2024-04-29 22:15:37
It's looking really tempting to create a really simple demo for the Xbox. I wouldn't do it until I get my Xbox fully ready for use again.
#Xbox
It's looking really tempting to create a really simple demo for the Xbox. I wouldn't do it until I get my Xbox fully ready for use again.
#Xbox
We, the people of the United States (and everyone else), should have the right to share, markup, remix, and widely reuse the text of the laws that govern our country.
Tell congress that the written law must be truly open https://act.eff.org/action/tell-congre
This https://arxiv.org/abs/2302.05030 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csDS_…
Went to a fully automated sushi place last night. It felt like I was in Tokyo.
Food delivered on a conveyor belt 🍣
Robot brings the drinks. 🤖
Dish disposal at the table, which tracks what you've eaten.
Pay via screen at table. Never saw a waiter after being seated.
Anime all over the walls too.
#restaurant
Mass action systems: two criteria for Hopf bifurcation without Hurwitz
Nicola Vassena
https://arxiv.org/abs/2402.18188 https://arxiv.…
This https://arxiv.org/abs/2311.02667 has been replaced.
link: https://scholar.google.com/scholar?q=a
I just sent messages to both my senators and my congressperson urging them to oppose the Pro Codes Act.
Basically that Act would allow companies to retain copyright in the Law and limit access to it in various ways.
That's absurd, the Law should be in the public domain so that everyone can know what they are expected to abide by.
Here's a link from the @… to make it easier to do:
#Law #Copyright #Congress
My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…
This https://arxiv.org/abs/2403.14765 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_qu…
This https://arxiv.org/abs/2311.04590 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csIR_…
Long gamma-ray burst light curves as the result of a common stochastic pulse-avalanche process
Lorenzo Bazzanini, Lisa Ferro, Cristiano Guidorzi, Giuseppe Angora, Lorenzo Amati, Massimo Brescia, Mattia Bulla, Filippo Frontera, Romain Maccary, Manuele Maistrello, Piero Rosati, Anastasia Tsvetkova
https://arxiv.org/abs/2403.18754<…
I like to think of myself as a generally well prepared individual. And tonight, as I went to pick up my daughter from after-school activities, I anticipated the battery in my vehicle to be dead. And I was right. And I was prepared for it.
Well, dear reader, I was fully NOT prepared for getting stung TWICE by the disco party of hornets in my engine bay, right where I put my hand to open the hood. I was so shocked I honestly though I was getting electrocuted for a moment.
This https://arxiv.org/abs/2402.03445 has been replaced.
link: https://scholar.google.com/scholar?q=a
My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…
Shipped some Choria things after a bit of a break, generally available Puppet-free builds getting near.
I've had fully working Puppet free builds for a long time but not ones I'd support for Open Source Community, but generally Puppet-free for the open source distro of Choria getting very close.
https://
Paris-based Zama, an open-source cryptography startup developing fully homomorphic encryption technology for blockchain and AI apps, raised a $73M Series A (Mike Wheatley/SiliconANGLE)
https://siliconangle.com/2024/03/07/bl
Harnessing Multi-Role Capabilities of Large Language Models for Open-Domain Question Answering
Hongda Sun, Yuxuan Liu, Chengwei Wu, Haiyu Yan, Cheng Tai, Xin Gao, Shuo Shang, Rui Yan
https://arxiv.org/abs/2403.05217
Rotation at the Fully Convective Boundary: Insights from Wide WD MS Binary Systems
Federica Chiti, Jennifer L. van Saders, Tyler M. Heintz, J. J. Hermes, J. M. Joel Ong, Daniel R. Hey, Michele M. Ramirez-Weinhouse, Alison Dugas
https://arxiv.org/abs/2403.12129
We are now offering online, 6-week intensive summer courses in Elementary Biblical Hebrew and Elementary New Testament Greek, open to the public.
Course tuition is free for YDS students. For all others it is: $3,673
For more info and to apply: https://divi…
Determination of output composition in reaction-advection-diffusion systems on network reactors
Renato Feres, Eric Pasewark, Gregory Yablonsky
https://arxiv.org/abs/2403.18239
This https://arxiv.org/abs/2402.02260 has been replaced.
link: https://scholar.google.com/scholar?q=a
A Fully-Configurable Open-Source Software-Defined Digital Quantized Spiking Neural Core Architecture
Shadi Matinizadeh, Noah Pacik-Nelson, Ioannis Polykretis, Krupa Tishbi, Suman Kumar, M. L. Varshika, Arghavan Mohammadhassani, Abhishek Mishra, Nagarajan Kandasamy, James Shackleford, Eric Gallo, Anup Das
https://arxiv.org/abs/24…
What?! They did away with the best bit of all BMW estates as well? I don't believe it?
On the G61:
"This model gets a bad mark for the fact that it’s the first 5 Touring that doesn’t feature a separately opening rear glass section of the rear hatch, so you have to open it fully every time you have something to place there."
This https://arxiv.org/abs/2312.01639 has been replaced.
link: https://scholar.google.com/scholar?q=a
TURB-Hel: an open-access database of helically forced homogeneous and isotropic turbulence
Luca Biferale, Fabio Bonaccorso, Moritz Linkmann, Damiano Capocci
https://arxiv.org/abs/2404.07653
OmniNxt: A Fully Open-source and Compact Aerial Robot with Omnidirectional Visual Perception
Peize Liu, Chen Feng, Yang Xu, Yan Ning, Hao Xu, Shaojie Shen
https://arxiv.org/abs/2403.20085
Harnessing Multi-Role Capabilities of Large Language Models for Open-Domain Question Answering
Hongda Sun, Yuxuan Liu, Chengwei Wu, Haiyu Yan, Cheng Tai, Xin Gao, Shuo Shang, Rui Yan
https://arxiv.org/abs/2403.05217
This https://arxiv.org/abs/2310.17062 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csNI_…
Consistency analysis of refined instrumental variable methods for continuous-time system identification in closed-loop
Rodrigo A. Gonz\'alez, Siqi Pan, Cristian R. Rojas, James S. Welsh
https://arxiv.org/abs/2404.08955
Commutant of sum of two quasihomogeneous Toeplitz operators
Aissa Bouhali, Issam Louhichi
https://arxiv.org/abs/2403.10813 https://ar…
This https://arxiv.org/abs/2311.04590 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csIR_…
Non-preservation of $\alpha$-concavity for the porous medium equation in higher dimensions
Xi Sisi Shen, Pranay Talla
https://arxiv.org/abs/2403.13226 http…
Stages of blooming. Daisy, Jan 2024. Los Angeles County Arboretum, Arcadia, California, USA. #nature #naturephotography #daisyflower
The dependence of the magnetism of a near-limb sunspot on height
M. Benko (Astronomical Institute, Slovak Academy of Sciences, Tatransk\'a Lomnica, Slovakia), H. Balthasar (Leibniz-Institute for Astrophysics Potsdam, Germany), P. G\"om\"ory (Astronomical Institute, Slovak Academy of Sciences, Tatransk\'a Lomnica, Slovakia), C. Kuckein (Instituto de Astrof\'isica de Canarias, Departamento de Astrof\'isica, Universidad de La Laguna, La Laguna, Tenerife, Spain, M…
This https://arxiv.org/abs/2402.03729 has been replaced.
link: https://scholar.google.com/scholar?q=a
This https://arxiv.org/abs/2403.12608 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_…
Helicopter is still at it.
At this rate the Open Collective Foundation will be fully dissolved before i can hear my own thoughts over the racket made by the Minnesota state police helicopter (Minneapolis cops don't have a copter unless Frey also misappropriated COVID funds or something for that too, maybe we can pressure the state to require a good old conservative cost-benefit analysis before they accept requests for the chopper from the Murderapolis cops).
Potentialisations of a class of fully-nonlinear symmetry-integrable evolution equations
Marianna Euler, Norbert Euler
https://arxiv.org/abs/2403.05722 http…
NOMAD CAMELS: Configurable Application for Measurements, Experiments and Laboratory Systems
Alexander D. Fuchs, Johannes A. F. Lehmeyer, Heinz Junkes, Heiko B. Weber, Michael Krieger
https://arxiv.org/abs/2402.07548
Feature Density Estimation for Out-of-Distribution Detection via Normalizing Flows
Evan D. Cook, Marc-Antoine Lavoie, Steven L. Waslander
https://arxiv.org/abs/2402.06537
This https://arxiv.org/abs/2303.15527 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_hepp…
This https://arxiv.org/abs/2307.02140 has been replaced.
link: https://scholar.google.com/scholar?q=a
This https://arxiv.org/abs/2311.13359 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_hepe…
Primordial black hole formation processes with full numerical relativity
Eloy de Jong
https://arxiv.org/abs/2403.02878 https://arxiv.…
This https://arxiv.org/abs/2402.00786 has been replaced.
link: https://scholar.google.com/scholar?q=a
This https://arxiv.org/abs/2311.04893 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_qu…
3D-Speaker-Toolkit: An Open Source Toolkit for Multi-modal Speaker Verification and Diarization
Yafeng Chen, Siqi Zheng, Hui Wang, Luyao Cheng, Tinglong Zhu, Changhe Song, Rongjie Huang, Ziyang Ma, Qian Chen, Shiliang Zhang, Xihao Li
https://arxiv.org/abs/2403.19971
This https://arxiv.org/abs/2311.01939 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csRO_…
Lyapunov-Based Deep Residual Neural Network (ResNet) Adaptive Control
Omkar Sudhir Patil, Duc M. Le, Emily J. Griffis, Warren E. Dixon
https://arxiv.org/abs/2404.07385
This https://arxiv.org/abs/2305.13380 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_…
This https://arxiv.org/abs/2310.17062 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csNI_…
NOMAD CAMELS: Configurable Application for Measurements, Experiments and Laboratory Systems
Alexander D. Fuchs, Johannes A. F. Lehmeyer, Heinz Junkes, Heiko B. Weber, Michael Krieger
https://arxiv.org/abs/2402.07548
This https://arxiv.org/abs/2312.13320 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csDS_…
This https://arxiv.org/abs/2403.05722 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_nli…
This https://arxiv.org/abs/2310.17062 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csNI_…
This https://arxiv.org/abs/2402.00786 has been replaced.
link: https://scholar.google.com/scholar?q=a
This https://arxiv.org/abs/2401.06042 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_qu…
This https://arxiv.org/abs/2311.04590 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csIR_…