Notices by Eleanor Saitta (dymaxion@infosec.exchange)

Here's my IFAK, with a 15cm ruler for scale, which has all the nice to haves on it. You can go smaller, but this nicely clips on to my around town bag and doesn't scream "I'm carrying tactical medical" too loudly.

Normal rules are that your IFAK is only for use on you, but that assumes a) active combat, and b) everyone carrying one in the same place so others can kind it and c) everyone being trained to use it; do what makes sense in context.

Folks who have advanced training might want to add more stuff, but at that point you know what you like. Specifically, I do not recommend carrying decompression needles or nasal-pharyngial airways unless you've been trained on them — they're unlikely to do much good without training, and the needles especially can cause real harm if used incorrectly. Note: I am trained in first aid, but I'm not an EMT, etc. I have, however, spent a good chunk of time digging into stuff here and talked with friends with more training about it extensively. Happy to hear opinions from other folks with more training here too.

Here's what I recommended (and carry) for an individual first aid kit (IFAK):

Core trauma kit:
2 North American Rescue CAT7 tourniquets (no substitution), prestaged for one-handed application
2-3 packs compressed gauze, ideally one or all treated with a hemostatic clotting agent
2 pairs of vented chest seals
1 6" pressure bandage, "Israeli" style or similar
Trauma shears
2 pairs nitrile gloves
Mylar emergency blanket
Sharpie for writing TQ application time

Not core trauma but good to have:
2 Narcan doses
Fold-up plastic CPR mask
Dispersible (powdered) aspirin for heart attacks
Runner's sugar gel, for diabetic collapse
Triangular bandage, sterile if you can so it can double as an improvised pressure bandage
Ocular baggage
2 chemical hand warner pairs for helping with core temperature in cold weather

If you have the space and it won't limit where you carry the bag, a booboo kit:
4 Saline wipes for wound cleaning
Pack of large steri-strips for wound closure
4x4 Non-adherent bandage
2 Burn gel packets
4 Normal bandaids
2 Antacid pills
2 3" Pieces of kinesio tape for blisters (round the corners; stays on better)

For protests, add 1-2 sealed bottles of water with sports cap for eyewash (use only clean water or saline, never anything else)

Inside, the tourniquets and shears are immediately accessible and the rest of the trauma essentials are in a pullout for fast access; booboo kit and secondary stuff is in ziplocks, and the stuff in the pullout is held in place with elastic so the contents don't go flying when I open it.

@bascule
Fascists don't actually want everyone to have guns — that's the weapons companies. While it's useful for them to have their own irregular militias armed, I wouldn't be at all surprised to see them push for some kind of "good moral standing" clause federally, so they can stop the left from legally owning weapons.

@ryanc
For sufficiently small countries, I think this is all of the type of enby who have an aws account

Americans, if you have not done first aid training in the last five years, I strongly recommend getting a refresher now, and starting to carry a trauma kit with you when you leave the house.

It looks like most of the US Red Cross first aid courses are very superficial, so you'll have to go digging for local resources. The syllabus I recommend is the one offered by the UK and most EU Red Cross groups, including their optimal mental health response unit, and ideally something on using Narcan and Epi pens. You can find it here: https://www.redcrossfirstaidtraining.co.uk/courses/first-aid-training/first-aid-at-work/

If you're piecing together a course from other offerings, you definitely want to make sure that you're doing CPR basics, massive hemorrhage/bleed stop, and shock/stroke at least. If you can find a trainer who can also add to the UK curriculum a treatment protocol for tear gas and pepper spray, that's great. You're going to receive a ton of information in these courses, so please take good notes (and hopefully you'll get the training slides to take home). Make up your own cheat sheets for the core diagnostic procedures — ADCDE/MARCH, AVPU etc. and keep them in your kit. Better yet, also go with some friends — it's always more fun that way and you'll retain more when you're comfortable and having fun — and then spend an evening every month or so going through some basic drills to keep each other fresh.

Some decade, we will collectively learn that watching traumatic video doesn't teach people things about the world or effectively inspire them to work to change it, and in fact is likely to leave them less capable of action.

Not this year, though, apparently.

While it's primarily aimed at journalists, this guide for dealing with secondary trauma from media exposure, which is to say a lot of us right now: https://theselfinvestigation.com/fact-checkers-toolkit/vicarious-trauma-moral-injury/

@inthehands
They wouldn't really have the local knowledge to know which communities are where in more detail, I think? Like, yes, there are probably data sources they could use to find that data, but that would require it to be less of a shit show. It wouldn't actually surprise me that they were targeting on the basis of which districts vote more democratic.

@inthehands
And by allegory with Gresham's law, over a sufficient time period and in absence of a significant counterveiling force, all org leadership becomes bad. If you're a leader who only cares about personal power and wealth, got have an advantage over anyone who is getting to balance avarice with the good of the organization, let alone the good of society. So folks with that mindset will eventually run the majority of organizations, until and unless their avarice kills the company.
@nikitonsky

Still really genuinely angry at how much the passkey rollout has fucked up the flows for anyone using a security key.

Fuck forcing people to set pins on hardware tokens. Fuck defaulting to allowing a hardware token to log in without the password. Fuck making every mobile device you own a first class token and making login attempt spam a thing again.

I get that passwords are broken. I don't have a problem with the idea behind passkeys as such for less-technical users (although fuck vendor lock-in and non-portable credentials), but do not fuck over technical users trying to protect critical systems by breaking their workflows or destroying basic security primitives.

Hilarious side effect of the OpenAI pivot to porn plus the Swedish ban on online pornography purchases: Paying for ChatGPT in Sweden may be a criminal act soon.

@suzannealdrich
The infrastructure needed to keep these machines happy is nontrivial. Each single server hosting eight graphics cards is north of a half million new, so even at ten cents on the dollar they're the cost of a new car and they're mostly designed to be used in clusters of at least eight and generally more like 64. They only have boot drives in the machine, if that, so you need an external storage server. The network cables they use run $600 for 3m. The switches run into the six figures too. The new hardware is designed for rack scale water cooling, so you're going to need to build a car-sized heat exchanger unless you want to literally just run all the faucets in your house wide open all day. And a half rack is still going to draw at least ten times what the entire rest of your house does.
@cstross

Ding dong the witch is dead

If you've worked with SDRs professionally, either at the hardware level or at the e.g. RF protocol implementation levels, I'd love to buy an hour of your time for a validation conversation about a potential project. DM if you're interested; boosts welcome.

@yaxu
At some point, I went to a pretty interesting seeming security and usability academic conference, breaking my general rule of not bothering with that sort of thing. Basically all the work presented was useless because folks had only studied the work, not done it, and no one in the room had context to call bullshit. Not to mention, of course the general sort of academic ritual of ignoring bad work instead of calling it out, which only helps if you already know what's bad.

When this case first came out, I was talking to a relatively senior Finnish journalist about freedom of the press in Finland. We came to the conclusion that Finland's then best in the world ranking on press freedom was entirely down to the fact that the press had never wanted anything that the government wasn't ok with having in the papers. This decision is broadly incompatible with freedom of expression. Prosecuting folks who agreed to keep state secrets is one thing. Accusing journalists of treason, let alone convicting them, for publishing material that in their professional opinion was newsworthy is completely unacceptable. The Finnish national security bureaucracy does and must not be above the constraints of international human rights law, and must not be permitted to either constrain a priori or decide post hoc what is in the national interests. I assume this will be appealed and that the Finnish Supreme Court (or, failing them, the European Court of Human Rights) does the right thing. This case has already caused a significant chilling effect on Finnish journalism — already not in a great position — and this is happening at a time when Finland's national security position and responsibilities are changing rapidly. We need transparency and accountability in the national security bureaucracy now more than ever.

https://yle.fi/a/74-20170451

@raito
Much more likely to becomea law in Europe than the US, honestly. And it might get revised quickly, but quickly in EU terms is at least a decade.
@whitequark @Di4na

@raito
I am, yes. I think it's a pretty solid balance, at the level I've read so far, and they we could do a lot worse, as a model text. It came about in part because the EU does listen to actively engaged folks from civil society, including FOSS devs, when they're willing to engage with the debate on the EU's terms. Hopeful the existing version will be improved where necessary and reasonable and adopted. It's entirely possible, though, that it will be seen as insufficient.

The exclusions in there were not put there by folks objecting to the fundamental framing.
@whitequark @Di4na