Looks like #Israel will pass a key point in its war on #Hamas: its own response will kill more of their own people than the original attack. This already happened long ago for #Hamas, more were killed in this war than all since 1948. The #US lost more of its own people in the wars of #Iraq and #Afghanistan than in the Sept 11th attacks. These facts clearly demonstrate who gains from these kinds of wars. The leaders who drive them do so to stay in power, not to serve their people interests.
There is a dynamic that arises when there is a growing difference between the amount of maintenance required and available developer time. The maintainers need help to keep up. Until then, they need to ensure that the essentials are maintained. That in turn makes it harder for others to contribute, because the maintainer cannot afford to take any risks that might trigger unexpected work sometime later. So the maintainers have less time to review, less time to help complete merge requests, etc 1/
Three years ago, #FDroid had a similar kind of attempt as the #xz#backdoor. A new contributor submitted a merge request to improve the search, which was oft requested but the maintainers hadn't found time to work on. There was also pressure from other random accounts to merge it. In the end, it became clear that it added a #SQLinjection#vuln. In this case, we managed to catch it before it was merged. Since similar tactics were used, I think its relevant now
#Debian has been moving more towards the deb.debian.org mirror which is provided by a single CDN company, #Fastly. It works well, but also feeds an enormous amount of #metadata to a single company, and it can be used to track computers and maybe even people. And the privacy policy in effect is unclear. Fastly says the #privacy policy of the "subscriber" applies, but the privacy policy for deb.debian.org is not listed anywhere I could find. Anyone have any insight here?
Large corporations like the hate on the #GPL even though it has brought them big benefits. #Linux would be nowhere near what it is without the GPL. I always saw #Google's #Fuchsia kernel as their effort to get out of the GPL, since it would replace the Linux kernel. There was even media hype to that effect. Now I'm happy to see that Google is no longer supporting #Chrome on Fuchsia. I see this as a win for #FreeSoftware
Just migrated my #offline#gnupg and #ssh key setup to a new #smartcard. This only took about 8 hours whereas when I last did this in 2015, it took much longer. I guess this is a sign of process! But these things are still too painful. At least now, the software just works right out of #Debian.
Assessing the #security of computer systems is really hard because of "known unknowns" and "unknown unknowns". For example, there are lots of reports about #NSO#Pegasus being found on #iPhone but few about #Android. One might be tempted to conclude that Android is more secure. The truth is unfortunately much harder to pin down. For example, it is harder to detect and confirm Pegasus on Android, although it is clear that there have been plenty of infections on both platforms.
#FDroid is consistently growing in its bandwidth usage over the years, as shown by this stats graph from the #UniFAU mirror. Interesting to see the short downward section when we added new official mirrors in April and November.
Danke #Falter, alle soll wissen dass die Nazis Autos Vorrang in die Stadt gegeben haben:
Doch der technologische Fortschritt und die nationalsozialistische Ideologie gaben den Autos Vorrang. Die Straßenverkehrsordnung von 1938 machte das „Kraftfahrzeug“ zum „Volksfahrzeug“, „der Langsame“ habe auf „den Schnelleren“ Rücksicht zu nehmen: „Im Straßenverkehr gehen die Bedürfnisse des motorisierten Schnellverkehrs den Bedürfnissen der Fußgänger vor.“ https://www.falter.at/zeitung/20231121/den-guertel-enger-schnallen
It includes this heading that only an LLM would generate: "Are Emma Bridgewater mugs, dishwashers, and microwaves safe?" Oops, it mixed up who is doing what to who. I think it is pretty clear that this AI wave is a repeat of #cryptocurrency: 99% of use cases make our world much worse.
In my work with #FDroid I've discussed our work with gov regulators for South Africa, UK, EU and Japan as well as competition litigators from multiple US States and the EU. From this, I'm starting to see a picture of #Apple's and #Google's semi-related strategies of making "sideloading" (installing apps outside of their #gatekeeper control) look bad as a way to keep their monopolies in the face of #DMA and other regulatory actions. I'm still looking for data about the actual real world risks 1/
When organizations that use #Debian maintain the packages they use in Debian, the whole ecosystem gains. The more organizations that do that, the more efficient the whole ecosystem becomes for all users. Here's a recent example from #FDroid:
The #WebP#security vulnerability CVE-2023-4863 demonstrates a huge advantage of the "distro" approach of shipping software, like #Debian pushes so hard to deliver. We see a mad scramble for many software vendors to ship with the patched version of #libwebp. In the distro model, the patch is shipped in the single lib package, then all of the software automatically uses the safe version. This leads to shorter times to get fixes to users with much less work overall.
I just read this op-ed about the intelligence of #LLM#AI (its 6 months old). It is the best piece I've read so far that demonstrates how things like #ChatGPT can bring in "banality of evil" amoral decision making where humans would be troubled by the moral issues in the situation. https://www.nytimes.com/2023/03/08/opinion/noam-chomsky-chatgpt-ai.html
„Für mich ist es frappierend, dass beispielsweise der Amazonas-Regenwald in den Medien regelmäßig mit dem Aufruf erscheint, die Biodiversität dort zu schützen, dabei sterben vor unserer Haustür Arten aus" https://science.orf.at/stories/3218278
Europe has a long history of destroying river ecosystems throughout the continent by building dams.This contributes a lot to #ClimateChange. The #EU is exporting this, by paying for new dams in pristine ecosystems, for example, in the #Balkans, where the locals have long history of keeping nature intact and wild. Places like #Bosnia and #Albania should export their knowledge to the EU, what is happening is vice versa and now we watch more "dams destroy rivers completely"
Its frustrating to see how deeply #Copyright cartels have infiltrated our culture, that people call making cost-free digital copies "theft" even in countries where it is fully legal to do so. It is not even "copyright infringement" if it is not against the local copyright laws. And yes, unlike laws about theft, copyright laws vary widely around the world. I've always liked "Copying Is Not Theft" has an illustration of the difference https://yewtu.be/watch?v=IeTybKL1pM4
#MLS Messaging Layer Security has just been officially standardized by the #IETF, this is a great new development, especially in combination with standard protocols like #Matrix and #XMPP. https://blog.phnx.im/rfc-9420-mls/ 1/