Home » Archive by category "Musings"

An Independence Isolate?

ScotEur flag

[This article is released and provided under a CC-BY-ND 4.0 license – re-publish it as you wish, but please give credit anywhere you post this :-) ; quoting excerpts is allowed, so long as you link back here, or include the full text in appendix]

Several prominent figures in Europe – if not the elected leaders themselves – have expressed support for welcoming an independent Scotland into the EU.

This brings me hope on the one hand of continued European identity and membership, but also gives me some dread as to how the political and national landscapes will transform in the very near future.

On the one hand, as a British-national, Scottish-dwelling, French-educated, Polish-named, multi-cultural, bilingual, Eastern-blooded individual, I welcome with delight these encouraging messages, and if we further hear from state leaders themselves their firm intentions of working to speedily include Scotland into the EU on the basis of our former ties and goodwill to all Europeans, then I would certainly vote Yes in a second Independence referendum.

I did however vote “No” in the first.

Back then, we did not have such warm or even active support from the EU council or leaders, and the discussion was framed in the light of “departure”, not unification.

An independent Scotland would need to be in some trade bloc, no matter how small or limited in scope, to ensure it could rely on the weight of supporting equals when facing larger rival allegiances. Be that the UK, the Nordic Council, or the EU, we do not have the negotiating power to strive fully alone, not least because as a country, we have never operated such without the additional power of the UK, nor much to offer that others cannot already provide.

If we do have the expressed support of the EU this time around however, the discussion would specifically be framed in the context of ensuring our coexistence in a larger union of countries – not a smaller one. We would be voting Yes to joining a larger venture, as opposed to voting No to a wholesale reduction of our prospects.

And this is where I am most concerned:

The far right movements of a number of countries across Europe – and a certain prominent American – have become emboldened by the UK’s decision to leave and “take back” their country. Such movements towards independence are expressed in isolationist terms – a mentality of “we fare better alone” – the very sentiment I voted No to myself in 2014.

I would urge, beyond my right and remit, that those other European countries seriously consider what is happening in Britain: the European Union needn’t be harsh to the United Kingdom during the upcoming negotiations at all, as the punishment still would be that it would be solely dealing with the United Kingdom of England and Wales alone, whilst the EU welcomes with satisfaction the arrival of a proud, and in pockets smug, independent Scotland; and perhaps too a Greater Ireland, at the cost of the no-longer so great Britain.

Splintering is an extremely hefty price for any country to pay.

So I’m looking at France, with its Basques, Bretons and Corsicans; at Spain, with its Basques, Catalonians, and Galicians; at Belgium, with its Flemmish and its Walloons; and all other EU countries with its independence-yearning nations – consider very carefully what you do next, and how you phrase your stances.

Strive to be part of something – and not a lone voice in a see of Others. We will always be different from one another, but we must always try to find common ground and camaraderie. Even being united in adversity is better than alone against the entire world.

And to those Basques, Bretons, Catalonians, Corsicans, Flemmish, Galicians, Walloons and the rest – you too need to think carefully how you navigate these murky waters, and hold to account those larger nations you are embedded in.

Scotland is receiving a good deal of heartfelt praise, but who knows how long this will last, and even how it will truly play out in the end. Even within our country here there are reports of increasingly overt xenonphobia where once it was merely latent. Nationalism is not a thing to handle lightly, and (for it to be productive and beneficial to all) should be called upon only to look outward at the world, as a goal to aspire to, not as a place to cut away from.

Above all, I would caution: we are better off with more friends and more allies — Independence should not be the standard-bearer of Isolationism.

[This article is released and provided under a CC-BY-ND 4.0 license – re-publish it as you wish, but please give credit anywhere you post this :-) ; quoting excerpts is allowed, so long as you link back here, or include the full text in appendix]

Why is

I am easily amused.

When you type into your Google search bar, you get suggested searches that others have typed – not simply those that are popular, but just any that vaguely match (in the case where not many searches have been done).

Searching on operating system names and letting the suggestions display is a fun way of seeing their popularity (and also as far from scientific and statistically relevant as you can get with public data…!) Read more

About That: Linux Mint’s site hack

Byte City

The Linux Mint site hack a few weeks ago has brought to the fore how lackadaisical the security efforts behind some projects’ hosting and distribution sites may be. The truth of the matter is though, without a dedicated resource to look after this aspect, any effort can quickly grow stale and obsolete.

The tools and workflows required to keep sites and software packages secure are moving targets and a full-time effort; and the demand for latest-and-greatest software does not help one bit as a culture of blind trust has washed in on the back of the false mantra “Linux is inherently more secure.”

No it is not, and its growing popularity is demonstrating this. Linux is set up so that you can look more easily into your security and manage it, but security does not come without at least some planning and consideration. Jumping to BSD will not save us either. Improving our tooling and workflows is the only viable, forward-looking strategy we have at the moment – and it’s lacking.

Matt Hartley’s synopsis of the event is worth a read; the following are a copy of my initial reactions on his article. Read more

About that: Thalys’s response to All out

Thalys, a French national train operator, suffered recently from a backlash from an All Out campaign after a member of Thalys’s partner staff reprimanded a lesbian couple for kissing on the platform , denouncing the activity as “intolerable.”

Thalys yesterday released a French language press release, which I have opted to translate below.

Please note that this translation has not been performed from a professional standpoint, and that only Thalys’s original official press release is relevant for further quoting.

Read more

What Cameron Doesn’t Realize: Encryption Keeps Us SAFER

To Mr David Cameron, Prime Minister and person responsible for our (lack of) safety.

This is war – and you know it. A defensive war against those who would, and do, assail us. War against those who seek to undermine our values. War against those who attack us, day after day, relentlessly, on our streets and in our homes.

And amidst this ongoing conflict, you would have us break down the walls of the only fortress protecting us so as to better see our enemies charging.

You call for the private encryption of our personal messages to be undermined, and even qualify it as thoroughly undesirable – for the purpose, you say, of facilitated public protection, and the promise of a safer Britain. It will be none such, but the contrary, should your stance prevail.

The rogues who attacked Charlie Hebdo, the London buses and 9/11 were all already known to Intelligence. You have more means than the mere electronic surveillance of their messages. You are the govenrment. You can access airport records at will. You have CCTV on every major street and transport link. You intercept physical mail. You can bug our hardware. You impose police checks and searches anywhere and anywhen. You monitor bank transfers. You have the legal mandate to pry open or seize property of any private enterprise, and through international agreements, the power to reach even overseas.

I do not doubt that a government can carry out surveillance, nor that it will. Even non-governmental groups can crack highly secure networks, given sufficient determination. Just ask any computer security expert – the first thing they ever teach us is that no system is 100% “unhackable”.

Were I sufficiently deluded I would demand that you stop such mass trawling. But I see no point in such advocacy on my behalf. It will happen whether I wish it or not, with my knowledge or without. For the government to demand that private communications cease to exist outright, in reality, makes it marginally easier for your intelligence services to reap information.

However it makes an unfathomable differece to any others who would (and already try to) get control of us or those we hold dear, whilst driving the poster-criminals away from surveillance’s reach.

You say you want to better monitor terrorists and violent criminals. Would the most dangerous use your government-sanctioned communication tools to operate? No – they would simply switch to other channels of communication and “go dark” once more. Years of your agencies’ efforts to best mine the Internet and otherwise secure communications would surely go to waste – for none but the most incapable “terrorists” would be there anymore, and your agencies will have to play catch up in an entirely new arena. It is astounding that they are there at all, which in fact is a benefit to you.

In the mean time, the rest of us will be fed to the wolves.

In reality, encryption has never protected us from government spying. It has only ever protected us from non-government spying.

The holes already opened up by GCHQ and the NSA (and other lower-profile national security agencies) are already letting in criminal hackers – known in the trade as “crackers.” Computer systems will always have issues, as every computer scientist, engineer and technician knows from day one. We work hard to plug them as soon as we – or others – find them. And yet you bore more holes behind our backs.

The attacks on Sony and the leaks of celebrity photos from Apple demonstrate how easily compromised computer systems can be, even when dutifully guarded.

With mass policy of non-encryption, we open ourselves to ills no government could guard against, no matter how otherwise benevolent it were.

We already have open networks in the form of free Wireless in airports, hotels and cafes, ready to testify to the dangerous absurdity of not encrypting one’s communications. Any computer enthusiast with a modicum of technological education and a standard laptop can snoop the details of anything unencrypted. One needn’t even look underground or seek to circumvent anything for such tools: this is what was shown with the FireSheep debacle that proved that websites badly needed encryption – not to save us from the government, but from simply unscrupulous other network users.

Our devices connect automatically to these networks because we let them: rather than have to remember passwords and type them in conscientiously. We are all ripe for picking. And anyone can setup a network to trick our devices. Making better technology will not solve our desire for convenience, and crackers will always be ahead of the game – it’s what makes them such formidable foes.

Cracks employed by News of the World were already unsophisticated, but without the safeguards and encryptions there would be no need for them – all our communications would be laid bare to anyone who so much as desired to listen in.

Who would be listening? Crooks out for a quick buck perhaps. Set up a little device and listen in to rich investors’ casual discussions face to face or over some “pravate” chatting channel. At the club house, or in a restaurant, or in a hotel bar or elsewhere the likes… Some people wonder how crackers get information on certain transactions… It’s easier than Hollywood lets on…

Who else would be listening? Oh nobody but insurers and marketers, eager to have the first word in negotiations. They know who’s depressive and who’s terminally ill. Up the premiums. And crooks too. They’ll know who’s bought the latest PC, which model from which store. Let’s call them and impersonate a Customer Service representative to con them.

Who else would be listening? Only the local thugs who know how to use the government tapping loopholes to get onto some family’s network – cause their bills to skyrocket by hacking their smart energy metres, cause their fridges to turn off over holidays and everything to spoil, overheat ill-secured sensors and cause fire even as they sleep, browse private files to dig up dirt, monitor their childrens’ movements… and hold the home owner to ransom.

Lovely house and family they had there…. pity if anything were to happen to it.

Who else would be listening? Not to sound alarmist, an an open, unencrypted network would be a boon for predatory paedophiles and other sex offenders who could operate all the more efficiently. For every one paedophile who would no longer be sharing vile pictures through the Internet, a thousand more could spy on any one family out and about one sunny afternoon. Photos of our children shared with our loved ones would be available for anyone to intercept and recorgnize (see how quickly the Chinese “human flesh search engine” can identify a person from casual shots). Our daily habits and patterns would be open to anyone to see, analyze and mine. The kids get home at this time. The parents get back at that time. The parents are out to dinner on Tuesday evening. Interesting information on that couple we spied on in the cafe last Sunday. And if the paedophiles were the ones supplying the laptops and phones… what then? (Yes, we’ve already seen something like this happen.)

Who else would be listening? Maybe the disgruntled neighbour. Maybe the local bullies. Maybe some sect that really has it in for you. Maybe some ill-advised political activist hell-bent on attacking a candidate and any of their supporters.

Mr Cameron, I can’t comment on the rest of your political decisions. I disagree with your policies, but I am not an expert in any of those matters. I don’t like what you’ve done to welfare, I don’t like the Conservatives’ privatization of what I believe to be national infrastructure such as the NHS, I don’t like your government’s stance on immigration, nor how they are undermining education, and I am disappointed that I feel my vote to stay with the Union this past November seems to have come back to bite me. And so forth. Frankly I have not educated myself enough in those areas to properly comment on them. Suffice to say I disagree, and will need to leave it at that.

But I am competent in computing, as can be anybody studious enough. You seem to think cracking is only the capability of those grimly determined – but it is at the grasp of even the most puerile of pranksters. All you have shown is that you persist in ignorance and lack of judgement, from a stance of power and authority – a very dangerous combination.

You would feed us to the wolves to gauge just how hungry they were; and take a cannon your own castle out of spite.

Read more:

[1] Cameron wants nobody to have privacy. http://readwrite.com/2015/01/13/david-cameron-encryption-messaging-apps-imessage-whatsapp-snapchat

[2] Encryption makes us safer. http://www.forbes.com/sites/kashmirhill/2010/10/25/firesheep-why-you-may-never-want-to-use-an-open-wi-fi-network-again/

[3] The surveillance state made corporate (and private) espionage worse. http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html

[4] Letting companies have a know about their users tends to backfire. http://theweek.com/articles/441995/uber-growing-threat-corporate-surveillance

[5] There are people you trust spying on your children in their own bedrooms. http://www.macworld.com/article/1146666/macbook_spycam.html

[6] Why privacy matters. http://www.groklaw.net/article.php?story=20130818120421175

Protect your privacy and freedom

EFF.org

https://www.openrightsgroup.org/

About that: GNU/Linux (and cousins) are a big family – and the kids are growing up

It does seem that Linux has become too big and complex – but perhaps not in the way we think.

Some voices indicate that the problem is being un-UNIXy, others insist that systemd is the heart of all woes (well it certainly threw oil on the fire…), others think it’s just too bloated… some even think it is just not popular enough (non sequitur??)

Personally, I think it suffers from a very basic meat-space problem: identity. There are too many distros for Linux to be homogenously named, and too many people with strong (mostly valid) visions for what it should do to be recincilable accross the board.

It is clear to me that no Linux distro family is interested in doing what the other does, like siblings with rivalry, but that some “parent figures” are trying to ship them all into the same roles.

Rather than recognize that they need to have their own spaces and come into being their own, “unification” attempts are falling flat because simply not matching up to the ideals the now grown up youngsters have.

My response to a comment on iTWire’s article follows:

My general stance is that Linux’s “killer app” is “Linux” :-)

To elaborate on that, maybe I should stretch my explanation to mean: a platform on which I can bothplay games and surf the web, whilst at the same time do development work and granularly control its maintenance, depending on the role I want to to fit on any particular deployment… The lack of household-name-fame is not prticularly a problem. Technical capability has always come first, and that has not hampered its growth.

I do think (though I am no longbeard!) that there needs to be more pointedly a differentiation between desktop/laptop purpose (where you want everything to work with little fuss) and server purpose (no GUIs, high control, high debuggability)

Perhaps the danger we are seeing is the trend for a one-size-fits-all approach swalling the ecosystem whole, whether it be systemd or any other project, mind: we tend to see Linux distros as one big close-knit family, and thus create attempts to unite them under a common set of tools, orchstrators and platforms.

Maybe it’s time we stopped looking at Linux that way. UNIX split off into various mildly-related sub groups, and which still thrive, and it looks like Linux could soon do the same. Ubuntu is on course to becoming its own thing, and Chrome has taken Gentoo and created something barely related, even as they are deployed on the same kernel as the rest of distros. Android has already dropped the GNU side and, whilst it is still “Linux”, it cannot be considered in the same family as the desktop and server distros we have at the moment.

So yeah – I’d say, stop thinking of “Linux” as “a cohesive group of operating system variants” and start looking at key families of distros as operating systems in their own rights. Allow more individulaization in the nucelar family to allow a broader unification of the genealogy – our BSD cousins are doing well in server space, and if they are not taken into the unification attempts, may well fill the server niche in our stead whilst we remain with the consumer and mobile markets… who knows who will get gadget-space.

Stop trying to cram all the family members in the same bed. It’s time for the kids to fly the nest.

Technical Support as a Career

“I work in technical support” is probably one of the less impressive admissions at a sociable meetup, and to be fair, it’s not ever been glamourous, nor will it ever be. The most admiration you’ll probably get is “Oh wow; hey I have this computer problem actually, you see it …. (badly summarized problem in absence of broken thing…) … do you think it’s a virus?”

However it is a viable career (with its admitted share of dead ends), with training on offer in the right companies, and plenty of potential for exposure to the core of businesses and some Real Computing (TM).

The following is a quick profile description of the most common configurations, if you were ever curious, or looking to move into IT – and one or two profiles to avoid as much as you can. Read more

Freelancing – lessons learned

Back in April, for various reasons in my personal circumstances, I decided to give freelancing a go. I quit my permanent job, and set myself up as a sole trader. I wish I had done this from the very start, back when I was at university…

Being self employed allows you to try your hand at a number of different roles before you decide to settle on a specialization – if you specialize at all! From an employer’s perspective, they are getting a skilled individual who they can keep on or let go of easily; from your perspective, you have the freedom to take on a variety of projects and diversify your experience fairly fast.

Here’s what I’ve taken away from my experience so far:

  1. Sole traders have greater freedom than temp workers
  2. You can be a sole trader and be in education or full-time employment
  3. Tax is complicated
  4. Take customers with you

Read more

About that: Is TAILS an essential distro or just an added tinfoil hat?

A tech blogger put up a piece I came across on Tux Machines, asking whether TAILS, a security-oriented Linux distro designed to afford the user anonymity, was just another tinfoil hat for the over-imaginative conspiracy theorists.

It was stronger than me to let this be, as I believe that TAILS is actually very legitimately useful to certain people and professions – namely journalists, students and activists – and that the article was likely to gain page views over time. Below is my own answer.

Original article is http://openbytes.wordpress.com/2014/05/16/tails-an-essential-distro-or-an-accessory-to-compliment-a-tin-foil-hat-for-the-average-user/

For the TLDR – TAILS is not aimed at the average home user, but at non-technical users who actually do need to take their online safety into serious consideration.

…. it’s a bit of a straw man attack …

The real question is – where is the merit in deriding the approach and considerations TAILS addresses?

Read more

Call it “Open Source Free Software”

Freedom and Open Fields

I ranted previously about my annoyance at the name “Free Software,” wherein the name is too easily misconstrued to mean freebie (but still proprietary) software like Dropbox, or the Yahoo toolbar. Further thinking about the naming issue, I ended up deciding to call it “Open Source Free Software” instead.

There are two adjective groups in the name: “Open Source” and “Free”, with the latter being interpretable in two ways: freedom and freebie.

Due to the way adjectives apply in English, “Free [Open Source Software]” sounds like it is in opposition to a futile notion of “Proprietary Open Source Software.” More popularly, with the emphasis on “Free”, we end up with the same issue of looking like we could be talking about sketchy downloads.

“Open Source [Free Software]” on the other hand moves the emphasis to the openness, and is in opposition only to “closed source proprietary software,” since “closed source libre software” makes no sense. Even if the listener misunderstands “Free,” they can still understand that it is open to tinkering – which is the freedom we want anyhow.

Open Source
Free(dom) code is open, software promotes user freedom
Free(bies) code is open but copyrighted – we can study it to make a Free(dom) version

Thus we focus on openness as a vehicle for software freedom, instead of leaving potentially damaging emphasis on an ambiguous word.

Varying “Free” on its interpretation against openness/closedness, we get:

Open Source Closed source
Free(dom) code is open, software promotes user freedom Makes no sense
Free(bies) code is open but copyrighted – we can study it to make a Free(dom) version code is closed and copyrighted – the kind of software the FSF are against

There is still a question about whether to include blobs or not in the open source project, since doing so would disqualify it from being Free. This would still have been discussed anyhow however.

The point is, emphasising openness more easily leads to a discussion on freedom. Emphasising “Free-ness” just makes people shy away – not because of the implications of “freedom” but because of the warning flags around “freebies.”