Former biologist. Actual PhD in genetics. Security at Nvidia, OS security teaching at https://www.ischool.berkeley.edu. Blog: https://mjg59.dreamwidth.org Signal: @mjg.59 He/him
10,624 followers 134 following 2,028 posts
view profile on Bluesky
Seems like Samsung like just using serial, so starting point is just pass through all communications while I figure out what the protocol is and then I can send my own commands (I will be doing this while it is *not* connected to the gas line because while I am An Idiot I am not That Idiot)
Well my tumble dryer has decided that the whole "tumble" aspect of things is overrated so now I need to unstack it but the good news is this is an excellent opportunity to stick an esp in between the rx and tx lines on the control board and make it smarter than it wants to be
(My printer is out of ink, I reject all potential customers equally)
A service I offer is that if you are asked to print Charlie Kirk memorial fliers and don't want to, you can tell your customer that I will do it instead and then I'll tell them my printer is out of ink
He'd have thought chip spice was an abomination
What are you talking about?! The musical is on right now up on the roof. The stage is next to the pool, you can't miss it.
30th anniversary of Hackers and there's still no musical version
Honour Charlie Kirk's death in the way he would have honoured yours
Bizarre dream in which @jeriellsworth.bsky.social was the Linux IPX maintainer and I was trying to write a spec for remote attestation over IPX except half the docs said IPS and I thought "Must be a bit flip" but after checking this morning I regret to inform you my subconscious is bad at binary
Every time the discourse is "Political violence is inherently bad and does not achieve its goals" I wonder whether the Good Friday Agreement could have happened without violence and the answer is that I want to say "yes" but I legitimately do not know
The Sun purple is throwing me
"This whole thing smacks of gender"
Wake me up when someone's killed with a bullet engraved with a dril tweet
Please be aware that I will be wearing black jeans
"Who could possibly have predicted that Peter Mandelson would have poor judgement" is the kind of position that should clearly mark someone out as being dangerously disconnected from all observable facts AND YET
I'm sorry, that's not entirely my fault but
Gone through the magic shed that changes the train from standard gauge to Iberian gauge
Update: they are in the wrong coach
They have been informed that they can't just pile their bags on top of seats
In Europe and am somehow still surrounded by Americans trying to work out how to use a train
Ugh, Walgreens at 2262 Market gave it to me and my partner with no trouble last Thursday
And the lack of forward secrecy or just any modern cryptographic design means that extracting your key once decrypts all messages you've ever sent or will send in the future, so they only need to do this once
And, like I said at the time, there's almost no point in it anyway - there's no attestation between the HSM and the client so you can't tell you're speaking to the HSM or an intermediate that's stashing copies of the keys, and there's not even any key transparency to detect any future changes
Almost three months after the Twitter eng lead said they'd publish evidence of their use of HSMs for message encryption keys in the "not too distant future", the feature is now GA without that having been done x.com/cambridgemik...
techcrunch.com/2025/09/05/x... shouldn't surprise anyone but quotes me so it's obviously good
No, encrypted with a key that you need the PIN to access. The protocol that they're using (from juicebox.xyz) is actually competent and prevents brute force access if implemented correctly - but we have no proof it's implemented correctly, and they could obtain the PIN through various methods anyway
The discovery that my girlfriend's mother in law is called Paula and was dating in the south bay around 1983-1985 led to some extreme concern that she might be the Paula that en.m.wikipedia.org/wiki/Amiga_O... was named after (but apparently no!)
Maximum Waymo recline on the front seat is pretty much old school 170 degree business class and I'm here for it
Quoting so I can use this later
Warranty stickers, but for software, and maybe we pick things that don't have them
Proposal: any product from a vendor who's going to DMCA you for doing fun things with their product needs a sticker on the box saying that
Oh no
Tesco meal deal, except instead of your packet of crisps you can get a rapid disease test
Yes, that is the joke
That's kind of the point, yes
The single biggest indicator of the US tariff structure making no fucking sense is that nobody is offering a service to tell you how much you'll be paying despite doing so being a licence to print money right now and how do you fuck up capitalism that badly
My heart goes out to every actual cryptographer who's still obliged to deal with him in some way
djb's having a normal one, I see: cr.yp.to/2025/2025082...
Can't decide whether it's going to be worse if KF wins against the UK and proceeds on the absolute worst victory lap, or loses and just fucks things up for everyone forever
Upside of it becoming basically impossible to get anything interesting shipped to the US for one reason or another is that maybe I'll actually finish some projects instead of starting new ones
It's free on Prime in the US and I want to emphasise that it is absolutely not good but that was a fucking experience
Antonio Banderas as a private detective giving sub-Harrison Ford Bladerunner noir voiceovers, a sex scene with a woman with a tattoo of a cloud chamber who gives him an explanation of the standard model while they fuck, Sam Elliott with a particle accelerator, I'm not even scratching the surface
Was exposed to The Big Bang (2011) last night, a film so bizarre that I've had to spend a chunk of today verifying that it actually exists and I didn't dream the whole thing
The one thing I will accept the use of generative models for is replacing Hugh Jackman in Swordfish with Hugh Jackman, but Wolverine. In every scene. I don't care if it looks awful. I believe this solves the question of whether "AI" can be art.
J K Rowling is literally less qualified than me to opine on the nature of biology as it applies to sex and the fact that she means otherwise means I wish ill of her because why else did I get a PhD in this
To the best of my knowledge nobody in this picture ever dated anyone else in this picture but it absolutely looks like we're on our third set of complicated arrangements and we need to record this to pay our lawyers
What could possibly go wrong here other than, well, the giant list of things that could go wrong
Occasionally I stumble over this old picture from my undergrad that feels exceptionally like I'm in a 70s album cover
Me: Someone should run a VPN with attestable infrastructure to let people verify it's not backdoored or logging (Monkey's paw curls, vp.net is set up with SGX attestation, is run by the former CEO of Mt Gox and that fuckhead fake crown prince of Korea who destroyed Freenode) Me: Fuck.
Fortunately, being a Tesla, something being in its way isn't going to stop it
It finally happened to me
Any time any discourse about prop 8 and the people who funded it comes up, remember: at the time, California had marriage equality. The people backing prop 8 didn't want to legally embody an existing social norm - they wanted to remove a right people already had.
(just in front of the front wheel in the first picture, between the two rear wheels in the third)
Today's contribution to the "Build proper protected bike lanes" discourse (this is literally across the road from a police station)
People will be like "Idiocracy was a documentary" but actually it was a 2006 comedy film starring Luke Wilson
Turn all your taps on to save your emails
It literally ticks all the boxes for "Military grade encryption" (both in theoretical and actual terms)
"Military grade encryption" by which people mean the password input for the key derivation function for the AES key is written on a post it that's stuck on the wall visible from someone's webcam
I recently pulled a bunch of ancient hard drives out to back them up and found an old .bash_history that is absolutely just me ytalking my then girlfriend
Trying to make sure I understand this properly: Laura Loomer, when being deposed in her lawsuit, repeatedly refuses to name her boyfriend because (understandably!) she's concerned about him being harassed, finally does in a chunk marked "Confidential", and then *her* lawyer publishes it?
Never forget today, when, on this day in 1988, Zero Cool crashed 1,507 systems in one day.
Hey, my partner and I saw you across the bar, and your vibes are just bad. Bringing the entire place down. You should go somewhere else, maybe see the great clown Pagliacci
RSA Conference webcast spam titled "They got past Signal's encryption" and it turns out that it's about it being possible to extract data from a compromised device (cc: @meredithmeredith.bsky.social)
Knock knock
I did a thing with an Amiga and a PiStorm and Doom that is probably not illegal but morally ought to be: mjg59.dreamwidth.org/73001.html
mobile keyboards need a "backspace until ?utm=" button
If you send me a 3000 word essay based on a 20 word prompt you are transferring information in an incredibly inefficient way. I'm going to have no idea what you actually wanted to convey. Just send me the prompt. I promise the outcome will be better.
If you're going to send me something written by an LLM then save us all time and resources and just send me your prompt instead. I'll value a text that says "Heartfelt condolence message with reference to a list of events" more, because this way I at least actually know what you were thinking
As someone with a PhD in genetics I am here to tell you why it is inappropriate to associate value judgements with "genes", a scientific term that is actually surprisingly poorly defined. In this essay
Copyright is entirely a legal framework nominally intended to codify an ethical system but now largely preserving business models
Not making any accusations here, just noting that if you wanted to poison search results for "(your name) rapist", starting a company with a known rapist would be a great way to achieve that
Yes! Several European jurisdictions have a whole bunch of additional moral rights that are really interesting here
"How do I square wanting copyright to have less power with not wanting massive economic distortion to destroy the entire creative industry" is an easier problem if you don't try to use copyright to solve the second part
Did the thing when booking a hotel where I forgot how tiny Portland blocks are and thought everything was much further apart
Ok honestly I enjoy getting to talk about whether copyright law is even the right framework to consider the ethical nature of LLM model training
Heading to Portland tomorrow to speak at Fossy, let me know if you're around and would like to catch up
Yup, thank you!
Good morning I wrote about how the secure boot certificate rollover isn't going to break Linux for everyone: mjg59.dreamwidth.org/72892.html
Gotta hand it to Emil Bove for making me feel like I'm aging gracefully
Briefly concerned as we start accelerating out of the station and I spot a low-flying helicopter that's going to intersect our course before I remember that I'm on a train and the probability of our paths intersecting is *extremely* small
Global Protect Clientless VPN appears to be what you'd get if you described Beyondcorp to an extremely drunk person over a very poor quality phone line
My current project is running Doom on a Raspberry Pi but displaying it on actual Amiga hardware by banging on the registers directly and never executing any 68000 code and obviously I have decided this should be called Cordoomceps
Encoding a spectrogram of goatse into birdsong and teaching it to enough birds that it is passed down through the generations until one day in the future someone is unexpectedly shocked
That final duration
It's obscene that this is happening and also the only way this is going to change is if people with actual power are convinced to wield it via whatever mechanism that takes
Is it awful that payment processors are getting to unilaterally determine what types of media can be sold? Yes. Is harassing the businesses who depend on not being kicked off the payment processors going to change that? No.
"Have you any idea how much damage that bulldozer would suffer if I just let it roll straight over you?" "How much?" said Arthur. "None at all" said Mr. Prosser except it's "Have you any idea how much Mastercard would care if a small marketplace refused to continue doing business with them"
People on social will really be like "you believe in receiving money? that pales in effectiveness to my strategy, refusing to accept credit cards" and then not refuse to accept credit cards
The combination of my girlfriend buying a label printer, us just having watched Murderbot, and me repeatedly checking my phone means that my phone is now labelled "The perimeter"
Columbia University perusing the Columbia House catalogue and thinking "How hard can it possibly be to cancel" before sending off $200 million
Working model remains that everyone saying "This is bad" means Elon doesn't get the attention hit he wants and stops caring and everyone ignores it from now on
A month and a half later and still no formal description of how the Twitter encrypted DMs work or documentation of their key ceremony or anything that would prevent Twitter MITMing the key exchange and getting people's private keys
(probably not really enough to turn into a full talk)
Eh real world customer interest was limited, I need to figure out a stronger pitch. There's some degree of spire support for TPM as an identity root, but not a lot of state attestation
If you could see me talking about anything at EMF, what would it be
Four Seasons Total Lawscaping is this a thing
Love that in a town of 90 buildings they managed some sectarianism
Taking the train up to Oakland from work, which means I get to go via en.m.wikipedia.org/wiki/Drawbri...
And the kids will say, "Haven't you heard? Keir is dead! The People's Prosecutor is dead!"
Ok let me rephrase this would someone I already know to be an actual human please recommend either themselves or someone they know to be an actual human