Tuesday, 11 August

10:07

An extraordinary book [Seth's Blog]

Great non-fiction helps us see the unseen, plants and nurtures ideas that matter, and, sometimes, can leave us better than we were.

Isabel Wilkerson’s new book Caste does all of those things. It uses language, analogy and history to pull together disparate threads into a coherent, devastating whole.

Highly recommended.

05:42

Russ Allbery: Summer haul [Planet Debian]

I'm buying rather too many books at the moment and not reading enough of them (in part because I got back into Minecraft and in part because I got a bit stuck on a few difficult books). I think I've managed to get myself unstuck again, though, and have started catching up on reviews.

2020. It's kind of a lot. And I'm not even that heavily affected.

Katherine Addison — The Angel of the Crows (sff)
Marie Brennan — A Natural History of Dragons (sff)
Kacen Callender — Queen of the Conquered (sff)
Jo Clayton — Diadem from the Stars (sff)
Jo Clayton — Lamarchos (sff)
Jo Clayton — Irsud (sff)
Clifford D. Conner — The Tragedy of American Science (nonfiction)
Kate Elliott — Unconquerable Sun (sff)
Rory Fanning & Craig Hodges — Long Shot (nonfiction)
Michael Harrington — Socialism: Past & Future (nonfiction)
Nalo Hopkinson — Brown Girl in the Ring (sff)
Kameron Hurley — The Stars Are Legion (sff)
N.K. Jemisin — Emergency Skin (sff)
T. Kingfisher — A Wizard's Guide to Defensive Baking (sff)
T. Kingfisher — Nine Goblins (sff)
Michael Lewis — The Fifth Risk (nonfiction)
Paul McAuley — War of the Maps (sff)
Gretchen McCulloch — Because Internet (nonfiction)
Hayao Miyazaki — Nausicaä of the Valley of the Wind (graphic novel)
Annalee Newitz — The Future of Another Timeline (sff)
Nick Pettigrew — Anti-Social (nonfiction)
Rivers Solomon, et al. — The Deep (sff)
Jo Walton — Or What You Will (sff)
Erik Olin Wright — Stardust to Stardust (nonfiction)

Of these, I've already read and reviewed The Fifth Risk (an excellent book).

04:07

Spanking Spouses, Creepy Creepers, Lousy Lovers — Reader Advice Roundup! [The Stranger, Seattle's Only Newspaper: Savage Love]

Savage Love Letter of the Day — Reader Advice Roundup! by Dan Savage

1582309877-savage-letter-of-the-day-stamp-2020.jpg

This week's Savage Love Letters of the Day: what to expect when you're expecting to run into a coworker who accidentally flashed her boobs in a Zoom meeting; at what temperature should one keep one's tits when one is crushing on someone during a pandemic; how guilty should a guy feel about getting spanked behind his husband's back; and just how annoyed is a wife allowed to feel about the "maintenance spankings" her husband needs. And, of course, this week's Savage Love and this week's Savage Lovecast.

First up, regarding SPANK...

Some people need to be spanked, and my belief is that even vanilla people owe it to their partners to spank them from time-to-time to keep them happy. Spanking, like simple bondage, is a low-stakes form of BDSM, and is in my mind a reasonable ask of a partner, even one not inclined to incorporate D/s into a relationship. Unwilling to perform this simple low-stakes act? Then agree to let someone else do this thing to you partner. I must add that I don't see spanking as sexual per se, and don't consider the women I have spanked as being among my sex partners. I see this more as I would getting a professional massage. — Sublime Afterglow

And...

To those who think that spanking is no big deal and why not just do it.... I could possibly bring myself to spank my partner if it was really important to them. What I couldn't do is bring any sense of play or sexiness to it. I'm a big girl, I could summon up the wherewithal to do it, but I'd have to shut myself down emotionally in order to manage it. And if I had to add, "You're a bad bad boy," or the like? I dunno. Certainly couldn't do it with any kind of sexiness or fun, more a question of steeling myself, gritting my teeth to get through it, and then having to leave the house to go for a long drive. For me, sexual violence seems as much "a kink too far" as does, oh, scat play. But I've had public sex, I've had gang bangs—it's not a question of "nothing but missionary position with the lights off." I fully understand that lots of people think it's fun, and that sex without a little slapping or nipping or hair-pulling is just not sexy. I don't think it's wrong, I just think it's Not For Me. To the point where I'd feel incompatible with a partner who I knew needed it as a regular part of sexual fulfillment—I always feel like I was doing sex wrong, for them. And that's what I think about this letter: they're incompatible, why not just break up? — Agony

Regarding Thanks For Your Help, the woman whose newly submissive, dish-doing, laundry-folding husband wanted a "maintenance spanking" once in a while...

Clearly this is a reflection on me and not on the LW, who sounds lovely, but sometimes I'm baffled at these "I have the best problem ever HELP ME" letters. Fuck, I need a cold shower after reading this, dreaming wistfully of maybe someday having this problem. Life is such a rich tapestry.

I recently took a call from a woman who was approached outside a store by a trans woman on a pink scooter who wanted to pay for the privilege of licking my caller's feet.

View this post on Instagram

A post shared by Barstool Sports (@barstoolsports) on

Hey, Dan! Longtime listener and huge fan of the show! I just came across the above video on my feed and instantly thought of the call on Episode 705 where a woman called in regarding a similar situation & asked for your take on etiquette. I just re-listened to her call because I have a lot more time on my hands these days and the similarities are eerily similar—the blanket, removing socks, scooter, etc. Either this is more of a common occurrence than you or I ever realized or it's the same individual? Either way, this video was taken and shared. The girl seems to be laughing in the video but seems uncomfortable. Maybe, like your caller, she felt like she had to be polite, say yes, and give the individual in pink the benefit of the doubt? I can't help but wonder if this reaction was encouraging to the individual and if they'll continue to confront strangers, during a pandemic, in public spaces, with these requests. Anyway, I thought I'd send it your way.

I'm pretty sure the person in pink licking Julia's feet is the same individual who approached my caller about licking hers. Frankly, based on the details my caller shared, I think the person in pink is a creep. (I'm avoiding gendered pronouns here because I don't know how the person in pink identifies and that alone proves I'm a more considerate person than both the person in pink and the person who posted this video to Instagram.) While I can't say for sure there's only one person zooming around major cities on a pink scooter in midriff-bearing pink tops asking women if they can lick their feet, I certainly and very sincerely hope there isn't more than one of them out there.

Regarding that boy who may or may not be bad at sex...

You said this in your most recent column response to CUNT, a woman whose boyfriend is "working with a psychotherapist who told him some people are just not good at sex and he should just accept that he’s one of those people." Maybe he should accept that but there's no reason that can't change. Does his partner think he's bad at sex? Was he bad at sex before this new stressful period? If it's stress, perhaps meditation or a long hot bath or something similar would help. If the sex has always been bad, how is the communication in the relationship? Maybe both of them should spend some time talking about what they want during sex.

About something I said...

Sky Daddy! I lost my shit when you said that. That was so fucking hilarious. I feel like maybe you've coined another term! Thanks for the laugh!

I don't know if I'm the first person to call God "Sky Daddy" but I'm happy to take the credit if it catches on. Hope you find your shit again soon!

And finally...

Okay, we're going to leave it there! I hope everyone has a great weekend! Stay safe!

View this post on Instagram

A post shared by Dan Savage (@dansavage) on


••••••••••••••••••••••••••••

Listen to my podcast, the Savage Lovecast, at www.savagelovecast.com.

03:07

George RR Martian [QC RSS]

the expanse (of butts)

02:35

E Ink demos a folding e-reader that can also take notes [OSnews]

Folding smartphones are slowly making their way into the mainstream. Could foldable e-readers be next? The E Ink Corporation, the company behind the digital paper tech found in the majority of e-readers, is trying to make it happen. The firm’s R&D lab has been developing foldable e-ink screens for a while, and its latest prototype clearly demonstrates the idea’s potential.

This feels like such a natural fit for an e-reader. A foldable e-reader mimics a real book a lot more accurately than a regular portrait display does, and can potentially reduce the amount of times you have to perform a digital page flip. Still nowhere near a real book, of course, but a tiny step closer nonetheless.

Windows 10 2004’s new Hosted App Model is pretty great [OSnews]

Microsoft has a long history of innovations which never really went anywhere, but with the new Hosted App Model on Windows 10 the company may just have hit it out of the ballpark.

Microsoft introduced the Hosted App Model in Windows 10 2004 ie. the Windows 10 May 2020 Update, and the technology already appears set to solve a wide variety of problems for both Microsoft and end-users.

In the Hosted App Model, an app can declare itself as a host for other applications, while allowing those applications to retain their identity as independent apps.

It does seem like a neat technology.

01:49

Link [Scripting News]

Here's a wicked idea. Let Trump put himself on Mt Rushmore. Hopefully to be announced before the election, hopefully with great fanfare. That would get all the Democrats to turn out, and quite a few Republicans, now they can clearly see where Trump is going.

Monday, 10 August

23:42

[$] End-to-end network programmability [LWN.net]

Nick McKeown kicked off the virtual Netdev 0x14 conference with a talk on extending the programmability of networking equipment well beyond where it is today. His vision is of an end-to-end system with programmable pieces at every level. Getting there will require collaboration between the developers of the networking stacks on endpoint operating systems as well as those of switches, routers, and other backbone equipment. The keynote was held on July 28, a little over two weeks before the seven days of talks, workshops, and tutorials for Netdev, which begins on August 13.

22:42

Dirk Eddelbuettel: nanotime 0.3.1: Misc Build Fixes for Yuge New Features! [Planet Debian]

The nanotime 0.3.0 release four days ago was so exciting that we decided to do it again! Kidding aside, and fairly extensive tests notwithstanding we were bitten by a few build errors: who knew clang on macOS needed extra curlies to be happy, another manifestation of Solaris having no idea what a timezone setting “America/New_York” is, plus some extra pickyness from the SAN tests and whatnot. So Leonardo and I gave it some extra care over the weekend, uploaded it late yesterday and here we are with 0.3.1. Thanks again to CRAN for prompt processing even though they are clearly deluged shortly before their (brief) summer break.

nanotime relies on the RcppCCTZ package for (efficient) high(er) resolution time parsing and formatting up to nanosecond resolution, and the bit64 package for the actual integer64 arithmetic. Initially implemented using the S3 system, it has benefitted greatly from work by Leonardo Silvestri who rejigged internals in S4—and now added new types for periods, intervals and durations.

The NEWS snippet adds full details.

Changes in version 0.3.1 (2020-08-09)

  • Several small cleanups to ensure a more robust compilation (Leonardo and Dirk in #75 fixing #74).

  • Show Solaris some extra love by skipping tests and examples with a timezone (Dirk in #76).

Thanks to CRANberries there is also a diff to the previous version. More details and examples are at the nanotime page; code, issue tickets etc at the GitHub repository.

If you like this or other open-source work I do, you can now sponsor me at GitHub. For the first year, GitHub will match your contributions.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

21:56

Alexander Artemenko: simple-rgb [Planet Lisp]

Two days ago I wrote about Dufy - the color manipulation library. While preparing that post, I found another library which is more practical if you need to work only with RGB.

It is able to convert to and from string representation and has some function for color manipulation.

For example, it has a builtin function similar to the one I wrote in the post about Dufy:

POFTHEDAY> (simple-rgb:parse "#F4BBFF")
#(244 187 255)

POFTHEDAY> (simple-rgb:darken-rgb * :alpha 0.25)
#(183 140 191)

POFTHEDAY> (simple-rgb:xmlify-rgb *)
"#B78CBF"

The result is the same:

Original (#F4BBFF)
Darker (#B78CBF)

Also, there are other functions for color manipulation:

POFTHEDAY> (flet ((h (c)
                    (simple-rgb:xmlify-rgb c)))
             (let ((color (simple-rgb:parse "#F4BBFF")))
               (list
                :original (h color)
                :grayscale (h (simple-rgb:greyscale-rgb color))
                :complement (h (simple-rgb:complement-rgb color))
                :inverted (h (simple-rgb:invert-rgb color))
                :contrasted (h (simple-rgb:contrast-rgb color))
                :lighter (h (simple-rgb:lighten-rgb color))
                :darker (h (simple-rgb:darken-rgb color))
                :greener (h (simple-rgb:mix-rgb
                             color
                             (simple-rgb:parse "#00FF00")
                             :alpha 0.25)))))
(:ORIGINAL "#F4BBFF"
 :GRAYSCALE "#D4D4D4"
 :COMPLEMENT "#C6FFBB"
 :INVERTED "#0B4400"
 :CONTRASTED "#FFFFFF"
 :LIGHTER "#FADDFF"
 :DARKER "#7A5E80"
 :GREENER "#B7CCBF")
ORIGINAL (#F4BBFF)
GRAYSCALE (#D4D4D4)
COMPLEMENT (#C6FFBB)
INVERTED (#0B4400)
CONTRASTED (#FFFFFF)
LIGHTER (#FADDFF)
DARKER (#7A5E80)
GREENER (#B7CCBF)

So, if want just to play with RGB colors, this library is exactly what you need!

20:28

News Post: The Starter Dad [Penny Arcade]

Tycho: I think of my own father, who was a kind of symbol whose every whorl and serif constituted an insoluble, male maze, and myself, who is essentially just unpaid IT, and I'm glad there's no licensing requirement for fatherhood because no dad I know would be granted it. I certainly can't compete with Dwayne Johnson, who is called The Rock and is The Rock. I can't compete with this stone man. The optimal scenario I think would be if my children can't print. Or, if they got stuck near the end of a puzzle room themed after classic science fiction and I had the time directly…

20:14

Webtoon Recommendation Time: Let’s Play! [Whatever]

Let's Play Volume 1 by Rocketship — Kickstarter

One thing you probably see on here a lot is book recommendations. I mean, makes sense, sure, but wouldn’t it be nice to explore another medium of stories? Well, have I got just the thing for you! For the past two years, I have been reading an amazing webtoon called Let’s Play; a story about an indie game developer who finally comes out with her own game, only to have it totally trashed by a popular streamer. Then, said streamer becomes her new neighbor! But it’s not just about that, oh no, there’s office drama, gaming drama, coffee shop drama, and so much more!

Interview with Webtoon's Let's Play Creator Mongie! — Nerdophiles

One of my favorite things about sticking with a webcomic for a long period of time is you get to see the artist’s style change and progress. The other day, I went back to the very first episode after reading the 125th one, and I didn’t even recognize one of the characters for a second! Seeing someone’s style change is so fascinating, and really shows you just how hard the artist is working to provide quality content each and every episode.

One of my favorite things about this particular webcomic is how real each and every one of the characters are. They have so much personality, their struggles are believable, and each of them is likable in their own ways. It’s one of those stories where the side characters aren’t just empty husks meant to support the main character, they’re fleshed out, have their own episodes, and are presented as characters that actually matter. And, some of them are super cute, which doesn’t hurt either. Yes, I know they’re a drawing, no that doesn’t make them any less hot, okay? Okay.

Anyways, this comic is so much fun! It’s hilarious, emotional, realistic, and engaging. This is definitely my favorite webcomic right now (though there are some close runner-ups I might post about at a later date). Follow Sam on her journey of navigating through her ever-changing relationships with those closest to her here. Make sure you go to the first episode! And have a great day.

-AMS

19:21

College Football Doomed [Whatever]

At least in the Big Ten and probably in the Pac-12, definitely in some of the midlist conferences. I imagine the reality of it won’t really hit some people until the SEC gives up the ghost, although, who knows, maybe they won’t, it’s not a coincidence that some of the hottest hotspots of coronavirus activity are in the South. The idea of 100,000 Auburn fans (for example) screaming their hearts out in the stands, all without masks, terrifies me, but I guess it might just be an example of freedom for them. Just 15% of Alabama ICU beds are available as of six days ago, incidentally. And we’re not even talking about Florida yet!

As you can see from the tweet above, I made snark about this being the fault of the maskless, and while they are certainly not the only ones at fault — let’s all stare at the federal and state governments that have got us to where we are today, y’all — let’s not pretend that the folks who absolutely refused to perform sensible prophylactic practices don’t bear a large chunk of the responsibility. Not just for no college football, although that is a big one here in the US, all things considered, but also for the general grinding and sputtering of our economy and its recovery. As I noted in a follow-up tweet, the maskless have done more to destroy the American capitalist system in a few short months than three whole decades of college socialists. The college socialists wear their fucking masks, people. Even when they’re out there protesting.

I went to a Division III school (which had already cancelled its fall sports in July anyway), so from an alumni standpoint I don’t have a dog in this hunt; indeed, the only real emotion I feel is happy for my friends from Michigan. Now they won’t have their asses handed to them by Ohio State again this year (that rivalry is a very real thing that affects both states in a way that I, a humble nerd from California, genuinely cannot feel in my bones). But I do suspect football-less fall Saturdays are going to do more to bring the reality of our current situation home to some people than 160,000 dead, millions more infected and a cratered economy. Which is sad, but whatever works.

But yeah: You coulda had college football, folks. All it took was a mask and some basic consideration of other people. But you thought you’d rather not. Enjoy your Saturdays!

Update: 4:42pm — Ooooooh, drama:

— JS

19:14

Internet Famous with a Few Wiley Books [Humble Bundle Blog]

We’ve teamed up with Wiley for our newest bundle! This bundle launched on Monday, August 10, 2020, at 11:00 AM

Continue reading

The post Internet Famous with a Few Wiley Books appeared first on Humble Bundle Blog.

18:56

Link [Scripting News]

Patti Smith's tribute to Jerry Garcia, who died 25 years ago.

18:28

Blockade of police station [Richard Stallman's Political Notes]

*Young people have blockaded a police station in north-west London, accusing [thugs] of assaulting and arresting youth workers who had gone to investigate the arrest of a 14-year-old.*

Worth fighting for [Richard Stallman's Political Notes]

*"It is worth fighting for a system that puts public health ahead of profits: Medicare for All," said a doctor touting Canadian system.*

Dow and Coronavirus [Richard Stallman's Political Notes]

(satire) *Dow Skyrockets After Coronavirus Begins Trading On New York Stock Exchange.*

Stamp and ballot [Richard Stallman's Political Notes]

Arguing that requiring a voter to buy a stamp to mail in a ballot is a kind of poll tax, and thus unconstitutional.

Ironically, ballots that don't have stamps (because they are in states which prepay for mailing back ballots) run a risk of being rejected for not carrying a postmark.

This shows that the US hodgepodge of voting systems was not designed with the proper goal of helping every authorized voter to cast a ballot.

Thug harassement [Richard Stallman's Political Notes]

London thugs decided to search Ryan Colaço and his car for no obvious reason. They strip-searched him, found nothing, but still jailed him. They searched his car, too, and must have decided to search the inside of the glass of one window, because when he got it back that window had been smashed.

Oh, he faces charges of "resisting". Perhaps the thugs were getting fed up after searching him 20 times and never finding anything to make it worth while.

Progressive win [Richard Stallman's Political Notes]

A progressive candidate won the Democratic primary for senator in Tennessee.

For any Democrat to win there will be difficult, but I think a progressive has a better chance of inspiring support than a right-wing "centrist".

Hypersensitivity [Richard Stallman's Political Notes]

Hypersensitivity is spreading everywhere.

Ancient Americans (aka 1491), by Charles Mann, discusses the terms "Eskimo" and "Inuit" on page 341. It seems that neither term is welcomed by the entire group in question, which spans from Alaska to Greenland.

As for "Siamese twins", it is true that the phenomenon of conjoined twins is a general human trait and not specific to people from Siam. But why in the world would people from Siam feel offended by it?

While we are on the subject, the kingdom which used to call itself "Siam" (the name of the region) changed its name to "Thailand" in the 1930s as a declaration of ethnic prejudice. "Thaï" is the name of the majority ethnic group, so the name "Thailand" asserts that other ethnic groups there are subordinate. In other words, it stands for Thai supremacism.

Holocaust lens [Richard Stallman's Political Notes]

Peter Beinart: Israelis dehumanize Palestinians by seeing them through the "Holocaust lens" and perceiving them as antisemites when they campaign for their rights.

Beinert advocates a combined state with equal rights for Israelis and Palestinians. Roger Cohen argues that two separate states are still necessary and still possible.

Cleaning up Timor sea [Richard Stallman's Political Notes]

*Calls for Woodside to pay $200m to clean up moribund Timor Sea oil site it ran until 2016.*

This is fair — but fossil fuel companies usually go to great lengths not to pay to clean up their own messes.

Sabotaging election campaign [Richard Stallman's Political Notes]

*Jeremy Corbyn accuses Labour officials of sabotaging election campaign.*

I can't follow the description of the events in this article, as it depends on too much else. But it is not inherently implausible. The "moderate" (plutocratist) wing of Labour certainly went to great lengths to defeat Corbyn.

Coal mines [Richard Stallman's Political Notes]

Modi has a last-ditch plan to build 40 new unneeded coal mines just before the coal ceases to be worth much.

International shipping [Richard Stallman's Political Notes]

*Behind the Beirut explosion lies the lawless world of international shipping.*

It seems that the authorities in Beirut did not know about, or didn't check for, the danger of that particular cargo.

Farms and Covid-19 [Richard Stallman's Political Notes]

Many farms and food plants in California did little or nothing to protect workers from Covid-19, and kept them in the dark when Covid-19 started spreading among them.

18:14

Page 43 [Flipside]

Page 43 is done.

17:42

Security updates for Monday [LWN.net]

Security updates have been issued by Debian (pillow, ruby-kramdown, wpa, and xrdp), Fedora (ark and rpki-client), Gentoo (apache, ark, global, gthumb, and iproute2), openSUSE (chromium, grub2, java-11-openjdk, libX11, and opera), Red Hat (bind, chromium-browser, java-1.7.1-ibm, java-1.8.0-ibm, and libvncserver), SUSE (LibVNCServer, perl-XML-Twig, thunderbird, and xen), and Ubuntu (samba).

17:28

Link [Scripting News]

Poll: If you were a NYC school teacher would you feel safe starting school in a few weeks?

Today in GPF History for Monday, August 10, 2020 [General Protection Fault: The Comic Strip]

As the flood waters rise, Nick and Dexter struggle to save some children and their dog from drowning, as Ki and Fooker watch helplessly nearby...

16:42

Link [Scripting News]

Podcast: Second impressions of Clubhouse. 8 minutes.

Drawn Together – DORK TOWER 10.08.20 [Dork Tower]

Dork Tower runs Monday/Wednesday/Friday, thanks to the support of its amazing Patreon backers.  The next goal is a Sunday strip! Help us reach four Dork Towers a week! You’ll get swag, commentary, bonus strips, community…and our everlasting gratitude! Enlist in the the Army of Dorkness today!

16:14

Pluralistic: 10 Aug 2020 [Pluralistic: Daily links from Cory Doctorow]


Today's links



Warren Buffet, monopolist (permalink)

Monopolized: Life in the Age of Corporate Power is David Dayen's new book about the concentration of industry in America and around the world; one interesting implication of monopolies is that they are intensely individual phenomena.

https://thenewpress.com/books/monopolized

That is, despite being driven by vast social forces, monopolies have monopolists: named, well-known individuals whose personal choices directly lead to misery, hardship and death for millions.

People like Warren Buffett, America's folksiest monopolist.

Buffett isn't shy about this. His whole deal is backing companies with "moats" – that is to say, companies that don't have to worry about competition (cue Peter Thiel, saying the quiet part aloud: "Competition is for losers").

Buffet is in nearly every chapter of MONOPOLIZED. In an interview with Matt Stoller, Dayen explains how this came to be.

https://mattstoller.substack.com/p/warren-buffett-americas-folksiest

What kinds of monopolies does Buffett love? Well, if you can't afford dialysis or if you lost a loved one to opioids, chances are Buffett made a buck. A classic Buffett moat is health/pharma, which are easy to monopolize thanks to the captive audience and/or addiction.

If your town only has one newspaper, that might be Buffet's doing – and if not, it was the doing of one of his buffettistas, using his playbook to buy one paper and then crush its rivals with anticompetitive tactics.

If you own a mobile home and lost money the instant you bought it and get worse off every year in a trailer park, that's probably Buffett, who understands that when someone is desperately clinging on at the brink of homelessness, you can really squeeze 'em.

If you own a .net or .com domain that you're paying big bucks to renew every year, that's Buffett, working through Verisign, one of the world's most profitable companies, thanks to its government monopoly on the to biggest TLDs.

If your favorite craft brewer was driven to its knees and bought up for pennies by the Brazilian private equity firm 3G, that was Buffett, who drove the purchase of beer monopolist AB Inbev. Buffett's also behind megamergers like Burger King/Tim Horton's and Kraft/Heinz.

And while Buffett rarely buys tech businesses, he was big, early on Amazon: "I had to understand the product and business." Dayen translates: "he understood the monopoly that Amazon was putting together, so he purchased a large share of their stock."

Buffett's also big on Moody's part of the hyperconcentrated bond-rating market: "I know nothing about credit rating. The only reason I bought it is because there are only three credit rating agencies and they serve the whole country, and they have pricing power."

Buffett's ideal investment is a monopolist, one that makes money so reliably, irrespective of poor quality or high prices, that "even your idiot cousin could run it."

Buffett doesn't just seek out monopolies: he creates them, he cheerleads them, he normalizes them. Buffett, perhaps more than anyone else on Earth, has legitimized the idea of monopolies.

As Dayen points out, "Buffett would be the best informant for an antitrust authority that you could find, because he's already looked into the economy and found the companies that have the most inordinate market power. And so all you’d need to do is subpoena him and say, all right, tell me about this company that you bought and why you bought it. And you would say, well, they have this incredible pricing power. Well, there you go."

Monopolies esoteric, so let's put some sinew and blood onto those bones. Zephyr Teachout's new book "Break 'Em Up" has a great chapter on "chickenization," the labor practice named for the way the poultry-processing monopolists do business.

https://pluralistic.net/2020/07/29/break-em-up/#break-em-up

If you're a poultry farmer, here's how your life works. The three poultry processors have divided up America so there's only one processor in range of your farm. That processor tells you how to run your business.

They design your coop. They sell you your chicks. They tell you when and what to feed them. They tell you when to turn on the lights and when to turn them off. They tell you which vets to use, and which meds the vets can prescribe.

They experiment on you: some farmers are given experimental chick breeds, or experimental feeding or lighting schedules.

But through it all, they don't tell you how much they're gonna pay you.

You find that out when you send your chickens to the plant – they just…decide. If the price is too low, you go broke. Chickenizers tune the process to keep farmers at the brink of bankruptcy. If you complain, they stop buying your chickens.

If you complain in public, they tell all the other farmers that if they do business with you, they'll stop being able to sell their chickens, too.

Chickenization isn't just for chickens. It's the Uber model, the Shipt model, the model of any "gig work" that tells you what you have to buy and spend, but not what you will earn, with the pretense that you are an "independent contractor."

https://pluralistic.net/2020/07/14/poesy-the-monster-slayer/#stay-on-target

Chickenization is coming to vast swathes of the workforce, and lockdown will accelerate it, because if your job can be done anywhere in the world, your employer can shop for the cheapest labor, anywhere in the world.

And even though you're working from home, bossware lets your employer (excuse me, the company you "contract to") control and script your movements down to the keystroke, watching your facial expressions and listening to your mic.

https://pluralistic.net/2020/07/01/bossware/#bossware

That's where the Wizard of Omaha's love of "moats" gets us: chickenized worlds, run by bossware, where he gets rich, and we cling on by our fingernails.



Uber lost $4b in H1/2020 (permalink)

If you only follow one person on Uber, make it Hubert Horan, a transport analyst who's been writing about the sector for 40+ years and has written 23 articles analyzing Uber's financials and the impossibility of the firm ever attaining profitability.

https://www.nakedcapitalism.com/2020/08/hubert-horan-can-uber-ever-deliver-part-twenty-three-ubers-already-hopelessly-unprofitable-economics-take-a-major-coronavirus-hit.html

Uber has never, ever been profitable, and it never will be. When the company IPOed and its investors dumped their stock on suckers, its prospectus – the S1 – revealed that the company's path to profitability:

Replacing every public transportation journey in the world with an Uber ride.

https://www.axios.com/uber-ipo-mass-transit-competition-db5b2876-a1dd-4e52-9693-3771891e835b.html

Short of that, the company is and always will be a money-loser.

The only reason it exists is that the Saudi royals decreed that they would diversify their income, and gave Softbank an unlimited investment budget. Softbank backs companies that it thinks can monopolize a sector, allows them to lose money for years – decades!

Softbank assigns its companies absurd, unsupportable valuations, in the hopes of scaring off competitors. If the monopoly rents never materialize, Softbank flogs the company to rubes who were wowed by those sky-high valuations. That's the Uber story.

In the past four years, Uber has lost $23.2 billion. In the first half of 2020, Uber lost $4B. In 2019, Uber lost $5.1B. That means it's losing money faster in 2020, despite no one riding in its money-losing unlicensed taxi-cabs (Uber subsidizes about 40% of every ride).

Uber's got $7.8B on hand. At that rate, it will be broke by mid-2021.

Horan: "But if anyone still thought that Uber could somehow magically reverse its multi-billion dollar losses, the coronavirus should have put their fantasies totally to rest."

"The coronavirus has crushed the major drivers of urban car services demand, including business travel and discretionary urban entertainment (clubs, restaurants, etc.). Their customers remain highly concerned about the health risks of all forms of public transportation."

Lots of businesses were made unprofitable by the pandemic – Disneyland, MLB, United Air – but they were wildly profitable beforehand. Uber lost money before the lockdown. They lost more after. They are toast.

Not even Uber Eats, a predatory company that is destroying restaurants that were profitable, and might be profitable again if they survive, is losing the company massive sums, the financial economy destroying the productive economy.

Eats loses money faster than the car service! Its "adjusted EBITDA is 25 margin points worse than car services, even after the big coronavirus driven boost in food delivery demand."b

And even as we prepare to dance on Uber's grave, remember that Uber chickenized a vast cohort of precarious workers who will be sucked down with it.

Incredibly, Uber CEO Dara Khosrowshahi is claiming the company will be profitable by the end of 2021. The press is repeating this claim despite the fact that he has no documented plan to make this happen and all his past profitability predictions were false.

(Image: Tarcil, CC BY-SA, modified)



Dragon's Lair skeleton Dirk pin (permalink)

Dragon's Lair wasn't a fun game, but it was an amazing game, and worth the $0.50 premium it commanded for its jaw-dropping laser-disc graphics, especially Don Bluth's superb character designs.

https://en.wikipedia.org/wiki/Dragon%27s_Lair

Etsy seller Nerdmatters commemorates Bluth with this terrific $10 Skeleton Dirk pin that comes with a holographic sticker.

https://www.etsy.com/listing/657285957/dragons-lair-dirk-skeleton-enamel-pin

Nerdmatters has a pretty fabulous store. I came for the Skeleton Dirk, but I stayed for the Pink Hologram Princess Leia Glitter pin.

https://www.etsy.com/listing/652414159/pink-hologram-princess-glitter-enamel

Both come with elaborate, pitch-perfect packaging from an alternate universe in which they are the official product.



This day in history (permalink)

#10yrsago Bill Ayers's To Teach: The Journey, in Comics, a humanist look at education https://boingboing.net/2010/08/10/bill-ayerss-to-teach.html

#5yrsago Kansas officials stonewall mathematician investigating voting machine "sabotage" https://www.kansas.com/news/politics-government/article27951310.html

#1yrago Adversarial Fashion: clothes designed to confuse license-plate readers https://adversarialfashion.com/collections/all

#1yrago How facial recognition has turned summer camp into a dystopia for campers, parents, counsellors and photographers (but not facial recognition vendors) https://www.washingtonpost.com/technology/2019/08/08/summer-camps-turn-facial-recognition-parents-demand-more-smiles-please/?noredirect=on#click=https://t.co/3CpoqSYybP

#1yrago Pressed about Amazon deforestation, Bolsonaro proposes only shitting on alternate days to remediate climate change https://www.bbc.com/news/world-latin-america-49304358

#1yrago The FBI keeps boasting about all its "domestic terror" arrests, but it can't name a single one https://www.propublica.org/article/fbi-domestic-terrorism-arrest-data#166140



Colophon (permalink)

Today's top sources: Naked Capitalism (https://www.nakedcapitalism.com/), Super Punch (https://superpunch.net/).

Currently writing:

  • My next novel, "The Lost Cause," a post-GND novel about truth and reconciliation. Friday's progress: 517 words (41820 total).

Currently reading: The Deficit Myth, Stephanie Kelton

Someone Comes to Town, Someone Leaves Town (part 12), https://craphound.com/podcast/2020/08/03/someone-comes-to-town-someone-leaves-town-part-12/

Upcoming appearances:

Latest book:

Upcoming books:


This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.


How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/web/accounts/303320

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

When life gives you SARS, you make sarsaparilla -Joey "Accordion Guy" DeVilla

16:00

Link [Scripting News]

I need a backlit keyboard because I write at night and the room where I work is pretty dark. I like it that way. I have a Logitech keyboard which I like, but the keys are getting sticky, and it's blowing my concentration. I spend so much time at the keyboard. The keyboard should be transparent, I should never have to think about it while writing. As I look on Amazon there aren't many keyboards that are illuminated, at least from companies I've heard of, and the prices are suspiciously low. I would buy one from Apple if they had one. The model that I have now has been discontinued, it seems.

If Biden doesn't choose Harris [Scripting News]

From a thread on Facebook.

  • My two cents on Kamala Harris and baggage.
  • She has the worst kind of baggage. She's already tried to humiliate Biden, unfairly, in public. It didn't work. My experience in life is if you let something like that go, they do it again and again. The relationship is over. She took a calculated risk and it didn't work. That's the way business and politics work. You don't often get do-overs.
  • She can run for president again, maybe she'll win, but it would be a sign of weakness and ignorance, even naiveté for Biden to choose her. There are so many other possibilities.
  • He may just have to weather the nonsense from Harris supporters, and there are many and they are vocal, and pushy (not her, her supporters, some of whom I consider friends), and then we can tell the people who are trying to raise hell that they're playing with our lives and their own lives, and they should just let it rest.
  • That said, she's also from California, which won't get you a lot of votes in Iowa or Wisconsin.

15:42

How can I tell whether the user has disabled toast notifications for my app? [The Old New Thing]

A customer wanted to know how to get the complete list of programs from the Settings, System, Notifications & Actions, Get notifications from these senders list, as well as whether the user has enabled notifications for each app.

Upon closer questioning, it turns out that this isn’t really what they wanted. They didn’t need the complete list of apps and the user’s preference for each one. When asked what they were going to do with the information, they said that they were going to search through the list looking for their app, to see whether notifications are enabled. If notifications are disabled for their app, then they are going to warn the user, “You need to enable notifications for Contoso Sports to receive game alerts.”

In a sense, this was a case of the “for/if” antipattern: Instead of asking for the thing that they actually want, they ask for everything and then try to filter to the thing that they want.

The way to find out whether notifications are enabled for your app is to check the ToastNotifier.Setting property. Here’s some sample code:

// C#
var notifier = ToastNotificationManager.CreateToastNotifier();
var setting = notifier.Setting;

// C++/WinRT
auto notifier = ToastNotificationManager::CreateToastNotifier();
auto setting = notifier::Setting();

// C++/CX
auto notifier = ToastNotificationManager::CreateToastNotifier();
auto setting = notifier->Setting;

// JS
var notifier = ToastNotificationManager.createToastNotifier();
var setting = notifier.setting;

// VB
Dim notifier = ToastNotificationManager.CreateToastNotifier()
Dim setting = notifier.Setting

The resulting value in setting tells you whether toasts are enabled, or if not, why not. You can use this to display specific instructions to the user.

switch (setting) {
case NotificationSetting.Enabled:
    // everything is great.
    break;

case NotificationSetting.DisabledForApplication:
    Warn("Please go to Settings, System, Notifications & Actions " +
         "and enable this application in the "
         "'Get notifications from these senders' list.");
    break;

case NotificationSetting.DisabledForUser:
    Warn("Please go to Settings, System, Notifications & Actions " +
         "and set "
         "'Get notifications from apps and other senders' to On.");
    break;

case NotificationSetting.DisabledByGroupPolicy:
    Warn("Your system administrator has prevented us from " +
         "showing notifications.");
    break;

case NotificationSetting.DisabledByManifest:
    Warn("Oops. We forgot to ask the operating system for permission " + 
         "to display toast notifications. Please file a bug.");
    break;

// Catch-all case for reasons that are defined
// in future versions of Windows.
default:
    Warn("It doesn't look like toast notifications are enabled, " +
         "but we don't know why.");
    break;
}

Note that this is even better than what the customer requested, because it also detects other cases, such as where the user left the notification enabled for your app, but then went and disabled all notifications globally.

Bonus chatter: You could go the extra mile and launch the Settings app directly to the Notifications & Actions page.

await Launcher.LaunchUriAsync("ms-settings:notifications");

The post How can I tell whether the user has disabled toast notifications for my app? appeared first on The Old New Thing.

15:14

Link [Scripting News]

I just gave $100 to Joe Biden.

Link [Scripting News]

It doesn’t matter to me personally who Biden picks, that said, the best choice imho is Gov Whitmer of Michigan. Mainly because I think she'd be a good president. She’s been tested in Michigan. I was impressed with this interview, in April, at the height of the tensions in Michigan re their lockdown.

12:28

Smart Lock Vulnerability [Schneier on Security]

Yet another Internet-connected door lock is insecure:

Sold by retailers including Amazon, Walmart, and Home Depot, U-Tec's $139.99 UltraLoq is marketed as a "secure and versatile smart deadbolt that offers keyless entry via your Bluetooth-enabled smartphone and code."

Users can share temporary codes and 'Ekeys' to friends and guests for scheduled access, but according to Tripwire researcher Craig Young, a hacker able to sniff out the device's MAC address can help themselves to an access key, too.

UltraLoq eventually fixed the vulnerabilities, but not in a way that should give you any confidence that they know what they're doing.

11:49

I'm Blue [The Daily WTF]

Designers are used to getting vague direction from clients. "It should have more pop!" or "Can you make the blue more blue?" But Kevin was a contractor who worked on embedded...

09:28

Selling your time [Seth's Blog]

We don’t pay surgeons by the hour.

And if the person who cuts the lawn shows up with a very fast riding mower, we don’t insist on paying less because they didn’t have to work as hard.

Often, what we care about is the work done, not how long it took to do it.

And yet, some jobs, from law to programming, charge by the hour.

When you sell your time, you’re giving away your ability to be a thoughtful, productivity-improving professional.

Sell results.

 

[Today’s one of the last days of 2020 to enroll in The Creative’s Workshop. I hope you can check it out.]

08:42

08:28

Comic: The Starter Dad [Penny Arcade]

New Comic: The Starter Dad

07:00

New York State's recent primary election discarding 20% of postal ballots [Richard Stallman's Political Notes]

New York State's recent primary election seems to be discarding 20% of postal ballots in certain areas. It depends on post offices to take special steps with ballots, and often they forget to do so.

That makes the system vulnerable.

US thug departments were applying a double standard to prosecute Black Lives Matter protesters [Richard Stallman's Political Notes]

Leaked documents from US thug departments show that they were applying a double standard, grasping at straws to accuse and prosecute Black Lives Matter protesters, while turning a blind eye to right-wing extremists, despite knowing that the latter were the real threat of violence.

Mitre is developing for the US government... [Richard Stallman's Political Notes]

Mitre is developing for the US government *a prototype tool that can [crack] smartwatches, fitness trackers and home thermometers for the purposes of homeland security; software to collect human fingerprints from social media websites like Facebook, Instagram and Twitter for the FBI; support in building what the FBI calls the biggest database of human anatomy and criminal history in the world; and a study to determine whether someone’s body odor can show they’re lying.*

Anyone who can crack a device with a microphone can make it listen to you all the time.

Google Nest is taking over the security company ADT [Richard Stallman's Political Notes]

Google Nest is taking over the security company ADT. That means ADT alarm systems will start >feeding Google information about what happens in the customers' homes. For "smart", read "snooping."

The only home security device you should trust is one that runs all free software, and communicates encrypted with a service, sending it no data except what you want it to receive.

The police lie, all the time [Richard Stallman's Political Notes]

*The Police Lie. All the Time. Can Anything Stop Them?* San Francisco DA Boudin: "Police are allowed to lie and get away with it over and over and over again in matters big and small… When you have a system of that kind of impunity, it snowballs. It teaches, encourages, and enforces bad behavior."

The problem of violence by thugs is a consequence of their ability to lie to excuse it, so cracking down on testifying is vital to ending their violence.

[The hypocrite] wants to see Chinese apps removed from U.S. app stores [Richard Stallman's Political Notes]

*[The hypocrite] wants to see 'untrusted' Chinese apps like TikTok and WeChat removed from U.S. app stores, Pompeo says.*

*There are calls to ban TikTok in Australia — but you [and Australia] should worry about Facebook too*

Let's ban those Chinese surveillance apps, then proceed to ban the other apps that users can't trust — meaning, all the ones that are >not free/libre software.

US thugs have their own secret criminal gangs [Richard Stallman's Political Notes]

US thugs are so lawless that we should not be terribly surprised to learn that they have their own secret criminal gangs.

Also their own right-wing social media hate groups.

Prescriptions from VA pharmacies arriving late [Richard Stallman's Political Notes]

Some US veterans say their prescriptions from the VA pharmacies have arrived as much as 20 days late.

This suggests that the cheater's efforts to sabotage voting by mail are very effective. And the saboteur plans to go even further.

"greed-with-power" status of the 500 largest U.S. corporations [Richard Stallman's Political Notes]

Ralph Nader: Economists should develop [an index] to rank the "greed-with-power" status of the 500 largest U.S. corporations.

I think his proposed term, "hedonistic index", does not do justice to the proposal: that word does not imply greed or power. There is nothing evil about hedonism as such — imperfect, yes, but not evil.

UK police considering criminal charges against thug [Richard Stallman's Political Notes]

UK police are considering criminal charges against one thug who put his knee on a person's neck.

I have to acknowledge that the UK treats discipline for its cops very seriously. When the government decides that a practice is unjust or endangers the public, it can take firm action to teach cops not to do it. I wish the US could do likewise.

Senate Republicans are yielding only a little on new relief bill [Richard Stallman's Political Notes]

Senate Republicans seem to be feeling pressure to compromise on a new relief bill, but they are yielding only a little.

This article does not mention the damaging provisions that Senate Republicans previously insisted on including in any relief bill. Those include giving businesses immunity for dangerous working conditions that let workers transmit Covid-19, and cutting Social Security in the future. They would do lasting harm, and we should not agree to them in exchange for temporary aid. In the long term, that would be a change for the worse.

Have the Republicans dropped those demands? Can anyone tell me?

The article mentions the need to provide funds to the CDC, the postal service, election protection, and Covid-19 testing, but it does mention them in regard to the negotiations. Have Senate Republicans agreed to funds for those? Can anyone tell me?

eLearning-industrial complex [Richard Stallman's Political Notes]

The eLearning-industrial complex: online courses teach subject material without the rest of what people get from college.

It may succeed in training people for professions but it is not designed to create an educated people.

This is in addition to the injustice of nonfree software, which today's remote education forces onto students from grade 1.

Urgent: Extend the census deadline [Richard Stallman's Political Notes]

US citizens: call on the Senate to extend the census deadline.

The Capitol Switchboard numbers are 202-224-3121, 888-818-6641 and 888-355-3588.

If you call, please spread the word!

06:21

1425 [Looking For Group]

The post 1425 appeared first on Looking For Group.

05:35

Girl Genius for Monday, August 10, 2020 [Girl Genius]

The Girl Genius comic for Monday, August 10, 2020 has been posted.

05:14

04:49

Arnaud Rebillout: GoAccess 1.4, a detailed tutorial [Planet Debian]

GoAccess v1.4 was just released a few weeks ago! Let's take this chance to write a loooong tutorial. We'll go over every steps to install and operate GoAccess. This is a tutorial aimed at those who don't play sysadmin every day, and that's why it's so long, I did my best to provide thorough explanations all along, so that it's more than just a "copy-and-paste" kind of tutorial. And for those who do play sysadmin everyday: please try not to fall asleep while reading, and don't hesitate to drop me an e-mail if you spot anything inaccurate in here. Thanks!

Introduction

So what's GoAccess already? GoAccess is a web log analyzer, and it allows you to visualize the traffic for your website, and get to know a bit more about your visitors: how many visitors and hits, for which pages, coming from where (geolocation, operating system, web browser...), etc... It does so by parsing the access logs from your web server, be it Apache, NGINX or whatever.

GoAccess gives you different options to display the statistics, and in this tutorial we'll focus on producing a HTML report. Meaning that you can see the statistics for your website straight in your web browser, under the form of a single HTML page.

For an example, you can have a look at the stats of my blog here: https://goaccess.arnaudr.io.

GoAccess is written in C, it has very few dependencies, it had been around for about 10 years, and it's distributed under the MIT license.

Assumptions

This tutorial is about installing and configuring, so I'll assume that all the commands are run as root. I won't prefix each of them with sudo.

I use the Apache web server, running on a Debian system. I don't think it matters so much for this tutorial though. If you're using NGINX it's fine, you can keep reading.

Also, I will just use the name SITE for the name of the website that we want to analyze with GoAccess. Just replace that with the real name of your site.

I also assume the following locations for your stuff:

  • the website is at /var/www/SITE
  • the logs are at /var/log/apache2/SITE (yes, there is a sub-directory)
  • we're going to save the GoAccess database in /var/lib/goaccess-db/SITE.

If you have your stuff in /srv/SITE/{log,www} instead, no worries, just adjust the paths accordingly, I bet you can do it.

Installation

The latest version of GoAccess is v1.4, and it's not yet available in the Debian repositories. So for this part, you can follow the instructions from the official GoAccess download page. Install steps are explained in details, so there's nothing left for me to say :)

When this is done, let's get started with the basics.

We're talking about the latest version v1.4 here, let's make sure:

$ goaccess --version
GoAccess - 1.4.
...

Now let's try to create a HTML report. I assume that you already have a website up and running.

GoAccess needs to parse the access logs. These logs are optional, they might or might not be created by your web server, depending on how it's configured. Usually, these log files are named access.log, unsurprisingly.

You can check if those logs exist on your system by running this command:

find /var/log -name access.log

Another important thing to know is that these logs can be in different formats. In this tutorial we'll assume that we work with the combined log format, because it seems to be the most common default.

To check what kind of access logs your web server produces, you must look at the configuration for your site.

For an Apache web server, you should have such a line in the file /etc/apache2/sites-enabled/SITE.conf:

CustomLog ${APACHE_LOG_DIR}/SITE/access.log combined

For NGINX, it's quite similar. The configuration file would be something like /etc/nginx/sites-enabled/SITE, and the line to enable access logs would be something like:

access_log /var/log/nginx/SITE/access.log

Note that NGINX writes the access logs in the combined format by default, that's why you don't see the word combined anywhere in the line above: it's implicit.

Alright, so from now on we assume that yes, you have access log files available, and yes, they are in the combined log format. If that's the case, then you can already run GoAccess and generate a report, for example for the log file /var/log/apache2/access.log

goaccess \
    --log-format COMBINED \
    --output /tmp/report.html \
    /var/log/apache2/access.log

It's possible to give GoAccess more than one log files to process, so if you have for example the file access.log.1 around, you can use it as well:

goaccess \
    --log-format COMBINED \
    --output /tmp/report.html \
    /var/log/apache2/access.log \
    /var/log/apache2/access.log.1

If GoAccess succeeds (and it should), you're on the right track!

All is left to do to complete this test is to have a look at the HTML report created. It's a single HTML page, so you can easily scp it to your machine, or just move it to the document root of your site, and then open it in your web browser.

Looks good? So let's move on to more interesting things.

Web server configuration

This part is very short, because in terms of configuration of the web server, there's very little to do. As I said above, the only thing you want from the web server is to create access log files. Then you want to be sure that GoAccess and your web server agree on the format for these files.

In the part above we used the combined log format, but GoAccess supports many other common log formats out of the box, and even allows you to parse custom log formats. For more details, refer to the option --log-format in the GoAccess manual page.

Another common log format is named, well, common. It even has its own Wikipedia page. But compared to combined, the common log format contains less information, it doesn't include the referrer and user-agent values, meaning that you won't have it in the GoAccess report.

So at this point you should understand that, unsurprisingly, GoAccess can only tell you about what's in the access logs, no more no less.

And that's all in term of web server configuration.

Configuration to run GoAccess unprivileged

Now we're going to create a user and group for GoAccess, so that we don't have to run it as root. The reason is that, well, for everything running unattended on your server, the less code runs as root, the better. It's good practice and common sense.

In this case, GoAccess is simply a log analyzer. So it just needs to read the logs files from your web server, and there is no need to be root for that, an unprivileged user can do the job just as well, assuming it has read permissions on /var/log/apache2 or /var/log/nginx.

The log files of the web server are usually part of the adm group (though it might depend on your distro, I'm not sure). This is something you can check easily with the following command:

ls -l /var/log | grep -e apache2 -e nginx

As a result you should get something like that:

drwxr-x--- 2 root adm 20480 Jul 22 00:00 /var/log/apache2/

And as you can see, the directory apache2 belongs to the group adm. It means that you don't need to be root to read the logs, instead any unprivileged user that belongs to the group adm can do it.

So, let's create the goaccess user, and add it to the adm group:

adduser --system --group --no-create-home goaccess
addgroup goaccess adm

And now, let's run GoAccess unprivileged, and verify that it can still read the log files:

setpriv \
    --reuid=goaccess --regid=goaccess \
    --init-groups --inh-caps=-all \
    -- \
    goaccess \
    --log-format COMBINED \
    --output /tmp/report2.html \
    /var/log/apache2/access.log

setpriv is the command used to drop privileges. The syntax is quite verbose, it's not super friendly for tutorials, but don't be scared and read the manual page to learn what it does.

In any case, this command should work, and at this point, it means that you have a goaccess user ready, and we'll use it to run GoAccess unprivileged.

Integration, option A - Run GoAccess once a day, from a logrotate hook

In this part we wire things together, so that GoAccess processes the log files once a day, adds the new logs to its internal database, and generates a report from all that aggregated data. The result will be a single HTML page.

Introducing logrotate

In order to do that, we'll use a logrotate hook. logrotate is a little tool that should already be installed on your server, and that runs once a day, and that is in charge of rotating the log files. "Rotating the logs" means moving access.log to access.log.1 and so on. With logrotate, a new log file is created every day, and log files that are too old are deleted. That's what prevents your logs from filling up your disk basically :)

You can check that logrotate is indeed installed and enabled with this command (assuming that your init system is systemd):

systemctl status logrotate.timer

What's interesting for us is that logrotate allows you to run scripts before and after the rotation is performed, so it's an ideal place from where to run GoAccess. In short, we want to run GoAccess just before the logs are rotated away, in the prerotate hook.

But let's do things in order. At first, we need to write a little wrapper script that will be in charge of running GoAccess with the right arguments, and that will process all of your sites.

The wrapper script

This wrapper is made to process more than one site, but if you have only one site it works just as well, of course.

So let me just drop it on you like that, and I'll explain afterward. Here's my wrapper script:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#!/bin/bash

# Process log files /var/www/apache2/SITE/access.log,
# only if /var/lib/goaccess-db/SITE exists.
# Create HTML reports in $1, a directory that must exist.

set -eu

OUTDIR=
LOGDIR=/var/log/apache2
DBDIR=/var/lib/goaccess-db

fail() { echo >&2 "$@"; exit 1; }

[ $# -eq 1 ] || fail "Usage: $(basename $0) OUTPUT_DIRECTORY"

OUTDIR=$1

[ -d "$OUTDIR" ] || fail "'$OUTDIR' is not a directory"
[ -d "$LOGDIR" ] || fail "'$LOGDIR' is not a directory"
[ -d "$DBDIR"  ] || fail "'$DBDIR' is not a directory"

for d in $(find "$LOGDIR" -mindepth 1 -maxdepth 1 -type d); do
    site=$(basename "$sitedir")
    dbdir=$DBDIR/$site
    logfile=$d/access.log
    outfile=$OUTDIR/$site.html

    if [ ! -d "$dbdir" ] || [ ! -e "$logfile" ]; then
        echo "‣ Skipping site '$site'"
        continue
    else
        echo "‣ Processing site '$site'"
    fi

    setpriv \
        --reuid=goaccess --regid=goaccess \
        --init-groups --inh-caps=-all \
        -- \
    goaccess \
        --agent-list \
        --anonymize-ip \
        --persist \
        --restore \
        --config-file /etc/goaccess/goaccess.conf \
        --db-path "$dbdir" \
        --log-format "COMBINED" \
        --output "$outfile" \
        "$logfile"
done

So you'd install this script at /usr/local/bin/goaccess-wrapper for example, and make it executable:

chmod +x /usr/local/bin/goaccess-wrapper

A few things to note:

  • We run GoAccess with --persist, meaning that we save the parsed logs in the internal database, and --restore, meaning that we include everything from the database in the report. In other words, we aggregate the data at every run, and the report grows bigger every time.
  • The parameter --config-file /etc/goaccess/goaccess.conf is a workaround for #1849. It should not be needed for future versions of GoAccess > 1.4.

As is, the script makes the assumption that the logs for your site are logged in a sub-directory /var/log/apache2/SITE/. If it's not the case, adjust that in the wrapper accordingly.

The name of this sub-directory is then used to find the GoAccess database directory /var/lib/goaccess-db/SITE/. This directory is expected to exist, meaning that if you don't create it yourself, the wrapper won't process this particular site. It's a simple way to control which sites are processed by this GoAccess wrapper, and which sites are not.

So if you want goaccess-wrapper to process the site SITE, just create a directory with the name of this site under /var/lib/goaccess-db:

mkdir -p /var/lib/goaccess-db/SITE
chown goaccess:goaccess /var/lib/goaccess-db/SITE

Now let's create an output directory:

mkdir /tmp/goaccess-reports
chown goaccess:goaccess /tmp/goaccess-reports

And let's give a try to the wrapper script:

goaccess-wrapper /tmp/goaccess-reports
ls /tmp/goaccess-reports

Which should give you:

SITE.html

At the same time, you can check that GoAccess populated the database with a bunch of files:

ls /var/lib/goaccess-db/SITE

Setting up the logrotate prerotate hook

At this point, we have the wrapper in place. Let's now add a pre-rotate hook so that goaccess-wrapper runs once a day, just before the logs are rotated away.

The logrotate config file for Apache2 is located at /etc/logrotate.d/apache2, and for NGINX it's at /etc/logrotate.d/nginx. Among the many things you'll see in this file, here's what is of interest for us:

  • daily means that your logs are rotated every day
  • sharedscripts means that the pre-rotate and post-rotate scripts are executed once total per rotation, and not once per log file.

In the config file, there is also this snippet:

prerotate
    if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
        run-parts /etc/logrotate.d/httpd-prerotate; \
    fi; \
endscript

It indicates that scripts in the directory /etc/logrotate.d/httpd-prerotate/ will be executed before the rotation takes place. Refer to the man page run-parts(8) for more details...

Putting all of that together, it means that logs from the web server are rotated once a day, and if we want to run scripts just before the rotation, we can just drop them in the httpd-prerotate directory. Simple, right?

Let's first create this directory if it doesn't exist:

mkdir -p /etc/logrotate.d/httpd-prerotate/

And let's create a tiny script at /etc/logrotate.d/httpd-prerotate/goaccess:

1
2
#!/bin/sh
exec goaccess-wrapper /tmp/goaccess-reports

Don't forget to make it executable:

chmod +x /etc/logrotate.d/httpd-prerotate/goaccess

As you can see, the only thing that this script does is to invoke the wrapper with the right argument, ie. the output directory for the HTML reports that are generated.

And that's all. Now you can just come back tomorrow, check the logs, and make sure that the hook was executed and succeeded. For example, this kind of command will tell you quickly if it worked:

journalctl | grep logrotate

Integration, option B - Run GoAccess once a day, from a systemd service

OK so we've just seen how to use a logrotate hook. One downside with that is that we have to drop privileges in the wrapper script, because logrotate runs as root, and we don't want to run GoAccess as root. Hence the rather convoluted syntax with setpriv.

Rather than embedding this kind of thing in a wrapper script, we can instead run the wrapper script from a [systemd][] service, and define which user runs the wrapper straight in the systemd service file.

Introducing systemd niceties

So we can create a systemd service, along with a systemd timer that fires daily. We can then set the user and group that execute the script straight in the systemd service, and there's no need for setpriv anymore. It's a bit more streamlined.

We can even go a bit further, and use systemd parameterized units (also called templates), so that we have one service per site (instead of one service that process all of our sites). That will simplify the wrapper script a lot, and it also looks nicer in the logs.

With this approach however, it seems that we can't really run exactly before the logs are rotated away, like we did in the section above. But that's OK. What we'll do is that we'll run once a day, no matter the time, and we'll just make sure to process both log files access.log and access.log.1 (ie. the current logs and the logs from yesterday). This way, we're sure not to miss any line from the logs.

Note that GoAccess is smart enough to only consider newer entries from the log files, and discard entries that are already in the database. In other words, it's safe to parse the same log file more than once, GoAccess will do the right thing. For more details see "INCREMENTAL LOG PROCESSING" from man goaccess.

systemd]: https://freedesktop.org/wiki/Software/systemd/

Implementation

And here's how it all looks like.

First, a little wrapper script for GoAccess:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
#!/bin/bash

# Usage: $0 SITE DBDIR LOGDIR OUTDIR

set -eu

SITE=$1
DBDIR=$2
LOGDIR=$3
OUTDIR=$4

LOGFILES=()
for ext in log log.1; do
    logfile="$LOGDIR/access.$ext"
    [ -e "$logfile" ] && LOGFILES+=("$logfile")
done

if [ ${#LOGFILES[@]} -eq 0 ]; then
    echo "No log files in '$LOGDIR'"
    exit 0
fi

goaccess \
    --agent-list \
    --anonymize-ip \
    --persist \
    --restore \
    --config-file /etc/goaccess/goaccess.conf \
    --db-path "$DBDIR" \
    --log-format "COMBINED" \
    --output "$OUTDIR/$SITE.html" \
    "${LOGFILES[@]}"

This wrapper does very little. Actually, the only thing it does is to check for the existence of the two log files access.log and access.log.1, to be sure that we don't ask GoAccess to process a file that does not exist (GoAccess would not be happy about that).

Save this file under /usr/local/bin/goaccess-wrapper, don't forget to make it executable:

chmod +x /usr/local/bin/goaccess-wrapper

Then, create a systemd parameterized unit file, so that we can run this wrapper as a systemd service. Save it under /etc/systemd/system/goaccess@.service:

[Unit]
Description=Update GoAccess report - %i
ConditionPathIsDirectory=/var/lib/goaccess-db/%i
ConditionPathIsDirectory=/var/log/apache2/%i
ConditionPathIsDirectory=/tmp/goaccess-reports
PartOf=goaccess.service

[Service]
Type=oneshot
User=goaccess
Group=goaccess
Nice=19
ExecStart=/usr/local/bin/goaccess-wrapper \
 %i \
 /var/lib/goaccess-db/%i \
 /var/log/apache2/%i \
 /tmp/goaccess-reports

So, what is a systemd parameterized unit? It's a service to which you can pass an argument when you enable it. The %i in the unit definition will be replaced by this argument. In our case, the argument will be the name of the site that we want to process.

As you can see, we use the directive ConditionPathIsDirectory= extensively, so that if ever one of the required directories does not exist, the unit will just be skipped (and marked as such in the logs). It's a graceful way to fail.

We run the wrapper as the user and group goaccess, thanks to User= and Group=. We also use Nice= to give a low priority to the process.

At this point, it's already possible to test. Just make sure that you created a directory for the GoAccess database:

mkdir -p /var/lib/goaccess-db/SITE
chown goaccess:goaccess /var/lib/goaccess-db/SITE

Also make sure that the output directory exists:

mkdir /tmp/goaccess-reports
chown goaccess:goaccess /tmp/goaccess-reports

Then reload systemd and fire the unit to see if it works:

systemctl daemon-reload
systemctl start goaccess@SITE.service
journalctl | tail

And that should work already.

As you can see, the argument, SITE, is passed in the systemctl start command. We just append it after the @, in the name of the unit.

Now, let's create another GoAccess service file, which sole purpose is to group all the parameterized units together, so that we can start them all in one go. Note that we don't use a systemd target for that, because ultimately we want to run it once a day, and that would not be possible with a target. So instead we use a dummy oneshot service.

So here it is, saved under /etc/systemd/system/goaccess.service:

[Unit]
Description=Update GoAccess reports
Requires= \
 goaccess@SITE1.service \
 goaccess@SITE2.service

[Service]
Type=oneshot
ExecStart=true

As you can see, we simply list the sites that we want to process in the Requires= directive. In this example we have two sites named SITE1 and SITE2.

Let's ensure that everything is still good:

systemctl daemon-reload
systemctl start goaccess.service
journalctl | tail

Check the logs, both sites SITE1 and SITE2 should have been processed.

And finally, let's create a timer, so that systemd runs goaccess.service once a day. Save it under /etc/systemd/system/goaccess.timer.

[Unit]
Description=Daily update of GoAccess reports

[Timer]
OnCalendar=daily
RandomizedDelaySec=1h
Persistent=true

[Install]
WantedBy=timers.target

Finally, enable the timer:

systemctl daemon-reload
systemctl enable --now goaccess.timer

At this point, everything should be OK. Just come back tomorrow and check the logs with something like:

journalctl | grep goaccess

Last word: if you have only one site to process, of course you can simplify, for example you can hardcode all the paths in the file goaccess.service instead of using a parameterized unit. Up to you.

Daily operations

So in this part, we assume that you have GoAccess all setup and running, once a day or so. Let's just go over a few things worth noting.

Serve your report

Up to now in this tutorial, we created the reports in /tmp/goaccess-reports, but that was just for the sake of the example. You will probably want to save your reports in a directory that is served by your web server, so that, well, you can actually look at it in your web browser, that was the point, right?

So how to do that is a bit out of scope here, and I guess that if you want to monitor your website, you already have a website, so you will have no trouble serving the GoAccess HTML report.

However there's an important detail to be aware of: GoAccess shows all the IP addresses of your visitors in the report. As long as the report is private it's OK, but if ever you make your GoAccess report public, then you should definitely invoke GoAccess with the option --anonymize-ip.

Keep an eye on the logs

In this tutorial, the reports we create, along with the GoAccess databases, will grow bigger every day, forever. It also means that the GoAccess processing time will grow a bit each day.

So maybe the first thing to do is to keep an eye on the logs, to see how long it takes to GoAccess to do its job every day. Also, maybe you'd like to keep an eye on the size of the GoAccess database with:

du -sh /var/lib/goaccess-db/SITE

If your site has few visitors, I suspect it won't be a problem though.

You could also be a bit pro-active in preventing this problem in the future, and for example you could break the reports into, say, monthly reports. Meaning that every month, you would create a new database in a new directory, and also start a new HTML report. This way you'd have monthly reports, and you make sure to limit the GoAccess processing time, by limiting the database size to a month.

This can be achieved very easily, by including something like YEAR-MONTH in the database directory, and in the HTML report. You can handle that automatically in the wrapper script, for example:

sfx=$(date +'%Y-%m')

mkdir -p $DBDIR/$sfx

goaccess \
    --db-path $DBDIR/$sfx \
    --output "$OUTDIR/$SITE-$sfx.html" \
    ...

You get the idea.

Further notes

Migration from older versions

With the --persist option, GoAccess keeps all the information from the logs in a database, so that it can re-use it later. In prior versions, GoAccess used the Tokyo Cabinet key-value store for that. However starting from v1.4, GoAccess dropped this dependency and now uses its own database format.

As a result, the previous database can't be used anymore, you will have to remove it and restart from zero. At the moment there is no way to convert the data from the old database to the new one. If you're interested, this is discussed upstream at [#1783][bug-1783].

Another thing that changed with this new version is the name for some of the command-line options. For example, --load-from-disk was dropped in favor of --restore, and --keep-db-files became --persist. So you'll have to look at the documentation a bit, and update your script(s) accordingly.

Other ways to use GoAccess

It's also possible to do it completely differently. You could keep GoAccess running, pretty much like a daemon, with the --real-time-html option, and have it process the logs continuously, rather than calling it on a regular basis.

It's also possible to see the GoAccess report straight in the terminal, thanks to libncurses, rather than creating a HTML report.

And much more, GoAccess is packed with features.

Conclusion

I hope that this tutorial helped some of you folks. Feel free to drop an e-mail for comments.

04:00

Russ Allbery: rra-c-util 8.3 [Planet Debian]

In this release of my utility library for my other packages, I finally decided to drop support for platforms without a working snprintf.

This dates back to the early 2000s and a very early iteration of this package. At the time, there were still some older versions of UNIX without snprintf at all. More commonly, it was buggy. The most common problem was that it would return -1 if the buffer wasn't large enough rather than returning the necessary size of the buffer. Or, in some cases, it wouldn't support a buffer size of 0 and a NULL buffer to get the necessary size.

At the time I added this support for INN and some other packages, Solaris had several of these issues. But C99 standardized the correct snprintf behavior, and slowly every maintained operating system was fixed. (I forget whether it was fixed in Solaris 8 or Solaris 9, but regardless, Solaris has had a working snprintf for many years.) Meanwhile, the replacement function (Patrick Powell's version, also used by mutt and other packages) was a huge wad of code and a corresponding test suite. Over time, I've increased the aggressiveness of linters to try to catch more dangerous C pitfalls, and that's required carrying more and more small modifications plus a preamble to disable various warnings that I didn't want to try to fix.

The straw that broke the camel's back was Clang's new case fallthrough warning. Clang stopped supporting the traditional /* fallthrough */ comment. It now prefers [[clang:fallthrough]] syntax, but of course older compilers choke on that. It does support the GCC __attribute__((__fallthrough__)) syntax, but older compilers don't like that construction because they think it's an empty statement. It was a mess, and I decided the time had come to drop this support effort.

At this point, if you're still running an operating system without C99 snprintf, I think it's essentially a retrocomputing or at least extremely stable legacy production situation, and you're unlikely to want the latest and greatest releases of new software. Hopefully that assumption is correct, or at least correct enough.

(I realize the right solution to this problem is probably for me to use Gnulib for portability. But converting to it is a whole other project with a lot of other implications and machinery, and I'm not sure that's what I want to spend time on.)

Also in this release is a fix for network tests on hosts with no IPv4 addresses (more on this when I release the next version of remctl), fixes for style issues found by Perl::Critic::Freenode, and some other test suite improvements.

You can get the latest version from the rra-c-util distribution page.

Giving Yourself a Nickname [Diesel Sweeties webcomic by rstevens]

this is a diesel sweeties comic strip

Only cool people give themselves nicknames!

02:35

Just A Dab [QC RSS]

dabbin'

01:42

Alexander Artemenko: trivial-features [Planet Lisp]

This little library unifies the way how do different features are represented in *features* variable.

It provides information about an operating system, endianness and CPU architecture. Unification simplifies writing the cross-platform libraries.

For example, here is what we have on Closure CL:

CL-USER> (lisp-implementation-type)
"Clozure Common Lisp"

CL-USER> (member :64-bit *features*)
NIL

CL-USER> (member :darwin *features*)
(:DARWIN :LITTLE-ENDIAN-TARGET :LITTLE-ENDIAN-HOST)

CL-USER> (member :little-endian *features*)
NIL

CL-USER> (member :x86-64 *features*)
(:X86-64 :X86_64 :X86-TARGET :X86-HOST :X8664-TARGET ...)

But after the loading of the trivial-features:

CL-USER> (ql:quickload :trivial-features)

CL-USER> (member :64-bit *features*)
(:64-BIT :BSD :LITTLE-ENDIAN :SLYNK :QUICKLISP :ASDF3.3 :ASDF3.2 ...)

CL-USER> (member :darwin *features*)
(:DARWIN :LITTLE-ENDIAN-TARGET :LITTLE-ENDIAN-HOST)

CL-USER> (member :x86-64 *features*)
(:X86-64 :X86_64 :X86-TARGET :X86-HOST :X8664-TARGET :X8664-HOST ...)

CL-USER> (member :little-endian *features*)
(:LITTLE-ENDIAN :SLYNK :QUICKLISP :ASDF3.3 :ASDF3.2 :ASDF3.1 ...)

Here is what this library adds to the *features* for ClozureCL:

CL-USER> (defparameter *original-features* (copy-list *features*))

CL-USER> (ql:quickload :trivial-features)

CL-USER> (set-difference *features*
                         *original-features*)
(:LITTLE-ENDIAN :BSD :64-BIT)

To finalize, if you are going to use the conditional reader in your system and depend on OS or CPU architecture - use trivial-features.

00:56

Russ Allbery: DocKnot 3.05 [Planet Debian]

I keep telling myself that the next release of DocKnot will be the one where I convert everything to YAML and then feel confident about uploading it to Debian, and then I keep finding one more thing to fix to release another package I'm working on.

Anyway, this is the package I use to generate software documentation and, in the long run, will subsume my static web site generator and software release workflow. This release tweaks a heuristic for wrapping paragraphs in text documents, fixes the status badge for software with Debian packages to do what I had intended, and updates dependencies based on the advice of Perl::Critic::Freenode.

You can get the latest version from CPAN or from the DocKnot distribution page.

Sunday, 09 August

22:35

Link [Scripting News]

A day after buying the Pixel 4a, I drop my iPhone XS/Max, which is usually OK because it's in a case, but this time the display cracked. I can't be without a phone, and the 4a won't get here until the end of the month, so I bought a new iPhone SE. I'll be comparing the two low-end products from Google and Apple. Weird timing, eh.

21:21

In Which I Both Decry, and Defend, the Concept of Dad Rock [Whatever]

I was thinking about the concept of “Dad Rock” and what it means, and when it is that a previously popular and/or relevant band goes full Dad Rock, and I realized that there was a particular song from a particular band that crystallized the Dad Rock Moment, as it were, for me: “Vertigo,” by U2, off the band’s 2004 album, How to Dismantle an Atomic Bomb.

What’s wrong with the song? Well, there’s nothing wrong with it. If you were to present it to someone who had no other context for the song or the band, it would probably come across as a nice, chunky rock song. It’s solid if not spectacular, the sort of song that a band with a long discography would trot out at the two-thirds mark of a concert. It’s the song that’s no one’s favorite but that everyone likes well enough, to pad the playlist until they get to the songs that will build to the end of set. It’s not a song one would put in the encore. It’s good! Which is fine. Or more accurately, it’s fine! Which is good.

In context, it’s the sound of U2 standing pat. U2 became the Biggest Rock Band in the World in the late 80s with The Joshua Tree, then freaked out a bit about that in the 90s, releasing a trio of albums (Achtung Baby, Zooropa, Pop) that increasingly strayed from their previous iteration before releasing 2000’s All That You Can’t Leave Behind, which married the two previous eras into a “return to form” album that got them back to Biggest Rock Band in the World status.

So what did the band do for Atomic Bomb? Well, they stayed where they were and just worked that for a while.

“Vertigo,” the album’s first single, typified that. It’s a U2 song that sounds like a song that songwriters and musicians who were not U2 would make if they were told to make a song that sounds like U2. Bono is in full “arch lyric” mode, the Edge is sawing away but also doesn’t forget to drop in his signature chiming guitar in the right places, the rhythm section is doing its uncomplicated but solid thing. The video is grandiose and also tongue-in-cheek about it, to variable success.

All of which was a solid commercial choice: Atomic Bomb sold ten million copies, won nine Grammys (three for “Vertigo” alone), and started the band on its profitable relationship with Apple, which would culminate rather infamously with the band’s 2014 album Songs of Innocence being stuffed into everyone’s iTunes collection whether they wanted it or not (this was the uber Dad Rock maneuver, the tech company equivalent of making your kids listen to the classic rock station against their will as you drove them to school in the minivan). No one could fault U2 either for “Vertigo” or Atomic Bomb. From a sheer numbers point of view it kept the band on the top of the rock heap.

But for me it also meant U2 stopped being a band that would surprise or inspire. They became predictable, and comfortable, and less memorable. And indeed that’s where the band has stayed in the sixteen years and three studio albums since. The albums since have varied from “meh” to “not bad,” and each has a song or two worth revisiting. But when I think about the band, “Vertigo” is a hard frontier for me: What came before it could be flawed (boy, could it!) but wasn’t boring; what comes afterward might be good but isn’t essential.

And fundamentally this is what “dad rock” means to me: it’s when a rock band whose audience is mostly male stops challenging that audience and starts maintaining it instead, even if they release new work. Or as Bono himself might have put it, in the bridge to “Vertigo,” speaking as U2’s audience: “Just give me what I want and no one gets hurt.”

I’m noting U2 here because it’s a band relevant to my own life, but certainly they are not the only example. The Rolling Stones went Full Dad with Undercover in 1984; Genesis in 1987 with Invisible Touch; Metallica with Death Magnetic in 2008; Coldplay with Viva la Vida, also in 2008. Paul McCartney went Full Dad the instant he left the Beatles; likewise the Foo Fighters (who, by the way, I love) appear to have been intended as Dad Rock from day one. Most bands associated with the Album Oriented Rock era of music have been Full Dad since the early 90s; Journey, which was one of my favorite bands growing up, has a concert playlist that is stuck in amber — the band members call their greatest hits “the dirty dozen” and play them every show. Likewise pretty much every heavy metal band that started up in the 80s; when I went and saw Iron Maiden’s Legacy of the Beast tour last year; that “greatest hits” concert format, while entirely awesome, was also the epitome of Dad Rock.

(Let us not speak of KISS.)

Dad Rock is clearly used as a pejorative, and my personal definition of it isn’t particularly complimentary either, but allow me for a moment here to give at least a half-hearted defense of dad rock. First, look: There’s nothing actually wrong with producing a reliable creative product for an identifiable audience, said the man who got a thirteen-book publishing contract specifically because he is able to produce reliable creative product for an identifiable audience. If the worst thing that can be said about your new work is that it’s rather a lot like your old work, only more so, you’re probably going to be able to make your house payments (or castle payments, in the case of U2).

Second, it’s not just the bands and musicians staying pat. Rare is the music listener who is as adventurous with their tastes at 38 as they were when they were 18; even more so at 48 or 58 or further on. At a certain point people know what they like and they want more of that, and if the bands they already like keep putting out work that’s in the same vein, album after album, then guess what? Those fans are going to stick around.

Which brings us to a third point, which is that after a certain bend in the demographic curve, most musical artists aren’t picking up new listeners anymore, or at least, younger listeners; they work with what they have. If you’re lucky you become retro, or (in the case of U2, the Stones and probably Coldplay) you were so big at one point you could lose much of your audience over time and still fill stadiums. But most performers work with who they accrued in their heyday. Those kids who were your fans became dads, your music became Dad Rock, and you know what? That’s fine. We can’t all be David Bowie, innovating literally until the day we die, and it’s worth remembering that even David Bowie went Full Dad for a while there (See: Tonight and Never Let Me Down), and otherwise benefited from a catalogue that gave him the wherewithal to do other things later without regard as to whether an audience would follow.

Finally: Hey, combining constant innovation while maintaining a non-trivial level of popularity is hard. Shit, producing merely adequate creative product while staying popular is hard, which is why so few people actually manage even that, particularly in music, in which what is popular can become obsolete almost literally overnight (See: The extinction event of 80s hair metal bands known as “Smells Like Teen Spirit” in 1991). It might be unfair to demand constant innovation from musicians, especially when coupled with their need to, you know, move units (or, these days, shift streams) in order to eat.

To go back to “Vertigo,” it might be the sound of U2 standing pat, but it’s also the sound of U2 being as U2 as they could possibly be, for an audience who wanted that and was, for the most part, glad to keep getting it. It might be that U2’s greatest moments of creativity, innovation and popularity are behind them and they just keep doing more of the same between now and whenever. But let us also acknowledge that there are worse fates, for both a band and its audience, than becoming Dad Rock.

— JS

20:28

Velocipe Cycladia Recumbia [Nina Paley]

Some have asked if Velocipe Cycladia, Goddess of bicycles and cyclists, includes recumbents.

Of course She does!

Share

18:00

Link [Scripting News]

New package: davesql.

16:56

Pluralistic: 09 Aug 2020 [Pluralistic: Daily links from Cory Doctorow]


Today's links



Commercial real-estate's looming collapse (permalink)

Commercial real estate is in biiiig trouble. Malls – already under threat before the plague – will be full of empty storefronts. Offices, oy. They'll lose tenants when their businesses collapse. Surviving tenants will take advantage of higher vacancies to negotiate lower rates.

Those tenants won't need as much space anyway: between layoffs and mass, permanent work-from-home (which will let employers seek the cheapest labor, anywhere in the world), demand is gonna fall off a cliff.

That's really really bad news, because commercial real-estate is super leveraged thanks to Real Estate Investment Trusts (REITs), the favored vehicle of overseas money-launderers seeking to clean their corrupt gains, as CZ Edwards explained last year.

https://threadreaderapp.com/thread/1213597148274511872.html

The REITs borrowed titanic sums on grossly overinflated valuations based on absurdly optimistic occupancy projections. As Randall Head explains in a post on Dave Farber's Interesting People list, this leaves their creditors – the banks – vastly exposed.

https://ip.topicbox.com/groups/ip/T3811dde3cf47e0ed/coming-next-the-greater-recession

Here's the bottom line: "A middling-sized bank which in Jan had twenty billion dollars of commercial loans, secured by liens against $25B of office towers and shopping malls now has twenty billion dollars of commercial loans secured by liens against $18B of real property."

That $25b valuation was based on the assumption of 80% occupancy. After the Comet Covid's extinction-level event (exacerbated by gross mishandling, from epidemiological ineptitude to deficitphobic austerity), $18b is generous.

Banks that loaned to plutes cleaning money for crooks? Dead. They'll need bailouts, nationalization, or wreaths.

Head: "If you thought it was fun bailing out the FSLIC, you're gonna LOVE bailing out the FDIC, especially when every other economy is bailing out its banks."

(Image: Steve Jurvetson, CC BY, modified)



Test-proctoring software worsens systemic bias (permalink)

On the one hand, high-stakes testing is pedagogically bankrupt, but on the other hand, it sure produces numbers that universities can focus on increasing, and then trumpet when those numbers are higher than they used to be. I guess that's important?

The problems with high-stakes testing were magnified by lockdown, with universities demanding that students infect their computers – often shared with family members – with spyware that claimed to perform "invigilation" (anti-cheating surveillance).

https://pluralistic.net/2020/04/15/invigilation/#invigilation

Having decided that invigilation software was easier than finding a way to evaluate students without useless high-stakes tests, universites began a campaign of cruel bullying to crush student opposition.

At Wilfrid Laurier in Ontario, computer science students were required to purchase webcams that were not available to sale, on pain of flunking.

https://pluralistic.net/2020/05/13/malwaretech/#unobtanium

And when students around the world complained about the problems with invigilation tools, the CEOs of these massively profitable ed-tech profiteers did what any responsible exec would do: they doxxed their underaged critics.

https://pluralistic.net/2020/07/01/bossware/#moral-exemplar

Writing in MIT Tech Review, Shea Swauger describes the disproportionate impact that invigilation software has on marginalized students, especially Black and trans students and students who are parenting young kids from home.

https://www.technologyreview.com/2020/08/07/1006132/software-algorithms-proctoring-online-tests-ai-ethics/

For starters, the facial recognition software has the well-understood algorithmic racial bias thanks to deficits in training data.

That means that when Black students sit their exams, the tools demand that they increase the lighting to aid in facial verification, and often reject them outright, so they can't sit the exam at all.

Similar problems occur for trans students who are transitioning, whose faces are no longer recognizable by the facial recognition system.

Meanwhile, the systems' unblinking eyes are incapable of distinguishing between students who are cheating by having a confederate in the room and students with young kids being interrupted as they sit their exams.

Likewise, they can't tell the difference between someone who gets up to cheat and someone who gets up because they have a medical condition that requires them to take frequent toilet breaks.

Creepily, the tools require students to pan the camera around their living spaces for "room checks," and then let their profs download and view these images of intimate living quarters, including any family members who have nowhere else to go.

These are important considerations, and there's an equally important principle lurking behind the surface, which is that the problem isn't merely that the algorithm is racist or that the tool discriminates against marginalized students.

The fact that facial recognition struggles with Black faces is the result of a training data deficit, which can be easily fixed, by feeding the algorithm LOTS of Black faces to chew through.

That's what Chinese quasi-state surveillance companies did, using Zimbabwe's driver's license database to perfect its ability to recognize Black faces.

https://qz.com/africa/1287675/china-is-exporting-facial-recognition-to-africa-ensuring-ai-dominance-through-diversity/

That means that China – and repressive regimes elsewhere that buy Chinese surveillance tools – can spy on Black people really accurately.

This is not an improvement.

And as to high-stakes testing: it's a fool's errand, completely uncoupled from real-world knowledge work and any pretense of rigorous pedagogical assessment.

Even if we found a way to do high-stakes testing without victimizing Black, trans, poor, and parenting students, it would still be garbage.

(Image: Rawpixel Ltd, Cryteria, CC-BY, modified)



This day in history (permalink)

#1yrago Facebook has filed a laughable patent-application for the well-known practice of "shadow banning" http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2;=HITOFF&d;=PALL&p;=1&u;=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r;=1&f;=G&l;=50&s1;=10,356,024.PN.&OS;=PN/10,356,024&RS;=PN/10,356,024

#1yrago The NRA spent $70,000 on a consultant to help Wayne LaPierre choose which mansion to purchase https://www.propublica.org/article/documents-show-nra-money-helped-chief-wayne-lapierre-search-personal-mansion

#1yrago RIP, Linux Journal https://www.linuxjournal.com/content/linux-journal-ceases-publication-awkward-goodbye

#1yrago Billions on the line as Facebook loses appeal over violating Illinois facial recognition law https://www.theverge.com/2019/8/8/20792326/facebook-facial-recognition-appeals-decision-damages-payment-court



Colophon (permalink)

Today's top sources: Naked Capitalism (https://www.nakedcapitalism.com/).

Currently writing:

  • My next novel, "The Lost Cause," a post-GND novel about truth and reconciliation. Friday's progress: 517 words (41820 total).

Currently reading: The Deficit Myth, Stephanie Kelton

Someone Comes to Town, Someone Leaves Town (part 12), https://craphound.com/podcast/2020/08/03/someone-comes-to-town-someone-leaves-town-part-12/

Upcoming appearances:

Latest book:

Upcoming books:


This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.


How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/web/accounts/303320

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

When life gives you SARS, you make sarsaparilla -Joey "Accordion Guy" DeVilla

16:28

Link [Scripting News]

I wrote this as a comment on Instagram, worth repeating here: When I was young I was afraid of what women my age would look like when I got older. I wish I could have told myself back then that they only become more beautiful with age.

15:42

Link [Scripting News]

Krugman: "Payroll tax cuts are the hydroxychloroquine of economic policy."

14:56

Link [Scripting News]

Poll: Where do you get most of your links to news stories?

Link [Scripting News]

Trump struggled to contain the virus as a PR thing, while the actual virus roamed freely through America.

Link [Scripting News]

A friend writes: "A Pixel 4a? Wow! I thought you were a big iPhone fan!" To which I respond: "I'm not particularly wed to either iPhone or Android. I have pretty much always have had both. In the last couple of years I have not had an Android because they didn't make a phone that interested me, considering the price, but the 4a is a new product, it seems sweet and it's a nice price." Note I bought it on pre-order like everyone else. I never have liked the iPhone as a product, I think Apple blew it. I couldn't make my beautiful scripting system work on it. They wouldn't allow it. I'm just a user. I think it's kind of a bleh product, honestly. As is Android, btw.

Link [Scripting News]

Humanity 101.

09:21

Junichi Uekawa: Started writing some golang code. [Planet Debian]

Started writing some golang code. Trying to rewrite some of the tools as a daily driver for machine management tool. It's easier than rust in that having a good rust compiler is a hassle though golang preinstalled on systems can build and run. go run is simple enough to invoke on most Debian systems.

Simple tips for security and serial numbers [Seth's Blog]

[This probably impacts every person reading this, but few of us get to decide to fix it. I figured it was worth sharing so you can share it…]

Don’t require special characters (like ! or worse, ‘) in the passwords created in your app or on your site. You’re simply training people to either forget them or to write them down in an unsafe location. Instead, require long passwords.

When you set up a wifi password that others have to use, there’s really no reason to use capital letters, special characters or anything that’s a hassle to type on a phone. Try a phone number instead.

Don’t use ‘0’, ‘O’, ‘o’, ‘l’ or ‘1’ in any context where they have to be distinguished–like room numbers, serial numbers or the names of children. This is why zip codes are easier to use than postal codes, and why mixed letters and numbers are worth avoiding.

If you’re requiring 2FA (a good thing), don’t rely on email or texts, use an app instead. And don’t make the text code 7 digits (as my former bank did in an effort to pretend that they cared). 6 is more than enough.

Instead of serial numbers, companies should consider using three words mushed together, like hey-zebra-fun. This is way easier to read and communicate to others. Imagine how easy it would be to deal with your VIN or computer serial number if you could simply say three words. All the company will need is three lists of 300 common words, which, when juxtaposed, give us plenty of combinations.

And a password manager is a worthwhile program to install. If you haven’t, today’s a great day to start.

BONUS: It never hurts to say ‘please’ in your forms and other online communications. It’s free.

Thanks.

PS all of this advice is on the path to obsolete once computers can talk and think and interact just a little better than now. Which is happening. Here’s my recent podcast about it.

Marketing bonus: A fun summary of my work from Brendan.

06:28

Thug who was friendly with menacing right-wing counterprotesters [Richard Stallman's Political Notes]

Black Lives Matter protesters in Nutley New Jersey posted a photo of a thug who was friendly with menacing right-wing counterprotesters and had hid has badge number. Instead of firing that thug, the thug department placed felony charges against the people who posted that photo.

Now the thug chief should be fired.

The Department of Homeland Security is a rogue agency [Richard Stallman's Political Notes]

*The Department of Homeland Security is a rogue agency. Democrats must take action.*

We know that rogue agencies with the power to jail or shoot people will only pretend to reform. It will always be the Department of Harshness and Sadism. Defund the DHS along with the thug department.

The last fully intact ice shelf in the Canadian Arctic [Richard Stallman's Political Notes]

* The last fully intact ice shelf in the Canadian Arctic has collapsed, losing more than 40% of its area in just two days.*

Biden's choice of climate advisers [Richard Stallman's Political Notes]

Biden's choice of climate advisers suggest he will not push to reduce greenhouse emissions.

ICE resisted Coronavirus testing [Richard Stallman's Political Notes]

*ICE Resisted Coronavirus Testing to Avoid Releasing [prisoners].*

It's the same coverup philosophy that the wrecker followed: if they don't test the prisoners they can pretend that none are sick.

If the UK shuts the NHS for normal medical care during a second wave of Covid-19 [Richard Stallman's Political Notes]

If the UK shuts the NHS for normal medical care during a second wave of Covid-19, it risks letting thousands of patients die from other treatable causes.

Covid-19 and heart problems [Richard Stallman's Political Notes]

Around 4/5 of people who test positive for Covid-19 have heart problems afterward, as found by one study of 100 patients.

Urgent: release prisoners that there is no need to keep in prison [Richard Stallman's Political Notes]

US citizens: call on US state governors to release prisoners that there is no need to keep in prison.

Urgent: Prohibit police state practices that the conman is using [Richard Stallman's Political Notes]

US citizens: call on Congress to prohibit police state practices that the conman is using.

The Capitol Switchboard numbers are 202-224-3121, 888-818-6641 and 888-355-3588.

If you call, please spread the word!

05:28

Arnaud Rebillout: GoAccess 1.4, a detailed tutorial [Planet Debian]

GoAccess v1.4 was just released a few weeks ago! Let's take this chance to write a loooong tutorial. We'll go over every steps to install and operate GoAccess. This is a tutorial aimed at those who don't play sysadmin every day, and that's why it's so long, I did my best to provide thorough explanations all along, so that it's more than just a "copy-and-paste" kind of tutorial. And for those who do play sysadmin everyday: please try not to fall asleep while reading, and don't hesitate to drop me an e-mail if you spot anything inaccurate in here. Thanks!

Introduction

So what's GoAccess already? GoAccess is a web log analyzer, and it allows you to visualize the traffic for your website, and get to know a bit more about your visitors: how many visitors and hits, for which pages, coming from where (geolocation, operating system, web browser...), etc... It does so by parsing the access logs from your web server, be it Apache, NGINX or whatever.

GoAccess gives you different options to display the statistics, and in this tutorial we'll focus on producing a HTML report. Meaning that you can see the statistics for your website straight in your web browser, under the form of a single HTML page.

For an example, you can have a look at the stats of my blog here: http://goaccess.arnaudr.io.

GoAccess is written in C, it has very few dependencies, it had been around for about 10 years, and it's distributed under the MIT license.

Assumptions

This tutorial is about installing and configuring, so I'll assume that all the commands are run as root. I won't prefix each of them with sudo.

I use the Apache web server, running on a Debian system. I don't think it matters so much for this tutorial though. If you're using NGINX it's fine, you can keep reading.

Also, I will just use the name SITE for the name of the website that we want to analyze with GoAccess. Just replace that with the real name of your site.

I also assume the following locations for your stuff:

  • the website is at /var/www/SITE
  • the logs are at /var/log/apache2/SITE (yes, there is a sub-directory)
  • we're going to save the GoAccess database in /var/lib/goaccess-db/SITE.

If you have your stuff in /srv/SITE/{log,www} instead, no worries, just adjust the paths accordingly, I bet you can do it.

Installation

The latest version of GoAccess is v1.4, and it's not yet available in the Debian repositories. So for this part, you can follow the instructions from the official GoAccess download page. Install steps are explained in details, so there's nothing left for me to say :)

When this is done, let's get started with the basics.

We're talking about the latest version v1.4 here, let's make sure:

$ goaccess --version
GoAccess - 1.4.
...

Now let's try to create a HTML report. I assume that you already have a website up and running.

GoAccess needs to parse the access logs. These logs are optional, they might or might not be created by your web server, depending on how it's configured. Usually, these log files are named access.log, unsurprisingly.

You can check if those logs exist on your system by running this command:

find /var/log -name access.log

Another important thing to know is that these logs can be in different formats. In this tutorial we'll assume that we work with the combined log format, because it seems to be the most common default.

To check what kind of access logs your web server produces, you must look at the configuration for your site.

For an Apache web server, you should have such a line in the file /etc/apache2/sites-enabled/SITE.conf:

CustomLog ${APACHE_LOG_DIR}/SITE/access.log combined

For NGINX, it's quite similar. The configuration file would be something like /etc/nginx/sites-enabled/SITE, and the line to enable access logs would be something like:

access_log /var/log/nginx/SITE/access.log

Note that NGINX writes the access logs in the combined format by default, that's why you don't see the word combined anywhere in the line above: it's implicit.

Alright, so from now on we assume that yes, you have access log files available, and yes, they are in the combined log format. If that's the case, then you can already run GoAccess and generate a report, for example for the log file /var/log/apache2/access.log

goaccess \
    --log-format COMBINED \
    --output /tmp/report.html \
    /var/log/apache2/access.log

It's possible to give GoAccess more than one log files to process, so if you have for example the file access.log.1 around, you can use it as well:

goaccess \
    --log-format COMBINED \
    --output /tmp/report.html \
    /var/log/apache2/access.log \
    /var/log/apache2/access.log.1

If GoAccess succeeds (and it should), you're on the right track!

All is left to do to complete this test is to have a look at the HTML report created. It's a single HTML page, so you can easily scp it to your machine, or just move it to the document root of your site, and then open it in your web browser.

Looks good? So let's move on to more interesting things.

Web server configuration

This part is very short, because in terms of configuration of the web server, there's very little to do. As I said above, the only thing you want from the web server is to create access log files. Then you want to be sure that GoAccess and your web server agree on the format for these files.

In the part above we used the combined log format, but GoAccess supports many other common log formats out of the box, and even allows you to parse custom log formats. For more details, refer to the option --log-format in the GoAccess manual page.

Another common log format is named, well, common. It even has its own Wikipedia page. But compared to combined, the common log format contains less information, it doesn't include the referrer and user-agent values, meaning that you won't have it in the GoAccess report.

So at this point you should understand that, unsurprisingly, GoAccess can only tell you about what's in the access logs, no more no less.

And that's all in term of web server configuration.

Configuration to run GoAccess unprivileged

Now we're going to create a user and group for GoAccess, so that we don't have to run it as root. The reason is that, well, for everything running unattended on your server, the less code runs as root, the better. It's good practice and common sense.

In this case, GoAccess is simply a log analyzer. So it just needs to read the logs files from your web server, and there is no need to be root for that, an unprivileged user can do the job just as well, assuming it has read permissions on /var/log/apache2 or /var/log/nginx.

The log files of the web server are usually part of the adm group (though it might depend on your distro, I'm not sure). This is something you can check easily with the following command:

ls -l /var/log | grep -e apache2 -e nginx

As a result you should get something like that:

drwxr-x--- 2 root adm 20480 Jul 22 00:00 /var/log/apache2/

And as you can see, the directory apache2 belongs to the group adm. It means that you don't need to be root to read the logs, instead any unprivileged user that belongs to the group adm can do it.

So, let's create the goaccess user, and add it to the adm group:

adduser --system --group --no-create-home goaccess
addgroup goaccess adm

And now, let's run GoAccess unprivileged, and verify that it can still read the log files:

setpriv \
    --reuid=goaccess --regid=goaccess \
    --init-groups --inh-caps=-all \
    -- \
    goaccess \
    --log-format COMBINED \
    --output /tmp/report2.html \
    /var/log/apache2/access.log

setpriv is the command used to drop privileges. The syntax is quite verbose, it's not super friendly for tutorials, but don't be scared and read the manual page to learn what it does.

In any case, this command should work, and at this point, it means that you have a goaccess user ready, and we'll use it to run GoAccess unprivileged.

Integration, option A - Run GoAccess once a day, from a logrotate hook

In this part we wire things together, so that GoAccess processes the log files once a day, adds the new logs to its internal database, and generates a report from all that aggregated data. The result will be a single HTML page.

Introducing logrotate

In order to do that, we'll use a logrotate hook. logrotate is a little tool that should already be installed on your server, and that runs once a day, and that is in charge of rotating the log files. "Rotating the logs" means moving access.log to access.log.1 and so on. With logrotate, a new log file is created every day, and log files that are too old are deleted. That's what prevents your logs from filling up your disk basically :)

You can check that logrotate is indeed installed and enabled with this command (assuming that your init system is systemd):

systemctl status logrotate.timer

What's interesting for us is that logrotate allows you to run scripts before and after the rotation is performed, so it's an ideal place from where to run GoAccess. In short, we want to run GoAccess just before the logs are rotated away, in the prerotate hook.

But let's do things in order. At first, we need to write a little wrapper script that will be in charge of running GoAccess with the right arguments, and that will process all of your sites.

The wrapper script

This wrapper is made to process more than one site, but if you have only one site it works just as well, of course.

So let me just drop it on you like that, and I'll explain afterward. Here's my wrapper script:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#!/bin/bash

# Process log files /var/www/apache2/SITE/access.log,
# only if /var/lib/goaccess-db/SITE exists.
# Create HTML reports in $1, a directory that must exist.

set -eu

OUTDIR=
LOGDIR=/var/log/apache2
DBDIR=/var/lib/goaccess-db

fail() { echo >&2 "$@"; exit 1; }

[ $# -eq 1 ] || fail "Usage: $(basename $0) OUTPUT_DIRECTORY"

OUTDIR=$1

[ -d "$OUTDIR" ] || fail "'$OUTDIR' is not a directory"
[ -d "$LOGDIR" ] || fail "'$LOGDIR' is not a directory"
[ -d "$DBDIR"  ] || fail "'$DBDIR' is not a directory"

for d in $(find "$LOGDIR" -mindepth 1 -maxdepth 1 -type d); do
    site=$(basename "$sitedir")
    dbdir=$DBDIR/$site
    logfile=$d/access.log
    outfile=$OUTDIR/$site.html

    if [ ! -d "$dbdir" ] || [ ! -e "$logfile" ]; then
        echo "‣ Skipping site '$site'"
        continue
    else
        echo "‣ Processing site '$site'"
    fi

    setpriv \
        --reuid=goaccess --regid=goaccess \
        --init-groups --inh-caps=-all \
        -- \
    goaccess \
        --agent-list \
        --anonymize-ip \
        --persist \
        --restore \
        --config-file /etc/goaccess/goaccess.conf \
        --db-path "$dbdir" \
        --log-format "COMBINED" \
        --output "$outfile" \
        "$logfile"
done

So you'd install this script at /usr/local/bin/goaccess-wrapper for example, and make it executable:

chmod +x /usr/local/bin/goaccess-wrapper

A few things to note:

  • We run GoAccess with --persist, meaning that we save the parsed logs in the internal database, and --restore, meaning that we include everything from the database in the report. In other words, we aggregate the data at every run, and the report grows bigger every time.
  • The parameter --config-file /etc/goaccess/goaccess.conf is a workaround for #1849. It should not be needed for future versions of GoAccess > 1.4.

As is, the script makes the assumption that the logs for your site are logged in a sub-directory /var/log/apache2/SITE/. If it's not the case, adjust that in the wrapper accordingly.

The name of this sub-directory is then used to find the GoAccess database directory /var/lib/goaccess-db/SITE/. This directory is expected to exist, meaning that if you don't create it yourself, the wrapper won't process this particular site. It's a simple way to control which sites are processed by this GoAccess wrapper, and which sites are not.

So if you want goaccess-wrapper to process the site SITE, just create a directory with the name of this site under /var/lib/goaccess-db:

mkdir -p /var/lib/goaccess-db/SITE
chown goaccess:goaccess /var/lib/goaccess-db/SITE

Now let's create an output directory:

mkdir /tmp/goaccess-reports
chown goaccess:goaccess /tmp/goaccess-reports

And let's give a try to the wrapper script:

goaccess-wrapper /tmp/goaccess-reports
ls /tmp/goaccess-reports

Which should give you:

SITE.html

At the same time, you can check that GoAccess populated the database with a bunch of files:

ls /var/lib/goaccess-db/SITE

Setting up the logrotate prerotate hook

At this point, we have the wrapper in place. Let's now add a pre-rotate hook so that goaccess-wrapper runs once a day, just before the logs are rotated away.

The logrotate config file for Apache2 is located at /etc/logrotate.d/apache2, and for NGINX it's at /etc/logrotate.d/nginx. Among the many things you'll see in this file, here's what is of interest for us:

  • daily means that your logs are rotated every day
  • sharedscripts means that the pre-rotate and post-rotate scripts are executed once total per rotation, and not once per log file.

In the config file, there is also this snippet:

prerotate
    if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
        run-parts /etc/logrotate.d/httpd-prerotate; \
    fi; \
endscript

It indicates that scripts in the directory /etc/logrotate.d/httpd-prerotate/ will be executed before the rotation takes place. Refer to the man page run-parts(8) for more details...

Putting all of that together, it means that logs from the web server are rotated once a day, and if we want to run scripts just before the rotation, we can just drop them in the httpd-prerotate directory. Simple, right?

Let's first create this directory if it doesn't exist:

mkdir -p /etc/logrotate.d/httpd-prerotate/

And let's create a tiny script at /etc/logrotate.d/httpd-prerotate/goaccess:

1
2
#!/bin/sh
exec goaccess-wrapper /tmp/goaccess-reports

Don't forget to make it executable:

chmod +x /etc/logrotate.d/httpd-prerotate/goaccess

As you can see, the only thing that this script does is to invoke the wrapper with the right argument, ie. the output directory for the HTML reports that are generated.

And that's all. Now you can just come back tomorrow, check the logs, and make sure that the hook was executed and succeeded. For example, this kind of command will tell you quickly if it worked:

journalctl | grep logrotate

Integration, option B - Run GoAccess once a day, from a systemd service

OK so we've just seen how to use a logrotate hook. One downside with that is that we have to drop privileges in the wrapper script, because logrotate runs as root, and we don't want to run GoAccess as root. Hence the rather convoluted syntax with setpriv.

Rather than embedding this kind of thing in a wrapper script, we can instead run the wrapper script from a [systemd][] service, and define which user runs the wrapper straight in the systemd service file.

Introducing systemd niceties

So we can create a systemd service, along with a systemd timer that fires daily. We can then set the user and group that execute the script straight in the systemd service, and there's no need for setpriv anymore. It's a bit more streamlined.

We can even go a bit further, and use systemd parameterized units (also called templates), so that we have one service per site (instead of one service that process all of our sites). That will simplify the wrapper script a lot, and it also looks nicer in the logs.

With this approach however, it seems that we can't really run exactly before the logs are rotated away, like we did in the section above. But that's OK. What we'll do is that we'll run once a day, no matter the time, and we'll just make sure to process both log files access.log and access.log.1 (ie. the current logs and the logs from yesterday). This way, we're sure not to miss any line from the logs.

Note that GoAccess is smart enough to only consider newer entries from the log files, and discard entries that are already in the database. In other words, it's safe to parse the same log file more than once, GoAccess will do the right thing. For more details see "INCREMENTAL LOG PROCESSING" from man goaccess.

systemd]: https://freedesktop.org/wiki/Software/systemd/

Implementation

And here's how it all looks like.

First, a little wrapper script for GoAccess:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
#!/bin/bash

# Usage: $0 SITE DBDIR LOGDIR OUTDIR

set -eu

SITE=$1
DBDIR=$2
LOGDIR=$3
OUTDIR=$4

LOGFILES=()
for ext in log log.1; do
    logfile="$LOGDIR/access.$ext"
    [ -e "$logfile" ] && LOGFILES+=("$logfile")
done

if [ ${#LOGFILES[@]} -eq 0 ]; then
    echo "No log files in '$LOGDIR'"
    exit 0
fi

goaccess \
    --agent-list \
    --anonymize-ip \
    --persist \
    --restore \
    --config-file /etc/goaccess/goaccess.conf \
    --db-path "$DBDIR" \
    --log-format "COMBINED" \
    --output "$OUTDIR/$SITE.html" \
    "${LOGFILES[@]}"

This wrapper does very little. Actually, the only thing it does is to check for the existence of the two log files access.log and access.log.1, to be sure that we don't ask GoAccess to process a file that does not exist (GoAccess would not be happy about that).

Save this file under /usr/local/bin/goaccess-wrapper, don't forget to make it executable:

chmod +x /usr/local/bin/goaccess-wrapper

Then, create a systemd parameterized unit file, so that we can run this wrapper as a systemd service. Save it under /etc/systemd/system/goaccess@.service:

[Unit]
Description=Update GoAccess report - %i
ConditionPathIsDirectory=/var/lib/goaccess-db/%i
ConditionPathIsDirectory=/var/log/apache2/%i
ConditionPathIsDirectory=/tmp/goaccess-reports
PartOf=goaccess.service

[Service]
Type=oneshot
User=goaccess
Group=goaccess
Nice=19
ExecStart=/usr/local/bin/goaccess-wrapper \
 %i \
 /var/lib/goaccess-db/%i \
 /var/log/apache2/%i \
 /tmp/goaccess-reports

So, what is a systemd parameterized unit? It's a service to which you can pass an argument when you enable it. The %i in the unit definition will be replaced by this argument. In our case, the argument will be the name of the site that we want to process.

As you can see, we use the directive ConditionPathIsDirectory= extensively, so that if ever one of the required directories does not exist, the unit will just be skipped (and marked as such in the logs). It's a graceful way to fail.

We run the wrapper as the user and group goaccess, thanks to User= and Group=. We also use Nice= to give a low priority to the process.

At this point, it's already possible to test. Just make sure that you created a directory for the GoAccess database:

mkdir -p /var/lib/goaccess-db/SITE
chown goaccess:goaccess /var/lib/goaccess-db/SITE

Also make sure that the output directory exists:

mkdir /tmp/goaccess-reports
chown goaccess:goaccess /tmp/goaccess-reports

Then reload systemd and fire the unit to see if it works:

systemctl daemon-reload
systemctl start goaccess@SITE.service
journalctl | tail

And that should work already.

As you can see, the argument, SITE, is passed in the systemctl start command. We just append it after the @, in the name of the unit.

Now, let's create another GoAccess service file, which sole purpose is to group all the parameterized units together, so that we can start them all in one go. Note that we don't use a systemd target for that, because ultimately we want to run it once a day, and that would not be possible with a target. So instead we use a dummy oneshot service.

So here it is, saved under /etc/systemd/system/goaccess.service:

[Unit]
Description=Update GoAccess reports
Requires= \
 goaccess@SITE1.service \
 goaccess@SITE2.service

[Service]
Type=oneshot
ExecStart=true

As you can see, we simply list the sites that we want to process in the Requires= directive. In this example we have two sites named SITE1 and SITE2.

Let's ensure that everything is still good:

systemctl daemon-reload
systemctl start goaccess.service
journalctl | tail

Check the logs, both sites SITE1 and SITE2 should have been processed.

And finally, let's create a timer, so that systemd runs goaccess.service once a day. Save it under /etc/systemd/system/goaccess.timer.

[Unit]
Description=Daily update of GoAccess reports

[Timer]
OnCalendar=daily
RandomizedDelaySec=1h
Persistent=true

[Install]
WantedBy=timers.target

Finally, enable the timer:

systemctl daemon-reload
systemctl enable --now goaccess.timer

At this point, everything should be OK. Just come back tomorrow and check the logs with something like:

journalctl | grep goaccess

Last word: if you have only one site to process, of course you can simplify, for example you can hardcode all the paths in the file goaccess.service instead of using a parameterized unit. Up to you.

Daily operations

So in this part, we assume that you have GoAccess all setup and running, once a day or so. Let's just go over a few things worth noting.

Serve your report

Up to now in this tutorial, we created the reports in /tmp/goaccess-reports, but that was just for the sake of the example. You will probably want to save your reports in a directory that is served by your web server, so that, well, you can actually look at it in your web browser, that was the point, right?

So how to do that is a bit out of scope here, and I guess that if you want to monitor your website, you already have a website, so you will have no trouble serving the GoAccess HTML report.

However there's an important detail to be aware of: GoAccess shows all the IP addresses of your visitors in the report. As long as the report is private it's OK, but if ever you make your GoAccess report public, then you should definitely invoke GoAccess with the option --anonymize-ip.

Keep an eye on the logs

In this tutorial, the reports we create, along with the GoAccess databases, will grow bigger every day, forever. It also means that the GoAccess processing time will grow a bit each day.

So maybe the first thing to do is to keep an eye on the logs, to see how long it takes to GoAccess to do its job every day. Also, maybe you'd like to keep an eye on the size of the GoAccess database with:

du -sh /var/lib/goaccess-db/SITE

If your site has few visitors, I suspect it won't be a problem though.

You could also be a bit pro-active in preventing this problem in the future, and for example you could break the reports into, say, monthly reports. Meaning that every month, you would create a new database in a new directory, and also start a new HTML report. This way you'd have monthly reports, and you make sure to limit the GoAccess processing time, by limiting the database size to a month.

This can be achieved very easily, by including something like YEAR-MONTH in the database directory, and in the HTML report. You can handle that automatically in the wrapper script, for example:

sfx=$(date +'%Y-%m')

mkdir -p $DBDIR/$sfx

goaccess \
    --db-path $DBDIR/$sfx \
    --output "$OUTDIR/$SITE-$sfx.html" \
    ...

You get the idea.

Further notes

Migration from older versions

With the --persist option, GoAccess keeps all the information from the logs in a database, so that it can re-use it later. In prior versions, GoAccess used the Tokyo Cabinet key-value store for that. However starting from v1.4, GoAccess dropped this dependency and now uses its own database format.

As a result, the previous database can't be used anymore, you will have to remove it and restart from zero. At the moment there is no way to convert the data from the old database to the new one. If you're interested, this is discussed upstream at [#1783][bug-1783].

Another thing that changed with this new version is the name for some of the command-line options. For example, --load-from-disk was dropped in favor of --restore, and --keep-db-files became --persist. So you'll have to look at the documentation a bit, and update your script(s) accordingly.

Other ways to use GoAccess

It's also possible to do it completely differently. You could keep GoAccess running, pretty much like a daemon, with the --real-time-html option, and have it process the logs continuously, rather than calling it on a regular basis.

It's also possible to see the GoAccess report straight in the terminal, thanks to libncurses, rather than creating a HTML report.

And much more, GoAccess is packed with features.

Conclusion

I hope that this tutorial helped some of you folks. Feel free to drop an e-mail for comments.

05:14

Skin Horse 10 Playlist [Skin Horse]

Shaenon: Hey, look, I made another another playlist! Enjoy!

Channing: Can we just take a moment to admire the sheer breadth of weird genius music Shaenon’s library contains? Because I think we really need to talk about that.

Also happy to see Zevon getting some more love. It’s a crying shame that he’s nothing more than “Werewolves of London” to 90% of folks out there.

02:56

Exorcise Bike, Part 3: Prayer for Exorcism [Nina Paley]

EXORCISE BIKE

(A ritual prayer for Titania’s exorcism, to be performed next week after she comes back from a thorough cleaning and parts replacement.)

In the name of Velocipe Cycladia,
Goddess of bicycles and protector of riders,
Muse of mechanics and engineers,
Who hast inspired and brought forth the greatest achievement of human technology: the Bicycle;

We confidently undertake to repulse the attacks and deceits of poor maintenance.

Cast out from this Bicycle all corrosion and corroding agents.
Defend her components from gungeing up, her metal parts from bending and snapping, her chain from stretching.
From cracks and gouges, we beg You, Great Goddess, preserve the structural integrity of her frame.
Let not her sprockets wear down, nor her bearings become pitted.
O Lady Liberator, keep forever lubricated and freely moving her chain, bearings, sprockets, cables, pulleys, and pivot points.
Protect her tires, that they not be pierced or punctured with road debris, nor worn to the casing; and keep her tubes free of leaks and tears. Grant that her struts and spokes be strong, and her wheels true.
May her bolts remain bolted,
her fasteners fast,
her clamps clamped,
her loctite tite,
and her nylocs locked.

May any mistreatment, abuse, weirdness, improper maintenance, and sadness instilled in this machine by previous handlers, be cast out now and forever.

We drive you from this bicycle:
all unclean spirits,
all corrosive powers,
all cracks and abrasives,
all incorrect lubricants, solvents, and salts.

The sacred sign of the Wheel commands you, as does also the power of the mysteries of Velosophy.

Deign, O Goddess Cycladia,
to grant this Bicycle’s rider the foresight to maintain her,
to clean her as needed, and occasionally lube her chain;
to check tire pressure and brakes before each ride;
to replace parts as they wear out;
to apply grease before bolting.
Grant this rider the strength, courage, and humility to bring forth this Bicycle unto a qualified Mechanic when necessary.

Fill this rider with the spirit of love and dedication worthy of Your blessed Bicycle, that together they glorify Thy creation.

May Velocipe Cycladia be with this bicycle,
and with thy spirit.

Amen.

Share

Exorcise Bike, Part 2: Velocipe Cycladia [Nina Paley]

Velocipe Cycladia is the Goddess of bicycles and cyclists.

I had to make her up, because Madonna del Ghisallo just wan’t cutting it: not enough imagery, not enough paraphernalia, and no exorcisms I could find.

My new-to-me bike Titania needs an exorcism. Sometimes, if you want something done right, you gotta do it yourself, so I am writing it. (On the other hand, if I want bike repair done right, I take it to the shop. That’s the mechanic’s expertise; mine is art and making up new religions.)

Although not before named – or perhaps under many names – Cycladia has appeared with the bicycle almost from its beginnings. Evidence is in numerous vintage posters:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

I removed some of these figures from their backgrounds, for possible future use:

But the Lady Liberator, at the top of this post, is my favorite. The bat-winged helmet especially inspires awe. So she will appear again in my next post, accompanying the exorcism prayer I composed today.

 

 

Share

02:21

Charles Plessy: Thank you, VAIO [Planet Debian]

I use everyday a VAIO Pro mk2 that I bought 5 years ago with 3 years of warranty. It has been a few months that I was noticing that something was slowly inflating inside. In July, things accelerated to the point that its thickness had doubled. After we called the customer service of VAIO, somebody came to pick up the laptop in order to make a cost estimate. Then we learned on the phone that it would be free. It is back in my hands in less than two weeks. Bravo VAIO !

02:07

Exorcise Bike, Part 1: My Ti-Rush is Haunted [Nina Paley]

My new-to-me bike, Titania, needs an exorcism.

I bought her in June, used, off San Diego Craigslist. I’d been seeking a Ti-Rush – a rare, coveted titanium Easy racers recumbent – for years. Easy Racers is no longer in business, and used models seldom come up for sale. I stupidly passed on a size Medium right before the pandemic started; when this size Small appeared, I jumped on it, even knowing it would only just barely fit me. It took quite a bit of finagling to find someone in San Diego to pack and ship, but I managed to arrange it (and met an interesting person in the process), and the bike arrived at the end of June.

When I unpacked her, water leaked out of the frame. On our first ride, the left rear brake got loose and strummed against the spokes, which was easy enough to fix, although I did so incorrectly. I noticed her seat mesh was laced wrong. I reinforced it with zip ties, but that was an insufficient kluge.

Was the seat mesh mis-laced by a demon?

The pedals clunked; I replaced them, and when they still clunked I surmised it was a bottom bracket problem. My local bike shop replaced it, and in so doing discovered the crank bolts had been greased with motor oil. The original bottom bracket was a fancy, ceramic-bearing number, and the bike itself is fairly young, from 2014.  How did it get this much damage in just a few years?

The answer can only be A. Florida (where her previous owner rode her before he moved to California, and where humid salt air corrodes metal) and B. Demonic possession.

Over time, I came to realize that every part of her that wasn’t titanium was corroded. Her frame appears to be in fine condition, but everything else is aluminum or steel.

This kickstand is aluminum. I think the screws are steel.

The left adjustable seat support strut “sank” while I was riding, in spite of my thoroughly tightening its clamp bolt. Turns out the bolt was corroded.

The aluminum plate that holds the seat to the seat clamp broke on a ride; I had it re-fabricated by a local machine shop.

Pre-Pack Machinery made a new and improved aluminum seat plate, without the gratuitous holes.

I took apart the seat first, to find the most corroded aluminum I had ever seen. I cleaned it up with steel wool but it’s still pretty ugly.

I bought some paracord and re-laced the seat mesh (which I washed) correctly. I got new bolts for the struts.

I also got new shifters, brake levers, bar grips, front derailleur, and kickstand. The bike is currently at the shop having new parts installed. The mechanic will also clean her thoroughly and replace more bolts. Where else will he find she was lubricated with motor oil?

Meanwhile, I am preparing Titania’s exorcism, which I shall discuss in my next post.

Other than being haunted, Titania is a great bike.

Share

Alexander Artemenko: dufy [Planet Lisp]

This library is named in honour of Raoul Dufy, the French painter. It provides functions for color manipulation and conversion in various color spaces.

To experiment with Dufy we'll write a two helper function to convert RGB colors from and to hexadecimal representation:

POFTHEDAY> (defun string-to-rgb (s)
             (loop for i from 1 to 5 by 2
                   collect (parse-integer s
                                          :start i
                                          :end (+ 2 i)
                                          :radix 16)
                     into result
                   finally (return (values-list result))))

POFTHEDAY> (string-to-rgb "#F4BBFF")
244
187
255

POFTHEDAY> (defun rgb-to-string (r g b)
             (format nil "#~2,'0X~2,'0X~2,'0X"
                     r g b))

POFTHEDAY> (rgb-to-string 244 187 255)
"#F4BBFF"

Now it is time to test how does color conversion work:

POFTHEDAY> (dufy:qrgb-to-hsv 244 187 255)
290.2941176470588d0
0.2666666666666667d0
1.0d0 (100.0d0%)

POFTHEDAY> (dufy:hsv-to-qrgb 290.2941176470588d0
                             0.2666666666666667d0
                             1.0d0)
244
187
255

Dufy provides a number of such functions. It also implements functions for color difference calculation.

But let's do something more practical - create a color which is a little bit darker but has the same tone.

To do this, we need to convert RGB to HSV, reduce V part and convert it back. This function can be useful when generating CSS using Lass library:

POFTHEDAY> (defun darker (color &optional (ratio 0.75))
             "Returns CSS color which is a little bit darker"
             (rutils:with ((r g b (string-to-rgb color))
                           (h s v (dufy:qrgb-to-hsv r g b))
                           (new-r new-g new-b (dufy:hsv-to-qrgb h s (* v ratio))))
               (rgb-to-string new-r new-g new-b)))

POFTHEDAY> (darker "#F4BBFF")
"#B78CBF"

Here is the result:

Original (#F4BBFF)
Darker (#B78CBF)

Let's tests the function for distance calculation and find out how different these two colors!

POFTHEDAY> (string-to-rgb "#F4BBFF")
244
187
255

POFTHEDAY> (string-to-rgb "#B78CBF")
183
140
191

POFTHEDAY> (dufy:qrgb-deltae00
              244 187 255
              183 140 191)
14.557112327275474d0

;; The difference between black and white:

POFTHEDAY> (dufy:qrgb-deltae00
              255 255 255
              0 0 0)
100.00000000000003d0

Lem uses a similar function to pick the nearest color index. But seems it is much simpler. I'll try to replace it with an algorithm from Dufy and see if my problem with Solarized color theme will disappear.

Probably there are other function for color manipulation which I don't understand.

Saturday, 08 August

22:28

19:14

Link [Scripting News]

As I work my way through Schitt's Creek, the characters are so fascinating and Moira may be the most, since we already knew the actor as Delia Deetz from Beetlejuice. It's hard for me to see the connection between the two. In one episode in Season 2 Moira is frantically looking for nude pictures of herself taken when she was younger. For most of the show you think she wants to find them so she can take them down, but no. She wants to be sure they're there. She wants to still be, in some sense, the actress we knew as Delia Deetz (Moira plays a former actress, btw). Her advice to Stevie, a super cute young supporting character, is to make sure to take lots of pictures of herself now when she's young. No matter how you think you're not very beautiful, when you're older you will see all the beauty you can't see now. I'm about the same age as Catherine O'Hara, the actress, and I want to say I totally concur. I can't believe how beautiful I was when I was younger, but of course I didn't see it then.

19:07

The Censorship of 'Cancel Culture' [Richard Stallman's Political Notes]

*The Censorship of 'Cancel Culture' May Ultimately Be Most Dangerous for Social Justice Champions.*

Evidence that the US had no military need to use nuclear weapons against Japan [Richard Stallman's Political Notes]

Presenting evidence that the US had no military need to use nuclear weapons against Japan, because it already knew that Japan was looking for a way to surrender while saving face.

President Truman later said that he did believe, when he made the decision, that the only choices were bomb or invade.

I wonder whether he was aware that most high-ranking US generals said that Japan would surrender soon anyway. Were those views transmitted to him? Perhaps his advisors kept him away from that idea.

One argument in the first article is that the use of nuclear weapons made little difference to Japan's willingness to surrender, because non-nuclear bombing had done far more damage. If we accept that as valid, what are its full consequences? There were US generals at the time who said conventional (non-nuclear) bombing of cities was an atrocity.

(satire) "The Boys of Summer" [Richard Stallman's Political Notes]

(satire) *Eagles vocalist Don Henley filed suit Wednesday against both Donald Trump and Joe Biden’s campaigns for not playing "The Boys Of Summer" at their events.*

Gun control groups send ironic condolences to the NRA [Richard Stallman's Political Notes]

*'Thoughts and Prayers': Gun Control Groups Send Ironic Condolences [to the NRA, in case it loses the case and gets dissolved].*

Proposing to decriminalize all drugs [Richard Stallman's Political Notes]

Proposing to decriminalize all drugs, and let medical agencies decide how the government should deal with each one.

(satire) Replacing officers with social workers [Richard Stallman's Political Notes]

(satire) *The mayor outlined a plan that dramatically restructured the municipality’s approach to public safety, replacing its nearly 850 police officers with a similar number of social workers, who would be dispatched to city streets and have at their disposal firearms, bulletproof vests, tear gas, …*

Twitter blocked the DNC from condemning one of the bullshitter's lies [Richard Stallman's Political Notes]

Twitter blocked the DNC from condemning one of the bullshitter's lies because it mistook those tweats for support.

It's not only Twitter that finds that condemnation of a statement can be quite similar to supporting it. People can also fail to distinguish. Repeating bullshit, even to attack it, can backfire and spread it instead.

When you want to condemn something that someone else said, don't repeat that statement in a prominently visible way.

Pompeo's New Hierarchy of Rights [Richard Stallman's Political Notes]

*In Pompeo's New Hierarchy of Rights, Religion and Property, Not Humans, Are at the Top.*

USPS work rule changes are delaying mail for as much as a week [Richard Stallman's Political Notes]

USPS work rule changes are delaying mail for as much as a week. This poses a real threat to postal voting. Democrats plan to insist on including support for USPS and elections in the next relief bill.

Can there be a next relief bill? Senate Republicans say they will not agree to one unless it cuts Social Security. They could easily reject anything that will help fair elections, for their own reelection's sake. They need only old out for three more months.

Amazon offers several new surveillance microphone products [Richard Stallman's Political Notes]

Amazon offers several new surveillance microphone products, meant to be carried around by people during daily life. That will enable them to listen to whoever the device's "owner" comes near.

But don't worry — Amazon is learning how to talk the talk about privacy in a way that more people would find comforting.

A voice command system that is safe for its owner would be one that runs only free software, and does the whole job locally, communicating with other sites only when asked to. With the software inside free, the owner of this device would truly own it.

But even that would not respect the privacy of other people nearby. How to deal with that issue is not obvious.

Fiberglass boats [Richard Stallman's Political Notes]

*How fiberglass boats have become a global pollution problem.*

I wonder, do we know of any safe way to dispose of fiberglass boats?

18:28

On Perl 7 and the Perl Steering Committee [LWN.net]

For those who are wondering about the state of the proposed Perl 7 fork and the role of the newly formed Perl Steering Committee, Ricardo Signes has put together a detailed explanation that is worth a read. "You should not expect to see a stream of unjustified dictates issuing forth from some secret body on high. You should expect to see perl5-porters operating as it generally did: with proposals coming to the list, getting discussion, and then being thumbed up or down by the project manager. This is what has been happening for years, already. Some proposals were already discussed by the project manager and some were not. If you eliminated any named mailing list for doing this, it would still happen. The PSC is a means to say that there is a default group for such discussions. If you were wondering, its initial membership was formed from 'the people who came to or were invited to the Perl Core Summit' over the last few years."

Pluralistic: 08 Aug 2020 [Pluralistic: Daily links from Cory Doctorow]


Today's links



Peter Thiel was right (permalink)

Peter Thiel styles himself a defender of liberty, and every time he does, someone points out this article he wrote in which he said that democracy is incompatible with freedom and women shouldn't be allowed to vote.

https://www.cato-unbound.org/2009/04/13/peter-thiel/education-libertarian

He's right: the capitalist freedom – to have dominion over how your capital is worked by laborers – is in tension with democracy. Richard D Wolff's "Why capitalism is in constant conflict with democracy" lays it out with admirable clarity.

https://www.alternet.org/2020/08/why-capitalism-is-in-constant-conflict-with-democracy/

The owner of a business is the dictator of the business. They have the final say over who is hired and fired, and what workers must do on the job.

Workers can quit (assuming they haven't been coerced into noncompete clauses and that they aren't trapped in a monopsonic market for their labor), but they don't get a vote.

But they DO get a vote when they're not on the job – they get a vote at the ballot box, where it's one person, one vote. There are a lot more workers than bosses, so, in theory, workers can vote for laws that make workplaces more democratic.

They can vote for pro-union laws, for labor protections, for antidiscrimination laws, for health and safety rules, for rules banning sexual harassment and discrimination based on race, sex, politics, sexuality, age, etc.

The boss's freedom to be the boss can be taken away by the workers' freedom to vote for laws that boss the bosses around. Socialists have said this for centuries, but capitalists usually pretend it's not true. Thiel just said the quiet part aloud.

In a democracy, the freedom of bosses is dependent on getting workers to vote against their freedom to boss bosses around. When this fails, bosses often back military dictatorships, in the name of (boss) freedom.

That's why "freedom advocates" like Hayek and Friedman flew to Chile to help Pinochet kidnap and murder his political opponents. The opposition's freedom to advocate for democracy was in conflict with bosses' freedom to be bosses.

But military dictatorships are the last resort. Before we get to military dictatorships, bosses just try to get turkeys to vote for Christmas.

They might tell the turkeys that they're temporarily embarrassed millionaires, and any anti-boss laws will bite them in the ass when they, too, become bosses.

But when decades of wage stagnation, declining standard of living, and precarity make the story of future millionairedom harder to believe, bosses usually just start smashing the racism button.

"Turkeys of America! If you want to keep the chickens, ducks and other undeserving foreign poultry out of the farmyard, VOTE FOR THE CHRISTMAS PARTY THIS NOVEMBER!"

Republicans are better at getting turkeys to vote for Christmas than Democrats are, though both parties try. Also, Republicans really throw amazing Christmas feasts with a lot of really delicious turkey for the invited guests: tax cuts, deregulation, anti-union laws.

But when the GOP loses elections, the farmer class simply switches sides and backs pro-Christmas Democrats. The Democratic party has a strong pro-turkey/anti-Christmas faction, and suppressing that wing becomes the Dems' major project – moreso even than defeating the GOP.

This all gets a lot hotter during crises, and this is the worst crisis in a century (though worse ones are ahead of us, thanks to the climate emergency).

Wolff: "Endless political maneuvers around hegemonic blocs with alternative sections of the employees allowed capitalism to survive. However, eventually those contradictions would exceed the capacity of hegemonic maneuvers to contain and control them. A pandemic combined with a major economic crash may provoke and enable progressives to make the break, change U.S. politics, and realize the long-overdue social changes."

(In case you were wondering, Thiel thinks women shouldn't be allowed to vote because they're more likely to want to keep children from starving and so they'll vote to make rich people feed them).

(Image: Chetsford, CC BY-SA, modified)



Google bans anticompetitive vocabularies (permalink)

Google is facing anti-monopoly enforcement action in the EU and the USA and the UK, with more to come, and the company is starting to get nervous.

It's just issued guidance to employees advising them against using words in their internal comms that would be smoking guns in these investigations: "market," "barriers to entry," and "network effects" among them.

https://themarkup.org/google-the-giant/2020/08/07/google-documents-show-taboo-words-antitrust

The memo detailing the new linguistic rules leaked to The Markup, with the anodyne title "Five Rules of Thumb for Written Communications.”

https://www.documentcloud.org/documents/7016657-Five-Rules-of-Thumb-for-Written-Communications.html

The memo cites other companies that got into trouble when internal memos came to light, such as Microsoft's infamous stated internal goal of "cutting off Netscape's air supply." It advises workers to discuss their plans in pro-competition terms.

Googlers are advised to discuss customer retention through product quality, not through "stickiness" or other euphemisms for lock-in; to explain how new products will succeed without "leveraging" existing successes, and to steer clear of "scale effects" as corporate goals.

They're enjoined from celebrating Google's market dominance, to discuss how Google "dominates or controls" its markets, or even to estimate what share of a market Google controls. They're also not allowed to define their markets, which would let other estimate their share.

This is going to make for some tortured backflips! Google's going to struggle to (say) improve "search" without defining what "search" is.

Ironically for a leaked doc, the doc advises the reader to assume every doc their produce will leak (!), but OTOH, points for realism.

For me, the most interesting thing about the memo is that it marks a serious turning-point in the way that business leaders talk about competition. Peter Thiel famously said that "competition is for losers."

https://www.alleywatch.com/2015/08/according-peter-thiel-competition-loser/

Thiel's the quiet-part-aloud guy, but he's not alone. Famous investors like Warren Buffet and Andreesen-Horowitz openly boast of a preference for investing in monopolies, and creating monopolies is Softbank's stated purpose.

Every pirate wants to be an admiral. Capitalists who dream of dominance want competition. Capitalists who attain dominance want to abolish it.



Free the law (permalink)

We think of laws as being the texts of bills that pass out of Congress and get signed by the president. But the law is really defined by the judicial interpretation of those bills – the transcripts and outcomes of court cases.

These are in the public domain (like all US government works) but they cost $0.10/page to access, through a Clinton-era system called PACER that is literally just a drive full of PDFs that isn't even searchable.

The system is supposed to run on a break-even basis, but it pulls in more than $150m/year (again, for a drive full of PDFs). PACER remains the world's largest paywall, though activists have worked hard to chip away at it.

For example, RECAP is a browser plugin for PACER users; when you pay for a page, RECAP sends a copy of it to the Internet Archive for open access. Other RECAP users who request that page from PACER are automatically redirected to the free RECAP copy.

https://blog.law.cornell.edu/voxpop/2011/02/03/pacer-recap-and-the-movement-to-free-american-case-law/

RECAP has turned up all kinds of dirty secrets about the "the secretive, hierarchical judicial branch."

https://www.wsj.com/articles/SB10001424052970203550604574361032197709414

When Aaron Swartz and friends liberated a huge tranche of PACER docs, they discovered that court clerks were not redacting victims' personal info – SSNs, the names and home addresses of sexual assault survivors (including children), etc.

They blew the whistle on the courts and in retaliation, the FBI investigated Aaron for "stealing" these public domain court records.

https://sunlightfoundation.com/2013/02/01/open-public-access-to-court-records-for-aaron-freepacer/

Aaron beat the rap, but the same prosecutors and Feebs that he thwarted came after him for downloading scientific articles from MIT's network and hounded him to his suicide in 2013.

RECAP's comrades-in-arms are the Free Law Project, who have liberated massive tranches of US law from PACER's paywall:

https://free.law/2017/08/15/we-have-every-free-pacer-opinion-on-courtlistenercom/

In 2016, a district court ruled that PACER had to operate on a break-even basis – not extract additional revenues to fund unrelated courtroom expenses. The US Government appealed, and, last week, they lost.

https://news.bloomberglaw.com/white-collar-and-criminal-law/federal-circuit-affirms-limits-on-how-government-uses-pacer-fees

The ruling should end this, but it won't. The as Fix The Court's Gabe Roth told Bloomberg, the courts are likely to continue arguing that a networked drive full of PDFs costs $100m/year to operate, and keep charging Americans to find out what the law says.

But on the plus side, the appeals court ordered the DoJ to reimburse people who paid too much to read the law.

The latest budget request from the judiciary seeks $142m for PACER (again, this is a networked hard-drive full of PDFs).



Jailed for pen-testing (permalink)

Last year, the information security world was baffled and frustrated by the tale of Justin Wynn and Gary DeMercurio, penetration testers who were hired to break into a Des Moines courthouse by its managers, then arrested for fulfilling their contract.

Penetration testers evaluate the security of physical and digital systems by breaking into them, with permission from their owners, as a way of identifying and shoring up weaknesses. Wynn and DeMercurio work for Coalfire, a leading pen-tester company.

The state of Iowa hired Coalfire to break into its Dallas County courthouse. Wynn and DeMercurio picked the locks, entered the building, and, as instructed, they left the alarm armed, and set out to see how much data they could get before it brought a response.

The tale of how they landed in jail for doing their jobs is a taut technothriller-cum-legal-thriller, narrated by Andy Greenberg for Wired.

https://www.wired.com/story/inside-courthouse-break-in-spree-that-landed-two-white-hat-hackers-in-jail/

Greenberg describes how the testers waited for the police to arrive, presented themselves to the officers, identified themselves, and explained that they were supposed to be doing this, showing them an official letter from the State of Iowa authorizing them.

But the Dallas County Sheriff Chad Leonard didn't care: the courthouse was county property, not state property, so the pen-testers were trespassing. He ordered their arrest on trespassing and felony burglary charges.

The "Kafkaesque small-town politics" mired Wynn and DeMercurio in a long legal wrangle – but the real story is how easy it was for them to break into all five of the buildings they'd been hired to investigate, and how easy it would have been for them to subvert justice.

"We could have fixed a case… corrupted evidence… identified jurors. You name it." -DeMercurio

Some of their tactics were cool and high-tech – using compressed air to trick an infrared sensor and open a door.

But a lot of the time, security was much simpler to defeat some doors were so flimsy they could be opened by pushing them until they flexed enough to reach around them and push the crash-bar.

But that wasn't Sheriff Leonard's concern: he was more worried about his turf, defying state orders to let the pen-testers go and telling state officials he considered them "accessories" to a crime.

To make things worse, the magistrate who arraigned them, Judge Andrea Flanagan, refused to believe their story, despite their official letters from her own employer, Iowa's judiciary: "You’re going to have to come up with a better story than that."

And the prosecutor successfully argued that because they were out-of-staters, they needed high bail. The fact that none of the Iowa officials who'd hired them bothered to show up did not help – the state was now "disavowing" the contract

The state issued a release apologizing to the counties, saying that they hadn't "intended, or anticipated, [Coalfire’s] efforts to include the forced entry into a building." Later, it claimed it hadn't even been aware of parts of the op, that it has explicitly authorized.

All of this was bullshit. An outside law-firm hired to investigate the matter concluded that Iowa explictly hired Coalfire to perform "physical attacks" on its buildings and to "focus on breaking in after hours."

To its credit, Coalfire ignored legal advice to throw Wynn and DeMercurio under the bus, and continued to work in their defense.

Meanwhile, Iowa officialdom arranged a circular firing squad, with apologies from the Chief Justice of its Supreme Court, angry grandstanding from state senator Tony Bisignano, and threats of charges against the state officials that hired Coalfire.

(It may be that the only thing that saved those officials from arrest was the sudden death of the Supreme Court's Chief Justice and the chaos that ensued).

Iowa prosecutors offered Wynn and DeMercurio the chance to plea down to misdemeanors. They refused. Finally, the charges were dropped. State senators are still calling pen-testers "bandits" in public.

It's not clear whether any of the vulnerabilities Wynn and DeMercurio identified have been addressed.

They gave a presentation on their order at last week's Black Hat:

https://www.blackhat.com/us-20/briefings/schedule/index.html#we-went-to-iowa-and-all-we-got-were-these-felony-arrest-records-20970



This day in history (permalink)

#10yrsago Resistance: YA comic about the kids who served in the French resistance https://boingboing.net/2010/08/09/resistance-ya-comic.html

#1yrago The voting machines that local officials swore were not connected to the internet have been connected to the internet for years https://www.vice.com/en_us/article/3kxzk9/exclusive-critical-us-election-systems-have-been-left-exposed-online-despite-official-denials

#1yrago As police scrutiny tightens, Hong Kongers use Tinder and Pokemon Go to organize protests https://www.scmp.com/abacus/culture/article/3021560/how-hong-kong-protesters-are-using-tinder-and-pokemon-go

#1yrago Group sex dating app has "the worst security for any dating app" https://www.pentestpartners.com/security-blog/group-sex-app-leaks-locations-pictures-and-other-personal-details-identifies-users-in-white-house-and-supreme-court/

#1yrago Uber projected $8b in losses for 2019, but it just booked $5.2b in losses in a single quarter https://www.theverge.com/2019/8/8/20793793/uber-5-billion-quarter-loss-profit-lyft-traffic-2019



Colophon (permalink)

Today's top sources: Andy Greenberg (https://twitter.com/a_greenberg), Naked Capitalism (https://www.nakedcapitalism.com/), Slashdot (<a (47252="" (part="" 12),="" 543="" <a="" a="" about="" and="" cause,"="" comes="" currently="" deficit="" href="https://craphound.com/podcast/2020/08/03/someone-comes-to-town-someone-leaves-town-part-12/" kelton="" leaves="" lost="" myth,="" novel="" post-gnd="" progress:="" reading:="" reconciliation.="" someone="" stephanie="" the="" to="" total).="" town="" town,="" truth="" words="" yesterday's="">https://craphound.com/podcast/2020/08/03/someone-comes-to-town-someone-leaves-town-part-12/

Upcoming appearances:

Latest book:

Upcoming books:


This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.


How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/web/accounts/303320

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

When life gives you SARS, you make sarsaparilla -Joey "Accordion Guy" DeVilla

17:49

Holger Levsen: 20200808-debconf8 [Planet Debian]

DebConf8

This tshirt is 12 years old and from DebConf8.

DebConf8 was my 6th DebConf and took place in Mar de la Plata, Argentina.

Also this is my 6th post in this series of posts about DebConfs and for the last two days for the first time I failed my plan to do one post per day. And while two days ago I still planned to catch up on this by doing more than one post in a day, I have now decided to give in to realities, which mostly translates to sudden fantastic weather in Hamburg and other summer related changes in life. So yeah, I still plan to do short posts about all the DebConfs I was lucky to attend, but there might be days without a blog post. Anyhow, Mar de la Plata.

When we held DebConf in Argentina it was winter there, meaning locals and other folks would wear jackets, scarfs, probably gloves, while many Debian folks not so much. Andreas Tille freaked out and/or amazed local people by going swimming in the sea every morning. And when I told Stephen Gran that even I would find it a bit cold with just a tshirt he replied "na, the weather is fine, just like british summer", while it was 14 celcius and mildly raining.

DebConf8 was the first time I've met Valessio Brito, who I had worked together since at least DebConf6. That meeting was really super nice, Valessio is such a lovely person. Back in 2008 however, there was just one problem: his spoken English was worse than his written one, and that was already hard to parse sometimes. Fast forward eleven years to Curitiba last year and boom, Valessio speaks really nice English now.

And, you might wonder why I'm telling this, especially if you were exposed to my Spanish back then and also now. So my point in telling this story about Valessio is to illustrate two things: a.) one can contribute to Debian without speaking/writing much English, Valessio did lots of great artwork since DebConf6 and b.) one can learn English by doing Debian stuff. It worked for me too!

During set up of the conference there was one very memorable moment, some time after the openssl maintainer, Kurt Roeckx arrived at the venue: Shortly before DebConf8 Luciano Bello, from Argentina no less, had found CVE-2008-0166 which basically compromised the security of sshd of all Debian and Ubuntu installations done in the last 4 years (IIRC two Debian releases were affected) and which was commented heavily and noticed everywhere. So poor Kurt arrived and wondered whether we would all hate him, how many toilets he would have to clean and what not... And then, someone rather quickly noticed this, approached some people and suddenly a bunch of people at DebConf were group-hugging Kurt and then we were all smiling and continuing doing set up of the conference.

That moment is one of my most joyful memories of all DebConfs and partly explains why I remember little about the conference itself, everything else pales in comparison and most things pale over the years anyway. As I remember it, the conference ran very smoothly in the end, despite quite some organisational problems right before the start. But as usual, once the geeks arrive and are happily geeking, things start to run smooth, also because Debian people are kind and smart and give hands and brain were needed.

And like other DebConfs, Mar de la Plata also had moments which I want to share but I will only hint about, so it's up to you to imagine the special leaves which were brought to that cheese and wine party! ;-)

Update: added another xkcd link, spelled out Kurt's name after talking to him and added a link to a video of the group hug.

Reproducible Builds: Reproducible Builds in July 2020 [Planet Debian]

Welcome to the July 2020 report from the Reproducible Builds project.

In these monthly reports, we round-up the things that we have been up to over the past month. As a brief refresher, the motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced from the original free software source code to the pre-compiled binaries we install on our systems. (If you’re interested in contributing to the project, please visit our main website.)

General news

At the upcoming DebConf20 conference (now being held online), Holger Levsen will present a talk on Thursday 27th August about “Reproducing Bullseye in practice”, focusing on independently verifying that the binaries distributed from ftp.debian.org were made from their claimed sources.

Tavis Ormandy published a blog post making the provocative claim that “You don’t need reproducible builds”, asserting elsewhere that the many attacks that have been extensively reported in our previous reports are “fantasy threat models”. A number of rebuttals have been made, including one from long-time contributor Reproducible Builds contributor Bernhard Wiedemann.

On our mailing list this month, Debian Developer Graham Inggs posted to our list asking for ideas why the openorienteering-mapper Debian package was failing to build on the Reproducible Builds testing framework. Chris Lamb remarked from the build logs that the package may be missing a build dependency, although Graham then used our own diffoscope tool to show that the resulting package remains unchanged with or without it. Later, Nico Tyni noticed that the build failure may be due to the relationship between the FILE C preprocessor macro and the -ffile-prefix-map GCC flag.

An issue in Zephyr, a small-footprint kernel designed for use on resource-constrained systems, around .a library files not being reproducible was closed after it was noticed that a key part of their toolchain was updated that now calls --enable-deterministic-archives by default.

Reproducible Builds developer kpcyrd commented on a pull request against the libsodium cryptographic library wrapper for Rust, arguing against the testing of CPU features at compile-time. He noted that:

I’ve accidentally shipped broken updates to users in the past because the build system was feature-tested and the final binary assumed the instructions would be present without further runtime checks

David Kleuker also asked a question on our mailing list about using SOURCE_DATE_EPOCH with the install(1) tool from GNU coreutils. When comparing two installed packages he noticed that the filesystem ‘birth times’ differed between them. Chris Lamb replied, realising that this was actually a consequence of using an outdated version of diffoscope and that a fix was in diffoscope version 146 released in May 2020.

Later in July, John Scott posted asking for clarification regarding on the Javascript files on our website to add metadata for LibreJS, the browser extension that blocks non-free Javascript scripts from executing. Chris Lamb investigated the issue and realised that we could drop a number of unused Javascript files [][][] and added unminified versions of Bootstrap and jQuery [].


Development work

Website

On our website this month, Chris Lamb updated the main Reproducible Builds website and documentation to drop a number of unused Javascript files [][][] and added unminified versions of Bootstrap and jQuery []. He also fixed a number of broken URLs [][].

Gonzalo Bulnes Guilpain made a large number of grammatical improvements [][][][][] as well as some misspellings, case and whitespace changes too [][][].

Lastly, Holger Levsen updated the README file [], marked the Alpine Linux continuous integration tests as currently disabled [] and linked the Arch Linux Reproducible Status page from our projects page [].

diffoscope

diffoscope is our in-depth and content-aware diff utility that can not only locate and diagnose reproducibility issues, it provides human-readable diffs of all kinds. In July, Chris Lamb made the following changes to diffoscope, including releasing versions 150, 151, 152, 153 & 154:

  • New features:

    • Add support for flash-optimised F2FS filesystems. (#207)
    • Don’t require zipnote(1) to determine differences in a .zip file as we can use libarchive. []
    • Allow --profile as a synonym for --profile=-, ie. write profiling data to standard output. []
    • Increase the minimum length of the output of strings(1) to eight characters to avoid unnecessary diff noise. []
    • Drop some legacy argument styles: --exclude-directory-metadata and --no-exclude-directory-metadata have been replaced with --exclude-directory-metadata={yes,no}. []
  • Bug fixes:

    • Pass the absolute path when extracting members from SquashFS images as we run the command with working directory in a temporary directory. (#189)
    • Correct adding a comment when we cannot extract a filesystem due to missing libguestfs module. []
    • Don’t crash when listing entries in archives if they don’t have a listed size such as hardlinks in ISO images. (#188)
  • Output improvements:

    • Strip off the file offset prefix from xxd(1) and show bytes in groups of 4. []
    • Don’t emit javap not found in path if it is available in the path but it did not result in an actual difference. []
    • Fix ... not available in path messages when looking for Java decompilers that used the Python class name instead of the command. []
  • Logging improvements:

    • Add a bit more debugging info when launching libguestfs. []
    • Reduce the --debug log noise by truncating the has_some_content messages. []
    • Fix the compare_files log message when the file does not have a literal name. []
  • Codebase improvements:

    • Rewrite and rename exit_if_paths_do_not_exist to not check files multiple times. [][]
    • Add an add_comment helper method; don’t mess with our internal list directly. []
    • Replace some simple usages of str.format with Python ‘f-strings’ [] and make it easier to navigate to the main.py entry point [].
    • In the RData comparator, always explicitly return None in the failure case as we return a non-None value in the success one. []
    • Tidy some imports [][][] and don’t alias a variable when we do not use it. []
    • Clarify the use of a separate NullChanges quasi-file to represent missing data in the Debian package comparator [] and clarify use of a ‘null’ diff in order to remember an exit code. []
  • Other changes:

Jean-Romain Garnier also made the following changes:

  • Allow passing a file with a list of arguments via diffoscope @args.txt. (!62)
  • Improve the output of side-by-side diffs by detecting added lines better. (!64)
  • Remove offsets before instructions in objdump [][] and remove raw instructions from ELF tests [].

Other tools

strip-nondeterminism is our tool to remove specific non-deterministic results from a completed build. It is used automatically in most Debian package builds. In July, Chris Lamb ensured that we did not install the internal handler documentation generated from Perl POD documents [] and fixed a trivial typo []. Marc Herbert added a --verbose-level warning when the Archive::Cpio Perl module is missing. (!6)

reprotest is our end-user tool to build same source code twice in widely differing environments and then checks the binaries produced by each build for any differences. This month, Vagrant Cascadian made a number of changes to support diffoscope version 153 which had removed the (deprecated) --exclude-directory-metadata and --no-exclude-directory-metadata command-line arguments, and updated the testing configuration to also test under Python version 3.8 [].


Distributions

Debian

In June 2020, Timo Röhling filed a wishlist bug against the debhelper build tool impacting the reproducibility status of hundreds of packages that use the CMake build system. This month however, Niels Thykier uploaded debhelper version 13.2 that passes the -DCMAKE_SKIP_RPATH=ON and -DBUILD_RPATH_USE_ORIGIN=ON arguments to CMake when using the (currently-experimental) Debhelper compatibility level 14.

According to Niels, this change:

… should fix some reproducibility issues, but may cause breakage if packages run binaries directly from the build directory.

34 reviews of Debian packages were added, 14 were updated and 20 were removed this month adding to our knowledge about identified issues. Chris Lamb added and categorised the nondeterministic_order_of_debhelper_snippets_added_by_dh_fortran_mod [] and gem2deb_install_mkmf_log [] toolchain issues.

Lastly, Holger Levsen filed two more wishlist bugs against the debrebuild Debian package rebuilder tool [][].

openSUSE

In openSUSE, Bernhard M. Wiedemann published his monthly Reproducible Builds status update.

Bernhard also published the results of performing 12,235 verification builds of packages from openSUSE Leap version 15.2 and, as a result, created three pull requests against the openSUSE Build Result Compare Script [][][].

Other distributions

In Arch Linux, there was a mass rebuild of old packages in an attempt to make them reproducible. This was performed because building with a previous release of the pacman package manager caused file ordering and size calculation issues when using the btrfs filesystem.

A system was also implemented for Arch Linux packagers to receive notifications if/when their package becomes unreproducible, and packagers now have access to a dashboard where they can all see all their unreproducible packages (more info).

Paul Spooren sent two versions of a patch for the OpenWrt embedded distribution for adding a ‘build system’ revision to the ‘packages’ manifest so that all external feeds can be rebuilt and verified. [][]

Upstream patches

The Reproducible Builds project detects, dissects and attempts to fix as many currently-unreproducible packages as possible. We endeavour to send all of our patches upstream where appropriate. This month, we wrote a large number of these patches, including:

Vagrant Cascadian also reported two issues, the first regarding a regression in u-boot boot loader reproducibility for a particular target [] and a non-deterministic segmentation fault in the guile-ssh test suite []. Lastly, Jelle van der Waa filed a bug against the MeiliSearch search API to report that it embeds the current build date.

Testing framework

We operate a large and many-featured Jenkins-based testing framework that powers tests.reproducible-builds.org.

This month, Holger Levsen made the following changes:

  • Debian-related changes:

    • Tweak the rescheduling of various architecture and suite combinations. [][]
    • Fix links for ‘404’ and ‘not for us’ icons. (#959363)
    • Further work on a rebuilder prototype, for example correctly processing the sbuild exit code. [][]
    • Update the sudo configuration file to allow the node health job to work correctly. []
    • Add php-horde packages back to the pkg-php-pear package set for the bullseye distribution. []
    • Update the version of debrebuild. []
  • System health check development:

    • Add checks for broken SSH [], logrotate [], pbuilder [], NetBSD [], ‘unkillable’ processes [], unresponsive nodes [][][][], proxy connection failures [], too many installed kernels [], etc.
    • Automatically fix some failed systemd units. []
    • Add notes explaining all the issues that hosts are experiencing [] and handle zipped job log files correctly [].
    • Separate nodes which have been automatically marked as down [] and show status icons for jobs with issues [].
  • Misc:

In addition, Mattia Rizzolo updated the init_node script to suggest using sudo instead of explicit logout and logins [][] and the usual build node maintenance was performed by Holger Levsen [][][][][][], Mattia Rizzolo [][] and Vagrant Cascadian [][][][].



If you are interested in contributing to the Reproducible Builds project, please visit our Contribute page on our website. However, you can get in touch with us via:

17:21

Today in GPF History for Saturday, August 8, 2020 [General Protection Fault: The Comic Strip]

As Trudy confronts "Nick" about his actions on their business trip, Nega-Nick deftly weaves lies and half-truths to keep her off balance...

16:56

Link [Scripting News]

Today's album: Eat A Peach.

Link [Scripting News]

I bought a Pixel 4A with Google Fi.

Link [Scripting News]

Briefly discussed WordPress on Twitter last night with Don Park, long-time friend, ex-Automattician. I said I don't think they understand blogging there. Don says "members of WordPress community and employees of the company behind it use blogs all the time." I don't doubt it, yet I could never do what I do with Wordpress. Far too clumsy. Not fluid. Not designed for writers. Really weak product.

16:14

Link [Scripting News]

BingeWorthy 2 tease #1: A friend wants to watch something. They ask friends on Twitter or Facebook what to watch. You put together a short list of your favorites, the ones you can think of right now. There's got to be a better way, right?

Link [Scripting News]

Trump's failure of a "border wall" didn't protect the US from the virus or tunnels.

Link [Scripting News]

I heard yesterday on Clubhouse that people stopped reading my blog because of RSS. Interesting story. They subscribed in Google Reader. Stopped reading on the web. Then they shut down Google Reader. The people who were reading my blog and others before RSS, lost track of the feeds they were reading in Google Reader. There were other choices, but that doesn't change what happened. We are rebuilding slowly, because blogging is still a useful form of communication. My nightly email is the best way to get it, probably always was, even in the heyday of RSS. I have to admit reading this blog in RSS was never a great deal. I write one day at a time. I'd prefer if you read what was on the home page at midnight. That's how I write it. Since RSS is something I'm well-known for developing, I didn't want to say this too loudly. But RSS should have had a chance to grow, and it didn't. So it got stuck. Not really a surprise.

Link [Scripting News]

BTW one of the problems with the name Clubhouse is that it's impossible to remember. At least for me. I never had a problem like that with Twitter, and I was a very early user, as I am with CH.

15:35

Small Business Saturday: Ocean’s Originals [Whatever]

Hello, everyone! I hope you are all having a great Saturday. One thing that Saturdays are good for is shopping small! Which is why I’ve decided to start a new thing on here where, occasionally on Saturdays, I feature a small business that I think is awesome and highly recommend! Every business that I promote will be one that I personally have tried and/or used their products, so I actually know that what I’m recommending you is quality stuff supporting quality people!

To kick things off, I’d like to talk about Ocean’s Originals; a wonderful brand of all natural skincare and beauty products to amp up your self care routine. Not only is everything all natural, it’s also hella affordable! From lip tint to body scrub, cuticle balm to roller ball perfumes, she has such a nice variety of self-care products that I just adore.

I have bought from Ocean many times, and never regretted a single purchase. Everything feels so quality, not to mention smells totally amazing! Personally, my favorites out of what I’ve tried are probably the lip conditioners and the cuticle balm, but I also really like the lip scrubs and Luscious Lashes oil. Just to be clear, I have not tried all the products she offers! But I can totally vouch for the ones I have, as they have all been wonderful additions to my skincare regime.

Image of Lemon Lime Cuticle Balm

Here’s a few words from the creator herself:

My name is Ocean! I’m 22 & live in Illinois. I’ve been creating since October 2017. I love creating all types of self care items, especially lip care! I strive to be as eco friendly and low waste as possible in every aspect of my business! It’s extremely important to me to be low waste in every aspect & I’m actively finding ways to reduce waste while providing the best products!

Image

You can follow her on Twitter, Instagram, or check out her products at her website.

Image

Anyways, I hope you consider giving Ocean’s wonderful products a try, and I hope you have a great Saturday!

-AMS

15:28

Link [Scripting News]

We spend trillions on defense, but it doesn’t protect us against Russia or the virus. Humbly suggest perhaps we‘re spending all that money preparing for the wrong war.

14:42

President Trump thinks he can shut down WeChat: It won’t work [I, Cringely]

Forty-five days from now, we’re told, President Trump will shut down TikTok and WeChat.

TikTok, maybe, but WeChat? Impossible.

Everything Donald Trump understands about the Internet could fit in a thimble. He’s a reckless leader who isn’t bothered by things like, well, facts, so it shouldn’t be surprising that he expects to command WeChat into oblivion. But what will happen to his already limited Internet authority when that doesn’t work?

What Internet authority?

Trump has a chance of taking down TikTok, the short form video sharing site, because that service is dependent on advertising. He can force the app out of U.S. app stores (though not out of foreign ones) and he can cut off the flow of ad dollars… at least those dollars that flow through American pockets. But there are workarounds, I’m sure, even for TikTok and 45 days is a lot of time to come up with them. So maybe the service will be sold to Microsoft or maybe not. In either case I’m sure TikTok will survive in some form.

WeChat, on the other hand, will thrive.

WeChat, if you haven’t used it, is the mobile operating system for China. It’s an app platform in its own right that is used for communication, entertainment, and commerce. Imagine Facebook, LinkedIn, PayPal, Venmo, Skype, Uber, Gmail and eBay all in a single application. That’s WeChat. It’s even a third-party application platform, so while US banks operate on the Internet, Chinese banks operate on WeChat. Shutting WeChat down in the U.S. would be a huge blow to WeChat’s parent company, TenCent, and a huge blow to the Chinese diaspora. Except it won’t work.

To defeat President Trump, all WeChat users need is a Virtual Private Network and any WeChat users already in the U.S. already have a VPN to defeat the much more formidable Great Firewall of China. Whatever Trump thinks he can do is puny in comparison.

Back in 1998 I gave a speech to the North American Association of State and Provincial Lotteries at their annual meeting, held that year in Minneapolis. They gave me a hand-carved wooden duck decoy that’s on my bookshelf today. My topic back then was this thing called the Internet and what it would mean to state lotteries and legalized gambling in general. I told them it would rock their world. And it has.

What amazed me in 1998 was that the lottery folks weren’t Las Vegas-type gambling executives but more like the people down at the DMV — pleasant and chubby civil servants there to collect the money, thanks. They were secure in their local gambling monopolies and had no idea that some outfit in the Channel Islands could steal their customers with a game of online poker.

The state troopers would handle that problem, they thought, dimly. I could not possible be correct about Internet gambling.

I suggested fighting fire with fire — that the states promote their lotteries internationally, expanding their territories and making even more money. They looked at me like I had two heads.

Twenty-two years later along comes President Trump, sounding precisely like those NASPL people. He has no idea what he is talking about. And if he thinks he can bully TikTok into selling itself to Microsoft, that will only happen if that’s what TikTok wants to do… and the price is right.

Even then I expect Microsoft will get more (or less) than it is expecting.








Digital Branding
Web Design Marketing

11:35

Thorsten Alteholz: My Debian Activities in July 2020 [Planet Debian]

FTP master

This month I accepted 434 packages and rejected 54. The overall number of packages that got accepted was 475.

Debian LTS

This was my seventy-third month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 25.25h. During that time I did LTS uploads of:

  • [DLA 2289-1] mupdf security update for five CVEs
  • [DLA 2290-1] e2fsprogs security update for one CVE
  • [DLA 2294-1] salt security update for two CVEs
  • [DLA 2295-1] curl security update for one CVE
  • [DLA 2296-1] luajit security update for one CVE
  • [DLA 2298-1] libapache2-mod-auth-openidc security update for three CVEs

I started to work on python2.7 as well but stumbled over some hurdles in the testsuite, so I did not upload a fixed version yet.

This month was much influenced by the transition from Jessie LTS to Stretch LTS and one or another workflow/script needed some adjustments.

Last but not least I did some days of frontdesk duties.

Debian ELTS

This month was the twenty fifth ELTS month.

During my allocated time I uploaded:

  • ELA-230-1 for luajit
  • ELA-231-1 for curl

Like in LTS, I also started to work on python2.7 and encountered the same hurdles in the testsuite. So I did not upload a fixed version for ELTS as well.

Last but not least I did some days of frontdesk duties.

Other stuff

In this section nothing much happened this month. Thanks a lot to everybody who NMUed a package to fix a bug.

10:07

Don’t waste the lesson [Seth's Blog]

Things rarely turn out precisely the way we hoped.

Sometimes, if we’re lucky, we can figure out why.

If we find the lesson and learn from it, it might be even more valuable than if we’d simply gotten lucky.

06:07

Dirk Eddelbuettel: RVowpalWabbit 0.0.15: Some More CRAN Build Issues [Planet Debian]

Another maintenance RVowpalWabbit package update brought us to version 0.0.15 earlier today. We attempted to fix one compilation error on Solaris, and addressed a few SAN/UBSAN issues with the gcc build.

As noted before, there is a newer package rvw based on the excellent GSoC 2018 and beyond work by Ivan Pavlov (mentored by James and myself) so if you are into Vowpal Wabbit from R go check it out.

CRANberries provides a summary of changes to the previous version. More information is on the RVowpalWabbit page. Issues and bugreports should go to the GitHub issue tracker.

If you like this or other open-source work I do, you can now sponsor me at GitHub. For the first year, GitHub will match your contributions.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

François Marier: Setting the default web browser on Debian and Ubuntu [Planet Debian]

If you are wondering what your default web browser is set to on a Debian-based system, there are several things to look at:

$ xdg-settings get default-web-browser
brave-browser.desktop

$ xdg-mime query default x-scheme-handler/http
brave-browser.desktop

$ xdg-mime query default x-scheme-handler/https
brave-browser.desktop

$ ls -l /etc/alternatives/x-www-browser
lrwxrwxrwx 1 root root 29 Jul  5  2019 /etc/alternatives/x-www-browser -> /usr/bin/brave-browser-stable*

$ ls -l /etc/alternatives/gnome-www-browser
lrwxrwxrwx 1 root root 29 Jul  5  2019 /etc/alternatives/gnome-www-browser -> /usr/bin/brave-browser-stable*

Debian-specific tools

The contents of /etc/alternatives/ is system-wide defaults and must therefore be set as root:

sudo update-alternatives --config x-www-browser
sudo update-alternatives --config gnome-www-browser

The sensible-browser tool (from the sensible-utils package) will use these to automatically launch the most appropriate web browser depending on the desktop environment.

Standard MIME tools

The others can be changed as a normal user. Using xdg-settings:

xdg-settings set default-web-browser brave-browser-beta.desktop

will also change what the two xdg-mime commands return:

$ xdg-mime query default x-scheme-handler/http
brave-browser-beta.desktop

$ xdg-mime query default x-scheme-handler/https
brave-browser-beta.desktop

since it puts the following in ~/.config/mimeapps.list:

[Default Applications]
text/html=brave-browser-beta.desktop
x-scheme-handler/http=brave-browser-beta.desktop
x-scheme-handler/https=brave-browser-beta.desktop
x-scheme-handler/about=brave-browser-beta.desktop
x-scheme-handler/unknown=brave-browser-beta.desktop

Note that if you delete these entries, then the system-wide defaults, defined in /etc/mailcap, will be used, as provided by the mime-support package.

Changing the x-scheme-handler/http (or x-scheme-handler/https) association directly using:

xdg-mime default brave-browser-nightly.desktop x-scheme-handler/http

will only change that particular one. I suppose this means you could have one browser for insecure HTTP sites (hopefully with HTTPS Everywhere installed) and one for HTTPS sites though I'm not sure why anybody would want that.

Summary

In short, if you want to set your default browser everywhere (using Brave in this example), do the following:

sudo update-alternatives --config x-www-browser
sudo update-alternatives --config gnome-www-browser
xdg-settings set default-web-browser brave-browser.desktop

02:14

Jelmer Vernooij: Improvements to Merge Proposals by the Janitor [Planet Debian]

The Debian Janitor is an automated system that commits fixes for (minor) issues in Debian packages that can be fixed by software. It gradually started proposing merges in early December. The first set of changes sent out ran lintian-brush on sid packages maintained in Git. This post is part of a series about the progress of the Janitor.

Since the original post, merge proposals created by the janitor now include the debdiff between a build with and without the changes (showing the impact to the binary packages), in addition to the merge proposal diff (which shows the impact to the source package).

New merge proposals also include a link to the diffoscope diff between a vanilla build and the build with changes. Unfortunately these can be a bit noisy for packages that are not reproducible yet, due to the difference in build environment between the two builds.

This is part of the effort to keep the changes from the janitor high-quality.

The rollout surfaced some bugs in lintian-brush; these have been either fixed or mitigated (e.g. by disabling specified fixers).

For more information the Janitor's lintian-fixes efforts, see the landing page

01:35

Alexander Artemenko: macrodynamics [Planet Lisp]

Found a useful library for writing macro and using dynamic variables during expansion. I didn't try to figure out how does it work (yet) but decided to make a more visual example than the code from library's README.

Let's pretend we tried to write the code like this, manually placing h1, h2, h3, for headers:

POFTHEDAY> (spinneret:with-html-string
             (:h1 "Hello")
             (:h2 "World")
             (:p "This is an example"))
"<h1>Hello</h1>
 <h2>World</h2>
 <p>This is an example"

I'd like to write more semantic code separated into the sections:

POFTHEDAY> (spinneret:with-html-string
             (section "Hello"
               (section "World"
                 (:p "This is an example"))))
"<h1>Hello</h1>
 <h2>World</h2>
 <p>This is an example"

First, let's try to implement the section macro using Lisp's dynamic variable:

POFTHEDAY> (defmacro section (title &body body)
             (let* ((*level* (1+ *level*))
                    (tag-name (format nil "H~A" *level*))
                    (tag (alexandria:make-keyword tag-name)))
               `(spinneret:with-html
                  (,tag ,title)
                  ,@body)))

POFTHEDAY> (spinneret:with-html-string
             (section "Hello"
               (section "World"
                 (:p "This is an example"))))
"<h1>Hello</h1>
 <h1>World</h1>
 <p>This is an example"

This does not work.

Why did this happened? Let's add some logging to our macro function:

POFTHEDAY> (defmacro section (title &body body)
             (let* ((*level* (1+ *level*))
                    (tag-name (format nil "H~A" *level*))
                    (tag (alexandria:make-keyword tag-name)))
               (format t "Expanding section with level=~A~%"
                       *level*)
               `(spinneret:with-html
                  (,tag ,title)
                  ,@body)))

POFTHEDAY> (spinneret:with-html-string
             (section "Hello"
               (section "World"
                 (:p "This is an example"))))
Expanding section with level=1
Expanding section with level=1
Expanding section with level=1
Expanding section with level=1
Expanding section with level=1
Expanding section with level=1
"<h1>Hello</h1>
 <h1>World</h1>
 <p>This is an example"

Don't know why does it output 6 times instead of 2. But definitely, there is something wrong with our dynamic variable's value, isn't it?

Now let's use macrodynamics to define the variable, macro and the binding:

POFTHEDAY> (macrodynamics:def-dynenv-var *level* 0)

POFTHEDAY> (macrodynamics:def-dynenv-macro section (title &body body)
             (macrodynamics:ct-let ((*level* (1+ *level*)))
               (let* ((tag-name (format nil "H~A" *level*))
                      (tag (alexandria:make-keyword tag-name)))
                 (format t "Expanding section with level=~A~%"
                         *level*)
                 `(spinneret:with-html
                    (,tag ,title)
                    ,@body))))

POFTHEDAY> (spinneret:with-html-string
             (section "Hello"
               (section "World"
                 (:p "This is an example"))))
Expanding section with level=1
Expanding section with level=1
Expanding section with level=1
Expanding section with level=2
Expanding section with level=2
"<h1>Hello</h1>
 <h2>World</h2>
 <p>This is an example"

Wonderful! Now it works!

Update

@PuercoPop asked on Twitter if macrolet will be enough in the above example. I've tested this hypothesis and no, it is not suitable replacement for macrodynamics:

POFTHEDAY> (let ((level 0))
             (macrolet ((section (title &body body)
                         (let* ((level (1+ level))
                                (tag-name (format nil "H~A" level))
                                (tag (alexandria:make-keyword tag-name)))
                           (format t "Expanding section with level=~A~%"
                                   level)
                           `(spinneret:with-html
                              (,tag ,title)
                              ,@body))))
                (spinneret:with-html-string
                  (section "Hello"
                    (section "World"
                      (:p "This is an example"))))))

;; It ends with this error:

Execution of a form compiled with errors.
Form:
  (SECTION "Hello"
  (SECTION "World"
    (SPINNERET::WITH-TAG (:P)
      "This is an example")))
Compile-time error:
  during macroexpansion of
(SECTION "Hello"
  (SECTION "World"
    #)).
Use *BREAK-ON-SIGNALS* to intercept.

 The variable LEVEL is unbound.
 It is a local variable not available at compile-time.

01:28

Antonio Terceiro: When community service providers fail [Planet Debian]

I'm starting a new blog, and instead of going into the technical details on how it's made, or on how I migrated my content from the previous ones, I want focus on why I did it.

It's been a while since I have written a blog post. I wanted to get back into it, but also wanted to finally self-host my blog/homepage because I have been let down before. And sadly, I was not let down by a for-profit, privacy invading corporation, but by a free software organization.

The sad story of wiki.softwarelivre.org

My first blog that was hosted in a blog engine written by me, which was hosted in a TWiki, and later Foswiki instance previously available at wiki.softwarelivre.org, hosted by ASL.org.

I was the one who introduced the tool to the organization in the first place. I had come from a previous, very fruitful experience on the use of wikis for creation of educational material while in university, which ultimately led me to become a core TWiki, and then Foswiki developer.

In 2004, I had just moved to Porto Alegre, got involved in ASL.org, and there was a demand for a tool like that. 2 years later, I left Porto Alegre, and some time after that the daily operations of ASL.org when it became clear that it was not really prepared for remote participation. I was still maintaing the wiki software and the OS for quite some years after, until I wasn't anymore.

In 2016, the server that hosted it went haywire, and there were no backups. A lot of people and free software groups lost their content forever. My blog was the least important content in there. To mention just a few examples, here are some groups that lost their content in there:

  • The Brazilian Foswiki user group hosted a bunch of getting started documentation in Portuguese, organized meetings, and coordinated through there.
  • GNOME Brazil hosted its homepage there until the moment the server broke.
  • The Inkscape Brazil user group had an amazing space there where they shared tutorials, a gallery of user-contributed drawings, and a lot more.

Some of this can still be reached via the Internet Archive Wayback Machine, but that is only useful for recovering content, not for it to be used by the public.

The announced tragedy of softwarelivre.org

My next blog after that was hosted at softwarelivre.org, a Noosfero instance also hosted by ASL.org. When it was introduced in 2010, this Noosfero instance became responsible for the main domain softwarelivre.org name. This was a bold move by ASL.org, and was a demonstration of trust in a local free software project, led by a local free software cooperative (Colivre).

I was a lead developer in the Noosfero project for a long time, and I was also involved in maintaining that server as well.

However, for several years there is little to no investment in maintaining that service. I already expect that it will probably blow up at some point as the wiki did, or that it may be just shut down on purpose.

On the responsibility of organizations

Today, a large part of wast mot people consider "the internet" is controlled by a handful of corporations. Most popular services on the internet might look like they are gratis (free as in beer), but running those services is definitely not without costs. So when you use services provided by for-profit companies and are not paying for them with money, you are paying with your privacy and attention.

Society needs independent organizations to provide alternatives.

The market can solve a part of the problem by providing ethical services and charging for them. This is legitimate, and as long as there is transparency about how peoples' data and communications are handled, there is nothing wrong with it.

But that only solves part of the problem, as there will always be people who can't afford to pay, and people and communities who can afford to pay, but would rather rely on a nonprofit. That's where community-based services, provided by nonprofits, are also important. We should have more of them, not less.

So it makes me worry to realize ASL.org left the community in the dark. Losing the wiki wasn't even the first event of its kind, as the listas.softwarelivre.org mailing list server, with years and years of community communications archived in it, broke with no backups in 2012.

I do not intend to blame the ASL.org leadership personally, they are all well meaning and good people. But as an organization, it failed to recognize the importance of this role of service provider. I can even include myself in it: I was member of the ASL.org board some 15 years ago; I was involved in the deployment of both the wiki and Noosfero, the former as a volunteer and the later professionally. Yet, I did nothing to plan the maintenance of the infrastructure going forward.

When well meaning organizations fail, people who are not willing to have their data and communications be exploited for profit are left to their own devices. I can afford a virtual private server, and have the technical knowledge to import my old content into a static website generator, so I did it. But what about all the people who can't, or don't?

Of course, these organizations have to solve the challenge of being sustainable, and being able to pay professionals to maintain the services that the community relies on. We should be thankful to these organizations, and their leadership needs to recognize the importance of those services, and actively plan for them to be kept alive.

00:42

Microsoft signals renewed interest in Windows with latest reshuffle [OSnews]

The Verge reports:

The software giant placed Surface chief Panos Panay in charge of Windows earlier this year, and is now reshuffling parts of that team. It follows Microsoft’s decision to slice Windows into two parts more than two years ago after the departure of former Windows chief Terry Myerson. Microsoft moved core Windows development to a cloud and AI team (Azure), and created a new group to work on Windows 10 “experiences” like apps, the Start menu, and new features.

Now, Microsoft is moving parts of Windows development back under Panos Panay’s control. Specifically, that means the Windows fundamentals and developer experience teams have been returned to what we traditionally call the Windows team. It’s an admission that the big Windows split didn’t work quite as planned. We’ve seen plenty of evidence of that with a messy development experience for Windows 10, delayed Windows updates, a lack of major new features, and lots of Windows update issues recently.

That’s a lot of reshuffling, but I wonder what the purpose of it all really is. It seems most Windows users want Windows to just be… Windows. They don’t want ‘modern’ apps forced upon them, they don’t want touch-optimised user interfaces, they don’t want application stores, and they certainly don’t want Windows anywhere else but their desktops and laptops. How much freedom to push the Windows platform forward do you really have when all users want is to run the same set of Win32 applications in perpetuity?

They’ve tried creating a version of Windows only capable of running ‘modern’ apps, and it failed twice (and a third attempt is on the way). They tried combining the two into one with an adaptable UI – and everybody hated it. They’ve been trying to just kind of coast by on Windows 10, and as the above article notes, it’s been quite problematic. They’ve tried to put full Windows on phonestwice! – and nobody wanted that either.

What other options remain?

Next step in SSD evolution: NVMe zoned namespaces explained [OSnews]

In June we saw an update to the NVMe standard. The update defines a software interface to assist in actually reading and writing to the drives in a way to which SSDs and NAND flash actually works.

Instead of emulating the traditional block device model that SSDs inherited from hard drives and earlier storage technologies, the new NVMe Zoned Namespaces optional feature allows SSDs to implement a different storage abstraction over flash memory. This is quite similar to the extensions SAS and SATA have added to accommodate Shingled Magnetic Recording (SMR) hard drives, with a few extras for SSDs. ‘Zoned’ SSDs with this new feature can offer better performance than regular SSDs, with less overprovisioning and less DRAM. The downside is that applications and operating systems have to be updated to support zoned storage, but that work is well underway.

Some light reading heading into the weekend.

00:14

Page 42 [Flipside]

Page 42 is done.

Friday, 07 August

23:56

22:14

Friday Squid Blogging: New SQUID [Schneier on Security]

There's a new SQUID:

A new device that relies on flowing clouds of ultracold atoms promises potential tests of the intersection between the weirdness of the quantum world and the familiarity of the macroscopic world we experience every day. The atomtronic Superconducting QUantum Interference Device (SQUID) is also potentially useful for ultrasensitive rotation measurements and as a component in quantum computers.

"In a conventional SQUID, the quantum interference in electron currents can be used to make one of the most sensitive magnetic field detectors," said Changhyun Ryu, a physicist with the Material Physics and Applications Quantum group at Los Alamos National Laboratory. "We use neutral atoms rather than charged electrons. Instead of responding to magnetic fields, the atomtronic version of a SQUID is sensitive to mechanical rotation."

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

21:28

[$] 5.9 Merge window, part 1 [LWN.net]

As of this writing, just over 3,900 non-merge changesets have been pulled into the mainline repository for the 5.9 kernel development cycle. While this merge window has just begun, there is already a significant set of new features to point out.

20:00

19:56

Knauth elected Free Software Foundation president; Bénassy joins board [LWN.net]

The Free Software Foundation (FSF) has announced that Geoffrey Knauth has been elected president, and free software activist and developer Odile Bénassy has been appointed to the board of directors. Knauth is replacing Richard Stallman who resigned last year. In Knauth's statement, he said: "The FSF board chose me at this moment as a servant leader to help the community focus on our shared dedication to protect and grow software that respects our freedoms. It is also important to protect and grow the diverse membership of the community."

18:49

News Post: Belt Fed [Penny Arcade]

Tycho: One more index of these corrupted times is that, like some Stygian behemoth, dreaded continuity has reared at least one of its monstrous heads. It's true that Mark and I haven't been in the same room together since PAX, it occurs to me now that this period of isolation might essentially have started for many of us at the same time. It's a blessing that many of us were able to attend what I have come to call The Last Convention; maybe we were able to store up whatever nutrient we get from such things. So, yes. While it is true that the PAX East Omegathon was the last time we…

18:35

August 2020 Humble Choice Games [Humble Bundle Blog]

August 2020’s Humble Choice selections are here! This month’s lineup includes twelve fun games to choose from!  Vampyr Hello Neighbor

Continue reading

The post August 2020 Humble Choice Games appeared first on Humble Bundle Blog.

Covid-19 and factories [Richard Stallman's Political Notes]

*A garment factory supplying Gap, American Eagle and Amazon was at the centre of one of the worst Covid-19 outbreaks in Guatemala.* Over 200 people there contracted the disease.

Tax on wealth gains [Richard Stallman's Political Notes]

Sanders proposes a 60% tax on the wealth gains of billionaires.

In principle, income tax ought to be able to do the same job. But they have ways of putting their gains outside income tax. If this method gets the job done, and is simpler to enact, I see no reason not to do it.

NRA accused of fraud [Richard Stallman's Political Notes]

New York State has accused the National Rifle Association of fraud and seeks to dissolve it.

Shutting down parties [Richard Stallman's Political Notes]

Los Angeles will shut off the water and electricity to mansions that hold large parties, since they threaten public health.

With Covid-19 running rampant in that region, this is justified and necessary.

Tuberculosis houses [Richard Stallman's Political Notes]

During the great depression of the 1930s, some US states distributed tiny houses where a family member sick with tuberculosis could live and avoid transmitting it to the rest of the family. This was part of FDR's New Deal.

Why not do the same now for Covid-19?

The job would be easier now, since Covid-19 will usually stop being contagious after a few weeks. The state could then retrieve the no-longer-needed tiny house and autoclave it, and provide it to someone else.

The article calls this "learned helplessness", but I think it is intentional sabotage on the part of the Republicans. Then have done plenty to demonstrate their ill will in dealing with Covid-19.

Lifetime voting ban on felony [Richard Stallman's Political Notes]

*Iowa ends lifetime voting ban on people with felony convictions.* No US state now formally has such a ban, but Florida's Republicans have constructed an excuse to partially continue it by disenfranchising them until they pay all fees or fines.

Will Floridians run another ballot petition to insist that the previous one means what it says?

Antitrust laws [Richard Stallman's Political Notes]

US antitrust law used to prohibit "vertical integration". If we bring that back, it would prohibit a product from depending unavoidably on an online service set up by the same company. At least, for large companies.

I think we should prohibit it separately, so that the prohibition applies to small companies too.

Simple fuck up [Richard Stallman's Political Notes]

(satire) *White House officials reportedly breathed a sigh of relief Tuesday after Tropical Storm Isaias gave them a simple, run-of-the-mill hurricane relief effort to fuck up.*

Electing autocratic president [Richard Stallman's Political Notes]

Sri Lanka seems to be trying hard to let people vote despite Covid-19, but its president has been increasingly autocratic.

When his brother Mahinda Rajapaksa was president, he had his critics murdered, including the famous journalist Lasantha Wickramatunga, who forecast he would be murdered.

18:00

Link [Scripting News]

What can be gleaned from Thighland and Yo Semite. Trump has a reading comprehension level of a child.

17:42

Security updates for Friday [LWN.net]

Security updates have been issued by CentOS (firefox, java-1.8.0-openjdk, java-11-openjdk, libvncserver, postgresql-jdbc, and thunderbird), Debian (firejail and gupnp), Fedora (cutter-re, postgresql-jdbc, radare2, and webkit2gtk3), openSUSE (chromium, firefox, kernel, and python-rtslib-fb), Oracle (container-tools:ol8, kernel, and nss and nspr), Scientific Linux (thunderbird), and SUSE (firefox, kernel, postgresql10 and postgresql12, python-ipaddress, and xen).

Today in GPF History for Friday, August 7, 2020 [General Protection Fault: The Comic Strip]

"James Baud" and his two companions arrive in Istanbul, hot on the trail of the nefarious "Moldfinger". However, there are kidnappers and horrible puns afoot...

17:14

Link [Scripting News]

What Trump is doing now is worse than dropping an atomic bomb on the US. That's how it should be reported on the news. We need some scientists we trust to say that and to make that the news. Because it is the news.

Schools are like nursing homes [Scripting News]

Schools are like nursing homes only worse.

A virus's success at infecting targets depends on a lot of factors, one of which is what it does to most of the people it infects.

  • If it quickly incapacitates or kills most of them, they can't easily pass on the infection, so the virus grows slowly. Ebola is like that.
  • If it kills none of them, and if they don't get symptoms, they just go on as normal, everyone gets infected and the virus dies quickly, running out of targets to infect.
  • The worst case is if the virus, when it infects people, has few symptoms at first, and a relatively long incubation, like Covid-19.

The more people the infected people come in contact with, and the more transmissible the virus, the faster it grows. Schools, like nursing homes are excellent distribution centers. Indoors, crowded, proper distancing is impossible. Even worse if they're not wearing masks, as in Georgia.

In nursing homes most of the targets are old or sick or they wouldn't be in a nursing home. The workers come and go so they distribute the virus out of the home. Just like a school. In a school everyone goes in and out. And a lot of them don't get sick, so they are excellent distributors, unlike the sick and old people in nursing homes who don't move around much.

It's basically math at that point. The more infected people there are in the population, moving around, doing stuff, the more people will become infected. Not just their parents and grandparents as they say on CNN. Everyone.

We've been so careful to keep kids from congregating, but that's over now. We might as well open the bars 24 hours a day, because compared to what the schools will do, people should be allowed one final bender before this wall of virus hits us.

People act as if it's only the people in schools and their immediate families that will be hurt by this. Wrong. Everyone will be hurt. Even going to the supermarket with the kind of density we'll be seeing will be chancy.

News Post: Drawn Together [Penny Arcade]

Gabe: I thought it might be funny to draw Gabe and Tycho social distancing in the strip. This was not long after we got back from PAX East and none of us had any idea how long this would last. Well it’s been five months now and I’m sick of drawing characters talking into phones. I hope that if you have been taking your public safety cues from our comic strip, you will continue to socially distance and please wear a mask if you’re out and about. With that said, these cartoon characters are going to take advantage of the fact that they don’t exist in this nightmare realm of…

16:56

Friday Larchive – Larney Tunes [Looking For Group]

Fridays, we open the Larchives, Lar’s extensive archive of art work oddities, and share a few pieces. Sometimes there will be a theme, or a reason behind the choices. Other times there will be none. Today’s theme is Lar Looney […]

The post Friday Larchive – Larney Tunes appeared first on Looking For Group.

Stable kernels 5.7.14, 5.4.57, 4.19.138, and 4.14.193 [LWN.net]

Greg Kroah-Hartman has released the 5.7.14, 5.4.57, 4.19.138, and 4.14.193 stable kernels. As usual, these contain lots of important fixes throughout the tree; users should upgrade.

Pluralistic: 07 Aug 2020 [Pluralistic: Daily links from Cory Doctorow]


Today's links



Satanic Abortions cut through unconstitutional abortion laws (permalink)

States across the US have enacted cruel, unconstitutional abortion laws that require doctors to sexually assault women seeking abortions and lie to them about the health impacts of abortion. Some laws require funerals for foetal remains.

These laws were pushed by ALEC, the corporate-backed "legislative exchange" that pushes "model legislation" through a network of slick lobbyists in state-houses across the country. ALEC purports to be in favor of "liberty" and "small government."

Enter the Satanic Temple, a federally recognized religion whose members do not believe in Satan or supernatural phenomena. They believe "that religion can, and should, be divorced from superstition."

The Temple has a fantastic schtick. They go to places where christofascists have gotten laws passed that shove their weird, apostate version of "Christianity" down everyone else's throats and point out that the First Amendment requires nondiscrimination among faiths.

Wanna put a giant stone Ten Commandments in front of your courthouse? Sure. But they're gonna put a giant statue of Baphomet right next to it. The court challenges they mount aren't cheap, but they're slam dunks. The US Constitution is pretty clear on this.

Now, in 1993, Chuck Schumer sponsored the "Religious Freedom Restoration Act" which lets Americans sue governments over laws that "substantially burdens a person's exercise of religion."

https://www.congress.gov/bill/103rd-congress/house-bill/1308

Religious maniacs love the RFRA and its progeny, like SCOTUS's Hobby Lobby decision, which broadened the RFRA's provisions and allowed corporations to claim exemptions from Rendering Unto Caesar where that interfered with the owners' faith.

https://en.wikipedia.org/wiki/Burwell_v._Hobby_Lobby_Stores,_Inc.

Guess what you get when you combine the RFRA, ALEC's restrictive abortion laws, and the Satanic Temple?

That's right…Satanic Abortions.

https://announcement.thesatanictemple.com/rrr-campaign41280784

A Satanic Abortion is a religious ritual that is totally indistinguishable from a normal, medical abortion, except that the participant says a few self-affirming words about her bodily autonomy.

Oh, also: the ritual absolutely forbids, as a bedrock matter of religous conviction, any waiting periods, the withholding of medically necessary advice, mandatory counseling, required readings, and unnecessary sonograms.

Also forbidden: mandatory fetal heartbeat listening sessions and compulsory fetal burials.

If you want an abortion and the doctor tries this bullshit, hand them one of these exemption letters explaining how the law doesn't apply thanks to the RFRA.

https://www.dropbox.com/s/mup4nee1n9wkvqb/Religious%20Abortion%20Exemption%20Letter.pdf

Now, the religious right could fight this. But if they win…they overturn the RFRA, and Hobby Lobby has to provide its employees with contraception and all the other theocratic exemptions go poof, too.

The Temple is pretty amazing. Here's some highlights of their previous campaigns:

"Publicly confronted hate groups, fought for the abolition of corporal punishment in public schools, applied for equal representation when religious installations are placed on public property, provided religious exemption and legal protection against laws that unscientifically restrict women's reproductive autonomy, exposed harmful pseudo-scientific practitioners in mental health care, organized clubs alongside other religious after-school clubs in schools besieged by proselytizing organizations, and engaged in other advocacy in accordance with our tenets."



Restore the Office of Technology Assessment (permalink)

Remember back in 2018 when Mark Zuckerberg appeared before the Senate and was asked the dumbest-ass questions you've ever heard? You know, the "We sell ads, Senator" hearings?

https://www.vanityfair.com/news/2018/04/zuckerbergs-interrogation-turns-into-tech-support

Congress aren't fucking idiots on tech by accident – they were lobotomized by Newt Gingrinch in 1995, when the "Contract With America" killed the nonpartisan Office of Technology Assessment, which spent peanuts producing cogent, neutral reports explaining tech to lawmakers.

But hey, no biggie. It's not like Congress needs to be well-briefed on tech in the Twenty-First Century, right?

Shit.

Well, it's OK. Congress can just get briefed by lobbyists. That'll work, right?

Shit.

There have been years worth of bipartisan efforts to restore the OTA, prising lose (checks notes) $6m.

https://www.techdirt.com/articles/20190510/14433442180/broad-coalition-tells-congress-to-bring-back-office-technology-assessment.shtml

Now Ralph Nader and colleagues have petitioned Nancy Pelosi to just DO IT, unilaterally, with a "unicameral fund" (that is, with Congress's own budget, not even bothering to ask the Senate). OTA's getting $21m now. They need lots more. It's a bargain.

https://www.corporatecrimereporter.com/news/200/ralph-nader-and-colleagues-call-on-nancy-pelosi-to-revive-office-of-technology-assessment/

As Nader & co explain, killing OTA was "an open sesame for unscrupulous corporations that arrested prudent ways to avert trillions in waste, perils to Americans and other peoples abroad, and resulted in bad, dangerous decisions that have ramifications to this day."

As Aaron Swartz said: "In the 21st Century, it's no longer OK to not understand technology."

(Image: IowaPolitics.com, CC BY-SA, modified)



US plummets below Russia and Mexico in global misery index (permalink)

Bloomberg's Misery Index tracks unemployment and inflation and ranks 60 countries year on year. America just tumbled 25 spots, from the 50th least-miserable nation to the 25th, slipping below Mexico and Russia.

https://www.bloombergquint.com/global-economics/misery-ranking-will-show-u-s-getting-worse-versus-rest-of-world

Writing in the New Yorker, Masha Gessen describes what happens when a "great power" collapses: "Why America Feels Like a Post-Soviet State."

https://www.newyorker.com/news/our-columnists/why-america-feels-like-a-post-soviet-state

It's the nagging sense that any statistics are distorted to make the people at the top feel good about their performance, and to give their quackspeaking useful idiots something to shout when anyone criticizes the system.

(think of Trump's covid "statistics")

It's the sense that, without data, and under pressure to hit meaningless targets, our institutions CAN'T perform: think of schools reopening, Deborah Birx toeing the party line.

It's the sense that you're being led by a Mafia boss without a Mafia and the sense that the rich live in a completely separate system from the rest of us, insulated from the depredations and fears that keep the rest of us up at night.

America wasn't the only country that slipped in the misery rankings, but its fall was much harder than other backsliders, like Iceland, Israel and Panama.

Tired of winning yet?



Novartis's $678m bribery scandal (permalink)

For years, the pharma giant Novartis ran a "speaker program" that laundered vast payments to doctors – speaking fees, trips, top-shelf booze, strip club nights and fancy meals – in exchange for overprescription of its products.

https://www.corporatecrimereporter.com/news/200/james-e-miller-on-the-678-million-novartis-false-claims-settlement/

This was common knowledge, but it wasn't until the Novartis sales rep Oswald Bilotta blew the whistle in 2009 that the company faced legal jeopardy. Now the company has settled with the SDNY for $678m (Bilotta could get as much as $75m of that).

Novartis's bribery was unbelievably blatant and tawdry: picking up the catering bill for a doc's son's Bar Mitzvah? Really? You're not even pretending it's anything but a bribe at that point.

https://www.nbcnews.com/business/economy/it-was-his-dream-job-he-never-thought-he-d-n1232971

The fine is satisfying, but honestly, the company should be shut down and its operations nationalized, and the doctors involved should be – at the minimum – barred from prescribing without oversight from another doc (most of them should be struck off altogether).

This kind of corruption is why we have anti-vax, mask denial, and other forms of epistemological crisis. Very few of us are qualified to review the evidence in pharma research, so when our doc prescribes to us, we are trusting the process as much as the doc.

Anti-vaxers and mask-deniers' claim goes like this: pharma, big health, and docs only care about money. The regulators are either wilfully ignorant or actively complicit. They would all conspire to get you to take unnecessary or even dangerous steps if it enriched them.

Therefore, you should not vaccinate your kid, disbelieve the science on covid, etc etc.

The first part isn't wrong. From the Sacklers' corruption and profiteering on opioids to Novartis's decades of bribery, the evidence is undeniable.

Which leaves us in an epistemological void. Either you go and master cell biology, epidemiology, and statistics, or you just have to make up your own mind about which parts of the medical consensus are genuine and which parts are corrupt.

You're just throwing darts at that point. The fact that Novartis is still in business, that its execs are not facing criminal sanctions, that the docs it bribed are still writing scrips – all of that tells you that the system is not reliable.

In the face of an unreliable system, all you've got is your gut. That is unsustainable. At best, it kicks off measles epidemics in Southern California. At worst, it makes it impossible to address the covid pandemic.

The people involved in this scandal committed literal crimes against humanity. They should not be allowed to keep a single penny of their wealth, and should not be allowed to make a single decision that affects the public, ever again.



California DMV's $50m/year data selloff (permalink)

California's DMV makes $50m/year selling drivers' license data, but will not say who's buying it. California Members of Congress and state legislators have written to the agency demanding answers.

https://www.vice.com/en_us/article/jgxanx/lawmakers-california-dmv-selling-data

California's DMV is hardly alone in selling the data we are compelled to provide to it. Florida will sell your data to brokers for $0.01 – these brokers, in turn, sell it on to just about anyone.

https://www.wxyz.com/news/national/florida-is-selling-drivers-personal-information-to-private-companies-and-marketing-firms

The letter to the California DMV asks for an accounting of the past three years' worth of data sales, but such an accounting won't tell us who those customers sold the data onto.

https://www.documentcloud.org/documents/7016416-Cal-DMV-Privacy-Letter-Signed-8-5-20.html



This day in history (permalink)

#10yrsago The Last Musketeer: whimsical, dreamlike, delightful comic https://boingboing.net/2010/08/08/the-last-musketeer-w.html

#1yrago Monsanto ran a psy-ops war-room to discredit journalists and spy on Neil Young https://www.theguardian.com/business/2019/aug/07/monsanto-fusion-center-journalists-roundup-neil-young

#1yrago Wisconsin commissioned an independent report on how to fix the Foxconn deal. Result: it can't be done. https://www.theverge.com/2019/8/6/20747166/wisconsin-foxconn-deal-state-report-lcd-factory-innovation-centers

#1yrago As New York State's shareholder suit against Big Oil for climate denial proceeds, Exxonmobil caught intimidating witnesses https://insideclimatenews.org/news/06082019/exxon-climate-fraud-investigation-witness-pressure-investors-new-york-attorney-general

#1yrago After student arrested for carrying laser-pointers, Hong Kong protesters stage "stargazing" laser-protest https://www.bbc.com/news/av/world-asia-49280030/hong-kong-demonstrators-use-laser-pointers-in-anti-government-protest

#1yrago Billions on the line as Facebook loses appeal over violating Illinois facial recognition law https://www.theverge.com/2019/8/8/20792326/facebook-facial-recognition-appeals-decision-damages-payment-court



Colophon (permalink)

Today's top sources: JWZ (http://www.jwz.org/blog/), Naked Capitalism (https://www.nakedcapitalism.com/), Slashdot (https://slashdot.org/)

Currently writing:

  • My next novel, "The Lost Cause," a post-GND novel about truth and reconciliation. Yesterday's progress: 620 words (46709 total).

Currently reading: The Deficit Myth, Stephanie Kelton

Someone Comes to Town, Someone Leaves Town (part 12), https://craphound.com/podcast/2020/08/03/someone-comes-to-town-someone-leaves-town-part-12/

Upcoming appearances:

Latest book:

Upcoming books:


This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.


How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/web/accounts/303320

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

When life gives you SARS, you make sarsaparilla -Joey "Accordion Guy" DeVilla

16:49

Oh, Christ, Not the Science Fiction Canon Again [Whatever]

Ugh, we’re talking about the “canon” of science fiction literature, again, for reasons (most imminently the recent Hugo award ceremony and its fallout), and whether, basically, newer writers and readers should and must slog through a bunch of books in the genre that are now half a century old at least, from a bunch of mostly male, mostly white, mostly straight writers who are, shall we say, not necessarily speaking to the moment.

I’ve essayed this before, because I’m me, but here’s my newest set of thoughts on the matter, also because I’m me. Ready? Here we go:

As a practical matter, the science fiction “canon” is already dead.

There are at least two generations of adults now, and two generations of genre writers, who didn’t grow up on it and fundamentally don’t care about it. Long gone are the days where a kid’s first introduction to the genre was a Heinlein or Asimov novel, smuggled out of the adult fiction section of the library or bookstore like samizdat. The Kids These Days got their start reading genre through the YA section and grew up on Rowling and Collins and Westerfeld and Black and Pierce and Snicket, and got their science fiction through film and TV and video games and animation and comics as much as if not more than from books.

I repeat: They don’t care about “the canon.” Why should they? What they grew up with was sufficient for what they needed — to be entertained when they became readers and fans, and to be inspired if they became creators and writers. The writers they read spoke to them directly, because the art was new and it was theirs, not their parents’ or grandparents’. And while one might sniffily declare that what those YA authors were doing had been done before, by [insert spreadsheet of who who did what first in genre, which in itself is probably incomplete and therefore incorrect], no one cares. For readers and developing writers, it doesn’t matter who got there first, it matters who is there now, when those readers (and writers) are developing their own tastes and preferences, and claiming their own heroes and inspirations, both in fiction and in terms of the people writing it.

Also, here’s a news flash: even those of us who are old enough that the “canon” might have some actual relevance to our development as writers didn’t necessarily have that much reverence for it back then. Look, I’m fifty fucking one, and when I was younger, the “canonical” writers and works were already old. I liked some of them — Heinlein is an obvious one for me, Bradbury a less obvious one, and I enjoyed Piper in parts and Herbert for the length of Dune — but a lot of the rest of them were just not that interesting to me, nor would I consider them significant influences on me as a writer.

There are writers outside the field who are much more influential on how I write — Gregory Mcdonald and William Goldman and Nora Ephron, to name three — than pretty much any “canonical” SF writer other than Heinlein. What’s more, you could fill a library with all the “foundational” science fiction authors and books I haven’t read, and an even larger one with the writers that I read a couple things by, and went “meh,” and never read them again.

Who in genre was influential to me as a writer? Well, in high school and college, and in no particular order:

(sucks in a breath)

Varley and Brust and Adams and Gibson and Butler and Le Guin and Card and Gaiman and Stephenson. Alan Dean Foster, who seemingly put out a novel every month, was my go to sci-fi candy as a teenager. Ariel, by Steven Boyett, was hugely inspirational to me because it was fun and also written by someone who was still a teenager at the time. At the very end of my formative period came Tepper and Simmons.

None of these writers were “canonical” at the time, either (well, Le Guin was) — they were just who was writing then, putting out the new stuff that I would snap up and enjoy. I wasn’t spending much time going into the classics of the genre; I wasn’t shunning it, but these contemporary writers were just more interesting to me, and felt more relevant to my own life.

And yes, I knew a few science fiction nerds at the time who would try to shame me for not liking some classic writer (or at least someone who they considered a classic). My usual reaction would be to shrug, because I liked what I liked and that was fine (I was, however, more receptive to the enthusiastic SF nerd who instead of shaming said “Oooh! If you like that then you’ll like this!” Which is how I met Stephenson and Simmons, as two examples).

The point here is that even for me, who is a straight white dude in his fifties and who is deeply into the middle of a long and unquestionably successful career as a science fiction author — who is indeed in many respects the very model of a popular, mainstream genre writer — the canon of science fiction, the “golden age” of science fiction, was not (and is not!) essential, either as a reader, or later as a writer. I don’t feel bad about skipping a lot of that stuff back then, and at this point, the chance I’ll go back to read a lot of it now is pretty damn slim, because I’d rather keep up with what my contemporaries are writing, and be influenced by them.

That being the case, what is the argument for saying writers in their forties, or thirties, or twenties, need to offer fealty to a “canon” of genre work? It’s not necessary, practically, commercially or artistically, and at this point maintaining that it is only serves the function of being an increasingly inefficient method of gatekeeping by an ever-shrinking group. The moment of the canon as (effective) social cudgel has passed, because, again, younger writers and readers simply, and correctly, don’t care.

Now, is it useful to have a knowledge of the works and writers that have been influential over the length and breadth of the genre? Sure, if your interests run in that direction, and you want to grasp the history of the genre for your own purposes. Do these “canonical” works and writers still have value and interest to modern writers and readers? Indeed they may! We all get to choose our influences, and some of them might be from this group.

Should these canonical writers and works be tossed aside merely because they are old? Well, no; if they are to be tossed aside, it should be because they are not relevant to the particular reader. But: that also does not oblige the reader to pick up those works for any purpose but their own; if they don’t have such a purpose, down to and including mere idle interest, then it’s all right to let that book sit. “Not picked up” is existentially different than “tossed aside.”

Moreover, the days of certain works and writers being accepted more or less uncritically as “the canon” are well and truly gone. I mean, let’s face it, these “canonical” writers and works were always being called on their bullshit — see the New Wave of Science Fiction for that, which these days has its own bullshit to be called on as well — but the last few crops of writers, with no fealty to the canon or its makers, are especially not here for it. This is deeply uncomfortable for a lot of people! The whole point of having a canon is that it’s supposed to be more or less settled!

The question then, however, is: Settled by whom? And for what purpose? “The canon” didn’t just somehow happen. It is a result of choices — choices made by editors to favor some writers and viewpoints, and by readers and self-selected fans, to choose some of these previously-selected works and writers for canonization. The writers and readers today gave no assent or consent to these choices, and their choices may well be different: They may choose different writers and works to canonize, point out the problematic aspects of “canonized” creators and works and the gatekeepers who chose them — and, importantly, may reject the idea of the canonization of works and writers at all, because intentionally or otherwise, it’s an attempted system of control and a process of putting some people and works “in” and some “out.”

Which is not a bad idea! Maybe — here’s a thought, not at all original to me but one I’m happy to amplify now — we should just abandon the idea that science fiction requires a canon. Because, again, as a practical matter for current readers and writers, it doesn’t have one, and doesn’t need one. Moreover, pinning a fandom identity to works and writers that as a group have little relevance to contemporary readers and writers seems to be resulting mostly in annoyance, schism and, so as to not paper over the issue with too-mild words, an unexamined acceptance of a shitload of bigotry and exclusion that shaped that “canon” in the first place.

So, yeah: Drop it. Make the work and writers stand or fall on their own merits, to the modern writers and readers comprising who the science fiction field is today.

You know what will happen? Some works and writers will rise, some will fall, some will be rediscovered and some will be consigned to the archives, possibly forever. No canon, just a field forever in conversation with itself, choosing its conversational partners from its past rather than having them assigned from a list.

Because, again: that’s what’s actually happening. We might as well own up to it.

— JS

16:28

Library of Conjoin – DORK TOWER 7.08.20 [Dork Tower]

Dork Tower now Monday/Wednesday/Friday, thanks to reader support.  The next goal is a large-format Sunday strip! Help us reach four Dork Towers a week! You’ll get swag, commentary, bonus strips, community…and our everlasting gratitude! Enlist in the the Army of Dorkness today!

16:07

How do I make my accelerators apply only when used in the main window and not when the user is using a modeless dialog? [The Old New Thing]

A customer had a main window and defined some keyboard accelerators for it. One of the accelerators calls up a modeless dialog box. The problem is that even when focus was in the modeless dialog box, the keyboard accelerators for the main window were still active. How can you disable the keyboard accelerators for the main window when focus is in the modeless dialog box?

The standard message loop goes like this:

while (GetMessage(&msg, nullptr, 0, 0)) {
  if (!TranslateAccelerator(hwndMain, hacc, &msg)) {
    TranslateMessage(&msg);
    DispatchMessage(&msg);
  }
}

For each message, we ask the Translate­Accelerator function to process it. The Translate­Accelerator function works by looking to see if the message matches any of the accelerators in the provided accelerator table hacc. If so, then it posts the corresponding command to the window hwndMain.

As written, this message loop treats all messages as eligible for conversion into an accelerator for the main window. Maybe that’s what you want.

In the customer’s case, they have a modeless dialog box, and in the absence of any special handling, it will still be the case that all messages (even ones destined for the modeless dialog box) are eligible for translation into accelerators for the main window.

while (GetMessage(&msg, nullptr, 0, 0)) {
  if (!TranslateAccelerator(hwndMain, hacc, &msg) &&
      !IsDialogMessage(hdlgModeless, &msg)) {
    TranslateMessage(&msg);
    DispatchMessage(&msg);
  }
}

Observe that the call to Translate­Accelerator is made on every message. This means that messages destined for the modeless dialog box will nevertheless be inspected for keyboard accelerators.

We can write an alternate version of Translate­Accelerator that translates accelerators only if the window is destined for the specified window.

BOOL TranslateAcceleratorForWindow(
    HWND hwnd, HACC hacc, LPMSG pmsg)
{
  if (hwnd == pmsg->hwnd ||
      IsChild(hwnd, pmsg->hwnd)) {
    return TranslateAccelerator(hwnd, hacc, pmsg);
  } else {
    return FALSE;
  }
}

This does a preliminary check to see if the message is destined for the window or one of its children. Only in that case does it attempt to translate an accelerator. In this way, we limit accelerator translation to the case where the user is working with the specified window (or any of its children).

We can switch to using this helper function in our main message loop:

while (GetMessage(&msg, nullptr, 0, 0)) {
  if (!TranslateAcceleratorForWindow(
        hwndMain, hacc, &msg) &&
      !IsDialogMessage(hdlgModeless, &msg)) {
    TranslateMessage(&msg);
    DispatchMessage(&msg);
  }
}

We can go a step further and have one set of accelerators for the main window and another for the dialog box.

while (GetMessage(&msg, nullptr, 0, 0)) {
  if (!TranslateAcceleratorForWindow(
        hwndMain, hacc, &msg) &&
      !TranslateAcceleratorForWindow(
        hdlgModeless, haccDlg, &msg) &&
      !IsDialogMessage(hdlgModeless, &msg)) {
    TranslateMessage(&msg);
    DispatchMessage(&msg);
  }
}

It turns out you knew all this already. We discussed it quite some time ago, but looking at it from the dialog box’s point of view.

The post How do I make my accelerators apply only when used in the main window and not when the user is using a modeless dialog? appeared first on The Old New Thing.

15:42

Link [Scripting News]

If I were running an American news org, and I saw the CDC being silenced by the government, I'd boot up the equivalent of the CDC as part of my news org. I'd hire former CDC officials and tell them to say what they'd say if they were still at the CDC. Big budget. #savemylife

Link [Scripting News]

In hindsight it seems like this was an especially bad time for the UK to withdraw from the EU.

15:21

US to ban transactions with TikTok and WeChat in 45 days [OSnews]

U.S. President Donald Trump has issued executive orders to ban any U.S. transactions with WeChat, the messaging app owned by Tencent Holdings, and ByteDance, owner of TikTok, within 45 days, describing the Chinese-owned companies as threats to national security.

“The spread in the United States of mobile applications developed and owned by companies in the People’s Republic of China . . . continues to threaten the national security, foreign policy, and economy of the United States,” said Trump in the two executive orders signed on Thursday.

I definitely think the world should impose severe sanctions on China and western companies working with them for the ongoing genocide and ethnic cleansing of the Uyghurs and other minority groups, as well as the forced labour used to make Apple computers and Nike shoes. There’s also something intuitively wrong with China blocking and censoring western applications, platforms, and media – something many western companies comply with all too eagerly – all the while expecting Chinese state-owned or state-controlled companies to have complete freedom to collect and possibly spy everywhere else.

That being said, the Trump regime is not exactly known for coherent, consistent, and well thought-out policies, and these executive orders probably have more to do with diverting attention away from the complete and utter failure of the regime’s handling of the COVID-19 crisis and the upcoming election than anything else. These orders will probably be watered down over the coming weeks, so their value in putting pressure on China will be minimal.

Two things always happen when you point out atrocities committed by China. First, people point to problems in the US in a massive case of whataboutism, as if the problems in the US excuse a genocide in China. On top of that, if you think the admittedly big problems in the US means the US is a genocidal totalitarian fascist dictatorship, your false equivalency is so false it can shatter glass for kilometres around.

Second, apologists will say something along the lines of “okay, so you have nothing made in China?” This is a silly point to make. As individual consumers, it is literally impossible to avoid products made in China or other murderous regimes – just think of where your oil comes from. No, it’s governments and large corporations that have the power to put pressure on China, and so far, they have failed hard. They’ve been letting a genocide happen under their very noses, and once again, they choose to look away, because they value money more than human lives.

It’s always a struggle to go into politics on a tech website and it almost certainly makes me impopular, but since virtually all our technology is almost entirely or partly made in China, it’s impossible to ignore it and look away. Awareness is the first step, and covering your ears and eyes won’t make the problems go away. By letting our governments and the corporations we buy from get away with choosing money over human lives – money that we ordinary people do not benefit from anyway, since most of it ends up in the pockets of the ultra-wealthy anyway – none of this will ever change.

15:00

Four short links: 7 Aug 2020 [Radar]

  1. Surprising Economics of Load-Balanced SystemsI have a system with c servers, each of which can only handle a single concurrent request, and has no internal queuing. The servers sit behind a load balancer, which contains an infinite queue. An unlimited number of clients offer c * 0.8 requests per second to the load balancer on average. In other words, we increase the offered load linearly with c to keep the per-server load constant. Once a request arrives at a server, it takes one second to process, on average. How does the client-observed mean request team vary with c?
  2. CrushCrush is an attempt to make a traditional command line shell that is also a modern programming language. It has the features one would expect from a modern programming language like a type system, closures and lexical scoping, but with a syntax geared toward both batch and interactive shell usage. I’m not convinced this is where programming belongs, but some of the examples are shell power-user dreams.
  3. Deep Graph Learning Knowledge EmbeddingDGL-KE is a high performance, easy-to-use, and scalable package for learning large-scale knowledge graph embeddings. The package is implemented on the top of Deep Graph Library (DGL) and developers can run DGL-KE on CPU machine, GPU machine, as well as clusters. Open source, from Microsoft. (via Amazon Science)
  4. Flume — Open source React library to create your own visual programming language (drag-and-drop function nodes with connectors between them).

13:21

A Four is a Two is a Six [Whatever]

One thing to know about me is that I love shopping. Like, so much so that it’s an issue. Much like Ariana Grande said in 7 Rings, “think retail therapy my new addiction.” However, there are so many reoccurring issues I run into when shopping, that you’d think they’d be enough to deter me from the activity overall. For instance, as many of you know, I’m 5′ 10″. This alone makes shopping difficult enough, since almost all pants are highwaters (capris) on me and all dresses are too short for me.

To add to this, I’m chubby as hell. Thicc with two c’s. A real tubby marshmallow, to put it plainly. Being tall and overweight is a tough combination. And while the tall thing is a relatively new issue, I’ve been overweight for half my life. So once I became old enough to shop for myself, and did so quite frequently, finding my size became a bit of a challenge.

For the past few years, I’ve been stuck between “normal” sizes, and “plus” sizes. Normal sizes are typically 00-12 and plus is 14-30. I am constantly on the border between the two, sometimes I fit a 12 and sometimes I fit a 14. And sometimes I’m a 16. And sometimes I’m a medium, and sometimes I’m a large, but also sometimes I’m an x-large.

Point is, women’s sizes are confusing! It’s so hard to know what you are when every store, every clothing line, every designer has different measurements for their cookie cutter sizes. A pair of size 12 pants in one store might fit you perfectly but a pair of 12’s in a different store might be completely different. If you’ve ever seen this image floating around, originally posted by @chloe______e on Twitter, in which all of these pants are a size 12, you can start to see why it’s so hard for women to know what size they really are.

Meanwhile, men’s pants sizes aren’t some random number, like a 4 or an 8, they’re actual inch measurements! 30×32, 33×30, these are numbers with real meaning. This is not to suggest this issue doesn’t happen to men though, because I’ve seen a men’s shirt in a medium and an xx-large be identical before.

As someone who is always stuck in between the normal sizing and the plus sizing, it makes it hard to find clothes at either type of store. For example, if I go into a plus-sized only store, like Lane Bryant, everything is too big, despite the fact that I don’t fit into any of the normal sizes at other stores. There are certain stores, like Rue 21, which divide their stores in half, one half is for normal sizes and one half is for plus sizes. I think this is kind of a bad way to do it, because it feels alienating at times, but I can see how it would work if you assumed everyone knew their size without fail. But in stores like that, I always find myself bouncing back and forth between the two sides, and it’s frustrating!

Not only are the same sizes inconsistent across different stores or brands, but even the same brands will be inconsistent with their sizing, like when a women named Riley Bodley showed that her size 4 jeans were actually smaller than her size 0 jeans, from the same company, but the size 0 pants were bought a few years earlier. Which means that American Eagle made their bigger sizes smaller! I’m in awe, really. How do we (me included) let ourselves be so distraught by what size we wear, when companies are constantly changing the sizes, let alone making them consistently smaller?

I mean what can we expect when clothing companies put out these pre-cut clothes, when every single body is different? How can we think that the same pair of jeans will fit a hundred different people just because they’re all an eight, or a ten, or a four?

So you would think with all this, I would hate shopping, but on the flip side of this chaos, when you actually do find something that fits, and looks good, that moment of joy is fucking addicting. I am someone who does not have stellar body confidence. So when I find something that looks decent on me? I have this innate need to buy it. Because who knows when I’ll find something that fits this well again? Who knows when a dress will look this nice on me again? Better play it safe and buy it. And I have this mentality for literally dozens of clothing items, which leads to me spending way too much on clothes.

Also, I think clothing is such a great way to express yourself! There are so many different styles to explore, aesthetics to showcase. Everyone has such unique taste in clothes, it’s hard not to love fashion when it can be so fun. But I can also understand people who don’t feel the same, who prefer function over fashion, comfort over cuteness. Why waste money on an expensive outfit when a t-shirt and jeans do the trick? And honestly, to each their own. You should always do whatever makes you most comfortable and happy!

This post really is just to express one of my many, many frustrations with the fashion industry. My biggest complaint about the fashion industry is far less surface level than sizing, and has to do with where our clothes come from and the factories and laborers that produce our clothes. Which gives me a perfect opportunity to promote a fantastic book I read not so long ago called Where Am I Wearingby Kelsey Timmerman! I highly recommend checking it out if you’re interested in the source of most of our clothes and the people behind the garment making.

Anyways, that’s all I really had to say, just a bit of a vent piece. I hope it was relatable to some of you! Or at least enjoyable if nothing else. And I hope you have a great day!

-AMS

(Also, someone in the comments of my last post asked me what the M is for. It’s my middle initial!)

13:00

Reproducible Builds (diffoscope): diffoscope 155 released [Planet Debian]

The diffoscope maintainers are pleased to announce the release of diffoscope version 155. This version includes the following changes:

[ Chris Lamb ]
* Bump Python requirement from 3.6 to 3.7 - most distributions are either
  shipping3.5 or 3.7, so supporting 3.6 is not somewhat unnecessary and also
  more difficult to test locally.
* Improvements to setup.py:
  - Apply the Black source code reformatter.
  - Add some URLs for the site of PyPI.org.
  - Update "author" and author email.
* Explicitly support Python 3.8.

[ Frazer Clews ]
* Move away from the deprecated logger.warn method logger.warning.

[ Mattia Rizzolo ]
* Document ("classify") on PyPI that this project works with Python 3.8.

You find out more by visiting the project homepage.

12:14

Jonathan Dowland: Vimwiki [Planet Debian]

At the start of the year I begun keeping a daily diary for work as a simple text file. I've used various other approaches for this over the years, including many paper diaries and more complex digital systems. One great advantage of the one-page text file was it made assembling my weekly status report email very quick, nearly just a series of copies and pastes. But of course there are drawbacks and room for improvement.

vimwiki is a personal wiki plugin for the vim and neovim editors. I've tried to look at it before, years ago, but I found it too invasive, changing key bindings and display settings for any use of vim, and I use vim a lot.

I decided to give it another look. The trigger was actually something completely unrelated: Steve Losh's blog post "Coming Home to vim". I've been using vim for around 17 years but I still learned some new things from that blog post. In particular, I've never bothered to Use The Leader for user-specific shortcuts.

The Leader, to me, feels like a namespace that plugins should not touch: it's like the /usr/local of shortcut keys, a space for the local user only. Vimwiki's default bindings include several incorporating the Leader. Of course since I didn't use the leader, those weren't the ones that bothered me: It turns out I regularly use carriage return and backspace for moving the cursor around in normal mode, and Vimwiki steals both of those. It also truncates the display of (what it thinks are) URIs. It turns out I really prefer to see exactly what's in the file I'm editing. I haven't used vim folds since I first switched to it, despite them being why I switched.

Disabling all the default bindings and URI concealing stuff and Vimwiki is now much less invasive and I can explore its features at my own pace:

let g:vimwiki_key_mappings = { 'all_maps': 0, }
let g:vimwiki_conceallevel = 0
let g:vimwiki_url_maxsave = 0 

Followed by explicitly configuring the bindings I want. I'm letting it steal carriage return. And yes, I've used some Leader bindings after all.

nnoremap <leader>ww :VimwikiIndex<cr>
nnoremap <leader>wi :VimwikiDiaryIndex<cr>
nnoremap <leader>wd :VimwikiMakeDiaryNote<cr>

nnoremap <CR> :VimwikiFollowLink<cr>
nnoremap <Tab> :VimwikiNextLink<cr>
nnoremap <S-Tab> :VimwikiPrevLink<cr>
nnoremap <C-Down> :VimwikiDiaryNextDay<cr>
nnoremap <C-Up> :VimwikiDiaryPrevDay<cr>

,wd (my leader) now brings me straight to today's diary page, and I can create separate, non-diary pages for particular work items (e.g. a Ticket reference) that will span more than one day, and keep all the relevant stuff in one place.

12:07

Error'd: All Natural Errors [The Daily WTF]

"I'm glad the asdf is vegan. I'm really thinking of going for the asasdfsadf, though. With a name like that, you know it's got to be 2 1/2 times as good for you," writes...

Feeds

FeedRSSLast fetchedNext fetched after
XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
a bag of four grapes XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
A Smart Bear: Startups and Marketing for Geeks XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
Anarcho's blog XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
Ansible XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
Bad Science XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
Black Doggerel XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
Blog – Official site of Stephen Fry XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
Broodhollow XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
Charlie Brooker | The Guardian XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
Charlie's Diary XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
Chasing the Sunset - Comics Only XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
Clay Shirky XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
Coding Horror XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
Cory Doctorow – Boing Boing XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
Cory Doctorow's craphound.com XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
Ctrl+Alt+Del Comic XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
Cyberunions XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
David Mitchell | The Guardian XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
Debian GNU/Linux System Administration Resources XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
Deeplinks XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
Diesel Sweeties webcomic by rstevens XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
Dilbert XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
Dork Tower XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
Edmund Finney's Quest to Find the Meaning of Life XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
Eerie Cuties XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
EFF Action Center XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
Enspiral Tales - Medium XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
Erin Dies Alone XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
Events XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
Falkvinge on Liberty XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
Flipside XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
Free software jobs XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
Full Frontal Nerdity by Aaron Williams XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
General Protection Fault: The Comic Strip XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
George Monbiot XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
Girl Genius XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
God Hates Astronauts XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
Graeme Smith XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
Groklaw XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
Hackney Anarchist Group XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
http://calendar.google.com/calendar/feeds/q7s5o02sj8hcam52hutbcofoo4%40group.calendar.google.com/public/basic XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
http://dynamic.boingboing.net/cgi-bin/mt/mt-cp.cgi?__mode=feed&_type=posts&blog_id=1&id=1 XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
http://eng.anarchoblogs.org/feed/atom/ XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
http://feed43.com/3874015735218037.xml XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
http://feeds2.feedburner.com/GeekEtiquette?format=xml XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
http://fulltextrssfeed.com/feeds2.feedburner.com/uclick/doonesbury?format=xml XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
http://london.indymedia.org/articles.rss XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
http://pipes.yahoo.com/pipes/pipe.run?_id=ad0530218c055aa302f7e0e84d5d6515&amp;_render=rss XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
http://the-programmers-stone.com/feed/ XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
http://thecommune.co.uk/feed/ XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
http://www.airshipentertainment.com/buck/buckcomic/buck.rss XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
http://www.airshipentertainment.com/growf/growfcomic/growf.rss XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
http://www.airshipentertainment.com/myth/mythcomic/myth.rss XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
http://www.baen.com/baenebooks XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
http://www.dcscience.net/feed/medium.co XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
http://www.feedsapi.com/makefulltextfeed.php?url=http%3A%2F%2Fwww.somethingpositive.net%2Fsp.xml&what=auto&key=&max=7&links=preserve&exc=&privacy=I+accept XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
http://www.freedompress.org.uk/news/feed/ XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
http://www.steampunkmagazine.com/inside/feed/ XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
http://www.tinycat.co.uk/feed/ XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
https://hackbloc.org/rss.xml XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
https://kajafoglio.livejournal.com/data/atom/ XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
https://philfoglio.livejournal.com/data/atom/ XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
https://studiofoglio.livejournal.com/data/atom/ XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
https://twitter.com/statuses/user_timeline/22724360.rss XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
https://web.randi.org/?format=feed&type=rss XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
https://www.DropCatch.com/domain/ubuntuweblogs.org XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
https://www.goblinscomic.com/category/comics/feed/ XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
https://www.hackneysolidarity.info/rss.xml XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
https://www.newstatesman.com/feeds/blogs/laurie-penny.rss XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
https://www.patreon.com/graveyardgreg/posts/comic.rss XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
https://www.rightmove.co.uk/rss/property-for-sale/find.html?locationIdentifier=REGION^876&maxPrice=240000&minBedrooms=2&displayPropertyType=houses&oldDisplayPropertyType=houses&primaryDisplayPropertyType=houses&oldPrimaryDisplayPropertyType=houses&numberOfPropertiesPerPage=24 XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
Humble Bundle Blog XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
I, Cringely XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
Irregular Webcomic! XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
Joel on Software XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
Judith Proctor's Journal XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
Krebs on Security XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
Lambda the Ultimate - Programming Languages Weblog XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
LLVM Project Blog XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
Looking For Group XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
Loomio Blog XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
LWN.net XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
Menage a 3 XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
Mimi and Eunice XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
Neil Gaiman's Journal XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
Nina Paley XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
O Abnormal – Scifi/Fantasy Artist XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
Oglaf! -- Comics. Often dirty. XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
Oh Joy Sex Toy XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
Order of the Stick XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
Original Fiction – Tor.com XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
OSnews XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
Paul Graham: Unofficial RSS Feed XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
Penny Arcade XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
Penny Red XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
PHD Comics XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
Phil's blog XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
Planet Debian XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
Planet GridPP XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
Planet Lisp XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
Pluralistic: Daily links from Cory Doctorow XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
Property is Theft! XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
PS238 by Aaron Williams XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
QC RSS XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
Radar XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
RevK®'s ramblings XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
Richard Stallman's Political Notes XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
Scenes From A Multiverse XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
Schneier on Security XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
SCHNEWS.ORG.UK XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
Scripting News XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
Seth's Blog XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
Skin Horse XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
Starslip by Kris Straub XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
Tales From the Riverbank XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
The Adventures of Dr. McNinja XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
The Bumpycat sat on the mat XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
The Command Line XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
The Daily WTF XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
The Monochrome Mob XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
The Non-Adventures of Wonderella XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
The Old New Thing XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
The Open Source Grid Engine Blog XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
The Phoenix Requiem XML 10:14, Tuesday, 11 August 10:54, Tuesday, 11 August
The Rogues Gallery XML 10:07, Tuesday, 11 August 10:55, Tuesday, 11 August
The Stranger, Seattle's Only Newspaper: Savage Love XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
TorrentFreak XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
towerhamletsalarm XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
Twokinds XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
UK Indymedia Features XML 10:07, Tuesday, 11 August 10:49, Tuesday, 11 August
Uploads from ne11y XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
Uploads from piasladic XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August
Use Sword on Monster XML 10:07, Tuesday, 11 August 10:54, Tuesday, 11 August
Wayward Sons: Legends - Sci-Fi Full Page Webcomic - Updates Daily XML 10:07, Tuesday, 11 August 10:53, Tuesday, 11 August
What If? XML 10:14, Tuesday, 11 August 10:55, Tuesday, 11 August
Whatever XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
Whitechapel Anarchist Group XML 10:21, Tuesday, 11 August 11:10, Tuesday, 11 August
WIL WHEATON dot NET XML 10:21, Tuesday, 11 August 11:05, Tuesday, 11 August
wish XML 10:21, Tuesday, 11 August 11:06, Tuesday, 11 August
xkcd.com XML 10:21, Tuesday, 11 August 11:04, Tuesday, 11 August