Friday, 30 September


Le Strip d'Escalier [Penny Arcade]

New Comic: Le Strip d'Escalier


Thugs seizure of reporter Jeff German's phone and computers [Richard Stallman's Political Notes]

After Las Vegas corruption reporter Jeff German was murdered, the thugs seized his phone and computers. The Las Vegas Review Journal is suing because this is likely to identify his confidential sources.

Nord stream pipelines sabotaged [Richard Stallman's Political Notes]

The two Nord Stream pipelines, which used to carry methane from Russia to Germany, have been sabotaged — gas now leaks out and bubbles up to the surface of the Baltic Sea.

Putin shut down the pipelines to put economic pressure on Europe. Putin could have resumed the gas supply at any time. But no longer: the sabotage has eliminated the option of resuming delivery. The economic difficulties for Europe continue, but Putin no longer has the power to switch them on and off. Thus, Europe no longer has the option of ending the economic difficulties by caving to Putin.

Some are accusing Putin of causing the sabotage, but I don't see how that would have given him any advantage.

Building 15,000 miles of oil pipelines [Richard Stallman's Political Notes]

The world's fossil fools plan to build 15000 miles of new oil pipelines.

This at a time when reducing fossil fuel consumption is the only way to reduce global disaster.

Zoom cancelled a round table discussion [Richard Stallman's Political Notes]

Zoom cancelled by fiat a round table discussion that San Francisco State University planned to hold, because it included an actual terrorist who hijacked an airplane in the 1970s.

Zoom claimed that the discussion was illegal. The article explains why that is not so; the protection of freedom of association and freedom of speech under the US Constitution are so broad and firm that "so and so is a terrorist," even if true, cannot justify censoring the meeting.

However, Zoom went beyond citing a putative censorship interpretation of those laws. It asserted that its "terms of service" gave it the power to dictate what topics the university could discuss.

It is intolerable for a company to have veto power over what topics universities can cover in remote discussions. The side issue of how it would use that power, which topics the company wishes to censor, must not distract us from the wrong of putting the company in charge.

Universities should cancel their contracts with Zoom rather than tolerate this censorship.

This is in addition to the injustices that Zoom does to each user: for instance, the requirement to run nonfree software, the requirement to identify oneself (by making an account), and the requirement to agree to an unfair contract.

Labour Party MP punished for calling Tory "superficially black" [Richard Stallman's Political Notes]

The Labour Party punished one of its MPs for calling Chancellor Kwarteng, a Tory, "superficially black" — presuming that truly having your skin of a certain color depends on something other than skin color.

Ms Huq's statement was both racist and a distraction from what matters. The problem with Kwarteng is not his skin color. Whether he is "superficially" black or really and truly black, whether he is black at all, are hardly even politically significant.

What's wrong with Kwarteng is that he's really and truly Tory — a plutocratist and a henchman of dooH niboR. He's lower than vermin.

He is trying to impoverish everyone in Britain who's not wealthy or specially fortunate, whatever color per skin is. Why even try to look for a worse thing to say about him than that?

Women traveling from EU countries to Netherlands for abortions [Richard Stallman's Political Notes]

Due to patchy European restrictions on late-term abortions, women need to travel from other EU countries to the Netherlands to get one.

Local community support for book store [Richard Stallman's Political Notes]

How the local community showed their support to defend a book store and its Drag Story Hour from right-wing bullying.

Government spending cuts and privatizations [Richard Stallman's Political Notes]

85% of the human population is being hit by government spending cuts and privatizations that will cause suffering for the poor.

Stiglitz and some associates say, let's tax rich individuals and companies instead.

Our increase of CO2 in the air [Richard Stallman's Political Notes]

We have increased the level of CO2 in the air to 421 parts per million. In the past, when it was above 400 ppm, Antarctica's marine ice sheets melted; this would have led to a lot of loss of ice from the ice cap, and sea level rise of perhaps tens of meters.

DeMentis elevates election deniers [Richard Stallman's Political Notes]

*[DeMentis] privately elevates election deniers while publicly staying mum on 2020.*

Rejection of petition to ban neonicotinoids on seeds [Richard Stallman's Political Notes]

The EPA rejected a petition to ban using neonicotinoids to coat seeds.

The pesticide gets into the whole plant, and kills bees.

French consider extending UK nuclear plant use [Richard Stallman's Political Notes]

The French government owns the UK's nuclear power plants, and is considering extending their operation again.

This seems logical if you don't look at the numbers, but Amory Lovins has shown that it is an inefficient, wasteful expense. It would be cheaper to build additional renewable generation to replace the nuclear plants than to keep operating them for much additional time.

The idea that the UK is "behind" on building new nuclear power plants flies in the face of all economics. It makes no sense to do that since building renewable generating capacity is far cheaper, safer and faster.

Inflation is an excuse to jack prices up [Richard Stallman's Political Notes]

*CEO Says He's Been "Praying for Inflation" Because It's an Excuse to Jack Up Prices.*


Girl Genius for Friday, September 30, 2022 [Girl Genius]

The Girl Genius comic for Friday, September 30, 2022 has been posted.


Slog PM: Teens Can Take Ferries For Free, Reinvigorated Ian Heading to South Carolina, Tesla SUVs Cannot Become Boats During a Flood []

The Stranger's evening news roundup. by Charles Mudede

What does the Washington State Department of Natural Resources not want you to do if there is a flood? Listen in, because this shit is very important. Acting correctly on this piece of information may save your life. And what do you always want to do? You want to live for as long as possible because all there is is life. After this, nothing but "the dark, the dark, the dark." So, pay attention. Take down notes. Do what you got to do to keep this truth in your mind: Never believe for a minute what Elon Musk has to say about his company's SUV, the Cybertruck. They are not transformers. They will not turn into boats during a flood. Just always do your best not to believe what comes out of the mouths of billionaires.  

Recall those marvelous days when spring could not free itself from winter? Well, it seems we are going to pay dearly for those happy days. KIRO: "Seattle could see the warmest start to October in nearly 30 years, according to the National Weather Service." Enjoy today and tomorrow. Saturday will likely sun-suck, and so, too, will much of next week. My fall and winter clobber is already tired of all this waiting.

Customers to Seattle-Tacoma International Airport: "I can't get no satisfaction." Puget Sound Business Journal has this story: "Sea-Tac Airport customer satisfaction dips, according to J.D. Power report."

Starting this Saturday, people 18 years and younger will not pay a penny for a ride on the state's ferries. There is a catch, however. You must be a passenger in a car or a walk-on to get this socially positive deal (all forms of public transportation should, ultimately, cost nothing). If the teen is driving a car, then they will be required to exhaust their allowance.

Sound Transit really needs this kind of spirit:

I love the brown teen in this pro-public transportation ad from Denmark: 

Finally, the Chevron ad we have been waiting for!

My prediction? Facebook is now going the way of Myspace. It was a long run, but its time is up. Bloomberg: "Meta Platforms Inc. Chief Executive Officer Mark Zuckerberg outlined sweeping plans to reorganize teams and reduce headcount for the first time ever, calling an end to an era of rapid growth at the social media giant." What did Meta do wrong? Its leader failed to recognize the true nature of 21st century capitalism. Amazon's Bezos, on the other hand, did. Profit is no longer as important as growth. This is a point made again and again by the Marxist economic geographer David Harvey, whose anti-capitalist podcast is available on Amazon. Mass is now the only game in town. Downsizing spells doom.

This is the latest stage in Trump's endlessness.

Most of the Florida homes hit hard by Hurricane Ian have no flood insurance. Because the private sector wants nothing to do with areas on the frontline of climate change, homeowners have to turn to the coverage offered by the government. But the "average premiums" for socialist flood insurance (also known as the National Flood Insurance Program) is still not cheap enough for many ($1,000 a year). What this means is many middle-class Floridians (whose governor has convinced them to focus all of their nervous energy on Critical Race Theory) will be permanently ruined by the hurricane.   

Ian ain't done with the US yet. The Atlantic has renewed some of Ian's strength, which will be felt by South Carolina tomorrow.

It's 1999. I've just arrived in Linz, Austria for a conference, the Ars Electronica Festival. The flights (Seattle to Atlanta, Atlanta to Frankfurt, Frankfurt to Linz) killed me. Two hours after landing, I was in my room on the 14th floor of Arcotel Nike trying to sleep. The room faces the Danube, "the second-longest river in Europe." I fall asleep and wake up, fall asleep and wake up like all of those planes rising and falling during my long trip. Then there's a lot of noise. It's coming through my window, which I left open. It's the noise of a crowd. And there's music. It sounds like a huge concert or something. I get out of bed and look down at an area next to the dark river. There are thousands of people watching an orchestra play on a brightly lit stage. As the fog clears in my head, I more and more recognize the piece of music. But it's not classical. It's—at that moment the conductor turns to his left, raises his baton, and onto the stage leaps Coolio. It's really him. He's flown all the way to this moment in my life, to this post-industrial Austrian town, to perform "Gangster's Paradise" with an orchestra. See you at the crossroads, Coolio.

[ Comment on this story ]

[ Subscribe to the comments on this story ]


Open Coop [QC RSS]

Yay Deadfriend


The rest of Intel Arc’s A700-series GPU prices: A750 lands Oct. 12 below $300 [OSnews]

Intel’s highest-end graphics card lineup is approaching its retail launch, and that means we’re getting more answers to crucial market questions of prices, launch dates, performance, and availability. Today, Intel answered more of those A700-series GPU questions, and they’re paired with claims that every card in the Arc A700 series punches back at Nvidia’s 18-month-old RTX 3060.

After announcing a $329 price for its A770 GPU earlier this week, Intel clarified it would launch three A700 series products on October 12: The aforementioned Arc A770 for $329, which sports 8GB of GDDR6 memory; an additional Arc A770 Limited Edition for $349, which jumps up to 16GB of GDDR6 at slightly higher memory bandwidth and otherwise sports otherwise identical specs; and the slightly weaker A750 Limited Edition for $289.

These are excellent prices, and assuming Intel can deliver enough supply to meet demand, I think I may have found my next GPU. If history is anything to go by, these will have excellent Linux support, but of course, we would be wise to let the enthusiasts iron out the bugs and issues. Six to twelve months after launch, these could be amazing allrounders for a very good price.

CDE 2.5 released [OSnews]

CDE 2.5.0 is now available on SourceForge. This is a significant release compared to the previous one with, among many other things, a replacement of the build system from ancient Imake to somewhat less ancient Autotools.

There’s also a ton of bug fixes, as well as new features and other changes.

Google shuts down Stadia [OSnews]

A few years ago, we also launched a consumer gaming service, Stadia. And while Stadia’s approach to streaming games for consumers was built on a strong technology foundation, it hasn’t gained the traction with users that we expected so we’ve made the difficult decision to begin winding down our Stadia streaming service.

We’re grateful to the dedicated Stadia players that have been with us from the start. We will be refunding all Stadia hardware purchases made through the Google Store, and all game and add-on content purchases made through the Stadia store. Players will continue to have access to their games library and play through January 18, 2023 so they can complete final play sessions. We expect to have the majority of refunds completed by mid-January, 2023.

Another Google product announced with much fanfare is shutting down, as many, many people expected it would be. It seems Google is at least handling the refunds properly, and I hope the Stadia controllers can still be used with other platforms so they don’t turn into e-waste.

Another one for the graveyard.

Thursday, 29 September


Antoine Beaupré: Detecting manual (and optimizing large) package installs in Puppet [Planet Debian]

Well this is a mouthful.

I recently worked on a neat hack called puppet-package-check. It is designed to warn about manually installed packages, to make sure "everything is in Puppet". But it turns out it can (probably?) dramatically decrease the bootstrap time of Puppet bootstrap when it needs to install a large number of packages.

Detecting manual packages

On a cleanly filed workstation, it looks like this:

root@emma:/home/anarcat/bin# ./puppet-package-check -v
listing puppet packages...
listing apt packages...
loading apt cache...
0 unmanaged packages found

A messy workstation will look like this:

root@curie:/home/anarcat/bin# ./puppet-package-check -v
listing puppet packages...
listing apt packages...
loading apt cache...
288 unmanaged packages found
apparmor-utils beignet-opencl-icd bridge-utils clustershell cups-pk-helper davfs2 dconf-cli dconf-editor dconf-gsettings-backend ddccontrol ddrescueview debmake debootstrap decopy dict-devil dict-freedict-eng-fra dict-freedict-eng-spa dict-freedict-fra-eng dict-freedict-spa-eng diffoscope dnsdiag dropbear-initramfs ebtables efibootmgr elpa-lua-mode entr eog evince figlet file file-roller fio flac flex font-manager fonts-cantarell fonts-inconsolata fonts-ipafont-gothic fonts-ipafont-mincho fonts-liberation fonts-monoid fonts-monoid-tight fonts-noto fonts-powerline fonts-symbola freeipmi freetype2-demos ftp fwupd-amd64-signed gallery-dl gcc-arm-linux-gnueabihf gcolor3 gcp gdisk gdm3 gdu gedit gedit-plugins gettext-base git-debrebase gnome-boxes gnote gnupg2 golang-any golang-docker-credential-helpers golang-golang-x-tools grub-efi-amd64-signed gsettings-desktop-schemas gsfonts gstreamer1.0-libav gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-ugly gstreamer1.0-pulseaudio gtypist gvfs-backends hackrf hashcat html2text httpie httping hugo humanfriendly iamerican-huge ibus ibus-gtk3 ibus-libpinyin ibus-pinyin im-config imediff img2pdf imv initramfs-tools input-utils installation-birthday internetarchive ipmitool iptables iptraf-ng jackd2 jupyter jupyter-nbextension-jupyter-js-widgets jupyter-qtconsole k3b kbtin kdialog keditbookmarks keepassxc kexec-tools keyboard-configuration kfind konsole krb5-locales kwin-x11 leiningen lightdm lintian linux-image-amd64 linux-perf lmodern lsb-base lvm2 lynx lz4json magic-wormhole mailscripts mailutils manuskript mat2 mate-notification-daemon mate-themes mime-support mktorrent mp3splt mpdris2 msitools mtp-tools mtree-netbsd mupdf nautilus nautilus-sendto ncal nd ndisc6 neomutt net-tools nethogs nghttp2-client nocache npm2deb ntfs-3g ntpdate nvme-cli nwipe obs-studio okular-extra-backends openstack-clients openstack-pkg-tools paprefs pass-extension-audit pcmanfm pdf-presenter-console pdf2svg percol pipenv playerctl plymouth plymouth-themes popularity-contest progress prometheus-node-exporter psensor pubpaste pulseaudio python3-ldap qjackctl qpdfview qrencode r-cran-ggplot2 r-cran-reshape2 rake restic rhash rpl rpm2cpio rs ruby ruby-dev ruby-feedparser ruby-magic ruby-mocha ruby-ronn rygel-playbin rygel-tracker s-tui sanoid saytime scrcpy scrcpy-server screenfetch scrot sdate sddm seahorse shim-signed sigil smartmontools smem smplayer sng sound-juicer sound-theme-freedesktop spectre-meltdown-checker sq ssh-audit sshuttle stress-ng strongswan strongswan-swanctl syncthing system-config-printer system-config-printer-common system-config-printer-udev systemd-bootchart systemd-container tardiff task-desktop task-english task-ssh-server tasksel tellico texinfo texlive-fonts-extra texlive-lang-cyrillic texlive-lang-french texlive-lang-german texlive-lang-italian texlive-xetex tftp-hpa thunar-archive-plugin tidy tikzit tint2 tintin++ tipa tpm2-tools traceroute tree trocla ucf udisks2 unifont unrar-free upower usbguard uuid-runtime vagrant-cachier vagrant-libvirt virt-manager vmtouch vorbis-tools w3m wamerican wamerican-huge wfrench whipper whohas wireshark xapian-tools xclip xdg-user-dirs-gtk xlax xmlto xsensors xserver-xorg xsltproc xxd xz-utils yubioath-desktop zathura zathura-pdf-poppler zenity zfs-dkms zfs-initramfs zfsutils-linux zip zlib1g zlib1g-dev
157 old: apparmor-utils clustershell davfs2 dconf-cli dconf-editor ddccontrol ddrescueview decopy dnsdiag ebtables efibootmgr elpa-lua-mode entr figlet file-roller fio flac flex font-manager freetype2-demos ftp gallery-dl gcc-arm-linux-gnueabihf gcolor3 gcp gdu gedit git-debrebase gnote golang-docker-credential-helpers golang-golang-x-tools gtypist hackrf hashcat html2text httpie httping hugo humanfriendly iamerican-huge ibus ibus-pinyin imediff input-utils internetarchive ipmitool iptraf-ng jackd2 jupyter-qtconsole k3b kbtin kdialog keditbookmarks keepassxc kexec-tools kfind konsole leiningen lightdm lynx lz4json magic-wormhole manuskript mat2 mate-notification-daemon mktorrent mp3splt msitools mtp-tools mtree-netbsd nautilus nautilus-sendto nd ndisc6 neomutt net-tools nethogs nghttp2-client nocache ntpdate nwipe obs-studio openstack-pkg-tools paprefs pass-extension-audit pcmanfm pdf-presenter-console pdf2svg percol pipenv playerctl qjackctl qpdfview qrencode r-cran-ggplot2 r-cran-reshape2 rake restic rhash rpl rpm2cpio rs ruby-feedparser ruby-magic ruby-mocha ruby-ronn s-tui saytime scrcpy screenfetch scrot sdate seahorse shim-signed sigil smem smplayer sng sound-juicer spectre-meltdown-checker sq ssh-audit sshuttle stress-ng system-config-printer system-config-printer-common tardiff tasksel tellico texlive-lang-cyrillic texlive-lang-french tftp-hpa tikzit tint2 tintin++ tpm2-tools traceroute tree unrar-free vagrant-cachier vagrant-libvirt vmtouch vorbis-tools w3m wamerican wamerican-huge wfrench whipper whohas xdg-user-dirs-gtk xlax xmlto xsensors xxd yubioath-desktop zenity zip
131 new: beignet-opencl-icd bridge-utils cups-pk-helper dconf-gsettings-backend debmake debootstrap dict-devil dict-freedict-eng-fra dict-freedict-eng-spa dict-freedict-fra-eng dict-freedict-spa-eng diffoscope dropbear-initramfs eog evince file fonts-cantarell fonts-inconsolata fonts-ipafont-gothic fonts-ipafont-mincho fonts-liberation fonts-monoid fonts-monoid-tight fonts-noto fonts-powerline fonts-symbola freeipmi fwupd-amd64-signed gdisk gdm3 gedit-plugins gettext-base gnome-boxes gnupg2 golang-any grub-efi-amd64-signed gsettings-desktop-schemas gsfonts gstreamer1.0-libav gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-ugly gstreamer1.0-pulseaudio gvfs-backends ibus-gtk3 ibus-libpinyin im-config img2pdf imv initramfs-tools installation-birthday iptables jupyter jupyter-nbextension-jupyter-js-widgets keyboard-configuration krb5-locales kwin-x11 lintian linux-image-amd64 linux-perf lmodern lsb-base lvm2 mailscripts mailutils mate-themes mime-support mpdris2 mupdf ncal npm2deb ntfs-3g nvme-cli okular-extra-backends openstack-clients plymouth plymouth-themes popularity-contest progress prometheus-node-exporter psensor pubpaste pulseaudio python3-ldap ruby ruby-dev rygel-playbin rygel-tracker sanoid scrcpy-server sddm smartmontools sound-theme-freedesktop strongswan strongswan-swanctl syncthing system-config-printer-udev systemd-bootchart systemd-container task-desktop task-english task-ssh-server texinfo texlive-fonts-extra texlive-lang-german texlive-lang-italian texlive-xetex thunar-archive-plugin tidy tipa trocla ucf udisks2 unifont upower usbguard uuid-runtime virt-manager wireshark xapian-tools xclip xserver-xorg xsltproc xz-utils zathura zathura-pdf-poppler zfs-dkms zfs-initramfs zfsutils-linux zlib1g zlib1g-dev

Yuck! That's a lot of shit to go through.

Notice how the packages get sorted between "old" and "new" packages. This is because popcon is used as a tool to mark which packages are "old". If you have unmanaged packages, the "old" ones are likely things that you can uninstall, for example.

If you don't have popcon installed, you'll also get this warning:

popcon stats not available: [Errno 2] No such file or directory: '/var/log/popularity-contest'

The error can otherwise be safely ignored, but you won't get "help" prioritizing the packages to add to your manifests.

Note that the tool ignores packages that were "marked" (see apt-mark(8)) as automatically installed. This implies that you might have to do a little bit of cleanup the first time you run this, as Debian doesn't necessarily mark all of those packages correctly on first install. For example, here's how it looks like on a clean install, after Puppet ran:

root@angela:/home/anarcat# ./bin/puppet-package-check -v
listing puppet packages...
listing apt packages...
loading apt cache...
127 unmanaged packages found
ca-certificates console-setup cryptsetup-initramfs dbus file gcc-12-base gettext-base grub-common grub-efi-amd64 i3lock initramfs-tools iw keyboard-configuration krb5-locales laptop-detect libacl1 libapparmor1 libapt-pkg6.0 libargon2-1 libattr1 libaudit-common libaudit1 libblkid1 libbpf0 libbsd0 libbz2-1.0 libc6 libcap-ng0 libcap2 libcap2-bin libcom-err2 libcrypt1 libcryptsetup12 libdb5.3 libdebconfclient0 libdevmapper1.02.1 libedit2 libelf1 libext2fs2 libfdisk1 libffi8 libgcc-s1 libgcrypt20 libgmp10 libgnutls30 libgpg-error0 libgssapi-krb5-2 libhogweed6 libidn2-0 libip4tc2 libiw30 libjansson4 libjson-c5 libk5crypto3 libkeyutils1 libkmod2 libkrb5-3 libkrb5support0 liblocale-gettext-perl liblockfile-bin liblz4-1 liblzma5 libmd0 libmnl0 libmount1 libncurses6 libncursesw6 libnettle8 libnewt0.52 libnftables1 libnftnl11 libnl-3-200 libnl-genl-3-200 libnl-route-3-200 libnss-systemd libp11-kit0 libpam-systemd libpam0g libpcre2-8-0 libpcre3 libpcsclite1 libpopt0 libprocps8 libreadline8 libselinux1 libsemanage-common libsemanage2 libsepol2 libslang2 libsmartcols1 libss2 libssl1.1 libssl3 libstdc++6 libsystemd-shared libsystemd0 libtasn1-6 libtext-charwidth-perl libtext-iconv-perl libtext-wrapi18n-perl libtinfo6 libtirpc-common libtirpc3 libudev1 libunistring2 libuuid1 libxtables12 libxxhash0 libzstd1 linux-image-amd64 logsave lsb-base lvm2 media-types mlocate ncurses-term pass-extension-otp puppet python3-reportbug shim-signed tasksel ucf usr-is-merged util-linux-extra wpasupplicant xorg zlib1g
popcon stats not available: [Errno 2] No such file or directory: '/var/log/popularity-contest'

Normally, there should be unmanaged packages here. But because of the way Debian is installed, a lot of libraries and some core packages are marked as manually installed, and are of course not managed through Puppet. There are two solutions to this problem:

  • really manage everything in Puppet (argh)
  • mark packages as automatically installed

I typically chose the second path and mark a ton of stuff as automatic. Then either they will be auto-removed, or will stop being listed. In the above scenario, one could mark all libraries as automatically installed with:

apt-mark auto $(./bin/puppet-package-check | grep -o 'lib[^ ]*')

... but if you trust that most of that stuff is actually garbage that you don't really want installed anyways, you could just mark it all as automatically installed:

apt-mark auto $(./bin/puppet-package-check)

In my case, that ended up keeping basically all libraries (because of course they're installed for some reason) and auto-removing this:

dh-dkms discover-data dkms libdiscover2 libjsoncpp25 libssl1.1 linux-headers-amd64 mlocate pass-extension-otp pass-otp plocate x11-apps x11-session-utils xinit xorg

You'll notice xorg in there: yep, that's bad. Not what I wanted. But for some reason, on other workstations, I did not actually have xorg installed. Turns out having xserver-xorg is enough, and that one has dependencies. So now I guess I just learned to stop worrying and live without X(org).

Optimizing large package installs

But that, of course, is not all. Why make things simple when you can have an unreadable title that is trying to be both syntactically correct and click-baity enough to flatter my vain ego? Right.

One of the challenges in bootstrapping Puppet with large package lists is that it's slow. Puppet lists packages as individual resources and will basically run apt install $PKG on every package in the manifest, one at a time. While the overhead of apt is generally small, when you add things like apt-listbugs, apt-listchanges, needrestart, triggers and so on, it can take forever setting up a new host.

So for initial installs, it can actually makes sense to skip the queue and just install everything in one big batch.

And because the above tool inspects the packages installed by Puppet, you can run it against a catalog and have a full lists of all the packages Puppet would install, even before I even had Puppet running.

So when reinstalling my laptop, I basically did this:

apt install puppet-agent/experimental
puppet agent --test --noop
apt install $(./puppet-package-check --debug \
    2>&1 | grep ^puppet\ packages 
    | sed 's/puppet packages://;s/ /\n/g'
    | grep -v -e onionshare -e golint -e git-sizer -e github-backup -e hledger -e xsane -e audacity -e chirp -e elpa-flycheck -e elpa-lsp-ui -e yubikey-manager -e git-annex -e hopenpgp-tools -e puppet
) puppet-agent/experimental

That massive grep was because there are currently a lot of packages missing from bookworm. Those are all packages that I have in my catalog but that still haven't made it to bookworm. Sad, I know. I eventually worked around that by adding bullseye sources so that the Puppet manifest actually ran.

The point here is that this improves the Puppet run time a lot. All packages get installed at once, and you get a nice progress bar. Then you actually run Puppet to deploy configurations and all the other goodies:

puppet agent --test

I wish I could tell you how much faster that ran. I don't know, and I will not go through a full reinstall just to please your curiosity. The only hard number I have is that it installed 444 packages (which exploded in 10,191 packages with dependencies) in a mere 10 minutes. That might also be with the packages already downloaded.

In any case, I have that gut feeling it's faster, so you'll have to just trust my gut. It is, after all, much more important than you might think.

Mayor Harrell Proposes $1 Million for Questionable Surveillance Tech []

Mayor Harrell's proposal to spend $1 million for questionable surveillance tech for the cops draws opposition from the City Council. by Will Casey

A proposal from Mayor Bruce Harrell to spend $1 million on a gunfire detection system called ShotSpotter drew opposition from Lisa Herbold, the chair of the City Council’s public safety committee, who worried about privacy violations and the technology’s lack of proven results. The discussion comes as the Mayor and Council try to align on ways to “reimagine public safety” through next year’s $7.4 billion budget in the wake of a reported increase in shots fired last year. 

This isn’t the first time Seattle has considered investing in the technology, which uses microphones placed around neighborhoods to pick up gunfire and alert police. Harrell has championed the idea several times during his tenure on the Seattle City Council. But each time the City has raised the idea of installing microphones to surveil some of its historically marginalized communities, civil rights advocates and police accountability activists teamed up to defeat the proposals.

Now, with gun violence spiking in the South End and in downtown, Harrell has resumed his quixotic quest to get the city on board with ShotSpotter. However, the technology has faced even more scrutiny in other major US cities since the last time he pushed this idea. Recent studies show the surveillance technology had little impact on crime reduction, and it’s been used to justify more aggressive policing tactics.

Mayor Harrell’s Long-Running Love Affair with ShotSpotter

In an email, a spokesperson for the Mayor said the proposal to invest in ShotSpotter came from “roundtables” the Mayor’s Office held with “mothers impacted by gun violence” who support the technology. The group of six moms who lost children to gun violence began meeting in August 2021 to “create culturally informed and victim-informed systems for families facing similar circumstances,” he said. 

However, Harrell’s support for the system dates back to well before his campaign last year, when he listed support for “Automatic Gunfire Locator Systems” such as ShotSpotter as part of his plan to reduce gun violence. In 2014, then-Council Member Harrell advocated for using the surveillance tech despite concerns from civil rights advocates that the system’s constantly recording microphones would also pick up conversations from law-abiding citizens on the sidewalk. 

In 2016, then-Council President Harrell again supported a plan to install ShotSpotter throughout the Rainier Valley in response to a rash of shootings, including the killing of two young Black men in his district. Even then, studies of ShotSpotter’s deployment in other major US cities raised doubts about its effectiveness. That year, a Center for Investigative Reporting analysis of the system’s track record in San Francisco showed that more than 3,000 ShotSpotter alerts over a two-and-a-half-year period resulted in only one gun-related arrest.

Recent Data Supports Doubts of ShotSpotter’s Effectiveness

Despite those critical reports, cities across the US continue investing in the technology. Over the summer, a volunteer-led commission in Portland recommended the tech to the City, and last week Mayor Ted Wheeler announced that his office will develop a pilot program for it.

In moving forward with the pilot project, however, Wheeler ignored concerns from Smart City PDX, a City office focused on surveillance technology and public data ethics. In a report, they pointed to the technology’s potential to justify additional searches of Black and brown residents in neighborhoods where the most gun crime occurs, and also the danger cops pose to people in the area when the system picks up a false alarm.

In response to Mayor Harrell’s latest proposal to deploy ShotSpotter in Seattle, opponents of the plan raised similar concerns. 

Council Member Lisa Herbold agreed with the Mayor’s focus on gun violence as a “major issue” but echoed the doubts captured in Smart City PDX’s analysis. She pointed to a 2021 report from Chicago’s Office of Inspector General (OIG) that found ShotSpotter alerts rarely lead to evidence of a gun-related crime.

In that report, Chicago’s OIG analyzed every ShotSpotter alert in the city between January 1, 2020, and May 31, 2021. Of the 50,176 confirmed alerts of gunfire the system picked up during that period, the OIG’s review found just 9.1% of Chicago Police Department responses found evidence of a gun-related criminal offense at the scene. 

ShotSpotter’s senior vice president of marketing, Sam Klepper, disputed these findings. In a statement, he argued that some guns don’t eject casings, or they do so “haphazardly,” and so a cop’s failure to find evidence of a shooting at a scene doesn’t mean the system isn’t working. Moreover, because a high number of alerts happen at night, he said, evidence collection and engaging witnesses can be difficult for officers once they respond to an alert.

That response only further underscores Herbold’s argument against deploying the technology, though. In her view, the lack of demonstrated results in connecting ShotSpotter alerts to convictions for gun violence should caution the City against installing surveillance technology that could send already overtaxed Seattle Police Department officers to a scene where they’re not likely to catch a suspect or find evidence to help track down a shooter. 

ShotSpotter Could Justify Biased Policing in Marginalized Communities

Even with the possibility of false positives and a lack of data to support its efficacy in solving gun crimes broadly, it’s not hard to understand the appeal of any tech that promises to save the life of even one victim of gun violence. But the cost for the communities ShotSpotter would surveil could be much higher than the Mayor’s $1 million budget proposal.

The Chicago OIG report discovered that the presence of ShotSpotter changed the way Chicago police officers interacted with people who live in communities under surveillance. In 1,366 investigatory stops over a 17-month period, the Chicago OIG found that a police officer justified the stop-and-frisk by referencing a ShotSpotter alert number that didn’t show up in the database of confirmed possible gunshots. 

That means Chicago cops responded to a false alarm and then temporarily detained someone in the neighborhood more than 80 times per month. Even more concerning, the Chicago OIG found examples of cops using the overall volume of ShotSpotter alerts in a particular area to justify more stops and/or pat-down searches.

Because the highest concentration of gun violence happens to coincide with many of Seattle’s historically Black and brown neighborhoods, implementing ShotSpotter could give a police department still under federal oversight due to its history of biased policing a race-neutral excuse to continue that pattern of over-policing people of color. 

Rather than risk those potentially devastating consequences, Herbold wants the Mayor to “focus our investments on solutions that are truly effective at addressing gun violence,” such as the King County Regional Peacekeepers Collective.

The Mayor’s budget proposal would spend $1.5 million to support the Collective’s work, so it looks like there’s common ground available for compromise with the Council, as long as the Mayor is willing to give up on his years of advocacy for surveillance tech that doesn’t appear to help reduce gun violence or lead to convictions in the aftermath of shootings.

[ Comment on this story ]

[ Subscribe to the comments on this story ]

Ticket Alert: Fitz and The Tantrums, Silent Movie Mondays, and More Seattle Events Going On Sale This Week []

Plus, Blue Man Group and More Event Updates for Sept 29 by EverOut Staff

Neo soul outfit Fitz and The Tantrums will embark on their Let Yourself Free tour. Comedians Pete Holmes, Sarah Millican, Doug Stanhope, and Matteo Lane have all announced shows for early next year. Plus, here’s your early ticket warning if you’re itching to see Blue Man Group—the painted performance art troupe will bring their electronic tunes and atmospheric effects to Seattle. Read on for details on those and other newly announced events, plus some news you can use.

Tickets go on sale at 10 am unless otherwise noted.



Chris Lorenzo: Places & Faces Tour
The Showbox (Fri Dec 16)

Dominic Fike: Out Of Order Tour
Showbox SoDo (Sun Nov 6)

Fitz and The Tantrums: Let Yourself Free
The Showbox (Jan 22, 2023)

[ Comment on this story ]

[ Subscribe to the comments on this story ]


Courts must stop shielding government surveillance programs from accountability [Richard Stallman's Political Notes]

*US courts must stop shielding government surveillance programs from accountability.*

To do this, we must also crack down on all kinds of commercial surveillance. Once the data have been put in a database, the state will surely arrange to access them.

Cuba's referendum [Richard Stallman's Political Notes]

Cuba has held a referendum on a proposed law -- to legalize same-sex marriage.

The new law was approved, with 2/3 of the votes in favor and 1/3 against. It appears there was actual public disagreement about the law. Allowing democracy in one policy area and tolerating public disagreement is a step forward for Cuba.

Palestinian villages strangled by demolition [Richard Stallman's Political Notes]

Palestinian villages such as Masafer Yatta are being slowly strangled by the demolition of all the houses.

Governments should be saving the planet [Richard Stallman's Political Notes]

*Patagonia's radical business move is great -- but governments, not billionaires, should be saving the planet.*

*We cannot simply stand back and hope that the elite will give away their wealth to tackle the climate emergency.* Most of them won't help voluntarily, so we need laws to compel them.


Logitech Pro Wheel! [Penny Arcade]

The folks at Logitech sent me a very nice package recently that included their brand new Pro Racing wheel and Pro Racing Pedals. I’ve only had a little bit of time to play with them both and tonight’s Penny Arcade League race will be the first time I use them in an actual event. 




Fake CISO Profiles on LinkedIn Target Fortune 500s [Krebs on Security]

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may be. But the fabricated LinkedIn identities are confusing search engine results for CISO roles at major companies, and they are being indexed as gospel by various downstream data-scraping sources.

If one searches LinkedIn for the CISO of the energy giant Chevron, one might find the profile for a Victor Sites, who says he’s from Westerville, Ohio and is a graduate of Texas A&M University.

The LinkedIn profile for Victor Sites, who is most certainly NOT the CISO of Chevron.

Of course, Sites is not the real CISO of Chevron. That role is currently occupied by Christopher Lukas of Danville, Calif. If you were confused at this point, you might ask Google who it thinks is the current Chief Information Security Officer of Chevron. When KrebsOnSecurity did that earlier this morning, the fake CISO profile was the very first search result returned (followed by the LinkedIn profile for the real Chevron CISO).

Helpfully, LinkedIn seems to be able to detect something in common about all these fake CISO profiles, because it suggested I view a number of them in the “People Also Viewed” column seen in the image above. There are two fake CISO profiles suggested there, including one for a Maryann Robles, who claims to be the CISO of another energy giant — ExxonMobil.

Maryann’s profile says she’s from Tupelo, Miss., and includes this detail about how she became a self-described “old-school geek.”

“Since playing Tradewars on my Tandy 1000 with a 300 baud modem in the early ’90s, I’ve had a lifelong passion for technology, which I’ve carried with me as Deputy CISO of the world’s largest health plan,” her profile reads.

However, this description appears to have been lifted from the profile for the real CISO at the Centers for Medicare & Medicaid Services in Baltimore, Md.

Interestingly, Maryann’s LinkedIn profile was accepted as truth by Cybercrime Magazine’s CISO 500 listing, which claims to maintain a list of the current CISOs at America’s largest companies:

The fake CISO for ExxOnMobil was indexed in Cybercrime Magazine’s CISO 500.

Rich Mason, the former CISO at Fortune 500 firm Honeywell, began warning his colleagues on LinkedIn about the phony profiles earlier this week.

“It’s interesting the downstream sources that repeat LinkedIn bogus content as truth,” Mason said. “This is dangerous,, Signalhire, and Cybersecurity Ventures.”

Google wasn’t fooled by the phony LinkedIn profile for Jennie Biller, who claims to be CISO at biotechnology giant Biogen (the real Biogen CISO is Russell Koste). But Biller’s profile is worth mentioning because it shows how some of these phony profiles appear to be quite hastily assembled. Case in point: Biller’s name and profile photo suggest she is female, however the “About” description of her accomplishments uses male pronouns. Also, it might help that Jennie only has 18 connections on LinkedIn.

Again, we don’t know much about who or what is behind these profiles, but in August the security firm Mandiant (recently acquired by Google) told Bloomberg that hackers working for the North Korean government have been copying resumes and profiles from leading job listing platforms LinkedIn and Indeed, as part of an elaborate scheme to land jobs at cryptocurrency firms.

None of the profiles listed here responded to requests for comment (or to become a connection).

In a statement provided to KrebsOnSecurity, LinkedIn said its teams were actively working to take these fake accounts down.

“We do have strong human and automated systems in place, and we’re continually improving, as fake account activity becomes more sophisticated,” the statement reads. “In our transparency report we share how our teams plus automated systems are stopping the vast majority of fraudulent activity we detect in our community – around 96% of fake accounts and around 99.1% of spam and scam.”

LinkedIn could take one simple step that would make it far easier for people to make informed decisions about whether to trust a given profile: Add a “created on” date for every profile. Twitter does this, and it’s enormously helpful for filtering out a great deal of noise and unwanted communications.

The former CISO Mason said LinkedIn also could experiment with offering something akin to Twitter’s verified mark to users who chose to validate that they can respond to email at the domain associated with their stated current employer.

“If I saw that a LinkedIn profile had been domain-validated, then my confidence in that profile would go way up,” Mason said, noting that many of the fake profiles had hundreds of followers, including dozens of real CISOs. Maryann’s profile grew by a hundred connections in just the past few days, he said.

“If we have CISOs that are falling for this, what hopes do the masses have?” Mason said.

Mason said LinkedIn also needs a more streamlined process for allowing employers to remove phony employee accounts. He recently tried to get a phony profile removed from LinkedIn for someone who falsely claimed to have worked for his company.

“I shot a note to LinkedIn and said please remove this, and they said, well, we have to contact that person and arbitrate this,” he said. “They gave the guy two weeks and he didn’t respond, so they took it down. But that doesn’t scale, and there needs to be a mechanism where an employer can contact LinkedIn and have these fake profiles taken down in less than two weeks.”


Weston 11.0: what's new, what's next (Collabora blog) []

Over on the Collabora blog, Marius Vlad writes about the recent Weston 11.0.0 release. Weston is the reference compositor for the Wayland display server protocol. Vlad looks at features of the release, including some things that are being deprecated and removed, as well as features coming in Weston 12.

Color management infrastructure code has landed that allows HDR [high dynamic range] characteristics to be delivered to an HDR-capable monitor by setting-up HDR metadata in a weston.ini configuration file and delivering that to KMS [kernel mode setting]. Once Weston gains the ability to produce HDR content in a future version, it will come naturally supported.

This new version brings in multiple RDP [remote desktop protocol] improvements, like clipboard pasting, various keyboard language support, bumped support for a newer version of FreeRDP library, and many more other improvements and fixes.


All Shot Up [Whatever]

I have two arms, so today I got two vaccines: On the left, this year’s edition of the flu shot, and on the right, the latest bivalent COVID booster. The latter is ever-so-slightly precipitate, as I caught COVID in June and therefore only barely inside the window for getting the booster, but inasmuch as I am traveling to New York, Kentucky, California and Nova Scotia during the month of October, I figure I owe it to myself and others to be as fully protected from both giving and getting flu and COVID as possible (and if I do get it, keeping it from messing with me too much). Simple — I made the online appointment for a local CVS in the morning, got both shots in the afternoon — quick, and no fuss. And just like that, I am all caught up. Please do the same, when you have a moment. Thanks.

— JS


[$] How to fix an ancient GDB problem []

The GDB debugger has a long history; it was first created in 1986. It may thus be unsurprising that some GDB development happens over relatively long time frames but, even when taking that into account, the existence of an open bug first reported in 2007 may be a little surprising. At the 2022 GNU Tools Cauldron, GDB maintainer Pedro Alves talked about why this problem has been difficult to solve, and what the eventual solution looks like.


Billy Eichner Is Our Nora Ephron []

It is with great relief that I can report that Bros is, in fact, good. by Matt Baume

It is with great relief that I can report that Bros (a new gay rom-com starring Billy Eichner released with great fanfare as a milestone in queer cinematic representation) is, in fact, good.

Better than good, actually. It’s quite good.

Is it funny? Yes! Chock-full of expert jokes that all land, with only one that doesn’t quite register (a pun about Friends that may only be funny if you have IMDb at the ready).

Is it romantic? Yup, it’s that too; there are tender soul-bearing moments and cynicism-melting schmaltz, including one surprisingly sweet encounter involving a bottle of poppers. (I dare any heterosexual rom-com to include VHS cleaner in such a manner.)

Is it a crowd-pleaser? Indeed! Judging by the vocal reaction of an extremely gay crowd at a recent preview screening, Bros is an easy-breezy romp that knows exactly which buttons to press in its target demographic, from hot muscle-bodies to a well-measured cameo by Debra Messing to a withering dig at Glee.

Is it groundbreaking? Welllllllll… not especially. But if it’s funny and sexy and sweet who gives a shit?

Billy Eichner plays Bobby Leiber, a cynical 40-year-old who has never been in love and proudly self-describes as emotionally unavailable. He’s a celebrity podcaster—an occupation that exists only in movies for the purposes of exposition (it’s fine, movies are fantasies)—and also the head of a soon-to-open LGBTQ+ museum. I don’t know how these two jobs intersect. It doesn’t make sense. Just go with it. GOD.

Bobby is also A Bit Much(™). He's an exhausting cynic with no interest in self-censoring for the benefit of his friends, co-workers, or own well-being but his brand of perpetual irritation is thrown into confusion after a chance encounter with a marketably-hot lawyer named Aaron, who provides rivalry in the only arena that seems to truly matter to Bobby: hating everyone. 

Will Bobby and Aaron hit it off? Will they find themselves dating or whatever despite making each other bristle at every turn? Will their needling slowly yield to affection and even, at long last, self-reflection and growth? Do they or do they not, to put it in a nutshell, fuck?

Yeah, yeah, yeah, and very much yeah. As a Judd Apatow-produced rom-com, Bros offers all the familiar plot beats with a dash of sauciness that one might expect. The difference is that Bros speaks a different language than that of straight rom-coms, a language that queer audiences typically must wait for a specialized film festival to hear.

There are knowing in-jokes about Pete Buttigieg and ass pics; there’s happy promiscuity galore; and instead of hetero hand-wringing about the differences between men and women, our boys engage with anxieties familiar to queers such as masc-masking, bi-erasure, and (briefly) HIV.

One especially well-observed joke—which will surely make sense to queers but would likely be too inscrutable to include in a movie for the straights—is when a discussion about hookup apps name-checks Grindr and then makes mention of "Zellwegr," an app for gay guys who want to talk about actresses before they have sex.

Another example: The few heterosexual characters in the movie exist only to be sounding boards to the gay leads. Straight personal lives are of virtually no interest whatsoever to anyone, which is a welcome inversion of the magical sexless homo friend trope that’s been a mainstay of straight stories for decades.

The inclusion of surprisingly well-researched queer history is also appreciated. Scenes involving Bobby’s museum go beyond mere lip service to liberation, and feature some deep cuts and tributes to our centuries of struggle, while smartly zeroing in on the funny bits. And there is plenty of writhing gay sex. Between Bros and Fire Island, 2022 is the year of mainstream films being unafraid of gay anal. (Well, maybe a little afraid; to retain an R rating, the characters are shown implausibly clad in underwear even mid-coitus.)

The supporting characters are also a notable highlight. Guy Branum is as smart and cutting as always, Bowen Yang is an absolute delight as an unhinged Hollywood producer, and Harvey Fierstein’s avuncular appearance elicited applause at my screening (though his presence is all too brief). Amanda Bearse is wonderful as an awkward mom (and I simply MUST know who makes her sweaters) and Kristin Chenoweth, as always, can do no wrong.

I suspect discourse will be made of the combination of Dot-Marie Jones, Jim Rash, Miss Lawrence, Eve Lindley, and Ts Madison portraying staffers of a queer nonprofit with Hot Takes galore. Speaking as someone who worked for several years at such an organization, I can confirm that they captured that sector’s exasperating drama with stunning accuracy and beyond that, their comedic blend of strident personalities is a standout triumph. If you told me they are a comedy troupe who've been honing their craft together for the last decade or more I’d believe you.

Queering aside, Bros is largely an as-expected love story, with a few wisps of ideas that are not entirely explored. Bobby’s fear of being unlovable comes and goes, and a critique of body-shape bigotry doesn’t reach any sort of resolution. A masc-acting twist in the third act draws some of the film’s stronger laughs but ultimately doesn’t have much to say. (The presence of Branum made me wish for a film version of his book My Life as a Goddess, which tackles these topics more directly.) When given the chance to comment on queer life, Bros offers a few bon mots, but it mostly steers its attention to the romance, as a good rom-com should.

While Bros is probably the first major film to have an all-LGBTQ+ cast, it's hard to call it the first of anything else without adding a bunch of qualifiers to exclude Jeffrey and Torch Song Trilogy and Love! Valour! Compassion! and La Cage aux Folles and Trick and In & Out and Another Gay Movie and Straight-Jacket and Sylvia Scarlett and The Boys in the Band and Fire Island and, well, just crack open The Celluloid Closet, a text that the makers of Bros are clearly familiar with. 

But here’s what I think the movie does offer as a first: It’s the first of its kind to be so funny, so energetic, so queer, and, when it feels like it, so smart. Billy Eichner's our Nora Ephron.

[ Comment on this story ]

[ Subscribe to the comments on this story ]



Pluralistic: 29 Sep 2022 Porn on Tumblr is a complicated subject [Pluralistic: Daily links from Cory Doctorow]

Today's links

A Victorian pornographic illustration of a man in coat and neck cloth touching the exposed bottom of a grinning woman who is face down on a fainting-couch. The image forms the backdrop for an animation in which a grinning Tumblr logo bounces up and down over her bum.

Porn on Tumblr is a complicated subject (permalink)

In 2018, Tumblr announced a ban on "adult content." That call was made by Verizon, Tumblr's erstwhile owner, and to call the resulting mess "a shitshow" is an insult to good, hardworking shitshows all over the world.

Verizon enforced this policy with an automated filter, which was charged with analyzing images and categorizing them as "sexual" or "nonsexual." This is risible enough, like asking a computer to sort videos into "virtuous" or "sinful" but that was just for starters.

Verizon's ban included a ban on "female-presenting nipples" – a canonically hard-to-define category – but included exceptions for non-sexual nipple images. Hard to imagine that any serious, disinterested computer scientist promising that an algorithm could cleave "female-presenting nipples" from "male-presenting" ones, let alone decide which ones were "sexual" or not.

The filters were…not good. Verizon posted a selection of images that were explicitly permitted under its policies. That post was blocked by Tumblr's filter.

It wasn't just that Tumblr's AI couldn't turn its unblinking eye upon the nipples casting their shadows upon the wall of Plato's Cave and divine their true nature. Tumblr's AI thought everything was a nipple – or some other potentially "adult" body-part.

A series of nested Tumblr posts marveling at the foolishness of Tumblr's filter.

I posted an image of a hand producing a fingerprint. Tumblr's filter blocked it. I posted a followup about Tumblr's idiotic filter. Tumblr's filter blocked that. I did it again. The filter did, too.

Verizon was not good at running Tumblr, which isn't a surprise, because Verizon's core competencies are lobbying and union-busting. Eventually the company wrote down its online media assets, taking a $4.6B loss:

Tumblrites didn't know what to make of the writedown. There was a lot of trepedation, sure, because even after years of mismanagement by Yahoo and then Verizon, Tumblr was still a community that mattered to its members.

What's more, with the writedown, there was the possibility that someone else – someone less Verizony – would buy the company. That happened! Automattic, creators of WordPress, announced that they would buy Tumblr. Tumblr's filter blocked the announcement:

When Automattic took over Tumblr, there was a lot of hope that the adult content ban would be reversed. Tumblr's adult communities had been hugely important in creating and promulgating a sex-positive, queer-positive, sex-worker-respecting platform, utterly unlike anything else online.

The impact of contributing to and participating in these adult communities can't be overstated. In Tumblr Porn, Ana Valens offers a memoir of how profoundly Tumblr's sex-positive spaces ("vanguard of a user-generated sexual revolution") affected her life:

Verizon's sex ban didn't just shut those communities down – it consigned them to the memory-hole, blocking the archivists who scrambled to preserve them:

But despite the importance of sex to Tumblr's success and the manifest idiocy of Verizon's ban, Automattic did not bring back the adult content, and made it clear they had no immediate plans to change that position.

Now, five years later, Tumblr has made its first tentative moves to open the platform to NSFW materials, with a new dashboard that lets views opt into adult content and a labeling system that lets posters flag their uploads:

This is a far cry from Tumblr's original full-throated, wide-open NSFW policy, and there's a reason for that. In a new post, Automattic CEO Matt Mullenweg describes why Tumblr's old "go nuts, show nuts" policy can't work today:

It all comes down to chokepoints and liability. It's an open secret that Verizon's Tumblr porn ban was triggered by Apple's threat to block the Tumblr app for iOS users, in the name of preserving the App Store's "child friendly" policy. Remember when Steve Jobs announced that "Folks who want porn can buy an Android phone?"

Google Play – the Android version of the App Store – is only slightly less adamant about blocking adult material. With the mobile duopoly dead set against adult content, an NSFW-friendly Tumblr would have to be web-only. Mullenweg explains why that's not viable: "40% of our signups and 85% of our page views come from mobile apps."

Now, it's true that there are other apps for platforms with a lot of adult content that both app stores welcome (Reddit, Twitter). Mullenweg says "My guess is that Twitter and Reddit are too big for Apple to block so they decided to make an example out of Tumblr, which has 'only' 102 million monthly visitors."

Though, he adds, "Maybe Twitter gets blocked by Apple sometimes too but can’t talk about it because they’re a public company and it would scare investors."

Playing chicken with Apple's App Store censors is a losing proposition. As Mullenweg describes, the interpretation of the App Store rules varies from day to day, depending on which person is evaluating your app. If you submit an app update, Apple might arbitrarily change its position on whether you're crossing a line and block your app instead. When that happens, it's a big deal. Mullenweg: "If Apple permanently banned Tumblr from the App Store, we’d probably have to shut the service down."

But it's not just the mobile duopoly that holds Tumblr's future in its hands. Mullenweg actually ranks payment processors as more powerful than mobile companies. Credit-card companies hate porn. Adding adult content back to Tumblr threatens Automattic's ability to process payments for all its services, from WordPress hosting to ad-free Tumblr subscriptions. Without money, the company couldn't last long, and its 2,000+ employees would be out of a job.

At this stage, Mullenweg anticipates a chorous of cryptocurrency enthusiasts claiming that the solution to this is to accept payment in cryptos. He heads them off. No matter whether you think crypto might solve this problem tomorrow, "today if you are blocked from banks, credit card processing, and financial services, you’re blocked from the modern economy."

But even if you bypass the mobile dupology and find a way to live without payment processing, setting up an adult-content-friendly site is still fraught. New rules (including SESTA/FOSTA) create civil and criminal liability for adult content hosting; as do rules against nonconsensual pornography (AKA "revenge porn").

Mullenweg doesn't want to host illegal adult content, not just because he doesn't want to go to jail, but because he decries the odious trade in sexual material made without consent, featuring children, or other unsavory circumstances.

But today's environment, filled as it is with networked pocket cameras, is fertile ground for the production of those materials. When anyone can produce sexual images, it becomes extremely difficult to establish whether everyone pictured is of age and consenting.

But even if Tumblr could hire the moderators it needed to make those determinations, it still wouldn't be in the clear, because market concentration elsewhere in the stack makes operating an "adult content business" far harder than it was in Tumblr's heyday.

Today, hosting adult content means finding specialized network connections, hosting, DDoS mitigation and more, because every layer of the "stack" of services other kinds of sites can rely on has been turning into an oligopoly with uniform anti-sex policies.

Paying for those specialized services is a problem, too, and not just because you will struggle to find a bank and credit-card company that will serve your business. Many investment funds are prohibited from investing in "vice" related businesses due to agreements with their own backers, and even the ones that can fund such a business choose not to.

Mullenweg sums up:

If you wanted to start an adult social network in 2022, you’d need to be web-only on iOS and side load on Android, take payment in crypto, have a way to convert crypto to fiat for business operations without being blocked, do a ton of work in age and identity verification and compliance so you don’t go to jail, protect all of that identity information so you don’t dox your users, and make a ton of money.

That's a sobering conclusion, but even more striking is Mullenweg's back-of-the-envelope calculations for what this would take:

I estimate you’d need at least $7 million a year for every 1 million daily active users to support server storage and bandwidth in addition to hosting, moderation, compliance, and developer costs.

Mullenweg closes with his hope that someone else will figure out how to "replace what people used to get from porn on Tumblr," but implies that for Tumblr itself, the best we can hope for are more baby-steps.

Hey look at this (permalink)

This day in history (permalink)

#20yrsago My talk at UT Austin

#15yrsago Pratchett’s Discworld: a reading-order guide < ahref="">

#15yrsago New AT&T terms of service: We’ll cut off your Internet connection for criticizing us

#15yrsago Smith-Corona’s voice letters by post: dead media

#10yrsago Why can’t pacemaker users read their own medical data?

#10yrsago TV news programs ignore false claims in the thousands of political ads that pay their bills

#5yrsago Rich people in California, Connecticut, Massachusetts, New York, and Pennsylvania are to blame for dangerous anti-vaxx surge

#5yrsago Spinal Tap’s $400m lawsuit against Vivendi will proceed

#5yrsago Trump’s chief Goldman-Sachs goblin tells America they can buy a new car for $1000

#5yrsago Architect of Reagan’s tax cuts reminds us that tax cuts don’t stimulate the economy

#5yrsago The story of Casa Jasmina: the first automated home built to improve its residents’ lives

#5yrsago Right-wing thinktank polls UK, find vast majority favour Labour’s policies

#1yrago Wells Fargo can't stop criming: The nation's third-biggest bank is a criminal enterprise

#1yrago "Are you calling me a racist?": The libertarian case for racism

#1yrago Debts that can't be paid, won't be paid: The first David Graeber Foundation meetup, between Thomas Piketty and Michael Hudson

Colophon (permalink)

Today's top sources: Waxy (

Currently writing:

  • The Bezzle, a Martin Hench noir thriller novel about the prison-tech industry. Yesterday's progress: 517 words (43073 words total)
  • The Internet Con: How to Seize the Means of Computation, a nonfiction book about interoperability for Verso. Yesterday's progress: 504 words (39451 words total)

  • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. (92849 words total) – ON PAUSE

  • A Little Brother short story about DIY insulin PLANNING

  • Vigilant, Little Brother short story about remote invigilation. FIRST DRAFT COMPLETE, WAITING FOR EXPERT REVIEW

  • Moral Hazard, a short story for MIT Tech Review's 12 Tomorrows. FIRST DRAFT COMPLETE, ACCEPTED FOR PUBLICATION

  • Spill, a Little Brother short story about pipeline protests. FINAL DRAFT COMPLETE

  • A post-GND utopian novel, "The Lost Cause." FINISHED

  • A cyberpunk noir thriller novel, "Red Team Blues." FINISHED

Currently reading: Analogia by George Dyson.

Latest podcast: Sound Money

Upcoming appearances:

Recent appearances:

Latest book:

Upcoming books:

  • Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin, nonfiction/business/politics, Beacon Press, September 2022
  • Red Team Blues: "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books, April 2023

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Newsletter (no ads, tracking, or data-collection):

Mastodon (no ads, tracking, or data-collection):

Medium (no ads, paywalled):

(Latest Medium column: "Oil is Bankrupt (If We Want It): Alberta’s Oil Companies Are the Walking Dead"

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla


[$] A call to reconsider address-space isolation []

When the kernel is running, it has access to its entire address space — usually including all of physical memory — even if only a small portion of that address space is actually needed. That increases the kernel's vulnerability to speculative attacks. An address-space isolation patch set aiming to change this situation has been circulating for a few years, but has never been seriously considered for merging into the mainline. At the 2022 Linux Plumbers Conference, Ofir Weisse sought to convince the development community to reconsider address-space isolation.


Slog AM: Seattle Public Schools Faces $190 Million Shortfall, Long Lines at Seattle Children’s, and Black Coffee Northwest Sees More Theft []

The Stranger's news roundup. by Hannah Krieg

Hurricane update: Hurricane Ian, "one of the strongest hurricanes to ever hit the United States," has left 2.5 million people in Florida without power. So far, authorities confirmed at least one death of a 72 year-old man, but they predict hundreds more before the storm passes. You can see live updates here

Weather at home: Nothing shocking today. The weather will be similar to yesterday, just with less rain. Expect a cool, cloudy start to your day, but don't rule out a nice walk under mostly sunny skies and near 70-degree temperatures after work. But don't take my word for it. Here's the forecast on

Remember that big teachers strike? No? Okay, read this to get caught up about the Seattle Education Association's demands, and then come back here. Ready? Okay. The union and the school district came to an agreement earlier this month. According to Crosscut, "Now they just need to figure out where to get the money." Apparently the three-year contract will put the district in a nearly $190 million budget hole, which just goes to show that this problem needs to be fought further upstream with more state funding. 

Get those numbers up, King County: The Seattle Times reported that in effort to meet its goal of bringing 1,600 homeless people inside, the County keeps buying up buildings. We love that! Except, the County is not filling up the 10 buildings it already has. In fact, the County is not even filling them halfway up. 

Victory for Magnolia: Guys, this is important. Redistricting council districts effects the kinds of leaders we elect to make our laws. Earlier this summer, every commissioner's proposal split up Magnolia except for one. Now, the commission voted to change course. 

Budget update: I already told you that the Mayor's proposed budget sucks for progressives, and that it peeved Council Member Teresa Mosqueda to see his administration attempt to reverse her hard work to increase wages for shelter workers and case managers, but there's another not-so-happy camper on the council. Council Member Lisa Herbold released a statement calling to amend the Mayor's decision to cut a vital fire truck for West Seattle. 

Without the ladder truck at Station 37 there is only one ladder truck to serve all of West Seattle. The nearest medic units are Medic 28 in Rainer Valley and Medic 32 in the Junction, far away from the Delridge neighborhoods, Arbor Heights, and South Park. As our population continues to grow it’s critical that we reevaluate the need for new resources, especially in historically underserved areas, Herbold wrote. 

Need the emergency room? Get in line: According to KIRO 7, Seattle Children's Hospital is absolutely swamped, facing "multiyear highs" for emergency room wait times. Medical experts at the hospital blamed the pandemic-induced pediatrician shortage for these long wait times, so there's really no end in sight. If your child needs medical attention, then Seattle Children's staff recommends first visiting your primary care physicians or urgent care, and to resort to the emergency room when you've exhausted other options. 

The "homelessness megaplex" saga continues: Protesters in the CID marched to SODO, upset about the expansion to the existing SODO services hub, which they say the County did not do enough to notify their neighborhood about. Seattle's left and right are still divided on whether the CID protester's movement is only anti-Dow Constantine, or if it is also anti-homeless. Here's the latest:

Me and who? I'm a sucker for a soirée, especially a scary soiree. I'll admit, it's probably pretty cheesy, but I really want to go to the House of Spirits Haunted Cocktail Soirée in Capitol Hill. Check out some pictures at Seattle Refined.

Speaking of suggestions: Every week, the much cooler half of our staff (arts and culture) puts together suggestions for the cool shit to do in town. Check out the latest Stranger Suggests and let us know if you try anything out! Especially the pastry omg. 

Don't fuck with Black Coffee Northwest: Black Coffee Northwest, a Black-owned coffee shop in Shoreline, once again got robbed. When the store first opened, the owners reported incidents of vandalism and racist threats very frequently, so they've got the place under surveillance, and they know just the camera that may have caught the thief. For more, check out KIRO 7

Happy (belated) Birthday, Darya Farivar: 

Cops open fire in a bar: Last night, a cop shot a gun inside The Office Bar and Grill while responding to a bar fight in downtown Tacoma. No one got hurt. 

A song for you: 

[ Comment on this story ]

[ Subscribe to the comments on this story ]


Link [Scripting News]

Wouldn't it be nice if there were a group of bloggers, people who write regularly, who are friends but might view things differently, but agree to read each other's pieces and speak up if they had something to say. They would know what they said would be read by other bloggers.

Security updates for Thursday []

Security updates have been issued by Debian (chromium, lighttpd, and webkit2gtk), Fedora (firefox, gajim, libofx, and python-nbxmpp), Gentoo (bluez, chromium, expat, firefox, go, graphicsmagick, kitty, php, poppler, redis, thunderbird, and zutty), Oracle (firefox and thunderbird), Red Hat (kernel), Slackware (xorg), SUSE (expat, libostree, lighttpd, python3-lxml, rust1.62, slurm, slurm_18_08, and vsftpd), and Ubuntu (libxi, linux-gcp, postgresql-9.5, and sqlite3).


I did that merge-as-cherry-pick thing, but my change still didn’t merge correctly [The Old New Thing]

A colleague used the patch-branch technique of merging a single commit to another branch, but found that the subsequent merge of the complete branch produced the wrong results. They asked me to investigate what went wrong.

After untangling the changes to the main and feature branches, I was able to reconstruct a simplified version of what happened.

We start with this:

    apple   apple    
    M1 M2   main
apple ↙          
    F1 F2   feature
    apple   berry    

They created a feature branch and did some work: Commit F1 didn’t affect the file, but commit F2 changed “apple” to “berry”.

They then realized that this “berry” change was something they wanted in the main branch early, so they could do some preliminary integration work before the rest of the feature work was done. They created a second berries-only branch that contained just the “berry” change and merged it into both the main branch (which delivers the payload to the main branch) and into the feature branch (which has no net code effect, but records that the change as have already been incorporated so it doesn’t get counted as payload when the feature branch merges back up to the main branch).

    apple   apple   berry
    M1 M2 M3   main
apple ↙     berry ↙
A ← ← ← P       patch
  ↖       ↖
    F1   F2   F3   feature
    apple   berry   berry

The integration validation didn’t turn out so great, so they reverted the change in both the main and feature branches.

    apple   apple   berry   apple
    M1 M2 M3 M4   main
apple ↙     berry ↙    
A ← ← ← P           patch
  ↖       ↖    
    F1 F2 F3 F4   feature
    apple   berry   berry   apple

The team continued working on the feature, and this time they felt that they got the “berry” thing right, so they made a commit in their feature branch to change “apple” back to “berry”, this time with feeling.

    apple   apple   berry   apple
    M1 M2 M3 M4       main
apple ↙     berry ↙        
A ← ← ← P               patch
  ↖       ↖        
    F1 F2 F3 F4 F5   feature
    apple   berry   berry   apple   berry

All the tests were passing, so they got the green light to merge the feature into the main branch. And that’s where something strange happened.

    apple   apple   berry   apple       apple
    M1 M2 M3 M4 ← ← ← M5   main
apple ↙     berry ↙           ↗
A ← ← ← P                 patch
  ↖       ↖          
    F1 F2 F3 F4 F5       feature
    apple   berry   berry   apple   berry    

The result of the merge into the main branch didn’t carry the final “berry” change. The file remained “apple” in the main branch.

As a result, the main branch was broken.

What happened?

The merge of the “only berries” branch into both the main and feature branches established “berry” as the baseline for the next merge. In the main branch, “berry” changed to “apple”. In the feature branch, “berry” underwent some turmoil but emerged unchanged. The three-way merge algorithm therefore saw that the main branch changed “berry” to “apple”, and the feature branch made no (net) change. Therefore, the result of the merge is “apple”. (apple + 0 = apple).

The fatal error was the dual revert.

These reverts were independent and therefore git did not consider them to be related to each other. But really, you wanted them to be considered the same revert, so that the feature branch could un-revert it.

Basically, once you merged the “only berries” branch, the diagram (from the apple/berry’s point of view) simplified to this:

    berry   apple       apple
    M3 M4 ← ← ← M5   main
berry ↙           ↗
    F3 F4 F5       feature
    berry   apple   berry    

It’s as if the feature branch was created from the “only-berries” branch, and the main branch continued by reverting “berries” back to “apple”, whereas the feature branch underwent some soul-searching and ultimately made no change to “berries”. Naturally, the result of this merge is that “berries” is reverted to “apple”.

What my colleague should have done was to perform the revert in a separate branch, possibly just extending the “only-berries” branch so it is now a “changed-my-mind-about-berries” branch. Merge that branch into both the main and feature branches, thereby advancing the baseline forward to the shared revert.

    apple   apple   berry   apple       berry
    M1 M2 M3 M4 ← ← ← M5   main
apple ↙     berry ↙ apple ↙       ↗
A ← ← ← P P2             patch
  ↖       ↖   ↖      
    F1 F2 F3 F4 F5       feature
    apple   berry   berry   apple   berry    

By making the revert on the patch branch and merging it into the main and feature branches (instead of reverting separately on the main and feature branches), git now understands that the revert is part of the shared history of the two branches. This time, when the final merge occurs, git sees that the main branch made no changes, and the feature branch did an unrevert, so the result of the merge is the unrevert, and “berry” makes it into the main branch.

The post I did that merge-as-cherry-pick thing, but my change still didn’t merge correctly appeared first on The Old New Thing.

The Big Idea: Rob Wilkins [Whatever]

Rob Wilkins was close enough to beloved author Terry Pratchett that the two of them shared the same Twitter account. From that vantage point Wilkins was able to see Pratchett as a friend, as a writer and as a human being – one who had a thing for hats, magical, metaphorical, and material. All of this comes together in today’s Big Idea for Terry Pratchett: A Life With Footnotes.


Terry Pratchett had a magic hat. In fact, he had a collection of them, assiduously acquired over many years from the stores of some of the world’s leading milliners, from London to New York, and from Sydney to Burford, in England’s Cotswolds, where a shop called Elm offers a good selection. In my fifteen years as his personal assistant, I shopped for hats with Terry a lot because he considered it one of life’s reliable axioms: ‘Any day with a new hat in it is a very good day indeed.’

And if it was a magic hat, then even better.

True, his collection included hats that were not magic. For instance, there was the John Rocha-designed mortar board lavishly decked with black feathers, a sensationally gothic headpiece presented to Terry in 2010 on his accession to the post of Honorary Professor at Trinity College, Dublin.

‘Is there any type of hat associated with this position?’ Terry had asked when Trinity first rang him in his office to sound him out about the role. The College indicated that there could well be a hat, thereby clinching Terry’s acceptance.

And then there was the battered old hat in which he would venture out into the grounds of his Wiltshire manor house when the rain was coming down in stair rods but the tortoises still needed feeding. And no doubt somewhere at the back of a cupboard – because Terry threw very little away – there was the peaked leather cap he wore when he worked in the press office of the Central Electricity Generating Board in Bristol. It was a garment which, in tandem with his beard, inspired his co-workers to call him ‘Lenin’ – though only when he was out of earshot.

And then there was the top hat he bought in Manhattan on a whim, and the bowler I bought him for Christmas. There were, as I say, many hats.

But none of those were magic. The magic hats were the black, broad-brimmed Louisianas for which Terry was famous. People would insist on referring to them as ‘fedoras’, but Terry would sigh and, with varying degrees of patience, correct them: it was not a fedora, it was a Louisiana. Such distinctions mattered to the true hat aficionado.

Then came the slightly awkward day when the staff at Lock & Co. in St James’s Street in London explained to Terry that the style of hat he had been favouring was a fedora, and not a Louisiana at all. And Terry had to take their word for it, because those Lock & Co. people really knew hats: they supplied Winston Churchill with his Homburg and Charlie Chaplin with his bowler, and even Admiral Nelson with the tricorn he wore when he came to a sticky end on the deck of HMS Victory. And since 1988, they had been supplying Terry Pratchett with his Louisiana which was in fact a fedora.

Ah well. Terry still favoured it. And it was still magic.

And this was the magic: he only had to put it on his head and he became Terry Pratchett, the author. That hat gave him, with almost absurd ease, an image. In his earliest days on the road, he would team the hat with a black Levi’s jacket – Levi’s made such a thing in those days – black Hugo Boss jeans and a black leather satchel, but it was the fedora that was the key. It instantly turned him into Terry Pratchett, the public figure that he was increasingly required to be.

And, by extension, when he got home he could take off the hat and be all the other Terry Pratchetts that he was, including, incidentally, Terry Pratchett the writer, which, by the way, is a different thing from being ‘an author’ – or ‘a nauthor’, in Terry’s self-mocking coinage. As he discovered when success came his way, the duties contingent upon being ‘a nauthor’ – the tours, the readings, the book-signings, the press interviews – frequently threatened to prevent you from doing the thing that had turned you into ‘a nauthor’ in the first place, i.e. writing books. The hat was a useful way to enforce the distinction. Hat on: nauthor. Hat off: writer. Terry referred to it as ‘an anti-disguise’.

All of which means that when I came to put together Terry’s authorized biography, a task which fell to me after his death at the cruelly early age of sixty-six from a rare variant of Alzheimer’s disease, I knew one thing with absolute clarity from the very outset: that if this book ever made it into print, it would have on its jacket a photograph of Terry Pratchett without a hat on.

That single gesture, it seemed to me, would send the clearest signal about the book that I was in a unique position to write, if I could manage it. Because, yes, of course I would want to write about Terry Pratchett the author, the public figure whom people knew. But I would also want, and even more urgently, to write about the Terry Pratchett who would be less familiar to people: the Terry Pratchett I saw every day, at his desk, without his hat on – Terry Pratchett the writer.

The publishers took a little persuading, because having a hatless Terry Pratchett on the jacket of a book is a little like opening a McDonalds and not using the arches logo on the store-front. We went back and forth on this, amid some frank exchanges of view and with some wide eyes occurring in the marketing department. But I stuck to my guns and I managed somehow to prevail. And that’s why on the jacket of the UK edition of Terry Pratchett: A Life With Footnotes, Terry is entirely hatless.

So that was the jacket sorted, exactly as I had imagined it. After that, all I had to do was write a book to go inside it.

Terry Pratchett: A Life with Footnotes: Amazon|Barnes and Noble|Indiebound|Powell’s

Follow Terry and Rob’s account on Twitter.


Russell Coker: Links September 2022 [Planet Debian]

Tony Kern wrote an insightful document about the crash of a B-52 at Fairchild air base in 1994 as a case study of failed leadership [1].

Cory Doctorow wrote an insightful medium article “We Should Not Endure a King” describing the case for anti-trust laws [2]. We need them badly.

Insightful Guardian article about the way reasonable responses to the bad situations people are in are diagnosed as mental health problems [3]. Providing better mental healthcare is good, but the government should also work on poverty etc.

Cory Doctorow wrote an insightful Locus article about some of the issues that have to be dealt with in applying anti-trust legislation to tech companies [4]. We really need this to be done.

Ars Technica has an interesting article about Stable Diffusion, an open source ML system for generating images [5], the results that it can produce are very impressive. One interesting thing is that the license has a set of conditions for usage which precludes exploiting or harming minors or generating false information [6]. This means it will need to go in the non-free section of Debian at best.

Dan Wang wrote an interesting article on optimism as human capital [7] which covers the reasons that people feel inspired to create things.


Link [Scripting News]

When was the last time you said "you're right" to someone who was trying to convince you of something? In the house I grew up in, this is something no one ever said, because (as the theory goes) if you said it, you'd be forever reminded of the time you were "wrong" and they were right. You would be subordinate to this person, be it your mother, father, brother, grandfather, grandmother. Not my uncles so much, they were more on my side than the rest of them. Anyway it took me a number of years of living outside this house to realize that not everyone is like this. Some people relax when you say the magic words. They open up and say more things that you can learn from. Everyone has a point of view, like the blind men and the elephant. What they see as truth may not be a universal truth, but to them it seems that way. And you are one of those people too. One time a long time ago, when I realized all of us can learn from everyone else, I wrote that we're just barking, farting chihuahas, even captains of industry like Bill Gates and Larry Ellison, with delusions of grandeur and a sense that they matter. Nothing we do really matters, in the end, but we can pretend that it does, in the moment, and if you can say something true that makes someone happy, why not? 😄

Link [Scripting News]

Last night's baseball was pretty intense. The Mets and Braves were playing at the same time in different cities, tied for first place in the NL East, as both games went into extra innings. I was sure the Mets were going to lose because they kept doing the exact wrong thing. But the hero of September 2022 for the Mets, a man who is not known for heroics, the third baseman Escobar, came to the plate in the 10th inning and hit the ball into left field, and the shortstop, Lindor, who was on second base, came around third, as the ball was coming to the plate, but the throw was off and the shortstop scored and there was pandemonium everywhere. And meanwhile in the other game, the Braves were losing, so as they say it was a win-wn. But I'm not sure I can stand the stress of the post-season that's starting in a week, but actually feels as if is already underway.

Link [Scripting News]

Another story. When I was in grad school, in Wisconsin, I lived in a house with nine other students, on West Wilson St, overlooking Lake Monona and a park with tennis courts. It was the best time of my life. Always a party to come home to, and I loved the work I was doing with computers at the university, and I had a cat named Nurse, who I brought with me to Madison from NYC. She was a great cat. When I adopted her from a cat lady in an apartment on the east side of Manhattan, who had at least 50 cats in her small apartment, she pointed out this kitten who was protecting a sickly cat from the others. That's the one I took, and I called her Nurse because that's what she was when I met her. Anyway, in Madison, Nurse found a boyfriend, I guess, and she got pregnant, and had her kittens in the big house on West Wilson. I gave her a box in the corner of my room, and people were coming in all the time to see and touch the incredible kittens she had birthed. But one morning, they were all gone! The box was empty. No Nurse, no kittens! I did eventually find her, in a drawer in my dresser which I had left open, with some socks and stuff, there she was. I didn't tell anyone because her intention was clear. Then a few days later, kittens everywhere! Nurse was sitting somewhere off on her own and the kittens were discovering all aspects of the big house they were born in and all the people. A couple of days later we put them up for adoption and Nurse went to the vet to get fixed, and when she came home they were gone and she went on with her life hunting mice and birds.

Link [Scripting News]

PS: I love to tell this story, I've told it at least two other times on my blog. Hehe.


CodeSOD: The Misleading PIN [The Daily WTF]

Tina needs to write some software that integrates with a hardware device. Thatdevice controls access via behind a PIN, and thus Tina's team needs to track the valid PIN, so that they can, via software, update or alter the PIN.

There's just one problem. That device has some opinions about how a Personal Identification Number should be represented:

/// <summary> /// Gets or sets the department PIN. /// </summary> /// <value> /// The department PIN. /// </value> uint DepartmentPin { get; set; }

I love the useless comments, but even more I love the datatype: uint.

Now, you might think the PIN 0410 and 410 should be considered different PINs, but you'd be wrong.

This gets us back to the old problem in programming: just because something is called a number doesn't mean it's a numeric type. Whether it's phone numbers, zip codes, or PINs.

Tina doesn't share what this device controls access to, but swears: "It's not our fault. We don't make the device that accepts the PIN."

[Advertisement] Keep the plebs out of prod. Restrict NuGet feed privileges with ProGet. Learn more.


Differences in App Security/Privacy Based on Country [Schneier on Security]

Depending on where you are when you download your Android apps, it might collect more or less data about you.

The apps we downloaded from Google Play also showed differences based on country in their security and privacy capabilities. One hundred twenty-seven apps varied in what the apps were allowed to access on users’ mobile phones, 49 of which had additional permissions deemed “dangerous” by Google. Apps in Bahrain, Tunisia and Canada requested the most additional dangerous permissions.

Three VPN apps enable clear text communication in some countries, which allows unauthorized access to users’ communications. One hundred and eighteen apps varied in the number of ad trackers included in an app in some countries, with the categories Games, Entertainment and Social, with Iran and Ukraine having the most increases in the number of ad trackers compared to the baseline number common to all countries.

One hundred and three apps have differences based on country in their privacy policies. Users in countries not covered by data protection regulations, such as GDPR in the EU and the California Consumer Privacy Act in the U.S., are at higher privacy risk. For instance, 71 apps available from Google Play have clauses to comply with GDPR only in the EU and CCPA only in the U.S. Twenty-eight apps that use dangerous permissions make no mention of it, despite Google’s policy requiring them to do so.

Research paper: “A Large-scale Investigation into Geodifferences in Mobile Apps“:

Abstract: Recent studies on the web ecosystem have been raising alarms on the increasing geodifferences in access to Internet content and services due to Internet censorship and geoblocking. However, geodifferences in the mobile app ecosystem have received limited attention, even though apps are central to how mobile users communicate and consume Internet content. We present the first large-scale measurement study of geodifferences in the mobile app ecosystem. We design a semi-automatic, parallel measurement testbed that we use to collect 5,684 popular apps from Google Play in 26 countries. In all, we collected 117,233 apk files and 112,607 privacy policies for those apps. Our results show high amounts of geoblocking with 3,672 apps geoblocked in at least one of our countries. While our data corroborates anecdotal evidence of takedowns due to government requests, unlike common perception, we find that blocking by developers is significantly higher than takedowns in all our countries, and has the most influence on geoblocking in the mobile app ecosystem. We also find instances of developers releasing different app versions to different countries, some with weaker security settings or privacy disclosures that expose users to higher security and privacy risks. We provide recommendations for app market proprietors to address the issues discovered.


Grrl Power #1088 – Password is “drowssap” [Grrl Power]

Back to the regular coloring for now. I’m probably going to experiment with it over the next few pages. I think the flat cell colors were nice, but would have benefitted from at least one highlights pass. I’ll find the right balance. Honestly I’d like a little more time to work on novels and other things, and I basically haven’t written anything since I released Tamer: Enhancer 2. I’ve dabbled with the opening scene for TE3 and I like how it’s started to come together, but by dabbled, I mean less than 1000 words so far.

So this was their ultimate goal. The List. As stated way early in the comic, the government doesn’t require supers to join the military or anything, but it does keep a list of them. Ostensibly, this is in case they need someone who can put out forest fires with their mind, or grant waterbreathing to everyone in a 333 yard range, or can fix all the cracks in the Hoover Dam by running his hands over them. There are probably a few people in the government who like having that list “just in case,” but this isn’t an X-Men comic. Yes, realistically there would be a lot of fear and suspicion around the existence of supers, but that’s just because people suck in general, and I’ll hint at that stuff on occasion, but the comic is mostly told from Sydney’s point of view (obviously not always, as this page demonstrates) but she’s mostly shielded from that sort of stuff due to efforts from Arianna and others. Also racism is a pretty boring reason to be a shitty person, and I like my villains to be a little bit deeper than that. I don’t feel like I can ignore it entirely as a motivation, because then it feels like I’m just denying an essential aspect of humanity? I don’t know. We’ll see.

Anyway. Yeah, so this list isn’t made public. Of course there are plenty of private citizens who have super powers who aren’t shy about letting the world know about it on social media, but there are a lot who want to keep it to themselves for various reasons. Some just want to live life as a normal person, and some realize they have some sort of power that could be exploited by bad people.

This list exists in more than just Archon HQ, but only in places like a basement somewhere in the Pentagon, Quantico, Langley, etc. But the actual FBI headquarters probably doesn’t have air vents you can drive a golf cart through, so a blitzkrieg on Archon HQ when the big guns are out was determined to have the best chance of success.

I’m not sure what ecokinesis is. Like, general environmental powers? Or maybe a superpower relating to the economy? Either way it sound OP.

Rammstein was awesome. We were in the third row, but that was off to the side, not in the “splash zone” pit right in front of the stage. I’d guess we were… 150 feet from the stage? I wore earplugs the whole time because my family has a history of hearing loss, and I want to be able to hear things when I’m 90. Honestly I forgot they were in most of the time. It was still sternum rattlingly loud. I kept thinking, “This man needs CPR, quick, get him to a Rammstein concert!” Watching people in the audience and guessing what they were on was at least as fun as the show. There was a woman in the front row who hung on to the railing and headbanged the whole time. I was like, “Hey, good for her for not getting a migraine from that.” I’m no expert on drugs, but at a minimum, I’d guess some amphetamines were involved. Four seats over was a guy with his head tilted back and his arms up in the air slowly dancing in a circle most of the concert. For him, I’d guess weed, a little ecstasy, and half a Xanax. Or, hell, I don’t know. Peyote and redbull? I am not a drug knower person.

Most everyone there was wearing black, because German Metal, but down in the stage pit, there was one woman with a very Barbie/Bimbo body – probably fake boobs, tiny waist, mid-back blonde hair, and she was wearing a latex pink mini dress and thigh high latex stiletto heels, and she spent a lot of time dancing around very sexily while her short-haired friend filmed her. I couldn’t help but think, “She definitely has an OnlyFans page, and her attractive if slightly more butch friend does all the technical stuff for her.” I pointed her out to my wife and she had the exact same thoughts, so I’m fairly confident my scenario is accurate.

The September Vote Incentive is up!

Thank you guys so much for your patience. I hope it was worth it. It took a lot of research online to find just the right references for this piece. Toil toil. :D

Enjoy variant outfits and lack thereof over at Patreon.



Double res version will be posted over at Patreon. Feel free to contribute as much as you like.


Extensions and souvenirs [Seth's Blog]

When a brand is successful, there’s often a desire to extend it.

Disneyland was an extension of Disney movies. It reflected some of the magic of the movies, but created something new and valuable as well. Disneyland had some of the Disney essence and then built something additive and new.

Apple did the same thing with the iPhone in extending the brand of the Mac.

On the other hand, the new Leica watch is simply a souvenir. It’s not a better watch. It’s not more of a Leica than any of a dozen other overpriced watches could be seen to be. It’s simply there to remind you that you liked the original. It’s a souvenir of a feeling, not the creator.

Nothing wrong with a souvenir. I’m sure Leica will make a profit from their watch with little damage to the promise that the brand itself makes. But make too many souvenirs and you become a hollow shell, wasting the chance to make the change you seek.

The crappy t-shirt you bought at your favorite musician’s concert is a souvenir, but they shouldn’t count on that as their legacy or the engine of their growth.

All day, individual creators have to make choices about what they’re going to do next. Sometimes we can create an extension. And sometimes, we decide to make a souvenir instead.


Bike Race: a story [Nina Paley]

Your not-so-humble correspondent. Charleston, IL. Sept 24, 2022.

“Tour de Charleston,” someone posts on a fecebook bike forum.
“Will there be gravel?” I ask.
“No gravel! And the course will be swept.”

So I visit the web site. There are 3 races: 12.5-mile, 25-mile, and 62.5-mile, a metric century. Prizes are awarded in male and female divisions, in several age categories. I make a calculated guess that the metric century would have the fewest competitors of my age group. I pay the $50 fee and register for my first ever bike race.

My plan is to bike down to Charleston Friday, stay overnight at my friend Lorelei’s place, bike to the race Saturday morning at the crack of dawn, bike back to Lorelei’s after for another night, and bike home Sunday. The weather forecast grows adversarial as race weekend approaches. When the fateful Friday finally arrives, headwinds are from the south. It’ll be a long and challenging 50 miles down on my road bike (a titanium long-wheelbase recumbent called a Ti-Rush). In such a scenario, I decided, I would take my velomobile instead.

My 3-wheeled, fully-faired Sinner Mango velomobile was already named Frosty when I bought her, used, in Jackson MI in 2015. I have since dotted her white exterior with red retroreflective stickers, but kept the name in spite of suggestions to re-christen her “Measles.” Built in the Netherlands about 12 years ago, Frosty is ideally suited for strong winds on flat roads — in other words, Champaign County, Illinois, where I live. I confirm with the race organizers she will qualify; they don’t allow eBikes, but Frosty is 100% human powered, no pedal assist. Frosty holds more cargo than my road bike, so I pack up a few days clothing, 6 bottles of chocolate Soylent meal-replacer shakes, some protein bars and hydration mix packets, a bag of Chex Mix, a pair of walking shoes so I don’t have to scrape around in my cleated bike sandals, and a helmet. Frosty can’t be fallen off of like an upright bike; she could theoretically tip on a fast curve, but I’ve never done that, and even if I did, I’d go sideways rather than over the non-existent handlebars. So I never wear a helmet in Frosty. But I will for this race, because they are mandatory. The helmet is stuffed awkwardly next to my recumbent seat, brushing against my right leg as I pedal.

Frosty between Urbana and Charleston, IL. September 23, 2022

The ride down is uneventful, cool and cloudy, mostly flat but with sub-optimal road surfaces. First Street is mostly cured chipseal – pea-sized gravel set in tar – in various states of roughness. I occasionally hit a few miles of smooth surface, enjoying sweet relief as the droning vibrations and rattles give way to relative quiet, until the next rough patch.

47 miles later, I meet Lorelei for lunch at Siam Thai. I leave Frosty in her blacksmith shop downtown, and she drives me in her truck to Pasture Prime, her magnificent paradisical country home. But I don’t wander the trails or swim in the pond this time; it’s cold and I’m tired. I just take a shower and read in bed, until the half-Dramamine kicks in and I fall into an early sleep.

And then it’s race day! I’m awake half an hour before my phone alarm sounds at 6am. By 6:30 I’m packed, Lorelei has her travel mug of coffee, and we head back to her shop. There, I drop off my overnight stuff, exchange my walking shoes for bike cleats, and roll Frosty down to City Hall to pick up my registration packet.

Dawn at Five Points Blacksmith Shop, Charleston, IL, Sept 24, 2022.

I see a table with bottled water, bananas, and cliff bars. When I reach the front of the line I’ve been waiting in, a volunteer tells me, “oh, this is the line for volunteers! Registration pick-up is inside.” So I enter the building behind the table, climb the stairs, and find my alphabetically-organized packet section at the registration desk. A volunteer hands me a large brown envelope and a bright green nylon swag bag. “Can you hang onto this bag until after the race? I don’t want to have to carry it with me the whole way.” The volunteer agrees, which is nice of her. I guess everyone else brought a car to stash bags in.

Back downstairs I see Bart, another cyclist from Champaign-Urbana. I ask him if I can have a ride back to CU, in case I’m too tired to bike home this afternoon. He agrees, we’ll exchange phone numbers later.

My envelope contains a microchip timer embedded in die-cut paper with adhesive, to stick to my helmet. I see some cyclists have stuck theirs to the outside of their helmets, but previously I’d read they’re supposed to go inside. There are instructions, but I don’t read them. My mind is already entering “bike mode,” concerning itself with physical matters like pulling off layers to regulate temperature; reading instructions is far too intellectual. Eventually I just stick the chip thingy to the inside of my helmet and hope for the best.

The official photographer is taking pictures of Frosty. “Your bike is the star of the show!” he says. An older cyclist examines Frosty’s insides, and I demonstrate the steering column, while other bystanders ask questions. “It’s a bike.” “It’s a bike.” “Yes, it’s a bike,” I say over and over. The vibe is festive and friendly. More cyclists arrive.

By very good fortune, last night I was able to download the route and a monthlong trial of the “Ride With GPS” app needed to run it, with nothing but two bars of phone connection at Lorelei’s. I pedal around the block and get “off course” notifications. Where is the race start? There’s a big scaffold gateway with a digital clock in front, but someone tells me that’s the finish. A block away, a fire truck is hoisting a huge American flag, and I see most of the cyclists congregating near it. Ah, that’s the start.

The Metric Century was supposed to begin at 7:50, but it’s already 7:53 as we crowd up before the flag. I hear some announcements, including, “chipseal…be careful.” Oh, NOW they tell us? Velomobiles like Frosty are terrible on chipseal; they lose traction and fishtail around.

Just before the start of the 2022 Tour de Charleston. I don’t see any other middle-aged women here. Do you?

I only see one other woman at the start. She looks to be in her early 30’s. Am I the only 50-59 year old female here? Looks like it. Good news.

The sound system plays Queen’s “Bicycle Race” after they announce a delay due to some last-minute registrants. The song is cut short by a synthesizer rendition of the Star Spangled Banner. Some cyclists remove their helmets and place their hands over their hearts; I am not one of them. At 7:59, we are off on what’s called a “neutral start.” A guide truck leads the way, cyclists following for about a mile. I am at the end of the pack, because a velomobile is awkward among uprights, which usually form a paceline or “peloton.” I fall further and further behind, but the voice guidance has kicked in on my phone’s GPS app and I know where to turn even when I lose sight of the riders in front of me.

After a mile, the guide truck is gone, the fast cyclists are barely in view, and I am on my own. I remain in sight of the others for another mile or so, winding around neighborhood streets. There’s a steep downhill and I zoom, passing someone for the first time. Then there’s a steep uphill and I slow to 1.5 mph while everyone else leaves me behind. Velomobiles are terrible on hills. Frosty weighs 70 pounds, and that’s what I’m pumping up this mind-bogglingly steep grade in my lowest gear, legs shaking from the strain. There are no hills like this in Champaign county.

After that first climb I am panting, legs still shaking, but I can catch my breath as I’m no longer at peak exertion. The course is flat for a while; I can see another cyclist about a mile ahead. Then downhill again, and I almost catch up. Then uphill again. Oh god my legs. I am not used to this. This is not velomobile territory. But I knew Charleston had hills. I just didn’t know the course would maximize them, switching back and forth to hit every possible grade. Not complaining, just slowing down. I remind myself I’m almost certain to win even if I’m extremely slow, due to the dearth of women in my category.

The sun is climbing too, and I’m glad I removed my wool jacket and leggings right before the start. I remind myself to enjoy the scenery. I am grateful for the automated voice guidance; the mostly-unmarked course has dozens of turns and is not intuitive.

I am grateful for the lovely scenery. I am grateful for this nice road. I am grateful for my health and this velomobile. I am grateful for WHAT THE FUCK WHAT IS ALL THIS GRAVEL DOING HERE? Suddenly I’m fishtailing around in deep, coarse pebbles. Is this what they meant by “chipseal”? Chipseal is pea size gravel on tar. This is more like…brussels sprouts? No, I exaggerate due to stress and anger; it’s more grape-and-cherry-sized. Maybe it will only last a mile. I slow down to 6-10 mph, faster than I’d take this hot mess if not racing. If not racing, I’d find a paved turnoff as soon as possible, and reroute to avoid more of this hazard. But I am racing, and the GPS app’s voice instructs me to stay on it. Now I’m going downhill, applying the brakes to avoid spinning out of control. Over a little gravel-coated culvert, and now it’s uphill, and I stop moving because the drivewheel can’t get traction on this GARBAGE ROAD SURFACE THE TOUR ORGANIZERS LIED THEY ARE LYING LIARS THIS IS UNACCEPTABLE

Gravel. Coles County, IL, Sept 24, 2022

I tighten the parking brake and get out to push Frosty uphill. A mile later, the hell-road finally, mercifully ends, and Ms. GPS directs me onto a wide, paved, 2-lane road. I will never take pavement for granted again. I haven’t flatted yet – I am lucky. Gravel wears down those little 20” tires fast; almost every flat I’ve suffered has been on or just after a stretch like that. But the worst is over, I think, and even though I can no longer see any sign of the other cyclists anywhere, I pedal along feeling relief after my ordeal.

Until the next right turn, which puts me back on more of the same gravel. I remind myself I will win my category just for finishing, regardless of speed. So I slow way down, indulge some vengeful thoughts about the route planners, and proceed, again stopping and walking on an uphill. By the time this stretch ends, I am resigned to my gravely fate. But the road is smooth for a while, and I appreciate it.

I’ve now completed almost half the course, and am wishing I’d stashed one of those free bottles of Power-Ade on the snack table. I’m chugging through my two water bottles quickly. Will I have to stop at a store somewhere? Why have I seen no water stops? Where is everyone? Then I see an official-looking volunteer in an orange vest at the next intersection. She’s holding up a stop sign to cross traffic and waving me through! Even though I’m miles behind the peloton, they waited up for me. All is not lost. A few miles later another orange vest does the same, and I ask him where I might find water. Right there! he says, pointing to a table in front of a church. I hop out, throw a couple bottles into Frosty, and am back on my way. Were I not in a race I would take a 10-minute break here, enjoy a snack and take off the socks I wear inside my bike sandals. But I am in a race, so on I go.

This is where the GPS app starts lying to me. “Turn right,” she says. So I do, and then the “off course!” alarm sounds as I’m headed down a gravel lane. I stop, pull out my phone, and look at the course. Why did she tell me to turn right? I turn around and when I reach the main road again, I get the “back on course!” chime. Thanks, but why did you tell me to turn? A few miles later, same thing happens. I am stopped in a small town on a small detour the app sent me on and then chastised me for. Who made this route? Did they program in tiny little errors to dupe newbies like me? I indulge in a few vengeful thoughts, but I just can’t hold onto them. That’s why I got into cycling in the first place: it clears nasty (and all other) thoughts right out of my head. I have no time nor energy to dwell on resenting the route programmer. I will merely slow down and visually check the route at every voice cue. After all, I’m going to win my category, I just need to stay the course.

Having outsmarted my route-misprogramming nemesis, I ignore the next few instructions to turn right. Every once in a while there is a sign with an arrow confirming a turn, but not often. Then there are some more orange-vested volunteers waving me over a busy road. And now there’s some chipseal – real chipseal, slippery and dangerous but not like the 6 miles of coarse oily gravel from earlier. I can handle this chipseal, even though I still fishtail a bit, and slow way down, and my drivewheel spins a little.

And what’s that up ahead? Another cyclist! By doG, I’ve caught up with one. I unconsciously cry out when my drivewheel slips on a little gravel patch – I almost hyper-extend my knee, I hate when that happens – and he looks behind, startled. In a few minutes I pass him. “How you doing?” he asks. “Very tired,” I answer, which might come off as disingenuous because now I’m ahead of him. But I am tired, so very tired. Oh god here’s another hill. I’m so slow, he’s catching up. But now I’m over, and zooming downhill with Frosty’s 70 pounds of inertia, and in a few miles he’s no longer visible in the rearview mirror.

Now I’m heading north, counting the miles to the finish. 20, 15. In 8 miles I should recognize the roads, since the last stretch covers the familiar route from Lorelei’s place to downtown Charleston. Where am I? I still haven’t taken off my socks, it’s too warm for them, but I mustn’t stop. Don’t forget to notice the scenery! It’s a pretty area. 7 miles, 6 miles…

My bib number is 54 — same as my age. Auspicious. While I eagerly anticipate finishing, I also want to savor this time. I won’t be outdoors in pretty scenery on a perfect September day forever. I won’t be 54 forever; I only have half a year left of that. Then I will be 55, then I’ll be in my 60’s, my 70’s, how many more years will I even be able to bike? I am as young and healthy as I will probably ever be, right now. Hurry up and end, I think, as the miles count down, but also please last forever.

It’s good to be 54. Tour de Charleston, IL, Sept 24, 2022.

The sun hits my bib number, a piece of yellow kevlar pinned to the front of my shirt, making it bright and visible, and my helmet (which I’ve really wanted to take off and stash next to me, but haven’t due to fear of surveillance) signals that this odd suppository-shaped contraption is in fact a bicycle, and as I pass a yard sale everyone gives me the thumbs up. I’m a racer, in a race! A few years ago I volunteer marshaled at the Illinois Marathon in C-U, riding this very same velomobile, to support the racers and track down stragglers. Now I’m one of the stragglers, getting support! As I get closer to the finish there are more volunteers waving me across roads. I’m increasingly confused about where to turn – has Ms. GPS lost her voice? – but there are signs now, and more orange vests, and one directs me to turn left, saying, “straight down to the finish!” A few bystanders give me the thumbs up and clap. I must be an hour later than the other racers. There’s the finish, with a bunch of people clapping. I roll through. I did it!

No sooner do I turn Frosty around to join the crowd than the master of ceremonies announces the winners. I park, and guzzle the two bottles of water I picked up. Snacks, I need snacks. Bart wants to exchange numbers but I am too confused, I can’t even converse let alone fiddle with my phone. Volunteers are packing up the snack table but I grab a bottle of red Power-Ade, eschew a banana, and remember my Soylent shake, all 320 calories of which I chug in about 30 seconds. A group of women have questions about the velomobile, and I say, “gimme ten minutes, I’m too spaced out just now.” Bart is declared winner of the men’s 50-59 division. He hands me his phone to take a picture as he strides to the podium. I’m still not ready to fiddle with a phone so I hand it to the kid on my left, who just won the under-18 division, and he snaps the pictures. Bart returns with his shiny gold plastic cyclist figure atop a sparkly plastic column mounted on a little marble rectangle. I’m gonna get one of those, I realize. Then they call my name, I mount the little painted wood podium, the photographer takes my picture, and that’s it.

Bart Tate and Nina Paley show off our magnificent Tour de Charleston trophies. Sept 24, 2022

Bart and I take selfies together holding our trophies. I finally work my phone enough to exchange numbers. The women who wanted to ask me about Frosty are gone.

How am I going to get home?

I can leave Frosty at Lorelei’s and Bart can give me a ride later tonight. That will spare me tomorrow’s fierce headwinds, but I’ll have to find someone to bring me back down later, when there’s a southerly wind to ride Frosty back. Bart wonders if Frosty might fit in his pickup, so I roll her a couple blocks to where he’s parked and try. Doug from Champaign is also there, and helps lift Frosty in and out of the small, covered flatbed. Frosty is too big, even on her side. Getting home will be complicated. Doug and Bart depart and I pick up my overnight bag and shoes from Lorelei’s shop. I cram everything in so messily that Frosty’s drivetrain grinds and skips – something is interfering with it. I pull off the road and re-pack.

Lunch occurs to me. I’d forgotten I need to eat actual food. I pedal a mile to Siam Thai, my favorite, and get tempura eggplant and shrimp spring rolls. Not my usual vegetarian rolls, oh no – I’ve exerted myself, I’m gonna eat my fellow animals for protein, in the form of 3 entire shrimps. I put my trophy on the table and text pictures of it to Lorelei, my Mom, Corinna. I eat, I rest, my mind returns, I feel normal again.

Lunch of Champions. Siam Thai, Charleston, IL, Sept 24, 2022

It’s only 2pm. The wind is from the west-southwest. I could ride Frosty all the way home. That would be crazy, but it would simplify things – no worries about storage or arranging rides to and from. So instead of turning east to Lorelei’s, I turn north. Let’s just see how it feels, just go a mile or two, if you’re too tired just turn around. On the edge of town I text Bart and Lorelei that I’ve changed my mind, I’m heading home, I promise to take it slow and easy. And that is how I end up throughly exhausted, legs and glutes sore, a 113-mile day. “Just make it home, then you can rest,” I promise myself as the remaining miles count down from 45, to 30, to 20, to 10, oh those last 10 are the longest. Rest tonight, rest tomorrow, the whole week, the rest of the year. Bike season is over, good way to end it, I will never have to bike again.

I won my first and only bike race, and I want to quit while I’m ahead.


The post Bike Race: a story appeared first on Nina Paley.

Page 43 [Flipside]

Page 43 is done.

Wrapping up Ten Years of Guix in Paris [Planet GNU]

Two weeks ago, some of us were in Paris, France, to celebrate ten years of Guix! The event included 22 talks and 12 lightning talks, covering topics ranging from reproducible research on Friday and Guix hacking on Saturday and Sunday.

If you couldn’t make it in Paris, and if you missed the live stream, we have some good news: videos of the talks and supporting material are now available from the program page!

If you weren’t there, there are things you definitely missed though: more than 60 participants from a diverse range of backgrounds—a rare opportunity for scientists and hackers to meet!—, impromptu discussions and encounters, and of course not one but two crazy birthday cakes (yup! on one day it was vanilla/blueberry-flavored, and on the other day it was chocolate/passion fruit, but both were equally beautiful!).

Picture of the Guix birthday cake.

There are a few more pictures on the web site.

It might seem a bit of a stretch at first, but there is a connection between, say, bioinformatics pipelines, OCaml bootstrapping, and Guix Home: it’s about deploying complex software stacks in a way that is not only convenient but also transparent and reproducible. It’s about retaining control, both collectively and individually, over the “software supply chain” at a time when the most popular option is to give up.

We have lots of people to thank, starting with the speakers and participants: thanks for sharing your knowledge and enthusiasm, and thank you for making it a warm and friendly event! Thanks to the sponsors of the event without which all this would have been impossible.

Special thanks to Nicolas Dandrimont of the Debian video team for setting up the video equipment, tirelessly working during all three days and even afterwards to prepare the “final cut”—you rock!! Thanks to Leo Famulari for setting up the live streaming server on short notice, and to Luis Felipe for designing the unanimously acclaimed Ten Years of Guix graphics, the kakemono, and the video intros and outros (check out the freely-licensed SVG source!), all that under pretty tight time constraints. Thanks also to Andreas Enge with their Guix Europe hat on for addressing last-minute hiccups behind the scenes.

Organizing this event has certainly been exhausting, but seeing it come true and meeting both new faces and old-timers was a great reward for us. Despite the occasional shenanigans—delayed talks, one talk cancellation, and worst of all: running out of coffee and tea after lunch—we hope it was enjoyable for all.

For those in Europe, our next in-person meeting is probably going to be FOSDEM. And maybe this will inspire some to organize events in other regions of the world and/or on-line meetups!

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the Hurd or the Linux kernel, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, AArch64, and POWER9 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

Free Software Directory meeting on IRC: Friday, October 28, starting at 12:00 EDT (16:00 UTC) [Planet GNU]

Join the FSF and friends on Friday, October 28, from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.

Free Software Directory meeting on IRC: Friday, October 21, starting at 12:00 EDT (16:00 UTC) [Planet GNU]

Join the FSF and friends on Friday, October 21, from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.

Free Software Directory meeting on IRC: Friday, October 14, starting at 12:00 EDT (16:00 UTC) [Planet GNU]

Join the FSF and friends on Friday, October 14, from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.

Free Software Directory meeting on IRC: Friday, October 7, starting at 12:00 EDT (16:00 UTC) [Planet GNU]

Join the FSF and friends on Friday, October 7, from 12:00 to 15:00 EDT (16:00 to 19:00 UTC) to help improve the Free Software Directory.

Joe Marshall: Observationally Functional [Planet Lisp]

A couple of years back I wrote a Java microservice that talks to Jenkins to find the state of a series of builds. The code was structured to be “observationally functional” — there were plenty of side effects, but the main data abstractions behaved as if they were immutable as far as the abstract API was concerned. This allows us to treat code that uses these objects as if it were pure functional code.

If a data structure is observationally functional, then regardless of what the implementation does, there is no way to observe side effects at the abstract level. Primarily, this means that if you call a function twice with the same arguments, you always get the same answer. (This implies, but it isn't obvious, that calling a function should not mutate anything that would cause a different function to change.) This restriction has a lot of wiggle room. You can certainly side effect anything local to the abstraction that doesn't get returned to the caller. You can side effect data until the point it is returned to the caller.

The main data abstraction my microservice works with is a representation of the build metadata tree on the Jenkins server. The higher level code walks this tree looking for builds and metadata. The code maintains the illusion that the tree is a local data structure, but the implementation of the tree contains URL references to data that is stored on the Jenkins server. As the higher level code walks the tree, the lower level code fetches the data from the Jenkins server on demand and caches it.

Writing the code this way allows me to separate the data transfer and marshaling parts from the data traversal and analysis part. The tree, though it is mutated as it is traversed, is immutable in the parts that have already been visited. The caching code, which actually mutates the tree, needs to be synchronized across multiple threads, but the traversal code does not. Nodes in the tree that have already been visited are never mutated, so no synchronization is needed.

Once the caching tree abstraction was written, the higher level code simply walks the tree, selecting and filtering nodes, then reading the field values in the nodes. But the higher level code can be treated as if it were pure functional because there are no observable side effects. An advantage of pure functional code is that it is trivially thread safe, so my microservice can run hundreds of threads in parallel, each walking separate parts of the Jenkins tree and none interfering with the other. The only part of the code that uses synchronization is the tree caching code.

This implementation approach was quite fruitful. Once the code was tested with a single thread, it was obvious that multiple threads ought to work (because they couldn't observe each other's side effects) and when I turned the thread count up, no debugging was necessary. The code has been running continuously with dozens of threads for the past couple of years with no timing, synchronization, or race condition bugs.

Link [Scripting News]

Okay here's a problem. Axios has a feed. Here's the url. When I view it in the browser it shows up fine. Even view source. If I bring it to the W3C feed validator, it can read it and says it's a valid RSS feed. But when I try to open it in my feed reader I get a 403 Forbidden. I assume they're only allowing some services to read their feed? I've never seen this behavior before. Anyone have an idea what's going on? (Update: In this thread Scott Hanson has the answer. They serve through CloudFlare, and they require a CAPTCHA for requests coming from Digital Ocean, and my servers are there. With that info we were able to add a route-around, so now we're receiving Axios news in our feed system.)

Link [Scripting News]

I hate it when people refer to me in the past tense. That's been going on for at least 40 years, and mostly by people who are trying to steal my ideas and claim them as their own. The world is filled with scummy people like that.

Link [Scripting News]

Believe it or not this was written by a NYT reporter: "Please Twitter, leave [Maggie Haberman] alone. Trump lost the election, for God's sake. If Maggie had told you a little bit more before the election (she told you a lot, btw), what, you think Trump would have lost ... twice?" Where do they find these people. It's amazing to me that the NYT doesn't fire both of them. I took a screen shot in case he deletes the tweet. I wrote this post yesterday about Haberman.

Link [Scripting News]

I've tweeted on this subject many times and every time I do it gets Liked and RTd far more than most of my other tweets. Here's the idea: "Twitter should warn you that the link you’re about to click has a paywall and that all you’ll see is an offer to subscribe." Reminds me of a story I heard from a PR person I hired when I was miscast as the CEO of a software company in the 80s. I was paying them $5K per month, plus hourly fees and expenses. The $5K was due whether or not we used them that month. Since we were usually short on money, I was always thinking of cutting that expense, but I didn't because when we needed them they got us far more coverage than a little company like ours could command on our own. The CEO of the firm said to me once that I was not the customer, even though I was paying them so much money. The reporters were the customers. People like you come and go, she continued, but I have to keep the relationship with the reporters going no matter what. I think it's like that with Twitter and the people who click on links. Every time Twitter lets them use us this way, we hate Twitter a little more. We become more averse to clicking links. Just sayin, they don't have a business if they don't have our attention, and they're burning it, every time an advertiser wastes that attention, not to mention it's incredibly wasteful of the advertiser's money. This problem desperately needs a solution. The users want to pay money for news, but the offers the 8000 pubs that occasionaly have a must-read article are ridiculous.

Link [Scripting News]

My blogging comes and goes. Some days I am hunkered down working on software so no blogging. Some days I'm running around buying and selling things. Again, no blogging. And some days I have a lot to say. So far today is one of those days.

Link [Scripting News]

We need better metadata on RSS feeds. Maybe something like Wikipedia for feeds where we fill in missing data. Better descriptions of what's in the feed. Who writes, what they write about. Something like Metacritic.

Link [Scripting News]

Twitter — ads that lead to the paywall of a publication are mean and stupid. They managed to convince us to buy their product, but they won't sell it to us. It's as if you go to the supermarket and want to buy some apples but they will only sell you a truckload of apples, not one or two.

Link [Scripting News]

I don't have enough blogs in my bloggers tab.

Link [Scripting News]

Twitter tip from Andy Piper. If all you have is the ID of a tweet, how to get its url? If you look at a Twitter url, there's a screenname in there. So how do you find the name of the person who posted tweet whose id is 1574769537244958720. Turns out you don't have to. Make up a name like mamamia, and form the url like this. It'll find the tweet for you and redirect to the actual users screen name. Nice little hack.

Link [Scripting News]

When a reporter starts thinking of themselves as a player that's time to resign and run for office or get hired onto the staff of one of the companies or people they report on. In other words, get in the game, honestly.

Link [Scripting News]

It's great that Substack has a new simple browser-based reader. Feedly might be too much for a new feed user. And Substack comes with a lot of news sources already programmed in. If I were in charge of Feedly, I'd do a "lite" product that's free, does everything Substack's reader does, includes all the Substack feeds. And of course the upgrade to the full Feedly would be easy. Substack is going down the same path we went down with Radio UserLand in 2002. It does both reading and writing. That's a big deal.

Kavanaugh v The Women [Scripting News]

One of the SC justices who voted to overturn Roe v Wade.

Why Do Birds Suddenly Appear…? – DORK TOWER 27.09.22 [Dork Tower]

Help keep DORK TOWER running! Join our Patreon community, and ENLIST IN THE ARMY OF DORKNESS TODAY!

Want this or any DORK TOWER strip as a signed, hight-quality print? Now available!  LOOKIE HERE!

Twitch Does a Chokepoint Capitalism [Cory Doctorow's]

A modified version of the Beacon Press cover for 'Chokepoint Capitalism' featuring the title and a stylized horizontal hourglass graphic; the logo for Twitch is superimposed over the pinch-point and the wordmark for Twitch is beneath it.

When Amazon bought Twitch, the story was that the new conglomerate would be more efficient and that would benefit everyone – streamers and audiences. That’s the story we hear about every anticompetitive merger, and it’s always a lie.

One major efficiency that the Amazon-Twitch merger was supposed to produce? Lower bandwidth costs. That’s one of the largest expenses associated with running a streaming service, after all, and Amazon Web Services is the 800lb gorilla of cloud computing. They’ve bought or built tons of infrastructure, and even for parts of the stack they don’t own, they are so big they can demand preferential treatment.

Hypothetically, cheaper bandwidth leaves more money on the table for the creative workers whose labor generates Twitch’s revenue, but that’s not how it’s played out. In incredible blog post explaining why Twitch is unilaterally canceling its highest-tier royalties, company president Dan Clancy blames the change on the cost of bandwidth:

With most streamers, Twitch takes half the money they earn. That’s a big chunk, which Clancy justifies by citing “continuous investments in the products and people that make your growth possible.” He describes some new features that have increased the revenue per audience member since Amazon’s 2014 acquisition of Twitch.

But for Twitch’s most valuable streamers – the ones it courted most aggressively – there’s a better revenue split: 70/30 (the worker gets 70%, while Amazon takes 30%). These are the deals that Clancy is unilaterally cancelling.

Clancy says it’s not fair that the company’s favored streamers should be earning more than the majority of streamers, which is a pretty good point. What he doesn’t explain is why the solution to that unfairness isn’t to just give all the streamers a 70/30 split – especially in light of all the new revenue he boasts about.

After all, nearly all of Twitch’s costs are fixed – adding a new monetization feature costs the same whether there are a million Twitch streamers or just two of them. That means that every streamer boosts the dividends from new monetization features.

The major variable cost for Twitch – the cost that changes based on the number of streamers on the service – is bandwidth, which may be why Clancy blames the clawback on it. But this is weird. As Sam Biddle wrote, “Amazon is charging Amazon so much money to run the business via Amazon that it has no choice but to take more money from streamers.”

It’s not a very plausible explanation, especially when there’s a far simpler one sitting right there: Amazon is cutting the wages of its workers because it can. The streaming industry is highly concentrated, and Amazon is the largest player. It’s where audiences go to get their streams, so streamers who want to address that audience need to submit to whatever terms Amazon imposes. Whatever negotiating leverage creators were able to exert at the start of their tenure on Twitch has been incinerated by the growth of Amazon’s market-share, and so Amazon has torn up its contracts and handed those creators new ones.

There’s a name for an economic arrangement where there are just a few buyers, and they put the squeeze on sellers: a #monopsony. In the economic literature, monopsonies are considered especially dangerous because they are able to extract concessions from their suppliers far more easily than monopolies (concentrated sellers) can from their customers. Monoposonists who represent just 10 percent of their sellers’ business can start turning the screw.

Amazon’s pretty frank about this. In its own investor presentations, it describes its “flywheel”: bring in customers by subsidizing below-cost prices, lock those customers in with Prime, then extract price concessions from businesses that have to use its platform to reach those locked-in customers:

This flywheel is at the center of California’s antitrust case against Amazon, where Attorney General Rob Bonta argues that the company claims so much of its sellers’ revenues that they have no choice but to raise prices, and that those higher prices spill over to all retailers, thanks to Amazon’s “most favored nation” contracts:

For 40 years, the entertainment industry has grown ever larger and more profitable, even as the share of those profits going to artists has fallen and fallen. To solve this, legislatures have granted creators more copyrights – longer terms, lower barriers to enforcement, higher penalties for violations – and yet, the problem has only worsened.

There’s a reason for that: the major factor in suppressing creative workers’ wages isn’t copyright infringement, it’s monopsony. With four major publishers, three studios, three labels, one trade book distributor, one cinema chain, etc, there are innumerable chokepoints between creators and artists where giant companies can simply demand that creators hand over whatever copyrights they’ve been given, along with the lion’s share of the revenue those copyrights generate.

That’s the thesis of “Chokepoint Capitalism: How Big Tech and Big Content Captured Creative Labor Markets and How We’ll Win Them Back,” a new book that Rebecca Giblin and I have coming out on Sept 27 from Beacon Press:

Our book is split into two parts. In the first half, we unpick a representative sample of the scammy accounting practices and shade contracting terms that different tech and entertainment giants use to screw creative workers, from ad-tech to Spotify to DRM-based lock-in to the unbelievably crooked “packaging fees” that prompted every Hollywood screenwriter to fire their agents on the same day and embark on a grueling two-year strike:

In the second half, we address ourselves to detailed, shovel-ready, technical proposals to put the brakes on those anticompetitive flywheels and put groceries in creative workers’ fridges; proposals like declaring NDAs over accounting fraud unenforceable in California, Washington and NY, the three states where most creative contracts are signed:

This half of the book is devoted to structural changes, because market concentration is a structural problem. As we see with Twitch, even if you’re the kind of streaming superstar who can demand a 70/30 split at the outset, the instant a company’s market share lets it demand a worse deal for you, you will lose your premium.

One of the best moments in the development of this book was when an editor rejected it, saying he liked it a lot but was disappointed that all our remedies were about structural change, not actions individual fans and creators could take on their own. We were like, “He’s so close to getting it!”

Just like you can’t recycle your way out of the climate emergency or shop your way out of a monopoly, you can’t individually bargain your way out of a buyer’s market for your labor. This is a lesson that the labor movement learned a long-ass time ago, but 40 years of neoliberal brainwashing has left many of us unable to imagine that we’d act as a movement, rather than as a bunch of individuals.

But you know who hasn’t forgotten that lesson? The buyers for our labor – and for all labor. Everywhere we see private equity financiers buying up companies, loading them with debt, and paying themselves stiff “management fees”, the first casualties are the workers in those companies.

But after the workers are screwed over by monopsony, the new owners start to use their monopoly power against their customers – think of how Amazon used its investors’ cash to subsidize the price of goods, locking in customers, then charging its suppliers such high fees that they had to raise prices.

The last chapter of Chokepoint Capitalism describes how the plight of creative workers is part of a cross-industry sickness, where concentrated buyer power for labor hurts all kinds of workers. Creative workers are very vulnerable to this because people make art because they can’t help themselves, which means that companies can offer the most abusive contracts and still get takers (“What, and quit show-business?”).

But there are many such professions. Workers in the “caring industries,” such as healthcare, show up for their patients, even when their bosses are driving them into the poorhouse. That’s partly why private equity is so obsessed with buying up and merging hospitals – they know they can cut pay for healthcare workers and many of them will still report for work:

Rebecca and I are on the road with the book right now. Tonight (Sept 27), we’ll be at Beverly Hills Public Library, where David A Goodman – who led the Hollywood writers’ strike – will host us at an event jointly presented with Book Soup:

I’ll also be in Miami on Oct 12 at the great Books and Books in Coral Gables:

Why does COM express GUIDs in a mix of big-endian and little-endian? Why can’t it just pick a side and stick with it? [The Old New Thing]

Wikipedia claims that the COM textual representation of GUIDs is mixed-endian.

Is it, really?

No, it is little-endian all the way. But if you don’t understand how GUIDs are formed, it might look like some parts are big-endian.

The parts of a GUID as defined in the specification are

Field Type
time_low 32-bit integer
time_mid 16-bit integer
time_hi_and_version 16-bit integer
clock_seq_hi_and_reserved 8-bit integer
cloc_seq_low 8-bit integer
node 6-byte MAC address

The GUID structure breaks it down as

struct GUID
    uint32_t Data1;
    uint16_t Data2;
    uint16_t Data3;
    uint8_t  Data4[8];

Let’s line up the two pieces against each other.

Field Type Structure
time_low 32-bit integer Data1
time_mid 16-bit integer Data2
time_hi_and_version 16-bit integer Data3
clock_seq_hi_and_reserved 8-bit integer Data4[0]
cloc_seq_low 8-bit integer Data4[1]
node 6-byte MAC address Data4[2..7]

If you print out each piece of the GUID structure, with hyphens between each part, then you get


Notice that everything is still little-endian. We didn’t have to do any byte flipping when printing:

    Data1, Data2, Data3,
    Data4[0], Data4[1], Data4[2], Data4[3],
    Data4[4], Data4[5], Data4[6], Data4[7]);

My guess is that the folks who designed the string format thought there were too many dashes, so they removed the byte dashes, except for the one that separates the clock bytes from the MAC address.

    Data1, Data2, Data3,
    Data4[0], Data4[1], Data4[2], Data4[3],
    Data4[4], Data4[5], Data4[6], Data4[7]);


The result is that the last two pieces of the stringified GUID look big-endian, but they’re not. They’re just little-endian with some dashes missing.

The post Why does COM express GUIDs in a mix of big-endian and little-endian? Why can’t it just pick a side and stick with it? appeared first on The Old New Thing.

Microspeak: Break glass [The Old New Thing]

During the product endgame, the ship room accepts fewer and fewer bugs, until you reach a point where the product is basically finished, and only a catastrophic issue would be accepted for a bug fix.

But it’s not that teams have stopped doing work. Bugs are still being reported, and teams investigate and assess the problems and the potential fixes. Even if the fix doesn’t get accepted by ship room for the initial release, it can be brought to the servicing team for incorporation into a future update.

Recently, the term “break glass” has gained currency for the case of accepting a change to a product that everybody thought has reached its final build. As a result, the build lab has to spin up one more build, everybody has to update their documents where they had written what they thought was the final build number, and a new round of testing begins.

The metaphor is that the final build is sealed in a box, and the button to open the box has a glass cover that reads “In case of emergency, break glass.” Accepting the change means that somebody has to break the glass and open the box.

For some reason, the phrase “break glass” is not declinable. You don’t say “break the glass” or “broken glass”. The phrase is frozen, and you have to circumlocute around it:

  • “Is this a break glass scenario?”
  • “I don’t want to break glass over this.”

Bonus chatter: It appears that the services teams use “Break Glass” to describe an emergency process to address a major service outage, in which temporary secure access to server resources is granted through some secondary means. These emergency processes must naturally undergo their own security review. It also follows the metaphor of the glass cover over a button that says “In case of emergency, break glass.”

Bonus reading: Losing the game of Last Checkin Chicken two products in a row.

The post Microspeak: Break glass appeared first on The Old New Thing.

1644 [Looking For Group]

The post 1644 appeared first on Looking For Group.

Top Comments – Pages 1641 – 1642 [Looking For Group]

Tuesday, YOU are the star! We curate our favourites from the previous week’s comments on and Facebook and remind you how clever you are. Here are your top comments for Looking For Group pages 1641 – 1642. Looking For […]

The post Top Comments – Pages 1641 – 1642 appeared first on Looking For Group.

CodeSOD: Top Slots [The Daily WTF]

Picking random items without repetition is its own special challenge. It's one of those things that's not actually hard, but some programmers have a difficult time coming up with solutions to the problem. Abraham has found these two examples in some code he maintains:

//pick 3 out of 4 int alreadyUsed = 0; while (alreadyUsed < 3) { int rand = random()%4; if(!m_AllOptions[rand]->used) { m_AllOptions[rand]->used = true; alreadyUsed++; } }

Here, they need to choose three items out of a list of four. So the solution is to keep randomly selecting items, and if their used flag isn't true, set it to true and increment. Like a lot of bad solutions to random selection, this one will probably complete in a reasonable amount of time, but might never complete.

//find a free slot int random = std::rand() % 5; while (slots[random].active) { ++random; if (random > SLOTS_MAX) { random = 0; } }

Here, there are a set of slots. I don't know exactly what they're for, but it doesn't really matter. This code attempts to round-robin its way through those slots. It starts by picking a random slot (via magic number, which I assume is equal to SLOTS_MAX, but who knows?). If that slot is active, we keep incrementing our index, wrapping back around to zero. And we just keep incrementing and searching, and we never give up.

You already know how this story ends: a different bug meant that slots weren't getting freed after user, which meant when attempting to grab a new slot, an infinite loop would trigger. Slots were also held onto for multiple seconds, so even after fixing that bug, there was a good chance that this code would enter a busy loop that hung the application while waiting for a slot to free up.

[Advertisement] Otter - Provision your servers automatically without ever needing to log-in to a command prompt. Get started today!

CodeSOD: Containerization [The Daily WTF]

A large company with facilities all over the Asia-Pacific region opted to modernize. They'd just finished a pile of internal development that extended the functionality of a 3rd party package, and they wanted to containerize the whole shebang.

That's where Fred came in, about 9 months into a 12 month effort. Things hadn't gone well, but a lot of the struggles were growing pains. Many of the containers were built as gigantic monoliths. A lot of the settings you might need to do a Kubernetes deployment weren't properly configured. It was a mess, but it wasn't a WTF, just a lot of work.

The efforts of building the containerized, K8s deployments changed the company culture. The new rule was "container all the things", and all the things got containerized. Management was happy to be checking off new buzzwords, and the IT team was happy to have any sort of organization or process around deployments and their environment, since prior to this effort it was a lot of "copy this folder to this server, reboot, and cross your fingers".

Everyone was happy, except for one team, led by Harry. "Your containers broke our software," Harry complained. Now, it wasn't "their" software- it was a purchased product. And like many enterprise software packages, it was licensed. That license was enforced via a smart card and a USB dongle.

Which created a problem. Kubernetes is entirely about running your code absolutely abstracted from the physical hardware it's actually on. The USB dongle requires the code to be running on a specific physical device. The solution to the problem was obvious and simple: don't manage this one product via Kubernetes.

But that wasn't an option. "We use Kubernetes to manage all of our deployments," management said. One of the managers helpfully linked to an interview in a trade magazine where the CTO cheerily shared the benefits of Kubernetes.

"Right, but this particular product is ill-suited to that kind of deployment," Fred and his team countered.

"Okay, yes, but we use Kubernetes for all of our deployments."

And, as of this writing, that's where things sit. Everything must be containerized and hosted in Kubernetes. One software product doesn't play nice in that environment, but it must be wedged into that environment. Currently, the product lives on the same private server it used to live on, but this is a "stopgap" until "a solution is found". Officially it's out of compliance with company standards, and shows up as an evil red light on all the IT dashboards.

[Advertisement] Otter - Provision your servers automatically without ever needing to log-in to a command prompt. Get started today!

[$] Weekly Edition for September 29, 2022 []

The Weekly Edition for September 29, 2022 is available.

[$] Progress for unprivileged containers []

Over the past few years, there has been quite a bit of progress in various kernel features that can be used to create containers without requiring privileges. Most of the containers these days run as root, which means that a vulnerability leading to an escape from the container can result in system compromise. Stéphane Graber gave a talk at the 2022 Linux Security Summit Europe (LSS EU) to fill in some of the details of work that he and others have been doing to run containers as unprivileged code.

Announcing the GNU Toolchain Infrastructure Project []

The backers of the GNU Toolchain Infrastructure Project, which was the subject of an intense discussion at the GNU Tools Cauldron, have finally posted their plans publicly.

Linux Foundation IT services plans for the GNU Toolchain include Git repositories, mailing lists, issue tracking, web sites, and CI/CD, implemented with strong authentication, attestation, and security posture. Utilizing the experience and infrastructure of the LF IT team that is already used by the Linux kernel community will provide the most effective solution and best experience for the GNU Toolchain developer community.

ALP prototype 'Les Droites' is to be expected later this week (openSUSE News) []

The openSUSE News site is looking forward to the imminent preview release of the openSUSE Adaptable Linux Platform (ALP) distribution:

As far as “Les Droites” goes, users can look forward to a SLE Micro like HostOS with self-healing abilities contributing to our OS-as-a-Service/ZeroTouch story. The Big Idea is that the user focuses on the application rather than the underlying host, which manages, heals, and self-optimizes itself. Both Salt (pre-installed) and Ansible will be available to simplify further management.

Users can look forward to Full Disk Encryption (FDE) with TPM support by default on x86_64. Another part of the deliverables are numerous containerized system components including yast2, podman, k3s, cockpit, Display Manager (GDM), and KVM. All of which users can experiment with, which are simply referred to as Workloads.

A pile of stable kernel updates []

The 5.19.12, 5.15.71, 5.10.146, 5.4.215, 4.19.260, 4.14.295, and 4.9.330 stable kernel updates have all been released; each contains another set of important fixes.

Security updates for Wednesday []

Security updates have been issued by Debian (gdal, maven-shared-utils, thunderbird, webkit2gtk, and wpewebkit), Fedora (firefox and libofx), SUSE (dpdk, firefox, flatpak, grafana, kernel, libcaca, and opera), and Ubuntu (ghostscript and linux-gcp-5.15).

[$] Finding bugs with sanitizers []

Andrey Konovalov began his 2022 Linux Security Summit Europe (LSS EU) talk with a bold statement: "fuzzing is useless". As might be guessed, he qualified that assertion quickly by adding "without dynamic bug detectors". These bug detectors include "sanitizers" of various sorts, such as the Kernel Address Sanitizer (KASAN), but there are others. Konovalov looked in detail at KASAN and gave an overview of the sanitizer landscape along with some ideas of ways to push these bug detectors further—to find even more kernel bugs.

LXD 5.6 released []

Version 5.6 of the LXD container manager is out. Changes include the ability to stream log messages to a Grafana Loki server, Infiniband support for virtual machines, a restricted network access mode, and more.

Bash 5.2 released []

Version 5.2 of the Bash shell has been released.

The most notable new feature is the rewritten command substitution parsing code, which calls the bison parser recursively. This replaces the ad-hoc parsing used in previous versions, and allows better syntax checking and catches syntax errors much earlier. The shell attempts to do a much better job of parsing and expanding array subscripts only once; this has visible effects in the `unset' builtin, word expansions, conditional commands, and other builtins that can assign variable values as a side effect.

Wuyts: Why async Rust []

Yoshua Wuyts gives an overview of async Rust and why it is interesting.

Conversations around "why async" often focus on performance - a topic which is highly dependent on workloads, and results with people wholly talking past each other. While performance is not a bad reason to choose async Rust, we often we only notice performance when we experience a lack of it. So I want to instead on which features async Rust provides which aren't present in non-async Rust.

Security updates for Tuesday []

Security updates have been issued by Debian (dovecot and firefox-esr), Fedora (firefox and grafana), Red Hat (firefox and thunderbird), Slackware (dnsmasq and vim), SUSE (dpdk, firefox, kernel, libarchive, libcaca, mariadb, openvswitch, opera, permissions, podofo, snakeyaml, sqlite3, unzip, and vsftpd), and Ubuntu (expat, libvpx, linux-azure-fde, linux-oracle, squid, squid3, and webkit2gtk).

Ian Jackson: Hippotat (IP over HTTP) - first advertised release [Planet Debian]

I have released version 1.0.0 of Hippotat, my IP-over-HTTP system. To quote the README:

You’re in a cafe or a hotel, trying to use the provided wifi. But it’s not working. You discover that port 80 and port 443 are open, but the wifi forbids all other traffic.

Never mind, start up your hippotat client. Now you have connectivity. Your VPN and SSH and so on run over Hippotat. The result is not very efficient, but it does work.


In early 2017 I was in a mountaintop cafeteria, hoping to do some work on my laptop. (For Reasons I couldn’t go skiing that day.) I found that local wifi was badly broken: It had a severe port block. I had to use my port 443 SSH server to get anywhere. My usual arrangements punt everything over my VPN, which uses UDP of course, and I had to bodge several things. Using a web browser directly only the wifi worked normally, of course - otherwise the other guests would have complained. This was not the first experience like this I’d had, but this time I had nothing much else to do but fix it.

In a few furious hacking sessions, I wrote Hippotat, a tool for making my traffic look enough like “ordinary web browsing” that it gets through most stupid firewalls. That Python version of Hippotat served me well for many years, despite being rather shonky, extremely inefficient in CPU (and therefore battery) terms and not very productised.

But recently things have started to go wrong. I was using Twisted Python and there was what I think must be some kind of buffer handling bug, which started happening when I upgraded the OS (getting newer versions of Python and the Twisted libraries). The Hippotat code, and the Twisted APIs, were quite convoluted, and I didn’t fancy debugging it.

So last year I rewrote it in Rust. The new Rust client did very well against my existing servers. To my shame, I didn’t get around to releasing it.

However, more recently I upgraded the server hosts my Hippotat daemons run on to recent Debian releases. They started to be affected by the bug too, rendering my Rust client unuseable. I decided I had to deploy the Rust server code.

This involved some packaging work. Having done that, it’s time to release it: Hippotat 1.0.0 is out.

The package build instructions are rather strange

My usual approach to releasing something like this would be to provide a git repository containing a proper Debian source package. I might also build binaries, using sbuild, and I would consider actually uploading to Debian.

However, despite me taking a fairly conservative approach to adding dependencies to Hippotat, still a couple of the (not very unusual) Rust packages that Hippotat depends on are not in Debian. Last year I considered tackling this head-on, but I got derailed by difficulties with Rust packaging in Debian.

Furthermore, the version of the Rust compiler itself in Debian stable is incapable of dealing with recent versions of very many upstream Rust packages, because many packages’ most recent versions now require the 2021 Edition of Rust. Sadly, Rust’s package manager, cargo, has no mechanism for trying to choose dependency versions that are actually compatible with the available compiler; efforts to solve this problem have still not borne the needed fruit.

The result is that, in practice, currently Hippotat has to be built with (a) a reasonably recent Rust toolchain such as found in Debian unstable or obtained from Rust upstream; (b) dependencies obtained from the upstream Rust repository.

At least things aren’t completely terrible: Rustup itself, despite its alarming install rune, has a pretty good story around integrity, release key management and so on. And with the right build rune, cargo will check not just the versions, but the precise content hashes, of the dependencies to be obtained from, against the information I provide in the Cargo.lock file. So at least when you build it you can be sure that the dependencies you’re getting are the same ones I used myself when I built and tested Hippotat. And there’s only 147 of them (counting indirect dependencies too), so what could possibly go wrong?

Sadly the resulting package build system cannot work with Debian’s best tool for doing clean and controlled builds, sbuild. Under the circumstances, I don’t feel I want to publish any binaries.

comment count unavailable comments

Vincent Fourmond: Version 3.1 of QSoas is out [Planet Debian]

The new version of QSoas has just been released ! It brings in a host of new features, as the releases before, but maybe the most important change is the following...

Binary images now freely available !

Starting from now, all the binary images for the new versions of QSoas will freely available from the download page. You can download the precompiled versions of QSoas for MacOS or windows. So now, you have no reason anymore not to try !
My aim with making the binaries freely available is also to simplify the release process for me and therefore increase the rate at which new versions are released.

Improvements to the fit interface

Some work went into improving the fit interface, in particular for the handling of fit trajectories when doing parameter space exploration, for difficult fits with many parameters and many local minima. The fit window now features real menus, along with tab a way to display the terminal (see the menus and the tabs selection on the image).
Individual fits have also been improved, with, among others, the possibility to easily simulate voltammograms with the kinetic-system fits, and the handling of Marcus-Hush-Chidsey (or Marcus "distribution of states") kinetics for electron transfers.

Column and row names

This release greatly improves the handling of column and row names, including commands to easily modify them, the possibility to use Ruby formulas to change them, and a much better way read and write them to data files. Mastering the use of column names (and to a lesser extent, row names) can greatly simplify data handling, especially when dealing with files with a large number of columns.

Complex numbers

Version 3.1 brings in support for formulas handling complex numbers. Although it is not possible to store complex numbers directly into datasets, it is easy to separate them in real and imaginary parts to your liking.

Scripting improvement

Two important improvements for scripting are included in version 3.1. The first is the possibility to define virtual files inside a script file, which makes it easy to define subfunctions to run using commands like run-for-each. The second is the possibility to define variables to be reused later (like the script arguments) using the new command let. There are a lot of other new features, improvements and so on, look for the full list there.

About QSoas

QSoas is a powerful open source data analysis program that focuses on flexibility and powerful fitting capacities. It is released under the GNU General Public License. It is described in Fourmond, Anal. Chem., 2016, 88 (10), pp 5050–5052. Current version is 3.1. You can download its source code or precompiled versions for MacOS and Windows there. Alternatively, you can clone from the GitHub repository.

François Marier: Upgrading from chan_sip to res_pjsip in Asterisk 18 [Planet Debian]

After upgrading to Ubuntu Jammy and Asterisk 18.10, I saw the following messages in my logs:

WARNING[360166]: loader.c:2487 in load_modules: Module 'chan_sip' has been loaded but was deprecated in Asterisk version 17 and will be removed in Asterisk version 21.
WARNING[360174]: chan_sip.c:35468 in deprecation_notice: chan_sip has no official maintainer and is deprecated.  Migration to
WARNING[360174]: chan_sip.c:35469 in deprecation_notice: chan_pjsip is recommended.  See guides at the Asterisk Wiki:
WARNING[360174]: chan_sip.c:35470 in deprecation_notice:
WARNING[360174]: chan_sip.c:35471 in deprecation_notice:

and so I decided it was time to stop postponing the overdue migration of my working setup from chan_sip to res_pjsip.

It turns out that it was not as painful as I expected, though the conversion script bundled with Asterisk didn't work for me out of the box.


Before you start, one very important thing to note is that the SIP debug information you used to see when running this in the asterisk console (asterisk -r):

sip set debug on

now lives behind this command:

pjsip set logger on

SIP phones

The first thing I migrated was the config for my two SIP phones (Snom 300 and Snom D715).

The original config for them in sip.conf was:

; Snom 300

; Snom D715

and that became the following in pjsip.conf:

type = aor
max_contacts = 1

type = auth
username = 2000
password = password123

type = endpoint
context = full
dtmf_mode = rfc4733
disallow = all
allow = g722
allow = ulaw
direct_media = no
mailboxes = 10@internal
auth = 2000
outbound_auth = 2000
aors = 2000

type = aor
max_contacts = 1

type = auth
username = 2001
password = password456

type = endpoint
context = full
dtmf_mode = rfc4733
disallow = all
allow = g722
allow = ulaw
direct_media = yes
mailboxes = 10@internal
auth = 2001
outbound_auth = 2001
aors = 2001

The different direct_media line between the two phones has to do with how they each connect to my Asterisk server and whether or not they have access to the Internet.

Internal calls

For some reason, my internal calls (from one SIP phone to the other) didn't work when using "aliases". I fixed it by changing this blurb in extensions.conf from:

exten => 1000,1,Dial(SIP/2000,20)
exten => 1001,1,Dial(SIP/2001,20)


exten => 1000,1,Dial(${PJSIP_DIAL_CONTACTS(2000)},20)
exten => 1001,1,Dial(${PJSIP_DIAL_CONTACTS(2001)},20)

I have not yet dug into what this changes or why it's necessary and so feel free to leave a comment if you know more here.

PSTN trunk

Once I had the internal phones working, I moved to making and receiving phone calls over the PSTN, for which I use with encryption.

I had to change the following in my sip.conf:

register => tls://


to the following in pjsip.conf:

type = transport
protocol = tls
bind =
external_media_address =
external_signaling_address =
local_net =
cert_file = /etc/asterisk/asterisk.cert
priv_key_file = /etc/asterisk/asterisk.key
ca_list_path = /etc/ssl/certs/
method = tlsv1_2

type = registration
transport = transport-tls
outbound_auth = voipms
client_uri =
server_uri =

type = auth
password = password789
username = 555123_myasterisk

type = aor
contact =

type = identify
endpoint = voipms
match =

type = endpoint
context = from-voipms
disallow = all
allow = ulaw
allow = g729
from_user = 555123_myasterisk
trust_id_inbound = yes
media_encryption = sdes
auth = voipms
outbound_auth = voipms
aors = voipms
rtp_symmetric = yes
rewrite_contact = yes
send_rpid = yes
timers = no

The TLS method line is needed since the default in Debian OpenSSL is too strict. The timers line is to prevent outbound calls from getting dropped after 15 minutes.

Finally, I changed the Dial() lines in these extensions.conf blurbs from:

exten => 5551231000,1,Goto(2000,1)
exten => 2000,1,Dial(SIP/2000&SIP/2001,20)
exten => 2000,n,Goto(in2000-${DIALSTATUS},1)
exten => 2000,n,Hangup
exten => in2000-BUSY,1,VoiceMail(10@internal,su)
exten => in2000-BUSY,n,Hangup
exten => in2000-CONGESTION,1,VoiceMail(10@internal,su)
exten => in2000-CONGESTION,n,Hangup
exten => in2000-CHANUNAVAIL,1,VoiceMail(10@internal,su)
exten => in2000-CHANUNAVAIL,n,Hangup
exten => in2000-NOANSWER,1,VoiceMail(10@internal,su)
exten => in2000-NOANSWER,n,Hangup
exten => _in2000-.,1,Hangup(16)

exten => _1NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _1NXXNXXXXXX,n,Dial(SIP/voipms/${EXTEN})
exten => _1NXXNXXXXXX,n,Hangup()
exten => _NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _NXXNXXXXXX,n,Dial(SIP/voipms/1${EXTEN})
exten => _NXXNXXXXXX,n,Hangup()
exten => _011X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _011X.,n,Authenticate(1234)
exten => _011X.,n,Dial(SIP/voipms/${EXTEN})
exten => _011X.,n,Hangup()
exten => _00X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _00X.,n,Authenticate(1234)
exten => _00X.,n,Dial(SIP/voipms/${EXTEN})
exten => _00X.,n,Hangup()


exten => 5551231000,1,Goto(2000,1)
exten => 2000,1,Dial(PJSIP/2000&PJSIP/2001,20)
exten => 2000,n,Goto(in2000-${DIALSTATUS},1)
exten => 2000,n,Hangup
exten => in2000-BUSY,1,VoiceMail(10@internal,su)
exten => in2000-BUSY,n,Hangup
exten => in2000-CONGESTION,1,VoiceMail(10@internal,su)
exten => in2000-CONGESTION,n,Hangup
exten => in2000-CHANUNAVAIL,1,VoiceMail(10@internal,su)
exten => in2000-CHANUNAVAIL,n,Hangup
exten => in2000-NOANSWER,1,VoiceMail(10@internal,su)
exten => in2000-NOANSWER,n,Hangup
exten => _in2000-.,1,Hangup(16)

exten => _1NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _1NXXNXXXXXX,n,Dial(PJSIP/${EXTEN}@voipms)
exten => _1NXXNXXXXXX,n,Hangup()
exten => _NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _NXXNXXXXXX,n,Dial(PJSIP/1${EXTEN}@voipms)
exten => _NXXNXXXXXX,n,Hangup()
exten => _011X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _011X.,n,Authenticate(1234)
exten => _011X.,n,Dial(PJSIP/${EXTEN}@voipms)
exten => _011X.,n,Hangup()
exten => _00X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _00X.,n,Authenticate(1234)
exten => _00X.,n,Dial(PJSIP/${EXTEN}@voipms)
exten => _00X.,n,Hangup()

Note that it's not just replacing SIP/ with PJSIP/, but it was also necessary to use a format supported by pjsip for the channel since SIP/trunkname/extension isn't supported by pjsip.

Steve McIntyre: Firmware again - updates, how I'm voting and why! [Planet Debian]


Back in April I wrote about issues with how we handle firmware in Debian, and I also spoke about it at DebConf in July. Since then, we've started the General Resolution process - this led to a lot of discussion on the the debian-vote mailing list and we're now into the second week of the voting phase.

The discussion has caught the interest of a few news sites along the way:

My vote

I've also had several people ask me how I'm voting myself, as I started this GR in the first place. I'm happy to oblige! Here's my vote, sorted into preference order:

  [1] Choice 5: Change SC for non-free firmware in installer, one installer
  [2] Choice 1: Only one installer, including non-free firmware
  [3] Choice 6: Change SC for non-free firmware in installer, keep both installers
  [4] Choice 2: Recommend installer containing non-free firmware
  [5] Choice 3: Allow presenting non-free installers alongside the free one
  [6] Choice 7: None Of The Above
  [7] Choice 4: Installer with non-free software is not part of Debian

Why have I voted this way?

Fundamentally, my motivation for starting this vote was to ask the project for clear positive direction on a sensible way forward with non-free firmware support. Thus, I've voted all of the options that do that above NOTA. On those terms, I don't like Choice 4 here - IMHO it leaves us in the same unclear situation as before.

I'd be happy for us to update the Social Contract for clarity, and I know some people would be much more comfortable if we do that explicitly here. Choice 1 was my initial personal preference as we started the GR, but since then I've been convinced that also updating the SC would be a good idea, hence Choice 5.

I'd also rather have a single image / set of images produced, for the two reasons I've outlined before. It's less work for our images team to build and test all the options. But, much more importantly: I believe it's less likely to confuse new users.

I appreciate that not everybody agrees with me here, and this is part of the reason why we're voting!

Other Debian people have also blogged about their voting choices (Gunnar Wolf and Ian Jackson so far), and I thank them for sharing their reasoning too.

For the avoidance of doubt: my goal for this vote was simply to get a clear direction on how to proceed here. Although I proposed Choice 1 (Only one installer, including non-free firmware), I also seconded several of the other ballot options. Of course I will accept the will of the project when the result is announced - I'm not going to do anything silly like throw a tantrum or quit the project over this!


If you're a DD and you haven't voted already, please do so - this is an important choice for the Debian project.

Jelmer Vernooij: Northcape 4000 [Planet Debian]

This summer, I signed up to participate in the Northcape 4000 <>, an annual 4000km bike ride between Rovereto (in northern Italy) and the northernmost point of Europe, the North cape.

The Northcape event has been held for several years, and while it always ends on the North Cape, the route there varies. Last years’ route went through the Baltics, but this years’ was perhaps as direct as possible - taking us through Italy, Austria, Switzerland, Germany, the Czech republic, Germany again, Sweden, Finland and finally Norway.

The ride is unsupported, meaning you have to find your own food and accomodation and can only avail yourself of resupply and sleeping options on the route that are available to everybody else as well. The event is not meant to be a race (unlike the Transcontinental, which starts at the same day), so there is a minimum time to finish it in (10 days) and a maximum (21 days).

Unfortunately, this meant skipping some other events I’d wanted attend (DebConf, MCH).

Pluralistic: 28 Sep 2022 Maintaining monopolies with the cloud [Pluralistic: Daily links from Cory Doctorow]

Today's links

A dark sky filled with thunderclouds, split by a jagged lightning bolt. On the left side, a remix of Monopoly's Rich Uncle Pennybags dances atop a cloud; he has removed his face to reveal a grinning skull beneath it. On the left, a trustbuster-era editorial cartoon version of Roosevelt with his 'big stick' perches on another cloud-mass, ready to smite the Monopoly Man. Both are backlit by radiating penumbrae of light.

Maintaining monopolies with the cloud (permalink)

Correction: An earlier draft of this article incorrectly stated that John D Rockefeller owned the railroads that shipped product for the Standard Oil Company. In reality, Rockefeller controlled those railroads through bribery and coercion, not an equity stake. I regret the error.

"There is no cloud, there is only other people's computers." It's funny because it's true, and the "other people" in this case are rapacious, vertically integrated monopolies that use their cloud businesses to put their customers in cages.

The Coalition For Fair Software Licensing is a group of businesses that have banded together to resist some of the most worst cloud-based abuses. Their main targets are companies like Oracle and Microsoft who sell software, software as a service, and cloud hosting, and use these three prongs to entrap and gouge their customers.

Writing for Bloomberg, Brody Ford gives a high-level view of the scam: whereby integrated monopolists charge extra to run their rivals' software on their cloud systems, or block them altogether. That makes it hard – or impossible – to shop around for cloud services:

The group itself lists nine demands for "cloud fairness," ranging from no-brainers ("Licensing terms should be clear and intelligible") to absolute yikes!es like "Freedom from retaliation for cloud choices" (involving "intrusive software audits" and "higher software licensing fees").

The Coalition's beefs are familiar ones, echoing the fights that led to the creation of antitrust law in the 19th century. Back then, small businesses were at the mercy of another kind of infrastructure: railways, who operated chokepoints between producers and their customers.

These railways weren't just operating the playing field – they also owned one of the teams. They would operate their own businesses that competed directly against the freighters whose goods they carried. They would charge the freighters more for carriage than they did their own businesses, making it impossible to compete with them.

This turned out to be an incredibly hard problem to solve with regulation. Even when there were rules ordering railroads to charge the same rates to all comers, there were so many subtle ways to cheat.

For example, Rockefeller's Standard Oil controlled many railroads via bribery and other underhanded tactics, which let them control the delivery of oil from the pumphead to the refineries and thence to market. The railways were ordered to charge everyone the same rate – whether a train was carrying his oil or a rival's.

And they did! All the oil shipped from Ohio to the port shipped at the same price. All the oil that shipped from Chicago to the port also shipped at the same price. But the Ohio price was much higher than the Chicago price, and Rockefeller owned all the Chicago refineries, while the Ohio refineries were owned by the independents.

What's more, the price-per-mile for everything that wasn't oil (lumber, for example) was the same from Chicago or Ohio – it was only oil that had this steep price differential. The nondiscrimination order for Rockefeller merely stipulated that there couldn't be discrimination on a given route – but left open the door for discrimination between routes.

When you control the infrastructure, there are just so many ways to cheat against the companies that use the infrastructure, and they can be incredibly hard to detect, and even when you do, it can be incredibly hard to write a loophole-free rule to block a given tactic.

That's why the trustbusters were so big on "structural separation": the principle that a business can own a platform, or use the platform, but not both. They banned the railroads from running their own freight businesses, and they banned the banks from owning businesses that competed with the firms they loaned money to.

Rather than trying to construct rules that kept the referee honest even when they played on one of the teams, they ordered the companies to choose one role – either you were the ref, or you were a player, but you couldn't referee a match where you were also in the competition.

Today, with tech antitrust surging around the world, we're speedrunning the lessons of the rail-barons, trying to impose rules on companies that ban them from abusing their vertical monopolies, rather than ordering them not to form vertical monopolies:

After all, if Microsoft and Oracle had to choose between running clouds and selling cloud software, they wouldn't have any reason to screw with businesses to leverage their cloud into software licenses and their software licenses into cloud subscriptions. And for so long as they are in both businesses, they will have infinite tools at their disposal to subtly (and blatantly) cheat on whatever limits we put on them.

One fascinating wrinkle: Senator Gary Peters has proposed legislation that would overhaul federal procurement rules, requiring companies that want to sell cloud services to the US government to play fair.

This is a very powerful move. Every government – US and foreign, federal, state and local – should have a rule that says, "If we're going to spend public money on your products, you have to promise not to lock us in." That's just basic prudent governance, and there's plenty of precedent for it. Lincoln had a policy that he would only buy rifles for the Union Army from companies that used interoperable tooling and bullets. No general wants to have to cancel a battle because the single-source supplier decided not to make any ammo this month.

This policy could and should be extended to cars in government motor-pools (requiring manufacturers not to block third-party parts and to supply diagnostic codes to independent mechanics). Likewise software like Google Classroom (requiring Goog not to block third-party textbooks, assessment tools, etc). It should be universal, all the way down to requiring printer companies that sell to the public sector to stop blocking third-party ink.

Cloud lock-in is incredibly unpopular. Bloomberg's Ford cites a study that found that 90% of tech executives support the Coalition for Fair Software Licensing's demands. But we need to do more than order tech monopolies to play fair – we have to take away their incentive to cheat.

I think there's momentum for this. Before she took over the FTC, chair Lina Khan published "The Separation of Platforms and Commerce," a banger of a law-review paper from the Columbia Law Review ("the potential hazards of integration by dominant tech platforms invite recovering structural separations"):

And businesses are unlikely to be happy with mere rules ordering fairness, given the big companies' propensity to cheat and the incredible upsides for doing so. They just can't help themselves, whether that's Amazon mining its sales data to figure out when to clone its own customers' products:

Or Apple using its control over the App Store to block companies that directly compete with its own apps:

We don't let judges hear cases where they have a stake in the outcome, we don't let lawyers represent the plaintiffs and the defendants, we don't let referees call games where they own one of the teams.

Hey look at this (permalink)

This day in history (permalink)

#15yrsago Terry Pratchett’s “Making Money” — economic comedy

#10yrsago UK banks use robo-callers to make fraud-check calls, conditioning customers to hand out personal information to anonymous machines that phone them up out of the blue

#10yrsago Panama’s new copyright law is the worst in the history of the universe

#5yrsago Better education doesn’t correlate strongly to economic mobility (but union membership does)

#5yrsago A glimpse of the European Commission’s plans for ham-fisted, indiscriminate mass online censorship

#5yrsago Former Equifax CEO Richard Smith collects $90M for his last year of outstanding work

#5yrsago Landscape With Invisible Hand: Late Stage Capitalism, by way of a YA alien invasion novel

#1yrago Democrats can pass the reconciliation today (sorta)

Colophon (permalink)

Today's top sources: Slashdot (

Currently writing:

  • The Bezzle, a Martin Hench noir thriller novel about the prison-tech industry. Yesterday's progress: 534 words (43940 words total)
  • The Internet Con: How to Seize the Means of Computation, a nonfiction book about interoperability for Verso. Yesterday's progress: 514 words (40428 words total)

  • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. (92849 words total) – ON PAUSE

  • A Little Brother short story about DIY insulin PLANNING

  • Vigilant, Little Brother short story about remote invigilation. FIRST DRAFT COMPLETE, WAITING FOR EXPERT REVIEW

  • Moral Hazard, a short story for MIT Tech Review's 12 Tomorrows. FIRST DRAFT COMPLETE, ACCEPTED FOR PUBLICATION

  • Spill, a Little Brother short story about pipeline protests. FINAL DRAFT COMPLETE

  • A post-GND utopian novel, "The Lost Cause." FINISHED

  • A cyberpunk noir thriller novel, "Red Team Blues." FINISHED

Currently reading: Analogia by George Dyson.

Latest podcast: Sound Money

Upcoming appearances:

Recent appearances:

Latest book:

Upcoming books:

  • Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin, nonfiction/business/politics, Beacon Press, September 2022
  • Red Team Blues: "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books, April 2023

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Newsletter (no ads, tracking, or data-collection):

Mastodon (no ads, tracking, or data-collection):

Medium (no ads, paywalled):

(Latest Medium column: "Oil is Bankrupt (If We Want It): Alberta’s Oil Companies Are the Walking Dead"

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

Pluralistic: 27 Sep 2022 Federalist Society v Corporate Personhood [Pluralistic: Daily links from Cory Doctorow]

Today's links

An old Punch engraving caricaturing a seated judge at his bench, bearing a loopy, supercilious expression. The judge is operating two sock-puppets, one bearing the Facebook logo, the other bearing the Twitter logo. Behind the judge on the wall is the logo for the Federalist Society.

Federalist Society v Corporate Personhood (permalink)

There are lots of cleavage lines between "left" and "right" ("Conservatism consists of exactly one proposition: There must be in-groups whom the law protects but does not bind, alongside out-groups whom the law binds but does not protect" -F. Wilhoit), and here's a crucial one: the left knows its ideology arises from material reality, while the right claims otherwise.

The right likes to claim to be "rationalist," grounded in the realm of ideas, not the material world. For example, the right says affirmative action is unfair, because policies should be "race-blind" and thus neutral. The left, meanwhile, says that offering the same chances to people regardless of whether they have the same material means to seize those chances is unfair, because it simply cements the dominance of the people who are already on top.

But all ideology is grounded in material reality. The things you think – and believe – arise out the material world you encounter. How could it be otherwise? Remember when David Cameron, as PM of UK, said that there was no room for social explanations for the London uprisings, insisting that it was down to "criminality, pure and simple"?

"Criminality, pure and simple" has no explanatory power. Where was the "criminality" the day before the uprising? Where did it go to, the day after? Is it a strange tide, driven by mysterious ideological currents in the aether? Is it a pollen that alights on poor people and sends them into the streets before it dissipates and lets them trickle back home?

It's not just your beliefs that rise and fall based on your material circumstances – it's also the salience of those beliefs. Racism is a complicated ideology, but at its core, there is something like the toddler's revulsion of having their peas and carrots touch on the same plate: these things do not belong together.

This carrots-and-peas theory of racism came into focus for me reading NK Jemisin's brilliant (anti)Lovecraftian novel The City We Became. Jemisin's foils make it very clear that Lovecraft's lurking eldritch terrors all boil down to a kind of "ewww, you got your peanut butter in my chocolate" tantrum:

(There's a sequel to City coming out in a few weeks: The World We Make, and it's getting terrific reviews!)

Lots of people have some racist views, and they held these views before and after the 2016 election. Some people think the reason that we saw more racism in public during and after the Trump campaign is that Trump is a sorcerer that brainwashed your Facebook uncle, maybe with the help of Mark Zuckerberg's mind-control ray.

But there's a materialist explanation for what happened to your uncle and all those other avowed racists who flooded the public discourse after 2016: what changed wasn't their racism, but the salience of their racism. Pre-2016, these people had lots of things on their mind: golf, Better Call Saul, elevated ice-cream sandwiches, their kid's AP history problems, crossfit…and racism.

2016 (and beyond) is best understood as a re-ordering of these lists. The attention and focus that they once gave to crossfit shifted to racism, because Donald Trump told them that racism was the answer to their material complaints, while Hillary Clinton told them they had no material complaints ("America never stopped being great" is the stupidest political slogan, ever).

Racism is an ideology – a terrible one – but increases and decreases in racism track to material anxieties, not better argument. Trump didn't make your uncle into an obsessive racism hobbyist with brilliant logic. He did it by linking your uncle's material anxieties to racist explanations.

Leftists have an ideology – Steven Brust says, "if you think human rights are more important than property rights, you're on the left; if you think property right are human rights, you're on the right – but the left understands this ideology as connected to, arising from, and mobilized by the material conditions of its adherents.

The right, meanwhile, maintains the pretense that it is motivated by reason and principle, unwavering moral pole-stars that can trace a lineage from Roman times, or the Ten Commandments, or the US Constitution, unwavering and untouched by the material realm.

But the right is motivated by material conditions, too. As Corey Robin writes in The Reactionary Mind, the goal of the right is to create hierarchies in which the "best people" get to boss everyone else around. Christian Dominionists want to put men in charge of women and children; libertarians want to put bosses in charge of workers, imperialists want to put America in charge of other countries, racists want to put white people in charge of racialized people.

The ideology of the right drifts hither and yon based on the likelihood that a given principle will put "the best people" in charge of the rest of us. For 40 years, the American right insisted that monopolies were amazing, efficient organizations that should be encouraged as engines of progress and prosperity.

When tech monopolies used their market power to sew up all the public forums for discourse and then kicked off Donald Trump, Milo Yiannopoulos and Alex Jones, key figures on the right became highly selective trustbusters, dedicated to curbing the power of tech monopolies.

The ideological cover for this is thin to nonexistent: diehard Federalist Society types like Ted Cruz don't even bother to try articulating a theory of "good" monopolies and "bad" monopolies. A "good" monopoly is one that helps Ted Cruz and his pals. A "bad" monopoly is one that gets in their way.

The latest ideological flipflop from the right comes in its relationship to corporate personhood. For a generation, the right has insisted that corporations are people, and, more importantly, corporations are the kinds of people who have free expression rights under the First Amendment of the US Constitution.

Spectacular cases like Citizens United (the right to unlimited secret political spending), Hobby Lobby (the right to withhold birth control based on their "beliefs") and Masterpiece Cakeshop (the right to be free from "compelled speech") all arise out of this theory of corporate personhood.

Then came the tech giants and their moderation policies, which resulted in lifetime bans for several prominent right wing figures. The right decided that this was ideological in nature: the platforms were banning their heroes because they were in the tank for progressives.

But it's not true. Platforms' moderation policies are also grounded in the material, not the ideological. Platforms don't like drama and flamewars because it's bad for business. It might drive "engagement" but most of their users actively dislike being engaged that way, and flamewars need expensive, close moderation to weed out things like doxing and swatting. Platforms don't like drama and flames because they're bad for business:

It's not ideological. They're not in the tank for the left. If they were, then they wouldn't have spent years deplatforming trans people, anti-racist activists, sex workers, indigenous rights activists, and others. Platforms aren't anti-Alex Jones, they're pro-shareholders, and Alex Jones is bad for their shareholders.

Let me be clear: "profit maximization" is a deeply shitty way to run any speech forum, much less one that dominates our discourse. As a leftist, I think that the human rights of sex workers and anti-racist and indigenous activists are more important than the property rights of Facebook and Twitter's shareholders.

But the right can't say that, which creates a conundrum. Corporate persons – Twitter, Facebook, Youtube, Apple – want to exercise their free speech rights to block the right's enfants terribles, because doing so will make more profits for their shareholders. The right has spent generations insisting on the primacy of profits and free speech.

How have they resolved this contradiction? They haven't. They've just leaned into it. Texas's HB20 – a law requiring online platforms to host content they object to, in the name of balance – insists that corporate free speech rights and the interests of shareholders must be subordinated to the rights of Alex Jones and Donald Trump.

The Republicans of the Texas legislature voted in this law. Governor Gregg Abbott signed it. Then, a panel of Fifth Circuit appeals court judges – dominated by GOP appointees – upheld it. Normally, appeals court judges have to explain how they resolve the contradictions between their rulings and other rulings, but not this time.

This time, the Fifth Circuit just made shit up. They inserted clauses into Section 230 of the Communications Decency Act that literally don't exist. They ignored Supreme Court rulings. They ignored the bedrock rule that interstate commerce is a federal matter and out of state hands. They just winged it.

If you want to get a sense of just how bananas the decision in Paxton (as this case is known) is, check out Mike Masnick's brilliant, eye-watering breakdown in The Daily Beast, which goes chapter-and-verse through the incoherence, dishonesty and selectivity of the judges' reasoning:

Masnick compares the ruling in Paxton – and other recent rulings emanating from Federalist Society judges, like the Supreme Court's Dobbs abortion rights ruling – to Calvinball, the game from Calvin and Hobbes whose rules change with every roll of the dice. In Calvinball, Calvin will land on a square that costs him his lead and he'll shout out a new rule: "On Wednesdays, that rule is reversed and you take the penalty!" There's no pretense of consistency or fairness.

It's an apt analogy to the Federalist Society's strange relationship to its own stated ideology, but not just because it's arbitrary – but because it's partisan. When Calvin shouts out a new rule, that rule isn't unpredictable – it benefits him. Likewise when FedSoc judges wing it, they don't just hive off in a random direction. They steer unerringly toward the advantage of the rich and powerful people who bankroll the Federalist Society. They have one principle: "There must be in-groups whom the law protects but does not bind, alongside out-groups whom the law binds but does not protect."

HB20 is a nonsense. It correctly observes that tech platforms have too much power over our public discourse, sure, but its remedy for that – forcing tech platforms to carry speech they don't want to host – is gibberish. Daphne Keller has an exciting proposal to illuminate just how bad HB20 would be in practice: give users unfettered access to every post, without any moderation, and then let them click a single button to opt into a moderated flow. She's betting that nearly everyone would click that button (and I think she's right):

It's absolutely true that tech platforms have too much power over our speech, but it's not because of their ideology or their discrimination. It's because of their power, which comes from their monopolistic control and lock in. They accumulated that power due to the ideology of the right, which was grounded in the material principle of making rich people richer by letting them form monopolies.

The right got us into this mess, but they can't get us out of it.

(Image: Helfmann, CC BY-SA 4.0; Rion, CC BY 3.0; modified)

Hey look at this (permalink)

This day in history (permalink)

#20yrsago Software Defined Radio defined

#10yrsago Former top US copyright bureaucrat thinks all communications/entertainment technology should be illegal until Congress approves it

#10yrsago Murdoch’s Times goes back to Google: please index us, just a little!

#5yrsago DHS says it will force everyone who’s ever immigrated to the USA to hand over social media

#5yrsago Indigenous tribes fronting for patent trolls sue Apple

#5yrsago Predictably, Wells Fargo loves Equifax and suggests investing heavily in the company

#5yrsago The brilliant life and brutal death of Bassel Khartabil, killed by Assad for writing free software

#1yrago Shelter is a toxic asset: NIMBYism is a fatal disease

#1yrago Democrats, health care monopolies, and market failures: Market health care is a fatal disease

Colophon (permalink)

Currently writing:

  • The Bezzle, a Martin Hench noir thriller novel about the prison-tech industry. Yesterday's progress: 523 words (43595 words total)
  • The Internet Con: How to Seize the Means of Computation, a nonfiction book about interoperability for Verso. Yesterday's progress: 504 words (39451 words total)

  • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. (92849 words total) – ON PAUSE

  • A Little Brother short story about DIY insulin PLANNING

  • Vigilant, Little Brother short story about remote invigilation. FIRST DRAFT COMPLETE, WAITING FOR EXPERT REVIEW

  • Moral Hazard, a short story for MIT Tech Review's 12 Tomorrows. FIRST DRAFT COMPLETE, ACCEPTED FOR PUBLICATION

  • Spill, a Little Brother short story about pipeline protests. FINAL DRAFT COMPLETE

  • A post-GND utopian novel, "The Lost Cause." FINISHED

  • A cyberpunk noir thriller novel, "Red Team Blues." FINISHED

Currently reading: Analogia by George Dyson.

Latest podcast: Sound Money

Upcoming appearances:

Recent appearances:

Latest book:

Upcoming books:

  • Chokepoint Capitalism: How to Beat Big Tech, Tame Big Content, and Get Artists Paid, with Rebecca Giblin, nonfiction/business/politics, Beacon Press, September 2022
  • Red Team Blues: "A grabby, compulsive thriller that will leave you knowing more about how the world works than you did before." Tor Books, April 2023

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Newsletter (no ads, tracking, or data-collection):

Mastodon (no ads, tracking, or data-collection):

Medium (no ads, paywalled):

(Latest Medium column: "Oil is Bankrupt (If We Want It): Alberta’s Oil Companies Are the Walking Dead"

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

Logistics vs (and) innovation [Seth's Blog]

When innovation arrives, the logistics people have to scramble to keep up, because innovation always makes it hard to do things the way we used to.

Over time, an innovative company thrives if it can get its logistics in order. Ship the right stuff to the right people on time and on budget.

Once this happens, it often means that the logistics people gain in power and influence. After all, they pulled off a miracle.

Then, when the next innovation shows up, the logistics voices in the room are likely to have more say in what happens next. That’s why upstarts who feel like they have nothing to lose are so much more likely to innovate–they don’t realize how hard it is going to be.

Innovation doesn’t work without logistics.

Urgent: Protect Social Security [Richard Stallman's Political Notes]

US citizens: call on Congress to protect Social Security.

The Capitol Switchboard number is +1-202-224-3121.

If you call, please spread the word!

Britain crying out for radical solutions [Richard Stallman's Political Notes]

*Britain is crying out for radical solutions, but Labour still thinks it’s in the 1990s.* Warning that if Labour doesn't support what non-wealthy Britons demand, if they have no hope of supporting Corbyn, they will turn to radicals that are authoritarian.

I stand by my cartoon contrasting B'liar's "New Labour" with the Labour government that established the great social democratic policies that lifted most Britons out of poverty after World War II. Just imagine that Tony B'liar is replaced by keir Starmer.

If you won't recognize that "The Tories are lower than vermin," you will never offer anything more than a lesser evil.

Ecocide as an international crime [Richard Stallman's Political Notes]

A campaign to define "ecocide" as an international crime, comparable to genocide.

I don't think that prosecuting ecocide is a panacea. It is easy to understand intentional deforestation as ecocide. Each piece of the forest is cut down or burnt by certain people.

However, when a lightning-sparked wildfire destroys a forest, it is harder to pin the destruction on anyone. Everyone's CO2 emissions contribute a little to each wildfire.

Nonetheless, prosecuting people like Bolosonaro could help, and they certainly deserve it.

Watching protests in Iran with hope [Richard Stallman's Political Notes]

*We watch the protests in Iran and hope, but false optimism may be clouding our eyes.*

Elderly Americans at risk of Covid [Richard Stallman's Political Notes]

Disregard for the goal of reducing the spread of Covid has put millions of elderly Americans in a vice between the need to go out to do things (even seeing doctors) and the danger of being exposed by a risk denier.

Please wear a good mask whenever you are indoors sharing air with other people.

EPA won't make up for Manchin deal [Richard Stallman's Political Notes]

*EPA's Environmental Justice Office 'Won't Make Up for' Manchin Deal, Campaigner Says.*

Starmer's policy speech more progressive than expected [Richard Stallman's Political Notes]

A panel of judges rated Starmer's policy speech as more progressive than they expected from him.

Crabs staying where oceans stay warm longer [Richard Stallman's Political Notes]

Crabs, enjoying the warming ocean around Normandy and Brittany and the delicious mussel farms there, are staying most of the year and devouring the mussels.

Since their numbers are growing, we should encourage people to eat them and keep the numbers stable.

Campaign to end prison slavery [Richard Stallman's Political Notes]

On the campaign to end prison slavery — forcing prisoners to work for private employers for a pittance.

Hydrogen unsuitable for home heating [Richard Stallman's Political Notes]

*Hydrogen is unsuitable for home heating, review concludes.*

Hydrogen made from renewable electricity may be useful for decarbonizing transport, but that's a different issue.

Bans on speaking of abortion at University of Idaho [Richard Stallman's Political Notes]

The University of Idaho has banned its employees from saying anything about abortion. Even medical personnel. And they are warned not to offer anything under the rubric of contraception.

This requirement, if attributed to a law, seems to be unconstitutional.

Laws to suppress climate activists [Richard Stallman's Political Notes]

*As resistance grows to the fossil fuel regime, laws are springing up everywhere to suppress climate activists.*

The global climate disaster, which I expect will cause gigadeaths, will not be an accident. It will be mass murder, carried out by the power of the planet roasters.

What punishment will they deserve for these murders? What actions would people be justified in using to prevent mass murder?

Italian government to demonize immigrants and queer people [Richard Stallman's Political Notes]

Italy's new right-wing government is expected to demonize immigrants and queer people. It may also attack the right to an abortion.

Increasing taxes for the rich [Richard Stallman's Political Notes]

Finally, something good from Labour: increasing taxes for the rich, and funding the NHS.

Biden's plan to end hunger and reduce obesity [Richard Stallman's Political Notes]

Biden has launched a plan to end hunger in the US, and reduce obesity, with federal help. To pass this plan requires electing more democrats.

People have rejected Spotify [Richard Stallman's Political Notes]

Some people are rejecting Spotify for reasons that have to do with their emotional relationship with music.

To use Spotify is inconceivable for me -- its injustices (the same as those of Amazon e-books) overrides all the secondary details.

If you stop using Spotify, please choose alternatives that don't impose those injustices. Check that you don't need to use nonfree software, don't have to identify yourself to listen, and don't have to make an antisocial agreement not to share.

You can access Youtube without running nonfree Javascript code by means of the proxy system,

Edward Snowden [Richard Stallman's Political Notes]

Edward Snowden speaks about being granted Russian citizenship -- Russia being the only country that will let him stay and not hand him over for prosecution. He wishes that he could safely return to the US and live here.

Snowden did not choose to go to Russia at all. He had a flight connection in Moscow, and was unable to board the second flight because the US had cancelled his passport.

I hope that whatever happens at the end of the war doesn't result in handing over Snowden to the US.

Argument for if Putin falls [Richard Stallman's Political Notes]

Arguing that, if Putin falls, it would be good for the west to offer his successor a deal that perse could present to the Russian people as a good one.

I am in favor of this, provided the deal doesn't include keeping any of Ukraine.

Whale-detection system [Richard Stallman's Political Notes]

A whale-detection system will inform ships in a narrow bay in Chile that they should slow down to avoid hitting whales.

I am only guessing, but I tend to think that this will not be sufficient change -- that we need to reduce the overall level of human-generated noise if we want whales to be safe.

States restricting prescriptions for drugs [Richard Stallman's Political Notes]

Some state laws banning abortions restrict all prescriptions for drugs widely used to treat other medical problems, other than the problem of unwanted pregnancy that is. If these laws covered the whole US, it would interfere with the treatment of millions of patients.

Let us not make the usual mistake of emphasizing the uncontroversial collateral damage over the more controversial intended damage. Those religious fanatics want to force people to have babies!

British society and communication impoverished [Richard Stallman's Political Notes]

Institutions have impoverished British society and communication to the point where jumping into a wave of deference to the monarchy is the only outlet for the yearning for a sense of common social feeling and purpose.

The article speaks of "consuming" a "national account of ourselves" (referring to the British, thus not including me). This is not as twisted as the idea of "consuming" books or movies, but I think "absorbing" fits better.

Russian shot official [Richard Stallman's Political Notes]

A Russian about to be drafted shot the official that was trying to draft him.

California school students get gratis breakfast and lunch [Richard Stallman's Political Notes]

California now gives all school students gratis breakfast and lunch. Students, no longer going hungry, are doing better.

It seemed to me that lunch in my schools in New York City was gratis in the 1960s. I certainly was never asked to pay for lunch. Could it be that my mother bills paid for my school lunches? It never occurred to me to wonder about this before, and it is too late to ask her now.

System to help people freaking out calm down [Richard Stallman's Political Notes]

Westport, Connecticut, has set up a system to help its police department deescalate confrontations with people who are freaking out. The system helps them quickly find friends or relatives to calm someone down, rather than a cop who is a stranger.

Torture and brainwashing [Richard Stallman's Political Notes]

British-Ukrainian Aiden Aslin describes the torture and brainwashing he was subjected to during 5 months as a prisoner of war, before he was exchanged. It ranged from solitary confinement to threats to murder him summarily.

It is interesting that the guards in the supposedly independent Donetsk People's Republic forced prisoners to sing Russia's national anthem, not an anthem of their supposed country. They seem not to take its "independence" more seriously than it warrants.

Iranians enraged at the state protesting around the country [Richard Stallman's Political Notes]

Iranians are enraged at the state, and keep protesting around the country despite 35 killings -- mostly protesters, it is clear, but not all.

They are angry about a lot more than the death of Mahsa Amini. Iranians, led by women, demand changes in laws to respect their rights.

Museum bows to indigenous group's demand [Richard Stallman's Political Notes]

Setting a sad precedent: a museum has bowed to the pressure of an indigenous group that demanded the "return" of four artifacts that the museum legitimately owns.

The group agrees that these artifacts were not stolen; that the anthropologist who gave them to the museum had acquired them legitimately. Why should the museum feel an obligation to give in? What justification can the group present for demanding to get them back? The article does not present any, it only cites someone who takes this for granted. The people in that group are not the only ones concerned here.

In general, should anthropologists obey demands to discard part of anthropological knowledge? I contend this should require a reason stronger than, "These artifacts are related to us so only we can have them."

(Satire) Rigged elections results [Richard Stallman's Political Notes]

(satire) *Putin Stays Up Late Constantly Refreshing Website For Results From Rigged Elections.*

The wrecker and "executive privilege" [Richard Stallman's Political Notes]

There is a secret legal dispute about whether the wrecker can use "executive privilege" to block some of his henchmen from testifying to a grand jury about what appears to be a conspiracy to overturn part of the 2020 election.

To fix the US welfare system [Richard Stallman's Political Notes]

*To fix its broken welfare system, the U.S. must move away from its fixation on fraud, exclusions by design, and the stigmatization of people in poverty.*

Britain to reform electoral system [Richard Stallman's Political Notes]

Britain is ready to reform its broken electoral system, but the conservative leaders in control of the Labour Party refuse to advocate that.

Fast food companies want the power to abuse workers [Richard Stallman's Political Notes]

Now that California has passed a law to protect fast-food workers pay and rights, the big fast-food companies want Californians to vote to restore the power to abuse those workers, in the name of low prices.

DeMentis secretly transported immigrants to Martha's Vineyard [Richard Stallman's Political Notes]

DeMentis now claims to have sincerely transported immigrants to Martha's Vineyard to help them.

One could ask him, "If you really wanted to help them, why did you give them a false picture of the support they would find there?"

World Bank head is a global heating denialist [Richard Stallman's Political Notes]

The head of the World Bank really is a global heating denialist, and it appears he was put in that position by the wrecker precisely to obstruct climate defense. The world needs to oust him.

Corporate greed is behind inflation [Richard Stallman's Political Notes]

*Corporate greed, not wages, is behind inflation. It's time for price controls.*

Rigid price controls cause a different kind of market distortion. I wonder if there is a way to get a similar effect but less rigid. For instance, what if any increase of X in the price of a product resulted in an additional tex starting at .9X and decreasing linearly over the following year down to .1X, then ending after that year. This might discourage price increases that are not meant to be long-term.

Climate activist held before trial [Richard Stallman's Political Notes]

*UK climate activists held in jail for up to six months before trial.*

If they are convicted, their sentences will probably not be as long as they were in jail. They are moved frequently from one prison to another, and their friends can't find them.

I suspect this is an intentional practice of nonjudicial punishment.

Surveillance on US employees by employers reaching Chinese repression levels [Richard Stallman's Political Notes]

The surveillance of employees by US employers is reaching levels reminiscent of Chinese repression.

We must establish the rule that by default surveillance systems are forbidden, aside from certain limited exceptions.

Federal Reserve raising interest rates too fast [Richard Stallman's Political Notes]

The Federal Reserve is raising interest rates too fast -- not waiting to see the full effects of previous increases before moving on to another increase. This creates a risk of overshoot -- of raising interest rates so much that it producing a result bigger than the organisation wants. If you keep increasing a signal again and again, faster than results can possibly come back to you, you will overcontrol and cause a crisis.

The governors of the Fed ought to know this, since it is basic business economics.

Australian mobile phone company suffered data theft [Richard Stallman's Political Notes]

An Australian mobile phone company suffered a data theft which took personal data about millions of customers. The company had lobbied against changes to laws about customers' rights over that data.

The harmful consequences of this breach are partly the Australian government's fault, since it required the company to collect and save various items of personal data for each customer. The reliable way to prevent the release of people's personal data is not to possess copies of it, but Australia did not permit this company to use that method.

Proposal to stop government contracts with businesses connected to tax havens [Richard Stallman's Political Notes]

Labour proposes to stop giving government contracts to businesses connected with tax havens.

It would be a change for the better, but only a small one. It would be simple to require all companies that do business in in Britain to reveal their real owners, whereas this would only affect those businesses that get government contracts.

Giorgia Meloni and fascism [Richard Stallman's Political Notes]

*Giorgia Meloni is a danger to Italy and the rest of Europe. The Brothers of Italy leader denies she is a fascist but clings to the Mussolini-era slogan "God, homeland, family."*

*Meloni appears the most dangerous Italian political figure not because she explicitly evokes fascism or the practices of the black-shirted squadristi (militia), but because of her ambiguity.*

Big businesses openly and shamelessly hires Congressional staff [Richard Stallman's Political Notes]

Big businesses openly and shamelessly hire Congressional staff to lobby their former coworkers.

They hire former Congressional representatives, too, but they disguise that behind polite veils.

80% of US voters want National Paid Family Leave [Richard Stallman's Political Notes]

*80% of US Voters Want Congress to Enact National Paid Family Leave: Poll.*

Politicians that call themselves "centrists" are opposed to this, but they are nowhere near the political center of Americans.

War crimes [Richard Stallman's Political Notes]

UN investigators have reported evidence of many war crimes committed by the Putin forces, as well as a couple of instances of war crimes by Ukrainians.

Asthma [Judith Proctor's Journal]

 This is mainly for my own reference. I'm having my first major asthma attack in over a year.  I'd got used to living without asthma - I was really enjoying it...

Things that have probably helped reduce the asthma risk - no carpets.  When we installed the heat pump, we opted for an underfloor heating system with LVT tiling. That cut down dust exposure quite a lot (and I know dust/dust mites is one of my triggers)

Most likely cause of current attack - a search through old DW entries finds one where I'd mentioned the risk from fungal spores.  This may be spot on - penicillin and aspergillum spores peak in September/October and mould is my other key trigger.  Things like wet paths made from woodchip can make me wheezy.

There's not a lot I can do, apart from avoiding mould as much as possible. I've just completed my first course of steroids in a long time - and I'm still wheezing.

Making sure we empty the food waste bin regularly, possibly cutting down on the number of house plants, and drying laundry outside as much as possible are all we can really do to reduce the risk from mould - apart from choosing carefully where we go for walks.

Frustratingly, most pollen count web sites ignore fungal spores, but this one from the University of Worcester has some limited data -

Their site says:

Aspergillus and Penicillium types

The year starts with a high risk for these types with a total monthly average of 1,333 spores in January and 1,215 in February. Spores continue to be airborne during Spring and early Summer but possibly below the levels needed to trigger symptoms, although studies show that A. fumigatus can be high in March and August, as well as the Autumn. From mid-August the risk starts to rise again and people often report symptoms during warm, humid conditions in late August, September and October, with the peak reaching an average of 1,950 spores in October. Although the spore levels continue to be high during November and December, few people report symptoms, so it is likely that the types occurring during these months are less allergenic. 

comment count unavailable comments

How To Annoy Your Dog [Whatever]

Keep her securely in the house while these three creatures are wandering about the yard.

Yes, she wanted to make friends with them, very much. However, it was reasonably certain these three would be fine not spending any time with her. Charlie is sulking about it. She will get over it, I’m sure.

— JS

A Fancy Mustard Review [Whatever]

I went to a local market in Troy for Kewpie mayo, but they were sold out, so I sadly wandered the store looking for something else to buy. I came across these three flavors of mustard:

Three glass jars of mustard. They all have a Terrapin Ridge Farms label. The three flavors are raspberry wasabi mustard, pecan honey mustard, and peach honey mustard.

Athena ScalziI’d never heard of this brand before, but these mustards looked pretty quality, so I decided to grab all three flavors and give them a try.

Interestingly, all three of them were priced differently. One was $7.50, another was $8.00, and the last one was $8.50. I’m not sure why they were different to begin with, or why the difference was so small.

I enlisted the help of my parents, along with a bag of pretzels, to get the job done.

We started with the raspberry wasabi mustard:

A top down view of the inside of the raspberry wasabi mustard jar. It is filled with yellow mustard that has flecks of red and seeds throughout.

Before tasting it, I gave it a whiff, and it totally cleared my sinuses. I was worried it would taste as strong as it smells, but that wasn’t the case. It was bold without being too much, and my dad agreed the wasabi flavor was definitely present, but not overpowering. It had a kick, but wasn’t necessarily hot. I and my parents agreed we didn’t really detect any raspberry, but it was still pretty good. My dad said he would definitely put it on a sandwich, and gave it an 8/10. My mom said it was pretty solid, and gave it an 8/10, as well. I thought it was good, but I’m not the biggest fan of wasabi, so I gave it a 7/10.

Next up was the one I was most excited for, the pecan honey mustard:

A top down view of the inside of the pecan honey mustard jar. It's filled with thick brown mustard.

Unlike the previous flavor, which was mustard forward, this one was honey forward. It was sweet, thick, sticky, and totally yummy. Both of my parents said they wouldn’t put it on a sandwich, which makes sense since the label calls it a “glaze, cheese topper, and pretzel dip”. It was  perfect for the pretzels we had, but my dad and I got creative and spread a dollop onto a slice of provolone (it was the only cheese we had), and it was totally bangin’. My mom said this one just wasn’t her style, though, and gave it a 5/10. She didn’t care for it but didn’t hate it. My dad liked it more than she did, and gave it an 8.5/10. I totally loved it, and could honestly smash the whole thing if I wasn’t careful, and gave it a 9.5/10.

Last on the list was the peach honey mustard:

A top down view of the peach honey mustard jar. Its contents are an orangish, looser looking mustard, with some chunks throughout.

The first thing I noticed about this one was that it was a much looser consistency than the previous mustard, and slightly more so than the first mustard. Both my mom and dad made a point of mentioning how peach-forward this one was. My dad said it had an almost alcoholic sharpness, and that it doesn’t work on its own, but perhaps would be good as a glaze for something like chicken or a salad dressing. He settled on a score of 5.5/10. My mom said she’d like it on a sandwich, and gave it a 7/10. As for me, it reminded me of an overly mushy peach that you think “man, I need to eat that before it goes bad” and then as soon as you start eating it, you realize it’s already kind of not good anymore. So it’s a 6/10 from me. Not horrible, but definitely my least favorite.

After totaling up the averages, the first two got an overall score of 7.6/10, while the last one got a 6.1/10.

I was curious about what other flavors this brand had of mustards, and after visiting their website, I discovered they have more than mustards! They have jams, salad dressings, dips, and more! If I could try any of their other mustards, I’d try the smokey bacon maple mustard, the champagne garlic honey mustard, and the creamy garlic mustard.

All in all, I’m glad I tried out this brand, it was a fun little taste test with my parents.

Which one sounds the best to you? Have you tried this brand’s products before? Let me know in the comments, and have a great day!


The Big Idea: Laura Kat Young [Whatever]

Laura Kat Young was determined to write a story that she wanted to read, even if at first it was difficult to find a place for it amongst the shelves. Read on to see how The Butcher came to be.


An Eye for an Eye

A horrible crime had just shocked the nation, and my friend and I sat in the square of an idyllic British town discussing what the courts were doing with the assailant. Like the many around us who held in their hands newspapers, phones, glossy magazines highlighting the case, we were hypnotized by the leniency shown towards the criminal. I asked my friend: what if it had been your loved one? What justice could be served to make it, well, even? My friend went down a rabbit hole. I followed, nodding yes, and at each and every turn. It was fun to think of ways to make the bad people pay–isn’t that what a hero does in the end, after all? Or is that an anti-hero? Perhaps my characters are a bit of both–I’ll let the reader be the judge. 

No Way Out

Toni Morrison, one of my favorite authors of all time, said, “If there’s a book that you want to read, but it hasn’t been written yet, then you must write it.” I want stories of terrible societies, speculative and dystopian worlds and inescapable situations. In The Giver, there was the next town. In Lord of the Flies, they were rescued before everyone killed each other. In The Handmaid’s Tale, Canada is their safe haven. But what if there wasn’t an out? What if there was nowhere to go? Or what if you did escape, but you had to go back?

On Women

It was also important to me to write a book in which there was a strong female lead whose storyline was not contingent upon seeking out a romantic relationship. Growing up I read books in which women had two choices: get married and have kids or die alone. I wanted to give my lead a story that I don’t frequently see on the page (still): that a woman’s livelihood is connected not to who desires her but what she desires for herself. All books should live up to the Bechdel test.

The Tenets

The idea of radical self-love and forgiveness is an important theme in my work. Sometimes people do terrible things, but what does it say about us if we cannot forgive them? And if a person should misstep, how can they work to forgive themselves? The systems in which we are trapped contribute to our own oppression. We should all work towards dismantling them, towards fighting those that seek to subjugate us. As a high school teacher, I focus heavily on said systems, exploring the dysconsciousness and subsequent perceptions and attitudes that bind us to the very thing we should be trying to escape. 

Finding a Home

The Butcher had a difficult time finding a home. Too gruesome, not gruesome enough; where would this title sit in a bookstore? I kept at it, though, and entered Twitter pitch contests and went to agent panels at conferences. I was chosen for #Pitchwars, a mentoring program that matches published authors, editors, or industry interns with an unpublished writer. I did a deep revision, landed an agent (after many, many queries), and on the eve of the pandemic, Friday, March 13, 2020, my novel went on submission. 

A Final Word

I think that if I can impart any wisdom, it’s that it’s never too late. I’m a forty-five year old woman who doesn’t hold an MFA. I have two lovely children and teach high school English full-time. It’s possible. But even if this book had never found a home, the fact is that I wrote one. Sometimes we can be the hero of our own story.

The Butcher: Amazon | Barnes & Noble | IndieBound | Powell’s

Visit the author’s site. Follow her on Twitter.

Girl Genius for Wednesday, September 28, 2022 [Girl Genius]

The Girl Genius comic for Wednesday, September 28, 2022 has been posted.

A Manchurian Candidate [George Monbiot]

Liz Truss has been trained and shaped by dark-money lobbyists.

By George Monbiot, published in the Guardian 23rd September 2022

Who chose Liz Truss? Conservative party members, of course. Who are they? Disproportionately rich, white, older men living in the south of England. But there are some members whose profile we have no means of knowing. They don’t live in the UK, have never been residents or citizens here and have no right to vote in our elections. Astonishingly, since 2018 these foreign members have been permitted to determine who the UK prime minister should be.

The Conservative party’s rules of association are an open invitation to anyone who wants to mess with our politics. There seems to be nothing to stop agents of another government from registering as members with Conservatives Abroad. Nor, it seems, is there anything to stop one person (or one botswarm) applying for multiple memberships. So much for the party of patriotism, sovereignty and national security.

This open invitation, to judge from the little information we can glean, has yet to be fully exploited. Perhaps foreign governments haven’t yet realised what a golden opportunity they’ve been given. Perhaps they simply can’t believe how irresponsible the Tories are.

But we don’t need to suggest a campaign by another state to see Truss as a kind of Manchurian Candidate, subverting what remains of our democracy on behalf of undemocratic interests. As a rule, the more loudly a politician proclaims their patriotism, the more likely they are to act on behalf of foreign money. Every recent Conservative prime minister has placed the interests of transnational capital above the interests of the nation. But, to a greater extent than any previous leader, Truss’s politics have been shaped by organisations that call themselves thinktanks, but would be better described as lobbyists who refuse to reveal who funds them. Now she has brought them into the heart of government.

Her senior special adviser, Ruth Porter, was communications director at the Institute of Economic Affairs (IEA), an extreme neoliberal lobby group. An investigation by the democracy campaign Transparify listed the IEA as “highly opaque” about its funding sources. We know from a combination of leaks and US filings that since 1963 it has been taking money from tobacco companies and since 1967 from the oil company BP, and has also received large disbursements from foundations funded by US billionaires, some of which have been among the major sponsors of climate science denial. When she worked at the IEA, Porter called for reducing housing benefit and child benefit, charging patients to use the NHS, cutting overseas aid and scrapping green funds.

She then became head of economic and social policy at Policy Exchange, which was also listed by Transparify as “highly opaque”. Policy Exchange is the group that (after Porter left) called for a new law against Extinction Rebellion, which became, in former home secretary Priti Patel’s hands, the Police, Crime, Sentencing and Courts Act. We later discovered it had received $30,000 from the US oil company Exxon.

Liz Truss, according to the head of the IEA, has spoken at more of its events than “any other politician over the past 12 years”. Two of Truss’s meetings with the organisation were deleted from the official record, then reinstated after the deletions caused a scandal.

More importantly, Truss was the ostensible founder, in 2011, of the free enterprise group of Conservative MPs. The group’s webpage was registered by Ruth Porter, who at the time worked for the IEA. The IEA organised events for the group and supplied it with media briefings. Twelve members of the current cabinet, including several of its most senior figures, belonged to the group. Today, if you try to open its webpage, you are redirected to the Free Market Forum, which calls itself “a project of the Institute of Economic Affairs”.

Truss’s chief economic adviser is Matthew Sinclair, formerly chief executive of a similar lobbying group, the Taxpayers’ Alliance. It is also funded obscurely by foreign donors. Sinclair wrote a book called Let Them Eat Carbon, arguing against action to prevent climate breakdown. It claimed that: “Equatorial regions might suffer, but it is entirely possible that this will be balanced out by areas like Greenland.” In other words, we can trade the lives of billions of people against the prospects of some of the least inhabited places on Earth. It’s among the most callous and ignorant statements I’ve ever seen.

Truss’s interim press secretary, Alex Wild, was research director at the same organisation. Her health adviser, Caroline Elsom, was senior researcher at the Centre for Policy Studies, which was listed by Transparify as – you guessed it – “highly opaque”. Her political secretary, Sophie Jarvis, was head of government affairs at the Adam Smith Institute (also “highly opaque”), and funded, among others, by tobacco companies and US foundations.

These groups represent the extreme fringe of neoliberalism. This maintains that human relationships are entirely transactional: we’re motivated above all by the pursuit of money, which shapes our behaviour. Yet, hilariously, when you challenge them about their funding, they deny that the money they receive influences the positions they take.

For decades, policy development on the right was shaped as follows. Oligarchs and corporations funded the thinktanks. The thinktanks proposed policies that, by sheer coincidence, suited the interests of oligarchs and corporations. The billionaire press – also owned by oligarchs – reported these policy proposals as brilliant insights by independent organisations. Conservative frontbenchers then cited the press coverage as evidence of public demand: the voice of the oligarchs was treated as the voice of the people.

In his autobiography Think Tank, Madsen Pirie, founder of the Adam Smith Institute, explained how it worked. Every Saturday, in a wine bar in Leicester Square, staff from the Adam Smith Institute and the Institute of Economic Affairs would sit down with Conservative researchers and leader writers and columnists from the Times and Telegraph to plan “strategy for the week ahead” and “co-ordinate our activities to make us more effective collectively”. The Daily Mail weighed in to help the lobbyists refine their arguments and ensure there was a supportive article on its leader page every time they published a report.

But now the thinktanks don’t need a roundabout route. They are no longer lobbying government. They are the government. Liz Truss is their candidate. To defend the interests of global capital, she will wage war against any common endeavour to improve our lives or protect the living planet. If Labour is looking for a three-word slogan with which to fight the next election, it could do worse than “Mend This Country”.

Cyberwhere [Penny Arcade]

Cyberpunk Edgerunners is incredibly good. This cartoon is how I wanted the game to feel, and sometimes the game does feel that way, but mostly what the show is going to do for you is establish how much more the game could have been.

Cyberwhere [Penny Arcade]

New Comic: Cyberwhere

Angles Mort [RevK®'s ramblings]

I saw this on a truck (non UK plates), and they do puzzle me a bit.

For a start, it is not clear - are the black bits the death angles - in which case why the big black areas in front left and right where there is clear diver visibility? Or is it the yellow bits with the warning triangles, in which case why the bits left and right which are also clear driver visibility. It makes no sense!

But the bigger issue is how we seem to find it quite acceptable to allow death machines to be driven on the public roads like this. I mean that is what it is saying - angles mort - death angles - places where you could die even though you might be a legitimate road user legitimately in such a place on the road.

Surely if there is a dangerous machine, a machine that can kill people, we need to make it safer, including mirrors or even cameras if necessary, and driver training, to ensure there are no "death angles".

To be honest this seems a lot like victim blaming.


FeedRSSLast fetchedNext fetched after
XML 09:56, Friday, 30 September 10:41, Friday, 30 September
@ASmartBear XML 09:42, Friday, 30 September 10:23, Friday, 30 September
a bag of four grapes XML 09:21, Friday, 30 September 10:03, Friday, 30 September
Ansible XML 09:42, Friday, 30 September 10:22, Friday, 30 September
Bad Science XML 09:42, Friday, 30 September 10:31, Friday, 30 September
Black Doggerel XML 09:42, Friday, 30 September 10:23, Friday, 30 September
Blog – Official site of Stephen Fry XML 09:42, Friday, 30 September 10:31, Friday, 30 September
Charlie Brooker | The Guardian XML 09:21, Friday, 30 September 10:03, Friday, 30 September
Charlie's Diary XML 09:35, Friday, 30 September 10:23, Friday, 30 September
Chasing the Sunset - Comics Only XML 09:42, Friday, 30 September 10:31, Friday, 30 September
Coding Horror XML 09:35, Friday, 30 September 10:22, Friday, 30 September
Cory Doctorow – Boing Boing XML 09:42, Friday, 30 September 10:23, Friday, 30 September
Cory Doctorow's XML 09:21, Friday, 30 September 10:03, Friday, 30 September
Ctrl+Alt+Del Comic XML 09:35, Friday, 30 September 10:23, Friday, 30 September
Cyberunions XML 09:42, Friday, 30 September 10:31, Friday, 30 September
David Mitchell | The Guardian XML 09:56, Friday, 30 September 10:39, Friday, 30 September
Deeplinks XML 09:56, Friday, 30 September 10:40, Friday, 30 September
Diesel Sweeties webcomic by rstevens XML 09:56, Friday, 30 September 10:39, Friday, 30 September
Dilbert XML 09:42, Friday, 30 September 10:31, Friday, 30 September
Dork Tower XML 09:21, Friday, 30 September 10:03, Friday, 30 September
Economics from the Top Down XML 09:56, Friday, 30 September 10:39, Friday, 30 September
Edmund Finney's Quest to Find the Meaning of Life XML 09:56, Friday, 30 September 10:39, Friday, 30 September
EFF Action Center XML 09:56, Friday, 30 September 10:39, Friday, 30 September
Enspiral Tales - Medium XML 09:56, Friday, 30 September 10:41, Friday, 30 September
Events XML 09:35, Friday, 30 September 10:23, Friday, 30 September
Falkvinge on Liberty XML 09:35, Friday, 30 September 10:23, Friday, 30 September
Flipside XML 09:21, Friday, 30 September 10:03, Friday, 30 September
Flipside XML 09:56, Friday, 30 September 10:41, Friday, 30 September
Free software jobs XML 09:42, Friday, 30 September 10:22, Friday, 30 September
Full Frontal Nerdity by Aaron Williams XML 09:35, Friday, 30 September 10:23, Friday, 30 September
General Protection Fault: The Comic Strip XML 09:35, Friday, 30 September 10:23, Friday, 30 September
George Monbiot XML 09:56, Friday, 30 September 10:39, Friday, 30 September
Girl Genius XML 09:56, Friday, 30 September 10:39, Friday, 30 September
Graeme Smith XML 09:56, Friday, 30 September 10:40, Friday, 30 September
Groklaw XML 09:35, Friday, 30 September 10:23, Friday, 30 September
Grrl Power XML 09:21, Friday, 30 September 10:03, Friday, 30 September
Hackney Anarchist Group XML 09:42, Friday, 30 September 10:31, Friday, 30 September
Hackney Solidarity Network XML 09:56, Friday, 30 September 10:41, Friday, 30 September XML 09:56, Friday, 30 September 10:40, Friday, 30 September XML 09:56, Friday, 30 September 10:41, Friday, 30 September XML 09:42, Friday, 30 September 10:22, Friday, 30 September XML 09:56, Friday, 30 September 10:41, Friday, 30 September XML 09:28, Friday, 30 September 10:14, Friday, 30 September XML 09:28, Friday, 30 September 10:14, Friday, 30 September XML 09:42, Friday, 30 September 10:23, Friday, 30 September XML 09:56, Friday, 30 September 10:39, Friday, 30 September XML 09:35, Friday, 30 September 10:22, Friday, 30 September;_render=rss XML 09:28, Friday, 30 September 10:14, Friday, 30 September XML 09:35, Friday, 30 September 10:22, Friday, 30 September XML 09:56, Friday, 30 September 10:40, Friday, 30 September XML 09:35, Friday, 30 September 10:22, Friday, 30 September XML 09:56, Friday, 30 September 10:41, Friday, 30 September XML 09:35, Friday, 30 September 10:23, Friday, 30 September XML 09:42, Friday, 30 September 10:31, Friday, 30 September XML 09:56, Friday, 30 September 10:40, Friday, 30 September XML 09:21, Friday, 30 September 10:03, Friday, 30 September XML 09:56, Friday, 30 September 10:40, Friday, 30 September XML 09:42, Friday, 30 September 10:31, Friday, 30 September XML 09:56, Friday, 30 September 10:40, Friday, 30 September XML 09:35, Friday, 30 September 10:23, Friday, 30 September XML 09:42, Friday, 30 September 10:23, Friday, 30 September XML 09:42, Friday, 30 September 10:22, Friday, 30 September XML 09:28, Friday, 30 September 10:14, Friday, 30 September
https://broodhollow.krisstraub.comfeed/ XML 09:42, Friday, 30 September 10:23, Friday, 30 September XML 09:42, Friday, 30 September 10:23, Friday, 30 September XML 09:21, Friday, 30 September 10:03, Friday, 30 September XML 09:56, Friday, 30 September 10:39, Friday, 30 September XML 09:42, Friday, 30 September 10:23, Friday, 30 September XML 09:42, Friday, 30 September 10:31, Friday, 30 September XML 09:35, Friday, 30 September 10:22, Friday, 30 September XML 09:35, Friday, 30 September 10:22, Friday, 30 September XML 09:56, Friday, 30 September 10:40, Friday, 30 September XML 09:42, Friday, 30 September 10:22, Friday, 30 September XML 09:42, Friday, 30 September 10:22, Friday, 30 September XML 09:28, Friday, 30 September 10:14, Friday, 30 September XML 09:28, Friday, 30 September 10:14, Friday, 30 September XML 09:56, Friday, 30 September 10:39, Friday, 30 September XML 09:42, Friday, 30 September 10:22, Friday, 30 September XML 09:56, Friday, 30 September 10:39, Friday, 30 September XML 09:28, Friday, 30 September 10:14, Friday, 30 September XML 09:35, Friday, 30 September 10:22, Friday, 30 September XML 09:35, Friday, 30 September 10:23, Friday, 30 September XML 09:42, Friday, 30 September 10:22, Friday, 30 September XML 09:42, Friday, 30 September 10:23, Friday, 30 September XML 09:35, Friday, 30 September 10:22, Friday, 30 September^876&maxPrice=240000&minBedrooms=2&displayPropertyType=houses&oldDisplayPropertyType=houses&primaryDisplayPropertyType=houses&oldPrimaryDisplayPropertyType=houses&numberOfPropertiesPerPage=24 XML 09:56, Friday, 30 September 10:39, Friday, 30 September
Humble Bundle Blog XML 09:35, Friday, 30 September 10:22, Friday, 30 September
I, Cringely XML 09:35, Friday, 30 September 10:23, Friday, 30 September
Irregular Webcomic! XML 09:42, Friday, 30 September 10:23, Friday, 30 September
Joel on Software XML 09:28, Friday, 30 September 10:14, Friday, 30 September
Judith Proctor's Journal XML 09:42, Friday, 30 September 10:22, Friday, 30 September
Krebs on Security XML 09:42, Friday, 30 September 10:23, Friday, 30 September
Lambda the Ultimate - Programming Languages Weblog XML 09:42, Friday, 30 September 10:22, Friday, 30 September
Looking For Group XML 09:56, Friday, 30 September 10:40, Friday, 30 September XML 09:42, Friday, 30 September 10:23, Friday, 30 September
Mimi and Eunice XML 09:56, Friday, 30 September 10:41, Friday, 30 September
Neil Gaiman's Journal XML 09:42, Friday, 30 September 10:22, Friday, 30 September
Nina Paley XML 09:35, Friday, 30 September 10:22, Friday, 30 September
O Abnormal – Scifi/Fantasy Artist XML 09:56, Friday, 30 September 10:41, Friday, 30 September
Oglaf! -- Comics. Often dirty. XML 09:35, Friday, 30 September 10:23, Friday, 30 September
Oh Joy Sex Toy XML 09:56, Friday, 30 September 10:40, Friday, 30 September
Order of the Stick XML 09:56, Friday, 30 September 10:40, Friday, 30 September
Original Fiction – XML 09:21, Friday, 30 September 10:03, Friday, 30 September
OSnews XML 09:56, Friday, 30 September 10:41, Friday, 30 September
Paul Graham: Unofficial RSS Feed XML 09:56, Friday, 30 September 10:41, Friday, 30 September
Penny Arcade XML 09:21, Friday, 30 September 10:03, Friday, 30 September
Penny Red XML 09:56, Friday, 30 September 10:41, Friday, 30 September
PHD Comics XML 09:42, Friday, 30 September 10:31, Friday, 30 September
Phil's blog XML 09:35, Friday, 30 September 10:23, Friday, 30 September
Planet Debian XML 09:56, Friday, 30 September 10:41, Friday, 30 September
Planet GNU XML 09:42, Friday, 30 September 10:23, Friday, 30 September
Planet Lisp XML 09:42, Friday, 30 September 10:31, Friday, 30 September
Pluralistic: Daily links from Cory Doctorow XML 09:42, Friday, 30 September 10:22, Friday, 30 September
PS238 by Aaron Williams XML 09:35, Friday, 30 September 10:23, Friday, 30 September
QC RSS XML 09:35, Friday, 30 September 10:22, Friday, 30 September
Radar XML 09:21, Friday, 30 September 10:03, Friday, 30 September
RevK®'s ramblings XML 09:28, Friday, 30 September 10:14, Friday, 30 September
Richard Stallman's Political Notes XML 09:42, Friday, 30 September 10:31, Friday, 30 September
Scenes From A Multiverse XML 09:35, Friday, 30 September 10:22, Friday, 30 September
Schneier on Security XML 09:42, Friday, 30 September 10:22, Friday, 30 September
SCHNEWS.ORG.UK XML 09:56, Friday, 30 September 10:40, Friday, 30 September
Scripting News XML 09:21, Friday, 30 September 10:03, Friday, 30 September
Seth's Blog XML 09:28, Friday, 30 September 10:14, Friday, 30 September
Skin Horse XML 09:21, Friday, 30 September 10:03, Friday, 30 September
Spinnerette XML 09:56, Friday, 30 September 10:40, Friday, 30 September
Tales From the Riverbank XML 09:42, Friday, 30 September 10:31, Friday, 30 September
The Adventures of Dr. McNinja XML 09:56, Friday, 30 September 10:41, Friday, 30 September
The Bumpycat sat on the mat XML 09:42, Friday, 30 September 10:22, Friday, 30 September
The Daily WTF XML 09:28, Friday, 30 September 10:14, Friday, 30 September
The Monochrome Mob XML 09:42, Friday, 30 September 10:23, Friday, 30 September
The Non-Adventures of Wonderella XML 09:56, Friday, 30 September 10:39, Friday, 30 September
The Old New Thing XML 09:56, Friday, 30 September 10:40, Friday, 30 September
The Open Source Grid Engine Blog XML 09:35, Friday, 30 September 10:22, Friday, 30 September
towerhamletsalarm XML 09:28, Friday, 30 September 10:14, Friday, 30 September
Twokinds XML 09:21, Friday, 30 September 10:03, Friday, 30 September
UK Indymedia Features XML 09:21, Friday, 30 September 10:03, Friday, 30 September
Uploads from ne11y XML 09:28, Friday, 30 September 10:14, Friday, 30 September
Uploads from piasladic XML 09:56, Friday, 30 September 10:39, Friday, 30 September
Use Sword on Monster XML 09:35, Friday, 30 September 10:22, Friday, 30 September
Wayward Sons: Legends - Sci-Fi Full Page Webcomic - Updates Daily XML 09:28, Friday, 30 September 10:14, Friday, 30 September
what if? XML 09:42, Friday, 30 September 10:23, Friday, 30 September
Whatever XML 09:42, Friday, 30 September 10:31, Friday, 30 September
Whitechapel Anarchist Group XML 09:42, Friday, 30 September 10:31, Friday, 30 September
WIL WHEATON dot NET XML 09:56, Friday, 30 September 10:40, Friday, 30 September
wish XML 09:56, Friday, 30 September 10:41, Friday, 30 September XML 09:56, Friday, 30 September 10:39, Friday, 30 September