kravietz π¦ @kravietz@social.privacytools.io
- OpenPGP
- 6F7B6BB9A9B632555E1A03C132AF1F39C4EE03F2
- Website
- https://krvtz.net
- Matrix
- @kravietz:krvtz.net
Polish expat into UK. Information security engineer. Caver & cave rescuer (thus the bat). NHS volunteer & blood donor.
Joined May 2019
@ZenCoder Nice, good to know such thing exists! What are these metal rods under the DT box?
@ZenCoder Lots of HDD storage on the right!
There's a Linux server under the table connected to the big screen with logs etc. Then there's my old Linux laptop (silver Asus) and new one (black Dell). No keyboard/mouse sharing because I'm accessing all of these over SSH or file sharing. The old laptop is currently uploading all data to Nextcloud, from where it's synced to the new one.
* comments about mess are warmly welcome under the condition that complainer comes and cleans that up π
Are we at this stage yet? π
Very true π
"Closed borders, no shops? Been there, done that, say east Europeans"
kravietz π¦
boosted
"Most #blockchains behave like expensive, slow databases that sacrifice efficiency for immutability and global consensus. Blockchains are logically centralized, exerting great effort to make many untrustworthy computers behave like one computer. Even if next generation blockchains become much more scalable, they still seem ill-suited to store social media content which is mutable, ephemeral, and does not require global agreement on its state."
- #JayGraber
kravietz π¦
boosted
#JayGraber wrote a good introductory post to some of the challenges of building #decentalized #SocialMedia apps, and how these differ between federated and P2P projects:
https://medium.com/@jaygraber/decentralized-social-networks-e5a7a2603f53
@ZenCoder Plenty of people like this here! π
On the other hand if you have articles like "EU IS MANDATING FARMERS TO GROW CUCUMBERS OF EQUAL SIZE" or "EU SAYS SNAILS ARE FISH" (these are favourite fakes of British press) then this *is* 100% propaganda.
In the first place, it's completely not true. There are actual regulations behind these fakes, but the message here is completely false and you can't even talk about "distorted" view.
> it's "Russian propaganda" if it's anti-EU
No, it's propaganda if it's distorted or completely false.
For example, here you can find my article that is very critical of particular aspect of EU policy (electronic signature) https://sas-space.sas.ac.uk/5453/1/1920-2703-1-SM.pdf
Is it propaganda? No, because every single criticism is based on facts from EU legislation back then. This article was discussed at technical commissions in EU and nobody had any problems with it.
Correlation between universal BCG vaccination policy and reduced morbidity and mortality for COVID-19: an epidemiological study
https://www.medrxiv.org/content/10.1101/2020.03.24.20042937v1
Note this is merely a correlation and not a proved causal relation! But still interesting.
@dump_stack I did read the whole section on EUvsDisinfo in this paper and their criticism may be summarised in the following items:
* they focus on Russia only (=selective)
* they are funded by EU (=not independent)
* they use non-neutral language when describing the fakes they debunk (see table)
First is kind of logical because majority of the anti-EU fakes originate from there.
The article does not really present any examples of debunks that would be factually wrong however.
Docker rant
@rune@mastodon.nzoss.nz Well, that's pretty much all to the organisational culture and process. I'm part of two large devops projects, in both 100% of infra is managed - one uses Puppet, the other one Ansible. This includes deployment of applications too.
As as devsecops guy I know like noone else how difficult it is to convince anyone to (OMG!) reboot a server and get new kernels installed but I'm just using case studies of actual breaches or near miss at our competitors to make this convincing :)
@dump_stack Oh, Uniwersytet JagielloΕski w Krakowie, my home town π Sure, give me some time to read and I'll come back.
Happy to discuss because on most social media people don't want to talk *about* propaganda, they just happily jump into it and spread away π€¦ββοΈ
Give some examples and we can discuss π
@aral I'm fully sympathise with you - I dealt with ASN.1 and DER/BER back in 2000's as part of large PKI projects and while the ASN.1 itself did make some sense back in 80's as a way to describe packets better than ASCII tables, the way it went later on was the worst of committee architecture design and enterprise mess even possible. It's overly complex, overgrown, weird and unique naming, inconsistent and sometimes vague. OpenSSL had its beating specifically for this reason...
Docker rant
@rune@mastodon.nzoss.nz
What do you mean "packaged before 2015"? This obviously depends on programming language, but if it's a JAR that was packaged before 2015 this effectively means all libraries inside are also pre-2015? For Python, it's mostly about what versions you pin in requirements.txt.
I realize there's no silver bullet here, but over years I'm believing more and more that continuous integration with integrated testing is the only way to maintain apps in long term.
- OpenPGP
- 6F7B6BB9A9B632555E1A03C132AF1F39C4EE03F2
- Website
- https://krvtz.net
- Matrix
- @kravietz:krvtz.net
Polish expat into UK. Information security engineer. Caver & cave rescuer (thus the bat). NHS volunteer & blood donor.
Joined May 2019
kravietz π¦'s choices:
