Tootfinder

"""
The case of One Laptop per Child shows us why it is dangerous to ignore the origins of charisma: one risks being perpetually entranced by the newest charismatic technology. This is not to say that cultural change with a technology-centric project is impossible. Still, even more realistic reforms grounded in the realities of their intended beneficiaries sometimes have difficulty gaining broad popular support outside the school unless they add a charismatic gloss of rapid, revolutionary change.
This charismatic pressure can put even open-eyed reformers in a catch-22. They must promise dramatic results to gain the social and financial support for reforms, and then they must either admit to not achieving their goals or pretend that they did achieve them. Either way, funders will declare that the project is finished and withdraw financial support, and then researchers and other observers will begin to note the discrepancies between reformers’ promises and their own observations. Thus, projects that rely on charismatic technologies are often short lived; their resources are cut off before charisma recedes into the background and before the technology becomes part of everyday classroom experience. This catch-22 has dogged efforts for educational reform, development, and cultural change — especially those funded through grants or other short-term funding — for well over a century. As the technology community moves on to the next charismatic device without learning from its failures, this will continue to hamper the possibility of real, if incremental, change.
[…] After all, charisma is ultimately a conservative social force. Even when charismatic technologies promise to quickly and painlessly transform our lives for the better, they appeal precisely because they echo existing stereotypes, confirm the value of existing power relations, and reinforce existing ideologies. Meanwhile, they may divert attention and resources from more complicated, expensive, or politically charged reforms that do not promise a quick fix and are thus less charismatic.
"""
(Morgan G. Ames, The Charisma Machine)

Quick note:
If you make something that is secure, users have to trust it.
If you give users any reason not to trust something, they will stop trusting that it's secure.
It doesn't matter if it's true or not. It doesn't matter if they need to do the Charleston for 20 minutes while singing backwards Gilbert & Sullivan songs to activate it.
If it's there, and they have a reason not to trust it, then they stop trusting your secure system.
Fai…

A note on the Thom morphism for the classifying space of certain Lie groups and gauge groups
Eiolf Kaspersen, Gereon Quick
https://arxiv.org/abs/2405.12717

Google Geminiを使うNotebookLMがちょっとすごい。
資料を読み込ませて、内容を参照できる。ノートを分離することもできる。これはキラーアプリになるかもしれない。
https://notebooklm.google

NotebookLM | Note Taking & Research Assistant Powered by AI
Use the power of AI for quick summarization and note taking, NotebookLM is your powerful virtual research assistant rooted in information you can trust.

It's nice having the blog back up and running again. I ran into an issue running Gitea calling webhooks because it didn't trust my sketchy certificate authority. Not the most difficult solution, but having the blog back online means that I can fix it, then document it...and hopefully help someone out. #homelab

Quick note while I am thinking about it. I was unhappy with Publii for a while because I couldn't get it to sync with github.
That has been fixed and I redid the authorization in my Github account and it works beautifully.
I prefer Publii because it is local markdown files and I can copy them over to Obsidian.
I have converted my old WP site to markdown and will publish it through Publii as well.

My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…

My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…