Skip to content

Justin Mason's Weblog Posts

Links for 2021-09-15

  • why Apple devices have wifi problems on non-Apple APs

    I’ve always suspected some bullshit like this — Apple devices (Macs and iPhones) expect a specific non-standard wifi setting. If you’ve noticed Apple devices falling off the network and taking a long time (many seconds) to rejoin, where devices with other OSes do not have the same problem, this may be the cause. tl;dr: the DTIM (delivery traffic indication message) setting, which defaults to 1 in a standards-compliant AP, is expected to be set to 3 by Apple devices, in order to improve battery life. Source: (“Apple engineers have strongly suggested a DTIM of 3.”)

    (tags: dtim wifi wireless 802.11 apple aps hardware networking)

Leave a Comment

Links for 2021-09-14

  • Covid-19 and the new merchants of doubt

    How best can scientists push back against [science denialists]? There is a range of evidence-based strategies. These include: “Public inoculation”–warning people about the risk of being misled and drawing attention to who is pushing the contentious information and their financial competing interests; Highlighting scientific consensus; and Mapping the institutional networks who are pushing controversial information and then using political and legal strategies to counter them. For physicians, scientists, and public health officials to be effective countering efforts like the [Great Barrington declaration], it will be absolutely critical for them to realize that they are not dealing with an orthodox scientific debate based on sound data and evidence, but a well-funded sophisticated science denialist campaign based on ideological and corporate interests.

    (tags: denialism climate-change covid-19 science communication astroturf fakes evidence fake-news)

Leave a Comment

Links for 2021-09-08

  • Oracle Cloud Always Free Tier

    Whoa, this is unexpected — Oracle Cloud has a really good deal for hobby projects, including: ‘4 Arm-based Ampere A1 cores and 24 GB of memory usable as one VM or up to 4 VMs; 2 Block Volumes Storage, 200 GB total; 2 AMD based Compute VMs with 1/8 OCPU** and 1 GB memory each.’ The catch is that at the end of the 30 day trial period, the 4 ARM-based VMs will be terminated, but the other resources remain intact.

    (tags: arm oracle hobbies projects hacks hosting cloud free)

Leave a Comment

Links for 2021-09-07

  • doctorray117/minecraft-ondemand

    ‘Almost-free serverless on-demand Minecraft server in AWS’:

    Instead of paying a minecraft hosting service for a private server for you and your friends, host it yourself. By utilizing several AWS services, a minecraft server can automatically start when you’re ready to use it, and shut down when you are done. The final cost will depend on use but can be as little as a a dollar or two per month. The cost estimate breakdown is below. This is a reasonably cost effective solution for someone that doesn’t need their server running 24/7. If that’s you, read on! The process works as follows: Open Minecraft Multiplayer, let it look for our server, it will time out. The DNS lookup query is logged in Route 53 on our public hosted zone. CloudWatch forwards the query to a Lambda function. The Lambda function modifies an existing ECS Fargate service to a desired task count of 1. Fargate launches two containers, Minecraft and a watchdog, which updates the DNS record to the new IP The watchdog optionally sends a text message through Twilio when the server is ready. Refresh Minecraft server list, server is ready to connect. After 10 minutes without a connection or 20 minutes after the last client disconnects (customizable) the watchdog sets the desired task count to zero and shuts down.
    This is a very neat hack, actually quite potentially usable, and a good illustration of how viable Fargate+EFS are at hosting transient but not transitory workloads!

    (tags: minecraft fargate efs aws lambda hacks hosting)

Leave a Comment

Links for 2021-09-03

  • Climate Adaptation and Equity

    Great read from EARTH3R:

    We have traditionally treated disaster management like we’re trying to build things back to what they were before the disaster. Climate change increasingly is showing us that’s not what we should be doing. Climate adaptation is not about maintaining the status quo. Frankly, the status quo sucks for a lot of people. […] We have to think about doing things differently. New Orleans 100 years ago didn’t look exactly like it does today, and it won’t look like it does now 100 years from now. Things will change. Adaptation is deciding what things from 100 years ago we want to hold onto, and what things will change — and making sure a bunch of rich white people aren’t the only ones deciding what to hold onto.

    (tags: climate-change adaptation future flooding hurricane-ida)

Leave a Comment

Links for 2021-08-31

  • Build-To-Rent (BTR), Aparthotels, and Irish housing policy

    Good Twitter thread detailing the (IMO disastrous) history of these “new and exciting” ways in which Ireland’s Fine Gael government were lobbied successfully in 2015 and 2018 to rewrite housing policy and permit co-living, communal living, very small studios, and 1-bedroom apartments. This then resulted in many property developers scrapping existing plans and going back to the drawing board to cram in as many tiny apartments as possible to maximise their returns

    (tags: living ireland apartments rental btr aparthotels housing policy fg)

Comments closed

Links for 2021-08-27

Comments closed

Links for 2021-08-26

  • How Data Brokers Sell Access to the Backbone of the Internet

    Interesting, didn’t realise this data was being resold….

    “I’m concerned that netflow data being offered for commercial purposes is a path to a dark fucking place,” one source familiar with the data told Motherboard. […] At a high level, netflow data creates a picture of traffic flow and volume across a network. It can show which server communicated with another, information that may ordinarily only be available to the server owner or the ISP carrying the traffic. Crucially, this data can be used for, among other things, tracking traffic through virtual private networks, which are used to mask where someone is connecting to a server from, and by extension, their approximate physical location. Team Cymru, one threat intelligence firm, works with ISPs to access that netflow data, three sources said. Keith Chu, communications director for the office of Senator Ron Wyden which has been conducting its own investigations into the sale of sensitive data, added that Team Cymru told the office “it obtains netflow data from third parties in exchange for threat intelligence.” Companies that may source Team Cymru’s data include cybersecurity firms hired to respond to data breaches or proactively hunt out hackers. On its website, Team Cymru says it works with both public and private sector teams to “to help identify, track and stop bad actors both in cyber space and on the ground.” “I’m less worried about a bad guy hacker and more worried about a bad guy government or company or politician,” one source familiar with the data said. A source in the threat intelligence industry added that they “always thought it was kinda bonkers,” referring to Team Cymru’s sale of netflow data.

    (tags: vpns surveillance web privacy team-cymru netflow isps threat-intelligence)

Comments closed

Links for 2021-08-25

  • Back Market

    “Your Refurbished (Super) Marketplace” — an eBay for refurbished devices. “Back Market has created a transparent grading system that takes into account both the cosmetic appearance and technical condition of every device. Every device is guaranteed to be 100% functional on our site—so ”technical condition” refers to the durability one can expect from a product given its refurbisher’s operations/processes and historical quality data). Everything is fully transparent so you can choose from three conditions based on your needs.” Looks decent, Paris-based.

    (tags: refurbs devices hardware smartphones iphones gadgets shopping)

Comments closed

Links for 2021-08-18

Comments closed

Links for 2021-08-11

  • DCC’s greenwashing PR

    Excellent demonstration via Robbie Semple on Twitter: “Ireland’s biggest fossil fuel company is @dccplc. They are a FTSE100 company. Last year they made £13.4 billion in revenue and £530.2 million in profit. 71% of the profit came from their fossil fuel businesses. ‘In the face of a global crisis, Ireland’s biggest fossil fuel company refuses to stop selling fossil fuels ’: Why is this not more of a story? DCC are very good at communications. Given how they make their money, most publicity is bad for business, so they keep a low profile. And what they do communicate is very skilful. […] “We have adopted a Net Zero 2050 target for our group Scope 1 and 2 emissions. Our interim target is a 20% reduction by 2025.” This is a masterclass in how to tell the world you won’t stop selling fossil fuels without telling the world you won’t stop selling fossil fuels. The key is referring only to scope 1 and 2 emissions, meaning the emissions produced in running their business. For DCC, that will include things like electricity for their factories, and fuel for their trucks. But they don’t mention scope 3 emissions, which would include emissions produced in their supply chain, or by their customers. For DCC, that means they don’t have to worry about the methane that escapes when it’s fracked out of the earth, or the carbon emitted as their oil and gas they sell is burned by end users. DCC’s 2021 sustainability report refers to scope 3 emissions, but doesn’t quantify them and has set no targets for reducing them. So with their current banner commitments, they could double the amount of fossil fuels they sell and still meet their 2050 targets.” Scope 1/2/3 emissions are a hard concept to get your head around, but very important in dissecting greenwashing PR.

    (tags: pr greenwashing dcc ireland via:robbie-semple net-zero fossil-fuels climate-change emissions scope-3 scope-1 scope-2)

  • Identity verification would not help racist abuse on Twitter

    Twitter UK analysed the racist abuse directed at England football players on the night of the Euro 2020 final, and noted: “our data suggests that ID verification would have been unlikely to prevent the abuse from happening — as of the permanently suspended accounts, 99% of account owners were identifiable.”

    (tags: anonymity abuse racism twitter social-media id-verification)

  • ‘I don’t want to be seen as a zealot’: what MPs really think about the climate crisis

    Well, this is a problem —

    Running these workshops was a fascinating experience. In each, there was a definite point which I came to think of as a “penny-drop moment”, when the participants came to realise the significance of the climate crisis and the way it would shape our collective future. In one workshop, for example, a very eminent scientist explained to MPs how crop yields are likely to be severely affected by extreme weather, a likely scenario if global average temperatures rise by 2C or more – and that this could lead to food shortages. The response was striking. There was a silence, a collective intake of breath, a recognition of the significance of the changes that could be upon us if we don’t act. And then, at the end of our workshop, they walked out of the door and back to their normal lives. […] It became clear to me that there were two main reasons why MPs struggled with the issue: first, because it didn’t fit easily into the culture of political life and their own identity as a parliamentarian; and second, because they worried that public support for climate action was limited, and that, as representatives, they needed to be led by their electorate.
    I have some confidence that a Citizen’s Assembly approach is the right answer here. In Ireland it was clear that politicians felt more comfort with gay marriage and abortion as topics once those CAs had delivered their findings and demonstrated how an electorate really felt about them.

    (tags: democracy elections future climate-change uk politics politicians)

Comments closed

Links for 2021-08-10

  • Lambda vs EC2 costs

    BBVA run the numbers on AWS Lambda vs bare-EC2 cost effectiveness. This is a good analysis, as of Dec 2020 pricing at least:

    With traffic profiles where requests arrive in at periodic intervals, and a low total amount of requests, serverless architecture seems to be a great architecture in terms of cost, speed of delivery and effort. Thus, Lambda is probably the way to go if our application has sufficiently large periods of inactivity. Once the break-even point is reached, when EC2 is more cost-effective than Lambda, the cost difference grows rapidly, making Lambda less and less attractive in terms of cost. Thus, it is of great importance to know if the expected amount of traffic will be around the break-even point. Be aware of the CPU throttling you will get with the smaller memory flavors of Lambda. If your code is CPU-bound, choosing the smaller memory flavors might not be an option, since execution times, and thus latency, might grow beyond your requirements. On the other hand, if your code is I/O bound, the CPU throttling might not affect you significantly. Break-even point (if there is one, that is) strongly depends on the application itself. Without measuring the target application code, knowing the intended usage of the service, the SLA and the capabilities of the team in charge of building the application it is almost impossible to know for sure which service, Lambda or EC2, is more convenient.
    IMO there are still significant costs in organisational and infrastructure terms around replacing a working EC2 infrastructure with a Lambda-based one; deployment and other integration points with AWS are extremely tricky to deal with. But this is good data on the $ point alone.

    (tags: serverless aws lambda costs cost-control ec2 hosting architecture)

  • For want of a screenless MP3 player

    Yes, I know about Pi-Hole. If you are telling me about Pi-Hole you are inadvertently proving my point, which is that responsibility or intentionally parenting these days involves a frankly unreasonable and untenable amount of both content moderation both passive and interactive and at this point a quite enraging amount of goddamn systems administration.

    (tags: culture tech ads spam pi-hole home parenting life)

Comments closed

Links for 2021-08-07

  • Edward Luper’s “36 Views of the BT Tower”

    These are fantastic — “Much like Hokusai’s views of Mt. Fuji, Edward Luper’s prints capture London’s BT Tower from various vantage points and throughout different weather patterns and seasons. And while initiative’s like these run the risk of coming across a kitschy copies, Luper’s attention to detail and artistic execution renders them an artful adoration for a city. “[BT Tower] became a point of stability for me; like a lighthouse. My life seems to revolve around it in some way or form. Much in the same way Mount Fuji was to the artist Katsushika Hokusai.””

    (tags: hokusai ukiyo-e art prints london mt-fuji edward-luper)

Comments closed

Links for 2021-08-05

  • ‘Machine Learning: The High-Interest Credit Card of Technical Debt’

    Cannot agree more with this paper from Google: ‘One of the basic arguments in this paper is that machine learning packages have all the basic code complexity issues as normal code, but also have a larger system-level complexity that can create hidden debt. Thus, refactoring these libraries, adding better unit tests, and associated activity is time well spent but does not necessarily address debt at a systems level. In this paper, we focus on the system-level interaction between machine learning code and larger systems as an area where hidden technical debt may rapidly accumulate. At a system-level, a machine learning model may subtly erode abstraction boundaries. It may be tempting to re-use input signals in ways that create unintended tight coupling of otherwise disjoint systems. Machine learning packages may often be treated as black boxes, resulting in large masses of “glue code” or calibration layers that can lock in assumptions. Changes in the external world may make models or input signals change behavior in unintended ways, ratcheting up maintenance cost and the burden of any debt. Even monitoring that the system as a whole is operating as intended may be difficult without careful design. Indeed, a remarkable portion of real-world “machine learning” work is devoted to tackling issues of this form. Paying down technical debt may initially appear less glamorous than research results usually reported in academic ML conferences. But it is critical for long-term system health and enables algorithmic advances and other cutting-edge improvements.’ (via Grady Booch)

    (tags: via:gradybooch ai ml machine-learning google papers coding research production glue)

  • Fronius Smart Meter 63A-3

    Regarding smart home power management — Niall Douglas on ITC says “If you choose your solar inverter components right, they’ll come with a LAN capable mains AC meter which you stick just after the mains. It essentially duplicates the smart meter, should get very close, but it’s on your LAN and you can Home Assistant script the lot. My notes here suggest [this meter] for €385 inc VAT delivered, it talks to all the other Fronius kit such as inverter and thermal store immersions over your LAN. All with high quality Home Assistant support.”

    (tags: fronius home-assistant smart-home home power energy solar-power)

  • Forecast.Solar – Home Assistant

    The Forecast.Solar service provides solar production forecasting for your solar panel system, based on historic averages combined with weather forecasting. This integration provides an estimated forecast on how much energy your solar panels are going to produce, allowing you to plan ahead on how you spend your produced energy in most efficiently.

    (tags: solar-power home forecasting home-assistant)

  • source for the Irish digital COVID cert checker app

    a nice simple, human-readable Javascript validateRules() method

    (tags: javascript covid-19 source via:itc)

Comments closed

Links for 2021-08-04

Comments closed

Links for 2021-08-02

Comments closed

Links for 2021-07-30

  • Apache Helix

    @KishoreBytes notes: “Helix [is] not well known but widely used at LinkedIn, Airbnb, Pinterest, Uber, Yahoo to build distributed systems. Helix is probably managing hundreds of thousands of servers today!” It is “a generic cluster management framework used for automatic management of partitioned, replicated and distributed resources hosted on a cluster of nodes, [providing] the following features: Automatic assignment of resource/partition to nodes; Node failure detection and recovery; Dynamic addition of Resources; Dynamic addition of nodes to the cluster; Pluggable distributed state machine to manage the state of a resource via state transitions; Automatic load balancing and throttling of transitions” Sounds handy for automatic shard-based scaling. Built on Zookeeper.

    (tags: zookeeper helix sharding scalability scaling via:kishorebytes partitioning architecture)

  • Half cooked & half raw: the Irish tradition of spuds with a moon

    […] a method of cookery practiced by the rural poor in the early to mid 19th century Ireland […] Parboiling or half-roasting rendered a potato that was at once half-cooked and half-raw, with the inner core hard to the bite. Potatoes cooked in this way were called potatoes with the moon (an ghealach) or potatoes with the bone. William Wilde, father of Oscar, describes the practice in some detail in his essay, ‘The Food of the Irish’, which was published in 1854 in the Dublin University Magazine. Here is his explanation of the practice: “the heart of the potato was allowed, by checking the boiling at a particular point, to remain parboiled, hard and waxy; when the rest of the potato has been masticated in the usual manner, this hard lump, about the size of a walnut, was bolted; and in this manner nearly a stone of the root was taken into the stomach of the Irish labourer per diem… it was grounded on a certain knowledge of physiology. “The stomach digested the well boiled farinaceous portion of the potato within the space of a few hours, and that having all been disposed of, the half-boiled lumps remained behind, and a second digestion was commenced to assimilate this portion of food, and convert it into nutritious, life-sustaining material; which latter process lasted some hours longer, and thus the craving of hunger were warded off for five or six hours after the original meal.”

    (tags: parboiling potatoes history hunger ireland rural spuds moon physiology)

Comments closed

Links for 2021-07-29

  • Funding GIMP developers for sustainable development

    This is a great idea and a good way to approach OSS funding, IMO:

    We have seen skilled developers come and go for years, the latter becoming a growing concern. Contributing takes a crazy amount of time and people have family, work and other responsibilities to take care of. Thus when core team contributors are willing to be paid for making Free Software, we have decided that GIMP as a project should encourage such endeavours by putting more emphasis on their funding. There are currently 2 such crowdfunding projects. You can consider these crowdfundings as “official” as can be and completely endorsed by the GIMP project.

    (tags: oss funding via:hn gimp open-source crowdfunding gnome)

Comments closed

Links for 2021-07-28

  • Long-term Symptoms After SARS-CoV-2 Infection in Children and Adolescents

    Paper in JAMA, mentioned by Daniel Griffin in his COVID-19 Clinical Updates on TWIV. “We compared symptoms compatible with long COVID in children and adolescents reported within 6 months after SARS-CoV-2 serologic testing [… using] a longitudinal cohort study investigating SARS-CoV-2 seroprevalence in 55 randomly selected schools in the canton of Zurich in Switzerland.” Results: 4% — so 1 in 25 — reported at least one symptom lasting more than 3 months after the initial infection date, particularly fatigue, or difficulty concentrating.

    (tags: covid-19 via:daniel-griffin via:twiv long-covid children kids jama zurich switzerland)

  • “Brides to be” & Bullshit – A case study in Irish astroturf

    There was a “protest” outside the Dail in Dublin yesterday purporting to be “brides-to-be” disappointed at ongoing COVID-19 restrictions on weddings. As this Reddit post notes, however, it seems extremely likely that this “protest” is an astroturfed PR campaign. Sadly the Irish news media were happy to report it straight and gloss over the astroturfing. ‘Nothing I’ve said here will really be a surprise to anyone, and it’s not exactly the Reichstag Fire, but I hope it’s a useful example of just how poorly Irish media serves the audience, and how easily astroturfing is done here. This protest couldn’t muster the hundred or so “real” people they expected to show up, as the padding they’d have needed to look convincing, but others can – and do. Something worth remembering for how our national media covers major, minor, totally or partly fake protests in future, and how protests are organised in the first place. Not all their instigators are as mostly-harmless as Wedding Planners.’

    (tags: protests ireland pr astroturf)

  • Outdoor Swimming Pools in Ireland

    Pretty short list, unfortunately :(

    (tags: swimming ireland outdoors heated pools kids)

Comments closed

Links for 2021-07-26

  • lengstrom/falcon

    Chrome extension for flexible full text browsing history search. Press f, then space or tab, in the omnibar to start searching your previously visited websites! Every time you visit a website in Chrome, Falcon indexes all the text on the page so that the site can be easily found later. Then, for example, if you type f mugwort, Falcon will show the websites you visited containing the text “mugwort”! Install from the Chrome store here or get the CRX file!

    (tags: extension chrome search falcon indexing)

Comments closed

Links for 2021-07-25

  • a 20-year patent blocked gallium doping for solar panels

    ‘the reason we have been stuck using boron instead of gallium over the past 20 years is that the process of doping silicon with gallium was locked under a patent.’ IP destroying the world now….

    (tags: ip climate-change solar-panels energy gallium patents)

  • The known knowns, known unknowns, and unknown unknowns of COVID-19 – Bulletin of the Atomic Scientists

    Finally, a decent article on the origins of COVID-19 from The Bulletin of the Atomic Scientists, by Ian Lipkin:

    Over the past 40 years, I have personally been involved in addressing several: HIV/AIDS, West Nile encephalitis, SARS, MERS, Lujo, Lassa, Nipah, Dandenong, Ebola, Marburg, dengue, monkeypox, Zika, influenza, and COVID-19. Estimates of numbers of unknown viruses lurking in mammals range from 320,000 to 1,000,000. If even 1 percent of them can infect humans or domestic animals, we may be ignorant of thousands of potential threats to human health and food security. In an increasingly interconnected world, diseases that might once have been contained to a region are now global. Accordingly, the international community can have zero tolerance for wildlife markets and wildlife trafficking for food, medicinal, or pet trade purposes. Our current focus in on China. However, trafficking in wildlife is a global threat and should be banned everywhere. It may have contributed to the emergence of HIV/AIDS and to outbreaks of Ebola and Marburg

    (tags: known-knowns sars-cov-2 diseases zoonoses covid-19 ian-lipkin health future wildlife)

Comments closed

Links for 2021-07-08

  • robhagemans/hoard-of-bitfonts

    Wow, this is Proustian —

    This repository contains bitmapped fonts from disused operating systems and graphical user interfaces. As operating systems and GUIs have moved on to scalable vector fonts, the bitmap fonts that dominated the 1980s and 1990s languish away in non-obvious and often binary formats that are rapidly falling into obscurity. The main purpose of this repository is to liberate these fonts from their binary shackles, preserving the ancient art of monochrome bitmap typography for human appreciation.

    (tags: fonts typography via:hackernews bitmap retrocomputing history)

Comments closed

Links for 2021-07-07

Comments closed

Links for 2021-07-05

  • What’s Inside the EU Green Pass QR Code?

    Including a Python script to decode a Green Pass code:

    As you can see, 23 year-old Gabriele was vaccinated in February, once, with BioNTech/Pfizer’s Comirnaty. What is not included is the date during which she is considered immune. Those are calculated from the number of shots received and the date of vaccination, as well as the circumstances (going to a restaurant vs. going to work, for example) by the scanner app. Apart from the name/manufacturer of the received vaccine, there is no superfluous data inside, so the QR code is not a privacy nightmare, as some have feared.

    (tags: covid19 vaccination coronavirus green-pass eu qr-codes python data-privacy)

  • HSE Decision Aid for 18-34 year olds considering the AZ/J&J vaccine

    Given the increased risk of vaccine-induced thrombosis, the HSE have produced this leaflet to advise young people. IMO it should really include details of Long Covid, although I guess that’s hard to quantify at this stage

    (tags: covid-19 hse astra-zeneca j-and-j vaccines vitt)

  • 6502 6510 history cpus via:craig opcodes microcode)

  • Freespin

    Amazing C=64 demo, running on a 1541 disk drive connected directly to the monitor! What an insane hack. I too ran demo code on the 1541 in one of my demos, but the only video output in that case was to flash the LED on the drive in time with the music :) (thanks Craig!)

    (tags: via:craig c=64 commodore-64 1541 hacks demos intros)

  • Anthony Costello on Long COVID in the UK

    what does the ONS data tell us with their very large datasets? They looked at 313,000 people aged 2 or over, surveyed in the month to June 6. On July 1 the new data shows 962,000 people in private households in the UK (1.5% of the population) were experiencing self-reported “long COVID” (symptoms persisting for more than four weeks). 856,000 (89.0%) first had (or suspected they had) COVID-19 at least 12 weeks previously, and 385,000 (40.0%) first had (or suspected they had) COVID-19 at least one year previously. They estimate that 13,000 children aged 2-11, 20,000 aged 12-16 and 71,000 aged 17-24 had Long Covid of any duration. Most in these 3 age groups had had symptoms for AT LEAST 12 weeks (10,000, 16000, 65000 respectively). Perhaps most worrying is that the latest UK Long Covid estimate for children aged 12-16 who experience prolonged symptoms for at least ONE YEAR is 0.12% (0.06-0.17) or 1 in 830, with possible but unknown effects on developing brain structure based on recent adult studies.
    Costello is a member of Independent SAGE and an ex-director of the WHO

    (tags: sage anthony-costello long-covid covid-19 children kids)

Comments closed

Links for 2021-07-01

Comments closed

Links for 2021-06-30

  • OpenStreetMap looks to relocate to EU due to Brexit limitations

    One “important reason”, Rischard said, was the failure of the UK and EU to agree on mutual recognition of database rights. While both have an agreement to recognise copyright protections, that only covers work which is creative in nature. Maps, as a simple factual representation of the world, are not covered by copyright in the same way, but until Brexit were covered by an EU-wide agreement that protected databases where there had been “a substantial investment in obtaining, verifying or presenting the data”. But since Brexit, any database made on or after 1 January 2021 in the UK will not be protected in the EU, and vice versa. Other concerns Rischard listed include the increasing complexity and cost of “banking, finance and using PayPal in the UK”, the inability for the organisation to secure charitable status, and the loss of .eu domains. The increased importance of the EU in matters of tech regulation also played a role: “We could more effectively lobby the EU [and] EU governments and have more of an impact, especially in countries where there is no local chapter,” Rischard wrote.

    (tags: mapping brexit uk osm openstreetmap eu copyright databases ip)

  • Discourses of climate delay

    This is an excellent classification for a particular style of climate denialism: ‘‘Discourses of climate delay’ pervade current debates on climate action. These discourses accept the existence of climate change, but justify inaction or inadequate efforts. In contemporary discussions on what actions should be taken, by whom and how fast, proponents of climate delay would argue for minimal action or action taken by others. They focus attention on the negative social effects of climate policies and raise doubt that mitigation is possible. Here, we outline the common features of climate delay discourses and provide a guide to identifying them. […] * Someone else should take actions first: redirect responsibility * Disruptive change is not necessary: push non-transformative solutions * Change will be disruptive: emphasise the downsides * It’s not possible to mitigate climate change: surrender.’

    (tags: ecology climate climate-change discourse denialism policy politics)

Comments closed

Links for 2021-06-29

  • Hackers exploited 0-day, not 2018 bug, to mass-wipe My Book Live devices

    All looking pretty shite for Western Digital — one of their engineers *removed* the need for authentication on the factory-reset PHP script for the My Book Live devices:

    A Western Digital developer created five lines of code to password-protect the reset command. For unknown reasons, the authentication check was [….] commented out as indicated by the double / character at the beginning of each line. […] The discovery raises a vexing question: if the hackers had already obtained full root access by exploiting CVE-2018-18472 [a separate bug], what need did they have for this second security flaw? There’s no clear answer, but based on the evidence available, Abdine has come up with a plausible theory — that one hacker first exploited CVE-2018-18472 and a rival hacker later exploited the other vulnerability in an attempt to wrest control of those already compromised devices.

    (tags: hacks exploits fail western-digital iot hardware php)

Comments closed

Links for 2021-06-28

  • gProfiler

    ‘a system-wide profiler, combining multiple sampling profilers to produce unified visualization of what your CPU is spending time on.’ — claims to have little impact on performance of running code, supports Linux, java and Ruby

    (tags: gprofiler profiling performance testing measurement coding ruby java linux perf via:reddit)

  • Why Is the Intellectual Dark Web Suddenly Hyping an Unproven COVID Treatment?

    Ivermectin, in this case, but hydroxychloroquine before that, and other treatments for cancer and so on before that. ‘What seems to really be at work here, in the end, is a political battle, not a medical one. The laetrile wars of the 1970s also launched what’s known as the “health freedom” movement — a libertarian-tinged social tendency that holds Americans should have unrestricted access to alternative treatments—into the spotlight. […] It’s a familiar set of claims, amounting to an assertion that being given the broadest possible platform is the same as being silenced, and that one’s theories being tested is the same as them having been suppressed.’ I think part of the appeal of these drugs is that you can claim that they _are_ a miracle cure, and that they are being suppressed by a conspiracy of silence by Big Pharma. The conspiracy part is a key selling point for the promoters. Interesting phenomenon, though.

    (tags: conspiracy-theories hcq hydroxychloroquine laetrile ivermectin treatments covid-19 medicine big-pharma miracle-cures)

  • QUIC at Snapchat – Snap Engineering

    Snapchat are fans, using cronet on the Android/iPhone client side. The HN comment thread at is also a decent read, some insightful discussion

    (tags: http3 quic tcp networking mobile udp cronet snapchat)

Comments closed

Links for 2021-06-27

Comments closed

Links for 2021-06-23

  • French spyware bosses indicted for their role in the torture of dissidents | MIT Technology Review

    Senior executives at a French spyware firm have been indicted for the company’s sale of surveillance software to authoritarian regimes in Libya and Egypt that resulted in the torture and disappearance of dissidents. While high-tech surveillance is a multibillion-dollar industry worldwide, it is rare for companies or individuals to face legal consequences for selling such technologies—even to notorious dictatorships or other dangerous regimes. But charges in the Paris Judicial Court against leaders at Amesys, a surveillance company that later changed its name to Nexa Technology, claim that the sales to Libya and Egypt over the last decade led to the crushing of opposition, torture of dissidents, and other human rights abuses. The former head of Amesys, Philippe Vannier, and three current and former executives at Nexa technologies were indicted for “complicity in acts of torture” for selling spy technology to the Libyan regime. French media report that Nexa president Olivier Bohbot, managing director Renaud Roques, and former president Stéphane Salies face the same charges for surveillance sales to Egypt.

    (tags: spyware surveillance france nexa amesys libya egypt torture human-rights)

Comments closed

Links for 2021-06-16

  • google/fully-homomorphic-encryption

    This repository contains open-source libraries and tools to perform fully homomorphic encryption (FHE) operations on an encrypted data set. […] Fully Homomorphic Encryption (FHE) is an emerging data processing paradigm that allows developers to perform transformations on encrypted data. FHE can change the way computations are performed by preserving privacy end-to-end, thereby giving users even greater confidence that their information will remain private and secure.

    (tags: cryptography encryption google security fhe homomorphic privacy data-privacy)

  • GPRS was deliberately backdoored by its designer (probably)

    Matthew Green writes: “This is an amazing paper. It implies (with strong statistical evidence) that the design of a major mobile-data encryption algorithm — used in GPRS data — was deliberately backdoored by its designer.”

    Instead of providing full 64-bit security, we show that the initial state of GEA-1 can be recovered from as little as 65 bits of known keystream (with at least 24 bits coming from one frame) in time 240 GEA-1 evaluations and using 44.5 GiB of memory. The attack on GEA-1 is based on an exceptional interaction of the deployed LFSRs and the key initialization, which is highly unlikely to occur by chance. This unusual pattern indicates that the weakness is intentionally hidden to limit the security level to 40 bit by design.

    (tags: gprs protocols security crypto gea-1 telecoms matthew-green backdoors)

Comments closed

Links for 2021-06-15

Comments closed

Links for 2021-06-08

  • The Three DynamoDB Limits You Need to Know

    there are a few limits you must understand to model properly in DynamoDB. If you’re not aware of them, you can run into a brick wall. But if you understand them and account for them, you remove the element of surprise once your app hits production. Those limits are: The item size limit; The page size limit for Query and Scan operations; and The partition throughput limits. Notice how these limits build on each other. The first is about an individual item, whereas the second is about a collection of items that are read together in a single request. Finally, the partition throughput limit is about the number and size of concurrent requests in a single DynamoDB partition.
    I just ran into the last one on a pretty massive table we own, so this is worth bookmarking…

    (tags: dynamodb aws storage gotchas limits ops architecture)

Comments closed