Notices by Matthew Garrett (mjg59@nondeterministic.computer)

@Suiseiseki If I give you a computer that only has a CD drive and the computer boots from that, is the computer running software?

@Suiseiseki whoops, managed to post as a top level rather than a reply, but:

The ROM is hardware, what the ROM contains is software. Otherwise you end up arguing that software on a pressed CD is hardware, which is clearly nonsense.

Them: code stored in an immutable physical form is hardware
Me: an Ubuntu live CD is hardware

@Suiseiseki Hardware executes things. Software is what is executed. Making software immutable doesn't make it not software.

@Suiseiseki Code that executes on a general purpose core is software, end of discussion

@Suiseiseki Software doesn't stop being software just because it's in ROM

@liw Imagine a Yubikey that understands TPM quotes and can blink an LED at you during boot to tell you your laptop is in the expected state

@liw I actually have a bunch of use cases for wanting to modify that, which pushes us into an interesting space

Yeah great ok the manufacturer also has no ability to patch my fridge but how does that help me this differentiation between software in ROM and software in flash is absolute bullshit, it's all software and it should all be free and modifiable

RMS printer moment, but it's about my fridge failing to run the ice maker fill tube heater for long enough so it freezes so the ice maker gets no water and makes no ice, but also the software controlling this is in ROM so the FSF says it's fine even though there's no way I can fix it even though I am entirely capable of reverse engineering and patching it otherwise

@ryanc was underneath the car, and prioritised not being there over pictures

BART deciding to make my day exciting by having some electrical component on my train car literally explode is not the vibe I was looking for

@GossiTheDog This is hilariously Northern Ireland (both the initial fuckup, but also the somewhat confused response of everyone else, including the journalist)

I never expected to have to be searching my mailbox for the term "cum-cum-cum-cum-cum" (yes, including hyphens), but this year continues to be full of surprises

Ludicrously long shot, but do I know anyone who knows anyone involved with whoever is running the att.net mail service? My address there bounces with an inscrutable 550, and it's linked to my AT&T account which makes things awkward

MAIL FROM: mjg59@srcf.ucam.org
250 2.1.0 mjg59@srcf.ucam.org... Sender ok
RCPT TO: mjg59@att.net
550 5.2.1 mjg59@att.net... blank mailhost - invalid address, relay=[176.126.240.207]

Hey Theo

There is a well defined process for how elections are run (https://opensource.org/about/board-of-directors/elections). This year, several candidates were removed from the election results for supposedly refusing to use proprietary software to sign the board agreement. The requirement to do so is not stated anywhere in the election process. The bylaws allow the board to ignore the will of the electorate, but removing candidates who didn't violate any election rules is just fucking ridiculous.

If the membership chose a candidate that the board refuses to appoint, the membership deserves to know that.

Like many nonprofits, membership of the @osi board of directors is technically down to the existing board choosing to appoint new directors. OSI "membership" (in the sense that donors can become "members" of the organisation) isn't a thing that's defined by the by-laws, it's a process that the directors have chosen to adopt. As such, the elections that members participate in are just guidance for the board's decisions, rather than anything they're obliged to respect.

Every semester I teach best practices around build pipelines, and every semester someone mentions SolarWinds, and if I, as a company, wanted to set up an entirely independent build pipeline that was entirely independent of the rest of my infrastructure and was managed by different people so I could build in two places and verify binary outputs were identical, how would I do that today? (Assume my build is already reproducible, let's not complicate things)