Twitter: @ewenmcneill -- January 2020

Tue Dec 31 19:13:58 +0000 2019 (#)

RT @swearyanthony: Reminder, again, that the "Y2K wasn't that bad" campaign is a deliberate effort by climate deniers to attempt to diminis…


Tue Dec 31 21:43:15 +0000 2019 (#)

Interesting reverse engineering of VGA capture device driver (with custom USB protocol, not standard webcam). The device includes a Spartan 6 FPGA, and ancient Linux USB driver uploaded bitstream at startup…

https://blog.benjojo.co.uk/post/userspace-usb-drivers


Wed Jan 01 21:50:37 +0000 2020 (#)

Replying to @s0md3v

I’m giving a talk on “Authentication Afterlife” in a couple of weeks. May I use a screenshot of your tweet in my talk? It perfectly captures the “they walked around the barrier” part of the problem!

Please and thank you :-)


Thu Jan 02 22:28:03 +0000 2020 (#)

RT @developerjack: I wholeheartedly agree with @mootpointer that Australians have quite the unhealthy obsession with toxic masculinity and…


Thu Jan 02 22:47:59 +0000 2020 (#)

Neat Haskell explanation of an elegant way to solve FizzBuzz which occurred to me as well, but I’d never actually tried to implement it. Great to see it actually works and can be expressed concisely! https://twitter.com/ploeh/status/1211602686606487553


Fri Jan 03 03:11:25 +0000 2020 (#)

RT @merxplat: Important thread on the difficulty of using tools provided to the public when making decisions on cross-border travel and fir…


Fri Jan 03 03:13:28 +0000 2020 (#)

Replying to @merxplat

Will you be at LCA2020 the week after next? If so would you consider doing a lightning talk on this? It seems super relevant to lots of larger scale problems and very timely.


Fri Jan 03 03:29:37 +0000 2020 (#)

Replying to @merxplat and @excitedleigh

It’s the “data visibility” / “data visualization” mattters / saves lives angle that I think is key here. It’s not just “hey everyone is doing their own thing” it’s that there are arbitrary boundaries in the data.

Would be great if someone talked about this at LCA2020.


Fri Jan 03 03:35:27 +0000 2020 (#)

RT @fermatslibrary: Beautiful shapes created by simple harmonic motion 🧐


Fri Jan 03 04:06:48 +0000 2020 (#)

Replying to @merxplat and @excitedleigh

I also wonder what, eg Europe/the EU has done about this? There’s lots of cross border issues, and the combination of natural events that travel and people who might want to escape them is complex to match with geographic jurisdiction boundaries…


Fri Jan 03 06:22:05 +0000 2020 (#)

Replying to @excitedleigh and @merxplat

If your going to be at LCA2020 anyway I think it’d still be an important lightning talk, even if it’s “I was there, these things matter” rather than “I have a solution”.

Lightning talks are best for “here’s a thing to think about”. And very welcoming of new speakers.


Fri Jan 03 08:33:45 +0000 2020 (#)

Replying to @whatnick, @merxplat and @devsighops

That’d be great if he’d be willing to present something on the hotspots site/data sources/presentation. Thanks for the reference!


Fri Jan 03 22:36:33 +0000 2020 (#)

Replying to @troyhunt

May I use a screenshot of this tweet in a talk I’m giving the week after next about “Authentication Afterlife”? I too think physical password books have a place for many people, and your tweet captures it nicely.

Please and thank you :-)


Sat Jan 04 02:24:03 +0000 2020 (#)

Replying to @pjf

I think this LCA is going to be smaller than some previous years — a bunch of people seem to be skipping this year. Costly accommodation choices and unpleasant weather among the reasons.

Queensland seems less affected than other parts of the country. 1/2


Sat Jan 04 02:27:22 +0000 2020 (#)

Replying to @pjf

But even with QLD being less affected I’m more concerned about travel this year than most previous years. (I’m travelling in a couple of days for a hacking week before LCA.)

So whatever you decide that feels right is a good decision. You can always visit later in the year. 2/2


Sat Jan 04 02:34:57 +0000 2020 (#)

Replying to @spidie

Well that’s good to hear that at least they’ve sold enough tickets to have a reasonable turnout (and hopefully at least cover costs).

I was a wee bit concerned when I saw a “Boxing Day” sale on tickets; it’s usually “nearly sold out” by then….


Sat Jan 04 03:28:50 +0000 2020 (#)

RT @jef_poskanzer: Apparently a non-trivial number of systems are experiencing #Y2020 bugs. A common Y2K "fix" just postponed things by 20…


Sat Jan 04 07:03:01 +0000 2020 (#)

Replying to @slyall

Hope your $100/night accommodations works out! IIRC that one was a backpackers, a wee way off.

I’m in the closest apartment hotel I could find with good reviews, because if I’m paying $200+/night (even as a business expense) it’s got to be convenient.


Sat Jan 04 07:05:26 +0000 2020 (#)

Replying to @slyall

But even $100/night is about 50% more than student accommodation several previous years. (Let alone $200/night for many.)


Sat Jan 04 07:09:13 +0000 2020 (#)

Replying to @merxplat

The last photo, with some clear sky really highlights “this is all smoke rising from the ground”. Thanks for sharing!


Sat Jan 04 07:35:36 +0000 2020 (#)

Replying to @slyall

Curious. Montego Sands Resort rates well on TripAdvisor and seems to be only 1.5km from the convention centre (so 20ish minute walk).

Seems to be $230/night on TripAdvisor so maybe you lucked into a deal getting it at $100/night!


Sat Jan 04 20:04:16 +0000 2020 (#)

RT @tveastman: I'm old enough to remember when the Internet wasn't a group of five websites, each consisting of screenshots of text from th…


Sun Jan 05 01:27:17 +0000 2020 (#)

Thank you to ABC News for live streaming the Bushfire situation to YouTube (which is being recommended for viewing here in New Zealand too).

As concerning as it is to find so many areas I’ve visited in NSW/Vic being affected, it’s helpful to see live on site footage.


Mon Jan 06 00:57:09 +0000 2020 (#)

Replying to @pjf

I think the call to stick with your established routine is a good one 💚

On the estate front, is there someone in/near/can travel to Melbourne later in the year who you’d like to help you on site?

Because I’d encourage not trying to do it all alone, even in smaller batches 🤔


Mon Jan 06 01:52:44 +0000 2020 (#)

Replying to @alicegoldfuss

May I use a screenshot of your tweet in a talk I’m giving next week on Authentication Afterlife. It beautifully captures the need for random “secret question” answers 😃

Please and thank you :-)


Mon Jan 06 02:36:21 +0000 2020 (#)

Replying to @Erstejahre and @merxplat

I was pleasantly surprised to see some fairly pointed questioning from ABC News (live-streaming to YouTube) especially yesterday.

Even some of the media might be starting to realise this can’t just be treated as normal.


Mon Jan 06 11:20:29 +0000 2020 (#)

Replying to @pjf

Less travelled crunchy apples in the middle of winter, presumably, which seems like a good thing. (The food miles on some out of season food in NZ, especially in the NZ winter, can be…. non trivial.)


Mon Jan 06 21:10:21 +0000 2020 (#)

@alicegoldfuss may I use a screenshot of your tweet in a talk I’m giving next week: Authentication Afterlife. It beautifully captures the need for random “secret question” answers 😃 (Asking again as I guess you muted the thread.)

Please and thank you :-) https://mobile.twitter.com/alicegoldfuss/status/1213917492768174081


Mon Jan 06 21:43:36 +0000 2020 (#)

RT @timonsku: Inspired by watching @ruthgracewong talk again I thought it might be fun to take a look at the Fomu made by @xobs and @mithro…


Tue Jan 07 00:38:14 +0000 2020 (#)

RT @pjf: If you're in need of a number to give to someone who shouldn't have your number, the National Rick Astley Hotline will never let y…


Fri Jan 10 02:33:06 +0000 2020 (#)

RT @joynessthebrave: Being a human is so confusing because you are basically an animal with a soul, so sometimes you're like "am I experien…


Sun Jan 12 20:28:51 +0000 2020 (#)

RT @QuinnyPig: Okay. For every retweet this gets (TO A POINT!) I'll add a thought / tip / observation about speaking at conferences.


Sun Jan 12 23:05:16 +0000 2020 (#)

If you’re at #lca2020 and have ever fancied reconfiguring your hardware the way you reconfigure your software, @mithro is offering you your chance to get started for just 10 minutes of your time!

Recommended 👍 https://twitter.com/tomu_im/status/1216484525233979392


Mon Jan 13 01:07:44 +0000 2020 (#)

RT @linuxconfau: #LCA2020 is underway. We are very excited to welcome everyone to the Gold Coast 🐧🌞. If you couldn’t make it, live-streamin…


Mon Jan 13 01:10:12 +0000 2020 (#)

Replying to @paulgear1

No, main auditorium (Arena) is mostly using slide out seating blocks, which have no power. Sorry 😢


Mon Jan 13 02:05:33 +0000 2020 (#)

RT @Enderboi: Some fantastic 'stories from the trench' from @SurvivalWomenIT on her initial experiences with moving into a DevOps environme…


Mon Jan 13 02:07:17 +0000 2020 (#)

RT @ElrashidCo: @linuxconfau watch Linux Conf AU 2020 live Now :

🔴Arena https://www.youtube.com/watch?v=xdpAlB-xeEY

🔴Room 7 https://www.youtube.com/watch?v=BKFPoSJyYD8

🔴Room 6…


Mon Jan 13 02:09:53 +0000 2020 (#)

RT @paulgear1: This talk from Craig Miskell is a tour-de-force in debugging technique on production systems #sysadmin #lca2020


Mon Jan 13 02:11:30 +0000 2020 (#)

RT @ExcitedLeigh: The name "Internet of Things" faces the wrong way. They talk to the Internet, but they exist to talk to and interact with…


Mon Jan 13 02:14:27 +0000 2020 (#)

When you choose a non default setting leave a comment or link to documentation as to why you chose that setting.

This. So much this!

#lca2020 Sysadmin Miniconf


Mon Jan 13 03:34:01 +0000 2020 (#)

RT @ExcitedLeigh: "the act of writing documentation is the act of UX review" —Sven, via @unixbigot #lca2020


Mon Jan 13 03:39:55 +0000 2020 (#)

Replying to @etbe

.@mithro will give you a small FPGA if you show him the open tools installed to use it. Fits inside your USB port. Very portable 😃

Other small ones are $25-$150 (large FPGAs are more). ICEBreaker is a good one to start with if you want input options.

https://twitter.com/ewenmcneill/status/1216496395282071553


Mon Jan 13 03:46:17 +0000 2020 (#)

Infosec programming the weird machine since forever 😃

Everything is a programming target if you’re on the red team…

#lca2020 Sysadmin Miniconf


Mon Jan 13 03:52:55 +0000 2020 (#)

“Every configurable program has two users: the end user and the administrator.” — @jaqx0r at #lca2020 Sysadmin Miniconf


Mon Jan 13 03:56:59 +0000 2020 (#)

Public postmortems. Well worth scanning through to find out what really goes wrong. #lca2020 Sysadmin Miniconf

https://github.com/danluu/post-mortems


Mon Jan 13 04:04:07 +0000 2020 (#)

Replying to @ewenmcneill

“The sooner config is validated after the commit the better” — @jaqx0r at #lca2020 Sysadmin Miniconf.

Keep config in version control. Use the diffs, Luke.


Mon Jan 13 04:06:58 +0000 2020 (#)

RT @ExcitedLeigh: Deleting code is a good solution to a large set of problems. #lca2020


Mon Jan 13 04:52:30 +0000 2020 (#)

Virtualization is the future “breaking news” from @pleia2 at #lca2020 Sysadmin Miniconf 😃

Mainframes have been solving virtualization/storage issues for decades before PCs. Read those papers from the 1980s… :-)

Mainframes are still the core production at many large orgs.


Mon Jan 13 04:59:01 +0000 2020 (#)

“Diverse” network paths: opposite sides of the bridge 🙁

What happens if the whole bridge is in fire? 🔥 Is that one alert or two?

Interesting short talk about when it makes sense to correlate notifications.

@LapTop006 at #lca2020 Sysadmin Miniconf


Mon Jan 13 05:02:00 +0000 2020 (#)

RT @pleia2: My first talk of #lca2020 wrapped up!

Slides here: https://princessleia.com/presentations/2020/Why_Linux_Systems_administrators_Should_Care_About_the_Mainframe-January_13_2020.pdf (1.2M pdf)

And some resources I mentioned:

https:…


Mon Jan 13 05:23:55 +0000 2020 (#)

RT @kattekrab: Yes!

Celebrate failure! And be grateful when people are willing to share their stories.

#LinuxConfAU #LCA2020 https://t.…


Mon Jan 13 06:00:10 +0000 2020 (#)

“Simple is better than Magical” — @CerealBoy speaking my gospel at #lca2020 Sysadmin Miniconf

(Simple is better than “complex, but documented” too, but both are better than magical.)


Mon Jan 13 07:22:54 +0000 2020 (#)

Oh the war stories!

Dust and/or humidity are not your storage’s friend…

@StevensHat at #lca2020 Sysadmin Miniconf


Mon Jan 13 07:56:32 +0000 2020 (#)

RT @slyall: Thankyou to all the Speakers and attendees at the #lca2020 Sysadmin Miniconf. Huge thanks to the main LCA crew.

Slides for mos…


Mon Jan 13 11:41:13 +0000 2020 (#)

RT @sirocyl: @rrika9 This is exciting! (Apologies if I'm being 'splainy here) In-memory compute is an amazing step towards coherent computi…


Mon Jan 13 12:32:48 +0000 2020 (#)

Replying to @ewenmcneill

The perils of live tweeting: you thought you photographed the slide but actually it changed and you didn’t notice in time 😢

Good talk! Recommend you watch the video when it’s out. (Slides might not be available, because reasons.)


Mon Jan 13 23:48:57 +0000 2020 (#)

Interesting book related to the topic of today’s #lca2020 keynote.

Actual rational mind response takes time; fast response is often primed, especially by what you have done before. (Motorcyclists are taught to expect this.)

https://en.m.wikipedia.org/wiki/Thinking,_Fast_and_Slow


Mon Jan 13 23:52:11 +0000 2020 (#)

Replying to @ewenmcneill

In particular motorcyclists are taught that under stress you will do what you trained to do. Same with the later training of firefighters mentioned in the keynote.

“Dropping your tools” / Creative desperation is the reframing of hacking the world. #lca2020


Tue Jan 14 00:30:13 +0000 2020 (#)

RT @SamEEENZ: Really interesting keynote from @BradyHeywood on the importance on sometimes dropping your tools and running. The downside of…


Tue Jan 14 00:33:27 +0000 2020 (#)

Replying to @yaakov_h

Yes. That’s basically what hacking (as I using devices for purpose for which they were not made) is about. The world looks different if you start thinking about “how else could I solve this problem”/“… use this”.

Eg, look into return oriented programming (from infosec).


Tue Jan 14 01:13:34 +0000 2020 (#)

RT @unixbigot: Dr Sean Brady points out the common factor in most engineering failures: Engineers. Our brains, he says, are stubbornly re…


Tue Jan 14 02:04:58 +0000 2020 (#)

@bkuhn_ebb_org I understand you had VGA AV issues with your talk yesterday. LCA2020 AV team are keen to help find a solution if you stop by the speaker projection testing area and knock on door to left.

More details emailed to your Conservancy address just before noon today.


Tue Jan 14 02:16:22 +0000 2020 (#)

RT @itgrrl: .@StevensHat asked a question after @Loquacities’ talk about how we can incorporate responsible, ethical perspectives and choic…


Tue Jan 14 02:16:39 +0000 2020 (#)

RT @itgrrl: When we include and value people with a diversity of backgrounds and experience in all aspects of the process when we develop t…


Tue Jan 14 02:35:23 +0000 2020 (#)

This ⬇️

Also FWIW this year has presented a bunch of unexpected logistical issues in the week leading up to the conference.

Having seen some of that first hand I’m impressed we have a working network and working AV at all.

Lots of hard work to get this far! #lca2020 https://twitter.com/mattcen/status/1216908025614585856


Tue Jan 14 03:42:40 +0000 2020 (#)

RT @ExcitedLeigh: Your reminder that questions are for requesting more information from the speaker. If you want to share info with the aud…


Tue Jan 14 03:47:27 +0000 2020 (#)

Replying to @SurvivalWomenIT

You’re very welcome. It was a great talk! Thanks again.


Tue Jan 14 03:54:54 +0000 2020 (#)

I’m talking at the #lca2020 Security, Identity, and Privacy Miniconf at 14:05 today (room 6) about Authentication Afterlife.

If you’d like to follow along the slides are online, and LCA2020 has live streams. https://naos.co.nz/talks/authentication-afterlife/ https://linux.conf.au/schedule/presentation/118/ https://mobile.twitter.com/ElrashidCo/status/1216539973467496449


Tue Jan 14 05:21:15 +0000 2020 (#)

RT @jillrouleau: Also looks like there's a matching campaign running for @conservancy for the next 30 hours. Their work supports projects l…


Tue Jan 14 05:28:22 +0000 2020 (#)

Replying to @KanidmProject

The ones that I came up with are in my slides, collected at the end. There’s also a bunch of useful links after that.

I think the “Tabletop Scenario” model is a useful one to create user scenarios to consider.

I’d like it if others added more! #lca2020 https://naos.co.nz/talks/authentication-afterlife/


Tue Jan 14 05:47:56 +0000 2020 (#)

RT @slyall: http://Linux.conf.au 2020 – Tuesday – Session 2 – Security, Identity, Privacy Miniconf

VPN industry - Ruben Rubio Rey

Auth…


Tue Jan 14 06:00:55 +0000 2020 (#)

RT @Erstejahre: No comment needed. @ewenmcneill so on point #lca2020


Tue Jan 14 06:47:00 +0000 2020 (#)

“Passwords have gotten out of hand” — @Erstejahre quoting password inventor (from CTSS). “Tech Debt” (!!)

Password requirements are often sufficiently complicated that only valid passwords are not memorable by humans.

#lca2020


Tue Jan 14 06:49:25 +0000 2020 (#)

Replying to @ph0zzy1

In information security the “red team” is the team that tries to break into your systems to test if they are secure against attack. The “blue team” is the team defending your systems.


Tue Jan 14 06:49:52 +0000 2020 (#)

RT @ExcitedLeigh: The inventor of passwords, in the 1960s: "There will be better solutions, we'll come up with them in the future." via @Er…


Tue Jan 14 07:04:18 +0000 2020 (#)

Replying to @ExcitedLeigh and @Erstejahre

zxcvbn, from DropBiox, can help your users improve their passwords.

#lca2020 Security, Identity, and Privacy Miniconf

https://github.com/dropbox/zxcvbn


Tue Jan 14 07:08:00 +0000 2020 (#)

RT @ExcitedLeigh: "If users are consistently making the same mistakes, maybe the user's aren't the problem; maybe the interfaces are." —@Er…


Tue Jan 14 07:16:16 +0000 2020 (#)

Replying to @voltagex and @Erstejahre

This idea has occurred to both f us too :-)

Maybe tomorrow?


Tue Jan 14 20:54:15 +0000 2020 (#)

RT @spidie: Standup comedy in Tech Talks #lca2020 https://twitter.com/nextdayvideo/status/1216938042126041088


Tue Jan 14 20:57:12 +0000 2020 (#)

RT @AndyFitz: Incredible keynote at #linuxconfau #lca2020 today. If you have 50 minutes, Sean Brady really takes you there. https://t.co/…


Tue Jan 14 23:57:45 +0000 2020 (#)

Insightful, wide ranging talk from @kattekrab about creating the future you want to live in, at #lca2020.

What do you want 2121 (101 years from now) to look like? The journey to that world starts today.


Wed Jan 15 00:23:32 +0000 2020 (#)

RT @itgrrl: To an extent I agree with @kattekrab on this, but it’s also super important to be mindful that “outcomes > intent.”

Even when…


Wed Jan 15 01:07:42 +0000 2020 (#)

RT @micolous: @glasnt How I created this morning's xrandr #lca2020 title slide, and you can create your own glitches with ffmpeg: https://t…


Wed Jan 15 01:36:09 +0000 2020 (#)

RT @nextdayvideo: #lca2020 @erstejahre The Psychology of Multi-Factor Authentication http://youtu.be/qOZzleJ9OEs


Wed Jan 15 01:36:44 +0000 2020 (#)

RT @nextdayvideo: #lca2020 @ewenmcneill Authentication Afterlife: the dark side of making lost password recovery harder https://t.co/praAJe…


Wed Jan 15 01:41:02 +0000 2020 (#)

Replying to @ewenmcneill

Thanks to .@nextdayvideo the recording of my “Authentication Afterlife” talk is available by morning, the next day. Speedy service FTW!

https://twitter.com/nextdayvideo/status/1217252526346555392 https://naos.co.nz/talks/authentication-afterlife/


Wed Jan 15 01:50:35 +0000 2020 (#)

Lovely introduction for @o0karen0o’s talk at #lca2020: “my favourite cyborg lawyer” :-)

Mine too, mine too!


Wed Jan 15 02:04:22 +0000 2020 (#)

“None of this is a big deal” says .@o0karen0o about behaviour directed at her, as a women attendee. Then proceeds to list three things which are a big deal.

“The trouble is most of this is invisible” if you’re not a member of a marginalised group. #lca2020


Wed Jan 15 02:19:42 +0000 2020 (#)

RT @SurvivalWomenIT: Thanks Karen for amazing talk! It is hard to admit your own mistakes from the big stage! #LCA2020 https://t.co/v2OavmH…


Wed Jan 15 02:20:36 +0000 2020 (#)

RT @WhiteRabbit912: No one else but a Karen would ask the manager to see the source code in her body - @o0karen0o #lca2020


Wed Jan 15 02:24:52 +0000 2020 (#)

RT @ExcitedLeigh: I'm a non-passing, non-binary transfeminine person so my experiences are different to @o0karen0o's, but this slide: Oof.…


Wed Jan 15 03:34:54 +0000 2020 (#)

“There’ll be lots of puns. Only the breast ones.” audience laughs — @KathyReid at #lca2020, “Good, better, breast: Building a sensing mastectomy prosthetic with open hardware”

https://linux.conf.au/schedule/presentation/16/


Wed Jan 15 03:41:04 +0000 2020 (#)

Replying to @KathyReid

“I asked her [my surgeon] a question she wasn’t expecting”, says .@KathyReid, “how many USB ports can you give me?”

All about the upgrades! 😃 #lca2020


Wed Jan 15 03:49:17 +0000 2020 (#)

Replying to @ewenmcneill

The code is open source. Runs on a Raspberry Pi 3B+, and does inertial motion tracking, etc. #lca2020

https://github.com/KathyReid/sensebreast


Wed Jan 15 03:53:41 +0000 2020 (#)

Replying to @ewenmcneill

“I don’t always talk about my breasts, but when I do it’s on national television” — .@KathyReid #lca2020

Success: more USB ports !!!1!!1


Wed Jan 15 03:56:06 +0000 2020 (#)

Replying to @KathyReid

“ #lca2020 breast conf ever! “

(New hardware with collaboration with .@jonoxer.)


Wed Jan 15 04:01:45 +0000 2020 (#)

Replying to @ewenmcneill

New model is “a much better breast” — .@KathyReid at #lca2020

“Good, better, breast” achieved 👍


Wed Jan 15 04:05:45 +0000 2020 (#)

Replying to @ewenmcneill

.@KathyReid finishes with a call back to the keynote: “every technology has a history / every technology has a future / what history are you going to build?”

Fantastic talk. Catch the video if you didn’t see it in person!

#lca2020


Wed Jan 15 04:11:17 +0000 2020 (#)

RT @spidie: Anyone in #lca2020 Arena who wants to ask a question - we are going to get everyone to come to front & queue next to the mic-st…


Wed Jan 15 04:13:37 +0000 2020 (#)

RT @itgrrl: After @o0karen0o’s talk, @jdub asked about the tension between “underrepresented folk shouldn’t have to do all the advocacy wor…


Wed Jan 15 04:22:20 +0000 2020 (#)

RT @SuperRoach: #lca2020 if you want more leaders to step up, stop driving diverse candidates out of the industry (comment re: harassment a…


Wed Jan 15 04:33:28 +0000 2020 (#)

RT @ADuckIsMyFiend: Not dying is a good first step for any project #lca2020


Wed Jan 15 04:52:15 +0000 2020 (#)

“Is Twitter data public or private?”: it’s not that binary. “It was shared with the expectation of a certain context.”

.@betsybookworm at #lca2020

Inferring personal data is particularly dangerous, consent is tricky, anonymisation doesn’t work.

https://linux.conf.au/schedule/presentation/48/


Wed Jan 15 04:53:40 +0000 2020 (#)

RT @kattekrab: Hearing @betsybookworm talk about how she changed her Twitter habits after gaining awareness of how it’s being used by resea…


Wed Jan 15 04:58:05 +0000 2020 (#)

Replying to @ewenmcneill

“Is it private or public?”

“If we just ask this one question we are limiting the nuance of human information sharing.”

Very important point.

.@betsybookworm at #lca2020


Wed Jan 15 05:02:36 +0000 2020 (#)

Replying to @ewenmcneill

“Who does this belong to?”

“How do they want it to be shared?” — .@betsybookworm #lca2020

Privacy is not binary.


Wed Jan 15 05:04:28 +0000 2020 (#)

RT @ClaireCities: "Who does this belong to and how do they want it to be shared?" two questions @betsybookworm recommends we ask when worki…


Wed Jan 15 05:45:16 +0000 2020 (#)

RT @asgharkazi: “Privacy is not an on/off switch” - very enlightening talk by @betsybookworm at #LCA2020.


Wed Jan 15 06:04:39 +0000 2020 (#)

Race timing to 1ms resolution over 1km with no direct line of sight, based on a BeagleBone Black Wireless with a custom cape.

Dave Chinner at #lca2020 https://linux.conf.au/schedule/presentation/44/


Wed Jan 15 06:08:11 +0000 2020 (#)

Replying to @ewenmcneill

All temporary install. Setup, race, tear down inside 12 hour closure of a public road.

Setup takes under 75 minutes for everything at both ends.

#lca2020


Wed Jan 15 06:08:31 +0000 2020 (#)

RT @jillrouleau: "It's worth taking the time to welcome people into your community [as an investment in developing future core contributors…


Wed Jan 15 06:19:28 +0000 2020 (#)

Replying to @ewenmcneill

Software is Debian, with multi-process C applications (because of Dave’s background). UI in Python. (Initial full prototype in Python ran into challenges with threading, MQTT, GPIO, etc interaction complexity/instability.)

#lca2020


Wed Jan 15 06:45:15 +0000 2020 (#)

.@joshsimmons opening with Acknowledgement of Country 💜💚❤️💙

(Several other speakers have too, and it’s been great to see; this one was the easiest to photograph.)

#lca2020


Wed Jan 15 06:53:00 +0000 2020 (#)

There is a gap between what companies are offering in support of Open Source projects and what projects are asking for. We tend to put code on a pedestal, but it is not the only thing necessary to good software projects.

.@joshsimmons #lca2020


Wed Jan 15 06:57:22 +0000 2020 (#)

Replying to @ewenmcneill

Contribute beyond what you need. Nurture the relationship and the community. Build good will.

Maybe that’s code review of other features, testing/QA infrastructure, funding conferences / conference travel for other contributors, event space.

.@joshsimmons #lca2020


Wed Jan 15 06:57:56 +0000 2020 (#)

RT @jillrouleau: "How great would it be if Sr Devs were offering to do code review of other community contributions?" Yes please!!! Communi…


Wed Jan 15 07:03:28 +0000 2020 (#)

Replying to @ewenmcneill

“Open Source lives and dies by a culture of mentorship” Put senior staff on projects, and carve out time for them to mentor project members (both on staff and in the wider project).

.@joshsimmons #lca2020


Wed Jan 15 07:09:32 +0000 2020 (#)

Replying to @ewenmcneill

“enumerate and value your dependencies” — .@joshsimmons #lca2020

“Incentivize contributions” to open source by your staff, “raise internal awareness” (highlight in training, meetings, etc).


Wed Jan 15 07:23:13 +0000 2020 (#)

Replying to @ewenmcneill

Projects should… “have a way to receive money”, that is understandable by corporate accountants. Maybe your project should be a member project of a financial sponsor like SF Conservancy, SPI, etc.

Also “have a [documented] plan for how to use it”. .@joshsimmons #lca2020


Wed Jan 15 08:23:42 +0000 2020 (#)

For #lca2020 penguin dinner attendees, the email to the announce list this morning just got delivered at 18:04. You might want to look.

TL/DR: pre dinner drinks at GCCEC door C from 18:30, enter Arena via door C about 19:00. You need your badge showing dinner tickets.


Wed Jan 15 10:22:35 +0000 2020 (#)

Replying to @jillrouleau

For a bunch of years I’d get asked for directions / assistance within a day of arriving somewhere for the first time. (Shortest was getting off metro on arrival of first trip.)

I think there’s a “seems competent” / “are competent” factor here too, not just duration… 😃


Wed Jan 15 11:18:36 +0000 2020 (#)

Replying to @jillrouleau

Yes, there’s a lot of “I know how these things normally works” that helps with pattern matching and quick solutions 😃


Wed Jan 15 21:15:51 +0000 2020 (#)

RT @gvanrossum: I just read this. It’s harsh but not untrue. I like the recommendation to do a post-mortem of the Python 3 transition. htt…


Wed Jan 15 22:57:43 +0000 2020 (#)

The “o” looks a little pixelated this morning… :-)

#lca2020


Wed Jan 15 23:31:11 +0000 2020 (#)

RT @The_McJones: Already @VTeagueAus’ talk is making me more convinced we should never have electronic voting... #lca2020


Wed Jan 15 23:32:28 +0000 2020 (#)

RT @yaakov_h: Don’t roll your own crypto, but in particular, don’t roll your own crypto that’s broken in the exact same way that matches an…


Wed Jan 15 23:41:43 +0000 2020 (#)

RT @micolous: Playing devil's advocate: a bunch of crypto/maths that voters don't understand offers the same level of trust as a closed sou…


Wed Jan 15 23:41:59 +0000 2020 (#)

RT @The_McJones: “Laws about voting systems are very important. Switzerland has very good ones, NSW has very bad ones” - @VTeagueAus #lca20…


Wed Jan 15 23:48:54 +0000 2020 (#)

Voting laws matter. Voting laws (proposed, Victoria, Australia) that give free choice of voting method to one person don’t feel like democracy to me.

“At minimum the law should have a set of requirements for voting privacy and security.” .@VTeagueAus #lca2020


Wed Jan 15 23:54:09 +0000 2020 (#)

Replying to @jillrouleau

It feels like it’s a race to the bottom for least trustworthy voting standards between various countries (states/cities) :-(

Propelled along by people who have a solution to sell, and the combination of saving money and subtly tilting the scale to get a desired result. #lca2020


Wed Jan 15 23:54:28 +0000 2020 (#)

RT @jillrouleau: "In those constituencies in the US that use and count paper ballots it's a bit better". Go Arizona! @VTeagueAus #lca2020 h…


Wed Jan 15 23:57:50 +0000 2020 (#)

Replying to @The_McJones

It sounded to me like proposed bill text, rather than passed hence “contact your representative” and tell them not to do that.


Thu Jan 16 00:00:32 +0000 2020 (#)

Replying to @The_McJones

Thanks for the clarification: ie that they gave themselves the power to pick already, but have yet to do the “one person, one vote, I’m the person and this is how I vote” thing…


Thu Jan 16 00:02:31 +0000 2020 (#)

Replying to @ewenmcneill

Apparently that law passed in Victoria. But they’ve yet to choose their “any other method” choice. And there are educated guesses of what that “other choice” is likely to be, which has been problematic elsewhere.


Thu Jan 16 00:03:02 +0000 2020 (#)

RT @jillrouleau: Switzerland has pretty good election regulations, they found out about bugs in their systems well in advance because it wa…


Thu Jan 16 00:04:46 +0000 2020 (#)

Replying to @The_McJones

Definitely agree on taking to your MPs early and often! Otherwise they only hear from people with vested interests. #lca2020


Thu Jan 16 00:05:50 +0000 2020 (#)

RT @jdub: (8) In this section, voting system means—

(a) postal voting; (b) attendance voting; or (c) any other form of voting determined b…


Thu Jan 16 00:14:03 +0000 2020 (#)

Replying to @yaakov_h

It arguably allows anything.

Constitutional law challenges in court would probably rule out most systems not at least arguably “representative democratic”, but good requirements should be written in not just “hopefully they choose a good method”.


Thu Jan 16 00:14:59 +0000 2020 (#)

Replying to @jdub

Thanks for transcribing the text, it’s easier to reference than a photo. 💚


Thu Jan 16 00:24:03 +0000 2020 (#)

Replying to @ewenmcneill

Looks like Victoria Bill has passed first house, and well through second house. Useful transcript, thanks to .@jdub. Victoria Local Government website has much more background. #lca2020

https://twitter.com/jdub/status/1217594350370095104 https://www.localgovernment.vic.gov.au/council-governance/local-government-act-review


Thu Jan 16 00:26:06 +0000 2020 (#)

RT @yaakov_h: “some counties now have ‘instant runoff voting,’ or as it’s called in Australia, ‘voting’...” - @VTeagueAus #lca2020


Thu Jan 16 00:27:54 +0000 2020 (#)

RT @lightweight: @micolous Interestingly, in Germany (where they know a bit about corrupted democracies), the constitutional court banded e…


Thu Jan 16 00:28:56 +0000 2020 (#)

RT @The_McJones: “We shouldn’t be doing voting over the internet, we just don’t know how to do it properly and it is too dangerous.

We sho…


Thu Jan 16 00:31:57 +0000 2020 (#)

RT @paul_haesler: I often hear people ask why we can't just vote online through some sort of app. The reason is that there is no known way…


Thu Jan 16 00:58:13 +0000 2020 (#)

Reverse engineering a battery charge controller USB serial interface.

Observation: some of the interface is intended for user consumption, and some is intended for program consumption. Triggered via non menu characters sent.

Paul Wayper at #lca2020


Thu Jan 16 01:02:25 +0000 2020 (#)

Replying to @ewenmcneill

Write programs to assist with iteratively guessing fields by correlation with reality, and differences in successive results based on what changed. #lca2020


Thu Jan 16 01:04:22 +0000 2020 (#)

RT @unixbigot: Paul found that his battery controller had a nice human readable menu system… and a separate machine readable interface that…


Thu Jan 16 01:09:09 +0000 2020 (#)

Replying to @ewenmcneill

How do you gather data on the charge controller?

“Well you could take it for a ride” — Paul Wayper #lca2020

Some reverse engineering projects have more fun testing methods than others 😃


Thu Jan 16 01:21:24 +0000 2020 (#)

Replying to @ewenmcneill

When reversed, gather time series data, put it in a database (InfluxDB) and graph them (Graphana). Now the results from the electric bike can be correlated with route ridden. #lca2020

And you can identify individual cells which are deteriorating to proactively fix them. Win!


Thu Jan 16 01:26:02 +0000 2020 (#)

Replying to @ewenmcneill

Final take away: sometimes looking for documentation early on can save you time. Oops :-)

(But there’d have been less fun testing that way… ;-) )

Documentation was for a slightly different model, but very similar protocol.

#lca2020


Thu Jan 16 01:29:40 +0000 2020 (#)

Replying to @spidie

I think we’re old when the young people start talking about “the young people these days” :-)

Everything is relative. (Many floppy discs — 3”/3.5”/5.25” — no JCL, but I’m (slightly) older than you.)


Thu Jan 16 01:48:19 +0000 2020 (#)

RT @ExcitedLeigh: "I have assumptions as well. If your software is sensitive around, say, indigenous status and race, don't talk to me, tal…


Thu Jan 16 01:53:00 +0000 2020 (#)

Replying to @spidie

I spent a bunch of years with CP/M (Amstrad CPC, 3” discs). I’ve held 8” discs, but never used a machine that actually used them. (School computers were pretty much all 5.25” floppies, with some 3.5” on IBM PC Jrs…)

Physical items are good for memories time travel! 👍


Thu Jan 16 01:54:52 +0000 2020 (#)

RT @unixbigot: We as technologists begin to build systems with a set of assumptions, says @software_opal. We test our code, but we do not…


Thu Jan 16 01:57:04 +0000 2020 (#)

RT @unixbigot: The first word in someone’s name is not necessarily their given name, or a friendly way to greet them. The w3c (and Opal) r…


Thu Jan 16 01:59:16 +0000 2020 (#)

RT @SuperRoach: Programmatically splitting a name up for greetings is prone to failure over cultures - instead offer a greeting field to le…


Thu Jan 16 02:03:11 +0000 2020 (#)

RT @itgrrl: .@software_opal provides an example of good practice for collecting name information:

• Collect a full name for formal use rat…


Thu Jan 16 02:05:10 +0000 2020 (#)

RT @ExcitedLeigh: These two forms are equivalent. @software_opal #lca2020


Thu Jan 16 02:05:35 +0000 2020 (#)

RT @chrisjrn: "Your gender? Male/Female" is just like "Favourite colour? Pink/Purple"

@software_opal #lca2020


Thu Jan 16 02:12:09 +0000 2020 (#)

RT @unixbigot: Visit Pronoun Island (http://pronoun.is) #lca2020


Thu Jan 16 02:13:38 +0000 2020 (#)

RT @ExcitedLeigh: Pronoun Island is open source, including its data file, which you could pull into your own projects @software_opal #lca20…


Thu Jan 16 02:14:44 +0000 2020 (#)

RT @unixbigot: Do NOT NOT NOT use titles to imply gender, or vice versa. Drop it says Opal, “it’s getting old”, to general laughter and no…


Thu Jan 16 02:15:41 +0000 2020 (#)

RT @unixbigot: A great example of asking for what you need. If you have government reporting rules into which some people don’t fit, ASK T…


Thu Jan 16 02:26:33 +0000 2020 (#)

RT @LapTop006: "We all have this problem, why do you get help from this large company? / I asked nicely." -- @rbtcollins #lca2020


Thu Jan 16 03:27:26 +0000 2020 (#)

RT @mattcen: This talk by @software_opal about collecting personal information is so great! It covers: * Don't assume everyone has a first/…


Thu Jan 16 03:30:39 +0000 2020 (#)

Replying to @jillrouleau

Now you’ll never be able to afford to own a house… 😃

(Possibly only a New Zealand meme: there’s a media theory that the only reason “the youth of today” don’t own property is ordering too many smashed avo brunches!)


Thu Jan 16 03:48:02 +0000 2020 (#)

Streaming 100Gbps line rate to disk, on a 1U server, while also keeping it in memory (for real time analysis) takes quite a bit of parallelism 😃

#lca2020


Thu Jan 16 03:49:21 +0000 2020 (#)

Replying to @jillrouleau

That’s clearly the trick: but property first, then the smashed avo can’t stop you!😂


Thu Jan 16 03:54:09 +0000 2020 (#)

Replying to @ewenmcneill

Tried without NUMA, didn’t scale far enough. With NUMA, BIOS booting issues.

Bleeding Edge! Fortunately a helpful hardware vendor :-)

#lca2020


Thu Jan 16 03:54:48 +0000 2020 (#)

Replying to @jillrouleau


Thu Jan 16 03:59:40 +0000 2020 (#)

Replying to @ewenmcneill

With contiguous memory (reboot), and the right file system (XFS) it works — 100Gbps line rate to disk via the page cache. Possibly even two at once.

(Would be easier without tiny page sizes, eg easier on PowerPC. Page table updates are a bottleneck.)

#lca2020


Thu Jan 16 04:01:35 +0000 2020 (#)

Replying to @ewenmcneill

If you want to reproduce these results, scripts used are online.

#lca2020

http://gentwo.org/christoph/40G-pagecache/


Thu Jan 16 04:38:19 +0000 2020 (#)

Historical Aerial Photography has metadata on paper, with flight line diagram maps on paper with negative strip references and frame numbers. Turning scans of those into machine readable data is non trivial itself!

Paul Haesler #lca2020 https://linux.conf.au/schedule/presentation/213/


Thu Jan 16 04:45:30 +0000 2020 (#)

Replying to @ewenmcneill

Python 3 / Django REST framework / PostgreSQL based API to handle scanned/converted metadata. Currently API only, proof of concept alpha. Data Warehouse style database schema, optimized for search.

Paul Haesler #lca2020 https://bitbucket.org/geoscienceaustralia/aerial-photography-api/src/master/


Thu Jan 16 04:59:21 +0000 2020 (#)

Replying to @ewenmcneill

The API generates GeoJSON which can then be used with modern mapping systems, once negative scans are stitched together into mosaics. Eg, compare old/new aerial data.

.@paul_haesler #lca2020


Thu Jan 16 06:59:45 +0000 2020 (#)

RT @VTeagueAus: #LCA2020 Links for further reading, including work by many others, e.g. @MichelleBlom8 @philipbstark @chrisculnane @Grahame…


Thu Jan 16 23:15:26 +0000 2020 (#)

RT @LizQuilty: The best #lca2020 splash screens https://www.instagram.com/p/B7Zek7GJNcr/?igshid=1ghencj51sivg


Thu Jan 16 23:18:13 +0000 2020 (#)

RT @amandamyeo: video game concept: you are a ‘50s housewife preparing a delicious meal for your partner. she is also a ‘50s housewife prep…


Thu Jan 16 23:27:53 +0000 2020 (#)

RT @paulgear1: The 3 horsemen of the Digital Rights Apocalypse: terrorists, criminal hackers, and paedophiles - if you hear a politician in…


Thu Jan 16 23:36:05 +0000 2020 (#)

Because western democracies see journalism as “the fourth estate” which is supposed to balance the powers of parliament, the government, and the courts.

Arguably that should be everyone who publishes these days.

But journalists speak up for their rights more often. #lca2020 https://twitter.com/yaakov_h/status/1217951962634678272


Thu Jan 16 23:41:44 +0000 2020 (#)

Defending our digital rights seems to be turning into a full time job 😢

@Lizzie_OShea keynote at #lca2020

https://digitalrightswatch.org.au


Thu Jan 16 23:46:37 +0000 2020 (#)

RT @spidie: @Lizzie_OShea mentioned the rather awesome @thejuicemedia Ass Access Honest Government Ad in her keynote. If you haven't watche…


Fri Jan 17 00:03:22 +0000 2020 (#)

Replying to @ewenmcneill

Become a Digital Rights Defender. Your technical knowledge and your finding support are wanted!

.@Lizzie_OShea #lca2020

https://digitalrightswatch.org.au


Fri Jan 17 00:14:43 +0000 2020 (#)

If you’re still at #lca2020, interested in reconfigurable hardware (FPGAs) and open source tools, and don’t already have a Fomu, @mithro still has a few to give to people who can show the dev tools already installed.

Takes about 10 minutes on conf WiFi to get started! #lca2020 https://twitter.com/tomu_im/status/1216484525233979392


Fri Jan 17 00:45:56 +0000 2020 (#)

.@Loquacities’s talk had intro music! 🎶🎵

#lca2020 https://m.youtube.com/watch?v=KThlYHfIVa8 https://linux.conf.au/schedule/presentation/39/


Fri Jan 17 00:55:18 +0000 2020 (#)

Replying to @ewenmcneill

And it’s zombie themed: starting with zombie nouns!

“Come back with 100% fewer leveraging synergies” — .@Loquacities #lca2020

https://shortishard.wordpress.com/2018/03/28/words-to-watch-for-zombie-nouns/


Fri Jan 17 01:00:23 +0000 2020 (#)

Replying to @ewenmcneill

“Abstract is power” — signals control and power without giving any detail.

Abstract language is also used by people who don’t know what they’re talking about.

Sometimes it’s hard to tell the difference…

.@Loquacities #lca2020


Fri Jan 17 01:03:50 +0000 2020 (#)

Replying to @ewenmcneill

Compare with “concrete language”, which does give detail. Used by journalists to inform.

(Can also be used by uninformed to provide lots of incorrect detail to hide they don’t know. Read first, what the details are matters.)

.@Loquacities #lca2020


Fri Jan 17 01:15:29 +0000 2020 (#)

Replying to @ewenmcneill

“It’s not passive voice that makes the sentence bad, it’s misplaced emphasis.”

Put the important part of the sentence first. Sometimes the sentence doesn’t need an actor (at the beginning, or at all; it might be implied).

.@Loquacities #lca2020


Fri Jan 17 01:21:20 +0000 2020 (#)

Replying to @ewenmcneill

“You don’t need adverbs.”

Especially “simply”, or “easily”, which only serve to make the reader feel bad when it doesn’t work for them. (Exception: if the type of action is important, eg “slowly turn”.)

.@Loquacities #lca2020


Fri Jan 17 01:22:20 +0000 2020 (#)

RT @yaakov_h: “If you find yourself using business jargon, get it out of there... replace them with actual words.” - @Loquacities #lca2020


Fri Jan 17 01:33:58 +0000 2020 (#)

Replying to @ewenmcneill

Suggested book in response to a question: “Every page is page one”.

.@Loquacities also has another talk about this. It involves playdoh. There’s apparently a video of the talk (but not the playdoh part… :-( )

#lca2020 https://everypageispageone.com/the-book/


Fri Jan 17 01:46:13 +0000 2020 (#)

RT @unixbigot: Jon @jonoxer Oxer and Chris @chrisfryer78 Fryer are on stage talking about affordable custom input devices. Building assist…


Fri Jan 17 01:48:09 +0000 2020 (#)

RT @spidie: Awesome humans @jonoxer and @ChrisFryer78 in the house!! #lca2020 absolute honour to introduce them! Live stream: https://t.co/…


Fri Jan 17 01:58:31 +0000 2020 (#)

Mini Open Adaptive Controller: button input into Arduino Leonardo for assistive control. Prototype. Inspired by a Microsoft assistive controller.

Also working on a configurable pressure sensitive button to use with it.

#lca2020 https://www.superhouse.tv/product/mini-open-adaptive-controller/


Fri Jan 17 01:59:27 +0000 2020 (#)

RT @jillrouleau: Many of the input devices used in these builds have 3.5mm connectors. The disappearance of 3.5mm jacks from smart phones i…


Fri Jan 17 02:05:02 +0000 2020 (#)

Replying to @ewenmcneill

Other projects: chair joystick breakout (so it can control other things), and sensitive joystick.

They are also working on creating an open hardware wheelchair control system. Communication via CAN bus.

#lca2020 https://en.m.wikipedia.org/wiki/CAN_bus


Fri Jan 17 02:10:42 +0000 2020 (#)

Replying to @ewenmcneill

Prototyping with a spare chair from Chris’s late brother. So far, they can fully control motors and the brakes of the chair.

Additional computer power makes, eg, higher level navigation control (“go to kitchen”) or voice control feasible. #lca2020


Fri Jan 17 02:11:28 +0000 2020 (#)

RT @jillrouleau: The chair is controlled via a python application connected to a raspberry pi mounted on the chair. They're able to drive i…


Fri Jan 17 02:13:05 +0000 2020 (#)

RT @Enderboi: This talk by @jonoxer and @ChrisFryer78 on affordable input devices (or "potentially deadly open source wheelchairs", as Chr…


Fri Jan 17 02:19:13 +0000 2020 (#)

Replying to @ewenmcneill

Your donations can help fund .@jonoxer’s work on this important assistive technology. Jon is doing so much good work with relatively little funding. Join me in supporting them on Patreon.

#lca2020 https://www.patreon.com/superhouse https://www.superhouse.tv/open-source-wheelchair-controller-first-full-test/


Fri Jan 17 02:22:29 +0000 2020 (#)

Replying to @jillrouleau

Superhouse Discord and Patreon.

https://www.superhouse.tv/discord/ https://www.patreon.com/superhouse


Fri Jan 17 02:23:30 +0000 2020 (#)

RT @amykmcl: "When he’s not using his computer he is very limited in his ability to interact with his physical environment, but he can do a…


Fri Jan 17 03:32:53 +0000 2020 (#)

Betrusted talk slides for #lca2020

Follow along live now (or review later). Live stream available too (in Arena now).

https://p.xobs.io/lca20-bt/#/


Fri Jan 17 03:33:59 +0000 2020 (#)

RT @SuperRoach: #lca2020 bunnie is talking about better security with betrusted!


Fri Jan 17 03:39:29 +0000 2020 (#)

Replying to @ewenmcneill

“There’s no HMAC for hardware.”

Closest you get is trusted enclave/TPM.

But you still have an IO trust problem. Eg, malicious input method that has hidden misfeatures. #lca2020


Fri Jan 17 03:45:51 +0000 2020 (#)

Replying to @ewenmcneill

Betrusted is aiming to be a user verifiable trusted enclave with its own input (physical keyboard) and output (screen) as part of the trusted zone.

“User verifiable” by keeping it simple enough to verify at point of use.

#lca2020 https://betrusted.io


Fri Jan 17 03:51:02 +0000 2020 (#)

Replying to @ewenmcneill

There is a great talk on the hardware intervals of Betrusted from 36c3. Recommended companion talk to this one at #lca2020 (LCA talk is covering more of software angle).

https://media.ccc.de/v/36c3-10690-open_source_is_insufficient_to_solve_trust_problems_in_hardware https://hackaday.com/2019/12/29/36c3-open-source-is-insufficient-to-solve-trust-problems-in-hardware/


Fri Jan 17 03:57:29 +0000 2020 (#)

Replying to @ewenmcneill

They are building their own OS in Rust. Inspired by other Rust based OS (Tock, Redox) and other small operating systems, but the right sized for their limited hardware device.

#lca2020


Fri Jan 17 04:03:46 +0000 2020 (#)

Replying to @ewenmcneill

Drivers in user space, with Rust closures to handle interrupts.

No fork, no filesystem, no scheduler.

Microkernel style with user space drivers, storage handling, etc. Message passing design.

Aiming for under 64kB. Human verifiable.

#lca2020


Fri Jan 17 04:08:19 +0000 2020 (#)

Replying to @ewenmcneill

First target application is text chat. Via Matrix. Matrix because it can interoperate with several other chat systems.

#lca2020


Fri Jan 17 04:12:59 +0000 2020 (#)

Replying to @ewenmcneill

Multiple keyboard layouts on the hard keyboard. QWERTY, AZERTY (French), German, etc. First prototype has Dvorak keyboard! To ensure the flexibility is built in from the start.

Betrusted #lca2020


Fri Jan 17 04:17:19 +0000 2020 (#)

Replying to @ewenmcneill

Follow the project online. Help wanted. Especially on security architecture to build in early.

They have a channel on matrix (#betrusted; see slide photo).

#lca2020 https://betrusted.io https://github.com/betrusted-io


Fri Jan 17 04:19:27 +0000 2020 (#)

Replying to @unixbigot

There’s no microphone. Deliberately. So voice chat would be tricky 😃

But definitely useful for more modern chat (eg, text), and potentially fills many other “smartphone” niches…


Fri Jan 17 04:34:23 +0000 2020 (#)

Drivers license is identity authentication and authorization (eg, classes of vehicles you are allowed to drive).

Without the authorization part you have an identity document (for authentication).

.@yaakov_h #lca2020


Fri Jan 17 04:38:48 +0000 2020 (#)

Replying to @ewenmcneill

Digital drivers license is a drivers license on a phone. Usually an app.

Trialed in a few Australian states and a few USA states.

Allows for limited access, keeping details up to date.

.@yaakov_h #lca2020


Fri Jan 17 04:44:13 +0000 2020 (#)

Replying to @ewenmcneill

But adding technology into something (a driver’s license) adds new problems.

Power needed, no standards yet, how do you keep a copy for records, international / interstate use.

Privacy implications (eg, tracking), different forgery risks.

.@yaakov_h #lca2020


Fri Jan 17 04:54:53 +0000 2020 (#)

Replying to @ewenmcneill

NSW trial. Currently requires an Internet connection to verify. QR code to verify, contains BASE64, of JSON (which is not JWT).

.@yaakov_h #lca2020


Fri Jan 17 04:59:12 +0000 2020 (#)

Replying to @ewenmcneill

NSW trial digital drivers license. Unknown exactly what is in second section. Possibly crypto signature.

Initial version had a replay attack vulnerability. (Now fixed.). Ie, if revoked, could still show old version.

.@yaakov_h #lca2020


Fri Jan 17 05:05:46 +0000 2020 (#)

RT @hackuador: The ISO standard (in development) for digital drivers licenses seems to be ISO/IEC DIS 18013-5: https://www.iso.org/standard/69084.html @yaa…


Fri Jan 17 06:01:06 +0000 2020 (#)

Scuttlebutt:

https://scuttlebutt.nz

#lca2020 https://twitter.com/SuperRoach/status/1218048506926993408


Fri Jan 17 06:06:15 +0000 2020 (#)

Yogabook keyboard for Linux:

https://github.com/aleksb/yogabook-c930-linux-eink-driver

#lca2020 https://twitter.com/SuperRoach/status/1218051056493424643


Fri Jan 17 06:12:02 +0000 2020 (#)

Snekboard: US$79. Open hardware.

Funding now, until end of February. By @keith_x11.

#lca2020 https://www.crowdsupply.com/keith-packard/snekboard


Fri Jan 17 06:22:10 +0000 2020 (#)

Webgoat: for learning how applications are insecure, and how to fix them.

#lca2020 Lightning Talk https://github.com/WebGoat/WebGoat https://owasp.org/www-project-webgoat/


Fri Jan 17 06:28:13 +0000 2020 (#)

RT @jillrouleau: An extremely import message on gender and masculinity from @excitedleigh and it's all I can do not to jump up and cheer th…


Fri Jan 17 06:28:16 +0000 2020 (#)

“That was awesome @ExcitedLeigh!

If y’all didn’t see that you have to watch the video when it comes out. (You might need to watch more than once, it was very information rich 😃)

(thunderous applause was much deserved.)

#lca2020 Lightning Talks


Fri Jan 17 06:29:40 +0000 2020 (#)

RT @thewallflyer: #lca2020 "treat masculinity like a buggy code from a legacy service you have inherited...and leave it better than you fou…


Fri Jan 17 06:36:09 +0000 2020 (#)

RT @xrobau: It's at Canberra in 2021! #lca2020 #lca2021


Fri Jan 17 06:46:08 +0000 2020 (#)

RT @yaakov_h: #lca2020 and Linux Australia have raised almost $25k for the Red Cross bushfire appeal!


Fri Jan 17 06:52:33 +0000 2020 (#)

RT @SuperRoach: #lca2020 @jonoxer is this year's rusty wrench recipient! Well deserved.


Fri Jan 17 06:57:30 +0000 2020 (#)

.@jonoxer could do with your support for his work on assistive technology. Join me in supporting him via Patreon.

See the video of his talk from earlier today to find out how your money will help his work. It’s a great cause 💚

#lca2020 https://www.patreon.com/superhouse https://twitter.com/SuperRoach/status/1218062964772618242


Fri Jan 17 07:13:44 +0000 2020 (#)

RT @micolous: byeeeeeeee #lca2020


Fri Jan 17 07:15:09 +0000 2020 (#)

Replying to @n3buluz

I think @mithro was heading for the ice cream at the beach, so you might find him there.


Fri Jan 17 08:05:33 +0000 2020 (#)

@unixbigot this is the DIY Air Purifier I mentioned. Currently just a please try prototype someone created recently.

https://github.com/Kels316/DIY-Air-Purifier/blob/master/README.md


Fri Jan 17 08:10:04 +0000 2020 (#)

Replying to @micolous

Yes.

Even more so if it can produce motion JPEG or similar that can be encoded into video/animation in real time…


Fri Jan 17 09:43:10 +0000 2020 (#)

Replying to @nicoduck

I believe most/all of the talks were recorded (unless you said not to when proposing the talk).

Typically they send the speaker an email overnight/later in the day with video URL, and it gets published once someone confirms video is okay (speaker or AV team).


Fri Jan 17 09:44:38 +0000 2020 (#)

Replying to @nicoduck

I’m not recognizing what your talk was from your twitter handle. Were you in a miniconf? Or the main conference?


Fri Jan 17 09:48:29 +0000 2020 (#)

Replying to @jillrouleau

I’m sure past Jill had reasons for picking that flight… but it does seem well into “least bad” territory rather than “nice” 😢

Hope you have an easier trip back home than you had getting here. May your luggage arrive with you!


Fri Jan 17 10:05:05 +0000 2020 (#)

Replying to @jillrouleau

Yup, way into “least bad” territory!

(Flights from Wellington to Australia, are mostly “be at airport at 04:00; return flights are mostly “land just before midnight”. So I feel for you: BTDT 😃)


Fri Jan 17 20:40:32 +0000 2020 (#)

Replying to @hideout

LCA2020 finished yesterday (Friday afternoon, in Australia). It’s a one week conference.

The live-streams will have stopped, but the published videos should be out now or in the next few days (last ones just waiting on human quality checking).


Fri Jan 17 20:54:35 +0000 2020 (#)

Replying to @ewenmcneill

Recording of the LCA2020 Betrusted talk (mostly on the software) is already out thanks to .@nextdayvideo. (36c3 talk recording mostly on hardware is linked upthread.)

https://twitter.com/tmarble/status/1218150211211513856


Sat Jan 18 09:55:58 +0000 2020 (#)

@Erstejahre another “Authentication User Story” for you to add to your list 😃

(I suspect that one is a “should have had role based authorization” case, but maybe there’s something more subtle to consider if it’s eg server boot pw or database pw.) https://twitter.com/HackingButLegal/status/1218240487166840832


Sat Jan 18 11:07:33 +0000 2020 (#)

Replying to @Erstejahre

I considered something similar in my talk, yes (founder left, wiping their laptop/2FA on the way out).

This one is subtly different as there was no “exit point” where someone might be reminded to hand over access

But yes RBAC is the obvious first solution to consider :-)


Sun Jan 19 00:34:28 +0000 2020 (#)

Watch this talk by Chris and Jon about open hardware assistive technology and the life changing difference it can make. Automation matters when you can’t just do it by hand.

Support Jon’s work on Patreon. He’s doing great work on a tiny budget. #lca2020 https://www.patreon.com/superhouse https://twitter.com/mfsampson/status/1218408937092894720


Sun Jan 19 06:48:00 +0000 2020 (#)

NZ828 to Wellington got cancelled pretty much as I got to the gate (fog in a Wellington airport apparently).

So now a plane load of people are sitting at the gate waiting to find out when we’re flying tomorrow and where we’re staying. “Update in 15 minutes.” 🙁

#lca2020


Sun Jan 19 07:31:49 +0000 2020 (#)

Replying to @mattcen

Assuming SHA1 doesn’t seem like the wisest default in 2020…. 😃


Sun Jan 19 08:25:12 +0000 2020 (#)

Replying to @mattcen

:-(

I wonder how long that ends up lasting?

Sadly the SHA1 issues might be the final straw for my favourite now unmaintained TOTP (great UI, but hasn’t been updated for a couple of years).


Sun Jan 19 08:30:43 +0000 2020 (#)

Replying to @ewenmcneill

Verdict seems to be a special flight in the morning direct to Wellington. Guess the plane is already here and they need it back in NZ anyway 😃

Other than the surprise overnight stay and early morning start it’s worked out okay.

I even got my suitcase back 💜


Sun Jan 19 09:02:39 +0000 2020 (#)

Replying to @mattcen

Oh my. It’s going to be a fun year of services rolling over TOTP codes to support something better than SHA1…

(Thanks for the screenshot; that’s a lot of SHA1 only!)


Sun Jan 19 20:45:08 +0000 2020 (#)

This ⬇️ (thread).

Especially anything allergenic served on the side. And label all the things with ingredients.

DF, GF, V, etc is a start, but as someone with multiple allergies I want to know what is in something not just what you tried to leave out! https://twitter.com/mattstratton/status/1218920458541727753


Mon Jan 20 04:03:28 +0000 2020 (#)

Replying to @ewenmcneill

Success! Home again, about 15 hours later than planned. With all my luggage :-)


Tue Jan 21 01:41:51 +0000 2020 (#)

Replying to @aurynn

I happened to be waiting in an Apple store over the weekend, and picked up a 16” MBP to check weight. Definitely too heavy to carry around more than occasionally.

I also found that only the Mac laptops with real escape keys in the correct corner work for me (30 year vi user!).


Tue Jan 21 02:56:36 +0000 2020 (#)

Replying to @aurynn

Yes, I have a 2014 15”. I wish it was a bit lighter / smaller each time I move it (it mostly lives on my desk connected to a Thunderbolt Display).

The 16” felt heavier. Probably not much, but definitely going in the wrong direction for me 🙁


Tue Jan 21 03:19:10 +0000 2020 (#)

RT @shreyas: Why do smart companies & orgs make stupid mistakes?

A thread:


Wed Jan 22 01:07:18 +0000 2020 (#)

Replying to @minxdragon

Some publishers (at least of tech books) do that: buy the print book from them and the ebook is included, eg (no starch press). Others do sell print and ebook bundles, or “upgrade to both”, at a small increment over print book (eg O’Reilly has $5 ebook upgrade on many books).


Wed Jan 22 02:10:41 +0000 2020 (#)

Replying to @minxdragon

Yes, and ironically those are the ones with the most difficult to hold up books these days. Hence the original (quoted) “downsizing”.

Maybe one of the fiction publishers will catch on that “print + ebook bundle” for a few dollars more is basically free money… 🤔


Wed Jan 22 05:11:23 +0000 2020 (#)

RT @pjf: One of the most incredible places I worked had everyone talk about their biggest mistakes at the weekly meeting. It normalised the…


Wed Jan 22 05:11:34 +0000 2020 (#)

RT @pjf: I cannot stress the power of having an environment where people feel not just safe, but supported in talking about mistakes. Tim…


Wed Jan 22 21:39:52 +0000 2020 (#)

RT @ExcitedLeigh: For those who couldn't keep up with the speed I was talking in my #lca2020 lightning talk, here's the written version: ht…


Wed Jan 22 22:15:22 +0000 2020 (#)

Replying to @harrypelles and @deviantollam

Also worth noting that @deviantollam was already making a recording before things got more tense and recorded the number plate on the way out. So there’s multiple minutes of hard evidence.

FWIW, in some countries/states the driver could be found guilty of false imprisonment.


Thu Jan 23 21:56:35 +0000 2020 (#)

Replying to @tveastman

My memory from the 1990s was that the Monty Python spam sketch was the reason for the choice of name: drowning out everything else.

There was a bunch of parallel construction to explain the name to those unfamiliar with Monty Python. “Spam hitting the fan” might be one of those.


Thu Jan 23 22:04:01 +0000 2020 (#)

Replying to @tveastman

FWIW, I remember Brad Templeton from the 1990s. And definitely remember the term originating on UseNet before email.

The Internet Archive has that article back through late 2001…

https://www.templetons.com/brad/spamterm.html

https://en.m.wikipedia.org/wiki/History_of_email_spam


Fri Jan 24 02:27:25 +0000 2020 (#)

RT @pjf: The other incredible thing about this workplace is they started meetings with a round of thank-yous, for anyone who wished to give…


Fri Jan 24 08:48:16 +0000 2020 (#)

RT @ExcitedLeigh: This is a wonderful thread. https://twitter.com/TheRealDoctorT/status/1220402352299106304


Sat Jan 25 04:08:21 +0000 2020 (#)

RT @EvyKassirer: Learning from messing up does NOT come for free.

You need psychological safety, where people feel safe messing up. This…


Mon Jan 27 08:22:00 +0000 2020 (#)

Replying to @merxplat

Seems to me that might exacerbate the “design by committee” effect if the conscripted were just given free reign to design from scratch.

But maybe if they could give “feedback” on N designs, from “go for launch” through “try again on these bits, because…” it might help. 🤔


Mon Jan 27 08:26:12 +0000 2020 (#)

Replying to @merxplat

Paid like jury service (employer must give you time off, etc) could help though, and wide diversity of input.

Certainly an improvement over “public is consulted too late” / “must self fund input in volunteer time” / “feels like public input is just ignored”.


Mon Jan 27 08:33:51 +0000 2020 (#)

Replying to @ExcitedLeigh and @theavalkyrie

FWIW, my impression from attending a few conferences that did pronoun stickers is takeup is pretty good and improves over first day as people recognise it as a social norm to put them on.

Personally I also find pronoun stickers easier than printed text to recognise at a glance.


Mon Jan 27 08:37:45 +0000 2020 (#)

Replying to @merxplat

The third one (red) feels to me like it just needs a good title and it’d be accepted...

“Firey Summer”? 🔥


Mon Jan 27 22:09:34 +0000 2020 (#)

RT @RealSexyCyborg: I had to shoot a video thanks to @Virlanie being unwilling to post a retraction to the libelous emails they were sendin…


Mon Jan 27 22:14:25 +0000 2020 (#)

RT @revdancatt: At it once more with Uni-ball Signo pens on Fabriano Black Black paper. 4 layers: 1st silver, 2nd metallic green, then purp…


Wed Jan 29 21:43:13 +0000 2020 (#)

Replying to @ktemkin

Upload photo. Crop photo again to make server algorithm less likely to do the wrong thing. Upload again. Repeat until happy. (If not happy, start again with new photo 😃)

Some sites that insist on re-cropping on upload provide a preview, or JS based way to hint best crop....


Thu Jan 30 02:16:00 +0000 2020 (#)

Sad realisation from #nznog talks this year, ISPs in 2020 are in the same place as telcos in 2000: a bit transport base on which (application) overlay networks are built (with HTTPS this time).

The transition from “innovative leading edge” to “bit utility” took about 20 years.


Thu Jan 30 02:19:44 +0000 2020 (#)

Replying to @ewenmcneill

These days what matters to end user experience is HTTPS path to CDN, or to “application router” (eg game host) for anything multi-user interactive. It’s all “layer 7”.

It’s kinda of sad there isn’t a compelling use case for the “end to end” (IPv6) Internet any more 😢 #nznog


Thu Jan 30 23:33:17 +0000 2020 (#)

RT @Foone: Today's stupid discovery: So the Apple IIgs and the Super Nintendo both use the WDC 65C816 CPU, an enhanced 16-bit 6502 derivati…


Fri Jan 31 00:27:04 +0000 2020 (#)

Replying to @minxdragon

Yes, I think that many “minority” groups will tend to look smaller, at least from the outside, because so many people in/somewhat in that group will be “hiding in plain sight” and trying to not be perceived as “different” from the majority.


Fri Jan 31 00:30:10 +0000 2020 (#)

Replying to @minxdragon

It often takes some mass acceptance event (eg legalizing non-hetero marriage) before the “true numbers” become more visible. And even then it depends on how much social attitudes change as a result of that the event.

(Eg, Trans / NB visibility feels part way along this path.)


Fri Jan 31 00:43:51 +0000 2020 (#)

Replying to @minxdragon

It’s good that you’re open about it 💚

I think any visibility (of anything) starts with those that can be brave/more open first, so others see “oh it’s not just me”. It seems like some underestimate just how valuable that can be.

(Just strongly agreeing with you 🙂)


Fri Jan 31 03:29:05 +0000 2020 (#)

Shoutout of @GalileoSats project at #nznog Lightning talks, including call for southern participation, by @kiwibrew.

https://galmon.eu/ https://berthub.eu/articles/posts/galmon-project/


Fri Jan 31 06:37:34 +0000 2020 (#)

Replying to @RealSexyCyborg

Well that’d be an interesting Academic Ethics Review Board meeting.... 😃