Author Archives: pappp

Tech firms “can and must” put backdoors in encryption, AG Barr says

Source: Ars Technica

Article note: William Barr, once again, doesn't like facts. There is no such thing is a MITM/Back-door which can't be abused by anyone who figures out how it works and/or gains access to the escrow. The math for such a thing has not been invented, and may not even be possible.
Graffiti urging people to use Signal, a highly encrypted messaging app, is spray-painted on a wall during a protest on February 1, 2017 in Berkeley, California.

Enlarge / Graffiti urging people to use Signal, a highly encrypted messaging app, is spray-painted on a wall during a protest on February 1, 2017 in Berkeley, California. (credit: Elijah Nouvelage | Getty Images)

US Attorney General William Barr today launched a new front in the feds' ongoing fight against consumer encryption, railing against the common security practice and lamenting the "victims" in its wake.

"The deployment of warrant-proof encryption is already imposing huge costs on society," Barr claimed in remarks at a cybersecurity conference held at Fordham University Tuesday morning. Barr added that encryption "seriously degrades" law enforcement's ability to "detect and prevent a crime before it occurs," as well as making eventual investigation and prosecution of crime more difficult.

The existence of encryption means "converting the Internet and communications into a law-free zone" that criminals will happily take advantage of to do more crimes, Barr added, likening it to a neighborhood that local cops have abandoned.

Read 14 remaining paragraphs | Comments

Posted in News | Leave a comment

Server Updated

The server that hosts this page was updated from Debian Jessie (8) through Stretch (9) and onto Buster (10) over the course of a few hours today. It involved surprisingly little suffering and should not affect functionality, please let me know if you find anything left in a broken state.

I didn’t realize how long it had been since I did any manual maintenance here, apt unattended upgrades, certbot, and a few scripts for user-installed package upgrades and backup had done such a good job maintaining things just visibly enough to know it was being taken care of that I’d let it get past-due. Most of my other individually-installed boxes are Arch rolling-release machines that require a few minutes of attention every month or two, so they don’t have the periodic major breaking maintenance issue to the same degree.

Now I can let it take care of itself again until 2022 or thereabouts.
A few notes that may be useful to others under the fold.
Continue reading

Posted in Computers, DIY, General, Meta | Leave a comment

Complete run of MAKE magazine on

Source: Boing Boing

Article note: Cool. At least the main content will remain accessible regardless of what happens with the ongoing collapse of Make.

I was part of the team that launched MAKE: (a technology project magazine) and served as its editor-in-chief for 12 wonderful years. I just found out that has a searchable archive of all past MAKE: issues. Enjoy! Read the rest

Posted in News | Leave a comment

Education publisher Pearson to phase out print textbooks

Source: Hacker News

Article note: That is some heinous rent-seeking shit. Rental-only, no retention for reference, no retention for historical study knowledge undermining, no resale, with the additional detail that most online course materials are (in my experience) janky garbage. RMS' "apocalyptic prophet" status continues to firm up.
Posted in News | Leave a comment

Author discusses his new book on teaching undergraduates

Source: Inside Higher Ed (news)

Article note: Just this little interview has several things that I don't hear said often enough and emphatically agree with. "Halfassing teaching makes everyone, yourself included, miserable" and "Undergraduate TAs who excelled in a course several semesters ago will be better at both the material and student interaction than most graduate TAs."

Professors teach; most them teach undergraduates. This is their path to self-redemption, according to The Happy Professor: How to Teach Undergraduates and Feel Good About It (Rowman & Littlefield). Bill Coplin, the author, is director and professor in the policy studies program at Syracuse University. He responded to queries about his new book.

Q: You talk about priorities in a career. What if you are at a university where a faculty member can't make teaching undergraduates a priority?

A: This is a major cause of unhappiness. If you are asked to teach undergraduates and want to be happy, give the job enough priority to help students prepare for careers and become effective citizens along with your content. Follow the strategies and tactics in the book. Research for your career can still be No. 1 if it puts food on the table, but in that case, undergraduate teaching has to be No. 2 if you want to find peace in teaching undergraduates. Once you are a tenured full professor, the priorities should reverse if you include graduate teaching. I choose to make teaching my top priority at a research university because I didn’t feel good treating paying customers [as] less than they should be. That choice has been extremely rewarding and hence, the happy professor.

Q: Assuming you are a professor where you can focus on teaching, how can you use the skills continua you outline?

A: You can do many things, but first you must focus on the important skills for careers and citizenship that your course will help students practice. Then list the skills in your syllabus and on your course evaluations. Always mention in class the skills that are being practiced and how they will help in careers and effective citizenship. For example, if you are having students conduct or think about surveys, mention that surveys are used in all professional careers, whether business, nonprofit or government, and also note that citizens need to understand the principles of survey design when making judgments about government policies and politicians.

Q: You advocate for “andragogy, not pedagogy.” What does that mean?

A: “Andragogy” is a term developed many years ago and championed by Malcolm Knowles in the 1960s. It means teaching adults, while “peda” means children. I advocate treating undergraduates as if they were adults even though many are not far along on the children-adult continuum. Treating undergraduates as children being told what to do and what to learn breeds distrust. Distrust breeds late and poorly written papers and zoning out in class. The question “why do I have to learn this?” needs to be answered with something other than “it’s good for you.” Teachers should check out Knowles’s writing to see the many and powerful differences between viewing your student as a child and not an adult.

Q: How can a faculty members become more experimental in the classroom?

A: I wrote the book so faculty can try out things that worked for me, many of which are small and don’t take a lot of time or effort. The most powerful thing they can do is to treat students or former students as advisers in some capacity. They will make suggestions on what the teacher is now doing, and after a while the teacher will come up with ideas and ask for their advice.

Q: Your advice on teaching assistants may surprise faculty members. What is their positive role?

A: I found that graduate teaching assistants did not know the content of my course since they had not taken it. Teachers will not know the abilities and knowledge base of their graduate students. They will know it for their undergraduates. Undergraduate TAs who took the course know what students need. They will help teachers avoid the tendency to teach over the heads of the majority of their students. They make it easy in a big class to make the class have a small-group feel to it. They can be used for mundane things like taking attendance or grading multichoice tests. They can help in writing and evaluating the tests. They will recruit new students. They will serve as junior partners. Just as importantly, the undergraduate TAs will learn to take responsibility, how difficult teaching is and many other things for career and citizenship. Teachers need more help as the technology becomes a larger part of education in both designing course work and coaching students on how to navigate software.

Books and Publishing
Editorial Tags: 
Is this diversity newsletter?: 
Newsletter Order: 
Disable left side advertisement?: 
Is this Career Advice newsletter?: 
Magazine treatment: 
Trending text: 
Teaching Undergrads
Trending order: 
Display Promo Box: 
Posted in News | Leave a comment

Interoperability: Fix the internet, not the tech companies

Source: Boing Boing

Article note: The idea that you must not make regulation that enshrines current incumbents gets lost in too many of these discussions, this does a good job pitching how you solve problems so they _stay solved_ instead of simply creating avenues for regulatory capture.

Everyone in the tech world claims to love interoperability—the technical ability to plug one product or service into another product or service—but interoperability covers a lot of territory, and depending on what's meant by interoperability, it can do a lot, a little, or nothing at all to protect users, innovation and fairness.

Let's start with a taxonomy of interoperability:

Indifferent Interoperability

This is the most common form of interoperability. Company A makes a product and Company B makes a thing that works with that product, but doesn't talk to Company A about it. Company A doesn't know or care to know about Company B's add-on.

Think of a car's cigarette lighter: these started in the 1920s as aftermarket accessories that car owners could have installed at a garage; over time they became popular enough that they came standard in every car. Eventually, third-party companies began to manufacture DC power adapters that plugged into the lighter receptacle, drawing power from the car engine's alternator. This became widespread enough that it was eventually standardized as ANSI/SAE J563.

Standardization paved the way for a variety of innovative new products that could be made by third-party manufacturers who did not have to coordinate with (or seek permission from) automotive companies before bringing them to market. These are now ubiquitous, and you can find fishbowls full of USB chargers that fit your car-lighter receptacle at most gas stations for $0.50-$1.00. Some cars now come with standard USB ports (though for complicated reasons, these tend not to be very good chargers), but your auto manufacturer doesn't care if you buy one of those $0.50 chargers and use it with your phone. It's your car, it's your car-lighter, it's your business.

Cooperative Interoperability

Sometimes, companies are eager to have others create add-ons for their products and services. One of the easiest ways to do this is to adopt a standard: a car manufacturer that installs an ANSI/SAE J563-compliant car-lighter receptacle in its cars enables its customers to use any compatible accessory with their cars; any phone manufacturer that installs a 3.5mm headphone jack allows anyone who buys that phone to plug in anything that has a matching plug, even exotic devices like Stripe's card-readers, which convert your credit-card number to a set of tones that are played into a vendor's phone's headphone jack, to be recognized and re-encoded as numbers by Stripe's app.

Digital standards also allow for a high degree of interoperability: a phone vendor or car-maker who installs a Bluetooth chip in your device lets you connect any Bluetooth accessory with it—provided that they support that device, or at least that they make no steps to prevent that device from being connected.

This is where things get tricky: manufacturers and service providers who adopt digital standards can use computer programs to discriminate against accessories, even those that comply with the standard. This can be extremely beneficial to customers: you might get a Bluetooth "firewall" that warns you when you're connecting to a Bluetooth device that's known to have security defects, or that appears on a blacklist of malicious devices that siphon away your data and send it to identity thieves.

But as with all technological questions, the relevant question isn't merely "What does this technology do?" It's "Who does this technology do it to and who does it do it for?"

Because the same tool that lets a manufacturer help you discriminate against Bluetooth accessories that harm your well-being allows the manufacturer to discriminate against devices that harm its well-being (say, a rival's lower-cost headphones or keyboard) even if these accessories enhance your well-being.

In the digital era, cooperative interoperability is always subject to corporate boundaries. Even if a manufacturer is bound by law to adhere to a certain standard—say, to provide a certain electronic interface, or to allow access via a software interface like an API—those interfaces are still subject to limits that can be embodied in software.

A digitally enabled car-lighter receptacle could be made to support only a limited range of applications—charging via USB but not USB-C or Lightning, or only charging phones but not tablets—and software could be written to enforce those limits. Even a very permissive "smart lighter-receptacle" that accepted every known device as of today could be designed to reject any devices invented later on, unless the manufacturer chose to permit their use. A manufacturer of such a device could truthfully claim to support "every device you can currently plug into your car lighter," but still maintain a pocket veto over future devices as a hedge against new developments that it decides are bad for the manufacturer and its interests.

What's more, connected devices and services can adjust the degree of interoperability their digital interfaces permit from moment to moment, without notice or appeal, meaning that the browser plugin or social media tool you rely on might just stop working.

Which brings us to...

Adversarial Interoperability

Sometimes an add-on comes along that connects to a product whose manufacturer is outright hostile to it: third-party ink for your inkjet printer, or an unauthorized app for your iPhone, or a homebrew game for your console, or a DVR that lets you record anything available through your cable package, and that lets you store your recordings indefinitely.

Many products actually have countermeasures to resist this kind of interoperability: checks to ensure that you're not buying car parts from third parties, or fixing your own tractor.

When a manufacturer builds a new product that plugs into an existing one despite the latter's manufacturer's hostility, that's called "adversarial interoperability" and it has been around for about as long as the tech industry itself, from the mainframe days to the PC revolution to the operating system wars to the browser wars.

But as technology markets have grown more concentrated and less competitive, what was once business-as-usual has become almost unthinkable, not to mention legally dangerous, thanks to abuses of cybersecurity law, copyright law, and patent law.

Taking adversarial interoperability off the table breaks the tech cycle in which a new company enters the market, rudely shoulders aside its rivals, grows to dominance, and is dethroned in turn by a new upstart. Instead, today's tech giants show every sign of establishing a permanent, dominant position over the internet.

"Punishing" Big Tech by Granting It Perpetual Dominance

As states grapple with the worst aspects of the Internet—harassment, identity theft, authoritarian and racist organizing, disinformation—there is a real temptation to "solve" these problems by making Big Tech companies legally responsible for their users' conduct. This is a cure that's worse than the disease: the big platforms can't subject every user's every post to human review, so they use filters, with catastrophic results. At the same time, these filters are so expensive to operate that they make it impossible for would-be competitors to enter the market. YouTube has its $100 million Content ID copyright filter now, but if it had been forced to find an extra $100,000,000 to get started in 2005, it would have died a-borning.

But assigning these expensive, state-like duties to tech companies also has the perverse effect of making it much harder to spark competition through careful regulation or break-ups. Once we decide that providing a forum for online activity is something that only giant companies with enough money to pay for filters can do, we also commit to keeping the big companies big enough to perform those duties.

Interoperability to the Rescue?

It's possible to create regulation that enhances competition. For example, we could introduce laws that force companies to follow interoperability standards and oversee the companies to make sure that they're not sneakily limiting their rivals behind the scenes. This is already a feature of good telecommunications laws, and there's lots to like about it.

But a mandate to let users take their data from one company to another—or to send messages from one service to another—should be the opener, not the end-game. Any kind of interoperability mandate has the risk of becoming the ceiling on innovation, not the floor.

For example, as countries around the world broke up their national phone company monopolies, they made rules forcing them to allow new companies to use their lines, connect to their users and share their facilities, and this enabled competition in things like long distance service.

But these interoperability rules were not the last word: the telcos weren't just barred from discriminating against competitors who wanted to use their long-haul lines; thanks to earlier precedent, they were also not able to control who could make devices that plugged into those lines. This allowed companies to make modems that could connect to phone lines. As the Internet crept (and then raced) into Americans' households, the carriers had ample incentive to control how their customers made use of the net, especially as messaging and voice-over-IP eroded the massive profits from long-distance and SMS tariffs. But they couldn't, and that helplessness to steer the market let new companies and their customers create a networked revolution.

The communications revolution owes at least as much to the ability of third parties to do things that the carriers hated—but couldn't prevent—as it does to the rules that forced them to interconnect with their rivals.

Fix the Internet, Not the Tech Companies

The problems of Big Tech are undeniable: using the dominant services can be terrible, and now that they've broken the cycle of dominance and dethroning, the Big Tech companies have fortified their summits such that others dare not besiege them.

Today, much of the emphasis is on making Big Tech better by charging the companies to filter and monitor their users.

The biggest Internet companies need more legal limits on their use and handling of personal data. That’s why we support smart, thorough new Internet privacy laws. But laws that require filtering and monitoring user content make the Internet worse: more hostile to new market entrants (who can't afford the costs of compliance) and worse for Internet users' technological self-determination.

If we're worried that shadowy influence brokers are using Facebook to launch sneaky persuasion campaigns, we can either force Facebook to make it harder for anyone to access your data without Facebook's explicit approval (this assumes that you trust Facebook to be the guardian of your best interests)—or we can bar Facebook from using technical and legal countermeasures to shut out new companies, co-ops, and projects that offer to let you talk to your Facebook friends without using Facebook's tools, so you can configure your access to minimize Facebook's surveillance and maximize your own freedom.

The second way is the better way. Instead of enshrining Google, Facebook, Amazon, Apple, and Microsoft as the Internet’s permanent overlords and then striving to make them as benign as possible, we can fix the Internet by making Big Tech less central to its future.

It's possible that people will connect tools to their Big Tech accounts that do ill-advised things they come to regret. That's kind of the point, really. After all, people can plug weird things into their car's lighter receptacles, but the world is a better place when you get to decide how to use that useful, versatile ANSI/SAE J56-compliant plug—not GM or Toyota.

(Crossposted from EFF Deeplinks)

Posted in News | Leave a comment

Prime Video Is Finally on Chromecast; YouTube on Fire TV

Source: Hacker News

Article note: Huh, Google and Amazon seem to have stopped squabbling about streaming customers. Presumably they decided they'll be able to squeeze everyone for both services, and the hardware buys are inconsequential.
Posted in News | Leave a comment

AMD Ryzen 7 3700X and Ryzen 9 3900X Offer Incredible Linux Performance

Source: Hacker News

Article note: That's mostly a good sign for all-AMD Linux workstations that have both performance and no major bullshit with drivers. raise your hand if you're surprised that systemd (and associated mono-culture) is causing a weird regression across the whole modern ecosystem? Surprised pikachu?
Posted in News | Leave a comment

Designing a proper USB-C power sink

Source: Hacker News

Article note: The RPi folks have a strange history of screwing up their USB circuits. It doesn't help that USB is more than a little insane, but the sense resistors setup is a clever, fairly obvious, and very well documented way to do cheap sensing. It's an easy fix, I wonder if/hope they'll respin the PCBs for the one extra resistor.
Posted in News | Leave a comment

Fight over surveillance cameras sent back to Fayette judge

Source: -- State

Article note: We really, really need some accountability for surveillance. A legal framework that constrains the labeling of cameras and usage of collected data would be a decent start. What exactly the access regime to the data should be is a harder competing-constraints question. A bunch of disobedient citizens with lasers could also help the problem, but that would be less elegant.

A legal fight to reveal what kind of surveillance cameras Kentucky's second-largest city has and how they're used will return to Fayette Circuit Court after an order to release the … Click to Continue »

Posted in News | Leave a comment