073]: Over-The-Air updates:
[C][esphome.ota:074]: Address: study-atom-echo.local:3232
[C][esphome.ota:075]: Version: 2
[C][esphome.ota:078]: Password configured
[C][safe_mode:018]: Safe Mode:
[C][safe_mode:020]: Boot considered successful after 60 seconds
[C][safe_mode:021]: Invoke after 10 boot attempts
[C][safe_mode:023]: Remain in safe mode for 300 seconds
[C][api:140]: API Server:
[C][api:141]: Address: study-atom-echo.local:6053
[C][api:143]: Using noise encryption: YES
[C][micro_wake_word:051]: microWakeWord:
[C][micro_wake_word:052]: models:
[C][micro_wake_word:015]: - Wake Word: Hey Jarvis
[C][micro_wake_word:016]: Probability cutoff: 0.970
[C][micro_wake_word:017]: Sliding window size: 5
[C][micro_wake_word:021]: - VAD Model
[C][micro_wake_word:022]: Probability cutoff: 0.500
[C][micro_wake_word:023]: Sliding window size: 5
[D][api:103]: Accepted 192.168.39.6
[W][component:170]: Component api cleared Warning flag
[W][component:237]: Component api took a long time for an operation (58 ms).
[W][component:238]: Components should block for at most 30 ms.
[D][api.connection:1446]: Home Assistant 2024.3.3 (192.168.39.6): Connected successfully
[D][ring_buffer:034]: Created ring buffer with size 2048
[D][micro_wake_word:399]: Resetting buffers and probabilities
[D][micro_wake_word:195]: State changed from IDLE to START_MICROPHONE
[D][micro_wake_word:107]: Starting Microphone
[D][micro_wake_word:195]: State changed from START_MICROPHONE to STARTING_MICROPHONE
[D][esp-idf:000]: I (11279) I2S: DMA Malloc info, datalen=blocksize=1024, dma_buf_count=4
[D][micro_wake_word:195]: State changed from STARTING_MICROPHONE to DETECTING_WAKE_WORD
That’s enough to get a voice satellite that can be configured
up in Home Assistant; you’ll need the ESPHome
Integration added, then for the noise_psk
key you use
the same string as I have under api/encryption/key
in
my diff above (obviously do your own, I used dd if=/dev/urandom bs=32
count=1 | base64
to generate mine).
If you’re like me and a compulsive VLANer and firewaller even within your own network then you need to allow Home Assistant to connect on TCP port 6053 to the ATOM Echo, and also allow access to/from UDP port 6055 on the Echo (it’ll send audio from that port to Home Assistant, then receive back audio to the same port).
At this point you can now shout “Hey Jarvis, what time is it?” at the Echo, and the white light will turn flashing blue (indicating it’s heard the wake word). Which means we’re ready to teach Home Assistant how to do something with the incoming audio.
Wrecker regime legal setbacks [Richard Stallman's Political Notes]
*The wrecker's officials create uncertainty to evade court orders rather than comply.*
Wind projects imperiled, US coasts [Richard Stallman's Political Notes]
[The wrecker] *halts construction of big wind farm off New York coast.*
Our Favorite Teriyaki Shops in Seattle [The Stranger]
Yes, Seattle has market-fresh seafood and one of the best coffee scenes in the country, and is home to the Seattle dog. But there's no denying: Seattle is teriyaki town. In the late 1970s, Toshi Kasahara started serving the masses chargrilled chicken slathered with his signature sauce atop a bed of steaming rice, popularizing the dish and pioneering a wave of teriyaki shops all over the city. Quality, portion size, proximity to your house, and even salad dressing are all contributing factors to what can be considered the city's "best" teriyaki, but here are a few of our favorites.
Grillbird
As a lifelong vegetarian and Seattleite, I am extremely skeptical
of the tofu teriyaki in this city. Most teriyaki restaurants
don’t offer non-meat dishes, and if they do, it’s
usually a sad slab of raw tofu with a little side of sauce. As far
as I can tell, West Seattle’s Grillbird is the only
restaurant that’s filling this gap. Grillbird makes marinated
sesame tofu and fried cauliflower that is crispy, flavorful, and
saucy enough to seep down and coat your rice. Plus, they offer
mouthwatering sides, including a tart cucumber salad and, in my
opinion, the world’s best macaroni salad. The shop doesn't
have indoor dining, but you can take it to go for a nourishing,
reasonably priced meal to eat in front of the TV. AUDREY
VANN
Community meetup in Pittsburgh, PA, USA [Planet GNU]
We will be discussing ways to interact with the open source community, and discussing ideas for an October event to celebrate the FSF 40th anniversary.
Slog AM: Pike Place Market Kind of Bans Cars, People in Washington Keep Pointing Lasers at Planes, Alaska Airlines Loses Millions [The Stranger]
Seattle's Only Morning News Roundup. by Charles Mudede
KOMO, rolling its eyes: "Be ready to get turned away from driving into Pike Place Market." Have pedestrians finally won this long and stupid war? Have those in power at last seen the light? Hardly. The Pike Place Market Preservation and Development Authority (PDA) bills this ban as nothing bigger than a pilot program. Meaning, it may or may not last. And, by the way, the program doesn't run the full length of the street. Only half of it. And, by the way, a considerable part of Pike Street is under construction. (Seattle Public Utilities is tearing up sections of the street and sidewalk for repairs and improvements.) This work will end on July 18, at which time, I suspect, the ban will be lifted. In truth, cars really couldn't go down Pike Street during construction anyway, so little to no enlightenment played a role in the ban.
I visited Pike Street on the day it was kind of liberated, April 23, and soon found the calm that never fails to settle in a place with little or no rumblings or roars from the world's most wasteful mode of transportation. You can even hear other humans better. "Bruce, what the hell is wrong with you?" A young woman said this to a boy who tried to kick a pigeon that was doing nothing but minding its own business.
A Pike Place business owner claims that the closing of Pike Street has already cost them business? On day one? That's all it took for the sky to start falling? Are we to believe the business owner exists in a world that has never heard of the expression: "give it a chance"? Or does KIRO Newsradio not want to give the pilot program a chance? It is, I believe, the latter. You see, what the business owner actually said (“Whenever the street is closed, the people stop coming into the building as much and my line disappears”) is different from what the story's headline says: "Pike Place Market business owner says street closure stalls sales." Expect to see this kind of manipulation in the days to come. Our culture is built to see anything that poses even the slightest challenge to cars as an extinction-level threat to the greatest freedom America has ever known.
We could reach and even pass 70 today, which is, of course, as hot as any day should ever be. Beyond 70, misery. Beyond 75, the sun becomes nothing but a bully in the sky. The German philosopher Hegel once wrote that "history is not the soil in which happiness grows. The periods of happiness in it are the blank pages of history." I feel the same way about sunny days. They are blank. There's not much to say about them.
Alaska Airlines was stung by the first quarter. It lost $166 million, though it made $3.1 billion. And this bad news arrived just as Trump's tariffs and economic confusion made it difficult for the airline to see a return to profitability in the near future. The company, however, plans to hold its chin up and move forward. In the famous words of Conan the Barbarian: What doesn't kill you, makes you stronger. That's the spirit.
Skye at Belltown, a modernist tower designed in 1955 by Earl Morrison, the same architect behind the Olive Tower, was sold for $102.7 million, Puget Sound Business Journal reports. The Belltown building, first named Grosvenor House, then Wall Street Tower, has it all: 371-units, great views of the Space Needle, and a rich local history. The sale's broker told PSBJ that the deal marked the return of institutional investors "from the sidelines."
Will the people of Washington State find something better to do than pointing lasers at passing airplanes? KING 5 reports that there's been 438 such strikes since March. (There were just 23 in 2023, and 383 in 2024.) Pointing a laser at a plane is, if you don't know, a federal offense that could cost you $250,000 or 5 years. The FBI is now asking the public to name names. The Federal Aviation Administration is rightly frustrated. Unlike so many other puerile practices, the exact pleasure in this one is impossible to find.
Trump ignited a trade war, crashed the markets, and now China is in no mood to end it. They didn't start the fire. New York Times: "Stocks Waver as China Calls Reports of U.S. Tariff Talks ‘Baseless’" So, Trump's administration is not even really talking to China. It's talking to (manipulate) the market. It must not be forgotten that none of this had to happen. Behind this chaos, you won't find a meaningful cause. This is why those who think there's some kind of deep scheming going on (like: he is destroying the market so that bond rates fall) are mistaken. Trump just doesn't know what the fuck he is doing. All he knows is he must look like he is doing something.
For example, Trump is now trying to turn down the tariff hot air because the CEOs Walmart, Target, and Home Depot told him, behind closed doors, that his trade war with China would "disrupt supply chains and lead to empty shelves in the coming weeks." The amazing thing about this story is someone had to spell it out for him. Someone had to tell him how the American economy actually works. The understanding among these CEOs is he knows jack. And they are right about that.
Let's end Slog AM with this chill tune by Waikiki Sweet Heart:
I'm rebuilding my nightly email-sending code from the bottom up. Something I never properly understood is that most mail clients don't include your CSS files, so people were seeing the writing and images with no style. What an embarassment. As often is the case in 2025, I have ChatGPT to guide me through getting this right. The secret is inline styles. And there's no simple way to do the conversion, except element by element. Seems like an OS could do this for us somewhere along the line. Now I have to think about how to test it without trying to just switch it over, trying to avoid breaking everyone at once. But the nightly email might start looking a lot better for some real soon, and for others, only slight almost no noticeable differences.
We should demand that the new owner of Chrome must respect the open web as something it does not have the power to change. Google never got this and we're losing the archive function of the web because of this. Please read and pass on -- now -- we're in a unique position to fix this.
Free Software Directory meeting on IRC: Friday, May 2, starting at 12:00 EDT (16:00 UTC) [Planet GNU]
Join the FSF and friends on Friday, May 2 from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.
Taler iOS wallet independent security audit report published [Planet GNU]
RadicallyOpenSecurity performed an external crystal-box security audit of the GNU Taler iOS wallet (excluding wallet-core) funded by NGI. You can find the final report here. We already addressed all significant findings except enabling FaceID/TouchID to enable using the app which remains a feature on our roadmap to be addressed in the next few months. We thank RadicallyOpenSecurity for their work and the European Commission's Horizion 2020 NGI initiative for funding the development of the iOS wallet including the security review.
[$] Some __nonstring__ turbulence [LWN.net]
New compiler releases often bring with them new warnings; those warnings are usually welcome, since they help developers find problems before they turn into nasty bugs. Adapting to new warnings can also create disruption in the development process, though, especially when an important developer upgrades to a new compiler at an unfortunate time. This is just the scenario that played out with the 6.15-rc3 kernel release and the implementation of -Wunterminated-string-initialization in GCC 15.
[$] Freezing filesystems for suspend [LWN.net]
Sometimes worms have a tendency to multiply once their can is opened. James Bottomley recently encountered that situation; he led a session in the filesystem track at the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF) to discuss filesystem behavior with respect to suspending and resuming the system. As he noted in his topic proposal, he came at the problem because he needed a way to resynchronize the contents of efivarfs after a system resume and thought there should be an API available to use. But, as the resulting thread shows, the filesystem freeze and thaw code had never been used by the system-wide suspend and resume code. Due to a scheduling mixup, though, several of us missed Bottomley's session, including Luis Chamberlain who has been working on hooking those two pieces up; what follows is largely from a second session that Chamberlain led, with some background information from the topic-proposal discussion and an email exchange with Bottomley.
One of the nice things about WordLand is that titles are
optional. Some posts are too short to require a title. In a
sense they are their own title. We know the benefits well, having
used Twitter for a long time. There's no reason this simple idea
shouldn't work in RSS feeds and blogging, in fact RSS doesn't
require titles. And there's no requirement in WordPress either. So
we support them, with gusto. I want this network to do what Twitter
does, and everything Twitter doesn't do, that writers want.
#writersweb
ChatGPT can level the playing field [Scripting News]
There's a company that I have an account with because they're the only ones who provide the service I need, so I have to stay with them. They have made my telephone unusable, they call me all the time from varying phone numbers, wanting me to do things, or with a "courtesy reminder" that I could spend more money with them. My number is a cell phone btw. On my user profile on their site, I unchecked phone as a way for them to contact me, only leaving email checked. They appear to be ignoring this. My question is this -- how do I get their attention and get them to stop calling me. The constant interruptions are interfering with my life and work.
That was a ChatGPT prompt. It gave me lots of options, but two were outstanding.
I hadn't thought of doing this until today. Usually the big companies have all the power. They can force you to call them back and wait on hold and then it's not clear they'll even understand or respect the request. ChatGPT also suggested the FTC (heh I doubt if it can do much with Trump as president) or the state Attorney General (we still have a government in NY).
So think about it next time you have trouble with a megamonolithic company that's bullying you. We may have a tool at our disposal that levels the playing field.
When I define a window class with no default cursor, what is the explanation for the cursors that appear in my client area? [The Old New Thing]
A customer created a window class with no default cursor,
meaning that they set the hCursor
to
nullptr
. What they saw was that the window showed up
with an hourglass cursor, and that cursor never went away on its
own. But if the user moved the mouse over a border, then the border
arrow cursor carried into the client area. What’s going
on?
What’s going on is that by setting the cursor to
nullptr
, you’re saying “I will take care
of the cursor.” Some time ago, I discussed how the
cursor gets set, and if nobody else takes responsibility, then
DefWindowProc
sets the cursor to the window
class’s registered class cursor.
If there is no registered class cursor (if you set it to
nullptr
), then that final fallback step doesn’t
do anything, and nobody sets the cursor.
If nobody sets the cursor, then the cursor remains unchanged,
and whatever cursor is currently set continues to be the cursor.
The cursor remains set until somebody else sets a new one. If the
cursor wanders over a border, then the
DefWindowProc
function sets the border
cursor. And then when it wanders into the client area, nobody sets
the cursor, so the old border cursor remains.
Nobody actively asked for the border cursor to appear in the client area. Rather, nobody said what they wanted to appear in the client area, so nothing was changed.
The moral of the story is that if you set your class cursor to
nullptr
, then you are assuming responsibility for
handling the WM_SETCURSOR
message and making
sure that, eventually, somehow, a cursor gets set. If you fail to
fulfill that obligation, then nobody sets the cursor, and you get
leftover garbage.
The post When I define a window class with no default cursor, what is the explanation for the cursors that appear in my client area? appeared first on The Old New Thing.
Security updates for Thursday [LWN.net]
Security updates have been issued by Debian (haproxy and openrazer), Fedora (c-ares and mingw-poppler), Red Hat (thunderbird), SUSE (epiphany, ffmpeg-6, gopass, and libsoup-3_0-0), and Ubuntu (erlang, haproxy, libapache2-mod-auth-openidc, libarchive, linux, linux-aws, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-raspi, linux, linux-aws, linux-azure, linux-azure-6.8, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-oracle-6.8, linux-aws-6.8, linux-aws-fips, linux-fips, linux-gcp-fips, linux-azure-fips, linux-gcp, linux-gke, linux-gkeop, linux-gcp-6.8, linux-ibm-5.15, linux-intel-iot-realtime, linux-realtime, linux-intel-iotg-5.15, linux-realtime, perl, and yelp, yelp-xsl).
Gábor Melis: PAX and DRef v0.4 [Planet Lisp]
Version 0.4 of PAX, the documentation system, and DRef, the definition reifier, was released. There were large refactorings, bug fixes, minor features, cosmetics, documentation and performance improvements too numerous to list. Here is a summary of the new features and notable changes.
DRef now supports
DTYPE
s, which allow filtering
DEFINITIONS
and
DREF-APROPOS
results according to the locative
type hierarchy:
(definitions 'print)
==> (#<DREF PRINT FUNCTION>
--> #<DREF PRINT (UNKNOWN (:DEFOPTIMIZER PRINT SB-C:DERIVE-TYPE))>
--> #<DREF PRINT (UNKNOWN
--> (DECLAIM PRINT
--> SB-C:DEFKNOWN))>)
(definitions 'print :dtype '(and t (not unknown)))
==> (#<DREF PRINT FUNCTION>)
The AND T
bit restricts the query to definitions in
the running Lisp. The top of the DTYPE
hierarchy is
DREF:TOP
, which includes external definitions such
as the CLHS
, that comes with PAX:
(definitions 'print :dtype '(not unknown))
==> (#<DREF PRINT (CLHS FUNCTION)> #<DREF PRINT FUNCTION>)
(dref-apropos "method" :package :dref :external-only t :dtype 'class)
==> (#<DREF METHOD CLASS> #<DREF METHOD-COMBINATION CLASS>)
The
locative type hierarchy can be queried programmatically, and
this information is included in their documentation (see for
example
the GENERIC-FUNCTION
locative type).
The PAX Live Home Page better supports exploration without having to leave the browser.
It lists packages grouped by ASDF systems that define them (when this can be determined from the source locations).
It links to apropos pages for each locative type.
It has an input box for looking up documentation right from the
browser (as if with mgl-pax-document
from Emacs).
It has an input box for looking up apropos right from the
browser (as if with mgl-pax-apropos
from Emacs).
The web server can be started without Emacs.
Completion of names and locatives in Emacs is much improved.
New aliases were added to the CLHS
pages
documenting format directives (e.g. ~F
), standard
macro characters (#A
) and loop keywords
(sum
, :sum
, loop:sum
), so
that one can just
C-.
(mgl-pax-document
) them. See the
documentation of the
CLHS
locative.
The DRef extension api has been cleaned up.
Pluralistic: Every complex ecosystem has parasites (24 Apr 2025) [Pluralistic: Daily links from Cory Doctorow]
Patrick "patio11" McKenzie is a fantastic explainer, the kind of person who breaks topics down in ways that stay with you, and creep into your understanding of other subjects, too. Take his 2022 essay, "The optimal amount of fraud is non-zero":
https://www.bitsaboutmoney.com/archive/optimal-amount-of-fraud/
It's a very well-argued piece, and here's the nut of it:
The marginal return of permitting fraud against you is plausibly greater than zero, and therefore, you should welcome greater than zero fraud.
In other words, if you allow some fraud, you will also allow through a lot of non-fraudulent business that would otherwise trip your fraud meter. Or, put it another way, the only way to prevent all fraud is to chase away a large proportion of your customers, whose transactions are in some way abnormal or unexpected.
Another great explainer is Bruce Schneier, the security expert. In the wake of 9/11, lots of pundits (and senior government officials) ran around saying, "No price is too high to prevent another terrorist attack on our aviation system." Schneier had a foolproof way of shutting these fools up: "Fine, just ground all civilian aircraft, forever." Turns out, there is a price that's too high to pay for preventing air-terrorism.
Latent in these two statements is the idea that the most secure systems are simple, and while simplicity is a fine goal to strive for, we should always keep in mind the maxim attributed to Einstein, "Everything should be made as simple as possible, but not simpler." That is to say, some things are just complicated.
20 years ago, my friend Kathryn Myronuk and I were talking about the spam wars, which were raging at the time. The spam wars were caused by the complexity of email: as a protocol (rather than a product), email is heterogenuous. There are lots of different kinds of email servers and clients, and many different ways of creating and rendering an email. All this flexibility makes email really popular, and it also means that users have a wide variety of use-cases for it. As a result, identifying spam is really hard. There's no reliable automated way of telling whether an email is spam or not – you can't just block a given server, or anyone using a kind of server software, or email client. You can't choose words or phrases to block and only block spam.
Many solutions were proposed to this at the height of the spam wars, and they all sucked, because they all assumed that the way the proposer used email was somehow typical, thus we could safely build a system to block things that were very different from this "typical" use and not catch too many dolphins in our tuna nets:
https://craphound.com/spamsolutions.txt
So Kathryn and I were talking about this, and she said, "Yeah, all complex ecosystems have parasites." I was thunderstruck. The phrase entered my head and never left. I even gave a major speech with that title later that year, at the O'Reilly Emerging Technology Conference:
https://craphound.com/complexecosystems.txt
Truly, a certain degree of undesirable activity is the inevitable price you pay once you make something general purpose, generative, and open. Open systems – like the web, or email – succeed because they are so adaptable, which means that all kinds of different people with different needs find ways to make use of them. The undesirable activity in open systems is, well, undesirable, and it's valid and useful to try to minimize it. But minimization isn't the same as elimination. "The optimal amount of fraud is non-zero," because "everything should be made as simple as possible, but not simpler." Complexity is generative, but "all complex ecosystems have parasites."
America is a complex system. It has, for example, a Social Security apparatus that has to serve more than 65 million people. By definition, a cohort of 65 million people will experience 65 one-in-a-million outliers every day. Social Security has to accommodate 65 million variations on the (surprisingly complicated) concept of a "street address":
https://gist.github.com/almereyda/85fa289bfc668777fe3619298bbf0886
It will have to cope with 65 million variations on the absolutely, maddeningly complicated idea of a "name":
https://www.kalzumeus.com/2010/06/17/falsehoods-programmers-believe-about-names/
In cybernetics, we say that a means of regulating a system must be capable of representing as many states as the system itself – that is, if you're building a control box for a thing with five functions, the box needs at least five different settings:
http://pespmc1.vub.ac.be/REQVAR.html
So when we're talking about managing something as complicated as Social Security, we need to build a Social Security Administration that is just as complicated. Anything that complicated is gonna have parasites – once you make something capable of managing the glorious higgeldy piggeldy that is the human experience of names, dates of birth, and addresses, you will necessarily create exploitable failure modes that bad actors can use to steal Social Security. You can build good fraud detection systems (as the SSA has), and you can investigate fraud (as the SSA does), and you can keep this to a manageable number – in the case of the SSA, that number is well below one percent:
https://www.congress.gov/crs_external_products/IF/PDF/IF12948/IF12948.2.pdf
But if you want to reduce Social Security fraud from "a fraction of one percent" to "zero percent," you can either expend a gigantic amount of money (far more than you're losing to fraud) to get a little closer to zero – or you can make Social Security far simpler. For example, you could simply declare that anyone whose life and work history can't fit in a simple database schema is not eligible for Social Security, kick tens of millions of people off the SSI rolls, and cause them to lose their homes and starve on the streets. This isn't merely cruel, it's also very, very expensive, since homelessness costs the system far more than Social Security. The optimum amount of fraud is non-zero.
Conservatives hate complexity. That's why the Trump administration banned all research grants for proposals that contained the word "systemic" (as a person with so-far-local cancer, I sure worry about what happens when and if my lymphoma become systemic). I once described the conservative yearning for "simpler times," as a desire to be a child again. After all, the thing that made your childhood "simpler" wasn't that the world was less complicated – it's that your parents managed that complexity and shielded you from it. There's always been partner abuse, divorce, gender minorities, mental illness, disability, racial discrimination, geopolitical crises, refugees, and class struggle. The only people who don't have to deal with this stuff are (lucky) children.
Complexity is an unavoidable attribute of all complicated processes. Evolution is complicated, so it produces complexity. It's convenient to think about a simplified model of genes in which individual genes produce specific traits, but it turns out genes all influence each other, are influenced in turn by epigenetics, and that developmental factors play a critical role in our outcomes. From eye-color to gender, evolution produces spectra, not binaries. It's ineluctably (and rather gloriously) complicated.
The conservative project to insist that things can be neatly categorized – animal or plant, man or woman, planet or comet – tries to take graceful bimodal curves and simplify them into a few simple straight lines – one or zero (except even the values of the miniature transistors on your computer's many chips are never at "one" or "zero" – they're "one-ish" and "mostly zero").
Like Social Security, fraud in the immigration system is a negligible rounding error. The US immigration system is a baroque, ramified, many-tendriled thing (I have the receipts from the immigration lawyers who helped me get a US visa, a green card, and citizenship to prove it). It is already so overweighted with pitfalls and traps for the unwary that a good immigration lawyer might send you to apply for a visa with 600 pages of documentation (the most I ever presented) just to make sure that every possible requirement is met:
https://www.flickr.com/photos/doctorow/2242342898/in/photolist-zp6PxJ-4q9Aqs-2nVHTZK-2pFKHyf
After my decades of experience with the US immigration system, I am prepared to say that the system is now at a stage where it is experiencing sharply diminishing returns from its anti-fraud systems. The cost of administering all this complexity is high, and the marginal amount of fraud caught by any new hoop the system gins up for migrants to jump through will round to zero.
Which poses a problem for Trump and trumpists: having whipped up a national panic about out of control immigration and open borders, the only way to make the system better at catching the infinitesimal amount of fraud it currently endures is to make the rules simpler, through the blunt-force tactic of simply excluding people who should be allowed in the country. For example, you could ban college kids planning to spend the summer in the US on the grounds that they didn't book all their hotels in advance, because they're planning to go from city to city and wing it:
https://www.newsweek.com/germany-tourists-deported-hotel-maria-lepere-charlotte-pohl-hawaii-2062046
Or you could ban the only research scientist in the world who knows how to interpret the results of the most promising new cancer imaging technology because a border guard was confused about the frog embryos she was transporting (she's been locked up for two months now):
Of course, the US has long operated a policy of "anything that confuses a border guard is grounds for being refused entry" but the Trump administration has turned the odd, rare outrage into business-as-usual.
But they can lock up or turn away as many people as they want, and they still won't get the amount of fraud to zero. The US is a complicated place. People have complicated reasons for entering the USA – work, family reunion, leisure, research, study, and more. The only immigration system that doesn't leak a little at the seams is an immigration system that is so simple that it has no seams – a toy immigration system for a trivial country in which so little is going on that everything is going on.
The only garden without weeds is a monoculture under a dome. The only email system without spam is a closed system managed by one company that only allows a carefully vetted cluster of subscribers to communicate with one another. The only species with just two genders is one wherein members who fit somewhere else on the spectrum are banished or killed, a charnel process that never ends because there are always newborns that are outside of the first sigma of the two peaks in the bimodal distribution.
A living system – a real country – is complicated. It's a system, where people do things you'll never understand for perfectly good reasons (and vice versa). To accommodate all that complexity, we need complex systems, and all complex ecosystems have parasites. Yes, you can burn the rainforest to the ground and plant monocrops in straight rows, but then what you have is a farm, not a forest, vulnerable to pests and plagues and fire and flood. Complex systems have parasites, sure, but complex systems are resilient. The optimal level of fraud is never zero, because a system that has been simplified to the point where no fraud can take place within it is a system that is so trivial and brittle as to be useless.
Your primary source for news https://primarynewssource.org
"A Lot of Emotion": The Rocky Marriage of Instagram and Facebook https://www.bigtechontrial.com/p/a-lot-of-emotion-the-rocky-marriage
#20yrsago French court bans DRM for DVDs https://web.archive.org/web/20050424023258/https://www.01net.com/editorial/274752/droit/la-justice-interdit-de-proteger-les-dvd-contre-la-copie/
#20yrsago Why governments make stupid copyrights https://www.ft.com/content/39b697dc-b25e-11d9-bcc6-00000e2511c8
#20yrsago London Review of Books’s personals are really dirty and funny https://web.archive.org/web/20050426005000/http://www.lrb.co.uk/classified/index.php#PERSONALS
#20yrsago German crooner’s megaphone-style covers of modern rock https://www.palast-orchester.de/en
#15yrsago British Airways leaves stranded passengers all over world, jacks up prices on tickets home https://www.theguardian.com/news/blog/2010/apr/23/iceland-volcano-thousands-passengers-stranded
#15yrsago Google highlights fair use defense to YouTube takedowns https://publicpolicy.googleblog.com/2010/04/content-id-and-fair-use.html
#15yrsago Microsoft wins its $100M tax-break and amnesty from broke-ass Washington State https://web.archive.org/web/20100429061500/http://microsofttaxdodge.com/2010/04/microsoft-gets-nevada-royalty-tax-cut-and-tax-amnesty.html?all
#10yrsago Privilege: you’re probably not the one percent https://jacobin.com/2015/04/1-99-percent-class-inequality
#10yrsago Marissa Mayer makes 1,100 Yahooers jobless, calls it a “remix” https://web.archive.org/web/20150425183847/http://news.dice.com/2015/04/22/yahoo-called-its-layoffs-a-remix-dont-do-that/?CMPID=AF_SD_UP_JS_AV_OG_DNA_
#10yrsago Canadian Big Content spokesjerk says the public domain is against the public interest https://www.michaelgeist.ca/2015/04/canadian-recording-industry-works-entering-the-public-domain-are-not-in-the-public-interest/
#5yrsago Riot Baby https://pluralistic.net/2020/04/23/riot-baby/#Tochi-Onyebuchi
#5yrsago Mayor of Las Vegas says the "free market" will decide what's safe https://pluralistic.net/2020/04/23/riot-baby/#carolyn-goodman
#1yrago "Humans in the loop" must detect the hardest-to-spot errors, at superhuman speed https://pluralistic.net/2024/04/23/maximal-plausibility/#reverse-centaurs
Wellingon: Unity Books, May 3, 3PM
https://www.unitybooks.co.nz/news-and-events/author-talk-picks-and-shovels-by-cory-doctorow
Pittsburgh: Picks and Shovels at White Whale Books, May 15
https://whitewhalebookstore.com/events/20250515
Pittsburgh: PyCon, May 16
https://us.pycon.org/2025/schedule/
Virtual: Writing to Resist (California Writers Club
Berkeley):
https://cwc-berkeley.org/writing-to-resist-5-18-25/
PDX: Teardown 2025, Jun 20-22
https://www.crowdsupply.com/teardown/portland-2025
PDX: Picks and Shovels with bunnie Huang at Barnes and Noble,
Jun 20
https://stores.barnesandnoble.com/event/9780062183697-0
London: How To Academy with Riley Quinn, Jul 1
https://howtoacademy.com/events/cory-doctorow-the-fight-against-the-big-tech-oligarchy/
Manchester: Picks and Shovels at Blackwell's Bookshop, Jul 2
https://www.eventbrite.co.uk/e/an-evening-with-cory-doctorow-tickets-1308451968059
Manchester: Co-operatives UK Co-op Congress keynote, Jul 3
https://www.uk.coop/events-and-training/events-calendar/co-op-congress-2025-book-your-place
New Orleans: DeepSouthCon63, Oct 10-12, 2025
http://www.contraflowscifi.org/
Can we use the Internet for Democracy?
https://www.youtube.com/watch?v=Zh_HON6iql8
Fightback Against Trump's Tariff Attack (Avi Lewis)
https://www.youtube.com/watch?v=P9sgIAc6z_o
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org). Signed, personalized copies at Dark Delicacies (https://www.darkdel.com/store/p3007/Pre-Order_Signed_Copies%3A_The_Lost_Cause_HB.html#/)
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com. Signed copies at Dark Delicacies (US): and Forbidden Planet (UK): https://forbiddenplanet.com/385004-red-team-blues-signed-edition-hardcover/.
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
"Attack Surface": The third Little Brother novel, a standalone technothriller for adults. The Washington Post called it "a political cyberthriller, vigorous, bold and savvy about the limits of revolution and resistance." Order signed, personalized copies from Dark Delicacies https://www.darkdel.com/store/p1840/Available_Now%3A_Attack_Surface.html
"How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet analyzing the true harms of surveillance capitalism and proposing a solution. https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59?sk=f6cd10e54e20a07d4c6d0f3ac011af6b) (signed copies: https://www.darkdel.com/store/p2024/Available_Now%3A__How_to_Destroy_Surveillance_Capitalism.html)
"Little Brother/Homeland": A reissue omnibus edition with a new introduction by Edward Snowden: https://us.macmillan.com/books/9781250774583; personalized/signed copies here: https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html
"Poesy the Monster Slayer" a picture book about monsters, bedtime, gender, and kicking ass. Order here: https://us.macmillan.com/books/9781626723627. Get a personalized, signed copy here: https://www.darkdel.com/store/p2682/Corey_Doctorow%3A_Poesy_the_Monster_Slayer_HB.html#/.
Unauthorized Bread: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026
Enshittification, Why Everything Suddenly Got Worse and What to Do About It (the graphic novel), Firstsecond, 2026
The Memex Method, Farrar, Straus, Giroux, 2026
Today's top sources:
Currently writing:
A Little Brother short story about DIY insulin PLANNING
Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS FEB 2025
Latest podcast: Nimby and the D-Hoppers CONCLUSION https://craphound.com/stories/2025/04/13/nimby-and-the-d-hoppers-conclusion/
This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Medium (no ads, paywalled):
Twitter (mass-scale, unrestricted, third-party surveillance and advertising):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
CodeSOD: Tangled Up in Foo [The Daily WTF]
DZ's tech lead is a doctor of computer science, and that doctor loves to write code. But you already know that "PhD" stands for "Piled high and deep", and that's true of the tech lead's clue.
For example, in C#:
private List<Foo> ExtractListForId(string id)
{
List<Foo> list = new List<Foo>();
lock (this)
{
var items = _foos.Where(f => f.Id == id).ToList();
foreach (var item in items)
{
list.Add(item);
}
}
return list;
}
The purpose of this function is to find all the elements in a
list where they have a matching ID. That's accomplished in one
line: _foo.Where(f => f.Id == id)
. For some reason,
the function goes through the extra step of iterating across the
returned list and constructing a new one. There's no real good
reason for this, though it does force LINQ to be eager- by default,
the Where
expression won't be evaluated until you
check the results.
The lock
is in there for thread safety, which hey-
the enumerator returned by Where
is not
threadsafe, so that's not a useless thing to do there. But it's
that lock
which hints at the deeper WTF here: our
PhD-having-tech-lead knows that adding threads ensures you're using
more of the CPU, and they've thrown threads all over the place
without any real sense to it. There's no clear data ownership of
any given thread, which means everything is lock
ed to
hell and back, the whole thing frequently deadlocks, and it's
impossible to debug.
It's taken days for DZ to get this much of a picture of what's going on in the code, and further untangling of this multithreaded pile of spaghetti is going to take many, many more days- and much, much more of DZ's sanity.
Grrl Power #1350 – Objectified permanence [Grrl Power]
There is an obvious breakpoint for any stat where it goes from “nice to be recognized for that thing” to the crippling insecurity of “will anyone love me for me.” I won’t say something obvious like there’s a downside to incredible wealth or comeliness, I’ll just point out that a lot of people tend to define themselves by their most outstanding attribute, partially because very few people have the time to develop multiple outstanding attributes. If you’re wealthy, and that wealth is not dependent on you personally putting in 90 hours a week, then you might have the freedom and time to become a champion dressagist (dressager?) and also a world class painter. But if you’re “the smart kid,” and by that I mean the skips grades and takes advanced courses and starts college at 15 smart kid, then chances are you spend most of your time developing those smarts and doing extracurricular work, and when you finally make it to CERN and discover that everyone there was the smart kid and now you’re kind of in the middle, you might suddenly develop and urge to become really good at the clarinet or rebuilding car engines so that you have something to make you stand out again.
Having women fall all over themselves to catch your eye is a fun fantasy for guys because that’s not how it works for 97% of us. It’s sad but also a little cathartic when I find a thread on Reddit where guys get to reminiscing about the one time 12 years ago when someone paid them a compliment, because it was the only time it’s ever happened in their life. That’s how far from “women falling all over themselves” it is for most guys. That’s also why harem anime/novels are so popular. The idea of a guy being able to attract/keep multiple women is such high fantasy that it makes anything that happens on the new seasons of Doctor Who seem grounded and down to Earth.
Having an S++ tier comeliness (my art notwithstanding) is going to make for some good times for sure, but Flash Drive is going to eventually enter a phase of his life where he wants something more than a relationship based on superficial attraction. Probably. Maybe it’s enough for him to know that he’s got 57 kids out there that he’s never met.
The thing about a comeliness stat is that it’s actually hard to imagine how it would work above a certain level. Strength is easy. There’s always something heavier to lift. Dexterity, Intelligence, most of the usual stats in a game are easy to figure there’s no real upper limit. Comeliness, though… there is a limit to how attractive someone can be, IMO. Like, imagine the most attractive person you can. Cindy Crawford in her prime, or Jenna Ortega or Pamela Anderson or Kate Beckinsale in the Underworld movies or Hugh Jackman or Benedict Cumberbatch or Benedict Wong or whatever you’re into. (As an aside, the Marvel movies had a lot of guys name Chris leading their casts, but how weird was it that Dr. Strange had two actors named Benedict?)
Anyway, so imagine the most attractive person you can. Now imagine someone just a little more attractive than them. Some of us can do it, probably in the form of “Monica Bellucci, but with Grace Kelly’s nose” or whatever. But here’s the thing. Imagine someone ten times more attractive than them. It’s not possible. There’s such a thing as too much symmetry, or too few blemishes, or the shape of their eyes can only be so… just right. There’s a point where someone will enter an uncanny valley of doll-like perfection and artificiality, because human brains know that other humans do have stuff like skin texture. The only way I think Comeliness can function as a ceiling-less stat is if the person in question starts to emit a mind-control aura, or pheromones, or their mere presence warps reality in minor ways.
Also, you have to figure that someone with a 4-times-the-human-limit Comeliness stat must be teetering on the edge of ruin at all times. If being that attractive requires an absolutely perfect balance of facial structure, symmetry, and every other feature, then one stray freckle or a tiny cut could blow the whole system out of balance, and they’d lose like 20 points of Comeliness in an instant.
Please enjoy the increasingly stale vote incentive.
This month, I’m closing on a new house, selling my Mom’s house, finishing packing Mom’s house, moving city to city to the new house, forwarding mail, canceling utilities, all that. And after that’s done, I get to start the process of selling my old house, which needs a little work before it can realistically go on the market.
SO. I’m going to try and do this vote incentive in stages. Currently it’s just pencils. The TopWebcomics one will update with colors and detail until we get to the no clothes versions, then that will continue over at Patreon. Also there will be a comic or two in between each version to fill out the story.
I know it’s hard to tell from just the pencils, but this is Heatwave and Jiggawatt. The comics will explain why they’re doing what they’re doing. Although I feel like even saying that much makes it easy to guess, but hopefully the journey will still amuse.
Double res version will be posted over at Patreon. Feel free to contribute as much as you like.
Not a lack of power, but feeling as though we have none. Some people have been indoctrinated to prefer a life with no agency, as it also brings no responsibility. At the other extreme, some folks have decided that they have more power than they actually do.
Video games offer people a chance to experience virtual power–an opportunity to feel a lack of powerlessness. Click the mouse, something happens–power is in your grasp. By giving players agency, the games allow users to feel something they might be avoiding in real life.
Everyone is on a spectrum. No one has absolute power, and no one is powerless. But our expectation and experience of power is always a choice.
Choosing the attitude of powerlessness is self-defeating as well as self-negating. The fact that the attitude can be chosen is in itself a form of power. We can find control over our attitude and our actions, gaining priceless power as we do.
No one can change everything, but everyone can change something. If you choose to live a life with impact, it’s in your control to do so.
"Christian nationalists" imposing religion on the US [Richard Stallman's Political Notes]
The wrecker is trying to help plutocratist "Christian nationalists" impose their extreme religion on the United States — and to lead them to be more plutocratist.
Lies and coercion used to arrest Aditya Wahyu Harsono [Richard Stallman's Political Notes]
Deportation thugs lied to Aditya Wahyu Harsono, saying they had revoked his permanent visa weeks before so he was "late" in leaving the US, then pressured his coworkers to fake a work meeting so they could surprise and arrest him.
Those coworkers may be ashamed of this for the rest of their lives. Worse, they may teach themselves to believe the bully's lies so as to convince themselves that what they did was right.
Or they may instead join the resistance to make up for the harm they did.
Effects of wrecker bullying China [Richard Stallman's Political Notes]
With the wrecker bullying various countries to demand that they punish China, China is now threatening those countries with similar bullying if they do what the wrecker demands.
Urgent: D.C. U.S. Attorney nominee [Richard Stallman's Political Notes]
US citizens: Call on the Senate to reject Ed Martinâ as U.S. Attorney for the District of Columbia. His praise for a notorious January 6 rioter should disqualify him from any position in the government; in this position, he will leave Congress exposed to physical violence.
Supreme contempt of court [Richard Stallman's Political Notes]
*[Senator] Amy Klobuchar calls on supreme court to hold Trump officials in contempt.*
I hesitated to call for that particular action because I was not sure it was tactically wise. It might just play into the wrecker's hand. But if a senator thinks that we have come to this, I suppose it is so.
[$] LWN.net Weekly Edition for April 24, 2025 [LWN.net]
Inside this week's LWN.net Weekly Edition:
The runner of life and freedom [Scripting News]
Start with the dark imagery of the Ridley Scott commercial for Apple in 1984. A woman athlete is running toward a screen carrying a big hammer, getting ready to hurl it at a huge screen with Big Brother's head, lecturing a huge hall filled with lifeless people listening. He has dead eyes. The runner represents life and freedom. The overall image is dreary and lifeless but she is a bright light of hope for the future. Inspire me with this image. I want to be inspired.
View From a Hotel Window, 4/23/25: Los Angeles [Whatever]
Inspiring, is it not.
Once again I’m here for the Los Angeles Times Festival of Books, and also to have meetings about projects and stuff. I do intend to go places with slightly better views.
— JS
How a 20 year old bug in GTA San Andreas surfaced in Windows 11 24H2 [OSnews]
The headline sets the stage, and the article delivers.
This was the most interesting bug I’ve encountered for a while. I initially had a hard time believing that a bug like this would directly tie to a specific OS release, but I was proven completely wrong. At the end of the day, it was a simple bug in San Andreas and this function should have never worked right, and yet, at least on PC it hid itself for two decades.
This is an interesting lesson in compatibility: even changes to the stack layout of the internal implementations can have compatibility implications if an application is bugged and unintentionally relies on a specific behavior. This is also not the first time I encountered issues like this: regular visitors might remember Bully: Scholarship Edition which famously broke on Windows 10, for very similar reasons. Just like in this case, Bully should have never worked properly to begin with, but instead, it got away with making incorrect assumptions for years, before changes in Windows 10 finally made it run out of luck.
↫ Adrian Zdanowicz
Incredible story.
Forever Friends [The Stranger]
Do you need to get something off your chest? Submit an I, Anonymous and we'll illustrate it! by Anonymous
This is a love letter to my friends:
To the ones who always will revel in my joy.
The ones who offer their shoulders when I cry.
The ones who say I don't care it's Thursday, come over and have dinner with us.
The ones who are silent but I know are still there.
The ones who send me pictures of things that reminded them of me.
The ones I didn't even realize cared about me.
The ones who let me vent and bitch and moan over the same problems.
The ones who have made me who I am.
Everything will turn out okay as long as I have my friends. I love you all.
Do you need to get something off your chest? Submit an I, Anonymous and we'll illustrate it! Send your unsigned rant, love letter, confession, or accusation to ianonymous@thestranger.com. Please remember to change the names of the innocent and the guilty.
Yesterday I wrote a piece that
summed up Twitter as an entrepreneurial project. "It would have
been better if the founders had made less money, and opened the
door for lots of competition right from the start. That's the
philosophy of the web. Instead they captured the web, amputated all
its good features, and locked it in the trunk and then cut off its
air supply. That was inevitable given the path they went down. Yes
they changed the world, and in turn are creating a lot of misery."
If anyone writes the history of tech in Silicon Valley in the early
part of the 21st century, I hope they focus on the damage done, not
just the money made. Don't glorify the fortune, it's our freedom
that's paid for it. And the amazing thing people will discover if
they look closely is that the open technology cost very little to
develop, so you don't need the backing of VCs to create open
systems, you just have to be right at the right time and have the
ability, focus and ambition to create enough base
technology to bootstrap the idea.
My programmer friend [Scripting News]
Good morning from Oaxaca in Mexico. We are here with my sad and depressed programmer friend, back from his European tour of glee club train compartments, receptions and cheese races with Europeans named Gouda, happy and carefree while my programmer friend, pictured here, thinks about returning to the good old United Snakes of Americans. As he sits on the beach, admiring the sunrise over the Pacific Ocean, he considers taking a job at a local Burger King. He enjoys their hamburgers even if he is not enjoying life at the moment. His eyes are tearing up as he remembers the tragedy that befell him and others in the Great Gouda Race of Luxembourg.
I was delighted to see Indiana Jones and The Great Circle hit Playstation for a few reasons - one, it should always have been a Playstation game. This was a weird one to hold back. Two, the time I've spent with Dabe playing it is some of the most fun I've had this year so far. It's just incredibly thoughtful and has an ongoing franchise play written all over it. Three, I suspected that the PS release might put it on Gabe's radar finally. Which it did! What did he think of it? Let's go to the tape.
Seattle’s Big Pride Events Are Underfunded This Year, Just Like Everywhere Else [The Stranger]
Seattle PrideFest, which throws the event on Capitol Hill and another at the end of the parade in Seattle Center, lost $75,000, a third of its sponsorship funding. Today, it launched a GoFundMe to cover the loss. The organization that throws the parade, Seattle Pride, expects to come up $350,000 short of its $1.5 million budget this year. by Vivian McCall
Corporate sponsors are dropping off pride parades like flies this year.
After 30 years of boozy support for its hometown pride, brewer Anheuser-Busch left a bigger hole in the St. Louis Pride Parade budget than a runaway Coors Light Party Train. Then it linked arms with Comcast and Diageo to pull the rug out from under San Francisco Pride. The name Diageo may not ring a bell, but it’s basically a parent company for cocktails. Diageo owns Smirnoff, Captain Morgan, Baileys and Guinness (new motto: Kiss me, I’m Irish. Unless you’re gay, yuck).
The situation isn’t too different in Seattle: Both of our major pride organizations are struggling this year.
Seattle PrideFest, which throws the event on Capitol Hill and another at the end of the parade in Seattle Center, lost $75,000, a third of its sponsorship funding. Today, it launched a GoFundMe to cover the loss.
PrideFest Executive Director Egan Orion says it’s a one two punch of a major funder going through bankruptcy and companies “either pulling back on DEI efforts or using the political environment as an excuse to cut funding to Pride events and other diversity outreach.”
The organization that throws the parade, Seattle Pride, expects to come up $350,000 short of its $1.5 million budget this year. Like PrideFest, Seattle Pride is also seeking donations. Executive Director Patti Hearn says no company has outright dropped Seattle Pride, but they have been slower to commit than usual. By April, Hearn says the nonprofit usually knows better what they’ll have to spend. The deadline for companies to sponsor pride is May 11. (Full disclosure: The Stranger is one of Seattle Pride’s media sponsors this year.)
Corporate foot dragging is part of the problem, but Seattle Pride has done its fair share of dumping, too. It started vetting sponsors more carefully this year, looking not just at workplace policies but political donations, lobbying, labor, supply chain ethics, contracts with Immigration and Customs Enforcement (ICE), connections to private prisons, and military ties. For that last reason, Seattle Pride didn’t bother with Boeing this year, but it’s not operating on a one strike policy. Any flag raised during the vetting process prompts a conversation, either with employees or the companies themselves.
Not that Seattle Pride is in boardrooms with the bigwigs. When companies sponsor a pride event, the details are worked out by the check-cutting department or the queer employee resource group. People who are not calling the shots about a company’s image or “culture,” but are trying to work something out in the meantime. Seattle Pride told some companies that they could make a donation without putting their logo on anything.
“We’re talking to them about what their values are and what makes sense for them to show up,” Hearn says. “We hope they can push that they have some agency in their large companies.”
We compared Seattle Pride’s sponsors this year to lists from 2023 and 2024 and noticed a few missing names. We checked up on their plans.
Amazon, whose affinity group for LGBTQ employees (Glamazon), sponsored Seattle Pride in 2024 said it would get back to us and didn’t. REI sent a long statement that its approach to Pride Month is “grounded in our broader commitment to supporting LGBTQ+ communities everywhere we operate, all year long.” REI said it moved away from sponsoring prides in 2019, when it was a gold-level sponsor for Seattle Pride. But last year, the company’s LGBTQ employee resource group was a lower-level supporter.
GoDaddy says it is still in the planning process. Google says it hasn’t made a decision on sponsoring pride. TMobile says it’s still finalizing its plans and wouldn’t confirm if it intended to sponsor Seattle Pride.
Target didn’t respond to a request for comment. Neither did Assurant, the video game company Bungie, healthcare company Optum, Mastercard, Charles Schwab, KeyBank, Molina Healthcare, and PACCAR.
Not every company is shying away from Pride. Alaska Airlines is this year’s presenting sponsor. Starbucks is sponsoring Seattle Pride, “as it has for many years.” So is Fred Meyer and QFC, The Pokémon Company, University of Washington Medicine, Brooks, Symetra, Umpqua Bank, BECU, Nordstrom, Puget Sound Energy, Salesforce, Greystar, Overlake Hospital, Philips, Kaiser Permanente Washington, and Delta Dental of Washington which said it remains “committed (if not more than ever) to our DEI efforts internally and externally.” Seattle Children’s, which has paused surgeries for transgender people under 19 and won’t explain why, is also sponsoring Pride this year. (Smirnoff, whose parent company Diageo pulled out of San Francisco Pride, is sponsoring PrideFest. We asked about that apparent contradiction, but the company wouldn’t answer questions on the record).
We asked Los Angeles’s and New York City’s Prides if they’re seeing a similar trend. NYC Pride answered with a positive spin. Two-thirds of its sponsors had doubled down in support of the community. It was still talking to the last third, some of whom were “delaying decision-making.” Overall, it expected to be out $350,000 this year and encouraged the community to donate and volunteer.
How big a loss is this really? Plenty in LGBT community do not give a care for corporate-sponsored prides simply because they can be kind of lame (as former Stranger writer Matt Baume wrote about) and disingenuous. Airline floats and rainbow corporate koozies from some insurance company don’t exactly move me to tears, either.
There’s a good argument to look back to the old days when pride was a protest. It’s the one that Dyke Marches make every year in cities across the country (the Seattle Dyke Alliance could not be reached for comment). Trans Pride in Seattle doesn’t work with corporations or the Seattle Police Department. It’s proud to subsist on small donations, grants and community support, says Danni Askini, executive director of Gender Justice League, which organizes Trans Pride. Askini says GJL’s heart goes out to Seattle Pride.
“As trans people we sadly know all too well what it is like to have such fair weather friends as these corporations,” she wrote in an email. “Cowardly corporations can never cancel our shared pride.”
And they are cowardly. Corporate America goes where (it thinks) the money is. By the 2010s, most Fortune 500 companies decided gay was good. Big business adopted anti-discrimination policies. It threw its monied heft behind marriage equality. America’s CEOs had not had a sudden change of heart. America had a change of culture and they’d noticed. It made good business sense to glide along with the culture. Now that (they think) they’re seeing another shift, they’ve made another cold calculation. Even before that public shift, companies regularly talked out both sides of their mouths, professing a commitment to equality while bankrolling anti-gay, Trumpy Republicans aligned with their business interests. (As Baume also noted, Seattle Pride took money from corporations like that). Spineless or not, it’s obviously bad that companies are changing their tune over fear of retribution and a perception that American culture is turning against queer people.
Seattle Pride’s Hearn understands where the eye rolling is coming from. The first corporate logos she saw at a pride in the early 2000s were off-putting. But she’s learned sponsorships keep big events accessible. Over the phone, she ticked off the baseline costs for the parade and Pride in the Park: Tents and toilets—$145,000. Staffing, talent, ASL interpreters and ADA-accessible seating—$70,000. Security and radios—$50,000. City permits and insurance—$40,000. It’s not cheap.
Drag Queen Betty Wetter, emcee of Pride in the Park and host of the popular drag show Tush at Clock Out Lounge, is done with private corporate events. Even if it is a good way to make money in June, her career is stable enough that she can pick and choose what feels genuine. The way she sees it, the way the world is changing for queer people, there’s no use carrying on as normal.
“We have to let go of the idea that life is going to continue,” she says.
The community likes to joke that on July 1, corporations drop queer people like a fruit basket. Wetter says the reality of that joke hasn’t sunk in for everyone, that queer people have come to believe they need these companies.
In Wetter’s perfect gay world, unsanctioned in-your-face protest would take over. Pride in Seattle would be more like the first. But she knows people expect joy from her at Pride; she’s going to give the people what they want—or need. In the months since President Donald Trump has been back in office, her DM’s have been an outpouring of thanks after every show. They tell her Tush was the one night a month they felt happy, that her performances keep them going.
“I think joy is necessary,” she says. “Definitely throughout the day, I will be speaking my mind. Talking about how I feel [and] giving any opposition that Pride will allow.”
DOGE Worker’s Code Supports NLRB Whistleblower [Krebs on Security]
A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk’s Department of Government Efficiency (DOGE) siphoned gigabytes of data from the agency’s sensitive case files in early March. The whistleblower said accounts created for DOGE at the NLRB downloaded three code repositories from GitHub. Further investigation into one of those code bundles shows it is remarkably similar to a program published in January 2025 by Marko Elez, a 25-year-old DOGE employee who has worked at a number of Musk’s companies.
According to a whistleblower complaint filed last week by Daniel J. Berulis, a 38-year-old security architect at the NLRB, officials from DOGE met with NLRB leaders on March 3 and demanded the creation of several all-powerful “tenant admin” accounts that were to be exempted from network logging activity that would otherwise keep a detailed record of all actions taken by those accounts.
Berulis said the new DOGE accounts had unrestricted permission to read, copy, and alter information contained in NLRB databases. The new accounts also could restrict log visibility, delay retention, route logs elsewhere, or even remove them entirely — top-tier user privileges that neither Berulis nor his boss possessed.
Berulis said he discovered one of the DOGE accounts had downloaded three external code libraries from GitHub that neither NLRB nor its contractors ever used. A “readme” file in one of the code bundles explained it was created to rotate connections through a large pool of cloud Internet addresses that serve “as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.” Brute force attacks involve automated login attempts that try many credential combinations in rapid sequence.
A search on that description in Google brings up a code repository at GitHub for a user with the account name “Ge0rg3” who published a program roughly four years ago called “requests-ip-rotator,” described as a library that will allow the user “to bypass IP-based rate-limits for sites and services.”
The README file from the GitHub user Ge0rg3’s page for requests-ip-rotator includes the exact wording of a program the whistleblower said was downloaded by one of the DOGE users. Marko Elez created an offshoot of this program in January 2025.
“A Python library to utilize AWS API Gateway’s large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing,” the description reads.
Ge0rg3’s code is “open source,” in that anyone can copy it and reuse it non-commercially. As it happens, there is a newer version of this project that was derived or “forked” from Ge0rg3’s code — called “async-ip-rotator” — and it was committed to GitHub in January 2025 by DOGE captain Marko Elez.
The whistleblower stated that one of the GitHub files downloaded by the DOGE employees who transferred sensitive files from an NLRB case database was an archive whose README file read: “Python library to utilize AWS API Gateway’s large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.” Elez’s code pictured here was forked in January 2025 from a code library that shares the same description.
A key DOGE staff member who gained access to the Treasury Department’s central payments system, Elez has worked for a number of Musk companies, including X, SpaceX, and xAI. Elez was among the first DOGE employees to face public scrutiny, after The Wall Street Journal linked him to social media posts that advocated racism and eugenics.
Elez resigned after that brief scandal, but was rehired after President Donald Trump and Vice President JD Vance expressed support for him. Politico reports Elez is now a Labor Department aide detailed to multiple agencies, including the Department of Health and Human Services.
“During Elez’s initial stint at Treasury, he violated the agency’s information security policies by sending a spreadsheet containing names and payments information to officials at the General Services Administration,” Politico wrote, citing court filings.
KrebsOnSecurity sought comment from both the NLRB and DOGE, and will update this story if either responds.
The NLRB has been effectively hobbled since President Trump fired three board members, leaving the agency without the quorum it needs to function. Both Amazon and Musk’s SpaceX have been suing the NLRB over complaints the agency filed in disputes about workers’ rights and union organizing, arguing that the NLRB’s very existence is unconstitutional. On March 5, a U.S. appeals court unanimously rejected Musk’s claim that the NLRB’s structure somehow violates the Constitution.
Berulis’s complaint alleges the DOGE accounts at NLRB downloaded more than 10 gigabytes of data from the agency’s case files, a database that includes reams of sensitive records including information about employees who want to form unions and proprietary business documents. Berulis said he went public after higher-ups at the agency told him not to report the matter to the US-CERT, as they’d previously agreed.
Berulis told KrebsOnSecurity he worried the unauthorized data transfer by DOGE could unfairly advantage defendants in a number of ongoing labor disputes before the agency.
“If any company got the case data that would be an unfair advantage,” Berulis said. “They could identify and fire employees and union organizers without saying why.”
Marko Elez, in a photo from a social media profile.
Berulis said the other two GitHub archives that DOGE employees downloaded to NLRB systems included Integuru, a software framework designed to reverse engineer application programming interfaces (APIs) that websites use to fetch data; and a “headless” browser called Browserless, which is made for automating web-based tasks that require a pool of browsers, such as web scraping and automated testing.
On February 6, someone posted a lengthy and detailed critique of Elez’s code on the GitHub “issues” page for async-ip-rotator, calling it “insecure, unscalable and a fundamental engineering failure.”
“If this were a side project, it would just be bad code,” the reviewer wrote. “But if this is representative of how you build production systems, then there are much larger concerns. This implementation is fundamentally broken, and if anything similar to this is deployed in an environment handling sensitive data, it should be audited immediately.”
Further reading: Berulis’s complaint (PDF).
Update 7:06 p.m. ET: Elez’s code repo was deleted after this story was published. An archived version of it is here.
The wonderful world of Linux package managers [OSnews]
One of the strong points of Linux has always been how solid the experience of installing and managing software is. Contrarily to what happens in the Windows and macOS world, software on Linux is obtained through something called a package manager, a piece of software that manages any piece of software the user installs, as well as its dependencies, automatically.
↫ Luca Bramè at Libre.News
It truly is. I can’t imagine using any operating system that relies (almost) exclusively on me going out to individual websites to download random installers or disk images, all with their own unique update mechanisms I need to keep track of, that eat up resources and interrupt my workflow. The combination of Fedora’s repository’s with the odd Copr or Flatpak package – all managed transparently through KDE’s Discover – is effectively perfect. I never have to manually install anything, nor do I ever have to rely on tarballs like back in the dark ages.
Dealing with a Windows or macOS machine is a nightmare compared to this. Managing applications on those operating systems feels hopelessly archaic and outdated, and I have no idea how users tolerate that kind of nonsense. They’ve got a dozen or more updaters running in the background, cluttering up the system tray and eating resources, or whenever they open an application they get an annoying popup interrupting their work to ask them to update. It’s barbaric and user-hostile, and nobody should be dealing with that in 2025.
It’s also highly unlikely things will ever improve for Windows or macOS users, since any attempt to bolt a package manager into them invariably fails. The official Windows and macOS application stores have been abject failures in more ways than one, and tools like winget are just glorified download managers that run regular installers in silent mode – incredibly crude and only really good for batch-downloading some installers.
The Linux world is far from perfect, but they nailed application management early on, and the competition has basically sat still ever since.
Stranger Suggests: The Princess of Padam Padam Pop, a Full Day for Book Nerds, and a ’70s Jazz Titan [The Stranger]
One really great thing to do every day of the week. by Audrey Vann WEDNESDAY 4/23
Kelly Goto with Lori Matsukawa and Seattle Kokon Taiko
(BOOKS/MUSIC) Once upon a time, Seattle had a homegrown comic chronicling Japanese American life with a little bit of samurai swagger. From 2012 to 2018, artist Sam Goto drew Seattle Tomodachi (“friend of Seattle”) for the North American Post, capturing stories of immigration, incarceration, and resilience with heart and idiosyncratic humor. His daughter, "global lecturer" and author Kelly Goto, revives his legacy in Seattle Samurai: A Cartoonist’s Perspective of the Japanese American Experience, blending cartoons, family memories, and big feels. Catch her in convo with Emmy award-winning broadcast journalist and local legend Lori Matsukawa, plus a badass drumming session by Seattle Kokon Taiko. (Town Hall, 7:30 pm, all ages) LINDSAY COSTELLO
THURSDAY 4/24Book Signing: Mamrie Hart, All I Think About Is Food
(FOOD & DRINK/BOOKS) With her popular YouTube channel, You Deserve a Drink, New York Times bestselling author, comedian, and podcast host Mamrie Hart was a part of the wave of circa 2011 YouTubers that included personalities like Grace Helbig, Tyler Oakley, and Hannah Hart of My Drunk Kitchen. Her chaotic cocktail-making videos combined her bartending job with her flair for the dramatic (not to mention a penchant for puns, sexual innuendo, and pop culture references), and each comes with its own built-in drinking game. Over a decade after the inception of You Deserve a Drink, Hart is back with her third book, All I Think About is Food: A Vegetarian Cookbook That'll Keep the Party Going, a compendium of fun, retro-inspired vegetarian party bites ranging from artichokes Rockefeller to pink pickled eggs. And of course, there are plenty of show-stopping cocktails, like saffron 75s and flaming cherries jubilee martinis. (Book Larder, 6 pm, all ages) JULIANNE BELL
FRIDAY 4/25(MUSIC) If you haven't heard about the cultural phenomenon that is Kylie Minogue's "Padam Padam," then I suggest that you catch up on your herstory STAT. During the summer of 2023, the song took the queer community by storm, echoing through Pride parades, clubs, and Sephoras around the globe. The sleeper hit came nearly four decades into her career, evidence of Minogue's superstardom and staying power. The Princess of Pop will return to Seattle for the first time since 2002 to support her two-part album Tension. I am crossing my fingers that she'll also sing some older tracks from her early-aughts nu-disco staple Fever and '80s bubblegum pop debut, Kylie. Oh yeah, and British pop phenom Rita Ora is opening—no big deal! (Climate Pledge Arena, 7:30 pm, all ages) AUDREY VANN
SATURDAY 4/26View this post on Instagram
(BOOKS) Seattle’s Independent Bookstore Day is more like Seattle’s Independent Bookstore 10 Days, because once again, local lit retailers have banded together to present the Passport Challenge. It’s an invitation for bibliophiles to visit as many participating bookshops as they can between April 26 and May 5 and gather stamps from each location. If you fill your passport with all 29 participating shops, you earn a one-time 25-percent discount to use at every store, valid for a full year. Participants include Charlie’s Queer Books, Elliott Bay Book Company, Fantagraphics, Left Bank, Ada’s Technical Books, Secret Garden Bookshop, Book Larder, Paper Boat Booksellers, Queen Anne Book Company, and literally 20 others. Find the full details—and a helpful map!—at seattlebookstoreday.com. (Various locations) MEGAN SELING
SUNDAY 4/27(COMEDY) Although Showtime tragically canceled her pink-hued, confrontation-as-comedy show in 2023 after a mere two seasons, Ziwe Fumudoh's button-pressing 2022 interview with Chet Hanks is still the stuff of legend. The snazzy satirist and queen of discomfort has a gift for finding "iconic guests" (Fran Lebowitz, Gloria Steinem, Stacey Abrams) and bringing out cringe-inducing behavior in privileged people (Andrew Yang, Hannibal Buress, Adam Pally, Caroline Calloway). She tends to do it all in Cher Horowitz-chic outfits. What's not to love (or be mildly nervous about)? She'll drop by Seattle to remind us that Earth is in its flop era. (Neptune Theatre, 7:30 pm, all ages) LINDSAY COSTELLO
MONDAY 4/28(MUSIC) If you're waiting around for Solange to release a follow-up to 2019's When I Get Home, resist the urge to send her passive-aggressive Instagram comments that she will never see and instead find yourself some artists with a similar sound and ethos—Alabama-born singer, songwriter, and rapper Mereba is just that. Like Solange, her sound pulls inspiration from neo-soul, jazz, reggae, poetry, and electronic music for profoundly reflective ethereal songs (listen to her track "White Doves" to see what I mean). Don't miss her on tour supporting her latest album, The Breeze Grew A Fire. (The Showbox, 8 pm, all ages) AUDREY VANN
TUESDAY 4/29(MUSIC) Look, I hate to be the one to say it, but there will come a day when we will no longer have opportunities to see the jazz titans of the '60s and '70s perform live. So take a moment to appreciate that we exist during a time when you can see legends like Gary Bartz play his alto saxophone for less than $40. Bartz is widely known for his collaborations with household names like Charles Mingus, Max Roach, Art Blakey, and Miles Davis. He is also a trailblazer in preserving and honoring the legacy of Black American music, bringing together Afrocentric themes and avant-garde music on his 1971 album Harlem Bush Music. Don't miss Bartz as he supports his upcoming not-yet-named solo album, produced by Om’Mas Keith (Frank Ocean, Erykah Badu, John Legend). (Jazz Alley, April 29–30, 7:30 pm, all ages) AUDREY VANN
Win tickets to rad upcoming events!*
Mereba
April 28, Showbox (Market)
Contest ends April 25 at 3 pm
*Entering PRIZE FIGHT contests by submitting your email address signs you up to receive the Stranger Suggests newsletter. You can unsubscribe at any time.
Dirk Eddelbuettel: qlcal 0.0.15 on CRAN: Calendar Updates [Planet Debian]
The fifteenth release of the qlcal package arrivied at CRAN today, following the QuantLib 1.38 release this morning.
qlcal delivers the calendaring parts of QuantLib. It is provided (for the R package) as a set of included files, so the package is self-contained and does not depend on an external QuantLib library (which can be demanding to build). qlcal covers over sixty country / market calendars and can compute holiday lists, its complement (i.e. business day lists) and much more. Examples are in the README at the repository, the package page, and course at the CRAN package page.
This releases synchronizes qlcal with the QuantLib release 1.38.
Changes in version 0.0.15 (2025-04-23)
Synchronized with QuantLib 1.38 released today
Calendar updates for China, Hongkong, Thailand
Minor continuous integration update
Courtesy of my CRANberries, there is a diffstat report for this release. See the project page and package documentation for more details, and more examples.
This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. If you like this or other open-source work I do, you can sponsor me at GitHub.
Slog AM: The Wealth Tax Makes a Comeback, Early Election Results Are in, and RFK Is Still Evil [The Stranger]
Seattle's only News Roundup by Hannah Murphy Winter
Good Morning! It keeps being shiny outside. It’ll be a little warmer today than yesterday, squarely in the mid-60s. It’s supposed to be this beautiful all week, but spring is fickle, and she can take it away at any moment. Enjoy it while you can.
Alright, let’s dive into the news.
The Wealth Tax Makes a Comeback: But just a little one, as a treat. The state legislature has until Sunday to come up with a budget that balances our multi-billion dollar shortfall without giving Governor Ferguson the scaries. Ferg has refused to sign a budget that has a full and proper wealth tax, but he’s said he’s willing to do a “test,” and Dems are taking him up on it: a $100 million tax (rather than $4 billion) to see if it can hold up to a legal challenge. It’s not the wealth tax we deserve, but it’d be a start. There’s already a $1.5 million campaign from T-Mobile, Costco, Alaska Airlines, and Microsoft to fight new progressive tax structures, so it’s not unreasonable to think a challenge is coming. But this is a chance to prove that it can hold up.
RFK Won’t Say Gay: Speaking of budgets, this is one I’d like to personally kick in the dick. According to a leaked HHS budget draft, the department plans to get rid of services for LGBTQ youth who call 988, the national suicide and crisis hotline. LGBTQ youth are four times more likely to attempt suicide, and right now, the hotline has counselors who are trained to work with queer kids: understanding the stress caused by recent political attacks, the importance of using appropriate pronouns, and the ways in which the youth often face lack of family support and harassment. The queer youth-specific counselors have received 1.3 million calls, texts, or chats since the program launched in 2022, and in February, they received an average of 2,100 contacts per day. The budget isn’t a sure thing: the change would have to be approved by Congress, but if it were, it’d go into effect in October. Remember when the Trump administration said it wanted more babies? Let this be a reminder that they only want to fill America with cis, straight, white babies.
Yesterday was Special Election night, and the (early) results are in. The King County AFIS levy, which renewed funding for our regional fingerprint and palmprint database, has about 60 percent of the vote this morning and looks like it’s going to pass. Why are we worried? There aren’t enough guardrails to keep that information from getting to the Feds—and specifically to immigration enforcement.
Get Your Hand Shaven Noodles While You Can: Shanghai Garden announced that it’s closing at the end of the month. The family-run spot has been in the CID since 1990, and their hand-shaven barleygreen noodles have been a staple comfort food for generations of Seattleites. (The chew! How do they get that chew??) According to Bethany Jean Clement at the Seattle Times, they’re telling a familiar story: prices are up, and business never really recovered after the pandemic. Go show them some love before they close.
Buckling Bridge: Put those on the list of words I never want to hear together. According to SDOT, the Carbon River Bridge is “permanently closed” to all traffic—cutting off Highway 165 to the northwest of Mount Rainier National Park—because its 103-year-old support beams are buckling. If you’re annoyed that getting to Rainier will be tougher this season, I get it. But take a look at these photos of the beams. That is not how you want to die.
BREAKING NEWS: Oreo has announced its newest flavor, and honestly, we’re intrigued.
View this post on Instagram
An Earth Day Surprise: The day before Earth Day, the EPA informed more than 450 employees working on environmental justice and DEI that they will either be fired or reassigned. “This is the first step in a broader effort to ensure that EPA is best positioned to meet its core mission of protecting human health and the environment and Powering the Great American Comeback,” the agency wrote. “It’s a gut punch but long expected,” one employee told the Washington Post. “Announcing a [reduction in force] of the EJ program on the eve of Earth Day is sick and shows exactly who they are.”
Meanwhile, a research team from Dartmouth College estimated that the world’s biggest corporations have caused $28 trillion in climate damage, which, for comparison, is a smidge less than the value of all goods and services that the US produced last year. Unsurprisingly, more than half that figure comes from 10 fossil fuel companies: Saudi Aramco, Gazprom, Chevron, ExxonMobil, BP, Shell, National Iranian Oil Co., Pemex, Coal India, and the British Coal Corporation. The study could make it easier to hold these companies accountable for their actions, like the tobacco companies have been. Let’s start revving up those lawsuits.
Witch Hunt: Remember how creepy the White House was on Easter? With the laying-on hands and the giant Easter Bunny? Trump’s still leaning in on the Devout Christian Performance. The VA has now directed employees to report any incidents that they perceive as “hostile to Christian views.” The move is aimed at aligning with the Trump administration's executive order to "end the anti-Christian weaponization of government," according to an internal email. They even made a very special email address for it: Anti-ChristianBiasReporting@va.gov. Obviously, any personal religious practice is already protected by the First Amendment. This is just making sure we all know which religion they care about.
Durbin Stepping Down: Illinois Senator Dick Durbin announced that he wouldn’t be running for a fifth term next year, putting more pressure on the party to get its act together when it was already looking like a difficult path to reclaiming a majority. “I truly love the job of being a United States senator,” said the 80-year-old. “But in my heart I know it’s time to pass the torch.” It’s time for some new blood!
Wildfire in New Jersey: So far, more than 18 square miles have burned in the Jersey Pine Barrens, and it’s expected to burn for days before it’s contained.The AP reports that wildfires are actually common in the area (we see you, East Coast). Importantly, the fire is near an alpaca farm, and the owners report that all of the animals are safe.
As a Wednesday Treat: Lorde announced that she would be performing a surprise show in NYC’s Washington Square Park at 7pm, and people showed the fuck up. Because we all need this. So here’s some of the show.
[$] Addressing UID/GID drift in rpm-ostree and bootc [LWN.net]
The Fedora Project is looking for solutions to an interesting problem with its image-based editions and spins, such as the Atomic Desktops or CoreOS, that are created with rpm-ostree or bootc. If a package that is part of a image-based version has a user or group created dynamically on installation, and it owns files installed on the system, the system may be subject to user ID (UID) and group ID (GID) "drift" on updates. This "UID/GID drift" may come about when a new image with updates is generated, and therefore files may have the wrong ownership. This can have side-effects ranging from mildly inconvenient to serious. No solutions have been adopted just yet, but there are a few ideas on how to deal with the problem.
NLnet announces funding for 42 FOSS projects [LWN.net]
The NLnet Foundation has announced the projects that have received funding from its October call for grant proposals from the Next Generation Internet (NGI) Zero Commons Fund.
The selected projects all contribute, one way or another, to the mission of the Commons Fund: reclaiming the public nature of the internet. For example, there are people working on interesting open hardware projects such as the tablet MNT Reform Touch and the Solar FemtoTX motherboard — a collaborative effort to create an ultra-low power motherboard that can run on solar power. LLM2FPGA aims to enable running open source LLMs locally on programmable chips ("FPGAs") using a fully open-source toolchain. bcachefs readies itself as the next generation filesystem for Linux, improving performance, scalability and reliability when compared to legacy filesystems.
In all, 42 projects have been selected for the NGI grants which are between €5,000 and €50,000. See the announcement for the full list of selected projects, and the current projects page for other recent projects funded by NLnet.
The Big Idea: Mike Allen [Whatever]
Music. magic. and undead creatures; The Black Fire Concerto has really got it all. Read on to see how metal music paved the way for author Mike Allen’s newest novel.
MIKE ALLEN:
Whatever could have possessed me to write The Black Fire Concerto, a post-apocalyptic secondary world body horror novel in which a pair of heroines who cast spells through their music face off against hordes of undead monstrosities?
My heroines, warrior-sorceress Olyssa and her teenage apprentice Erzelle, draw inspiration from the likes of Fafhrd and the Gray Mouser, Elric and Moonglum, Roland the Gunslinger and his sidekicks, and more. They are musicians traveling through a world overrun with ghouls.
Many scenes from the book, if a painter chose to illustrate them, could serve as death metal album covers. (Hint, hint, to any horror-loving artists out there.)
I’m not a musician, but music with a dash of darkness has been central to my life since my middle school explorations of my parents’ collection of symphonies by classical composers. Much of it did little for me — I tend to find soft, gentle music boring and irritating rather than relaxing. But some conveyed power, momentum, menace, like Grieg’s “In the Hall of the Mountain King” from the “Peer Gynt” suite. I especially fell head over heels for Stravinsky’s “The Rite of Spring” — I loved its energy and its rebellious atonality (the very qualities that caused the audience to riot at its 1913 premiere.)
At my mother’s insistence I sang in church choirs until I grew old enough to be allowed to say no. At about the same time I stopped going to choir practice I discovered that —somewhat to my parents’ dismay — the qualities of classical music that energized me could be mainlined in concentrate from heavy metal. The point of no return arrived when I used my dishwashing allowance to purchase Defenders of the Faith by Judas Priest, an album packed with science fiction, fantasy, and horror imagery, paced at an adrenalized frenzy.
Beyond just listening, all those years in choir proved to have a startling side effect: I had the lung power of a lion and could produce ear-shattering screams at will, leading to some delightful years as a garage- (or really, basement-) band singer, and hours and hours spent writing and recording songs with friends who were (and still are) excellent musicians. A special shout out here to my lifelong brothers-in-the-arts Mike Berkeley and John Morris. Our band was called She’s Dead, a phrase lifted from one of the stories in Clive Barker’s Books of Blood.
Now, I’ve been a huge horror fan for decades, but that wasn’t always so. As a child, I wanted nothing to do with horror tales or movies. A third grade reading of Edgar Allan Poe’s “The Tell-Tale Heart” traumatized me for years.
Yet hanging out with those same musician friends as a teen led to my first horror movies seen in theaters, and the discovery of a lifelong love of over the top, beyond the pale body horror, both humorous and ghastly serious: “Return of the Living Dead,” “Re-Animator,” “Evil Dead,” “Day of the Dead,” “From Beyond,” “Aliens,” “The Fly,” “Hellraiser.”
“Return of the Living Dead,” Dan O’Bannon’s blackly humorous unofficial sequel to “Night of the Living Dead,” deserves special attention. Everyone remembers how those zombies craved brains in their diet. What’s less remembered is that those zombies from 1985 ran fast, and shooting or slicing them did no good. Nothing short of incineration got rid of them. My ghouls, fueled by a magical curse, totally belong to the O’Bannon school.
With all these movies and metal, I’ve surely dated myself as a creature that reached my first creative bloom in the 1980s. I would not have dared to make my heroines classically trained musicians, though, were it not for a surprise return to the world of classical music in mid-2009, when I became the arts columnist for my home city’s newspaper.
In October of that year, I landed a National Endowment for the Arts fellowship that sent me to review world class orchestra performances in New York. I am still no expert on the topic, but I learned enough to describe these performances, and my appreciation for them, with at least a dash of eloquence.
In truth, my duo would not sound much like a metal band if you heard them play. Search the web for videos of harp and pan pipe duets to hear an approximation of their harmonies. The way they fight with musical notes, on the other hand, comes straight from the iconography of heavy metal.
As do undead fiends. (Hello, Eddie from Iron Maiden!)
Both elements have the potential to send the blood racing. I intend The Black Fire Concerto to serve as a double jolt.
A fair question: Is there truly any overlap between the world of classical music and the armies of the dead? I say it depends on the choice of music.
Remember my explorations of my parents’ classical music records? In sixth grade, I drove classmates nuts by constantly humming the “Dies Irae” passage from the fifth movement of Berlioz’ “Symphonie Fantastique.” Entirely unbeknownst to me, that very same year, Stanley Kubrick’s The Shining used a synthesizer version of that same musical segment as its opening theme.
In hindsight, considering the influences which inspired this novel, that sure seems like foreshadowing.
The Black Fire Concerto: Amazon|Barnes & Noble|Bookshop|Powell’s|Kobo
Regulating AI Behavior with a Hypervisor [Schneier on Security]
Interesting research: “Guillotine: Hypervisors for Isolating Malicious AIs.”
Abstract:As AI models become more embedded in critical sectors like finance, healthcare, and the military, their inscrutable behavior poses ever-greater risks to society. To mitigate this risk, we propose Guillotine, a hypervisor architecture for sandboxing powerful AI models—models that, by accident or malice, can generate existential threats to humanity. Although Guillotine borrows some well-known virtualization techniques, Guillotine must also introduce fundamentally new isolation mechanisms to handle the unique threat model posed by existential-risk AIs. For example, a rogue AI may try to introspect upon hypervisor software or the underlying hardware substrate to enable later subversion of that control plane; thus, a Guillotine hypervisor requires careful co-design of the hypervisor software and the CPUs, RAM, NIC, and storage devices that support the hypervisor software, to thwart side channel leakage and more generally eliminate mechanisms for AI to exploit reflection-based vulnerabilities. Beyond such isolation at the software, network, and microarchitectural layers, a Guillotine hypervisor must also provide physical fail-safes more commonly associated with nuclear power plants, avionic platforms, and other types of mission critical systems. Physical fail-safes, e.g., involving electromechanical disconnection of network cables, or the flooding of a datacenter which holds a rogue AI, provide defense in depth if software, network, and microarchitectural isolation is compromised and a rogue AI must be temporarily shut down or permanently destroyed.
The basic idea is that many of the AI safety policies proposed by the AI community lack robust technical enforcement mechanisms. The worry is that, as models get smarter, they will be able to avoid those safety policies. The paper proposes a set technical enforcement mechanisms that could work against these malicious AIs.
European Commission: Apple’s ‘Core Technology Fee’ and other hurdles are illegal under the DMA [OSnews]
The fines weren’t the only Digital Markets Act news coming from this fine continent today. The European Commission also closed its investigation into Apple’s user choice obligations under the DMA, and while Apple has made good progress in a few areas, the EC states Apple is still acting illegally in a variety of others.
First, the good news for Apple: the European Commission is happy with Apple’s changes regarding browser choice, the ability to remove preinstalled iOS applications, and the ability to change a whole bunch of default settings that are all locked outside of the EU. These are valuable and welcome changes, and I’m glad the European Union, the European Parliament, and the Commission have forced Apple to become less hostile to European consumers.
Second, there’s the bad news for Apple. Under the DMA, Apple is obligated to allow for third-party application stores, and the ability for users to download and install applications directly from the internet. In this area, Apple is still breaking European Union law.
The Commission takes the preliminary view that Apple failed to comply with this obligation in view of the conditions it imposes on app (and app store) developers. Developers wanting to use alternative app distribution channels on iOS are disincentivised from doing so as this requires them to opt for business terms which include a new fee (Apple’s Core Technology Fee). Apple also introduced overly strict eligibility requirements, hampering developers’ ability to distribute their apps through alternative channels. Finally, Apple makes it overly burdensome and confusing for end users to install apps when using such alternative app distribution channels.
↫ European Commission press release
This outcome was entirely expected, and pretty much everyone – except Apple’s PR attack dogs – knew Apple’s malicious compliance, fees, and onerous hurdles were going to be a hard sell. I’m glad the European Commission seems unimpressed with Trump’s sabre-rattling about the EU’s consumer protection laws, and is continuing to whip US tech companies in line, making sure they stop violating our consumer protection laws.
Since these are the outcomes of a preliminary investigation, Apple now has the chance to argue its case.
What resource ID should I give my application’s main icon? [The Old New Thing]
A customer wanted to know what resource ID to assign to their application’s main icon.
There was one faction within the company that felt that the resource ID should be 1, because it’s the first icon.
There was another faction that felt that the resource ID should
be 32512, because that is the value of
IDI_APPLICATION
, which is documented as “Default
application icon.”
Furthermore, when they did a survey of what other programs did, they saw that the resource IDs were all over the place. While it’s true that a lot of programs used resource ID 1, some used resource ID 2, and Visual Studio uses resource ID 32512.
Who’s right?
Recall the algorithm by which Explorer finds the “first” icon in a file.
Therefore, everybody is right, for certain values of “right”.
Suppose you know that a list of items is always shown in sorted order by their ID numbers. How should you assign ID numbers so that the item you like most is always at the top?
Answer: Give it the smallest ID number.
This could be accomplished many ways.
You could given it an ID number of 2 and take care never to give anybody an ID number of 1.
You could given it an ID number of 32512 and take care never to give anybody an ID number between 1 and 32511.
But probably the simplest way to accomplish this is to give it an ID number of 1.
Note that if your module contains named resources, then those take priority over numbered resources for the purpose of choosing the first icon, in which case giving your icon the resource ID of 1 wasn’t good enough, since named icons come before numbered icons.
Bonus chatter: The 32512 faction argued that the
documentation on icons explicitly lists
IDI_APPLICATION
as the default application icon, but
they are reading the table wrong. This is not saying that the
default application icon is the one at location 32512. It’s
saying that “If you want to ask the system to give you a copy
of the default icon, call LoadIcon
and pass the
special value IDI_APPLICATION
(32512).” After
all, if the requirement applied as they interpreted it, then that
would mean that every application must put an error icon as icon
32513 (IDI_ERROR
), a question mark icon as icon 32514
(IDI_QUESTION
), and so on. But nobody does that.
Bonus speculation: My guess for why Visual Studio uses 32513 as the resource ID for the icon is merely that the system provided a convenient name for that number so they didn’t have to add the line
#define IDI_APP 1
to their resource.h
. In other words, it was just a
bit of laziness.
The post What resource ID should I give my application’s main icon? appeared first on The Old New Thing.
[$] VFS write barriers [LWN.net]
In the filesystem track at the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF), Amir Goldstein wanted to resume discussing a feature that he had briefly introduced at the end of a 2023 summit session: filesystem "write barriers". The idea is to have an operation that would wait for any in-flight write() system calls, but not block any new write() calls as bigger hammers, such as freezing the filesystem, would do. His prototype implementation is used by a hierarchical storage management (HSM) system to create a crash-consistent change log, but there may be other use cases to consider. He wanted to discuss implementation options and the possibility of providing an API for user-space applications.
Apple fined for €500 million by EC, Facebook for €200 million [OSnews]
The European Commission has levied fines against both Apple and Facebook for violating the Digital Markets Act. Apple has to pay a €500 million fine, and Facebook a €200 million fine. Apple is breaking EU law by not allowing application developers to inform users of other offers outside the App Store.
The Commission found that Apple fails to comply with this obligation. Due to a number of restrictions imposed by Apple, app developers cannot fully benefit from the advantages of alternative distribution channels outside the App Store. Similarly, consumers cannot fully benefit from alternative and cheaper offers as Apple prevents app developers from directly informing consumers of such offers. The company has failed to demonstrate that these restrictions are objectively necessary and proportionate.
↫ European Commission press release
Not only is Apple ordered to pay the €500 million fine, they also have to remove any and all of the illegal restrictions they put in place.
Facebook, meanwhile, was fined for not offering an equally functional services but without combining user data from different services. The company did offer a choice between paying and not paying – whereby the latter involved data collection and combination – but this model violated the DMA.
The Commission found that this model is not compliant with the DMA, as it did not give users the required specific choice to opt for a service that uses less of their personal data but is otherwise equivalent to the ‘personalised ads’ service. Meta’s model also did not allow users to exercise their right to freely consent to the combination of their personal data.
↫ European Commission press release
Facebook did later amend their model to make it compliant with the DMA, and so the fine only covers the few months Facebook was violating EU law. Fun additional note: the EC also mentions that the Facebook Marketplace is no longer a gatekeeper service under the DMA, since its user numbers has dropped below the threshold. Facebook seems to be having some engagement issues in Europe, and you love to hear it.
Both companies are required to pay and comply within 60 days, or further periodic penalty payments will be levied.
Pluralistic: Sarah Wynn-Williams's 'Careless People' (23 Apr 2025) [Pluralistic: Daily links from Cory Doctorow]
I never would have read Careless People, Sarah Wynn-Williams's tell-all memoir about her years running global policy for Facebook, but then Meta's lawyer tried to get the book suppressed and secured an injunction to prevent her from promoting it:
So I've got something to thank Meta's lawyers for, because it's a great book! Not only is Wynn-Williams a skilled and lively writer who spills some of Facebook's most shameful secrets, but she's also a kick-ass narrator (I listened to the audiobook, which she voices):
https://libro.fm/audiobooks/9781250403155-careless-people
I went into Careless People with strong expectations about the kind of disgusting behavior it would chronicle. I have several friends who took senior jobs at Facebook, thinking they could make a difference (three of them actually appear in Wynn-Williams's memoir), and I've got a good sense of what a nightmare it is for a company.
But Wynn-Williams was a lot closer to three of the key personalities in Facebook's upper echelon than anyone in my orbit: Mark Zuckerberg, Sheryl Sandberg, and Joel Kaplan, who was elevated to VP of Global Policy after the Trump II election. I already harbor an atavistic loathing of these three based on their public statements and conduct, but the events Wynn-Williams reveals from their private lives make these three out to be beyond despicable. There's Zuck, whose underlings let him win at board-games like Settlers of Catan because he's a manbaby who can't lose (and who accuses Wynn-Williams of cheating when she fails to throw a game of Ticket to Ride while they're flying in his private jet). There's Sandberg, who demands the right to buy a kidney for her child from someone in Mexico, should that child ever need a kidney.
Then there's Kaplan, who is such an extraordinarily stupid and awful oaf that it's hard to pick out just one example, but I'll try. At one point, Wynn-Williams gets Zuck a chance to address the UN General Assembly. As is his wont, Zuck refuses to be briefed before he takes the dais (he's repeatedly described as unwilling to consider any briefing note longer than a single text message). When he gets to the mic, he spontaneously promises that Facebook will provide internet access to refugees all over the world. Various teams at Facebook then race around, trying to figure out whether this is something the company is actually doing, and once they realize Zuck was just bullshitting, set about trying to figure out how to do it. They get some way down this path when Kaplan intervenes to insist that giving away free internet to refugees is a bad idea, and that instead, they should sell internet access to refugees. Facebookers dutifully throw themselves into this absurd project, which dies when Kaplan fires off an email stating that he's just realized that refugees don't have any money. The project dies.
The path that brought Wynn-Williams into the company of these careless people is a weird – and rather charming – one. As a young woman, Wynn-Williams was a minor functionary in the New Zealand diplomatic corps, and during her foreign service, she grew obsessed with the global political and social potential of Facebook. She threw herself into the project of getting hired to work on Facebook's global team, working on strategy for liaising with governments around the world. The biggest impediment to landing this job is that it doesn't exist: sure, FB was lobbying the US government, but it was monumentally disinterested in the rest of the world in general, and the governments of the world in particular.
But Wynn-Williams persists, pestering potentially relevant execs with requests, working friends-of-friends (Facebook itself is extraordinarily useful for this), and refusing to give up. Then comes the Christchurch earthquake. Wynn-Williams is in the US, about to board a flight, when her sister, a news presenter, calls her while trapped inside a collapsed building (the sister hadn't been able to get a call through to anyone in NZ). Wynn-Williams spends the flight wondering if her sister is dead or alive, and only learns that her sister is OK through a post on Facebook.
The role Facebook played in the Christchurch quake transforms Wynn-Williams's passion for Facebook into something like religious zealotry. She throws herself into the project of landing the job, and she does, and after some funny culture-clashes arising from her Kiwi heritage and her public service background, she settles in at Facebook.
Her early years there are sometimes comical, sometimes scary, and are characteristic of a company that is growing quickly and unevenly. She's dispatched to Myanmar amidst a nationwide block of Facebook ordered by the ruling military junta and at one point, it seems like she's about to get kidnapped and imprisoned by goons from the communications ministry. She arranges for a state visit by NZ Prime Minister John Key, who wants a photo-op with Zuckerberg, who – oblivious to the prime minister standing right there in front of him – berates Wynn-Williams for demanding that he meet with some jackass politician (they do the photo-op anyway).
One thing is clear: Facebook doesn't really care about countries other than America. Though Wynn-Williams chalks this up to plain old provincial chauvinism (which FB's top eschelon possess in copious quantities), there's something else at work. The USA is the only country in the world that a) is rich, b) is populous, and c) has no meaningful privacy protections. If you make money selling access to dossiers on rich people to advertisers, America is the most important market in the world.
But then Facebook conquers America. Not only does FB saturate the US market, it uses its free cash-flow and high share price to acquire potential rivals, like Whatsapp and Instagram, ensuring that American users who leave Facebook (the service) remain trapped by Facebook (the company).
At this point, Facebook – Zuckerberg – turns towards the rest of the world. Suddenly, acquiring non-US users becomes a matter of urgency, and overnight Wynn-Williams is transformed from the sole weirdo talking about global markets to the key asset in pursuit off the company's top priority.
Wynn-Williams's explanation for this shift lies in Zuckerberg's personality, his need to constantly dominate (which is also why his subordinates have learned to let him win at board games). This is doubtless true: not only has this aspect of Zuckerberg's personality been on display in public for decades, Wynn-Williams was able to observe it first-hand, behind closed doors.
But I think that in addition to this personality defect, there's a material pressure for Facebook to grow that Wynn-Williams doesn't mention. Companies that grow get extremely high price-to-earnings (P:E) ratios, meaning that investors are willing to spend many dollars on shares for every dollar the company takes in. Two similar companies with similar earnings can have vastly different valuations (the value of all the stock the company has ever issued), depending on whether one of them is still growing.
High P:E ratios reflect a bet on the part of investors that the company will continue to grow, and those bets only become more extravagant the more the company grows. This is a huge advantage to companies with "growth stocks." If your shares constantly increase in value, they are highly liquid – that is, you can always find someone who's willing to buy your shares from you for cash, which means that you can treat shares like cash. But growth stocks are better than cash, because money grows slowly, if at all (especially in periods of extremely low interest rates, like the past 15+ years). Growth stocks, on the other hand, grow.
Best of all, companies with growth stocks have no trouble finding more stock when they need it. They just type zeroes into a spreadsheet and more shares appear. Contrast this with money. Facebook may take in a lot of money, but the money only arrives when someone else spends it. Facebook's access to money is limited by exogenous factors – your willingness to send your money to Facebook. Facebook's access to shares is only limited by endogenous factors – the company's own willingness to issue new stock.
That means that when Facebook needs to buy something, there's a very good chance that the seller will accept Facebook's stock in lieu of US dollars. Whether Facebook is hiring a new employee or buying a company, it can outbid rivals who only have dollars to spend, because that bidder has to ask someone else for more dollars, whereas Facebook can make its own stock on demand. This is a massive competitive advantage.
But it is also a massive business risk. As Stein's Law has it, "anything that can't go on forever eventually stops." Facebook can't grow forever by signing up new users. Eventually, everyone who might conceivably have a Facebook account will get one. When that happens, Facebook will need to find some other way to make money. They could enshittify – that is, shift value from the company's users and customers to itself. They could invent something new (like metaverse, or AI). But if they can't make those things work, then the company's growth will have ended, and it will instantaneously become grossly overvalued. Its P:E ratio will have to shift from the high value enjoyed by growth stocks to the low value endured by "mature" companies.
When that happens, anyone who is slow to sell will lose a ton of money. So investors in growth stocks tend to keep one fist poised over the "sell" button and sleep with one eye open, watching for any hint that growth is slowing. It's not just that growth gives FB the power to outcompete rivals – it's also the case that growth makes the company vulnerable to massive, sudden devaluations. What's more, if these devaluations are persistent and/or frequent enough, the key FB employees who accepted stock in lieu of cash for some or all of their compensation will either demand lots more cash, or jump ship for a growing rival. These are the very same people that Facebook needs to pull itself out of its nosedives. For a growth stock, even small reductions in growth metrics (or worse, declines) can trigger cascades of compounding, mutually reinforcing collapse.
This is what happened in early 2022, when Meta posted slightly lower-than-anticipated US growth numbers, and the market all pounded on the "sell" button at once, lopping $250,000,000,000 of the company's valuation in 24 hours. At the time, it was the worst-ever single day losses for any company in human history:
Facebook's conquest of the US market triggered an emphasis on foreign customers, but not just because Zuck is obsessed with conquest. For Facebook, a decline in US growth posed an existential risk, the possibility of mass stock selloffs and with them, the end of the years in which Facebook could acquire key corporate rivals and executives with "money" it could print on the premises, on demand.
So Facebook cast its eye upon the world, and Wynn-Williams's long insistence that the company should be paying attention to the political situation abroad suddenly starts landing with her bosses. But those bosses – Zuck, Sandberg, Kaplan and others – are "careless." Zuck screws up opportunity after opportunity because he refuses to be briefed, forgets what little information he's been given, and blows key meetings because he refuses to get out of bed before noon. Sandberg's visits to Davos are undermined by her relentless need to promote herself, her "Lean In" brand, and her petty gamesmanship. Kaplan is the living embodiment of Green Day's "American Idiot" and can barely fathom that foreigners exist.
Wynn-Williams's adventures during this period are very well told, and are, by turns, harrowing and hilarious. Time and again, Facebook's top brass snatch defeat from the jaws of victory, squandering incredible opportunities that Wynn-Williams secures for them because of their pettiness, short-sightedness, and arrogance (that is, their carelessness).
But Wynn-Williams's disillusionment with Facebook isn't rooted in these frustrations. Rather, she is both personally and professionally aghast at the company's disgusting, callous and cruel behavior. She describes how her boss, Joel Kaplan, relentlessly sexually harasses her, and everyone in a position to make this stop tells her to shut up and take it. When Wynn-Williams give birth to her second child, she hemorrhages, almost dies, and ends up in a coma. Afterwards, Kaplan gives her a negative performance review because she was "unresponsive" to his emails and texts while she was dying in an ICU. This is a significant escalation of the earlier behavior she describes, like pestering her with personal questions about breastfeeding, video-calling her from bed, and so on (Kaplan is Sandberg's ex-boyfriend, and Wynn-Williams describes another creepy event where Sandberg pressures her to sleep next to her in the bedroom on one of Facebook's jets, something Wynn-Williams says she routinely does with the young women who report to her).
Meanwhile, Zuck is relentlessly pursuing Facebook's largest conceivable growth market: China. The only problem: China doesn't want Facebook. Zuck repeatedly tries to engineer meetings with Xi Jinping so he can plead his case in person. Xi is monumentally hostile to this idea. Zuck learns Mandarin. He studies Xi's book, conspicuously displays a copy of it on his desk. Eventually, he manages to sit next to Xi at a dinner where he begs Xi to name his next child. Xi turns him down.
After years of persistent nagging, lobbying, and groveling, Facebook's China execs start to make progress with a state apparatchik who dangles the possibility of Facebook entering China. Facebook promises this factotum the world – all the surveillance and censorship the Chinese state wants and more. Then, Facebook's contact in China is jailed for corruption, and they have to start over.
At this point, Kaplan has punished Wynn-Williams – she blames it on her attempts to get others to force him to stop his sexual harassment – and cut her responsibilities in half. He tries to maneuver her into taking over the China operation, something he knows she absolutely disapproves of and has refused to work on – but she refuses. Instead, she is put in charge of hiring the new chief of China operations, giving her access to a voluminous paper-trail detailing the company's dealings with the Chinese government.
According to Wynn-Williams, Facebook actually built an extensive censorship and surveillance system for the Chinese state – spies, cops and military – to use against Chinese Facebook users, and FB users globally. They promise to set up caches of global FB content in China that the Chinese state can use to monitor all Facebook activity, everywhere, with the implication that they'll be able to spy on private communications, and censor content for non-Chinese users.
Despite all of this, Facebook is never given access to China. However, the Chinese state is able to use the tools Facebook built for it to attack independence movements, the free press and dissident uprisings in Hong Kong and Taiwan.
Meanwhile, in Myanmar, a genocide is brewing. NGOs and human rights activists keep reaching out to Facebook to get them to pay attention to the widespread use of the platform to whip up hatred against the country's Muslim minority group, the Rohinga. Despite having expended tremendous amounts of energy to roll out "Free Basics" in Myanmar (a program whereby Facebook bribes carriers to exclude its own services from data caps), with the result that in Myanmar, "the internet" is synonymous with "Facebook," the company has not expended any effort to manage its Burmese presence. The entire moderation staff consists of one (later two) Burmese speakers who are based in Dublin and do not work local hours (later, these two are revealed as likely stooges for the Myanmar military junta, who are behind the genocide plans).
The company has also failed to invest in Burmese language support for its systems – posts written in Burmese script are not stored as Unicode, meaning that none of the company's automated moderation systems can parse it. The company is so hostile to pleas to upgrade these systems that Wynn-Williams and some colleagues create secret, private Facebook groups where they can track the failures of the company and the rising tide of lethal violence in the country (this isn't the only secret dissident Facebook group that Wynn-Williams joins – she's also part of a group of women who have been sexually harassed by colleagues and bosses).
The genocide that follows is horrific beyond measure. And, as with the Trump election, the company's initial posture is that they couldn't possibly have played a significant role in a real-world event that shocked and horrified its rank-and-file employees.
The company, in other words, is "careless." Warned of imminent harms to its users, to democracy, to its own employees, the top executives simply do not care. They ignore the warnings and the consequences, or pay lip service to them. They don't care.
Take Kaplan: after figuring out that the company can't curry favor with the world's governments by selling drone-delivered wifi to refugees (the drones don't fly and the refugees are broke), he hits on another strategy. He remakes "government relations" as a sales office, selling political ads to politicians who are seeking to win over voters, or, in the case of autocracies, disenfranchised hostage-citizens. This is hugely successful, both as a system for securing government cooperation and as a way to transform Facebook's global policy shop from a cost-center to a profit-center.
But of course, it has a price. Kaplan's best customers are dictators and would-be dictators, formenters of hatred and genocide, authoritarians seeking opportunities to purge their opponents, through exile and/or murder.
Wynn-Williams makes a very good case that Facebook is run by awful people who are also very careless – in the sense of being reckless, incurious, indifferent.
But there's another meaning to "careless" that lurks just below the surface of this excellent memoir: "careless" in the sense of "arrogant" – in the sense of not caring about the consequences of their actions.
To me, this was the most important – but least-developed – lesson of Careless People. When Wynn-Williams lands at Facebook, she finds herself surrounded by oafs and sociopaths, cartoonishly selfish and shitty people, who, nevertheless, have built a service that she loves and values, along with hundreds of millions of other people.
She's not wrong to be excited about Facebook, or its potential. The company may be run by careless people, but they are still prudent, behaving as though the consequences of screwing up matter. They are "careless" in the sense of "being reckless," but they care, in the sense of having a healthy fear (and thus respect) for what might happen if they fully yield to their reckless impulses.
Wynn-Williams's firsthand account of the next decade is not a story of these people becoming more reckless, rather, it's a story in which the possibility of consequences for that recklessness recedes, and with it, so does their care over those consequences.
Facebook buys its competitors, freeing it from market consequences for its bad acts. By buying the places where disaffected Facebook users are seeking refuge – Instagram and Whatsapp – Facebook is able to insulate itself from the discipline of competition – the fear that doing things that are adverse to its users will cause them to flee.
Facebook captures its regulators, freeing it from regulatory consequences for its bad acts. By playing a central role in the electoral campaigns of Obama and then other politicians around the world, Facebook transforms its watchdogs into supplicants who are more apt to beg it for favors than hold it to account.
Facebook tames its employees, freeing it from labor consequences for its bad acts. As engineering supply catches up with demand, Facebook's leadership come to realize that they don't have to worry about workforce uprisings, whether incited by impunity for sexually abusive bosses, or by the company's complicity in genocide and autocratic oppression.
First, Facebook becomes too big to fail.
Then, Facebook becomes too big to jail.
Finally, Facebook becomes too big to care.
This is the "carelessness" that ultimately changes Facebook for the worse, that turns it into the hellscape that Wynn-Williams is eventually fired from after she speaks out once too often. Facebook bosses aren't just "careless" because they refuse to read a briefing note that's longer than a tweet. They're "careless" in the sense that they arrive at a juncture where they don't have to care who they harm, whom they enrage, who they ruin.
There's a telling anaecdote near the end of Careless People. Back in 2017, leaks revealed that Facebook's sales-reps were promising advertisers the ability to market to teens who felt depressed and "worthless":
Wynn-Williams is – rightly – aghast about this, and even more aghast when she sees the company's official response, in which they disclaim any knowledge that this capability was being developed and fire a random, low-level scapegoat. Wynn-Williams knows they're lying. She knows that this is a routine offering, one that the company routinely boasts about to advertisers.
But she doesn't mention the other lies that Facebook tells in this moment: for one thing, the company offers advertisers the power to target more teens than actually exist. The company proclaims the efficacy of its "sentiment analysis" tool that knows how to tell if teens are feeling depressed or "worthless," even though these tools are notoriously inaccurate, hardly better than a coin-toss, a kind of digital phrenology.
Facebook, in other words, isn't just lying to the public about what it offers to advertisers – it's lying to advertisers, too. Contra those who say, "if you're not paying for the product, you're the product," Facebook treats anyone it can get away with abusing as "the product" (just like every other tech monopolist):
https://pluralistic.net/2022/11/14/luxury-surveillance/#liar-liar
Wynn-Williams documents so many instances in which Facebook's top executives lie – to the courts, to Congress, to the UN, to the press. Facebook lies when it is beneficial to do so – but only when they can get away with it. By the time Facebook was lying to advertisers about its depressed teen targeting tools, it was already colluding with Google to rig the ad market with an illegal tool called "Jedi Blue":
https://en.wikipedia.org/wiki/Jedi_Blue
Facebook's story is the story of a company that set out to become too big to care, and achieved that goal. The company's abuses track precisely with its market dominance. It enshittified things for users once it had the users locked in. It screwed advertisers once it captured their market. It did the media-industry-destroying "pivot to video" fraud once it captured the media:
https://en.wikipedia.org/wiki/Pivot_to_video
The important thing about Facebook's carelessness is that it wasn't the result of the many grave personality defects in Facebook's top executives – it was the result of policy choices. Government decisions not to enforce antitrust law, to allow privacy law to wither on the vine, to expand IP law to give Facebook a weapon to shut down interoperable rivals – these all created the enshittogenic environment that allowed the careless people who run Facebook to stop caring.
The corollary: if we change the policy environment, we can make these careless people – and their successors, who run other businesses we rely upon – care. They may never care about us, but we can make them care about what we might do to them if they give in to their carelessness.
Meta is in global regulatory crosshairs, facing antitrust action in the USA:
And muscular enforcement pledges in the EU:
As Martin Luther King, Jr put it:
The law cannot make a man love me, but it can stop him from lynching me, and I think that's pretty important.
Deconstructing Housing https://democracyjournal.org/magazine/76/deconstructing-housing/
What Happens When Private Equity Owns Your Kid’s Day Care https://jacobin.com/2025/04/private-equity-day-care-childcare/
#20yrsago Free Culture Movement turns one https://web.archive.org/web/20050426022041/http://www.lessig.org/blog/archives/002838.shtml
#15yrsago India’s copyright bill gets it right https://web.archive.org/web/20100425031519/https://www.michaelgeist.ca/content/view/4974/196/
#15yrsago Hitler’s pissed off about fair use https://www.youtube.com/watch?v=kBO5dh9qrIQ
#10yrsago Fascinating, wide-ranging discussion with William Gibson https://www.youtube.com/watch?v=bmh29gwEy7Y
#10yrsago Tory chairman accused of smearing party rivals’ Wikipedia entries https://www.theguardian.com/politics/2015/apr/21/grant-shapps-accused-of-editing-wikipedia-pages-of-tory-rivals
#10yrsago John Oliver on patent trolls https://www.youtube.com/watch?v=3bxcc3SM_KA
#5yrsago Disney heiress slams top execs' compensation https://pluralistic.net/2020/04/22/filternet/#castmembers
#5yrsago Covid burns through Charter Cable employees https://pluralistic.net/2020/04/22/filternet/#thomas-rutledge-murderer
#5yrsago Unmasking the registrants of the "reopen" websites https://pluralistic.net/2020/04/22/filternet/#krebs
#5yrsago Apartment buildings didn't cause the pandemic https://pluralistic.net/2020/04/22/filternet/#kate-wagner
#5yrsago Web-wide copyright filters would be a disaster https://pluralistic.net/2020/04/22/filternet/#filternet
#1yrago Paying for it doesn't make it a market https://pluralistic.net/2024/04/22/kargo-kult-kaptialism/#dont-buy-it
Wellingon: Unity Books, May 3, 3PM
https://www.unitybooks.co.nz/news-and-events/author-talk-picks-and-shovels-by-cory-doctorow
Pittsburgh: Picks and Shovels at White Whale Books, May 15
https://whitewhalebookstore.com/events/20250515
Pittsburgh: PyCon, May 16
https://us.pycon.org/2025/schedule/
Virtual: Writing to Resist (California Writers Club
Berkeley):
https://cwc-berkeley.org/writing-to-resist-5-18-25/
PDX: Teardown 2025, Jun 20-22
https://www.crowdsupply.com/teardown/portland-2025
PDX: Picks and Shovels with bunnie Huang at Barnes and Noble,
Jun 20
https://stores.barnesandnoble.com/event/9780062183697-0
London: How To Academy with Riley Quinn, Jul 1
https://howtoacademy.com/events/cory-doctorow-the-fight-against-the-big-tech-oligarchy/
Manchester: Picks and Shovels at Blackwell's Bookshop, Jul 2
https://www.eventbrite.co.uk/e/an-evening-with-cory-doctorow-tickets-1308451968059
Manchester: Co-operatives UK Co-op Congress keynote, Jul 3
https://www.uk.coop/events-and-training/events-calendar/co-op-congress-2025-book-your-place
New Orleans: DeepSouthCon63, Oct 10-12, 2025
http://www.contraflowscifi.org/
Fightback Against Trump's Tariff Attack (Avi Lewis)
https://www.youtube.com/watch?v=P9sgIAc6z_o
The Voice of Canadian Humanism
https://open.spotify.com/episode/7uuwdZTIbWzKhBQ3mmMiRv
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org). Signed, personalized copies at Dark Delicacies (https://www.darkdel.com/store/p3007/Pre-Order_Signed_Copies%3A_The_Lost_Cause_HB.html#/)
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com. Signed copies at Dark Delicacies (US): and Forbidden Planet (UK): https://forbiddenplanet.com/385004-red-team-blues-signed-edition-hardcover/.
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
"Attack Surface": The third Little Brother novel, a standalone technothriller for adults. The Washington Post called it "a political cyberthriller, vigorous, bold and savvy about the limits of revolution and resistance." Order signed, personalized copies from Dark Delicacies https://www.darkdel.com/store/p1840/Available_Now%3A_Attack_Surface.html
"How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet analyzing the true harms of surveillance capitalism and proposing a solution. https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59?sk=f6cd10e54e20a07d4c6d0f3ac011af6b) (signed copies: https://www.darkdel.com/store/p2024/Available_Now%3A__How_to_Destroy_Surveillance_Capitalism.html)
"Little Brother/Homeland": A reissue omnibus edition with a new introduction by Edward Snowden: https://us.macmillan.com/books/9781250774583; personalized/signed copies here: https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html
"Poesy the Monster Slayer" a picture book about monsters, bedtime, gender, and kicking ass. Order here: https://us.macmillan.com/books/9781626723627. Get a personalized, signed copy here: https://www.darkdel.com/store/p2682/Corey_Doctorow%3A_Poesy_the_Monster_Slayer_HB.html#/.
Unauthorized Bread: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026
Enshittification, Why Everything Suddenly Got Worse and What to Do About It (the graphic novel), Firstsecond, 2026
The Memex Method, Farrar, Straus, Giroux, 2026
Today's top sources:
Currently writing:
A Little Brother short story about DIY insulin PLANNING
Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS FEB 2025
Latest podcast: Nimby and the D-Hoppers CONCLUSION https://craphound.com/stories/2025/04/13/nimby-and-the-d-hoppers-conclusion/
This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Medium (no ads, paywalled):
Twitter (mass-scale, unrestricted, third-party surveillance and advertising):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Thomas Lange: FAI 6.4 and new ISO images available [Planet Debian]
It now supports installing the Xfce edition of Linux Mint 22.1 'Xia'. There's now an additional Linux Mint ISO [1] which does an unattended Linux Mint installation via FAI and does not need a network connection because all packages are available on the ISO.
The package_config configurations now support arbitrary boolean expressions with FAI classes like this:
PACKAGES install UBUNTU && XORG && ! MINT
If you use the command ifclass
in customization
scripts you can now also use these expressions.
The tool fai-kvm for starting a KVM virtual machine now uses UEFI variables if the VM is started with an UEFI environment, so boot settings are saved during a reboot.
For the installation of Rocky Linux and Almalinux in an UEFI environment some configuration files were added.
New ISO images [2] are available but it may take some time until the FAIme service [3] will supports customized Linux Mint images.
CodeSOD: Dating in Another Language [The Daily WTF]
It takes a lot of time and effort to build a code base that exceeds 100kloc. Rome wasn't built in a day; it just burned down in one.
Liza was working in a Python shop. They had a mildly successful product that ran on Linux. The sales team wanted better sales software to help them out, and instead of buying something off the shelf, they hired a C# developer to make something entirely custom.
Within a few months, that developer had produced a codebase of 320kloc I say "produced" and not "wrote" because who knows how much of it was copy/pasted, stolen from Stack Overflow, or otherwise not the developer's own work.
You have to wonder, how do you get such a large codebase so quickly?
private String getDatum()
{
DateTime datum = new DateTime();
datum = DateTime.Now;
return datum.ToShortDateString();
}
public int getTag()
{
int tag;
DateTime datum = new DateTime();
datum = DateTime.Today;
tag = datum.Day;
return tag;
}
private int getMonat()
{
int monat;
DateTime datum = new DateTime();
datum = DateTime.Today;
monat = datum.Month;
return monat;
}
private int getJahr()
{
int monat;
DateTime datum = new DateTime();
datum = DateTime.Today;
monat = datum.Year;
return monat;
}
private int getStunde()
{
int monat;
DateTime datum = new DateTime();
datum = DateTime.Now;
monat = datum.Hour;
return monat;
}
private int getMinute()
{
int monat;
DateTime datum = new DateTime();
datum = DateTime.Now;
monat = datum.Minute;
return monat;
}
Instead of our traditional "bad date handling code" which
eschews the built-in libraries, this just wraps the built in
libraries with a less useful set of wrappers. Each of these could
be replaced with some version of
DateTime.Now.Minute
.
You'll notice that most of the methods are private, but
one is public. That seems strange, doesn't it?
Well this set of methods was pulled from one random class
which implements them in the codebase, but many classes
have these methods copy/pasted in. At some point, the developer
realized that duplicating that much code was a bad idea, and
started marking them as public, so that you could just call them as
needed. Note, said developer never learned to use the keyword
static
, so you end up calling the method on whatever
random instance of whatever random class you happen to have handy.
The idea of putting it into a common base class, or dedicated
date-time utility class never occurred to the developer, but I
guess that's because they were already part of a dedicated
date-time utility class.
Security updates for Wednesday [LWN.net]
Security updates have been issued by AlmaLinux (bluez, expat, and postgresql:12), Fedora (chromium, golang, LibRaw, moodle, openiked, ruby, and trafficserver), Red Hat (bluez, expat, gnutls, libtasn1, libxslt, mod_auth_openidc, mod_auth_openidc:2.3, ruby:3.1, thunderbird, and xmlrpc-c), and Ubuntu (linux, linux-aws, linux-gcp, linux-hwe-6.11, linux-lowlatency, linux-lowlatency-hwe-6.11, linux-oem-6.11, linux-oracle, linux-raspi, linux-realtime, linux-azure, linux-azure-6.11, linux-gcp-6.8, and matrix-synapse).
Gunnar Wolf: Want your title? Here, have some XML! [Planet Debian]
As it seems ChatGPT would phrase it… Sweet Mother of God!
I received a mail from my University’s Scholar Administrative division informing me my Doctor degree has been granted and emitted (yayyyyyy! 👨🎓), and before printing the corresponding documents, I should review all of the information is correct.
Attached to the mail, I found they sent me a very friendly and welcoming XML file, that stated it followed the schema at https://www.siged.sep.gob.mx/titulos/schema.xsd… Wait! There is nothing to be found in that address! Well, never mind, I can make sense out of a XML document, right?
Of course, who needs an XSD schema? Everybody can parse through the data in a XML document, right? Of course, it took me close to five seconds to spot a minor mistake (in the finish and start dates of my previous degree), for which I mailed the relevant address…
But… What happens if I try to undestand the world as seen by 9.8 out of 10 people getting a title from UNAM, in all of its different disciplines (scientific, engineering, humanities…) Some people will have no clue about what to do with a XML file. Fortunately, the mail has a link to a very useful tutorial (roughly translated by myself):
The attached file has an XML extension, so in order to visualize it, you must open it with a text editor such as Notepad or Sublime Text. In case you have any questions on how to open the file, please refer to the following guide: https://www.dgae.unam.mx/guia_abrir_xml.html
Seriously! Asking people getting a title in just about any area of knowledge to… Install SublimeText to validate the content of a XML (that includes the oh-so-very-readable signature of some universitary bureaucrat).
Of course, for many years Mexican people have been getting XML files by mail (for any declared monetary exchange, i.e. buying goods or offering services), but they are always sent together with a render of such XML to a personalized PDF. And yes — the PDF is there only to give the human receiving the file an easier time understanding it. Who thought a bare XML was a good idea? 😠
Steinar H. Gunderson: Recommended VCL [Planet Debian]
In line with this bug, and after losing an hour of sleep, here's some VCL that I can readily recommend if you happen to run Varnish:
sub vcl_recv { ... if (req.http.user-agent ~ "Scrapy") { return (synth(200, "FUCK YOU FUCK YOU FUCK YOU")); } ... }
But hey, we “need to respect the freedom of Scrapy users”, that comes before actually not, like, destroying the Internet with AI bots.
Unraveling decades of progress in safeguarding our nation [Richard Stallman's Political Notes]
* Despite such painful lessons of [the Big Spill], we find ourselves once again hurtling toward disaster. The [saboteur in chief]'s personnel and programmatic cuts at science, environmental and safety agencies, and the wholesale rollback of environmental regulations, threaten to unravel decades of progress in safeguarding our nation. These actions aren't just misguided — they're a dangerous rejection of the hard-won knowledge gained from former crises and a gamble we cannot afford to take.*
Disasters of melting Arctic ice [Richard Stallman's Political Notes]
Melting Arctic ice is a disaster mainly because it is raising sea level, but it is causing several kinds of secondary disasters too.
UK imprisoning people for sleeping on the street [Richard Stallman's Political Notes]
The UK is putting people in prison for months for sleeping on the street. That is shame-worthy in itself, but it gets worse: sometimes the decision is made in a court hearing where the accused person was not present, has no legal representation, or both.
Proposed new powers to punish people for begging or feeding pigeons are even harsher.
For the man who desperately needs to feed pigeons for company, I wonder if giving him a budgerigar to take care of might have enabled him to feel better while avoiding bothering neighbors.
Simple and painless productivity [Seth's Blog]
On the factory floor, productivity increases are relentlessly implemented, often without regard for worker satisfaction.
For people working with a laptop, though, they are often seen as optional lifestyle choices instead of ways to significantly boost how much we can get done–and the satisfaction that comes with time we control.
If you work on your own, your productivity choices are up to you. But when you involve others in your project, the default should be to honor the habits of the most productive member of the team.
Here are some proven ways to save hours of wasted time. You’re probably doing many of them, but they’re still treated as options by many. In rough order of importance:
We’ve all seen well-meaning people disregard all of these points in a single interaction. Multiply that by the number of people involved and you’re in a time swamp.
Digital Identities and the Future of Age Verification in Europe [Deeplinks]
This is the first part of a three-part series about age verification in the European Union. In this blog post, we give an overview of the political debate around age verification and explore the age verification proposal introduced by the European Commission, based on digital identities. Part two takes a closer look at the European Commission’s age verification app, and part three explores measures to keep all users safe that do not require age checks.
As governments across the world pass laws to “keep children safe online,” more times than not, notions of safety rest on the ability of platforms, websites, and online entities being able to discern users by age. This legislative trend has also arrived in the European Union, where online child safety is becoming one of the issues that will define European tech policy for years to come.
Like many policymakers elsewhere, European regulators are increasingly focused on a range of online harms they believe are associated with online platforms, such as compulsive design and the effects of social media consumption on children’s and teenagers’ mental health. Many of these concerns lack robust scientific evidence; studies have drawn a far more complex and nuanced picture about how social media and young people’s mental health interact. Still, calls for mandatory age verification have become as ubiquitous as they have become trendy. Heads of state in France and Denmark have recently called for banning under 15 year olds from social media Europe-wide, while Germany, Greece and Spain are working on their own age verification pilots.
EFF has been fighting age verification mandates because they undermine the free expression rights of adults and young people alike, create new barriers to internet access, and put at risk all internet users’ privacy, anonymity, and security. We do not think that requiring service providers to verify users’ age is the right approach to protecting people online.
Policy makers frame age verification as a necessary tool to prevent children from accessing content deemed unsuitable, to be able to design online services appropriate for children and teenagers, and to enable minors to participate online in age appropriate ways. Rarely is it acknowledged that age verification undermines the privacy and free expression rights of all users, routinely blocks access to resources that can be life saving, and undermines the development of media literacy. Rare, too, are critical conversations about the specific rights of young users: The UN Convention on the Rights of the Child clearly expresses that minors have rights to freedom of expression and access to information online, as well as the right to privacy. These rights are reflected in the European Charter of Fundamental Rights, which establishes the rights to privacy, data protection and free expression for all European citizens, including children. These rights would be steamrolled by age verification requirements. And rarer still are policy discussions of ways to improve these rights for young people.
Implicitly Mandatory Age Verification
Currently, there is no legal obligation to verify users’ age in the EU. However, different European legal acts that recently entered into force or are being discussed implicitly require providers to know users’ ages or suggest age assessments as a measure to mitigate risks for minors online. At EFF, we consider these proposals akin to mandates because there is often no alternative method to comply except to introduce age verification.
Under the General Data Protection Regulation (GDPR), in practice, providers will often need to implement some form of age verification or age assurance (depending on the type of service and risks involved): Article 8 stipulates that the processing of personal data of children under the age of 16 requires parental consent. Thus, service providers are implicitly required to make reasonable efforts to assess users’ ages – although the law doesn’t specify what “reasonable efforts” entails.
Another example is the child safety article (Article 28) of the Digital Services Act (DSA), the EU’s recently adopted new legal framework for online platforms. It requires online platforms to take appropriate and proportionate measures to ensure a high level of safety, privacy and security of minors on their services. The article also prohibits targeting minors with personalized ads. The DSA acknowledges that there is an inherent tension between ensuring a minor’s privacy, and taking measures to protect minors specifically, but it's presently unclear which measures providers must take to comply with these obligations. Recital 71 of the DSA states that service providers should not be incentivized to collect the age of their users, and Article 28(3) makes a point of not requiring service providers to collect and process additional data to assess whether a user is underage. The European Commission is currently working on guidelines for the implementation of Article 28 and may come up with criteria for what they believe would be effective and privacy-preserving age verification.
The DSA does explicitly name age verification as one measure the largest platforms – so called Very Large Online Platforms (VLOPs) that have more than 45 million monthly users in the EU – can choose to mitigate systemic risks related to their services. Those risks, while poorly defined, include negative impacts on the protection of minors and users’ physical and mental wellbeing. While this is also not an explicit obligation, the European Commission seems to expect adult content platforms to adopt age verification to comply with their risk mitigation obligations under the DSA.
Adding another layer of complexity, age verification is a major element of the dangerous European Commission proposal to fight child sexual abuse material through mandatory scanning of private and encrypted communication. While the negotiations of this bill have largely stalled, the Commission’s original proposal puts an obligation on app stores and interpersonal communication services (think messaging apps or email) to implement age verification. While the European Parliament has followed the advice of civil society organizations and experts and has rejected the notion of mandatory age verification in its position on the proposal, the Council, the institution representing member states, is still considering mandatory age verification.
Digital Identities and Age Verification
Leaving aside the various policy work streams that implicitly or explicitly consider whether age verification should be introduced across the EU, the European Commission seems to have decided on the how: Digital identities.
In 2024, the EU adopted the updated version of the so-called eIDAS Regulation, which sets out a legal framework for digital identities and authentication in Europe. Member States are now working on national identity wallets, with the goal of rolling out digital identities across the EU by 2026.
Despite the imminent roll out of digital identities in 2026, which could facilitate age verification, the European Commission clearly felt pressure to act sooner than that. That’s why, in the fall of 2024, the Commission published a tender for a “mini-ID wallet”, offering four million euros in exchange for the development of an “age verification solution” by the second quarter of 2025 to appease Member States anxious to introduce age verification today.
Favoring digital identities for age verification follows an overarching trend to push obligations to conduct age assessments continuously further down in the stack – from apps to app stores to operating service providers. Dealing with age verification at the app store, device, or operating system level is also a demand long made by providers of social media and dating apps seeking to avoid liability for insufficient age verification. Embedding age verification at the device level will make it more ubiquitous and harder to avoid. This is a dangerous direction; digital identity systems raise serious concerns about privacy and equity.
This approach will likely also lead to mission creep: While the Commission limits its tender to age verification for 18+ services (specifically adult content websites), it is made abundantly clear that once available, age verification could be extended to “allow age-appropriate access whatever the age-restriction (13 or over, 16 or over, 65 or over, under 18 etc)”. Extending age verification is even more likely when digital identity wallets don’t come in the shape of an app, but are baked into operating systems.
In the next post of this series, we will be taking a closer look at the age verification app the European Commission has been working on.
New Comic: Yes Doz
Desperate Measures, p8 [Ctrl+Alt+Del Comic]
The post Desperate Measures, p8 appeared first on Ctrl+Alt+Del Comic.
Michael Prokop: Lessons learned from running an open source project for 20 years @ GLT25 [Planet Debian]
Time flies by so quickly, it’s >20 years since I started the Grml project.
I’m giving a (german) talk about the lessons learned from 20 years of running the Grml project this Saturday, 2025-04-26 at the Grazer Linuxtage (Graz/Austria). Would be great to see you there!
Russell Coker: Last Post About the Yoga Gen3 [Planet Debian]
Just over a year ago I bought myself a Thinkpad Yoga Gen 3 [1]. That is a nice machine and I really enjoyed using it. But a few months ago it started crashing and would often play some music on boot. The music is a diagnostic code that can be interpreted by the Lenovo Android app. Often the music translated to “code 0284 TCG-compliant functionality-related error” which suggests a motherboard problem. So I bought a new motherboard.
The system still crashes with the new motherboard. It seems to only crash when on battery so that indicates that it might be a power issue causing the crashes. I configured the BIOS to disable the TPM and that avoided the TCG messages and tunes on boot but it still crashes.
An additional problem is that the design of the Yoga series is that the keys retract when the system is opened past 180 degrees and when the lid is closed. After the motherboard replacement about half the keys don’t retract which means that they will damage the screen more when the lid is closed (the screen was already damaged from the keys when I bought it).
I think that spending more money on trying to fix this would be a waste. So I’ll use it as a test machine and I might give it to a relative who needs a portable computer to be used when on power only.
For the moment I’m back to the Thinkpad X1 Carbon Gen 5 [2]. Hopefully the latest kernel changes to zswap and the changes to Chrome to suspend unused tabs will make up for more RAM use in other areas. Currently it seems to be giving decent performance with 8G of RAM and I usually don’t notice any difference from the Yoga Gen 3.
Now I’m considering getting a Thinkpad X1 Carbon Extreme with a 4K display. But they seem a bit expensive at the moment. Currently there’s only one on ebay Australia for $1200ono.
Girl Genius for Wednesday, April 23, 2025 [Girl Genius]
The Girl Genius comic for Wednesday, April 23, 2025 has been posted.
Dirk Eddelbuettel: RInside 0.2.19 on CRAN: Mostly Maintenance [Planet Debian]
A new release 0.2.19 of RInside arrived on CRAN and in Debian today. RInside provides a set of convenience classes which facilitate embedding of R inside of C++ applications and programs, using the classes and functions provided by Rcpp.
This release fixes a minor bug that got tickled (after a decade and a half RInside) by environment variables (which we parse at compile time and encode in a C/C++ header file as constants) built using double quotes. CRAN currently needs that on one or two platforms, and RInside was erroring. This has been addressed. In the two years since the last release we also received two kind PRs updating the Qt examples to Qt6. And as always we also updated a few other things around the package.
The list of changes since the last release:
Changes in RInside version 0.2.19 (2025-04-22)
The qt example now supports Qt6 (Joris Goosen in #54 closing #53)
CMake support was refined for more recent versions (Joris Goosen in #55)
The sandboxed-server example now states more clearly that
RINSIDE_CALLBACKS
needs to be definedMore routine update to package and continuous integration.
Some now-obsolete checks for C++11 have been removed
When parsing environment variables, use of double quotes is now supported
My CRANberries also provide a short report with changes from the previous release. More information is on the RInside page. Questions, comments etc should go to the rcpp-devel mailing list off the Rcpp R-Forge page, or to issues tickets at the GitHub repo.
This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. If you like this or other open-source work I do, you can now sponsor me at GitHub.
It's crazy to even think of moving Chrome from Google
to OpenAI. The web needs to not be owned by anyone, esp not
owned by the tech industry. What Google tried to do to the web is
obscene. I love ChatGPT, but let's keep Chrome out of their owner's
greedy little hands. Set it up so it stands alone.
Florida’s Anti-Encryption Bill Is a Wrecking Ball to Privacy. There's Still Time to Stop It. [Deeplinks]
We've seen plenty of bad tech bills in recent years, often cloaked in vague language about "online safety." But Florida’s SB 868 doesn’t even pretend to be subtle: the state wants a backdoor into encrypted platforms if minors use them, and for law enforcement to have easy access to your messages.
This bill should set off serious alarm bells for anyone who cares about digital rights, secure communication, or simply the ability to message someone privately without the government listening. Florida lawmakers aren’t just chipping away at digital privacy—they're aiming a wrecking ball straight at it.
SB 868 is a blatant attack on encrypted communication. Since we last wrote about the bill, the situation has gotten worse. The bill and its House companion have both sailed through their committees and are headed to a full vote. That means, if passed, SB 868 would:
In short: if your kid loses their right to encrypted communication, so does everyone they talk to.
If this all sounds impossible to do safely, that’s because it is. There’s no way to create a “just for law enforcement” access point into encrypted messages. Every backdoor is a vulnerability. It's only a matter of time before someone else—whether a hacker, abuser, or foreign government—finds it. Massive breaches like Salt Typhoon have already proven that surveillance tools don’t stay in the right hands for long. Encryption either protects everyone—or it protects no one. We must protect it.
Encryption isn’t optional in today’s internet—it’s essential. It protects your banking info, your health data, your personal chats, and yes, your kids' safety online.
SB 868 pretends to “protect children,” but does the opposite. Teens often need encrypted messaging to talk to trusted adults, friends, and family—sometimes in high-stakes situations like abuse, mental health crises, or discrimination. Stripping away those safeguards makes them more vulnerable, not less.
Investigators already have powerful tools to pursue serious crimes, including the ability to access device-level data and rely on user reports. In fact, studies show user reporting is more effective at catching online abuse than mass surveillance. So why push a bill that makes everyone less safe, weakens encryption, and invites lawsuits? That’s a question we all deserve an answer to.
Florida’s SB 868 isn’t just a bad bill—it’s a dangerous blueprint for mass surveillance. Tell Florida Legislators: SB 868 is unsafe, unworkable, and unacceptable.
If you live in Florida, contact your lawmakers and demand they reject this attack on encryption.
If you're outside the state, you can still speak out—public pressure matters, and the more people who call out how egregious this bill is, the harder it becomes for lawmakers to quietly push it forward. Make sure you follow us on social media to track the bills’ progress and help amplify the message.
Privacy is worth fighting for. Let’s stop SB 868 before it becomes law.
in which a memory is created with my son [WIL WHEATON dot NET]
I went to my first Los Angeles Kings game around 1986, when they still played at the Forum, wore the original uniforms, and weren’t a playoff team.
By the end of the first period, my fandom was cemented. I loved how fast the game moved. I loved how weird it was to play ice hockey in Southern California. I loved that nobody I knew was into hockey, so this was something that belonged to me. In the 80s, being a hockey fan in LA was to be part of a subculture that took a little bit of work. Like, it was easy to be a Lakers fan during Showtime. The Dodgers weren’t that great in the mid-80s, but by 1988 they were in the World Series again, while the Kings were pretty mid, if my memory is correct.
Years and years ago, I wrote something about how much I loved getting off of work at Paramount, driving down La Cienega through the oil fields, and sneaking into Inglewood around the traffic on the 405 and 110. I would have been 16 or so, maybe just barely 17, when Gretzky came to the Kings, and my subculture exploded into very mainstream Los Angeles sports culture. I took an extended break from the NHL — and all sports, really — when my kids were little. We couldn’t justify the expense for tickets, and when I had a choice between going out for something or staying home and enjoying my family’s company, I always stayed home.
But in … I think it was 2010? 2011? … the Kings were in the playoffs against St. Louis, a couple seasons before they won their first Stanley Cup. I knew from experience that there is nothing in the world like playoff hockey, and that I had my best chance to introduce Anne to the sport, the team, and that part of me. So we went to game 3 of the series (I’m going from memory. I could look all this up and be sure about the dates, but I’m going to write this parenthetical, instead.) We sat behind the goal, about 7 rows up, not the best place to get a full view of the game and watch plays develop, but really great for dropping you right into the middle of the whole thing.
Anne was completely on board by like the third or fourth whistle. She was hollering with me, stomping her feet, the whole thing. It was great. We got season tickets the following season, and we have had them ever since.
Last night, she had an art class she’s been looking forward to for weeks, that she joind before the playoff schedule was set, so I took our son, Nolan, with me. He’s been so busy with so many things, we haven’t had many opportunities lately to just go out and hang, so I was looking forward to that even more than the game, itself.
Holy shit the game, itself. I’ve been feeling like this team is the first team the Kings have put out in years that has a real chance to get past Edmonton. Fucking FINALLY. As I wrote only semi-jokingly in yesterday’s post, Edmonton has one line and a bunch of guys. Their goalie is very beatable, and if the Kings can shut down McDavid (who, we all have to admit is the greatest player in the world right now), they should advance.
The vibe inside Staples Center was immaculate. Fans chanting in the streets, in the concourse ahead of the game, in our seats before they introduced the players. For the first time since opening night, the place looked to be nearly sold out. It was the playoffs, man, and it nourished my soul to be there.
The game was exciting and nerve wracking. The Kings took their foot off the gas at the beginning of the third, as is traditional, and let the Oilers back in. McDavid did his thing (I hope Edmonton nerds know how lucky they are to watch him year after year) and I felt roughly 17000 people go “oh fuck my life not this again”.
And then.
And then, Phillip Danault and Warren Foegele did this, with 7 seconds left.
Nolan and I jumped up out of our seats so fast and so hard, we practically hit our heads on the roof.
The Kings held on for seven intense seconds, and after blowing a huge lead, managed to win it 6-5 in regulation. It’s the first time they’ve won a playoff game in regulation in three years. I screamed so much, my throat hurts today and my voice is hoarse. Not the best thing before I start an audiobook tomorrow. Good thing I heal like Wolverine.
On the drive home, I looked over at Nolan and said, “Look, it’s the playoffs, and I would never admit to this in public or on my blog, but it’s after 10 already and I did not want to be leaving here after 11, so I feel like not only did the Kings win, we also won.”
“Yeah, I wasn’t going to say anything, but … yeah.”
We laughed about that a little bit.
I said, “I guess I know that I’m old and tired because I’m not completely sure I wouldn’t have suggested we race home during the intermission so I could watch OT on TV and then roll right into bed. I don’t even know who I am.”
He started to reply, then said, “Look out!” because a stupid fucking dipshit idiot driver whipped across three lanes without signaling to gain a car length while I was — with my turn indicator on because oh my fucking god why is that so hard for you people to do — safely changing lanes like an adult.
I yanked my wheel back to my left, was grateful I drive a Mini with a low center of gravity, and dad mode automatically engaged. “You fucking idiot fuck,” I spat at that guy. “My fucking kid is right here! What the fuck is wrong with you?”
“You okay? Sorry about that.”
“Yeah, that was intense.”
My parental anger faded as quickly as it flared. “I’m really glad you saw that. I would have missed it entirely.” In my dad brain, a vivid series of violent car crashes played in high speed.
“I barely did.”
“Yikes. That’s scary. We were so close to being in a serious crash because of that guy, and he probably has no idea.” I wondered how many more near collisions this dude would cause on his way to wherever he was going.
“Yep.”
We drove in silence for a little bit. And then, after we’d merged onto the 134, I said the thing that had been on my mind since we’d left the house hours earlier.
“I’m so grateful you chose to come to the game tonight. Thank you for making a special memory with me. I cherish this time together, and I want you to know that.”
“I do know that, but I’m still glad you said it. I didn’t expect to have as much fun as I did. It reminded me of the times we went before.”
“That was so much fun. I’m so happy that you remember it the way I do.”
When Nolan was in high school, the Kings had ticket packs for super cheap (they were NOT a good team, then) so I got him like 6 games for Christmas, mostly so we had an excuse to go do something together. At one of the games, we were screaming and cheering for the boys and they put us on the Jumbotron. Someone in the organization grabbed it, and made that video snip part of the opening montage for the rest of that year. Every game I went to, with Nolan and without, I got to see it and remember how fun it was when it happened. It was so long ago, the memories have faded to a point where they are unreliable. Last night was an echo of those memories, and it refreshed them enough to restore their clarity.
Anne’s got tickets to a show tomorrow, and Nolan is my first choice, if he’s feeling it, to be my +1. So maybe we’ll get to make another memory together tomorrow night that involves the Kings going to Edmonton up 2 games to none.
If you’d like to get these updates in your inbox, here’s the thingy:
Also, before I go, I am on Michael Rosenbaum’s podcast, Inside of You, this week. I’m working on a post about it, just struggling to get WordPress to play nice with a bit of embedded video. Until then, here are some quick links:
Linux on IBM Z and LinuxONE open source software report [OSnews]
Linux on IBM Z and IBM LinuxONE use the s390x hardware architecture to run various Linux distributions, including SUSE Linux Enterprise Server (SLES), Red Hat Enterprise Linux (RHEL), and Ubuntu. Tens of thousands of software packages are tested and distributed through these projects, and various community distributions.
↫ Elizabeth K. Joseph at the IBM community website
Various Linux distributions are available for the s390x architecture, but physical access to such hardware from IBM is, of course, relatively limited. As such, it’s great that IBM tests a variety of open source packages for Linux on s390x, and details the results. If you go to this table, you’ll find the detailed list of tested packages, which mostly focuses on development and enterprise software.
IBM also offers virtual machine access to s390x hardware, and you can get such access for free for 120 days, allowing you to test Red Hat, SUSE, and Ubuntu on IBM Z and IBM LinuxONE. This could definitely make for a fun weekend project to mess around with.
Six Years of Dangerous Misconceptions Targeting Ola Bini and Digital Rights in Ecuador [Deeplinks]
Ola Bini was
first detained in Quito’s airport six
years ago, called a “Russian hacker,” and accused
of
“alleged participation in the crime of assault on the
integrity of computer systems.” It wouldn't
take long for Ecuadorean authorities to find out that he was
Swedish and an
internationally respected free software
developer and computer expert.
Lacking evidence, authorities rapidly changed the criminal
offense underpinning the accusation against Bini and struggled to
build a case based
on a mere image that shows no wrongdoing.
Yet, Bini remained arbitrarily detained for 70 days in 2019
and outrageously
remains under criminal prosecution.
This week, the Observation Mission monitoring Ola
Bini’s case is
again calling out the prosecution’s
inaccuracies and abuses that weaponize misunderstandings about
computer security, undermining both Bini’s rights and digital
security more broadly. The Observation Mission is comprised of
digital and human rights organizations, including EFF.
Specifically, we highlight how Ecuadorean law enforcement
authorities have tried to associate the use of Tor, a
crucial privacy protection tool, with inherently suspicious
activity.
Following a
RightsCon 2025 session about the flaws and
risks of such an interpretation, we are releasing this week a
technical statement (see below)
pointing out why Ecuadorean courts must reaffirm Bini’s
innocence and repudiate misconceptions about technology and
technical knowledge that only disguise the prosecutor’s lack
of evidence supporting the accusations against Bini.
Let’s not forget that Bini was unanimously acquitted in early 2023. Nonetheless, the Prosecutor’s Office appealed and the majority of the appeals court considered him guilty of attempted unauthorized access of a telecommunications system. The reasoning leading to this conclusion has many problems, including mixing the concepts of private and public IP addresses and disregarding key elements of the acquittal sentence.
The ruling also refers to the use of Tor. Among other
issues, the prosecution argued that Tor is not a tool known by any
person except for technical experts since its purpose is to hide
your identity on the internet while leaving no trace you're using
it. As we stressed at RightsCon, this argument turns the use of a
privacy-protective, security-enhancing technology into an
indication of suspicious criminal activity, which is a dangerous
extrapolation of the “nothing-to-hide
argument.”
The prosecutor’s logic, which the majority appeal
ruling endorses, is if you’re keeping your online activities
private it’s because you’re most likely doing something
wrong, instead of we all have privacy rights, so we are entitled to
use technologies that ensure privacy and security by
default.
Backing such an understanding in a court ruling sets an
extremely worrying precedent for privacy and security online. The
use of Tor must not be up for grabs when a prosecutor lacks actual
evidence to sustain a criminal case.
Bini’s defense has appealed the unfounded
conviction. We remain vigilant, hoping that the Ecuadorean judicial
system will correct the course as per basic tenets of
the right to a fair trial,
recognizing the weakness of the case rather than surrendering to
pressure and prejudice. It's past time for justice to prevail in
this case. Six years of a lingering flimsy prosecution coupled with
the undue restriction of Bini’s fundamental rights is already
far too long.
Read the English translation of the statement below
(see
here the original one in
Spanish):
TECHNICAL STATEMENT
Ola Bini’s innocence must be
reaffirmed
In the context of RightsCon Taipei 2025, the Observation Mission of the Ola Bini case and the Tor Project organized a virtual session to analyze the legal proceedings against the digital security expert in Ecuador and to discuss to what extent and with what implications the use of the Tor digital tool is criminalized1. In that session, which included organizations and speakers from civil society from different countries, we reached the following conclusions and technical consensuses:
For these reasons, and six years after the beginning of
Ola Bini’s criminal case, the undersigned civil
society organizations call on the relevant
Ecuadorian judicial authorities to reaffirm Bini’s
presumption of innocence at the appropriate procedural
stage, as was the first instance ruling
demonstrated.
The Observation Mission will continue monitoring the
development of the case until its conclusion, to
ensure compliance with due process guarantees and to raise
awareness of the case’s implications for the protection of
digital rights.
1. RightsCon is the leading global summit on human rights in the digital age, organized by Access Now. ↩
2. See https://www.accessnow.org/wp-content/uploads/2022/05/Informe-final-Caso-Ola-Bini.pdf ↩
3. The Tribunal is composed of Maritza Romero, Fabián Fabara and Narcisa Pacheco. The majority decision is from Fabara and Pacheco. ↩
The mysterious inetpub folder is actually a crucial part of a Windows security fix [OSnews]
Remember the
odd inetpub
folder that seemingly randomly
appeared on people’s root drives after installing a Windows
11 update? Everybody assumed it was something left over from an
update script, and that the folder was safe to remove. Well, it
turns out that’s not the case, as the empty folder is
actually a crucial part of a security fix for a serious
vulnerability.
Initially undocumented in the official release notes, the empty and seemingly inactive
inetpub
folder led to user speculation about whether it was a leftover artifact from development or a bug. Microsoft has since clarified that the folder is intentional and part of a critical security improvement.The change addresses CVE-2025-21204, a vulnerability that allowed local attackers to exploit symbolic link (symlink) attacks via Windows Update, potentially granting unauthorized access to protected system files or directories. As part of the fix, the system pre-creates certain directories — including
↫ CyberdomC:\inetpub
— to harden the update process and mitigate such attacks.
If you’ve already removed the folder, you can reinstall the April 2025 cumulative update to restore the folder, or you can wait for next month’s update roll-up, which will also restore the folder.
This lone, empty folder at your Windows PC’s root is apparently a crucial part of the security of your computer, but since it took Microsoft a while to publish release notes, nobody knew where it was coming from. The idea that a random, empty folder usually associated with IIS could be part of a vulnerability mitigation didn’t cross anybody’s mind at the time, especially since random folders appearing at a Windows PC’s root aren’t exactly uncommon or out of the ordinary.
The consensus seems to be that creating this folder is a pretty clever form of mitigation, despite feeling so hacky. I’m assuming Microsoft’s engineers are capable, and that making the folder in question impossible to delete or somehow hidden is simply not an option and would break the vulnerability mitigation, but that doesn’t change the fact that this looks like a really crude hack that should be solved in a more elegant way.
C# developers at ep5 [Free software jobs]
ep5 is seeking several experienced c# developers fluent in English.
Melissa Wen: 2025 FOSDEM: Don't let your motivation go, save time with kworkflow [Planet Debian]
2025 was my first year at FOSDEM, and I can say it was an incredible experience where I met many colleagues from Igalia who live around the world, and also many friends from the Linux display stack who are part of my daily work and contributions to DRM/KMS. In addition, I met new faces and recognized others with whom I had interacted on some online forums and we had good and long conversations.
During FOSDEM 2025 I had the opportunity to present about kworkflow in the kernel devroom. Kworkflow is a set of tools that help kernel developers with their routine tasks and it is the tool I use for my development tasks. In short, every contribution I make to the Linux kernel is assisted by kworkflow.
The goal of my presentation was to spread the word about kworkflow. I aimed to show how the suite consolidates good practices and recommendations of the kernel workflow in short commands. These commands are easily configurable and memorized for your current work setup, or for your multiple setups.
For me, Kworkflow is a tool that accommodates the needs of different agents in the Linux kernel community. Active developers and maintainers are the main target audience for kworkflow, but it is also inviting for users and user-space developers who just want to report a problem and validate a solution without needing to know every detail of the kernel development workflow.
Something I didn’t emphasize during the presentation but would like to correct this flaw here is that the main author and developer of kworkflow is my colleague at Igalia, Rodrigo Siqueira. Being honest, my contributions are mostly on requesting and validating new features, fixing bugs, and sharing scripts to increase feature coverage.
So, the video and slide deck of my FOSDEM presentation are available for download here.
And, as usual, you will find in this blog post the script of this presentation and more detailed explanation of the demo presented there.
Hi, I’m Melissa, a GPU kernel driver developer at Igalia and today I’ll be giving a very inclusive talk to not let your motivation go by saving time with kworkflow.
So, you’re a kernel developer, or you want to be a kernel developer, or you don’t want to be a kernel developer. But you’re all united by a single need: you need to validate a custom kernel with just one change, and you need to verify that it fixes or improves something in the kernel.
And that’s a given change for a given distribution, or for a given device, or for a given subsystem…
Look to this diagram and try to figure out the number of subsystems and related work trees you can handle in the kernel.
So, whether you are a kernel developer or not, at some point you may come across this type of situation:
There is a userspace developer who wants to report a kernel issue
and says:
But the userspace developer has never compiled and installed a custom kernel before. So they have to read a lot of tutorials and kernel documentation to create a kernel compilation and deployment script. Finally, the reporter managed to compile and deploy a custom kernel and reports:
And then, the kernel developer needs to reproduce this issue on their side, but they have never worked with this distribution, so they just created a new script, but the same script created by the reporter.
What’s the problem of this situation? The problem is that you keep creating new scripts!
Every time you change distribution, change architecture, change hardware, change project - even in the same company - the development setup may change when you switch to a different project, you create another script for your new kernel development workflow!
You know, you have a lot of babies, you have a collection of “my precious scripts”, like Sméagol (Lord of the Rings) with the precious ring.
Instead of creating and accumulating scripts, save yourself time with kworkflow. Here is a typical script that many of you may have. This is a Raspberry Pi 4 script and contains everything you need to memorize to compile and deploy a kernel on your Raspberry Pi 4.
With kworkflow, you only need to memorize two commands, and those commands are not specific to Raspberry Pi. They are the same commands to different architecture, kernel configuration, target device.
Kworkflow is a collection of tools and software combined to:
I don’t know if you will get this analogy, but kworkflow is for me a megazord of scripts. You are combining all of your scripts to create a very powerful tool.
There are many, but these are the most important for me:
This is the list of commands you can run with kworkflow. The first subset is to configure your tool for various situations you may face in your daily tasks.
# Manage kw and kw configurations
kw init - Initialize kw config file
kw self-update (u) - Update kw
kw config (g) - Manage kernel .config files
The second subset is to build and deploy custom kernels.
# Build & Deploy custom kernels
kw kernel-config-manager (k) - Manage kernel .config files
kw build (b) - Build kernel
kw deploy (d) - Deploy kernel image (local/remote)
kw bd - Build and deploy kernel
We have some tools to manage and interact with target machines.
# Manage and interact with target machines
kw ssh (s) - SSH support
kw remote (r) - Manage machines available via ssh
kw vm - QEMU support
To inspect and debug a kernel.
# Inspect and debug
kw device - Show basic hardware information
kw explore (e) - Explore string patterns in the work tree and git logs
kw debug - Linux kernel debug utilities
kw drm - Set of commands to work with DRM drivers
To automatize best practices for patch submission like codestyle, maintainers and the correct list of recipients and mailing lists of this change, to ensure we are sending the patch to who is interested in it.
# Automatize best practices for patch submission
kw codestyle (c) - Check code style
kw maintainers (m) - Get maintainers/mailing list
kw send-patch - Send patches via email
And the last one, the upcoming patch hub.
# Upcoming
kw patch-hub - Interact with patches (lore.kernel.org)
So how can you save time building and deploying a custom kernel?
First, you need a .config file.
kw k
, to store,
describe and retrieve a specific .config file very easily,
according to your current needs.Then you want to build the kernel:
kw b
(kw build) to
build the kernel with the correct settings for cross-compilation,
compilation warnings, cflags, etc. It also shows some information
about the kernel, like number of modules.Finally, to deploy the kernel in a target machine.
kw d
which does a lot
of things for you, like: deploying the kernel, preparing the target
machine for the new installation, listing available kernels and
uninstall them, creating a tarball, rebooting the machine after
deploying the kernel, etc.You can also save time on debugging kernels locally or remotely.
You can save time on managing multiple kernel images in the same work tree.
kw env
to isolate
multiple contexts in the same worktree as environments, so you can
keep different configurations in the same worktree and switch
between them easily without losing anything from the last time you
worked in a specific context.Finally, you can save time when submitting kernel patches. In kworkflow, you can find everything you need to wrap your changes in patch format and submit them to the right list of recipients, those who can review, comment on, and accept your changes.
This is a demo that the lead developer of the kw patch-hub feature sent me. With this feature, you will be able to check out a series on a specific mailing list, bookmark those patches in the kernel for validation, and when you are satisfied with the proposed changes, you can automatically submit a reviewed-by for that whole series to the mailing list.
Now a demo of how to use kw environment to deal with different devices, architectures and distributions in the same work tree without losing compiled files, build and deploy settings, .config file, remote access configuration and other settings specific for those three devices that I have.
laptop (debian | x86 | intel | local) |
SteamDeck (steamos | x86 | amd | remote) |
RaspberryPi 4 (raspbian | arm64 | broadcomm | remote) |
In the same terminal and worktree.
$ kw env --list # list environments available in this work tree
$ kw env --use LOCAL # select the environment of local machine (laptop) to use: loading pre-compiled files, kernel and kworkflow settings.
$ kw device # show device information
$ sudo modinfo vkms # show VKMS module information before applying kernel changes.
$ <open VKMS file and change module info>
$ kw bd # compile and install kernel with the given change
$ sudo modinfo vkms # show VKMS module information after kernel changes.
$ git checkout -- drivers
$ kw env --use RPI_64 # move to the environment for a different target device.
$ kw device # show device information and kernel image name
$ kw drm --gui-off-after-reboot # set the system to not load graphical layer after reboot
$ kw b # build the kernel with the VKMS change
$ kw d --reboot # deploy the custom kernel in a Raspberry Pi 4 with Raspbian 64, and reboot
$ kw s # connect with the target machine via ssh and check the kernel image name
$ exit
$ kw env --use STEAMDECK # move to the environment for a different target device
$ kw device # show device information
$ kw debug --dmesg --follow --history --cmd="modprobe vkms" # run a command and show the related dmesg output
$ kw debug --dmesg --follow --history --cmd="modprobe -r vkms" # run a command and show the related dmesg output
$ <add a printk with a random msg to appear on dmesg log>
$ kw bd # deploy and install custom kernel to the target device
$ kw debug --dmesg --follow --history --cmd="modprobe vkms" # run a command and show the related dmesg output after build and deploy the kernel change
Most of the questions raised at the end of the presentation were actually suggestions and additions of new features to kworkflow.
The first participant, that is also a kernel maintainer, asked about two features: (1) automatize getting patches from patchwork (or lore) and triggering the process of building, deploying and validating them using the existing workflow, (2) bisecting support. They are both very interesting features. The first one fits well the patch-hub subproject, that is under-development, and I’ve actually made a similar request a couple of weeks before the talk. The second is an already existing request in kworkflow github project.
Another request was to use kexec and avoid rebooting the kernel for testing. Reviewing my presentation I realized I wasn’t very clear that kworkflow doesn’t support kexec. As I replied, what it does is to install the modules and you can load/unload them for validations, but for built-in parts, you need to reboot the kernel.
Another two questions: one about Android Debug Bridge (ADB) support instead of SSH and another about support to alternative ways of booting when the custom kernel ended up broken but you only have one kernel image there. Kworkflow doesn’t manage it yet, but I agree this is a very useful feature for embedded devices. On Raspberry Pi 4, kworkflow mitigates this issue by preserving the distro kernel image and using config.txt file to set a custom kernel for booting. For ADB, there is no support too, and as I don’t see currently users of KW working with Android, I don’t think we will have this support any time soon, except if we find new volunteers and increase the pool of contributors.
The last two questions were regarding the status of b4 integration, that is under development, and other debugging features that the tool doesn’t support yet.
Finally, when Andrea and I were changing turn on the stage, he suggested to add support for virtme-ng to kworkflow. So I opened an issue for tracking this feature request in the project github.
With all these questions and requests, I could see the general need for a tool that integrates the variety of kernel developer workflows, as proposed by kworflow. Also, there are still many cases to be covered by kworkflow.
Despite the high demand, this is a completely voluntary project and it is unlikely that we will be able to meet these needs given the limited resources. We will keep trying our best in the hope we can increase the pool of users and contributors too.
[$] Code signing for BPF programs [LWN.net]
The Linux kernel can be configured so that kernel modules must be signed or otherwise authenticated to be loaded into the kernel. Some BPF developers want that to be an option for BPF programs as well — after all, if those are going to run as part of the kernel, they should be subject to the same code-signing requirements. Blaise Boscaccy and Cong Wang presented two different visions for how BPF code signing could work at the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit.
Got problems? Yes, you do! Email your question for the column to mailbox@savage.love! by Dan Savage My wife and I are socially monogamous but have a DADT arrangement that applies if we’re not in our home city. While my wife would prefer that I divulge details to her, I don’t want to hear her details, so we defaulted to DADT based on my preferences. Because we aren’t out to friends about being open and I can’t share this with my wife, I don’t have anyone I can talk to about this, so I am writing to you. I just had an outstanding weekend getaway with a new friend. Nothing in particular was over the top about our itinerary — saunas and cold plunges followed by fancy meals — but time flew by while also seeming to stand still. The sex was WOW and our conversations about serious subjects were spiced with tongue-in-cheek teasing about this fantasy world we were playing in. She is poly and can…
[ Read more ]
[$] DMA addresses for UIO [LWN.net]
The Userspace I/O (UIO) subsystem was first added to the kernel by Hans J. Koch for the 2.6.32 release in 2007. Its purpose is to facilitate the writing of drivers (mostly) in user space; to that end, it provides access to a number of resources that user-space code normally cannot touch. One piece that is missing, though, is DMA addresses. A proposal to fill that gap from Bastien Curutchet is running into some opposition, though.
Joey Hess: offgrid electric car [Planet Debian]
Eight months ago I came up my rocky driveway in an electric car, with the back full of solar panel mounting rails. I didn't know how I'd manage to keep it charged. I got the car earlier than planned, with my offgrid solar upgrade only beginning. There's no nearby EV charger, and winter was coming, less solar power every day. Still, it was the right time to take a leap to offgid EV life.
My existing 1 kilowatt solar array could charge the car only 5 miles on a good day. Here's my first try at charging the car offgrid:
![]() |
It was not worth charging the car that way, the house battery tended to get drained while doing that, and adding cycles to that battery is not desirable. So that was only a proof of concept, I knew I'd need to upgrade.
My goal with the upgrade was to charge the car directly from the sun, even when it was cloudy, using the house battery only to skate over brief darker periods (like a thunderstorm). By mid October, I had enough solar installed to do that (5 kilowatts).
![]() |
![]() |
Using this, in 2 days I charged the car up from 57% to 82%, and took off on a celebratory road trip to Niagra Falls, where I charged the car from hydro power from a dam my grandfather had engineered.
When I got home, it was November. Days were getting ever shorter. My solar upgrade was only 1/3rd complete and could charge the car 30-some miles per day, but only on a good day, and weather was getting worse. I came back with a low state of charge (both car and me), and needed to get back to full in time for my Thanksgiving trip at the end of the month. I decided to limit my trips to town.
![]() |
This kind of medium term planning about car travel was new to me. But not too unusual for offgrid living. You look at the weather forecast and make some rough plans, and get to feel connected to the natural world a bit more.
December is the real test for offgrid solar, and honestly this was a bit rough, with a road trip planned for the end of the month. I did the usual holiday stuff but otherwise holed up at home a bit more than I usually would. Charging was limited and the cold made it charge less efficiently.
![]() |
Still, I was busy installing more solar panels, and by winter solstice, was back to charging 30 miles on a good day.
Of course, from there out things improved. In January and February I was able to charge up easily enough for my usual trips despite the cold. By March the car was often getting full before I needed to go anywhere, and I was doing long round trips without bothering to fast charge along the way, coming home low, knowing even cloudy days would let it charge up enough.
That brings me up to today. The car is 80% full and heading up toward 100% for a long trip on Friday. Despite the sky being milky white today with no visible sun, there's plenty of power to absorb, and the car charger turned on at 11 am with the house battery already full.
My solar upgrade is only 2/3rds complete, and also I have not yet installed my inverter upgrade, so the car can only currenly charge at 9 amps despite much more solar power often being available. So I'm looking forward to how next December goes with my full planned solar array and faster charging.
But first, a summer where I expect the car will mostly be charged up and ready to go at all times, and the only car expense will be fast charging on road trips!
By the way, the code I've written to automate offgrid charging that runs only when there's enough solar power is here.
And here are the charging graphs for the other months. All told, it's charged 475 kwh offgrid, enough to drive more than 1500 miles.
![]() |
![]() |
![]() |
![]() |
Stress to Impress – DORK TOWER 22.04.25 [Dork Tower]
This or any DORK TOWER strip is now available as a signed, high-quality print, from just $25! CLICK HERE to find out more!
HEY! Want to help keep DORK TOWER going? Then consider joining the DORK TOWER Patreon and ENLIST IN THE ARMY OF DORKNESS TODAY! (We have COOKIES!) (And SWAG!) (And GRATITUDE!)
Free Software Directory meeting on IRC: Friday, April 25, starting at 12:00 EDT (16:00 UTC) [Planet GNU]
Join the FSF and friends on Friday, April 25 from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.
Slog AM: Trans Athlete Ban Fails, It’s Earth Day, and Vote in the Special Election! [The Stranger]
The Stranger's morning news roundup. by Marcus Harrison Green
Weather: Happy Earth Day! Today’s forecast: sunny with a high near 60. It’s perfect weather for pretending we’re not hurtling toward climate collapse. So get out there, hug a tree, recycle your plastic, and try not to think about how Exxon knew in the '70s.
Born Into Freedom, Dad Denied It: Dr. Noor Abdalla and political prisoner Mahmoud Khalil welcomed their first child yesterday. Khalil had requested a two-week furlough from his detention in Louisiana to be present for the birth. Per the cruelty of the Trump regime, an Immigration and Customs Enforcement official named “Mellissa” denied Khalil’s request.
Religious Freedom Means Never Having to Learn Anything: The culture war circus is back at the Supreme Court, where Justices are weighing whether books with LGBTQ+ characters in public schools trample on religious freedom. A school board in Montgomery County, Maryland okayed five storybooks to promote tolerance—scandalous!—but some parents claim that just seeing queer people in print violates their religious beliefs. They're arguing that a) parents should control what their kids learn and b) the Constitution guarantees them the right to not be mildly uncomfortable in a pluralistic society. With a bench stacked by Trump and dominated by justices molded in Catholic schools, odds are good that the Court will carve out some religious opt-out.
Venezuela Fires Back at Bukele's Prisoner Swap Scheme: Venezuela’s attorney general, Tarek William Saab, went scorched earth on El Salvador’s President Nayib Bukele, branding him a “neo-Nazi” and “serial human rights violator” after Bukele proposed a prisoner swap with Nicolás Maduro. Bukele offered to trade 252 Venezuelans deported by Trump to his US-backed concentration camp, CECOT, for an equal number of political prisoners held in Venezuela—also naming out activists and journalists swept up in last year’s crackdowns. “The only reason they are imprisoned is for having opposed you and your electoral fraud,” Bukele posted on X to Maduro. Saab hit back on state TV, calling the offer “cynical,” accusing Bukele of narcissism, and demanding details on who’s detained, their legal status, and medical conditions.
Trans Athlete Ban Fails, Barely: In yet another
attempt to legislate bigotry under the guise of "protecting
sports." The Washington Interscholastic Activities Association
(WIAA), the state’s high school sports governing body, almost
passed a rule banning trans girls from girls' sports. The WIAA
came just one vote shy of greenlighting this retrograde policy. And
just for kicks, they also floated a separate “open”
division—because what’s more inclusive than
institutionalized exile? That gem of social engineering lost in a
blowout, 13 votes for and 40 against. Let this be your latest
reminder: trans bigotry isn’t just a DC export, it’s
alive, well, and still trying to run drills in your local
gym.
Now let's pass it to Hannah Murphy Winter for a blurb cameo:
Good news! On Friday evening, the US District Court for the Western District of Washington ruled that, whether you’re an insurance company or a healthcare provider, you can’t deny gender-affirming top surgery to trans kids and then turn around and provide it to cis kids. In a ruling against Premera Blue Cross, the judge found that it was a violation of the discrimination clause of the ACA. “The court determined in no uncertain terms that Premera Blue Cross’s policy categorically denying safe, evidence-based, and effective health care…is discriminatory and unlawful,” said Lambda Legal’s Omar Gonzalez-Pagan. “In fact, the court could not have been clearer. As it wrote in the ruling: ‘The Court need not choose between the divergent interpretations of the term 'sex' because, under either view, Premera’s medical policy facially discriminates on the basis of sex.” Someone tell Seattle Children’s that…
ICYMI: Despite the aforementioned good news, our Vivian McCall wrote a follow-up about Seattle Children's Hospital deciding to still yank gender-affirming surgery for patients under 19. The decision led to more than 550 health professionals and advocacy groups calling them out for breaking the law and promoting harmful, outdated views, while vowing to take legal action. But, in true "we don’t give a damn" fashion, the hospital's gone radio silent, leaving trans youth and their families twisting in the wind.
Seattle’s War on Tents (and People in Them): The Seattle Times reports that the City is absolutely crushing it—if “it” means shattering records for homeless encampment sweeps because nothing says progress like forcing people into a perpetual state of fear and displacement. But hey, as long as your Golden Retriever has a poop-free patch of grass in the park, who cares if people are overdosing and dying in the street? A little dehumanization is a small price to pay for vibes, right?
Ferguson Signs 35 Bills, Still No Wealth Tax:
Gov. Bob Ferguson
signed 35 bills into law yesterday, proving once again that
bureaucracy can move fast, at least if it’s got caffeine and
a legislative majority. From blocking out-of-state National
Guardsmen from playing Weekend Warrior on our turf, to making sure
pets aren’t left behind when the climate crisis comes
knocking, to making sure your local casino is only moderately
shady, it’s a buffet of, "Hey, that actually makes sense."
Somewhere in there, they even found time to fight a burrowing
shrimp, because in Washington, we fight fascism, crustaceans, and
any attempt to pass a wealth tax with equal
gusto.
Special Election, Today! Let’s keep it a buck, you probably thought that ballot that showed up in your mailbox this month was either junk mail or a coupon for a Domino’s 2-for-1 (what disgusting pizza, btw). And even if you did crack it open, chances are you had no idea we were voting today, let alone on what. But don’t worry, we’ve got your back: our SECB guide breaks down why you should vote NO on the fingerprint renewal measure, because handing over your biometric data to the government in this dystopian hellscape? Yeah, hard pass. Just make sure you drop your ballot in a box by 8 pm or slap a stamp on it before midnight, or it’s just another piece of paper lost to the surveillance state.
Our EIC in Action: If you’ve got a pulse and a brain, swing by Town Hall Seattle tonight at 7:30 pm. Our editor-in-chief will be moderating a conversation for Earth Day. You’ll hear from local leaders fighting the good fight on climate and equity, and meet some grassroots folks actually doing the work!
And to mark the occasion, I’ll leave you with this wonderfully appropriate song by the late, great Marvin Gaye:
Android Improves Its Security [Schneier on Security]
Android phones will soon reboot themselves after sitting idle for three days. iPhones have had this feature for a while; it’s nice to see Google add it to their phones.
The Big Idea: Heather Tracy [Whatever]
Any author can tell you that events in their own life can have an impact on their fiction. As we learn in Heather Tracy’s Big Idea for Only a Chapter, sometimes those events have a bigger impact than we might have expected.
HEATHER TRACY:
When I began writing what would become Only a Chapter back in 2015, the working title I had then was “Faceless Man.” I knew I wasn’t going to call the book that, but I couldn’t come up with anything better. I still have several drafts of the original version saved with that name on my computer.
The big idea for the original version of the book came from dreams I had in high school through college of a faceless man who would do huge romantic things like fly me on a private jet to New York City to see Phantom of the Opera on Broadway with the original cast, then he proposed. The dreams were always very vivid, and I could always tell the man was wearing a tuxedo, but I could never see his face. Sometime after dating my now-husband for a while, I realized that when he and I originally met at my senior prom, he was wearing a tux. In different ways, a lot of the things in my dreams did happen, but much less sensationally. For instance, before he proposed, he took me to see a local production of A Chorus Line.
In “Faceless Man,” Clare had these dreams, they pointed her to this dream guy, and that was about it. The story was fun, but pretty flat. There wasn’t enough heart. There wasn’t enough tension. I put the book to the side for almost nine years.
Then, after completing breast cancer treatment in early 2023, big idea number two hit me (seriously, I can never have just one big idea for these things): What would happen if Clare had breast cancer, but also, what would happen if she didn’t? What if the story had two timelines with the ways her life could go if that dreaded phone call went two different ways? I had obviously been contemplating this scenario in my own life and thought it would be therapeutic to work it out through my fiction.
The final version of the book still has the faceless-person dreams, but this time, they’re different depending on the timeline. Clare’s bisexual, and in one timeline the dreams start pointing her toward a male, and in the other a female. In the timeline where she has breast cancer, the cancer diagnosis and story are my own, though fictionalized slightly to work within the confines of the narrative.
Oh, and the title? When I announced on social media that I had breast cancer back in 2022, I said on social media that “Cancer is only going to be a chapter in my life, and not the whole story.” Thus, Only a Chapter was born.
Only a Chapter: Amazon|Space Wizard
Today’s Adventures in Dentistry [Whatever]
Ever have that dream where your teeth fall out? Well, it’s not a dream in my case; last night, while chewing, one of my crowns tried to escape. Fortunately I realized what was happening before I bit down, and therefore saved the thing for the appointment my accommodating dentist arranged for me this morning.
The good news is the crown is now safely back in my head; the less great news is now this formerly-permanent crown is a temporary, and I have to go back in a couple of weeks to get a new permanent crown. Dentistry is confusing, y’all.
Anyway, that’s been my last 15 hours. How are you?
— JS
Microspeak: top of mind [The Old New Thing]
Although I have citations going back to 2011, the phrase top of mind snuck up me and has established itself in Microspeak.
It’s never the full idiomatic phrase on the top of my mind. It just the shorthand top of mind.
Let’s try to figure this out together. Here my earliest citation, from 2011:
Please join (senior executives) for our Employee Town Hall. This is a great time to hear what’s top of mind for them and get a preview of new products under development.
In this case, it seems that top of mind for X is just shorthand for “on the top of X’s mind”.
This simple explanation holds up in my second citation from 2013:
Our first town hall of 2013 is all about what’s top of mind for you. (Senior executive) will be joined by (person) for a live Q&A discussion. This is a great opportunity for you to hear (senior executive)’s perspective on what’s happening in the technology industry as well as his view on what we accomplished in the first half of this year and what’s in store for the second half.
This time, it seems to be “all about what’s on the top of your mind.” Though maybe not, because the event bills itself as giving you a chance to hear the senior executive’s thoughts on various topics, rather than hearing the senior executive’s thoughts on topics that are on your mind. So maybe it’s about topics that “should be on the top of your mind”?
So far, the term seems to be reserved for Town Hall meetings with senior executives, but that changes in my third citation, also from 2013:
We (event organizers) kept this direction top of mind as we designed and developed our agenda.
The for X has disappeared, presumably with for us implied. And the term is now being used with respect to the thoughts of event organizers rather than the thoughts of a senior executive.
The next citation comes from an internal 2014 marketing newsletter.
We took out ads highlighting a variety of X products to keep them top of mind.
If you continue with the assumption that for us is implied, then this leads to the silly conclusion that they took out ads in order to help themselves remember their own products! Presumably the implied phrase in this case is for current and future customers.
Although the phrase is spreading in applicability, top of mind continues to be dominated in my citations to situations in which a senior executive shares their thoughts with a large group of people, usually in a meeting, but also as a newsletter, email, or video.
I (senior executive) wanted to share with you a bit about what is top of mind for me at both a business and a personal level.
Here’s a usage as a label for a recording of a recent meeting.
(Senior executive) Top of Mind
As we start H2 (senior executive) shares his Top of Mind.
Notice how the phrase has now become a proper noun with capital letters. It has become a Thing. Also, the top of mind for X phrasing has changed to X’s Top of Mind, further solidifying its status as a proper noun.
As the popularity of the term spreads, its usage also becomes muddier.
At this meeting, (senior executive) will share their thoughts on what is top of mind for employees.
Is “share their thoughts on what is top of mind for employees” saying “share their answers to questions that employees are thinking about”? Or is it saying “share their guesses for what they think employees are thinking about”?
(upper manager) and (upper manager) will share what’s top of mind for the team.
This is even stranger. Using our for X formulation, it seems to be saying “share what’s on the top of the team’s mind”, as if they will be performing a psychic reading to tell the team what they are thinking about. (“I see a difficult bug, it has some crashes. Does that sound like something that is worrying you?”) Or maybe “share what’s top of mind for the team” is trying to say “to share what issues related to the team are on the top of their minds”, or possibly even “to share what they think should be on the top of the team’s mind”.
But really, it doesn’t matter what top of mind means any more. It’s just a phrase you throw out to sound hip and cool. Even it doesn’t make sense, that’s okay, because nobody reading it knows what it means either.¹ The phrase is just the mechanism for a collaborative delusion that communication is taking place.
As one my colleagues astutely pointed out, most Microspeak starts at the top. When a senior executive uses a particular phrase, it becomes fashionable for others to use it, and when it becomes established in the culture, it turns into Microspeak.
For example, it is now in vogue for upper managers, not quite at senior executive level, to publish documents or send out email titled “Top of Mind for (date)”.
Here are some other examples of the phrase trickling down, used by people who are regular everyday employees, not managers or senior executives.
There are three topics that were top of mind in my previous update.
The top of mind engagement is to enable (feature) support for key apps that would benefit from it.
I think this next citation gives clear evidence that the term has devolved to just meaning “things of note” rather than “things that are at the forefront of my thoughts”:
Top of mind
- TPS reports are due at the end of the month.
- The Giving Campaign has come to a close! Thanks to all who helped organize events throughout the month, as well as employees for giving time and donations.
- November is Native American Heritage Month.
I doubt these topics have been occupying the speaker’s thoughts. It’s now just a bullet list of things to mention.
¹ The great thing about making a promise that nobody can understand is that nobody can call you to task for failing to live up to it!
The post Microspeak: top of mind appeared first on The Old New Thing.
Pluralistic: More Everything Forever (22 Apr 2025) [Pluralistic: Daily links from Cory Doctorow]
ForeverAstrophysicist Adam Becker knows a few things about science and technology – enough to show, in a new book called More Everything Forever that the claims that tech bros make about near-future space colonies, brain uploading, and other skiffy subjects are all nonsense dressed up as prediction:
https://www.hachettebookgroup.com/titles/adam-becker/more-everything-forever/9781541619593/
Becker investigates the personalities, the ideologies, the coalitions, the histories, and crucially, the grifts behind such science fictional pursuits as infinite life-extension, space colonization, automation panic, AI doomerism, longtermism, effective altruism, rationalism, and conciousness uploading.
This is, loosely speaking, the bundle of ideologies that Timnit Gebru and Émile P. Torres dubbed TESCREAL (transhumanism, Extropianism, singularitarianism, (modern) cosmism, Rationalism, Effective Altruism, and longtermism):
https://en.wikipedia.org/wiki/TESCREAL
While these are largely associated with modern Silicon Valley esoteric techbros (and the odd Oxfordian like Nick Bostrom), they have very deep roots, which Becker excavates – like Nikolai Fyodorov's 18th century "cosmism," a project to "scientifically" resurrect everyone who ever lived inside of a simulation:
https://en.wikipedia.org/wiki/Nikolai_Fyodorov_(philosopher)
In their modern incarnation, these ideas largely originate in science fiction novels. That is to say, they were made up and popularized by people like me, the vast majority of whom made no pretense of being able to predict the future or even realistically describe a path from the present to the future they were presenting. Science fiction is something between a card trick and a consensual con game, where the writer shows you just enough detail to make you think that the rest of it must be lurking somewhere in the wings. No one in sf has ever explained how consciousness uploading could possibly work, and neither have any of the advocates for consciousness uploading – the difference is that (most of) the sf writers know they're just making stuff up.
Becker's central question is how many "smart" people (some of them very smart and accomplished, others merely very certain that they are smart despite all evidence to the contrary) can mistake futuristic allegories made up by pulp writers for prophesy?
In answering this question, he uncovers a corollary of Upton Sinclair's famous maxim that "it is difficult to get a man to understand something, when his salary depends on his not understanding it," namely, that "it is easy to get a person to believe something when doing so will make them feel good about themselves."
The beliefs that Becker explores in this book sometimes make the believers rich (like the AI grifters who run around shouting about AI taking over the world and turning us all into paperclips). Sometimes, they make their believers feel good about being selfish assholes (like longtermism, which holds that all the misery in the world today is worth it if you can make 24 heptillion hypothetical simulated people just a little happy in 10,000 years). Sometimes, they make their believers feel good about life after death, or eternal life – the same pitch that religions have been roping in followers with since the stone age.
What differentiates these beliefs from other faith-based claims is that their followers claim that they aren't operating on faith, but on science, reason and rationality. This is where the fact that Becker is a bona fide astrophysicist comes in. Not only is he personally qualified to debunk claims about space colonization, but he's also familiar with the rigorous process of scientific inquiry, and capable of consulting experts and listening to them. That's how he concludes, for example, that having your head cut off and frozen when you die is just a form of corpse mutilation, with a zero point zero zero zero zero percent chance of someone recovering your mind from your freezerburned brain.
Like his subjects, Becker has a complicated relationship with science fiction. He, too, enjoys the imaginative flights of the genre, its delightful thought-experiments, its gnarly moral conundra. I love these too. They make for a fascinating and often useful lens for understanding and challenging our own relationship with technology and our very humanity. Ultimately, Becker is exploring the difference between reading sf because it makes you think in new ways, and reading sf as a kind of prophetic text, and – crucially – he's asserting that it's perfectly possible to enjoy this stuff without organizing your moral life around hypothetical heptillions of virtual people living in the year 25,000; or, indeed, having your head cut off and frozen.
The limits of transparency: Data brokers and commodification https://academicworks.cuny.edu/cgi/viewcontent.cgi?article=1177&context=qc_pubs
Jean-Léon Huens https://70s-sci-fi-art.ghost.io/jean-leon-huens-2/?ref=70s-sci-fi-art-newsletter (h/t Sal Fadhley)
#20yrsago Fit 20 functions into a single 5.25″ drive bay https://web.archive.org/web/20050311060916/http://www.xoxide.com/sunbeam-superior-panel.html
#20yrsago Ghana nationalizes folklore, threatens jail for folk artists https://www.modernghana.com/entertainment/2319/expert-criticises-copyright-bill.html
#20yrsago MPAA bribing NYC cops to bust bootleg DVD sellers? https://nypost.com/2005/04/21/police-payoff-probe-dvd-busters-eyed/
#10yrsago Sony sends pre-emptive threat letter to journalists https://www.techdirt.com/2015/04/21/our-response-to-sony-sending-us-threat-letter-reporting-companys-leaked-emails/
#5yrsago Smart bassinet can be remotely hacked https://pluralistic.net/2020/04/21/all-in-it-together/#shaken-baby-syndrome
#5yrsago Australian regulator takes up Right to Repair for tractors https://pluralistic.net/2020/04/21/all-in-it-together/#tenant-farmers
#5yrsago Texas AG: We'll imprison people who warn about getting covid while voting https://pluralistic.net/2020/04/21/all-in-it-together/#ken-paxton
#5yrsago Amazon workers plan nationwide walkout https://pluralistic.net/2020/04/21/all-in-it-together/#leverage
#5yrsago Whole Foods has a union-busting "heatmap" app https://pluralistic.net/2020/04/21/all-in-it-together/#guard-labor-v-redistribution
#5yrsago Talking bunker-busting with Trashfuture https://pluralistic.net/2020/04/21/all-in-it-together/#trashfuture
#5yrsago Multi-level dungeon built into the drawers of an old dresser https://pluralistic.net/2020/04/21/all-in-it-together/#peter-heeringa
#5yrsago Every Covid-19 Commerical is Exactly the Same https://pluralistic.net/2020/04/21/all-in-it-together/#b-roll
#5yrsago Private equity blew millions on pro-surprise-billing ads while cutting doctor pay https://pluralistic.net/2020/04/21/all-in-it-together/#doctor-patient-unity
#5yrsago Podcasting John Scalzi's The Last Emperox https://pluralistic.net/2020/04/21/all-in-it-together/#scalzi
#5yrsago Phishers deploy fake contact-tracing warnings https://pluralistic.net/2020/04/21/all-in-it-together/#co-evolution
Wellingon: Unity Books, May 3, 3PM
https://www.unitybooks.co.nz/news-and-events/author-talk-picks-and-shovels-by-cory-doctorow
Pittsburgh: Picks and Shovels at White Whale Books, May 15
https://whitewhalebookstore.com/events/20250515
Pittsburgh: PyCon, May 16
https://us.pycon.org/2025/schedule/
PDX: Teardown 2025, Jun 20-22
https://www.crowdsupply.com/teardown/portland-2025
PDX: Picks and Shovels with bunnie Huang at Barnes and Noble,
Jun 20
https://stores.barnesandnoble.com/event/9780062183697-0
London: How To Academy with Riley Quinn, Jul 1
https://howtoacademy.com/events/cory-doctorow-the-fight-against-the-big-tech-oligarchy/
Manchester: Picks and Shovels at Blackwell's Bookshop, Jul 2
https://www.eventbrite.co.uk/e/an-evening-with-cory-doctorow-tickets-1308451968059
Manchester: Co-operatives UK Co-op Congress keynote, Jul 3
https://www.uk.coop/events-and-training/events-calendar/co-op-congress-2025-book-your-place
New Orleans: DeepSouthCon63, Oct 10-12, 2025
http://www.contraflowscifi.org/
Fightback Against Trump's Tariff Attack (Avi Lewis)
https://www.youtube.com/watch?v=P9sgIAc6z_o
The Voice of Canadian Humanism
https://open.spotify.com/episode/7uuwdZTIbWzKhBQ3mmMiRv?context=spotify%3Ashow%3A6N5hl8on16CfaeYArrKyqZ
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org). Signed, personalized copies at Dark Delicacies (https://www.darkdel.com/store/p3007/Pre-Order_Signed_Copies%3A_The_Lost_Cause_HB.html#/)
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com. Signed copies at Dark Delicacies (US): and Forbidden Planet (UK): https://forbiddenplanet.com/385004-red-team-blues-signed-edition-hardcover/.
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
"Attack Surface": The third Little Brother novel, a standalone technothriller for adults. The Washington Post called it "a political cyberthriller, vigorous, bold and savvy about the limits of revolution and resistance." Order signed, personalized copies from Dark Delicacies https://www.darkdel.com/store/p1840/Available_Now%3A_Attack_Surface.html
"How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet analyzing the true harms of surveillance capitalism and proposing a solution. https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59?sk=f6cd10e54e20a07d4c6d0f3ac011af6b) (signed copies: https://www.darkdel.com/store/p2024/Available_Now%3A__How_to_Destroy_Surveillance_Capitalism.html)
"Little Brother/Homeland": A reissue omnibus edition with a new introduction by Edward Snowden: https://us.macmillan.com/books/9781250774583; personalized/signed copies here: https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html
"Poesy the Monster Slayer" a picture book about monsters, bedtime, gender, and kicking ass. Order here: https://us.macmillan.com/books/9781626723627. Get a personalized, signed copy here: https://www.darkdel.com/store/p2682/Corey_Doctorow%3A_Poesy_the_Monster_Slayer_HB.html#/.
Unauthorized Bread: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026
Enshittification, Why Everything Suddenly Got Worse and What to Do About It (the graphic novel), Firstsecond, 2026
The Memex Method, Farrar, Straus, Giroux, 2026
Today's top sources:
Currently writing:
A Little Brother short story about DIY insulin PLANNING
Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS FEB 2025
Latest podcast: Nimby and the D-Hoppers CONCLUSION https://craphound.com/stories/2025/04/13/nimby-and-the-d-hoppers-conclusion/
This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Medium (no ads, paywalled):
Twitter (mass-scale, unrestricted, third-party surveillance and advertising):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
Windows Recall failed the moose test, and nobody will ever forget it [OSnews]
Ars Technica took a look at how the current version of Windows Recall works, including the improvements Microsoft made since the initial security nightmare of a rollout, and concludes:
Recall continues to demand an extraordinary level of trust that Microsoft hasn’t earned. However secure and private it is—and, again, the version people will actually get is much better than the version that caused the original controversy—it just feels creepy to open up the app and see confidential work materials and pictures of your kid. You’re already trusting Microsoft with those things any time you use your PC, but there’s something viscerally unsettling about actually seeing evidence that your computer is tracking you, even if you’re not doing anything you’re worried about hiding, even if you’ve excluded certain apps or sites, and even if you “know” that part of the reason why Recall requires a Copilot+ PC is because it’s processing everything locally rather than on a server somewhere.
↫ Andrew Cunningham at Ars Technica
Way back in 1996, Mercedes-Benz unveiled the A-Class, a small, practical car that purported to be more premium than cheaper, similarly-sized cars from other brands. The car had a big problem, though – it was unusually narrow and tall, and because of it, it famously failed spectacularly at the “moose test”, in which a car has to suddenly swerve around a “moose” on the road. The car simply toppled over, and after initially denying the problem, Mercedes recalled every single A-Class sold and added a variety of mitigations like electronic stability control and suspension changes. As far as I can recall, it fixed the issue.
To this day, however, I cannot look at an A-Class, even the modern ones which look like normal hatchbacks and bear effectively zero resemblance to the original, quirky A-Class from 1996, and not think of the failed moose test and the recall. I know the modern A-Class won’t fail that test, and I know it’s an infinitely safer car than the original one, but my brain still makes that connection every time I see one. A lot of people my age, whether they’re into cars or not, seem to remember this recall, because the original A-Class was such a unique and recognisable vehicle at the time, especially coming from Mercedes.
My point is – Recall will face this same issue. No matter how secure Microsoft makes it, no matter how much they claim and prove it only runs locally, no matter how hard they try and hammer on the fact data never leaves your PC, people will always think of that initial botched rollout, and all the accurate reporting that Recall was a nightmare. And it just so happens that the skepticism is warranted, and hopefully keeps people from using this corporate Trojan horse.
Vibe Coding, Vibe Checking, and Vibe Blogging [Radar]
For the past decade and a half, I’ve been exploring the intersection of technology, education, and design as a professor of cognitive science and design at UC San Diego. Some of you might have read my recent piece for O’Reilly Radar where I detailed my journey adding AI chat capabilities to Python Tutor, the free visualization tool that’s helped millions of programming students understand how code executes. That experience got me thinking about my evolving relationship with generative AI as both a tool and a collaborator.
I’ve been intrigued by this emerging practice called “vibe coding,” a term coined by Andrej Karpathy that’s been making waves in tech circles. Simon Willison describes it perfectly: “When I talk about vibe coding I mean building software with an LLM without reviewing the code it writes.” The concept is both liberating and slightly terrifying—you describe what you need, the AI generates the code, and you simply run it without scrutinizing each line, trusting the overall “vibe” of what’s been created.
My relationship with this approach has evolved considerably. In my early days of using AI coding assistants, I was that person who meticulously reviewed every single line, often rewriting significant portions. But as these tools have improved, I’ve found myself gradually letting go of the steering wheel in certain contexts. Yet I couldn’t fully embrace the pure “vibe coding” philosophy; the professor in me needed some quality assurance. This led me to develop what I’ve come to call “vibe checks”—strategic verification points that provide confidence without reverting to line-by-line code reviews. It’s a middle path that’s worked surprisingly well for my personal projects, and today I want to share some insights from that journey.
I’ve found myself increasingly turning to vibe coding for those one-off scripts that solve specific problems in my workflow. These are typically tasks where explaining my intent is actually easier than writing the code myself, especially for data processing or file manipulation jobs where I can easily verify the results.
Let me walk you through a recent example that perfectly illustrates this approach. For a class I teach, I had students submit responses to a survey using a proprietary web app that provided an HTML export option. This left me with 250 HTML files containing valuable student feedback, but it was buried in a mess of unnecessary markup and styling code. What I really wanted was clean Markdown versions that preserved just the text content, section headers, and—critically—any hyperlinks students had included in their responses.
Rather than writing this conversion script myself, I turned to Claude with a straightforward request: “Write me a Python script that converts these HTML files to Markdown, preserving text, basic formatting, and hyperlinks.” Claude suggested using the BeautifulSoup library (a solid choice) and generated a complete script that would process all files in a directory, creating a corresponding Markdown file for each HTML source.
(In retrospect, I realized I probably could have used Pandoc for this conversion task. But in the spirit of vibe coding, I just went with Claude’s suggestion without overthinking it. Part of the appeal of vibe coding is bypassing that research phase where you compare different approaches—you just describe what you want and roll with what you get.)
True to the vibe coding philosophy, I didn’t review the generated code line by line. I simply saved it as a Python file, ran it on my directory of 250 HTML files, and waited to see what happened. This “run and see” approach is what makes vibe coding both liberating and slightly nerve-wracking—you’re trusting the AI’s interpretation of your needs without verifying the implementation details.
The moment I hit “run” on that vibe-coded script, I realized something that might make many developers cringe: I was executing completely unreviewed code on my actual computer with real data. In traditional software development, this would be considered reckless at best. But the dynamics of trust feel different with modern AI tools like Claude 3.7 Sonnet, which has built up a reputation for generating reasonably safe and functional code.
My rationalization was partly based on the script’s limited scope. It was just reading HTML files and creating new Markdown files alongside them—not deleting, modifying existing files, or sending data over the network. Of course, that’s assuming the code did exactly what I asked and nothing more! I had no guarantees that it didn’t include some unexpected behavior since I hadn’t looked at a single line.
This highlights a trust relationship that’s evolving between developers and AI coding tools. I’m much more willing to vibe code with Claude or ChatGPT than I would be with an unknown AI tool from some obscure website. These established tools have reputations to maintain, and their parent companies have strong incentives to prevent their systems from generating malicious code.
That said, I’d love to see operating systems develop a “restricted execution mode” specifically designed for vibe coding scenarios. Imagine being able to specify: “Run this Python script, but only allow it to CREATE new files in this specific directory, prevent it from overwriting existing files, and block internet access.” This lightweight sandboxing would provide peace of mind without sacrificing convenience. (I mention only restricting writes rather than reads because Python scripts typically need to read various system files from across the filesystem, making read restrictions impractical.)
Why not just use VMs, containers, or cloud services? Because for personal-scale projects, the convenience of working directly on my own machine is hard to beat. Setting up Docker or uploading 250 HTML files to some cloud service introduces friction that defeats the purpose of quick, convenient vibe coding. What I want is to maintain that convenience while adding just enough safety guardrails.
OK now come the “vibe checks.” As I mentioned earlier, the nice thing about these personal data processing tasks is that I can often get a sense of whether the script did what I intended just by examining the output. For my HTML-to-Markdown conversion, I could open up several of the resulting Markdown files and see if they contained the survey responses I expected. This manual spot-checking works reasonably well for 250 files, but what about 2,500 or 25,000? At that scale, I’d need something more systematic.
This is where vibe checks come into play. A vibe check is essentially a simpler script that verifies a basic property of the output from your vibe-coded script. The key here is that it should be much simpler than the original task, making it easier to verify its correctness.
For my HTML-to-Markdown conversion project, I realized I could use a straightforward principle: Markdown files should be smaller than their HTML counterparts since we’re stripping away all the tags. But if a Markdown file is dramatically smaller—say, less than 40% of the original HTML size—that might indicate incomplete processing or content loss.
So I went back to Claude and vibe coded a check script. This script simply:
And lo and behold, the vibe check caught several files where the conversion was incomplete! The original script had failed to properly extract content from certain HTML structures. I took these problematic files, went back to Claude, and had it refine the original conversion script to handle these edge cases.
After a few iterations of this feedback loop—convert, check, identify issues, refine—I eventually reached a point where there were no more suspiciously small Markdown files (well, there were still a few below 40%, but manual inspection confirmed these were correct conversions of HTML files with unusually high markup-to-content ratios).
Now you might reasonably ask: “If you’re vibe coding the vibe check script too, how do you know that script is correct?” Would you need a vibe check for your vibe check? And then a vibe check for that check? Well, thankfully, this recursive nightmare has a practical solution. The vibe check script is typically an order of magnitude simpler than the original task—in my case, just comparing file sizes rather than parsing complex HTML. This simplicity made it feasible for me to manually review and verify the vibe check code, even while avoiding reviewing the more complex original script.
Of course, my file size ratio check isn’t perfect. It can’t tell me if the content was converted with the proper formatting or if all hyperlinks were preserved correctly. But it gave me a reasonable confidence that no major content was missing, which was my primary concern.
The take-home message here is simple but powerful: When you’re vibe coding, always build in vibe checks. Ask yourself: “What simpler script could verify the correctness of my main vibe-coded solution?” Even an imperfect verification mechanism dramatically increases your confidence in results from code you never actually reviewed.
This approach strikes a nice balance between the speed and creative flow of pure vibe coding and the reliability of more rigorous software development methodologies. Think of vibe checks as lightweight tests—not the comprehensive test suites you’d write for production code, but enough verification to catch obvious failures without disrupting your momentum.
What excites me about the future is the potential for AI coding tools to suggest appropriate vibe checks automatically. Imagine if Claude or similar tools could not only generate your requested script but also proactively offer: “Here’s a simple verification script you might want to run afterward to ensure everything worked as expected.” I suspect if I had specifically asked for this, Claude could have suggested the file size comparison check, but having this built into the system’s default behavior would be incredibly valuable. I can envision specialized AI coding assistants that operate in a semi-autonomous mode—writing code, generating appropriate checks, running those checks, and involving you only when human verification is truly needed.
Combine this with the kind of sandboxed execution environment I mentioned earlier, and you’d have a vibe coding experience that’s both freeing and trustworthy—powerful enough for real work but with guardrails that prevent catastrophic mistakes.
And now for the meta twist: This entire blog post was itself the product of “vibe blogging.” At the start of our collaboration, I uploaded my previous O’Reilly article,”Using Generative AI to Build Generative AI” as a reference document. This gave Claude the opportunity to analyze my writing style, tone, and typical structure—much like how a human collaborator might read my previous work before helping me write something new.
Instead of writing the entire post in one go, I broke it down into sections and provided Claude with an outline for each section one at a time. For every section, I included key points I wanted to cover and sometimes specific phrasings or concepts to include. Claude then expanded these outlines into fully formed sections written in my voice. After each section was drafted, I reviewed it—my own version of a “vibe check”—providing feedback and requesting revisions until it matched what I wanted to say and how I wanted to say it.
This iterative, section-by-section approach mirrors the vibe coding methodology I’ve discussed throughout this post. I didn’t need to write every sentence myself, but I maintained control over the direction, messaging, and final approval. The AI handled the execution details based on my high-level guidance, and I performed verification checks at strategic points rather than micromanaging every word.
What’s particularly interesting is how this process demonstrates the same principles of trust, verification, and iteration that I advocated for in vibe coding. I trusted Claude to generate content in my style based on my outlines, but I verified each section before moving to the next. When something didn’t quite match my intent or tone, we iterated until it did. This balanced approach—leveraging AI capabilities while maintaining human oversight—seems to be the sweet spot for collaborative creation, whether you’re generating code or content.
[Claude speaking]
Looking back at our vibe blogging experiment, I should acknowledge that Philip noted the final product doesn’t fully capture his authentic voice, despite having his O’Reilly article as a reference. But in keeping with the vibe philosophy itself, he chose not to invest excessive time in endless refinements—accepting good-enough rather than perfect.
Working section-by-section without seeing the full structure upfront created challenges, similar to painting parts of a mural without seeing the complete design. I initially fell into the trap of copying his outline verbatim rather than transforming it properly.
This collaboration highlights both the utility and limitations of AI-assisted content creation. I can approximate writing styles and expand outlines but still lack the lived experience that gives human writing its authentic voice. The best results came when Philip provided clear direction and feedback.
The meta-example perfectly illustrates the core thesis: Generative AI works best when paired with human guidance, finding the right balance between automation and oversight. “Vibe blogging” has value for drafts and outlines, but like “vibe coding,” some form of human verification remains essential to ensure the final product truly represents what you want to say.
[Philip speaking so that humans get the final word…for now]
OK, this is the only part that I wrote by hand: My parting thought when reading over this post is that I’m not proud of the writing quality (sorry Claude!), but if it weren’t for an AI tool like Claude, I would not have written it in the first place due to lack of time and energy. I had enough energy today to outline some rough ideas, then let Claude do the “vibe blogging” for me, but not enough to fully write, edit, and fret over the wording of a full 2,500-word blog post all by myself. Thus, just like with vibe coding, one of the great joys of “vibe-ing” is that it greatly lowers the activation energy of getting started on creative personal-scale prototypes and tinkering-style projects. To me, that’s pretty inspiring.
Faikin Remote [RevK®'s ramblings]
We have done a lot of small PCB designs over the years, but by far the most popular is my Faikin board. Reports are that even Daikin have recommended it to people wanting Home Assistant integration! It allows control of a lot of Daikin air conditioners over WiFi, MQTT, web, and Home Assistant. Constantly improving, and easy to use with local working not cloud based.
My latest design idea is a rework of a previous "environmental monitor", but specifically targeted at the Faikin users. The concept is that it can be a display and control for the Faikin. Whilst some ducted Daikin have a wall mount control, it is not cheap, so this would work with those and the more typical wall mount Daikin that do not support a wall mount display.
Key functions would be:
But the idea is the board can work with no display as reference temperature or just an environmental monitor for Home Assistant without a Faikin involved.
This is the current board design.
The expensive CO₂ sensor would be optional as it adds over $20 to the cost. Both the tab for it, and the 5 way joystick button, could be snapped off for a purely display or monitoring application.
A Waveshare 2" display fits on the front. Full colour 240x320 pixel. It is designed to fit the header so it can be removed if needed to access WAGOs, etc. The display adds another $20 at least.
I want to make the user interface simple - anything beyond the basic controls for the aircon you have to do via web interface. That should make it easy to use.
The idea is a joystick allows change of target temp (up/down) or switch to other setting (left/right) and change of mode and fan speed, as well as simple push on/off.
Whilst it can all work over WiFi and MQTT, my plan is to link to Faikin using BLE as well, both ways. So Faikin reports mode/status, and this advises control and current reference temperature. This should make it extra robust with no need for WiFi or internet to continue working. The plan is a simple announcement BLE, not a connection, much like the many cheap BLE temperature/humidity sensors that exist.
The current set of sensors include:
All of these would report to Home Assistant as needed, and also report control and one reference temperature of choice to Faikin.
And yes, too many temp sensors, so system will allow a config of which are used and per sensor offset (to allow for heat via PCB). I may even allow averaging of multiple sensors. It will be interesting to see how this all works. DS18B20 are great for adding an "outdoor" sensor to report to HA as well.
My existing EPD app which is general signage will be extended to handle the sensors as things to display so this can be simply used as a generic environmental display (and HA integration). Indeed this is likely to be the first code I do for these new boards, without a Faikin link.
The basic board needs to be sold with and without the SCD41 CO₂ module. The board is likely $30 and the SCD41 adds at least $20 to that, probably more like $30. Not everyone wants CO₂ and humidity. The fluctuating value of the dollar is a pain in this all.
And then I may package with Waveshare 2" display, 8 way 0.1" pitch header, and extra M2 screws. This is likely another $20 or even $30.
Maybe even with DS18B20 sensor as an option. These are quite cheap.
I am not sure I want to do 3D case printing, but I plan a number of STL files.
Tindie makes such options simple, so that is likely the main sales channel initially. We'll see about Amazon as well. Those with A&A accounts will be able to order direct as always.
The first boards (no button) have arrived. I have decided I'll try the TI TMP1075 as an alternative temperature sensor. In practice it seems a DS18B20 is best as it is separate from the board, closely followed by the SCD41. The MCP9808 (and presumably the TMP1075) suffers from some local heating from the PCB. The GZP6816D is close to the ESP32 and so not good at all for temperature (it is there for pressure). The T6793 CO2 sensor is not good, gives silly values (yes, I checked, and this is not a driver error), is bulky, needs 5V (does not work on 3.3V) and is actually not that much cheaper than the SCD41. The VEML6040 light sensor works well, but is a fun exercise for the casework.
All comments welcome.,
Security updates for Tuesday [LWN.net]
Security updates have been issued by AlmaLinux (java-1.8.0-openjdk, kernel, libxslt, mod_auth_openidc:2.3, and webkit2gtk3), Fedora (c-ares, giflib, jupyterlab, perl, perl-Devel-Cover, perl-PAR-Packer, prometheus-podman-exporter, python-notebook, python-pydantic-core, rpki-client, ruby, rust-adblock, rust-cookie_store, rust-gitui, rust-gstreamer, rust-icu_collections, rust-icu_locid, rust-icu_locid_transform, rust-icu_locid_transform_data, rust-icu_normalizer, rust-icu_normalizer_data, rust-icu_properties, rust-icu_properties_data, rust-icu_provider, rust-icu_provider_macros, rust-idna, rust-idna_adapter, rust-litemap, rust-ron, rust-sequoia-openpgp, rust-sequoia-openpgp1, rust-tinystr, rust-url, rust-utf16_iter, rust-version-ranges, rust-write16, rust-writeable, rust-zerovec, rust-zip, thunderbird, and uv), SUSE (erlang, erlang26, and govulncheck-vulndb), and Ubuntu (mosquitto).
If you're a young person contemplating a career in tech, great! It's fun, and you can help people doing this. But please don't listen to the VCs and entrepreneurs who say it's all about changing the world. Instead think of it this way -- you're going to create tools for people who may change the world, in collaboration with lots of other people. No one person is that smart and experienced that they know what's best for the world. The stories you heard about great inventors probably aren't true. And the ones who actually changed the world, may not have changed it for the better. Look at what happened with Twitter as a cautionary tale. Imho it would have been better if the founders had made less money, and opened the door for lots of competition right from the start. That's the philosophy of the web. Instead they captured the web, amputated all its good features, and locked it in the trunk and then cut off its air supply. That was inevitable given the path they went down. Yes they changed the world, and in turn are creating a lot of misery. You don't want to do that, brilliant young tech person, right? Let's make the world better, one little evolutionary step at a time. More about this in yesterday's post.
A video demo that shows how to set categories in WordLand, and I ramble through lots of philosophy and trivia. But the answer is right up front so you can skip all that michegas. ;-)
Many good points in yesterday’s unusual Olbermann podcast, but the one that stuck with me is that at some point Republican incumbents will figure they don’t have a future in what Trump is trying to create and thus have everything to lose if he prevails. He thinks senator Lisa Murkowski (R-Alaska) may already be there.
When Steve's employer went hunting for a new customer relationship management system (CRM), they had some requirements. A lot of them were around the kind of vendor support they'd get. Their sales team weren't the most technical people, and the company wanted to push as much routine support off to the vendor as possible.
But they also needed a system that was extensible. Steve's company had many custom workflows they wanted to be able to execute, and automated marketing messages they wanted to construct, and so wanted a CRM that had an easy to use API.
"No worries," the vendor sales rep said, "we've had a RESTful API in our system for years. It's well tested and reliable. It's JSON based."
The purchasing department ground their way through the purchase order and eventually they started migrating to the new CRM system. And it fell to Steve to start learning the JSON-based, RESTful API.
"JSON"-based was a more accurate description.
For example, an API endpoint might have a schema like:
DeliveryId: int // the ID of the created delivery
Errors: xml // Collection of errors encountered
This example schema is representative. Many "JSON" documents contained strings of XML inside of them.
Often, this is done when an existing XML-based API is "modernized", but in this case, the root cause is a little dumber than that. The system uses SQL Server as its back end, and XML is one of the native types. They just have a stored procedure build an XML object and then return it as an output parameter.
You'll be surprised to learn that the vendor's support team had a similar level of care: they officially did what you asked, but sometimes it felt like malicious compliance.
Technical debt and AI slop [Seth's Blog]
Technical debt is easy to incur. It’s unnecessary added features, undocumented code, support for outmoded interactions and anything that slows down your ability to update and upgrade your work. Tech debt is the combination of doing what feels right at the time, in a hurry, and then having to maintain it and understand it going forward.
Vibe coding, which is a rising trend, pairs a human programmer with an AI like chatGPT. The AI is doing most of what a human used to do, and generating far more lines of code per hour than a person might. The problem is that often, no one knows exactly how the code works, which means it’s going to be difficult to fix when it breaks or needs an upgrade.
And as AI starts to create data sets (by reviewing, for example, response rates to emails or designs), those data sets are going to be so multi-dimensional that only an AI will be able to make sense of them.
The end result will be as the end result often is–the first one now will later be last. The shortcuts might not be the best way to get to where you’re going.
Get the system architecture right first. Document it, streamline it and test it. Then divide the components into small pieces and let AI finish the work. Fixing a defective brick is far more cost effective than re-architecting an entire building.
US-deported Venezuelans now pawns, SLV [Richard Stallman's Political Notes]
The persecutor has sent hundreds of Venezuelan refugees to El Salvador which engaged to hold them in prison without trial. Now El Salvador is offering to release many of them to Venezuela in exchange for Venezuela's political prisoners.
Such an exchange might be good, if we could assume that (1) the Venezuelans now in El Salvador want to go to Venezuelans and would be safe there, and (2) the prisoners now in Venezuela want to go to El Salvador and would be safe there.
I can't tell from the article whether any of that would be so.
Feeding the exploiter more wins [Richard Stallman's Political Notes]
Ariel Dorfman imagines new kinds of honors that might be bestowed on the bullshitter.
Mass rallies condemn regime, US [Richard Stallman's Political Notes]
Robert Reich: mass rallies to condemn the bully are a display of courage, which inspires courage in those who felt helpless to resist.
Tesla odometer as warranty cheater [Richard Stallman's Political Notes]
*Tesla accused of hacking odometers to weasel out of warranty repairs.*
Perhaps we should make a legal requirement for odometers to be implemented such that other systems in the car cannot override their settings.
Whistleblower: DOGE Siphoned NLRB Case Data [Krebs on Security]
A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk‘s Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured to leave few traces of network activity. The NLRB whistleblower said the unusual large data outflows coincided with multiple blocked login attempts from an Internet address in Russia that tried to use valid credentials for a newly-created DOGE user account.
The cover letter from Berulis’s whistleblower statement, sent to the leaders of the Senate Select Committee on Intelligence.
The allegations came in an April 14 letter to the Senate Select Committee on Intelligence, signed by Daniel J. Berulis, a 38-year-old security architect at the NLRB.
NPR, which was the first to report on Berulis’s whistleblower complaint, says NLRB is a small, independent federal agency that investigates and adjudicates complaints about unfair labor practices, and stores “reams of potentially sensitive data, from confidential information about employees who want to form unions to proprietary business information.”
The complaint documents a one-month period beginning March 3, during which DOGE officials reportedly demanded the creation of all-powerful “tenant admin” accounts in NLRB systems that were to be exempted from network logging activity that would otherwise keep a detailed record of all actions taken by those accounts.
Berulis said the new DOGE accounts had unrestricted permission to read, copy, and alter information contained in NLRB databases. The new accounts also could restrict log visibility, delay retention, route logs elsewhere, or even remove them entirely — top-tier user privileges that neither Berulis nor his boss possessed.
Berulis writes that on March 3, a black SUV accompanied by a police escort arrived at his building — the NLRB headquarters in Southeast Washington, D.C. The DOGE staffers did not speak with Berulis or anyone else in NLRB’s IT staff, but instead met with the agency leadership.
“Our acting chief information officer told us not to adhere to standard operating procedure with the DOGE account creation, and there was to be no logs or records made of the accounts created for DOGE employees, who required the highest level of access,” Berulis wrote of their instructions after that meeting.
“We have built in roles that auditors can use and have used extensively in the past but would not give the ability to make changes or access subsystems without approval,” he continued. “The suggestion that they use these accounts was not open to discussion.”
Berulis found that on March 3 one of the DOGE accounts created an opaque, virtual environment known as a “container,” which can be used to build and run programs or scripts without revealing its activities to the rest of the world. Berulis said the container caught his attention because he polled his colleagues and found none of them had ever used containers within the NLRB network.
Berulis said he also noticed that early the next morning — between approximately 3 a.m. and 4 a.m. EST on Tuesday, March 4 — there was a large increase in outgoing traffic from the agency. He said it took several days of investigating with his colleagues to determine that one of the new accounts had transferred approximately 10 gigabytes worth of data from the NLRB’s NxGen case management system.
Berulis said neither he nor his co-workers had the necessary network access rights to review which files were touched or transferred — or even where they went. But his complaint notes the NxGen database contains sensitive information on unions, ongoing legal cases, and corporate secrets.
“I also don’t know if the data was only 10gb in total or whether or not they were consolidated and compressed prior,” Berulis told the senators. “This opens up the possibility that even more data was exfiltrated. Regardless, that kind of spike is extremely unusual because data almost never directly leaves NLRB’s databases.”
Berulis said he and his colleagues grew even more alarmed when they noticed nearly two dozen login attempts from a Russian Internet address (83.149.30,186) that presented valid login credentials for a DOGE employee account — one that had been created just minutes earlier. Berulis said those attempts were all blocked thanks to rules in place that prohibit logins from non-U.S. locations.
“Whoever was attempting to log in was using one of the newly created accounts that were used in the other DOGE related activities and it appeared they had the correct username and password due to the authentication flow only stopping them due to our no-out-of-country logins policy activating,” Berulis wrote. “There were more than 20 such attempts, and what is particularly concerning is that many of these login attempts occurred within 15 minutes of the accounts being created by DOGE engineers.”
According to Berulis, the naming structure of one Microsoft user account connected to the suspicious activity suggested it had been created and later deleted for DOGE use in the NLRB’s cloud systems: “DogeSA_2d5c3e0446f9@nlrb.microsoft.com.” He also found other new Microsoft cloud administrator accounts with nonstandard usernames, including “Whitesox, Chicago M.” and “Dancehall, Jamaica R.”
On March 5, Berulis documented that a large section of logs for recently created network resources were missing, and a network watcher in Microsoft Azure was set to the “off” state, meaning it was no longer collecting and recording data like it should have.
Berulis said he discovered someone had downloaded three external code libraries from GitHub that neither NLRB nor its contractors ever use. A “readme” file in one of the code bundles explained it was created to rotate connections through a large pool of cloud Internet addresses that serve “as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.” Brute force attacks involve automated login attempts that try many credential combinations in rapid sequence.
The complaint alleges that by March 17 it became clear the NLRB no longer had the resources or network access needed to fully investigate the odd activity from the DOGE accounts, and that on March 24, the agency’s associate chief information officer had agreed the matter should be reported to US-CERT. Operated by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), US-CERT provides on-site cyber incident response capabilities to federal and state agencies.
But Berulis said that between April 3 and 4, he and the associate CIO were informed that “instructions had come down to drop the US-CERT reporting and investigation and we were directed not to move forward or create an official report.” Berulis said it was at this point he decided to go public with his findings.
An email from Daniel Berulis to his colleagues dated March 28, referencing the unexplained traffic spike earlier in the month and the unauthorized changing of security controls for user accounts.
Tim Bearese, the NLRB’s acting press secretary, told NPR that DOGE neither requested nor received access to its systems, and that “the agency conducted an investigation after Berulis raised his concerns but ‘determined that no breach of agency systems occurred.'” The NLRB did not respond to questions from KrebsOnSecurity.
Nevertheless, Berulis has shared a number of supporting screenshots showing agency email discussions about the unexplained account activity attributed to the DOGE accounts, as well as NLRB security alerts from Microsoft about network anomalies observed during the timeframes described.
As CNN reported last month, the NLRB has been effectively hobbled since President Trump fired three board members, leaving the agency without the quorum it needs to function.
“Despite its limitations, the agency had become a thorn in the side of some of the richest and most powerful people in the nation — notably Elon Musk, Trump’s key supporter both financially and arguably politically,” CNN wrote.
Both Amazon and Musk’s SpaceX have been suing the NLRB over complaints the agency filed in disputes about workers’ rights and union organizing, arguing that the NLRB’s very existence is unconstitutional. On March 5, a U.S. appeals court unanimously rejected Musk’s claim that the NLRB’s structure somehow violates the Constitution.
Berulis shared screenshots with KrebsOnSecurity showing that on the day the NPR published its story about his claims (April 14), the deputy CIO at NLRB sent an email stating that administrative control had been removed from all employee accounts. Meaning, suddenly none of the IT employees at the agency could do their jobs properly anymore, Berulis said.
An email from the NLRB’s associate chief information officer Eric Marks, notifying employees they will lose security administrator privileges.
Berulis shared a screenshot of an agency-wide email dated April 16 from NLRB director Lasharn Hamilton saying DOGE officials had requested a meeting, and reiterating claims that the agency had no prior “official” contact with any DOGE personnel. The message informed NLRB employees that two DOGE representatives would be detailed to the agency part-time for several months.
An email from the NLRB Director Lasharn Hamilton on April 16, stating that the agency previously had no contact with DOGE personnel.
Berulis told KrebsOnSecurity he was in the process of filing a support ticket with Microsoft to request more information about the DOGE accounts when his network administrator access was restricted. Now, he’s hoping lawmakers will ask Microsoft to provide more information about what really happened with the accounts.
“That would give us way more insight,” he said. “Microsoft has to be able to see the picture better than we can. That’s my goal, anyway.”
Berulis’s attorney told lawmakers that on April 7, while his client and legal team were preparing the whistleblower complaint, someone physically taped a threatening note to Mr. Berulis’s home door with photographs — taken via drone — of him walking in his neighborhood.
“The threatening note made clear reference to this very disclosure he was preparing for you, as the proper oversight authority,” reads a preface by Berulis’s attorney Andrew P. Bakaj. “While we do not know specifically who did this, we can only speculate that it involved someone with the ability to access NLRB systems.”
Berulis said the response from friends, colleagues and even the public has been largely supportive, and that he doesn’t regret his decision to come forward.
“I didn’t expect the letter on my door or the pushback from [agency] leaders,” he said. “If I had to do it over, would I do it again? Yes, because it wasn’t really even a choice the first time.”
For now, Mr. Berulis is taking some paid family leave from the NLRB. Which is just as well, he said, considering he was stripped of the tools needed to do his job at the agency.
“They came in and took full administrative control and locked everyone out, and said limited permission will be assigned on a need basis going forward” Berulis said of the DOGE employees. “We can’t really do anything, so we’re literally getting paid to count ceiling tiles.”
Further reading: Berulis’s complaint (PDF).
Advocates Urge Seattle Children’s to Offer Gender-Affirming Surgery to Trans People Under 19 [The Stranger]
A letter signed by at least 550 individuals, health care professionals, and advocacy groups is urging Seattle Children’s Hospital to restore access to gender-affirming surgical care to trans people under 19. by Vivian McCall
A letter signed by at least 550 individuals, health care professionals, and advocacy groups is urging Seattle Children’s Hospital to restore access to gender-affirming surgical care to trans people under 19.
The community letter, organized by the Seattle trans advocacy group Gender Justice League (GJL) and addressed to Children’s Board of Directors, says the hospital’s decision sends a “troubling” message to trans communities and may violate state law. The Washington Law Against Discrimination explicitly protects the rights of transgender people in places of public accommodation, which include hospitals.
Signed by the ACLU of Washington’s health policy program director, reproductive rights advocates like ProChoice Washington, LGBTQ groups like the Lavender Rights Project and Gender Justice League, as well as various health clinics, doctors, and labor unions, the letter calls on the hospital’s board of directors to immediately resume surgical care, educate the public on the scientific consensus that supports transgender care, and engage with workers, families, and advocates to collectively rally public support for its gender-affirming care program.
Telling a crowd of at least 100 protestors outside the hospital about the letter on Sunday afternoon, GJL Executive Director Danni Askini said the hospital’s leadership “has the research, they know the facts, they know that this care is medically necessary, that it’s safe, that it’s effective, that it supports young people and that it’s lifesaving.”
Askini told the crowd, who earlier had been line dancing to Chappell Roan and making postcards to send to hospital leadership, that GJL was talking to lawyers and looking for young people who’d been denied care at Children’s.
“We’re considering and are going to pursue any and every legal avenue that we can to hold Children’s accountable,” she said. “They are violating the Washington Law Against Discrimination, they’re harming our community and we’re not going to take that shit.”
This letter follows news, which The Stranger broke on Thursday, that the hospital had again stopped providing gender-affirming surgery for their patients under 19. A patient and his mother, who spoke on the condition of anonymity, said a surgeon and his staff told the 17 year old that he couldn’t get top surgery at the hospital until he turned 19. Sources familiar with hospital policy confirmed other patients have been told the same thing.
The surgeon did not explain to our source why he had to wait, but the age cutoff seemed an obvious clue. Soon after taking office in January, President Donald Trump issued a sweeping executive order to withdraw all federal support for all trans care for patients 18 and younger. The order threatened major research institutions, like Children’s, that depend on millions in federal grants each year.
Trump’s order prompted the hospital to stop surgeries for the first time in early February, indefinitely postponing at least one 16-year-old patient’s top surgery just hours before he was expected in the OR. But that patient, who we called Ethan to protect his privacy, did end up having surgery in the end. His mother says the hospital rescheduled the procedure shortly after a federal judge in Seattle blocked Trump’s order in response to a lawsuit brought by Washington Attorney General Nick Brown with the Attorneys General of Oregon and Minnesota. Brown’s office confirmed the order is still blocked.
The hospital filed a declaration in support of that lawsuit. For that reason, the letter says, signatories held back from making public calls against Seattle Children’s.
“However, we are done holding back,” the letter continues. “Seattle Children’s has sown fear and panic within our communities. This action perpetuates the harmful narrative that medical care for transgender youth is not medically necessary, and it fuels harmful and misguided biases against transgender young people. It emboldens bigots and bullies who make these young people’s lives extremely difficult and endangers their mental health in our schools and communities.”
The letter references Maine, a state in an active standoff with the Trump administration over transgender athletes in school sports, as showing that standing up for trans youth is a “moral obligation.”
“We ask you, as a Board of Directors: Where will you draw the line in the years to come as these attacks persist and the targets ever evolve?” the letter reads. “Why did you sign up to serve young people in your community? Which childrens’ health are you willing to sacrifice in the face of future moral panics and political pressure?”
It’s unclear why the hospital has drawn the line at surgery in the first place. Trump’s order does not distinguish between puberty blockers, hormones and surgery, it considers all three “mutilation,” so all three types of care would theoretically pose an equal threat to federal funding. But our source, who gets his hormones from Children’s, hasn’t lost his prescription, he says.
The hospital hasn’t said why it changed its mind. Six days after the first of our emails and phone calls, Children’s has not responded to The Stranger or made a public statement about this decision.
she probably would've done it by now
The World’s Hectic. Have a Dog Picture. [Whatever]
See, isn’t that nice? Lowers your blood pressure all the way down, it does. We could all use that right about now.
— JS
it’s the most wonderful time of the year [WIL WHEATON dot NET]
It’s that time again! Here’s my 2025 Stanley Cup Playoffs bracket, something that is always fun for me to write for the eleven people in the world who care about it. (Hi! I’m glad you’re all here!)
Vegas vs. Minnesota
As much as I very intensely dislike VGK, they aren’t pulling that IR bullshit from years past, so I grudgingly set that moniker aside this year. Minnesota is in the playoffs because of the ridiculous start to their season. The Wild (I almost typed North Stars, sigh) are hurt, and the last six weeks of the regular season were brutal for them. If the team that we saw at the beginning of the season shows up, they will give Vegas a serious run. They looked pretty great yesterday, and boy did they make Vegas work for the win at Medieval Times Arena. I still favor Vegas, though. They have most of a team has been here before, and they know how to win in the playoffs. I expect Minnesota to take at least one of their home games, and I think this one goes to 6 before Vegas advances.
Winnipeg vs St. Louis
The Jets have the best record in hockey for a reason that goes beyond Connor Hellebuyck. In the old 1 plays 8 days, I’d give The Blues a stronger upset chance, but I think they’re just outmatched here. This is the only sweep in the first round. Winnipeg in 4.
Dallas vs. Colorado
My heart wants to cheer for Dallas, because my dear friend Stepto (may his memory be a blessing) loved them the way I love my Kings. Colorado isn’t going to make it easy. Blackwood will steal a game for the Avs, and yesterday was not that game; the Stars lost that one all on their own. This series will go 6, maybe even 7, but the Stars are moving on to face the ‘Peg.
Los Angeles vs. Connor McDavid
This is our year. Fucking finally. The Kings have a team that can neutralize Edmonton’s line. The Kings are hot as hell right now, and have home ice advantage, where they had the best home record in the league (like, it wasn’t even close). Kuemper is locked in and Skinner has looked shaky. Edmonton has the best player in the world, another generational talent, and 24 other guys. For the first time in four seasons, the Kings have 4 lines who can score and a goalie who can keep them in it. Kings in 6.
Toronto vs. Ottawa
Brady, I’m real happy for you, and ima let you finish, but Toronto actually looks like a hockey team this year, and the Senators are just beginning to draw back the curtains, and open their Cup window. This isn’t Ottawa’s year, which is fucking crazy because it’s NEVER Toronto’s year. They have an incredibly rich history of finding truly creative ways to lose, but I’m picking Toronto because it serves a greater narrative. Leafs in 5.
Tampa Bay vs. Florida
Ah, the battle of America’s Wang. A playoff series for the ages that will live in the pages of hist– yawn I’m sorry I drifted off there thinking about this. These teams are basically even for me, but I freely admit I don’t pay much attention to them during the regular season, so I am absolutely missing a lot of nuance. But given the Panthers’ win last year by a team that they largely kept together, and the absolutely insane leveling up in Matthew Tkachuk’s play during Four Nations, I’m picking the Panthers in 5.
Washington vs. Montreal
Remember when the Habs were this unstoppable force? Remember when the Habs could score one and shut the door? This is not them. This team is mid af, just good enough to make it into the post season, but missing a lot of the parts it needs to go deep. I despise Ovechkin’s Team Putin bullshit, and for that reason alone I want them to get swept. But let’s be honest: the caps are a fucking incredible team who are going to be an autoaxe with legendary mods against Montreal’s weak feral ghouls. Anything can happen in this league on any night (the reason the NHL is the best league) so don’t count them out entirely, but I wouldn’t worry about having to change tee times with those guys in the beginning of April. Washington in 5.
Carolina vs. New Jersey
Hey, did you know the Devils are in the playoffs? Can you name one of their players? I just realized I can’t, and that means I haven’t paid attention to them at all this year. Meanwhile, after I retired Blaine Gretzky because the guy I named him after turned out to be garbage, I started a new create a pro game. My player wears #13, and his name is Johnny Marlowe. He plays for Carolina, and I have developed the same emotional connection to the real team that I had for the Kraken during Blaine’s career. I could come up with stats and reasons to support my choice, but where’s the fun in that? I’m picking Carolina for a silly reason, but it’s still a reason. Hurricanes in 7 because I presume New Jersey has some Dark Horse thing I don’t know about and that makes for good drama.
Jets vs. Stars
This one goes 7 and Winnipeg wins in OT. Sorry, Stepto.
Kings vs Vegas
The Kings teams that won the Stanley Cup were built to grind down opponents over a 7 game series. Even when San Jose went up 3-0, the Kings were able to just check them into submission and come all the way back. This Kings team does not play that way, and the longer the series goes, the more it favors the other team. Sure, I could write a script where they do it again against all the odds and blah blah blah, but everything is terrible and I just want some excitement, so I’m giving this to the Kings in 4. Yeah, you read that correctly. Kings sweep Vegas in round two. Book it.
Toronto vs. Florida
In the second game of the second round, something happens in the second intermission. Down a game and trailing, a Toronto team that’s been struggling to keep up with the defending champions breaks through in that third period and never looks back. GG, Florida. Leafs in 7.
Washington vs. Carolina
Some of you may notice that I stealth edited this in, after weirdly forgetting to include it originally. This series is back and forth the entire time. Nobody has a clear advantage, beyond Washington’s power play which is really just Ovechkin on the left side. It’s not enough, and Carolina squeaks past in a series that goes 7 games.
Kings vs. Jets
In reality, this is where the Kings go home.
Yeah screw that. In my story, this is a seven game series. The Kings steal a game in OT, we see at least one goalie battle, but the difference comes from Los Angeles’ young players. Byfield, Fiala, Laferriere and Turcotte surprise everyone with their maturity and composure in big situations. Kopitar and Doughty have been here before, and their experience both leads the other players and neutralizes the half a step or so they’re behind due to age and injury. Kuepmer doesn’t quite give us vintage Quick, but what he does give us rhymes with vintage quick. Winnipeg fully expects to win this at home, not unreasonably. But they didn’t count on this guy over here being the writer, and the Kings win it at home in game 7, right in front of me.
Toronto vs Carolina
It’s a classic Leafs vs Whalers matchup, just like the old days of 2002! Eddie Shore! Old Time Hockey! This is the series where Auston Matthews finally gets the national and casual fan attention he has deserved his entire career. Attention that has eluded him, because, come on, it’s Toronto. The Whale does not make it easy for the Leafs to win the series in 6 games.
It is the match-up we have all needed since 1993: a replay of the last time the Kings and the Leafs went deep in the playoffs, only this time it’s for the Big One. Leafs Nation wants revenge for the high stick that was not called, while Los Angeles desperately needs a series win that encourages our toxic trait of pretending that never happened. The drama is off the charts for this final. It’s Canada vs. USA. It’s East vs. West. It’s The Past vs. The Future. It’s so much better than whatever is really going to happen (which to be clear will still be cool) because there is no other potential Final match-up that carries this weight. It’s a series for the ages. No game is decided by more than one goal, at least two games to to OT, including game 7. The game and series and Stanley Cup winner comes from a Kopitar snipe at the top of the left circle, short-handed.
Okay, that’s the way I want this to go. And, if we accept that there are an infinite number of potential realities, all of them just beyond our perception, this is the way it will go, in at least one of them. So maybe it’ll be this one.
What do you think? I can talk about hockey the way I can talk about Star Trek. Let’s talk about it! Who are you cheering for? Who do you want to win? Who do you think will win?
And am I the only one who feels like the Stanley Cup Playoffs are always cool, but absolutely taking a back seat to the Four Nations Tournament this year?
If you want to get these posts in your inbox, here’s the thing:
Sinners: The Vampire Musical With a Cunnilingus Tutorial [The Stranger]
Sinners is now showing at several Seattle theaters, including SIFF Cinema Downtown, Regal Meridian, and IMAX Theaters at Pacific Science Center. by HR Smith
As a director and screenwriter, Ryan Coogler has built a career as an unparalleled interpreter of other people’s intellectual property. With Creed, he became the first person who isn’t Sylvester Stallone to write a film in the Rocky franchise. With Black Panther, he nailed the near-impossible assignment of adapting a thinly-drawn Marvel character conceit—created by two white guys, or one white guy, depending on which white guy you ask—and turned it into an iconic, globally-beloved blockbuster. With Wakanda Forever, Coogler gave us an epic work of underwater anti-colonialism, despite the death of the film’s star (Chadwick Boseman) and a global pandemic.
Now, over a decade into making feature films, Sinners feels like the first time Coogler is going deep into his own archive—he’s said it’s based on family lore, told to him by his Uncle James, who moved from Mississippi to Oakland during the Great Migration.
It’s a slow burn campfire story where the Mississippi skies and cotton fields are so huge they had to be shot in IMAX, and the music gets so wild it dissolves the boundaries of space and time.
The story starts out in the 1930s, when Sammie (Miles Caton), a sheltered preacher’s son receives a visit from his sharp-suited twin cousins Smoke and Stack (Michael B. Jordan and Michael B. Jordan). The cousins have returned from Chicago with a suspicious amount of money and a plan to turn the old cotton mill into a juke joint, starting that night. For the film’s first half they criss-cross the landscape, breezily assembling a dream team of musicians, cooks, and bouncers.
Many of the actors Coogler cast are also musicians—most notably Caton, a wunderkind multi-instrumentalist who has never been in a film before. He has a soft, unfinished quality that feels all the more eerie when it disappears anytime he begins to play guitar. Caton is surrounded by actors at the top of their game: Not only Jordan, but Wunmi Mosaku as Annie, Jayme Lawson as Pearline, and Hailee Steinfeld as Mary—all radiant on camera and main characters in their own right. Everyone in this film is so good they’re shooting off sparks.
Before a writing teacher took him aside and told him that he should consider screenwriting, Coogler was a dedicated football player. In the likewise ego-heavy occupation of movie-making, he’s built a reputation of enthusiastic collaboration. When Stallone showed up at the Creed shoot every morning with pages of handwritten notes on how he thought the day’s filming should go, Coogler rolled with it. In a back-and-forth with Sinners cinematographer, Autumn Durald Arkapaw, Coogler constantly credits her for changing his mind on how the film should be shot.
In previews, the second half of Sinners looks like a straight-up vampire flick, but Coogler has an open beef with genre. “Genres in music are mostly based in racism,” Coogler explained, in a 2024 conversation with Jordan Peele. Grunge is blues, he continues. Don’t try to tell him otherwise. Sinners is not a genre film, and by the time the final credits roll (stick around for a post-scroll scene) the audience has been taken to church and seen a full-on blues concert, Irish folk dancing, and Gullah folklore. They'll also sit in on a vivid cunnilingus how-to and witness spaghetti-western cinematography applied to the Mississippi Delta.
Using vampires to smuggle your weird art movie into a theater is another time-worn cinematic tradition (Let the Right One In, Only Lovers Left Alive), but that doesn’t make this variation any less surprising.
When the action comes, it moves fast. Not all of it makes sense, but it’s so large on the screen and beautifully shot that you go with it anyway. What starts out as a movie is, by the end, a haunting.
A lot will be written about Sinners—about insiders and outsiders and Black joy and vampirism and what it all means. It’s a film about the past that feels specific to this particular time and place. Some of the greatest pleasures of this world are built with the imperfect people around us. Outside, something is waiting in the darkness.
Sinners is now showing at several Seattle theaters, including SIFF Cinema Downtown, Regal Meridian, and IMAX Theaters at Pacific Science Center.
Why the FTC v. Meta Trial Matters: Competition Gaps and Civil Liberties Opportunities [Deeplinks]
We’re in the midst of a long-overdue resurgence in antitrust litigation. In the past 12 months alone, there have been three landmark rulings against Google/Alphabet (in search, advertising, and payments). Then there’s the long-running FTC v. Meta case, which went to trial last week. Plenty of people are cheering these cases on, seeing them as a victories over the tech broligarchy (who doesn’t love to see a broligarch get their comeuppance?).
But we’re cautiously cheering for another, more fundamental reason: the Big Tech antitrust cases could and should lead to enforceable changes that will foster more vibrant online expression and more meaningful user privacy protections.
Antitrust doctrine isn’t just about prices – it’s about power. The cases are nothing less than a fight over who will control the future of the internet, and what that future will look like. Will social media platforms continue to consolidate and enshittify? Or will the courts create breathing room for new ways of connecting to emerge and thrive?
Take FTC v Meta: The FTC argues that Meta’s control over Facebook, WhatsApp and Instagram – the latter two being companies Facebook acquired in order to neutralize them as competitors— gives it unfair monopoly power in personal social media, i.e. communications with friends and family. Meta disputes that, of course, but even if you take Meta at their word, there’s no denying that this case is directly concerned with online expression. If the FTC succeeds, Meta could be broken up and forced to compete. More important than competition for its own sake is what competition can deliver: openings in the canopy that allow green shoots to sprout – new systems for talking with one another and forming communities under different and more transparent moderation policies, a break from the content moderation monoculture that serves no one well (except for corporate shareholders).
These antitrust cases aren’t the sole purview of government enforcers. Private companies have also brought significant cases with real implications for user rights.
Take Epic Games v Google, in which Google insists that the court order to open up its app store to competition will lead to massive security risks. This is a common refrain from tech giants like Google, who benefit from the system of “feudal security” in which users must depend on the whims of a monopolist to guarantee their safety. Google claims that its app store security measures keep its users safe – reprising the long-discredited theory of “security through obscurity.” As the eminent cryptographer (and EFF board member) Bruce Schneier says, “Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can’t break.”
It’s true that Google often does a good job securing its users against external threats, but Google does a much worse job securing users against Google itself – for example, there’s no way to comprehensively block tracking for Google’s apps on Android. Competition might make Google clean up its act here, but only if they start worrying that there’s a chance you’ll switch to an upstart with a better privacy posture. Enabling competition—as these cases are trying to do—means we don’t have to rely on Google to get privacy religion. We can just switch to an independently vetted rival. Of course, you can only vote with your feet if you have somewhere else to go.
Thanks again to our outgoing sponsor: Nova Custom [OSnews]
We’d like to thank our outgoing sponsor, Nova Custom, for sponsoring OSNews!
Nova Custom, based in The Netherlands, makes laptops focused on privacy, customisation, and freedom. Nova Custom laptops ship with either Linux, Windows, or no operating system, and they’re uniquely certified for Qubes OS (the V54 model will be certified soon), the ultra-secure and private operating system. On top of that, Nova Custom laptops come with Dasharo coreboot firmware preinstalled, which is completely open source, instead of a proprietary BIOS. Nova Custom can also disable the Intel Management Engine for you, and you can opt for Dasharo coreboot+Heads for the ultimate in boot security.
Nova Custom offers visual customisations, too, including engraving a logo or text of your choice on the metal screen lid and/or palmrest and adding your own boot logo. They also offer privacy customisations like removing the microphone and webcam, installing a privacy screen, and more. A small touch I personally appreciate: Nova Custom offers a long, long list of keyboard layouts, as well as the option to customise the super key. Nova Custom products enjoy 3 years of warranty, as well as updates and spare parts for at least seven years after the launch of a product, which includes everything from motherboard replacements down to sets of screws.
Nova Custom laptops can be configured with a wide variety of Intel processor options, as well as a choice between integrated Intel GPUs or Nvidia laptop GPUs. Thanks once again to Nova Custom for sponsoring OSNews – for a little longer than anticipated due to our weird RSS/captcha issues.
“How I use Kate Editor” [OSnews]
I love the Kate Text editor. I use it for pretty much all the programming projects I do. Kate has been around for long time now, about 20 years! At least earliest blog post for it I could find was written in 2004.
I wanted to go over my workflow with it, why I like it so much and hopefully get more people to try it out.
↫ Akseli Lahtinen
Programmers and developers tend to be very set in their ways and have their preferred workflows – which profession doesn’t, honestly – and since there’s such a wide variety of developer and programming tools out there, it feels like every single developer’s workflow and setup is entirely unique. Akseli Lahtinen, KDE developer and allround awesome person, details his setup using Kate, the venerable and feature-rich text editor from the KDE project.
As someone who can’t program, I can’t really compare his workflow to my own, but what I found interesting while reading his post is that there’s quite a bit of overlap between my previous work as a translator and his work as a developer. While the contents of each individual view inside his Kate window are obviously different, the setup of windows and tools I had when translating looked very similar.
This shouldn’t be surprising to me – after all, both translating and developing requires multiple work surfaces, language plugins, formatting tools, tons of keyboard shortcuts, and a whole load of browser tabs, PDF files, and other documents to find just the right translation or the perfect term, as well as a ton of background to make sure you understand the topic you’re translating about. Y’all have no idea how much I know about the deepest complex inner-workings and processes of some of the largest organisations in the world, just because I needed to study them and had access to their internal documentation and software.
I also read and studied way too many complex contracts, European law, and technical studies into medicine and healthcare treatments, and I guess developers and programmers do the same thing – just focusing on different subjects. What’s the best way to do this thing in the programming language I’m using? How does this library I want to integrate work? What are the API endpoints for this service I want to use?
It’s really not that different from translating, and that never really dawned on me until now.
Let’s give PRO/VENIX a barely adequate, pre-C89 TCP/IP stack (featuring Slirp-CK) [OSnews]
Only a few weeks ago, I linked to Cameron Kaiser’s excellent deep dive into the DEC Professional 380 running PRO/VENIX, and now we have a follow-up.
Fortunately, today
↫ Cameron Kaiserwe have AIwe have many more excellent and comprehensive documents on the subject, and more importantly, we’ve recently brought back up an oddball platform that doesn’t have networking either: our DEC Professional 380 running the System V-based PRO/VENIX V2.0, which you met a couple articles back. The DEC Professionals are a notoriously incompatible member of the PDP-11 family and, short of DECnet (DECNA) support in its unique Professional Operating System, there’s officially no other way you can get one on a network — let alone the modern Internet. Are we going to let that stop us?
No. The answer is always no. If you’ve ever wanted to know what’s involved in setting up a custom TCP/IP stack using serial on a 40 year old UNIX workstation, your very specific desires are hereby met.
[$] Indirect calls in BPF [LWN.net]
Anton Protopopov kicked off the BPF track on the second day of the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit with a discussion about permitting indirect calls in BPF. He also spoke about his continuing work on static keys, a topic which is related because the implementation of indirect jumps and static keys in the verifier use some of the same mechanisms for tracking indirect control-flow. Although some design work remains to be done, it may soon be possible to make indirect calls in BPF without any extra work compared to normal C.
Paolo Amoroso: DandeGUI, a GUI library for Medley Interlisp [Planet Lisp]
I'm working on DandeGUI, a Common Lisp GUI library for simple text and graphics output on Medley Interlisp. The name, pronounced "dandy guy", is a nod to the Dandelion workstation, one of the Xerox D-machines Interlisp-D ran on in the 1980s.
DandeGUI allows the creation and management of windows for stream-based text and graphics output. It captures typical GUI patterns of the Medley environment such as printing text to a window instead of the standard output. The main window of this screenshot was created by the code shown above it.
The library is written in Common Lisp and exposes its functionality as an API callable from Common Lisp and Interlisp code.
In most of my prior Lisp projects I wrote programs that print text to windows.
In general these windows are actually not bare Medley windows but running instances of the TEdit rich-text editor. Driving a full editor instead of directly creating windows may be overkill, but I get for free content scrolling as well as window resizing and repainting which TEdit handles automatically.
Moreover, TEdit windows have an associated
TEXTSTREAM
, an Interlisp data structure for text
stream I/O. A TEXTSTREAM
can be passed to any Common
Lisp or Interlisp output function that takes a stream as an
argument such as PRINC
, FORMAT
, and
PRIN1
. For example, if S
is the
TEXTSTREAM
associated with a TEdit window,
(FORMAT S "~&Hello, Medley!~%")
inserts the text
"Hello, Medley!" in the window at the position of the cursor.
Simple and versatile.
As I wrote more GUI code, recurring patterns and boilerplate emerged. These programs usually create a new TEdit window; set up the title and other options; fetch the associated text stream; and return it for further use. The rest of the program prints application specific text to the stream and hence to the window.
These patterns were ripe for abstracting and packaging in a library that other programs can call. This work is also good experience with API design.
An example best illustrates what DandeGUI can do and how to use it. Suppose you want to display in a window some text such as a table of square roots. This code creates the table in the screenshot above:
(gui:with-output-to-window (stream :title "Table of square roots")
(format stream "~&Number~40TSquare Root~2%")
(loop
for n from 1 to 30
do (format stream "~&~4D~40T~8,4F~%" n (sqrt n))))
DandeGUI exports all the public symbols from the
DANDEGUI
package with nickname GUI
. The
macro GUI:WITH-OUTPUT-TO-WINDOW
creates a new TEdit
window with title specified by :TITLE
, and establishes
a context in which the variable STREAM
is bound to the
stream associated with the window. The rest of the code prints the
table by repeatedly calling the Common Lisp function
FORMAT
with the stream.
GUI:WITH-OUTPUT-TO-WINDOW
is best suited for
one-off output as the stream is no longer accessible outside of its
scope.
To retain the stream and send output in a series of steps, or
from different parts of the program, you need a combination of
GUI:OPEN-WINDOW-STREAM
and
GUI:WITH-WINDOW-STREAM
. The former opens and returns a
new window stream which may later be used by FORMAT
and other stream output functions. These functions must be wrapped
in calls to the macro GUI:WITH-WINDOW-STREAM
to
establish a context in which a variable is bound to the appropriate
stream.
The DandeGUI documentation on the project repository provides more details, sample code, and the API reference.
DandeGUI is a thin wrapper around the Interlisp system facilities that provide the underlying functionality.
The main reason for a thin wrapper is to have a simple API that covers the most common user interface patterns. Despite the simplicity, the library takes care of a lot of the complexity of managing Medley GUIs such as content scrolling and window repainting and resizing.
A thin wrapper doesn't hide much the data structures ubiquitous in Medley GUIs such as menus and font descriptors. This is a plus as the programmer leverages prior knowledge of these facilities.
So far I have no clear idea how DandeGUI may evolve. One more reason not to deepen the wrapper too much without a clear direction.
The user needs not know whether DandeGUI packs TEdit or ordinary windows under the hood. Therefore, another design goal is to hide this implementation detail. DandeGUI, for example, disables the main command menu of TEdit and sets the editor buffer to read-only so that typing in the window doesn't change the text accidentally.
DandeGUI relies on basic Common Lisp features. Although the Medley Common Lisp implementation is not ANSI compliant it provides all I need, with one exception.
The function DANDEGUI:WINDOW-TITLE
returns the
title of a window and allows to set it with a SETF
function. However, the SEdit structure editor and the File Manager
of Medley don't support or track function names that are lists such
as (SETF WINDOW-TITLE)
. A good workaround is to define
SETF
functions with DEFSETF
which Medley
does support along with the CLtL macro
DEFINE-SETF-METHOD
.
At present DandeGUI doesn't do much more than what described here.
To enhance this foundation I'll likely allow to clear existing text and give control over where to insert text in windows, such as at the beginning or end. DandeGUI will also have rich text facilities like printing in bold or changing fonts.
The windows of some of my programs have an attached menu of commands and a status area for displaying errors and other messages. I will eventually implement such menu-ed windows.
To support programs that do graphics output I plan to leverage the functionality of Sketch for graphics in a way similar to how I build upon TEdit for text.
Sketch is the line drawing editor of Medley. The Interlisp
graphics primitives require as an argument a
DISPLAYSTREAM
, a data stracture that represents an
output sink for graphics. It is possible to use the Sketch drawing
area as an output destination by associating a
DISPLAYSTREAM
with the editor's window. Like TEdit,
Sketch takes care of repainting content as well as window scrolling
and resizing. In other words, DISPLAYSTREAM
is to
Sketch what TEXTSTREAM
is to TEdit.
DandeGUI will create and manage Sketch windows with associated
streams suitable for use as the DISPLAYSTREAM
the
graphics primitives require.
#DandeGUI #CommonLisp #Interlisp #Lisp
Discuss... Email | Reply @amoroso@fosstodon.org
Kalyani Kenekar: Nextcloud Installation HowTo: Secure Your Data with a Private Cloud [Planet Debian]
Nextcloud is an open-source software suite that enables you to set up and manage your own cloud storage and collaboration platform. It offers a range of features similar to popular cloud services like Google Drive or Dropbox but with the added benefit of complete control over your data and the server where it’s hosted.
I wanted to have a look at Nextcloud and the steps to setup a own instance with a PostgreSQL based database together with NGinx as the webserver to serve the WebUI. Before doing a full productive setup I wanted to play around locally with all the needed steps and worked out all the steps within KVM machine.
While doing this I wrote down some notes to mostly document for myself what I need to do to get a Nextcloud installation running and usable. So this manual describes how to setup a Nextcloud installation on Debian 12 Bookworm based on NGinx and PostgreSQL.
Nextcloud is basically a PHP application so we need to install PHP packages to get it working in the end. The following steps are based on the upstream documentation about how to install a own Nextcloud instance.
Installing the virtual package package php
on a
Debian Bookworm system would pull in the depending meta package
php8.2
. This package itself would then pull also the
package libapache2-mod-php8.2
as an dependency which
then would pull in also the apache2 webserver as a depending
package. This is something I don’t wanted to have as I want
to use NGinx that is already installed on the system instead.
To get this we need to explicitly exclude the package
libapache2-mod-php8.2 from the list of packages which we want to
install, to achieve this we have to append a hyphen -
at the end of the package name, so we need to use
libapache2-mod-php8.2-
within the package list that is
telling apt to ignore this package as an dependency. I ended up
with this call to get all needed dependencies installed.
$ sudo apt install php php-cli php-fpm php-json php-common php-zip \
php-gd php-intl php-curl php-xml php-mbstring php-bcmath php-gmp \
php-pgsql libapache2-mod-php8.2-
Check php version (optional step)
$ php -v
PHP 8.2.28 (cli) (built: Mar 13 2025 18:21:38) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.2.28, Copyright (c) Zend Technologies
with Zend OPcache v8.2.28, Copyright (c), by Zend Technologies
After installing all the packages, edit the php.ini
file:
$ sudo vi /etc/php/8.2/fpm/php.ini
Change the following settings per your requirements:
max_execution_time = 300
memory_limit = 512M
post_max_size = 128M
upload_max_filesize = 128M
To make these settings effective, restart the php-fpm service
$ sudo systemctl restart php8.2-fpm
This manual assumes we will use a PostgreSQL server on localhost, if you have a server instance on some remote site you can skip the installation step here.
$ sudo apt install postgresql postgresql-contrib
postgresql-client
Check version after installation (optinal step):
$ sudo -i -u postgres
$ psql -version
This output will be seen:
psql (15.12 (Debian 15.12-0+deb12u2))
Exit the PSQL shell by using the command \q
.
postgres=# \q
Exit the CLI of the postgres user:
postgres@host:~$ exit
Create a new PostgreSQL user (Use a strong password!):
$ sudo -u postgres psql -c "CREATE USER nextcloud_user
PASSWORD '1234';"
Create new database and grant access:
$ sudo -u postgres psql -c "CREATE DATABASE nextcloud_db
WITH OWNER nextcloud_user ENCODING=UTF8;"
(Optional) Check if we now can connect to the database server and the database in detail (you will get a question about the password for the database user!). If this is not working it makes no sense to proceed further! We need to fix first the access then!
$ psql -h localhost -U nextcloud_user -d
nextcloud_db
or
$ psql -h 127.0.0.1 -U nextcloud_user -d
nextcloud_db
\q
.Use the following command to download the latest version of Nextcloud:
$ wget
https://download.nextcloud.com/server/releases/latest.zip
Extract file into the folder /var/www/html
with the
following command:
$ sudo unzip latest.zip -d /var/www/html
Change ownership of the /var/www/html/nextcloud
directory to www-data.
$ sudo chown -R www-data:www-data
/var/www/html/nextcloud
In case you want to use self signed certificate, e.g. if you play around to setup Nextcloud locally for testing purposes you can do the following steps.
Generate the private key and certificate:
$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048
-keyout nextcloud.key -out nextcloud.crt
$ sudo cp nextcloud.crt /etc/ssl/certs/ && sudo cp
nextcloud.key /etc/ssl/private/
If you want or need to use the service of Let’s Encrypt (or similar) drop the step above and create your required key data by using this command:
$ sudo certbot --nginx -d
nextcloud.your-domain.com
You will need to adjust the path to the key and certificate in the next step!
Change the NGinx configuration:
$ sudo vi
/etc/nginx/sites-available/nextcloud.conf
Add the following snippet into the file and save it.
# /etc/nginx/sites-available/nextcloud.conf
upstream php-handler {
#server 127.0.0.1:9000;
server unix:/run/php/php8.2-fpm.sock;
}
# Set the `immutable` cache control options only for assets with a cache
# busting `v` argument
map $arg_v $asset_immutable {
"" "";
default ", immutable";
}
server {
listen 80;
listen [::]:80;
# Adjust this to the correct server name!
server_name nextcloud.local;
# Prevent NGinx HTTP Server Detection
server_tokens off;
# Enforce HTTPS
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# Adjust this to the correct server name!
server_name nextcloud.local;
# Path to the root of your installation
root /var/www/html/nextcloud;
# Use Mozilla's guidelines for SSL/TLS settings
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
# Adjust the usage and paths of the correct key data! E.g. it you want to use Let's Encrypt key material!
ssl_certificate /etc/ssl/certs/nextcloud.crt;
ssl_certificate_key /etc/ssl/private/nextcloud.key;
# ssl_certificate /etc/letsencrypt/live/nextcloud.your-domain.com/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/nextcloud.your-domain.com/privkey.pem;
# Prevent NGinx HTTP Server Detection
server_tokens off;
# HSTS settings
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;
# set max upload size and increase upload timeout:
client_max_body_size 512M;
client_body_timeout 300s;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Pagespeed is not supported by Nextcloud, so if your server is built
# with the `ngx_pagespeed` module, uncomment this line to disable it.
#pagespeed off;
# The settings allows you to optimize the HTTP2 bandwidth.
# See https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/
# for tuning hints
client_body_buffer_size 512k;
# HTTP response headers borrowed from Nextcloud `.htaccess`
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Set .mjs and .wasm MIME types
# Either include it in the default mime.types list
# and include that list explicitly or add the file extension
# only for Nextcloud like below:
include mime.types;
types {
text/javascript js mjs;
application/wasm wasm;
}
# Specify how to handle directories -- specifying `/index.php$request_uri`
# here as the fallback means that NGinx always exhibits the desired behaviour
# when a client requests a path that corresponds to a directory that exists
# on the server. In particular, if that directory contains an index.php file,
# that file is correctly served; if it doesn't, then the request is passed to
# the front-end controller. This consistent behaviour means that we don't need
# to specify custom rules for certain paths (e.g. images and other assets,
# `/updater`, `/ocs-provider`), and thus
# `try_files $uri $uri/ /index.php$request_uri`
# always provides the desired behaviour.
index index.php index.html /index.php$request_uri;
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
location = / {
if ( $http_user_agent ~ ^DavClnt ) {
return 302 /remote.php/webdav/$is_args$args;
}
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Make a regex exception for `/.well-known` so that clients can still
# access it despite the existence of the regex rule
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
# for `/.well-known`.
location ^~ /.well-known {
# The rules in this block are an adaptation of the rules
# in `.htaccess` that concern `/.well-known`.
location = /.well-known/carddav { return 301 /remote.php/dav/; }
location = /.well-known/caldav { return 301 /remote.php/dav/; }
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
# Let Nextcloud's API for `/.well-known` URIs handle all other
# requests by passing them to the front-end controller.
return 301 /index.php$request_uri;
}
# Rules borrowed from `.htaccess` to hide certain paths from clients
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
# which handle static assets (as seen below). If this block is not declared first,
# then NGinx will encounter an infinite rewriting loop when it prepend `/index.php`
# to the URI, resulting in a HTTP 500 error response.
location ~ \.php(?:$|/) {
# Required for legacy support
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode(_arm64)?\/proxy) /index.php$request_uri;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
fastcgi_max_temp_file_size 0;
}
# Serve static files
location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ {
try_files $uri /index.php$request_uri;
# HTTP response headers borrowed from Nextcloud `.htaccess`
add_header Cache-Control "public, max-age=15778463$asset_immutable";
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
access_log off; # Optional: Don't log access to assets
}
location ~ \.woff2?$ {
try_files $uri /index.php$request_uri;
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
# Rule borrowed from `.htaccess`
location /remote {
return 301 /remote.php$request_uri;
}
location / {
try_files $uri $uri/ /index.php$request_uri;
}
}
Symlink configuration site available to site enabled.
$ ln -s /etc/nginx/sites-available/nextcloud.conf
/etc/nginx/sites-enabled/
Restart NGinx and access the URI in the browser.
Go through the installation of Nextcloud.
The user data on the installation dialog should point e.g to
administrator
or similar, that user will become
administrative access rights in Nextcloud!
To adjust the database connection detail you have to edit the
file $install_folder/config/config.php
. Means here in
the example within this post you would need to modify
/var/www/html/nextcloud/config/config.php
to control
or change the database connection.
---%<---
'dbname' => 'nextcloud_db',
'dbhost' => 'localhost', #(Or your remote PostgreSQL server address if you have.)
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud_user',
'dbpassword' => '1234', #(The password you set for database user.)
--->%---
After the installation and setup of the Nextcloud PHP application there are more steps to be done. Have a look into the WebUI what you will need to do as additional steps like create a cronjob or tuning of some more PHP configurations.
If you’ve done all things correct you should see a login page similar to this:
The data folder is the root folder for all user content. By
default it is located in $install_folder/data, so in our case here
it is in /var/www/html/nextcloud/data
.
Move the data directory outside the web server document root.
$ sudo mv /var/www/html/nextcloud/data
/var/nextcloud_data
Ensure access permissions, mostly not needed if you move the folder.
$ sudo chown -R www-data:www-data
/var/nextcloud_data
$ sudo chown -R www-data:www-data
/var/www/html/nextcloud/
Update the Nextcloud configuration:
Open the config/config.php file of your Nextcloud installation.
$ sudo vi
/var/www/html/nextcloud/config/config.php
Update the ‘datadirectory’ parameter to point to the new location of your data directory.
---%<---
'datadirectory' => '/var/nextcloud_data'
--->%---
Restart NGinx service:
$ sudo systemctl restart nginx
Adjust the Nextcloud configuration to listen and accept requests
for different domain names. Configure and adjust the key
trusted_domains
accordingly.
$ sudo vi
/var/www/html/nextcloud/config/config.php
---%<---
'trusted_domains' =>
array (
0 => 'domain.your-domain.com',
1 => 'domain.other-domain.com',
),
--->%---
.ocdata
might occur.ocdata
is not found inside the data directory
Create file using touch and set necessary permissions.
$ sudo touch /var/nextcloud_data/.ocdata
$ sudo chown -R www-data:www-data
/var/nextcloud_data/
Log in to your server:
Switch to the PostgreSQL user:
$ sudo -i -u postgres
Access the PostgreSQL command line
psql
List the databases: (If you’re unsure which database is being used by Nextcloud, you can list all the databases by the list command.)
\l
Switch to the Nextcloud database:
\c nextclouddb
Reset the password for the Nextcloud database user:
ALTER USER nextcloud_user WITH PASSWORD
'new_password';
Exit the PostgreSQL command line:
\q
Verify Database Configuration:
Check the database connection details in the config.php file to ensure they are correct.
sudo vi
/var/www/html/nextcloud/config/config.php
Replace nextcloud_db, nextcloud_user, and your_password with your actual database name, user, and password.
---%<---
'dbname' => 'nextcloud_db',
'dbhost' => 'localhost', #(or your PostgreSQL server address)
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud_user',
'dbpassword' => '1234', #(The password you set for nextcloud_user.)
--->%---
Synology confirms that higher-end NAS products will require its branded drives [OSnews]
“Synology-branded drives will be needed for use in the newly announced Plus series, with plans to update the Product Compatibility List as additional drives can be thoroughly vetted in Synology systems,” a Synology representative told Ars by email. “Extensive internal testing has shown that drives that follow a rigorous validation process when paired with Synology systems are at less risk of drive failure and ongoing compatibility issues.”
Without a Synology-branded or approved drive in a device that requires it, NAS devices could fail to create storage pools and lose volume-wide deduplication and lifespan analysis, Synology’s German press release stated. Similar drive restrictions are already in place for XS Plus and rack-mounted Synology models, though work-arounds exist.
↫ Kevin Purdy at Ars Technica
I’m honestly surprised it’s taken Synology this long to start nickle-and-diming its users. I’m sure the “Synology-branded” drives will carry substantial markups over regular drives, despite the drives being otherwise identical. Charging insane markups for expansion options is a tried-and-true way to increase your margins, with Apple being the classic example of charging insane prices for basic RAM or SSD upgrades.
I think most of us here on OSNews could easily build our own NAS, as it’s not a particularly complex project. The various software options could be a bit more complicated to navigate, but I don’t think it’s insurmountable for most of us. Normal, average people, though, would most likely do best to just buy an off-the-shelf NAS for their storage and local back-up needs, and it’s those kind of people who Synology is aiming this policy at. They’ll be easily fooled into thinking Synology-branded drives are somehow special, and not just a generic drive with a fancy sticker.
This is how the world works, but that doesn’t make it any less unpleasant.
A day at Little Woodham [Judith Proctor's Journal]
Hoping the photo works...
This is me (in the black hat), my daughter, and my granddaughter, spending a day in the year 1642.
Lindsey has set herself up in the village of Little Woodham as a leather worker, and hopes to learn smithing before long (there are historical records of female blacksmiths in this period).
Oswin, is the leather worker's apprentice, but also showing children how to play games like 'cup and ball'.
I'm currently learning how to card wool, use a spinning wheel (I think I prefer the drop spindle at present) and talking to people about period clothing.
All in all, a very enjoyable day.
EFF to Congress: Here’s What A Strong Privacy Law Looks Like [Deeplinks]
Enacting strong federal consumer data privacy laws is among EFF’s highest priorities. For decades, EFF has advocated for federal privacy law that is concrete, ambitious, and fully protective of all Americans’ data privacy.
That’s why, when the House Committee on Energy and Commerce recently established a Privacy Working Group and asked for comments on what we’d like to see from a Data Security and Privacy Framework, EFF was pleased to offer our thoughts.
Our comments highlight several key points. For one, we urge Congress not to weaken current federal privacy law or create new policy that supplants stronger state laws. A law that overrides strong state protections would hurt consumers and prevent states from protecting their constituents.
We also urge Congress to include the most important tool to ensure that privacy laws have real bite: the individual right to sue over privacy violations. As we say in our comments:
It is not enough for the government to pass laws that protect consumers from corporations that harvest and monetize their personal data. It is also necessary to ensure companies do not ignore them. The best way to do so is to empower consumers to bring their own lawsuits against the companies that violate their privacy rights. Strong “private rights of action” are among EFF’s highest priorities in any data privacy legislation.
Additionally, we reiterate that any strong privacy law must include these components:
As we have said in our Privacy First white paper, a strong privacy law would also help us address online harms, protect children, support journalism, protect access to health care, foster digital justice, limit private data collection to train generative AI, limit foreign government surveillance, and strengthen competition.
EFF thanks the committee for the opportunity to weigh in. We invite further conversation to develop strong, comprehensive law that affirms the privacy and civil rights of all American consumers. You can read our full comments here:
Long ago, what YouTube tells me is Seven Years Ago, Gabe ran an episode of my old Acquisitions Incorporated: The "C" Team show. Called simply Jimterlude, because it was a Mike Krahulik DM Experience Tee Em, of course it involved an incredibly elaborate, fully functional board game called Wizard Kart. I want to emphasize that Wizard Kart is our wholly owned, original IP and any resemblance or even direct references to other games are either just some thing you made up or direct attacks on our sovereignty. In either case, they're deeply unwelcome!!!
The Top 39 Events in Seattle This Week: Apr 21–27, 2025 [The Stranger]
We're here to save you from answering "IDK" when someone asks you what you're up to this week. Add buzzy events to your itinerary from Kylie Minogue: Tension Tour to Pedro the Lion 30th Anniversary Shows and from Swan Lake: State Ballet Theatre of Ukraine & Live Symphony Orchestra to Ziwe's America.
MONDAY LIVE MUSICIchiko
Aoba
The word "ethereal" tends to be overused when describing music.
That said, Ichiko Aoba's music is actually ethereal. The
Japanese singer-songwriter finds a sweet spot between folk, jazz,
and classical music, employing swirling strings, ocean waves,
windchimes, and delicate vocals to tell whimsical, and often
fictional stories. She will support her new album Luminescent
Creatures, which serves as a sequel to her critically
acclaimed 2020 album Windswept Adan. AUDREY
VANN
(Moore Theatre, Belltown)
Slog AM: The Pope Is Dead, Signal Pete Leaks Again, The White House Wants More Babies [The Stranger]
The Stranger's morning news roundup. by Nathalie Graham
Pope Francis Is Dead: Pope Francis, who was the first Latin American pontiff, is dead at 88. Francis moved the Catholic Church progressively—or, at least progressively for the Catholics. He believed in climate change, he made the church a somewhat more welcoming place for LGBTQ people, he opposed the death penalty, he condemned both the war in Gaza and Ukraine. Poetically, Francis died the morning after Easter. Tragically, one of the last people he met with before his death was Vice President JD Vance. I'd want to die after meeting him, too.
SPD "Stop the Steal" Attendees Appeal to Supreme Court: Four of the Seattle Police Officers who attended Donald Trump's 2021 "Stop the Steal" rally, which later turned into the Jan. 6 insurrection, don't want their names revealed in public records. The officers maintain they did not participate in the insurrection. Earlier this year, the Washington State Supreme Court ruling which found "the officers failed to show that disclosing their names in public filings would violate their right to privacy," according to CBSNews. Unsatisfied with that, the officers, some of whom are still active within SPD, are banking on the Supreme Court to keep their political beliefs unassociated with their names. If they simply attended a peaceful rally, what are they worried about?
Xoxo, Pete Hegseth: We might as well call Defense Secretary Pete Hegseth Gossip Girl since he can't stop texting state secrets to anyone who will listen. The New York Times found that Hegseth sent details about forthcoming strikes in Yemen to another Signal group chat. This time, instead of a Signal chat with other members of the Trump cabinet and the editor-in-chief of the Atlantic, Hegseth texted virtually the same deets to a private chat with his wife, brother, and personal lawyer. The chat also included about a dozen people from his personal and professional life. He called it "Defense | Team Huddle." Hegseth allegedly shared the flight schedules for the F/A-18 Hornets targeting the Houthis in Yemen.
Once again, I was left to wonder: was Pete Hegseth signal chatting military attack plans to everyone but me??
Am I the one that’s insecure, or is it his communication practices that are insecure?
— Leah Litman (@leahlitman.bsky.social) April 20, 2025 at 2:37 PM
[image or embed]
The Weather: Today, it will be cloudy, but the sun could break through any gray and stick around.
RIP Sen. Bill Ramos: Washington State Sen. Bill Ramos (D-Issaquah) died suddenly over the weekend during a trail run. He was 69. Ramos leaves behind two children and his wife, King County Councilmember Sarah Perry. "Billy is my East, my West, my North and South. I don’t know how I’ll do this without him," Perry wrote in a Facebook post.
Democrats Keep $12 Billion Tax Package Alive: Washington state senators are approving pieces of a $12 billion tax package left and right. So far senators have passed "bills to expand the capital gains tax, increase tax rates on large corporations and big banks, and begin collecting sales tax on an array of services," reports the Washington State Standard. The big risk with all of this momentum is it's not clear if Gov. Bob Ferguson will sign any of these bills into law. Ferguson has been a big, frugal bummer in the face of a huge hole in our state budget. Let's get creative here, Bob!
Hey, cut that out! An electric vehicle charger company, Virginia-based Electrify America LLC, is suing three King County men for allegedly pilfering charging cords and technology trade secrets at charging stations around Seattle. The men are accused of stealing and reselling metal stripped from the stations and developing a scheme to break into station cabinets to get the inside scoop on the technological goings-on in there. The company is seeking $500,000 from the men for allegedly violating Washington's criminal profiteering act.
What's your jet return policy? Thanks to new tariffs on US goods, a Boeing 737 MAX airplane intended for a Chinese airline returned back to Seattle like a pair of ill-fitting jeans. Since Trump put a 145 percent tariff on Chinese goods and China levied a reciprocal 125 percent tariff on US goods, purchasing a $55 million market value Boeing airplane could now financially destroy a Chinese airline. Before the tariffs went into effect, Boeing had 130 planes scheduled for delivery to Chinese companies. Will any of those orders still go through? Boeing and all of its pre-tariff financial woes probably really hope so!
[solemnly] "Boeing" is the sound made when the check for a jetliner bounces
— Kelsey Atherton (@atherton.bsky.social) April 20, 2025 at 9:03 PM
[image or embed]
Keep Being Polite to the Bots: Apparently, by saying "please" and "thank you" to ChatGPT bots costs OpenAI tens of millions of dollars, according to OpenAI CEO Sam Altman. Can we really kill the AI companies with kindness? Probably not, but shhh.
Supreme Court Blocks Deportations: In a rare hurry, the Supreme Court issued a late night urgent order blocking the Trump administration from deporting a group of Venezuelan migrants under the Alien Enemies Act, a rarely-invoked 18th-century wartime law. The unsigned, one-paragraph-long order came through at 1 a.m. on Saturday. It expressed skepticism about whether the administration could make good on a stipulation from a previous, April 7 order which said "detainees were entitled to be notified if the government intended to deport them under the law within a reasonable time," reports the New York Times. Justices Samuel Alito and Clarence Thomas dissented because the Court's involvement, in their view, wasn't "necessary or appropriate."
In Happy Wildlife News: Here's a Kenyan reporter getting interrupted by playful elephants.
Kenyan #journalist Alvin Kaunda was reporting live from Nairobi when a curious baby #elephant, Kindani, decided to join the broadcast. The playful elephant stuck her trunk in Alvin's mouth, making for a hilarious moment! A joyful reminder of wildlife's charm and the work of the Sheldrick Trust!
— Emily Carter (@emilycurates.bsky.social) April 20, 2025 at 10:59 AM
[image or embed]
In Horrible Wildlife News: Gray whales are dying by the thousands thanks to melting arctic ice. Global warming has made it almost impossible for gray whales to get enough sustenance; their food webs are disrupted. Gray whales are starving. Their population has declined by 40 percent across the last decade.
Israel Says "Oops": Israel has admitted wrongdoing in the killings of 15 rescue workers in Gaza last month. After making excuses for killing emergency responders and then burying them in a sandy mass grave, Israel admitted to several "professional failures" and a breach of orders in a report from an internal investigation into the matter. Israel has fired one deputy commander responsible for the order to kill the aid workers and has censured another. That is the extent of the punishment for what really looks like a cut and dry war crime. The Palestine Red Crescent called the Israeli report "full of lies."
Kristi Noem's Purse Nabbed at DC Restaurant: A thief nabbed Department of Homeland Security Secretary Kristi Noem's purse while she was eating dinner. They made off with the purse and all of its contents which included "Noem’s driver’s license, medication, apartment keys, passport, DHS access badge, makeup bag, blank checks, and about $3,000 in cash."
Breeding Kink: The White House is considering a slew of new policies to incentivize Americans to reproduce more and reverse the declining birthrate. Some of the ideas include giving every mother $5,000 after giving birth to a baby, reserving 30 percent of scholarships in the prestigious Fulbright program to people who are married or who have kids, and bestowing a "National Medal of Motherhood" award to mothers with six or more kids. Trump pledged last month to be the "fertilization president." There is something deeply stomach-churning about all of this. It's an extension of the administration's focus on restoring "the American family." Of course, the American family to them is a traditional one between men and women and set within typical gender roles.
Music for your Monday: It just felt fitting. Not sure why.
New docs: The role of Markdown in WordLand.
RISC-V images for Fedora Linux 42 [LWN.net]
The Fedora Project's RISC-V special-interest group (SIG) has announced the availability of Fedora Linux 42 images for supported RISC-V boards, as well as QEMU and container images. The SIG is working toward making RISC-V a primary architecture for Fedora, and has made significant progress in the past year.
Our upstreaming work continues apace, and we want to acknowledge that none of this progress would be possible without the incredible collaboration from maintainers across the Fedora Project and beyond. Thank you to everyone who reviewed, accepted, merged, and built our patches. Your support makes this architecture possible.
We're also excited about just how many packages build cleanly without special treatment or overlay repositories that need to be cared for. RISC-V is becoming just another architecture, and that's exactly how it should be.
Template strings accepted for Python 3.14 [LWN.net]
The Python Steering Council accepted PEP 750 ("Template Strings") on April 10. LWN covered the discussion around the proposal, including the substantial revisions to the idea that were needed for it to be accepted. Template strings (t-strings) are a new kind of string that produces structured data instead of a raw string, allowing library authors to build their own custom template-handling logic. Since the approval happened before the cutoff for new features (May 6), support for template strings will be included in Python 3.14, scheduled for October 2025.
Pluralistic: Trump's FTC opens the floodgates for tariff profiteering (21 Apr 2025) [Pluralistic: Daily links from Cory Doctorow]
Have you heard that tariffs are going to drive prices up? Me too. There's a good reason we're hearing a lot of talk about tariffs prices: tariffs are a tax that is ultimately paid by consumers. Trump plans to raise $6t in tariffs, making them the largest tax increase in US history:
But that $6t is just for starters. If there's one thing we learned from the pandemic supply-chain shocks, it's that corporate CEOs never let an emergency go to waste. Bosses, knowing that you'd been warned to expect higher prices, went ahead and jacked up their prices way over inflation, blaming it on covid, on stimulus checks, on Biden, on the phase of the moon. Blaming it on anything – except greed. That's why we called it "excuseflation":
https://pluralistic.net/2023/03/11/price-over-volume/#pepsi-pricing-power
How do we know that bosses were jacking up prices? They told us so! In investor calls, corporate executives boasted that "consumer expectations" gave them "pricing power," and that they were making bank from it. From oil to eggs, excuseflation – greedflation – is everywhere:
https://pluralistic.net/2023/01/23/cant-make-an-omelet/#keep-calm-and-crack-on
Neoclassical economists insist that this is impossible. For greedflation to be real, companies would have to somehow collude to raise prices. After all, if prices go up for one seller and not another, shoppers will follow the invisible hand as it points them to those bargains. There's some truth to that, in a competitive market. But what if we were to waste 40 years, waving through anticompetitive mergers until most sectors of the economy were dominated by five or fewer companies:
https://www.openmarketsinstitute.org/learn/monopoly-by-the-numbers
When a sector is controlled by a handful of firms, there's plenty of opportunities for "tacit collusion." And not all the collusion is tacit: in concentrated sectors, all the C-suite types know each other. They've worked with each other for their whole careers, jumping from one company to another. They're godparents to each others' children, executors of one-another's estate, members of the same polycules. No wonder the Communist revolutionary Adam Smith wrote:
People of the same trade seldom meet together, even for merriment and diversion, but the conversation ends in a conspiracy against the public, or in some contrivance to raise prices.
But we live in the computer age. We aren't cavemen, confined to whispering price information to one another with our flapping meat-mouths. We have computers! Better still, we have data brokers, who allow for collusive price-raising, gather price data from all the dominant players in a sector, then "advising" each company on how to set its prices. Somehow, the optimal, coordinate pricing strategy is always to make prices higher. That's true with meat:
https://pluralistic.net/2023/10/04/dont-let-your-meat-loaf/#meaty-beaty-big-and-bouncy
And it's true with rent:
https://pluralistic.net/2024/12/11/nimby-yimby-fimby/#home-team-advantage
This kind of third-party price-rigging is illegal, of course, but decades of antitrust neglect allowed these "economic termites" to multiply and fill the walls of our society:
https://www.thebignewsletter.com/p/economic-termites-are-everywhere
But never let it be said that monopolists can't innovate. Thanks to the total failure of Congress to pass consumer privacy legislation since 1988, the humble price-fixing data-broker has transformed into the "surveillance pricing" industry:
https://pluralistic.net/2024/06/05/your-price-named/#privacy-first-again
With surveillance pricing, sellers buy your financial data from the unregulated data-broker industry and use it to set a different price for every customer. For example, McDonald's has invested in a company called "Plexure" that can tell when someone at the drive-through has just been paid, so that the seller can add a dollar to the price of their daily breakfast sandwich. And surveillance pricing isn't limited to buyers – sellers can get surveillance-priced, too. Take nurses, whose staffing agencies have been replaced by a cartel of three apps that buy nurses' credit data before offering them a shift, so that they can offer a lower wage to nurses carrying high credit-card debts (indebted, desperate workers will sell their labor for less):
https://pluralistic.net/2024/12/18/loose-flapping-ends/#luigi-has-a-point
The industry calls this "personalized pricing," and they tout the possibility that it will result in poorer people getting bargains from sellers who know just how little they can afford. In their telling, it's a kind of cod-Marxism, organized around "to each according to their ability (to pay)":
https://pluralistic.net/2025/01/11/socialism-for-the-wealthy/#rugged-individualism-for-the-poor
There's precious little evidence that personalized pricing is lowering anyone's prices. Indeed, the main benefit of personalized pricing – apart from price-gouging, that is – is that it's hard to detect. When prices are different for every customer, how does a customer know they're getting ripped off?
That's what Biden's FTC set out to discover. Last summer, they opened an investigation into surveillance pricing, with the goal of cracking down on the practice:
https://pluralistic.net/2024/07/24/gouging-the-all-seeing-eye/#i-spy
Then came the election, and a change in leadership at the FTC. Out with Lina Khan, the most effective FTC chair in generations, in with Andrew Ferguson, the decidedly mid Trump footsoldier whose first official act was to kill the surveillance pricing investigation and replace it with an internal snitch-line where FTC employees could report each other for being "woke":
https://pluralistic.net/2025/01/24/enforcement-priorities/#enemies-lists
This is a damned shame, because the country's largest, most successful "pricing consultancies" – like PROS Holding – are advising their clients to get ready to jack up prices in order to take advantage of consumer expectations of inflation from tariffs, as Katya Schwenk reports for The Lever:
https://www.levernews.com/how-trump-is-helping-price-gougers-exploit-his-tariffs/
You don't have to take Schwenk's word for it. You can watch pricing guru Craig Zawada's webinar for yourself:
https://pros.com/learn/webinars/navigating-tariff-increases-future-proof-pricing-strategy
Zawada works for PROS Holdings, a notorious price-setting technology provider. In the webinar, Zawada tells viewers that thanks to tariffs, "there is perhaps more of a window to make changes to your pricing than there has been before…customers expect change. Now is the time to take advantage."
Of course, you're the one he wants them to take advantage of.
PROS is one of the firms targeted by Khan's FTC and let off the hook under Ferguson. A former FTC official summed it up nicely: "The message that is coming out of this administration… is that the watchdog is gone and companies feel emboldened to rip people off. It’s open season on American consumers."
What's open season look like? Pricing consultant Drew Marconi hosted a webinar where he advised clients "You may just have to rip the Band-Aid — jack up prices and see what happens. You’re going to be surprised by how much room you have":
https://www.linkedin.com/events/7315531163840774144/comments/
And the firms are listening. Autozone's last 2024 earnings call included this reassuring news: "if we get tariffs… we’ll generally raise prices ahead of — [when] we know what the tariffs will be":
https://seekingalpha.com/article/4723049-autozone-inc-azo-q4-2024-earnings-call-transcript
Pricing consultants are advising their clients against charging "tariff surcharges," noting that customers will expect these to go away when (if) the tariffs end. Instead, they advise businesses to raise prices in expectation of "faster, lasting implementation of price increases":
https://www.washingtonpost.com/business/2024/10/30/companies-tariffs-trump-prices/
Ferguson has warned that the FTC will crack down on tariff profiteers who raise prices over and above the additional costs imposed by tariffs. But he said this even as he was shutting down the agency's investigations into the companies that facilitate exactly this kind of profiteering. Still, Ferguson is ridding the FTC of "woke." I'm sure that'll be a comfort to Americans as they fill in a loan application so they can afford a new tire for their car.
(Image: Cryteria, CC BY 3.0, modified)
Drobe https://www.drobeluggage.com/ (h/t Core77)
#20yrsago India rejects software patents https://yro.slashdot.org/story/05/04/20/2311255/software-patents-stopped-in-india
#15yrsago Kids and mobile phones: waiting for the surveillance shoe to drop https://memex.craphound.com/2010/04/20/kids-and-mobile-phones-waiting-for-the-surveillance-shoe-to-drop/
#15yrsago Magazine by and for the volcano-stranded https://web.archive.org/web/20100423042252/https://www.losowsky.com/magtastic/2010/what-we-do-next/
#15yrsago Spying school took “thousands” of photos of students with covert webcam app, caught kids sleeping, half-dressed https://www.wired.com/2010/04/webcamscanda/
#15yrsago Ireland High Court gives entertainment giants the power to disconnect whole families from the net https://arstechnica.com/tech-policy/2010/04/major-labels-go-bragh-as-irish-judge-allows-3-strikes/
#15yrsago Carbon offsets: fraud, exaggeration, and poorly run projects https://www.csmonitor.com/Environment/2010/0420/Buying-carbon-offsets-may-ease-eco-guilt-but-not-global-warming
#10yrsago Helen Keller, feminist, radical socialist, anti-racist activist and civil libertarian https://truthout.org/articles/the-radical-dissent-of-helen-keller/
#5yrsago Amazon is stronger – and weaker – than ever https://pluralistic.net/2020/04/20/great-danes/#crisis-means-crossroads
#5yrsago Trump's antitrust report card: F- https://pluralistic.net/2020/04/20/great-danes/#aaint
#5yrsago 94.5% of "small business" money went to giant corporations https://pluralistic.net/2020/04/20/great-danes/#ppp
#5yrsago Cars correlated with contagion in NYC https://pluralistic.net/2020/04/20/great-danes/#methodological-errors
#5yrsago Australian academic spyware https://pluralistic.net/2020/04/20/great-danes/#proctorio
#5yrsago Zoom claims it uses AI to stop sexytimes https://pluralistic.net/2020/04/20/great-danes/#nudity-detector-vans
#5yrsago Denmark: no bailouts for companies headquartered in tax havens https://pluralistic.net/2020/04/20/great-danes/#great-danes
#1yrago Greedflation, but for prisoners https://pluralistic.net/2024/04/20/captive-market/#locked-in
Wellingon: Unity Books, May 3, 3PM
https://www.unitybooks.co.nz/news-and-events/author-talk-picks-and-shovels-by-cory-doctorow
Pittsburgh: Picks and Shovels at White Whale Books, May 15
https://whitewhalebookstore.com/events/20250515
Pittsburgh: PyCon, May 16
https://us.pycon.org/2025/schedule/
PDX: Teardown 2025, Jun 20-22
https://www.crowdsupply.com/teardown/portland-2025
PDX: Picks and Shovels with bunnie Huang at Barnes and Noble,
Jun 20
https://stores.barnesandnoble.com/event/9780062183697-0
London: How To Academy with Riley Quinn, Jul 1
https://howtoacademy.com/events/cory-doctorow-the-fight-against-the-big-tech-oligarchy/
Manchester: Picks and Shovels at Blackwell's Bookshop, Jul 2
https://www.eventbrite.co.uk/e/an-evening-with-cory-doctorow-tickets-1308451968059
Manchester: Co-operatives UK Co-op Congress keynote, Jul 3
https://www.uk.coop/events-and-training/events-calendar/co-op-congress-2025-book-your-place
New Orleans: DeepSouthCon63, Oct 10-12, 2025
http://www.contraflowscifi.org/
Fightback Against Trump's Tariff Attack (Avi Lewis)
https://www.youtube.com/watch?v=P9sgIAc6z_o
The Voice of Canadian Humanism
https://open.spotify.com/episode/7uuwdZTIbWzKhBQ3mmMiRv?context=spotify%3Ashow%3A6N5hl8on16CfaeYArrKyqZ
"The Lost Cause:" a solarpunk novel of hope in the climate emergency, Tor Books (US), Head of Zeus (UK), November 2023 (http://lost-cause.org). Signed, personalized copies at Dark Delicacies (https://www.darkdel.com/store/p3007/Pre-Order_Signed_Copies%3A_The_Lost_Cause_HB.html#/)
"The Internet Con": A nonfiction book about interoperability and Big Tech (Verso) September 2023 (http://seizethemeansofcomputation.org). Signed copies at Book Soup (https://www.booksoup.com/book/9781804291245).
"Red Team Blues": "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books http://redteamblues.com. Signed copies at Dark Delicacies (US): and Forbidden Planet (UK): https://forbiddenplanet.com/385004-red-team-blues-signed-edition-hardcover/.
"Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin", on how to unrig the markets for creative labor, Beacon Press/Scribe 2022 https://chokepointcapitalism.com
"Attack Surface": The third Little Brother novel, a standalone technothriller for adults. The Washington Post called it "a political cyberthriller, vigorous, bold and savvy about the limits of revolution and resistance." Order signed, personalized copies from Dark Delicacies https://www.darkdel.com/store/p1840/Available_Now%3A_Attack_Surface.html
"How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet analyzing the true harms of surveillance capitalism and proposing a solution. https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59?sk=f6cd10e54e20a07d4c6d0f3ac011af6b) (signed copies: https://www.darkdel.com/store/p2024/Available_Now%3A__How_to_Destroy_Surveillance_Capitalism.html)
"Little Brother/Homeland": A reissue omnibus edition with a new introduction by Edward Snowden: https://us.macmillan.com/books/9781250774583; personalized/signed copies here: https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html
"Poesy the Monster Slayer" a picture book about monsters, bedtime, gender, and kicking ass. Order here: https://us.macmillan.com/books/9781626723627. Get a personalized, signed copy here: https://www.darkdel.com/store/p2682/Corey_Doctorow%3A_Poesy_the_Monster_Slayer_HB.html#/.
Unauthorized Bread: a middle-grades graphic novel adapted from my novella about refugees, toasters and DRM, FirstSecond, 2026
Enshittification, Why Everything Suddenly Got Worse and What to Do About It (the graphic novel), Firstsecond, 2026
The Memex Method, Farrar, Straus, Giroux, 2026
Today's top sources: Naked Capitalism (https://www.nakedcapitalism.com/).
Currently writing:
A Little Brother short story about DIY insulin PLANNING
Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS FEB 2025
Latest podcast: Nimby and the D-Hoppers CONCLUSION https://craphound.com/stories/2025/04/13/nimby-and-the-d-hoppers-conclusion/
This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
Medium (no ads, paywalled):
Twitter (mass-scale, unrestricted, third-party surveillance and advertising):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla
READ CAREFULLY: By reading this, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
ISSN: 3066-764X
The ongoing story of seconds on the taskbar [The Old New Thing]
Over a decade ago, I noted that early beta versions of the taskbar clock showed seconds, and sometimes even blinked the colon like some clocks do, but it was removed because the blinking colon and updating time were ruining Windows 95’s benchmark numbers due to the need to keep all of the code paths related to text rendering in memory, as well as the stack of the thread in the Explorer process that updates the clock.
Even though computers are not under the same tight memory constraints as Windows 95, the taskbar still does not show seconds because Terminal Services would have hundreds of updating clocks, and even on single-user systems, the energy efficiency team gives the side-eye to any timer that runs faster than once per minute.
But finally, in 2023, the Taskbar added an option to show seconds. The option is however disabled by default, and it comes with the warning “(uses more power)”. How much power is it using?
The Taskbar team ran power consumption tests to try to convince the energy efficiency team that even though there was an extra cost, that extra cost was not exorbitant.
A member of the Taskbar team told me that their preliminary measurements showed that Explorer consumed 0.417 mW of energy in its default configuration, but the energy usage went up to 5.42 mW if seconds were enabled on the taskbar. This is over a factor of ten, so that sure seems like a big jump.
I’m having trouble finding information on how much energy a laptop screen consumes. This Web site gives a range of 200 mW to 1100 mW active power consumption for a 16-inch screen at 100 nits. Do I believe these numbers? No. Will I report them anyway? I guess I just did.
If we accept these numbers, then an additional 5 mW doesn’t seem quite so bad overall.¹ It’s an extra 2.5% on the high end, or 0.05% on the low end. That’s a loss of 3 to 15 minutes over a 10-hour period.
¹ The energy efficiency team looks at the system as a whole. I mean, sure, Explorer decreasing battery life by 15 minutes over a 10-hour period might not sound like much, but suppose 10 other components come to the same conclusion. Now you’ve lost over two hours. They also look at the aggregate impact of Windows on the global environment and make recommendations like having Windows Update perform its work when there are more low-carbon energy sources available. You can use the PowerGridForecast class to use this information in your own programs. There’s even sample code.
The post The ongoing story of seconds on the taskbar appeared first on The Old New Thing.
1323: Maybe Some Crabs [Order of the Stick]
http://www.giantitp.com/comics/oots1323.html
Zeldman tries WordLand: "For bloggers who mostly write, it’s a clean, distraction-free interface with strong basic features that lets you offload CMS duties to WordPress."
Feed | RSS | Last fetched | Next fetched after |
---|---|---|---|
@ASmartBear | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
a bag of four grapes | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
Ansible | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
Bad Science | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
Black Doggerel | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
Blog - Official site of Stephen Fry | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
Charlie Brooker | The Guardian | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
Charlie's Diary | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
Chasing the Sunset - Comics Only | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
Coding Horror | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
Cory Doctorow's craphound.com | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
Cory Doctorow, Author at Boing Boing | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
Ctrl+Alt+Del Comic | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
Cyberunions | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
David Mitchell | The Guardian | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
Deeplinks | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
Diesel Sweeties webcomic by rstevens | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
Dilbert | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
Dork Tower | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
Economics from the Top Down | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
Edmund Finney's Quest to Find the Meaning of Life | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
EFF Action Center | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
Enspiral Tales - Medium | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
Events | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
Falkvinge on Liberty | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
Flipside | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
Flipside | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
Free software jobs | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
Full Frontal Nerdity by Aaron Williams | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
General Protection Fault: Comic Updates | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
George Monbiot | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
Girl Genius | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
Groklaw | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
Grrl Power | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
Hackney Anarchist Group | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
Hackney Solidarity Network | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
http://blog.llvm.org/feeds/posts/default | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
http://calendar.google.com/calendar/feeds/q7s5o02sj8hcam52hutbcofoo4%40group.calendar.google.com/public/basic | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
http://dynamic.boingboing.net/cgi-bin/mt/mt-cp.cgi?__mode=feed&_type=posts&blog_id=1&id=1 | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
http://eng.anarchoblogs.org/feed/atom/ | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
http://feed43.com/3874015735218037.xml | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
http://flatearthnews.net/flatearthnews.net/blogfeed | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
http://fulltextrssfeed.com/ | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
http://london.indymedia.org/articles.rss | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
http://pipes.yahoo.com/pipes/pipe.run?_id=ad0530218c055aa302f7e0e84d5d6515&_render=rss | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
http://planet.gridpp.ac.uk/atom.xml | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
http://shirky.com/weblog/feed/atom/ | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
http://thecommune.co.uk/feed/ | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
http://theness.com/roguesgallery/feed/ | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
http://www.airshipentertainment.com/buck/buckcomic/buck.rss | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
http://www.airshipentertainment.com/growf/growfcomic/growf.rss | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
http://www.airshipentertainment.com/myth/mythcomic/myth.rss | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
http://www.baen.com/baenebooks | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
http://www.feedsapi.com/makefulltextfeed.php?url=http%3A%2F%2Fwww.somethingpositive.net%2Fsp.xml&what=auto&key=&max=7&links=preserve&exc=&privacy=I+accept | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
http://www.godhatesastronauts.com/feed/ | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
http://www.tinycat.co.uk/feed/ | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
https://anarchism.pageabode.com/blogs/anarcho/feed/ | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
https://broodhollow.krisstraub.comfeed/ | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
https://debian-administration.org/atom.xml | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
https://feeds.feedburner.com/Starslip | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
https://feeds2.feedburner.com/GeekEtiquette?format=xml | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
https://hackbloc.org/rss.xml | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
https://kajafoglio.livejournal.com/data/atom/ | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
https://philfoglio.livejournal.com/data/atom/ | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
https://pixietrixcomix.com/eerie-cutiescomic.rss | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
https://pixietrixcomix.com/menage-a-3/comic.rss | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
https://propertyistheft.wordpress.com/feed/ | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
https://requiem.seraph-inn.com/updates.rss | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
https://studiofoglio.livejournal.com/data/atom/ | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
https://thecommandline.net/feed/ | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
https://torrentfreak.com/subscriptions/ | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
https://twitter.com/statuses/user_timeline/22724360.rss | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
https://web.randi.org/?format=feed&type=rss | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
https://www.coronamovie.com/ | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
https://www.dcscience.net/feed/medium.co | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
https://www.DropCatch.com/domain/steampunkmagazine.com | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
https://www.DropCatch.com/domain/ubuntuweblogs.org | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
https://www.DropCatch.com/redirect/?domain=DyingAlone.net | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
https://www.freedompress.org.uk:443/news/feed/ | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
https://www.goblinscomic.com/category/comics/feed/ | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
https://www.loomio.com/blog/feed/ | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
https://www.newstatesman.com/feeds/blogs/laurie-penny.rss | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
https://www.patreon.com/graveyardgreg/posts/comic.rss | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
https://www.rightmove.co.uk/rss/property-for-sale/find.html?locationIdentifier=REGION^876&maxPrice=240000&minBedrooms=2&displayPropertyType=houses&oldDisplayPropertyType=houses&primaryDisplayPropertyType=houses&oldPrimaryDisplayPropertyType=houses&numberOfPropertiesPerPage=24 | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
Humble Bundle Blog | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
I, Cringely | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
Irregular Webcomic! | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
Joel on Software | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
Judith Proctor's Journal | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
Krebs on Security | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
Lambda the Ultimate - Programming Languages Weblog | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
Looking For Group | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
LWN.net | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
Mimi and Eunice | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
Neil Gaiman's Journal | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
Nina Paley | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
O Abnormal – Scifi/Fantasy Artist | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
Oglaf! -- Comics. Often dirty. | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
Oh Joy Sex Toy | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
Order of the Stick | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
Original Fiction Archives - Reactor | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
OSnews | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
Paul Graham: Unofficial RSS Feed | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
Penny Arcade | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
Penny Red | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
PHD Comics | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
Phil's blog | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
Planet Debian | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
Planet GNU | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
Planet Lisp | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
Pluralistic: Daily links from Cory Doctorow | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
PS238 by Aaron Williams | XML | 06:42, Saturday, 26 April | 07:30, Saturday, 26 April |
QC RSS | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
Radar | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
RevK®'s ramblings | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
Richard Stallman's Political Notes | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
Scenes From A Multiverse | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
Schneier on Security | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
SCHNEWS.ORG.UK | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
Scripting News | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
Seth's Blog | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
Skin Horse | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
Spinnerette | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
Tales From the Riverbank | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
The Adventures of Dr. McNinja | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
The Bumpycat sat on the mat | XML | 06:07, Saturday, 26 April | 06:47, Saturday, 26 April |
The Daily WTF | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
The Monochrome Mob | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
The Non-Adventures of Wonderella | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
The Old New Thing | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
The Open Source Grid Engine Blog | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
The Stranger | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
towerhamletsalarm | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
Twokinds | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
UK Indymedia Features | XML | 06:28, Saturday, 26 April | 07:10, Saturday, 26 April |
Uploads from ne11y | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
Uploads from piasladic | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |
Use Sword on Monster | XML | 06:42, Saturday, 26 April | 07:29, Saturday, 26 April |
Wayward Sons: Legends - Sci-Fi Full Page Webcomic - Updates Daily | XML | 06:00, Saturday, 26 April | 06:46, Saturday, 26 April |
what if? | XML | 06:07, Saturday, 26 April | 06:48, Saturday, 26 April |
Whatever | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
Whitechapel Anarchist Group | XML | 06:21, Saturday, 26 April | 07:10, Saturday, 26 April |
WIL WHEATON dot NET | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
wish | XML | 06:00, Saturday, 26 April | 06:45, Saturday, 26 April |
Writing the Bright Fantastic | XML | 06:00, Saturday, 26 April | 06:44, Saturday, 26 April |
xkcd.com | XML | 06:00, Saturday, 26 April | 06:43, Saturday, 26 April |