The surveillance state is only recording aggressive sounds so that makes it ok.

https://features.propublica.org/aggression-detector/the-unproven-invasive-surveillance-technology-schools-are-using-to-monitor-students/

The day the vnodes were reduced. Pretty interesting read.

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c9678a7ec9d5f155e1ac1c2f35e3932720940f37

TIL if you start a chrome book with a dead battery, chrome os gets confused and hides the battery meter because it apparently thinks 0% means no battery.

newlocale() arcana and POSIX updates.

https://marc.info/?l=openbsd-cvs&m=156148444031673&w=2

Rehonk because pleroma is censoring my bonks. There is now a honk testing facility.

https://honk.best/u/honkhoncho/h/8fzbdsBbG6g14H23Tx

And I just discovered that Announce doesn't properly federate from honk to pleroma. Never shows up on remote instance.

Geography quiz hoot: https://twitter.com/HarryGiles/status/1143471099021336578

@HarryGiles: let's play EDINBURGH OR R'LYEH! Which city are the authors of the following quotations describing? If you Google you're only cheating yourself. If you get 13/13 you get to keep what little sanity you have.

@HarryGiles: 1. "It seemed as if the rock and castle assumed a new aspect every time I looked at them"

@HarryGiles: 2. "A mad god's dream"

@HarryGiles: 3. "Awe at the unbelievable size of the greenish stone blocks, and at the stupefying identity of the colossal statues, is poignantly visible in every line"

@HarryGiles: 4. "This way to the stars"

@HarryGiles: 5. "Broad impressions of vast angles & stone surfaces too great to belong to anything right or proper for this earth"

@HarryGiles: 6. "Twisted menace and suspense lurked leeringly in those crazily elusive angles of carven rock"

@HarryGiles: 7. "Who indeed that has once seen [CITY] but must see it again in dreams waking or sleeping?"

@HarryGiles: 8. "It seems like a city built on precipices, a perilous city."

@HarryGiles: 9. "This profusion of eccentricities, this dream in masonry and living rock"

@HarryGiles: 10. "An unprecedented dream of a great Cyclopean city of Titan blocks and sky-flung monoliths"

@HarryGiles: 11. "It hardly resembles the work of men. It is more like a piling up of rocks."

@HarryGiles: 12. "I felt that I had seen, not one, but two cities a city of the past and of the present set down side by side"

@HarryGiles: 13. "The geometry of the place was all wrong"

@HarryGiles: Check back tomorrow for the answers, and for the next quiz, Eldritch Chanting or Hugh MacDiarmid! Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl wi cruivie and gilsanquhar and the like!

Ahhh... haha. Stupid web consoles. I created an A record for honk.best.honk.best instead of honk.best. Maybe I should just go with it.

Really digging the fact that certbot apparently requires installing both python2 and python3.

Stay tuned for more live honking as I set up a new linux server.

When I'm done with the task at hand, I'm going to find this missing command suggestion shell extension and replace it with one that says "You lack the strength to run this command." Save some time by making it totally useless.

The correct response to an operator typo should be printing an error, not telling lies. I hate this user friendly garbage.

root@ubuntu# sqlite

Command 'sqlite' not found, but can be installed with:

apt install sqlite

root@ubuntu# apt install sqlite
Reading package lists... Done
Building dependency tree       
Reading state information... Done
E: Unable to locate package sqlite

Six months after switching RSS readers, today is the first time I realized I never refollowed schneier. Didn't miss a thing.

The real question I have is why does Shinji have a tape player and not a minidisc?

My new greatest aspiration is that years from now I will read a sentence like this about honk culture.

I don’t know how the donk culture started, but apparently, it’s still a big deal in some parts of the US.

https://www.hotcars.com/10-of-the-sickest-donks-and-10-that-make-no-sense/

Requirements for trusted certificates in iOS 13 and macOS 10.15

2048 bit keys, sha256, mandatory fields.

https://support.apple.com/en-us/HT210176

🌶🌶: Imagine what the internet would be like if half the world's web sites didn't share an AS.

A manchild among childmen.

A few honk thoughts. Less is more.

Random avatars were a quick hack to get things going and keep visual noise down, but I quite like them. Saves me the burden of performing reverse avatar divination when I see somebody new to determine what kind of person they must be. I'm a purple square, you're a purple square, we're all purple squares.

Similarly with display names. Just user names here. I don't have to struggle to figure out what this or that emoji means in somebody's name.

On the whole, I think this keeps focus where it belongs, on the message not the messenger.

None of this is apparent if you've never used honk as a client, though. Honk is pretty damn simple to setup, but it's still a barrier. I have a few more things to prepare, but this week I should be able to spin up a test instance for people who want to try before they buy. And also for people just curious how things look from the other side.

What the hell? Somebody (who I don't follow) deleted a bunch of old posts (I'm guessing here), and so now every mastodon on the planet is going to spray me with deletes signed by random people? I'm not even following the people that are forwarding the deletes, either. Networking is hard, let's just spray and pray? Has nobody considered the effects of traffic amplification before?

Happy ten years of stuxnet. I'm currently reading Countdown to Zero Day which is going pretty good, although I've just begun.

I don't like how leaving private browsing mode in safari doesn't close the tabs. Still there next time you enter private mode. Could be... problematic.

The breakfast #burrito has been dethroned by breakfast enchiladas. #food

New blog post idea: Why AMP for Honk is Bad

In case you have forgotten (or never knew), Pablo Escobar's pet hippo collection continues to live and breed in the wild.

https://www.nationalgeographic.com/animals/2018/09/colombia-cocaine-hippos-rewilding-experiment-news/

Close and blockade sidewalk at both ends of the block. Leave bus stop in the middle of the block. Genius.

Pretty much this.

hoot: https://twitter.com/thegrugq/status/1141961335900499968

@thegrugq: Email and information security. As long as users always grab the correct part of the handle, there is no problem. But if they ever make a mistake there’s a world of hurt. Our solutions have basically been: • handle training • more colors • a bit less sharp • wear a glove https://pic.twitter.com/R3bjURnPdV

@thegrugq: The bloody idiots can’t even remember not to grab the wrong bit, I mean... really. It’s just common sense! Just look at it! Why would anyone even do that? It’s like they want to get cut or something, IDK.

I'm a few days behind on my everything is melting pictures.

From https://twitter.com/RasmusTonboe/status/1139504201615237120 via https://www.independent.co.uk/environment/husky-photograph-greenland-climate-change-melting-ice-photo-a8963466.html

DZ: antihonker sentiment

Fun fact: sparc64 is the only architecture to have a file named fpu_explode.c.

https://marc.info/?l=openbsd-cvs&m=156113647005489&w=2

One of the special thrills of running honk is receiving a Block, then trying to work backwards from the timestamps to determine which was the offending post. Like, wow, the posix standard is so bad you never want to see it discussed again?

Along those lines, if we really do need to federate Blocks, they probably should include a reason. "Too posixly correct." Otherwise it's not that useful as a feedback signal.

Fixed a tiny bug in honk 0.7.1. Can now unfollow people for real.

This is kinda disturbing, actually? In process memory encryption to keep the spectrehammers at bay.

https://marc.info/?l=openbsd-cvs&m=156109087822676&w=2

Yeah, that's right. In Pennsylvania we speak Pennsylvanian.

https://www.businessinsider.com/what-is-the-most-common-language-in-every-state-map-2019-6

Hahaha. Haha. Haha haha. Fucking posix standard nightmare fuel.

hoot: https://twitter.com/cperciva/status/1141852451756105729

@cperciva: I just figured out how to safely and portably close a file descriptor in a multithreaded process without running into problems with EINTR. It only took me ~7.5 years after writing this blog post: https://www.daemonology.net/blog/2011-12-17-POSIX-close-is-broken.html 1/

@cperciva: Run once: 1. Create a socket pair s[2]. 2. Write a random cookie into s[0]. To close(fd), wrapped in a mutex: 1. dup2(s[1], fd) until it succeeds or fails with !EINTR. 2. close(fd). 3. If we got EINTR, recv(fd, MSG_PEEK). 4. If we read the random cookie, goto 2. 2/

@cperciva: The first trick here is that unlike close(), dup2() has well-defined semantics in POSIX with respect to EINTR: It's atomic, so there's no way for another thread to accidentally reuse the same descriptor # between the implied close and reopen. 3/

@cperciva: The second trick here is that while we can use dup2 to guarantee that the original descriptor was safely closed, we now need to close the duplicate -- but we can distinguish between "EINTR and closed" and "EINTR and still open" by seeing if MSG_PEEK returns our magic cookie. 4/

@cperciva: If we're on a perverse OS where close(fd) can successfully close the descriptor and still return -1 / EINTR, and another thread wins a race and reuses that descriptor, there's still no way we'll see our random cookie, so we won't make the mistake of trying to close it again. 5/

@cperciva: I'm not sure that I would recommend this approach to anyone -- but it's nice to know that closing a file descriptor in a multithreaded process is in fact possible.

DZ: too much lawsplaining to even fit in a single giant twitter thread

Even dumber than giant twitter threads are giant twitter threads that get broken into pieces. Lead poisoning brought about the end of Rome; for us it will be thread poisoning.

Anyway, there was some law stuff which happened regarding web sites' obligation to host or not host content and their classification as public spaces or state actors.

hoot: https://twitter.com/Popehat/status/1141766572517650432

@Popehat: Lawsplainer: let's discuss this week's Supreme Court decision in Manhattan Community Access Corp. v. Halleck, a First Amendment case. Does it impact the debate over how websites can/should moderate? tldr: yes /1

@Popehat: /2 The Court decided Halleck 5-4, which is quite unusual for a First Amendment free speech case these days (though not for a Establishment Clause case). Kavanaugh wrote the opinion for Roberts, Alito, Thomas, and Gorsuch; Sotomayor wrote the dissent for everyone else.

@Popehat: /3 The issue at hand: New York law required cable companies to make available a public access channel for public use. Those public access channels are run by private companies. So are they "public", subject to the First Amendment, or "private," and not subject to it?

@Popehat: /4 This question goes to something called the "state action doctrine" -- only the "state" (the government) is restricted by the Constitution. Kavanaugh (in a classic display of answering the question by framing the issue) opens like this: https://pic.twitter.com/OJu8FRSmwR

@Popehat: /5 Now, state action analysis is unbearably suspenseful, so I will turn to the end -- the 5-4 majority says that the public access channel here is a private entity and not engaged in state action, because running such a channel is not a "traditional, exclusive public function."

@Popehat: /6 What's interesting (to a huge law geek like me), and meaningful to the debate over whether and how websites should moderate, is how the majority got there, and how the dissent disagrees, and how they both treat some historic decisions constantly cited in the website debate.

@Popehat: /7 The majority identifies three areas where the Supreme Court has treated private actors as engaged in state action, and thus subject to the First Amendment: https://pic.twitter.com/wEUP3ZP7Tg

@Popehat: /8 It was the first prong at issue in Halleck: is a public access channel a traditional exclusive public function? Halleck's lawyers cited -- and critics of website moderation often cite -- Marsh v. Alabama, a 1946 case that treated a "company town" as a state actor. https://pic.twitter.com/1tFYbnqaHw

@Popehat: /9 But the majority opinion blows past Marsh, putting it in a class of cases where "very few" functions like running elections or running a "company town" that can make a private entity treated as public. https://pic.twitter.com/Mh0ZkNfDPy

@Popehat: /10 Significantly, the majority also flatly rejects the "if you make something that looks like a public form, it's a public forum for state action purposes." That was always a bad argument, and the Court unequivocally rejects it. https://pic.twitter.com/1yHd1cRf6Z

@Popehat: /11 In fact, the Court points out the flip side: making private entities into state actors destroys their ability to run their property the way they like. In a footnote, the majority noted that doing so could invade the First Amendment rights of the private actors. https://pic.twitter.com/9Gi43zwGAN

@Popehat: /12 So. In the end, the majority says that running a public access cable channel is not a traditional and exclusive public function, so it's not state action when a private company does it. Treating private action as state action reduces liberty, the majority says. https://pic.twitter.com/GSpDg0BpsJ

@Popehat: /13 Now, the dissent strenuously objects, and it's 5-4. So doesn't that make this questionable law? Sort of. It makes the precise holding tenuous -- but not a lot of the underlying concepts, which the dissent endorses.

@Popehat: Thread continues here: https://twitter.com/Popehat/status/1141766588699500545

@Popehat: https://pic.twitter.com/rZxQNxM0T6

hoot: https://twitter.com/Popehat/status/1141766588699500545

@Popehat: /14 The dissent'spoint is that the state has a property interest in this public access channel required and regulated by state law to be open and assigned to a private entity for that purpose, not a private entity that decided to open its doors. Sotomayor comes out swinging. https://pic.twitter.com/KrZFGwI9iq

@Popehat: /15 But that aside, the dissent approaches many of the precedents the same way as the majority. First: on the general proposition that private spaces are not public forums. https://pic.twitter.com/LO5eWW60R7

@Popehat: /16 Moreover, the dissent throws shade on Marsh v. Alabama, suggesting it's part of a line of cases that the Court has abandoned, since moving away from seeing a private space as a public forum. https://pic.twitter.com/mRKzaYD563

@Popehat: /17 Finally the dissent makes clear that a private entity throwing upon its doors for speech does not transform itself into a state actor subject to the First Amendment unless it does so on behalf of the government. https://pic.twitter.com/X4qShGHKrL

@Popehat: /18 The cable channel in Halleck presents such an interesting and contentious issue because it is so intertwined with government -- created by government mandate, regulated by government, assigned out by government. That's not the case with social media sites.

@Popehat: Thread continues here https://twitter.com/Popehat/status/1141766596714618880

hoot: https://twitter.com/Popehat/status/1141766596714618880

@Popehat: /19 In short, Halleck shows that literally nobody on the Supreme Court agrees with the (to use the term generously) legal arguments being offered by critics of web site moderation. Nobody thinks Marsh v. Alabama makes a discussion forum into a company town and state actor.

@Popehat: /20 Moreover, everybody -- majority and dissent -- seem extremely clear that a private entity does not engage in state action subject to the First Amendment when it throws its doors open for discussion. They were always bad arguments; they are now just more conclusively so. /fin

@fireglow oh, btw, I think you have a misconfigured honk? Too many slashes in the urls.

Lots of reactions to this piece on why Google+ failed, but "yuck" and "gross" are definitely among them.

https://onezero.medium.com/why-google-failed-4b9db05b973b

Our long national nightmare is finally over. The doas environment is now safe for all. You may now have update and discover subtly broken configs nightmares.

https://marc.info/?l=openbsd-tech&m=156105665713340&w=2

Chicken roulade may not be a #burrito but I like it anyway. #food

The actual rate of bug collisions in the wild is a matter of some speculation and debate. Does happen though. Think the lesson is the faster you patch, the smaller the window of opportunity for there to be a collision. No reason to extend bug life simply because process.

"It appears that two months after Groß reported this bug to Mozilla via the organization's private Bugzilla bug tracker, the bug was exploited in live attacks, along with a sandbox escape."

Le. Sigh.

How to factory reset your lightbulb: turn it off, turn it on, off, on, off, on, ... Eight seconds every time. Hope you like counting to 8!

https://m.youtube.com/watch?v=1BB6wj6RyKo

ZIP encryption: bad for you, bad for America.

hoot: https://twitter.com/matthew_d_green/status/1141430884459044864

@matthew_d_green: Senator Wyden asks NIST to develop standards for safely sending and receiving files. This would be a modern and secure replacement for the “encrypted” ZIP files most government employees currently email each other. https://www.wyden.senate.gov/imo/media/doc/061919%20Wyden%20Sensitive%20Data%20Transmission%20Best%20Practices%20Letter%20to%20NIST.pdf

@matthew_d_green: This is actually really important. Right now on many ancient versions of Windows, when you “encrypt” (password protect) a ZIP file using the OS default utility, you get encryption using the legacy ZIP scheme, which is totally broken. 1/

@matthew_d_green: Not broken as in “you picked password kittycat1”, which would be bad enough. Broken as in, there’s a known plaintext attack on the terrible cipher of legacy ZIP that can recover the key. https://link.springer.com/chapter/10.1007/3-540-60590-8_12 2/

@matthew_d_green: This is the default ZIP encryption algorithm on Windows XP and (ugh) current versions of MacOS. To Microsoft’s credit, they removed it on more recent versions of the home version of Windows. Not sure what the Pro versions use. 3/

@matthew_d_green: But even if you use a modern ZIP utility, you’re still dealing with modestly crummy crypto. Check out the iteration count on that PBKDF2. <img> 4/ https://pic.twitter.com/GZovF1wqNb

@matthew_d_green: We cryptographers are arguing over PGP key sizes. Meanwhile government employees are emailing each other documents encrypted with a cipher that was handily broken in the 90s. 5/

@matthew_d_green: This is one of those areas (like legacy SMS) where we’ve somehow gotten stuck with the least common denominator. There’s a huge opportunity for smart people in this field to come up with something much better. 6/

@matthew_d_green: To quote @agl__ (the guy who has managed to ship post-quantum cryptography in your web browser), there’s a huge opportunity here if NIST responds and asks the community for proposals. 6/6 https://twitter.com/agl__/status/1141433190487220224?s=21

@matthew_d_green: (Also dammit, I cannot properly number a Twitter thread to save my life.)

@matthew_d_green: Government employees are doing whatever is easiest with the tools they have on their desktop. And even the AES stuff is pretty weak. (Possibly out of date but probably not.) https://pdfs.semanticscholar.org/065f/427871de7b7b3136bcdf60d88fff2e2663b4.pdf

Today's programmer nightmare fuel: [1, [2, 3]].join(";") type checks and is "1;2,3".

I'm going to say this dethrones my previous favorite fact: [1,].length != [,1].length

hoot: https://twitter.com/garybernhardt/status/1141399038111039488

@garybernhardt: Sometimes I see people say that JavaScript's extensive implicit coercion rules don't cause problems in practice. It makes me wonder how they explain all of the "NaN"s and "undefined"s that constantly show up in web app UIs.

@garybernhardt: One of the things that disappoints me about TypeScript (even though I like it overall) is that some of these persist. E.g., [1, [2, 3]].join(";") type checks and is "1;2,3". This recently caused a day-long production issue for us that completely blocked some users.

@garybernhardt: TypeScript seems to allow anything to be joined. E.g. it will happily let you do this: [5, {}, null, undefined].join(";")

@garybernhardt: Seems like this is because join is declared on ReadonlyArray<T>, and T here is number | {} | null | undefined. It makes me wish for super-strict mode: I want to tell the compiler "don't even let me call functions where you compromised on safety for compatibility's sake."

@garybernhardt: I will resist the urge to fork and edit lib/lib.es5.d.ts. I will resist the urge to fork and edit lib/lib.es5.d.ts. I will resist the urge to fork and edit lib/lib.es5.d.ts. I will resist the urge to fork and edit lib/lib.es5.d.ts. I will resist the urge to fork and edit lib/lib.

🌶️🌶️🌶️🌶️: coming soon...

Heh, so it seems big M leaks blocks by leaving @mentions unexpanded. Probably inconsequential, but funny to see.

PGP is fine.

hoot: https://twitter.com/flamsmark/status/1141390770659717120

@flamsmark: An outside contact asked for a PGP key so that they could safely send us some potentially-sensitive info. We got them a key within a few hours. It took them a week to reply with the content.

@flamsmark: And, honestly, I think that seven calendar days is a pretty impressive time for getting a PGP-compatible tool installed right, setting up your smartcards and Yubikeys, hand-editing your config so that GnuPG-Agent works correctly, and making sure that the mutt bindings work.

Using mknod() to make a fifo... https://marc.info/?l=netbsd-tech-kern&m=156085931514087&w=2