Sometimes it's hard to distinguish that from "I block all the people who argue in bad faith and are only trying to get a rise out of me".
I ain't got time for stupid bullshit like that.
Oh, there we go, the Matrix server finally got caught up for a moment. Now I can retry sending those messages
How it started: I should switch my backups for one machine from level 0 dumps to incrementals
How it's going: OK, so I fixed the issue with the certificate expiring during the backup even though it was renewed seconds before the backup kicked off, and I fixed that variable name that didn't get updated, but now I can't chat on my e2ee chat server because the disk cluster is so bogged down ALL the servers are throwing a fit and things are timing out all over the place. 🔥🔥🫣😶🌫️🙄
To me, documenting how code works feels just as good as writing new code. I know how much time it's going to save people (likely me) in the future.
I suppose it's really just my low time preference showing. 😂
If you hang out with the people across the pond often enough, you tend to pick up some of their lingo pretty quickly and inadvertently.
Here's the code I wrote to demonstrate the math of how whisper addresses fit together. It's super cool (for people who are into this kind of stuff)
I don't know what I was supposed to be doing tonight, but what I actually did was:
- Designed a new planter pot in CAD
- Started a 3D print for a friend (several times)
- Found out that I'm having build plate adhesion problems (yes, even with hairspray) and I probably need to get a new build plate which I will treat better
- Researched #Bitcoin whisper addresses & put together a demo app
- Looked into a couple projects that might enable me to use a modern USB keyboard over PS2 (this is important to me because it would close a security weakness in my Qubes setup by disallowing USB keyboards access to dom0)
Maple syrup season. https://www.allforgardening.com/756698/maple-syrup-season/
#countrylife #farming #gardening #homesteading #self-sufficiency
That's a HUGE amount of syrup! Congratulations on the harvest.
We only have like a half a pot of sap (maybe a couple gallons) so we're not even thinking about cooking it down yet.
#PrivacyTechPro tip: Qubes OS assumes vulnerabilities and has been designed under the assumption that they will be exploited.
I received a comment that I feel is important to address on Qubes OS and Xen security:
-----
"Xen can give false sense of security too, there was years undiscovered vulnerability that allowed escape from domU to dom0."
-----
I hear you. Though I wouldn't accuse Qubes OS of encouraging a false sense of security. No OS is without vulnerabilities.
Qubes OS assumes vulnerabilities and has been designed under the assumption that they will be exploited.
Xen security advisories are tracked on qubesos website.
"Qubes OS uses the Xen hypervisor as part of its architecture. When the Xen Project publicly discloses a vulnerability in the Xen hypervisor, they issue a notice called a Xen security advisory (XSA). Vulnerabilities in the Xen hypervisor sometimes have security implications for Qubes OS. When they do, we issue a notice called a Qubes security bulletin (QSB). (QSBs are also issued for non-Xen vulnerabilities.)"
https://www.qubes-os.org/security/xsa/
https://www.qubes-os.org/security/qsb/
"In building Qubes, our working assumption is that all software contains bugs. Not only that, but in their stampeding rush to meet deadlines, the world's stressed-out software developers are pumping out new code at a staggering rate — far faster than the comparatively smaller population of security experts could ever hope to analyze it for vulnerabilities, much less fix everything. Rather than pretend that we can prevent these inevitable vulnerabilities from being exploited, we've designed Qubes under the assumption that they will be exploited. It's only a matter of time until the next zero-day attack.
In light of this sobering reality, Qubes takes an eminently practical approach: confine, control, and contain the damage. It allows you to keep valuable data separate from risky activities, preventing cross-contamination. This means you can do everything on the same physical computer without having to worry about a single successful cyberattack taking down your entire digital life in one fell swoop. In fact, Qubes has distinct advantages over physical air gaps.
Made to support vulnerable users and power users alike
Qubes provides practical, usable security to vulnerable and actively-targeted individuals, such as journalists, activists, whistleblowers, and researchers. Qubes is designed with the understanding that people make mistakes, and it allows you to protect yourself from your own mistakes. It's a place where you can click on links, open attachments, plug in devices, and install software free from worry. It's a place where you have control over your software, not the other way around. (See some examples of how different types of users organize their qubes.)
Qubes is also powerful. Organizations like the Freedom of the Press Foundation, Mullvad, and Let's Encrypt rely on Qubes as they build and maintain critical privacy and security internet technologies that are in turn relied upon by countless users around the world every day. Renowned security experts like Edward Snowden, Daniel J. Bernstein, Micah Lee, Christopher Soghoian, Isis Agora Lovecruft, Peter Todd, Bill Budington, and Kenn White use and recommend Qubes.
Qubes is one of the few operating systems that places the security of its users above all else. It is, and always will be, free and open-source software, because the fundamental operating system that constitutes the core infrastructure of our digital lives must be free and open-source in order to be trustworthy."
#cybersecgirl #qubesos #privacy #security #osint #infosec #linux
The TL;DR is that even though Qubes is not some perfect, magical, guaranteed-to-be-impenetrable thing, it's still what security experts widely agree os the best thing out there.
I'm investigating (and doing security analysis on) #bitcoin whisper addresses. Every transaction goes to different address but unlike publishing your xpub, these addresses are not linkable to one another.
The drawback is that the sender needs to send the recipient a number. Without that number, the recipient will never be able to find nor access the money.
If other people were able to get ahold of this number, they would NOT be able to see any money movement; it has to be combined with the recipient's private key to be of any use.
The thing I need to go through in detail is the ECC part. I think it's solid, but my knowledge of ECC is very practical and less theoretical, so I want to review what the academic cryptographers have to say about these operations and their theoretical safety. I just want to make sure they are not any weird edge cases before I really start promoting whisper addresses.
I'm trying to figure out if my preservation skills are valuable (to others). Would you be willing to buy a pint of dehydrated diced apples for 21K sats +shipping?
It would not come with the pint jar. You can supply your own.
I kinda want to buy and dehydrate more apples, but we are already headed for being over budget this month for food. So unless I can earn some money in the process, I'll just buy & dry apples next year (because these sale prices aren't going to last forever).
Birkin extremely root bound! How do I repot this? https://www.allforgardening.com/756394/birkin-extremely-root-bound-how-do-i-repot-this/
#philodendron #Philodendronplants
Spread the roots apart as best you can and aim them in different directions when you put it in the new pot. You don't want it to remain a big wad of roots after repotting.
A common technique to accomplish this is to put a layer of dirt in the new pot, then a cone of dirt on top of that. The plant goes around that pyramid shaped cone so the roots are going in all different directions. Then fill the rest of the pot to cover the root.
The old dirt can stay, or if it falls out, that's fine too.
#gardening
I know some people think there shouldn't be any laws, but for everyone else, I have a suggestion:
support laws that are targeted at the behavor you want to change!
For example, if you don't like people taking things that do not belong to them, pass a law that prohibits this behavior.
Do not attempt to solve this problem by outlawing radios which some people claim could be used to steal cars. People using radios is not the problem you are trying to solve here.
Heck, I'd go as far to say unlocking cars that do not belong to you is not the problem. If nothing was stolen, and no damage was done, then why should it be a crime?
This applies to so many other things: encryption, knives, guns, 3D-printers, KYC laws... the list goes on and on. Outlaw kidnapping, battery, assault, murder, theft and so forth. Outlawing the tools people use to achieve these ends is always going to be ineffective at accomplishing the goal.
Relevant story: https://uk.pcmag.com/security/150834/canada-to-ban-flipper-zero-devices-over-car-thefts
I can't see the post you are quoting, so I'll just assume that it is Satoshi Nakamoto, back from the grave.
Cool! I look forward to it.
A thing we found helpful in cutting costs in our household is dried beans. They're cheaper, last longer on the shelf, taste better, and if you have a pressure cooker it's almost no extra work. It takes about an hour cook time, but it's only a couple of minutes of touch time to dump in beans, water, and spices.
The InstantPot was well worth the investment for us. We ended up buying a second (larger) one after we used the first one for a few months. 5/5, would recommend!
Honestly, I learned much of this by having my significant other do hundreds of hours of research (they enjoy learning about plants), and much more by personal experience.
Raised garden beds do live up to most of the hype. There is still weeding to do because seeds fall down into the bed, but it's reduced from what you get on the ground.
There's an art to choosing where to plant things and I'm afraid it comes down to trial and error due to differing micro-climates.
For example, put the peas in full sun and they'll be dead by June or July at best. Put them in full sun and then plant something that is tall enough to shade them that will grow up by mid-May and you can extend that pea harvest longer. Of course if you fail to water them, even for one day (or multiple times a day on hot sunny days), they're going to wither and die. I wish this were an exaggeration.
Another example is that we planted 3 pawpaw trees at the same time, probably about 7 years ago now. All in full sun, but one of them was a foot or two lower in elevation than the others. That one is about 30cm tall. The middle one is just over a meter tall and only has a few small branches. The largest one is about 2 meters tall and has a bunch of nice looking branches and is a great shape. The difference? The cold air fell down to where the small one was and it got harsher frosts in the Spring when it was young, which set it back considerably (2 years in a row!). The medium one was that we didn't weed around it often enough, and so it was starved for light. We also made the mistake of not mulching around them when we planted them, which means the grass was preventing them from absorbing the quantity of water that they wanted. We have 2 of 3 of then mulched now and plan on mulching the third one, probably this year.
But you look online and what do people say? You **should** mulch around your trees. It sounds optional, and if you're willing to wait 15 years before you get your first fruit, and possibly have to start over sometimes, I guess it is optional. We are ~7 years in and we saw exactly one fruit start to set between the three of them (and we never got that one either, it probably went to some animal).
Other times people seem to imply a bunch of things are vital and we've found we can just skip that extra work and it turns out just fine.
My best advice, read when the seed packets say, and then just try some stuff. Knowing how to diagnose what went wrong is key, and there are often guides for that based on what you're seeing. For example, "help, my kale leaves have holes" will lead you to some insect is eating them, and then you'll find out it's likely cabbage moths (and can visually confirm it by catching one in the act), and then you can search for how to deal with cabbage moths.
If you can't tell if something is too much water of not enough (they symptoms can be very similar), just go one way and see if it gets better or worse. It takes time and effort, but if you want homegrown food, that's the price you have to pay.
When do you trust that your webcam and microphone are not spying on you?
Fo me, it's: when it is physically unplugged. And even then, I usually turn it away in case I made a mistake and unplugged the wrong USB cable.
It's not that I think the software protections I have set up are worthless, but I'm more confident in attackers' inability to get around physics than their inability to get around software restrictions.
Even a system that is security hardened AF, can have vulnerabilities. Xen has had vulnerabilities in the past, and a subset of them did affect Qubes.
Besides, unplugging things is **so simple** to do and so easy to verify, I just do that when they're not in use. And when they are in use, I trust #Qubes to keep the feeds limitied to the qubes to which I have granted access.
Blocking Tor users or treating them as second class citizens is a choice. And if companies do so without realizing it means two things:
1. They don't understand their own technology stack
2. They didn't test it
The Bitrefill website loaded just fine with Tor. No captchas, no hassles or extra loading pages.
TheBitcoinCompany loaded fine too, but as soon as I clicked on "Gift Cards" on the top menu, thr page (app.thebitcoincompany.com) failed to load.
Guess I know which company I'll be patronizing. Join me in this effort. I'll call them out publicly and you don't even need to download Tor browser, let alone use it.
Yes. That works well for opportuniatic food, specifically for perennials. We're doing that with things like kale on our own property which can overwinter just fine. It still requires watering, weeding, pest control, harvesting, cleaning, and preparing/cooking/preserving them. But planning a location is only done once, there are no trellises to build and maintain. If planted in an ideal place and in a large enough quantity, they might do well enough with rainwater (directly from the sky, not the rain barrel). Vegetables are pretty thirsty, which means there are fewer locations suitable to get a decent harvest of fruiting bodies without watering.
Many people promoting the idea of food forests online seem to think you can just pick go out and pick apples or harvest kale and eat it without doing any other work. This may be more or less true at some times of year, but whether there is enough of not is a very different question. And getting a variety of food and nutrition all year around is something I've never seen anyone demonstrate.
Annuals are more difficult. You *can* just let things self-sow, but at a minimum there's still the watering, weeding and pest control. If you want to have a chance at a reliable food source, you'll want to make sure the tomatoes don't attempt to grow in the shade, and that they don't come up too early or too late. Tomatoes, beans, peas and others need trellises. Sure, you could let them grow up a tree, but unless you're going to climb it to pick beans, you won't get nearly as much food. Trellises break down every year and need repair. There's also crop rotation, cover crops, adding compost as the soil level goes down, and a ton of other things that seem optional to people who have only been growing for a few years.
Can all of these things just happen to work out, where the seeds land in a good spot, germinate, and do so at the right time, outcompete the non-food producing plants, and get enough water to grow fast enough and produce a bounty for people to eat? Absolutely. In fact, it's almost inevitable that this will happen sometimes.
And will all this food growing cause the rabbit and cabbage moth population to grow to consume said bounty? Maybe not the *entire* bounty, but it can be a serious problem.
I guess what I'm trying to say is that food forests are things we should do, but not a thing that I've seen evidence that they can produce enough, year around, for even a subset of the people who live nearby, let alone do so reliably, year after year.
We should do the permaculture things too, like companion planting. And we do here at my house. We're working on a watering system with will reduce the amount of our labor. We are actively working on this, and have been for years.
And maybe this year we will be able to grow, process and freeze a year's worth of tomatoes in a single season. Maybe we'll be able to grow more calories than we need, and do so in a way that doesn't take hours every day. So much so that we can exchange food for the materials needed to build trellisis and replace rain barrels when ours wear out.
We're going to keep improving. And I'm going to keep writing open source software in my "free time". But I'm skeptical that even just food production can be done with casual labor, let alone all the modern conviences we have grown accustomed to (lumber, dinner plates, knives, electricity, and yes also computers, cell phones, & social media). 😃
I do welcome any suggestions people have. But if you're about to say "why don't you just XYZ", and it's something you haven't personally done, nor have you read about how it addresses all the issues above. Just don't. It'll save us from having an unplesant interaction. I want input from doers, not armchair analysts.