Brief items

This is all to say that there are risks involved with owning a smart speaker. It's not as risky as, say, running a meth lab out of your basement. But keeping an internet-connected microphone in your kitchen is certainly more trouble than owning a simple Bluetooth speaker that just plays music. You might be comfortable taking that risk for yourself. Think long and hard about buying an Amazon Echo or a Google Home for your friends and family. They might not like it. In my opinion, they shouldn’t.

And in the meantime, it's important to remember that the dominant ISPs — for all of their power — are still quite sensitive to bad publicity. Let's see a show of hands of everyone who thinks that their dominant ISP isn't charging enough or doesn't already have too much control over their Internet usage! They know that U.S. consumer surveys routinely rate them among the most hated and mistrusted firms in the country.

Every time that one of these ISPs even begins to make anti-neutrality, anti-consumer moves, they must be immediately lambasted — broadly and publicly. They must be tied in the public mind directly to [US Federal Communications Commission chair] Ajit Pai and Donald Trump, and excoriated in a manner to make their shareholders sit up and take notice in fear.

An attacker can remotely unlock any safe in this product line through specially formatted Bluetooth messages, even with no knowledge of the pin code. The phone application requires the valid pin to operate the safe, and there is a field to supply the pin code in an authorization request. However the safe does not verify the pin code, so an attacker can obtain authorization and unlock the safe using any arbitrary value as the pin code.

"We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration," said Robert Hickey, aviation program manager within the Cyber Security Division of the DHS [US Department of Homeland Security] Science and Technology (S&T) Directorate.

"[Which] means I didn't have anybody touching the airplane, I didn't have an insider threat. I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft." Hickey said the details of the hack and the work his team are doing are classified, but said they accessed the aircraft's systems through radio frequency communications, adding that, based on the RF configuration of most aircraft, "you can come to grips pretty quickly where we went" on the aircraft.

I'm immensely grateful to the Devuan developers, because when they announced their fork, all the complaints about systemd on the debian-devel mailinglist ceased to exist. Rather than a cost, that was an immensely gratifying experience, and it made sure that I started reading the debian-devel mailinglist again, which I had stopped for a while before that. Meanwhile, life in Debian went on as it always has.

“First” is one of the core foundations of the Fedora Project. At the leading edge of innovation, every step Fedora takes advances the state of the art, even when it’s not directly successful. And, if every try succeeds, Fedora’s not trying hard enough.

Linux distributions exist, they don't attempt to list every copyright holder on the Linux kernel, and in practice this is fine, which suggests that this is an ocean we're trying to boil as a weird Debian thing rather than because we actually need to. It's fine to have weird Debian things that we do because we're Debian rather than because we absolutely need to do them - but when we do, we should be clear about why, so that we can stop enforcing them if the cost (mostly in maintainer time and motivation, our most valuable commodities) exceeds the benefit.

The solution we ended up choosing was to add the string "compatible with GNU linkers" to our linker's help message. This string is not too odd for humans to understand, and since it contains the string "GNU", it is also friendly to configure. It is not a beautiful solution. It supports the erroneous assumption rather than correcting it. But it was practical.

C and its implementations enshrine communicativity in three ways: by the compiler’s place in a wider toolchain; by the surrounding meta-level (debugging) programmability of the target environment; and by the core abstraction of memory that is both at the heart of the language’s design and shared with these surrounding elements. This is how C gives us access to the operating system and to hardware. The same property also gives us access to other systems in the same address space, which is why C finds so much use as a low-level glue language, despite its questionable suitability as such by any other criteria. Memory is a communication channel, shared with the world outside the language. Representations are the symbols of that channel. C lets us communicate freely using these, even with alien entities.

This is, I claim, the deepest reason why C remains unvanquished. Replacements or reimplementations invariably forgo or compromise communicativity. They break the links with the surrounding toolchain (particularly the assembler and linker), or provide a superficially similar but essentially different abstraction of memory. In so doing, they sacrifice its essential value as a systems programming language.