Scripting News: One way is always better than two

Scripting News: One way is always better than two:

It’s not mentioned in the Wikipedia page on RSS that I had a format that does what RSS does, a year before it existed, but I gave it up so that Netscape and UserLand would build on the same format, RSS.

[I can attest to this. I don’t remember the context, but Dave and I had a conversation about the two formats. His was, from my perspective, clearly better*. I think he had already made up his mind about the situation (we only talked formats, not the larger context of what he was trying to accomplish and with whom), but I didn’t know it at the time. Still the “Scripting News format” was being used by Dave back then.]

[* My perspective was as a developer who had a native desktop editor for blogs. The very first I believe. It was beautifully simple to use. I miss it a lot. But it was written as a personal project, not a business, and I chose an environment and language that didn’t last. It also led to the creation of Really Simple Discoverability, the XML format I created to make it easier to use editors with blogs. Allez!]

Interesting that Edit This Page came up the day before or so. One of the things I loved about using “Archipelago”, the editor I had written and mentioned above, was exactly this feature. There was a link on every page of the blog, and if you clicked it the magic was performed to open that page in the editor. No matter how long ago that page was created you didn’t have to go searching for it in order to edit it, the link was always there. Days like this make me feel that so much was lost along the way to today. The open web is making a bit of comeback these days… who knows? Maybe we’ll catch up with the past.

SSH protects the world’s most sensitive networks. It just got a lot weaker

SSH protects the world’s most sensitive networks. It just got a lot weaker | Ars Technica:

Fabian Bäumer, one of three researchers from Germany’s Ruhr University Bochum who devised Terrapin, described this approach in an email:

The Terrapin attack is a novel cryptographic attack targeting the integrity of the SSH protocol, the first-ever practical attack of its kind, and one of the very few attacks against SSH at all. The attack exploits weaknesses in the specification of SSH paired with widespread algorithms, namely ChaCha20-Poly1305 and CBC-EtM, to remove an arbitrary number of protected messages at the beginning of the secure channel, thus breaking integrity. In practice, the attack can be used to impede the negotiation of certain security-relevant protocol extensions. Moreover, Terrapin enables more advanced exploitation techniques when combined with particular implementation flaws, leading to a total loss of confidentiality and integrity in the worst case.

[Well… that’s not good.]

Here’s a Warrant Showing the U.S. Government is Monitoring Push Notifications

Here’s a Warrant Showing the U.S. Government is Monitoring Push Notifications:

The letter does not disclose the legal mechanism used by governments to demand this data from Apple or Google. But the court record reviewed by 404 Media does include some specifics around push notification demands. Court Watch shared the record with 404 Media. The record is a search warrant application from May 2020 related to the investigation of a person suspected of theft or bribery concerning programs receiving federal funds.

In the search warrant application for information associated with a specific Yahoo email account, an FBI Special Agent writes under a section of the record entitled “Background Information Regarding Provider Services” that when a user of a mobile app installs and launches an app, the app will direct the device to obtain a “Push Token.” This is “a unique identifier that allows the provider associated with the application […] to locate the device on which the application is installed.”

[If they can, they will…]

Daring Fireball: 23andMe Confirms Hackers Stole Ancestry Data on 6.9 Million Users

Daring Fireball: 23andMe Confirms Hackers Stole Ancestry Data on 6.9 Million Users:

In an email sent to TechCrunch late on Saturday, 23andMe spokesperson Katie Watson confirmed that hackers accessed the personal information of about 5.5 million people who opted-in to 23andMe’s DNA Relatives feature, which allows customers to automatically share some of their data with others. The stolen data included the person’s name, birth year, relationship labels, the percentage of DNA shared with relatives, ancestry reports and self-reported location.

Here’s a real shocker: 23andMe has updated their terms of service in attempt to prevent a class action lawsuit. Good luck with that.

[I never trusted them…]

Daring Fireball: Harvard, M.I.T., and Penn Presidents Under Fire After Dodging Questions About Antisemitism

Daring Fireball: Harvard, M.I.T., and Penn Presidents Under Fire After Dodging Questions About Antisemitism:

The reckoning has come for the bizarro-world political climate that’s taken hold at these universities in the last decade or two. This patently offensive equivocation — when the correct answer was obviously an unambiguous “Yes” — makes sense in the context of the insular far-left worldview where the oppressed are viewed as inherently just, but comes across as absurd to everyone living in the real world. All three of these elite university presidents are obviously utterly tone-deaf and detached from the real world.

[The disease has risen all the way to the top. Imagine substituting another race, creed, religion, etc. for the word “Jew”. I believe the answer would have changed. Thank goodness there were only a couple of these sorts of people teaching when I went to college. Most of my professors were/are brilliant. ]

We are drowning in Google’s magnanimity

We are drowning in Google’s magnanimity – kpassa.me:

In reality of course OKRs are just fine. At least they’re fine for Google. For a company with its particular needs and structure, sure, it’s a fine way to run things.

For the rest of us, though, this well-intentioned subtle reinvention of goal setting just creates confusion. It makes us abandon the right tools for the job. It promises to help us think, but only provides us half-ideas without the context that made them work in the first place.

Lately I’ve been feeling the exact same thing about Kubernetes.

[I could not move people off of “it works for Google”… as if that meant it has to work elsewhere. I’ve seen enough shopping lists in my life to understand how little that is true. Same for Kubernetes. We gave a lot of things a try in one little corner of dev, but the principle that we always applied was “did it improve anything?” If the answer was no, with our own sense of priority (for whom did it improve and how much or not etc. etc) we killed anything that didn’t add up.]

Introducing The Tech Stack File | StackShare

Introducing The Tech Stack File | StackShare:

Today we’re excited to launch a new open source file format – The Tech Stack File (techstack.yml). With input from the Cloud Native Computing Foundation (CNCF) leadership and project maintainers, our goal with this new file format is to create the universal standard for tech stack data to make it easier for teams everywhere to access, share, and gain insights from the full range of their technology data. To help the StackShare community leverage this new file format, we’re also announcing two new products: StackShare AI and StackShare Connect.

[Could be helpful… I guess we’ll see.]

New York May Require a Background Check to Buy a 3D Printer

New York May Require a Background Check to Buy a 3D Printer:

The New York bill, called AB A8132, would require a criminal history background check for anyone attempting to purchase a 3D printer capable of fabricating a firearm. It would similarly prohibit the sale of those printers to anyone with a criminal history that disqualifies them from owning a firearm. As it’s currently written, the bill doesn’t clarify what models or makes of printers would potentially fall under this broad category. The bill defines a three-dimensional printer as a “device capable of producing a three-dimensional object from a digital model.”

[I commented on Instagram… but of course, also here on the blog. I don’t disagree with the problem, but I do disagree with this attempt at solving it. It’s too broad…
]

396995882 912753713789115 7478371378068480989 n

FCC moves ahead with Title II net neutrality rules in 3-2 party-line vote | Ars Technica

FCC moves ahead with Title II net neutrality rules in 3-2 party-line vote | Ars Technica:

The Federal Communications Commission today voted to move ahead with a plan that would restore net neutrality rules and common-carrier regulation of Internet service providers.

In a 3-2 party-line vote, the FCC approved Chairwoman Jessica Rosenworcel’s Notice of Proposed Rulemaking (NPRM), which seeks public comment on the broadband regulation plan. The comment period will officially open after the proposal is published in the Federal Register, but the docket is already active and can be found here.

The proposal would reclassify broadband as a telecommunications service, a designation that allows the FCC to regulate ISPs under the common-carrier provisions in Title II of the Communications Act. The plan is essentially the same as what the FCC did in 2015 when it used Title II to prohibit fixed and mobile Internet providers from blocking or throttling traffic or giving priority to Web services in exchange for payment.

[Yeah baby!]