Just woke up to find out the president has revoked the security clearances of everyone at a cybersecurity company because Chris Krebs went to work there. Krebs was his director for the agency in charge of Cybersecurity & Election Security during his first term and refuted his claim the 2020 election was "stolen".

Revoking the clearance of every employee basically kills the company's ability to do government contracts, which is a major source of revenue for cybersecurity companies. The White House press release also restates the false claim that the 2020 election was "rigged and stolen".

The US is basically a fascist dictatorship at this point. One where the president goes after entire companies because a single person spoke out against his verifiably false claims. You'd have to be completely insane to travel here right now.

Sigh. We are, as a security community, making good progress on some old as well as some new topics. #Rust, #Go, and other memory safe systems languages are going well and having a real impact in reducing memory safety issues - which has been the most important security bug class for decades, and we are finally improving! Compartmentalization and isolation of processes and services have now become common knowledge and the minimum bar for new designs. Security and privacy by design are being honored in many new projects, and not just as lip service, but because the involved developers deeply believe in these principles nowadays. #E2EE is finally available to most end-users, both for messaging and backups.

And again and again, we are forced into having discussions (https://www.theregister.com/2025/04/03/eu_backdoor_encryption/) about breaking all the progress.

Let me be clear for Nth time:
* We *cannot* build encryption systems that can only be broken by the "good guys". If they are not completely secure, foreign enemy states, organized crime, and intimate partners will break and abuse them as well. There is no halfway in this technology. Either it is secure or it isn't - for and against everybody.
* We *cannot* build safe, government-controlled censorship filters into our global messaging apps that are not totally broken under the assumption of (current or future) bad government policies and/or insider attacks at the technology providers (https://www.mayrhofer.eu.org/talk/insider-attack-resistance-in-the-android-ecosystem/). Either one-to-one communication remains secure and private, or it doesn't (https://www.ins.jku.at/chatcontrol/).
* We *cannot* allow exploitation of open security vulnerabilities in smartphones or other devices for law enforcement. If they are not closed, they are exploitable by everybody. "Nobody but us" is an illusion, and makes everybody less secure.

My latest recorded public talk on the topic was https://www.mayrhofer.eu.org/talk/secure-messaging-and-attacks-against-it/, and nothing factual has changed since then. Policymakers keep asking for a different technological reality than the one we live in, and that sort of thing doesn't tend to produce good, sustainable outcomes.

(Edited to only fix a typo. No content changes.)

CC @epicenter_works @edri @suka_hiroaki @heisec @matthew_d_green @ilumium

Transformational technologies like microcomputers and smartphones were so obviously useful that rank and file workers were smuggling them into their workflows despite the best efforts of CEOs to stop them.

The "transformational" technology of LLMs is so obviously anti-useful that CEOs must resort to threats and coercion to get their rank and file workers to go anywhere near them.

Yo

" Hi all,

As you might have just seen on the livestream or witnessed in person, I disrupted the speech of Microsoft AI CEO Mustafa Suleyman during the highly-anticipated 50th anniversary celebration. Here’s why.

My name is Ibtihal, and for the past 3.5 years, I’ve been a software engineer on Microsoft’s AI Platform org. I spoke up today because after learning that my org was powering the genocide of my people in Palestine, I saw no other moral choice. This is especially true when I’ve witnessed how Microsoft has tried to quell and suppress any dissent from my coworkers who tried to raise this issue. For the past year and a half, our Arab, Palestinian, and Muslim community at Microsoft has been silenced, intimidated, harassed, and doxxed, with impunity from Microsoft. Attempts at speaking up at best fell on deaf ears, and at worst, led to the firing of two employees for simply holding a vigil. There was simply no other way to make our voices heard.

We are witnessing a genocide

For the past 1.5 years, I’ve witnessed the ongoing genocide of the Palestinian people by Israel. I’ve seen unspeakable suffering amidst Israel’s mass human rights violations - indiscriminate carpet bombings, the targeting of hospitals and schools, and the continuation of an apartheid state - all of which have been condemned globally by the UN, ICC, and ICJ, and numerous human rights organizations. The images of innocent children covered in ash and blood, the wails of mourning parents, and the destruction of entire families and communities have forever fractured me.

At the time of writing, Israel has resumed its full-scale genocide in Gaza, which has so far killed by some estimates over 300,000 Gazans in the past 1.5 year alone. Just days ago, it was revealed that Israel killed fifteen paramedics and rescue workers in Gaza, executing them “one by one,” before burying them in the sand -- yet another horrific war crime. All the while, our “responsible” AI work powers this surveillance and murder. The United Nations and the International Court of Justice have concluded that this is a genocide, with the International Criminal Court issuing arrest warrants for Israeli leaders."

🧵 1/3

Source: https://www.theverge.com/news/643670/microsoft-employee-protest-50th-annivesary-ai

Anyone working with printers in their #activism should know about tracking dots. This project helps deal with them.

https://github.com/dfd-tud/deda

https://news.ycombinator.com/item?id=43551397

We’re devastated to announce that our great friend and colleague @mtaht has passed away 🥲 https://libreqos.io/2025/04/01/in-loving-memory-of-dave/

Dave is forever in our hearts and souls, in our routers and… in production. https://github.com/LibreQoE/LibreQoS/pull/684

We will miss you so much, Dave <3

Robert, @herberticus & Frank

#RFC8290 #DaveTaht #FQ_CoDel #sch_CAKE #OpenSource #FLOSS
#BandwidthIsALIE #schCAKE #FQCoDel #LibreQoS

Unfortunate news today that an internet friend and important engineer Dave Täht died recently. Dave was responsible for the bufferbloat project and the development of the Cake qdisc in the Linux kernel. He also pushed for much better control of latency across all internet hardware. He's a major reason why cable modem all have queue management algorithms. I interacted with him off and on for 15 years or so. He was about 59 years old so far too young.

via @toke

https://social.kernel.org/objects/bb4f56d3-5c79-4942-ab00-2b0310eb72d0
#openwrt

I was devastated to learn that Dave Täht passed away. Wrote a bit about it.

https://blog.tohojo.dk/2025/04/remembering-dave-t%C3%A4ht.html

“eBPF Announces Support for Tolkien Ring”
Oh wow! 🐝 🧝 💍

https://ebpf.io/blog/support-for-tolkien-ring/

Let's take a moment to remember the guy who made sure we don't have to change Every Goddamn Clock today, David L. Mills, creator of Network Time Protocol (NTP) who passed last year.

My wristwatch is synced to my phone, which is synced to the internet, which knows that time it is right now thanks to David Mills. Cheers to his memory 🥃

https://cse.engin.umich.edu/stories/remembering-alum-david-mills-who-brought-the-internet-into-perfect-time//

#DST #NTP #FOSS

Today I got a cheery email from somebody who claims to be the "ethics and compliance" officer for a company called Bright Data. He wanted to have a "no pressure" conversation about the whole AI scraperbot problem. Looking at their web site, this company offers an API that, and I quote, "Bypasses anti-scraping mechanisms and solves CAPTCHAs, ensuring uninterrupted access to the most protected web sites".

After careful consideration for several milliseconds, I have concluded that I really don't have anything to discuss with this person.

But at least their claimed "100M+" of residential IP addresses that they use for their DDOS attacks are "ethically sourced".

The internet of things is truly a wonder. 😝

#dishwasher #parody #iot

restic 0.18.0 is released! Blog: https://restic.net/blog/2025-03-27/restic-0.18.0-released/

GitHub: https://github.com/restic/restic/releases/tag/v0.18.0

New blog post: "ECN, ECMP and anycast: a cocktail of broken connections"

Just over five years ago, I was seeing weird "connection reset" errors when trying to connect to Cloudflare sites.

This turned out be due to an unholy alliance between ECN, ECMP and anycast routing, and figuring this out was quite interesting.

I meant to write up the experience in a blog post at the time, but somehow never got around to it. I was just reminded of this, so better late than never!

https://blog.tohojo.dk/2025/03/ecn-ecmp-and-anycast-a-cocktail-of-broken-connections.html

Trying to make it easier to debug RTNL lock contention...

https://github.com/iovisor/bcc/pull/5230

#GNUTerryPratchett

Ten years ago, Sir Terry Pratchett died. But "A man’s not dead while his name is still spoken."

We carry his memory with each DokuWiki release being named after one of his many Discworld characters.

If you never read a book by him - now is a good time to do so!

#GNUTerryPratchett

X-Clacks-Overhead: GNU Terry Pratchett

(That's been in all my outbound e-mail for a decade now.)

#RIP #TerryPratchett