Why YOU Should Buy My Work

Jul. 24th, 2017 07:39 pm
kerravonsen: Crafty: a medly of beads (craft)
[personal profile] kerravonsen

Yes, YOU. Not the invisible person over your left shoulder.

Do you like subtlety, secret messages, and geekiness?

Read more... )

Do you like unique works which are impossible to replicate?

Read more... )

Do you like being able to interact with the artisan?

Read more... )

So have I convinced you yet?


Jul. 23rd, 2017 10:43 am
mindstalk: (Default)
[personal profile] mindstalk
why planes need bathroom ashtrays. if someone lights up anyway, they still need to stub it out.

Hadith revision https://www.theatlantic.com/international/archive/2017/06/islam-manuscript-discovery-istanbul/531699/

military equipment makes cops more violent https://boingboing.net/2017/07/01/cops-are-civilians.html

Captain Kirk avoiding fights https://forum.rpg.net/showthread.php?806084-Star-Trek-What-do-Command-officers-actually-do&p=21209328#post21209328

Japan's housing creativity. Houses depreciate rapidly even though they're better made than before, and have little resale value; the flip side is freedom to build your house as you please, without worrying about property values. http://www.archdaily.com/450212/why-japan-is-crazy-about-housing

A full employment plan: http://democracyjournal.org/magazine/44/youre-hired/

Oslo working on banning cars in the center: https://www.weforum.org/agenda/2017/06/this-city-found-a-clever-way-to-get-rid-of-cars-and-it-isn-t-a-ban-09e6e018-84d0-4814-9f0e-37085eaa9218/

Andrew Jackson, Trump, and the Borderers. https://www.theatlantic.com/politics/archive/2016/04/trump-and-the-borderers/477084/

If the media covered alcohol like other drugs: https://www.vox.com/2015/6/15/8774233/alcohol-dangerous


Jul. 23rd, 2017 08:32 pm
birguslatro: Birgus Latro III icon (Default)
[personal profile] birguslatro
For what it's worth, I have a Twitter account: https://twitter.com/BLatro

And, sadly, as with FB, I've been looking at it more than my DW of late. (I've just been a bit overwhelmed recently, which makes me disorganized and unproductive. (Which just makes things worse. (Though it's nothing bad - just a run-of-the-mill mess.)))

Twitter doesn't matter in the scheme of things, in that it'd be no loss to me if I didn't use it. FB's different though, in that it's the only place I make contact with some people, all of whom I knew before FB. (I'm deliberately not making new friends there.) I loathe FB as a platform as well as its business model, but what can you do? People have no taste when it comes to the net.

The one good thing about Twitter is that while it takes longer to write a tweet than it does a normal sentence, it means tweets are quicker to read. Forcing people to write frugally does have some virtues.

Drowning In Clutter

Jul. 22nd, 2017 09:18 pm
kerravonsen: Vila, worried, Avon, both looking off to the right: "We're lost, aren't we?" (lost)
[personal profile] kerravonsen

I have STUFF. It accumulates. Being a frugal, responsible person, I kept a lot of it because "it might be useful" or "somebody else might find it useful" or "I could give it away on Freecycle" or "I could sell it on Ebay". And I did none of the above. None.

The effort and stress of listing something on Ebay has obviously been too great for me to summon up the energy to do. Likewise for Freecycle. This gives me much guilt, because putting things into landfill when they could be recycled is BAD. BAD KA! BAD BAD BAD! I have thus been caught between feeling guilty if I threw it away, and feeling stressed if I didn't. Because Stuff Taking Up Space is getting to really stressful levels for me. I have all these craft materials! I need to put them somewhere! I'm running out of space!

I have finally said "enough!" (or "too much", really). Forget Ebay. Forget Freecycle. Forget them all. One phone call, and I have booked a Hard Rubbish collection. My hope is that people round about will take at least some things off the pile before it gets collected by the Local Council. Shove my guilt, the stress has just gotten TOO MUCH. Stuff it!

So. Hard rubbish. Today I've been going around the house gathering stuff and clearing away stuff. Hopefully my nephew will help me tomorrow to put heavy things outside on the kerb.

Read more... )

It will be good to get rid of it all.

birguslatro: Birgus Latro III icon (Default)
[personal profile] birguslatro
This article, titled "My father-in-law won't become a coder, no matter what economists say", makes its case but doesn't offer any solutions to the supposed coming high rates of unemployment.

The argument against becoming a coder can best be compared to reading and writing, which we mostly all can do, after a fashion. If all our other needs were met, we could spend our days reading and writing. Say, six days a week reading and one day a week writing. Assuming it took a year for each of us to write something of substance at that rate, we'd all have x billions of new writings to choose from each year. Which is quite an abundance of substantive writings. All for the cost of each of us spending a day a week 'working' at writing. At half a day's work a week we might then only have about a billion new writings to choose from, or half a billion if we only work two hours a week.

Programming's not writing, but as with writing, only a few of us would be a good fit for doing anything of substance with such a skill. Hack coders are probably of some use now, but they'd be the easiest to be replaced by software. (Written by good coders.)

The usual question asked about jobs being replaced by automation is who will have any money to buy the goods produced by all that automation? A better question is what will the few high-paid workers (and business owners) buy with their money?

One resource that isn't increasing is land, so they'll be buying that every chance they get. (Such as when the homes of the over-extended who've lost their jobs to automation become available.) Which leaves goods and services. Assuming goods are mostly produced by automation, (arty stuff aside), that leaves services. Or, as they were called in days gone by, servants. People to pamper them. Robots might suffice for some, but I'm sure most will still prefer people.

So, a full-circle most of those who've lost their jobs probably won't much like.

I don't really believe we'll reach very high rates of unemployment, mainly because it wouldn't be acceptable in democratic countries. But I think the above scenario is plausible if a managed response to the stresses of mass automation isn't worked out.

SSHG Promptfest Reveal

Jul. 21st, 2017 02:43 pm
kerravonsen: Snape, Hermione: "Believe" (Snape-Hermione)
[personal profile] kerravonsen
So, the [livejournal.com profile] sshg_promptest has completed, and the reveals are up.
I made two items for the same prompt, because it was such a fabulous prompt:

Threads. As light as gossamer or spun into a thread; holding things together at the seams; yarn woven into a tapestry or the warmest blanket; twisted into string, a cord, a rope. Threads of memory or of hair. Loose threads. (prompt by [livejournal.com profile] eoforth)

First piece: Interlocking LivesSSHG Jewellery
On Etsy (more pictures, and yes, you can buy it!!!)

Second piece: Woven Threads
On Etsy (more pictures, and you can buy this one too!)
[personal profile] mjg59
In measured boot, each component of the boot process is "measured" (ie, hashed and that hash recorded) in a register in the Trusted Platform Module (TPM) build into the system. The TPM has several different registers (Platform Configuration Registers, or PCRs) which are typically used for different purposes - for instance, PCR0 contains measurements of various system firmware components, PCR2 contains any option ROMs, PCR4 contains information about the partition table and the bootloader. The allocation of these is defined by the PC Client working group of the Trusted Computing Group. However, once the boot loader takes over, we're outside the spec[1].

One important thing to note here is that the TPM doesn't actually have any ability to directly interfere with the boot process. If you try to boot modified code on a system, the TPM will contain different measurements but boot will still succeed. What the TPM can do is refuse to hand over secrets unless the measurements are correct. This allows for configurations where your disk encryption key can be stored in the TPM and then handed over automatically if the measurements are unaltered. If anybody interferes with your boot process then the measurements will be different, the TPM will refuse to hand over the key, your disk will remain encrypted and whoever's trying to compromise your machine will be sad.

The problem here is that a lot of things can affect the measurements. Upgrading your bootloader or kernel will do so. At that point if you reboot your disk fails to unlock and you become unhappy. To get around this your update system needs to notice that a new component is about to be installed, generate the new expected hashes and re-seal the secret to the TPM using the new hashes. If there are several different points in the update where this can happen, this can quite easily go wrong. And if it goes wrong, you're back to being unhappy.

Is there a way to improve this? Surprisingly, the answer is "yes" and the people to thank are Microsoft. Appendix A of a basically entirely unrelated spec defines a mechanism for storing the UEFI Secure Boot policy and used keys in PCR 7 of the TPM. The idea here is that you trust your OS vendor (since otherwise they could just backdoor your system anyway), so anything signed by your OS vendor is acceptable. If someone tries to boot something signed by a different vendor then PCR 7 will be different. If someone disables secure boot, PCR 7 will be different. If you upgrade your bootloader or kernel, PCR 7 will be the same. This simplifies things significantly.

I've put together a (not well-tested) patchset for Shim that adds support for including Shim's measurements in PCR 7. In conjunction with appropriate firmware, it should then be straightforward to seal secrets to PCR 7 and not worry about things breaking over system updates. This makes tying things like disk encryption keys to the TPM much more reasonable.

However, there's still one pretty major problem, which is that the initramfs (ie, the component responsible for setting up the disk encryption in the first place) isn't signed and isn't included in PCR 7[2]. An attacker can simply modify it to stash any TPM-backed secrets or mount the encrypted filesystem and then drop to a root prompt. This, uh, reduces the utility of the entire exercise.

The simplest solution to this that I've come up with depends on how Linux implements initramfs files. In its simplest form, an initramfs is just a cpio archive. In its slightly more complicated form, it's a compressed cpio archive. And in its peak form of evolution, it's a series of compressed cpio archives concatenated together. As the kernel reads each one in turn, it extracts it over the previous ones. That means that any files in the final archive will overwrite files of the same name in previous archives.

My proposal is to generate a small initramfs whose sole job is to get secrets from the TPM and stash them in the kernel keyring, and then measure an additional value into PCR 7 in order to ensure that the secrets can't be obtained again. Later disk encryption setup will then be able to set up dm-crypt using the secret already stored within the kernel. This small initramfs will be built into the signed kernel image, and the bootloader will be responsible for appending it to the end of any user-provided initramfs. This means that the TPM will only grant access to the secrets while trustworthy code is running - once the secret is in the kernel it will only be available for in-kernel use, and once PCR 7 has been modified the TPM won't give it to anyone else. A similar approach for some kernel command-line arguments (the kernel, module-init-tools and systemd all interpret the kernel command line left-to-right, with later arguments overriding earlier ones) would make it possible to ensure that certain kernel configuration options (such as the iommu) weren't overridable by an attacker.

There's obviously a few things that have to be done here (standardise how to embed such an initramfs in the kernel image, ensure that luks knows how to use the kernel keyring, teach all relevant bootloaders how to handle these images), but overall this should make it practical to use PCR 7 as a mechanism for supporting TPM-backed disk encryption secrets on Linux without introducing a hug support burden in the process.

[1] The patchset I've posted to add measured boot support to Grub use PCRs 8 and 9 to measure various components during the boot process, but other bootloaders may have different policies.

[2] This is because most Linux systems generate the initramfs locally rather than shipping it pre-built. It may also get rebuilt on various userspace updates, even if the kernel hasn't changed. Including it in PCR 7 would entirely break the fragility guarantees and defeat the point of all of this.

Capitalism and housing

Jul. 16th, 2017 11:35 am
mindstalk: (Default)
[personal profile] mindstalk
In which I argue that the lack of affordable housing indicates something horribly wrong, and not with capitalism as such.

Have you heard of Walmart? Of course you have. What are they known for? Providing lots and lots of cheap shit. Also for bullying local governments and squeezing suppliers, but that's not the point here, which is: cheap shit. They have nicer competitors: Target, Kmart, Dollar Stores.

Plane seats are jammed and humiliating but also cheaper than they ever have been, modulo gas prices.

You can spend thousands of dollars on a fancy bicycle, or less than $100 on a cheap one.

Stores are full of cheap, if sometimes unhealthy, food.

You can spend under $13,000, or maybe $12,000 on a new car, or over $100,000 on a luxury sports car.

Many of us wear cheap clothes, "from Third World sweatshops"; others spend $thousands on elite designer clothing.

You can get a watch for $15, or $1500. They'll tell time about the same.

Our economy is full of selling cheap stuff to the masses and expensive stuff to the rich, and various things in between, (sometimes including selling cheap stuff for higher prices, if you can pull off price discrimination.) Because that's how you make the most profit, not by only making luxury stuff.

But in housing, particularly in some markets, it's said that developers are only building luxury housing. If true, why would that be? Why would housing be unlike every other part of the economy?

"Everyone needs housing, so they can extort you." Nope, that won't fly. Everyone needs food and clothing, and in the US lots of people need cars.

"They're just chasing profit." But the point of my examples is that there's tons of profit in non-luxury goods and services. Walmart is *huge*, with its founder's children inheriting $20 billion each of accumulated profit.

And in fact, if you look around the world, you do see cheap(er) housing options. Mobile and manufactured homes for the individual, pre-fab housing for soulless but cheap developer tracts, microapartments that cut living space to 100 square feet, SRO hotels that go further by making you share bathroom and kitchen (if any), granny apartments. In cheap land markets (prefab housing in surbuban developments) and expensive ones (microapartments in Tokyo and Hong Kong.)

But not in Boston, or San Francisco. Why not? Is there something about those places that makes developers spontaneously ignore non-luxury demand? Or is something, like zoning laws and permitting processes, preventing them from doing so?

If you know me, you probably know my answer: the latter. But if you don't like that answer, what's your alternative? Why don't we see Walmarts, Spirit Airlines, $15 watches, and $13,000 cars of modern urban housing?

Thought For The Day

Jul. 16th, 2017 09:48 pm
kerravonsen: Yin-Yang symbol, black and rainbow-sparkles (yin-yang)
[personal profile] kerravonsen
Strive to never be ashamed of any of your works, for you don't get to choose what you are remembered by.

(This brought to you by thoughts of Josette Simon and Arthur Conan Doyle.)

Catch of the Evening

Jul. 14th, 2017 09:40 pm
silverr: abstract art of pink and purple swirls on a black background (Default)
[personal profile] silverr
Microsoft OneNote.

Between speech recognition and the cloud, I can mumble all the thoughts that swirl up as I'm falling asleep into my phone, and in the morning I can go to my computer and they are THERE. I don't have to transcribe them from incoherent texts to myself, or by listening to my crony voice.

(Proper names are generally not done properly, but that's no big. Current mumbles involve Blue and Red.)

May 2016

8910 11121314

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 27th, 2017 06:44 am
Powered by Dreamwidth Studios