Monthly Archives: May 2022

DigitalOcean: New $4 Droplet and updated pricing

Source: Hacker News

Article note: This is a small but unfortunate price bump. Not enough to make me want to move things, but unfortunate.
Comments
Posted in News | Leave a comment

Wp-SQLite: WordPress running on an SQLite database

Source: Hacker News

Article note: The implementation is ...frightening... (it's using regex rewrite rules on something that isn't a regular language), but sqlite should really be the default back-end for most web stuff, it's wildly simpler to deal with and scales further than most users need.
Comments
Posted in News | Leave a comment

Nvidia releases open-source GPU kernel-modules

Source: Hacker News

Article note: Holy shit. It's not the whole stack (eg. they're still using their own closed source GL/CL/Vulcan/etc. implementation in libraries), and only supports the newer models, but it's a huge and unexpected improvement.
Comments
Posted in News | Leave a comment

“War upon end-to-end encryption”: EU wants Big Tech to scan private messages

Source: Ars Technica

Article note: We've been fighting this dumb bullshit for 30 fucking years now, can the authoritarians and pearl-clutchers please fuck off already? We're gonna have to have another PZ/PGP situation where someone builds a free distributed mechanism that allows individuals to bypass the bullshit, until it becomes clear what a bad idea it is.
Illustration of an eye on a digital background.

Enlarge (credit: Getty Images | Yuichiro Chino)

A European Commission proposal could force tech companies to scan private messages for child sexual abuse material (CSAM) and evidence of grooming, even when those messages are supposed to be protected by end-to-end encryption.

Online services that receive "detection orders" under the pending European Union legislation would have "obligations concerning the detection, reporting, removal and blocking of known and new child sexual abuse material, as well as solicitation of children, regardless of the technology used in the online exchanges," the proposal says. The plan calls end-to-end encryption an important security tool but essentially orders companies to break that end-to-end encryption by whatever technological means necessary:

In order to ensure the effectiveness of those measures, allow for tailored solutions, remain technologically neutral, and avoid circumvention of the detection obligations, those measures should be taken regardless of the technologies used by the providers concerned in connection to the provision of their services. Therefore, this Regulation leaves to the provider concerned the choice of the technologies to be operated to comply effectively with detection orders and should not be understood as incentivising or disincentivising the use of any given technology, provided that the technologies and accompanying measures meet the requirements of this Regulation.

That includes the use of end-to-end encryption technology, which is an important tool to guarantee the security and confidentiality of the communications of users, including those of children. When executing the detection order, providers should take all available safeguard measures to ensure that the technologies employed by them cannot be used by them or their employees for purposes other than compliance with this Regulation, nor by third parties, and thus to avoid undermining the security and confidentiality of the communications of users.

A questions-and-answers document describing the plan emphasizes the importance of scanning end-to-end encrypted messages. "NCMEC [National Center for Missing and Exploited Children] estimates that more than half of its CyberTipline reports will vanish with end-to-end encryption, leaving abuse undetected, unless providers take measures to protect children and their privacy also on end-to-end encrypted services," it says.

Read 15 remaining paragraphs | Comments

Posted in News | Leave a comment

Josh Hawley wants to punish Disney by taking copyright law back to 1909 and that sucks

Source: The Verge - All Posts

Article note: I mean, he's a giant piece of shit and targeting Disney specifically (...for reasons other than their role in the ridiculous expansion of copyright) is inappropriate but... I'd be all for going back to 28+28 copyright.
Senate Armed Services Committee
Tom Williams/CQ-Roll Call, Inc via Getty Images

I have been told to blog about Senator Josh Hawley’s new copyright bill, and I do this with nothing but the greatest reluctance. Normally, I love talking about copyright! I’ll talk about copyright all day long! [Ed note: And she does.] But writing this post is agony, because the thought of giving this absolutely asinine piece of legislation any attention is killing me on the inside.

This is a deeply unserious bill. There is not a line in it that is meant to pass muster. It is knowingly in violation of the Constitution, and an insult to the democratic process.

In brief, the bill is targeted at the Walt Disney Company, also known as,

a person that (i) has a market capitalization of more than $150,000,000,000; and (ii)(I) is classified...

Continue reading…

Posted in News | Leave a comment

Phone May Soon Replace Many of Your Passwords

Source: Hacker News

Article note: This is ...exactly the opposite... of what I want out of an auth system. I don't want to delegate auth to a phone, I trust my computers WAY more than my appliances. I don't want to delegate my trust to google or apple as the only players who support the system, and especially not doing "log in with google" so I can get locked out of unrelated accounts if they get in a "your account is deactivated because fuck you" mood or I need to kill an account. Auth is pretty well a solved problem; you use a password manager with a well-documented on-disc format, and you sync your password DB to whichever devices you want to log in from. You don't share credentials to the greatest degree possible so problems with one place don't turn into problems with others. The largest threat to most users isn't their account getting hacked, it's one of the many places they have an account getting hacked or turning malicious.
Comments
Posted in News | Leave a comment

Turbo Tax to Pay 141M in Agreement Reached by All 50 States

Source: Hacker News

Article note: Fine is less than profit from the behavior, without even getting in to externalizatities like their ongoing effort to keep the tax code incomprehensible, this is is a cost of doing business, not an effective deterrent.
Comments
Posted in News | Leave a comment

The Google Incentive Mismatch: Problems with Promotion-Oriented Cultures

Source: Hacker News

Article note: It's a problem _everywhere_ (hello academic prestige games!), but the rumor has long been is that google is the worst. It really is an ugly problem, almost _any_ incentive structure eventually turns into a perverse game.
Comments
Posted in News | Leave a comment