How TCP backlog works in Linux | Andreas Veithen

Andreas Veithen (Google, Apache); How TCP backlog works in Linux; In His Blog; 2014-01-01 → 2015-03-14.

Referenced

W. Richard Stevens, TCP/IP Illustrated, Volume 3: TCP for Transactions, HTTP, NNTP, and the UNIX Domain Protocols; Addison-Wesley; 2016-02-11; 352 pages; ASIN:0134457102: Kindle: no, paper: $60+SHT.

Actualities

CVE-2017-1000367 in Sudo’s get_process_ttyname() for Linux | oss-security@…ts.openwall.com

CVE-2017-1000367 in Sudo’s get_process_ttyname() for Linux; On That Certain Mailing List, hosted At OpenWall; 2017-05-30.

tl;dr → patch all the computers; something after circa sudo-1.8.20p1, the advice is not specific.

A Tale of Two Industries: How Programming Languages Differ Between Wealthy and Developing Countries | Stack Overflow

David Robinson (Stack Overflow); A Tale of Two Industries: How Programming Languages Differ Between Wealthy and Developing Countries; In Their Blog; 2017-08-29.

Promotions

Previously

In Their Blog

Actualities

Defending Internet Freedom Through Decentralization: Back to the Future? | Barabas, Narula, Zuckerman

Chelsea Barabas, Neha Narula, Ethan Zuckerman; Defending Internet Freedom Through Decentralization: Back to the Future?;a book?; The Center for Civic Media & The Digital Currency Initiative; MIT Media Lab; 2017; 113 pages.

tl;dr → theoretical; mentions Bitcoin on page 2; offers a cook’s tour of the boosterist community and their projects: Freedom Box, Diaspora, Mastodon, Blockstack, Interplanetary File System (IPFS), Solid, Appcoins, Steemit.

Table of Contents

  • Executive Summary
  • Introduction
    • The Rise of the Centralized Web
    • Risks Posed by the Centralized Web
    • Structural Interventions as a Possible Solution
  • Section II: Federation
    • Freedom Box
    • Diaspora
    • Mastodon
  • Section III: Open Protocols
    • Authentication
    • Blockstack
    • Interoperability
    • IPFS
    • Solid
  • Section IV: Appcoins
    • Steemit
  • Conclusion

Recommendations

  • Wait and see, only time will tell.
    <quote>A precondition for the success of these distributed
    platforms is a shift towards user-controlled data,</quote>
  • Fund the projects (the best-of-breed exemplars, below, and more)
    e.g. Let’s Encrypt.
  • The fascination, gee whiz!; it’s simply phenomenal!
    Use Appcoins

    • circumvent Venture Capital funding.
    • business model: unspecified, but definitely “not advertising”
  • A fool and his money are soon parted:
    • <quote>However, this space also has a lot of potential for scams, and it might be unreasonable to expect users to manage a financial stake in many different networks.</quote>

Mentions

  • Bitcoin
  • Facebook
  • Reddit
  • Let’s Encrypt
  • Appcoins
  • Digitial Millennium Copyright Act (DMCA)

Exemplars

  • Freedom Box
  • Diaspora
  • Mastodon
  • Blockstack
  • Interplanetary File System (IPFS)
  • Solid
  • Appcoins
  • Steemit

Concerns

  • User and developer adoption
  • Security
  • Monetization and incentives

Promotions

References

There are 201, presented as footnotes.

Separately noted.

Decentralize It! | Track Changes

Paul Ford (PostLight); Decentralize It!; hosted centrally on Medium; 2017-08-23.
Paul Ford is co-founder PostLight; adviser to Medium.

tl;dr → dude, literally nothing is stopping you from performing your vision, as you’ve outlined it (the servers-at-home thing). Nike! (recipe below)

Occasion

Chelsea Barabas, Neha Narula, Ethan Zuckerman; Defending Internet Freedom through Decentralization: Back to the Future?;a book?; The Center for Civic Media & The Digital Currency Initiative; MIT Media Lab; 2017; 113 pages; separately filled, noted.
tl;dr → theoretical; mentions Bitcoin on page 2; offers a cook’s tour of the boosterist community and their projects: Freedom Box, Diaspora, Mastodon, Blockstack, Interplanetary File System (IPFS), Solid, Appcoins, Steemit.

Mentions

Rebuttal

  • He does note the irony paradox contradiction between his words and his actions.
    <quote>I’m writing this on a centralized platform called Medium.</quote>
    The Socratic Method: And why is that?
  • Anyone can stand up a server and put it in the hall closet.
    Convincing other people to access it reliably & consistency has always been the problem.

Design

Hardware
Software
  • Fedora
  • ownCloud,
  • and the rest
    • sendmail
    • dovecot
    • httpd
    • bind
    • openvpn
    • etc.

     

Alternate

Librem 5A Security and Privacy Focused Phone; separately filled.

Quotes

  • <quote>Centralized things end up easy to use and make money for relatively few people. </quote>
  • <quote>The web is inherently decentralized, which has made it much easier for large companies to create large, centralized platforms. </quote>

Previously

In His Blog

Revisiting How We Put Together Linux Systems | Lennart Poettering

Lennart Poettering; Revisiting How We Put Together Linux Systems; In His Blog; 2014.

Concept

<quote>

… something that we like to call Operating-System-As-A-Virus. Installing a new system is little more than:

  • Creating a new GPT partition table
  • Adding an EFI System Partition (FAT) to it
  • Adding a new btrfs volume to it
  • Deserializing a single usr sub-volume into the btrfs volume
  • Installing a boot loader into the EFI System Partition
  • Rebooting

</quote>>

Summary

<quote>

  • We want a unified scheme, how we can install and update OS images, user apps, runtimes and frameworks.
  • We want a unified scheme how you can relatively freely mix OS images, apps, runtimes and frameworks on the same system.
  • We want a fully trusted system, where cryptographic verification of all executed code can be done, all the way to the firmware, as standard feature of the system.
  • We want to allow app vendors to write their programs against very specific frameworks, under the knowledge that they will end up being executed with the exact same set of libraries chosen.
  • We want to allow parallel installation of multiple OSes and versions of them, multiple runtimes in multiple versions, as well as multiple frameworks in multiple versions. And of course, multiple apps in multiple versions.
  • We want everything double buffered (or actually n-fold buffered), to ensure we can reliably update/rollback versions, in particular to safely do automatic updates.
  • We want a system where updating a runtime, OS, framework, or OS container is as simple as adding in a new snapshot and restarting the runtime/OS/framework/OS container.
  • We want a system where we can easily instantiate a number of OS instances from a single vendor tree, with zero difference for doing this on order to be able to boot it on bare metal/VM or as a container.
  • We want to enable Linux to have an open scheme that people can use to build app markets and similar schemes, not restricted to a specific vendor.

</quote>