Notices by Eleanor Saitta (dymaxion@infosec.exchange), page 6

@akareilly
Yup. Also "oh no, we have vulnerabilities! Please won't the security community we've banished help us"

@akareilly
It's ok, we don't need the cloud, it's easy for a small company to replicate the security and reliability they need without it being much more expensive!

(Sure, once you're at a hundred engineers and a thousand servers...)

@pettter
It doesn't really stop it though? It just means you have to be very marginally more sophisticated about it? And no, I've seen it done explicitly only for the reason that an instance has corporate accounts. Likewise, government accounts. Hell, I saw eupolicy.social get defederated for "promoting European nationalism". Shit be crazy.
@akareilly

@pettter
I don't care about them not wanting to talk to them, but the bit where the addressability of the network is destroyed by it is pretty fucking dumb. I understand the goals of the design, and I think the architecture doesn't serve them well.
@akareilly

@akareilly
If you're taking about defederation announcements, I think it's basically "there are companies there". A small instance I still have my alt on has defederated basically the entire security community at this point. I'm not impressed.

I've talked about this in smaller contexts, but I haven't found any traction and time is getting short. When the Nazis passed the enabling laws for the book burning on April 8th, 1933 — exactly 90 years ago in 34 days — the first thing they burnt, the same day, were the archives of the largest trans and gay research institute in the world. When they say now that we didn't exist until after the war, the only reason they can get away with it is that they burned all the accumulated evidence.

https://assemblag.es/@hugo/109972631252644527

The EU's proposal to force all service providers to automatically search all content that is either stored or transmitted anywhere in Europe, forward all illegal results to the police, and to block access to all non-European illegal content is expected to be presented to parliament in April. It's currently focused on algorithmic identification of unknown CSAM and of any social interactions that could be child grooming — basically, an AI trying to guess if an image might be child porn or a conversation might be trying to lure a child for sex — but it's unlikely that once the capability exists it won't be expanded to other crimes. The proposal would also force all services to age check their users (which means identifying them) and effectively ban anyone under 18 from interacting with the internet. There are no exceptions for end to end encryption and stored data not being shared is included.

To be clear, this proposal is not going to work. You know how bad chatGPT is? This is trying to solve a much harder problem, one humans struggle with, with much less compute power. What it will do is end all private communication in Europe, waste an amazing amount of police time, and leak a spectacular amount of private material to local police, some of whom — looking at you Hungary and Poland — are more than happy to use it to harass queers and trans people. It is fundamentally incompatible with the basic rights the EU is legally bound to uphold. It's also, in case they care, going to be a nightmare for corporate security and intellectual property control and will create a massive barrier to entry for anyone smaller than Google or Facebook running communication services in Europe.

Please call or write your MEP today and tell them to stop #ChatControl and preserve freedom of expression in Europe.

Wow. So, an entrapment operation by Norwegian intelligence explicitly encouraged what turned out to be last year's Pride shooting. That's a genuinely shocking kind of fuck up, although it does explain why intelligence was so adamant that the parade couldn't happen the next day — because it was their fault in the first place.

https://www.vg.no/nyheter/i/venev4/den-hemmelige-operasjonen

It's always fun when you search for hardware that can handle the performance level a client needs and you get (recent) research papers instead of products.

(In this case, DPI on 100GbE)

@cstross
Yeah, same reason for me sticking to windows. It's not great, bit I had to use it for work for a decade and now I've got 20 years of infrastructure built on it.
@pettter @pluralistic

@cstross
I know you write fast, but really?!

(Kidding, obviously)

@cstross
Yeah, I assumed, as much as it's amusing to think of your sheer typing speed bogging the machine down. I'm very curious to see if there's going to be an answer on the wintel side — I've been in the ecosystem for ages for $/perf and service network reasons, but I'm starting to look across the aisle.

There's something really familiar about the current rhetoric in the tech industry and some stuff that the CEO of Etsy said in the months before a hedge fund forced him to fire a bunny chunk of the company. Gods I'm bored of these assholes.

https://dair-community.social/@trochee/109853735815134632