Notices by Eleanor Saitta (dymaxion@infosec.exchange)

Changing phones, and my god it's fucking annoying what a walked garden chrome and firebox both are. Like Jesus fuck, absolutely zero possibilities to move bookmarks if you're not using their fucking desktop sync protocols? Like, it's bad enough that you have to use sync in the first place, but there's literally no phone to phone option? Not to mention no option to, you know, just use a fucking json file.

[If you want to suggest an alternate browser, please spare me instablocking you]

@clarity
I don't know if I'd call go either one?

@myx
One of the things I've learned over the past eight years of fractional CSO work is that the judgment call work is useless or impossible without enough time maintaining your working context of the system. The judgement time doesn't provide nearly enough context to perform well without supplemental time, and that knowledge goes stale surprisingly quickly. The real product of a software team is a group of people who understand the system deeply.

Probably mostly not my audience here, but I'm currently looking for a business-side/CEO cofounder for an encrypted radio startup. There are solid funding options, but while I can build the team to make the product happen, I'm not the person to navigate the money side of things. I'm looking for a cofounder with previous startup CEO experience and executive-level experience (although not necessarily CEO) in a hardware startup specifically. EU citizen and resident, although it'll be a remote team, so where is less important.

Here's my IFAK, with a 15cm ruler for scale, which has all the nice to haves on it. You can go smaller, but this nicely clips on to my around town bag and doesn't scream "I'm carrying tactical medical" too loudly.

Normal rules are that your IFAK is only for use on you, but that assumes a) active combat, and b) everyone carrying one in the same place so others can kind it and c) everyone being trained to use it; do what makes sense in context.

Folks who have advanced training might want to add more stuff, but at that point you know what you like. Specifically, I do not recommend carrying decompression needles or nasal-pharyngial airways unless you've been trained on them — they're unlikely to do much good without training, and the needles especially can cause real harm if used incorrectly. Note: I am trained in first aid, but I'm not an EMT, etc. I have, however, spent a good chunk of time digging into stuff here and talked with friends with more training about it extensively. Happy to hear opinions from other folks with more training here too.

Here's what I recommended (and carry) for an individual first aid kit (IFAK):

Core trauma kit:
2 North American Rescue CAT7 tourniquets (no substitution), prestaged for one-handed application
2-3 packs compressed gauze, ideally one or all treated with a hemostatic clotting agent
2 pairs of vented chest seals
1 6" pressure bandage, "Israeli" style or similar
Trauma shears
2 pairs nitrile gloves
Mylar emergency blanket
Sharpie for writing TQ application time

Not core trauma but good to have:
2 Narcan doses
Fold-up plastic CPR mask
Dispersible (powdered) aspirin for heart attacks
Runner's sugar gel, for diabetic collapse
Triangular bandage, sterile if you can so it can double as an improvised pressure bandage
Ocular baggage
2 chemical hand warner pairs for helping with core temperature in cold weather

If you have the space and it won't limit where you carry the bag, a booboo kit:
4 Saline wipes for wound cleaning
Pack of large steri-strips for wound closure
4x4 Non-adherent bandage
2 Burn gel packets
4 Normal bandaids
2 Antacid pills
2 3" Pieces of kinesio tape for blisters (round the corners; stays on better)

For protests, add 1-2 sealed bottles of water with sports cap for eyewash (use only clean water or saline, never anything else)

Inside, the tourniquets and shears are immediately accessible and the rest of the trauma essentials are in a pullout for fast access; booboo kit and secondary stuff is in ziplocks, and the stuff in the pullout is held in place with elastic so the contents don't go flying when I open it.

@bascule
Fascists don't actually want everyone to have guns — that's the weapons companies. While it's useful for them to have their own irregular militias armed, I wouldn't be at all surprised to see them push for some kind of "good moral standing" clause federally, so they can stop the left from legally owning weapons.

@ryanc
For sufficiently small countries, I think this is all of the type of enby who have an aws account

Americans, if you have not done first aid training in the last five years, I strongly recommend getting a refresher now, and starting to carry a trauma kit with you when you leave the house.

It looks like most of the US Red Cross first aid courses are very superficial, so you'll have to go digging for local resources. The syllabus I recommend is the one offered by the UK and most EU Red Cross groups, including their optimal mental health response unit, and ideally something on using Narcan and Epi pens. You can find it here: https://www.redcrossfirstaidtraining.co.uk/courses/first-aid-training/first-aid-at-work/

If you're piecing together a course from other offerings, you definitely want to make sure that you're doing CPR basics, massive hemorrhage/bleed stop, and shock/stroke at least. If you can find a trainer who can also add to the UK curriculum a treatment protocol for tear gas and pepper spray, that's great. You're going to receive a ton of information in these courses, so please take good notes (and hopefully you'll get the training slides to take home). Make up your own cheat sheets for the core diagnostic procedures — ADCDE/MARCH, AVPU etc. and keep them in your kit. Better yet, also go with some friends — it's always more fun that way and you'll retain more when you're comfortable and having fun — and then spend an evening every month or so going through some basic drills to keep each other fresh.

Some decade, we will collectively learn that watching traumatic video doesn't teach people things about the world or effectively inspire them to work to change it, and in fact is likely to leave them less capable of action.

Not this year, though, apparently.

While it's primarily aimed at journalists, this guide for dealing with secondary trauma from media exposure, which is to say a lot of us right now: https://theselfinvestigation.com/fact-checkers-toolkit/vicarious-trauma-moral-injury/

@inthehands
They wouldn't really have the local knowledge to know which communities are where in more detail, I think? Like, yes, there are probably data sources they could use to find that data, but that would require it to be less of a shit show. It wouldn't actually surprise me that they were targeting on the basis of which districts vote more democratic.

@inthehands
And by allegory with Gresham's law, over a sufficient time period and in absence of a significant counterveiling force, all org leadership becomes bad. If you're a leader who only cares about personal power and wealth, got have an advantage over anyone who is getting to balance avarice with the good of the organization, let alone the good of society. So folks with that mindset will eventually run the majority of organizations, until and unless their avarice kills the company.
@nikitonsky

Still really genuinely angry at how much the passkey rollout has fucked up the flows for anyone using a security key.

Fuck forcing people to set pins on hardware tokens. Fuck defaulting to allowing a hardware token to log in without the password. Fuck making every mobile device you own a first class token and making login attempt spam a thing again.

I get that passwords are broken. I don't have a problem with the idea behind passkeys as such for less-technical users (although fuck vendor lock-in and non-portable credentials), but do not fuck over technical users trying to protect critical systems by breaking their workflows or destroying basic security primitives.

Hilarious side effect of the OpenAI pivot to porn plus the Swedish ban on online pornography purchases: Paying for ChatGPT in Sweden may be a criminal act soon.

@suzannealdrich
The infrastructure needed to keep these machines happy is nontrivial. Each single server hosting eight graphics cards is north of a half million new, so even at ten cents on the dollar they're the cost of a new car and they're mostly designed to be used in clusters of at least eight and generally more like 64. They only have boot drives in the machine, if that, so you need an external storage server. The network cables they use run $600 for 3m. The switches run into the six figures too. The new hardware is designed for rack scale water cooling, so you're going to need to build a car-sized heat exchanger unless you want to literally just run all the faucets in your house wide open all day. And a half rack is still going to draw at least ten times what the entire rest of your house does.
@cstross

Ding dong the witch is dead

If you've worked with SDRs professionally, either at the hardware level or at the e.g. RF protocol implementation levels, I'd love to buy an hour of your time for a validation conversation about a potential project. DM if you're interested; boosts welcome.