The Unclear Impact

Kristóf Marussy ferdium🎀 | @kristof@pleroma.marussy.com

I'm a researcher working on the extra-functional requirements and formal verification of cyber-physical system architectures.
I also like free (as in liberty) software, privacy enhancing technologies, and cryptography.

I may not be trans but transgender hating script kiddies are too incompetent to tell the difference. Donkey Kong says trans rights = human rights.

To FLOSS projects but also individuals: Please stop relying on GitHub, Discord or other proprietary services. What happened to Twitter and Unity WILL happen to them as well.

Also people shouldn't have to use proprietary software or services to contribute to FLOSS projects, that just doesn't make any sense.

java

java.lang.NullPointerException: Cannot read field “W” because “this” is null

this doesn’t sound healthy at all

(trying to cross-build a docker container for aarch64 using jlink with buildx and qemu binfmt_misc)

rust, java, cursed

i have a sudden urge to combine tauri with the jni invocation api

re: linux

@robby i accidentally rsynced something to my server into the directory named '~' instead of into my home directory, and i tried to get rid of it

(a very poor man’s deployment solution when i work on the app at https://refinery.services – rsync the jar into my home directory, then sudo mv into /var/lib where it should live and restart the corresponding systemd service. the funny thing is that this project is sponsored by amazon science, but we have our AWS guy on vacation, and debugging research software on my own VPS is much easier)

linux

so i just issued the command rm -rf ~ instead of rm -rf '~' blobfoxfacepalm

good thing i have btrfs snapshots

i wish i understood more Coq (or french in general)

No, academics do not "forget" to answer emails. They remember and feel bad about them, the guilt slowly building up, until the only way out is to fake their own death and move far, far away under a different identity to build a new life, a better one, with inbox zero and no shame

Anyways, I owe you an email.

The Right to Lie: Google's "Web Environment Integrity" Proposal is a Geyser of Badness Threatening to Swamp the Open Web.

If your computer can’t lie to other computers, then it’s not yours.

This is a fundamental principle of free and open source software. The World Wide Web abides by this principle, although we don’t often think of it that way. The Web is just an agreed-on set of programmatic interfaces: if you send me this, I’ll send you that. Your computer can construct the “this” by whatever means it wants; it’s none of the other side’s business, because your computer is not their computer.

Google’s so-called “Web Environment Integrity” plan would destroy this independence. “Integrity” is exactly the wrong word for it — a better name would be the “Browser Environment Control” plan.

In the normal world, you show up at the store with a five dollar bill, pick up a newspaper, and the store sells you the newspaper (and maybe some change) in exchange for the bill. In Google’s proposed world, five dollar bills aren’t fungible anymore: the store can ask you about the provenance of that bill, and if they don’t like the answer, they don’t sell you the newspaper. No, they’re not worried about the bill being fake or counterfeit or anything like that. It’s a real five dollar bill, they agree, but you can’t prove that you got it from the right bank. Please feel free to come back with the right sort of five dollar bill.

This is not the Open Web that made what’s best about the Internet accessible to the whole world. On that Web, if you send a valid request with the right data, you get a valid response. How you produced the request is your business and your business alone. That’s what software freedom is all about: you decide how your machinery works, just as other people decide how their machinery works. If your machine and their machine want to talk to each other, they just need an agreed-on language (in the case of the Web, that’s HTTP) in which to do so.

Google’s plan, though, steps behind this standard language to demand something no free and open source software can ever deliver: a magical guarantee that the user has not privately configured their own computer in any way that Google disapproves of.

The effrontery is shocking, to those with enough technical background to understand what is being proposed. It’s as though Google were demanding that when you’re talking to them you must somehow guarantee, in a provable way, that you’re not also thinking impure thoughts.

How could anyone ever agree to this nonsense? Must all our computers become North Korea?

The details of your own system’s configuration are irrelevant to — and unnecessary to accurately represent in — your communications with a server, just as your private thoughts are not required to be included, in some side-band channel, along with everything you say in regular language.

If a web site wants to require that you have a username and password, that’s fine. Those are just a standard part of the HTTP request your browser sends. But if a web site wants your browser to promise that it stores that username and password locally in a file named “google-seekritz.txt”, that’s not only weird and creepy, it’s also something that a free software (as in libre) browser can never reliably attest to. Any browser maintenance team worth its salt will just ship the browser with a default configuration in which the software reports that to Google when asked while, behind the scenes, storing usernames and passwords however it damn well pleases.

Indeed, the fundamental issue here is the freedom to have a “behind the scenes” at all. Environments in which people aren’t allowed to have a “behind the scenes” are totalitarian environments. That’s not an exaggeration; it’s simply the definition of the term. Whatever bad connotations the concept of totalitarianism may have for you, they come not from the fancy-sounding multi-syllabic word but from the actual, human-level badness of the scenario itself. That scenario is what Google is asking for.

My web browser (currently Mozilla Firefox running on Debian GNU/Linux, thank you very much) will never cooperate with this bizarre and misguided proposal. And along with the rest of the free software community, I will continue working to ensure we all live in a world where your web browser doesn’t have to either.

(Cross-posted at https://rants.org/2023/07/the-right-to-lie-and-google-wei/ .)

"Web Environment Integrity" explained:

1. You request content from the web site "site.example"

2. You send a photo of you to the third party "authority.example". No worries, you can blur your face.

3. authority.example ensures that you:
- have put on a hat (brands X, Y accepted)
- wear a T-shirt (brand X, Y, or Z)
- sit on a chair (type C only, brand X or Y)

It gives you back a token.

4. You give the token to site.example

5. site.example serves you content

Happy open web!

drm

https://support.github.com/contact/report-abuse?category=report-content&report=RupertBenWiser&report_content_url=https%3A%2F%2Fgithub.com%2FRupertBenWiser%2FWeb-Environment-Integrity&report_id=26461279&report_type=content#contact_comments

The repository contains a proposal for a piece of malware which, through remote attestation, directly threatens browser diversity (by only allowing officially certified builds of a handful of browsers to access webpages), operating system diversity (by only allowing certified builds of certain operating systems), device diversity (by only allowing devices with certified firmware) and computer architecture diversity (by only allowing architectures where such certified firmware, OS, and browsers exist). As such, it poses a critical threat to innovation and free and open source software.

By taking away users’ ability to customize their user agents, computing technology not only becomes solely a vehicle for corporate profit, but we also risk extinguishing the very human curiosity and experimentation that is needed to produce the next generation of developers. More broadly, by forcing people to watch advertisements in their browser without the possibility filtering in order to access any web service (likely including government services), we expose citizens to mandatory misinformation. Locked down platforms also promote government surveillance and control, destroying democracy itself by removing the possibility of protest and dissent.

While some people might be able to buy a non-locked down device (in addition to a locked-down device required to access websites with integrity requirements), the proposal discriminates against people with no economic means to do so. Disabled people are also discriminated against, especially if they need accessibility tools not certified and locked down for attestation.

Therefore, any attempt to lock down the web and adopt DRM ubiquitously should be stopped at all costs.

drm

who will write magisk for the web and how long will they take to get hired by google anyways?

@reto it probably works – but i set up UKI and signing before systemd 253 (so no ukify) and never bothered to migrate

when my script finally broke, i was trying to fix my system that didn’t boot and just went with the first option for building a UKI from the arch wiki opened on my phone

hacked the userChrome.css of the new @thunderbird 115 a bit to make it better fit my mostly vimix themed desktop (sans the redaction bars)

https://linx.marussy.com/lhd42vo6.css

i guess i could make a theme, but this is easier blobfoxlaughsweat

screenshot of the toolbar and some of the message list view of thunderbird 115 with customized colors, increased UI density, semi-transparent search bar on the right, full width quick filter bar, and hidden year switcher in the agenda view. some mailboxes and e-mails were redacted with black bars

apparently, my EFI UKI building script hodge-podged together with objcopy stopped working, so i moved to building UKI with mkinitcpio

so far so good blobfoxcomfycomputer

the fact that some people find LLMs useful for writing code is not a credit to LLMs but an indictment of the average signal to noise ratio of code: it means that most code is confusing boilerplate -- boilerplate because a statistical model can only reliably reproduce patterns that reoccur many times across its training corpus, and confusing because otherwise-intelligent people capable of convincing a hiring manager that they are competent programmers find it easier to ask a statistical model to produce an incorrect prototype they must debug than write the code themselves. we all know from experience that most code is bad, but for LLMs to be able to write more-or-less working code at all indicates that code is much worse than we imagine, and that even what we consider 'good' code is from a broader perspective totally awful. (in my opinion, it is forced to be this way because of the way we design programming languages and libraries.)

@tuxedocomputers perfect, thanks!

Boost this toot if you quietly say hello to dogs when you see them even if they can't hear you or have a strong fantasy of committing arson against billionaires

@tuxedocomputers one more silly question about the firmware: if I get the ibp 14 gen8 without an nvidia GPU, will it still boot with secure boot enabled if i load my custom PK and KEK?

i understand that you don’t distribute kernel images signed by microsoft for your own distro (https://www.tuxedocomputers.com/en/TUXEDO-OS_1.tuxedo – “Secure Boot must be disabled in your computer’s UEFI firmware”), but i’m planning to sign my own kernel images anyway and get rid of the microsoft PK/KEK entirely

this works nicely on my ibp 14 v4 (apparently it doesn’t have anything onboard that needs a microsoft KEK to initialize properly with uefi), but that’s a clevo motherboard, not a uniwill one. does the ibp 14 gen8 firmware has anything signed with microsoft’s keys that would break if i removed the keys?

@juliank the tricky thing is what would happen if you backtrack and the clauses that were in conflict get removed (if you remove versions of packages you decide not necessarily to install on backtracking).

in this case the conflict cause would become useful once you decide to install the same package at some other branch of the search when the variables and clauses get added back again. until then, some variables would be “dangling” (appear in the lemma, but not in the problem proper)

but i guess this is not actually a problem if variables can be uniquely identified (so it is apparent when they are re-added to the problem) and you never branch on “dangling” variables blobfoxthinkgoogly

SAT solvers are weird, man

»