In-band periodic key-exchange. Pre-arrange that keys expire every X messages, and that the last (Xth) message is dedicated to sending the new key encrypted by the previous one.
Rowan Thorpe
- 0 Posts
- 13 Comments
Joined 2 years ago
Cake day: June 3rd, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
If you haven’t already seen the talk recently given at the Chaos Computer Club’s “Hacker Hotel” named “How Thermonuclear fusion works, free energy without waste”, I highly recommend it. https://libranet.de/display/0b6b25a8-ff152736-e38872dd7aed088e
they choose their business model, I choose my customer model.
Ooh, this is very pithy. I like it. I will use it.
I did a similar but more generalised thing since long ago, when I got my first pager (pre-mobile) in '95. I made myself a solemn promise that I would gratuitously and unapologetically use silent-mode, DnD, etc (including more recently auto-DnD every late-afternoon-to-mid-morning, even on weekends, when it became a thing) to live an almost exclusively asynchronous life. I almost never answer direct phone-calls too, often even for many of the recognised numbers. My modus operandi is this:
If it’s a real emergency a call might be unavoidable, but if it’s just typical-urgent it could be an SMS (key part of that acronym is Short) which I would see relatively soon. Alternatively a sensitive/private urgent requirement could be fulfilled via Signal. Otherwise email (pgp-encrypted if it has to be private) which I usually catch up with every day or two. Also I disable all non-critical realtime app-notifications entirely. Additionally whenever someone calls/emails me with an “opportunity” requiring “immediate response because they need a confirmation by yesterday!!!1” I know that means the work is going to be like that too (absent time-management or time-discipline, bouncing between crises in parallel) so my go-to response is along the lines of “Thanks, but such a shame it’s so last-minute - it would be impossible for me to properly consider this against the rest of my schedule and decide responsibly whether I could do it. I hope you find someone.”
I didn’t choose that for the sake of being antisocial, I chose it because I felt that “flow state” and “focus-retention while tackling complex problems” are extremely precious resources, and also increasingly rare. Most (not all) of the time if you don’t push back to protect that then others won’t voluntarily protect yours for you, because a lot of people only respect their own time, mental-bandwidth and priorities, and not those of others. I found that batching tasks together to grind through them in bulk without interruption is not only useful at work, but in most of the mundane/administrative parts of life too, because it minimizes the destructive effect of context-switching.
I discovered a very astute validation of this in an essay by Paul Graham “Maker’s Schedule, Manager’s Schedule” https://www.paulgraham.com/makersschedule.html
I’m waiting to see the headline: “Fired NNSA employees can’t be found for reemployment because they moved to off-grid locations outside the blast-radius of all major centres”
In terms of the “default instance” suggestion, I have an interesting hybrid suggestion. What about having an “easy on-ramp” instance where you get registered for one month with a hard-exit (auto-migrate to other instance, perhaps using some kind of federated-auth/token system for the migration, and forced password-setup on first use of the new instance). At any point during on-ramp the user could configure destination-instance from a list in the settings (or configure auto-export for manual import to any other “auto-migrate-unsupported” instance), with optional early-migration if the user has decided before the end of the month. Optionally a recommendation engine could iteratively curate a list of suggested instances based on usage during on-ramp (admins of those instances could provide - limited number of - tags of their choosing for the engine to use for matching). That part could be opt-in because probably a lot of users would find it creepy. The UX would need to be very user-friendly “pointy clicky” because that would be the overwhelming target demographic of such an instance. I think “on-boarding and educating” is better than “gatekeeping” (which feels like the “if you need to ask the price you can’t afford it” shopping trope). A nice side-effect is it already painlessly introduces users to the killer-feature “easy migration” between instances due to data-portability.
Kanye -> Hitler -> Shopify -> Spotify -> Arrested Development -> …
Anyone else experiencing whiplash, or is it just me? I think I need to lie down for a bit.
And Brexit as wordplay was just a rehash of the prior Grexit moment Greece had…
Or maybe this just makes for a great origin-story for becoming an epic Batman-like vigilante. I’m waiting to see his next career take off…
I long ago stopped getting caught up in “that discussion” about recent trends despite a stream of people lobbing leading questions to get the ball rolling. Because I also try to not do so more rudely than necessary, I have developed several diplomatically worded (or at least ambiguous enough to float opaquely off to the side of the offense spectrum) ways of essentially saying the following: The simplest and cheapest way of [A] learning the “computer science” end of software is by becoming proficient in Lisp, [B] learning the “engineering” end of software by becoming proficient in Forth, [C] learning how “busywork” is a dangerous and demoralising thing to confuse with “actual work” by maintaining some Java code, [D] learning how insidious and self-sabotaging “expert beginner syndrome” is by reading a lot of the relevent code-reviews and blogposts when maintaining Javascript & Python projects, [E] learning how mob-mentality and populism can lead to selective blindness and architectural stubbornness by working with large volumes of C & C++ code, [F] learning how it is all really abstraction-layers over something akin to an old-shool phone switchboard by working with Assembler, [G] learning how the only work with longevity is that which stands on the shoulders of giants by using Fortran libraries, [H] learning how the mere act of developing using languages with baked-in discipline can be inherently educational by using DbC/TDD/BDD/dependent-type/formally-verifying/etc based languages (SPARK-Ada, Haskell, Eiffel, ACL2, Rust, etc), and then [I] learning how - after a certain level of experience - the languages, frameworks, and tools become less important than the engineers’s mindset and the work that happens both before and after the fingers hit the keyboard…by finding semi-performant techniques for implementing masochistic things like a VM and a network stack in Bash script (as hobby tasks, not for real use). If they are coming from a more hands-on/hardware background I also recommend [J] how eye-opening it is to maintain your own customized LibreCMC image flashed onto an open router (the older/smaller the HW the better, because you have to be increasingly creative with your kernel & OS configs), and [K] how educational it is getting a RISC-V working on an FPGA. I top it off by saying that [L] despite coding on-and-off since my start with z80 assembler on an Amstrad in the mid-80s I still feel like a beginner with so much to learn, and [M] that fact is by far the part I love most about the field (not just field of “work” but of “mental endeavour”) - far more than status/seniority/raises. I find I don’t get bombarded so much with JS-framework-du-jour zealotry and expert-beginnerism after that.
If you’re only talking about Storage (data at rest) or Network (data in transit) then encrypt/decrypt offsite and never let symmetric keys (or asymmetric private keys) near the VPS, or for in-transit you could similarly setup encrypted tunnels (symmetric/private keys offsite only) where neither end of the tunnel terminates at the VPS. If you’re talking about Compute then whatever does the processing inherently needs access to decrypted data (in RAM, cache, etc) to do anything meaningful. Although there are lots of methods for delegating, compartmentalising, obfuscating, etc (like enclaves, TPM/vTPM…) the unavoidable truth is that you must trust whomever owns the base-infra ultimately processing your data. The one vaguely useful way to use “other people’s computers” trustlessly is with SMPC (secure multi-party computation) spread sufficiently widely across multiple independent (preferably competing - or even adversarial!) virtual-computation providers, with an “N-of-M keys” policy that avoids any single provider being able to attain a meaningful level of access to your data independently, or being able to view tangible portions of your data while providing functionality during SMPC. That stuff gets super-niche though.
Not all made up though. I’ve been following this one’s mailing list for a while https://en.wikipedia.org/wiki/Zephyr_(operating_system)
I hadn’t even heard of the underlying protocol NNCP yet, and it seems to solve out of the box several things I was trying to do in some of my own hobby-projects. I’d been battling with automating and integrating Tor/I2P, Openssl, Tox, GPG, Wireguard, etc. If NNCP lives up to the hype it will be a big shortcut, when I next get time to work on stuff :-)