Rowan Thorpe

I hadn’t even heard of the underlying protocol NNCP yet, and it seems to solve out of the box several things I was trying to do in some of my own hobby-projects. I’d been battling with automating and integrating Tor/I2P, Openssl, Tox, GPG, Wireguard, etc. If NNCP lives up to the hype it will be a big shortcut, when I next get time to work on stuff :-)

In-band periodic key-exchange. Pre-arrange that keys expire every X messages, and that the last (Xth) message is dedicated to sending the new key encrypted by the previous one.

Thanks, that’s good to know, but for raw-writing a bootable image to a device do you (or anyone reading) know if there are also straightforward powershell commands for mapping devices at the block level? (as opposed to mounting at filesystem level)

The article at the end mentions they suggest dd as alternative for MacOS (due to Unix user space). It seems the balena -> rufus decision is about the easiest-onramp Mac+Win-portable option, for those uncomfortable dropping to low-level device-writing CLI tools in their current system.

Side-note: Last time I was on a friend’s Windows I installed dd simply enough both as mingw-w64 (native compiled) and under Cygwin. So for Windows users who are comfortable using dd it only requires a minor step. When I once used WSL devices were accessible too, but that was WSL1 (containerized), whereas WSL2 (virtualized) probably makes device-mapping complex(?) enough to not be worth it there.

At least on that day he was.

It would probably be configured using YAML and require health checks and quorum monitoring. I’m not sure I would want that job, especially on-call shifts. The consequences of downtime would be on a whole other level.

That’s definitely one of Randall’s more wholesome ones. By the way, this is one of my favourite book quotes on that subject:

The best thing for being sad," replied Merlin, beginning to puff and blow, "is to learn something. That’s the only thing that never fails. You may grow old and trembling in your anatomies, you may lie awake at night listening to the disorder of your veins, you may miss your only love, you may see the world about you devastated by evil lunatics, or know your honour trampled in the sewers of baser minds. There is only one thing for it then — to learn. Learn why the world wags and what wags it. That is the only thing which the mind can never exhaust, never alienate, never be tortured by, never fear or distrust, and never dream of regretting. Learning is the only thing for you. Look what a lot of things there are to learn.

T.H. White, The Once and Future King

Due to deep frustration with cultural imperialism and pervasive US exceptionalism I am one of the first to cheer when some popular-culture artefact dares to [shock, horror] not be based in the US. When District 9 was based in Johannesburg I remember thinking 1. Due to the apartheid subtext it makes sense, and 2. How on earth did they get decent funding without it being based in LA?! Having said that, I think the premise of such a script requires he “return” to the US in order to comment on events and prejudices there during that time (and the after-effects of events leading up to it - Rosa Parks, Malcolm X, Martin Luther King Jr, etc).

Have you ever met anyone who lives around the Mediterranean? He would look like a version of that guy who worked outdoors. He was from the Levant not sub-Saharan Africa.

I live in Greece, so …yes, I meet lots of them every day. Firstly when I had the script-idea I didn’t think there would necessarily be a need to “prove” that he “returns” as the same race as previously anyway. Of course just having him return “not white” would nudge people to connect dots to the historical whitewashing regardless. As an atheist I would see the whole thing as a fiction-based-on-fiction-based parable anyway. Aside from that there are quite a few who debate that he wasn’t from the Levant, as mentioned here https://en.wikipedia.org/wiki/Race_and_appearance_of_Jesus (not that I agree with any particular theory, just that there are many competing theories, and I’m not even convinced such a human even existed).

Valid point, but worth also mentioning an anecdote I read years ago (can’t remember from whom, perhaps Kurzweil?): when they were told the Human Genome Project had mapped 1% they were excited, saying it “had nearly finished”, and then had to keep justifying the statement by explaining the exponential nature of such work to the majority of people who couldn’t view it in any way other than as measured linearly per-result. Supposedly the project was completed only a few years later.

After reading that I just had an idea for what I think would be a good premise for a film. In the 70s Jesus “returns” in the US somewhere, but as someone who gets labelled as a black man, noone believes him. Because he keeps getting knocked down at every turn due to systemic racism, and because he is so fed-up with the “White Jesus” trope he joins the Black Panther Party. He ends up being shot by a cop. Final shot slow-zooms in to show cop’s name on a tag. First name Judas.

In terms of the “default instance” suggestion, I have an interesting hybrid suggestion. What about having an “easy on-ramp” instance where you get registered for one month with a hard-exit (auto-migrate to other instance, perhaps using some kind of federated-auth/token system for the migration, and forced password-setup on first use of the new instance). At any point during on-ramp the user could configure destination-instance from a list in the settings (or configure auto-export for manual import to any other “auto-migrate-unsupported” instance), with optional early-migration if the user has decided before the end of the month. Optionally a recommendation engine could iteratively curate a list of suggested instances based on usage during on-ramp (admins of those instances could provide - limited number of - tags of their choosing for the engine to use for matching). That part could be opt-in because probably a lot of users would find it creepy. The UX would need to be very user-friendly “pointy clicky” because that would be the overwhelming target demographic of such an instance. I think “on-boarding and educating” is better than “gatekeeping” (which feels like the “if you need to ask the price you can’t afford it” shopping trope). A nice side-effect is it already painlessly introduces users to the killer-feature “easy migration” between instances due to data-portability.

…which are all layers on Debian.

I remember having a bit of fun playing things like Stunt Car Racer on MS-DOS back in the early 90s for a few days. Yeah, that’s about it. That’s the best I can do even when I’m trying to be charitable. As soon as I owned my first computer (late 90s) I bought a Linux magazine, installed a distro from a cover CD-ROM, and never looked back.

…and you just gzipped it.

I guess that makes us screen-siblings, or screen-cousins, perhaps. Maybe we should print up some T-shirts celebrating The One True Way. Maybe some flyers for a recruitment-drive.

If you’re only talking about Storage (data at rest) or Network (data in transit) then encrypt/decrypt offsite and never let symmetric keys (or asymmetric private keys) near the VPS, or for in-transit you could similarly setup encrypted tunnels (symmetric/private keys offsite only) where neither end of the tunnel terminates at the VPS. If you’re talking about Compute then whatever does the processing inherently needs access to decrypted data (in RAM, cache, etc) to do anything meaningful. Although there are lots of methods for delegating, compartmentalising, obfuscating, etc (like enclaves, TPM/vTPM…) the unavoidable truth is that you must trust whomever owns the base-infra ultimately processing your data. The one vaguely useful way to use “other people’s computers” trustlessly is with SMPC (secure multi-party computation) spread sufficiently widely across multiple independent (preferably competing - or even adversarial!) virtual-computation providers, with an “N-of-M keys” policy that avoids any single provider being able to attain a meaningful level of access to your data independently, or being able to view tangible portions of your data while providing functionality during SMPC. That stuff gets super-niche though.

Not all made up though. I’ve been following this one’s mailing list for a while https://en.wikipedia.org/wiki/Zephyr_(operating_system)