kravietz 🦇 @kravietz@social.privacytools.io
- OpenPGP
- 6F7B6BB9A9B632555E1A03C132AF1F39C4EE03F2
- Website
- https://krvtz.net
- Matrix
- @kravietz:krvtz.net
Polish expat into UK. Information security engineer. Caver & cave rescuer (thus the bat). NHS volunteer & blood donor.
Joined May 2019
Any commodity that can be speculated on will immediately attract speculative traders. There's no way out of it - if carbon permits can be traded, they will be speculatively traded. I guess the only way out is a static carbon tax, but that I believe would massively change prices of literally everything we use in our daily life and as result we would vote down anyone who ever proposes it 🤷
But proof of stake (PoS) requires well, a stake, so a massive upfront investment you need to keep frozen, which again prioritises the largest and wealthiest players. For example, the proposed stake for mining Ethereum is 32 ETH which is around 64'000 GBP today. For PoW you also need investment in the form of mining devices and cheap electricity, but that can be scaled, at least in theory.
This is precisely what ETS (Emissions Trading System) already is - you can buy the permissions, and you can trade them. They already *are* a commodity, so a new coin is not necessary. The problem is what you can actually buy for the coin, because this is where it gets political - for example, Germany "avoids" massive amounts of CO2 emissions by burning wood which of course emits CO2 but in ETS it's declared as zero-emissions.
Investigative Committee of Russia apparently taking paint samples from a graffiti in support of Navalny (the text says "hero of our time", title of a popular book by Lermontov)
Linux Foundation has been quietly developing a project that might solve the supply chain attacks that are now on the rise - basically, a cryptographic transparency log of signed artifacts such as libraries, packages etc. It's in early phase but looks very promising #security
kravietz 🦇
boosted
They are not broken. Thousands of apps use shared, distro packaged libraries and survive updates with no issues. There is a class of apps which are poorly written or poorly maintained to depend on one, specific version of library, usually outdated - or even worse, depend on a specific version of JVM (welcome bundled JRE) or interpreters like Ruby or Python.
kravietz 🦇
boosted
"Installation: we recommend that you use Docker."
what I'm supposed to see: "hey, it's a simple one-liner! Such clean install, much wow."
what I actually see: "we couldn't figure out how to install this thing on anything but our own machine, but hey, here is a well-compressed image of our entire disk, use this instead so that we can stop trying"
RPM and Debian packages are signed - not individually, but by the distro - but this already provides some level of assurance. Of course this comes with an overhead, which is why e.g. python3-xxx packages in Ubuntu/Debian are usually older than those in PyPi, but security fixes are usually pushed by their maintainers.
Food delivery drivers in Indonesia using cracked versions of gig work apps that allow them to see how much they'll be paid before accepting a delivery, spoof their GPS info in crowded areas, etc
Yet another less why installation by "download and run a bash script" isn't a very good idea
Dan Kaminsky died 😔 I have, as probably many people in infosec, learnt tons from his research.
https://www.nytimes.com/2021/04/27/technology/daniel-kaminsky-dead.html
High wages and limited supply of housing results in high housing prices, that's the same story here in the UK.
It can be changed either by reducing demand (e.g. Brexit -> 1m people left London -> rent falls by 8%) or increasing supply (open new land for construction, introduce cheap public housing).
Of course, high rent prices also result in increased prevalence of rentiers - people who do no work except for owning stuff, something that Adam Smith warned about ~200 years ago.
Wow - Grzegorz Rzeczkowski dla rosyjskiego The Insider o katastrofie Smoleńskiej. The Insider zrobił się sławny ujawniając rolę rosyjskich służb w zestrzeleniu MH17 i szeregu innych głośnych zamachów (m.in. w Czechach, Bułgarii, UK itd) 🇵🇱
kravietz 🦇
boosted
Children of Chernobyl cleanup crew don’t have excess mutations - Enlarge / Trees grow near a former hospital in a town abandoned due to the Cherno... - https://arstechnica.com/?p=1759928 #nuclearaccident #chernobyl #radiation #science #biology
This is a bit of bullshit news with people ranting on Twitter about "EU IS GOING TO BAN BAYES". It's not - it's just going to introduce very basic regulation around use of machine learning techniques in cases where it can actually impact people like credit rating etc. Googles and Amazons of the world of course started spreading FUD, just like they did with GDPR and Digital Services Directive.
> The text is missing context
This is indeed a problem though - I've double checked and Chomsky generally acknowledges human right abuses in China, so this comment seems to be just part of his traditional anti-US rhetoric.
Just to give you an idea of how "precautionary approach" is supposed to operate - imagine someone raises a "valid concern" like this:
Is there evidence of safety of Mastodon and other federated social networks? If there's no evidence of safety, we shouldn't probably be using them, because they could be potentially unsafe. For example, there might be an increased suicide rate associated with use of federated social networks, and nobody has proven that there isn't.
- OpenPGP
- 6F7B6BB9A9B632555E1A03C132AF1F39C4EE03F2
- Website
- https://krvtz.net
- Matrix
- @kravietz:krvtz.net
Polish expat into UK. Information security engineer. Caver & cave rescuer (thus the bat). NHS volunteer & blood donor.
Joined May 2019
kravietz 🦇's choices:
