## Friday, 12 August

### 18:49

Join the FSF and friends Friday, July 29, from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.

Join the FSF and friends Friday, July 22, from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.

Join the FSF and friends Friday, July 15, from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.

Join the FSF and friends Friday, July 8, from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.

### 18:42

Capitol Hill Garage Sale Day, Hai! Japantown, and More Cheap & Easy Events Under $15 by EverOut Staff There's plenty of local gems to check out during this shiny Emerald City weekend, from Capitol Hill Garage Sale Day to Hai! Japantown and from the Seattle Urban Book Expo to An Evening with Alice Sandahl and Tomo Nakayama. ### FRIDAY #### FESTIVALS Seattle Latinx Pride Festival 2022 Show 'em you were born this way at this Latinx-centered festival, complete with musical performances, dancing, food vendors, community resources, and a photo booth. (Roberto Maestas Festival Street, North Beacon Hill, free) Maybe it was the door-knocking? Maybe it was her strong ideas? Maybe it was The Stranger's endorsement? by Hannah Krieg At Darya Farivar’s primary night party, her mother said her daughter’s run for an open State House seat in northeast Seattle served as a lesson for local progressives. A young woman with the right ideas can win, even if she doesn’t raise the most money. Farivar, who currently enjoys more than a two-point lead in the 46th Legislative District's contest, faced an uphill battle against big fundraisers. Pediatrician Lelach Rave and treasurer of the King County Democrats Melissa Taylor each raised around$200,000, making them, respectively, the second- and third-highest fundraisers for a state legislative seat in the entire primary. But with less than $70,000 in the bank, Farivar managed to win the primary over the more moderate Seattle Times pick and the better-connected progressive. “Maybe it actually isn’t just about money,” Farivar said in a phone interview. “It was just so validating to see that we can actually do this with a lot of hard work and with some people really believing in us.” Farivar credited her win to relentless door-knocking and a key endorsement from the Stranger Election Control Board (something about a pillow?). But now that she’ll be running against a prolific fundraiser who is lukewarm on rent control and inclusionary zoning, she’ll need her district’s entire progressive left to rally around her to win in November. ## How to Win a Primary on a Budget Sunshine Cheng, a first-time campaign manager, described her young team’s work for Farivar as “building a boat while it’s floating down the river.” One of the campaign’s biggest challenges on that river was finding money. When Farivar decided to run for the State House, advisors told her the magic number was$150,000. Candidates Rave, Taylor, and Nancy Connolly all hit that number, and Farivar–well, she said she tried.

She learned much of what she knows about running for office, including fundraising, from Emerge Washington, a program that demystifies campaigning for prospective women candidates.

Emerge Washington Executive Director Emily Carmichael said that first-time candidates often make the mistake of not looking deep enough in their social networks for donors. Farivar said she called up as many contacts as possible, but Carmichael noted that she may have run into some structural barriers. Older, more established candidates likely have more of those connections just based on the fact that they have lived longer lives and have had more experiences.

In cases where candidates cannot keep up with the fundraising prowess of their competitors, Progressive Strategies NW’s Ben Anderstone, who consulted Farivar, said that campaigns must compensate with a strong ground game. After all, as Farivar’s campaign quickly learned, door-knocking is dirt cheap.

He said face-to-face conversation is the best way to make a lasting impression, especially in a race that’s composed of first-time candidates. Carmichael agreed, adding that in a Democrat-on-Democrat race such as this one, all the votes are up for grabs, so it’s important to hit as many doors as possible.

“I can’t tell you how many people told me that I was the only person to come to their door since Bob Ferguson during his run for county council,” Farivar said.

Once you get to those doors, Anderstone said the best way to maximize your time is to say something new. For Farivar, she said she and her campaign workers would introduce themselves and then listen to the voters' concerns.

But of course, all the campaigns knocked doors, and it’s safe to say that asking voters about their concerns isn’t a revolutionary strategy either. While Anderstone described Farivar’s success as a “dramatic over-performance,” founder and principal of Fincher Consulting, Crystal Fincher, who consulted Taylor, said that the results of the primary were the “most constant and predictable outcome in Seattle politics.”

Fincher continued, noting that for at least the last 10 years, candidates with endorsements from The Stranger were shoe-ins for the general. She said it's as the old saying goes, “There are two political parties in Seattle: The Seattle Times and The Stranger.”

But Fincher also noted that The Stranger’s blessing does not win a candidate the general.

## How to Win the General (Maybe)

Farivar said her campaign’s strategy won’t change too much as they eye the general, which is coming up on November 8.

“We're going to keep doing what we've been doing, hopefully with more support, hopefully with more volunteers, hopefully with a little bit more money to make sure that our voice continues to get heard,” Farivar said.

So far, Farivar’s chances look pretty good. Combined with Taylor, the Obvious Progressive vote share in the 46th stands at 51%. Conventional wisdom holds that Seattle’s general electorate leans younger and more left-leaning than its primary electorate, so Farivar should have the wind at her back.

But what do moderates do when progressives scare them a little? They raise more money and print out mean mailers about them being Antifa. Of course, Rave hasn’t gone negative, and she has shown no signs that she will, but Anderstone said that when a candidate with a lot of money feels threatened, that’s often the direction they take.

“There's a risk of the other candidates saying, ‘Well, I said enough nice things about myself. What else can I say?’ That can turn negative real fast,” he said.

Rave didn’t respond to a request for comment.

Right now, Farivar’s campaign doesn’t have the money to run any kind of counter attack, so her best response to Rave going negative would be not to reciprocate, Anderstone said. Instead, he thinks she should spend her money to advertise herself.

Flyers of any kind cost campaigns big time: Rave so far has spent about as much on mailers as Farivar has spent on her entire campaign. Farivar has spent about 10% of her campaign budget on mailers. If she hopes to be competitive with other communication strategies besides door-knocking, then she’ll need money.

With big fundraisers Taylor and Nancy Connolly out of the running, tapping into those networks might be a good place for Farivar to start. Neither Taylor nor Connolly responded to my request for comment, but when I asked about help from former candidates, Farivar hinted that her campaign would announce something soon.

Anderstone said he would be “very surprised if we don't see a consolidation on the left” between Taylor and Farivar. This seems especially possible, since Taylor has shown a desire to promote a more diverse electorate as cofounder of a PAC that has supported Black women running for the State Legislature.

Farivar said she has already seen more support since her win on primary night. And, if nothing else, people will flock to her for her “underdog” story, Anderstone said.

Farivar’s win may be somewhat of an underdog story in 2022, but she hopes that one day a young woman of color winning a primary with the second-least amount of funding will become more commonplace.

She said she had a lot going for her, like a supportive family and connections at Emerge, but she still didn’t expect much going into the race.

Now, she’s more sure than ever that young people of color can win elections. She wants to see more of it, starting in the 46th Legislative District.

### 17:56

Homegrown Strike Authorized, Seattle Children’s Nurses Picket, and Seattle's Labor Office Returns $370,000 to Workers by Conor Kelley In honor of Comedy Bang Bang in town (live at the Moore Saturday night!), here we are in the throes of Auggy-doggy. The rabble rousers are raising rabble, and here I am with some breaking labor babble. Homegrown workers need your support: Homegrown, a sustainable food company that sells products to local cafes such as Caffe Vita and also maintains 10 retail stores in the Seattle area, has been refusing to recognize their workers’ union since June. The dang Seattle City Council called them out for it a month ago! And now, UNITE HERE! Local 8, a service workers union, says Homegrown has installed surveillance cameras in their delivery vans. In response, distribution workers at Homegrown’s production facility in Renton voted to authorize a strike. Want to help out? Homegrown workers are inviting you to click here and tell Caffe Vita you’re concerned about Homegrown’s labor practices. Seattle Children’s nurses picket: On Tuesday, nurses from Seattle Children’s Hospital picketed to draw attention to their concerns about low wages, staffing, and a lack of diversity and inclusion. Nurses say conditions must improve for Seattle Children’s to recruit and retain against the siren song of travel nursing. The Stand and South Seattle Emerald have more on what’s at stake. The Seattle Office of Labor Standards returns more money to workers: In the the first investigation resolved under Seattle’s Hotel Employee Protections Ordinances, the Seattle Office of Labor Standards alleged that Residence Inn and its staffing company, Go America, violated minimum wage laws and did not provide adequate health insurance to their workers, as well as a handful of other violations.$370,439.04 will be returned to 67 workers (that’s $5,528.94 each, baby!) and an additional$2,500 penalty will go to the City. Maybe if the City raised that penalty, there wouldn’t be a new wage theft case for me to report on every week!!!

Child care workers allegedly fired for organizing: Director of Operations Kristin Brown and Owner Kyla Liboon of MightyKidz daycare in Magnolia allegedly fired 11 of their workers in retaliation for organizing for better working conditions. Their workers’ demands are reasonable: $22/hr starting wage,$25/hr for lead teachers, legally mandated breaks for workers, and child-to-teacher ratios that meet the legal minimum. See details and learn how to support them here. On Tuesday, Kshama Sawant’s office showed its support:

Congress takes note: On Tuesday, the U.S. House Select Committee on Economic Disparity and Fairness in Growth held a hearing to figure out what the heck is going on out there in little old Seattle, Warshington, where workers appear to be gaining some power! Check it out (DISCLAIMER: it is nearly two hours long).

The remote work debate heats up: With two full-grown public health emergencies and a third on the way, no serious person thinks remote workers should go back to the office. Enter Malcolm Gladwell. Gladwell, author of the only books your ex has read since high school, claimed on the podcast Diary of a CEO, “It’s not in your best interest to work at home.” He’s been dunked on this week, with The Onion getting in on the joke, mostly because everybody knows remote work is in workers’ best interests, and it has been an absolute Conquest for us. Business Insider explains:

Amazon warehouse workers speak up, parts 999 and 1,000: But of course comfort can’t be had by all. That would be…communism? Amazon, who can’t wait to build robots and fire all their sniveling human workers, is under fire for more alleged worker mistreatment. More Perfect Union reported on Tuesday that Amazon workers in Memphis are being forced to unload trailers that reach up to 145 degrees, which is 11 degrees hotter than the hottest temperature recorded on Earth. And in Albany, NY, Amazon workers have suffered strokes, heat exhaustion, and head trauma at their workplace. Now they’re organizing with Amazon Labor Union. See their story here:

Alaska Airlines workers win big: On Monday, the International Association of Machinists and Aerospace Workers (IAM) announced that they came to terms with Alaska Airlines on a hell of a new four-year contract. For its 5,300 members at Alaska, the union won an immediate 8.9% to 17.4% base wage increase, plus annual 2.5% increases and other protections. Check out The Stand’s rundown here.

L-bucks: On Saturday, a Twitter user claiming to be a pro-union Starbucks worker at an organizing store in Pittsburg said management fired them for being two minutes late. The tweet went viral. Later on, a TikTok video of Buffalo workers walking out to protest their union leader being wrongfully terminated reached 3.1 million likes. (Before you click: try to guess what song is playing over the video. You will be wrong. But you will bop.) And in perhaps the most pathetic event in this Starbucks saga, when a South Carolina store manager was presented with demands from their workers, she walked out and then ACCUSED THE WORKERS OF TRYING TO ASSAULT AND KIDNAP HER. The problem for her little story? More Perfect Union has video—and additional audio—of the whole thing:

Labor Notes virtual events: I heard you’re a big A/V head, a real Streamin’ Demon, so I found you some affordable upcoming virtual events put on by Labor Notes. There are three coming up next week: Two sections of the Secrets of a Successful Organizer August Workshop Series, and Stewards Workshop: Investigating Grievances. Short on cash? Pay what you can.

Petco update: Last week I reported that the good folks at Petco in Shoreline were organizing. This week, my source tells me upper management is in the store, directly responding to the issues I relayed in this here column! Floor workers are getting predictive schedules, groomers are getting sent home when it gets too hot, and that AC unit appears to be getting fixed. In a phrase? “Night and day.” The organizers thank you all for your support on Twitter and in the store. Workers from four other Petco stores have reached out to cheer them on and get help organizing their workplaces, too. The group is extremely confident they’ll win their election, and, when they do, I’ll be sure to relay their Conquest right here.

Lift your head, for the valleys echo with a joyous song, “WHAT ELSE?”: Jacobin has one simple trick that bosses HATE. In These Times dug into union finances and had some notes. NBC Guild got a win and did a full-on “oh my god, he admit it” post. A new Cringe King emerged. And, finally, we saw a flurry of filings from Portland, including Burgerville, Raimore Construction, and Schoolhouse Electric.

As always, thanks for all your wonderful tips. Keep ‘em coming, and continue to sound off in the comments. Let your voice be heard! Seen! Read! Skimmed!

Your banger of the week is a deep cut. Two-and-a-half years into this COVID pandemic, we’re walking with death all the time. We might as well develop a sense of humor about it all. Here’s “You’re Dead” by the experimental folk singer Norma Tanega. Lean into the cosmic joke. Eat a succulent Chinese meal. Have a great weekend.

The Stranger's morning news roundup. by Will Casey

Back-to-back weekends of climate optimism: I know, I'm not used to this much good news either, but all signs point to the House passing the Inflation Reduction Act today. Assuming no centrists decide to sabotage the effort at the last minute, President Biden should sign the US's first major climate bill in my adult lifetime in the next few days. Here's a breakdown from the New York Times on how you might benefit from the tax credits and rebates in the bill.

Speaking of climate: Advocates for farm workers told KUOW yesterday that the Department of Labor & Industries isn't doing enough to enforce its new emergency rules that are supposed to protect workers in extreme heat. In a quote I had to read three times to make sure I wasn't hallucinating, a spokesperson for L&I said the agency “is definitely on the side of the business.” Very cool.

Progress in the investigation into Manuel Ellis's death: Here's to hoping that those unredacted records shed some light on exactly who was responsible for this tragedy.

Power-sharing among workers at a restaurant: The South Seattle Emerald reports that Jude’s, a Cajun spot in the South End, is experimenting with ways to subvert the worker-alienating principles of capitalism. After purchasing the restaurant during the early days of the pandemic, a former bartender decided to transition the establishment into a co-op where employees "own [their] own labor." A better world is possible, y'all.

Good news for elderly long COVID patients: Some health care providers are now employing cognitive rehabilitation in older patients who struggle with the infamous COVID-induced brain fog, and they are seeing people make "significant gains" in treating their symptoms with the practice. According to the CDC, 1 in 4 adults who survive the virus have at least one lingering symptom, so anything that helps that enormous population has to be unequivocally good news.

I know Charles covered this in yesterday's PM, but I simply cannot resist sharing this awful pun about the feds looking for nuclear documents in Trump's beach house:

When the worst person you know makes a good point:

We haven't forgotten, Mike: Washington's Insurance Commissioner Mike Kreidler ordered a company selling illegal insurance plans through local chambers of commerce to knock off that behavior yesterday. That's great, since both workers and small businesses were getting screwed under the shady plans. But I mostly included this story in AM to point out that Kreidler is somehow still in office after basically everyone in Olympia (and on the Seattle Times Editorial Board) called for him to resign over allegations of bullying and making racist and sexist remarks in front of his staff.

Gas prices keep declining: After 55 straight days of declining gas prices, the national average has fallen below $4 per gallon for the first time since March. It's starting to look like the GOP will need a new boogeyman this October. Fuck civility politics: NPR engaged in some pathetic pearl-clutching over Beto O'Rourke's use of profanity against a heckler at a recent event. The heckler laughed as O'Rourke described the capabilities of an AR-15 in the context of the Uvalde shooting. "Toilet talk," as one alleged expert quoted in the story referred to Beto's language, helps regular people understand when things are so bad that the only way to accurately describe them is to speak plainly. If you don't think a mass shooting that leaves 19 children dead deserves an f-bomb, then I suggest you fuck right off. You didn't hear this from me, but if you have friends in abortion prohibition states freaking out about a local prosecutor promising to enforce laws that criminalize abortions, here's one easy trick that they can use to fight back. To paraphrase a certain former First Lady, when the prosecutor asks you to convict someone for exercising their rights to bodily autonomy, just say "no." Why am I not surprised? New research from a former Google engineer shows that Meta, the company that owns Facebook and Instagram, has been taking advantage of its in-app browsers to inject code into websites its users visit so it can track all their actions on those sites. Will Zuck ever run out of ways to creepily violate our privacy? If only anyone had told them not to build it... The entirely unnecessary youth jail that King County spent$243 million to construct has a "slew of early defects," reports KUOW. If you take a small view of the issue, then most of the faulty construction appears to be the fault of one particular contractor. Stepping back, the fact that we spent nearly a quarter of a billion dollars on a facility that only houses about two dozen kids on average is the real scandal here.

Rest in peace, Malcom: After a week of having Mac Miller's latest posthumous mixtape "I Love Life, Thank You" on repeat, I've landed on this bittersweet bop as my personal favorite track from the project.

### 17:21

The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect to the Emergency Alert System — a national public warning system used to deliver important emergency information, such as severe weather and AMBER alerts. The DHS warning came in advance of a workshop to be held this weekend at the DEFCON security conference in Las Vegas, where a security researcher is slated to demonstrate multiple weaknesses in the nationwide alert system.

A Digital Alert Systems EAS encoder/decoder that Pyle said he acquired off eBay in 2019. It had the username and password for the system printed on the machine.

The DHS warning was prompted by security researcher Ken Pyle, a partner at security firm Cybir. Pyle said he started acquiring old EAS equipment off of eBay in 2019, and that he quickly identified a number of serious security vulnerabilities in a device that is broadly used by states and localities to encode and decode EAS alert signals.

“I found all kinds of problems back then, and reported it to the DHS, FBI and the manufacturer,” Pyle said in an interview with KrebsOnSecurity. “But nothing ever happened. I decided I wasn’t going to tell anyone about it yet because I wanted to give people time to fix it.”

Pyle said he took up the research again in earnest after an angry mob stormed the U.S. Capitol on Jan. 6, 2021.

“I was sitting there thinking, ‘Holy shit, someone could start a civil war with this thing,”’ Pyle recalled. “I went back to see if this was still a problem, and it turns out it’s still a very big problem. So I decided that unless someone actually makes this public and talks about it, clearly nothing is going to be done about it.”

The EAS encoder/decoder devices Pyle acquired were made by Lyndonville, NY-based Digital Alert Systems (formerly Monroe Electronics, Inc.), which issued a security advisory this month saying it released patches in 2019 to fix the flaws reported by Pyle, but that some customers are still running outdated versions of the device’s firmware. That may be because the patches were included in version 4 of the firmware for the EAS devices, and many older models apparently do not support the new software.

“The vulnerabilities identified present a potentially serious risk, and we believe both were addressed in software updates issued beginning Oct 2019,” EAS said in a written statement. “We also provided attribution for the researcher’s responsible disclosure, allowing us to rectify the matters before making any public statements. We are aware that some users have not taken corrective actions and updated their software and should immediately take action to update the latest software version to ensure they are not at risk. Anything lower than version 4.1 should be updated immediately. On July 20, 2022, the researcher referred to other potential issues, and we trust the researcher will provide more detail. We will evaluate and work to issue any necessary mitigations as quickly as possible.”

But Pyle said a great many EAS stakeholders are still ignoring basic advice from the manufacturer, such as changing default passwords and placing the devices behind a firewall, not directly exposing them to the Internet, and restricting access only to trusted hosts and networks.

Pyle, in a selfie that is heavily redacted because the EAS device behind him had its user credentials printed on the lid.

Pyle said the biggest threat to the security of the EAS is that an attacker would only need to compromise a single EAS station to send out alerts locally that can be picked up by other EAS systems and retransmitted across the nation.

“The process for alerts is automated in most cases, hence, obtaining access to a device will allow you to pivot around,” he said. “There’s no centralized control of the EAS because these devices are designed such that someone locally can issue an alert, but there’s no central control over whether I am the one person who can send or whatever. If you are a local operator, you can send out nationwide alerts. That’s how easy it is to do this.”

One of the Digital Alert Systems devices Pyle sourced from an electronics recycler earlier this year was non-functioning, but whoever discarded it neglected to wipe the hard drive embedded in the machine. Pyle soon discovered the device contained the private cryptographic keys and other credentials needed to send alerts through Comcast, the nation’s third-largest cable company.

“I can issue and create my own alert here, which has all the valid checks or whatever for being a real alert station,” Pyle said in an interview earlier this month. “I can create a message that will start propagating through the EAS.”

Comcast told KrebsOnSecurity that “a third-party device used to deliver EAS alerts was lost in transit by a trusted shipping provider between two Comcast locations and subsequently obtained by a cybersecurity researcher.

“We’ve conducted a thorough investigation of this matter and have determined that no customer data, and no sensitive Comcast data, were compromised,” Comcast spokesperson David McGuire said.

The company said it also confirmed that the information included on the device can no longer be used to send false messages to Comcast customers or used to compromise devices within Comcast’s network, including EAS devices.

“We are taking steps to further ensure secure transfer of such devices going forward,” McGuire said. “Separately, we have conducted a thorough audit of all EAS devices on our network and confirmed that they are updated with currently available patches and are therefore not vulnerable to recently reported security issues. We’re grateful for the responsible disclosure and to the security research community for continuing to engage and share information with our teams to make our products and technologies ever more secure. Mr. Pyle informed us promptly of his research and worked with us as we took steps to validate his findings and ensure the security of our systems.”

The user interface for an EAS device.

Unauthorized EAS broadcast alerts have happened enough that there is a chronicle of EAS compromises over at fandom.com. Thankfully, most of these incidents have involved fairly obvious hoaxes.

According to the EAS wiki, in February 2013, hackers broke into the EAS networks in Great Falls, Mt. and Marquette, Mich. to broadcast an alert that zombies had risen from their graves in several counties. In Feb. 2017, an EAS station in Indiana also was hacked, with the intruders playing the same “zombies and dead bodies” audio from the 2013 incidents.

“On February 20 and February 21, 2020, Wave Broadband’s EASyCAP equipment was hacked due to the equipment’s default password not being changed,” the Wiki states. “Four alerts were broadcasted, two of which consisted of a Radiological Hazard Warning and a Required Monthly Test playing parts of the Hip Hop song Hot by artist Young Thug.”

In January 2018, Hawaii sent out an alert to cell phones, televisions and radios, warning everyone in the state that a missile was headed their way. It took 38 minutes for Hawaii to let people know the alert was a misfire, and that a draft alert was inadvertently sent. The news video clip below about the 2018 event in Hawaii does a good job of walking through how the EAS works.

# The FTC takes aim at commercial surveillance (permalink)

The biggest fallacy in the online privacy is that there is a difference between "state surveillance" and "commercial surveillance." Bizarrely, it's a fallacy that is widely held by both government snoops and Big Tech snoops.

Many's the time I've spoken to a DC audience about privacy, only to have an audience member say, "I'm OK with Uncle Sam spying on me – after all, I've already given up every sensitive scrap of information about my personal life to the Office of Personnel Management when I applied for security clearance. But I don't want my money going to Google – those bastards would sell their mothers out for a nickle."

Meanwhile, in Silicon Valley, I hear, "I don't care if Google has my data – they just want to show me better ads. But the US government? Hell no! Those govies and their profiteering private contractor pals are all too stupid to get jobs at real tech companies and who knows what they're going to do with my data?"

Both groups are gripped by the delusion that state surveillance can be disentangled from commercial surveillance. In a just world, companies would be barred from undertaking mass-scale surveillance for their private gain. After all, this is a practice that imposes vast risks on the public – humiliation, identity theft, extortion, and more – and is only profitable because the companies that create this risk can privatize the benefits of spying and socialize the costs of leaks:

https://locusmag.com/2018/07/cory-doctorow-zucks-empire-of-oily-rags/

How is it that the government hasn't stepped in to force companies to end the practice of spying? Worse, how is it that the government abets spying – for example, by reinforcing the risible fiction that clicking "I agree" on a meandering, multi-thousand word garbage legalese novella constitutes "consent"?

https://pluralistic.net/2022/08/10/be-reasonable/#i-would-prefer-not-to

It's because the project of mass state surveillance depends on mass commercial surveillance. Remember the Snowden revelations? Remember how they started with #Prism, a program whereby Big Tech had secretly colluded with the NSA to conduct illegal, mass surveillance?

https://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data

The companies denied it at first, but they changed their tunes – and squealed like stuck pigs – when another NSA program called "Upstream" was revealed. "Upstream" was the NSA's practice of wiretapping the fiber lines between Big Tech's data-centers.

Prism turned out to be a way to trick the tech giants into thinking that they were in control of the NSA's harvesting of their users' data. But what was really going on was that the NSA was capturing everything, picking out the stuff they wanted, and requesting it via Prism (this is called "parallel construction" and it's used when an agency does not want to reveal its methods to its partners or adversaries).

The NSA depended on Big Tech collecting and retaining everything, and it depended on the companies recklessly transmitting data between their data-centers without encrypting it. The NSA is also the agency charged with defending Americans from foreign surveillance, the risk of which also increased thanks to Big Tech's overcollection and sloppy storage. If the NSA took its defensive mission seriously, it would have been screaming its head off, demanding an end to commercial surveillance and hardening of internal communications. Instead, it exploited both.

The public-private surveillance partnership is very old, and it's key to monopolists' strategy. It took 69 years to break up AT&T, because every time trustbusters came close, America's cops and spies and military would spring into action, insisting that the Bell System was America's "national champion," needed to defend it from foreign enemies. The Pentagon rescued Ma Bell from breakup in the 50s by claiming that the Korean War couldn't be won without AT&T's help:

https://onezero.medium.com/jam-to-day-46b74d5b1da4

But it's not just powerful federal agencies that rely on commercial surveillance – and who aggressively cape for the tech surveillance industry. Local cops rely on Amazon's Ring doorbells to conduct off-the-books, mass scale street surveillance. Despite Amazon's repeated false claims, police can do this without Ring owners' knowledge or consent:

https://www.politico.com/news/2022/07/13/amazon-gave-ring-videos-to-police-without-owners-permission-00045513

Hard to overstate how sleazy this is, even leaving aside the creepy public surveillance part. Amazon sells you networked surveillance cameras, encourages you to put them inside and outside of your house, promises that you will have control over the footage they capture, then secretly hands it out to cops. In a just world, Amazon would face stiff penalties for lying to its customers about a matter this sensitive. In our world, nothing happens – because local cops across America go to bat for Amazon every time the issue comes up.

Google deceptively captures your location data. It is effectively impossible to opt out of Google location collection. You have to uncheck a dozen or so boxes in different places. Even the senior Googlers who ran Google Maps couldn't figure it out – they thought they'd opted out, but hadn't.

https://pluralistic.net/2021/06/01/you-are-here/#goog

In a just world, Google would face stiff penalties for deceiving billions of people who thought they had explicitly told the company not to track their location – but in our world, Google is left alone to do so. I mean, of course – why not? Without Google's mass harvesting and indefinite storage of surveillance data, cops wouldn't be able to use "reverse warrants" to go after Black Lives Matter protesters:

(If you think that reverse warrants are good because they were used to prosecute the 1/6 insurrectionists, please consider that the vast majority of reverse warrants are used against progressive protesters).

Facebook deceptively captures your personal communications. You may think your private messages are private, but actually Facebook collects this data and retains it forever. In a just world, Facebook would be punished for this. In our world, Facebook turns over teens' private chats about procuring a medication abortion to cops seeking to charge an underaged girl as an adult with multiple felonies:

Republicans talk a big game about tech companies being too powerful – but they mean that tech companies shouldn't be able to do content moderation.

They don't mean that tech companies should stop collaborating with latter-day Witchfinders General in their hunt for formerly pregnant children to imprison on behalf of the forced birth movement.

A federal privacy bill has been working its way through Congress all year, but it keeps getting watered down to the point of uselessness – or worse, because the bill will preempt good state privacy laws and replace them with a weak federal rule. But that might be moot, because I hear there's no chance of the bill passing.

This isn't regulatory capture – it's legislative capture. Congress and the Senate are thoroughly dependent on the big tech companies, as well as other surveillance giants like the credit reporting bureaux and the military contractors who build and maintain government surveillance systems.

https://doctorow.medium.com/regulatory-capture-59b2013e2526

All that might piss you off. It should. But here's the good news. The great news. When it comes to digital surveillance, America no longer has a regulatory capture problem. That's because personnel are policy, and the brilliant, fearless Lina Khan is running the FTC.

https://pluralistic.net/2022/05/09/rest-in-piss-robert-bork/#harmful-dominance

Khan rose to prominence just five years ago, when, as a law student, she published the earth-shaking law review article "Amazon's Antitrust Paradox," which demolished 40 years of right-wing orthodoxy that insisted that monopolies were efficient and beneficial and should be encouraged by governments:

Today, she is chair of the FTC, and she's taking no prisoners. Instead, she's instituting new stringent merger guidelines, aggressively pursuing monopolies, and proposing sweeping new regulation that would allow the FTC to step in on privacy where Congress has failed us.

The FTC's just given notice of a future rulemaking on digital privacy, called the "Commercial Surveillance and Data Security Rulemaking":

https://www.ftc.gov/legal-library/browse/federal-register-notices/commercial-surveillance-data-security-rulemaking

They want to hear from you on a series of hard-hitting questions, including

• Are there some harms that consumers may not easily discern or identify? Which are they?
• How should the Commission identify and evaluate these commercial surveillance harms or potential harms? On which evidence or measures should the Commission rely to substantiate its claims of harm or risk of harm?

• Which areas or kinds of harm, if any, has the Commission failed to address through its enforcement actions?

• Has the Commission adequately addressed indirect pecuniary harms, including potential physical harms, psychological harms, reputational injuries, and unwanted intrusions?

• Which kinds of data should be subject to a potential trade regulation rule?

• Which, if any, commercial incentives and business models lead to lax data security measures or harmful commercial surveillance practices? Are some commercial incentives and business models more likely to protect consumers than others?

• How, if at all, should potential new trade regulation rules address harms to different consumers across different sectors? Which commercial surveillance practices, if any, are unlawful such that new trade regulation rules should set out clear limitations or prohibitions on them? To what extent, if any, is a comprehensive regulatory approach better than a sectoral one for any given harm?

As Thomas Claburn writes for The Register, "the agency's decision to use the word 'surveillance' rather than a euphemism like 'data gathering' or 'personalization' suggests the FTC is already inclined to change the status quo."

https://www.theregister.com/2022/08/11/ftc_personal_data_rules/

You might have heard about the Supreme Court's ruling in West Virginia v EPA, where Trump's illegitimate judges used their stolen seats to twist procedure and overturn decades of precedent to say that the EPA was not allowed to take action on climate change unless Congress specifically wrote them a mandate instructing them to do so:

https://www.npr.org/2022/06/30/1103595898/supreme-court-epa-climate-change

Commentators have focused – rightly – on the environmental consequences of this decision. As Justice Kagan wrote in her dissent: "The subject matter of the regulation here makes the Court’s intervention all the more troubling. Whatever else this Court may know about, it does not have a clue about how to address climate change. And let’s say the obvious: The stakes here are high. Yet the Court today prevents congressionally authorized agency action to curb power plants’ carbon dioxide emissions. The Court appoints itself—instead of Congress or the expert agency—the decision-maker on climate policy. I cannot think of many things more frightening. Respectfully, I dissent."

But the impact of this decision goes much farther. Expect the commercial surveillance industry to go after Khan and the FTC here, arguing that since the Federal Trade Commission Act of 1914 didn't mention the possibility of mass internet surveillance, the FTC can't do anything about it. By that reasoning, of course, the FTC should limit itself to policing the business practices of 1914 and previous. Look forward to a future Republican FTC chair opening an investigation into the build-quality of the Packard Six Phaeton.

The fusion of commercial and state surveillance is baked into the companies' business models, which rely on the state's dependence on commercial surveillance data, which, in turn, makes the state unwilling to regulate commercial surveillance.

As my EFF colleague Corynne McSherry said, "The best way to protect your users is to minimize the data you collect, delete what you do collect whenever possible, and encrypt private messages end-to-end as a default. Don't build it, don't keep it, and the cops won't come for it."

The corollary: if you build it, if you keep it, the cops will defend your right to do so. Chairperson Khan needs all our support. We need to flood that docket – and our reps' ears – with rejections of commercial surveillance. Because there is no mass state surveillance without mass commercial surveillance – and vice-versa.

(Image: Cryteria, CC BY 3.0, modified)

# This day in history (permalink)

#15yrsago Epcot’s secret meeting rooms https://web.archive.org/web/20071025054350/https://thedisneyblog.com/tdb/2007/08/the-secret-room.html

#10yrsago Time wars: our finite lives frittered away in the precarious world of automation https://web.archive.org/web/20120813051220/https://www.gonzocircus.com/xtrpgs/incubate-special-exclusive-essay-time-wars-by-mark-fisher/

#10yrsago Mitt Romney’s tax bill under Paul Ryan’s budget? 0.82% (Your taxes will probably go up, though) https://www.theatlantic.com/business/archive/2012/08/mitt-romney-would-pay-082-percent-in-taxes-under-paul-ryans-plan/261027/

#5yrsago Amazon scammers’ new trick: shipping things to random widows in your town https://petapixel.com/2017/08/11/fell-victim-1500-used-camera-lens-scam-amazon/

#5yrsago You are Henry David Thoreau in the Walden simulator video game https://www.waldengame.com/

#5yrsago 24 hours later, ANOTHER massive Wells Fargo fraud scandal https://theintercept.com/2017/08/12/theres-a-new-wells-fargo-scandal-this-time-its-the-trucoat/

Today's top sources: Naked Capitalism (https://www.nakedcapitalism.com/), Slashdot (https://slashdot.org/).

Currently writing:

• The Bezzle, a Martin Hench noir thriller novel about the prison-tech industry. Yesterday's progress: 503 words (31763 words total)
• The Internet Con: How to Seize the Means of Computation, a nonfiction book about interoperability for Verso. Yesterday's progress: 526 words (27978 words total)

• Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. (92849 words total) – ON PAUSE

• A Little Brother short story about DIY insulin PLANNING

• Vigilant, Little Brother short story about remote invigilation. FIRST DRAFT COMPLETE, WAITING FOR EXPERT REVIEW

• Moral Hazard, a short story for MIT Tech Review's 12 Tomorrows. FIRST DRAFT COMPLETE, ACCEPTED FOR PUBLICATION

• Spill, a Little Brother short story about pipeline protests. FINAL DRAFT COMPLETE

• A post-GND utopian novel, "The Lost Cause." FINISHED

• A cyberpunk noir thriller novel, "Red Team Blues." FINISHED

Currently reading: Analogia by George Dyson.

Latest podcast: View a SKU: Let’s Make Amazon Into a Dumb Pipe https://craphound.com/news/2022/07/31/view-a-sku-lets-make-amazon-into-a-dumb-pipe/

Upcoming appearances:

Recent appearances:

Latest book:

Upcoming books:

• Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin, nonfiction/business/politics, Beacon Press, September 2022
• Red Team Blues: "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books, April 2023

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

# How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/web/accounts/303320

https://doctorow.medium.com/

(Latest Medium column: "Como is Infosec" https://doctorow.medium.com/como-is-infosec-307f87004563)

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

### 17:00

It would be great if Merrick Garland got the same media team that did the Jan 6 hearings to work on making the case of Trump's criminality to the public. That's really where the trial will take place, where the future of the country will be decided.

I run Debian on my laptop (obviously); but occasionally, for $DAYJOB, I have some work to do on Windows. In order to do so, I have had a Windows 10 VM in my libvirt configuration that I can use. A while ago, Microsoft issued Windows 11. I recently found out that all the components for running Windows 11 inside a libvirt VM are available, and so I set out to upgrade my VM from Windows 10 to Windows 11. This wasn't as easy as I thought, so here's a bit of a writeup of all the things I ran against, and how I fixed them. Windows 11 has a number of hardware requirements that aren't necessary for Windows 10. There are a number of them, but the most important three are: • Secure Boot is required (Windows 10 would still boot on a machine without Secure Boot, although buying hardware without at least support for that hasn't been possible for several years now) • A v2.0 TPM module (Windows 10 didn't need any TPM) • A modern enough processor. So let's see about all three. ## A modern enough processor If your processor isn't modern enough to run Windows 11, then you can probably forget about it (unless you want to use qemu JIT compilation -- I dunno, probably not going to work, and also not worth it if it were). If it is, all you need is the "host-passthrough" setting in libvirt, which I've been using for a long time now. Since my laptop is less than two months old, that's not a problem for me. ## A TPM 2.0 module My Windows 10 VM did not have a TPM configured, because it wasn't needed. Luckily, a quick web search told me that enabling that is not hard. All you need to do is: • Install the swtpm and swtpm-tools packages • Adding the TPM module, by adding the following XML snippet to your VM configuration: <devices> <tpm model='tpm-tis'> <backend type='emulator' version='2.0'/> </tpm> </devices> Alternatively, if you prefer the graphical interface, click on the "Add hardware" button in the VM properties, choose the TPM, set it to Emulated, model TIS, and set its version to 2.0. You're done! Well, with this part, anyway. Read on. ## Secure boot Here is where it gets interesting. My Windows 10 VM was old enough that it was configured for the older i440fx chipset. This one is limited to PCI and IDE, unlike the more modern q35 chipset (which supports PCIe and SATA, and does not support IDE nor SATA in IDE mode). There is a UEFI/Secure Boot-capable BIOS for qemu, but it apparently requires the q35 chipset, Fun fact (which I found out the hard way): Windows stores where its boot partition is somewhere. If you change the hard drive controller from an IDE one to a SATA one, you will get a BSOD at startup. In order to fix that, you need a recovery drive. To create the virtual USB disk, go to the VM properties, click "Add hardware", choose "Storage", choose the USB bus, and then under "Advanced options", select the "Removable" option, so it shows up as a USB stick in the VM. Note: this takes a while to do (took about an hour on my system), and your virtual USB drive needs to be 16G or larger (I used the libvirt default of 20G). There is no possibility, using the buttons in the virt-manager GUI, to convert the machine from i440fx to q35. However, that doesn't mean it's not possible to do so. I found that the easiest way is to use the direct XML editing capabilities in the virt-manager interface; if you edit the XML in an editor it will produce error messages if something doesn't look right and tell you to go and fix it, whereas the virt-manager GUI will actually fix things itself in some cases (and will produce helpful error messages if not). What I did was: • Take backups of everything. No, really. If you fuck up, you'll have to start from scratch. I'm not responsible if you do. • Go to the Edit->Preferences option in the VM manager, then on the "General" tab, choose "Enable XML editing" • Open the Windows VM properties, and in the "Overview" section, go to the "XML" tab. • Change the value of the machine attribute of the domain.os.type element, so that it says pc-q35-7.0. • Search for the domain.devices.controller element that has pci in its type attribute and pci-root in its model one, and set the model attribute to pcie-root instead. • Find all domain.devices.disk.target elements, setting their dev=hdX to dev=sdX, and bus="ide" to bus="sata" • Find the USB controller (domain.devices.controller with type="usb", and set its model to qemu-xhci. You may also want to add ports="15" if you didn't have that yet. • Perhaps also add a few PCIe root ports: <controller type="pci" index="1" model="pcie-root-port"/> <controller type="pci" index="2" model="pcie-root-port"/> <controller type="pci" index="3" model="pcie-root-port"/> I figured out most of this by starting the process for creating a new VM, on the last page of the wizard that pops up selecting the "Modify configuration before installation" option, going to the "XML" tab on the "Overview" section of the new window that shows up, and then comparing that against what my current VM had. Also, it took me a while to get this right, so I might have forgotten something. If virt-manager gives you an error when you hit the Apply button, compare notes against the VM that you're in the process of creating, and copy/paste things from there to the old VM to make the errors go away. As long as you don't remove configuration that is critical for things to start, this shouldn't break matters permanently (but hey, use your backups if you do break -- you have backups, right?) OK, cool, so now we have a Windows VM that is... unable to boot. Remember what I said about Windows storing where the controller is? Yeah, there you go. Boot from the virtual USB disk that you created above, and select the "Fix the boot" option in the menu. That will fix it. Ha ha, only kidding. Of course it doesn't. I honestly can't tell you everything that I fiddled with, but I think the bit that eventually fixed it was where I chose "safe mode", which caused the system to do a hickup, a regular reboot, and then suddenly everything was working again. Meh. Don't throw the virtual USB disk away yet, you'll still need it. Anyway, once you have it booting again, you will now have a machine that theoretically supports Secure Boot, but you're still running off an MBR partition. I found a procedure on how to convert things from MBR to GPT that was written almost 10 years ago, but surprisingly it still works, except for the bit where the procedure suggests you use diskmgmt.msc (for one thing, that was renamed; and for another, it can't touch the partition table of the system disk either). The last step in that procedure says to restart your computer!, which is fine, except at this point you obviously need to switch over to the TianoCore firmware, otherwise you're trying to read a UEFI boot configuration on a system that only supports MBR booting, which obviously won't work. In order to do that, you need to add a loader element to the domain.os element of your libvirt configuration: <loader readonly="yes" type="pflash">/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader> When you do this, you'll note that virt-manager automatically adds an nvram element. That's fine, let it. I figured this out by looking at the documentation for enabling Secure Boot in a VM on the Debian wiki, and using the same trick as for how to switch chipsets that I explained above. Okay, yay, so now secure boot is enabled, and we can install Windows 11! All good? Well, almost. I found that once I enabled secure boot, my display reverted to a 1024x768 screen. This turned out to be because I was using older unsigned drivers, and since we're using Secure Boot, that's no longer allowed, which means Windows reverts to the default VGA driver, and that only supports the 1024x768 resolution. Yeah, I know. The solution is to download the virtio-win ISO from one of the links in the virtio-win github project, connecting it to the VM, going to Device manager, selecting the display controller, clicking on the "Update driver" button, telling the system that you have the driver on your computer, browsing to the CD-ROM drive, clicking the "include subdirectories" option, and then tell Windows to do its thing. While there, it might be good to do the same thing for unrecognized devices in the device manager, if any. So, all I have to do next is to get used to the completely different user interface of Windows 11. Sigh. Oh, and to rename the "w10" VM to "w11", or some such. Maybe. ### 15:49 Fuzz testing is the process of supplying a program with random inputs and watching to see what breaks; it has been responsible for the identification of vast numbers of bugs in recent years — and the fixing of many of them. Developers generally appreciate bug reports, but they can sometimes be a bit less enthusiastic about a flood of reports from automated fuzzing systems. A recent discussion around filesystem fuzzing highlighted two points of view on whether the current fuzz-testing activity is a good thing. Twitter accidentally exposed the personal information—including phone numbers and email addresses—for 5.4 million accounts. And someone was trying to sell this information. In January 2022, we received a report through our bug bounty program of a vulnerability in Twitter’s systems. As a result of the vulnerability, if someone submitted an email address or phone number to Twitter’s systems, Twitter’s systems would tell the person what Twitter account the submitted email addresses or phone number was associated with, if any. This bug resulted from an update to our code in June 2021. When we learned about this, we immediately investigated and fixed it. At that time, we had no evidence to suggest someone had taken advantage of the vulnerability. In July 2022, we learned through a press report that someone had potentially leveraged this and was offering to sell the information they had compiled. After reviewing a sample of the available data for sale, we confirmed that a bad actor had taken advantage of the issue before it was addressed. This includes anonymous accounts. This comment has it right: So after forcing users to enter a phone number to continue using twitter, despite twitter having no need to know the users phone number, they then leak the phone numbers and associated accounts. Great. But it gets worse… After being told of the leak in January, rather than disclosing the fact millions of users data had been open for anyone who looked, they quietly fixed it and hoped nobody else had found it. It was only when the press started to notice they finally disclosed the leak. That isn’t just one bug causing a security leak—it’s a chain of bad decisions and bad security culture, and if anything should attract government fines for lax data security, this is it. Twitter’s blog post unhelpfully goes on to say: If you operate a pseudonymous Twitter account, we understand the risks an incident like this can introduce and deeply regret that this happened. To keep your identity as veiled as possible, we recommend not adding a publicly known phone number or email address to your Twitter account. ### 15:35 Barriers are important on ARM-family systems because it has a weak memory model compared to the x86 series that most people are familiar with. We start with the explicit barrier instructions: dmb ish ; data memory barrier dsb ish ; data synchronization barrier isb sy ; instruction synchronization barrier The data memory barrier ensures that all preceding writes are issued before any subsequent memory operations (including speculative memory access). In acquire/release terms, it is a full barrier. The instruction does not stall execution; it just tells the memory controller to preserve externally-visible ordering. This is probably the only barrier you will ever seen in user-mode code. The data synchronization barrier is a data memory barrier, but with the additional behavior of stalling until all outstanding writes have completed. This is typically used before changing memory mappings, such as during context switches, to ensure that any outstanding writes complete to the original memory before it gets unmapped. The instruction synchronization barrier flushes instruction prefetch. This is typically used if you have generated new code, say by jitting it or paging it in from disk. All of these barrier instructions take a parameter known as the synchronization domain. In practice, they will be the values I gave in the examples above. There are some other niche barriers like the “consumption of speculative data barrier” (CSDB) and “physical speculative store bypass barrier” (PSSBB), which I won’t bother going into because you’re not going to see them. By default, the memory access instructions do not impose any special ordering. But there are variations that let you request acquire or release semantics. We saw the general pattern in the bonus chatter last time: • A – perform the load with acquire semantics • L – perform the store with release semantics • AL – perform the load with acquire semantics and the store with release semantics The AL version applies only to load-modify-store instructions, which are all optional. But the acquire load and release store are supported by all processors. ; load acquire ldarb Wt/zr, [Xn/sp] ; byte ldarh Wt/zr, [Xn/sp] ; halfword ldar Rt/zr, [Xn/sp] ; word or doubleword ; no register-pair version ; load acquire exclusive ldaxrb Wt/zr, [Xn/sp] ; byte ldaxrh Wt/zr, [Xn/sp] ; halfword ldaxr Wt/zr, [Xn/sp] ; word or doubleword ldaxp Rt/zr, [Xn/sp] ; pair ; store release stlrb Ws/zr, Wt/zr, [Xn/sp] ; byte stlrh Ws/zr, Wt/zr, [Xn/sp] ; halfword stlr Rs/zr, Wt/zr, [Xn/sp] ; word or doubleword ; no register-pair version ; store release exclusive stlxrb Ws/zr, Wt/zr, [Xn/sp] ; byte stlxrh Ws/zr, Wt/zr, [Xn/sp] ; halfword stlxr Ws/zr, Wt/zr, [Xn/sp] ; word or doubleword stlxp Rs/zr, Wt/zr, [Xn/sp] ; pair These special acquire and release versions are handy in the load-locked/store-conditional pattern because they reduce the need for issue explicit barriers. Here’s how the gcc compiler generates the code: ; sequential consistency interlocked increment and ; acquire-release interlocked increment @@: ldaxr w8, [x0] ; load acquire from x0 add w8, w8, 1 ; increment stlxr w9, w8, [x0] ; store it back with release cbnz @B ; if failed, try again ; acquire-only interlocked increment @@: ldaxr w8, [x0] ; load acquire from x0 add w8, w8, 1 ; increment stxr w9, w8, [x0] ; store it back (no release) cbnz @B ; if failed, try again ; release-only interlocked increment @@: ldxr w8, [x0] ; load (no acquire) from x0 add w8, w8, 1 ; increment stlxr w9, w8, [x0] ; store it back with release cbnz @B ; if failed, try again ; relaxed interlocked increment @@: ldxr w8, [x0] ; load from x0 add w8, w8, 1 ; increment stxr w9, w8, [x0] ; store it back cbnz @B ; if failed, try again On the other hand, the Microsoft compiler adds additional barriers: ; sequential consistency interlocked increment and ; acquire-release interlocked increment @@: ldaxr w8, [x0] ; load acquire from x0 add w8, w8, 1 ; increment stlxr w9, w8, [x0] ; store it back with release cbnz @B ; if failed, try again dmb ish ; memory barrier (?) ; acquire-only interlocked increment @@: ldaxr w8, [x0] ; load acquire from x0 add w8, w8, 1 ; increment stxr w9, w8, [x0] ; store it back cbnz @B ; if failed, try again dmb ish ; memory barrier (?) ; release-only interlocked increment @@: ldaxr w8, [x0] ; load acquire from x0 (?) add w8, w8, 1 ; increment stlxr w9, w8, [x0] ; store it back with release cbnz @B ; if failed, try again ; no-fence interlocked increment @@: ldxr w8, [x0] ; load from x0 add w8, w8, 1 ; increment stxr w9, w8, [x0] ; store it back cbnz @B ; if failed, try again Older versions of the Microsoft compiler used a spurious release on the stlxr when generating an acquire-only interlocked increment, but it appears to be fixed in 19.14. The spurious acquire on the release-only interlocked increment, and the mystery memory barrier instructions, are still there in 19.32. Not sure what the extra barriers are for. Maybe there’s something special about the Windows ABI that requires them? Maybe there’s some subtlety in the architecture that I’m not aware of? I don’t know. While I’m here, I may as well mention this other instruction that isn’t a barrier, but it’s closely related: ; prefetch memory prfm kind, [...] prfum kind, [...] ; force unscaled offset The addressing mode can include pre- and post-increment. The kind is a concatenation of a Type, Target, and Policy. Category Value Meaning Type PLD Prefetch for load PLI Prefetch instruction PLS Prefetch for store Target L1 L1 cache L2 L2 cache L3 L3 cache Policy KEEP Temporal (load into cache normally) STRM Streaming, non-temporal (data will be used only once) For example, PLDL3STRM means “Prefetch for load into L3 cache for one-time use.” The post The AArch64 processor (aka arm64), part 14: Barriers appeared first on The Old New Thing. Since people are sometimes slightly surprised that you can go onto a multi week trip with a smartphone running free sofware so only I wanted to share some impressions from my recent trip to Prizren/Kosovo to attend Debconf 22 using a Librem 5. It's a mix of things that happend and bits that got improved to hopefully make things more fun to use. And, yes, there won't be any big surprises like being stranded without the ability to do phone calls in this read because there weren't and there shouldn't be. After two online versions Debconf 22 (the annual Debian Conference) took place in Prizren / Kosovo this year and I sure wanted to go. Looking for options I settled for a train trip to Vienna, to meet there with friends and continue the trip via bus to Zagreb, then switching to a final 11h direct bus to Prizren. When preparing for the trip and making sure my Librem 5 phone has all the needed documents I noticed that there will be quite some PDFs to show until I arrive in Kosovo: train ticket, bus ticket, hotel reservation, and so on. While that works by tapping unlocking the phone, opening the file browser, navigating to the folder with the PDFs and showing it via evince this looked like a lot of steps to repeat. Can't we have that information on the Phone Shell's lockscreen? This was a good opportunity to see if the upcoming plugin infrastructure for the lock screen (initially meant to allow for a plugin to show upcoming events) was flexible enough, so I used some leisure time on the train to poke at this and just before I reached Vienna I was able to use it for the first time. It was the very last check of that ticket, it also was a bit of cheating since I didn't present the ticket on the phone itself but from phosh (the phones graphical shell) running on my laptop but still. This was possible since phosh is written in GTK and so I could just leverage evince's EvView. Unfortunately the hotel check in didn't want to see any documents ☹. For the next day I moved the code over to the Librem 5 and (being a bit nervous as the queue to get on the bus was quite long) could happily check into the Flixbus by presenting the barcode to the barcode reader via the Librem 5's lockscreen. When switching to the bus to Prizren I didn't get to use that feature again as we bought the tickets at a counter but we got a nice krem banana after entering the bus - they're not filled with jelly, but krem - a real Kosovo must eat!). Although it was a rather long trip we had frequent breaks and I'd certainly take the same route again. Here's a photo of Prizren taken on the Librem 5 without any additional postprocessing: What about seeing the conference schedule on the phone? Confy(a conferences schedule viewer using GTK and libhandy) to the rescue: Since Debian's confy maintainer was around too, confy saw a bunch of improvements over the conference. For getting around Puremaps(an application to display maps and show routing instructions) was very helpful, here geolocating me in Prizren via GPS: Puremaps currently isn't packaged in Debian but there's work onging to fix that (I used the flatpak for the moment). We got ourselves sim cards for the local phone network. For some reason mine wouldn't work (other sim cards from the same operator worked in my phone but this one just wouldn't). So we went to the sim card shop and the guy there was perfectly able to operate the Librem 5 without further explanation (including making calls, sending USSD codes to query balance, …). The sim card problem turned out to be a problem on the operator side and after a couple of days they got it working. We had nice, sunny weather about all the time. That made me switch between high contrast mode (to read things in bright sunlight) and normal mode (e.g. in conference rooms) on the phone quite often. Thankfully we have a ambient light sensor in the phone so we can make that automatic. See here for a video. Jathan kicked off a DebianOnMobile sprint during the conference where we were able to improve several aspects of mobile support in Debian and on Friday I had the chance to give a talk about the state of Debian on smartphones. pdf-presenter-console is a great tool for this as it can display the current slide together with additional notes. I needed some hacks to make it fit the phone screen but hopefully we figure out a way to have this by default. I had two great weeks in Prizren. Many thanks to the organizers of Debconf 22 - I really enjoyed the conference. ### 14:21 Security updates have been issued by Debian (gnutls28, libtirpc, postgresql-11, and samba), Fedora (microcode_ctl, wpebackend-fdo, and xen), Oracle (.NET 6.0, galera, mariadb, and mysql-selinux, and kernel), SUSE (dbus-1 and python-numpy), and Ubuntu (booth). ### 14:00 In July I was assigned 24 hours of work by Freexian's Debian LTS initiative. I worked 3 hours and will carry over the rest to August. In July, no Debian release was in LTS status. However, I spent some time finishing the DLA text for my upload of linux at the end of June. I also attended the LTS BoF at DebConf and the regular team meeting. ### 13:28 There's no real theme to be gleaned from this week's submissions, just the usual sort of things and a tiny serving of irony courtesy of Google. Undercover QA engineer Randy O. somehow provoked British Gas to refuse to quote him a meaningful fee. "I uploaded my meter readings to the British Gas website, and they updated my estimated bill," he explained. "When they want me to pay it I may just say NaH." And that's no lye. Randy's not the only one feeling the price pinch lately. Man Out Of Time Miles C. bemoans that he was born too late. "Video game prices have risen faster then anything in history. Dejected knowing I will never be able to buy this game." "Touché, Ring. Touché." congratulates Ryan S. , noting the subtle shade cast as Ring answers a question with ... another question. He archly explains "Of Course, if you can do it with the first gen, then why wouldn't you expect it with the 2nd gen? There are no stupid tautologies, just a lot of repetitive idiots." Long-suffering traveler Adam R. managed to find a spot of humor among the tears. "After my flight was first delayed by 6 hours, American Airlines then sent me this helpful email saying that my seat assignment had been changed...to the same seat. And no, there wasn't a change of planes either." At least you got an Error'd out of it, old bean. At last, the moment we've all been waiting for. One of the world's highest-volume spam facilitators has finally been nailed by gmail's algorithms. Sports Team follower (Infamously electrifying! says TicketMaster) Tim R. chortles "While going through my spam mail I was surprised to see that Gmail had identified an innocent email from a friend as potential spam, but more surprised at the reason - because it comes from notorious spammers GoogleMail." Somehow the image got truncated [Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how! ### 12:49 My personal definition of a brilliant idea is one that is immediately obvious once it’s explained, but no one has thought of it before. I can’t believe that no one has described this taxonomy of access control before Ittay Eyal laid it out in this paper. The paper is about cryptocurrency wallet design, but the ideas are more general. Ittay points out that a key—or an account, or anything similar—can be in one of four states: safe Only the user has access, loss No one has access, leak Both the user and the adversary have access, or theft Only the adversary has access. Once you know these states, you can assign probabilities of transitioning from one state to another (someone hacks your account and locks you out, you forgot your own password, etc.) and then build optimal security and reliability to deal with it. It’s a truly elegant way of conceptualizing the problem. ### 10:35 ### 10:07 Oppositional energy is easy to create and spread. Once you pick a ‘they’, then it’s simply a matter of doing the opposite of whatever ‘they’ recommend. It’s a lazy shortcut, one that divides, demonizes and causes us to suspend our instincts toward better. It works great in marketing a sports team, but it stops being helpful in most other arenas. Oppositional division is a magnet for grifters. A con-man, hustler, swindler or charlatan that can’t possibly do well with thoughtful scrutiny discovers that trolling and arguing is an easy way to bypass the normal examination of what’s actually on offer. It’s not just the patent medicine door-to-door salesperson who does this. It’s large trade associations, industrial lobbyists, pyramid schemers, technobabblers and others as well. Sooner or later, someone points out that there’s a grift going on. Hopefully, we see it before it’s too late. ### 08:35 New Comic: Clown Wars ### 08:28 ### 05:49 Current Story: Luna Deambulatio ### 05:42 *Global heating has caused ‘shocking’ changes in forests across the Americas, studies find.* Trees are advancing to the north, and dying or burning in the south. *Melting of the world's biggest ice sheet [the East Antarctic] would cause catastrophic sea level rise, but can be avoided with fast climate action.* *Inside Somalia’s vicious cycle of deforestation for charcoal.* Reportedly, al-Shabaab is trying to prohibit cutting trees with leaves, and having some success enforcing the prohibition by burning trucks caught carrying such wood. A democratic government might be able to enforce the rule with less brutality, but this may be better than nothing in the long term. In a world of growing scarcity, the long-term non-brutal solution is (1) decarbonization and (2) much fewer births. ISTR that Haiti has suffered for decades from a similar problem; nearly all the forests have been cut down. Colombia's new president Gustavo Petro declared that fighting the war on drugs has failed. but he means, fighting that war on Colombia's territory has failed. He's right about that. But he seems not to realize that fighting that war on US territory is equally a failure. "Strong measures that prevent consumption in developed societies" is not a solution to the problems caused by use of addictive drugs. We should put that war into a treatment program to get it off drugs. The corrupter said, "Only guilty people and mobsters plead the Fifth." This week, he did just that, while being questioned for a lawsuit. It's tempting to say, "He's guilty, or he's a mobster — he said so himself!" But it's wrong to say that, because the "rule" he cited was bullshit all along. To treat it as valid is to undermine the Fifth Amendment itself, and we must not do that. We have plenty of other reasons to believe that the corrupter is guilty of trying to overthrow the US government and seize power, as well as swindling in his fund-raising. Not yet proof that can put him away, though. To whip inflation in the US, we need to stop big businesses from raising prices from greed. The way I prefer is to break up the many large companies that have too big a share of whatever market. Rather than launch a lawsuit against each excessively large company, I recommend a tax system that raises the tax rate sharply as a company gets bigger, or as it gets a bigger share of each market. ### 05:28 The Girl Genius comic for Friday, August 12, 2022 has been posted. ### 03:56 The Stranger's evening news roundup. by Charles Mudede The West Seattle Bridge will open on the day the lord rested after creating the whole universe and everything in it, the seventh day of the week, that is Sunday—and this particular one falls on September 18. The bridge was closed over two years ago (nearly 900 days) when SDOT found cracks on it. The large and 40-year-old chunk of car infrastructure was crumbling like a cookie. Repairing it basically with cellotape [Eds note: steel cables] cost north of$170 million—it was initially supposed to be a $58 million job. When it reopens, cars will be free to get stuck in traffic again, resume liberating carbon without abandon on it again, and to continue grinding the only world we will ever know and could only exist in into the dust. 900 lightning strikes yesterday. And I saw not one of them. Zero. And I heard nothing, too. It was a cloudy day and not much else. It seems the thunderstorm preferred Tacoma and skipped Seattle. Is this another indication of our city's decline? All we get these days is just the bland stuff, like lots of rich people, one luxury apartment building after another, art fairs, and so on. No wonder Nikkita Oliver is leaving Seattle for Detroit. Motown gets them, and we are left with Sara Nelson. So Seattle. If you are sick but not fighting for your life, then don't bother going to Harborview Medical Center. Fox 13: "[T]he hospital is over capacity by about 150 patients and will have to stop admitting patients with less acute conditions." In short, Harborview is sending people with non-life threatening illnesses and injuries to St. Elsewhere. What is going on, Harborview? I think we can blame a bunch of it on America just giving up: "CDC Says Quarantine After Covid Exposure No Longer Necessary." Car chase one: "Two young adults that attempted to carjack a pizza delivery driver in Renton led police on a short pursuit where they crashed into a building, according to the Renton Police Department." Car chase two: "A burglary at a public storage building in Shoreline led to a pursuit and crash on Thursday morning, according to the King County Sheriff’s Office." Chase one and two are right now (5 pm) on KIRO 7's website. It reports both without at all questioning the logic or ultimate value of these presumably high-speed chases. One must keep in mind that the acceleration of an automobile adds more and more destructive power to it. I know. That's obvious. But I really think Americans have been trained only to think of speed as speed, and not as the accumulation of potentially explosive power. Imagine it this way. Imagine your car is not moving but instead simply sucking in energy that makes it larger and larger. And then finally it sinks into the ground. This is what speeding is, in fact. The future of Pike Place Market? Maybe this will stop the cars, finally. What happened today in the Trump Show? Well, Attorney General Merrick Garland, who authorized the "raid on Mar-a-Lago," decided to ask the judge to unseal the warrant, which Trump possesses but has not shared with the public. Trump has apparently benefited from speculation exploded by the fact that most of his supporters, which constitute a considerable part of the US population, are ignorant of the fact that he knows why his Florida place was searched. Garland decided to, as CNN legal analyst put it, "call Donald Trump's bluff." The general feeling is that this was a smart move, because it basically took the heat off the FBI and returned it to Trump, who may actually reject Garland's decision. He may actually demand the warrant remain sealed because that, at least, has the advantage of buying time. Indeed: And what was Merrick Garland looking for, anyway? Just some "classified documents relating to nuclear weapons," according to the Washington Post While Garland was running circles around Trump, the police in Ohio were engaged in a six-hour gun battle with a MAGA man who tried to attack the FBI in Cincinnati this morning. His name is Ricky Walter Shiffer. He participated in Jan 6. He is no longer among the living. Because my brother Gabriel Teodros is getting married to Ijeoma Oluo this weekend. Makorokoto to both of yous. Matt Braunger seems like a nice, relatable person. That doesn’t make him less funny. by Dave Segal A masterly storyteller with an expressive face and a voice adept at many impressions, Portland-raised stand-up and actor Matt Braunger is an expert at finding absurdity in mundane situations. Braunger seems like a nice, relatable person, which can be a drawback for a stand-up, but he succeeds through the nuts and bolts of timing, delivery, exceptional descriptive powers, and an unerring knack for extracting the funniest details from random encounters. Sure, the 48-year-old explores familiar topics like romantic relationships, the male ego, drinking problems, and drug trips gone awry. But some of his best bits have also tackled the authoritarian nature of nine-year-old girls, the Gin Blossoms’ ultimate white-privilege lyrics, locker-room etiquette, bathroom-door knocks, butt surgery, and the unfuckingbelievable hubris of Billy Joel’s “Piano Man.” Braunger’s television credits include performances on sketch shows like MADtv, he’s built a solid discography of comedy albums, and he’s showed up alongside almost every late-night show you could think of, from Conan to John Oliver’s New York Stand-Up Show. I caught up with Braunger by email before his two-night four-set run at Here-After on August 12-13. THE STRANGER: How did Portland shape your comedic sensibility? MATT BRAUNGER: I was lucky to grow up in Portland while it was still “weird” (i.e., bizarre art everywhere, real “characters” living there, an appreciation for all things alternative and non-mainstream), but had almost no hype or attention. To us, Seattle was the “cool” city in the PNW. I would randomly think, “I bet something cool is going on right now in Seattle” as a kid. Haha. Has Portlandia done more harm than good to the city’s reputation? You’d have to ask a local, as I haven’t lived there as a resident for so long. I moderated the Portlandia Q&A with Fred [Armisen] and Carrie [Brownstein] at SXSW one year, and that was a blast, but part of me wanted to go,“You guys aren’t even from there!!” But I love Fred and Carrie. I saw a T-shirt for a Portland band that had Ramblin’ Rod (who was like the Bozo the Clown of PDX) holding both their decapitated heads and grinning, which made me LOL. Overall, I don’t think the show hurt Portland. I thought the show was hilarious and the parodies were dead on. What is the most important catalyst for your humor? Just a funny memory or thought, that’s it. If it makes me laugh, I try it onstage. Sometimes it falls flat, and then I see if I want to try it again and again to get it to where it worked in my head. What topics will you never address in your act, and why? Or, to play devil's advocate, are taboo subjects for the spineless? I don’t do a lot of political stuff because I’m not great at it (I end up getting too mad), but I don’t think anything is off limits. You can say anything, you just have to make it funny. Here’s the rub: Not everybody can pull off a [blank] joke. It’s comedy. Funny is paramount. Are you trying to be funny or are you trying to be different/edgy? Usually the guys who bitch about “everybody’s too offended these days” are the most offended at stuff. What’s a richer source of humor—mundanity or profundity? I think the argument could be easily made for both. Profundity is what, Doc Ellis pitching a no-hitter on acid? Amazing and hilarious, but what is profundity, everyday life? Everyday life is just as horrifying and exhilarating, with the same level of stakes. You’re just not on a pitcher’s mound on national television. What’s your take on bodily function jokes? Lowest form of humor or universal bonding agent? Both? Are there fresh angles to be explored with them or should we flush them down the toilet forever? Bodily function jokes, to me, will always have a place in comedy. A hard fart in a quiet room full of people is gold. Google “Farting preacher” right now, and enjoy. Do you notice any difference in audiences from blue states versus red states? If so, what are they? Do you craft your sets differently for each? I'm thinking specifically about how your white privilege bits go down in red states, assuming you're still doing them. I don’t really change anything from place to place, and sometimes I get some crossed arms in the audience, but not much worse than that. Most people who go to comedy shows actually enjoy different viewpoints. I mean, that white privilege bit is about the Gin Blossoms guy singing “Tomorrow we can drive around this town, and LET THE COPS CHASE US AROUND.” Even the most “All Lives Matter” dingbat has to admit no Black person could ever sing that. Do you find it harder to create quality material now that you’re married and have a child than when you were single and on the prowl? Haha, not really. Maybe I was less precious with my material when I was a carousing every night, but back then I yelled a lot more, too. Man, did I yell. I think I was just lonely? You’ve done some sets on big late-night TV shows. What, if anything, can you reveal about those gigs that most people outside of comedy don’t know? I was the last guest of 2008 on The Late Show With David Letterman. I’m waiting to do my set, super nervous, and the booker says “Dave might have you over to the couch; do you have a funny story to tell him?” I rack my brain, come up with one. He laughs and says, “Okay, great, but do you have a backup?” What?!?! No, man! I’m trying to remember my TV jokes! David introduces me, I have a great set, and Dave calls me over. I tell my “Eggly Bagelface” story from growing up in Portland, and he loves it. He says goodnight, we wave, the cameras cut, and place goes dark and silent. A voice says “Everybody hold! David is leaving.” He stands, walks behind me, and extends a big hand. “You were very funny.” “Thank you.” He walks up some stairs and through a door that then shuts behind him. “All clear!” The lights come up. A producer runs over and says “Great job!” I’m escorted to a side door and walk into an empty, freezing alley covered in ice. The door slams behind me, and I’m cold and alone. THAT’S showbiz! Who’s your favorite comedian of all time? Who’s your favorite comedian working now? I need reasons, too. If I have to pick one, it’s Richard Pryor because he was the most nakedly human, which paved the way for all great modern stand-up comedy. Right now it’s a tie between Dave Attell and Dina Martina, because they both make me cry every time I see them. What’s the one widespread cliché about comics that rings truest to you? That we’re needy. As Dana Gould puts it, “You have to wonder about people who make a living by begging strangers for love.” Have you ever been heckled? If so, how did you deal with it? Negative heckling is really rare. The most common thing is people thinking if they yell stuff out it’s helping, but they’re just being destructive. Kind of like the villagers in Midsommar? I just good-naturedly talk them down or make fun of them in a fun way. I’m not the guy in videos “destroying” them. What can Seattle audiences expect at your Here-After sets? It’s a new hour of stories, weird thoughts, and confessions that are funny. My main thing is just not to waste anybody’s time. If I’m paying to see somebody, it better be fun. I’m fun. What's on your agenda for the near future? Making that day care money, baby! Oh, and promoting my new special, Doug, that comes out later this year. In a nutshell it's an absolutely silly/deeply personal special about a happily married new “older” father, culminating in the story of the time I met the worst guy ever, named “Doug” and how I'm determined to never be like him. I had an hour all ready to go right before the COVID lockdown, and a year later when I finally shot the special, I realized I’d thrown away at least half of it in exchange for what I got from a year of not doing comedy. Irony! ### 02:21 The Stranger's evening news roundup. by Charles Mudede The West Seattle Bridge will open on the day the lord rested after creating the whole universe and everything in it, the seventh day of the week, that is Sunday—and this particular one falls on September 18. The bridge was closed over two years ago (nearly 900 days) when SDOT found cracks on it. The large and 40-year-old chunk of car infrastructure was crumbling like a cookie. Repairing it basically with cellotape [Eds note: steel cables] cost north of$170 million—it was initially supposed to be a $58 million job. When it reopens, cars will be free to get stuck in traffic again, resume liberating carbon without abandon on it again, and to continue grinding the only world we will ever know and could only exist in into the dust. 900 lightning strikes yesterday. And I saw not one of them. Zero. And I heard nothing, too. It was a cloudy day and not much else. It seems the thunderstorm preferred Tacoma and skipped Seattle. Is this another indication of our city's decline? All we get these days is just the bland stuff, like lots of rich people, one luxury apartment building after another, art fairs, and so on. No wonder Nikkita Oliver is leaving Seattle for Detroit. Motown gets them, and we are left with Sara Nelson. So Seattle. If you are sick but not fighting for your life, then don't bother going to Harborview Medical Center. Fox 13: "[T]he hospital is over capacity by about 150 patients and will have to stop admitting patients with less acute conditions." In short, Harborview is sending people with non-life threatening illnesses and injuries to St. Elsewhere. What is going on, Harborview? I think we can blame a bunch of it on America just giving up: "CDC Says Quarantine After Covid Exposure No Longer Necessary." Car chase one: "Two young adults that attempted to carjack a pizza delivery driver in Renton led police on a short pursuit where they crashed into a building, according to the Renton Police Department." Car chase two: "A burglary at a public storage building in Shoreline led to a pursuit and crash on Thursday morning, according to the King County Sheriff’s Office." Chase one and two are right now (5 pm) on KIRO 7's website. It reports both without at all questioning the logic or ultimate value of these presumably high-speed chases. One must keep in mind that the acceleration of an automobile adds more and more destructive power to it. I know. That's obvious. But I really think Americans have been trained only to think of speed as speed, and not as the accumulation of potentially explosive power. Imagine it this way. Imagine your car is not moving but instead simply sucking in energy that makes it larger and larger. And then finally it sinks into the ground. This is what speeding is, in fact. The future of Pike Place Market? Maybe this will stop the cars, finally. What happened today in the Trump Show? Well, Attorney General Merrick Garland, who authorized the "raid on Mar-a-Lago," decided to ask the judge to unseal the warrant, which Trump possesses but has not shared with the public. Trump has apparently benefited from speculation exploded by the fact that most of his supporters, which constitute a considerable part of the US population, are ignorant of the fact that he knows why his Florida place was searched. Garland decided to, as CNN legal analyst put it, "call Donald Trump's bluff." The general feeling is that this was a smart move, because it basically took the heat off the FBI and returned it to Trump, who may actually reject Garland's decision. He may actually demand the warrant remain sealed because that, at least, has the advantage of buying time. Indeed: And what was Merrick Garland looking for, anyway? Just some "classified documents relating to nuclear weapons," according to the Washington Post While Garland was running circles around Trump, the police in Ohio were engaged in a six-hour gun battle with a MAGA man who tried to attack the FBI in Cincinnati this morning. His name is Ricky Walter Shiffer. He participated in Jan 6. He is no longer among the living. Because my brother Gabriel Teodros is getting married to Ijeoma Oluo this weekend. Makorokoto to both of yous. ### 01:35 Federal election regulators voted Thursday to allow Google to proceed with a plan to make it easier for campaign emails to bypass spam filters. Google’s proposal to run a pilot project changing the filters for political emails came after intense Republican criticism that spam filters were biased against conservatives, a charge the tech giant denies. In a sign of public disgust with spam, the Federal Election Commission received thousands of public comments urging it to deny the request. But a majority of the six-member commission decided that Google’s project did not constitute an improper in-kind political contribution that would violate federal campaign finance laws. This reminds me of Twitter admitting it won’t ban nazis because that would mean banning accounts of Republican politicians. I remember the days being biased against nazis was a good thing. Times sure do change. So, as part of RSoC 2022, I have been working on introducing Virtualization on Redox OS. This feature/technology is called Revirt and has wide-ranging consequences for Redox OS as a secure, well-designed, virtualizable and effective operating system. This is a big new addition to Redox OS. ### 01:28 Some creep ### 00:49 Local leaders announced a coalition to address King County's behavioral health crisis, but no one is sure exactly how much it will cost or who will foot the bill. by Will Casey This morning, King County Executive Dow Constantine convened a coalition of city, county, and state elected officials to announce their intention to address what they called a "crisis" of insufficient behavioral health care in the region. At the press conference, elected officials and service providers spoke about the urgent need to join forces to fund crisis care centers, residential care facilities for people struggling with mental illness, and to invest in the workforce needed to care for those patients. Constantine said those investments were badly needed, pointing out that more than 600 of the 1,530 people currently held in detention at King County's jail were involved in some form of behavioral health treatment. He also connected decades of insufficient funding for behavioral health to the rising homelessness crisis. According to Constantine, many of the 6,000 people the County categorizes as chronically homeless also struggle with untreated or under-treated behavioral health issues. Constantine emphasized the plight of people who have no place to go in a crisis, but he provided few detailed policy solutions, saying he'd announce those alongside his budget proposal for next year. The details he and other members of the coalition did provide centered on approaches that have failed us. King County Sheriff Patti Cole-Tindall acknowledged that arresting our way out of this behavioral health crisis wasn't an option. She said her office was "100% in support" of the coalition's effort and would adjust any of their operating procedures to accommodate whatever policies they propose. In the meantime, she said, her office will continue developing and implementing co-responder models to bring mental and behavioral health professionals along with deputies when responding to the increasing volume of 911 calls concerning someone in crisis. King County Councilmember Girmay Zahilay said the coalition's new policies will not reinvent the wheel. He referenced his summer tour of Arizona's crisis response system and said he believes the County could replicate many best practices from that system. In his view, the status quo of behavioral health care in King County is "inadequate, deadly, and only getting worse." Amid all the talk of "investments," no one could specify how much money the coalition will need to invest nor who would fork over the dough to do the investing. Leo Flor, director of King County's Department of Community and Human Services, said that the County already pays for this treatment, but it does so in the least effective and most expensive way possible. He explained that the county waits to treat behavioral health issues until someone in crisis reaches the emergency room or gets arrested, which costs far more than addressing peoples' needs before an emergency strikes. Simply using county jail funds to pay for the needed investments in behavioral health care isn't a viable strategy, according to Constantine, because it will take time to see results from investments. That means the County will need to find the money elsewhere. Of course, all of the 24/7 crisis care centers in the world won't help anyone if they don't have qualified staff to care for people once they arrive. Naomi Morris, a nurse who works with patients who have behavioral health issues, said that the industry struggles to retain workers because of low wages and stressful working conditions. As a result, she said the coalition plans to develop policies that will attract more qualified workers with more competitive pay and support for the trauma they endure on the job. State Representative Nicole Macri (D-Seattle) said that the state will have a role to play in implementing those policies. She said they could adjust the professional certifications the state issues to better match the kinds of workers who will succeed in this industry. Macri also discussed changing Medicaid billing codes for behavioral health services so that the state can extract the maximum amount of reimbursement from the federal government, which would in turn give service providers more funding to pay their workers higher wages. Notably absent from the gaggle of elected officials crowding the podium was Seattle City Attorney Ann Davison. Although a spokesperson from her office said in an email regarding The Stranger's coverage of the City Attorney's High Utilizer Initiative that Davison supports "housing and treatment models" that help people with mental illness who repeatedly commit low-level crimes, I did not see anyone from her office at the event. This presser would have presented the perfect opportunity for her to make the case that we can attribute a large portion of the disorder on Seattle's streets to decades of insufficient funding for behavioral health care, but, alas, no one from her office seized the chance to do so. I wrote to the office for comment but did not receive an immediate reply. I'll update if I hear back. ### 00:21 And, well, that’s pretty damn cool. Here’s the whole ballot of finalists, and at the bottom of that I’ll put in a link so you can go vote for whomever you like. 1. Best Science Fiction Novel Leviathan Falls by James S.A. Corey The Kaiju Preservation Society by John Scalzi Goliath: A Novel by Tochi Onyebuchi You Sexy Thing by Cat Rambo Shards of Earth by Adrian Tchaikovsky 2. Best Fantasy Novel (Including Paranormal) Age of Ash by Daniel Abraham Moon Witch, Spider King by Marlon James Light from Uncommon Stars by Ryka Aoki Nettle & Bone by T. Kingfisher Book of Night by Holly Black Jade Legacy by Fonda Lee 3. Best Young Adult / Middle Grade Novel Gallant by V.E. Schwab Akata Woman by Nnedi Okorafor A Dark and Starless Forest by Sarah Hollowell A Snake Falls to Earth by Darcie Little Badger Redemptor by Jordan Ifueko Iron Widow by Xiran Jay Zhao 4. Best Military Science Fiction or Fantasy Novel The Shattered Skies by John Birmingham A Call to Insurrection by David Weber, Timothy Zahn, Thomas Pope Citadel by Marko Kloos Backyard Starship by J.N. Chaney, Terry Maggert Against All Odds by Jeffery H. Haskell Resolute by Jack Campbell 5. Best Alternate History Novel She Who Became the Sun by Shelley Parker-Chan Invisible Sun by Charles Stross The Silver Bullets of Annie Oakley by Mercedes Lackey When Women Were Dragons by Kelly Barnhill The King’s Daughter by Vonda N. McIntyre 1637: Dr. Gribbleflotz and the Soul of Stoner by Kerryn Offord, Rick Boatright 6. Best Media Tie-In Novel Star Wars: The Fallen Star by Claudia Gray Star Wars: Thrawn Ascendancy: Lesser Evil by Timothy Zahn Star Trek: Coda: Oblivion’s Gate by David Mack Star Trek: Picard: Rogue Elements by John Jackson Miller Halo: Divine Wind by Troy Denning 7. Best Horror Novel The Final Girl Support Group by Grady Hendrix The Book of Accidents by Chuck Wendig The Death of Jane Lawrence by Caitlin Starling My Heart Is a Chainsaw by Stephen Graham Jones Hide by Kiersten White Revelatory by Daryl Gregory 8. Best Comic Book Devil’s Reign by Chip Zdarsky, Marco Checchetto King Conan by Jason Aaron, Mahmud Asrar Immortal X-Men by Kieron Gillen, Mark Brooks Step by Bloody Step by Simon Spurrier, Matías Bergara Twig by Skottie Young, Kyle Strahm Nightwing by Tom Taylor, Bruno Redondo 9. Best Graphic Novel Geiger by Geoff Johns, Gary Frank Bitter Root Volume 3 by David F. Walker, Chuck Brown, Sanford Greene, Sofie Dodgson Dune: House Atreides Volume 2 by Brian Herbert, Kevin J. Anderson, Dev Pramanik Wonder Woman Historia: The Amazons by Kelly Sue DeConnick, Phil Jimenez Monstress, Volume 6: The Vow by Marjorie Liu, Sana Takeda Saga by Brian K. Vaughan, Fiona Staples 10. Best Science Fiction or Fantasy TV Series Stranger Things, Netflix The Expanse, Amazon Star Trek: Strange New Worlds, Paramount+ Wheel of Time, Amazon For All Mankind, Apple TV+ Halo, Paramount+ The Boys, Amazon 11. Best Science Fiction or Fantasy Movie Dune by Denis Villeneuve Spider-Man: No Way Home by Jon Watts Doctor Strange in the Multiverse of Madness by Sam Raimi Ghostbusters: Afterlife by Jason Reitman The Adam Project by Shawn Levy Free Guy by Shawn Levy 12. Best Science Fiction or Fantasy PC / Console Game Elden Ring, Bandai Namco Entertainment Metroid Dread, Nintendo Destiny 2: The Witch Queen, Bungie Age of Empires IV, Xbox Game Studios Warhammer 40,000: Chaos Gate – Daemonhunters, Frontier Foundry Lost Ark, Amazon Games 13. Best Science Fiction or Fantasy Mobile Game Diablo Immortal, Blizzard Pokémon UNITE, The Pokémon Company Baba Is You, Hempuli Townscaper, Oskar Stålberg Alien: Isolation, Sega World of Demons, PlatinumGames 14. Best Science Fiction or Fantasy Board Game Ark Nova, Capstone Games Cascadia, Alderac Entertainment Group Return to Dark Tower, Restoration Games 7 Wonders Architects, Asmodee Alien: Fate of the Nostromo, Ravensburger Star Wars Outer Rim: Unfinished Business, Fantasy Flight Games 15. Best Science Fiction or Fantasy Miniatures / Collectible Card / Role-Playing Game The One Ring, Second Edition, Free League Publishing Thirsty Sword Lesbians, Evil Hat Productions Root: The RPG, Magpie Games Magic: The Gathering, Dungeons & Dragons: Adventures in the Forgotten Realms, Wizards of the Coast The Lord of the Rings: The Card Game – Revised Core Set, Fantasy Flight Games Magic: The Gathering, Innistrad: Crimson Vow, Wizards of the Coast Neat! Here’s the link to the Dragon Awards site, which itself features a link to how to register and vote in the awards. If you’d like to vote for Kaiju, nifty! If you’d prefer to vote for something else in my category, that’s cool too, they’re all very fine work and I’d be fine with any one of those works getting the nod. And if you nominated Kaiju for the Dragon Awards, thank you! I’m really pleased. — JS ## Thursday, 11 August ### 23:14 Tickets Going On Sale Friday, Aug 12 and More Event Updates by EverOut Staff Manchester dance-rock quartet The 1975 would love it if you made it to the Seattle date of their At Their Very Best tour. Dance floors will be ignited this fall with famed producers NGHTMRE, Peggy Gou, and SLANDER all dropping tour dates. Plus, college rock outfit The Lemonheads will also hit the road in celebration of their beloved 1992 album It’s a Shame About Ray. Read on for details on those and other newly announced events, plus some news you can use. Tickets go on sale at 10 am unless otherwise noted. ### ON SALE FRIDAY, AUG 12 MUSIC The 1975: At Their Very Best Tour WaMu Theater (Fri Dec 2) Conservative media picked up the story, YMCA employees began receiving threats, and now the entire facility has had to temporarily close due to threatening messages. by Matt Baume “She was just helping,” laments Beau Ohlgren, head of the Jefferson County Transgender Support Group. He’s referring to an 18-year-old employee of the YMCA’s Mountain View Pool in Port Townsend, a small town that lies northwest of Seattle across Puget Sound. Three weeks ago, that employee was doing her job of supervising a group of kids when a patron named Julie Jaman began to hurl increasingly aggressive transphobic remarks at her. Other employees told Jaman to leave, but she later returned to picket the facility. Conservative media picked up the story, people started threatening YMCA employees, and now the entire facility has had to temporarily close due to those threatening messages. The conflict aimed an uncomfortable spotlight on the nautical town of about 10,000 residents, where news headlines tend to focus on art fairs and gardening tips. As local leaders scramble to address the situation, community members have turned out in large numbers to support the YMCA employee, a college student pursuing a career in elementary education. “I had gotten a call on July 26, when the harassment occurred,” Ohlgren says. The YMCA manager told Ohlgren that Jaman heard the employee speak and decided that her voice was too "male." Jaman confronted the employee in a locker room, accused her of engaging in inappropriate behavior with the children, and asked invasive questions about her genitals. YMCA officials told the Port Townsend Leader that multiple employees were present, as their regulations require, and that there was no inappropriate behavior on the part of any YMCA staffer. The YMCA pool manager told Jaman to leave and suspended her membership. Following that, the manager contacted Ohlgren to double-check state requirements regarding accommodations. (Washington offers broad protections on the basis of sexual orientation and gender identity, and the state prohibits forms of harassment that include asking invasive, unwanted questions.) After speaking with the pool manager, Ohlgren couldn’t get the incident out of his mind. “I kept thinking about what a horrible experience that is, when someone is at the beginning of their transition process … to get screamed at about your genitals in a bathroom, that’s a number one nightmare for a lot of trans people,” he said. A few days after the incident, Ohlgren asked the YMCA if he could send the employee a care package, at which point he learned that the facility had been receiving threatening phone calls. He also learned that Jaman had returned to the YMCA with some friends to protest, bearing signs that misgendered the employee. “They were approaching everybody coming to and from the pool, saying ‘did you know there are men in the women’s bathroom, there needs to be a separate facility if trans people are going to use the facility,’” Ohlgren said. Barring people from facilities because they are trans violates state rules established by the Washington State Human Rights Commission. Sensing trouble, Ohgren called some friends and assembled a counter-protest to voice their support for the worker and the YMCA. He estimates that around a hundred people showed up, creating a positive, festive mood by bringing carnival games and hula hoops. “We just want this to not be a terrible place to work, thank you,” Ohlgren said. But that wasn’t the end of it. Over the next few days, national media took notice of the dispute, with right-wing influencers exploiting the situation to drive outrage. Threatening calls started pouring into the YMCA, prompting them to shut down the entire facility for several days, leaving many local families without child care services. In addition, numerous residents showed up at the August 1 city council meeting. Some voiced support for Jaman, and others supported the YMCA employee. In response, Port Townsend City Council is now considering a resolution affirming their support for transgender residents and inclusive policies. Council members are expected to discuss the resolution at their next meeting on Monday, August 15. If there’s a silver lining to the experience, it’s that supporters of the YMCA employee have given generously to a GoFundMe that she established five months ago to pay for transition-related care. Previously hovering at around$200, it’s now passed the $7,000 mark on the way to a goal of$25,000.

“What we’re trying to do is ensure that not only does she feel safe and supported, but that she feels valued in our community, and the entire trans community here in town feels safe and supported,” Ohlgren said.

### 22:35

Death Valley suffered flooding from unusual heavy rainfall. At least no homes were flooded, since nobody lives there.

A right-wing t-shirt company, which supports the corrupter, has been fined for fraudulently labeling its shirts "Made in the USA". In fact, they were made in China.

What else would you expect from people that support someone who boasts of lying.

Privatized water companies in Britain are profiteering while draining their customers. That's what privatizing a government service tends to do, and the Tories that did it probably were aiming for that result.

US citizens: phone your congresscritter and say to vote for the "Inflation reduction bill" (which includes climate defense, a little more tax on the rich, and reducing some medicine prices), which the Senate already passed.

The Capitol Switchboard number is +1-202-224-3121.

Amazon wants to purchase One Medical, a medical treatment company which holds lots of patients' medical records. And if it can purchase iRobot, which makes robot vacuum cleaners, it can collect data about the lives of the people who use them.

The corrupter could be put in prison for years for taking secret documents home, or for destroying them.

I don't understand why Risen proposes to involving the Espionage Act in this. That would be very dangerous, because it could legitimize the misuse of that law to prosecute whistleblowers.

Until the day we change that law to protect whistleblowers, whose "crime" is to tell the people about the state's actions, we must not lump them together with people like the corrupter who take secret documents in order to deny the state access to them and block it from functioning.

Phoenix, Arizona, is so hot that people doing nothing more than walk around are collapsing and need urgent rescue.

The abortion charges against Celeste Burgess and Jessica Burgess are based on a subpoena for their Facebook messages.

The only communication systems you can safely use to discuss abortion plans in the US now are those which do not save any record — either in a central server or in your own device.

China's communications about Taiwan are monomaniacal intimidation pretending to be friendship.

It's similar to coercive control, but on an international scale.

(satire) *Relieved [corrupter] Thought Mar-A-Lago Raid Was About All The Bodies.

If an Onion page appears blank, try disabling JavaScript entirely or telling LibreJS to blacklist all scripts on the page, then right-click and select the item "Reveal hidden HTML". Or use a browser such as lynx that doesn't implement JavaScript and CSS.

* Pentagon contractors operating in Afghanistan over the past two decades raked in nearly $108 billion—funds that "were distributed and spent with a significant lack of transparency," according to a report published Tuesday.* *AIPAC's New Political Strategy: Spend Millions on Elections Without Mentioning Israel.* *With Antitrust Bills Stalled, Watchdogs Demand Schumer Disclose Big Tech Donations.* They suspect him of being paid to block those bills from getting a vote. (satire) Reminding would-be mass shooters that it has become old hat, and people would hardly even remember their names. If an Onion page appears blank, try disabling JavaScript entirely or telling LibreJS to blacklist all scripts on the page, then right-click and select the item "Reveal hidden HTML". Or use a browser such as lynx that doesn't implement JavaScript and CSS. Proposing credit card companies warn when someone orders large supplies of guns and ammunition. I think this is a good idea. The interference with privacy would be very narrow, and little by comparison with the things we are fighting against. *Biden Administration Plans for Legal Psychedelic Therapies Within Two Years.* We must expect Republicans to demonize this with lies and exaggerations. FBI agents searched the corrupter's home at Mar-a-Lago, looking for secret government papers he was not allowed to remove from the files. Naturally they had to look inside his safe, but if "breaking in" implies damaging the safe, that was gratuitous. Thugs often cause gratuitous damage to people when they search. and many of those people aren't rich like the corrupter and can't shrug off the cost of those damages They should have given him — and anyone whose premises they search — the chance to open things for them and avoid damage. However, there is no reason to suppose he was honest about this. (He's not usually honest.) Maybe the safe was opened without damaging it. *Emmett Till: woman whose accusation led to [his] lynching will not be charged.* I think this verdict was inevitable. If her story is true, it implies she is not responsible for the murder of Emmet Till. If she is lying, she might be co-responsible in some way, but there is no evidence about what it may have been, let alone any proof. The people who really should have been convicted of murder were the people who killed him. They were acquitted by a racist jury. If that were to happen today, the murderers would face federal civil rights charges, as well as state charges. The conviction of Ahmaud Arbery's killers suggests that the US has learned to be less racist in its justice than it was in 1955. Maybe some day it will learn to be even less racist. ### 22:00 THE TAO OF IGOR is available now, at the DORK STORE! Help keep DORK TOWER going! Join our Patreon community, and ENLIST IN THE ARMY OF DORKNESS TODAY! Want this or any DORK TOWER strip as a signed, hight-quality print? Now available! LOOKIE HERE! ### 20:07 Family members who have lost loved ones to police violence hope a new statewide oversight agency will end the practice of police investigating police. by Will Casey Charleena Lyles. John T. Williams. Manny Ellis. More than two years after thousands flooded streets across Washington to #SayTheirNames, police accountability advocates are finally seeing the state’s response to their demands for impartial investigations of cops who kill on the job. Last week, the skeleton crew of employees staffing Washington’s new Office of Independent Investigations (OII) finally moved into their offices. The agency, while off to a slower start than initially projected, represents a first-in-the-nation victory for survivors of police violence. Once the department hires its remaining key staff members and finalizes its operating protocols, it will stand as the only statewide agency in America that investigates cops when they use deadly force, rather than allowing local departments to investigate their own. Eventually, the OII will conduct those investigations using entirely civilian teams, ending the practice of police investigating police. The families who have lost loved ones to police violence hope the agency will lead to more killer cops facing criminal charges for that behavior, but some restrictions on the agency’s authority could thwart those hopes. ## It’s Better Than Seattle’s Police Oversight System Leslie Cushman, spokesperson for the Washington Coalition for Police Accountability, a group composed of police violence survivors who lobbied the state to create the agency, said the Coalition’s focus on impartial investigations grew from their experience crafting parts of the 2017 statewide accountability initiative I-940, which passed the following year. That initiative attempted to prevent police departments from investigating their own officers in excessive use of force cases, a practice that creates an appearance of corruption that erodes public confidence, Cushman says. Even though the I-940 regulations required police departments to tap an outside agency to handle those investigations, they frequently resorted to calling on neighboring departments, where investigators may still socialize with the cops they’re investigating. The OII will change that dynamic…eventually. While the new agency will begin its work with teams led by former cops, the new law gives the OII five years to train an entirely civilian workforce of qualified investigators to staff its five regional teams based across the state. The idea of well-trained civilian investigators drew opposition from the Washington Association of Sheriffs and Police Chiefs (WASPC) as the bill to establish the OII wound its way through the Legislature. In a committee meeting, James McMahan, policy director for WASPC, expressed his organization’s concern that the agency would allow civilians to “conduct complex homicide investigations,” and that doing so could compromise the ability to prosecute based on those investigations. Those concerns might be worth taking seriously if our current system of investigating killer cops regularly produced prosecutions for those deaths, but the lack of such prosecutions is the whole reason advocates lobbied to create the OII in the first place. Now that the agency exists, WASPC’s executive director Steven Strachan said in a statement that the cops “look forward” to working with the OII. The OII is still working out the details of how it will train those investigators, but, in the near term, an experienced homicide investigator will lead all of its investigation teams. The office will use those senior investigators with law enforcement experience to teach their civilian counterparts best practices for homicide investigations, but the training will also include material on how to approach the agency’s work with an awareness of the institutional racism of America’s police departments. Cushman said the Coalition gave the agency several recommendations for anti-racism trainings, and they will remain involved in helping the OII develop those programs. Aside from eventually hiring civilian investigators, the OII also differs from local agencies like Seattle’s Office of Police Accountability (OPA) in its basic structure. Unlike the OPA, the statewide agency has no direct connection to any specific police department, and it purely focuses on criminal investigations. That means local police unions cannot bargain to restrict the agency’s access to cops in the aftermath of a killing, as the Seattle Police Officers Guild contract does with OPA’s investigations, or otherwise compromise the OII’s investigatory authority. Another key innovation in the OII’s design: an internal watchdog board. On a monthly basis, this group will meet with agency director Roger Rogoff, the former King County Superior Court judge that Governor Jay Inslee picked to run the place. The board consults with the director as he designs the agency’s policies and protocols, and it has specific power to veto the hiring of former law enforcement officers. By way of contrast, Seattle’s Community Police Commission gathers public feedback on police performance and then relays it to the OPA, but it doesn’t play a formal role within the oversight agency, nor does it have guaranteed access to its leadership. Sonia Joseph, who got involved with the Washington Coalition for Police Accountability after a Kent police officer shot and killed her son, highlighted another important difference in how OII will operate. She’s excited about the OII hiring a victim services liaison as part of every regional team, so that other parents won’t experience the trauma she endured when she had to turn to the news to learn of developments in the investigation into her son’s death. Instead, OII’s liaisons will proactively communicate with victims’ families at each stage of the investigation. ## Some Challenges to the Agency’s Authority Remain Despite this overall “honeymoon” phase of public reception that Director Rogoff described for me in an interview at the OII’s offices, the agency does face some structural challenges. The law that created the agency exempted police departments currently subject to federal supervision, so the OII can’t investigate Seattle Police Department officers until a federal judge ends the consent decree. Rogoff told me he’s been in contact with leadership at SPD and at Seattle’s oversight agencies to make sure they’re prepared to cooperate with OII investigations once the decree ends, as OII will immediately gain jurisdiction over SPD as soon as that happens. The other gap in the OII’s authority is its lack of charging authority in the cases it investigates. Currently, it can only make recommendations for prosecution to local prosecutors, who may have some of the same conflicts of interest as local investigators. Fixing that rather large issue is the next top priority for Cushman and the Washington Coalition for Police Accountability. Right now, they’re working on a bill to create a statewide Office of Independent Prosecution. That office would act as a companion agency to the OII, eliminating the conflicts of interest that Cushman blames for many police officers who use deadly force but then get off without facing criminal charges. With both agencies in place to ensure consequences for unjustified killing on the job, Cushman said her group is optimistic that cops will change the way they view the use of deadly force. Those advocates count Director Rogoff as an ally in that work as well. Rogoff told me he’s not particular about how the State Legislature designs the office, but having a prosecutor without ties to any specific police department is “incredibly important” to the success of his agency. According to Lyn Idahosa, a founding member of Washington for Black Lives who is also working on the push for an independent prosecutor, having the support of agency leadership is unusual and will be a big help in lobbying efforts next session. In a phone interview, she said that her main concern for getting an independent prosecutor bill through the State Legislature next spring is the lack of urgency. In her view, the amount of public pressure created by the 2020 protests motivated elected officials to take action to stand up the OII, but she doesn’t want it to take another tragedy to get other necessary reforms through Olympia. In the meantime, both Rogoff and the advocates who worked for years to create the OII stressed patience as the agency works to carefully vet its inaugural hires and to build credibility among the public and police departments. In their view, having a truly independent, thorough, and impartial oversight agency for Washington’s cops will be worth the wait. ### 20:00 First, this one is called “Deep in your heart there is a sunlight so hot that it makes you love people. That’s why you love people,” and its inspiration is a little poem my daughter wrote on her sixth birthday. I gave the whole poem to the AI art generator Midjourney as a prompt, and this is one of the things it came up with. It’s certainly evocative. Since Midjourney, Dall-E and other AI art generators have come online, there’s been a bit of a freakout from actual artists/illustrators about what this means for their livelihoods. While my own prognostication skills are dubious at best, and I would never tell anyone not to be concerned about the creative sector they work in when new technology surfaces, in my experience of using several of these AI art generators over the last few weeks, I’m not sure I see them replacing human illustrators to any great extent any time soon. This is for several reasons: 1. Specificity and intentionality: One can prompt an AI art generator in the direction one wants them to go, but ultimately you get what you get with them, unless you really want to devote a lot of time to art directing the thing. It’s still easier to communicate what you want to an actual human and get an exact result, than to go through 25 iterations of an idea and hope the AI finally gets what you want, without messing up anything else. 2. Detail: Most of the images I get out of AI art generators are of a level that I would call “cool rough draft,” which is to say, there’s enough there that you see where it’s going, but the detail level isn’t there, and what detail is there is wonky. This is most notable with human facial features, and shapes of distinct animals and other natural objects. If I were wanting to make the image above into an actual piece of art, I’d hand it over to an artist to get it to a level I would considered finished. I think at this point AI art generation is a handy way to sketch ideas and concepts, and for someone like me would make it easier to let an actual artist know some of what I was thinking. But the handoff to an actual artist would still need to take place. 3. Sameness: Having played with several AI generators now, I can say it seems each has what I would call a “house style.” Midjourney, which is the one I’ve played with the most, has a distinctly “arty” and “moody” style that I think I would call Emo DeviantArt. I like it! But I also know, barring very specific instruction, what I’m going to get out of Midjourney when I give it a prompt. Which means even two weeks in I’m getting the feeling I know its default bag of tricks. Humans also have their own styles, to be sure, but also more flexibility. Human work feels, how to put it, less programmatic. AI will get better at generating art — the amount to which it is better now, at effectively its second generation, from its first generation, is a really actually impressive — but I suspect it’s going to keep bumping up on these problems, because “AI” isn’t actually intelligent in way a human is, which will continue to give humans an advantage on generating art other humans actually want. What I suspect is going to happen is that human artists will start incorporating AI art generation into their tool box, and that very rapidly; if AI can, for example, quickly generate a background cloudscape that is consistent with that artist’s style and intent, which that artist can then tweak to suit their needs, why wouldn’t they do that? Saves time and the final work is still under the direction of a human brain. Likewise, in the next generation of artists will be some who can’t draw to save their lives but who are maestros of prompting art generators to give them things that no one else can get out of those generators. And for people like me, who have very little visual art talent, these AI art generators will let us play a bit and perhaps will spur creativity in other directions. I’ve already created some images that I want to write stories for, or which have at least have ideas popping into my head. Will anything come of those? Maybe, maybe not, but it’s nice to feel the creative ferment they help create. So, no, I don’t suspect AI art generation is the end of human artistry. It’s another tool we can use, and I think it will be interesting to see what happens with it as we go along. This one is called “I Will Meet You By the Witness Tree,” prompted by a lyric from the Robbie Robertson song “Broken Arrow.” — JS ### 19:35 Image: Shutterstock. A cybersecurity firm says it has intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. The firm’s analysis of the data suggests it corresponds to current and former customers of AT&T. The telecommunications giant stopped short of saying the data wasn’t theirs, but it maintains the records do not appear to have come from its systems and may be tied to a previous data incident at another company. Milwaukee-based cybersecurity consultancy Hold Security said it intercepted a 1.6 gigabyte compressed file on a popular dark web file-sharing site. The largest item in the archive is a 3.6 gigabyte file called “dbfull,” and it contains 28.5 million records, including 22.8 million unique email addresses and 23 million unique SSNs. There are no passwords in the database. Hold Security founder Alex Holden said a number of patterns in the data suggest it relates to AT&T customers. For starters, email addresses ending in “att.net” accounted for 13.7 percent of all addresses in the database, with addresses from SBCGLobal.net and Bellsouth.net — both AT&T companies — making up another seven percent. In contrast, Gmail users made up more than 30 percent of the data set, with Yahoo addresses accounting for 24 percent. More than 10,000 entries in the database list “none@att.com” in the email field. Hold Security found these email domains account for 87% of all domains in the data set. Nearly 21% belonged to AT&T customers. Holden’s team also examined the number of email records that included an alias in the username portion of the email, and found 293 email addresses with plus addressing. Of those, 232 included an alias that indicated the customer had signed up at some AT&T property; 190 of the aliased email addresses were “+att@”; 42 were “+uverse@,” an oddly specific reference to a DirecTV/AT&T entity that included broadband Internet. In September 2016, AT&T rebranded U-verse as AT&T Internet. According to its website, AT&T Internet is offered in 21 states, including Alabama, Arkansas, California, Florida, Georgia, Indiana, Kansas, Kentucky, Louisiana, Michigan, Missouri, Nevada, North Carolina, Ohio, Oklahoma, Tennessee, Texas and Wisconsin. Nearly all of the records in the database that contain a state designation corresponded to those 21 states; all other states made up just 1.64 percent of the records, Hold Security found. Image: Hold Security. The vast majority of records in this database belong to consumers, but almost 13,000 of the entries are for corporate entities. Holden said 387 of those corporate names started with “ATT,” with various entries like “ATT PVT XLOW” appearing 81 times. And most of the addresses for these entities are AT&T corporate offices. How old is this data? One clue may be in the dates of birth exposed in this database. There are very few records in this file with dates of birth after 2000. “Based on these statistics, we see that the last significant number of subscribers born in March of 2000,” Holden told KrebsOnSecurity, noting that AT&T requires new account holders to be 18 years of age or older. “Therefore, it makes sense that the dataset was likely created close to March of 2018.” There was also this anomaly: Holden said one of his analysts is an AT&T customer with a 13-letter last name, and that her AT&T bill has always had the same unique misspelling of her surname (they added yet another letter). He said the analyst’s name is identically misspelled in this database. KrebsOnSecurity shared the large data set with AT&T, as well as Hold Security’s analysis of it. AT&T ultimately declined to say whether all of the people in the database are or were at some point AT&T customers. The company said the data appears to be several years old, and that “it’s not immediately possible to determine the percentage that may be customers.” “This information does not appear to have come from our systems,” AT&T said in a written statement. “It may be tied to a previous data incident at another company. It is unfortunate that data can continue to surface over several years on the dark web. However, customers often receive notices after such incidents, and advice for ID theft is consistent and can be found online.” The company declined to elaborate on what they meant by “a previous data incident at another company.” But it seems likely that this database is related to one that went up for sale on a hacker forum on August 19, 2021. That auction ran with the title “AT&T Database +70M (SSN/DOB),” and was offered by ShinyHunters, a well-known threat actor with a long history of compromising websites and developer repositories to steal credentials or API keys. Image: BleepingComputer ShinyHunters established the starting price for the auction at$200,000, but set the “flash” or “buy it now” price at $1 million. The auction also included a small sampling of the stolen information, but that sample is no longer available. The hacker forum where the ShinyHunters sales thread existed was seized by the FBI in April, and its alleged administrator arrested. But cached copies of the auction, as recorded by cyber intelligence firm Intel 471, show ShinyHunters received bids of up to$230,000 for the entire database before they suspended the sale.

“This thread has been deleted several times,” ShinyHunters wrote in their auction discussion on Sept. 6, 2021. “Therefore, the auction is suspended. AT&T will be available on WHM as soon as they accept new vendors.”

The WHM initialism was a reference to the White House Market, a dark web marketplace that shut down in October 2021.

“In many cases, when a database is not sold, ShinyHunters will release it for free on hacker forums,” wrote BleepingComputer’s Lawrence Abrams, who broke the news of the auction last year and confronted AT&T about the hackers’ claims.

AT&T gave Abrams a similar statement, saying the data didn’t come from their systems.

“When asked whether the data may have come from a third-party partner, AT&T chose not to speculate,” Abrams wrote. “‘Given this information did not come from us, we can’t speculate on where it came from or whether it is valid,'” AT&T told BleepingComputer.

Asked to respond to AT&T’s denial, ShinyHunters told BleepingComputer at the time, “I don’t care if they don’t admit. I’m just selling.”

On June 1, 2022, a 21-year-old Frenchman was arrested in Morocco for allegedly being a member of ShinyHunters. Databreaches.net reports the defendant was arrested on an Interpol “Red Notice” at the request of a U.S. federal prosecutor from Washington state.

Databreaches.net suggests the warrant could be tied to a ShinyHunters theft in May 2020, when the group announced they had exfiltrated 500 GB of Microsoft’s source code from Microsoft’s private GitHub repositories.

“Researchers assess that Shiny Hunters gained access to roughly 1,200 private repositories around March 28, 2020, which have since been secured,” reads a May 2020 alert posted by the New Jersey Cybersecurity & Communications Integration Cell, a component within the New Jersey Office of Homeland Security and Preparedness.

“Though the breach was largely dismissed as insignificant, some images of the directory listing appear to contain source code for Azure, Office, and some Windows runtimes, and concerns have been raised regarding access to private API keys or passwords that may have been mistakenly included in some private repositories,” the alert continues. “Additionally, Shiny Hunters is flooding dark web marketplaces with breached databases.”

Last month, T-Mobile agreed to pay $350 million to settle a consolidated class action lawsuit over a breach in 2021 that affected 40 million current and former customers. The breach came to light on Aug. 16, 2021, when someone starting selling tens of millions of SSN/DOB records from T-Mobile on the same hacker forum where the ShinyHunters would post their auction for the claimed AT&T database just three days later. T-Mobile has not disclosed many details about the “how” of last year’s breach, but it said the intruder(s) “leveraged their knowledge of technical systems, along with specialized tools and capabilities, to gain access to our testing environments and then used brute force attacks and other methods to make their way into other IT servers that included customer data.” A sales thread tied to the stolen T-Mobile customer data. ### 18:07 # GNUnet 0.17.4 This is a bugfix release for gnunet 0.17.3 because of a missing file in the tarball required to build the documentation. #### Download links The GPG key used to sign is: 3D11063C10F98D14BD24D1470B0998EF86F59B6A Note that due to mirror synchronization, not all links may be functional early after the release. For direct access try http://ftp.gnu.org/gnu/gnunet/ ### 17:28 One of the reasons I prefer to write on the open web rather than on Facebook is that if I get an Aha! idea about a feature, on my blog I can implement it. On Facebook I'm just a user. That was/is one of the great things about the web. Anyone can develop features for it. On Facebook, just their employees can. No wonder it never moves. When a company dominates an activity, they tend to invest elsewhere. Seems kind of perverse, but that's why markets don't always evolve to fill every niche. If you want to perform a new style of music in Central Park, you can. If you want to do it in Carnegie Hall or Lincoln Center, you need to get the approval of a lot of rich people ### 17:21 Version 1.63.0 of the Rust language has been released. Changes include the addition of scoped threads, a new ownership model for raw file descriptors, and the completion of the borrow-checker transition: As detailed in this blog post, we've fully removed the previous lexical borrow checker from rustc across all editions, fully enabling the non-lexical, new, version of the borrow checker. Since the borrow checker doesn't affect the output of rustc, this won't change the behavior of any programs, but it completes a long-running migration (started in the initial stabilization of NLL for the 2018 edition) to deliver the full benefits of the new borrow checker across all editions of Rust. For most users, this change will bring slightly better diagnostics for some borrow checking errors, but will not otherwise impact which code they can write. ### 17:00 The Stranger's morning news roundup. by Hannah Krieg More thunder? Yesterday morning, Mommy Nature struck our region with lightning, presumably to give the weather heads something to tweet about. If you missed the lightning (like Jas did, according to Slog PM) then it looks like you won’t get another chance at catching a summer storm today. The Weather Channel forecasts sunny skies and mid-70 degree weather. I’m sure the Seattle Weather Blog will have some calculated response to this good news in order to continue its campaign to make Seattle hate our life-giving sun. SMH Thunderstorms are not all showmanship: The lil summer storm caused outages for over 10,000 Puget Sound Energy (PSE) customers. As late as 10 pm last night, more than 300 of those customers still did not have power. I checked the outage map this morning, and it looks like PSE got its shit together, because there are no more outages in Seattle or Tacoma. Reminder: Allowing cops to chase people in cars puts everyone in danger. Early this morning, a truck slammed into a building in Wallingford while being pursed by the police. Thankfully, no pedestrians got mauled in the process. If you think SPD’s response time is bad: Not counting crises that happen in jails and hospitals, King County crisis responders—who are supposed to provide a more sensitive, less shooty alternative to police—take on average over 11 days to respond. The Seattle Times has more on the overwhelming demand for crisis responders. Seattle Film Commission: Councilmember Sara Nelson is taking up a new cause: supporting the film industry. In a draft, Nelson proposed that the City establish a film commission to advise policymakers and figure out a way to get these people paid living wages. At first, this all seemed out of left field for Nelson–from my quick search, she doesn’t even have a Letterboxd. But, like her earlier legislation to bolster tourism, she explained the policy as an effort to grow our creative economy and make sure moviemakers don’t film their Seattle-set movies in Vancouver. Doggo dating app: A new dating and friendship app has launched in the Seattle area to connect pet lovers to other pet lovers. People who make their “smol bean pupper” their entire personality definitely deserve love, but I can’t imagine a particularly enticing pool of suitors on an app for Pet Owners only. This news also raises a general issue about making new dating apps. I interned for a Seattle-specific dating app EXTREMELY briefly in college, and the app itself was fine, but the big problem was that all the babes were just on Tinder, Bumble, or Hinge. The people that alt apps appealed to were people that didn’t really get any matches on those bigger apps. The upside of the dog app, I guess, is that maybe you will see fewer people on the big apps who think it's cute to stop listening to a conversation when they see the average dog walking down the street. Seattle Approves with some post-election analysis: After Rep. Jaime Herrera Beutler lost the primary election to a Democrat and some crazy Trumper, Seattle Approves organizer Logan Bowers said on Twitter that Approval Voting (AV), which allows voters to select all the candidates that they approve of, would have won her the primary. He also said this wouldn’t have happened with Ranked-Choice voting (RCV). If you’ve been paying attention the last several months, AV and RCV advocates have been duking it out online, and now those two reforms will be on the ballot in Seattle this November. Both systems claim they will make elections fairer and lead to better leadership. In the case of Herrera Beutler, Bowers thinks Democrats would have been enlightened enough to vote for both an actual Democrat and for Herrera Beutler, a Republican (bad) who voted to impeach Trump (better). However, as RCV advocates often note, you can’t communicate preference, which may cause voters to avoid picking anyone but their favorite. I mean, I barely vote for Democrats. I wouldn’t vote for a Republican, regardless of what they think of Orange-Man-Bad. To be fair, Bowers is probably not thinking about bratty voters like me. But I do think RCV advocates could make a case that their system would yield similar results. Herrera Beutler may have been all those voters' second choice if they couldn’t vote for a Democrat or Trumper. IDK, hard to speculate on how these systems would actually play out, but interesting! Least Rock 'n Roll guitar shop: KING 5 wrote about some guitar store owners who are mad about crime and drug use. This makes perfect sense, as the music scene has been historically anti-drug and pro-cop. Uhhhh, Joe? We may not have Democracy for much longer. The Washington Post has the story. Defund the FBI: Authorities are monitoring online threats following the FBI’s raid of Trump’s Mar-a-Lago estate earlier this week. Law enforcement told ABC News that they fear violent retaliation from his base, who in a true moment of horseshoe theory now think the FBI is tyrannical. #MeToo: Zhou Xiaoxuan became the face of China's #MeToo movement in 2018 when she accused television host Zhu Jun of sexually assaulting her when she interned for the show. Yesterday, a Chinese court rejected her appeal of the dismissal of her long-running case. That’s an expensive phone: The tech world thinks that the iPhone 14 will be much more expensive than its predecessor, the iPhone 13 Pro Max. According to The Verge, you could pay up to 15% more if you’re looking to upgrade. I think I’ll stick with my iPhone 8 for now. Thanks! The Pete Davidson jokes are FUNNY. LAUGH: Just trying to help you plan your evening: You can watch a supermoon rise over Rome in a webcast tonight. That would be very Manic Pixie Dreamgirl of you tbh. ### 16:35 This alpha release reverts extensive whitespace changes to --help output, so as not to annoy translators (thanks, Benno Schulenberg!). These will be restored before the next stable release in a “whitespace-only” change. The Project Zero blog has posted a detailed look at CVE-2021-0920 in the first of a two-part series on how this bug created a vulnerability that was subsequently exploited. Google's Threat Analysis Group (TAG) discovered Samsung browser exploit chains being used in the wild. TAG then performed root cause analysis and discovered that this vulnerability, CVE-2021-0920, was being used to escape the sandbox and elevate privileges. CVE-2021-0920 was reported to Linux/Android anonymously. The Google Android Security Team performed the full deep-dive analysis of the exploit. This issue was initially discovered in 2016 by a RedHat kernel developer and disclosed in a public email thread, but the Linux kernel community did not patch the issue until it was re-reported in 2021. ### 16:14 Atomic operations are performed by the traditional RISC-style load locked/store conditional pattern. ; load exclusive register byte ldxrb Rd/zr, [Xn/sp] ; load exclusive register halfword ldxrh Rd/zr, [Xn/sp] ; load exclusive register ldxr Rd/zr, [Xn/sp] ; load exclusive register pair ldxp Rd1/zr, Rd2/zr, [Xn/sp] These instructions atomically load a byte, halfword, word, doubleword, or pair of registers from memory. The instruction also tells the processor to monitor the memory address to see if any other processor writes to that same address, or addresses in the same “exclusive reservation granule”. (Implementations are allowed to have granules as large as 2KB.) Note that the atomicity guarantee is only partial if you use LDXP to load a pair of 64-bit registers.¹ The entire 128-bit value is not loaded atomically; instead, each 64-bit portion is loaded atomically separately. You can still get tearing between the two registers. The only supported addressing mode is register indirect. No offsets or indexes allowed. After an exclusive load, you can attempt to store a value back to the same address: ; store exclusive register byte stxrb Rs/zr, Rt/zr, [Xn/sp] ; store exclusive register halfword stxrh Rs/zr, Rt/zr, [Xn/sp] ; store exclusive register stxr Rs/zr, Rt/zr, [Xn/sp] ; store exclusive register pair stxp Rs/zr, Rt1/zr, Rt2/zr, [Xn/sp] If the reservation obtained by the previous LDX instruction is still valid, then the value in Rt/zr is stored to memory, and Rs is set to 0. Otherwise, no store is performed, and Rs is set to 1. Whether the store succeeds or fails, the STX instructions clears the reservation. For these exclusive load and store instructions, the address must be a multiple of the number of bytes being loaded. If not, then the behavior is undefined: There is no requirement that an exception be raised. So don’t do that. It is also required that the STX match the LDX both in address and operand sizes. You cannot perform an LDX for one address and follow up with a STX to a different address. You also cannot perform a LDXR and follow up with a STXRH to the same address. You aren’t even allowed to do a LDXP with two 32-bit registers and follow up with a STXR with a single 64-bit register. Again, the behavior is undefined if you break this rule. The last instruction allows you to hit the reset button: ; clear exclusive clrex The CLREX discards any active reservation, and forces any subsequent STX to fail. This typically happens as part of interrupt handling or context switching to ensure that undefined behavior doesn’t occur if the thread was interrupted while it was in the middle of a LDX/STX sequence. These instructions are usually coupled with memory barriers, which we’ll look at soon, but the next entry will be a little diversion. Bonus chatter: There is an optional instruction set extension (mandatory starting in version 8.4) which includes a large set of atomic read-modify-write operations. ; atomic read-modify-write operation ; Rt = previous value of [Xr] ; [Xr] = Rt op Rs ldadd Rs/zr, Rt/zr, [Xr/sp] ; add ldclr Rs/zr, Rt/zr, [Xr/sp] ; and not ldeor Rs/zr, Rt/zr, [Xr/sp] ; exclusive or ldset Rs/zr, Rt/zr, [Xr/sp] ; or ldsmax Rs/zr, Rt/zr, [Xr/sp] ; signed maximum ldsmin Rs/zr, Rt/zr, [Xr/sp] ; signed minimum ldumax Rs/zr, Rt/zr, [Xr/sp] ; unsigned maximum ldumin Rs/zr, Rt/zr, [Xr/sp] ; unsigned minimum By default, there is no memory ordering. You can add the suffix a to load with acquire, the suffix l to store with release, or the suffix al to get both. Note, however, that the acquire suffix is ignored if the destination register Rt is zr. Furthermore, you can suffix b for byte memory access or h for halfword memory access. The overall syntax is therefore Prefix Op Acquire Release Size ld add clr eor set smax smin umax umin (none) a (none) l (none) b h For example, the instruction ldclrlh means • ld: Atomic load/modify/store • clr: Clear bits • (blank): No acquire on load • l: Release on store • h: Halfword size. If you don’t care about the previous value, then you can use a pseudo-instruction that uses zr as the destination. ; atomic read-modify-write operation ; [Xr] = [Xr] op Rs stadd Rs/zr, [Xr/sp] ; add stclr Rs/zr, [Xr/sp] ; and not steor Rs/zr, [Xr/sp] ; exclusive or stset Rs/zr, [Xr/sp] ; or stsmax Rs/zr, [Xr/sp] ; signed maximum stsmin Rs/zr, [Xr/sp] ; signed minimum stumax Rs/zr, [Xr/sp] ; unsigned maximum stumin Rs/zr, [Xr/sp] ; unsigned minimum You can add the l suffix for store with release, and you can add b and h suffixes to operate on smaller sizes. You cannot request acquire on load for these instructions because the acquire is ignored due to the destination being zr. The optional instruction set extension also provides for atomic exchanges: ; swap ; write Rs and return previous value in Rt (atomic) swp Rs/zr, Rt/zr, [Xn/sp] ; word or doubleword swpb Ws/zr, Wt/zr, [Xn/sp] ; byte swph Ws/zr, Wt/zr, [Xn/sp] ; halfword ; compare and swap ; if value is Rs, then write Rt; Rs receives previous value ; (atomic) cas Rs/zr, Rt/zr, [Xn/sp] ; word or doubleword casb Ws/zr, Wt/zr, [Xn/sp] ; byte cash Ws/zr, Wt/zr, [Xn/sp] ; halfword casp Rs/zr, Rt/zr, [Xn/sp] ; register pair ; Rs,R(s+1) and Rt,R(t+1) ; also a, l, and al versions for acquire/release semantics The memory order modifiers go between the swp/cas prefix and the size suffix, except that they go after the p. So you have casab (compare and swap with acquire, byte size) but caspa (compare and swap pair with acquire). As with the ld instructions, requests to aquire on load are ignored if the destination register is zr. The memory operand must be writable, even if the comparison fails. If no value is stored, then any requested release semantics are ignored. Bonus reading: Atomics in AArch64. ¹ The load is required to be fully atomic starting with version 8.4 of the AArch64. On older processors, Windows uses CASP instead of LDXP/STXP. The post The AArch64 processor (aka arm64), part 13: Atomic access appeared first on The Old New Thing. I love that Thunderbird really tackled OpenPGP head on and incorporated it directly into the client. I know it’s been a bit rough for some users, but I think it’s a good long term investment. And to demonstrate I’ll now complain about a minor issue :). I replied to an encrypted message but couldn’t send the response using encryption. I got an error message indicating that “End-to-end encryption requires resolving certificate issues for” and it listed the recipient email address. I spent an enormous amount of time examining the recipient’s OpenPGP key. I made sure it was not expired. I made sure it was actually in my Thunderbird key store not just in my OpenPGP keychain. I made sure I had indicated that I trust it enough to use. I re-downloaded it. I eventually gave up and didn’t send the email. Then I responded to another encrypted email and it worked. What!?!? I spent more time comparing the recipients before I realized the problem was the sending address, not the recipient address. I have an OpenPGP key that lists several identities. I have a Thunderbird Account that uses the Identities feature to add several from addresses. And, it turns out that in Thunderbird, you need to indicate which OpenPGP key to use for your main account… but also for each identity. When you drill down to Manage Identities for your account, you are able to indicate which OpenPGP key you want to use for each identity. Once I indicated that each identity should use my OpenPGP key, the issue was resolved. ### 15:49 We live in a 64-bit world, to the point that many distributors want to stop supporting 32-bit systems at all. However, lurking within our 64-bit kernels is a subsystem that has not really managed to move past 32-bit addresses. The quick merge-window failure of an attempt to use 64-bit addresses in the I/O memory-management unit (IOMMU) subsystem shows how hard it can be to leave all of one's 32-bit history behind. ### 15:28 https://www.giantitp.com/comics/oots1264.html ### 15:07 Greg Kroah-Hartman has announced the release of the 5.19.1, 5.18.17, 5.15.60, 5.10.136, 5.4.210, and 4.19.255 stable kernels. They contain a fairly small set of important fixes; users should upgrade. Security updates have been issued by Gentoo (aiohttp, faac, isync, motion, and nextcloud), Red Hat (.NET 6.0), SUSE (libnbd, oracleasm, python-codecov, rubygem-tzinfo, sssd, and thunderbird), and Ubuntu (http-parser, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-ibm, linux-kvm, linux-oracle, linux-raspi, linux-intel-iotg, linux-oem-5.14, linux-oem-5.17, and node-moment). # Today's links # A dark money group is lying about Medicare cuts (permalink) The "American Prosperity Alliance" does not exist, except as an anonymously controlled bank account that has paid for the production and dissemination of a slick ad that spreads the falsehood that the Democrats have cut$300b from Medicare:

Let me repeat: this is a lie. What "American Prosperity Alliance" is talking about here is a provision in the bill that allows Medicare to negotiate drug prices, rather than simply paying whatever Big Pharma wants to charge. This practice is why Americans pay more for their drugs than, say, Canadians:

To be clear: the new bill will curb the eye-watering public price-gouging that Big Pharma enjoys, and halt the transfer of $300b in public money to pharma companies' shareholders, by allowing Medicare to bargain to get prices similar to those paid by other governments in countries like Australia, Canada, and the UK. There is no universe in which this a$300b cut to Medicare. It's like the Dems have pledged to halt $300b in fraud and the American Prosperity Alliance went to the country's elderly and sick and screamed: "They're cutting your benefits!" In fact, it's not like that – it is that. Who the fuck are the American Prosperity Alliance? No one knows. They're a dark money group. Their website consists of a link to their deceptive ad, a form to sign up for their mailing list…and nothing else. https://prosperityalliance.org/ As Lou Jacobson writes for Politifact/Kaiser Health News, this is just the latest version of a torrent of dark money disinformation that makes this claim. https://khn.org/news/article/senate-reconciliation-bill-300-billion-medicare-drug-price-negotiation-fact-check/ For example, the West Virginia TV ad from the Center for Innovation and Free Enterprise (CIFE) in which an elderly woman was literally condemned to die by her doctor, who explained that it was all because the Democrats were going to negotiate drug prices: https://www.huffpost.com/entry/drug-companies-trying-to-scare-seniors-democratic-economic-plan_n_62ec6823e4b09fecea4c8dbb?9t (CIFE claims to be for "free markets," which, apparently, is a system whereby a cartel of multinationals who rely on government-issued monopolies – AKA 'patents' – get to demand literally any sum from the federal government and are assured of receiving it.) As @Robillard and @CitizenCohn wrote for @HuffPost, similar claims came from "America Next," @AmerComm and "The 60-Plus Association" (which is like a far-right prepper version of the AARP). All of them have historically taken money from @Phrma, the lobby group for Big Pharma. The disinformation would be laughable if it wasn't so depraved. Telling old people that giving Medicare an extra$300b to spend on patients is a 300b cut to care is straight-up lying – and thanks to the Supreme Court's Citizens United decision, the dark money cowards funding the American Prosperity Alliance get to lurk in the shadows. If they're so committed to "American Prosperity," why do they need to disguise their identities? Is it that they are planning a big reveal later that we'll all be delighted by and they just don't want to spoil the surprise? The irony here is that the Medicare spending curbs in the Inflation Reduction Act are incredibly weaksauce, barely denting pharma's profiteering. As @ThomasNeuburger writes, this only kicks in as of 2026, and it only affects ten drugs. https://neuburger.substack.com/p/the-ira-drug-price-victory Neuburger is citing a summary from @thehill, which adds that this provision only applies to drugs that are have been around for at least nine years (13 years for biologics): https://thehill.com/homenews/3592694-heres-whats-in-the-inflation-reduction-act-the-sweeping-health-and-climate-bill-passed-sunday/ The number of affected drugs climbs to 20 after another five years. That means that, starting in a decade, Medicare will be able to negotiate prices on 20 drugs – out of 20,000. This plan won't bring down the prices of the most notoriously jacked-up medicine, including #insulin, #Eliquis, and #Humira, a drug that was repeatedly re-patented through useless "formulation changes" that were designed by @McKinsey, who designed a program that gave away Iphones to @abbvie scientists who came up with useless molecular changes as part of a perpetual patent scheme: https://pluralistic.net/2021/11/25/strikesgiving/#cool-story-pharma-bro In other words, Big Pharma has given up almost nothing in this bill, and they are still running around, lying their heads off like they had just been nationalized by Party Secretary Biden and had all their top scientists sent north to work on re-education farms. (Image: Grumpy Puddin, CC BY 2.0) # Hey look at this (permalink) # This day in history (permalink) #10yrsago Beck’s new album is sheet-music only https://www.mcsweeneys.net/pages/song-reader #10yrsago WIPO’s Broadcasting Treaty is back: a treaty to end the public domain, fair use and Creative Commons https://www.eff.org/deeplinks/2012/08/negotiations-2014-wipo-broadcasting-treaty-are-back #10yrsago Pussy Riot’s closing statement https://olenskae.tumblr.com/post/29137327674/yekaterina-samutsevich-closing-statement-at-the #5yrsago Ajit Pai just stacked the FCC’s advisory panel with dingo babysitters from big telcoms https://www.thedailybeast.com/almost-all-of-fccs-new-advisory-panel-works-for-telecoms #5yrsago 20 year old advice on helping people with computers is still relevant todayhttps://pages.gseis.ucla.edu/faculty/agre/how-to-help.html #5yrsago 7 years later, Sun Microsystems cofounder Vinod Khosla loses bid to privatize public beach https://www.theguardian.com/environment/2017/aug/10/martins-beach-california-public-vinod-khosla #5yrsago Wells Fargo also gouged small businesses on credit-card fees https://consumerist.com/2017/08/11/wells-fargo-accused-of-overcharging-small-businesses/ #1yrago IRS leaks reveal billions reaped through ultra-wealthy lobbying on the tax bill https://pluralistic.net/2021/08/11/the-canada-variant/#shitty-man-of-history-theory #1yrago Canada's got the world's worst internet ideas https://pluralistic.net/2021/08/11/the-canada-variant/#no-canada # Colophon (permalink) Today's top sources: Naked Capitalism (https://nakedcapitalism.com/). Currently writing: • The Bezzle, a Martin Hench noir thriller novel about the prison-tech industry. Yesterday's progress: 516 words (31260 words total) • The Internet Con: How to Seize the Means of Computation, a nonfiction book about interoperability for Verso. Yesterday's progress: 502 words (27452 words total) • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. (92849 words total) – ON PAUSE • A Little Brother short story about DIY insulin PLANNING • Vigilant, Little Brother short story about remote invigilation. FIRST DRAFT COMPLETE, WAITING FOR EXPERT REVIEW • Moral Hazard, a short story for MIT Tech Review's 12 Tomorrows. FIRST DRAFT COMPLETE, ACCEPTED FOR PUBLICATION • Spill, a Little Brother short story about pipeline protests. FINAL DRAFT COMPLETE • A post-GND utopian novel, "The Lost Cause." FINISHED • A cyberpunk noir thriller novel, "Red Team Blues." FINISHED Currently reading: Analogia by George Dyson. Latest podcast: View a SKU: Let’s Make Amazon Into a Dumb Pipe https://craphound.com/news/2022/07/31/view-a-sku-lets-make-amazon-into-a-dumb-pipe/ Upcoming appearances: Recent appearances: Latest book: Upcoming books: • Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin, nonfiction/business/politics, Beacon Press, September 2022 • Red Team Blues: "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books, April 2023 This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net. https://creativecommons.org/licenses/by/4.0/ Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution. # How to get Pluralistic: Blog (no ads, tracking, or data-collection): Pluralistic.net Newsletter (no ads, tracking, or data-collection): https://pluralistic.net/plura-list Mastodon (no ads, tracking, or data-collection): https://mamot.fr/web/accounts/303320 Medium (no ads, paywalled): https://doctorow.medium.com/ (Latest Medium column: "Como is Infosec" https://doctorow.medium.com/como-is-infosec-307f87004563) Twitter (mass-scale, unrestricted, third-party surveillance and advertising): https://twitter.com/doctorow Tumblr (mass-scale, unrestricted, third-party surveillance and advertising): https://mostlysignssomeportents.tumblr.com/tagged/pluralistic "When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla This is the first—of many, I assume—hack of Starlink. Leveraging a string of vulnerabilities, attackers can access the Starlink system and run custom code on the devices. ### 13:35 While browsing one day, Emma clicked a link on a site and nothing happened. That was annoying, but Emma wasn't about to give up. She tried to get the URL out of the link, only to discover that there wasn't a URL. Or a link. A quick trip to the DOM inspector highlighted what was going on: <div id="I32" align="left" onclick="ItemClick(3,2)" onmouseout="RollOut(3,2,false)" onmouseover="RollOver(3,2,false)" style="position: absolute; top: 43px; left: 1px; width: 176px; height: 16px; font: bold 8pt Arial; color: rgb(1, 35, 69); background: none repeat scroll 0% 0% rgb(255, 255, 255); padding: 2px; cursor: pointer; border: 0px solid rgb(255, 255, 255);">Project Office</div> This is an anti-pattern I thought had died circa 2006. Don't reinvent hyperlinks in JavaScript. Here, we have a div with an onclick that triggers navigation- assuming the code works, which it didn't in this case. But this isn't the WTF, it's just the appetizer. Emma wasn't about to let this go. She dug into the JavaScript to try and figure out what ItemClick did so she could get the link to the article she wanted. Instead of the menu being driven by server side code, or JSON, or just plain HTML, they were driven by one JavaScript array: [false,0,0,180,20,"#012345","#FFffff","#ffffff","#012345","#4573b3",5, 'News', 'http://w3.initech.org/html/mod_actu/public/actu_welcome_en.php3', false, 'Project overview','http://www.initech.org/3-project-overview.html',false, 'Project Office','http://www.initech.org/ProjectOffice/Project-office.html',false, 'Documents','http://www.initech.org/Documentation/3-documents.html',false, 'Partners','http://www.initech.org/ProjectOverview/participants.html',false]; I can feel my pulse rising just looking at this. Good luck figuring out what these all do if you had to maintain this code. Clearly the preamble contains some location information (0,0,180,20), some styling information (the colors), and a count of links (the 5). The links are easy-ish to follow: caption, URL, and a boolean (whether it opens in a new window or not?). What's that leading false at the start of the array though? No idea. Maybe whether the menu defaults to expanded? Regardless, I hate it and it just makes me feel stressed. While Emma was able to get the links she was looking for, it didn't help her at all, as those URLs were all deceased anyway. Given the overcomplicated nature of the menu system, and the fact that this website was a French language site, Emma had this to add: " I guess the French don't know about KISS." [Advertisement] Continuously monitor your servers for configuration changes, and report when there's configuration drift. Get started with Otter today! ### 11:21 Ah, the rare no-dialog page. I almost added a “N’yah!” or something on the sword dodge, but, eh. No-dialog page instead. I usually have pretty dense dialog for a comic, and don’t have a lot of space for characters flourishing. I might have to revisit that. A good flourishing panel is kind of fun, and I can definitely see Sydney doing it. Now if only Maxima would introduce those boat cloaks to the field uniforms. For those of you not familiar with him, Zephan’s backstory is basically Wang Chi from Big Trouble in Little China (the Chinese “sidekick” to Jack Burton – only BTiLC was really a movie that framed the actual sidekick, the bumbling comic relief, i.e. Jack Burton, as the Main Guy, and relegated the story of the actual Main Guy to the sidekick role. Sure, Hollywood probably insisted they couldn’t sell a film with an asian lead, but we can at least pretend it’s clever screenwriting.) Anyway. So Wang Chi follows in Egg Shen‘s footsteps and becomes an Eastern… whatever Egg Shen was. Wizard? Mystic? Wu? Eventually he expands into occidental mysticism and yadda yadda yadda, became the head of ArcLIGHT. Only of course it isn’t Wang Chi, but some guy named Zephan who went through his own set of unusual and supernatural circumstances that put him on the path. Just thought I’d clarify his backstory in case the Chinese Imperial Guard phantom projecting from the magenta crystal wasn’t enough of a dead giveaway. >cough< The August Vote Incentive is up! I’m a big fan of John Byrne’s run on “The Sensational She Hulk” and the imminent show looks very Sensational influenced. Therefore, I was inspired to draw some buff (pun intended) She Hulk, and threw in Red She Hulk for fun. Also, a wild Sydney for scale. Enjoy them posing in various outfits and lack thereof over at Patreon. Double res version will be posted over at Patreon. Feel free to contribute as much as you like. ### 10:35 ### 10:21 Look around the rooftops of many cities and you’ll see wooden water towers. New York has thousands of them. The reason is simple and often overlooked: In the morning, when every resident of the building is preparing for the day, there’s a need for thousands of gallons of water under high pressure. Providing that much power via a pump is expensive, noisy and difficult to maintain. The system in use, on the other hand, takes two or three hours to refill the tank, using reliable, quiet and cheap small pumps. After that, gravity is all that’s needed. Adding a reservoir to a high-demand system creates slack, resilience and efficiency. Too often, foolish short-term profit seekers forget this, and use up what’s in the reservoir without keeping future reserves in mind. ### 08:49 ### 06:56 The post 1630 appeared first on Looking For Group. ### 05:49 ### 03:00 Matt Braunger seems like a nice, relatable person. That doesn’t make him less funny. by Dave Segal A masterly storyteller with an expressive face and a voice adept at many impressions, Portland-raised stand-up and actor Matt Braunger is an expert at finding absurdity in mundane situations. Braunger seems like a nice, relatable person, which can be a drawback for a stand-up, but he succeeds through the nuts and bolts of timing, delivery, exceptional descriptive powers, and an unerring knack for extracting the funniest details from random encounters. Sure, the 48-year-old explores familiar topics like romantic relationships, the male ego, drinking problems, and drug trips gone awry. But some of his best bits have also tackled the authoritarian nature of nine-year-old girls, the Gin Blossoms’ ultimate white-privilege lyrics, locker-room etiquette, bathroom-door knocks, butt surgery, and the unfuckingbelievable hubris of Billy Joel’s “Piano Man.” Braunger’s television credits include performances on sketch shows like MADtv, he’s built a solid discography of comedy albums, and he’s showed up alongside almost every late-night show you could think of, from Conan to John Oliver’s New York Stand-Up Show. I caught up with Braunger by email before his two-night four-set run at Here-After on August 12-13. THE STRANGER: How did Portland shape your comedic sensibility? MATT BRAUNGER: I was lucky to grow up in Portland while it was still “weird” (i.e., bizarre art everywhere, real “characters” living there, an appreciation for all things alternative and non-mainstream), but had almost no hype or attention. To us, Seattle was the “cool” city in the PNW. I would randomly think, “I bet something cool is going on right now in Seattle” as a kid. Haha. Has Portlandia done more harm than good to the city’s reputation? You’d have to ask a local, as I haven’t lived there as a resident for so long. I moderated the Portlandia Q&A with Fred [Armisen] and Carrie [Brownstein] at SXSW one year, and that was a blast, but part of me wanted to go,“You guys aren’t even from there!!” But I love Fred and Carrie. I saw a T-shirt for a Portland band that had Ramblin’ Rod (who was like the Bozo the Clown of PDX) holding both their decapitated heads and grinning, which made me LOL. Overall, I don’t think the show hurt Portland. I thought the show was hilarious and the parodies were dead on. What is the most important catalyst for your humor? Just a funny memory or thought, that’s it. If it makes me laugh, I try it onstage. Sometimes it falls flat, and then I see if I want to try it again and again to get it to where it worked in my head. What topics will you never address in your act, and why? Or, to play devil's advocate, are taboo subjects for the spineless? I don’t do a lot of political stuff because I’m not great at it (I end up getting too mad), but I don’t think anything is off limits. You can say anything, you just have to make it funny. Here’s the rub: Not everybody can pull off a [blank] joke. It’s comedy. Funny is paramount. Are you trying to be funny or are you trying to be different/edgy? Usually the guys who bitch about “everybody’s too offended these days” are the most offended at stuff. What’s a richer source of humor—mundanity or profundity? I think the argument could be easily made for both. Profundity is what, Doc Ellis pitching a no-hitter on acid? Amazing and hilarious, but what is profundity, everyday life? Everyday life is just as horrifying and exhilarating, with the same level of stakes. You’re just not on a pitcher’s mound on national television. What’s your take on bodily function jokes? Lowest form of humor or universal bonding agent? Both? Are there fresh angles to be explored with them or should we flush them down the toilet forever? Bodily function jokes, to me, will always have a place in comedy. A hard fart in a quiet room full of people is gold. Google “Farting preacher” right now, and enjoy. Do you notice any difference in audiences from blue states versus red states? If so, what are they? Do you craft your sets differently for each? I'm thinking specifically about how your white privilege bits go down in red states, assuming you're still doing them. I don’t really change anything from place to place, and sometimes I get some crossed arms in the audience, but not much worse than that. Most people who go to comedy shows actually enjoy different viewpoints. I mean, that white privilege bit is about the Gin Blossoms guy singing “Tomorrow we can drive around this town, and LET THE COPS CHASE US AROUND.” Even the most “All Lives Matter” dingbat has to admit no Black person could ever sing that. Do you find it harder to create quality material now that you’re married and have a child than when you were single and on the prowl? Haha, not really. Maybe I was less precious with my material when I was a carousing every night, but back then I yelled a lot more, too. Man, did I yell. I think I was just lonely? You’ve done some sets on big late-night TV shows. What, if anything, can you reveal about those gigs that most people outside of comedy don’t know? I was the last guest of 2008 on The Late Show With David Letterman. I’m waiting to do my set, super nervous, and the booker says “Dave might have you over to the couch; do you have a funny story to tell him?” I rack my brain, come up with one. He laughs and says, “Okay, great, but do you have a backup?” What?!?! No, man! I’m trying to remember my TV jokes! David introduces me, I have a great set, and Dave calls me over. I tell my “Eggly Bagelface” story from growing up in Portland, and he loves it. He says goodnight, we wave, the cameras cut, and place goes dark and silent. A voice says “Everybody hold! David is leaving.” He stands, walks behind me, and extends a big hand. “You were very funny.” “Thank you.” He walks up some stairs and through a door that then shuts behind him. “All clear!” The lights come up. A producer runs over and says “Great job!” I’m escorted to a side door and walk into an empty, freezing alley covered in ice. The door slams behind me, and I’m cold and alone. THAT’S showbiz! Who’s your favorite comedian of all time? Who’s your favorite comedian working now? I need reasons, too. If I have to pick one, it’s Richard Pryor because he was the most nakedly human, which paved the way for all great modern stand-up comedy. Right now it’s a tie between Dave Attell and Dina Martina, because they both make me cry every time I see them. What’s the one widespread cliché about comics that rings truest to you? That we’re needy. As Dana Gould puts it, “You have to wonder about people who make a living by begging strangers for love.” Have you ever been heckled? If so, how did you deal with it? Negative heckling is really rare. The most common thing is people thinking if they yell stuff out it’s helping, but they’re just being destructive. Kind of like the villagers in Midsommar? I just good-naturedly talk them down or make fun of them in a fun way. I’m not the guy in videos “destroying” them. What can Seattle audiences expect at your Here-After sets? It’s a new hour of stories, weird thoughts, and confessions that are funny. My main thing is just not to waste anybody’s time. If I’m paying to see somebody, it better be fun. I’m fun. What's on your agenda for the near future? Making that day care money, baby! Oh, and promoting my new special, Doug, that comes out later this year. In a nutshell it's an absolutely silly/deeply personal special about a happily married new “older” father, culminating in the story of the time I met the worst guy ever, named “Doug” and how I'm determined to never be like him. I had an hour all ready to go right before the COVID lockdown, and a year later when I finally shot the special, I realized I’d thrown away at least half of it in exchange for what I got from a year of not doing comedy. Irony! The Stranger's evening news roundup. by Jas Keimig Did you hear that thunder? See that lightning? Okay, TBH I did not, but I know at least one of my colleagues did. And I know for sure a lot of Tacomans did, because around 9,500 Tacoma Public Utilities customers were left without power this morning due to lightning strikes. Nature is metal, etc. According to the NWS Seattle, that'll be the most electrostatic discharges we will have for at least the rest of the day. As Will mentioned in this morning's Slog AM: Trump pleaded the Fifth to hundreds of questions asked by NY Attorney General Leticia James concerning his shady business dealings in the state. Most national news outlets are focused on the play-by-play of what happened during the interview. The New York Times speculates that James has two options: take Trump to trial, or seek a settlement that will kick him in the financial balls. Wanting any kind of satisfying accountability from this dude seems fruitless. And in Trump crony-land: Republican Rep. Scott Perry of Pennsylvania said the FBI seized his phone yesterday, reports CNN. While the Department of Justice is, of course, remaining mum on the exact thing they're looking for, word on the street is that the seizure is part of the department's investigation into efforts to overturn the 2020 election. Just because they're calling it a "guerilla garden" doesn't mean it is cool or helpful: A homeless encampment got swept on N 96th St, and what do the neighbors do? Build a barrier—flowerbeds—to prevent them from returning. KOMO tries to spin this act of eco-passive aggression as a "community greenspace," but we know what this really is: asshole behavior. Our philosopher-in-residence Charles Mudede put his thoughts on the matter in this Slog post. Albuquerque police have arrested 51-year-old Muhammad Syed, who is suspected of killing two Muslim men, and potentially two other Muslim men in a spate of slayings that has put the community on edge. CNN reports that Syed, an Afghan immigrant, has denied his involvement in the killings, but police say they found bullet cases matching Syed's firearms at the murder scene. Ever wanted to see inside the West Seattle Bridge? Ellen M. Banner and Mike Lindblom from the Seattle Times climbed into the hollow guts of the bridge to get a closer look at the repairs construction crews are making. Forty-six miles of steel cable is holding all that heavy-ass concrete together and keeping it "banjo tight." And it seems the bridge is still on track to open the week of September, should everything go well... This is bullshit: The Madison Trader Joe's is no longer selling booze for some reason. Capitol Hill Seattle Blog is still waiting for corporate's comment as of this publication. While the Hill has been blessed by grocery stores, they are getting increasingly hostile towards shoppers. I went to the Safeway on E John the other day and learned they now put personal products (shampoo, soap, baby formula) in the same restricted section as liquor. We are so fucked as a society, lol. The New York Times has a great trend piece on the rising popularity of knotless braids in Harlem and Brooklyn. Makes me want to grow out my hair... OK, this polio resurgence is getting kind of real: In London, health officials made polio boosters eligible for children aged 1-9 as they uncover more evidence that the polio virus has spread in multiple parts of the city, reports NPR. Though they haven't found a case in people, officials have detected viruses in wastewater that suggests "transmission has gone beyond a close network of a few individuals." The boosters are just a precautionary measure, so you might wanna tighten up if for some reason you have not been vaccinated against polio. Inflation hits Seattle City Light: The department is hoping to hike your electricity bill 4.5% as material prices surge. I think electricity should be free. Does that make me a communist? (Not actually looking for your input, thanks!) Fauci was in town last night: Technically he was here to accept an honorary Hutch Award from the Fred Hutchinson Cancer Research Center, usually awarded to a baseball player who is a "champion of health care off the baseball field." But he also swung by the Mariners vs. Yankees game at T-Mobile field, where the crowd greeted him with a hearty mix of boos and cheers: All aboard the Chilkat Express! Today marks the express Des Moines-Seattle passenger ferry's first day in action. According to KING 5, the ferry is part of a pilot program run by the city of Des Moines as a way to figure out how to better service commuters. The Chilkat Express will make four 40-minute roundtrips daily, running from the Des Moines Marina to Bell Harbor Marina. This program will end on October 9, so you have most of Leo, Virgo, and a little Libra season to check out Des Moines. I'm so tired of talking about the Justice Department: But today they charged Shahram Poursafi, a member of Iran's Islamic Revolutionary Guards Corps who remains at large, with planning to assassinate Trump's national security adviser, John R. Bolton, reports the New York Times. Yeah, the guy who admitted to planning coups in other countries. The feds say this plot was "payback" for the US bombing an Iranian official. No comment! Something vintage to soothe yourself with: Seattle street scenes from 1985, back before our provincial soundside town got whacked with technology sibling energy. For your listening pleasure: Happy 15th anniversary to M.I.A.'s Kala. Yes, you are that old. Here's "Bamboo Banga": ### 01:35 The LWN.net Weekly Edition for August 11, 2022 is available. ### 01:28 But still, CP/M was, for a while, the industry-standard microcomputer OS, making Digital Research a powerful and important company. Wealthy companies that lose dominance over a market they formerly controlled don’t tend to just give up. Digital Research put a substantial R&D effort into expanding and enhancing CP/M, creating a large family of OSes. It had some significant wins and big sales. Some of those products are still in use. All those products are arguably “CP/M derivatives”, and as such, Bryan Sparks’ 2001 edict might have just open-sourced them all. One of the many giants we lost along the way. Neighbors in North Seattle are using community greenspace to discourage homeless camps. by Charles Mudede On August 8, KOMO news reporter Joel Moreno posted a story that deserves the kind of examination an entomologist applies on a wasp: “Neighbors create guerrilla garden after Seattle sweeps homeless camp.” What’s stated in the headline is indeed what’s found in the story, which concerns an unauthorized “community greenspace” that’s “on N 96th St, just off Aurora Ave,” and appeared right after a homeless camp was swept by the city. Moreno writes: “Neighbors call it guerrilla gardening and it’s a new approach to keeping encampments cleared from coming back.” This tactic has a name. It’s called a “green deterrent.” Gardens certainly attract rabbits, but apparently they keep away humans perceived as having no economic value and leaving trash everywhere. This article is, of course, selling the feeling that the city is doing nothing about public safety and so it’s up to the productive side of society to protect itself. The people of North 96th Street are being resourceful in a way that’s distinctly Seattle. They are putting the guerrilla back into guerrilla gardening. This is a tactical move in the war between those who have something and those with absolutely nothing. The initial target of guerrilla gardening was none other than capitalism, a system that restructures “all-sided” human interdependence into “the independence and indifference of the consumers and producers to one another.” This description of a society dominated by the logic of the market is profound. It’s at once anthropological (we are a social animal) and explains precisely what’s historically specific to capitalism (it captures this organic sociality and transforms it into its opposite—a system that rewards indifferent egoism). Guerrilla gardening in its initial form returned the community feeling and practice to spaces that are not officially public or private. A similar objective is found in the edible landscape movement. The idea is to make some of our basic needs less dependent on a system that, as several radical economists realized long ago (particularly, Mikhail Tugan-Baranovsky*) is not about humans at all. But the action on North 96th Street reveals how easily anticapitalist projects of its kind can be easily emptied of meaning. Indeed, I think that one of the reasons the artist Sarah Bergmann pretty much abandoned her “Pollinator Pathway” in Seattle and moved to the East Coast is because she was under continuous pressure to make the project accessible to people who felt the need to do something good. But she was imagining the real transformation of urban organization, a real disruption and reorientation between the urban and natural. She didn’t want to create a biodiverse pathway that could also, without much effort, be used to protect property owners from the grim realities of capitalism. Indeed, activism directed at preventing or blocking sweeps fears no such capture and emptying that is happening on North 96th Street. Helping the homeless in a real way apparently doesn’t make a homeowner feel good. What's next? Maybe letting artists do their thing with eco-blocks in the manner of the Storefronts Program for public art. *I will say more about the pre-revolution Russian economist Tugan-Baranovsky at another time, but I think it’s no accident that he has never been translated into English. Our access to him in this language has been primarily provided by the American Marxist Paul Sweezy, and translations of Rosa Luxemburg and Michał Kalecki. ### 00:42 The /e/ OS operating system provides a user-friendly alternative to Android for people who want the Android experience without the reliance on Google and associated manufacturer-related applications and telemetry. Compared to LineageOS, /e/ provides a more unified experience out of the box, with a suitable suite of default open source applications and a system-based application store. Despite the fact that /e/ borrowed from various pre-existing open source projects to create its default applications, none looks out of place. It’s a good choice for people looking to de-Google, but the rather lacklustre device support is a big problem, forcing you to buy a new device if you want to give this a go. That’s not really /e/’s fault, of course, but it’s an issue nonetheless. ### 00:07 drawing some characters with lips again I guess. Feels right for Dora anyway. ## Wednesday, 10 August ### 23:21 Offline computing and learning was something of a theme at GUADEC 2022 as there were multiple talks by people from the Endless OS Foundation, which targets that use case. Dylan McCall and Manuel Quiñones had a talk on day two about a switch that Endless has made over the last few years away from its home-rolled "knowledge apps" to apps based on the Kolibri learning platform. While Endless has its roots in GNOME, and Kolibri runs well in that environment, the switch will allow Endless to reach users who are not running a GNOME desktop. ### 23:07 The idea of putting RSS into the world of the browser was a mistake. The world of news is another world altogether. The web tried, in every way to turn RSS into the web. And it was very unsatisfying for a reason, the web was designed for documents. Things that have lasting value. The news is different. It's ephemeral. You want to keep a record of it for sure, but yesterday's news has no value as news, because it's not new. It's like the difference between music and podcasts. Music you may want to listen to many times, to cherish, to attach memories to, if it's good enough, over your whole life. A podcast is one and done. Pfffft. Off to the bit bucket. It's value is over as soon as the next episode is out. ### 21:35 ### 20:49 ### Mum I dunno from where to start. While I’m not supposed to announce it, mum left this earth a month ago (thirteen days when I started to write this blog post) ago. I am still in part denial, part shock, and morose. Of all the seasons in a year, the rainy season used to be my favorite, now would I ever be able to look and feel other than the emptiness that this season has given me? In some senses, it is and was very ironic, when she became ill about last year, I had promised myself I would be by her side for 5-6 years, not go anywhere either Hillhacks or Debconf or any meetup and I was ok with that. Now that she’s no more I have no clue why am I living. What is the purpose, the utility? When she was alive, the utility was understandable. We had an unspoken agreement, I would like after her, and she was supposed to look after me. A part of me self-blames as I am sure, I have done thousands of things wrong otherwise the deal was that she was going to be for another decade. But now that she has left not even halfway, I dunno what to do. I don’t have someone to fight with anymore It’s mostly a robotic existence atm. I try to distract myself via movies, web series, the web, books, etc. whatever can take my mind off. From the day she died to date, I have a lower back pain which acts as a reminder. It’s been a month, I eat, drink, and am surviving but still feel empty. I do things suggested by extended family but within there is no feeling, just emptiness :(. I have no clue if things will get better and even if I do want the change. I clearly have no idea, so let me share a little about what I know. ### Samsung Galaxy M-52G Just a couple of days before she died, part of our extended family had come and she chose that opportunity to gift me Samsung Galaxy M-52G even though my birthday was 3 months away. Ironically, after I purchased it, the next day, one of the resellers of the phone cut the price from INR 28k to 20k. If a day more, I could have saved another 8k/- but what’s done is done To my mind, the phone is middling yet a solid phone. I had the phone drop accidentally at times but not a single scratch or anything like that. One can look at the specs in greater detail on fccd.io. Before the recent price drop, as I shared it was a mid-range phone so am gonna review it on that basis itself. One of the first things I did is to buy a plastic cover as well as a cover shield even though the original one is meant to work for a year or more. This was simply for added protection and it has served me to date. Even with the additional weight, I can easily use it with one hand. It only becomes problematic when using chatting apps. such as Whatsapp, Telegram, Quicksy and a few others where it comes with Samsung keyboard with the divided/split keyboard. The A.I. for guessing words and sentences are spot-on when you are doing it in English but if you try a mixture of Hinglish (Hindi and English) that becomes a bit of a nightmare. Tryng to each A.I; new words is something of a task. I wish there was an interface in which I could train the A.I. so it could be served for Hinglish words also. I do think it does, but it’s too rudimentary as it is to be any useful at least where it is now. ### WiFi Direct While my previous phone did use wifi direct but it that ancient android version wasn’t wedded to Wifi Direct as this one is. You have essentially two ways to connect to any system outside. One is through Wi-Fi Direct and the more expensive way is through mobile data. One of the strange things I found quite a number of times, that Wifi would lose it pairings. Before we get into it, Wikipedia has a good explanation of what Wifi direct is all about. Apparently, either my phone or my modem loses the pairing, which of the two is the culprit, I really don’t know. There are two apps from the Play Store that do help in figuring out what the issue is (although it is limited in what it gives out in info. but still good.) The first one is Wifi Signal Meter and the other one is WifiAnalyzer (open-source). I have found that pairing done through Wifi Signal Meter works better than through Google’s own implementation which feels lacking. The whole universe of Android seems to be built on apps and games and many of these can be bought for money, but many of these can also be played using a combination of micro-transactions and ads. For many a game, you cannot play for more than 5 minutes before you either see an ad or wait for something like 2-3 hrs. before you attempt again. Hogwarts Mystery, for e.g., is an example of that. Another one would be ‘Explore Lands’. While Hogwarts Mystery is more towards the lore created by J.K.Rowling and you can really get into the thick of things if you know the lore, Explore lands is more into Exploration of areas. In both the games, you are basically looking to gain energy over a period of time, which requires either money or viewing ads or a combination of both Sadly most ads and even Google don’t seem to have caught up that I’m deaf so most ads do not have subtitles, so more often than not they are useless to me. I have found also that many games share screenshots or videos that have nothing to do with how the game is. So there is quite a bit of misleading going on. I did read that Android had been having issues with connecting with developers after their app. is in the Play Store. Most apps. ask and require a whole lot of permissions that aren’t needed by that app. ### F-Droid Think Pirate Praveen had introduced me to F-Droid and a whole lot of things have happened in F-Droid, lot more apps. games etc. the look of F-Droid has been pulled back. In fact, I found Neo Store to be a better skin to see F-Droid. I have yet to explore more of F-Droid before sharing any recommendations and spending some time on it. I do find that many of foss apps. do need to work on how we communicate with our users. For e.g. one app. that Praveen had shared with me recently was Quicksy. And while it is better, it uses a double negative while asking permission whether it should or not to use more of the phone’s resources. It is an example of that sort of language that we need to be aware of and be better. I know this post is more on the mobile rather than the desktop but that is where I’m living currently. ### 20:14 *Brazilians fear return to dictatorship as "deranged" Bolsonaro trails in polls.* Like the wrecker in the US, Bolsonaro has talked about refusing to hand over power peacefully. People fear he will try to organize mobs on Brazil's independence day to overthrow democracy, perhaps arranging a false flag attack on them as an excuse. As Greenland's ice melts and exposes some areas of land, people are prospecting for rare metals. There are no established ecosystems on those areas, but mining can spread pollution in many ways. It could pollute the land so that plants can't grow there; it can pollute the nearby seas. Investigation finds probable racism in how British thugs applied the rules for fines for violating Covid rules. They were supposed to apply their discretion to make fines a last resort; now ever, they were much quicker to fine black. The article linked to just above displays symbolic bigotry by capitalizing "black" but not "white". (To avoid endorsing bigotry, capitalize both words or neither one.) I object to bigotry, and normally I will not link to articles that promote it. But I make exceptions for some articles that I consider particularly important. That article is one of the exceptions. Worshipers of the Invisible Hand have seriously proposed that people should become corporations and sell shares in themselves to raise funds to invest in their education. That's effectively a way of selling a fraction of yourself into slavery. A few may become successful, while many become controlled by their shareholders. The rich who own the shares will dominate the decisions about the laws to regulate this system. The book, The Unincorporated Man by Kollin and Kollin, describes a future world in which this has happened. The people in that world are used to the system and defend it, but at the end we see that forces everyone to be partly owned by whoever buys stock in them. Please do not get it from Amazon! The US military uses a highly polluting method (burn pits) to dispose of most kinds of inconvenient waste in deployment bases. It causes avoidable injury to US solders, and also to the local civilians. But it's cheap for the Pentagon, supposing it doesn't bear the cost of treating those injuries. Now it will have to pay to treat the US veterans, but not the local civilians. Don't forget about the diseases caused to both US soldiers and local civilians by Depleted Uranium. *Nebraska teen and her mother charged for aborting and burying fetus.* Some of the charges are about doing things with a "dead body". It is absurd to consider a fetus a dead body, but antiabortionists push for anything that classifies a fetus as a human being for any specific purpose in any specific circumstance, regarding that as a step closer to classifying abortion as murder. Roe v Wade did not legalize abortion after 6 months except with certain specific grounds. I wonder if any of those grounds applied here — and also why she did not have an abortion earlier. ### 20:00 Food & Drink Specials and U-Picks to Check Out This Season by EverOut Staff As sad as it is to say, berry season won't stick around forever. Before you find yourself in the depths of winter and feeling like you'll cry if you have to choke down another root vegetable, take full advantage of the bounty of summer, either by stuffing your face with fruit or filling up a basket at a farm. We're here to help you do just that with a list of local food and drink specials and places offering U-pick. For more ideas, check out our food and drink guide. ### FOOD & DRINK SPECIALS A La Mode Pies You can always find golden pies bursting with berries at this pie bakery, whose signature pies include Blue Hawaiian (blueberry, pineapple, and coconut), Marionberry Hazelnut, and Raspberry Crumble. Ballard, Phinney Ridge, West Seattle Pickup, delivery, dine-in ### 19:42 From the emergence of the gruesome T-Virus to the grisly saga of the Baker family… we’ve joined forces with Capcom Continue reading The post Return to the ultimate survival horror saga appeared first on Humble Bundle Blog. ### 19:35 Check out the great work our volunteers accomplished at today's Free Software Directory (FSD) IRC meeting. ### 19:21 China is going all out to intimidate US support for Taiwan, even "breaking off" discussions on curbing global heating. Not that China was cooperating very much anyway: it continues to build new coal-fired generating plants, and its target for (the weak goal of) "net zero" is 2060. China has recently experienced disastrous floods and faces the danger of fatal weather in the North China Plain. China's rulers are arrogant but not crazy. The only thing that can convince them to try hard to decarbonize is awareness of what will happen if they don't. The US is also doing far too little to decarbonize, though the just-passed climate, welfare and tax law is a step forward. Texas governor Abbott is having state officials force border-crossers onto buses to New York City, even though they wanted to go elsewhere. It would be a kindness to offer them rides to New York City, if they had the choice to decline the offer without being punished. Misrepresenting this mistreatment as such a kindness is a big lie, a typical Republican act. China's missile interdiction of seas near Taiwan was such a large exercise that it was probably planned for months. Pelosi's visit was a convenient excuse, an opportunity to put the blame on her. The great danger is that it shows that China can cut off Taiwan's maritime trade just by firing missiles. To prevent that requires some way of making it cost China more than it costs Taiwan. A Republican candidate for attorney general of Michigan is accused of plotting to tamper with voting machines after the 2020 election. The coach of a college football team has been forced to resign after he started reading aloud the text on a distracted student's iBad, and in the process recited some taboo word. The word is so taboo that CNN dares not say what it was — and indeed, it hardly matters which taboo word it was. I presume it was a slur of some sort. The ethical issue here is whether to treat such slurs as insults, wrong to use as insults because that unjustifiably nasty, or treat them as taboos. Do people deserve punishment for inadvertently breaching taboos? The coach believes that even though the words he spoke were not his words, his violation of the taboo was such a grave sin that he deserves to be shunned and lose his job for quoting them carelessly. By doing that, he lets down other future people condemned for violating taboos. If he had to resign, he should have done so without admitting guilt. If you step on a flagstone that has a taboo word inscribed on it, should you be shunned? How about if you are photographed near a sign (in a non-English-speaking country perhaps) which has a taboo word on it? Should you be fired for that? Is "what people might think" more important than what really happened? Using slurs to insult someone is nasty and wrong. But we ought to know better than to punish people for violating taboos. To do so indicates a lack of moral reflection. ### 18:28 Today's song: Words of Love. ### 17:42 The Stranger's morning news roundup. by Will Casey The sweet taste of accountability in the morning: Trump's legal troubles didn't end with the FBI's raid of Mar-a-Lago yesterday, as he pled the Fifth during his testimony today in the New York Attorney General's civil suit against his real estate "company." The NY AG claims her investigation has found "significant" evidence of fraud and other financial wrongdoing in how the company valued its assets in applications for loans and in tax filings. In other Trump news: The fantasy of the former president losing sway over his cult dissipated in the face of yesterday's primary elections. The Associated Press has the full rundown of his hand-picked goons winning in Wisconsin and elsewhere across the country. As Mudede mentioned in last night's Slog PM, locally, incumbent Republican Jaime Herrera-Beutler was the latest casualty among the 10 Republicans who voted to impeach Trump last February. Not all primary results were bad news! Progressive Congresswoman Ilhan Omar defeated a centrist challenger who made her support for transferring money from law enforcement to economic and social programs the centerpiece of his campaign. She and her supporters don't appear worried that she only prevailed by two points. Speaking of centrists operating in bad faith: The San Francisco Standard uncovered significant financial ties between Brooke Jenkins, the prosecutor who replaced Chesa Boudin after the recall effort against him succeeded, and the nonprofit Neighbors for a Better San Francisco. That's notable because the nonprofit's sister organization, Neighbors for a Better San Francisco Advocacy, was behind the PAC that raised "4.8 million of the $7.1 million contributed to oust Boudin from office." Seems totally above board and not at all like further evidence that big moneyed interests undermined transformative criminal justice reform. Not you too, KUOW: I already scolded KING 5 last week for taking the bait on the open letter from King County Prosecutor Jim Ferrell and seven other south King County mayors who have endorsed him, but here's KUOW committing the same sin five days later. They did at least include a more extensive push-back from the King County Prosecutor's Office on the hyperbolic claims that criminal justice reforms caused a spike in crime, but failing to mention the potential political motivations of the seven mayors does a disservice to readers' ability to determine good faith. On the topic of local law enforcement: It sounds like the Community Police Commission had a totally normal one last night when Gino Betts, the new Director of Seattle's Office of Police Accountability, joined their regular community engagement meeting. Here's a sample of South Seattle Emerald reporter Carolyn Bick's live-tweeting of the meeting: We're still waiting... Yesterday marked the anniversary of the Emerald uncovering a whistleblower complaint within the Office of Inspector General, the agency that's supposed to hold the Office of Police Accountability (OPA) accountable for doing its job. The complaint alleged that the agency's director was too cozy with OPA and instructed staff to avoid criticizing the OPA in writing. You can get caught up on the story, and on the Seattle City Council's lack of action on the complaint, right here. Welcome to the abolition movement, Republicans: Adam Serwer at The Atlantic published an excellent breakdown of how the collective conservative freak-out about the FBI raid was "unmoored" from the available evidence. Our wholly unbalanced media ecosystem strikes again: I'm sure Congresswoman Omar and the rest of the Squad who faced centrist challengers over their supposed capital sin of suggesting that cops are not a good use of public safety dollars are just tickled by the irony. At least this is all fun and games, right? The federal judge who signed the search warrant for the FBI raid on Mar-a-Lago yesterday now faces threats, and he had his personal information spread across pro-Trump online communities, resulting in the deactivation of his official page on the court's website. Surely it had nothing to do with the widespread use of "civil war" rhetoric among Republican commentators and politicians. Saudi spy within Twitter convicted: A former employee of the bird app was found guilty of turning over personal information about people who used anonymous accounts to criticize the Saudi government in exchange for at least$300,000 in wire transfers. Between this and Facebook's indefensible decision to rat out an abortion patient in Nebraska, the nation's social media companies are really having a banner week.

PSA: Don't point your sex toys at anyone. A Thomson-Upson County teen with a "personal massager" triggered a lockdown for that entire Atlanta-area school district yesterday, which certainly disrupted learning for a while. Okay, let's review: Police see a teen openly carrying an assault rifle in Uvalde and they fail to stop him from entering a school, but catching a glimpse of a sex toy that somehow "resembled a handgun" requires a countywide freakout. Great society we've got here, folks.

Start looking for higher ground: According to a new report from the National Oceanic and Atmospheric Administration, high tide flooding is on pace to become a regularly occurring disaster across the country. By 2050, they project "high tide flooding across the U.S. is expected to take place between 45-70 days a year on average," compared to just three to seven days of high tide flooding projected for 2023.

On that note, let's end AM with a classic from the all-time great Stevie Wonder.

### 17:35

The last few days have been devoted to improving l1, the homegrown lisp I wrote about earlier this year. A number of changes have landed in the last week:

I also implemented the bulk of the automated tests in the language itself. This was a decisive step forward in both ease of creating new tests and confidence that the language was approaching something usable.

The work I'm happiest with, though, because it taught me the most, was implementing tail call optimization (TCO) in the language, which the rest of this post will be about.

## Motivation

The need for some form of TCO became clear as I started to write more small programs in l1. Perhaps the simplest example is one that sums all the natural numbers up to $n$:

(defn sum-to-acc (n acc)
(cond ((zero? n) acc)
(t (sum-to-acc (- n 1) (+ n acc)))))

(defn sum-to (n)
(sum-to-acc n 0))

Calling sum-to for small $n$ worked fine:

(sum-to 100)
;;=>
5050

However, larger $n$ blew up spectacularly:

(sum-to (* 1000 1000))
;;=>
runtime: goroutine stack exceeds 1000000000-byte limit
runtime: sp=0x14020500360 stack=[0x14020500000, 0x14040500000]
fatal error: stack overflow

runtime stack:
runtime.throw({0x10289aa2b?, 0x10294ddc0?})
/opt/homebrew/Cellar/go/1.18.3/libexec/src/runtime/panic.go:992 +0x50
runtime.newstack()
/opt/homebrew/Cellar/go/1.18.3/libexec/src/runtime/stack.go:1101 +0x46c
runtime.morestack()
/opt/homebrew/Cellar/go/1.18.3/libexec/src/runtime/asm_arm64.s:314 +0x70

goroutine 1 [running]:
math/big.nat.scan({0x0, 0x1401c2820e0?, 0x0}, {0x1028dc7c8, 0x1401c2820e0}, 0xa, 0x0)
/opt/homebrew/Cellar/go/1.18.3/libexec/src/math/big/natconv.go:126 +0x80 fp=0x14020500430 sp=0x14020500360 pc=0x10288b1e0
;; ...

This happens, of course, because sum-to-acc calls itself a million times, each time storing a copy of its local bindings on the stack, which eventually consumes all the space on the stack.

Getting simple recursive functions like this to work for large $n$ is especially important because l1 doesn't have loops (yet)!

## The Optimization

The solution is hinted at already in my test case. Note that I did not write sum-to as a single recursive function, as follows:

(defn sum-to-notail (n)
(cond ((zero? n) 0)
(t (+ n (sum-to-notail (- n 1))))))

While this function looks slightly simpler, it is harder for a compiler or interpreter to optimize. The difference is that, whereas sum-to-notail does some work after calling itself (by adding n to the result), sum-to-acc calls itself from the tail position; that is, the function returns immediately after calling itself.

People have long realized that function calls from the tail position can be replaced by updating the return address and then jumping directly to the the new function without adding new information to the stack. This is something I had heard about for years and used in various "functional" languages, without ever really implementing myself (and therefore fully understanding). It's an easy thing to take for granted without knowing anything about how it's actually implemented under the hood. The failure of sum-to-acc and similar recursive functions, described above, meant I would have to learn.

Two very different blog posts were helpful to me in pointing the way forward: Adding tail call optimization to a Lisp interpreter in Ruby, and How Tail Call Optimization Works. The posts focus on very different languages (Ruby vs. C / assembler), but they each revolve around what are effectively GOTO statements. I'm old enough to remember BASIC and the pernicious GOTO statement leading to "spaghetti code." I doubt I've ever used a GOTO statement in production code, whose use in modern programming languages fell out of favor in the aftermath of Dijkstra's famous Go To Statement Considered Harmful paper. But the ability to transfer control to another part of your program without invoking a function call is key to the optimization.

## The Approach

Since the strategy is general, let's lose all the parentheses for a moment and rewrite sum-to-acc in language-agnostic pseudo-code:

function sum-to-acc(n sum)
if n == 0, then return sum
return sum-to-acc(n - 1, n + sum)

In most languages (without TCO), when this function is called, the values of n and sum, as well as the return address, will be put on the stack, whose evolution looks something like the following.1:

first invocation: [n=5, sum=0,  ret=sum-to:...]

second invocation: [n=4, sum=5,  ret=sum-to-acc:...]
[n=5, sum=0,  ret=sum-to:...]

third invocation: [n=3, sum=9,  ret=sum-to-acc:...]
[n=4, sum=5,  ret=sum-to-acc:...]
[n=5, sum=0,  ret=sum-to:...]

fourth invocation: [n=2, sum=12, ret=sum-to-acc:...]
[n=3, sum=9,  ret=sum-to-acc:...]
[n=4, sum=5,  ret=sum-to-acc:...]
[n=5, sum=0,  ret=sum-to:...]

fifth invocation: [n=1, sum=14, ret=sum-to-acc:...]
[n=2, sum=12, ret=sum-to-acc:...]
[n=3, sum=9,  ret=sum-to-acc:...]
[n=4, sum=5,  ret=sum-to-acc:...]
[n=5, sum=0,  ret=sum-to:...]

sixth invocation: [n=0, sum=15, ret=sum-to-acc:...]
[n=1, sum=14, ret=sum-to-acc:...]
[n=2, sum=12, ret=sum-to-acc:...]
[n=3, sum=9,  ret=sum-to-acc:...]
[n=4, sum=5,  ret=sum-to-acc:...]
[n=5, sum=0,  ret=sum-to:...]

At the sixth invocation, our terminating condition is reached, and 15 is returned, with all the pending stack frames popped off the stack.

With TCO, the implementation looks more like the following:

function sum-to-acc(n sum)
TOP:
if n == 0, then return sum
n = n - 1
sum = sum + n
GOTO TOP

as a result, the evolution of the stack looks as follows:

first invocation: [n=5, sum=0, ret=sum-to:...]

second invocation: [n=4, sum=5, ret=sum-to:...]

third invocation: [n=3, sum=9, ret=sum-to:...]

fourth invocation: [n=2, sum=12, ret=sum-to:...]

fifth invocation: [n=1, sum=14, ret=sum-to:...]

sixth invocation: [n=0, sum=15, ret=sum-to:...]

All those extra stack frames are gone: recursion has turned into a form of iteration.

Implementing TCO, then, has two ingredients:

1. Replace the values of the current arguments with their new values directly.
2. Jump straight to the next call of the function without adding to the stack;

This low-level, imperative optimization makes high-level, functional, recursive implementations efficient.

## Implementation

In thinking about the implementation for l1, I was pleased to learn that Go actually has a goto statement. However, my implementation was poorly set up to use it.

Early in the implementation of l1, I noticed that each data type (numbers, atoms, and lists) had its own evaluation rules, so it made sense to make use of Go's features supporting polymorphism, namely interfaces and receivers. I had a Sexpr interface which looked like the following:

type Sexpr interface {
String() string
Eval(*env) (Sexpr, error)  // <--------
Equal(Sexpr) bool
}

Numbers and atoms, for example, had fairly simple Eval implementations. For example,

func (a Atom) Eval(e *env) (Sexpr, error) {
if a.s == "t" {
return a, nil
}
ret, ok := e.Lookup(a.s)
if ok {
return ret, nil
}
ret, ok = builtins[a.s]
if ok {
return ret, nil
}
return nil, fmt.Errorf("unknown symbol: %s", a.s)
}

And, of course, numbers eval to themselves:

func (n Number) Eval(e *env) (Sexpr, error) {
return n, nil
}

Lists, as you would expect, were more complicated - evaluating a list expression needs to handle special forms2, user-defined functions, and built-in functions. Following the classic Structure and Interpretation of Computer Programs, I separated the core logic for function application into separate Eval and Apply phases. And to prevent the Eval for lists from getting too large, I broke out the evaluation rules for different cases (e.g. for let and cond special forms and for function application) into their own functions.

In other words, I had evaluation logic spread over ten functions in five files. Sadly, the need to jump back to the beginning of an evaluation rather than recursively calling Eval again meant that several of those nicely broken out functions had to be brought together into a single function, because goto does not support jumping from one function to another. (C has setjmp and longjmp, which effectively do this, but I would want to upgrade my IQ by a few points before applying them in this situation.)

There were actually three cases where I was performing an evaluation step right before returning, and the goto pattern could be used:

1. When evaluating code in the tail position of a user-defined function;
2. When evaluating code in the last expression in a let block;
3. When evaluating code in the chosen branch of a cond clause.

I wound up with code which with looks like the following. Several steps are indicated only with comments. Note the tiny, easy-to-miss top: label at the very beginning:

// lisp.go
//
func eval(expr Sexpr, e *env) (Sexpr, error) {
top:
switch t := expr.(type) {
case Atom:
return evAtom(t, e)
case Number:
return expr, nil
// ...
case *ConsCell:
if t == Nil {
return Nil, nil
}
// special forms:
if carAtom, ok := t.car.(Atom); ok {
switch {
case carAtom.s == "quote":
return t.cdr.(*ConsCell).car, nil
case carAtom.s == "cond":
pairList := t.cdr.(*ConsCell)
if pairList == Nil {
return Nil, nil
}
for {
if pairList == Nil {
return Nil, nil
}
pair := pairList.car.(*ConsCell)
ev, err := eval(pair.car, e)
if err != nil {
return nil, err
}
if ev == Nil {
pairList = pairList.cdr.(*ConsCell)
continue
}
expr = pair.cdr.(*ConsCell).car
goto top
}
// ...

The code so far shows the evaluation for atoms, numbers, and cond statements. cond does not introduce any new bindings, but when the first truthy condition is encountered, it evaluates the next argument as its final act. So the code above simply replaces the expression to be evaluated, expr, with the expression from the matching clause, and then restarts the evaluation via goto, without the overhead of a separate function call.

The code for let is somewhat similar:

case carAtom.s == "let":
args := t.cdr.(*ConsCell)
if args == Nil {
return nil, fmt.Errorf("let requires a binding list")
}
// ... code to set up let bindings ...
body := args.cdr.(*ConsCell)
var ret Sexpr = Nil
for {
var err error
if body == Nil {
return ret, nil
}
// Implement TCO for let:
if body.cdr == Nil {
expr = body.car
e = &newEnv
goto top
}
ret, err = eval(body.car, &newEnv)
if err != nil {
return nil, err
}
body = body.cdr.(*ConsCell)
}

The for loop invokes a new eval for each expression in the body of the let, except for the last one: when the last expression is reached, (the cdr is Nil), the last eval is done by jumping to the beginning of the function, once it has updated its environment to point to include the new bindings.

The last use of this pattern is in function invocation proper, which looks similar:

// (... code to set up new environment based on passed arguments ...)
var ret Sexpr = Nil
for {
if lambda.body == Nil {
return ret, nil
}
// TCO:
if lambda.body.cdr == Nil {
expr = lambda.body.car
e = &newEnv
goto top
}
ret, err = eval(lambda.body.car, &newEnv)
if err != nil {
return nil, err
}
lambda.body = lambda.body.cdr.(*ConsCell)
}

I've skipped various parts of eval that aren't relevant for TCO optimization - if you're interested, you can check out the code yourself.

To be clear, what we are optimizing is all tail calls, not just recursive ones - though the recursive ones were the primary objective due to the stack overflows reported above.

The end result is that sum-to now can complete for large values of $n$:

(sum-to (* 1000 1000))
;;=>
500000500000

Incidentally, a variant of our test case failed before I added the TCO optimization to let shown above; this now works, as well:

(defn sum-to-acc-with-let (n acc)
(let ((_ 1))
(cond ((zero? n) acc)
(t (sum-to-acc-with-let (- n 1) (+ n acc))))))

(defn sum-to-with-let (n) (sum-to-acc-with-let n 0))

(sum-to-with-let (* 1000 1000))
;;=>
500000500000

## Conclusion

Getting tail-call optimization to work was very satisfying... though the eval implementation is certainly more complex than before. (Ah, optimization!)

To ensure TCO continues to work, variants of sum-to with and without let are run on every build, along with a few other short example programs.

After implementing TCO in my own code, I can appreciate and understand the optimization better when I see it in the wild. I fully expect to use the pattern again when implementing future lisps (yes, I hope there will be more).

1

Note that this is a somewhat abstract representation: the details are language-specific. The ret=sum-to:... notation means that when the function returns, control will pass back to where it left off inside the sum-to function.

2

A special form is one that does not follow the normal evaluation rule for functions - it may evaluate its arguments once, many times, or not at all. (I am glossing over macros for the time being; l1 does not have them yet.)

* Special [UK Foreign Office] unit spread fake news about leftist [Kenyan] politician, Oginga Odinga, seen as threat to British interests in 1960s.*

### 16:56

Maybe if you make stuff yourself, things like the Scoob or Batgirl cancellations just hit harder. I wasn't out here pining for these films, not a lot of Scoob fans in my house; they'd tell me it was Boomer shit for sure, even though that construct has been surprisingly resilient and readily interpreted generationally for decades. It's Commedia dell'arte, plus dog. We've been rocking that shit for a minute.

### 16:42

61 Oklahoma legislators called on the state to reinvestigate whether Richard Glossip is really guilty. They believe there is no evidence that he committed the murder he is scheduled to be executed for.

Some people can forgive great wrongs; others simply can't. It's not a matter of choice.

This suggests to me that society's treatment of criminals should not be based on whether their specific victims can forgive the crimes. Society needs to pardon the criminals eventually, if that helps make society whole, even if the victims can't.

*Climate research finds modelling used [by central banks] cannot predict localised extreme weather, leading to poor estimations of risk.*

US citizens: The climate, tax and welfare bill passed the Senate, but hasn't passed the House of Representatives. Big Pharma is lobbying to kill the part that will reduce drug prices. Please phone your representative to support it.

The Capitol Switchboard number is +1-202-224-3121.

Military challenges Ukraine faces in recapturing Kherson.

I believe it is possible. The Putin forces soldiers have no reason to fight to the death, if Ukraine shows they will be safe if they surrender.

*Photos suggest Trump blocked toilets with ripped-up White House documents.*

Destroying those documents may have been illegal.

The Putin forces are using the Zaporizhzhia nuclear power plant as a shield for their artillery, firing cannons from near the plant's facilities. Meanwhile, they are interfering with proper maintenance of the plant.

The dental part of the UK's National Health Service has collapsed; many Britons can't find a dentist to treat them.

*Climate impacts have worsened vast range of human diseases.* They include Zika, malaria, dengue, chikungunya and even Covid-19.

*Democrats lose effort to cap insulin at $35 for most Americans before passage of Senate reconciliation bill.* *Amazon [(the company)'s] carbon emissions up 40% but somehow still on track for "net zero" by 2040.* The right-wing government of the UK does exactly as Adam Smith warned: it crushes the non-rich and panders to the rich. It goes as far as murder. As Aneurin Bevan said, the Tories are lower than vermin. Texas threatens to prosecute any Texas organization that funds travel out of Texas for an abortion, and to sue any individual who provides such funds. This is terrorism. Fanatical right-with Christian Taliban terrorism. Activists in 13 countries that propose to negotiate a new business-supremacy treaty warn that it may become another iteration of the Trance Pacific Partnership, also known as the Pacific Partnership Trance. The new treaty has a name, IPEF, and a likely bad result because of which countries are involved. Poor children wore body cameras in New Zealand to contribute to a picture of what life in poverty is like. A study like this can have good results, but we need to take steps to prevent poor people from being lured, tricked or forced to contribute to massive surveillance. *It's time to ban private jets — or at least tax them to the ground.* I favor taxing them heavily, because sufficient tax should make them insignificant as a contribution to global heating, and we can use the money. Prohibiting private jets as tax deductions would also help greatly. *Massive Quantities of PFAS Waste Go Unreported to EPA.* A bubble barrier is removing most of the plastic particles from the Oud Rijn river, with a modicum of energy and little human labor. Republicans have been increasing income taxes and cutting support for working people for 40 years, but they are not satisfied, so they are proposing extreme ideas for how to do even worse. Ron Johnson proposes to make Social Security and Medicare payments a year-by-year decision. People like Ron Johnson and Rick Scott deserve to be sentenced to live on$100 a week, and forbidden to receive gifts except through begging from strangers.

Governor Dementis advocates a long list of right oppressive right-wing policies. One that is subtle and long term is the distortion of civics education in favor of government promotion (effectively, establishment) of religion.

The campaign to limit use of facial recognition has stalled, and some regulations are being reversed, or expiring.

What makes facial recognition so dangerous is its capacity to track everyone's movements. The only legitimate cases for using it are in systems that cannot be used to track everyone's movements. To use it for "lead generation" is exactly the danger.

*Democratic ads boosted extremists in Republican primaries. Was that wise?*

It was a very risky bet. For such a bet to be wise, you need to be very sure of the dynamics of the situation. I don't think any political group can validly be that confident.

### 16:35

One way to tame your email inbox is to get in the habit of using unique email aliases when signing up for new accounts online. Adding a “+” character after the username portion of your email address — followed by a notation specific to the site you’re signing up at — lets you create an infinite number of unique email addresses tied to the same account. Aliases can help users detect breaches and fight spam. But not all websites allow aliases, and they can complicate account recovery. Here’s a look at the pros and cons of adopting a unique alias for each website.

Importantly, you don’t ever use this alias anywhere else. That way, if anyone other than example.com starts sending email to it, it is reasonable to assume that example.com either shared your address with others or that it got hacked and relieved of that information. Indeed, security-minded readers have often alerted KrebsOnSecurity about spam to specific aliases that suggested a breach at some website, and usually they were right, even if the company that got hacked didn’t realize it at the time.

Alex Holden, founder of the Milwaukee-based cybersecurity consultancy Hold Security, said many threat actors will scrub their distribution lists of any aliases because there is a perception that these users are more security- and privacy-focused than normal users, and are thus more likely to report spam to their aliased addresses.

Holden said freshly-hacked databases also are often scrubbed of aliases before being sold in the underground, meaning the hackers will simply remove the aliased portion of the email address.

“I can tell you that certain threat groups have rules on ‘+*@’ email address deletion,” Holden said. “We just got the largest credentials cache ever — 1 billion new credentials to us — and most of that data is altered, with aliases removed. Modifying credential data for some threat groups is normal. They spend time trying to understand the database structure and removing any red flags.”

According to the breach tracking site HaveIBeenPwned.com, only about .03 percent of the breached records in circulation today include an alias.

Email aliases are rare enough that seeing just a few email addresses with the same alias in a breached database can make it trivial to identify which company likely got hacked and leaked said database. That’s because the most common aliases are simply the name of the website where the signup takes place, or some abbreviation or shorthand for it.

Hence, for a given database, if there are more than a handful of email addresses that have the same alias, the chances are good that whatever company or website corresponds to that alias has been hacked.

That might explain the actions of Allekabels, a large Dutch electronics web shop that suffered a data breach in 2021. Allekabels said a former employee had stolen data on 5,000 customers, and that those customers were then informed about the data breach by Allekabels.

But Dutch publication RTL Nieuws said it obtained a copy of the Allekabels user database from a hacker who was selling information on 3.6 million customers at the time, and found that the 5,000 number cited by the retailer corresponded to the number of customers who’d signed up using an alias. In essence, RTL argued, the company had notified only those most likely to notice and complain that their aliased addresses were suddenly receiving spam.

“RTL Nieuws has called more than thirty people from the database to check the leaked data,” the publication explained. “The customers with such a unique email address have all received a message from Allekabels that their data has been leaked – according to Allekabels they all happened to be among the 5000 data that this ex-employee had stolen.”

HaveIBeenPwned’s Hunt arrived at the conclusion that aliases account for about .03 percent of registered email addresses by studying the data leaked in the 2013 breach at Adobe, which affected at least 38 million users. Allekabels’s ratio of aliased users was considerably higher than Adobe’s — .14 percent — but then again European Internet users tend to be more privacy-conscious.

While overall adoption of email aliases is still quite low, that may be changing. Apple customers who use iCloud to sign up for new accounts online automatically are prompted to use Apple’s Hide My Email feature, which creates the account using a unique email address that automatically forwards to a personal inbox.

What are the downsides to using email aliases, apart from the hassle of setting them up? The biggest downer is that many sites won’t let you use a “+” sign in your email address, even though this functionality is clearly spelled out in the email standard.

Also, if you use aliases, it helps to have a reliable mnemonic to remember the alias used for each account (this is a non-issue if you create a new folder or rule for each alias). That’s because knowing the email address for an account is generally a prerequisite for resetting the account’s password, and if you can’t remember the alias you added way back when you signed up, you may have limited options for recovering access to that account if you at some point forget your password.

What about you, Dear Reader? Do you rely on email aliases? If so, have they been useful? Did I neglect to mention any pros or cons? Feel free to sound off in the comments below.

### 16:07

Page 22 is done.

Low Traffic Neighbourhoods transform people’s lives and rebuild community. Resist the angry men trying to destroy them.

By George Monbiot, published in the Guardian 3rd August 2022

It reminds me of the school board controversies in the United States. A small group of furious men, whipped up by the media and opportunist politicians, are seeking to turn quiet, practical attempts to protect local people into full-blown culture wars. The further from reality their beliefs diverge, the readier they are to resort to vandalism and violence.

But this isn’t the US, and it’s not about textbooks. It’s playing out in the streets of Oxford. The angry men have resorted so far to arson, angle grinders and physical attacks on local people. What is the frightful cause of these reactions? The council’s efforts to ensure that through-traffic stays on main roads.

There could scarcely be a more reasonable policy. Low traffic neighbourhoods (LTNs) seek to stop residential streets being used as escape valves for overloaded arterial roads. They replace a privilege exercised by a few – rat-running through local streets – with rights enjoyed by the many: cleaner air, less noise, safe passage for children, cyclists, users of wheelchairs and mobility scooters, stronger communities.

The angry drivers insist that LTNs have been imposed on them. Well, whether they agree or not, there are consultations. But no one was consulted about their streets being used as short cuts. No one was consulted about facing a higher risk of asthma and dementia as a result of air pollution, or seeing their communities split by walls of traffic. No one was consulted about losing the places where neighbours could talk and children could play.

The shift has happened at astonishing speed. Between 1995 and 2019, urban traffic in Great Britain rose significantly. But not on major roads, where it grew by just 1%. On minor roads, by contrast, it rose by 36%. You can see the fascinating, chilling trends in government statistics. Traffic on minor roads rises slowly until 2004, gradually declines to 2010, then suddenly surges.

What happened? The general introduction of satnavs. Not only have they made urban driving easier, encouraging a wider trend, but they’ve directed all the extra traffic through rat-runs. In London, journeys on minor roads increased by 63% between 2009 and 2019.

The problem compounds itself. Pedestrians are 17% more likely to be killed or seriously injured on minor roads for every mile a vehicle travels than on major roads. As the streets become more dangerous, fewer local people are prepared to walk or cycle so they, too, turn to their cars.

Low traffic neighbourhoods use bollards or selective filters to make rat-running infeasible. Everyone can reach their home in a car or a van if they wish, but they might have to take a longer route to get there. In return, they get safety, quiet, and cleaner air. A study in one of the early LTNs (called mini-Holland schemes by the designers) in Waltham Forest in London found that road injuries fell threefold. Partly as a result, people in mini-Holland streets walk or cycle, on average, 41 minutes a week more than those whose traffic has not been reduced.

A remarkable feature of these schemes is how quickly people reoccupy their streets. Almost immediately, people start emerging from their houses to talk, their voices no longer drowned by engines. Children come out to play. Thoroughfares become communities.

The more ambitious the plans are, the better they work. Traffic diversions should be accompanied by an expansion of community space – wider pavements, benches, trees, micro-parks – and schemes to encourage people to travel by different means, such as protected bike lanes, new bus routes, road charging, “Copenhagen crossings” (where pedestrians have priority), and controlled parking zones. Rather than permitting large vans to deliver small packets, a delivery depot system would allow the last part of the journey to be made by cargo bike.

The way we talk about these changes is important. “Low Traffic Neighbourhood” is a cold, distancing term. I think they would better be named “Streets for People”. Instead of announcing “road closures”, councils should herald “street revivals”.

Oxford’s programme is arguably the most ambitious in the country. Its LTN schemes are part of a wider transformation, which includes a city-wide workplace parking levy, a large zero-emission zone, new electric buses, an e-cargo bike fleet and electric scooter hire.

But certain men (CCTV footage suggests that all of them are men) find this transition intolerable. They began by spraying graffiti on the streets and flower planters. Before long, they started ripping out the new bollards. When local people, calling themselves “human bollards”, took the place of the vandalised fittings to defend their streets at peak times, these men resorted to threats, abuse and violence. In some cases, they left their vehicles to shove and punch the street defenders. In one case, recorded on film, a driver used his car to shunt a person out of the way. One man, using a powerful accelerant, torched two of the bollards. In a separate incident last month, someone sawed one off and filled the hole with cement.

The objectors spread powerful myths. They claim that LTNs merely displace traffic to other roads. But, as government figures show, the majority of schemes reduce traffic everywhere. They claim LTNs impede emergency vehicles, but a paper in the journal Transport Findings, investigating the response times of fire engines, found no evidence of an effect. They claim that these changes favour middle-class areas, but an analysis revealed that people in highly deprived places are 2.7 times more likely to benefit from an LTN. They claim the schemes are expensive, but all of Oxford’s, transforming the lives of 7,000 residents, cost just £165,000: 67 times less than expanding one roundabout on the ringroad.

Public opinion follows a consistent trajectory: once these changes have bedded in, opposition collapses. For instance, in Waltham Forest, 44% of residents objected to their LTN before it was created. But five years on, only 1.7% wanted to see the change reversed. Unfortunately, some councils, such as Lewisham, Harrow and Wandsworth, lost their nerve before their schemes matured, and reversed them after a few difficult weeks. Not Oxford: two weeks ago, the county council voted to make its LTNs permanent.

People are entitled to object to LTNs,but the hard-right politics that has crossed the Atlantic tells some people that they no longer need respect the facts, no longer need to listen to others, no longer need to reason or debate. They need only assert, threaten and attack. This new barbarism, combined with the lethal ways in which driving changes us, encourages the worst tendencies and the worst people to come to the fore. We must defend our communities, street by street.

www.monbiot.com

### 15:49

Writers often use what they experience in their lives in their fiction; for Robin C.M. Duncan, a particular medical issue gave him an insight that informed his novel The Mandroid Murders. What was it and how did it have an impact on the writing? Read on.

ROBIN C. M. DUNCAN:

I began writing my novel The Mandroid Murders in 2016, with the emergence of my main characters from a “Writing Excuses” writing prompt about a dead-drop from three different viewpoints. The novel’s main theme materialised from recent changes I observed in my behaviour, but I could not have known then how that choice of theme presaged a traumatic personal event.

The interface between humans and their technology has defined the development of Humankind, and its impact on the Earth, for millennia. From rocks to rockets to microprocessors, tool use remains humanity’s driving force. The question of how far and where that might take us has exercised Science Fiction writers for over a hundred years, but my interest is less about how those tools affect the world (a dire and depressing subject), but how their use affects the user, and the user’s much older and more spiritual interface with the physical realm.

As human tools have become increasingly complex, arguably, the scope of their impact on the psyche has increased. Recent research demonstrating a dramatic reduction in attention spans appears to have been debunked, but I believe there is still ample proof that our smartphones do disrupt our relationship with the physical world. I believe this simply because that is what those devices are designed to do, to insinuate themselves between us and whatever is in front of us, be it a person across a dinner table, the physical book we are reading, or yes, even our TV or computer screen.

This infiltration of our psyche is achieved by tactile, auditory and visual means, sometimes all three at once, and each time we succumb to the lure, we receive the reward of a screen free of little red notification dots, and a smack of dopamine from the app in question. However, this is at the cost of our physical interactions, our social relations, our attention spans (I would continue to argue), and our sleep. But, what if our consciousness became part of the machine itself, with all physical filters and barriers removed? What impact might there be then on the human psyche and our ability to interact with the real world; how might any given consciousness react when physical accountability is removed?

As the title of my novel suggests, androids play a big part in my vision of Earth in 2099. These droids (proprietary name, syRen®) are somewhat Asimovian, operating broadly under his laws of robotics, although supplemented by technical bureaucracy, and with what I call pseudo-AI, not “full” AI. While Virtual Reality enables humans to see through android eyes, and experience their actions, Androicon develops technology to put human consciousness into an android, enabling a human to operate it. Because that’s bound to be a good idea, right?

The story follows the trail of Gregor Callan, a quadriplegic, who volunteers to participate in Androicon’s testing of their new tech. Callan was paralysed in a terra-forming accident. Synaptic Mapping (the tech in question) enables him to experience the physical freedom that most of us take for granted, but when the link to his body is severed, Callan finds he is no longer accountable to his physical form. There are signs that he was unbalanced even before his original accident, but the chip on his virtual shoulder is given freedom to roam, and the consequences are less than optimal, shall we say: private detective Quirk is called in to find Callan and stop him.

Callan’s viewpoint is one of increasing dissociation with the world and the people around him. He is in a desperate situation to begin with, but, on escaping his damaged body, finds that he needs something else to cling to, an imperative beyond mere physical survival. The course that Callan’s psyche draws him down has severe implications for the settlement of Lunaville. The story is not intended as an exploration of what it means to be human, but more what it means to be accountable to society. How would an individual behave if that accountability was withdrawn, if—in their mind at least—it evaporated? To some extent we are in The Invisible Man territory here, although there are limitations on the antagonist’s ability to roam at will through an unsuspecting population, all the while becoming increasingly more detached from it. But how does this relate to my own traumatic event?

In April 2021 I had my first COVID vaccination. Shortly afterwards, I began to lose sensation in my hands and feet, and my mobility decreased alarmingly quickly. I was admitted to hospital in June. At the point of treatment starting I could not support my own bodyweight, nor feel much of anything from feet to knees, in the groin, rear and stomach, in my hands and or in my mouth. I was diagnosed with Guillain Barré Syndrome*. In a nutshell, the immune system attacks the nervous system, destroying the nerves. It’s a very treatable condition if caught early enough, but the effects are unbelievably scary. Thankfully, I improved immediately upon treatment starting, and have since regained 95% of mobility and nerve function (Stoopid feets!). I feel very fortunate: some are far more debilitated, can be completely paralysed; the condition can be fatal. The care I had, and still have, from Britain’s National Health Service is amazing, and I will be forever grateful to live in a country with a public healthcare system.

Okay, I did not go “the full Callan”, but this event put a great deal in perspective for me, and afforded me a lot of time to consider how I interface with the world. I was, quite literally, able to feel the grass beneath my feet again. Hours of physio strengthened my ability to walk effectively, I regained stamina, I felt in touch with the world again. What it must be to lose that connection permanently does not bear thinking about. My episode reminded me how important it is for us to treasure our connection to the physical world, which is doing its best to nurture us, despite Humankind’s persistent depredation of our one and only home, in the name of narrowminded corporate objectives (another theme of my novel). So, remember to feel the grass beneath your feet, to treasure your loved-ones, to marvel at and respect the world around you; do not take these things for granted. They are all finite.

*Sometime later, after a relapse in October 2021, my diagnosis was updated to one of Chronic Inflammatory Demyelinating Polyneuropathy (CIDP), a chronic form of GBS.

The Mandroid Murders: Amazon|Barnes & Noble

### 15:21

Interop is the Hippocratic Oath for developers.

Whenever possible make your product interop with products that came before.

First do no lock-in.

Accessing memory is done primarily through load and store instructions.

; load word or doubleword register
ldr     Rn/zr, [...]

ldrb    Wn/zr, [...]

ldrsb   Rn/zr, [...]

ldrh    Wn/zr, [...]

ldrsh   Rn/zr, [...]

ldrsw   Xn/zr, [...]

ldp     Rd1/zr, Rd2/zr, [...]

; load pair of registers as signed word
ldpsw   Xd1/zr, Xd2/zr, [...]

AArch64 does not have AArch32’s LDM instruction for loading up to 13 registers at once. As a consolation present, it gives you a LDP instruction for loading two registers, either 32-bit or 64-bit, from consecutive bytes of memory. (The first register uses the lower address.) The LDP instruction is commonly used with the 64-bit registers to load spilled registers from the stack.

There is a corresponding selection of instructions for storing to memory, but obviously the sign extension variations are not relevant.

; store word or doubleword register
str     Rn/zr, [...]

; store byte
strb    Wn/zr, [...]

; store halfword
strh    Wn/zr, [...]

; store pair of registers
stp     Rd1/zr, Rd2/zr, [...]

Not all addressing modes are available for all variations. This is not something you worry about when reading assembly language, but it’s something you need to keep in mind when writing it.

Size [Xn/sp, #imm]
(−256 … +255)
[Xn/sp, #imm]
[Xn/sp, #imm]!
[Xn/sp], #imm
[pc, #imm]
(±1MB)
[Xn/sp, Rn/zr, extend]
byte
halfword
pair

The reach of the second column is is (0 … 4095) × size, except that the reach of the the register pairs is (−64 … 63) × size.

All operand sizes support register indirect with offset. Only word and doubleword support pc-relative (and even those are supported only for loads). And register pairs support only register indirect with offset.

There are some ambiguous encodings, because a constant offset in the range 0 … 255 that is a multiple of the operand size can be encoded either as a 9-bit signed byte offset, or as a 12-bit unsigned element offset. By default, assemblers will use the 12-bit unsigned element offset, but you can force the 9-bit signed byte offset by changing the opcode from LDxxx and STxxx to LDUxxx and STUxxx. The U stands for unscaled.

Windows enables automatic unaligned access fixups. Simple unaligned memory accesses are fixed up automatically by the processor, but you lose atomicity: It is possible for an unaligned memory access to read a torn value. Any such tearing is at the byte level.

 Original value 12 34 56 78 aligned Processor 1 reads misaligned Processor 2 writes AB CD EF 01 aligned

The misaligned halfword read from processor 1 could produce 34|56, 34|EF, CD|56, or CD|EF. But it won’t produce 3D|EF.

You can still take alignment faults if the misaligned memory access is fancy, such as a locked load, store exclusive, or a load with a memory barrier. We’ll learn about these special memory accesses next time.

The post The AArch64 processor (aka arm64), part 12: Memory access and alignment appeared first on The Old New Thing.

I’ve spent a lot of time on this blog debunking economists’ claims about productivity. Usually, I come at the problem from a fairly technical angle, meaning I break down the contradictions involved in economists’ methods. Today, I want to try a more philosophical approach. I’m going to talk about dualism — the idea that something can be two things at once.

### Dualism in science

Science is filled with dualist statements — claims that a substance is two things at once. Of course, scientists don’t use this terminology. They call their dualist statements ‘mathematical equations’. Here’s a famous one from Albert Einstein:

\displaystyle E = mc^2

In this equation, Einstein claims that matter and energy are two sides of the same coin. In other words, there is some mysterious force that can convert matter into energy and vice versa.

Because mass-energy equivalence sounds pretty wild, Einstein’s equation gets a lot of attention. But science is rife with conceptually identical statements. For example, Newton claimed that there is something called a ‘force’ that can be converted into ‘acceleration’:

\displaystyle F = ma

When you reflect on these equations, you realize that they are making rather profound metaphysical claims about the world — much like claiming that the Father, the Son and the Holy Ghost are the same thing. So were Einstein and Newton just doing theology?

No. They were doing science.

Unfortunately, most introductory science textbooks don’t explain the distinction. Instead, they take a rather theological approach to pedagogy. Textbooks often present formulae as received wisdom, and then tell students to explore the consequences. Similarly, many science popularizers know that the public is hungry for metaphysics, and so they discuss the ‘profound’ implications of various theories. But what popularizers rarely do is explain why scientists trust the formulas they use.

Part of the problem comes down to mathematical notation itself. On its own, a mathematical equation is not science. It is a definition. For example, I can define a quantity F that is the product of mass times acceleration:

\displaystyle F = ma

Until I test this equivalence, however, I haven’t done science. To do science, we must treat our mathematical definition as a mathematical question. Unfortunately, there is no accepted notation for this way of thinking. But perhaps it might look like this:

\displaystyle F =? ~ ma

To test this equation/question, we devise ways of independently measuring both sides of it. Now, by ‘independently’, I don’t mean measurement that is ‘theory free’, since that’s impossible. All measurement depends on preconceptions about the world. (To measure the length of different objects, for example, you assume that the length of your ruler remains constant.) In science, ‘independent’ measurement simply means we use methods that don’t depend on the theory we are testing.

So if we are testing Newton’s equation, we can’t measure force in terms of acceleration. Instead, an independent measurement might be something like this:

1. measure force with a spring gauge,
2. measure mass with a balance scale
3. measure acceleration using the change in velocity over time.

These measurements all depend on preconceptions about the world. But they do not logically imply Newton’s equation. And so if we find that force is the product of mass times acceleration, we’ve shown that Newton’s equation is not merely a human definition. It is a truth statement about the natural world.

We can do the same thing with Einstein’s equation — albeit using tools that are more complicated. For example, in 2005, Simon Rainville and colleagues used atomic-mass differences to test the equivalence of matter and energy. They found that Einstein’s equation was accurate to seven decimal places.1

Again, it is the experimental confirmation that renders an equation meaningful. Without the observational component, we are left with nothing but a human definition. And that brings us to theology.

### Dualism in theology

If science is the combination of logical definitions with empirical observations, theology is science without the observation. It is a web of human definitions, and nothing more.

As an example, take the Catholic concept of the Trinity, which is notorious for its bizarre logic. According to church dogma, God exists simultaneously as ‘The Father’, ‘The Son’ and ‘The Holy Spirit’. But while these three entities are all God, they are somehow distinct from each other. Thus the Holy Spirit is God. And the Son is God. But the Holy Spirit is not the Son. Confused? That’s because the Trinity is logically incoherent. But don’t worry, the church says it’s be true.

Figure 1: The Shield of the Trinity. Wikimedia Commons

The Trinity is a prime example of theological dualism. We have a set of definitions, and nothing else. Sure, you can argue about the definitions. But there’s no objective way to settle the score. Quarrels over the Trinity are the medieval equivalent of debates in modern fandom. It’s like when Star Wars fans argue about whether Anakin Skywalker ‘died’ when he became Darth Vader. The correct answer is that there is no correct answer. The ‘truth’ is however you define it.

Although it makes for abysmal science, the theological stance is a great way to sound authoritative while you spout bullshit. The self-styled libertarian ‘philosopher’ Ayn Rand was a master of this technique. Here she is laying out her philosophy of objectivism:

The formula defining the concept of existence and the rule of all knowledge: A is A. A thing is itself. You have never grasped the meaning of [this] statement. I am here to complete it: Existence is Identity, Consciousness is Identification.

Rand’s writing is a tour-de-force in theological nonsense. Start with a tautology (A = A). Follow it up with some weighty definitions (existence = identity). Claim you have a ‘rule for all knowledge’. Marvelous bullshit.

### Dualism in economics

Perhaps the best definition of economics is that it is ‘secular theology’. Economics adopts the veneer of science, but, like theology, is based on untestable definitions.

In economics, the most pervasive dualism is the equivalence between income and productivity:

\displaystyle \text{income} = \text{productivity}

Unlike Ayn Rand’s poetic bullshit, the dualism between income and productivity is meant to be quantitative and literal. In neoclassical economics, a person’s income indicates their contribution to society.

Like all good theology, the theory starts with a definition. If Alice has some output Q that is sold at some price P, her gross income is defined as:

\displaystyle I = Q \cdot P

For example, if Alice grows 10 apples and sells them for $1 each, her gross income would be$10:

\displaystyle I = (10 \text{ apples }) \cdot ( \$1 \text{ per apple} ) = \$10

If Alice grew half as many apples, her income would be cut in half:

\displaystyle I = (5 \text{ apples }) \cdot ( \$1 \text{ per apple} ) = \$5

From this angle, it seems like the duality between income and productivity is sound. The problem is that it is actually unnecessary. If we can count what Alice produces (apples), we can measure her productivity directly. So we don’t need income.

Worse still, if the price of apples changes, not only is the income-productivity duality unnecessary, it is also false. For example, if Alice grows the same number of apples each year, the reality is that her productivity is constant. And yet if the price of apples changes, we infer from her income that her productivity has changed. That’s just wrong.

So right off the bat, we have a logical problem with the productivity-income duality. Either it is correct but unnecessary, or it is both unnecessary and incorrect. Either way, the duality is unsound.

Of course, there is nothing wrong with having a hypothesis that is logically unsound. It just means that when you notice the problem, you should abandon the hypothesis. But that’s not what happened in economics. Instead, the income-productivity duality became the basis for the entire system of national accounts.

Along the way, economists invented various fairy tales to justify their theology. For example, in the late 19th century, the economist John Bates Clark tried to ‘prove’ that in a competitive market, each agent earned what they produced. To his credit, Clark realized that the only way this proof worked is if everyone produced the same commodity. The problem is that this assumption renders Clark’s hypothesis moot. If everyone produces the same commodity, we can measure their productivity directly, meaning we don’t need income.

It gets worse. In the real world, where people produce many different commodities, we cannot measure productivity directly. (We cannot compare apples and oranges.) And so economists infer productivity by measuring income. But in this situation, Clark’s proof breaks down.

To address this logical problem, economists have invented more theology. Prices, they claim, are themselves a duality. Prices are both a monetary quantity and a measure of utility:

\displaystyle \text{price} = \text{utility}

So yes, prices may change, but that’s because the underlying utility of a commodity has changed. Or maybe it hasn’t. The problem is that economists never measure utility. They infer it from prices. And so the whole operation becomes circular — a theological definition, and nothing more. Joan Robinson nicely summarized the situation:

Utility is a metaphysical concept of impregnable circularity; utility is the quality in commodities that makes individuals want to buy them, and the fact that individuals want to buy commodities shows that they have utility.

In other words, economists propose a definition, and these use this definition to justify itself. That’s theology, folks.

### The dualism smell test

Since both science and theology appeal to dualism, it can be difficult to distinguish the two forms of thought. With that in mind, here’s a dualism smell test.

Dualism always starts with a definition. Force is mass times acceleration. The Son is God. Income is productivity. To distinguish between science and theology, you should look at what follows the definition. In the case of science, the definition should be followed by an empirical test. Thus, scientists didn’t just take Newton at his word. They tested his laws of motion and found them to be correct (at non-relativistic speeds).

Now, the wonder of mathematics is that by manipulating algebraic definitions, you can derive predictions that follow from the starting assumptions. It’s important to test these predictions. But if they hold, that doesn’t mean that the assumptions are correct. That’s why scientists always test both the predictions of a theory and its assumptions. The classic example is Newton’s theory of gravity. When combined with his theory of dynamics, you get a rich set of predictions — enough to send people to the moon.

These correct predictions, however, didn’t stop scientists from testing the core assumption — the claim that inertial mass is equivalent to gravitational mass (a dualist statement). Indeed, this ‘weak equivalence principle’ has been tested continuously for more than four centuries. No one has found a violation.

When people like Milton Friedman spout theological nonsense, they’ll try to convince you that assumptions don’t matter. Friedman notoriously claimed that if a theory gives ‘correct predictions’, that’s good enough. Don’t believe him. Assumptions are the most basic part of science. If they are wrong, the whole theory is garbage.

Speaking of Uncle Milton, that brings me to theological dualism. When you do theology, the goal is to use a definition to (seemingly) prove your point and to avoid the fact that you are not testing your definition. One of the more amusing applications of this technique is in supposed logical ‘proofs’ of God’s existence. My favorite proof comes from Rene Descartes and goes something like this:

1. God is perfect.
2. It is more perfect to exist than to not exist.
3. Therefore, God exists.

Do you see what Descartes did here? He used two definitions to make his point. He defined God as perfect. He defined existence as more perfect than non-existence. Presto, God exists.

Sorry, Rene, that’s not how it works. You’ve got to test your assumptions.

Is God ‘perfect’? Hard to say, since God is unobservable and ‘perfection’ is a subjective aesthetic. And is it ‘more perfect’ to exist than to not exist? Again, there’s not much to test here since we’re talking about aesthetics. But mathematicians might disagree. Only imperfect circles exist (in the real world). Yet mathematicians can imagine perfect ones. So maybe it is ‘more perfect’ to not exist.

In short, dualism fails the smell test if it is not followed by an empirical test. If there is no such test, what you have is not science … it is theological rot — a web of interlocking definitions that tell us nothing about the natural world.2

#### Support this blog

Economics from the Top Down is where I share my ideas for how to create a better economics. If you liked this post, consider becoming a patron. You’ll help me continue my research, and continue to share it with readers like you.

[Cover image: Wikimedia Commons]

Want to know more about how economists equate income with productivity? Here are five pieces on the topic:

### Notes

1. Rainville and colleague’s experiment worked as follows. They let an atomic nucleus capture a neutron, after which the nucleus emits a gamma ray. To test Einstein’s equation, Rainville compared the mass change between the reactants and product to the energy of the gamma ray.

The experiment is an interesting case-study in how measurement depends on theory. To measure the energy of the gamma ray, Rainville used the Planck relation, which describes how the energy of a photon relates to its wavelength. The measurement of wavelength, in turn, depended on Bragg’s Law of diffraction. And to measure mass, Rainville used cyclotron resonance. Converting the resonance frequency to mass depends on both Newtonian mechanics and the theory of the electromagnetic Lorenz force.

2. Okay, theology does tell us something about the natural world. It demonstrates that the human species is adept at fooling itself.

The post Dualism in Science, Theology, and Economics appeared first on Economics from the Top Down.

### 15:07

Security updates have been issued by Debian (gst-plugins-good1.0), Fedora (firefox and ghostscript), Gentoo (consul, firefox, libass, libraw, lxml, mdbtools, pam_u2f, spice, and thunderbird), Oracle (kernel, kernel-container, and vim), Red Hat (galera, mariadb, and mysql-selinux, kernel, and kernel-rt), Scientific Linux (kernel), SUSE (bind, java-11-openjdk, kernel, mokutil, ncurses, and u-boot), and Ubuntu (epiphany-browser, libcdio, linux, linux-aws, linux-azure-4.15, linux-dell300x, linux-gcp-4.15, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-kvm, linux-lts-xenial, and linux-hwe, linux-aws-hwe, linux-azure, linux-gcp, linux-oracle).

# A modest proposal to fix contracts (permalink)

Every time I click through one of those garbage legalese novellas you're expected to say "I Agree" to before doing something totally normal and inconsequential, I'm reminded of the legendary Lenny Bruce bit "Eat, Sleep and Crap."

In this bit, all civilization begins with agreements:

"Let's see. I tell you what we'll do. We'll have a vote. We'll sleep in Area A. Is that cool?"

"OK, good."

"We'll eat in Area B. Good?"

"Good."

"We'll throw a crap in area C. Good?"

This social contract is the foundation of civilization. It's why you don't die from fecal-oral bacterial transmission.

Naturally, the legal profession has put a little more detail into the idea of what constitutes a contract in the years since. As Stanford Law's Mark Lemley writes in "The Benefit of the Bargain," "A canonical contract is a written agreement negotiated between two sophisticated parties."

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4184946

But that's really only an infinitesimal fraction of the contracts that we make day to day. When you buy a apple from the grocery store, that's a contract: there's an offer, an acceptance, and a "meeting of the minds." You and the grocer both know what the terms of the contract are, even though neither of you discuss it.

The apple is now yours. You can sell it. You can bake a pie with it. You can throw it away. If it turns out to be covered in harmful bacteria or full of razor blades, you might be able to sue the grocer. But you can't just go and get another apple. You can't eat the apple and then return the core for a refund.

All of that stuff is governed by "implicit and explicit" rules, the "background norms" of contract law. Some of those background norms are common law. Some are statutory. Some have been codified in the Uniform Commercial Code and the Restatement of Contracts. When there is a dispute, judges filter it through all of these layers: what people normally expect, what Congress guaranteed, what earlier courts have found, what the parties signaled to one another.

The parties can alter the bargain, of course. You can haggle. The grocer can offer to throw in some grapes at half price. Bargaining enjoys a special place in contract law, because it's how we get the "benefit of the bargain" – the tailored offers that represent the confluence of the desires of buyers and sellers.

But there's limits on bargaining. It's not a contract if the bargaining takes place under duress, or fraud, or if the terms are extremely unfair, or if one of the parties can't form a contract because they are young, or intoxicated, or mentally unwell. A contract is an agreement, and an agreement requires freely given consent.

Or at least, it did.

By the middle of the 20th century, a new kind of bargain had proliferated: the "standard form," a preset terms and conditions that were used to avoid costly and time-consuming negotiations. The standard forms might ask the seller to give up some rights, and also the buyer, and they were understood to represent the outcome of a free negotiation between firms of relatively equal bargaining power.

As corporate power expanded, these "deals between equals" were increasingly wielded by powerful corporations against relatively powerless individuals and workers. A canonical example of this is "binding arbitration waivers," which originally let companies agree to mediate their disputes through independent arbitrators and avoid costly court battles. But soon enough, companies were turning these instruments on their employees and customers, insisting that they give up the right to sue for redress should the company defraud them, maim them, or kill them. Instead, these disputes would be heard by corporate fake judges for hire, whose fees were borne by the company that had wronged you:

https://pluralistic.net/2021/01/06/methane-diet/#i-agree

Binding arbitration waivers are just one example of how standard forms started to replace the background norms of contract law. Rather than both parties to a transaction being bound to terms determined by law and practice, they would be bound by fine-print, acres of it, written by powerful sellers who wrote comically lopsided "agreements" and brooked no negotiation to alter them. Anyone who's ever been presented with a long "agreement" at a hospital or a car rental agency or a fun-fair knows that there's no way to cross out objectionable clauses in the contract, even with the offer of paying more for a better deal.

Digitization led to a near-universal proliferation of standard forms, even in the offline world. The rise of clickwrap, shrinkwrap and browsewrap "agreements" created bizarre situations where you were said to have agreed to terms you hadn't read and couldn't read without first agreeing to those terms. It's commonsense that this is not a "contract" – there's no offer made and accepted, no meeting of minds. That goes double for terms that are "subject to change without notice" (or just "subject to change"). It goes triple for terms that apply to third parties that you sell or give away a product to after your initial purchase – how can I agree to a "contract" that I never came within 100 miles of, simply because you gave me something that you got by "agreeing" to that contract.

But a series of court cases prompted by powerful tech firms chipped away at the idea of consent as a bedrock of a contract, and that began to leak into the physical world, so that all manner of things, even concert tickets bought for cash at a box-office come with terms and conditions that you can only read after you buy the ticket and scan the QR code on it.

Think for a moment about how weird this is. The default for a contract is an offer made and accepted, with an exchange of value. You walk up to the box office, hand over cash, get a ticket. The terms of that bargain are, by default, the "background norms" of contract law – the mix of legal rights, customary expectations and historical precedents that govern nearly every contract we enter into.

But after getting your ticket, you turn it over and it says, effectively, "Surprise! You actually agreed to a totally different bargain. You thought you were making an offer. You thought we'd accepted it. But actually, we were making an offer to you, and though we never told you about it or even told you it existed, you have now agreed to it!"

It's hard to overstate what a big deal this is. The black letter of contract law is the law. As Lemley says, "Law is not normally optional." You don't normally get to decide which laws you follow. But with contract, "the principle of mutual assent" means that two parties can literally sign away their legal rights.

This is obviously a risky business. The rights that Congress's laws give you are yours and they represent deliberation and fact-finding about the ways things can go wrong and how to prevent them. Even if you want the right to bargain away "eating in a restaurant where the chefs wash their hands after taking a shit" or "getting brain surgery from a sober neurosurgeon," you don't want to be arm-twisted into that agreement. You want it to be freely made.

Is a contract "freely made" when the counterparty is a monopolistic corporation? Do you have an alternative when Walmart has driven out all your town's mom-and-pop retailers? Or when there are only two mobile phone OSes and they both have comparable abusive take-it-or-leave-it contracts? Or when your electricity or broadband or water are provided by a monopoly utility?

A century ago, the Supreme Court ruled against publishers who printed notices in their books banning resale. Today, it's not clear that this case would go the same way – indeed, in the topsy-turvy world of the standard form, you might "agree" to these terms if you pick the book up out of the trash behind the bookstore:

https://en.wikipedia.org/wiki/Bobbs-Merrill_Co._v._Straus

As Lemley writes, "the cumulative effect of these changes is to unmoor contract law from the very things that make it contract law. Most consumer contracts in the modern world lack anything like traditional notions of assent."

But he's got an idea, "sheer elegance in its simplicity."

Lemley reasons that since contracts require a showing of voluntary assent, we should force companies that want to offer their customers a "standard form" (e.g. a EULA) to also offer them the "default terms" (e.g. contract law). If the customer chooses the EULA over the standard, "You bought it, it's yours" deal, then you know that they truly agreed to the EULA and a real contract was made.

Lemley argues against companies offering take-it-or-leave-it deals, that is, "You can have the EULA or the default rules, but if you choose the default rules, the deal is off and you can get the hell out of my shop." As with the EU's GDPR, Lemley says that this plan only works if companies have to deal with you whether you choose their EULA or the default sale rules.

That's because "if there is no actual bargain around [your EULA], but just a unilateral statement of preferences, there is no reason we should throw away the legal rules contract law has already established."

Properly designed, this would mean that companies that didn't want to sell on the default terms would have to make their EULAs "sufficiently clear and sufficiently attractive that consumers who have a meaningful choice to take the default rules the law offers want your package of terms instead."

And it means that "if you hope to impose a term consumers won’t like – say, a limitation on warranties or a requirement to arbitrate and give up class action claims – you will need to offer them something sufficiently attractive that they will choose your package over the default rules."

The default rules for contract don't cover lots of important details: "price, quantity, precise nature of goods, etc." That means that Lemley's proposal would leave sellers free to set those elements of the deal.

Now, this opens up a potential weak spot. What if the seller says, "If you buy according to my EULA, the price is $25. If you buy according to the default rules, the price is$1 million?" That would neatly sabotage the whole plan, because no one is going to choose to buy at the $1m pricetag. Lemley says that one way to fix this is to simply prohibit price discrimination based on the terms the buyer is willing to accept. But he's got another way, one that is absolutely delightful. Lemley says that if a seller prices their product at$25 with the EULA and $1 million without, then the buyer who accepts the EULA is handing over$999,975 worth of value when they click "I agree." Lemley says we should tax that as income.

This is a fascinating way of looking at the problem of price-gouging and other ways of sabotaging a fair contracting system: it aligns the incentives of companies with their customers. Companies that gouge on "standard deal" buyers are effectively pricing the value of their EULA. Companies can avoid paying additional tax on their EULA sales by pricing the non-EULA sales at the same price.

Likewise, if companies hope to make EULA sales, they're going to have to write EULAs that reasonable people will find attractive. Any reasonable person faced with a deal that goes, "You can buy this and it's yours, or you can read this 15,000 word legal document and buy it on the terms therein" is going to go for the former.

Lemley says that a lot of companies will simply give up on EULAs at this point. I mean, of course they will. The whole point of a EULA is to take advantage of idiotic court precedents that say that you can form a contract without any negotiation, without any meeting of minds, without even having a chance to read the contract. Contracts offered on these terms are going to be absolute trash. The whole point of this exercise is to get companies to throw away those "contracts" forever.

"The reason we’ve blundered into a world governed by standard form agreements is in large part the fact that they seem costless to implement. Making them costly for companies (because they demand attention from consumers) may actually be healthy because it will limit the adoption of terms that would never have been part of a contract in a prior age."

I once threw away a couple years' worth of my life fighting against the standardization of DRM in web browsers. The representatives from the giant corporations pushing for this all argued that it was okay to hijack control over your browser while you were watching a movie because you "agreed" to it when you created an account with Netflix or another streamer.

And yet, these same engineers went absolutely bananas because my emails to the group mailing list had this gag disclaimer, which I've used off and on since the early 2000s:

By reading this email, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

They were right to be outraged. Taken at face value, this is an outrageous "agreement." And yet, I was merely proposing to bind a couple dozen engineers and lawyers from giant multinational corporations to it – and they were proposing to bind billions of people – every person who used a web browser, forever – to far more onerous terms.

Anyway, I lost that one, but it sure was ironic, huh?

(Image: EFF, Cryteria, CC BY 3.0, modified)

# This day in history (permalink)

#20yrsago Ed Felten's new "Freedom to Tinker" blog https://freedom-to-tinker.com/

#20yrsago CEA regrets the DMCA but fails to oppose DMCA successor https://web.archive.org/web/20020805010423/http://news.com.com/2100-1023-947729.html

#20yrsago Get Your Exx On https://web.archive.org/web/20020813140423/http://www.mnftiu.cc/mnftiu.cc/war13.html

#15yrsago Alice in Sunderland: the weirdest graphic novel I’ve ever enjoyed https://memex.craphound.com/2007/08/09/alice-in-sunderland-the-weirdest-graphic-novel-ive-ever-enjoyed/

#15yrsago CBC blogging policy isn’t their policy https://web.archive.org/web/20071017093732/http://www.insidethecbc.com/blogrules2

#15yrsago How AT&T fought for privacy — 80 years ago https://web.archive.org/web/20070907091402/http://www.eff.org/deeplinks/archives/005397.php

#15yrsago Plastic bags are devourng the planet https://www.salon.com/2007/08/10/plastic_bags/

#15yrsago French kid who translated Potter 7 faces charges https://memex.craphound.com/2007/08/10/french-kid-who-translated-potter-7-faces-charges/

#15yrsago Venetian merchants have tourist and “rude-tourist” prices https://web.archive.org/web/20080214222751/http://www.telegraph.co.uk/news/main.jhtml;jsessionid=0OKY3UJNN1W3ZQFIQMFSFFOAVCBQ0IV0?xml=/news/2007/08/09/wvenice109.xml

#10yrsago UK prisons to open outsource call centres; David Cameron urges business to switch to prison labour https://www.theguardian.com/society/2012/aug/09/prison-call-centre-plans-revealed

#10yrsago Toronto to host real-life flamethrower game based on Street Fighter II https://www.joeydevilla.com/2012/08/09/super-street-fire-this-saturday-in-toronto/

#10yrsago Virgin Airlines Australia moved firefighter from seat next to boys because men can’t be seated next to unaccompanied children https://freerangekids.wordpress.com/2012/08/10/man-on-plane-must-change-seats-hes-next-to-2-boys-australians-outraged/

#10yrsago How do we make web stuff that’s secure enough for human rights workers? https://web.archive.org/web/20140416104545/https://www.wired.com/2012/08/wired_opinion_patrick_ball/

#10yrsago Former MPAA CTO who switched sides explains to the White House why SOPA is stupid https://www.techdirt.com/2012/08/08/former-mpaa-cto-tells-white-house-why-sopa-is-wrong-approach-ip-enforcement/

#10yrsago Mexican-US illegal migration has been largely static since the 1950s https://paw.princeton.edu/article/crisis-contrived

#10yrsago Slick anti-corruption video takes on US copyright system https://arstechnica.com/tech-policy/2012/08/anonymous-donors-bring-hollywood-production-values-to-anti-mpaa-video/

#10yrsago Chinese cops treat kidnapping as a routine form of largely acceptable debt-collection https://foreignpolicy.com/2017/08/08/chinas-police-think-hostages-arent-their-problem/

#5yrsago Foxconn has a long history of lying about its plans to open plants and create jobs https://www.nakedcapitalism.com/2017/08/foxconns-con-seeking-whopping-subsidies-for-wisconsin-michigan-manufacturing-jobs-if-they-happen.html

#5yrsago Man, cops sure do love calling their surveillance programs “Skynet” https://www.vice.com/en/article/qvvdev/the-police-loves-naming-its-spying-tools-skynet

#5yrsago India lost access to the Internet Archive because two Bollywood studios couldn’t be bothered with takedowns https://torrentfreak.com/internet-archive-blocked-in-2650-site-anti-piracy-sweep-170810/

#5yrsago Blackwater founder and DeVos war-criminal sibling Trump should install merc-backed viceroy in Afghanistan https://www.democracynow.org/2017/8/9/at_urging_of_blackwater_founder_trump

#5yrsago You can hijack a gene sequencer by hiding malware in a DNA sample https://web.archive.org/web/20170829071036/http://dnasec.cs.washington.edu/dnasec.pdf

#5yrsago FCC will fix America’s shitty internet by declaring fast internet access unimportant to Americans https://arstechnica.com/information-technology/2017/08/maybe-americans-dont-need-fast-home-internet-service-fcc-suggests/

#5yrsago Every meeting and trip the FCC’s neutricidal chairman Ajit Pai took since Trump’s inauguration https://web.archive.org/web/20170811070442/https://altgov2.org/calendar-pai/

#1yrago End of the line for Uber: Accounting tricks and tech gimmickry don't matter when the coffers are empty https://pluralistic.net/2021/08/10/unter/#bezzle-no-more

#1yrago When your boss wants an AI camera in your bedroom https://pluralistic.net/2021/08/09/computer-says-no/#disciplinary-tech

#1yrago The 22 Murders of Madison May: Max Barry's existential interdimensional crime thriller https://pluralistic.net/2021/08/09/computer-says-no/#existential-crisis

Today's top sources: Corynne McSherry (https://twitter.com/cmcsherr).

Currently writing:

• The Bezzle, a Martin Hench noir thriller novel about the prison-tech industry. Yesterday's progress: 507 words (30743 words total)
• The Internet Con: How to Seize the Means of Computation, a nonfiction book about interoperability for Verso. Yesterday's progress: 502 words (26998 words total)

• Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. (92849 words total) – ON PAUSE

• A Little Brother short story about DIY insulin PLANNING

• Vigilant, Little Brother short story about remote invigilation. FIRST DRAFT COMPLETE, WAITING FOR EXPERT REVIEW

• Moral Hazard, a short story for MIT Tech Review's 12 Tomorrows. FIRST DRAFT COMPLETE, ACCEPTED FOR PUBLICATION

• Spill, a Little Brother short story about pipeline protests. FINAL DRAFT COMPLETE

• A post-GND utopian novel, "The Lost Cause." FINISHED

• A cyberpunk noir thriller novel, "Red Team Blues." FINISHED

Currently reading: Analogia by George Dyson.

Latest podcast: View a SKU: Let’s Make Amazon Into a Dumb Pipe https://craphound.com/news/2022/07/31/view-a-sku-lets-make-amazon-into-a-dumb-pipe/

Upcoming appearances:

Recent appearances:

Latest book:

Upcoming books:

• Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin, nonfiction/business/politics, Beacon Press, September 2022
• Red Team Blues: "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books, April 2023

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

# How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/web/accounts/303320

https://doctorow.medium.com/

(Latest Medium column: "Como is Infosec" https://doctorow.medium.com/como-is-infosec-307f87004563)

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

### 14:35

An artist’s work attracts the eye of Andrey Porgee, a notorious gangster, who becomes her best customer.
But when he commissions a painting based on a childhood photograph, the artist fears his reaction to the final product.

Porgee was not supposed to arrive for another half hour but the painter was already afraid. It wasn’t because of the painting. She knew it was one of the best she had done in a long time. She was certain Porgee would like it and most likely buy it. The gangster already owned three of her works and never stopped complimenting her on them. This, however, was part of the problem.

Besides being a very dangerous, frightening man, reputed to have done countless terrible things over the years, the gangster had a big mouth. In one way that was sweet, but in most others it had been the cause of the artist’s recent trouble.

“I tell everyone how fantastic your work is, Ruth. You’re going to have a lot of deep pocket people coming around here saying they heard from me they should see for themselves how great it is. You got my personal seal of approval and that’s saying a lot. Trust me—you’ll see.” Which was true, while at the same time it was a kind of kiss of death for her.

Because the people he told about Ruth Russell’s work were other members of the city’s criminal underworld. Once word was out Andrey Porgee said this woman’s paintings were good, a rush of scary fellows flocked to the gallery where her work was displayed and bought up everything in the place. At first not necessarily because they liked it, but because they were hoping it would get brownie points with the fearsome man.

After a while they even started coming unannounced to her studio to see whatever new work might be available. Often there was nothing new. She had always been a slow worker. Her new clientele didn’t like that. They wanted to be able to say they had just bought a new Russell painting, hoping the news would fall on the right ears.

What Ruth didn’t know was that the first time Andrey Porgee saw her work was an hour after he’d hit a man over the head with a blue Storm Proton bowling ball. Every single person at the bowling alley who witnessed the blow turned immediately away or fled the place. Porgee’s assistant calmly took the ball from him, wiped the blood off it with a clean towel, and put it in the boss’s custom-made ball bag.

Porgee loved bowling and loved paintings. He bowled once a week and went to museums and galleries whenever he could. On a recent business trip to Varna, he made a detour to Vienna only because he wanted to see the Egon Schiele display at the Leopold Museum.

Interestingly for a very rich powerful man, he lived modestly and owned few things, but they were the very best. Things like private jets; yachts or expensive cars didn’t interest him. He drove a two-year-old white VW Golf. At the same time, he wore a rarer than rare George Daniels watch which had once belonged to a bankrupt multibillionaire who carefully took off the watch before killing himself. If one were to visit Porgee’s surprisingly small apartment in the center of town (he lived alone), you’d think the man certainly had good taste, but besides the paintings on display, the place was kind of austere and empty.

“Do you know why I like where I live, Ruth? The wall in the living room. I looked a long time for an apartment with an ideal wall. In this place it’s like my own personal gallery. During the day, just the right amount of light floods in from the windows, and at night I’ve got it lit just perfectly. Your paintings are exactly where they should be,” he said proudly to Ruth Russell one afternoon when they were chatting in her studio.

It was the afternoon Porgee asked if she would ever consider doing a specific commission for him. “I know some artists don’t want to have anything to do with commissions, and I fully understand that. But I like your work so much I just have to ask.”

It was the perfect moment for her to ask him for something. She was wary to even bring it up, but here he was, wanting a favor. Why couldn’t she ask for one in return? It wasn’t even a big thing. Well, maybe it sort of was to her, but to a man like him it should be no problem.

“Before we get into that, Andrey, I have a problem I’d like to talk to you about.”

One of his thin brown eyebrows went up. “Problem? Is it something I did?”

“Well, yes. You and others.”

“Wow, really? Ruth, I’m so sorry. What was it?”

She swallowed, took a deep breath, then just let it all out fast and hard. Because if she didn’t, it would never come out. “Nobody pays full price for my work, Andrey. I mean, nobody who came on your recommendation. They know, but I don’t know how, that you have never paid my asking price. So they say they won’t either.”

In an instant Porgee’s expression shifted down from second gear—slightly concerned—to neutral. Ruth’s eyes widened, frightened she’d crossed a dangerous line. Inside her head her paranoid self yelled, Now you’re fucked! So what if they don’t pay full price? They buy all your work and he started it.

Porgee made a face, sort of between a pout and a grimace. He was not used to being insulted. By anyone. The rare times it happened, whoever made that mistake paid a heavy price. He felt nothing for Ruth Russell the human being, and would have had no hesitation jamming a paintbrush down her throat at that moment. But her creations were important to him and he really wanted her to do this commission. He would think about the insult and maybe do something about it, about her, after the painting was finished. For right now he’d be nice and give the artist a little real-life instruction.

“Do you know what the most valuable mineral in the world is, Ruth?”

She frowned and shook her head. What did this have to do with anything?

“Lithium. More valuable than gold or diamonds. Do you know where the greatest deposits of lithium are? Afghanistan, of all places. Know what the most valuable postage stamp is? The ‘Mauritius Post Office’ stamp. Estimated value around nine million dollars. Then there’s the ‘Treskilling Yellow’ stamp at only three million and so on. Most expensive car ever? A 1962 Ferrari 250 GTO sold at auction for forty-eight million dollars. I could go on. I love bullshit facts like these. I kill whenever I play Trivial Pursuit.”

Just hearing him use that word “kill” put her further on edge. Looking at the scary man, Ruth again shook her head and put out one hand, palm up. As if to say I don’t get where you’re going with this.

He nodded. “But do you know what’s the most valuable thing in the world, Ruth? Much more valuable than any lithium or wealth, religion, or even power? Fear. If someone fears you, I mean really fears you, then you own their world. Every square inch of it. Fear, big fear, is like terminal cancer. Once it gets inside you it spreads and can’t be stopped. There’s no antidote, no antibiotic, no prayer…It wipes you out every time.

“I’ll bet you’ve been afraid of me in all kinds of ways since the moment you found out who I am. True?” Disconcertingly, he smiled broadly. The kind of joyful smile you show after having heard a great story or joke.

“Yes.” She spoke in a very low voice.

“Yes what?”

“Yes I’ve been afraid of you.”

His smile disappeared. “There’s your proof. I’ve never been anything but nice to you, but I still scare the shit out of you just being who I am. That’s why guys like me don’t ever pay full price for things unless we want to. Because people fear us. They know what we can do to them. They’ve heard what we’ve done to others.” He stopped and waited for her to respond.

What she wanted to say but didn’t dare to was “You can afford anything. Why do something so trivial as this?” She tried to keep that off the expression on her face. But Porgee was nothing if not perceptive. He picked up the scent of her silent question.

“You don’t approve, I know. But that’s all right because you see, Ruth, we may occupy the same space but in reality we live in two different worlds. In mine fear is the gold standard. In yours it’s humanity.

“So just so there’s no misunderstanding, I will keep buying your work, because believe me, I am your biggest fan. You can ask whatever you want for it, but I’ll pay whatever I feel like paying. As to the other guys, I guess as long as you sell to them you’ll just have to accept what they want to pay too.

She hated him then. And she hated herself for not having the mad courage to say to this monster in a bespoke suit, Get out of my place! Get out of my life. I will never sell you another piece of my work. But too often courage is just another hors d’oeuvre for Fear. It pops your courage into its mouth, one or two bites, and swallows.

Unaware of her feelings toward him, Porgee cleared his throat and began.

Although his family was originally from Bulgaria, he grew up in Vienna. His father, Petar, was a games keeper at the famous Lainzer Tiergarten wildlife preserve there. Twenty- four kilometers of pastures and forest, home to hundreds of wild boar, red deer, mouflons, and many other animals.

“I loved that place, Ruth. The only time I was ever really happy as a kid was when I was out there roaming around in the woods with my father. So anyway, my favorite thing was feeding the wild boars. Wildschwein.” Porgee reached into a jacket pocket and carefully pulled out a faded color photograph. He handed it to her. “There were a lot of them in the park. But my favorite was this big guy we named Mickey Mouse. That’s me feeding him in the picture. Huge, huh? He loved bread, especially these rolls called semmeln, which everybody eats in Vienna. We lived next door to a bakery and they gave the day-old stale ones to my father for the animals.

“Mickey Mouse could eat twenty at one go. Really! But we wouldn’t give him that many because he’d get sick. He loved those semmels though, believe me.” Describing all this, Porgee’s voice grew softer, warmer. There was so much gentle affection and joy in it that Ruth was confused. The man speaking now was so different from the one who had all but threatened her minutes before. And what did any of this trip down Porgee’s memory lane have to do with the painting he wanted to commission?

“I want you to paint my photo, Ruth. I cherish that picture. But you can see it’s old and dying, fading away…I love your work, as you know. So I got this amazing idea: I want you to paint exactly what is there, but in Ruth Russell’s signature style. I know how you sometimes use old photographs for inspiration. That painting my friend Frederick Olsen bought…what’s the title?”

“My title was Kevin’s Kennel.” She’d found the faded Polaroid in a box of old photos at a flea market. A mixed-breed dog cowering inside a small metal kennel. Just outside, taunting the dog with a longish gnarled stick like a magician’s wand, was a squatting shirtless boy with a comically, cartoonishly ugly face. She was drawn to the photo as soon as she saw it. Amusing and horrible at the same time—her kind of image. She loved painting subjects that stirred or rattled a viewer’s emotional response. Diane Arbus meets Looney Tunes. She knew in an instant she had to somehow work this photo into her vision of the world.

What turned out to be the most interesting part of the process of painting her version of the picture was when she started thinking more and more about the person who took the photograph. What kind of heartless jerk sees a kid taunting a vulnerable dog but instead of telling the kid to cut it out, takes a picture of him doing it? That troubling question scratched more and more on her mind and hand as she painted. Two creeps, years apart in age probably, each in their different ways torturing a poor helpless animal.

The result was her finished work turned out far darker than she’d originally planned. It felt angry heavy and sad, if she could put it that way. An accusation on canvas. Whatever humor she’d seen originally was wiped away the longer she stared at the photo and absorbed the soul of how she perceived it into her work. When she had finished, she made a point of burning the photograph.

Frederick Olsen laughed when he first saw the painting. Told her he used to do that too to all kinds of animals when he was a kid. This dog in the picture even reminded him of one he had back then. Dog’s name was Skippy. Young Freddy tortured it too. Ha Ha. That’s why he liked her picture—because it reminded him of some good old days. He asked if he bought it, was he allowed to rename it Skippy. Ruth looked at the floor a few long moments, then raised her head slowly and said as diplomatically as she could, “I guess if you own it, you can call it anything you want.” She couldn’t make eye contact.

“Excellent! I got the perfect place for it on my bathroom wall. I can look at it every day when I’m sitting on the throne.” He crowed, then paid half her asking price.

“So I’m thinking since you did such a beautiful job on Frederick’s painting, how great it would be if you used the picture of Mickey Mouse and me as your model. A perfect marriage of my history and the artistry of Ruth Russell. I love the idea, Ruth.”

Porgee probably thought he was paying her a big compliment. But all she could think of while looking at his prized photograph was I do not want to do this. No way.

What if he didn’t like the Ruth Russell version of his Mickey Mouse picture? Would she later be found floating in the river, or parts of her, along with the painting? She knew she was being melodramatic but there was definitely some of that fear in her initial reaction.

“What if you don’t like what I paint, Andrey? What if it doesn’t live up to your expectations?”

He smirked. “Not possible.”

“That’s nice of you to say, but really—”

Touching his forehead, he looked irritated for a moment. “I trust your vision and talent, Ruth. Don’t worry about if I won’t like it. If I don’t, I don’t. No harm will come to you,” he said in a booming fake voice like a bad actor. Then gave an amused snort and grew a small smile.

That smile was the wrong one to convince her he was telling the truth.

He made three copies of the original photograph in varying sizes for her, as requested. She insisted they agree on some ground rules before she began work: She could take as long as she needed to complete the painting. He could not for any reason see it while she worked. He bridled at some of the conditions she laid down but in the end agreed. Porgee was not used to negotiating or making concessions. It had been years since that had happened. Originally he told her the size he wanted the painting. She immediately said no. Because she planned to work on three sizes of canvas simultaneously. As she progressed, she would eventually know which one best fit the painting’s subject matter.

He was astonished. “You’re going to make three separate paintings?”

“I’m going to start with three but I’ll know pretty quickly which one to finish. I’ve done this before. The method works. Trust me.”

His smile this time was genuine. He loved the fact she would go to the trouble of trying on three different sizes of canvas before deciding which was best for his picture. He’d never heard of an artist doing that and it impressed him deeply. Maybe if he didn’t like her final product, he really would leave her alone.

She asked him to tell his friends and “associates” to please stop coming to her studio or calling to ask if she had any new work. For the time being, all of her time and energy would be spent on Porgee’s Boar.

A day after she started working on initial sketches, a thin man with tattoos on the backs of both hands in a gorgeous petroleum-blue sharkskin suit delivered a large box to her. He didn’t say a word. Just handed it over and walked away. When she opened the box with some hesitation as to what might be inside, she gasped at what she saw. There was a large array of Old Holland Classic Oil colors, the best of the best oil paints and ridiculously expensive. Along with them were three Kolinsky Sable Series 7 paint brushes. She had heard about these mythical brushes for years but had never seen one. Curious, she later did some research on the internet and came across this description:

The brush head is made from a Siberian weasel hair known as the Kolinsky Sable. The hair is said to be worth 3 times more than gold.”

At the bottom of the box of these crazy-expensive materials was a handwritten note that said “Only the best ingredients for Porgee’s boar.”

To Ruth’s genuine surprise the work went quickly. By the second week she knew which canvas to use. She put the other two aside. Some days she simply sat and stared at or just thought about the original image. Other days she completely ignored it and only sketched or painted. The more she looked at the original, the more she intuited from it and brought those things over to her work in progress. The process was much the same as when she was painting Kevin’s Kennel. The more she studied the original images, the more absorbed she became in the figures both in and out of the picture. Imagining the unseen photographers became as engrossing to her as their subjects.

With the Porgee picture she assumed the photographer was his father, Petar the gamekeeper. After long sessions of staring at both the picture and into space, her first impressions began to crumble. In time she experienced a series of gradual Eureka! moments. The first came from studying the expression on the boy’s face for what felt like eons, after downing countless cups of tea and coffee, and twice falling asleep in a chair late at night with the picture on her lap.

Originally she saw a little boy looking happily at the camera while the giant nightmarish beast stood a few feet away on the other side of a metal fence, the ground around its feet scattered with all kinds of bread, whole and half loaves, semmeln rolls that looked like sand dollars, and even square slices of white sandwich bread.

“How did I not see that?” She shook her head in wonderment. How could she not have noticed after looking at it for so long? The boy was on the very far side of the photo, almost pushed out of the frame. The picture was dominated by the wild boar. Whoever took it obviously cared more about capturing the best image of the animal rather than of the kid.

When that realization hit her, she looked even closer at the expression on young Andrey’s face. His smile was unnatural, exaggerated, more rictus than real. A smile on demand. A smile to please the photographer rather than one coming from the heart of a little boy. A “please love me” smile.

In the next seconds more truths about the Porgee family somehow came to her directly from what she was sure was the photograph itself. It spoke to her. As had the photo she used as the basis for the Kevin’s Kennel painting, only in that case much less so. She was certain what both photos said to her about their subjects and photographers was true.

Petar Porgee did not like his son at all. There was nothing about being a father that he enjoyed. Ruth closed her eyes and let all of it in a wave of truth wash over her: The father took the boy along with him to the tiergarten sometimes only because his wife ordered him to. She was definitely the Alpha dog in their family. Strong, willful, a wonderful cook, and best of all wild in bed when she was in the mood. If her husband disagreed or said no to almost anything she wanted, she grew cold as frozen stone toward him for days afterward. Which also meant no homemade banitsa or lukanka on the dinner table, no warm, laughing conversation along with a welcome glass or two of rakia waiting for him when he came home from work at the end of a day, and worst of all only her back to him for days when they were in bed.

So now and then Petar took his son with him to the park, but usually only under orders from the boss. Once there, he made Andrey walk too fast and carry the big bag with all the bread in it. If the boy ever stopped and said he was tired or hungry, his father ignored him and kept walking, never looking back to see if he was following. Sometimes Andrey was so tired or hungry that he started to cry but he never stopped following his father. Never once.

Petar never hit him or yelled much, but from an early age Andrey knew full well his father didn’t like him. After his mother died of cancer when he was thirteen, relations between father and son soured even more. By then the boy spent most of his time out of the house, finding various substitutes for family and fulfillment.

His early experience on the streets taught him bad people were more willing to accept him straight away, whereas good people expected him to prove somehow he belonged in their ranks. He also learned he was very good at doing bad things and it was a quick way to gain the admiration of the people he hung around with. When you’re naturally adept at something from an early age, things just fall naturally into place. By the time he was twenty he was a very dangerous, very ambitious man.

Since beginning work on Andrey’s painting, Ruth was not used to getting visitors. She’d told her friends she had an important project and was going off the grid for a while until she had finished it. The gangsters stopped coming to her place as soon as Porgee put the word out to stop. So when her intercom buzzed one afternoon around three, she was surprised.

“Who is it?”

“Frederick Olsen. I need to talk to you.”

For a moment she forgot the name. Then remembered he was the man who bought Kevin’s Kennel.

She was a little uneasy buzzing him in but knew whatever he had to say must be important because Olsen was disobeying what Porgee had told his people—not to bother her.

“I know I’m not supposed to be here, but I won’t take up much of your time—I promise.” He held a large package wrapped in brown paper at his side.

“That’s all right. Come in.”

The last time Ruth saw Frederick Olsen he was tan and healthy looking, like he’d recently returned from a relaxing vacation someplace sunny and festive. Today he looked pasty, unkempt, and noticeably fidgety.

“I don’t want to bother you, but could I get a glass of water? I’m crazy-thirsty these days—I don’t know why.”

She went to the sink, filled a glass, and returned to the front door. Olsen had not moved. Eyes closed, he downed the water in seconds.

“Thank you. Listen, I’m giving you back your painting. You can keep the money. I’m just giving this back to you, no strings attached. Please take it.” He put the package down against the wall next to the door.

Ruth frowned and put a hand against her cheek. “Wow, okay. But why, if you don’t mind my asking.” She looked at the package, then back at the nervous man.

Olsen wiped his mouth with the back of his hand. “Truth? I don’t like looking at it anymore. I hung it in my bathroom so I saw it all the time. But one day about a month ago I looked and suddenly—bang!—it reminded me of something. Something I did when I was a kid. Not something nice, you know? Something I didn’t ever want to remember. But now there it was—back up out of my memory when I was sitting on the toilet looking at your picture.” The tone of his voice sounded like he was accusing her of something. He glanced down at the package. The expression on his face was clearly fear, like it might be listening to him and not liking what it was hearing.

“After that first time it started happening a lot. It felt like every time I looked at the picture, another one of my shitty memories came up. Like some kind of trigger—I look at the picture and boom, another bad memory came back to me. Like what your stomach does when you get food poisoning.

“I don’t know if it’s because I’m going nuts these days or because of your picture, but I’m not taking any chances. I do not want it around me anymore, okay? Not on my wall, not in front of my eyes, nowhere near me. You keep it. Sell it to someone else. Maybe it’ll fuck them up too.” He gave out a kind of strangled chuckle, handed her back the water glass, and left without another word.

She picked up the package and carried it across the room to where she worked. After unwrapping the canvas, she put it on one of her easels.

It took only seconds for the artist to understand why he didn’t ever want to look at her painting again. At first he’d liked it because he saw himself as the boy in the picture taunting the dog. But like a long-lost key unlocking a room that has been closed for years, Kevin’s Kennel opened the door to all of Frederick Olsen’s memories, an unpredictable and potentially dangerous thing to happen to even a law-abiding citizen, which Olsen clearly wasn’t. His past was probably a hell of a lot darker, more violent and permanently scarred than most people’s.

We want to be able to pick and choose what we remember. But what happens when we cannot? When instead we are swept under by only our many bad memories, the really bad ones, the horribles? The deaths, the rejections, the fatal failures and betrayals, hideous embarrassments, depressions…For some people, particularly bad ones like Olsen, their locked room of memories really should stay locked forever.

The next time Ruth’s intercom buzzed was several weeks later. She had emailed Andrey that his painting was finished and he could look at it whenever he liked. They made a date and he showed up half an hour early. From the time she had emailed him until the moment the intercom buzzed she had looked at the painting nonstop. She walked back and forth in front of it, sat down on the floor and looked up at it. Stood on the other side of the room and squinted at it. Closed one eye then the other to see if her eyes agreed about what they were seeing. They did—it was one of her best works. Frederick Olsen’s visit confirmed what she wanted to believe—both photographs had spoken to her and she understood. She worked what they said into her paintings and that made them…the only word she could think of was transcendent. Magical or touched by the divine maybe, but words and concepts like those made her nervous. So she just assumed for some wonderfully mysterious reason, a part of her painter’s brain had intuitively opened to forces much larger than her imagination and they used what was there in her work.

“Ruth! I’m so excited. Really. So show me.”

She’d set up the easel so it stood in perfect light for that time of day in her studio. There was a shabby blue drop cloth covering the painting. The two of them stood in front of it.

“Andrey, frankly I’m terrified you might not like it.”

He waved a hand in the air as if to brush her fear away like it was a pesky fly. “Just show me.”

She went to the side of the easel and, with an uneasy tug, pulled the cloth off.

After taking his hands out of his pockets, he put both of them on top of his head. He stepped forward until he was only inches away from the painting. Lowering his hands, he put the right one across his mouth. Because he stood in front of her, she could not see the expression on his face. She was encouraged when he dropped his head to his chest. At least he was silent and not blasting her with anger.

“Ruth. My God, it’s brilliant.” He took the hand from his face and moved it back and forth in front of the painting as if trying to feel all of what was there. “It’s so much more than I hoped for. It’s like it’s alive; so vibrant and true.”

“Oh I’m so glad you like it, Andrey.” For the first time she realized she was breathing so shallowly that it was almost like she’d been panting. She could also feel her heart thumping hard and fast in her chest.

“Can I take it with me?”

“Of course, but it will take a while for some of the oils to dry completely so make sure not to bump anything when you go.”

“I can’t get over it. You got it. You caught it. Everything that I wanted is here and more. Thank you. Thank you, Ruth.” He took out his checkbook and, leaning on her desk, wrote a check. He handed it to her, but she did not look at the amount until after he had left. It was five times more than anything he had ever paid for her other work.

To her great surprise and lifelong relief, she never saw Andrey Porgee again after he left. He did call her twice. The first time a week after he came for the painting.

“Ruth, I can’t stop staring at your picture. Every time I pass it I stop and see something new in it. Then I realize I’ve been staring at the damned thing for minutes because there’s so much there to take in. It’s genius. It’s really fucking genius.”

Then a month later a much shorter, far more worrisome call. He sounded drunk or high. His voice was slurred and upset or angry—she couldn’t be sure which. “Ruth? How did you know? Huh? Tell me ’cause I’ve got to know.”

She knew exactly what he was referring to but wasn’t about to answer the question. “Know what, Andrey? I don’t know what you’re talking about.” The other end of the line went dead. That was the last she ever heard from her biggest fan.

Around the same time as that odd last call took place, Frederick Olsen parked his rental car in the Hanover Hill Senior Community parking lot in Buxton, Connecticut. It was a beautiful place and cost a monthly fortune to stay there. He passed the reception desk and went deep into the building until he reached room 154. He knocked on the door. No one answered, so he opened it and stepped in. An old man dressed in cream-colored pants, shirt, and bedroom slippers sat on the side of a tightly made bed, staring out the window.

“Mr. Porgee?”

The old man did not turn from the window, so Olsen stepped closer. “Mr. Porgee, your son Andrey sent me. I brought you rakia. Your son Andrey said you love it. Would you like to drink some now?”

At the sound of the word of his favorite drink, the all but empty Alzheimer’s shell of a man who was once Petar Porgee turned and smiled like a child at this stranger. Olsen took a small glass bottle out of his pocket. It looked like one of the liquor bottles you find in a hotel mini bar or when you order a drink on a plane. There were two paper cups on the bedside table. Olsen took one, poured all of the rakia into it, and handed it to the old man. As he had a hundred times before over a lifetime, Petar tipped the cup back and took it all down in one swallow. The poison was untraceable, and the old man would start to feel woozy in a few minutes and then, lying down on the bed, go to sleep forever. Frederick Olsen took the bottle and the paper cup, patted the old man on the shoulder once, left the room, and disappeared back into the world.

Petar Porgee’s son went on to live many more years doing many horrible things. But ironically he never contacted Ruth Russell again. Because the longer he looked at the painting he commissioned her to do, the more afraid of the painter he became. The more he looked at it, and like Medusa’s head he could not stop looking at it, the more fearful he became of the power and vision of the woman. How could she know these things about him, his life, his pain and his fears? How could she have put them all and so much more into this one painting. She must be some kind of veshtitsa, a witch. He didn’t really believe in that kind of shit, but looking once again at her painting, he could believe anything was possible.

### 13:00

NoSQL databases frequently are designed to shard or partition across many nodes. That, of course, makes enforcing unique IDs different than you might do in a SQL database. You can't efficiently have an autoincrement sequence, and instead have to have something like a UUID.

But if you've designed your NoSQL database badly, or your input data isn't well sanitized, you might find yourself in a situation where you can't guarantee uniqueness without validating every row. That's a bad place to be, but it's probably how the code Remco found started its life.

The purpose of this Java code is to query all the customer IDs from a database and ensure that they're fully unique.

private Completable validateUniqueCustomerIds(List<Container> rootContainers) { if (!validateUniqueIds) { log.trace("validateUniqueCustomerIds validateUniqueIds == false -> skipping validation"); return Completable.complete(); } // use Flowable.share() to make sure we only call the repository once. final Flowable<String> nonEmptyCustomerIds = someMongoRepository.getCustomerIds() .filter(StringUtils::isNotEmpty).share(); final Set<String> uniqueCustomerIds = nonEmptyCustomerIds.distinct().collectInto(new HashSet<String>(), Set::add).blockingGet(); final Set<String> allCustomerIds = nonEmptyCustomerIds.collectInto(new HashSet<String>(), Set::add).blockingGet(); final Set<String> duplicateCustomerIds = allCustomerIds.stream() .filter(id -> !uniqueCustomerIds.contains(id)) .collect(toSet()); if(uniqueCustomerIds.isEmpty()) { log.trace("validateUniqueCustomerIds uniqueCustomerIds.isEmpty(): true, returning Completable.complete()"); return Completable.complete(); } if(!duplicateCustomerIds.isEmpty()) { log.trace("validateUniqueCustomerIds duplicateCustomerIds.isEmpty(): false, returning Completable.error..."); return Completable.error(new IllegalStateException("The following Customer IDs are non-unique: " + duplicateCustomerIds)); } String version = rootContainers.get(0).getVersion(); return checkExistingCustomerIdsInOtherPlaces(rootContainers, version, uniqueCustomerIds) .doOnComplete(() -> log.trace("validateUniqueCustomerIds checkExistingCustomerIdsInOtherPlaces complete")) .doOnError(throwable -> log.error("validateUniqueCustomerIds checkExistingCustomerIdsInOtherPlaces error: ", throwable)) ; }

So, probably reasonably, we see that a variable (controlled somewhere else) enables or disables this method- skipping this validation seems like a thing you want. I'm not sure it's the best way, but we can let that slide.

Next, we fetch all of the non-empty customer IDs. Then we collect the uniqueCustomerIds by calling distinct and putting them in a Set.

Then we collect allCustomerIds by putting them in a Set without calling distinct

Then we look at every entry in allCustomerIds and filter out the ones that are in uniqueCustomerIds, and absolutely none of that makes any sense.

First, the distinct call is unnecessary since we're collecting into Sets, which are by definition, only going to hold unique entries. uniqueCustomerIds and allCustomerIds are going to be the same sets. But even assuming that they're different, the filter makes no sense and isn't even the right operation. They attempted to do an intersection of two sets and failed.

The end result is a function that takes the wrong approach to solving a problem that itself was caused by taking the wrong approach.

Remco writes:

I've found this snippet in our codebase and it's been in there since 2020, about 2 years before I joined this team. I wonder how this got past code review?

[Advertisement] Continuously monitor your servers for configuration changes, and report when there's configuration drift. Get started with Otter today!

New comic!

Today's News:

### 11:21

It was early in the development of a new product, and someone asked this question.

I’m not sure the word “marketing” means what you think it means.

Later, we will get to the promotion and advertising part.

But right now, this is marketing. All of it.

The product. The warranty. The team. The color choices. The pricing. The way it feels in your hand. The urgency we have to tell our friends…

If you wait until you’re done before you do the marketing, you’ve waited far too long.

### 08:28

New Comic: The Axe

### 06:00

The Girl Genius comic for Wednesday, August 10, 2022 has been posted.

### 05:42

Current Story: Luna Deambulatio

### 04:28

A common error when using the sssd daemon to authenticate via Active Directory on Linux seems to be:

sssd[$PID]: ; TSIG error with server: tsig verify failure This is from sssd launching the command “nsupdate -g” to do dynamic DNS updates. It is possible to specify the DNS server in /etc/sssd/sssd.conf but that will only be used AFTER the default servers have been attempted, so it seems impossible to stop this error from happening. It doesn’t appear to do any harm as the correct server is discovered and used eventually. The commands piped to the nsupdate command will be something like: server$SERVERIP
realm $DOMAIN update delete$HOSTNAME.$DOMAIN. in A update add$HOSTNAME.$DOMAIN. 3600 in A$HOSTIP
send
update delete $HOSTNAME.$DOMAIN. in AAAA
send

### 04:14

My grandma keeps giving me zucchinis from her garden the size of toddlers, so I’ve been trying out zucchini recipes lately! Recently, I tried Dessert For Two’s Chocolate Chip Zucchini Bread. I’ve been following this food blogger for a couple years now, but never tried out anything by her, so I was excited to give this one a shot.

For the ingredients, I’d say everything is pretty standard, the only things you may not really have on hand is nutmeg and chocolate chips, and of course the zucchini.

Everything started out really well. I mixed together the butter, sugar, and honey:

Then I added the eggs, and it was time to squeeze the water out of the zucchini.

I’ve never handled zucchini before, so I thought that paper towels would be enough. It was not.

After the zucchini immediately soaked the paper towels, the paper towel busted open and my zucchini threatened to fall into the sink.

I tried the method again with way more paper towels, and the same thing happened. I figured that that was good enough, and put the zucchini into the batter (it was not good enough). I also added the cinnamon, baking soda, salt, and nutmeg.

My batter ended up looking like this:

I’d never made zucchini bread before, but even I could tell that something was not right.

At this point, I thought for sure it was so liquid-y because I didn’t squeeze enough water out of the zucchini. But there’s no way that the water in the zucchini alone could do this much damage, right?

I knew I couldn’t put it in the oven like this. So I tried to strain it. HORRIBLE IDEA.

As you can see, tons of batter fell out in my attempt to separate it from the liquid. I transferred what was left of the batter into the loaf pan, which ended up getting a bunch of batter on my floor as I carried it from the sink (I am not the brightest).

I threw it in the oven in frustration and hoped for the best.

I could not figure out how I had fucked this up so badly. I sat there and contemplated for awhile, looked over the recipe again and again, and couldn’t determine what went wrong.

So, I decided to retry, and this time, I was going to squeeze ALL THE WATER OUT.

The first couple steps went just as swimmingly as the first time around, and this time I got a clean kitchen towel instead of paper towels to wring these bitch ass zucchini shreds out.

I added the zucchini in, and then added in cinnamon, nutmeg, salt, baking soda, and… flour.

My hand stopped as it scooped the measuring cup into the flour. I had forgotten the flour in the first loaf. Two whole cups of it.

I felt so silly, but relieved to know that it was such a fixable error. Finally, I had some good-looking batter!

(I took a picture of the batter before I added the chocolate chips, but you can see them in the loaf pan.)

(I also took a picture of the batter in the loaf pan before I added the chocolate chips on top, but you can see them when it comes out.)

I did it! Apparently flour makes a world of difference.

I still had some zucchini left, so I decided to make another loaf, since the first one hadn’t turned out.

As you can see, the batter looks exactly the same.

But for some reason, it came out looking a little odd. I didn’t put chocolate chips all over the top of this one, so I figured maybe that was why it looked off.

I let it cool for a while, and saw the top collapsed. I cut into it, only to find that it wasn’t baked through.

I was miffed. Why did it turn out different when I had made it the exact same way? I just repeated the exact same process that gave me a good loaf, so what had happened here? I threw it away and called it quits on bread making for the night.

As for the loaf the did turn out, I thought it was kind of meh. It was on the dry side, and just not as good as zucchini bread I’ve had in the past. But it was good enough with butter spread on it, at least.

All in all, it’s not the worst baking failure I’ve ever had.

Do you like zucchini? How about in bread form? Do you have a good recipe for it? Let me know in the comments, and have a great day!

-AMS

### 02:56

The Stranger's evening news roundup. by Charles Mudede

Today in the "raid": Former presidential candidate and one of the minds behind the doomed Forward Party, Andrew Yang, thinks the raid was "political." He also thinks it will "strengthen that case for millions of Americans who will see this as unjust persecution." If you want know what the third way is about, now you know. White House claims it knew jack about the raid. “The president was not briefed, was not aware of it, no. No one at the White House was given a heads-up,” said press secretary Karine Jean-Pierre. Lastly, there is not one cap-wearing head in MAGA country that does not feel as if the whole sky has fallen on it. All of them do not know what to do with their hands and mouths. Twitter has identified this frenzy as the MAGAMeltdown.

Speaking of MAGA country: Trump-endorsed candidate Joe Kent beat incumbent Republican Rep. Jaime Herrera Beutler in Washington's 3rd Congressional District, according to the Seattle Times. The people in the southwestern part of this state voted her out for committing the sin of voting to impeach Donald Trump. Kent will face off against Democrat Marie Gluesenkamp Perez, a local mechanic, in the general election.

The good news is Seattle City Councilmember Alex Pedersen has presented a law that would "phase out the use of gas-powered leaf blowers in Seattle." The bad news is, if passed, the city government can continue using those awful, loud, and utterly useless machines until 2025, and residents and businesses can use them until 2027. We are in the year 2022. Autumn is around the corner. The leaves, red and gold, will soon start to fall. Why can't we just ban gas-powered leaf blowers right now? Rakes can do the job in October. Rakes can be great job creators.

Amazon really plans to test retail robots in the basement of the downtown building once occupied by Macy's. People used to work down there, which used to be the section for men's clothing. Now it will be occupied by human-displacing machines. This alone explains why robots are feared in so many science fiction films. Puget Sound Business Journal:

The [Amazon] document describes an automatic storage and retrieval system where clothing from various manufacturers is stored, rolled and hung in 9-foot storage towers called pods. When an item is ordered, autonomous robots will retrieve a pod containing the item from the storage field and carry it to picking stations where employees will grab the item. Employees would return the item using the same process in reverse.

For some context on this recent robot development, I really recommend you read my 2018 post, "Amazon Humiliates Downtown Macy's."

Why can't we have a thunderstorm tonight? Instead, we have to wait until tomorrow night to see the satanic cracks of light and to hear the rolls and rumble of thunder. By the way, I come from a country where, during the rainy season, the main newspaper keeps a count of the people killed by lightning. I do miss that deep-rooted fear of nature's raw power. When you saw dark clouds massing in the distance, you got on your bike and booked it. You didn't want to be number 119. ZimLive:

Zimbabwe is one of the world’s most lightning-prone countries: the holder of a world record in lightning-related fatalities. During the rainy season, lightning strikes normally kill up to 100 people, mostly rural children.

Will Casey, The Stranger's cops and courts reporter, writes that Mayor Harrell’s hiring incentives for cops inched closer to becoming law: At today’s Public Safety and Human Services committee meeting, Councilmembers Lisa Herbold, Sara Nelson, Alex Pedersen, and Andrew Lewis voted to advance Herbold’s bill authorizing the money the Seattle Police Department needs to implement the Mayor’s plan to hire new officers and retain the cops we have.

Will Casey also reports that Councilmember Teresa Mosqueda was the lone “no” vote, saying that the frontline officers she’s spoken with told her “no amount of money” would make up for the frustration they feel when they have nowhere to take people in crisis once they pick them up off the street. Herbold and Lewis also expressed frustration at the lack of progress from SPD and the Mayor’s Office in developing alternative response programs that could take those calls off the cops’ plate, but they ended up voting to give the Mayor’s Office and SPD all the money they asked for anyway. The full council will vote on the bill next Tuesday.

A Seattle man is suspected of killing his older brother with an AR-15-style rifle. The incident happened near Diablo Lake, which is in North Cascades National Park. KIRO 7: "Rangers from the North Cascade National Park had responded to a report of a single shot, followed by several more shots in rapid succession." After a quick search, the rangers found lots of blood and bullet holes and a lifeless body. The younger brother was found, arrested, and later "confessed to shooting his brother... multiple times with the intent to kill him."

Damn! Facebook gave cops in Nebraska private chats that concerned a teenager's alleged abortion. The teenager was communicating with her mother. Now the mother and daughter are charged "with a series of felonies and misdemeanors." I remember when Apple wouldn't unlock the phones of terrorists who killed three people. Facebook does not give a fuck. In this case, it's fair to use the grim phrase "sold down the river."

Remember this warning made on the day Roe v. Wade was overturned by the Supreme Court?

It was only a matter of time before Elizabeth McLaughlin's prognostication of the post-Roe digital world materialized.

Las Vegas Metropolitan Police Department suspects the Beast Mode was in a Drunk Mode while driving this morning. Put another way, "[f]ormer Seahawks star Marshawn Lynch has been arrested in Las Vegas on suspicion of driving under the influence."

Let's end with this classic by Canada's greatest ever rapper, Saukrates:

The right is mad at Seattle for closing up potential loopholes before they form. by Hannah Krieg

In response to the U.S. Supreme Court’s decision to overturn Roe v. Wade, the Seattle City Council unanimously passed two additional layers of local protections for people seeking abortion. Though some right-wing commentators characterized the new protections as a desperate attempt from Seattle activists to stay relevant in the post-Roe outrage, the bill’s sponsors, Councilmembers Tammy Morales and Lisa Herbold, argued that adding the local measures on top of Washington state laws protecting the right to an abortion made sense given the uncertainty of the current moment.

“We don't know what's going to happen. And I think the point is really to make sure that we are codifying for the City the protections that we want for people who are trying to access care,” Morales said in a phone interview.

The first of the two bills the council passed on Tuesday prohibits discrimination against anyone in Seattle based on real or perceived pregnancy outcomes.

Morales said she’s not sure if that kind of discrimination was a widespread problem, but with abortion care advocates warning of more pregnant people coming to Seattle for the procedure, the conditions for it were ripe.

In this way, the bill takes a proactive approach. Instead of waiting for a hotel to turn away a pregnant Idahoan who wants to pay for a room after receiving care in Seattle, or instead of waiting for an employer to fire someone who tweeted about their abortion, the City will just go ahead and make such actions illegal.

The second of the two bills gives the City the power to charge anyone who impedes access to or disrupts the operations of health care facilities, including those that perform procedures to end pregnancy.

Engaging in that kind of disruptive behavior is already illegal under state law, so, practically, the council’s law doesn’t change much. It’s like adding an additional city-level murder charge, even though the state already enforces the law about not murdering people.

But redundancy isn’t always a bad thing. While Morales doesn’t expect the State Legislature to pass laws restricting abortions any time soon, if for some reason a red wave washes over Washington and then Republican majorities do go after the procedure, the City measures will still protect Seattleites.

Similarly, Councilmember Kshama Sawant’s abortion sanctuary bill also doubled up on existing protections. Though the Governor and the Mayor both instructed their respective police departments not to assist cops from other states in their efforts to enforce abortion criminalization, Sawant’s bill prevents changes in leadership from changing those directives.

However, Morales’s and Herbold’s health facility bill makes an actual change by allowing the City Attorney to prosecute that particular crime. That’s right, if you try to block the doorway at Planned Parenthood, then you will be City Attorney Ann Davison’s problem.

In a committee meeting last month, Sawant asked if this expansion of power would make a “substantive difference” in how law enforcement addresses these crimes. Central staff clarified that the bill would not take away power from the King County Court, but if that court for some reason got bogged down with other cases, then the City could prosecute.

In a statement, City Attorney spokesman Anthony Derrick warned that the law could add to the backlog that built up during pandemic court closures and also contribute to the "ongoing staffing crisis at the Seattle Police Department."

Neither of those warnings appear to hold much weight. A spokesperson for the King County Prosecuting Attorney's Office (KCPAO) said that these cases do not get pushed to the back burner, and the office rarely sees them anyway. The spokesperson couldn’t recall one in recent history.

The same goes for arrests. Based on a quick search, the Seattle Police Department said that the cops only investigated about two dozen cases since 2015 that violated the RCW that the council’s bill copies. However, cops flagged many of those arrests as general hospital disturbances unrelated to abortion.

The prevalence of more extreme attempts to interfere with abortion access may partially explain the few instances of these cases. For example, burning down a Planned Parenthood would register as a different crime than impeding the operations of a health care facility, even though the fire certainly wouldn't help.

Regardless of how often people are currently camping outside of clinics to stop abortions, Herbold said the bill clarifies the City’s stance in the event of Seattle becoming more hostile to pregnant people post-Roe.

“It's prospective of what could happen in a new climate where people are, unfortunately, more determined and more emboldened to deprive them of their rights to comprehensive health care,” Herbold said in a phone interview.

The council will continue to work on abortion protections, including a bill to protect health data and prevent harmful misinformation from crisis pregnancy clinics.

### 01:35

A tool to discover known security vulnerabilities in the Python packages installed on a system or required by a project, called pip-audit, was recently discussed on the Python discussion forum. The developers of pip-audit raised the idea of adding the functionality directly into the pip package installer, rather than keeping it as a separately installable tool. While the functionality provided by pip-audit was seen as a clear benefit to the ecosystem, moving it inside the pip "tent" was not as overwhelmingly popular. It is not obvious that auditing is part of the role that the package installer should play.

### 01:21

All of that makes Arc a lot more serious than Larrabee, Intel’s last effort to break into the dedicated graphics market. Larrabee was canceled late in its development because of delays and disappointing performance, and Arc GPUs are actual things that you can buy (if only in a limited way, for now). But the challenges of entering the GPU market haven’t changed since the late 2000s. Breaking into a mature market is difficult, and experience with integrated GPUs isn’t always applicable to dedicated GPUs with more complex hardware and their own pool of memory.

Regardless of the company’s plans for future architectures, Arc’s launch has been messy. And while the company is making some efforts to own those problems, a combination of performance issues, timing, and financial pressures could threaten Arc’s future.

There’s a lot of chatter that Intel might axe Arc completely, before it’s really truly out of the gate. I really hope those rumours are wrong or overblown, since the GPU market desperately needs a 3rd serious competitor. I hope Intel takes a breather, and allows the Arc team to be in it for the long haul, so that we as consumers can benefit from more choice in the near future.

### 00:35

You're Bound to fall in love with this gay neo-noir mafia thriller. by Jas Keimig

This week and into next, the Seattle International Film Festival is honoring the Wachowskis as part of its Auteur August series. The directing duo's sultry first feature and lesbian masterpiece, Bound, will kick things off.

The film starts as any good love story would: A hot, ex-con butch named Corky (Gina Gershon) falls for a hot, seductive femme named Violet (Jennifer Tilly) while working on a repair job in an apartment building.

The first 20 minutes unfurl some of the gayest, most erotic moments I've seen committed to tape: an earring dropped down the sink, a labrys tattoo, hands as instruments of love, twisted bedsheets, passionate moans. This love propels the other 89 minutes of the film, which is an excellently plotted, blood-soaked neo-noir.

After the steamy affair, the sapphic, star-crossed couple hatch a plan to rip off Violet's Mafia jerkoff boyfriend, Caesar (The Sopranos' Joe Pantoliano), for 2 million and then frame him for the crime. Of course, the scheme doesn't necessarily go as planned, and ultimately the lovers have to figure out a way to make it out alive, together, and with all that cash. The Wachowskis never undermine or exploit the connection between Violet and Corky—they are two fully fleshed-out women whose desire is treated maturely despite the differences in the way they present. "I know what I am," Violet says after a passionate fuck, defending her dykeness from Corky's eye rolls. "I don't need to have it tattooed on my shoulder." Perhaps that authenticity is also due to the work of feminist Susie Bright, who the directors brought on as "sex consultant" (unheard of in the 1990s for an independent film) and who helped coordinate the sex scenes, saving Bound from the dustbin of bad lesbian movies that came before it. Regardless, Violet and Corky both bypass the rigid noir stereotypes—the femme fatale, the sexy guy with a murky past—to become real-feeling characters who are desperate for a way to transcend their current circumstances and the patriarchy to be together. Plus, the movie also brought us this incredible photo. It's a perfect date night watch! Bound is screening at SIFF Cinema Egyptian on Friday, August 12 and Tuesday, August 16. ### 00:07 Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows. Redmond also addressed multiple flaws in Exchange Server — including one that was disclosed publicly prior to today — and it is urging organizations that use Exchange for email to update as soon as possible and to enable additional protections. In June, Microsoft patched a vulnerability in MSDT dubbed “Follina” that had been used in active attacks for at least three months prior. This latest MSDT bug — CVE-2022-34713 — is a remote code execution flaw that requires convincing a target to open a booby-trapped file, such as an Office document. Microsoft this month also issued a different patch for another MSDT flaw, tagged as CVE-2022-35743. The publicly disclosed Exchange flaw is CVE-2022-30134, which is an information disclosure weakness. Microsoft also released fixes for three other Exchange flaws that rated a “critical” label, meaning they could be exploited remotely to compromise the system and with no help from users. Microsoft says addressing some of the Exchange vulnerabilities fixed this month requires administrators to enable Windows Extended protection on Exchange Servers. See Microsoft’s blog post on the Exchange Server updates for more details. “If your organization runs local exchange servers, this trio of CVEs warrant an urgent patch,” said Kevin Breen, director of cyber threat research for Immerse Labs. “Exchanges can be treasure troves of information, making them valuable targets for attackers. With CVE-2022-24477, for example, an attacker can gain initial access to a user’s host and could take over the mailboxes for all exchange users, sending and reading emails and documents. For attackers focused on Business Email Compromise this kind of vulnerability can be extremely damaging.” The other two critical Exchange bugs are tracked as CVE-2022-24516 and CVE-2022-21980. It’s difficult to believe it’s only been a little more than a year since malicious hackers worldwide pounced in a bevy of zero-day Exchange vulnerabilities to remotely compromise the email systems for hundreds of thousands of organizations running Exchange Server locally for email. That lingering catastrophe is reminder enough that critical Exchange bugs deserve immediate attention. The SANS Internet Storm Center‘s rundown on Patch Tuesday warns that a critical remote code execution bug in the Windows Point-to-Point Protocol (CVE-2022-30133) could become “wormable” — a threat capable of spreading across a network without any user interaction. “Another critical vulnerability worth mentioning is an elevation of privilege affecting Active Directory Domain Services (CVE-2022-34691),” SANS wrote. “According to the advisory, ‘An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to System.’ A system is vulnerable only if Active Directory Certificate Services is running on the domain. The CVSS for this vulnerability is 8.8.” Breen highlighted a set of four vulnerabilities in Visual Studio that earned Microsoft’s less-dire “important” rating but that nevertheless could be vitally important for the security of developer systems. “Developers are empowered with access to API keys and deployment pipelines that, if compromised, could be significantly damaging to organizations,” he said. “So it’s no surprise they are often targeted by more advanced attackers. Patches for their tools should not be overlooked. We’re seeing a continued trend of supply-chain compromise too, making it vital that we ensure developers, and their tools, are kept up-to-date with the same rigor we apply to standard updates.” Greg Wiseman, product manager at Rapid7, pointed to an interesting bug Microsoft patched in Windows Hello, the biometric authentication mechanism for Windows 10. Microsoft notes that the successful exploitation of the weakness requires physical access to the target device, but would allow an attacker to bypass a facial recognition check. Wiseman said despite the record number of vulnerability fixes from Redmond this month, the numbers are slightly less dire. “20 CVEs affect their Chromium-based Edge browser and 34 affect Azure Site Recovery (up from 32 CVEs affecting that product last month),” Wiseman wrote. “As usual, OS-level updates will address a lot of these, but note that some extra configuration is required to fully protect Exchange Server this month.” As it often does on Patch Tuesday, Adobe has also released security updates for many of its products, including Acrobat and Reader, Adobe Commerce and Magento Open Source. More details here. Please consider backing up your system or at least your important documents and data before applying system updates. And if you run into any problems with these updates, please drop a note about it here in the comments. ## Tuesday, 09 August ### 23:49 If there’s any good news, it’s that children appear to be at low risk. by Matt Baume Vaccine access for monkeypox (also known as MPV) continues to be extremely limited, but more doses are on the way, according to Public Health Seattle & King County health chief Dr. Jeff Duchin. At a media briefing today, Duchin provided an update on infections, as well as guidance for avoiding the virus. His advice remains largely unchanged from the start of the outbreak. Be vigilant for new rashes, limit intimate skin-to-skin contact, and if you suspect that you’ve been exposed or think that you are showing symptoms, then quarantine immediately and seek medical care right away. And also: Be patient. Health officials know you want the vaccine, but there’s only so much to go around. “I know there is tremendous demand for this vaccine globally,” Duchin said. “We are in a bit of a bind.” King County estimates that there are 20,000 people at high risk in this country, and another 20,000 at potential risk. But the county has only received 9,000 doses so far, which means that health providers have had to ration them to patients most in need. Cases continue to rise in King County, with the latest count at 183, largely (but not exclusively) among men who have sex with men. If there is any good news, it’s that children appear to be at low risk. Out of 9,000 cases in the country, only two have been pediatric. The latest vaccine shipment, which contained 4,400 doses, arrived on August 5. The health department is currently in the process of releasing the doses to providers. The state anticipates that the federal government will allow them to order more on August 15, with around 4,000 to 5,000 likely to arrive not long after. “It’s particularly difficult right now when the need for vaccine far outstrips the supply,” Duchin said. “The US government had a supply of vaccine prior to the outbreak that was inadequate to meet the demands of this unanticipated outbreak, and when they went to order more … many other countries had already placed their orders with the sole manufacturer.” When asked if American providers might be able to obtain vaccines from the countries with more ample supply, Duchin said that he wasn’t aware of any opportunities to request international aid. King County is currently investigating a modified vaccination procedure that would allow doses to be split between multiple patients. Such a procedure requires specialized training and can’t be undertaken right away, but it might be an option in the coming weeks after further planning. While we wait for more vaccines, the method most readily available for reducing viral spread is public education, Duchin said. You might not be able to get a shot now, but you can take stock of personal choices that can help keep the virus at bay: Monitor your skin for new rashes, reduce skin-to-skin contact, and quarantine if you suspect transmission. “As more at-risk people learn … how to limit their risk, that will also have a very strong role in how the outbreak evolves,” Duchin said. “It will limit opportunities for the virus to move from person to person.” ### 23:35 It's a working title ### 21:28 A parent expresses gratitude for a West Seattle DOL employee who gave their kid their first state ID with the correct gender marker. by Anonymous Thank you, West Seattle Department of Licensing employee. You helped my kid get his first state ID card early on a Saturday morning. We were excited to get his first official identifying document with the correct gender marker, but we were also nervous that someone would give us a hard time, or at the very least the side eye. Not only did you grant our request without even a flicker of doubt, but you were so kind to my kid. You even let him ask you many questions about the vision test machine, despite the massive line around the building, and likely a very long day for you. It made me so grateful to live in Washington, and with people like you. Do you need to get something off your chest? Submit an I, Anonymous and we'll illustrate it! Send your unsigned rant, love letter, confession, or accusation to ianonymous@thestranger.com. Please remember to change the names of the innocent and the guilty. ### 21:07 We propose a design for a privacy-friendly method of age restriction in e-commerce that is aligned with the principle of subsidiarity. The design is presented as an extension of a privacy-friendly payment protocol with a zero-knowledge scheme that cryprographically augments coins for this purpose. Our scheme enables buyers to prove to be of sufficient age for a particular transaction without disclosing it. Our modification preserves the privacy and security properties of the payment system such as the anonymity of minors as buyers as well as unlinkability of transactions. We show how our scheme can be instantiated with ECDSA as well with a variant of EdDSA, respectively, and how it can be integrated with the GNU Taler payment system. We provide formal proofs and implementation of our proposal. Key performance measurements for various CPU architectures and implementations are presented. ### 20:42 by Matt Baume Disco lives, and it’s on a bike! The monthly mobile party gathers at Red Square for a mix of rolling and dancing. From there, they’ll head out on a low-impact tour of the surrounding neighborhoods. The route is still TBD, but organizers will post it a few days before the ride. These are always easy, all-riders-welcome, nobody-left-behind affairs, keeping the speed low and the distance a manageable 8 to 15 miles. Though they can last up to 6 hours, there’s no requirement that you stay for the entire thing or even show up on time. Bring a costume (optional) and decorate your bike and your helmet however you like. And if the mood strikes you, please do take the disco theme to heart and bring your finest 1970s look. Bright colors, flashing lights, and good vibes only. Seattle Bike Disco #23 gathers at Red Square at 7 pm and rolls out at 7:30 on Friday, August 12. ### 18:49 The GNU Health community keeps growing, and that makes us very proud! This time, the Spanish non-profit organization Cirugía Solidaria has chosen GNU Health as their Hospital and Lab Management system. Cirugía Solidaria was born in 2000 by a team of surgeons, anesthetists and nurses from “Virgen de la Arrixaca Hospital”, in Murcia, Spain, with the goal to provide medical assistance and to perform surgeries to underprivileged population and those in risk of social exclusion. Currently, Cirugía Solidaria counts with a multi-disciplinary team of health professionals around Spain that just made its 20th anniversary of cooperation. GNUHealth Hospital Management client for Cirugía Solidaria Around a month ago I received a message from Dr. Cerezuela, expressing their willingness to be part of the GNU Health community. Their main missions currently are focused, but not limited, to the African continent. Source: Cirugía Solidaria After several conferences and meetings, this August 1st 2022, Cirugía Solidaria and GNU Solidario signed an agreement to cooperate in the implementation, training and maintenance of the GNU Health Hospital Management and Lab Information System in those countries and health institutions where Cirugía Solidaria will be present. Source: Cirugía Solidaria This is very exciting. We have many projects in different countries from Africa, and working with Cirugía Solidaria will help to generate more local capacity, to cover the needs of those health professionals and their population. This is not just about surgeries or health informatics. GNU Health will allow Cirugía Solidaria to create sustainable projects. They will have unified clinical and surgical histories, telemedicine; assess the nutritional and educational status of the population, and many other socioeconomic determinants of health and disease. I want to give our warmest welcome to the team of Cirurgía Solidaria, and we are very much looking forward to cooperating with this great organization, for the betterment our our societies, and for those that need it most. ## About GNU Health The GNU Health project provides the tools for individuals, health professionals, institutions and governments to proactively assess and improve the underlying determinants of health, from the socioeconomic agents to the molecular basis of disease. From primary health care to precision medicine. GNU Health is a Libre, community driven project from GNU Solidario, a non-profit humanitarian organization focused on Social Medicine. Our project has been adopted by public and private health institutions and laboratories, multilateral organizations and national public health systems around the world. The GNU Health project provides the tools for individuals, health professionals, institutions and governments to proactively assess and improve the underlying determinants of health, from the socioeconomic agents to the molecular basis of disease. From primary health care to precision medicine. The following are the main components that make up the GNU Health ecosystem: • Social Medicine and Public HealthHospital Management (HMIS) • Laboratory Management (Occhiolino) • Personal Health Record (MyGNUHealth) • Bioinformatics and Medical Genetics • Thalamus and Federated health networks • GNU Health embedded on Single Board devices GNU Health is a GNU (www.gnu.org) official package, awarded with the Free Software Foundation award of Social benefit, among others. GNU Health has been adopted by many hospitals, governments and multilateral organizations around the globe. ## See also: GNU Health : https://www.gnuhealth.org GNU Solidario : https://www.gnusolidario.org Digital Public Good Alliance: https://digitalpublicgoods.net/ ### 18:28 US citizens: call on the Senate to pass the DISCLOSE Act. The Capitol Switchboard number is +1-202-224-3121. If you call, please spread the word! US citizens: call on the Senate to pass the assault weapons ban. People have criticized this proposed law for drawing the line in not exactly the right place. Perhaps that is true — but it is a step in the right direction, even if it doesn't end up in exactly the right place. It includes a ban on selling large magazines, and that will generally reduce the number killed in mass shootings. Although most people killed by guns are killed by handguns, that doesn't make this measure ineffective — only less than perfect. The Capitol Switchboard number is +1-202-224-3121. If you call, please spread the word! US citizens: call on the Senate to pass the Pregnant Workers Fairness Act. The Capitol Switchboard number is +1-202-224-3121. If you call, please spread the word! US citizens: call on Biden to reject new oil/gas leases. US citizens: call on the Senate to pass the Respect for Marriage Act. US citizens: call on Biden and Blinken to prevent home demolitions in Masafer Yatta, Palestine. US citizens: call on the Department of Justice to prosecute the wrecker for his conspiracy to steal the election. US citizens: call on Congress and Biden to make the federal minimum wage15.

I suspect that right-wing white women will get preferential treatment: they won't get prosecuted for miscarriages.

*Trump's worst toadies hold degrees from Harvard and Yale. Did they learn anything [there]?*

*By taunting the US ‘paper tiger’, China risks provoking a backlash over Taiwan.*

Neither the US nor China is engaging in uncalculated emotional reaction. Both countries are pursuing their conflicting goals, driven by the strategic logic.

China's rulers' goal is to conquer Taiwan; this is not speculation, it is what they say. As long as that does not change, the idea of "stabilizing" this confrontation for the long term is self-delusion because China won't accept that as an outcome.

China's "reactions" to whatever happens are not spontaneous emotion. They are planned actions by officials, aiming at the goal of conquering Taiwan. Sometimes they go softer, sometimes harder, but either way it is tactics.

One of China's tactics — China uses it because it is effective — is to twist the US up in the contradiction between its "one China" policy and treating Taiwan as independent. In the long run, that contradiction will be debilitating; so if the US is to protect Taiwan's independence, it must move away from the "one China" policy.

China will threaten to break off relations, etc.; the US must respond, "We can't prevent you from doing that, but you'll hurt yourself more than you hurt us." Then it must stand firm until China comes to face facts.

Smoke from wildfires harms people even thousands of miles away. A small concentration harms a smaller number of people but isn't harmless.

Since even wealthy people don't know how to protect themselves, we should have programs that aim at protecting everyone. Or perhaps everyone with asthma, if only people with asthma are particularly in danger.

In the long run, we can expect wealthy people to pay for this protection themselves, once we make sure they know what is needed.

Opposing the merger of Amazon and Roomba, on grounds of competition and privacy.

With proper privacy laws, no privacy issue would arise from this merger. A product such as the Roomba would not be allowed to send any data to anyone about the owner or the use of the product.

Billionaire Polluters have spent a million dollars to influence the British public against a windfall profits tax.

Texas and the federal government are headed for a fight where federal guidelines call for an abortion as part of proper medical care for a pregnant female with certain kinds of dangerous medical conditions, but Texas says it is a crime.

Pearson plans to allow students to "resell" digital textbooks, but not freely: they will have to pay Pearson for the privilege, and let Pearson track them.

Pearson uses the term "NFT" to describe these plans, but that's a red herring, as the article explains — a marketing buzzword that has been stretched to fit.

There is no sign that these ebooks will avoid any of the injustices of existing digital textbooks: DRM, surveillance, and "jerkmaking" contracts where you commit to be a jerk by refusing to share copies with others.

It is unethical to agree to such a contract; however, carrying it out (supposing you have agreed to it) is even more unethical. The less bad option, if you have agreed to such a thing, is to disregard it.

Veterans for Peace protested the US military's failure to reduce its greenhouse gas emissions.

A judge ruled that refusing to give Andrea Anderson emergency contraception wasn't discrimination based on sex.

That conclusion makes sense to me: it didn't fall under the heading of "discrimination" because there is no reason to believe the pharmacist would have treated a male patient differently. In my view, it was an injustice for the pharmacist to refuse to fill her prescription, but it was a different kind of injustice.

There is something in the article I don't clearly understand. Did the jury award Anderson \$25k in damages (under some other rubric), or not? If it did, that could be a very good outcome: perhaps sufficient to convince those pharmacies not to let this happen again. But if so, I'd like to understand the reasons for it.

* Special [UK Foreign Office] unit spread fake news about leftist [Kenyan] politician, Oginga Odinga, seen as threat to British interests in 1960s.*

Anna Vorosheva was a prisoner in Putin's Olenivka prison, and reports on the torture done to male prisoners there. As for female prisoners, they were not tortured but were treated degradingly in many ways.

The article excuses the Putin forces of setting off an explosion a week ago, inside the prison, which killed around 50 prisoners. If Putin keeps refusing investigators access, it will be his word against the satellite photos; but refusing access is a reason to disbelieve his word.

San Bernardino thugs got out of an unmarked car, and after a few seconds started shooting at Robert Adams who had done nothing but run away.

### 17:56

Trump is going to jail. Get used to the idea.

## Feeds

19:28, Friday, 12 August 20:13, Friday, 12 August
@ASmartBear 19:35, Friday, 12 August 20:16, Friday, 12 August
a bag of four grapes 19:21, Friday, 12 August 20:03, Friday, 12 August
Ansible 19:35, Friday, 12 August 20:15, Friday, 12 August
Bad Science 19:00, Friday, 12 August 19:49, Friday, 12 August
Black Doggerel 19:35, Friday, 12 August 20:16, Friday, 12 August
Blog – Official site of Stephen Fry 19:00, Friday, 12 August 19:49, Friday, 12 August
Charlie Brooker | The Guardian 19:21, Friday, 12 August 20:03, Friday, 12 August
Charlie's Diary 18:56, Friday, 12 August 19:44, Friday, 12 August
Chasing the Sunset - Comics Only 19:00, Friday, 12 August 19:49, Friday, 12 August
Coding Horror 18:56, Friday, 12 August 19:43, Friday, 12 August
Cory Doctorow – Boing Boing 19:35, Friday, 12 August 20:16, Friday, 12 August
Cory Doctorow's craphound.com 19:21, Friday, 12 August 20:03, Friday, 12 August
Ctrl+Alt+Del Comic 18:56, Friday, 12 August 19:44, Friday, 12 August
Cyberunions 19:00, Friday, 12 August 19:49, Friday, 12 August
David Mitchell | The Guardian 19:28, Friday, 12 August 20:11, Friday, 12 August
Deeplinks 19:28, Friday, 12 August 20:12, Friday, 12 August
Diesel Sweeties webcomic by rstevens 19:28, Friday, 12 August 20:11, Friday, 12 August
Dilbert 19:00, Friday, 12 August 19:49, Friday, 12 August
Dork Tower 19:21, Friday, 12 August 20:03, Friday, 12 August
Economics from the Top Down 19:28, Friday, 12 August 20:11, Friday, 12 August
Edmund Finney's Quest to Find the Meaning of Life 19:28, Friday, 12 August 20:11, Friday, 12 August
EFF Action Center 19:28, Friday, 12 August 20:11, Friday, 12 August
Enspiral Tales - Medium 19:28, Friday, 12 August 20:13, Friday, 12 August
Falkvinge on Liberty 18:56, Friday, 12 August 19:44, Friday, 12 August
Flipside 19:21, Friday, 12 August 20:03, Friday, 12 August
Flipside 19:28, Friday, 12 August 20:13, Friday, 12 August
Free software jobs 19:35, Friday, 12 August 20:15, Friday, 12 August
Full Frontal Nerdity by Aaron Williams 18:56, Friday, 12 August 19:44, Friday, 12 August
General Protection Fault: The Comic Strip 18:56, Friday, 12 August 19:44, Friday, 12 August
George Monbiot 19:28, Friday, 12 August 20:11, Friday, 12 August
Girl Genius 19:28, Friday, 12 August 20:11, Friday, 12 August
Graeme Smith 19:28, Friday, 12 August 20:12, Friday, 12 August
Groklaw 18:56, Friday, 12 August 19:44, Friday, 12 August
Grrl Power 19:21, Friday, 12 August 20:03, Friday, 12 August
Hackney Anarchist Group 19:00, Friday, 12 August 19:49, Friday, 12 August
Hackney Solidarity Network 19:28, Friday, 12 August 20:13, Friday, 12 August
http://anarchism.pageabode.com/blogs/anarcho/feed/ 19:28, Friday, 12 August 20:12, Friday, 12 August
http://blog.llvm.org/feeds/posts/default 19:28, Friday, 12 August 20:13, Friday, 12 August
http://dynamic.boingboing.net/cgi-bin/mt/mt-cp.cgi?__mode=feed&_type=posts&blog_id=1&id=1 19:28, Friday, 12 August 20:13, Friday, 12 August
http://eng.anarchoblogs.org/feed/atom/ 19:14, Friday, 12 August 20:00, Friday, 12 August
http://feed43.com/3874015735218037.xml 19:14, Friday, 12 August 20:00, Friday, 12 August
http://feeds.feedburner.com/Starslip 19:21, Friday, 12 August 20:03, Friday, 12 August
http://feeds2.feedburner.com/GeekEtiquette?format=xml 19:28, Friday, 12 August 20:11, Friday, 12 August
http://flatearthnews.net/flatearthnews.net/blogfeed 19:35, Friday, 12 August 20:16, Friday, 12 August
http://fulltextrssfeed.com/ 19:28, Friday, 12 August 20:11, Friday, 12 August
http://london.indymedia.org/articles.rss 18:56, Friday, 12 August 19:43, Friday, 12 August
http://planet.gridpp.ac.uk/atom.xml 18:56, Friday, 12 August 19:43, Friday, 12 August
http://shirky.com/weblog/feed/atom/ 19:28, Friday, 12 August 20:12, Friday, 12 August
http://the-programmers-stone.com/feed/ 18:56, Friday, 12 August 19:43, Friday, 12 August
http://thecommune.co.uk/feed/ 19:28, Friday, 12 August 20:13, Friday, 12 August
http://theness.com/roguesgallery/index.php/feed/ 18:56, Friday, 12 August 19:44, Friday, 12 August
http://www.airshipentertainment.com/buck/buckcomic/buck.rss 19:00, Friday, 12 August 19:49, Friday, 12 August
http://www.airshipentertainment.com/growf/growfcomic/growf.rss 19:28, Friday, 12 August 20:12, Friday, 12 August
http://www.airshipentertainment.com/myth/mythcomic/myth.rss 19:21, Friday, 12 August 20:03, Friday, 12 August
http://www.baen.com/baenebooks 19:28, Friday, 12 August 20:12, Friday, 12 August
http://www.dcscience.net/feed/medium.co 19:00, Friday, 12 August 19:49, Friday, 12 August
http://www.feedsapi.com/makefulltextfeed.php?url=http%3A%2F%2Fwww.somethingpositive.net%2Fsp.xml&what=auto&key=&max=7&links=preserve&exc=&privacy=I+accept 19:28, Friday, 12 August 20:12, Friday, 12 August
http://www.godhatesastronauts.com/feed/ 18:56, Friday, 12 August 19:44, Friday, 12 August
http://www.steampunkmagazine.com/inside/feed/ 19:35, Friday, 12 August 20:16, Friday, 12 August
http://www.tinycat.co.uk/feed/ 19:35, Friday, 12 August 20:15, Friday, 12 August
https://blog.loomio.com/feed/ 19:14, Friday, 12 August 20:00, Friday, 12 August
https://broodhollow.krisstraub.comfeed/ 19:35, Friday, 12 August 20:16, Friday, 12 August
https://debian-administration.org/atom.xml 19:35, Friday, 12 August 20:16, Friday, 12 August
https://hackbloc.org/rss.xml 19:35, Friday, 12 August 20:16, Friday, 12 August
https://kajafoglio.livejournal.com/data/atom/ 19:00, Friday, 12 August 19:49, Friday, 12 August
https://philfoglio.livejournal.com/data/atom/ 18:56, Friday, 12 August 19:43, Friday, 12 August
https://pixietrixcomix.com/eerie-cutiescomic.rss 18:56, Friday, 12 August 19:43, Friday, 12 August
https://pixietrixcomix.com/menage-a-3/comic.rss 19:28, Friday, 12 August 20:12, Friday, 12 August
https://propertyistheft.wordpress.com/feed/ 19:35, Friday, 12 August 20:15, Friday, 12 August
https://studiofoglio.livejournal.com/data/atom/ 19:14, Friday, 12 August 20:00, Friday, 12 August
https://thecommandline.net/feed/ 19:14, Friday, 12 August 20:00, Friday, 12 August
https://torrentfreak.com/subscriptions/ 19:28, Friday, 12 August 20:11, Friday, 12 August
https://web.randi.org/?format=feed&type=rss 19:28, Friday, 12 August 20:11, Friday, 12 August
https://www.DropCatch.com/domain/ubuntuweblogs.org 19:14, Friday, 12 August 20:00, Friday, 12 August
https://www.DropCatch.com/redirect/?domain=DyingAlone.net 18:56, Friday, 12 August 19:43, Friday, 12 August
https://www.freedompress.org.uk:443/news/feed/ 18:56, Friday, 12 August 19:44, Friday, 12 August
https://www.goblinscomic.com/category/comics/feed/ 19:35, Friday, 12 August 20:15, Friday, 12 August
https://www.newstatesman.com/feeds/blogs/laurie-penny.rss 19:35, Friday, 12 August 20:16, Friday, 12 August
https://www.patreon.com/graveyardgreg/posts/comic.rss 18:56, Friday, 12 August 19:43, Friday, 12 August
https://www.rightmove.co.uk/rss/property-for-sale/find.html?locationIdentifier=REGION^876&maxPrice=240000&minBedrooms=2&displayPropertyType=houses&oldDisplayPropertyType=houses&primaryDisplayPropertyType=houses&oldPrimaryDisplayPropertyType=houses&numberOfPropertiesPerPage=24 19:28, Friday, 12 August 20:11, Friday, 12 August
Humble Bundle Blog 18:56, Friday, 12 August 19:43, Friday, 12 August
I, Cringely 18:56, Friday, 12 August 19:44, Friday, 12 August
Irregular Webcomic! 19:35, Friday, 12 August 20:16, Friday, 12 August
Joel on Software 19:14, Friday, 12 August 20:00, Friday, 12 August
Judith Proctor's Journal 19:35, Friday, 12 August 20:15, Friday, 12 August
Krebs on Security 19:35, Friday, 12 August 20:16, Friday, 12 August
Lambda the Ultimate - Programming Languages Weblog 19:35, Friday, 12 August 20:15, Friday, 12 August
Looking For Group 19:28, Friday, 12 August 20:12, Friday, 12 August
LWN.net 19:35, Friday, 12 August 20:16, Friday, 12 August
Mimi and Eunice 19:28, Friday, 12 August 20:13, Friday, 12 August
Neil Gaiman's Journal 19:35, Friday, 12 August 20:15, Friday, 12 August
Nina Paley 18:56, Friday, 12 August 19:43, Friday, 12 August
O Abnormal – Scifi/Fantasy Artist 19:28, Friday, 12 August 20:13, Friday, 12 August
Oglaf! -- Comics. Often dirty. 18:56, Friday, 12 August 19:44, Friday, 12 August
Oh Joy Sex Toy 19:28, Friday, 12 August 20:12, Friday, 12 August
Order of the Stick 19:28, Friday, 12 August 20:12, Friday, 12 August
Original Fiction – Tor.com 19:21, Friday, 12 August 20:03, Friday, 12 August
OSnews 19:28, Friday, 12 August 20:13, Friday, 12 August
Past Events 18:56, Friday, 12 August 19:44, Friday, 12 August
Paul Graham: Unofficial RSS Feed 19:28, Friday, 12 August 20:13, Friday, 12 August
Penny Arcade 19:21, Friday, 12 August 20:03, Friday, 12 August
Penny Red 19:28, Friday, 12 August 20:13, Friday, 12 August
PHD Comics 19:00, Friday, 12 August 19:49, Friday, 12 August
Phil's blog 18:56, Friday, 12 August 19:44, Friday, 12 August
Planet Debian 19:28, Friday, 12 August 20:13, Friday, 12 August
Planet GNU 19:35, Friday, 12 August 20:16, Friday, 12 August
Planet Lisp 19:00, Friday, 12 August 19:49, Friday, 12 August
Pluralistic: Daily links from Cory Doctorow 19:35, Friday, 12 August 20:15, Friday, 12 August
PS238 by Aaron Williams 18:56, Friday, 12 August 19:44, Friday, 12 August
QC RSS 18:56, Friday, 12 August 19:43, Friday, 12 August
Radar 19:21, Friday, 12 August 20:03, Friday, 12 August
RevK®'s ramblings 19:14, Friday, 12 August 20:00, Friday, 12 August
Richard Stallman's Political Notes 19:00, Friday, 12 August 19:49, Friday, 12 August
Scenes From A Multiverse 18:56, Friday, 12 August 19:43, Friday, 12 August
Schneier on Security 19:35, Friday, 12 August 20:15, Friday, 12 August
SCHNEWS.ORG.UK 19:28, Friday, 12 August 20:12, Friday, 12 August
Scripting News 19:21, Friday, 12 August 20:03, Friday, 12 August
Seth's Blog 19:14, Friday, 12 August 20:00, Friday, 12 August
Skin Horse 19:21, Friday, 12 August 20:03, Friday, 12 August
Spinnerette 19:28, Friday, 12 August 20:12, Friday, 12 August
Tales From the Riverbank 19:00, Friday, 12 August 19:49, Friday, 12 August
The Adventures of Dr. McNinja 19:28, Friday, 12 August 20:13, Friday, 12 August
The Bumpycat sat on the mat 19:35, Friday, 12 August 20:15, Friday, 12 August
The Daily WTF 19:14, Friday, 12 August 20:00, Friday, 12 August
The Monochrome Mob 19:35, Friday, 12 August 20:16, Friday, 12 August
The Non-Adventures of Wonderella 19:28, Friday, 12 August 20:11, Friday, 12 August
The Old New Thing 19:28, Friday, 12 August 20:12, Friday, 12 August
The Open Source Grid Engine Blog 18:56, Friday, 12 August 19:43, Friday, 12 August
towerhamletsalarm 19:14, Friday, 12 August 20:00, Friday, 12 August
Twokinds 19:21, Friday, 12 August 20:03, Friday, 12 August
UK Indymedia Features 19:21, Friday, 12 August 20:03, Friday, 12 August
Uploads from ne11y 19:14, Friday, 12 August 20:00, Friday, 12 August
Use Sword on Monster 18:56, Friday, 12 August 19:43, Friday, 12 August
Wayward Sons: Legends - Sci-Fi Full Page Webcomic - Updates Daily 19:14, Friday, 12 August 20:00, Friday, 12 August
what if? 19:35, Friday, 12 August 20:16, Friday, 12 August
Whatever 19:00, Friday, 12 August 19:49, Friday, 12 August
Whitechapel Anarchist Group 19:00, Friday, 12 August 19:49, Friday, 12 August
WIL WHEATON dot NET 19:28, Friday, 12 August 20:12, Friday, 12 August
wish 19:28, Friday, 12 August 20:13, Friday, 12 August
xkcd.com 19:28, Friday, 12 August 20:11, Friday, 12 August