Wednesday, 05 May

21:21

Antoine Beaupré: Building a status page service with Hugo [Planet Debian]

The Tor Project now has a status page which shows the state of our major services.

You can check status.torprojet.org for news about major outages in Tor services, including v3 and v2 onion services, directory authorities, our website (torproject.org), and the check.torproject.org tool. The status page also displays outages related to Tor internal services, like our GitLab instance.

This post documents why we launched status.torproject.org, how the service was built, and how it works.

Why a status page

The first step in setting up a service page was to realize we needed one in the first place. I surveyed internal users at the end of 2020 to see what could be improved, and one of the suggestions that came up was to "document downtimes of one hour or longer" and generally improve communications around monitoring. The latter is still on the sysadmin roadmap, but a status page seemed like a good solution for the former.

We already have two monitoring tools in the sysadmin team: Icinga (a fork of Nagios) and Prometheus, with Grafana dashboards. But those are hard to understand for users. Worse, they also tend to generate false positives, and don't clearly show users which issues are critical.

In the end, a manually curated dashboard provides important usability benefits over an automated system, and all major organisations have one.

Picking the right tool

It wasn't my first foray in status page design. In another life, I had setup a status page using a tool called Cachet. That was already a great improvement over the previous solutions, which were to use first a wiki and then a blog to post updates. But Cachet is a complex Laravel app, which also requires a web browser to update. It generally requires more maintenance than what we'd like, needing silly things like a SQL database and PHP web server.

So when I found cstate, I was pretty excited. It's basically a theme for the Hugo static site generator, which means that it's a set of HTML, CSS, and a sprinkle of Javascript. And being based on Hugo means that the site is generated from a set of Markdown files and the result is just plain HTML that can be hosted on any web server on the planet.

Deployment

At first, I wanted to deploy the site through GitLab CI, but at that time we didn't have GitLab pages set up. Even though we do have GitLab pages set up now, it's not (yet) integrated with our mirroring infrastructure. So, for now, the source is hosted and built in our legacy git and Jenkins services.

It is nice to have the content hosted in a git repository: sysadmins can just edit Markdown in the git repository and push to deploy changes, no web browser required. And it's trivial to setup a local environment to preview changes:

hugo serve --baseUrl=http://localhost/
firefox https://localhost:1313/

Only the sysadmin team and gitolite administrators have access to the repository, at this stage, but that could be improved if necessary. Merge requests can also be issued on the GitLab repository and then pushed by authorized personnel later on, naturally.

Availability

One of the concerns I have is that the site is hosted inside our normal mirror infrastructure. Naturally, if an outage occurs there, the site goes down. But I figured it's a bridge we'll cross when we get there. Because it's so easy to build the site from scratch, it's actually trivial to host a copy of the site on any GitLab server, thanks to the .gitlab-ci.yml file shipped (but not currently used) in the repository. If push comes to shove, we can just publish the site elsewhere and point DNS there.

And, of course, if DNS fails us, then we're in trouble, but that's the situation anyway: we can always register a new domain name for the status page when we need to. It doesn't seem like a priority at the moment.

Comments and feedback are welcome!


This article was first published on the Tor Project Blog.

19:42

Link [Scripting News]

34-minute podcast that's all over the map. But it's been a while, so there's lots to catch up on, esp with Scroll, and Repubs trying to overthrow the US government, how when you "invent" something, you have nothing but an intuition that what you're doing might be useful, certainly no clue how it will ultimately be used, the 50 best songs of 1971, and lots lots more.

News Post: Mount Sprue [Penny Arcade]

Tycho: Once he told me that he'd done actual online research into the nuance and mores of Gunpla - specifically around what gesticulations were required for entry into the sacred realm - I knew that's what the strip was about. He doesn't have a lot of use for things like this generally. But when he takes up a hobby, and the hobbies he's taken to over The Longest Year are indistinguishable from kink, he is almost hyper-aware of the whorls and hidden chambers that stymie and defy the acolyte. iRacing and Gunpla - both of which have been rigorously catalogued on Twitch - are hobbies…

18:56

An update on Bundle sliders [Humble Bundle Blog]

We recently announced our initial plan for redesigned bundle pages which would no longer include sliders that let customers fully

Continue reading

The post An update on Bundle sliders appeared first on Humble Bundle Blog.

18:49

The TAB report on the UMN affair [LWN.net]

The Linux Foundation Technical Advisory Board has issued its report on the submission of (intentionally and unintentionally) buggy patches from the University of Minnesota.

This report summarizes the events that led to this point, reviews the "Hypocrite Commits" paper that had been submitted for publication, and reviews all known prior kernel commits from UMN paper authors that had been accepted into our source repository. It concludes with a few suggestions about how the community, with UMN included, can move forward.

The recommendations include establishing an internal review process for patches submitted by the community and the creation (by the TAB in cooperation with researchers) of a "best practices" document for researchers working with the kernel community.

(LWN editor Jonathan Corbet played a small part in the writing of this report).

Climate targets [Richard Stallman's Political Notes]

*Rich nations' climate targets will mean global heating of 2.4C — study.*

That's if there are no unexpected positive feedback loops.

1619 Project [Richard Stallman's Political Notes]

I've discovered that it is possible to view the 1619 Project using IceCat by clicking on the "Reveal Hidden HTML" button that appears at the bottom right corner of the window.

In other graphical web browsers, open the "web developer tools," usually by pressing the F12 key, then switch to the console and run:

(() => {
  Array.from (document.styleSheets).forEach (e => { e.disabled = true; })
  document.querySelectorAll ("*").forEach (e => e.removeAttribute ("style"))
})()

You should paste and run that as a single block. It reveals the contents of the 1619 Project page.

The New York Times ought to use Javascript to make the contents initially invisible — that way, when Javascript is not running, the contents will be visible.

If you know a way to pass that message to the Times, please do so. They might fix this, since it won't be a big change.

Selling fighter-bombers [Richard Stallman's Political Notes]

France has decided to sell Egypt more fighter-bombers. There are points in that message that seem like bullshit, but I don't understand what's really behind them.

I don't see that human rights are a direct concern regarding fighter jets. The Egyptian military regime is highly repressive, but I don't think fighter jets are very apt, or necessary, for attacking protesters, journalists or bloggers.

I also don't see how terrorism relates to sale of fighter jets. Egypt does have a problem with domestic terrorists, but I don't see how fighter jets are very useful against them.

Pesticides [Richard Stallman's Political Notes]

Pesticides are harming the animals that turn dirt into soil, including earthworms and insects.

This is very dangerous.

Racial slurs [Richard Stallman's Political Notes]

A professor of linguistics explains how (and perhaps why) the US has converted racial slurs into taboos that can't be mentioned, not even to discuss them.

I agree that overt racist attitudes should be "ridiculed and socially punished in general society"; it is wrong to make racial slurs against anyone.

However, that is no reason to put taboos on them. I am opposed to putting taboos on any words, for any reason, because they gratuitously tie society in knots. When the taboo is on a racial slur, it prevents discussion of racism, and famous anti-racist statements cannot be quoted.

The same hypersensitivity does its harmful work when students seeing a picture of George Washington with slaves are "triggered," and lose the ability to think and speak about the significance of the fact that Washington owned slaves.

Progressive democrats gaining power [Richard Stallman's Political Notes]

How progressive Democrats gained power in the New Mexico state legislature, replacing some plutocratist Democrats.

They had to fight against identity politics. If you choose which candidate to support based on matters of identity, you are asking to be manipulated.

Oil windfall [Richard Stallman's Political Notes]

A big oil discovery in Namibia offers windfall profits to some of the inhabitants, until global heating destroys their country.

So the people of Namibia have a right to a better life — for a couple of decades — thanks to a little trickle-down from the profits of exploiting a giant oilfield and perhaps destroying civilization?

Of course not! Nobody does! There is no room in the world's carbon budget for any new fossil fuel development, whether it is in California, Namibia, the Mediterranean Sea, or anywhere else.

President Correa of Ecuador asked the wealthy countries to pay Ecuador not to exploit a new oil field. No one took up that deal, but the basic is still a good one. Let's give the people of Namibia a better life in exchange for an agreement to keep that oil forever in the ground.

Of course, we need to structure the deal so that corrupt oligarchs don't swipe the money and put it into secret offshore investments.

Traffic enforcement [Richard Stallman's Political Notes]

* Removing armed [thugs] from traffic enforcement and turning it over to civilians should be a major goal of the racial justice movement.*

Thugs use minor traffic violations — or possible appearance of one — as pretexts to stop blacks and search their cars. Civilian traffic code enforcers would put an end to this practice.

I contend that the practice violates the fourth amendment regardless of whether racial profiling is used, because an unaggravated moving violation, by itself, is no excuse to search a car.

Data merging [Richard Stallman's Political Notes]

There is a campaign to stop Facebook from merging two collections of data about useds: the data about the useds of Facebook itself, and the data about the useds of WhatsApp.

Of course, if Facebook eliminates an internal policy barrier that limits its use of the massive data it collects from its useds, that will make its power to abuse people a little greater. It would be better to prevent that.

But I cannot support this campaign, because doing so would legitimize the injustice those dis-services already do.

Facebook in its current form should not be allowed to exist at all, because much of the data collection it does should be illegal.

Don't be a zucker! Stop letting Facebook and WhatsApp use you!

NAFTA glyphosate [Richard Stallman's Political Notes]

The US is using NAFTA to try to stop Mexico from banning glyphosate.

NAFTA is a business-supremacy treaty, and it used to contain an ISDS clause (I Sue Democratic States) which authorized businesses to sue a country for adopting a law or policy that interferes with their plans.

The bully revised NAFTA, eliminating the power, but another member country can still do so, and that is what the US is threatening to do.

18:07

Pluralistic: 05 May 2021 [Pluralistic: Daily links from Cory Doctorow]


Today's links



The cover of McJob zine #2, edited by Julee Peezlee, 1993/4.

Stimmies killed the McJob (permalink)

A recurring viral genre during the lockdown is photos of signs on the front doors of low-waged establishments (especially fast food restaurants) asking customers to have patience with long wait-times brought on by staffing shortages "because no one wants to work."

These signs go on to claim that "overgenerous" unemployment benefits in the Biden stimulus have encouraged work-shyness among the lazy slobs of the working class. It's a complaint that's been picked up and amplified by the US Chamber of Commerce.

https://www.uschamber.com/series/above-the-fold/what-the-business-community-wants-needs-and-deserves-hear-president-biden

They're not entirely wrong.

After all, the subtext of these signs is, "Our pay is so low, and our working conditions are so awful, that only the truly desperate would do this job. In forestalling that desperation, the federal government has deprived us of our workforce."

40 years of wage stagnation and the Clinton-and-onwards destruction of the social safety net has left workers so desperate they continue to do their jobs, even as their employers stole billions from them, with virtually no penalties for wage-theft:

https://apnews.com/article/how-companies-rip-off-poor-employees-6c5364b4f9c69d9bc1b0093519935a5a

The lack of any meaningful prosecutions for wage-theft created the environment in which a restaurateur tortured a developmentally disabled man in order to keep him working 100 hours/week for a decade without any pay at all:

https://www.cnn.com/2021/05/03/us/south-carolina-man-forced-work-restitution-doubled-trnd/index.html

It won't surprise you to learn that the overwhelming majority of the victims of wage theft and other employer abuses (up to and including forced labor – that is, modern slavery) are Black and brown.

The complaint that people receiving the anemic stimulus – less than a $15 minimum wage – find them preferable to working for employers whose companies received publicly funded bailouts and mass infusions from the private equity sector leaves out the obvious, important point.

Namely, if no one wants to work for you at the wage you're offering, maybe try increasing the offer? The fast-food sector already had the highest turnover of any US industry before the pandemic – maybe that's a hint about the quality of the jobs?

https://prospect.org/labor/is-unemployment-insurance-behind-fast-food-labor-shortage/

States where the tipped minimum wage is still legal have restaurants that pay their workforce $2.13/hour. Fast-food workers who receive no tips – who are forced to wear pocketless uniforms to prevent them from collecting tips from customers who offer – can be paid this wage.

If a company can't afford to pay its workers enough to survive – to feed, clothe and shelter themselves – then it's not a business, it's a publicly subsized, badly run jobs program operated by a fast operator who enriches themselves at public expense.

The stimulus – and a minimum wage, and a federal jobs guarantee through the GND – will 100% cause these "businesses" to cease operation.

As the noted socialist Warren Buffett is fond of saying, "Only when the tide goes out do you discover who's been swimming naked."

(Image: The cover of McJob zine #2, edited by Julee Peezlee, 1993/4.)



A Star Wars-esque 'hyperspace' effect with an mNRA molecule at its center.

MRNA vaccines and Clarke's Law (permalink)

Pluralistic is my mutli-channel publishing effort – a project to push the limits of POSSE (post own site, share everywhere) that allows me to maintain control over my work while still meeting my audience where they are, on platforms whose scale makes them hard to rely on.

Every day, I write 1-5 essays and syndicate them over Twitter, Tumblr, Mastodon and email, with the canonical link at pluralistic.net, a CC-BY licensed WordPress site with no tracking, data-collection or ads.

Now, I've added another channel: Medium, where I'm part of a group of paid writers who contribute a mix of original material that's exclusive to the platform and syndicated material from elsewhere.

https://doctorow.medium.com

I was delighted and honored to be invited to the program by editorial director Jon Gluck and I'm happy to be working with Megan Morrone – whom I've known since her Twit days – as my editor. I've been syndicating my Pluralistic posts there and it's been going great.

Yesterday, I published my first Medium-original post: "Manufacturing mRNA vaccines is surprisingly straightforward (despite what Bill Gates thinks)," which discusses vaccine apartheid and the covid vaccine patent exemption petition at the WTO.

https://doctorow.medium.com/manufacturing-mrna-vaccines-is-surprisingly-straightforward-despite-what-bill-gates-thinks-222cffb686ee

The post breaks down an amazing scholarly article on mRNA vaccine manufacture, “Rapid development and deployment of high‐volume vaccines for pandemic response” (DOI: 10.1002.amp2.10060), from the Journal of Advanced Manufacturing and Processing.

https://aiche.onlinelibrary.wiley.com/doi/full/10.1002/amp2.10060

The authors – a mix of public health, chemical engineering and vaccine specialists from Imperial College and the International AIDS Vaccine Initiative – describe the results of their modeling of new mRNA vaccine factories, based on the experience of ramping up covid vaccine facilities.

They base their findings – contrasting mRNA vaccine production with conventional vaccine production – on an open-access Superpro Designer model (available at Github).

These.

Findings.

Are.

Amazing.

https://github.com/ZKis-ZK/RNA-vaccine-drug-substance-production-techno-economic-modelling

Seriously. Like Clarke's Third Law/indistinguishable from magic Amazing. How amazing? Well. compared to conventional vaccine production, mRNA factories are:

  • 99 – 99.9% smaller
  • 95 – 99.7% cheaper

  • 1,000% faster

If you convert a single closet in a conventional factory to mRNA production, it will make more doses than the rest of the factory combined. Only part of the factory needs to be a high-spec cleanroom facility, and the rest can be cheaper and more easily maintained.

Spend $20m to build one of these microfactories, install a 5l bioreactor, and, for $100m/year, it will produce one billion vaccine doses.

As I wrote in my Medium piece:

JESUS FUCKING HOLY GODDAMNED SHITBALLS

These aren't performance gains in GPUs or SSDs. These are gains in nanoscale chemistry producing precision medicine for human consumption!

Now, that said, there are some caveats. You still have to figure out testing, materials and distribution (of course).

But even there, it's easy to see how these vast reductions in cost, scaling and logistics will help – from producing medicines for trials more quickly to reducing cold-chain logistics by making vaccines closer to the people who will receive them.

Every pandemic ends with a lot of serious chin-stroking and demands to "learn some lessons" and "prepare for the next one," but this never seems to happen.

https://www.wired.com/story/its-already-time-to-stop-the-next-pandemic-can-a-prize-help/

As the JAMP authors say, the next pandemic – or even epidemic – will require a very fast rampup of vaccine production, as will any vaccine breakthroughs for treating current endemic viruses.

The production modeling they do here suggests that we actually can prepare for The Next One.

And as I say in my Medium piece, this is also how we can end the current vaccine apartheid and avert the next one.

(Image: Cnbrb, CC BY-SA; Quapan, CC BY, modified)



This day in history (permalink)

#10yrsago Shannon’s Law: a story about bridging Faerie and the mundane world with TCP-over-magic https://www.tor.com/2011/05/05/shannons-law/

#10yrsago Neil Gaiman responds to Minnesota Republican House Leader who called him a “pencil-necked geek” and a “thief” https://journal.neilgaiman.com/2011/05/opinions-of-pencil-necked-weasel-thief.html

#5yrsago MEP tours the farcical viewing conditions for the TTIP text https://twitter.com/lukeming/status/727822421219151872

#5yrsago Amid education funding emergency, Washington State gives Boeing, Microsoft $1B in tax breaks https://jeffreifman.com/2016/05/05/forget-boeing-microsofts-tax-break-costs-776-million/

#1yrago A federal jobs guarantee https://pluralistic.net/2020/05/05/the-hard-stuff/#jobs-guarantee

#1yrago What "writing rules" actually mean https://pluralistic.net/2020/05/05/the-hard-stuff/#said-bookism

#1yrago Teen Vogue on socialist feminism https://pluralistic.net/2020/05/05/the-hard-stuff/#wages-for-housework



Colophon (permalink)

Today's top sources: Naked Capitalism (https://nakedcapitalism.com/).

Currently writing:

  • A Little Brother short story about pipeline protests. RESEARCH PHASE
  • A short story about consumer data co-ops. PLANNING

  • A Little Brother short story about remote invigilation. PLANNING

  • A nonfiction book about excessive buyer-power in the arts, co-written with Rebecca Giblin, "The Shakedown." FINAL EDITS

  • A post-GND utopian novel, "The Lost Cause." FINISHED

  • A cyberpunk noir thriller novel, "Red Team Blues." FINISHED

Currently reading: Analogia by George Dyson.

Latest podcast: How To Destroy Surveillance Capitalism (Part 05) https://craphound.com/nonficbooks/destroy/2021/05/02/how-to-destroy-surveillance-capitalism-part-05/
Upcoming appearances:

Recent appearances:

Latest book:

Upcoming books:

  • The Shakedown, with Rebecca Giblin, nonfiction/business/politics, Beacon Press 2022

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.


How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/web/accounts/303320

Medium (no ads, paywalled):

https://doctorow.medium.com/

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

17:28

17:21

New Spectre-Like Attacks [Schneier on Security]

There’s new research that demonstrates security vulnerabilities in all of the AMD and Intel chips with micro-op caches, including the ones that were specifically engineered to be resistant to the Spectre/Meltdown attacks of three years ago.

Details:

The new line of attacks exploits the micro-op cache: an on-chip structure that speeds up computing by storing simple commands and allowing the processor to fetch them quickly and early in the speculative execution process, as the team explains in a writeup from the University of Virginia. Even though the processor quickly realizes its mistake and does a U-turn to go down the right path, attackers can get at the private data while the processor is still heading in the wrong direction.

It seems really difficult to exploit these vulnerabilities. We’ll need some more analysis before we understand what we have to patch and how.

More news.

17:07

NAFTA glyphosate [Richard Stallman's Political Notes]

The US is using NAFTA to try to stop Mexico from banning glyphosate.

NAFTA is a business-supremacy treaty, and it used to contain an ISDS clause (I Sue Democratic States) which authorized businesses to sue a country for adopting a law or policy that interferes with their plans.

The bully revised NAFTA, eliminating the power, but another member country can still do so, and that is what the US is threatening to do.

Biden's surveillance state [Richard Stallman's Political Notes]

* The Biden administration is reportedly considering teaming up with private companies to monitor American citizens' private online activity and digital communications.*

What creates the opportunity to try this the fact that these companies are already snooping on users' private activities. That in turn is due to people's use of nonfree software which snoops, and online dis-services which snoop.

So-called Israeli dates [Richard Stallman's Political Notes]

"Israeli" dates are mainly grown in Palestinian territory, and those grown in Israel proper depend on underpaid Palestinian workers.

Will Biden crack down? [Richard Stallman's Political Notes]

Several plutocratist presidents have found ways to let businesses off the hook for their crimes. Will Biden change directions?

US Covid Vaccine patent [Richard Stallman's Political Notes]

(satire) *U.S. Vows To Invade Next Country That Asks For Covid Vaccine [patent licenses or trade secrets]*

Even when you're joking, please don't lump together trade secrets and patents as if they were similar!

New Zealand's China Policy [Richard Stallman's Political Notes]

New Zealand is proud of taking an "independent" foreign policy towards China: independent of the west, but going along with China in practical terms.

16:42

Link [Scripting News]

Why Facebook must continue to ban Trump. Mitigating damage. If there were a sniper shooting up Times Square, it would be wrong for a bullet-supplier deliver more ammo to him. You might argue bullets are too dangerous to sell to anyone, but with Trump there's no excuse.

Link [Scripting News]

Having written so much about paywalls and subscriptions, it was a big deal for me that yesterday Twitter announced that they had acquired Scroll, a company that was founded to fix those problems, if only enough news publishers agreed. That's the chicken that's waiting for the egg, etc. It's possible that Twitter can make the difference, the same way the NYT made the difference for RSS in 2002. That's what gives life to a standard. An entity so central to an economy, like NYT was to news in 2002, getting behind an independently developed format or protocol. With RSS it was an instant hit. It would be better imho if the NYT had bought Scroll and put its subscription function behind it. Would have also made sense for the Washington Post to do it, esp with Bezos as the owner. No question Amazon would know how to monetize this so as to eliminate the stifling ideas of paywalls and subscriptions. But Twitter is what we got. There was a post from them yesterday that spelled out the vision. I wish them, and us, lots of luck, because the current economic system for news is untenable. Maybe Twitter can make the difference.

16:35

Security updates for Wednesday [LWN.net]

Security updates have been issued by Debian (cgal, exim4, and mediawiki), Fedora (axel, libmicrohttpd, libtpms, perl-Image-ExifTool, pngcheck, python-yara, and yara), Gentoo (exim), Mageia (kernel-linus), openSUSE (bind and postsrsd), SUSE (avahi, openexr, p7zip, python-Pygments, python36, samba, sca-patterns-sle11, and webkit2gtk3), and Ubuntu (nvidia-graphics-drivers-390, nvidia-graphics-drivers-418-server, nvidia-graphics-drivers-450, nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-460, nvidia-graphics-drivers-460-server).

16:14

US Covid Vaccine patent [Richard Stallman's Political Notes]

(satire) *U.S. Vows To Invade Next Country That Asks For Covid Vaccine [patent licenses or trade secrets]*

Even when you're joking, please don't lump together trade secrets and patents as if they were similar!

New Zealand's China Policy [Richard Stallman's Political Notes]

New Zealand is proud of taking an "independent" foreign policy towards China: independent of the west, but going along with China in practical terms.

Concerns about the surveillance state [Richard Stallman's Political Notes]

* We are told by some opponents of the far-right that supporters of equality and civil liberties should not be worried about expansions of U.S. surveillance and counterterrorism capabilities. They are wrong.*

Columbian tax plan responses [Richard Stallman's Political Notes]

Colombia's president pulled back the regressive tax plan in response to big protests around the country. However, thugs attacked the protesters.

Tories law proposal [Richard Stallman's Political Notes]

The Tories are proposing a law to make it so hard to sue the UK government (claiming its policies are illegal) that the government could get away with anything.

16:00

Link [Scripting News]

Twitter list with the fan feeds Art Show is following.

Link [Scripting News]

Edward Hopper, Cape Cod Morning.

15:14

Link [Scripting News]

The fan art feeds from Twitter are now available as a web app, at artshow.scripting.com. I think that's about all the work I'm going to do on this project for now. The GitHub repo will update periodically with more images. I've shared the source for the Node app that gathers the images and data about the images, and the web app that displays the art in a web browser. There's a public JSON file, part of the repo, that is a list of all the images, so you can create your own apps if you like. There is a howto doc. Thanks to the fans who curate these wonderful art feeds. I love it, and am glad to be able to do a small part to make the art more useful. If you have questions or comments, please open an issue on the repo.

Link [Scripting News]

Congress should follow Facebook's lead and expel members who supported the January 6 insurrection.

15:07

Why is coroutine_handle::resume() potentially-throwing? [The Old New Thing]

In our explorations of making co_awaitable objects, we had largely been ignoring the possibility of the coroutine handle throwing an exception upon resume. But according to the language specification, the resume method (and its equivalent, the operator() overloaded function call operator) is potentially-throwing. Is this an oversight or an intentional decision?

Well, the noop_coroutine‘s coroutine handle does mark its resume() method as noexcept, so it’s not like the authors of the coroutine specification simply forgot about noexcept. They consciously put it on the resumption of a noop_coroutine, but omitted it from other coroutines.

What’s more, if you look at libraries that operate on coroutines, all of them treat the resume method as if it were noexcept.

What’s the deal?

Gor Nishanov explained it to me.

Allowing resume to throw was introduced in P0664R6 section 25, with this remark:

This resolution allows generator implementations to define unhandled_exception as follows:

  void unhandled_exception() { throw; } 

With this implementation, if a user of the generator pulls the next value, and during computation of the next value an exception will occur in the user authored body it will be propagate back to the user and the coroutine will be put into a final suspend state and ready to be destroyed when generator destructors is run.

Yeah but what does that all mean?

The scenario here is the use of coroutines as generators.

If a generator encounters an exception, the normal mechanism would be for the exception to be captured in the coroutine’s unhandled_exception method so that it can be re-thrown when the caller performs an await_resume. But if the generator is synchronous (performs no co_await operations), then it is more efficient to just let the exception propagate across the coroutine boundary directly to the caller.

The coroutine implementation (specifically, the promise) can indicate that it wants the exception to propagate by rethrowing the exception in unhandled_exception, rather than capturing it.

But if you’re not in the case of a synchronous generator (and when dealing with coroutines as tasks, you won’t be), then resume is indeed nonthrowing.

Bonus reading: Another reason for not marking resume() as noexcept is that resume() requires that the coroutine be suspended. The presence of a precondition means that, according to the Lakos Rule, the function should not be marked noexcept. This allows the implementation to choose to report the precondition violation in the form of an exception.

The post Why is coroutine_handle::resume() potentially-throwing? appeared first on The Old New Thing.

14:28

The Lay of Lilyfinger [Original Fiction – Tor.com]

An acclaimed musician and her apprentice travel to the newly freed country of Skinnere to play a complex and culturally fraught song that will lay bare the wounds of empire, occupation, and sacrifice of its players and listeners.

 

 

“Have you been to Skinnere before?” asked Pom, his hands tight on the railing. When his teacher didn’t reply, he turned away from the view of the oncoming shore. “Saaba?”

“Yes, pk. Now get away from the side.”

Saaba-niszak was in a dreadful mood. The ferry crossing had damaged her zankla flute—a gift from her late teacher, Saaba-meszki, and a rare treasure from their shared homeland, Sorskail. There was no replacing it, nor hope of an adequate repair. Her despair threatened to ruin their chances at the coming audition, which would make the loss even worse: her zankla would have been broken for nothing. She only hoped that no one else had been hired by the time they arrived.

She thought it unlikely. The advertisement had called for musicians who could play the Lay of Lilyfinger. The Lay was the traditional centrepiece of a Skinnish girl’s Staining ceremony; it ran for five hours with two hundred and fifty stanzas across three movements, and no one record of it agreed with another. Bards with the Lay in their repertoire were few and far between, and she was confident in her rendition. Even if she hadn’t been, there was nothing for it—they badly needed this job. She had an apprentice to feed and creditors to pay off. The ferry tickets hadn’t been cheap.

She hugged her suitcase protectively as the ferry rolled over the harbour chain.

Pom joined her on the seat, the rosy nap that covered his skin all blown about by the wind. Saaba-niszak regretted her sharp tone—he was bound to be excited by new places. But the odd mixture of his Yamzemayan nap and short legs was drawing unwanted attention from the other passengers.

He kicked the air sullenly. “What’s it like? Skinnere?”

“Wet,” she said. “Focus, Pom. First stanza, pk.”

Pom stilled his legs and dutifully recited the Lay’s first stanza sotto voce. Twenty-two octosyllabic lines in a language he barely spoke, learned by rote in the short time they’d been travelling. As soon as he finished, he started swinging his legs again.

Despite this feat of memory for a child so young, Saaba-niszak’s eyes darkened. He had almost six thousand further lines to memorise. “Your Skinnish needs work, pk. Practice your susurration and dampen your trills, they are too sharp. How many times must I say?”

He swung one leg with particular violence, jolting the seat. “Why can’t they sing their own stupid song?”

She cuffed him round the head. “Ignorant boy.”

“It’s too hard, Saaba,” he whined, rubbing where she’d hit him. “If you’re teaching me, I can’t help picking it up wrong. No one’s cuffing you for your accent.”

“I’m not the one singing.” She tapped her suitcase as if blocking finger holes; yes, she reassured herself, her hands definitely recalled the pattern for the Lay. “And I don’t care how hard Skinnish is. When we’re there, you’re not to speak Larish. Speak Yamzemayan or not at all.”

“My Yamzemayan’s even worse.”

“Then act mute. Second stanza, pk.”

As Pom reluctantly obeyed, Saaba-niszak lifted her head and watched their destination creep closer. After a century of peace, the stilt-city of Thallagh still bore scars of Larish occupation. It was a scant three hours’ crossing from Laring and as such had shouldered the brunt of its neighbour’s animosity. The lookout posts, firing range and barricades had been preserved as monuments to the dead.

Pom ought to know the Lay’s significance if he was to do it justice; he spoke the words but lent them no soul. So, once he had finished, instead of boring holes in his technique like she usually did, Saaba-niszak said, “When Laring occupied this country, a Skinnish orphan survived by harvesting the lilies that grow on the banks of the Skinn. The bulbs to eat, and the roots, stems and flowers to make potent medicines, pk. She plucked them every day, staining her fingers with pollen. People called her Lilyfinger—this, you know from the stanzas I have taught you, pk. I tell you the rest.”

He settled back in his seat. Turning songs into stories was how Pom learned best, and he’d recognise a lesson anywhere.

“One day, a cruel Larish general grew sick and made Lilyfinger his personal physician. He did not account for her hatred of him, nor the fact that lilies can be poisonous.

“During the climax of the Lay’s first movement—I will teach you, sza—she wipes out the general’s household in a single night. The whole second movement is a bloody rebellion led by Lilyfinger herself. You will like the cadenza; a chance to play your lyre, yes?”

“The story, Saaba.”

“It gets very sad,” she said, scratching her cheek. She was starting to shed. “The Larish army captured Lilyfinger. They executed her for disturbing the peace, pk. The rebels continued on in her memory until, at last, they succeeded in driving the invaders out.”

Swept away by the romance of it all, Pom let out a whoop that turned several heads. Saaba-niszak checked him with a stern finger. “This Lay is not some fancy. It’s not ancient history like the sagas I show you. A hundred years are nothing, even for you short-lived folk. To my kind, it’s the blink of an eye. For Skinnere and its people, the story has never ended.

“Now, where was I?”

“The rebels won,” Pom mumbled.

“Gratitude. After she was murdered, Lilyfinger’s Lay spurred the rebels on so much that the Larish grew afraid of it. See that firing range, sza?” She pointed it out to Pom as the ferry turned into port. “They shot people there just for humming the countermelody.”

The boy craned his neck. If he looked very carefully, he could see the bullet holes.

“It’s still banned throughout Larish territory, so it has had to be passed down in secret. Not everyone’s memory is as long as mine, pk; many who say they know it know an impure form. Skinnish girls stain their fingers with lily pollen in honour of Lilyfinger, to remind the world they bow to no one, and as Skinnere recovers and more girls come of age, the Lay is returned to them slowly, very slowly—but even for this, they must rely on outsiders if they want it done properly.

“That is why they cannot sing their own stupid song, as you say before.”

The ferry docked with a sudden bump. Somewhere below, the gangway squealed open.

Pom sighed. “Is the Lay beautiful?”

“Only if you sing it right, pk. Get up.”

They gathered their things and joined the shuffling throng. “It’s busy,” she said, “stay close,” and he took her so literally that his toes nipped her heels all the way through security.

As Saaba-niszak handed over their travel papers, she asked the guard in Skinnish whether a musician had been found for the merchant’s daughter’s Staining yet.

“Nope,” he said, stamping with relish. “Having a go, are you?”

The shedding was getting worse, and it took all she had to hold in her pks and szas: the interjections that peppered her native tongue. Too much Skail made strangers uncomfortable. “We will do more than have a go.”

“Good luck. Though, er . . .” He nodded at Pom, lurking behind her. “The girl’s mother, Aurig, won’t take kindly to the ingya.”

“Don’t call him that.”

Saaba-niszak snatched their stamped papers off him and led Pom through the turnstile. When they’d cleared the crowd on the other side, she took a moment to breathe. The guard had used a slur that meant forced child. As if such children deserved to bear the shame of the parent who’d done the forcing.

Pom set down a suitcase almost as big as himself. “Saaba?” he ventured in Larish. “Why did that man look at me like that?”

“What did I tell you? Yamzemayan or mute. Don’t mind him, pk. Smooth yourself.”

His nap looked messier than ever, dull where the hairs ran upwards and shiny where they ran down. He wiped his face so all was slick, then he poised a finger, anxious to make a good impression. Symbols could be drawn in Yamzemayan nap by working against the grain, and this was done as a mark of respect. Saaba-nishak shook her head. “Save for the performance, yes? Tidy is good for now. Let’s go.”

 

They announced themselves to the housekeeper—a woman of mountain stock, not quite Skinnish—and were shown into a room that was bare except for a low table and kneeling aids. The panels in the left wall were slid back for a stunning panorama of the sea. Sir was away on business but Madam could see them; and anyway, the housekeeper confided as she brought them hot honeyed water, it was Madam making all the decisions. She’d spent months soliciting nothing less than the very best for her daughter, Bruin. Wine from Lurtzog vineyards, Damese pastries . . .

“Gratitude,” said Saaba-niszak to cut the gossip short. Once they were left alone, she turned to Pom. “A moment to compose yourself, yes? Show the lady your lyre-work if your hands can manage.”

As Pom unclasped his lyre case, Saaba-niszak tried to make herself comfortable. She rubbed her face and neck, longing for a pumice; under her clothes, her old skin felt tight. Her wing stubs throbbed. It was no good dwelling on this. Shedding could happen later.

She opened her suitcase and extracted the wooden box containing her zankla. The lid was askew, the hinge broken. Inside, a crack ran through two of the flute’s three prongs. She set the box aside, fighting a sob, and took out her long-stemmed Yamzemayan flute instead. The finger holes were a close approximation, though the sound was not.

“Thank you for coming.” A Skinnish woman strode into the room. “We’ve a week to go so you’ll forgive me if I seem tense. I’m Aurig, Bruin’s mother.”

Aurig knelt before them in a cloud of robes. She was tall, though not as tall as Saaba-niszak—few were—and her skin was faintly green like buds on the verge of ripeness. Her stained fingers were carefully displayed in her lap. She did not incline her head whatsoever, as it was not the Skinnish custom to do so; Pom, however, pressed his forehead to the floor as they did in Yamzemay, and this drew Aurig’s attention immediately. When he straightened up, her cheeks flared pink.

“What insult is this?”

Saaba-niszak placed a hand on Pom’s shoulder. He held his lyre tight, still as a mouse.

“No insult, Madam.”

“The boy is Larish. I see it in his legs. How dare you.”

Saaba-niszak had dealt with Skinnish pride before and was unfazed. “True, my apprentice has a Larish father,” she said. “But look closer, Madam—Yamzemayan nap from his mother. This coupling was not tender. I’m sure you understand my meaning.”

Aurig narrowed her eyes. “Poor child,” she said without warmth. “Did you find him in a labour camp?”

“No. His mother worked hard to get out. She needed lots of money for release, lots of work. Work makes lots of children.”

Of all the countries Saaba-niszak had seen, Yamzemay seemed to her the bleakest. It was too vast, its people too widely scattered, to shake off Laring’s influence as Skinnere had done. Last year, she’d been working in the capital, and the best accommodation she could afford—where her money would line the right pockets, at least—was a guest house on the cracked banks of the Yamze. Its proprietor was a single mother whose youngest was Pom. The boy was a bag of bones. Saaba-niszak had never seriously considered taking an apprentice before; she’d always insisted she wasn’t ready for one. But the recent loss of her teacher had made her impossibly lonesome, lacking direction. And it was clear to her that, without intervention, Pom wouldn’t survive the winter.

The truth was, Pom’s mixed heritage made him especially suited to life as a bard. His Larish blood granted him that infamous stamina so abused elsewhere; Saaba-niszak had seen him play for hours without fatigue. From his mother’s side, along with the characteristic nap, he had an extended larynx and slender fingers capable of such plucking even Saaba-niszak was sometimes moved to envy. Although the physical combination resulting from such parents was widely considered ugly—an abhorrent bias, to her mind, but a tenacious one; it had even cost them a job or two—she could not imagine a more promising apprentice. She gave him a rare smile before turning back to business.

“My name is Saaba-niszak. My teacher was the late Saaba-meszki. The boy is Pom. We have prepared the opening stanzas of the Lay for your consideration.”

Aurig’s eyes shone; she would not deign to nod.

Saaba-niszak drew breath and lifted the flute to her lips. She lingered on the first notes longer than was strictly necessary, promising proficiency for the glissandos in the second movement. As that first, single breath powered on, Aurig’s eyebrows rose. Pom was not the only one with unique gifts: the Skail possessed increased lung capacity to help them tolerate the high altitude of their homeland.

On her mark, Pom played a refrain and started to sing. Although his pronunciation slipped more than she’d have liked, hearing Lilyfinger’s story had imbued him with passion; and, of course, his voice was sublime. Like cool, glittering rain. It had not yet cracked with age, though it would, all too soon, and then she would have to put a choice to him. And what a choice for someone so young.

The stanzas complete, they ended with a lyre solo. Finally, Pom set down his instrument and tapped his forehead to the floor, and then the room was silent. The whole audition had lasted ten minutes.

Aurig’s orange fingers were at her breast, her mouth slightly open. Behind the closed door, the silhouettes of the staff dispersed, having been drawn to the music like moths to a lamp in the dark.

“I—I’ve never heard it played this way.”

“Apology,” said Saaba-niszak. “We had to adjust. My best flute is broken and Pom is still learning. But my form is true. My teacher, the late Saaba-meszki, learned it from Lilyfinger’s contemporaries and passed the knowledge to me.”

Aurig sat forward, gripping her skirts. “He was in Skinnere a hundred years ago?”

“We Skail are long-lived, Madam.”

The woman’s face hardened. All she could say was: “Where have you been?”

Saaba-niszak had to look away. It was the old complaint: if the Skail were so clever, if they lived so long and remembered so much, why didn’t they fix things? She glanced at Pom, who’d understood none of their exchange. The alarm was clear on his face. Had he done something wrong? She gave him a slight shake of her head.

“You could have been teaching us all these years.” Aurig’s voice was bitter. “I’d heard your kind were selfish, but this . . .”

Saaba-niszak cut across her. “I am not selfish. Wherever I go, I teach my fellow bards as all bards teach each other. The full Lay calls for an arrangement of eight. If you can find six to join us, it would be my honour to instruct them as well.”

“That is the least you owe Skinnere, I think,” said Aurig, her face taut. She rose to her feet. “I will send for these six.”

“You intend to hire us?”

“I want the best for Bruin.” As she opened the door to leave, she paused and pressed her fingers to her lips. Her hand quivered. “Do you understand? I want to give my daughter the Staining I never had.”

A final, raking look, and then she was gone.

Saaba-niszak and Pom knelt in stunned silence. One of their bags slipped to the floor.

Pom gulped. “Did—did we get the job?”

She didn’t even scold him for speaking Larish.

 

The bathwater was deliciously hot, the dried loofah as coarse as sand. Slowly, with the help of some vigorous scrubbing, the dead layer of Saaba-niszak’s skin sloughed off and her body relaxed into its new dimensions.

Suddenly, the bathtub felt too small. She eyed her crumpled clothes on the floor: how many hems and seams would she have to let out this time?

She climbed out, dripping water everywhere, and padded to the wall. Aurig had given them rooms in the house; yes, there were panels here, just like the room they’d auditioned in. She slid one open just enough to let the steam flow out, then pulled it wider when she saw the view of the sea. Above it, the sky looked scale-silver. Her wing stubs twitched, sensing open air, recalling the impulse to flap.

Dreaming of flight.

She reached over her shoulder gingerly. They’d grown a little with her shedding, her wing stubs, but they would never regenerate, not fully. Not as well as some lizards regrew their tails. They would protrude just enough to invite disgust, to upset the cut of her clothes, to catch in doorways. She would have to ligate them—tie them off with cord to cut off the blood supply—before the bone formed. Painful, yet necessary.

Homesickness didn’t strike her often, but when it did, it hit hard. In a perverse way, Pom was lucky. Yamzemay was a central, landlocked country, which meant he could visit his mother and siblings with relative ease. Sorskail was far beyond the sea in a place no boat could reach, and her wings had been cut away as penance for leaving, so she couldn’t fly there. The only remaining glimpse of her old life was Saaba-meszki’s zankla, lying broken in its box.

The smell of salt and sulphur lingered in the lining. She breathed it for a while before lifting the zankla out.

Zanklas were carved from hard coral but they grew fragile with age, same as anything. In Sorskail, more coral was easy to come by. Off the coasts of Skinnere, Laring or Dam? Nothing. She tried a note but the sound came out flat, her breath leaking through the cracks before it reached the finger holes. Even handling it worsened the damage. She set the flute back in its box, trying not to cry. Trying to think of it as any other broken instrument, and not the final filament binding her to home.

 

Despite the tiring journey, Pom could not settle that night. Anxiety made him hungry, and nothing prompted more anxiety than grand houses like this one. Thankfully, the kitchen staff were used to indulging a peckish child. They were green and spoke Skinnish, yet they had none of Aurig’s hauteur, and they gave him food, so Pom wasn’t afraid. He accepted handfuls of spiced curd and a dozen honeysticks before dashing off again with his telltale Larish gait.

He found a room in which to eat his plunder and wipe his sticky fingers on the carpet. Unfortunately, the room was not empty.

A forgivable mistake, to think he was alone. Bruin breathed so quietly and held herself so still that Pom would later liken her to the river dragons sunning themselves back home in Yamzemay, steadfast as carved rock.

She chided him in Skinnish.

The sound of an unfamiliar voice made him jump to his feet, horrified. He’d known it was wrong to ruin the carpet. Being an unsupervised child, he’d done it anyway. He almost burst into tears at the thought of disappointing Saaba-niszak. What to do? He didn’t know how to apologise in Skinnish. Would Larish make it worse? The agony showed on his face.

She looked at his nap and long fingers, and switched smoothly to Yamzemayan. “Don’t worry, I won’t tell.”

The tones nagged at him like a forgotten refrain. “I am sorry.”

Her brow crinkled. “You talk like a baby. Why can’t you speak your own language?”

He couldn’t have put into words how in Yamzemay, same as here, the Larish had suppressed the native culture for generations until people simply forgot; how his mother had been born in the same labour camp she would later escape, hearing nothing but Larish except for bedtimes, when her mother sang lullabies in her ear; how she’d done her best to pass on these fragments to her own children; that the reason he wasn’t fluent in the language his larynx was made for was the same reason Bruin would have strangers performing the Lay at her Staining.

All he could say was, “No practice. You speak Larish?”

She bit her lip and switched. “I’m not supposed to.”

“Then I won’t tell either,” he said, venturing a smile.

She returned it.

Though young, she looked to him as elegant as any woman. Her long green hair was slicked back, dark with oil, and her robes shimmered with prints of leaping fish. The staff in this household were clad better than almost anyone he’d met, and he’d not yet developed an eye for clothes of real quality. He took her for an aide, maybe a clerk. Without meaning to, he puffed out his chest.

“Are you the musician?” she asked.

“The apprentice. My teacher is Saaba-niszak, whose teacher was Saaba-meszki. Have you heard of him?”

“Should I have?”

“He was very famous.”

“Oh.” She pouted. “Are you famous?”

“I reckon so,” he said with a grin. “Sometimes people pay a lot of money to hear us. We played in a Damese plaza once while the old men sat around drinking their caffy; oh, and there was a wedding in Lurtz where everyone stood up at the end—Saaba-niszak said it was the cue to dance but she’s very modest—and we just came from Laring which I didn’t like much. We’ve been everywhere.”

To his horror, she raised her chin, wise to his bragging. “Play me something.”

“Um. I left my lyre in my room.”

She shrugged. “We have spares.” With a gesture for Pom to follow her, she took neat, measured steps through the house, which he endeavoured to match. They came to a room that had been set aside for the purpose of storing party supplies. Crockery and extra tables took up the most space, and then there were boxes of confetti and perfumed oils and stacks of sample menus, and ten crates of Lurtzog wine; and many, many musical instruments.

“My mother went a bit overboard.”

Pom gawped at her, twigging who she was at last. “It’s your Staining?”

“Yes,” she said, pinching her robes. “Who else do you think dresses like this? A maid?”

“No, but I . . .” Tears threatened again. He would never have boasted if he’d known she was the client.

“Come and see what I’ll be wearing next week.” She pulled him towards a large box that smelled achingly familiar. Inside lay robes of Yamzemayan velvet. She reached in to stroke the pale, stippled nap. “Isn’t it beautiful?”

Pom blinked, unsure what to say. Traditionally, such velvet was Yamzemayan skin harvested after death. When Damese looms made faux velvet possible by weaving cloth out of nap fibres, shavings of unusual length or colour became highly sought after. Pom’s mother had shaved herself raw to buy food for her children. So what kind of velvet was this? Someone’s skin, or the woven nap of a hundred hungry mothers? Either way, it was wrong to call it beautiful.

Bruin noted his discomfort and closed the box. “The lyres are over here.”

Her parents had rented various instruments to cover all possible options. Pom picked out a Damese lyre still bearing its loan tag, tuned it, and haltingly picked out a ballad. His own lyre boasted six strings whereas this had twelve, with wooden arms that smelled of beeswax and bay. Once his nimble fingers found their way around—dancing across the strings, doubling back then leaping forward like tiny birds looking for somewhere to land—the tone grew clearer; yes, he liked this lyre very much.

Bruin followed his fingers intently. When he finished, she said, “Will you show me how to play that?”

 

Thallagh’s windsmith had never seen a zankla before. He examined it under his loupe, running his fingers over the cracks.

“I could gum it back together, I suppose,” he said, looking out from under his brows, “but it won’t sound the same. There will always be a disturbance around the join. Different airflow, you know.”

The thought of a ruined zankla stung. The thought of losing it altogether stung far more. “Do what you can,” Saaba-niszak said. “I need it back by the end of the week.”

She paid the deposit and squeezed outside.

The city was blurry with mist. An unseasonably warm sun had burned off the night’s moisture—along the riverbank, the year’s first lilyflies drifted around in search of mates. Fishermen’s nets swirled open and slapped the water while the ferry’s engine puttered out of sight like the gears of an old bicycle. She breathed it in, this lovely calm.

It did little to dispel her worries.

Too many variables in this job, that was the trouble. Her teacher, Saaba-meszki, had drummed into his apprentice the constant need for order. Control. But music, like the people making it, could not be controlled. Pom had five days to memorise more than two hundred and fifty stanzas, plus some tricky progressions and harmonies, and not only had he been distracted during their lesson that morning, he’d also brought a new lyre along.

“We have no time for this,” Saaba-niszak had said. “You need an instrument you know, pk. Six strings are good for now. We can practice twelve strings later.”

“Please, Saaba,” he’d begged, “this one sounds so much better.”

Admittedly, he was right, but she’d made up her mind to be stubborn. “It’s a loan! What is the point of learning twelve strings just to leave it behind?”

“I’ll buy my own when we’re paid!”

“Yes? And deprive your mother her share? We are not paid so very much, Pom; Damese craft is beyond us.” She’d wrestled the lyre off him and held it out of reach. “Did you even ask to borrow this, sza? Stop your games now and fetch your own instrument.”

Pom had screwed up his face. “No!”

“Control yourself,” she’d hissed. “You’ll ruin your voice.”

“You drag me from place to place and never ask where I want to go or what I want to play,” he’d cried shrilly. “I choose one thing for myself and you accuse me of stealing!”

“You waste time with this lyre, Pom. Why you not see sense?”

Neither had given ground. Eventually, he’d run off somewhere to cry, and Saaba-niszak had sighed and let him go. She never handled these tantrums well, especially when he struck a nerve. Despite his natural ability, life as a bard was a hardship one ought to choose for oneself, and she’d often felt guilty about whisking him away from home before he was old enough to make that choice. This was the first time he’d demonstrated a preference; a good teacher—a kind teacher, as she’d resolved to be—must encourage such self-expression.

When Pom returned, she would apologise, and if his heart was still set on it, she would promise to show him how to play the Damese lyre.

 

The six Skinnish musicians she had pledged to teach arrived that afternoon: one novice from a nearby fishing village, two harpists by riverboat, a singing double act who’d turned down a residency in Laring to catch the ferry home, and a distinguished master from the university. The room with the best acoustics was cleared for their use and Saaba-niszak joined them—alone, since Pom was still sulking. She’d been ready for their benign acceptance, even their gratitude, to her shame; and yet, over dinner, it became clear they’d rather expected to teach her. Each of them knew different renditions of the Lay and each insisted theirs was correct.

In the middle of a heated discussion that Saaba-niszak struggled to moderate, the novice, Heri, snapped at her: “Don’t tell us how to sing our own song when you can’t even speak Skinnish properly, snake-face.”

“Try holding eight languages in your head at once, sza,” Saaba-niszak snapped back. She glared at each of them in turn. “My teacher learned the Lay as it was first composed and my memory does not fail me. If my client did not want its true form for her daughter, she should have hired someone else.”

“She still could . . .”

The master, Alstan, who had also studied under Saaba-meszki many decades ago and therefore understood her obstinacy, held up a fern-green hand. The attention of the room shifted. “We do not doubt your memory, Saaba. Indeed, it will be crucial. However, you must understand that the Lay has evolved since its composition, as all music does. It has come to mean many things to many people. Without enough bards to go around, some families have had to start their own traditions. If everyone’s tone-deaf, no one sings at all! Oh, don’t look so scandalised, music is supposed to be fun.”

Saaba-niszak scowled. “Music is no longer fun when you are struck for every wrong note. When your fingers are forced apart to widen their span.”

Alstan nodded. “Our teacher was a brute, everyone knows that. But he’s no longer with us. He wields no power here.”

A guilty shudder ran down Saaba-niszak’s spine, as if Saaba-meszki was somehow present, judging her response. Her loyalty.

“Can we not work together,” Alstan went on, “to create a rendition that reflects Skinnere’s collective interpretation?”

The phrase collective interpretation would have sent Saaba-meszki into a spitting rage. Saaba-niszak pursed her lips and said, “You propose an entirely new arrangement. In the short time we have, this is impossible. We must agree on one form or risk chaos.”

One of the harpists raised her eyebrow. “And that form would be yours, would it?”

“The form I was hired for, pk.”

Someone, likely Heri, muttered something rude under their breath. Saaba-niszak lost control of herself and hissed. Alstan said, “We’ll get nowhere by trading insults. Let’s discuss this in the morning, when everyone is rested.”

They retired, grumbling, to their respective rooms. All except Alstan, who touched her elbow gently as she went to leave.

She gave him a withering look. “I’m in no mood.”

“Skail never are. But come now, this is not the Saaba-niszak I’ve heard tell of. Why are you digging your heels in like this? All this talk of a pure Lay, an impure Lay—you stir up currents you cannot fathom. Are you trying to insult everyone?”

“Of course not.” Saaba-niszak crossed her arms. “But what to do at the Staining if everyone inserts parts no one else knows or we play over each other for attention? I will be blamed in front of the guests. We bards live and die on our reputations, and my apprentice cannot eat air.”

He tutted. “Oh, she won’t blame you, don’t worry; not in public. She won’t be able to stand anyone thinking it wasn’t to her specifications. She’s a snob. She’s embarrassed about growing up the way she did.”

Saaba-niszak tilted her head. “Poor?”

“Very.” He lowered his voice. “Her fingers were stained with something other than pollen at first because her family couldn’t afford lilies. It often happens. Does it make her any less Skinnish?”

“There are many ways to be Skinnish,” she replied.

“Exactly,” said Alstan.

 

Before she went to sleep, Saaba-niszak checked Pom’s room. It was empty. Where was that boy? He’d been missing for hours. She opened his wall panels and watched that fruitless day come to a close, waiting to hear his footsteps in the corridor.

Beyond the house, the water was all sibilance. As a young woman, she’d been in love with its music. She would lie for hours on the clifftops of Sorskail listening to the sea kick up its spray, and every morning she’d fly low over the waves, singing their own song back to them.

That should have been enough.

But the gulls brought her news from the continent, news of the exiled bard Saaba-meszki, who had learned every song in the world. Every song! Her wings, long taken for granted, seemed a small price to pay for that knowledge. She’d left Sorskail and sought him out, and begged him to take her on as his apprentice.

Why, as Alstan had intimated, should she stay loyal to him now that he was dead?

She knew the answer. It was just too painful to admit to anyone but herself.

If she turned her back on all he’d taught her, what had been the point of losing her family, her home, of letting him hack off her wings? Even her memory, she’d discovered, had its limits: cramming millions of lyrics and chord progressions into her head had pushed out everything but the merest scrap of her native language, and Saaba-meszki had refused to help her coax it back. The interjections that sounded to Pom like a crackling fire were all she had left. Why not cling meanly to every lesson if it meant the sacrifice was worthwhile?

Suddenly, the door opened. It was Pom—the dark shape of him, at least. Saaba-niszak swallowed. Her throat felt tight. “Where have you been? I was worried, pk.”

“I’m sorry.” He sounded close to tears. He came to sit with her by the open panel. “Saaba, why can’t I speak Larish here, but they can buy velvet?”

“What are you about? What velvet?”

“They bought velvet robes for the Staining. I saw them yesterday. The daughter showed me.”

“I see.” She sighed. Keeping one’s distance from the client was a mark of class and good manners. At some point, she would have to scold him for this lapse of propriety, but not tonight. “Pom, there are few commodities in the world that Laring does not control, so people pick and choose: they’ll tolerate no spoken Larish, but they will drink Lurtzog wine. It is illogical, I know.”

“Wine is different,” he said, wiping his nose. “Grapes don’t feel pain when someone stands on them.”

“And the vintners who are made to do the standing? What of them?”

Pom didn’t reply, but a Yamzemayan face was easy to read. Saaba-niszak thought of his mother and the patches of angry skin she’d spotted under the woman’s sleeves. There was injustice everywhere, if one knew where to look. A price to pay for living in a messy world. The thought tired her.

“I want to go home,” he wailed.

Her breath caught. She knew that sorrow keenly. They had never been affectionate with one another; now, she pulled him onto her lap and let him bury his wet face in her neck. She rubbed his back and rocked him, shushing his cries until they faded to hiccoughs and, finally, sleep.

 

The next day, Saaba-niszak introduced Pom to the others: Alstan, Heri, the harpists Orgag and Hethe, and the singing duo, Sila and Sali, who were identical twins and could not be told apart. She said, “I propose he sings. I am teaching him the stanzas, but he speaks no Skinnish. Will you help?”

Alstan rubbed his chin. “Why go to the trouble? Any one of us could sing the Lay and expend half the time learning.”

She nodded. After waking in the same position in which they’d fallen asleep, with Pom in her arms, tenderness had sharpened her desire to put the boy forward. Her ambition had been tempered, however, by the old master’s counsel and her own reflections. “I understand. But Pom has an uncommon voice, sza. May he demonstrate?”

The room filled with noncommittal shrugs and murmurs that required no translation.

Pom took a nervous gulp of hot honeyed water and started to sing. He was not at his best this early. Even so, his tenor ululated exquisitely, spiralling higher and higher into the upper reaches of his range. The musicians’ mouths sagged open. Sila and Sali joined him in harmony and the three voices blended so well, it was hard to tell where one ended and another began.

When they finished, everyone—even Heri—applauded.

“Extraordinary,” muttered Alstan. He leaned forward and placed a kindly hand on Pom’s shoulder. In his best Yamzemayan, he said, “Well done, child.”

Pom tucked his chin, embarrassed.

Saaba-niszak said, “He cannot . . .”

The master realised his presumption and pulled away, chastised. To the room, he said, “It’s no good if young Pom can’t follow what we say. If we’re agreed he should sing, we’ll speak Larish for his benefit.”

Orgag shook his head, amused. “Aurig will kill us.”

“I’m sure Aurig would prefer a singer who knows his cues. Heri, your village trades with the Larish. You’re both of an age. Take the boy in hand and help him.”

Heri hugged his knees. “You’re dreaming if you think I’ll speak that filthy tongue when I don’t have to.”

Alstan turned back to the novice. “Well, you do have to. Or would you like to be sent home without pay? It’s no flood out of my field. I can find plenty more boys eager to take your place.”

“You’re just giving them what they want!” cried Heri. He was met with stony silence. “A bit of singing and you’ve already forgiven the snake-face for last night. Shall we hand the Lay over to her now or do we need to hear what she can do first?”

Saaba-niszak gritted her teeth. “I see now I was wrong to impose. I will collaborate. But you, novice, will show respect to your betters and address me as Saaba.”

Saaba, never niszak. No one could address a Skail by their core name alone—not a parent, not even a lover. It was too intimate, and far too rude. Even inviting him to address her in full, hearing her core name in his mouth, would be too generous a concession.

Before he could scoff, Sila or Sali said, “We’ve toured in Laring for floods and daresay know the language better. Pom can learn with us.”

“Gratitude.” Saaba-niszak pushed Pom towards the twins, switching to Larish. “Sit with them. You will sing the Lay. They will help you with your pronunciation.”

Pom obeyed.

Once breakfast was cleared, everyone brought out their instruments. Violas, lyres, harps, lutes and flutes covered the floor. Alstan opened his mouth to begin the session when Hethe, closest to the adjoining room, said, “Wait.”

“What now?”

Hethe slid a wall panel aside, revealing the adjoining room. “We have a spy.”

Bruin knelt within, watching them—it could be no one else, for the girl had her mother’s vulpine looks. Saaba-niszak tried not to patronise her with a smile, as she would for any other child, mindful that in a few short days, Bruin would take her first step towards autonomy. A newly Stained woman of her class might expect to employ her own housekeeper, or make investments, perhaps enrol in university. Skinnish women bloomed fast, even by continental standards. To Skail eyes, though, she was hopelessly, charmingly young, and would be for many years.

Alstan raised his eyebrows. “Why, my dear? You’ll hear the result soon enough.”

Bruin shuffled gracefully towards them, pulling the panel shut behind her. She clutched a harp, Saaba-niszak saw, which was the only indication of nerves; her face was smooth and unreadable. “I’m curious. May I join you?”

“It will be tiresome.”

“Nevertheless, I want to watch.”

Alstan drummed his fingers.

Saaba-niszak noted how Pom smoothed his nap and how Bruin tucked her dark hair behind her ears. Ah, yes, they had already met. She rolled her eyes. Everywhere they went, the boy managed to get attached.

“I don’t see why she shouldn’t be involved,” said Orgag. “It is her Staining.”

That settled it, since they only had four days to practice and no time to argue.

They set to work mapping out the Lay, collating everything they knew about it, demonstrating tricky sections and transposing it all to a key that would best suit Pom’s range. In the making of art, Saaba-niszak became more than herself. She transcribed almost six thousand lines in both Skinnish and Larish. She could pinpoint a bad note down to the offending finger hole or string, and track multiple time signatures simultaneously. Her grasp of the craft was so intuitive, so nimble, it recalled the ease of flight. And yet she could not revel in her ability nor its grace as she usually did.

Under her coat, her wing stubs burned. She was paying her own small price.

 

At the end of that long day, Bruin followed Saaba-niszak to her room. Pom was muttering lyrics under his breath and didn’t realise she was there, but Saaba-niszak’s mind was whetted by hard work. She sent Pom to bed, then turned to face Bruin outside her own door.

“What do you want, Madam?”

Bruin hadn’t set down her harp all day. Saaba-niszak’s attention roved over the grimy strings, the discoloured pillar—she guessed that until today it had sat unused in Bruin’s room like an ornament.

“I want you to teach me, Saaba. Please.”

Saaba-niszak flicked a hand. “I must focus on your Staining. Ask Alstan. He will not mind how you treat your instruments.”

The girl blushed. “You’re better than Alstan.”

“Because I am much older. I’m also too busy.”

“Then show me how to care for this. I tried cleaning it with something from the kitchen but it split the wood.”

Wherever this sudden, voracious enthusiasm for music had come from, it was likely to end the moment Bruin’s fingers touched the bowl of lily pollen. A last-minute spree before everything had to matter. Saaba-niszak had seen it before. She also hated to see a harp of quality neglected.

“You removed the finish. Wait here.”

She fetched wax and a small, soft brush from her suitcase, calculating the cost of replacing them as she handed them over. “Use the wax to restore shine. Dust with the brush. Keep it out of sunlight or covered. You need new strings but I have none to give you. Ask Orgag or Hethe. Harps are their speciality.”

 

Saaba-niszak was wrong to think it a whim; the girl was as tenacious as a seed deep in the ground, waiting for spring. Bruin observed the musicians the next day, and the day after that, and each night she asked Saaba-niszak to teach her.

“I already have one apprentice I cannot manage,” Saaba-niszak finally snarled.

The Staining was the day after tomorrow, and rehearsal had not gone well. They’d argued over the third movement. Apparently, some parts of Skinnere had done away with Lilyfinger’s death. Alstan, Saaba-niszak and, strangely, Heri were united in her martyrdom, while Hethe, Orgag, Sila and Sali felt it cast a pall over what should be a happy occasion, however historically accurate it may be.

It was also the first time Pom’s voice had cracked. The horror on everyone’s faces—Alstan’s hoarse, “Has he not been cut?”—had sent the boy running to his room to hide, which was where Saaba-niszak was heading when Bruin ambushed her.

“I wouldn’t cause you trouble.”

“You cause me trouble now, pk. Out of my way.”

Pom was sitting on the bed, his heels tucked to his buttocks and his forehead resting on his knees. When Saaba-niszak came in, he looked up.

“It’s not so terrible,” she said.

“I couldn’t control it at all,” he whispered. “I’ve been resting and drinking water with honey and not coughing too hard and everything else you said. What did I do wrong?”

“Nothing. Just bad timing.” She sat next to him—gingerly, because her ligated wing stubs were in agony. Once settled, she didn’t know what to say. “Did your mother explain these changes?”

He recoiled. “What changes?”

She cursed, and waited a few moments to be sure Bruin wasn’t lingering in the corridor before plunging on. “Bodies change as we age. Yamzemayan larynxes thicken. Perhaps you notice your nap darkening in private places and do not tell me?” He rubbed his face self-consciously, which she took for affirmation. “You are becoming an adult, pk. That means you will be able to mate one day.”

She gave him a moment to digest what she’d said.

“Will I still be able to sing?”

“Yes, sza. But you will not sound the same.” Like her zankla, she thought grimly.

He looked panicked. No doubt he had made the connection between the quality of his voice and the amount of money he could send home to his family. “I have to sound the same, Saaba! I don’t want to change!”

She sighed. “We can preserve your voice by cutting a part of you out. It will remove the hormones and reverse the changes.”

“Cutting—is that what Alstan meant?”

“Yes, sza. But you would never be able to have children.”

“I don’t want babies,” he said quickly.

“Not now, pk. Later, when you are grown. You may wish for them.” She held up a hand to quiet him. “Decide nothing yet. The cut can be done at any age. Pom, you must be sure. I must know you are sure.”

I must do right by you, she thought, as I did not do right by taking you with me without your full consent.

He chewed his lip. “What about those high parts?” He was referring to a crucial moment in the Lay where he had to oscillate between a series of soaring notes at the very top of his range; she knew the section troubled him. “What if I can’t do it at the Staining?”

“What do we say if we play badly otherwise? If we are sick or tired?”

“All bards have bad days.”

She shrugged—ah, shooting pain!—and wished she hadn’t. “So perhaps you will have a bad day. That is not your fault. You are working hard, sza, everyone can see. If you know you cannot hit the notes, find a lower complement for the viola; if you try and fail, it doesn’t mean you will never sing well again.” She found herself smiling and looked away, surprised at herself. “Music is supposed to be fun, as Alstan say before.”

Pom nibbled the nap at the ends of his fingers. “Do lots of singers have this—this part—cut out?”

“Other singers do not matter, pk. I do not expect it of you. Uncut or not, you will always sing well and develop more skills. What of the Damese lyre? Is it abandoned already?”

He smiled behind his fingers. “You’ll teach me twelve strings?”

“Of course. I not tell you before?” She patted his head. The movement hurt so much she had to suck in air.

Pom looked alarmed. He gripped her sleeve. “Saaba?”

“What?”

He kept his gaze down. “We never used Yamzemayan at home, except sometimes, if my mother felt up to it. Can you teach me that, too?”

Saaba-niszak just looked at him. She couldn’t know, not fully, the strange disconnect the boy felt towards his heritage, or that Bruin’s question still burned in his mind, but she could imagine. It had broken her heart to lose her own language; it broke her heart that he’d never had his. “Worry about Skinnish for now. But yes, I teach you.”

 

The next morning, Saaba-niszak couldn’t move without whimpering.

When she didn’t appear for breakfast, Pom came and found her. Before she could stop him, he hurtled through the house crying for help, and once the staff understood what he’d seen, they descended upon Saaba-niszak’s room like a horde, hospitality quite forgotten.

“Dear me—”

“Disgusting—”

“Get out,” Saaba-niszak growled as more of them caught sight of her infected wing stubs.

“Saaba?” Pom sobbed.

“I SAID, GET OUT.”

They left her, though it was a while before the hubbub outside her door faded. She gritted her teeth and crawled out of bed. Her shoulders throbbed as if they might burst. Warm fluid—blood or pus, she couldn’t tell which—ran down her ribs. Her arms wobbled and gave out beneath her. Suddenly, she wished she hadn’t sent everyone away; she was terrified and had no strength to shout for help.

She had been lying on the floor for half an hour when Alstan arrived, carrying a bowl of warm water. He set it down, then bent stiffly to help Saaba-niszak up.

“Stupid old man. You’ll fall before I stand.”

“Stay there, then.” He grunted as he lowered himself further to inspect her injuries. “I see now why young Pom was making no sense. For the love of lilyflies, what have you done to yourself?”

Her speech came in pained gasps. “Shedding makes them grow into a nuisance, so I tie them off. They have never hurt like this before.” She felt him touch the raw skin. It was as if he handled an exposed nerve. “Ah! Ah, please do not do that.”

“I think the cord was not properly disinfected,” said Alstan, continuing to examine her. “You’ll have to see a proper surgeon.”

“Only myself or another Skail can tou—”

He stood up and put his fists on his hips. “This is a serious infection. I think we’re well past cultural formalities, don’t you?”

He gave her something to clamp between her teeth while he removed the cord, pulling it free where it had lodged in her flesh, and then he cleaned her wounds. She swore in every language except Skail. It was said that pain brought one’s mother tongue forward. To her dismay, nothing came to mind.

After he’d administered to her as best as he could manage, he put the wall panels aside. Cold rushed in, scouring away the smell. Saaba-niszak threw an arm across her face.

“You need to let the salt get to them. Come on, up. Out.”

“Someone will see.”

“That particular fish has already left the nursery.”

Saaba-niszak let him lead her towards the open air, too tired to argue. The sensation of anything touching her wing stubs—even air or light, let alone another person’s hands—was strange. Usually, she kept them well covered up. She sighed, closed her eyes, and tried to relax into the pain. It helped, a bit.

When she opened her eyes again, he was looking at her wing stubs. Jagged spurs of hardening bone.

“Stop.”

He averted his eyes. “The rest of you is such a beautiful colour. Like the insides of shells. I assume the wings were the same?”

She nodded.

“I’ll never understand why you had to cut them off.”

“No,” she murmured, “you wouldn’t.” She thought back to the things Saaba-meszki had said to comfort her, after. Things he had doubtless said to himself. “Even if exile did not demand it, they were too large, pk. In Sorskail, there are no ceilings. Here, I would knock things over. Also, people would not like them. They see a Skail, they say cruel things.”

“That might have been the case once,” he said lightly. “The world is more tolerant now.”

She snorted. “Heri calls me snake-face. People call Pom an ingya. The world looks tolerant to you, perhaps.”

He bowed his head.

Pom’s footsteps thudded down the corridor. He flung open the bedroom door, and she turned around just in time to see him flush red as if he’d caught her naked. Clearly, knowing she had wing stubs was one thing, and seeing them quite another.

He wrung the hem of his shirt and stared at the floor.

“Saaba, Master Alstan. She—the client wants to watch our dress rehearsal.”

Leaving this room was too much to ask; she had yet to send for a doctor, or indeed eat breakfast. Playing in her state was impossible. She sighed and said to Alstan apologetically, “I need rest.”

Pom blinked. Tears clung like dew to his lashes. His cheeks were soggy. “Saaba, are you going to die?”

“Die?”

She almost chided him. After a year in her care, hadn’t he matured at all? But no, she reasoned, poverty had taught him his world could flip at any moment. Such scars fade slowly, if at all.

“I am not going to die, pk. I may not have your constitution but I am not so easy to kill as that. Go, both of you. Show Aurig our progress. Pom knows his lines now, yes?”

Pom was appalled by this. “We can’t rehearse without you! What about the end?”

“Play clearly and I will hear. As for Lilyfinger—I cannot say if she ought she die. The Lay welcomes Bruin to adulthood. She decides, sza.”

 

“I wanted the best!” Aurig shrieked. Her voice filled the bedroom. “I paid for the best! You dare send my daughter to play her own Lay while you laze around in my house, on my coin? Oh, you are clever to wait until the last moment, or you’d be out of a job today.”

Saaba-niszak watched the Skinnish woman pace, her heart in her mouth.

She had listened to the rehearsal all morning, eating the blandest food the kitchen could bring her and barely paying attention to the doctor when he called in. There were some faltering transitions and dropped notes, and Pom’s developing voice did fail him at the exact point he’d feared it would, but on the whole it was salvageable.

Towards the end, however, her ears had picked out a few twangs from untuned harp strings. She’d groaned and put her face in her hands. Bruin had apparently decided to join in.

“Your daughter took advantage of my absence, nothing more,” she said. “And, as you see, I do not laze. I have been ill. I intend to fulfil my duties tomorrow, as I have all week.”

“Yes, the doctor told me you were indisposed,” Aurig sneered. “How you mutilate yourself is not my problem.”

Then her rage softened, became melancholy. Her eyes glistened.

“I wanted the best for Bruin, do you understand? The perfect Staining. All my mother could do for me was half an hour of humming. A bowl of turmik—a spice—for my fingers. I found her crying in the kitchen afterwards out of shame, and I vowed then to do better by my daughter when her time came.” She raised her voice. “Instead, I get an ingya whose accent is too Larish and a Lilyfinger who lives . . . What am I to tell everyone when they hear it?”

Saaba-niszak did not reply right away.

Eight decades ago, she had played the Lay at another Staining. She’d just started her training, and for her many mistakes Saaba-meszki had taken her into a side room and beaten her. She closed her eyes and listened to the sea. Its music filled her as it had long ago—the same song, sung differently.

“Tell them the perfect Staining does not exist. It cannot, sza. A Lay must vary as every girl varies. None weighs less than another.”

Aurig knelt, too drained to stand. Strain sickened her complexion. “Do not lecture me about the validity of my customs.”

“Apology. I do not mean to assume . . . I think only of the turmik and your mother’s tears. They have played their part, yes? They have driven you to succeed, to marry well and manage a business. You are powerful, Madam, because of that unorthodox ceremony. It is a priceless reminder every time you renew your stains.”

The two women sat in silence for a while.

When Saaba-niszak judged Aurig to be calm, she said, “She asks me to teach her.”

“Of course she does, stubborn girl.” Aurig rubbed her temples. “We’ve spent a small fortune on private tutors for arithmetic, science, history, and economics, but music was never her suit. Why is she interested in something she can’t do? She sounded dreadful.”

“Old strings. If she must play with us—and I think her mind is set, yes?—I can instruct her.”

Aurig frowned. “You want to take her from me?”

Saaba-niszak shook her head. “No. I cannot manage two apprentices. But,” she sighed, “I must accept that Pom will not need me forever, and I do better with company. Bruin needs to study basics. Fast, withstand sleep, harden her fingertips, develop taste. I will return for her, pk. In a few years, maybe. If she still enjoys music, this preparation is helpful. If she does not, no harm will have been done.

“In the meantime, with your blessing, I will ask the harpists to demonstrate a few chords so she will not embarrass herself tomorrow.”

 

Afterwards, Pom would remember the party as nothing but a blur of texture, colour, sights and smells. It outranked the wedding in Lurtz; it definitely eclipsed the Damese plaza and the men with their caffy. Every room exploded with bunting. Special robes arrived for the musicians to wear, and someone to style their hair and smear red paint across their eyelids. They were sequestered away from the guests, a final opportunity to tune instruments and drill passages as the party kicked off around them.

He was all fidgets, caught up in the excitement of an impending performance. The symbols in his nap had come out crooked, his hand was so unsteady.

“Saaba?”

Saaba-niszak looked up from her zankla. There had barely been time to examine the repair, let alone test the sound. “Calm yourself.”

But he couldn’t calm himself, which made them all laugh. She wiped his nap shiny and redrew the symbols for him with a fingertip. Dark lines for humility and merriment.

“Saaba, we’re coming back for Bruin in a few years, aren’t we?”

“Yes.”

“Where are we going until then?”

She tutted. “We are not yet finished here.”

“I know. I just wondered—can we go to Yamzemay?” He wriggled, not knowing how to put his thoughts into words. He wanted to see his family. He wanted to ask his mother about her mother. Lilyfinger’s story was incendiary and he wanted to see if it could spark fires elsewhere, in the labour camps and at the looms. The force of his wanting surprised him.

Saaba-niszak nodded. “We can take a riverboat north and pass through the mountains, pk.”

“Are there any Yamzemayan lays or sagas? I want to learn a really, really good one.”

Under her robes, he saw her wing stubs flex. The bone had hardened to form a tiny knuckle, the memory of a joint. “If we are patient, we are sure to find some. To the east, Laring’s hold is not so tight.” She drew back and considered him. “This is a calling, yes?”

Just then, the housekeeper opened the door. “Places!”

 

They were led to the same room in which Saaba-niszak and Pom had auditioned. It was bursting with guests eating roasted lily bulbs, drinking wine; the wall panels had been thrown open so the party could spill out onto the water. People wandered barefoot along the shore, already drunk.

Someone called for quiet as a bowl of lily pollen was brought before Bruin. She wore reed linen instead of velvet, dyed blue for the coming floodwater. With an encouraging nod from her mother, she dipped her fingers into the pollen, rubbing the colour in until they glowed gold. She would have to do this once a year for the rest of her life. Then, to the party’s surprise, she padded the length of the room to where Pom held out her harp. She took it from him, smearing pollen across the wood, and nestled herself beside Saaba-niszak.

It would be chaos. How could it not be? By the time the musicians finished, their eyes would be red, their calluses split. But none of the guests would remember when Pom’s voice gave out, or when a viola string snapped—all those inevitable mistakes were forgiven in the moment. All anyone would remember was the smell of lilies, and the sound of a keening flute with an unearthly timbre they’d never heard before and would never hear again.

A zankla. Not quite broken, not quite whole.

At peace with that thought, Saaba-niszak gave the cue for Bruin to begin. The young woman arranged her fingers upon the strings like Hethe had shown her. With purpose, she struck the first chord.

 

“The Lay of Lilyfinger” copyright © 2021 by G. V. Anderson
Art copyright © 2021 by Sija Hong

14:21

Malicious Office 365 Apps Are the Ultimate Insiders [Krebs on Security]

Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

These attacks begin with an emailed link that when clicked loads not a phishing site but the user’s actual Office 365 login page — whether that be at microsoft.com or their employer’s domain. After logging in, the user might see a prompt that looks something like this:

These malicious apps allow attackers to bypass multi-factor authentication, because they are approved by the user after that user has already logged in. Also, the apps will persist in a user’s Office 365 account indefinitely until removed, and will survive even after an account password reset.

This week, messaging security vendor Proofpoint published some new data on the rise of these malicious Office 365 apps, noting that a high percentage of Office users will fall for this scheme [full disclosure: Proofpoint is an advertiser on this website].

Ryan Kalember, Proofpoint’s executive vice president of cybersecurity strategy, said 55 percent of the company’s customers have faced these malicious app attacks at one point or another.

“Of those who got attacked, about 22 percent — or one in five — were successfully compromised,” Kalember said.

Kalember said Microsoft last year sought to limit the spread of these malicious Office apps by creating an app publisher verification system, which requires the publisher to be a valid Microsoft Partner Network member.

That approval process is cumbersome for attackers, so they’ve devised a simple work around. “Now, they’re compromising accounts in credible tenants first,” Proofpoint explains. “Then, they’re creating, hosting and spreading cloud malware from within.”

The attackers responsible for deploying these malicious Office apps aren’t after passwords, and in this scenario they can’t even see them. Rather, they’re hoping that after logging in users will click yes to a approve the installation of a malicious but innocuously-named app into their Office365 account.

Kalember said the crooks behind these malicious apps typically use any compromised email accounts to conduct “business email compromise” or BEC fraud, which involves spoofing an email from someone in authority at an organization and requesting the payment of a fictitious invoice. Other uses have included the sending of malware-laced emails from the victim’s email account.

Last year, Proofpoint wrote about a service in the cybercriminal underground where customers could access various Office 365 accounts without a username or password. The service also advertised the ability to extract and filter emails and files based on selected keywords, as well as attach malicious macros to all documents in a user’s Microsoft OneDrive.

A cybercriminal service advertising the sale of access to hacked Office365 accounts. Image: Proofpoint.

“You don’t need a botnet if you have Office 365, and you don’t need malware if you have these [malicious] apps,” Kalember said. “It’s just easier, and it’s a good way to bypass multi-factor authentication.”

KrebsOnSecurity first warned about this trend in January 2020. That story cited Microsoft saying that while organizations running Office 365 could enable a setting to restrict users from installing apps, doing so was a “drastic step” that “severely impairs your users’ ability to be productive with third-party applications.”

Since then, Microsoft added a policy that allows Office 365 administrators to block users from consenting to an application from a non-verified publisher. Also, applications published after November 8, 2020, are coupled with a consent screen warning in case the publisher is not verified, and the tenant policy allows the consent.

Microsoft’s instructions for detecting and removing illicit consent grants in Office 365 are here.

Proofpoint says O365 administrators should limit or block which non-administrators can create applications, and enable Microsoft’s verified publisher policy — as a majority of cloud malware is still coming from Office 365 tenants that are not part of Microsoft’s partner network. Experts say it’s also important to ensure you have security logging turned on so that alerts are generated when employees are introducing new software into your infrastructure.

12:21

CodeSOD: Touch of Death [The Daily WTF]

Unit testing in C offers its own special challenges. Unit testing an application heavily dependent upon threads, written in C, offers even more. Brian inherited an application where the main loop of...

10:07

Remote talk on May 10 [Richard Stallman's Political Notes]

On May 10, RMS will give a remote talk for the University of Buckingham Free Speech Society, starting at 7pm UK time.

You can watch the stream here.

09:14

Comic: Mount Sprue [Penny Arcade]

New Comic: Mount Sprue

09:00

The weather problem [Seth's Blog]

Meteorologists on TV spend most of their time talking about how the weather is right now, right outside. And progress for TV weather often looks like more accurate reporting of the current precipitation, temperature and windspeed, along with nicer graphics.

That’s not the same as actually predicting what the weather will be tomorrow. We can probably agree that more granularity in how the weather is right now isn’t particularly interesting.

It’s an easy trap to fall into, because spending time on what’s provably true is way less risky than deciding what’s important and using it to predict the future.

Our best work involves sorting the important from the rest, along with bringing a point of view and experience to complicated problems. Problems that are interesting because there isn’t a proven, correct answer.

The wind chill factor is best left to an automated device.

We don’t need a weatherman to know which way the wind blows, but figuring out how it’s going to blow tomorrow is a great skill.

08:21

Urgent: Texas abortion ban [Richard Stallman's Political Notes]

Everyone: call on AT&T to speak out against the Texas abortion ban and pledge to stop funding anti-abortion politicians.

Bogus Johnson on keeping the UK economy open [Richard Stallman's Political Notes]

Bogus Johnson appears to have said, "let the bodies pile high in the thousands," insisting on keeping the UK economy open. (He later changed his mind about that decision, and changed it again, and again, etc.)

Bogus Johnson has evaded scandal after scandal by refusing to take them seriously, but the current scandal about accepting gifts of money and covering them up is constricting around him.

Nonetheless, he continues trying to thwart punishment by ignoring it.

The UK used to hold its ministers accountable with a firm expectation that a minister would resign over any wrongdoing, whether public or personal. The Tories have abolished that expectation by disregarding it, and now they can get away with just about anything. But they are still pushing to destroy every institution that could stop them.

I can imagine them as saying, "If you're a Tory politician, they let you do it." And, as when the bully said it, it's not really true, unless "let you" includes "be too scared to stop you".

Indian government ignored scientists [Richard Stallman's Political Notes]

The Indian government asked Indian scientists for advice for dealing with Covid-19, but when they said that the variants threatened another wave of illness, the government ignored them.

Outsourcing regulation [Richard Stallman's Political Notes]

The UK, by outsourcing regulation, has demonstrated that this practice encourages corruption that defeats the regulation, with results that sometimes kill and often ruin people.

Unionizing workers in charter schools [Richard Stallman's Political Notes]

Unionizing the workers in charter schools prevents some of their usual kinds of exploitation. Is that enough to make them harmless?

Peaceful London protests [Richard Stallman's Political Notes]

Thousands protested peacefully in London against Tory plans to repress protesters if they cause inconvenience to anyone.

I fear this will not be enough. The Tories figure they will win the next election, with some help from voter suppression, and aside from that they care about nothing and no one.

A thug attacked a teenager [Richard Stallman's Political Notes]

A thug went mad and attacked a teenager who had surrendered, for not obeying every violent demand.

Last resident of Wollar Australia [Richard Stallman's Political Notes]

An interview with the last resident of the village of Wollar in Australia. Everyone else has sold per property to Peabody coal mining.

If the new use of the town's land was something necessary for Australia and the world to survive, I would say that what has happened in Wollar was not so bad. At least people are getting bought out and they can move to other communities.

But given that mining more coal is death, the state should not have permitted a new coal mine at all. Laws should prohibit new coal mines.

Republican election sabotage bills [Richard Stallman's Political Notes]

Republican election sabotage bills go beyond making it inconvenient to vote (especially for Democrats). They propose to allow poll watchers to look at people's ballots (and see how they are voting), harass voters, even try to disqualify voters.

Republican officials would judge the challenges and there is no reason to expect them to try to judge in a non-partisan or fair manner.

Data that cars record [Richard Stallman's Political Notes]

Cars record everything that happens in them, even opening doors and windows. If you connect a phone to one, it gets lots of data from the phone, and stores them permanently too.

In the US, various government agencies can get this data out of the car. However, it's not just the government. Surely the car manufacturer gets it too, and can sell it.

I wonder whether all this data enables the government, and the car manufacturer, to track the car's movements by dead reckoning if the GPS antenna is covered.

We need laws to tightly restrict what data a car can record.

Intention to privatize UK public schools [Richard Stallman's Political Notes]

The Tory government has stated the intention to privatize all public schools in the UK.

Privatization would result in paying teachers less, spending less on education, and providing profit to the operators. In addition, the privatized schools could get away with disregarding educational needs, even kicking out students because they cost more money, perhaps leaving them with no school that will admit them.

Big Pharma doesn't want Medicare [Richard Stallman's Political Notes]

Bernie Sanders: *Big Pharma doesn’t want us to expand Medicare. We have to fight them.*

Children who catch Covid-19 [Richard Stallman's Political Notes]

Children who catch Covid-19, even without symptoms, have a significant chance of ending up with lasting pain and disability.

Putting aside the gratuitous disrespect reported for some doctors, there is, in fact, nothing that medicine can do for those people now. No one has any idea what might help. Maybe research will discover treatments in the future, but there is no guarantee.

This is a fate worse than death. I suppose some of those children wish for death. If they don't now, they may start in a year or several years. But it may take them years to attain that wish.

To prevent this horrible fate, we need to eradicate Covid-19, from our countries and from the whole world. That means a large fraction of the population must be vaccinated.

We cannot allow perverse cults to stand in the way.

UK's fines for violating Covid-19 suppression rules [Richard Stallman's Political Notes]

The UK's fines for violating Covid-19-suppression rules fell most heavily on disprivileged racial groups.

I think it would be interesting to study the importance of various factors in producing that result, including these:

  • Bias, conscious or unconscious, on the part of those issuing the fines, so that whites get fined less often for the same behavior.
  • people in disprivileged racial groups need more often to go somewhere physically and meet with someone.
  • people in disprivileged racial groups are less likely to have a private outdoor space where meeting someone else was permitted.
  • people in disprivileged racial groups tend to be poorer.

Green Party in Germany [Richard Stallman's Political Notes]

Polls suggest that the Green Party may be Germany's strongest party after the next election. That would be truly revolutionary.

So don't say, "Colorless Green ideas sleep furiously." They are not colorless, and they are not sleeping any more.

Covid-19 vaccination in Hong Kong [Richard Stallman's Political Notes]

Hong Kong plans to require foreign domestic workers to get Covid-19 vaccination.

Each domestic worker works in close proximity to a family, over long periods of time. If the worker catches Covid-19, person is very likely to transmit it to that family. Therefore, the worker should be vaccinated.

Perhaps people who work in stores and deal with the public should also have to be vaccinated. A store worker rarely spends even 5 minutes near one customer, but one infected worker in a store for hours can fill the store with virus and several people could catch Covid-19 from that.

The likelihood of this depends on the store's ventilation system. It also depends on whether customers keep wearing masks when in a store.

The only sort of exception that, for ethical reasons, needs to exist is for those who, for medical reasons, cannot be vaccinated. Hong Kong says it will offer that exception.

Aside from those people, anyone who feels discriminated against by this policy has a simple solution at hand: get vaccinated. It's the right thing to do and the safe thing to do. Humanity needs to eradicate Covid-19, and this is the way. Stop complaining, and get vaccinated!

However, for the time being, many people don't have the option of getting vaccinated, because they live in places where little or no vaccine is available. It would be proper for a country that has money to burn, such as Hong Kong (i.e., China), to offer people admitted with work visas vaccination before or after arrival, if they are coming from one of those places.

Singapore is using a disco ad to encourage people to get vaccinated.

Stopping Australian citizens returning from India [Richard Stallman's Political Notes]

Australia's chief medical officer talks about the need to stop citizens from returning from India while getting the quarantine system ready to cope with the extremely contagious virus variant now spreading there.

I think this is legitimate as long as they work fast and get this over quickly.

Rare South African plants [Richard Stallman's Political Notes]

Poaching rare plants in a South African desert is likely to wipe them out, and if it doesn't, global heating effects can do it.

New York Times 1619 project [Richard Stallman's Political Notes]

Some Republicans object to the New York Times' 1619 project, about the history of slavery in the US, claiming that it is wrong to call attention to the country's flaws.

Since some of these flaws continue to cause injustice today, I believe as a general principle that we should pay attention to them, not cover them up. Therefore, I would like to look at the 1619 Project and see what it says.

I am blocked from doing so because its web site insists on running nonfree software (written in Javascript) in my browser. Since I don't allow anyone to do that to me, the site shows me a blank window.

Does anyone know of another way I can look at that material? Perhaps a way that is not "interactive"?

Because of that injustice in the site's infrastructure, I must urge everyone to decline to visit that site, unless and until they fix it to be accessible from the Free World. I hope that school curriculum will likewise refuse to suggest the site as a resource until it has been fixed.

I hope that they fix it soon, to make the material available for viewing from the Free World. But we will need to press them to do it.

Does anyone know where we should direct the pressure?

COVID vaccine [Richard Stallman's Political Notes]

*Who's Controlling the COVID Vaccine: 10 Myths and Misdirections.*

I posted this link because overall the points are valid. However, talking about the concept of "intellectual property" inevitably spreads confusion through over generalization and putting scare quotes around the term does nothing to undo that confusion. Each use of that term inherently misinforms.

The way to avoid that misinformation is to talk about patents and about trade secrecy as two separate issues which are legally unrelated.

05:49

Girl Genius for Wednesday, May 05, 2021 [Girl Genius]

The Girl Genius comic for Wednesday, May 05, 2021 has been posted.

02:21

Pokology: a community-driven website about GNU poke [Planet GNU]

We are happy to announce the availability of a new website, https://pokology.org.

Pokology is a community-driven live repository of knowledge relative to GNU poke, maintained by the poke developers, users and friends.

The site is similar to a wiki, collectively maintained as a git repository.  The contents are written in comfortable org-mode files which get automatically published to HTML.

Happy poking!

Cover Story [QC RSS]

I was laughing the entire time I drew this

01:56

Junichi Uekawa: Wrote a pomodoro timer in elisp. [Planet Debian]

Wrote a pomodoro timer in elisp. Why? Because I try to keep my workflow simple, and to keep the simplicity I sometimes need to re-implement stuff. No this is a lame excuse. I have been living in emacs for the past week and felt like it. However writing elisp has been challenging, maybe because I haven't done it for a while. I noticed there's lexical-binding, but I didn't quite get it, my lambda isn't getting the function parameter in scope.

00:21

Savage Love [The Stranger, Seattle's Only Newspaper: Savage Love]

Switched On by Dan Savage

You’ve said that everyone is entitled to a “zone of erotic autonomy.” I was wondering if you thought that "zone" extends to sending thousands of dollars to a "FinDom." I'm a 33-year-old straight woman and I love my husband and we have a great (or so I thought) sex life. He's very dominant and controlling in bed and I'm very submissive and I thought we were well-matched sexually. So it was a shock for more than one reason when I stumbled over evidence that he's been sending money to a female sex worker who calls herself a FinDom. This has been going on for nearly three years! It seems clear from their messages (I have read them all) that they've never met in person (she clearly states that she never meets in person with her subs) but she sends him degrading personalized videos after he sends her money roughly once every other month. The amounts are small but they add up. We are more than comfortable so the issue isn't the money. And while my husband has never complained about what I spend on a personal trainer or my hair or body treatments (admittedly a lot), this is obviously different because he's masturbating over these videos. I don't really want to degrade him and I obviously couldn't dominate him financially as our finances are shared. My husband says he doesn't want to be degraded by me but he was nevertheless willing to pay a complete stranger to heap insults on him?!? I don't understand. I thought we had a great sexual connection. I also thought I knew who he was erotically. I'm confused and don't know what to do.

Feeling Insecure Necessarily, Doubts About Marriage Now

First things first: You actually have a great sex life (from the sound of things), your husband clearly loves you (if this if your only issue), and his dominance in the sack isn't an act, FINDAMN, it's just that having control isn't the only thing that turns him on. It's just that every once in a while he wants to give up control. Maybe he should've come to you to get this need met and couldn't bring himself to ask—for fear of rejection, for fear of spoiling your D/s dynamic—or maybe he sensed you wouldn't enjoy degrading him and/or being degraded by you wouldn't work for him.

Backing up for a second: You say you're "more than comfortable," FINDAMN, which is filthy rich person code for "we have tons of money." So while I'm opposed to one person in a marriage spending significant amounts of money without their spouse's knowledge, I'm going to climb out on a limb and guess that this isn't money you missed. No mortgage payments went unpaid, no vacations were canceled, no kids were yanked out of private schools. Even if your husband sent this woman $9,999 dollars over the last three years—the highest figure that keeps us in the "thousands" range—that works out to $278 dollars a month. I'm guessing the actual amount spent was far less than that, FINDAMN, and in no way impacted your comforts. (But here's hoping Joe Biden's tax hikes on the wealthy do!)

As for the seeming contradiction—your husband dominates you and submits to this woman—it's not that hard to explain what's going on. While you've probably never been to a big gay leather/fetish event, FINDAMN, if you should ever go you would meet dozens of men who have both Doms and subs. So the guy you saw being dragged around on a leash on the first night will be dragging someone else around on a leash the second night. Because very few people into power exchange are 100% dominant or 100% submissive; one guy can bring out a gay guy's submissive side and another guy can bring out his dominant side. Similarly, you seem to bring out your husband's dominant side—much to your delight—while this other woman brings out his submissive side. So it would seem your husband is a bit of a switch; in his case, FINDAMN, he's mostly dominant but also enjoys being submissive too. And being submissive to an online FinDom once in a while doesn't mean there's anything inauthentic about your husband when he's dominating you.

If you don't want to degrade your husband—if you or if he or if you both prefer your roles to be fixed (which is common among kinky switches)—and your husband is willing to keep this connection 1. online only, 2. below an agreed-to amount, and 3. to himself (if you don't want to hear about it) or shared (if you do), I think you should allow your husband to have the outlet. Again, you can spare the money and your husband hasn't done anything stupid—he hasn't given this woman access to your savings accounts or written her into his will. He's paying this woman for a little dominant time and attention every now and then. And while what your husband did (basically purchased some interactive porn) does feel cheating-adjacent… I gotta ask… have you ever hired a personal trainer just because he was hot? Have you ever chosen a hairdresser because you liked to look at him? Have you ever gone out of your way to get body treatments from a VGL male masseuse? And then thought about one of those guys—or all three of them—while you were masturbating or having sex with your husband? If you can identify any small zones of erotic autonomy that you've carved out for yourself, FINDAMN, allowing your husband to continue enjoying the small zone of erotic autonomy he's carved out for himself might come a little easier.


I'm a 27-year-old gay man who's having a hard time. I'm in a relationship with a spectacular guy. He's a 25-year-old bisexual man. He's smart, funny, extroverted, and has lots of friends and lots of ex-fuckbuddies. We are deeply in love and neither of us has ever felt that before. It's been five months and nothing could be better—except the fact that I'm deadly insecure. He's got tons of friends, he's extremely attractive, and sexually he's perfect. He's a top who knows how to use his big dick and he has infinite endurance. I'm the opposite of all that: I have a few friends, I'm an average/ugly guy with an average/small dick, it's not easy for me to get a solid erection, and it takes me just a couple of minutes to come. I keep comparing myself to him: he's perfect and he can fuck anyone and I'm ugly and sexually inept compared to him. These feelings are killing me.

I Can't Be The Right One

Your boyfriend, who could apparently have anyone, has chosen you. So you're either far more appealing—physically, emotionally, socially—than you give yourself credit for, ICBTRO, or your boyfriend gets off on the power imbalance. But if the latter were true, if he was manipulating you with his looks/dick, you would know. You would be painfully aware of it and you would've mentioned it in your letter if your boyfriend had leveraged his looks and/or his dick to get you to do things you didn't want to do or put up with things no one should put up with. (If he had said something to you like, "You'll never leave me because you can't do better," you would've included that.) So I'm guessing you're a lot more appealing—physically, emotionally, socially—than you've allowed yourself to realize.

Instead of worrying about whether this relationship will last forever (and most don't), ICBTRO, try to enjoy the boyfriend you've got right now. Speak to a doctor about ED meds for your dick and speak to a shrink about your low self-esteem—because if anything is going to prematurely kill this relationship, it's your insecurities. Your boyfriend may not want to be with you forever, ICBTRO, and you may not want to be with him forever. But if you want to be with him for as long as you can, you've gotta get a grip on your insecurities. He can't help you with those. And if you can't help yourself, ICBTRO, find a therapist who can help you.


mail@savagelove.net

Follow Dan on Twitter @FakeDanSavage.

www.savagelovecast.com

[ Comment on this story ]

[ Subscribe to the comments on this story ]

Tuesday, 04 May

22:49

New Savage Lovecast: With Anna Sale! [The Stranger, Seattle's Only Newspaper: Savage Love]

Episode #758 — May 4, 2021 by The Stranger

View this post on Instagram

A post shared by Dan Savage (@dansavage)

It's a boy! A pregnant woman upon learning the sex of her unborn baby is devastated that she's not getting the daughter she always dreamed of. Can she learn to love...a son?

Have you heard the Death, Sex & Money podcast with Anna Sale? Well! Anna joined us to talk about her new book "Let's Talk About Hard Things." She and Dan answered a few calls together, which somehow leads to a discussion about an esoteric BJ technique. Some is on the Micro, all is on the Magnum.

A married lesbian found out that her wife is cheating on her, on her own damn birthday. Now the wife is asking for an open relationship. After ten years of monogamy, can they make it work?

Finally—"Wanted: sex worker to service my elderly father. Must also cook for him." Does this kind of specialist exist?

Listen here:

21:49

[$] Rustls: memory safety for TLS [LWN.net]

The movement toward using memory-safe languages, and Rust in particular, has picked up a lot of steam over the past year or two. Removing the possibility of buffer overflows, use-after-free bugs, and other woes associated with unmanaged pointers is an attractive feature, especially given that the majority of today's vulnerabilities stem from memory-safety issues. On April 20, the Internet Security Research Group (ISRG) announced a funding initiative targeting the Rustls TLS library in order to prepare it for more widespread adoption—including by ISRG's Let's Encrypt project.

Pluralistic: 04 May 2021 [Pluralistic: Daily links from Cory Doctorow]


Today's links



The facade of Hometown Deli with 'Hometown' replaced with the Duke University wordmark, and the Duke shield and Devils logo on its facade.

Whales decry the casino economy (permalink)

Remember Hometown Deli? It's the squat cinderblock New Jersey sandwich shop that is publicly traded and raised $2.5m on a $100m valuation, based on $35k in annual revenue. It was the source of much puzzlement and mirth last month.

https://pluralistic.net/2021/04/16/where-it-hurts/#hometown

Since then, there's been a lot of financial sleuthing to figure out what this "company" is – the smart money is that it's a prepackaged financial vehicle to allow an otherwise unmarketable offshore company to go public, by doing a reverse-acquisition.

https://www.npr.org/2021/04/21/989625586/the-100-million-deli

A reason for all this attention is that Hometown is a perfect emblem of the casino economy, in which the financial sector makes vast fortunes without producing anything of value, simply by making bets, including bets on other bets (which are sometimes also bets on bets).

The stories about the casino are often about the way that unwise retail investors are wasting their "stimmies" by being the sucker at the poker-table, getting fleeced by the sharp operators who know how the game is really played.

That's how things played out at the Berkshire Hathaway annual meeting, where Warren Buffett and Charlie Munger (the only billionaire power-couple that isn't getting a divorce) scolded the Wallstreetbets/Gamestop speculators and their abettors:

https://markets.businessinsider.com/currencies/news/warren-buffett-charlie-munger-berkshire-hathaway-annual-meeting-live-updates-2021-5-1030373616

But as David Dayen points out, the action from retail investors is just a side-show. Take SPACs – a form of corporation-launder that allows companies with unsound financial to go public without normal scrutiny.

https://prospect.org/power/financial-speculation-is-about-more-than-gamestop-day-traders/

The majority of SPACs did not originate through celebrity endorsers – they were high-flying finance vehicles created by major investment banks and funds.

https://www.wsj.com/articles/gamestop-day-traders-are-moving-into-spacs-11612175401

Even the Gamestop bull run – this year's poster child for retail investors moving markets – was mostly a wargame waged by titanic funds, with retail investors providing protective coloration.

https://pluralistic.net/2021/01/30/meme-stocks/#stockstonks

The Trump stimulus included a promise government to buy up as many junk-bonds as the corporate sector could issue, pumping trillions into the casino economy (cities and states, meanwhile, were hung out to dry, left to fire teachers and firefighters):

https://pluralistic.net/2020/10/20/the-cadillac-of-murdermobiles/#austerity

All of that money has gone to socially destructive activity, including the bull run on single-family dwellings, which Wall St is trying to corner the market on so that everyone will pay rent to a finance slumlord so their shelter can securitized into bonds.

Much of the money has been poured into anticompetitive mergers, as companies seek to own their own markets (horizontal mergers) and their supply chains (vertical mergers), and so far, the Biden admin has given them all a pass:

https://www.forbes.com/sites/kevindowd/2021/05/02/despite-pandemic-fears-a-record-breaking-frenzy-of-ma-activity-is-underway/

Thanks to the fed's "we'll buy your junk bond" policy, these mergers are largely debt-financed, leaving once-healthy businesses saddled with vast amounts of debt that put their employees, customers and suppliers at risk of collapse.

That's the real story behind the failed EU football "Superleague," in which a dozen teams proposed to take over all of EU football so that their debt-saddled owners could continue to make the interest payments on the fortunes they extracted from them.

Football fans know this, of course. That's why #ManU fans stormed the pitch and set off smoke-bombs to protest the team's debt-based takeover by the US billionaire/speculator Glazer family.

https://twitter.com/JoePompliano/status/1388850458027036672

(Incidentally, the best commentary on Superleague has come from Musa Okwonga, whose Trashfuture episode on the teams' dodgy, ruinious finances is an absolute must-listen)

https://trashfuturepodcast.podbean.com/e/rip-european-super-league-2021-2021-feat-musa-okwonga/

Despite Buffett's finger-wagging, the casino economy is being run by whales, not minnows. Even Hometown Deli, which looks more like a mob money-laundry than a high-finance gambit, was built on the fortunes of sophisticated, blue-chip investors.

Out of the $2.5m that Hometown Deli raked in from "investment" last year, $2m came from Duke University and Vanderbilt University, who invested through their multibillion-dollar endowments.

https://www.ft.com/content/4a6d0864-eb26-4e54-8ab5-ffad2e8166ee

The fact that America's elite universities are now just "hedge funds with educational arms" is a leading indicator of the financial rot's spread through the system.

https://pluralistic.net/2021/04/26/moolah-boolah/#poison-ivies

The same economists who brief against the elements of the Biden stimulus that will create structural changes in jobs, climate resilience, energy independence and food stability have no problem with this casino economy.

https://pluralistic.net/2021/05/01/mayday/#inflationary-political-economy

The only part they decry is the spectacle of the suckers at the table, because whether they're getting fleeced or collecting a rare jackpot, they bring the whole enterprise into disrepute.



A powdery residue on a lab-slide.

Qualia (permalink)

My latest Locus Magazine column is "Qualia," and it argues that every attempt to make an empirical, quantitative cost-benefit analysis involves making subjective qualitative judgments about what to do with all the nonquantifiable elements of the problem.

https://locusmag.com/2021/05/cory-doctorow-qualia/

Think of contact tracing. When an epidemiologist does contact tracing, they establish personal trust with infected people and use that relationship to unpick the web of social and microbial ties that bind them to their community.

But we don't know how to automate that person-to-person process, so we do what quants have done since time immemorial: we decide that the qualitative elements of the exercise can be safely incinerated, so we can do math on the quantitative residue that's left behind.

We can automate measurements of signal strength and contact duration. We can do math on those measurements.

What we can't do is tell whether you had "contact" with someone in the next sealed automobile in slow traffic – or whether you were breathing into each others' faces.

The decision to discard the subjective is subjective.

When the University of Illinois hired physicists to design its re-opening model, they promised no more than 100 cases in the semester and made unkind remarks about how easy epidemiology was compared to physics.

Within weeks, the campus shut down amid a 780-person outbreak. The physicists' subjective judgment that their model didn't need to factor in student eyeball-licking parties meant that the model could not predict the reality.

The problems in quants' claims of empiricism aren't just that they get it wrong – it's that they get it wrong, and then claim that it's impossible for anyone to do better.

This is – in Patrick Ball's term – "empirical facewash." Predictive policing apps don't predict where crime will be, but they DO predict where police will look for criminals.

Subjectively discarding the distinction between "arrests" and "crime" makes bias seem objective.

40 years ago, the University of Chicago's Economics Department incubated a radical experiment in false empiricism: the "Law and Economics" movement, which has ruled out legal and political sphere since Reagan.

Law and Econ's premise was that "equality before the law" required that the law be purged of subjective assessments. For example, DoJ review of two similar mergers should result in two similar outcomes – not approval for one and denial for the other.

To this end, they set out to transform the standards for anti-monopoly enforcement from a political judgment ("Will this merger make a company too powerful?") to an economic one ("Will this merger make prices go up?").

It's true that "Is this company too powerful?" is a subjective question – but so is "Will this merger result in higher prices?"

After all, every company that ever raised prices after a merger blamed something else: higher wage- or material-costs, energy prices, etc.

So whenever two companies merge and promise not to raise prices, we have to make a subjective judgment as to whether to trust them. And if they do merge and raise prices, we have to subjectively decide whether they're telling the truth about why the prices went up.

Law and Econ's answer to this lay in its use of incredibly complex mathematical models. Chicago economists were the world's leading experts in these models, the only people who claimed to know how to make and interpret them.

It's quite a coincidence how every time a company hired a Chicago Boy to build a model to predict how a merger would affect consumers, the model predicted it would be great.

A maxim of neoliberal economics is "incentives matter" – and economists have experience to prove it.

The Chicago School became a sorcerous priesthood, its models the sacrificial ox that could be ritually slaughtered so the future could be read in its guts. Their primacy in models meant that they could dismiss anyone who objected as an unqualified dilettante.

And if you had the audacity to insist that the law shouldn't limit itself to these "empirical" questions, they'd say you were "politicizing" the law, demolishing "equality before the law" by making its judgements dependent on subjective evaluations rather than math.

That's how we got into this mess, with two beer companies, two spirits companies, three record companies, five tech companies, one eyeglasses company, one wrestling league, four big accounting firms – they merged and merged, and the models said it would be fine, just fine.

These companies are too powerful. Boeing used its power to eliminate independent oversight of its 737 Max and made flying death-traps, and then got tens of billions in bailouts to keep them flying.

What's more, these companies are raising prices, no matter what the model says. The FTC knows how to clobber two companies that get together to make prices higher, but if those companies merge and the two resulting divisions do the same thing, they get away with it.

The only "price-fixing" the FTC and DoJ know how to detect and stop is the action of misclassified gig-economy workers (who are allegedly each an independent business) who get together to demand a living wage. In Law-and-Econ terms, that's a cartel engaged in price-fixing.

That means Lyft and Uber can collude to spend $200m to pass California's Prop 22, so they can pretend their employees are contractors and steal their wages and deny them workplace protection – but if the workers go on strike, they're the monopolists.

In Law-and-Econ land, the way those thousands of precarious, overstretched workers should resist their well-capitalised bosses at Uber and Lyft is to form a trade association, raise $200m of their own, and pass their own ballot initiative.

As I wrote in the column: "Discarding the qualitative is a qualitative act. Not all incinerators are created equal: the way you produce your dubious quantitative residue is a choice, a decision, not an equation."

There is room for empiricism in policy-making, of course. When David Nutt was UK Drugs Czar, he had a panel of experts create empirical rankings for how dangerous different drugs were to their users, their families and wider society.

From this, he was able to group drugs into "drugs whose regulation would change a lot based on how you prioritized these harms" and "drugs whose ranking remains stable, no matter what your priorities."

Nutt was then able to go to Parliament and say, "OK, the choice about who we protect is a political, subjective one, not an empirical one. But once you tell me what your subjective choice is, I can empirically tell you how to regulate different drugs."

Nutt isn't UK Drugs Czar anymore. He was fired after he refused to recant remarks that alcohol and tobacco were more dangerous than many banned substances. He was fired by a government that sat back and watched as the booze industry concentrated into four companies.

These companies' profits are wholly dependent on dangerous binge drinking; they admit that if Britons were to stop binge drinking, they'd face steep declines in profitability.

These companies insist they can prevent binge drinking, through "enjoy responsibly" programs.

These programs are empirical failures. The companies insist that this is because it's impossible to prevent binge drinking.

So Nutt made his own program, and performed randomized trials to see how it stacked up against the booze pushers' version.

Nutt's program worked.

It was never implemented.

Instead, he got fired, for saying – truthfully – that alcohol is an incredibly dangerous drug.

The four companies that control the world's booze industry have enormous political power.

So here we have the failure of Law-and-Econ, even on its own terms. Instead of creating an empirical basis for policy, the Law-and-Econ framework has created global monopolies that capture their regulators and kill with impunity.

That's why it's so significant that Amy Klobuchar's antitrust proposals start by getting rid of the "consumer welfare" standard and replacing it with a broader standard: "Is this company too powerful?"

https://pluralistic.net/2021/02/06/calera/#fuck-bork

(Image: OpenStax Chemistry, CC BY)



This day in history (permalink)

#20yrsago Linus Torvalds responds to Craig Mundie on open source https://web.archive.org/web/20020205113657/web.siliconvalley.com/content/sv/2001/05/03/opinion/dgillmor/weblog/torvalds.htm

#15yrsago Danny Hillis on how games are(n’t) like a theme park https://www.wired.com/2006/04/disney-2/

#10yrsago Minnesota GOP leader declares war on Neil Gaiman https://www.startribune.com/gop-targets-legacy-funds-for-mpr-arts/121223134/

#10yrsago Rental laptops equipped with spyware that can covertly activate the webcam and take screenshots https://web.archive.org/web/20110504111229/https://www.ajc.com/business/pa-suit-furniture-rental-933410.html

#10yrsago John Ashcroft assumes charge of “ethics and professionalism” for Blackwater https://www.wired.com/2011/05/blackwaters-new-ethics-chief-john-ashcroft/

#5yrsago The Planet Remade: frank, clear-eyed book on geoengineering, climate disaster, & humanity’s future https://memex.craphound.com/2016/05/04/the-planet-remade-frank-clear-eyed-book-on-geoengineering-climate-disaster-humanitys-future/

#5yrsago US government and SCOTUS change cybercrime rules to let cops hack victims’ computers https://www.wired.com/2016/05/now-government-wants-hack-cybercrime-victims/

#5yrsago Chinese censorship: arbitrary rule changes are a form of powerful intermittent reinforcement https://www.techinasia.com/cleverest-thing-about-china-internet-censorship

#5yrsago After advertiser complaints, Farm News fires editorial cartoonist who criticized John Deere & Monsanto https://www.kcci.com/article/long-time-iowa-farm-cartoonist-fired-after-creating-this-cartoon-3/6919712

#1yrago XML inventor quits Amazon over whistleblower firings https://pluralistic.net/2020/05/04/which-side-are-you-on/#tim-bray

#1yrago The failure of software licensing https://pluralistic.net/2020/05/04/which-side-are-you-on/#tivoization-and-beyond

#1yrago Pandemic could make Big Tech our permanent overlords https://pluralistic.net/2020/05/04/which-side-are-you-on/#trustbusting

#1yrago Hospital CEOs making millions amid cuts https://pluralistic.net/2020/05/04/which-side-are-you-on/#administrative-bloat



Colophon (permalink)

Today's top sources: Naked Capitalism (https://www.nakedcapitalism.com/).

Currently writing:

  • A Little Brother short story about pipeline protests. RESEARCH PHASE
  • A short story about consumer data co-ops. PLANNING

  • A Little Brother short story about remote invigilation. PLANNING

  • A nonfiction book about excessive buyer-power in the arts, co-written with Rebecca Giblin, "The Shakedown." FINAL EDITS

  • A post-GND utopian novel, "The Lost Cause." FINISHED

  • A cyberpunk noir thriller novel, "Red Team Blues." FINISHED

Currently reading: Analogia by George Dyson.

Latest podcast: How To Destroy Surveillance Capitalism (Part 05) https://craphound.com/nonficbooks/destroy/2021/05/02/how-to-destroy-surveillance-capitalism-part-05/
Upcoming appearances:

Recent appearances:

Latest book:

Upcoming books:

  • The Shakedown, with Rebecca Giblin, nonfiction/business/politics, Beacon Press 2022

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.


How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/web/accounts/303320

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

21:42

Link [Scripting News]

One year ago today: "People seem to feel it's over, they see the weather changing, winter is finally over, summer is here, we must have survived, time to go out and play. That's evolution for you. Of course the virus is still out there hunting us."

21:07

April GNU Spotlight with Mike Gerwitz: 16 new GNU releases! [Planet GNU]

16 new GNU releases in the last month (as of May 01, 2021):

18:49

The Wages of Password Re-use: Your Money or Your Life [Krebs on Security]

When normal computer users fall into the nasty habit of recycling passwords, the result is most often some type of financial loss. When cybercriminals develop the same habit, it can eventually cost them their freedom.

Our passwords can say a lot about us, and much of what they have to say is unflattering. In a world in which all databases — including hacker forums — are eventually compromised and leaked online, it can be tough for cybercriminals to maintain their anonymity if they’re in the habit of re-using the same unusual passwords across multiple accounts associated with different email addresses.

The long-running Breadcrumbs series here tracks how cybercriminals get caught, and it’s mostly through odd connections between their online and offline selves scattered across the Internet. Interestingly, one of the more common connections involves re-using or recycling passwords across multiple accounts.

And yes, hackers get their passwords compromised at the same rate as the rest of us. Which means when a cybercrime forum gets hacked and its user databases posted online, it is often possible to work backwards from some of the more unique passwords for each account and see where else that password was used.

SWATTING THE FLY

Of all the stories I’ve written here over the last 11 years, probably the piece I get asked most to recount is the one about Sergey “Fly” Vovnenko, a Ukrainian man who in 2013 hatched and executed a plan to buy heroin off the dark web, ship it to our house and then spoof a call to the police from one of our neighbors saying we were dealing drugs.

Fly was the administrator of a Russian-language identity theft forum at the time, and as a secret lurker on his forum KrebsOnSecurity watched his plan unfold in real time. As I described in a 2019 story about an interview Fly gave to a Russian publication upon his release from a U.S. prison, his propensity for password re-use ultimately landed him in Italy’s worst prison for more than a year before he was extradited to face charges in America.

Around the same time Fly was taking bitcoin donations for a fund to purchase heroin on my behalf, he was also engaged to be married to a young woman. But Fly apparently did not fully trust his bride-to-be, so he had malware installed on her system that forwarded him copies of all email that she sent and received.

But Fly would make at least two big operational security mistakes in this spying effort: First, he had his fiancée’s messages forwarded to an email account he’d used for plenty of cybercriminal stuff related to his various “Fly” identities.

Mistake number two was the password for his email account was the same as his cybercrime forum admin account. And unbeknownst to him at the time, that forum was hacked, with all email addresses and hashed passwords exposed.

Soon enough, investigators were reading Fly’s email, including the messages forwarded from his wife’s account that had details about their upcoming nuptials, such as shipping addresses for their wedding-related items and the full name of Fly’s fiancée. It didn’t take long to zero in on Fly’s location in Naples.

POOR PASSWORDS AS GOOD OPSEC?

While it may sound unlikely that a guy so enmeshed in the cybercrime space could make such rookie security mistakes, I have found that a great many cybercriminals actually have worse operational security than the average Internet user.

Countless times over the years I’ve encountered huge tranches of valuable, dangerous data — like a botnet control panel or admin credentials for cybercrime forums — that were full of bad passwords, like password1 or 123qweasd (an incredibly common keyboard pattern password).

I suspect this may be because the nature of illicit activity online requires cybercrooks to create vast numbers of single- or brief-use accounts, and as such they tend to re-use credentials across multiple sites, or else pick very poor passwords — even for critical resources.

Regardless of their reasons or lack thereof for choosing poor passwords, it is fascinating that in terms of maintaining one’s operational security it actually benefits cybercriminals to use poor passwords in many situations.

For example, it is often the denizens of the cybercrime underground who pick crappy passwords for their forum accounts who end up doing their future selves a favor when the forum eventually gets hacked and its user database is posted online.

SOME ADVICE FOR EVERYONE

It really stinks that it’s mid-2021 and we’re still so reliant on passwords. But as long as that’s the case, I hope it’s clear that the smartest choice for all Internet users is to pick unique passwords for every site. The major Web browsers will now auto-suggest long, complex and unique passwords when users go to set up a new account somewhere online, and this is obviously the simplest way to achieve that goal.

Password managers are ideal for people who can’t break the habit of re-using passwords, because you only have to remember one (strong) master password to access all of your stored credentials.

If you don’t trust password managers and have trouble remembering complex passwords, consider relying instead on password length, which is a far more important determiner of whether a given password can be cracked by available tools in any timeframe that might be reasonably useful to an attacker.

In that vein, it’s safer and wiser to focus on picking passphrases instead of passwords. Passphrases are collections of multiple (ideally unrelated) words mushed together. Passphrases are not only generally more secure, they also have the added benefit of being easier to remember. Their main limitation is that countless sites still force you to add special characters and place arbitrary limits on password length possibilities.

Finally, there’s absolutely nothing wrong with writing down your passwords, provided a) you do not store them in a file on your computer or taped to your laptop, and b) that your password notebook is stored somewhere relatively secure, i.e. not in your purse or car, but something like a locked drawer or safe.

Further reading: Who’s Behind the GandCrab Ransomware?

18:28

May Choice is Here! [Humble Bundle Blog]

Step into the worlds of Metro Exodus, Darksiders Genesis, Hellpoint, and more - a $269 value in May Choice!

The post May Choice is Here! appeared first on Humble Bundle Blog.

17:28

New York Times 1619 project [Richard Stallman's Political Notes]

Some Republicans object to the New York Times' 1619 project, about the history of slavery in the US, claiming that it is wrong to call attention to the country's flaws.

Since some of these flaws continue to cause injustice today, I believe as a general principle that we should pay attention to them, not cover them up. Therefore, I would like to look at the 1619 Project and see what it says.

I am blocked from doing so because its web site insists on running nonfree software (written in Javascript) in my browser. Since I don't allow anyone to do that to me, the site shows me a blank window.

Does anyone know of another way I can look at that material? Perhaps a way that is not "interactive"?

Because of that injustice in the site's infrastructure, I must urge everyone to decline to visit that site, unless and until they fix it to be accessible from the Free World. I hope that school curriculums will likewise refuse to suggest the site as a resource until it has been fixed.

I hope that they fix it soon, to make the material available for viewing from the Free World. But we will need to press them to do it.

Does anyone know where we should direct the pressure?

Chickenpox vaccine [Richard Stallman's Political Notes]

Complex and subtle factors have to be weighed to determine whether use of the chickenpox vaccine is desirable. One factor is whether everyone will agree to be vaccinated.

Redirect harmful subsidies [Richard Stallman's Political Notes]

*Redirect harmful subsidies to benefit the planet, UN urges governments.*

Witchcraft [Richard Stallman's Political Notes]

Witchcraft accusations in New Guinea: is it correct to call this a "highly modern phenomenon" and say it is not a practice from "ages past"?

I think that is a false choice, and that it is part one and part the other.

It may be true that an accusation of witchcraft nowadays typically results from conflicts related to modern society and the precarious economy. I have no reason to doubt that. It would result from whatever tends to cause strong conflict.

However, the choice to handle the conflict by accusing someone of witchcraft surely comes out of cruel traditions, and so does the choice to deal with that accusation by torturing the alleged witch.

The fact that in some regions it is usually males that are accused of witchcraft, while in other regions usually females are accused, supports the idea that the traditional culture of each region is responsible. New Guinea traditional cultures varied greatly in their customs and religious beliefs, including their beliefs about witchcraft.

Whatever the explanation, the idea of witchcraft is a plague of irrationality that leads to persecution of many innocent people.

One thing secular humanists do, in many countries, is campaign for an end to persecution of "witches". I see articles about this occasionally in the secular humanist magazine, Free Inquiry.

False figures of Covid-19 deaths [Richard Stallman's Political Notes]

India is giving false figures for the number of people killed by Covid-19, reporting only half as many deaths as the number of bodies that were cremated.

In the US we have seen governments falsify Covid-19 statistics in Florida and New York State.

Reinstating Covid-19 restrictions [Richard Stallman's Political Notes]

Oregon has reinstated restrictions to prevent spread of Covid-19, based on projections that this would avoid hundreds of deaths from Covid-19.

How about conditioning reopening in each area on the fraction of residents who have been vaccinated?

Shooting protesters [Richard Stallman's Political Notes]

Chad's military shot protesters who were criticizing Chad's military rulers — which include the son of the recently deceased former dictator.

Denuclearization [Richard Stallman's Political Notes]

Biden says that he continues to push for "denuclearization" of North Korea, which is an impossible goal. Kim has learned that nuclear weapons are the way to protect his dictatorial power, and will not consider giving up that protection.

Concealing pipeline assurance company [Richard Stallman's Political Notes]

Canada has obtained new insurance coverage for the planet-roasting Trans Mountain pipeline, and is concealing which insurance companies are providing the coverage.

This is a reaction to the pressure already placed on insurance companies to stop insuring fossil fuel projects.

Canada's government takes a planet-roaster stance, and what we see here is how far it will go to continue destroying civilization's future.

17:21

Security updates for Tuesday [LWN.net]

Security updates have been issued by Debian (bind9, chromium, exim4, and subversion), Fedora (exiv2 and skopeo), openSUSE (gsoap), Oracle (bind, kernel, and sudo), SUSE (bind, ceph, ceph, deepsea, permissions, and stunnel), and Ubuntu (clamav, exim4, openvpn, python-django, and samba).

16:35

Top Comments – Pages 1497 – 1500 [Looking For Group]

Tuesday, YOU are the star! We curate our favourite comments from the previous week’s comments on lfg.co and Facebook and remind you how clever you are. Here are your top comments for Looking For Group pages 1497 – 1500 Looking […]

The post Top Comments – Pages 1497 – 1500 appeared first on Looking For Group.

An important Exim security release [LWN.net]

There are, it seems, 21 vulnerabilities in the Exim email server that have been fixed in the 4.94.2 release; at least some of these are remotely exploitable for root access. "The current Exim versions (and likely older versions too) suffer from several exploitable vulnerabilities. These vulnerabilities were reported by Qualys via security@exim.org back in October 2020. Due to several internal reasons it took more time than usual for the Exim development team to work on these reported issues in a timely manner." See this advisory from Qualys for the details.

Steve Kemp: Password store plugin: env [Planet Debian]

Like many I use pass for storing usernames and passwords. This gives me easy access to credentials in a secure manner.

I don't like the way that the metadata (i.e. filenames) are public, but that aside it is a robust tool I've been using for several years.

The last time I talked about pass was when I talked about showing the age of my credentials, via the integrated git support.

That then became a pass-plugin:

  frodo ~ $ pass age
  6 years ago GPG/root@localhost.gpg
  6 years ago GPG/steve@steve.org.uk.OLD.gpg
  ..
  4 years, 8 months ago Domains/Domain.fi.gpg
  4 years, 7 months ago Mobile/dna.fi.gpg
  ..
  1 year, 3 months ago Websites/netlify.com.gpg
  1 year ago Financial/ukko.fi.gpg
  1 year ago Mobile/KiK.gpg
  4 days ago Enfuce/sre.tst.gpg
  ..

Anyway today's work involved writing another plugin, named env. I store my data in pass in a consistent form, each entry looks like this:

   username: steve
   password: secrit
   site: http://example.com/login/blah/
   # Extra data

The keys vary, sometimes I use "login", sometimes "username", other times "email", but I always label the fields in some way.

Recently I was working with some CLI tooling that wants to have a username/password specified and I patched it to read from the environment instead. Now I can run this:

     $ pass env internal/cli/tool-name
     export username="steve"
     export password="secrit"

That's ideal, because now I can source that from within a shell:

   $ source <(pass env internal/cli/tool-name)
   $ echo username
   steve

Or I could directly execute the tool I want:

   $ pass env --exec=$HOME/ldap/ldap.py internal/cli/tool-name
   you are steve
   ..

TLDR: If you store your password entries in "key: value" form you can process them to export $KEY=$value, and that allows them to be used without copying and pasting into command-line arguments (e.g. "~/ldap/ldap.py --username=steve --password=secrit")

15:49

Instant replay: Debugging C and C++ programs with rr (Red Hat Developer) [LWN.net]

The Red Hat Developer Blog has posted an introduction to the rr debugger. "rr records trace information about the execution of an application. This information allows you to repeatedly replay a particular recording of a failure and examine it in the GNU Debugger (GDB) to better investigate the cause. In addition to replaying the trace, rr lets you run the program in reverse, in essence allowing you 'rewind the tape' to see what happened earlier in the execution of the program."

A map through the three major coroutine series [The Old New Thing]

Our long national nightmare is not yet over: The three main coroutine series are now done, although that doesn’t mean I’m done with coroutines.

Here’s a map through the main series, at least. There is a direct route and a number of scenic routes.

Part the First: Awaitable Objects

Start the first part
       
C++ coroutines: Getting started with awaitable objects
       
    C++ coroutines: Constructible awaitable or function returning awaitable?
       
    C++ coroutines: Framework interop
       
    C++ coroutines: Awaiting an IAsyncAction without preserving thread context
       
C++ coroutines: Short-circuiting suspension, part 1
       
C++ coroutines: Short-circuiting suspension, part 2
       
    C++ coroutines: no callable ‘await_resume’ function found for type
       
C++ coroutines: Defining the co_await operator
       
    C++ coroutines: The co_await operator and the function search algorithm
       
    C++ coroutines: The problem of the synchronous apartment-changing callback
       
    C++ coroutines: The problem of the DispatcherQueue task that runs too soon, part 1
       
    C++ coroutines: The problem of the DispatcherQueue task that runs too soon, part 2
       
    C++ coroutines: The problem of the DispatcherQueue task that runs too soon, part 3
       
    C++ coroutines: The problem of the DispatcherQueue task that runs too soon, part 4
       
You made it to the end of the first part

Part the Second: Awaitable Signals

The early portions are optional, but things get interesting toward the end of the second part, where we build a “result holder”.

Start the second part
           
    Creating a co_await awaitable signal that can be awaited multiple times, part 1
           
    Creating a co_await awaitable signal that can be awaited multiple times, part 2
           
    Creating a co_await awaitable signal that can be awaited multiple times, part 3
           
    Creating a co_await awaitable signal that can be awaited multiple times, part 4
           
    Creating a co_await awaitable signal that can be awaited multiple times, part 5
           
    Creating a co_await awaitable signal that can be awaited multiple times, part 6
           
        Creating other types of synchronization objects that can be used with co_await, part 1: The one-shot event
           
        Creating other types of synchronization objects that can be used with co_await, part 2: The basic library
           
        Creating other types of synchronization objects that can be used with co_await, part 3: Parallel resumption
           
        Creating other types of synchronization objects that can be used with co_await, part 4: The manual-reset event
           
        Creating other types of synchronization objects that can be used with co_await, part 5: The auto-reset event
           
        Creating other types of synchronization objects that can be used with co_await, part 6: The semaphore
           
        Creating other types of synchronization objects that can be used with co_await, part 7: The mutex and recursive mutex
           
        Creating other types of synchronization objects that can be used with co_await, part 8: The shared mutex
           
        Creating other types of synchronization objects that can be used with co_await, part 9: The shared mutex (continued)
           
        Creating other types of synchronization objects that can be used with co_await, part 10: Wait for an event to clear
           
Creating a task completion source for a C++ coroutine: Producing a result
           
Creating a task completion source for a C++ coroutine: Producing a result with references
           
Creating a task completion source for a C++ coroutine: Producing nothing
           
Creating a task completion source for a C++ coroutine: Failing to produce a result
           
You made it to the end of the second part

Part the Third: Coroutine Promises

Start the third part
       
C++ coroutines: The mental model for coroutine promises
       
C++ coroutines: Basic implementation of a promise type
       
C++ coroutines: The initial and final suspend, and improving our return_value method
       
    C++ coroutines: What happens if an exception occurs in my return_value?
       
C++ coroutines: Making the promise itself be the shared state, the inspiration
       
C++ coroutines: Making the promise itself be the shared state, the outline
       
C++ coroutines: Building a result holder for movable types
       
C++ coroutines: Accepting types via return_void and return_value
       
C++ coroutines: Awaiting the simple_task
       
C++ coroutines: Managing the reference count of the coroutine state
       
    C++ coroutines: The lifetime of objects involved in the coroutine function
       
    C++ coroutines: Tradeoffs of making the promise be the shared state
       
C++ coroutines: Making it impossible to co_await a task twice
       
C++ coroutines: Getting rid of our mutex
       
C++ coroutines: Getting rid of our reference count
       
    C++ coroutines: Allowing the awaiter to be destroyed while suspended
       
    C++ coroutines: Getting rid of our atomic variant discriminator
       
    C++ coroutines: Cold-start coroutines
       
    C++ coroutines: Improving cold-start coroutines which complete synchronously
       
    C++ coroutines: Associating multiple tasks with the same promise
       
C++ coroutines: What does it mean when I declare my coroutine as noexcept?
       
C++ coroutines: How do I create a coroutine that terminates on an unhandled exception?
       
C++ coroutines: Snooping in on the coroutine body
       
C++ coroutines: Adding custom resume context support to our awaiter
       
    C++ coroutines: Waiting synchronously for our coroutine to complete
       
    C++ coroutines: Converting among tasks that use the same promise
       
C++ coroutines: Promise constructors
       
You are here

I’m not done with coroutines, but this is a road map through the three main areas.

The post A map through the three major coroutine series appeared first on The Old New Thing.

C++ coroutines: Promise constructors [The Old New Thing]

So far, all of our coroutine promises have had only a default constructor. But the standard actually gives the promise access to the coroutine parameters, if it wants them.¹

If somebody declares a coroutine that uses your promise, say,

simple_task<void> Awesome(int x, int y)
{
    ...
}

the compiler first looks for a promise constructor that accepts those parameters, prefixed if applicable by the hidden *this parameter. In this example, it tries to construct a simple_promise(x, y). Standard overload rules apply, so the actual constructor could take two integer lvalues, or one integer lvalue and one integer by value, or maybe it takes two longs, since integers are implicitly convertible to long. This gives your coroutine an opportunity to snoop on the parameters. For example, you might have a promise that detects that one of the parameters is a Logger, in which case it uses that logging object for its own internal logging.

If no suitable constructor can be found, then the compiler falls back to using the default constructor for the promise.

You might say, “Well, that’s interesting, but it has no effect on me because my only constructor is the default constructor, so that’s the only one the compiler will ever use.”

You’d be wrong.

Because the compiler will autogenerate a copy constructor.

Somebody could create a coroutine like this:

simple_task<void> Weirdo(simple_promise<void> wha)
{
    ...
}

If they do that, then the compiler will look for a promise constructor that takes a simple_promise<void> parameter, and it will find one: The copy constructor. The promise for the coroutine will therefore be copy-constructed from the wha parameter, which is probably not what you were expecting.

On the other hand, the fact that they are passing your private promise type as a parameter suggests that they are intentionally messing with the internals and therefore deserve what they get.

However, an unwitting developer might stumble into this case if they create a generic type similar to std::any:

struct Object
{
    template<typename T>
    operator T() { return std::any_cast<T>(o); }

    template<typename T>
    Object& operator=(T&& other)
    { o = std::forward<T>(other); return *this; }

private:
    std::any o;
};

This is a generic type that can hold any value, and you can get the same value out by converting to the thing you hope is inside.

Which means that it can try to convert to simple_promise.

simple_task<void> Print(Object o)
{
    ...
}

The compiler will see that an Object can be passed to the simple_promise copy constructor, which will try to convert the Object to a simple_promise in order to copy it. The conversion will (probably) fail with a std::bad_any_cast, and your program crashes for a totally mysterious reason. You’ll be looking at the crash dumps wondering, “Why is this code trying to convert my Object to a simple_promise?”

Let’s fix that by explicitly denying copying.

    template<typename T>
    struct simple_promise_base
    {
        ...

        simple_promise_base() = default;
        simple_promise_base(simple_promise_base const&) = delete;
        void operator=(simple_promise_base const&) = delete;

        ...
    };

I’m going to declare this the nominal end of what turned into a 47-part series on coroutines,² because I’m pretty sure you’re all sick of coroutines by now. There are still some other topics related to coroutines that aren’t connected to this series, so you’re not out of the woods yet. And there’s generators, which is deserving of its own series, but I’ll wait until the outrage dies down.

¹ Be aware that this is a dark corner of the language specification that not all implementations agree on. The specification says that the parameters are passed as lvalues, but gcc passes them as their original reference class, and MSVC doesn’t pass them at all until you upgrade to version 16.8 or higher, set /std:c++latest, and omit the legacy /await flag.

I get the impression that the gcc behavior is a bug, rather than a feature, because setting -pedantic does not cause gcc to switch to the standard-conforming behavior.

² Or 48 parts if you count the prologue article about E_ILLEGAL_DELEGATE_ASSIGNMENT.

The post C++ coroutines: Promise constructors appeared first on The Old New Thing.

Steve Kemp: Password store plugin: enve [Planet Debian]

Like many I use pass for storing usernames and passwords. This gives me easy access to credentials in a secure manner.

I don't like the way that the metadata (i.e. filenames) are public, but that aside it is a robust tool I've been using for several years.

The last time I talked about pass was when I talked about showing the age of my credentials, via the integrated git support.

That then became a pass-plugin:

  frodo ~ $ pass age
  6 years ago GPG/root@localhost.gpg
  6 years ago GPG/steve@steve.org.uk.OLD.gpg
  ..
  4 years, 8 months ago Domains/Domain.fi.gpg
  4 years, 7 months ago Mobile/dna.fi.gpg
  ..
  1 year, 3 months ago Websites/netlify.com.gpg
  1 year ago Financial/ukko.fi.gpg
  1 year ago Mobile/KiK.gpg
  4 days ago Enfuce/sre.tst.gpg
  ..

Anyway today's work involved writing another plugin, named env. I store my data in pass in a consistent form, each entry looks like this:

   username: steve
   password: secrit
   site: http://example.com/login/blah/
   # Extra data

The keys vary, sometimes I use "login", sometimes "username", other times "email", but I always label the fields in some way.

Recently I was working with some CLI tooling that wants to have a username/password specified and I patched it to read from the environment instead. Now I can run this:

     $ pass env internal/cli/tool-name
     export username="steve"
     export password="secrit"

That's ideal, because now I can source that from within a shell:

   $ source <(pass env internal/cli/tool-name)
   $ echo username
   steve

Or I could directly execute the tool I want:

   $ pass env --exec=$HOME/ldap/ldap.py internal/cli/tool-name
   you are steve
   ..

TLDR: If you store your password entries in "key: value" form you can process them to export $KEY=$value, and that allows them to be used without copying and pasting into command-line arguments (e.g. "~/ldap/ldap.py --username=steve --password=secrit")

Mental Health Practices [Oh Joy Sex Toy]

Mental Health Practices

To be honest, I’m struggling to write something here. When I was freshly out of the Intensive Outpatient Program, I made a comic talking about my experience there plus reviewed a vibrator, so, y’know, killin’ two birds with one stone there. More recently I made a comic explaining The Stress Response Cycle, which I touch […]

Tesla Remotely Hacked from a Drone [Schneier on Security]

This is an impressive hack:

Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. and Benedikt Schmotzle of Comsecuris GmbH have found remote zero-click security vulnerabilities in an open-source software component (ConnMan) used in Tesla automobiles that allowed them to compromise parked cars and control their infotainment systems over WiFi. It would be possible for an attacker to unlock the doors and trunk, change seat positions, both steering and acceleration modes — in short, pretty much what a driver pressing various buttons on the console can do. This attack does not yield drive control of the car though.

That last sentence is important.

News article.

15:42

Link [Scripting News]

Fifty years ago today: Four Dead in Ohio.

Link [Scripting News]

I wonder if people who feel that wearing a mask or getting vaccinated is giving up too much freedom, realize that you have absolutely zero freedom if you are hospitalized with Covid. You can't get up from bed, can't go home, can't even take a piss on your own.

Link [Scripting News]

I question the idea that 1/2 of our legislative government can be trying to overthrow it. I think there has to be a radical response to this. Pretending it's possible is imho impossible.

15:00

Erich Schubert: Machine Learning Lecture Recordings [Planet Debian]

I have uploaded most of my “Machine Learning” lecture to YouTube.

The slides are in English, but the audio is in German.

Some very basic contents (e.g., a demo of standard k-means clustering) were left out from this advanced class, and instead only a link to recordings from an earlier class were given. In this class, I wanted to focus on the improved (accelerated) algorithms instead. These are not included here (yet). I believe there are some contents covered in this class you will find nowhere else (yet).

The first unit is pretty long (I did not split it further yet). The later units are shorter recordings.

ML F1: Principles in Machine Learning

ML F2/F3: Correlation does not Imply Causation & Multiple Testing Problem

ML F4: Overfitting – Überanpassung

ML F5: Fluch der Dimensionalität – Curse of Dimensionality

ML F6: Intrinsische Dimensionalität – Intrinsic Dimensionality

ML F7: Distanzfunktionen und Ähnlichkeitsfunktionen

ML L1: Einführung in die Klassifikation

ML L2: Evaluation und Wahl von Klassifikatoren

ML L3: Bayes-Klassifikatoren

ML L4: Nächste-Nachbarn Klassifikation

ML L5: Nächste Nachbarn und Kerndichteschätzung

ML L6: Lernen von Entscheidungsbäumen

ML L7: Splitkriterien bei Entscheidungsbäumen

ML L8: Ensembles und Meta-Learning: Random Forests und Gradient Boosting

ML L9: Support Vector Machinen - Motivation

ML L10: Affine Hyperebenen und Skalarprodukte – Geometrie für SVMs

ML L11: Maximum Margin Hyperplane – die “breitest mögliche Straße”

ML L12: Training Support Vector Machines

ML L13: Non-linear SVM and the Kernel Trick

ML L14: SVM – Extensions and Conclusions

ML L15: Motivation of Neural Networks

ML L16: Threshold Logic Units

ML L17: General Artificial Neural Networks

ML L18: Learning Neural Networks with Backpropagation

ML L19: Deep Neural Networks

ML L20: Convolutional Neural Networks

ML L21: Recurrent Neural Networks and LSTM

ML L22: Conclusion Classification

ML U1: Einleitung Clusteranalyse

ML U2: Hierarchisches Clustering

ML U3: Accelerating HAC mit Anderberg’s Algorithmus

ML U4: k-Means Clustering

ML U5: Accelerating k-Means Clustering

ML U6: Limitations of k-Means Clustering

ML U7: Extensions of k-Means Clustering

ML U8: Partitioning Around Medoids (k-Medoids)

ML U9: Gaussian Mixture Modeling (EM Clustering)

ML U10: Gaussian Mixture Modeling Demo

ML U11: BIRCH and BETULA Clustering

ML U12: Motivation Density-Based Clustering (DBSCAN)

ML U13: Density-reachable and density-connected (DBSCAN Clustering)

ML U14: DBSCAN Clustering

ML U15: Parameterization of DBSCAN

ML U16: Extensions and Variations of DBSCAN Clustering

ML U17: OPTICS Clustering

ML U18: Cluster Extraction from OPTICS Plots

ML U19: Understanding the OPTICS Cluster Order

ML U20: Spectral Clustering

ML U21: Biclustering and Subspace Clustering

ML U22: Further Clustering Approaches

14:56

Two controversial questions [Scripting News]

I wrote a couple of potentially controversial tweets yesterday and earlier today. I'm happy to say everyone responded respectfully, and at least tried to respond to the questions I asked.

The first was about political discussions at work. The issue was raised by the recent controversy at the Basecamp company, which had suspended political discussions on the company's internal message boards. Later it came out that they were getting criticism for an internal list they kept of customers with "funny" names. I wrote about this on April 28.

Here's what I wrote in a twitter thread earlier today.

  • It’s a privilege to spend the day discussing politics instead of doing the job you were hired to do. At least some jobs could not work that way. Could a bus driver? An assembly line worker. A teacher. A tech support worker. A cashier at Starbucks. A cop. Emergency room doctor.
  • Suppose you worked at a company handling customer service calls. It’s a grind. All those angry people you deal with. But it’s a job. One of your colleagues spends much of their time on an internal discussion board commenting on the people they work with.
  • They start talking about you! You looked at someone funny in the lunchroom. You might be a white supremacist. Do you keep answering support calls, or join the discussion. You’re worried you might lose your job. Someone saw you reading a suspicious magazine.

If you can't tell, as a former founder of two companies, I think people should keep political discussions at work to an absolute minimum. It should be possible for people with different political views to work together. This, to me, is one of the central features of freedom. You are free to believe what you believe and so am I. But we can and must still respect each other, and the highest form of respect in my opinion is to create something with each other. Personal blogs are good places to express political opinions, so is Twitter. But not work.

The other thread was about the use of the forbidden n-word to apply to white people.

  • Dave Chappelle uses the n-word to speak about individual white people.
  • What is it supposed to mean?
  • Suppose Dave says a white person is his n-word.
  • Is that white person then permitted to reciprocate?
  • If so, how?
  • And please no abuse. Thanks. ;-)

The best response imho came from Tanya Weiman.

I like that a lot, but only if you feel affection toward the person. I don't feel that way about Chappelle. I think he's using it as an act of hostility, knowing there's no way for a white person to respond in kind. But thanks to Larry David, if you have the chutzpah to talk back, we have a good response!

Karri Carlson asked me to listen to comments by Ta-Nahisi Coates, which I did, specifically pointing at 3:23 in the video. I understand that blacks use the n-word as a term of endearment for each other and it's not something white people are entitled to an opinion about, according to Coates. Whatever he says, we can have opinions about whatever we want, as he has negative opinions about white people, and expresses them. At 3:23 he makes a generalization which I found offensive. I don't think I own everything. Further I don't want to use the n-word, and further, please don't use that word to refer to me. Thanks.

14:49

The Big Idea: John Gwynne [Whatever]

In author John Gwynne’s Big Idea, he tells us of not only his love for Norse mythology, but also of his passion to write something fantastic that will evoke an array of emotions within his readers. Follow along as he describes what some of those emotions are, and how they contributed to writing his newest novel, The Shadow of the Gods.

JOHN GWYNNE:

My writing mantra is ‘write what you want to read,’ and I want to read books that sweep me away on an emotional rollercoaster, that carry me off to other worlds and engage me emotionally. I want to read a book where I become invested in the characters; I want to care, and I want to feel: fear, hate, love, and everything in-between.  I want to fist-pump the air at the victories and feel that knife-twist in the gut at the betrayals. All those things that have moved me as a reader and got me hooked on books. If my books give even a fraction of those precious moments back to my readers, then I will count my writing career a success.

My latest book, The Shadow of the Gods, is a love letter to my deep and abiding passion for all things Norse. That spark was lit when I was a child, with tales of Beowulf fighting monsters, of giants and serpents and fierce berserkers, and of Ragnarök, that end-of-days battle where the gods fought to extinction. That childhood passion has led me to picking up a shield and spear as an adult and becoming a Viking reenactor, and it has fueled this new book, filling it with longships and trolls, shield walls and berserkers, rune-magic and blood-oaths. 

But I hope that there is more to it than that. 

I try to write tales that entertain, that sweep the reader away to far off worlds and snare them in stories that are magical and brutal, heartbreaking and uplifting, intimate and epic, but I also try to write tales that challenge, that encourage us to hope, and to dare, and to live. The themes of family and friendship and love are at the core of everything that I write, because they are what we live for. Each other. Those we care about and love. This is the beating heart of the human condition. 

Don’t get me wrong, In The Shadow of the Gods you will not find a sentimental tale of happy families and true love’s first kiss and a happily ever after. This is a cold, harsh, brutal world where slavery is the highest currency and people carve a life with hard hearts and cold iron, but by writing about this type of world I try to challenge those hegemonic power systems of prejudice and elitism and gender politics. Power systems that are reflections of our own world. And in doing that, to perhaps light a spark of hope in the hearts of my characters and my readers alike, to perhaps make the reader think about the choices we make in our own lives, and how those small, daily choices matter. That when taken as a whole our choices will both define us, and steer our course through this dark, awful, wonderful, heart-breaking and beautiful world.

Quite a lot to hope for in a book about dragons and trolls and creatures that have an overwhelming hunger for human teeth, but I am a glass-half-full kind of man, and so I will choose to live in hope.


The Shadow of the Gods: Amazon|Barnes & Noble|Indiebound|Powell’s

Read an excerpt. Visit the author’s website. Follow him on Twitter.

Happy Just To Be a Finalist: A Twitter Thread [Whatever]

John Scalzi

I wrote a Twitter thread last night about awards and peer groups and being happy no matter who might win; I’m reporting it for archival purposes, and for those of you who don’t go to the Twitters. Enjoy.

1. One of the things that it’s sometimes hard to communicate about being a finalist for an award is one might genuinely be happy for any of the people to win. To make this point, let me talk about why I would be thrilled on a personal level no matter who wins this Locus Award.

2. Elizabeth Bear (@matociquala) was the Astounding Award winner just before me and one of my oldest friends in SF/F, and we used to teach together at @ViableParadise. A terrific writer and pal. It would be thrilling to have her win. 

3. At my very first SF convention, Cory Doctorow (@doctorow) was literally pulled out of a crowd in a hotel lobby by our editor to be my con buddy and we have been compatriots since. A great social thinker and writer, and would be a deserved award winner. 

4. Kate Elliott (@KateElliottSFF) I had the pleasure of hanging out with in Hawaii a few years ago; she was the best of company as we talked writing craft and other things. Her work is never less than excellent; how could I not want her to win? 

5. William Gibson (@GreatDismal) literally changed the course of written science fiction and has been challenging the way we think about the world for decades. And is a hell of a fine person. I could not imagine being upset to lose the category to him. 

6. Mary Robinette Kowal (@MaryRobinette) is one of my best friends in the world and there’s no one who has worked harder or more deserves their acclaim. Her “Lady Astronaut” series is groundbreaking and winning this award would reconfirm this. 

7. Paul McCauley (@UnlikelyWorlds) is the only person on this list I do not know! But I do know his work, and it is very fine. A win here would be an excellent recognition of his talent and effort. 

8. Kim Stanley Robinson (@ksrinfo) is the kindest and most decent of people, the deepest of thinkers, and the creator of some of the most fascinating worlds in science fiction. He doesn’t need to prove himself at this point, but this award would underscore his brilliance. 

9. Martha Wells (@marthawells1) is my favorite SF/F success story, a reminder that as long as you keep writing it’s never too late to make the world notice your work. Murderbot is not only liked; it’s beloved. This award would be richly deserved. 

10. Gene Wolfe was and is an acknowledged grand master of the SF/F genre; I should know because as president of SFWA I had the distinct honor of naming him as one. Which only confirmed what everyone already knew. A win here would be a perfect swan song. 

11. You see my point: Everyone here is deserving, and to get to call myself their peer in the category is a deep personal and professional honor in itself. I’d be happy to win. But I will not be at all disappointed to lose. I will genuinely cheer on any and all. What a group! 

12. And now, as tradition, I end on a cat picture. The cat is not a finalist for the Locus Award. This year.

–JS

11:49

A Specified Integration [The Daily WTF]

Shipping meaningful data from one company's IT systems to another company's IT systems is one of those problems that's been solved a billion times, with entirely new failure modes each...

11:00

Solder paste stencil [RevK®'s ramblings]

My soldering is not bad, but there are limits, and I am reaching them with the smaller and smaller components I am trying to use. Not only are the pins small, they are under the chip. A small QFN is just about doable. So I wanted to up my skills in soldering and try solder paste. I'm impressed with the result, but it was a bit of a journey.

How to do it? Get an oven, get a proper solder stencil, and get the right solder paste. You can then wipe the paste through the stencil with a plastic card, apply components and cook. It works!

So what was so hard?

Well, it was not as simple as it sounds, so here is what happened.

Laser a stencil?

I decided to try and make a stencil myself. Basically, having a proper metal stencil made adds another £50 to the cost, and someone said they had success with a vinyl cutter. I decided to try a laser. I got a cheap one off Amazon (K4 laser generic Chinese thing). Sadly the firmware simply will not laser cut, it only raster images. It looks like I could dismantle it and re-flash with something sane, but a lot of work.

Try again

So I ordered a better laser, one that actually claims to do GRBL. Again from Amazon. The GRBL firmware loader is a windows program but works from parallels, and then it just works nicely with LaserWeb on my Mac. I'm amazed at what you can get.

So what to cut to make a stencil? Well I tried mylar and it sort of melted. I tried acetate, and it sort of burned!

So I tried some actual vinyl, and that worked surprisingly well, but is just not quite accurate enough - rough edges. It would be fine for 0603 but not QFNs. Bugger.

Oh, and all of them made some nasty smells - this is why a cheap laser is not ideal - no fans. Recommend using outside!

Cut a stencil?

Next I tried an actual vinyl cutter, as someone else had managed this. How hard could it be. I decided to try and do a bit more research, and there are some nice small cutters like Cricut and Silhouette. However I see Cricut recently stopped you cutting your own designs!!! You have to pay for designs. Wow. And I could not work out what you needed for Silhouette to work. So I went for a more generic cutter/plotter that does HPGL. Using Inkcut on my Mac worked, I can cut things...

But, not quite. For a start it took a bit to work out it uses XON/XOFF. Then I found when the serial port closes at the end of the job the printer aborts and so does not finish the job (I added a delay to fix that).

It could not cope with mylar or acetate, but did cut vinyl. However, it did not make a clean stencil! The pads were not closed and the fine pads were just a diagonal line!

The answer is that I did not quite do enough research. This is a "drag blade" cutter, so the blade point drags 0.25mm behind. This would be fine(ish) for cutting large sticky back lettering, but now when the features you are cutting are not even 0.25mm wide! There are, apparently, some s/w work arounds I could try. But for now I have given up and decided to do it properly...

Try again

Update: It looks like the Silhouette printers are going to work. Seems you have to pay £50 more for being able to load an SVG, but it will load a DXF anyway. Converting SVG to DXF is easy with inkscape and free, so why would you pay £50 more. That said, I am not sure it can cope with such detail.

Use a proper stencil?

So I ordered a proper stencil - very nice. PCB Train do a good job.

I ordered some solder paste from RS, and, well, it was a disaster. It was runny and far too much solder paste, and well, useless!

Try again

I was desparing, but encouraged by people on twitter who clearly managed to do this right, I carried on. I ordered some different solder paste, just in case.

It worked first time, clean, nice, easy to use. I am impressed.

The first board made like this actually worked - well minor issue with reset, but did then work. So now to try another.



10:14

“But how will you know?” [Seth's Blog]

It pays to know what something is for. It helps us figure out how to do it better, how to allocate resources and how to know when we’re done.

Much of what we build or invest in is complicated. It serves multiple purposes, has to please many constituents and has competing priorities.

So the question: “How will we know if it’s working?” is a powerful one.

It opens the door to a useful conversation about what it’s for.

04:07

Benjamin Mako Hill: NSF CAREER Award [Planet Debian]

In exciting professional news, it was recently announced that I got an National Science Foundation CAREER award! The CAREER is the US NSF’s most prestigious award for early-career faculty. In addition to the recognition, the award involves a bunch of money for me to put toward my research over the next 5 years. The Department of Communication at the University of Washington has put up a very nice web page announcing the thing. It’s all very exciting and a huge honor. I’m very humbled.

The grant will support a bunch of new research to develop and test a theory about the relationship between governance and online community lifecycles. If you’ve been reading this blog for a while, you’ll know that I’ve been involved in a bunch of research to describe how peer production communities tend to follow common patterns of growth and decline as well as a studies that show that many open communities become increasingly closed in ways that deter lots of the kinds contributions that made the communities successful in the first place.

Over the last few years, I’ve worked with Aaron Shaw to develop the outlines of an explanation for why many communities because increasingly closed over time in ways that hurt their ability to integrate contributions from newcomers. Over the course of the work on the CAREER, I’ll be continuing that project with Aaron and I’ll also be working to test that explanation empirically and to develop new strategies about what online communities can do as a result.

In addition to supporting research, the grant will support a bunch of new outreach and community building within the Community Data Science Collective. In particular, I’m planning to use the grant to do a better job of building relationships with community participants, community managers, and others in the platforms we study. I’m also hoping to use the resources to help the CDSC do a better job of sharing our stuff out in ways that are useful as well doing a better job of listening and learning from the communities that our research seeks to inform.

There are many to thank. The proposed work was the direct research of the work I did as the Center for Advanced Studies in the Behavioral Sciences at Stanford where I got to spend the 2018-2019 academic year in Claude Shannon’s old office and talking through these ideas with an incredible range of other scholars over lunch every day. It’s also the product of years of conversations with Aaron Shaw and Yochai Benkler. The proposal itself reflects the excellent work of the whole CDSC who did the work that made the award possible and provided me with detailed feedback on the proposal itself.

02:42

Gotta Go Fast [QC RSS]

I hate them both so much and they're not even real

02:28

Link [Scripting News]

Video demo. I pointed my iPhone at my living room TV, displaying my Mac Mini, which has the images from the new project.

00:14

Page 22 [Flipside]

Page 22 is done.

Monday, 03 May

22:07

The Big Idea: A. J. Smith [Whatever]

Reading can be a form of escapism, but so can writing. Author A. J. Smith’s tells us about his experience with this in the Big Idea for his newest novel, The Sword Falls. Delve into his journey with fantasy writing, and see just how quickly a hobby can turn into a profession.

A. J. SMITH:

I can write myself into corners, around corners; into and over walls and, mostly frequently, down dead-end alleyways. I get stuck, change my mind, delete and rewrite entire sections, and generally twist myself into knots trying to make everything hang together and become something people actually want to read. It’s never linear or straightforward, and is frequently seasoned with crippling self-doubt. I don’t say any of this to elicit sympathy or to moan on about the struggles of a fantasy novelist. It’s just necessary background to explain why I would never stop doing it.

I should probably confess at this stage that I am bipolar, and use writing as a form of therapy. 

Let me start at the beginning. I always knew my mind didn’t work the same as other people, but I didn’t get a useful diagnosis until my mid twenties. By then, I’d been unknowingly self-medicating with the empty page for years. My therapy of choice at the time was drawing elaborate fantasy maps and concocting role-playing games set within. I think I was good at it, and it was the only thing I did that didn’t make me feel I should be doing something else. When a doctor told me I was a manic depressive, I went home and planned a role-playing game. 

For years I maintained stability through a complicated dance of medication, fantasy role-playing, and filling the empty page. It was escapism, pure and simple, and I grew to love it. I wrote all sorts of things, experimenting with a hundred different genres and plotlines. Whenever the real world got too much, I retreated to the empty page. I sincerely loved writing and, when I decided to write my first novel, I grew to love it even more. When something is so important to you, you want to know if you’re any good at it. A close friend of mine issued a friendly challenge, wanting to know if I could write an entire book. I believe my reaction was to wonder why I’d not tried before.

For three or four months, with a few exceptions, it was basically the only thing I did. I pillaged role-playing plots, and found that I already had a world and a deep mythology. I got a massive kick as I immersed myself  in a complicated world and told a story. There’s a wonderful sense of peace and glee that accompanies fantasy writing. It’s any world you want it to be, with any kind of people you want to populate it with. And it makes me smile when nothing else can. My mind and I have not always been particularly good friends, but we bonded as I wrote. 

I remember saying at the time that, if I managed to work out how to write an entire book, I wouldn’t stop writing them. That was seven books ago, and I have no plans to stop. Sometimes you’re just meant to be doing something, and I’m meant to be doing this. As for my mental health, I go through phases of extreme creativity, and periods of deep reflection and planning, but I never stop writing. It’s my therapy and my medication, and I really hope people enjoy it… though I wouldn’t stop if they didn’t. 


The Sword Falls: Amazon|Barnes & Noble|Indiebound|Powell’s

Follow the author on Twitter.

21:14

News Post: Alternative Sourcing [Penny Arcade]

Tycho: I would like to play Returnal! I think because I have been considering the ongoing plague, and also because I don't own any next generation systems, I guess I didn't know it was seventy dollars. Because of where I'm at as a person, I purchase and play roguelite deckbuilders almost exclusively, and everything else is probably played on Game Pass or free somewhere, so I hadn't really felt that yet. Then again, who knows. Any time spent on the game's Reddit or Twitter will reveal players scourged by locks that range from soft, medium, and hard, grim prophecies about the…

19:42

The weather is getting better, time to start cycling! [Humble Bundle Blog]

The official blog for Bikes by Microcosm includes all the details about what’s inside. Check it out!

The post The weather is getting better, time to start cycling! appeared first on Humble Bundle Blog.

News Post: More Gunpla! [Penny Arcade]

Gabe: I love the early stages of a hobby when there is so much to learn. That’s the phase I’m in with Gunpla right now and I love it. I am watching tutorials and reading guides every day and it’s almost as satisfying as building the actual kits. I would be ashamed to say how much time I spend carefully posing and placing the little robots after I build them. I may not know all the shows and movies they are from but I know which ones look rad, and Goddamnit that’s enough for me.  My Gunpla stream last Tuesday was a big success for two reasons which I will break down…

18:14

Link [Scripting News]

Really big things don't get imagined, imho, they just show up. I did not understand the web at first, I was reading about it, scratching my head, until boom, I saw it happening.

Link [Scripting News]

This is the kind of ad I hoped the Lincoln Project would run. They can still occupy Trump's brain, rent-free, and it's still worth doing.

17:42

Joe Marshall: Lightweight table [Planet Lisp]

You don't need a data structure to make a lookup table. You can make a table just out of the lookup function. In this example, we start with a continuation passing style lookup function:

lookup (key if-found if-not-found)
  
    Invokes (funcall if-found value) if key is in the table,
    invokes (funcall if-not-found) otherwise.
An empty table just invokes the if-not-found continuation:
(defun table/empty ()
  (lambda (key if-found if-not-found)
    (declare (ignore key if-found))
    (funcall if-not-found)))
A table can be extended by wrapping it:
(defun table/extend (table key* value)
  (lambda (key if-found if-not-found)
    (if (eql key key*)
        (funcall if-found value)
        (funcall table key if-found if-not-found))))
So let's try it out:
(defvar *table-1* (table/extend 
                    (table/extend
                      (table/empty)
                      'foo 42)
                    'bar 69))

* (funcall *table-1* 'foo #'identity (constantly 'not-found))
42

* (funcall *table-1* 'quux #'identity (constantly 'not-found))
NOT-FOUND
You can also redact an entry from a table by wrapping the table:
(defun table/redact (table redacted)
  (lambda (key if-found if-not-found)
    (if (eql key redacted)
        (funcall if-not-found)
        (funcall table key if-found if-not-found))))

(defvar *table-2* (table/redact *table-1* 'foo))

* (funcall *table-2* 'foo #'identity (constantly 'not-found))
NOT-FOUND

Are there any advantages to implementing a table in this curious manner? Building a table by nesting a series of lookup steps leads to a linear lookup in linear space, so this kind of table should be more or less comparable to an alist for individual entries. Unlike a traditional table made with a data structure, you cannot enumerate the keys and values in the table. On the other hand, you gain the ability to map keys to values without having to enumerate the keys:

(defun table/bind-predicate (table predicate value)
  (lambda (key if-found if-not-found)
    (if (funcall predicate key)
        (funcall if-found value)
        (funcall table key if-found if-not-found))))

;;; bind all even numbers to the symbol 'EVEN
(defvar *table-3* 
  (table/bind-predicate *table-2* (lambda (n) (and (numberp n) (evenp n))) 'even))

* (funcall *table-3* 6 #'identity (constantly 'not-found))
EVEN
Or you can add a default value to an existing table:
(defun table/add-default (table default-value)
  (lambda (key if-found if-not-found)
    (declare (ignore if-not-found))
    (funcall table key
      if-found
      (lambda () (funcall if-found default-value)))))

(defvar *table-4* (table/add-default *table-3* 'default))

* (funcall *table-4* 'bar #'identity (constantly 'not-found))
69
    
* (funcall *table-4* 'xyzzy #'identity (constantly 'not-found))
DEFAULT

Perhaps the biggest disadvantage of this implementation is the difficulty in inspecting a table.

* *table-4*
#<CLOSURE (LAMBDA (KEY IF-FOUND IF-NOT-FOUND) :IN TABLE/ADD-DEFAULT) {1003CD641B}>
We can use the object inspector to peek inside the closure and maybe sleuth out what this table is made out of, but it isn't just an alist where we can print out the entries.

So far, we've defined a table as being a procedure with the (key if-found if-not-found) signature, but we can flip this around and say that any procedure with a (key if-found if-not-found) signature can be thought of as a table. For example, a regular expression matcher could be considered to be a table of strings (if that were a more useful model).

COVID vaccine [Richard Stallman's Political Notes]

*Who's Controlling the COVID Vaccine: 10 Myths and Misdirections.*

I posted this link because overall the points are valid. However, talking about the concept of "intellectual property" inevitably spreads confusion through overgeneralization and putting scare quotes around the term does nothing to undo that confusion. Each use of that term inherently misinforms.

The way to avoid that misinformation is to talk about patents and about trade secrecy as two separate issues which are legally unrelated.

How to trigger you [Richard Stallman's Political Notes]

Delete your social media accounts, because sooner or later the algorithm will figure out how to trigger you and start changing you so you can't get away.

Study pressure [Richard Stallman's Political Notes]

Pressure for people to study for careers in science and technology is leading universities to stop teaching history.

Democracy and repression [Richard Stallman's Political Notes]

The world struggle between democracy and repression has been going oppression's way for ten years. The influence of repressive powers, China and Russia plays an important role, and so do the supporters of the bullshitter.

The existence of a powerful antidemocratic party in the US undermines its influence for democracy in several ways: it makes the US a disappointing example of democracy's functioning; it encourages repressive and aggressive US policies, which set bad examples themselves; its support for plutocracy weakens the US and thus undermines its ability to do anything inspiring.

Right to take and publish photos [Richard Stallman's Political Notes]

The right to take and publish photos in public places is under threat from another direction: in the UK, some campaign to criminalize photos of breast-feeding in public.

I sympathize with Ms Creasy's feeling of disgust, but we should not be led into supporting a dangerous law by a feeling alone.

The right to take and publish photos is already threatened on several fronts. Some US states have adopted "ag gag" bills that criminalize publishing pictures of farms' treatment of animals. Some countries, including Spain, criminalize publishing photos of thugs committing acts of violence, under vague and stretchable conditions. And many countries restrict photos that include buildings whose architecture is copyrighted, even in the background.

To combat these threats, we need to insist on a simple and general principle: wherever you have the right to be, you have the right to photograph anything that you can see, and to show the photograph to others.

Those who wish to breast-feed in public and avoid others' looking at or photographing their breasts have an easy way to prevent this: wear (or don at the moment of need) a garment that can be arrayed to block the view. This can achieve the goal more reliably than the proposed law, while not putting anyone's rights in question.

Extinction Rebellion protests [Richard Stallman's Political Notes]

Extinction Rebellion organized highly visible protests in London, in many cases blocking the travel of cars which are mostly using fossil fuels.

The four factors of the apocalypse:
   global heating, global hating,
   global eating, global mating.

Right-wing extremism on the rise [Richard Stallman's Political Notes]

*Right-Wing Extremism Is on the Rise in Israel.*

It is ironic in the extreme to see that a party with views comparable to Nazis is so powerful in Israel that it may soon be in government.

Tax proposals [Richard Stallman's Political Notes]

Comparing Biden's tax proposals with what FDR actually did.

Biden's plan goes further in regard to capital gains, though in some others it does not go as far.

Ralph Nader: we must make Congress raise the taxes on rich businesses and rich people.

Sale tax [Richard Stallman's Political Notes]

Thousands are protesting in Bogotá against a plan by the right-wing government to institute a sales tax.

A sales tax is a very regressive method, so this plan is designed to hurt the poor and spare the rich. So I support the protesters.

Interfering with some kind of tracking [Richard Stallman's Political Notes]

Apple takes a step to interfere with some kinds of tracking of users.

If Apple's operating were free/libre, public-spirited hackers would already have released a modified version which had the defaults set to protect privacy. You could get the benefit of these modifications without having to work on them yourself.

17:28

Radar trends to watch: May 2021 [Radar]

We’ll start with a moment of silence. RIP Dan Kaminski, master hacker, teacher, FOO, and a great showman who could make some of the more arcane corners of security fun.  And one of the few people who could legitimately claim to have saved the internet.

AI

  • Snorkel is making progress automating the labeling process for training data. They are building no-code tools to help subject matter experts direct the training process, and then using AI to label training data at scale.
  • There’s lots of news about regulating AI. Perhaps the most important is a blog post from the US Federal Trade Commission saying that it will consider the sale of racially biased algorithms as an unfair or deceptive business practice.
  • AI and computer vision can be used to aid environmental monitoring and enforce environmental regulation–specifically, to detect businesses that are emitting pollutants.
  • Facebook has made some significant progress in solving the “cocktail party problem”: how do you separate voices in a crowd sufficiently so that they can be used as input to a speech recognition system?
  • The next step in AI may be Geoff Hinton’s GLOM. It’s currently just an idea about giving neural networks the ability to work with hierarchies of objects, for example the concepts of “part” and “whole,” in the hope of getting closer to monitoring human perception.
  • Twitter has announced an initiative on responsible machine learning that intends to investigate the “potential and harmful effects of algorithmic decisions.”
  • How do we go beyond statistical correlation to build causality into AI? This article about causal models for machine learning discusses why it’s difficult, and what can be done about it.
  • Iron man? The price of robotic exoskeletons for humans is still high, but may be dropping fast. These exoskeletons will assist humans in tasks that require strength, improved vision, and other capabilities.
  • The Google Street View image of your house can been used to predict your risk of a car accident.  This raises important questions about ethics, fairness, and the abuse of data.
  • When deep fakes become cheap fakes: Deep fakes proliferated during the Amazon unionization campaign in Georgia, many under the name of Amazon Ambassadors. These are apparently “fake fakes,” parodies of an earlier Amazon attempt to use fake media to bolster its image. But the question remains: what happens when “deep fakes” are also the cheapest way to influence social media?
  • DeepFakeHop is a new technique for detecting deep fakes, using a new neural network architecture called Successive Subspace Learning.
  • One of the biggest problems in AI is building systems that can respond correctly to challenging, unexpected situations. Changing the rules of a game may be a way of “teaching” AI to respond to new and unexpected situations and make novelty a “first class citizen.”
  • A robot developed at Berkeley has taught itself to walk using reinforcement learning. Two levels of simulation were used before the robot was allowed to walk in the real world. (Boston Dynamics has not said how their robots are trained, but they are assumed to be hand-tuned.)
  • Work on data quality is more important to getting good results from AI than work on models–but everyone wants to do the model work. There is evidence that AI is a lot better than we think, but its accuracy is compromised by errors in the public data sets widely used for training.

Security

  • Moxie Marlinspike has found a remote code execution vulnerability in Cellebrite, a commercial device used by police forces and others to break encryption on cell phone apps like Signal. This exploit can be triggered by files installed in the app itself, possibly rendering Cellebrite evidence inadmissible in court.
  • What happens when AI systems start hacking? This is Bruce Schneier’s scary thought. AI is now part of the attacker’s toolkit, and responsible for new attacks that evade traditional defenses.  This is the end of traditional, signature-based approaches to security.
  • Confidential computing combines homomorphic encryption with specialized cryptographic computation engines to keep data encrypted while it is being used. “Traditional” cryptography only protects data in storage or in transit; to use data in computation, it must be decrypted.
  • Secure access service edge could be no more than hype-ware, but it is touted as a security paradigm for edge computing that combines firewalls, security brokers, and zero-trust computing over wide-area networks.
  • A supply chain attack attempted to place a backdoor into PHP. Fortunately, it was detected during a code review prior to release. One result is that PHP is outsourcing their git server to GitHub. They are making this change to protect against attacks on the source code, and they’re realizing that GitHub provides better protection than they can. “Maintaining our own git infrastructure is an unnecessary security risk”–that’s an argument we’ve made in favor of cloud computing.
  • “Researchers” from the University of Minnesota have deliberately tried to insert vulnerabilities into the Linux kernel. The Linux kernel team has banned all contributions from the university.

Quantum Computing

  • Entanglement-based quantum networks solve a fundamental problem: how do you move qbit state from one system to another, given that reading a qbit causes wave function collapse?  If this works, it’s a major breakthrough.
  • IBM Quantum Composer is a low-code tool for programming quantum computers. Could low- and no-code language be the only effective way to program quantum computers? Could they provide the insight and abstractions we need in a way that “coded” languages can’t?

Programming

  • A Software Bill of Materials is a tool for knowing your dependencies, crucial in defending against supply chain attacks.
  • Logica is a new programming language from Google that is designed for working with data. It was designed for Google’s BigQuery, but it compiles to SQL and has experimental support for SQLite and PostgreSQL.
  • An iPhone app that teaches you to play guitar isn’t unique. But Uberchord is an app that teaches you to play guitar that has an API. The API allows searching for chords, sharing and retrieving songs, and embedding chords on your website.
  • The Supreme Court has ruled that implementing an API is “fair use,” giving Google a victory in a protracted copyright infringement case surrounding the use of Java APIs in Android.

Social Networks

  • Still picking up the pieces of social networking: Twitter, context collapse, and how trending topics can ruin your day. You don’t want to be the inadvertent “star of twitter.”
  • Beauty filters and selfie culture change the way girls see themselves in ways that are neither surprising nor healthy. Body shaming goes to a new level when you live in a permanent reality distortion field.
  • The Signal app, probably the most widely used app for truly private communication, has wrapped itself in controversy by incorporating a peer-to-peer payments feature build around a new cryptocurrency.
  • Twitch will consider behavior on other social platforms when banning users.

Finance

  • Bitcoin has been very much in the news–though not for any technology. We’re beginning to see connections made between the Bitcoin economy and the real-world economy; that could be significant.
  • A different spin on salary differences between men and women: companies are paying a premium for male overconfidence. Paying for overconfidence is costing billions.
  • How do you teach kids about virtual money? Nickels, dimes, and quarters work. Monetizing children by issuing debit cards for them doesn’t seem like a good idea.

Biology

  • The Craig Venter Institute, NIST, and MIT have produced an artificial cell that divides normally. It is not the first artificial cell, nor the smallest artificial genome. But unlike previous efforts, it is capable of reproduction.
  • While enabling a monkey to play Pong using brain control isn’t new in itself, the sensors that Neuralink implanted in the monkey’s brain are wireless.

Link [Scripting News]

Yesterday I wrote about the fan art accounts on Twitter, and what they've made possible. I now have my app running and downloading images from the initial 26 accounts. I've uploaded the first batch of images to a GitHub repository. I plan to update them as long as there's interest in this project. I've also included the source code, with instructions, in case you want to run it yourself. I'm sure there will be problems that need fixing, if you spot anything, post an issue in the repo for the app. I love this, it started as a warm-up project, but quickly got a life of its own.

17:21

[$] A "kill" button for control groups [LWN.net]

The kernel's control-group mechanism exists to partition processes and to provide resource guarantees (and limits) for each. Processes running within a properly configured control group are unable to deprive those running in a different group of their allocated resources (CPU time, memory, I/O bandwidth, etc.), and are equally protected from interference by others. With few exceptions, control groups are not used to take direct actions on processes; Christian Brauner's cgroup.kill patch set is meant to be one of those exceptions.

16:35

Security updates for Monday [LWN.net]

Security updates have been issued by CentOS (bind, GNOME, java-1.8.0-openjdk, java-11-openjdk, nss and nspr, xstream, and xterm), Debian (bind9 and libimage-exiftool-perl), Fedora (ansible, babel, java-11-openjdk, and java-latest-openjdk), Gentoo (chromium, clamav, firefox, git, grub, python, thunderbird, tiff, webkit-gtk, and xorg-server), Mageia (kernel, nvidia-current, nvidia390, qtbase5, and sdl2), openSUSE (Chromium, cifs-utils, cups, giflib, gsoap, libnettle, librsvg, netdata, postsrsd, samba, thunderbird, virtualbox, and webkit2gtk3), Red Hat (bind), Scientific Linux (bind), and SUSE (containerd, docker, runc and xen).

16:28

Jesús Suaste Cherizola Wins the 2021 CASP Essay Prize [Economics from the Top Down]

As some of you may know, I recently became the editor of the Review of Capital as Power (RECASP), a journal that publishes research on the power underpinnings of capitalism. Each year, RECASP hosts an essay competition. I’m proud to announce that the winner of this year’s prize is Jesús Suaste Cherizola.1 His prize-winning paper is called From Commodities to Assets: Capital as Power and the Ontology of Finance.

Neglecting assets

In his essay, Suaste Cherizola explores a puzzle in political economy — the neglect of assets. Why, he asks, do most radical political economists focus on commodities, when capitalists themselves care about assets? The answer, Suaste Cherizola proposes, owes to a bad decision made by Karl Marx. In formulating his theory of capitalism, Marx insisted that capitalism’s ‘laws of motion’ must be grounded in production. The way to do this, Marx decided, was to focus on commodities — the things that workers produce and capitalists sell.

Marx’s obsession with commodities caused some embarrassing problems. It led him, for instance, to dismiss the stock market as ‘fictitious capital’. (He saw stocks as a kind of ‘false’ commodity — something that had a price but was not backed up by ‘real’ production). In hindsight, this decision was dubious. Fictions aren’t supposed to impact the real world. And yet the motion of the stock market dominates our lives. Something is amiss.

Suaste Cherizola thinks the solution is to turn Marxist theory on its head. Rather than ignore ‘fictitious capital’, he argues, we should ignore the Marxist idea of the ‘commodity’. The reason is simple. Commodities are a small subset of the things that have a price. When you use this small subset to explain everything in capitalism, weird things happen. You end up invoking ‘distortions’ to explain all the prices you’ve excluded from your theory. This ‘distortifying’ is standard practice in neoclassical economics. Sadly, it’s also part of Marxism — an unavoidable consequence of Marx’s focus on commodities:

… once the commodity-form has become the basis of our understanding of exchanges, the other forms of economic transactions can only be considered as distortions or mystifications. … The ‘commodity’ thus becomes a theoretical fetish — a concept endowed with supernatural explanatory powers.

(Jesús Suaste Cherizola, 2021)

A century ago, Marx chastised people for ‘fetishizing’ commodities — treating commodity exchange as a relation between things rather than a relation between people. But perhaps the true ‘fetishism of the commodity’, Suaste Cherizola proposes, is how Marxists have reified the commodity itself. The commodity’s true ‘secret’, Suaste Cherizola argues, may be that it has nothing to reveal.

The power of assets

To fix Marx’s mistake, Suaste Cherizola argues that we need to forget about commodities and instead study assets. The reason isn’t rocket science. All day and every day, capitalists broadcast their single-minded desire: they want their ‘assets’ to become more valuable. Suaste Cherizola thinks we should take this desire at face value.

What we should not take at face value, however, is the official claim about the ‘stuff’ of which assets are made. The standard explanation is that assets have value because they are ‘productive’. Don’t fall for this bullshit. Instead, pay attention to how capitalists behave when they are fighting. In court, it becomes clear that ‘assets’ have nothing to do with productivity. Assets, Suaste Cherizola observes, are just a bundle of rights.

An asset consists of language that says: “The owner of this asset is entitled to …” Since assets are just linguistic bundles, they are easy to create. Look, I just made one:

Blair Fix is entitled to command Amazon and to appropriate its profits.

Unfortunately, having created this ‘asset’, I find that it is worthless. The reason is simple. Assets have value, Suaste Cherizola notes, only if you can make good on the rights they entitle. It’s here that my ‘asset’ has a problem. Having proclaimed my rights, I find that I cannot enforce them. No matter how loudly I shout, no one lets me take Amazon’s profits. Hence nobody wants to buy my ‘asset’.

And yet look at Jeff Bezos. He has an ‘asset’ that says (at least conceptually) the same thing as my ‘asset’:

Jeff Bezos is entitled to command Amazon and to appropriate its profits.

What’s different about Bezos’ asset isn’t the bundle of rights. It’s the fact that he can make good on these rights. Unlike me, Bezos actually commands Amazon and appropriates (some of) its profits. And because he can enforce this right, Bezos is stupendously rich. In other words, people are willing to pay billions to acquire the same rights as Bezos.

We can see from this example that assets have two sides. Suaste Cherizola observes:

  1. To the owner, an asset is a bundle of rights.
  2. To the non-owner, an asset is a bundle of orders.

It is step 2 that is crucial for giving an asset value. Anyone can write down a bundle of rights. The difficult part is getting other people to obey the orders outlined by these rights. This is the dirty secret behind ‘assets’ — a secret that is made clear in every corporate lawsuit. The struggle over ‘assets’ is the struggle to get other people to follow your orders.

Possession vs. ownership

To understand assets, Suaste Cherizola argues that we need to distinguish between ‘possession’ and ‘ownership’. Often we conflate the two because in daily life they seem equivalent.

As an example, take shopping for food. When you buy groceries, you are technically buying an ownership claim … a set of orders that say to the rest of society: “do not touch my food”. What you actually do with the food is irrelevant. You could let it rot on your front yard, in plain sight of a starving neighbour. That is your right as owner.

Of course, few people actually do this. That’s because when you buy groceries, your goal is not ownership. Instead, you want to possess the food so you can eat it. So in this case, ownership is just a means to possession.

It’s tempting, then, to reduce ownership to possession. After all, many of the things you own you also possess. (They sit somewhere in your house.) But this reduction, Suaste Cherizola argues, is a mistake. That’s because ‘possession’ doesn’t come with any associated rights. And that makes it ephemeral. Today you possess a Lamborghini. Tomorrow you don’t, because your neighbour has ‘repossessed’ it. “Finders keepers!” he says.

If you simply ‘possessed’ the Lamborghini, you’d be out of luck. The car now belongs to your neighbour. (Unless you re-repossess it.) But if you owned the Lamborghini, things are different. Your ownership rights give a set of orders to everyone else: “Don’t touch my Lamborghini”. Moreover, your ownership rights give orders to the police: “If stolen, track down the Lamborghini and punish the thief”.

It’s these orders, Suaste Cherizola notes, that differentiates ownership from possession. And that’s why capitalists care only for ownership.2 When they buy property, they buy power.

The seduction of symbols

Jesús Suaste Cherizola’s essay highlights the importance of financial symbols. The fact that these symbols are not commodities grounded in ‘production’ leads Marxists to dismiss them as ‘ficticious capital’. The reality, however, is that these symbols outline and quantify our social order. But don’t take my word for it. Read Suaste Cherizola’s prize-winning essay for insight into the power behind assets. And if you have time, Suaste Cherizola’s essay pairs well with Ulf Martin’s study of the power of financial symbols. (Martin’s paper won the 2019 RECASP essay prize.)

Have a comment or a question about Suaste Cherizola’s essay? Join the discussion on the Capital as Power Forum. And if your ideas warrant a paper, submit them to RECASP. Perhaps next year you will win the RECASP essay prize.


Support this blog

Economics from the Top Down is where I share my ideas for how to create a better economics. If you liked this post, consider becoming a patron. You’ll help me continue my research, and continue to share it with readers like you.

patron_button


Stay updated

Sign up to get email updates from this blog.



This work is licensed under a Creative Commons Attribution 4.0 License. You can use/share it anyway you want, provided you attribute it to me (Blair Fix) and link to Economics from the Top Down.


Notes

[Cover image: Karolina Grabowska]

  1. Jesús Suaste Cherizola studies at Universidad Autónoma de Puebla. In 2018, he translated Capital as Power into Spanish (El capital como poder). More recently he translated Di Muzio and Robbins’s book Debt as Power into Spanish (Capitalismo de deuda). Follow Jesús on Twitter @suaste86.↩
  2. Often, capitalists have never seen the things they own, which makes clear that they care not for possession. Here are Jonathan Nitzan and Shimshon Bichler commenting on this fact:

    In the summer of 1928, the world’s largest oil companies signed the secret Red Line Agreement, parcelling the Middle East between them for years to come. To celebrate the occasion, the architect of the deal, Calouste Gulbenkian, or ‘Mr Five Percent’ as he was otherwise known, chartered a boat to cruise the Mediterranean with his daughter Rita:

    Off the coast of Morocco, he caught sight of a type of ship he had never seen before. It looked very strange to him, with its funnel jutting up at the extreme stern of the long hull. He asked what it was. An oil tanker, Rita told him. He was fifty-nine years old, he had just made one of the greatest oil deals of the century, he was the Talleyrand of oil, and he had never before seen an oil tanker. (Yergin 1991: 206)

    ↩

Further reading

Martin, U. (2019). The autocatalytic sprawl of pseudorational mastery. Review of Capital as Power, 1(4), 1–30.

Suaste Cherizola, J. (2021). From commodities to assets: Capital as power and the ontology of finance. Review of Capital as Power, 2(1), 1–29.

15:56

Moderna’d Part II [Whatever]

Athena ScalziWelcome to the much (or maybe not so much) anticipated sequel of me getting vaccinated! Last time, I posted way too early and said I had no symptoms other than a tender arm. Let me tell you, I got fucked up a couple hours later.

My arm hurt so badly that I couldn’t even move it, like in any direction, without it being super painful. It felt like my entire arm was one giant bruise. I couldn’t lay on it, touch it, or even have it come in contact with anything. Also, I got really intense chills. I was shaking like a leaf! It made my whole body ache. Despite having had five blankets on top of me, I was still freezing, and shaking for several hours nonstop.

I took 1000mg Ibuprofen and went to sleep, and when I woke up, I wasn’t shaking anymore. My entire body was still sore, but it was definitely manageable.

Fast forward almost a month, I got my second dose of Moderna. I was terrified, considering how badly I reacted to it last time. I cleared my schedule for the entire rest of the day and the next day, and vowed to lay around and relax, just in case I fell ill.

Much to my surprise, the second dose was a breeze! The shot hurt even less than the first one did, and though my arm was a little sore for a few hours after, it was nothing compared to the shot prior. I had no symptoms at all, which is great because I’ve heard from pretty much everyone that the second shot is the one that really does people in.

So, now I’m fully vaccinated! Though technically you’re supposed to wait two weeks after your second dose to be considered totally safe. Of course, I’ll keep wearing my mask everywhere anyways, even after the two week period is up.

If you haven’t got vaccinated yet, just know going in that more than likely, one of the two (if not both) shots might knock you on your ass. So clear your schedule if you can and be prepared.

What was your experience with getting vaccinated, if you have been? I know I asked last time, but if anyone has gotten their first or second one since that post, feel free to answer in the comments! And have a great day.

-AMS

15:49

Pluralistic: 03 May 2021 [Pluralistic: Daily links from Cory Doctorow]


Today's links



The product-shot for a Bob Cassette Rewinder, featuring a cassette, a small hardware dongle, and a refiller syringe.

Dishwashers have become Iphones (permalink)

Apple is a true business innovator: For more than a decade, they have been steadily perfecting an obscure anticompetitive tactic, turning a petty grift invented by console games companies into a global, cross-industry mechanism for extracting rents and centralizing control.

I'm speaking of App Stores, of course, and not just any app store, but one that's illegal to compete with or switch away from. This started with console companies, who used technical tricks to ensure that they could skim a rake from every program you bought for your system.

Consoles used proprietary hardware or media formats to ensure that software vendors couldn't sell directly to you, that every sale would be forced through their storefronts or licensing systems.

These tactics acquired the force of law in 1998 after Bill Clinton signed the Digital Millennium Copyright Act (DMCA), whose Section 1201 made it a felony to traffick in "circumvention devices" that bypassed "access controls" for copyrighted works.

Broadly, that meant that you could go to prison (for five years!) for making anti-DRM tools. What's more, DMCA 1201's drafters rejected tying the law to acts of copyright infringement, making it illegal to remove DRM, even if you did so for a perfectly legal reason.

For example, if your games console had some code that ensured that the software you were running had been taxed by the manufacturer, then removing that code could become a criminal act – even though that has nothing to do with copyright infringement.

To make that concrete: copyright is supposed to help creators and audiences transact with one another. If you own a console and I wrote some software for it, then copyright should facilitate you paying me money for it and then running it on your console.

But if the console's manufacturer had designed its product so that it got to impose a tax on transactions like this, then I can't sell you my copyrighted work anymore unless I pay the tax. Doing so is a felony, but not because it infringes copyright.

No, it's a felony because it's bad for the manufacturer's shareholders. It's what Jay Freeman calls "Felony Contempt of Business Model."

Now, the defenders of this practice say it's not anticompetitive because I can invent and manufacture a different, competing console, sell it to you, and then sell you my code without paying tax.

But this isn't how competition works. Companies don't get to say, "You can compete with me, but only on the terms I set, and in the domains where I think I have an advantage." Excluding competition in "complimentary goods" (like apps) is 100% anticompetitive.

For several years after the passage of the DMCA, the abuse of Sec 1201 to create "Felony Contempt of Business Model" stuck mostly within the realm of games consoles, with the exception of mixed results in the printer ink market.

Then along came the App Store for Apple's Ios devices: these were designed to be locked to a single app store, so that people who made copyrighted works (apps) and people who wanted to buy them (Ipod/pad/phone owners) couldn't transact without going through Apple.

Apple's paternalistic pitch was that it would only use this power to benefit its customers. The press loved this story, because Steve Jobs posed himself as a daddy-figure who would use apps to get us all to pay for media again.

https://memex.craphound.com/2010/04/01/why-i-wont-buy-an-ipad-and-think-you-shouldnt-either/

The consensus that Apple should be able to decide how other companies could compete with it was advanced by its most loyal customers, who'd long considered themselves to be a kind of oppressed religious minority.

They insisted that there was no reason to allow a third-party app store because everyone who owned an Ios device loved using Apple's App Store.

But when anyone pointed out that if this was true, then there would be no reason to ban third-party stores (because they'd fail), they'd switch tactics, saying that any Ios user who switched stores was Doing It Wrong.

This is the Apple fanboy No True Scotsman argument: "Everyone loves the limitations of Apple's walled gardens, and if they don't, they're not really Apple customers. If they didn't want to be locked into the walled garden, they should have bought a different device."

To understand how weird this is, consider the inverse: we live in a market society based on property rights. Once I buy an Ios device, I get to decide which programs I run on it and who I buy them from. If Apple didn't like that deal, it shouldn't have sold me an Ios device.

This belief-system is intrinsically conservative, in the sense articulated by Frank Wilhoit: "There must be in-groups whom the law protectes but does not bind, alongside out-groups whom the law binds but does not protect."

https://crookedtimber.org/2018/03/21/liberals-against-progressives/#comment-729288

How else to explain the indifference of Apple trufans for the company's decision to reverse-engineer all of Microsoft Office's file formats and make compatible players for them, and their defense of Apple's strict prohibition on doing this to Ios?

https://www.eff.org/deeplinks/2019/06/adversarial-interoperability-reviving-elegant-weapon-more-civilized-age-slay

But even if you think Apple will never abuse the power to decide who can compete with it to make complimentary products that interoperate with its own devices, the norms, laws and precedents backstopping Apple's business-model innovations can by used by anyone.

In 2015, I wrote a Guardian microfiction that exposed the perils of allowing companies to choose their competitors. It was called "If Dishwashers Were Iphones."

https://www.theguardian.com/technology/2015/feb/13/if-dishwashers-were-iphones

It was a letter from the CEO of an "innovative" dishwasher company explaining why his customers were wrong to try to wash third-party dishes in his products.

The comments swiftly filled up with Apple defenders who decried it as an absurd, over-the-top analogy.

To those people, I say, behold, the Bob Dishwasher! It's a cute, countertop dishwasher aimed at single-person households, and it uses a proprietary cartridge for detergent dispensing, at about $0.67/wash – about $242/year.

https://www.youtube.com/watch?v=hVup5ya0WVQ

The company makes a lot of familiar, paternalistic claims to justify selling a non-refillable, single-use electronics package that becomes immortal e-waste once you've used it up and replaced it: the precision electronics and proprietary detergent ensure optimal performance.

dekuNukem bought a Bob and decided that he – and not the manufacturer – should decide whether the "advantages" of throwing out the cassette and buying a new one were worth it. He reverse-engineered it and made a defeat device he calls a "rewinder."

https://github.com/dekuNukem/bob_cassette_rewinder

The tale of how he did this makes for a fascinating read, especially the analog sleuthing he did using product safety labels to reverse-engineer the "proprietary" composition of the detergent and rinse-aid, which turn out to be commodity products marked up by 7700%!

Extraordinarily, he's actually selling the Rewinder, for $30. This shouldn't be extraordinary, but it is, thanks to the penalties under DMCA 1201 (and the UK equivalent law, derived from Article 6 of 2001's EU Copyright Directive).

https://www.tindie.com/products/dekuNukem/bob-rewinder-renew-your-bob-dishwasher-cassette/

It's not just dishwashers, either. Would-be digital rentiers have figured out that they can turn their shareholders' preferences into legal obligations to their customers by engineering their products so they have to be used in specific ways…or else.

For example, KLIM makes a motorcyclist's airbag vest that deactivates itself if you stop making subscription payments (of course, this means that anyone who exploits a defect in KLIM's IT can shut off all its airbag vests, everywhere).

https://twitter.com/TrashGoat00/status/1387301889356689410/photo/1

The product shot for the KLIM Ai-1 motorcycle vest, which costs $399.

If that sounds extreme to you, it's really not. Tesla has many safety features that are marketed as downloadable content, which it remotely deactivates when a car changes hands through a private sale:

https://www.theverge.com/2020/2/6/21127243/tesla-model-s-autopilot-disabled-remotely-used-car-update

If you find yourself scrambling for reasons that it's OK for Tesla to do this with its cars, but not for KLIM to do it with its airbag vests, allow me to gently remind you that Tesla owners are not an oppressed religious minority, either.

This kind of rent-seeking is just getting started. As I tried to illustrate in my novella UNAUTHORIZED BREAD (part of my 2019 book RADICALIZED), there are limitless ways for Apple's pioneering business innovation to destroy our lives:

https://arstechnica.com/gaming/2020/01/unauthorized-bread-a-near-future-tale-of-refugees-and-sinister-iot-appliances/

And as I wrote in my story "Sole and Despotic Dominion," this is a frontal assault on the idea of personal property – it creates a world where property is the exclusive purview of remorseless, transhuman colony organisms (AKA corporations).

https://reason.com/2018/11/17/sole-and-despotic-dominion/

However, that future is anything but assured. Apple is being sued by Epic for antitrust violations over its Felony Contempt of Business-Model system:

https://www.nytimes.com/2021/05/02/technology/apple-epic-lawsuit-app-fees.html

And European competition regulators have opened an enforcement action against the company on the same basis:

https://www.cnbc.com/2021/04/30/eu-says-apples-app-store-breaches-competition-rules.html

Meanwhile, copycats who created their own Felony Contempt of Business Model walled gardens, like Valve did with Steam, are facing their own lawsuits, courtesy of Wolfire:

https://arstechnica.com/gaming/2021/04/humble-bundle-creator-brings-antitrust-lawsuit-against-valve-over-steam/

We've come a long way in a decade, and the No True Scotsman defense of the right of a dominant corporation to interpose itself between buyers and sellers, to control its customers' choices after a sale, is finally facing a real challenge.

https://locusmag.com/2021/03/cory-doctorow-free-markets/



The cover of 'How to Destroy Surveillance Capitalism' from Onezero/Medium.

Part 5 of How to Destroy Surveillance Capitalism (permalink)

This week on my podcast, the fifth part of a seven (?) part serialized reading of my 2020 One Zero book HOW TO DESTROY SURVEILLANCE CAPITALISM, a book arguing that monopoly – not AI-based brainwashing – is the real way that tech controls our behavior.

https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59

The book is available in paperback:

https://bookshop.org/books/how-to-destroy-surveillance-capitalism/9781736205907

and DRM-free ebook :

https://sowl.co/bm2F7c

and my local bookseller, Dark Delicacies, has signed stock that I'll drop by and personalize for you!

https://www.darkdel.com/store/p2024/Available_Now%3A__How_to_Destroy_Surveillance_Capitalism.html

Here's the podcast episode:

https://craphound.com/nonficbooks/destroy/2021/05/02/how-to-destroy-surveillance-capitalism-part-05/

And here's part one:

https://craphound.com/nonficbooks/destroy/2021/04/05/how-to-destroy-surveillance-capitalism-part-01/

And part two:

https://craphound.com/nonficbooks/destroy/2021/04/12/how-to-destroy-surveillance-capitalism-part-02/

And part three:

https://craphound.com/nonficbooks/destroy/2021/04/19/how-to-destroy-surveillance-capitalism-part-03/

And part four:

https://craphound.com/nonficbooks/destroy/2021/04/26/how-to-destroy-surveillance-capitalism-part-04/

And here's a direct link to the MP3 (hosting courtesy of the Internet Archive; they'll host your stuff for free, forever):

https://ia601508.us.archive.org/4/items/Cory_Doctorow_Podcast_387/Cory_Doctorow_Podcast_387_-_How_To_Destroy_Surveillance_Capitalism_05.mp3

And here's the RSS feed for my podcast:

https://feeds.feedburner.com/doctorow_podcast



This day in history (permalink)

#10yrsago Federal judge: open WiFi doesn’t make you liable for your neighbors’ misdeeds https://arstechnica.com/tech-policy/2011/05/after-botched-child-porn-raid-judge-sees-the-light-on-ip-addresses/

#5yrsago Technoheritage has a property problem https://www.bostonglobe.com/ideas/2016/04/30/kaytal/jUr7WJ5XdIUm5yLLB7HGFP/story.html

#5yrsago Norway’s titanic sovereign wealth fund takes a stand against executive pay https://www.bbc.com/news/business-36185925

#5yrsago TSA lines grow to 3 hours, snake outside the terminals, with no end in sight https://www.nytimes.com/2016/05/03/business/airport-security-lines.html

#5yrsago Inside a Supreme Court case on cheerleader uniforms, a profound question about copyright https://arstechnica.com/tech-policy/2016/05/supreme-court-to-hear-copyright-fight-over-cheerleader-uniforms/

#1yrago Lockdown CO2 and structural roots of the climate emergency https://pluralistic.net/2020/05/03/give-me-slack/#reality-is-a-leftist

#1yrago The Making of Prince of Persia https://pluralistic.net/2020/05/03/give-me-slack/#pop



Colophon (permalink)

Today's top sources: Michael Brown (https://twitter.com/Supermathie), Slashdot (https://slashdot.org/).

Currently writing:

  • A Little Brother short story about pipeline protests. RESEARCH PHASE
  • A short story about consumer data co-ops. PLANNING

  • A Little Brother short story about remote invigilation. PLANNING

  • A nonfiction book about excessive buyer-power in the arts, co-written with Rebecca Giblin, "The Shakedown." FINAL EDITS

  • A post-GND utopian novel, "The Lost Cause." FINISHED

  • A cyberpunk noir thriller novel, "Red Team Blues." FINISHED

Currently reading: Analogia by George Dyson.

Latest podcast: How To Destroy Surveillance Capitalism (Part 05) https://craphound.com/nonficbooks/destroy/2021/05/02/how-to-destroy-surveillance-capitalism-part-05/
Upcoming appearances:

Recent appearances:

Latest book:

Upcoming books:

  • The Shakedown, with Rebecca Giblin, nonfiction/business/politics, Beacon Press 2022

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.

https://creativecommons.org/licenses/by/4.0/

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.


How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Pluralistic.net

Newsletter (no ads, tracking, or data-collection):

https://pluralistic.net/plura-list

Mastodon (no ads, tracking, or data-collection):

https://mamot.fr/web/accounts/303320

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

https://twitter.com/doctorow

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

https://mostlysignssomeportents.tumblr.com/tagged/pluralistic

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla

Identifying the Person Behind Bitcoin Fog [Schneier on Security]

The person behind the Bitcoin Fog was identified and arrested. Bitcoin Fog was an anonymization service: for a fee, it mixed a bunch of people’s bitcoins up so that it was hard to figure out where any individual coins came from. It ran for ten years.

Identifying the person behind Bitcoin Fog serves as an illustrative example of how hard it is to be anonymous online in the face of a competent police investigation:

Most remarkable, however, is the IRS’s account of tracking down Sterlingov using the very same sort of blockchain analysis that his own service was meant to defeat. The complaint outlines how Sterlingov allegedly paid for the server hosting of Bitcoin Fog at one point in 2011 using the now-defunct digital currency Liberty Reserve. It goes on to show the blockchain evidence that identifies Sterlingov’s purchase of that Liberty Reserve currency with bitcoins: He first exchanged euros for the bitcoins on the early cryptocurrency exchange Mt. Gox, then moved those bitcoins through several subsequent addresses, and finally traded them on another currency exchange for the Liberty Reserve funds he’d use to set up Bitcoin Fog’s domain.

Based on tracing those financial transactions, the IRS says, it then identified Mt. Gox accounts that used Sterlingov’s home address and phone number, and even a Google account that included a Russian-language document on its Google Drive offering instructions for how to obscure Bitcoin payments. That document described exactly the steps Sterlingov allegedly took to buy the Liberty Reserve funds he’d used.

15:42

C++ coroutines: Converting among tasks that use the same promise [The Old New Thing]

If the only difference between tasks is in the awaiter, then it’s possible to convert between them without the promise even knowing what happened. We have an example of this with our simple_task and com_simple_task, which differ only in the awaiter produced by the co_await operator. This means that we can actually convert between the two by simple wrapping the promise inside the other class:

    template<typename T>
    struct simple_task : details::simple_task_base<T>
    {
        using base = details::simple_task_base<T>;
        simple_task() noexcept = default;
        simple_task(details::simple_promise<T>*
            initial) noexcept : base(initial)
            { this->promise->start(); }
        simple_task(com_aware_task<T>&& other) noexcept
            : base(std::move(other)) { }
        ...
    };

    template<typename T>
    struct com_aware_task : details::simple_task_base<T>
    {
        using base = details::simple_task_base<T>;
        com_aware_task() noexcept = default;
        com_aware_task(details::simple_promise<T>*
            initial) noexcept : base(initial)
            { this->promise->start(); }
        com_aware_task(simple_task<T>&& other) noexcept
            : base(std::move(other)) { }
        ...
    };

You can now take a simple_task<T> and re-wrap it inside a com_aware_task<T>:

extern async_helpers::simple_task<void> SomethingAsync();

auto task = com_aware_task<void>(SomethingAsync());

The Something­Async function returned a simple_task<void>, but we converted it to a com_aware_task<void>.

We can also do the same thing to convert a cold-start task to a simple task or com-aware task by adopting the promise and starting it. However, we cannot convert a hot-start task into a cold-start task because the task has already started; you can’t un-start a task.

The last step here is to remove the need to retype the coroutine return value when performing the conversion. We do this by adding deduction guides.

    template<typename T>
    simple_task(com_aware_task<T>&&) -> simple_task<T>;
    template<typename T>
    com_aware_task(simple_task<T>&&) -> com_aware_task<T>;

Now you can write

auto task = com_aware_task(SomethingAsync());

Next time, I’ll look at a dark corner of the coroutine specification and how danger lurks inside.

The post C++ coroutines: Converting among tasks that use the same promise appeared first on The Old New Thing.

12:49

CodeSOD: A Real Switcheroo [The Daily WTF]

Much of the stories and code we see here are objectively bad. Many of them are bad when placed into the proper context. Sometimes we're just opinionated. And sometimes, there's just something...

11:28

Grrl Power #941 – Distract a Detla [Grrl Power]

Detla is going to get the impression that Archon is some sort of co-ed college comedy romp. That or she’s going to start punching dudes. It’s also possible that everyone in Arc-SWAT has decided to cock block Achilles today because that’s the thing they drew out of the Hat of Stuff to Do if Supervillains Don’t Attack.

Dabbler’s appearance isn’t permanently changing, in case you were worried about that. She just decided to wear something a little more tan today. (Possibly a little too tan. Any caucasian person that tan is going to look like an old catcher’s mitt by the time they’re 34.) Changing her glamor is a little harder than just laying on the couch changing channels, but… it’s not a whole lot harder either. It’s an innate ability controlled by a spell – a spell she’s had a lot of practice with, and maintaining it takes less mana than her mana regeneration rate.

It’s really hard drawing people looking down. That’s what Max is supposed to be doing in panel 2, looking down at Math’s manties, but it looks like she’s sighing. I guess it works either way, really. The problem is that women (especially sexy cartoon women) have full lashes, so if their eyes are only 1/4 of the way open, then lashes cover everything and it looks like their eyes are closed.


The new vote incentive is not quite ready yet. Well, it is, but I wanted to do an extra variant and maybe a little comic page, so it’ll be up with Thursday’s comic if not sooner.

 

 

 


Double res version will be posted over at Patreon. Feel free to contribute as much as you like!

10:28

An alternative to hustle [Seth's Blog]

No one wants to be hustled. To be pitched and pushed and most of all, pressured into buying something. Hustle culture has been around for a long time, but the internet–and new forms of it in particular–seems to amplify the feeling.

Three elements of hustle stand out for me:

  • The reality of what’s on offer can’t match the hype, and so it feels false.
  • The pitch can’t succeed on merit, so social pressure is used instead.
  • The pitch is made in the wrong place at the wrong time, without earning permission. We wouldn’t miss it if it weren’t there.

The folks at Akimbo (an independent B corp) have been quietly building a series of interactive workshops that help people build value and show up in the marketplace without hustle. By doing good work that you can be proud of.

Here’s what they’ve got coming up:

The flagship altMBA has already helped more than 5,000 people transform their careers and their lives. The Regular Decision Deadline is tomorrow, May 4th for altMBA’s July 2021 session.

Ramon Ray’s The Small Business Workshop starts tomorrow, May 4th, and you can enroll now. It’s back for its third session.

Real Skills, a one-day non-conference is happening on May 14th (tickets available now). No speakers, no Powerpoints, simply small-group interaction designed to change the way you and your team create possibility. This is the fifth session, and many people have done it more than once.

The Creative’s Workshop, session four, starts in a few weeks and enrollment is open now. In this workshop (which led to my book The Practice), you’ll learn to find your voice and ship work you care about. Now in its fourth session, participants have been amazed at how deep and wide this work can go, and how powerful the connections created within cohorts can be.

And bestselling author Bernadette Jiwa is back with the seventh session of the Story Skills Workshop. This is an essential foundation for anyone seeking to be heard, to make a difference and to engage with people to make change happen. Bernadette’s breakthrough approach is proven to be effective. You can check it out today.

When you’re ready to level up, it’s possible to learn to make a bigger impact.

08:28

Comic: Alternative Sourcing [Penny Arcade]

New Comic: Alternative Sourcing

06:21

1501 [Looking For Group]

The post 1501 appeared first on Looking For Group.

Russell Coker: DNS, Lots of IPs, and Postal [Planet Debian]

I decided to start work on repeating the tests for my 2006 OSDC paper on Benchmarking Mail Relays [1] and discover how the last 15 years of hardware developments have changed things. There have been software changes in that time too, but nothing that compares with going from single core 32bit systems with less than 1G of RAM and 60G IDE disks to multi-core 64bit systems with 128G of RAM and SSDs. As an aside the hardware I used in 2006 wasn’t cutting edge and the hardware I’m using now isn’t either. In both cases it’s systems I bought second hand for under $1000. Pedants can think of this as comparing 2004 and 2018 hardware.

BIND

I decided to make some changes to reflect the increased hardware capacity and use 2560 domains and IP addresses, which gave the following errors as well as a startup time of a minute on a system with two E5-2620 CPUs.

May  2 16:38:37 server named[7372]: listening on IPv4 interface lo, 127.0.0.1#53
May  2 16:38:37 server named[7372]: listening on IPv4 interface eno4, 10.0.2.45#53
May  2 16:38:37 server named[7372]: listening on IPv4 interface eno4, 10.0.40.1#53
May  2 16:38:37 server named[7372]: listening on IPv4 interface eno4, 10.0.40.2#53
May  2 16:38:37 server named[7372]: listening on IPv4 interface eno4, 10.0.40.3#53
[...]
May  2 16:39:33 server named[7372]: listening on IPv4 interface eno4, 10.0.47.0#53
May  2 16:39:33 server named[7372]: listening on IPv4 interface eno4, 10.0.48.0#53
May  2 16:39:33 server named[7372]: listening on IPv4 interface eno4, 10.0.49.0#53
May  2 16:39:33 server named[7372]: listening on IPv6 interface lo, ::1#53
[...]
May  2 16:39:36 server named[7372]: zone localhost/IN: loaded serial 2
May  2 16:39:36 server named[7372]: all zones loaded
May  2 16:39:36 server named[7372]: running
May  2 16:39:36 server named[7372]: socket: file descriptor exceeds limit (123273/21000)
May  2 16:39:36 server named[7372]: managed-keys-zone: Unable to fetch DNSKEY set '.': not enough free resources
May  2 16:39:36 server named[7372]: socket: file descriptor exceeds limit (123273/21000)

The first thing I noticed is that a default configuration of BIND with 2560 local IPs (when just running in the default recursive mode) takes a minute to start and needed to open over 100,000 file handles. BIND also had some errors in that configuration which led to it not accepting shutdown requests. I filed Debian bug report #987927 [2] about this. One way of dealing with the errors in this situation on Debian is to edit /etc/default/named and put in the following line to allow BIND to access to many file handles:

OPTIONS="-u bind -S 150000"

But the best thing to do for BIND when there are many IP addresses that aren’t going to be used for DNS service is to put a directive like the following in the BIND configuration to specify the IP address or addresses that are used for the DNS service:

listen-on { 10.0.2.45; };

I have just added the listen-on and listen-on-v6 directives to one of my servers with about a dozen IP addresses. While 2560 IP addresses is an unusual corner case it’s not uncommon to have dozens of addresses on one system.

dig

When doing tests of Postfix for relaying mail I noticed that mail was being deferred with DNS problems (error was “Host or domain name not found. Name service error for name=a838.example.com type=MX: Host not found, try again“. I tested the DNS lookups with dig which failed with errors like the following:

dig -t mx a704.example.com
socket.c:1740: internal_send: 10.0.2.45#53: Invalid argument
socket.c:1740: internal_send: 10.0.2.45#53: Invalid argument
socket.c:1740: internal_send: 10.0.2.45#53: Invalid argument

; <
> DiG 9.16.13-Debian <
> -t mx a704.example.com
;; global options: +cmd
;; connection timed out; no servers could be reached

Here is a sample of the strace output from tracing dig:
bind(20, {sa_family=AF_INET, sin_port=htons(0), 
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
recvmsg(20, {msg_namelen=128}, 0)       = -1 EAGAIN (Resource temporarily 
unavailable)
write(4, "\24\0\0\0\375\377\377\377", 8) = 8
sendmsg(20, {msg_name={sa_family=AF_INET, sin_port=htons(53), 
sin_addr=inet_addr("10.0.2.45")}, msg_
namelen=16, msg_iov=[{iov_base="86\1 
\0\1\0\0\0\0\0\1\4a704\7example\3com\0\0\17\0\1\0\0)\20\0\0\0\0
\0\0\f\0\n\0\10's\367\265\16bx\354", iov_len=57}], msg_iovlen=1, 
msg_controllen=0, msg_flags=0}, 0) 
= -1 EINVAL (Invalid argument)
write(2, "socket.c:1740: ", 15)         = 15
write(2, "internal_send: 10.0.2.45#53: Invalid argument", 45) = 45
write(2, "\n", 1)                       = 1
futex(0x7f5a80696084, FUTEX_WAIT_PRIVATE, 0, NULL) = 0
futex(0x7f5a80696010, FUTEX_WAKE_PRIVATE, 1) = 0
futex(0x7f5a8069809c, FUTEX_WAKE_PRIVATE, 1) = 1
futex(0x7f5a80698020, FUTEX_WAKE_PRIVATE, 1) = 1
sendmsg(20, {msg_name={sa_family=AF_INET, sin_port=htons(53), 
sin_addr=inet_addr("10.0.2.45")}, msg_namelen=16, msg_iov=[{iov_base="86\1 
\0\1\0\0\0\0\0\1\4a704\7example\3com\0\0\17\0\1\0\0)\20\0\0\0\0\0\0\f\0\n\0\10's\367\265\16bx\354", 
iov_len=57}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EINVAL 
(Invalid argument)
write(2, "socket.c:1740: ", 15)         = 15
write(2, "internal_send: 10.0.2.45#53: Invalid argument", 45) = 45
write(2, "\n", 1)

Ubuntu bug #1702726 claims that an insufficient ARP cache was the cause of dig problems [3]. At the time I encountered the dig problems I was seeing lots of kernel error messages “neighbour: arp_cache: neighbor table overflow” which I solved by putting the following in /etc/sysctl.d/mine.conf:
net.ipv4.neigh.default.gc_thresh3 = 4096
net.ipv4.neigh.default.gc_thresh2 = 2048
net.ipv4.neigh.default.gc_thresh1 = 1024

Making that change (and having rebooted because I didn’t need to run the server overnight) didn’t entirely solve the problems. I have seen some DNS errors from Postfix since then but they are less common than before. When they happened I didn’t have that error from dig. At this stage I’m not certain that the ARP change fixed the dig problem although it seems likely (it’s always difficult to be certain that you have solved a race condition instead of made it less common or just accidentally changed something else to conceal it). But it is clearly a good thing to have a large enough ARP cache so the above change is probably the right thing for most people (with the possibility of changing the numbers according to the required scale). Also people having that dig error should probably check their kernel message log, if the ARP cache isn’t the cause then some other kernel networking issue might be related.

Preliminary Results


With Postfix I’m seeing around 24,000 messages relayed per minute with more than 60% CPU time idle. I’m not sure exactly how to count idle time when there are 12 CPU cores and 24 hyper-threads as having only 1 process scheduled for each pair of hyperthreads on a core is very different to having half the CPU cores unused. I ran my script to disable hyper-threads by telling the Linux kernel to disable each processor core that has the same core ID as another, it was buggy and disabled the second CPU altogether (better than finding this out on a production server). Going from 24 hyper-threads of 2 CPUs to 6 non-HT cores of a single CPU didn’t change the thoughput and the idle time went to about 30%, so I have possibly halved the CPU capacity for these tasks by disabling all hyper-threads and one entire CPU which is surprising given that I theoretically reduced the CPU power by 75%. I think my focus now has to be on hyper-threading optimisation.
Since 2006 the performance has gone from ~20 messages per minute on relatively commodity hardware to 24,000 messages per minute on server equipment that is uncommon for home use but which is also within range of home desktop PCs. I think that a typical desktop PC with a similar speed CPU, 32G of RAM and SSD storage would give the same performance. Moore’s Law (that transistor count doubles approximately every 2 years) is often misquoted as having performance double every 2 years. In this case more than 1024* the performance over 15 years means the performance doubling every 18 months. Probably most of that is due to SATA SSDs massively outperforming IDE hard drives but it’s still impressive.

Notes


I’ve been using example.com for test purposes for a long time, but RFC2606 specifies .test, .example, and .invalid as reserved top level domains for such things. On the next iteration I’ll change my scripts to use .test.
My current test setup has a KVM virtual machine running my bhm program to receive mail which is taking between 20% and 50% of a CPU core in my tests so far. While that is happening the kvm process is reported as taking between 60% and 200% of a CPU core, so kvm takes as much as 4* the CPU of the guest due to the virtual networking overhead – even though I’m using the virtio-net-pci driver (the most efficient form of KVM networking for emulating a regular ethernet card). I’ve also seen this in production with a virtual machine running a ToR relay node.
I’ve fixed a bug where Postal would try to send the SMTP quit command after encountering a TCP error which would cause an infinite loop and SEGV.


West Antarctic ice sheet [Richard Stallman's Political Notes]

The West Antarctic ice sheet could start to break up within this decade. If it does, it will eventually raise sea level by an additional two feet. I don't know how long it would take for that extra sea level rise to occur.

UK undercover thugs [Richard Stallman's Political Notes]

UK undercover thugs that infiltrated peaceful political groups lied about their activities to justify continuing to spy on them. This according to former minister Peter Hain, who participated in a political campaign to end apartheid in South Africa and thereby became one of the targets for this spying.

He charges that the choice to infiltrate that movement was made for political reasons: the government supported South Africa and therefore opposed pressure against apartheid.

UK police officers convicted [Richard Stallman's Political Notes]

*Four [UK] police officers have been convicted after one of them beat up a member of the public and the others helped him to cover it up.*

Latest round of US relief checks [Richard Stallman's Political Notes]

The latest round of relief checks sent to US taxpayers made a big, though temporary, dent in overall poverty in the US..

Making this permanent would convert it into a form of universal basic income.

The popularity of extra support to Americans suggests it might be politically possible to lift all children in the US out of poverty.

Border-crossing children [Richard Stallman's Political Notes]

The US border thugs are now quickly transferring border-crossing children to long-term shelters run by the Department of Health and Human Services. Far fewer children are in the first-level camps at any time. This is how the system is supposed to work.

It is still necessary for journalists to look at the conditions in those shelters, and in the first-level camps.

Climate defense activism [Richard Stallman's Political Notes]

Climate defense activism, shared, can give people a feeling of joy to cope with the external disasters.

Former Louisiana thug faces charges [Richard Stallman's Political Notes]

A former Louisiana thug faces state and federal charges for attacking and injuring a man he was arresting, with no legitimate reason.

If we weed out the violent thugs for crimes that are not fatal, we may be able to avoid most of the killings that some of them would have gone on to commit.

Free childcare [Richard Stallman's Political Notes]

*Free childcare equals class warfare, say Republicans.* I agree, and it's time the non-rich fought back — let's march! Children should grow up with less stress.

US prescription drug prices [Richard Stallman's Political Notes]

*Study Commissioned by Sanders Shows US Pays 2 to 4 Times More for Prescription Drugs Than Other Nations.*

US laws provide a handout to pharma companies by restricting the practice of buying prescription drugs at retail price in other countries and selling them to Americans to fill their prescriptions. That allows pharma companies to charge a higher price in the US than anywhere else in the world.

Australians stuck in India [Richard Stallman's Political Notes]

Australia has made it a crime for Australians stuck in India to return home. They face imprisonment, and ruinous fines.

Many of them have been stuck in India for a year trying to get a flight home. The seats available were few and expensive.

Climate scientists are seeing hope [Richard Stallman's Political Notes]

Rebecca Solnit: climate scientists are starting to see hope that we will do what is necessary, as fast as is necessary, to avoid climate disaster.

But we are not on a course for safety yet. We need to fight for this. The new hope is that, by fighting, we can win.

Theocratic populism [Richard Stallman's Political Notes]

India's encounter with theocratic populism is much like that in the US.

Indian politicians threaten criminal charges against people that report the shortage of oxygen.

I am disappointed that the article propagates a claim about the emperor Nero that may be a lie concocted by his enemies.

Bolsonaro may face impeachment [Richard Stallman's Political Notes]

Bolsonaro may face impeachment and prosecution for almost half a million Brazilians that his policies caused to die.

Defending rights of wetlands [Richard Stallman's Political Notes]

A lawsuit in Florida attempts to defend the rights of some wetlands.

I may well agree that the construction of that housing should be stopped. Aside from the threat to the wetlands, it sounds like the construction is too close to sea level and likely to be flooded in a few decades. I suspect that someone is being swindled. No one should build anything in lowland areas of Florida.

However, the idea that the wetlands "have rights" seems like a kludge. Philosophically, only a being that can have desires and make choices can have rights. I would rather achieve the same result — blocking bad development — in a conceptually coherent way.

Taliban deal with the US [Richard Stallman's Political Notes]

The Taliban made a deal with the US to protect US and other western forces in Afghanistan, until their planned departure on May 1, from other Islamist groups.

This follows the Taliban's pattern. In 2001, the Taliban offered to kick out al-Qa'ida for the sake of peace with the US. Too bad Dubya was not interested.

Tunisia loan through the IMF [Richard Stallman's Political Notes]

Tunisia has arranged a loan through the IMF, and (as usual) there is an element of dooH niboR in it. Wages will be reduced.

Will the profits of business shareholders be reduced?

Abu Zubaydah suing countries that kidnapped and tortured him [Richard Stallman's Political Notes]

Abu Zubaydah, a prisoner in Guantanamo based on an false accusation of being a member of al-Qa'ida, is suing the countries that kidnapped and tortured him.

Girl Genius for Monday, May 03, 2021 [Girl Genius]

The Girl Genius comic for Monday, May 03, 2021 has been posted.

05:28

2021-05-03 [Skin Horse]

Shaenon: Aaand we’re back. Thank you very much to Jeff and Pancha for helping me through a month of downtime, and to everyone sticking with the strip. I’ll do my best to entertain.

04:49

Russ Allbery: Review: The Voyage of the Dawn Treader [Planet Debian]

Review: The Voyage of the Dawn Treader, by C.S. Lewis

Illustrator: Pauline Baynes
Series: Chronicles of Narnia #3
Publisher: Collier Books
Copyright: 1952
Printing: 1978
ISBN: 0-02-044260-2
Format: Mass market
Pages: 216

There was a boy named Eustace Clarence Scrubb and he almost deserved it.

The Voyage of the Dawn Treader is the third Narnia book in original publication order (see my review of The Lion, the Witch and the Wardrobe for more about reading order). You could arguably start reading here; there are a lot of references to the previous books, but mostly as background material, and I don't think any of it is vital. If you wanted to sample a single Narnia book to see if you'd get along with the series, this is the one I'd recommend.

Since I was a kid, The Voyage of the Dawn Treader has held the spot of my favorite of the series. I'm happy to report that it still holds up. Apart from one bit that didn't age well (more on that below), this is the book where the story and the world-building come together, in part because Lewis picks a plot shape that works with what he wants to write about.

The younger two Pevensie children, Edmund and Lucy, are spending the summer with Uncle Harold and Aunt Alberta because their parents are in America. That means spending the summer with their cousin Eustace. C.S. Lewis had strong opinions about child-raising that crop up here and there in his books, and Harold and Alberta are his example of everything he dislikes: caricatured progressive, "scientific" parents who don't believe in fiction or mess or vices. Eustace therefore starts the book as a terror, a whiny bully who has only read boring practical books and is constantly scoffing at the Pevensies and making fun of their stories of Narnia. He is therefore entirely unprepared when the painting of a ship in the guest bedroom turns into a portal to the Narnia and dumps the three children into the middle of the ocean.

Thankfully, they're in the middle of the ocean near the ship in the painting. That ship is the Dawn Treader, and onboard is Caspian from the previous book, now king of Narnia. He has (improbably) sorted things out in his kingdom and is now on a sea voyage to find seven honorable Telmarine lords who left Narnia while his uncle was usurping the throne. They're already days away from land, headed towards the Lone Islands and, beyond that, into uncharted seas.

MAJOR SPOILERS BELOW.

Obviously, Eustace gets a redemption arc, which is roughly the first half of this book. It's not a bad arc, but I am always happy when it's over. Lewis tries so hard to make Eustace insufferable that it becomes tedious. As an indoor kid who would not consider being dumped on a primitive sailing ship to be a grand adventure, I wanted to have more sympathy for him than the book would allow.

The other problem with Eustace's initial character is that Lewis wants it to stem from "modern" parenting and not reading the right sort of books, but I don't buy it. I've known kids whose parents didn't believe in fiction, and they didn't act anything like this (and kids pick up a lot more via osmosis regardless of parenting than Lewis seems to realize). What Eustace acts like instead is an entitled, arrogant rich kid who is used to the world revolving around him, and it's fascinating to me how Lewis ignores class to focus on educational philosophy.

The best part of Eustace's story is Reepicheep, which is just setup for Reepicheep becoming the best part of The Voyage of the Dawn Treader.

Reepicheep, the leader of Narnia's talking mice, first appears in Prince Caspian, but there he's mostly played for laughs: the absurdly brave and dashing mouse who rushes into every fight he sees. In this book, he comes into his own as the courage and occasionally the moral conscience of the party. Caspian wants to explore and to find the lords of his past, the Pevensie kids want to have a sea adventure, and Eustace is in this book to have a redemption arc, but Reepicheep is the driving force at the heart of the voyage. He's going to Aslan's country beyond the sea, armed with a nursemaid's song about his destiny and a determination to be his best and most honorable self every step of the way, and nothing is going to stop him.

Eustace, of course, takes an immediate dislike to a talking rodent. Reepicheep, in return, is the least interested of anyone on the ship in tolerating Eustace's obnoxious behavior and would be quite happy to duel him. But when Eustace is turned into a dragon, Reepicheep is the one who spends hours with him, telling him stories and ensuring he's not alone. It's beautifully handled, and my only complaint is that Lewis doesn't do enough with the Eustace and Reepicheep friendship (or indeed with Eustace at all) for the rest of the book.

After Eustace's restoration and a few other relatively short incidents comes the second long section of the book and the part that didn't age well: the island of the Dufflepuds. It's a shame because the setup is wonderful: a cultivated island in the middle of nowhere with no one in sight, mysterious pounding sounds and voices, the fun of trying to figure out just what these invisible creatures could possibly be, and of course Lucy's foray into the second floor of a house, braving the lair of a magician to find and read one of the best books of magic in fantasy.

Everything about how Lewis sets this scene is so well done. The kids are coming from an encounter with a sea serpent and a horrifically dangerous magic island and land on this scene of eerily normal domesticity. The most dangerous excursion is Lucy going upstairs in a brightly lit house with soft carpet in the middle of the day. And yet it's incredibly tense because Lewis knows exactly how to put you in Lucy's head, right down to having to stand with her back to an open door to read the book.

And that book! The pages only turn forward, the spells are beautifully illustrated, and the sense of temptation is palpable. Lucy reading the eavesdropping spell is one of the more memorable bits in this series, at least for me, and makes a surprisingly subtle moral point about the practical reasons why invading other people's privacy is unwise and can just make you miserable. And then, when Lucy reads the visibility spell that was her goal, there's this exchange, which is pure C.S. Lewis:

"Oh Aslan," said she, "it was kind of you to come."

"I have been here all the time," said he, "but you have just made me visible."

"Aslan!" said Lucy almost a little reproachfully. "Don't make fun of me. As if anything I could do would make you visible!"

"It did," said Aslan. "Did you think I wouldn't obey my own rules?"

I love the subtlety of what's happening here: the way that Lucy is much more powerful than she thinks she is, but only because Aslan decided to make the rules that way and chooses to follow his own rules, making himself vulnerable in a fascinating way. The best part is that Lewis never belabors points like this; the characters immediately move on to talk about other things, and no one feels obligated to explain.

But, unfortunately, along with the explanation of the thumping and the magician, we learn that the Dufflepuds are (remarkably dim-witted) dwarfs, the magician is their guardian (put there by Aslan, no less!), he transformed them into rather absurd shapes that they hate, and all of this is played for laughs. Once you notice that these are sentient creatures being treated essentially like pets (and physically transformed against their will), the level of paternalistic colonialism going on here is very off-putting. It's even worse that the Dufflepuds are memorably funny (washing dishes before dinner to save time afterwards!) and are arguably too dim to manage on their own, because Lewis made the authorial choice to write them that way. The "white man's burden" feeling is very strong.

And Lewis could have made other choices! Coriakin the magician is a fascinating and somewhat morally ambiguous character. We learn later in the book that he's a star and his presence on the island is a punishment of sorts, leading to one of my other favorite bits of theology in this book:

"My son," said Ramandu, "it is not for you, a son of Adam, to know what faults a star can commit."

Lewis could have kept most of the setup, kept the delightfully silly things the Dufflepuds believe, changed who was responsible for their transformation, and given Coriakin a less authoritarian role, and the story would have been so much stronger for it.

After this, the story gets stranger and wilder, and it's in the last part that I think the true magic of this book lies. The entirety of The Voyage of the Dawn Treader is a progression from a relatively mundane sea voyage to something more awe-inspiring. The last few chapters are a tour de force of wonder: rejuvenating stars, sunbirds, the Witch's stone knife, undersea kingdoms, a sea of lilies, a wall of water, the cliffs of Aslan's country, and the literal end of the world. Lewis does it without much conflict, with sparse description in a very few pages, and with beautifully memorable touches like the quality of the light and the hush that falls over the ship.

This is the part of Narnia that I point to and wonder why I don't see more emulation (although I should note that it is arguably an immram). Tolkien-style fantasy, with dwarfs and elves and magic rings and great battles, is everywhere, but I can't think of many examples of this sense of awe and discovery without great battles and detailed explanations. Or of characters like Reepicheep, who gets one of the best lines of the series:

"My own plans are made. While I can, I sail east in the Dawn Treader. When she fails me, I paddle east in my coracle. When she sinks, I shall swim east with my four paws. And when I can swim no longer, if I have not reached Aslan's country, or shot over the edge of the world in some vast cataract, I shall sink with my nose to the sunrise and Peepiceek shall be the head of the talking mice in Narnia."

The last section of The Voyage of the Dawn Treader is one of my favorite endings of any book precisely because it's so different than the typical ending of a novel. The final return to England is always a bit disappointing in this series, but it's very short and is preceded by so much wonder that I don't mind. Aslan does appear to the kids as a lamb at the very end of the world, making Lewis's intended Christian context a bit more obvious, but even that isn't belabored, just left there for those who recognize the symbolism to notice.

I was curious during this re-read to understand why The Voyage of the Dawn Treader is so much better than the first two books in the series. I think it's primarily due to two things: pacing, and a story structure that's better aligned with what Lewis wants to write about.

For pacing, both The Lion, the Witch and the Wardrobe and Prince Caspian have surprisingly long setups for short books. In The Voyage of the Dawn Treader, by contrast, it takes only 35 pages to get the kids in Narnia, introduce all the characters, tour the ship, learn why Caspian is off on a sea voyage, establish where this book fits in the Narnian timeline, and have the kids be captured by slavers. None of the Narnia books are exactly slow, but Dawn Treader is the first book of the series that feels like it knows exactly where it's going and isn't wasting time getting there.

The other structural success of this book is that it's a semi-episodic adventure, which means Lewis can stop trying to write about battles and political changes whose details he's clearly not interested in and instead focus wholeheartedly on sense-of-wonder exploration. The island-hopping structure lets Lewis play with ideas and drop them before they wear out their welcome. And the lack of major historical events also means that Aslan doesn't have to come in to resolve everything and instead can play the role of guardian angel.

I think The Voyage of the Dawn Treader has the most compelling portrayal of Aslan in the series. He doesn't make decisions for the kids or tell them directly what to do the way he did in the previous two books. Instead, he shows up whenever they're about to make a dreadful mistake and does just enough to get them to make a better decision. Some readers may find this takes too much of the tension out of the book, but I have always appreciated it. It lets nervous child readers enjoy the adventures while knowing that Aslan will keep anything too bad from happening. He plays the role of a protective but non-interfering parent in a genre that usually doesn't have parents because they would intervene to prevent adventures.

I enjoyed this book just as much as I remembered enjoying it during my childhood re-reads. Still the best book of the series.

This, as with both The Lion, the Witch and the Wardrobe and Prince Caspian, was originally intended to be the last book of the series. That, of course, turned out to not be the case, and The Voyage of the Dawn Treader is followed (in both chronological and original publication order) by The Silver Chair.

Rating: 9 out of 10

04:42

How To Destroy Surveillance Capitalism (Part 05) [Cory Doctorow's craphound.com]

This week on my podcast, part five of a serialized reading of my 2020 Onezero/Medium book How To Destroy Surveillance Capitalism, now available in paperback (you can also order signed and personalized copies from Dark Delicacies, my local bookstore).

MP3

04:00

Feeling Left Out [Diesel Sweeties webcomic by rstevens]

this is a diesel sweeties comic strip

Why are you so mad all the time, Red Robot?

02:14

On Balance [QC RSS]

it is Marigold time

Feeds

FeedRSSLast fetchedNext fetched after
XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
a bag of four grapes XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
A Smart Bear: Startups and Marketing for Geeks XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
Anarcho's blog XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
Ansible XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
Bad Science XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
Black Doggerel XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
Blog – Official site of Stephen Fry XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
Broodhollow XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
Charlie Brooker | The Guardian XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
Charlie's Diary XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
Chasing the Sunset - Comics Only XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
Clay Shirky XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
Coding Horror XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
Cory Doctorow – Boing Boing XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
Cory Doctorow's craphound.com XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
Ctrl+Alt+Del Comic XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
Cyberunions XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
David Mitchell | The Guardian XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
Debian GNU/Linux System Administration Resources XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
Deeplinks XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
Diesel Sweeties webcomic by rstevens XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
Dilbert XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
Dork Tower XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
Economics from the Top Down XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
Edmund Finney's Quest to Find the Meaning of Life XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
Eerie Cuties XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
EFF Action Center XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
Enspiral Tales - Medium XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
Erin Dies Alone XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
Events XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
Falkvinge on Liberty XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
Flipside XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
Flipside XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
Free software jobs XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
Full Frontal Nerdity by Aaron Williams XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
General Protection Fault: The Comic Strip XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
George Monbiot XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
Girl Genius XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
God Hates Astronauts XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
Graeme Smith XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
Groklaw XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
Grrl Power XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
Hackney Anarchist Group XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
http://calendar.google.com/calendar/feeds/q7s5o02sj8hcam52hutbcofoo4%40group.calendar.google.com/public/basic XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
http://dynamic.boingboing.net/cgi-bin/mt/mt-cp.cgi?__mode=feed&_type=posts&blog_id=1&id=1 XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
http://eng.anarchoblogs.org/feed/atom/ XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
http://feed43.com/3874015735218037.xml XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
http://feeds2.feedburner.com/GeekEtiquette?format=xml XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
http://fulltextrssfeed.com/ XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
http://london.indymedia.org/articles.rss XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
http://pipes.yahoo.com/pipes/pipe.run?_id=ad0530218c055aa302f7e0e84d5d6515&amp;_render=rss XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
http://the-programmers-stone.com/feed/ XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
http://thecommune.co.uk/feed/ XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
http://www.airshipentertainment.com/buck/buckcomic/buck.rss XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
http://www.airshipentertainment.com/growf/growfcomic/growf.rss XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
http://www.airshipentertainment.com/myth/mythcomic/myth.rss XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
http://www.baen.com/baenebooks XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
http://www.dcscience.net/feed/medium.co XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
http://www.feedsapi.com/makefulltextfeed.php?url=http%3A%2F%2Fwww.somethingpositive.net%2Fsp.xml&what=auto&key=&max=7&links=preserve&exc=&privacy=I+accept XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
http://www.freedompress.org.uk/news/feed/ XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
http://www.steampunkmagazine.com/inside/feed/ XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
http://www.tinycat.co.uk/feed/ XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
https://hackbloc.org/rss.xml XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
https://kajafoglio.livejournal.com/data/atom/ XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
https://philfoglio.livejournal.com/data/atom/ XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
https://studiofoglio.livejournal.com/data/atom/ XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
https://twitter.com/statuses/user_timeline/22724360.rss XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
https://web.randi.org/?format=feed&type=rss XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
https://www.DropCatch.com/domain/ubuntuweblogs.org XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
https://www.goblinscomic.com/category/comics/feed/ XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
https://www.hackneysolidarity.info/rss.xml XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
https://www.newstatesman.com/feeds/blogs/laurie-penny.rss XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
https://www.patreon.com/graveyardgreg/posts/comic.rss XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
https://www.rightmove.co.uk/rss/property-for-sale/find.html?locationIdentifier=REGION^876&maxPrice=240000&minBedrooms=2&displayPropertyType=houses&oldDisplayPropertyType=houses&primaryDisplayPropertyType=houses&oldPrimaryDisplayPropertyType=houses&numberOfPropertiesPerPage=24 XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
Humble Bundle Blog XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
I, Cringely XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
Irregular Webcomic! XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
Joel on Software XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
Judith Proctor's Journal XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
Krebs on Security XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
Lambda the Ultimate - Programming Languages Weblog XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
LLVM Project Blog XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
Looking For Group XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
Loomio Blog XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
LWN.net XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
Menage a 3 XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
Mimi and Eunice XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
Neil Gaiman's Journal XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
Nina Paley XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
O Abnormal – Scifi/Fantasy Artist XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
Oglaf! -- Comics. Often dirty. XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
Oh Joy Sex Toy XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
Order of the Stick XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
Original Fiction – Tor.com XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
OSnews XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
Paul Graham: Unofficial RSS Feed XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
Penny Arcade XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
Penny Red XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
PHD Comics XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
Phil's blog XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
Planet Debian XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
Planet GNU XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
Planet GridPP XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
Planet Lisp XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
Pluralistic: Daily links from Cory Doctorow XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
Property is Theft! XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
PS238 by Aaron Williams XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
QC RSS XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
Radar XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
RevK®'s ramblings XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
Richard Stallman's Political Notes XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
Scenes From A Multiverse XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
Schneier on Security XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
SCHNEWS.ORG.UK XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
Scripting News XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
Seth's Blog XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
Skin Horse XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
Spinnerette XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
Starslip by Kris Straub XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
Tales From the Riverbank XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
The Adventures of Dr. McNinja XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
The Bumpycat sat on the mat XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
The Command Line XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
The Daily WTF XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
The Monochrome Mob XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
The Non-Adventures of Wonderella XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
The Old New Thing XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
The Open Source Grid Engine Blog XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
The Phoenix Requiem XML 21:49, Wednesday, 05 May 22:29, Wednesday, 05 May
The Rogues Gallery XML 21:35, Wednesday, 05 May 22:23, Wednesday, 05 May
The Stranger, Seattle's Only Newspaper: Savage Love XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
TorrentFreak XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
towerhamletsalarm XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
Twokinds XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
UK Indymedia Features XML 22:00, Wednesday, 05 May 22:42, Wednesday, 05 May
Uploads from ne11y XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
Uploads from piasladic XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May
Use Sword on Monster XML 21:35, Wednesday, 05 May 22:22, Wednesday, 05 May
Wayward Sons: Legends - Sci-Fi Full Page Webcomic - Updates Daily XML 21:28, Wednesday, 05 May 22:14, Wednesday, 05 May
What If? XML 21:49, Wednesday, 05 May 22:30, Wednesday, 05 May
Whatever XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
Whitechapel Anarchist Group XML 21:28, Wednesday, 05 May 22:17, Wednesday, 05 May
WIL WHEATON dot NET XML 22:07, Wednesday, 05 May 22:51, Wednesday, 05 May
wish XML 22:07, Wednesday, 05 May 22:52, Wednesday, 05 May
xkcd.com XML 22:07, Wednesday, 05 May 22:50, Wednesday, 05 May