I’ve been reading this for years, and the hypothesis always seems to be that zipper merging is good because it maximizes road usage. You know what else maximizes road usage? Bumper to bumper gridlock.

Every place I’ve ever worked has tried to play cute with security researchers. I’ve never understood it. I’ve always called it out. But I keep fucking running into it!

If a complete stranger reaches out for help, do it. Your future self will thank you.

Bro you can’t even run a publicly traded company. Don’t even say the word “utility”. Fuck outta here.

Yeah, the whole exhibit on Goya is a trip. You walk through this guy’s decades of professional work leading up to the war, his fall into depression, and the black paintings. I really can’t recommend it enough.

Ok, how safe haven’t they been? How many were worse than deepwater horizon?

I’m guessing you’ve happily consumed what was given to you on a spoon and accepted that it was representative of the bigger picture.

I grew up an hour from a 1GW reactor that got shut down in part due to “concerned citizens” like yourself. The site it stood on is still periodically checked by the DOE but is now a recreational area. How often do old coal plants do that?

To date, the only countries that have made progress in blocking VPN traffic with some success are authoritarian regimes with ISP-level surveillance.

You know you’re on to something when the only playbook you can find was written by the Chinese government.

I assume you mean radio frequencies, and the answer is basically none. A grounded fireproof safe is basically a perfect faraday cage.

EDIT: Ok, I actually have a pedantic answer for this. If you put a microphone on a device inside the safe, you can signal it from outside by sending it vibrations, and you could encode a message in binary and thus technically send it a “digital signal”. If you wanted to be a little more analog you could use Morse code :)

Probably yeah. A fireproof safe will be airtight, so the system can only produce as much energy as whatever reagents you put inside.

Attorney-Client Privilege. Sorry, I should have just said it.

For anyone who might have avoided this part of the world, ACP makes communications between you and your counsel inadmissible in court. In big companies, it’s somewhat common to bring lawyers into discussions under the auspices of seeking legal advice, but primarily to ensure that if any artifact from that discussion were to be uncovered by an adversary, it couldn’t be used in a lawsuit.

That’s an impressive investigation.

It would be tough to find a better example of why lobbying in the US is fundamentally broken. An entity like Meta has ample funding to break up an operation into distinct cells that do not directly interact in public forums, while tracking the whole process in documents protected by ACP. I think it’s particularly telling that Meta lobbyists are quietly nodding along legislation pushed by “grass roots” activists and that Meta’s new OS just happens to implement the technology exactly as described in the law.

It’s that sort of coordinated effort that the RICO act was drafted specifically to address, but it’s perfectly legal.

This might seem like a very indirect response, and that’s because it is largely a notion I have after a couple years of observing the fediverse. My background is in infrastructure for micro services, which is a powerful source of bias, so take this with a grain of salt.

The fediverse is suffering from major problems caused by homogeneity, data duplication, and lack of meaningful coordination. It is completely unsurprising that it struggles to provide the level of service that most users expect. I’m not saying this to be mean, but because I’ve experienced these same growing pains in commercial settings.

The solution has always been to restructure product services in a way that separates concerns. Most of the big guys will, at a very high level, use an API gateway which handles security + authn, then forward requests to high level product services which in turn reach down to the data layer services (which are often ORMs with huge caches sitting on top of databases). Works great, usually.

The fediverse, from what I’ve seen, does not do this. Everyone sets up largely identical monolithic applications which share messages through the Pubsub protocol. Information is duplicated everywhere, and inter-instance communications are a liability not only in content but even in compute and persistence (you can absolutely get DDOS’d by a noisy neighbor). Individual instances are responsible for their own edge security, compute, and data. It’s just a lot to ask of a single person that wants to host a federated instance.

I think that a healthy federated internet will eventually require highly specialized instances at several layers, and for certain maintainers to thanklessly support the public facing services. One of the most obvious classes of these specialized instances, to me, would be the data layer and catching instances, which exist to ensure that content posted on one instance is backed up and served for other instances. It reduces the strain on public facing instances because they no longer have to host all the content they’ve ever seen, and it also ensures that if a public instance goes down, the content does not disappear with it.

This same principle could be used on “gateway” or “bastion” instances which enforce strict security on behalf of public instances. Public instances would block direct connections while treating requests from the gateway nodes as highly privileged. Each public instance would either find a gateway instance to protect it or handle its own security and inter-instance communications.

This obviously isn’t a complete solution, and it’s a hell of a long way from a technical specification, but my hope is that others who are looking at the weird and wonderful landscape of our new internet are having similar concerns and reaching similar conclusions.