Unfortunate news today that an internet friend and important engineer Dave Täht died recently. Dave was responsible for the bufferbloat project and the development of the Cake qdisc in the Linux kernel. He also pushed for much better control of latency across all internet hardware. He's a major reason why cable modem all have queue management algorithms. I interacted with him off and on for 15 years or so. He was about 59 years old so far too young.
via @toke
https://social.kernel.org/objects/bb4f56d3-5c79-4942-ab00-2b0310eb72d0
#openwrt
Let's take a moment to remember the guy who made sure we don't have to change Every Goddamn Clock today, David L. Mills, creator of Network Time Protocol (NTP) who passed last year.
My wristwatch is synced to my phone, which is synced to the internet, which knows that time it is right now thanks to David Mills. Cheers to his memory 🥃
restic 0.18.0 is released! Blog: https://restic.net/blog/2025-03-27/restic-0.18.0-released/
GitHub: https://github.com/restic/restic/releases/tag/v0.18.0
Wonderful synthesis of why Silicon Valley has deluded itself into thinking it is a year or two away from AGI by Aaron Ross Powell:
https://www.aaronrosspowell.com/p/why-tech-bros-overestimate-ai-s-creative-abilities
I'm going to quote my favorite bits in this thread
Ten years ago, Sir Terry Pratchett died. But "A man’s not dead while his name is still spoken."
We carry his memory with each DokuWiki release being named after one of his many Discworld characters.
If you never read a book by him - now is a good time to do so!
X-Clacks-Overhead: GNU Terry Pratchett
(That's been in all my outbound e-mail for a decade now.)
If your criticism of "big tech" is merely a result of the unhappiness about the fact that Meta, Google and Microsoft aren't EU-corporations you are missing the point.
There is nothing that indicates that SAP or Deutsche Telekom would hesitate a second at the chance of becoming equally violent and exploitive forces.
The solution to Big Tech isn't EU Big Tech. It's de-commercialisation and democratization of tech.
That ESP32 thing has a CVE: CVE-2025-27840: https://nvd.nist.gov/vuln/detail/CVE-2025-27840 .
And, pretty much everything all of the well-known infosec people have been saying is correct: physical access required (or, high privileges and high attack complexity; the score is kinda 'wrong' in some sense because it is combining two exploitation vectors but I think it gets across the point: this is not wormable and is not exploitable via wireless, at least not on its own. and if your threat model allows for physical access but still treats this as a big deal somehow, go home, your threat model is drunk).
“The fundamental weakness of Western civilization is empathy, the empathy exploit,” Musk said. “There it’s they’re exploiting a bug in Western civilization, which is the empathy response.”
-Elon Musk, March 6, 2025
“In my work with the defendants (at the Nuremberg Trials 1945-1949) I was searching for the nature of evil and I now think I have come close to defining it. A lack of empathy. It’s the one characteristic that connects all the defendants, a genuine incapacity to feel with their fellow men. Evil, I think, is the absence of empathy.”
-Captain G. M. Gilbert, the Army psychologist assigned to watching the defendants at the Nuremberg trials
https://www.cnn.com/2025/03/05/politics/elon-musk-rogan-interview-empathy-doge/index.html
The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented "backdoor" that could be leveraged for attacks.
Update 3/9/25: After receiving concerns about the use of the term "backdoor" to refer to these undocumented commands, we have updated the title of our story.