Skip to content

Justin Mason's Weblog Posts

Links for 2022-07-27

Comments closed

Links for 2022-07-25

  • Range Extenders for Nissan Leafs

    Installing Muxsan power pack extension kits in Ireland, to add 11kWh, 22kWh and 33kWh extensions giving an additional range of +75km, +140km and +210km on top of the basic 24/30/40kWh Leaf battery packs. Very tempted!

    (tags: nissan leaf cars driving ireland evs range muxsan)

  • The Oral History Of The Poop Emoji (Or, How Google Brought Poop To America)

    “Darren: I thought it was a joke that they were pushing for the [poop emoji] to be in the first cut, but I quickly learned that it was not a joke at all. It’s basically like having all of the letters in the English alphabet, but getting rid of random ones. Like, “Let’s take out ‘B’ because ‘B’ kind of offends me.” In Japanese, emoji are more like characters than random animated emoticons, so we pushed back really hard. We said, “We can’t launch emoji without the poop.” Not only is it extremely popular in Japan—like extremely popular—you can’t just arbitrarily take letters out of the alphabet.”

    (tags: emoji gmail history google poop shit funny japan)

Comments closed

Links for 2022-07-14

  • DynamoDB’s metastable cache load workaround

    Marc Brooker on the latest DynamoDB USENIX paper — good paper and commentary. He picks out this very interesting tidbit:

    ‘When a router received a request for a table it had not seen before, it downloaded the routing information for the entire table and cached it locally. Since the configuration information about partition replicas rarely changes, the cache hit rate was approximately 99.75 percent.’ What’s not to love about a 99.75% cache hit rate? The failure modes! ‘The downside is that caching introduces bimodal behavior. In the case of a cold start where request routers have empty caches, every DynamoDB request would result in a metadata lookup, and so the service had to scale to serve requests at the same rate as DynamoDB’ So this metadata table needs to scale from handling 0.25% of requests, to handling 100% of requests. A 400x potential increase in traffic! Designing and maintaining something that can handle rare 400x increases in traffic is super hard. To address this, the DynamoDB team introduced a distributed cache called MemDS. ‘A new partition map cache was deployed on each request router host to avoid the bi-modality of the original request router caches.’ Which leads to more background work, but less amplification in the failure cases. The constant traffic to the MemDS fleet increases the load on the metadata fleet compared to the conventional caches where the traffic to the backend is determined by cache hit ratio, but prevents cascading failures to other parts of the system when the caches become ineffective.

    (tags: aws dynamodb metastability caching caches production failure outages load memds marc-brooker papers usenix)

Comments closed

Links for 2022-07-11

  • Fairphone Open

    Very impressed by Fairphone, the greener mobile option. Here’s more info on their open source commitments — “On every smartphone we produce and sell – we publish as much source code as we legally can. And we share all of this information publicly with our users and community on our Fairphone Code website.”

    (tags: fairphone open-source phones mobile android)

  • SleepHQ

    Via Nelson; webapp to analyze CPAP machine data logs

    (tags: cpap sleep-apnea health sleep medicine)

  • Pandemic Communication Without Argumentative Strategy in the Digital Age: A Cautionary Tale and a Call to Arms

    “argumentation theory” is an interesting idea in the age of weaponised memes:

    The Covid-19 pandemic has offered some notable examples of how public communication may backfire, in spite of the best intentions of the actors involved, and what role poor argumentative design plays in such failures, in the context of the current digital media ecology. In this chapter, I offer some preliminary considerations on the ongoing struggle to make sense of the new communication technologies in our media reality, analyze a concrete example of argumentative failure in anti-Covid vaccine communication in the European Union, and leverage this case study to issue a call to arms to argumentation scholars: argumentative competence is sorely needed for an effective response to the pandemic, yet argumentation theory will need to join forces with other areas of expertise to realize its societal impact. When it comes to arguments, self-isolation is not a viable strategy to fight Covid-19.

    (tags: memes social-media medicine public-health argumentation communication covid-19 society)

Comments closed

Links for 2022-06-27

Comments closed

Links for 2022-06-24

  • DALL-E mini has a mysterious obsession with women in saris

    “What we might be seeing is a weird side effect of […] filtering or pre-processing, where images of Indian women, for example, are less likely to get filtered by the ban list, or the text describing the images is removed and they’re added to the dataset with no labels attached.” For instance, if the captions were in Hindi or another language, it’s possible that text might get muddled in processing the data, resulting in the image having no caption.

    (tags: saris india dall-e-mini pictures images ai ml preprocessing training input)

  • The stages of COVID-19 infection

    _The Importance of Understanding the Stages of COVID-19 In Treatment And Trials_, as covered regularly by Dr. Daniel Griffin on TWiV — COVID-19 infection can progress through several defined phases; “three periods: pre-exposure, incubation, and detectable viral replication; and five phases: the viral symptom phase, the early inflammatory phase, the secondary infection phase, the multi-system inflammatory phase, and the tail phase.”

    (tags: covid-19 disease infection daniel-griffin papers twiv)

Comments closed

Links for 2022-06-23

Comments closed

Links for 2022-06-20

  • What causes Long Covid? Here are the three leading theories | Science | AAAS

    Good state-of-the-art writeup on where science is with Long Covid at the moment.

    Increasingly, researchers want to fine-tune how they classify people with Long Covid, differentiating subsets based on symptoms, biology, or both. In a way, “the biggest obstacle that we are facing is we gave it one name, we gave it the name of Long Covid, which implies that it is one disease,” says Chahinda Ghossein, a physician and heart disease researcher at Maastricht University and co-leader of a 15,000-patient Long Covid study in the Netherlands. “All the studies being performed show us that it is not.”

    (tags: covid-19 long-covid health medicine disability)

Comments closed

Links for 2022-06-13

Comments closed

Links for 2022-06-10

  • “Taking the Win over COVID-19”

    Here’s why the US government have decided that “Covid is over” — a PR firm did some market research and decided that the public were bored of it:

    Recognize that people are “worn out” and feeling real harm from the years- long restrictions and take their side. Most Americans have personally moved out of crisis mode. Twice as many voters are now more concerned about COVID’s effect on the economy (49%) than about someone in their family or someone they know becoming infected with the coronavirus (24%). […] Don’t set “COVID zero” as the victory condition. Americans also don’t think victory is COVID Zero. They think the virus is here to stay, and 83% say the pandemic will be over when it’s a mild illness like the flu rather than COVID being completely gone, and 55% prefer that COVID should be treated as an endemic disease. […] Americans also assume they will get COVID: 77% agree that “it is inevitable that most people in the US will eventually get COVID-19”, and 61% of Americans who have never tested positive think they are likely to be infected over the next year. […]
    As jwz says — “In other words: facts don’t matter, only feelings matter, and what’s the point in saving lives if you’re just going to lose the midterms anyway?”

    (tags: america covid-19 us-politics pandemics diseases public-opinion market-research)

  • SARS-CoV-2 infection in hamsters and humans results in lasting and unique systemic perturbations post recovery

    It’s not just a flu (in hamsters):

    The host response to severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2) infection can result in prolonged pathologies collectively referred to as post-acute sequalae of COVID-19 (PASC) or long COVID. To better understand the mechanism underlying long COVID biology, we compared the short- and long-term systemic responses in the golden hamster following either SARS-CoV-2 or influenza A virus (IAV) infection. Results demonstrated that SARS-CoV-2 exceeded IAV in its capacity to cause permanent injury to the lung and kidney and uniquely impacted the olfactory bulb (OB) and epithelium (OE). Despite a lack of detectable infectious virus, the OB and OE demonstrated myeloid and T cell activation, proinflammatory cytokine production, and an interferon response that correlated with behavioral changes extending a month post viral clearance. These sustained transcriptional changes could also be corroborated from tissue isolated from individuals who recovered from COVID-19. These data highlight a molecular mechanism for persistent COVID-19 symptomology and provide a small animal model to explore future therapeutics.

    (tags: hamsters long-covid covid-19 papers pasc)

Comments closed

Links for 2022-06-07

Comments closed

Links for 2022-06-04

  • A quick rage-thread about credentials

    Great Twitter thread from Colm MacCarthaigh about security credentials, keeping them safe, and why time-based key expiry sucks: “When security auditors just say things like “Critical credentials need to be rotated every 90 days” you need to fire them into the sun with urgency. Here’s what you actually need … First rule of credential management: Rotation does nothing. It’s revocation that matters. You always need a well-tested mechanism to make sure that you can remove or invalidate a credential that has been compromised. Second rule of credential management: Have closed loops. Deactivated credentials are a common source of outages. When introducing a new credential you see it everywhere it needs to be before using it. When you remove one, you need to see it gone from use before deactivating. Though you can’t make that last part impossible to over-ride, because you do need to be able to lock out an attacker. Which brings up the next rule … Third rule of credential management: logging and detective controls are key. You need to be able to see when and where a credential is being used. This is important for operational safety and security. How would you even detect a stolen credential without this? Fourth rule of credential management: be INCREDIBLY wary of time-based expiry. Use only when there is no other option (e.g. public SSL certificates). There’s really no way to win with time-based expiry. If your expiry time is something like a year, you don’t get much security. Are you ok with an attacker using that cred for a year? So you still need revocation. If your expiry time is very short, like hours, are you *always* going to beat that renewal deadline? got good clocks? Super short ephemeral credentials can be done, we do it at AWS, but it takes a *lot* of resources and diligence that most organizations don’t have. Even we prefer to use real closed loops where we can. Fifth rule about credentials: Store credentials only where they are needed. This seems obvious but is rarely done. In particular it’s common to see “treasure trove” secret-distribution control-planes that know all of the credentials. Distribution planes for secrets could use one or more of end-to-end, multi-party, or threshold encryption, so that those systems themselves don’t know the secrets. We do this in places, but it’s not a common pattern in industry that I’ve seen. Sixth rule of credentials: if there is no reason to suspect credential disclosure or mis-use, leave it alone. Replacing credentials usually exposes them to more systems, at least temporarily. How do you know that’s not more risky? Seventh rule of credentials: asymmetric cryptography when you can, if not then choose between either memory-hard compute-hard hashing or derived-key symmetric auth depending on what fits your use-case. Avoid storing valuable secrets server side. Eight rule of credentials: keep credentials inside one-way enclaves like TPMs, TEEs, HSMs, when you can. Best line of defense is to keep credentials inaccessible. Ninth rule of credentials: If you can’t write down a common password comparison side-channel from memory, do not implement your own authentication. Yes this is gatekeeping. Sorry, but no. Tenth rule of credentials: Check for all-zeroes creds, and repeated values. You can do this with hashing, you don’t need to record the secrets. Coding errors, failures of entropy systems, and erasure mistakes are common enough to make this check worth doing. I’ll stop there for now, maybe add more later. These are just some of the points I go through in reviews. Would love to hear from others about their own lessons and learnings. CYA-culture shallow audits drive my crazy, I hate to see customers trapped by them.”

    (tags: security credentials authentication tls expiry ssl expiration keys key-rotation key-revocation colmmacc)

  • How fast are Linux pipes anyway?

    Very enjoyable Linux hyper-optimization through splice and huge pages

    (tags: kernel linux performance pipes vmsplice splice optimization syscalls unix)

  • Vectorized and performance-portable Quicksort

    This is a super-cool building block from Google Open Source: “We’ve created the first vectorized Quicksort: – Sorts arrays of numbers ~10x as fast as C++ std:sort – Outperforms state-of-the-art specific algorithms – Is portable across all modern CPU architectures We are interested to see what new applications and capabilities will be unlocked by being able to sort at 1 GB/s on a single CPU core.” Part of their Highway library of vectorized code, , “a C++ library that provides portable SIMD/vector intrinsics.” Low-level, hyperoptimized libs like this will be very important to ameliorate climate change impact of datacenter usage, so it’s a great idea.

    (tags: algorithms sorting quicksort vectorization simd avx512 avx2)

Comments closed

Links for 2022-06-02

  • Two million people in UK living with long Covid

    Prof Danny Altmann, an immunologist and expert on long Covid at Imperial College London, described the latest figures as alarming:

    “They put to rest any vestige of hope that long Covid would somehow be just a thing of the early waves, would diminish in times of vaccination or ‘milder’ variants, or would just trail off. We’ve now created a far larger cohort of the chronically unwell and disabled than we previously had, say, within the entire national burden of rheumatoid arthritis, its healthcare costs, associated loss to quality of life and to the workplace. This couldn’t be further from ‘living with Covid’. It does necessitate some policy discussions, nationally and internationally.”
    Sadly, I think the same applies here in Ireland too.

    (tags: epidemic health medicine covid-19 sars-cov-2 long-covid disability)

Comments closed

Links for 2022-06-01

  • Intrahost evolution and forward transmission of a novel SARS-CoV-2 Omicron BA.1 subvariant

    This is an incredible pre-print — “We describe a persistent SARS-CoV-2 Omicron BA.1 infection in an immuno-compromised individual during a 12-week period, and document the accumulation of eight additional amino acid substitutions in the already antigenically-distinct Omicron BA.1 spike protein.” A SARS-CoV-2 variant evolving in a single person in real time!

    Persistent SARS-CoV-2 infections have been reported in immune-compromised individuals and people undergoing immune-modulatory treatments. It has been speculated that the emergence of antigenically diverse SARS-CoV-2 variants such as the Omicron variant may be the result of intra-host viral evolution driven by suboptimal immune responses, which must be followed by forward transmission. However, while intrahost evolution has been documented, to our knowledge no direct evidence of subsequent forward transmission is available to date. Here we describe the emergence of an Omicron BA.1 sub-lineage with 8 additional amino acid substitutions within the spike (E96D, L167T, R346T, L455W, K458M, A484V, H681R, A688V) in an immune-compromised host along with evidence of 5 forward transmission cases. Our findings show that the Omicron BA.1 lineage can further diverge from its exceptionally mutated genome during prolonged SARS-CoV-2 infection; highlighting an urgent need to employ therapeutic strategies to limit duration of infection and spread in vulnerable patients.

    (tags: variants sars-cov-2 covid-19 evolution papers preprints immunocompromise viruses omicron)

  • Docker build cache sharing on multi-hosts with BuildKit and buildx

    decent speed improvements by sharing a layer cache between hosts

    (tags: docker building compilation ci tweaks containers)

Comments closed

Links for 2022-05-31

Comments closed

Links for 2022-05-26

  • Vaccines provide poor protection against Long Covid

    Well, this is some worrying news: based on this study of 13 million people in Nature Medicine, COVID-19 vaccines only reduce Long Covid risk by 15%, with the largest risk reduction in blood clots and pulmonary sequelae, but less protection of other organ systems. Also, post-vaccination, immunocompromised people have a higher risk of Long Covid than others. As the author says: “Now that we know that vaccines are not sufficient as a sole line of defense, we need to urgently develop and deploy additional layers of protection to reduce risk of Long Covid. These may include vaccines specifically designed to reduce risk of Long Covid, and therapeutics that could be taken in the acute phase to reduce risk. Paxlovid and other antivirals must be urgently tested in trials for Long Covid.” (via Akiko Iwasaki)

    (tags: long-covid covid-19 vaccines risks disease paxlovid papers)

  • Interferon autoantibodies implicated in COVID-19 risk

    New PNAS paper, discussed in this week’s TWiV episode — _The risk of COVID-19 death is much greater and age dependent with type I IFN autoantibodies_:

    There is growing evidence that pre-existing autoantibodies neutralizing type I interferons (IFNs) are strong determinants of life-threatening COVID-19 pneumonia. It is important to estimate their quantitative impact on COVID-19 mortality upon SARS-CoV-2 infection, by age and sex, as both the prevalence of these autoantibodies and the risk of COVID-19 death increase with age and are higher in men. Using an unvaccinated sample of 1,261 deceased patients and 34,159 individuals from the general population, we found that autoantibodies against type I IFNs strongly increased the SARS-CoV-2 infection fatality rate at all ages, in both men and women. Autoantibodies against type I IFNs are strong and common predictors of life-threatening COVID-19. Testing for these autoantibodies should be considered in the general population.
    I would have thought that type I interferons are a fairly critical part of the immune system, and the idea that people are happily walking about with autoantibodies to them is pretty crazy, but that seems to be the implication here.

    (tags: autoantibodies interferon health medicine disease covid-19 papers ifns interferons sars-cov-2)

Comments closed

Links for 2022-05-23

  • Predatory community and affinity fraud in crypto

    Groups that operate under the guise of inclusion, regardless of their intentions, are serving the greater goal of crypto that keeps the whole thing afloat: finding ever more fools to buy in so that the early investors can take their profits. And it is those latecomers who are left holding the bag in the end. With projects that seek to provide services and opportunities to members of marginalized groups who have previously not had access, but on bad terms that ultimately disadvantaged them, we see predatory inclusion. With projects that seek to create new communities of marginalized people to draw them in to risky speculative markets rife with scams and fraud, we are now seeing predatory community.

    (tags: blockchain capitalism fraud community crypto web3 communities diversity greater-fool-theory bitcoin)

Comments closed

Links for 2022-05-21

Comments closed

Links for 2022-05-16

Comments closed

Links for 2022-05-13

  • Researchers Pinpoint Reason Infants Die From SIDS

    This is a great breakthrough for such a tragic disease, and one which has led to terrible miscarriages of justice.

    SIDS refers to the unexplained deaths of infants under a year old, and it usually occurs while the child is sleeping. According to Mayo Clinic, many in the medical community suspected this phenomenon could be caused by a defect in the part of the brain that controls arousal from sleep and breathing. The theory was that if the infant stopped breathing during sleep, the defect would keep the child from startling or waking up.  The Sydney researchers were able to confirm this theory by analyzing dried blood samples taken from newborns who died from SIDS and other unknown causes. Each SIDS sample was then compared with blood taken from healthy babies. They found the activity of the enzyme butyrylcholinesterase (BChE) was significantly lower in babies who died of SIDS compared to living infants and other non-SIDS infant deaths. BChE plays a major role in the brain’s arousal pathway, explaining why SIDS typically occurs during sleep.  Previously, parents were told SIDS could be prevented if they took proper precautions: laying babies on their backs, not letting them overheat and keeping all toys and blankets out of the crib were a few of the most important preventative steps. While safe sleep practices are still important for protecting infants, many children whose parents took every precaution still died from SIDS. These parents were left with immense guilt, wondering if they could have prevented their baby’s death. Dr. Carmel Harrington, the lead researcher for the study, was one of these parents. Her son unexpectedly and suddenly died as an infant 29 years ago. In an interview with the Australian Broadcasting Corporation (ABC), Harrington explained what she was told about the cause of her child’s death.  “Nobody could tell me. They just said it’s a tragedy. But it was a tragedy that didn’t sit well with my scientific brain.”  Since then, she’s worked to find the cause of SIDS, both for herself and for the medical community as a whole. She went on to explain why this discovery is so important for parents whose babies suffered from SIDS.  “These families can now live with the knowledge that this was not their fault,” she said.
    (via Damien)

    (tags: healthcare medicine parenting science via:damienmulley sids diseases neurochemistry)

  • CeP Heating System | EcoVolt – Innovation in Energy

    Interesting green retrofitting product — it’s a large, wall-sized electric heating panel that mounts seamlessly in plasterboard and can be painted — so like a large, invisible radiator which can run off solar PV.

    (tags: solar pv retrofitting heating home radiators ecovolt)

  • Chat Control

    “The End of the Privacy of Digital Correspondence”:

    The EU wants to oblige providers to search all private chats, messages, and emails automatically for suspicious content – generally and indiscriminately. The stated aim: To prosecute child pornography. The result: Mass surveillance by means of fully automated real-time messaging and chat control and the end of secrecy of digital correspondence. Other consequences of the proposal are ineffective network blocking, screening of person cloud storage including private photos, mandatory age verification leading to the end of anonymous communication, censorship in Appstores and the paternalism and exclusion of minors in the digital world.

    (tags: surveillance censorship chat-control eu laws messaging apps privacy data-privacy)

  • Thought-terminating cliché

    A thought-terminating cliché (also known as a semantic stop-sign, a thought-stopper, bumper sticker logic, or cliché thinking) is a form of loaded language, often passing as folk wisdom, intended to end an argument and quell cognitive dissonance. Its function is to stop an argument from proceeding further, ending the debate with a cliché rather than a point.
    Examples: “it is what it is”, “it’s in God’s hands”, “YOLO”, or the Irish favourite: “we all partied”

    (tags: cliches semantics logic cognitive-dissonance arguing arguments via:mltshp)

  • CarTrawler

    the un-skinned booking site for car hire

    (tags: cars car-hire holidays vacation)

Comments closed

Links for 2022-05-10

  • “Hypercoagulation” as a potential long COVID sign

    Interesting Twitter thread discussing a potential treatment for long COVID — no interest in providing even the relevant _tests_ in the UK, so a British kid was brought to Germany to receive the treatment, and is now responding well. Here’s details on the specific biosigns:

    Her fluorescent microscopy showed very hyperactivated sticky platelets. Mine are on the right for comparison. She also had microclots and evidence of endothelial damage (but latter not severe). I believe she was the first UK child under 12 to have these tests done. The platelets and microclots show that her blood is ‘hypercoaguable’ – too sticky. These may be blocking up the very small blood vessels that allow oxygen into muscles and nerves, which could explain some of her symptoms.

    (tags: platelets microclots long-covid treatments hypercoagulation covid-19)

  • “The first Starlink war”

    Very interesting thread from Trent Telenko on how a Ukrainian GIS app, combined with Starlink internet access, has created 21st century artillery warfare and outflanked the Russia military:

    Ukraine’s ‘GIS Art for Artillery’ app combined with Starlink actually gives the Ukrainian military measurably better than US Military standard artillery command and control. The Ukraine War is the first Starlink War & the side with Starlink is beating the side without.
    This is pretty nuts. On the other hand, though, Starlink’s operational security is now critically important, and doubtless being heavily targeted by Russian hackers, and Ukraine’s tactics are reliant on the vagaries of Elon Musk… Source twitter thread:

    (tags: starlink artillery internet gis elon-musk warfare tech gis-art)

  • Trino | Project Tardigrade delivers ETL at Trino speeds to early users

    This looks fantastic — Trino (nee Presto) adds some significant improvements for long-running and heavyweight query support.

    When your long-running queries experience a failure, they don’t have to start from scratch. When queries require more memory than currently available in the cluster they are still able to succeed. When multiple queries are submitted concurrently they are able to share resources in a fair way, and make steady progress.

    (tags: trino presto sql storage querying etl batch scheduling)

  • metabolically-led post-exertional symptoms in Long COVID

    Interesting thread from a Mount Sinai-based lab discussing the side effects of possible mitochondrial dysfunction and oxidative stress:

    Our cells use a very specific fuel source called ATP that is produced in a part of the cell called the mitochondria. Unfortunately, ATP also fuels the cellular activities of viruses. As such, when a virus enters our cells it quickly hijacks our mitochondria to fuel viral replication and other viral activities. In other words when you are infected by a virus like #COVID19, you are infected by a little energy thief: taking your hard-earned ATP and using it for its own purposes. Not only does this mean that the virus is proliferating on stolen energy (rude!) but it also means that your cells must perform their regular functions with far less energy. So this is where things get cyclical: we have hijacked mitochondria resulting in inefficient, “stressed“ cells. Our cells are producing energy “for two” now, but barely managing to function, leading to the overproduction of reactive oxygen species (ROS), which we can think of as the “exhaust fumes” of our mitochondria. ROS are bad characters – systemically, they can trigger inflammation and hypocapnia. Unfortunately, once the body is experiencing oxidative stress, the mere act of producing more energy starts to damage the mitochondria.

    (tags: mitochondria oxidative-stress long-covid covid-19 dysautonomia mcas inflammation)

  • SARS-CoV-2 Omicron Variant is as Deadly as Previous Waves After Adjusting for Vaccinations, Demographics, and Comorbidities

    The numbers are in; omicron was as severe as previous variants, it was just that people had been vaccinated. (preprint)

    (tags: omicron covid-19 severity vaccination diseases epidemiology)

Comments closed

Links for 2022-05-04

Comments closed

Links for 2022-05-03

Comments closed

Links for 2022-05-02

  • “Living with COVID” has been a lie

    This is a fantastic thread from Luca Ferretti:

    “Living with COVID” has been a lie. Not because it isn’t possible, or because it isn’t the right goal. But in practice it has clearly morphed into “let’s stop talking about COVID, and the problem will disappear by itself”. A dangerous and irresponsible bet. Most of the political & health authorities have implicitly chosen to rely mainly on vaccination to control COVID. A reasonable choice… if only the vaccination campaign would have aimed at protecting the entire population with sterilising vaccines adapted to the new variants. Instead, despite hundreds of vaccines in the pipeline, there are no next-generation or sterilising vaccines on the horizon… little large-scale clinical trials (apart from Israel)… and few updated vaccines against variants (Moderna’s Omicron-Delta booster and little else). Of course, protection for children has been repeatedly delayed (English kids between 5-11 were vaccinated only last month) and kids under 5 are still unprotected worldwide, with the laudable exception of Cuba. Everybody’s waiting for the US FDA, whose intentions are unclear. It is truly depressing to see so little and slow concrete progress on what is meant to be “the ultimate weapon” against SARSCoV2. It seems to suggest that we don’t really rely so much on it, and that we’re satisfied with postponing the problems until the next not-so-mild variant. Simple precautionary public hygiene measures – face masks and ventilation – are mostly ignored. Testing and surveillance, downsized or limited. And the growing stress on the healthcare system is being swept under the carpet, even as we risk paying the price for it for years. This is not the product of any large conspiracy. It is simply the result of a combination of neglect, inertia, bureaucracy, selfishness, careerism, lack of long-term perspective and so on, among some (though not all!) politicians, doctors, academics, bureaucrats and others…

    (tags: covid-19 sars-cov-2 public-health medicine healthcare pandemics vaccination)

Comments closed

Links for 2022-04-25

  • CoVariants

    Ireland is included:

    These graphs show [COVID-19] cases per million for selected countries, coloured by the estimated frequency of variants. Only a small percentage of cases are sequenced in most countries, therefore these graphs show the reported case numbers coloured by the frequency of variants detected by sequences in these countries – which may represent <5% of cases.

    (tags: sars-cov-2 covid-19 cases variants charts graphs)

  • Bringing emulation into the 21st century

    Well executed satire:

    An 8080 microprocessor utilising a modern, containerised, microservices-based architecture running on Kubernetes with frontends for a CP/M test harness and a full implementation of the original Space Invaders arcade machine. The full project can be found as a github organisation which contains ~60 individual repositories each implementing an individual microservice or providing the infrastructure.
    Needless to say this monster runs at approximately 1KHz, instead of the required 2MHz. A good demo of how some deliberately obtuse and inappropriate architectural decisions can really make a mess of things.

    (tags: emulation kubernetes satire k8s containers microservices yikes)

Comments closed

Links for 2022-04-21

  • GitHub has wiped out open source history by “suspending” Russian users

    This sounds like a pretty crappy way to go about things:

    It is unclear to me what GitHub’s intended result was with these account suspensions, but it appears to be incredibly destructive for any open source project that has interacted with a now-suspended account. On a service like Twitter, you can visit the placeholder profile of a suspended account and see a message communicating that the account is suspended, and other users’ @mentions of the account still link to the suspended account’s profile. On GitHub, that’s not how it works at all. Apparently, “suspending an account” on GitHub actually means deleting all activity for a user — which results in (1) every pull request from the suspended account being deleted, (2) every issue opened by the suspended account being deleted, (3) every comment or discussion from the suspended account being deleted. In effect, the user’s entire activity and history is evaporated. All of this valuable data is lost. The only thing left intact is the raw Git commit history. It’s as if the user never existed.

    (tags: github fail russia sanctions git pull-requests suspensions accounts)

Comments closed

Links for 2022-04-20

  • CVE-2022-21449: Psychic Signatures in Java

    Argh, this is a bad one:

    Recent releases of Java were vulnerable to a similar kind of trick, in the implementation of widely-used ECDSA signatures. If you are running one of the vulnerable versions then an attacker can easily forge some types of SSL certificates and handshakes (allowing interception and modification of communications), signed JWTs, SAML assertions or OIDC id tokens, and even WebAuthn authentication messages. All using the digital equivalent of a blank piece of paper. It’s hard to overstate the severity of this bug. If you are using ECDSA signatures for any of these security mechanisms, then an attacker can trivially and completely bypass them if your server is running any Java 15, 16, 17, or 18 version before the April 2022 Critical Patch Update (CPU). For context, almost all WebAuthn/FIDO devices in the real world (including Yubikeys*) use ECDSA signatures and many OIDC providers use ECDSA-signed JWTs.

    (tags: java jvm crypto security ecdsa webauthn saml jwt fail)

Comments closed

Links for 2022-04-13

Comments closed

Links for 2022-04-11

  • Data from French long COVID cohort

    This is a decent step forward in long COVID research. 968 self-selected long covid sufferers reporting their symptom progression over a year: “Proud to present our results on the course of Long Covid symptoms over time, using the @PatientsComPaRe cohort and recently published in @NatureComms. after 1 year 85% of patients still reported some symptoms; there were specific trajectories depending on symptoms (pane A). For example, 40% reported cough 60 days after symptom onset vs. 20% at 12 months after onset; 50% of patients report a considerable impact on their professional lives; Long Covid is a relapsing remitting disease. It seems that, over time, relapses tend to be less frequent; Future research will look at patient trajectories (understanding those who get better vs others) and looking at biomarkers of long COVID”.

    (tags: long-covid covid-19 papers france symptoms)

Comments closed

Links for 2022-04-08

Comments closed

Links for 2022-04-07

  • “FAANG promo committees are killing Kubernetes”

    This makes a lot of sense. Letting “working for a big software company” be the only way to effectively get paid to collaborate on open source wasn’t a great idea.

    Promo committees have, for years now, been consistently undervaluing the work of full-time Kubernetes contributors. Or really of open source work more broadly. Attributable revenue has been taking over as one of the most important factors at most companies. And Kubernetes has very little of that. It’s happened gradually, and I don’t think this was ever an intended outcome but it’s a thing and we have to live with it. It’s too indirect, fixing a bug in kube-apiserver might retain a GCP customer or avoid a costly Apple services outage, but can you put a dollar value on that? How much is CI stability worth? Or community happiness? And then add on top of it, the time cost. “FOSS maintainers are overloaded” should not be news to anyone, but now add 20/hours a week of campaigning to other high-level folks to “build buzz” for your work and let me know how that goes.

    (tags: k8s open-source google amazon faang work promotions career)

  • Absolutely mad numbers on Long COVID from the UK

    via Dr. Deepti Gurdasani: ‘1.7 million people now living with long COVID (28 day definition) – that’s 1 in 37 people in the community; 780,000 have had this for *more than a year*; at least 334,000 got it during the omicron wave (impact since Feb not felt yet) increases are disproportionately high among young children — which is likely a combination of mass exposure and lack of vaccinations & other protections.’

    (tags: long-covid covid-19 society health uk pandemics future)

Comments closed

Links for 2022-04-05

  • aws aws-sdk containers docker eks ec2 bugs fail imdsv2)

  • Russia’s plans for Ukraine

    This is absolutely horrific — if this is an accurate output of the state (and I don’t doubt it is), then it’s a blueprint for current and future war crimes. ‘Russian state-owned propaganda outlet RIA published the new programmatic article with the title “What Russia must do with Ukraine”. The article reveals a detailed plan for a genocide, starting from full elimination of Ukrainian state.’

    (tags: genocide politics russia ukraine war)

Comments closed