October 24th, 2025
October 22nd, 2025
posted by ![[syndicated profile]](https://www.dreamwidth.org/img/silk/identity/feed.png)
xkcd_feed at 04:00am on 22/10/2025
xkcd_feed at 04:00am on 22/10/2025
It's time for another question thread!
The rules:
- You may ask any dev-related question you have in a comment. (It doesn't even need to be about Dreamwidth, although if it involves a language/library/framework/database Dreamwidth doesn't use, you will probably get answers pointing that out and suggesting a better place to ask.)
- You may also answer any question, using the guidelines given in To Answer, Or Not To Answer and in this comment thread.
The rules:
- You may ask any dev-related question you have in a comment. (It doesn't even need to be about Dreamwidth, although if it involves a language/library/framework/database Dreamwidth doesn't use, you will probably get answers pointing that out and suggesting a better place to ask.)
- You may also answer any question, using the guidelines given in To Answer, Or Not To Answer and in this comment thread.
There are no comments on this entry. (Reply.)
Last night I wrapped up another Julia Armfield novel, Private Rites. This novel is about three estranged sisters who are pushed back together when their father dies.
Very sorry I can't give this one a higher rating (I gave it a 3.25 on StoryGraph), because I loved the last Armfield novel I read, Our Wives Under the Sea, and this book shares a lot of similarities with that one. Our Wives Under the Sea was a meditative, slow-paced exploration of an evolving grief which hit me quite hard, but Private Rites comes off, if I can be excused for phrasing it this way, like it's trying too hard. Private Rites obviously really wants the reader to think it's Deep and Thoughtful and Literary, and it shows this desire too clearly for it to work, for me.
What does succeed in Private Rites is the frustrating and heart-breaking portrayal of three estranged sisters struggling with the legacy of a complicated and toxic father. Isla, Irene, and Agnes are not particularly likeable people, and even they muse over whether this can be tied to their strange and un-childlike childhood, or if it's just natural to them. Armfield so captures the feeling of being trapped at a certain age around family, the notion that they are locked into their view of you at ten or thirteen or seventeen and never update that view to reflect who you are as an adult and how you may subconciously regress to fit that view around them. She also catches the frustrating feeling of knowing you are reacting irrationally to a sibling and not being able to stop yourself and how much emotional history undergirds these seemingly outsized responses.
The slow apocalypse happening in the background of the story feels like it ties in well with the emotional state of the three protagonists; a drowning of the world that takes place a little at a time over many years until things become unlivable.
However, as mentioned above, the book ultimately does not succeed to me at being engaging. It is incredibly introspective in a way that comes off as navel-gazing. The "City" portions of the chapters felt especially like Armfield begging us to find the novel artistic and creative, which was unnecessary, because there's plenty here to stand on its own.
The ending also felt like a complete non-sequitur. The seeds for it were sown throughout the book, but not prominently enough that I cared when it came about. Instead, I felt cheated out of an emotional denouement among the three sisters, which is cast off in a coup by this last-minute, poorly-explained plot point.
I also felt like Isla gets an unfair share of grief, and it wasn't clear why she among the three of them was singled out to be exclusively miserable.
Do love the queer representation here; Armfield continues to excel in that.
On the whole, there is a lot of good meat here and it approaches grief from a completely different angle from Our Wives Under the Sea so that it doesn't feel at all repetitive if you've read that one, but it also drags more and I found the ending unsatisfying.
Very sorry I can't give this one a higher rating (I gave it a 3.25 on StoryGraph), because I loved the last Armfield novel I read, Our Wives Under the Sea, and this book shares a lot of similarities with that one. Our Wives Under the Sea was a meditative, slow-paced exploration of an evolving grief which hit me quite hard, but Private Rites comes off, if I can be excused for phrasing it this way, like it's trying too hard. Private Rites obviously really wants the reader to think it's Deep and Thoughtful and Literary, and it shows this desire too clearly for it to work, for me.
What does succeed in Private Rites is the frustrating and heart-breaking portrayal of three estranged sisters struggling with the legacy of a complicated and toxic father. Isla, Irene, and Agnes are not particularly likeable people, and even they muse over whether this can be tied to their strange and un-childlike childhood, or if it's just natural to them. Armfield so captures the feeling of being trapped at a certain age around family, the notion that they are locked into their view of you at ten or thirteen or seventeen and never update that view to reflect who you are as an adult and how you may subconciously regress to fit that view around them. She also catches the frustrating feeling of knowing you are reacting irrationally to a sibling and not being able to stop yourself and how much emotional history undergirds these seemingly outsized responses.
The slow apocalypse happening in the background of the story feels like it ties in well with the emotional state of the three protagonists; a drowning of the world that takes place a little at a time over many years until things become unlivable.
However, as mentioned above, the book ultimately does not succeed to me at being engaging. It is incredibly introspective in a way that comes off as navel-gazing. The "City" portions of the chapters felt especially like Armfield begging us to find the novel artistic and creative, which was unnecessary, because there's plenty here to stand on its own.
The ending also felt like a complete non-sequitur. The seeds for it were sown throughout the book, but not prominently enough that I cared when it came about. Instead, I felt cheated out of an emotional denouement among the three sisters, which is cast off in a coup by this last-minute, poorly-explained plot point.
I also felt like Isla gets an unfair share of grief, and it wasn't clear why she among the three of them was singled out to be exclusively miserable.
Do love the queer representation here; Armfield continues to excel in that.
On the whole, there is a lot of good meat here and it approaches grief from a completely different angle from Our Wives Under the Sea so that it doesn't feel at all repetitive if you've read that one, but it also drags more and I found the ending unsatisfying.
There are no comments on this entry. (Reply.)
October 20th, 2025
AWS had an outage today and Signal was unavailable for some users for a while. This has confused some people, including Elon Musk, who are concerned that having a dependency on AWS means that Signal could somehow be compromised by anyone with sufficient influence over AWS (it can't). Which means we're back to the richest man in the world recommending his own "X Chat", saying
Elon is either uninformed about his own product, lying, or both.
As I wrote back in June, X Chat genuinely end-to-end encrypted, but ownership of the keys is complicated. The encryption key is stored using the Juicebox protocol, sharded between multiple backends. Two of these are asserted to be HSM backed - a discussion of the commissioning ceremony was recently posted here. I have not watched the almost 7 hours of video to verify that this was performed correctly, and I also haven't been able to verify that the public keys included in the post were the keys generated during the ceremony, although that may be down to me just not finding the appropriate point in the video (sorry, Twitter's video hosting doesn't appear to have any skip feature and would frequently just sit spinning if I tried to seek to far and I should probably just download them and figure it out but I'm not doing that now). With enough effort it would probably also have been possible to fake the entire thing - I have no reason to believe that this has happened, but it's not externally verifiable.
But let's assume these published public keys are legitimately the ones used in the HSM Juicebox realms[1] and that everything was done correctly. Does that prevent Elon from obtaining your key and decrypting your messages? No.
On startup, the X Chat client makes an API call called GetPublicKeysResult, and the public keys of the realms are returned. Right now when I make that call I get the public keys listed above, so there's at least some indication that I'm going to be communicating with actual HSMs. But what if that API call returned different keys? Could Elon stick a proxy in front of the HSMs and grab a cleartext portion of the key shards? Yes, he absolutely could, and then he'd be able to decrypt your messages.
(I will accept that there is a plausible argument that Elon is telling the truth in that even if you held a gun to his head he's not smart enough to be able to do this himself, but that'd be true even if there were no security whatsoever, so it still says nothing about the security of his product)
The solution to this is remote attestation - a process where the device you're speaking to proves its identity to you. In theory the endpoint could attest that it's an HSM running this specific code, and we could look at the Juicebox repo and verify that it's that code and hasn't been tampered with, and then we'd know that our communication channel was secure. Elon hasn't done that, despite it being table stakes for this sort of thing (Signal uses remote attestation to verify the enclave code used for private contact discovery, for instance, which ensures that the client will refuse to hand over any data until it's verified the identity and state of the enclave). There's no excuse whatsoever to build a new end-to-end encrypted messenger which relies on a network service for security without providing a trustworthy mechanism to verify you're speaking to the real service.
We know how to do this properly. We have done for years. Launching without it is unforgivable.
[1] There are three Juicebox realms overall, one of which doesn't appear to use HSMs, but you need at least two in order to obtain the key so at least part of the key will always be held in HSMs
The messages are fully encrypted with no advertising hooks or strange “AWS dependencies” such that I can’t read your messages even if someone put a gun to my head.
Elon is either uninformed about his own product, lying, or both.
As I wrote back in June, X Chat genuinely end-to-end encrypted, but ownership of the keys is complicated. The encryption key is stored using the Juicebox protocol, sharded between multiple backends. Two of these are asserted to be HSM backed - a discussion of the commissioning ceremony was recently posted here. I have not watched the almost 7 hours of video to verify that this was performed correctly, and I also haven't been able to verify that the public keys included in the post were the keys generated during the ceremony, although that may be down to me just not finding the appropriate point in the video (sorry, Twitter's video hosting doesn't appear to have any skip feature and would frequently just sit spinning if I tried to seek to far and I should probably just download them and figure it out but I'm not doing that now). With enough effort it would probably also have been possible to fake the entire thing - I have no reason to believe that this has happened, but it's not externally verifiable.
But let's assume these published public keys are legitimately the ones used in the HSM Juicebox realms[1] and that everything was done correctly. Does that prevent Elon from obtaining your key and decrypting your messages? No.
On startup, the X Chat client makes an API call called GetPublicKeysResult, and the public keys of the realms are returned. Right now when I make that call I get the public keys listed above, so there's at least some indication that I'm going to be communicating with actual HSMs. But what if that API call returned different keys? Could Elon stick a proxy in front of the HSMs and grab a cleartext portion of the key shards? Yes, he absolutely could, and then he'd be able to decrypt your messages.
(I will accept that there is a plausible argument that Elon is telling the truth in that even if you held a gun to his head he's not smart enough to be able to do this himself, but that'd be true even if there were no security whatsoever, so it still says nothing about the security of his product)
The solution to this is remote attestation - a process where the device you're speaking to proves its identity to you. In theory the endpoint could attest that it's an HSM running this specific code, and we could look at the Juicebox repo and verify that it's that code and hasn't been tampered with, and then we'd know that our communication channel was secure. Elon hasn't done that, despite it being table stakes for this sort of thing (Signal uses remote attestation to verify the enclave code used for private contact discovery, for instance, which ensures that the client will refuse to hand over any data until it's verified the identity and state of the enclave). There's no excuse whatsoever to build a new end-to-end encrypted messenger which relies on a network service for security without providing a trustworthy mechanism to verify you're speaking to the real service.
We know how to do this properly. We have done for years. Launching without it is unforgivable.
[1] There are three Juicebox realms overall, one of which doesn't appear to use HSMs, but you need at least two in order to obtain the key so at least part of the key will always be held in HSMs
There are 3 comments on this entry. (Reply.)
posted by ![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
alierak in ![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png)
dw_maintenance at 10:11am on 20/10/2025
alierak in dw_maintenance at 10:11am on 20/10/2025DW is seeing some issues due to today's Amazon outage. For right now it looks like the site is loading, but it may be slow. Some of our processes like notifications and journal search don't appear to be running and can't be started due to rate limiting or capacity issues. DW could go down later if Amazon isn't able to improve things soon, but our services should return to normal when Amazon has cleared up the outage.
Edit: all services are running as of 16:12 CDT, but there is definitely still a backlog of notifications to get through.
Edit 2: and at 18:20 CDT everything's been running normally for about the last hour.
Edit: all services are running as of 16:12 CDT, but there is definitely still a backlog of notifications to get through.
Edit 2: and at 18:20 CDT everything's been running normally for about the last hour.
There are 24 comments on this entry. (Reply.)
October 17th, 2025
October 15th, 2025
October 14th, 2025
Taste of Home Fall Baking: 275+ Breads, Pies, Cookies and More!
Paperback – September 13, 2022
by Taste of Home (Editor)
( Read more... )
Paperback – September 13, 2022
by Taste of Home (Editor)
( Read more... )
busy
There are 2 comments on this entry. (Reply.)
October 13th, 2025
October 12th, 2025
posted by marycatelli in ![[community profile]](https://www.dreamwidth.org/img/silk/identity/community.png)
books at 11:49pm on 12/10/2025
marycatelli in books at 11:49pm on 12/10/2025Sanders' High School Reader by Charles Walton Sanders
The final reading program with more elocution exercises. The standards by which the choices were made are laid out in the preface.
So again the interesting thing to the modern reader is probably the choices. Scientific, religious, political, historical -- poems, speeches, essays --
The religious is sometimes generically theistic, sometimes Christian, sometimes specifically Protestant (in a passage where it is explicitly stated that the contemplative vocation is non-existent).
The final reading program with more elocution exercises. The standards by which the choices were made are laid out in the preface.
So again the interesting thing to the modern reader is probably the choices. Scientific, religious, political, historical -- poems, speeches, essays --
The religious is sometimes generically theistic, sometimes Christian, sometimes specifically Protestant (in a passage where it is explicitly stated that the contemplative vocation is non-existent).
There are no comments on this entry. (Reply.)
This one is not likely to be of much interest to non-Americans. This weekend I blew through The Originalism Trap: How Extremists Stole the Constitution and How We the People can Take it Back by Madiba K. Dennie. This book delves into the originalism theory of constitutional interpretation, why it's far more ahistorical than its adherents want you to believe, and some tracks we could take to counter it.
If you aren't familiar, "originalism" is a theory of constitutional interpretation that says in order to understand the Constitution, we must interpret it as closely as we can to how the original writers would have interpreted it. It posits itself as the most true-to-history and unbiased way to interpret the Constitution. It was also a fringe theory for decades, until relatively recent political winds brought it to the forefront.
Originalism traps us in the mindset of 18th century wealthy white men and refuses to let us progress any further. Originalism says if we didn't have the right then, we can't have it now. Originalism cherry-picks its history to conveniently arrive at a conservative goalpost no matter what the real story is. I wrote an essay in grad school on why originalism is horseshit, so this book was of particular interest to me.
Dennie does a great job making this book accessible to everyone. I would strongly recommend this as a read for any one in the legal or legal-adjacent professions, but I think anyone can read and pick up what Dennie is laying down here. She summarizes the history of originalism as well as deep-diving into its most recent developments (this book was published in 2024, so it's quite recent).
Originalism has a way of making itself seem inevitable, but Dennie reveals with researched ease how untrue that is; she shows the hypocrisy and insincerity of the theory over and over.
Dennie doesn't stop at "here's what's wrong" either--she has proposal and suggestions for how to counter the outsized influence of this once-disfavored theory and what we as citizens can do to push back against it. On the whole, while there is obviously anger and frustration in this book--feelings I share!--there is also a lot of hope and optimism. Dennie calls herself an optimist at heart, and it shows. This is not a doom-and-gloom book foreseeing an indefinite miserable political future for liberals and anyone who wants to expand rather than contract the depth and breadth of our rights. It is a justified call-out to political opportunists seeking to dress their partisanship up as rationalism, but it is also an essay on how it doesn't have to be this way.
At a brief 218 pages (plus bibliography), The Originalism Trap is easy to recommend to any fellow Americans, both as a way to understand where we're at, and a way forward, hopefully out of this extremist quagmire. Dennie can occasionally be irreverent in a way I feel detracts rather than adds to her argument, but she is also dealing with incredibly dry material that the average reader will probably struggle to stay engaged with, so I can forgive it. Very glad I picked this one up and I left feeling hopeful that there is an achievable alternative to where we are now.
If you aren't familiar, "originalism" is a theory of constitutional interpretation that says in order to understand the Constitution, we must interpret it as closely as we can to how the original writers would have interpreted it. It posits itself as the most true-to-history and unbiased way to interpret the Constitution. It was also a fringe theory for decades, until relatively recent political winds brought it to the forefront.
Originalism traps us in the mindset of 18th century wealthy white men and refuses to let us progress any further. Originalism says if we didn't have the right then, we can't have it now. Originalism cherry-picks its history to conveniently arrive at a conservative goalpost no matter what the real story is. I wrote an essay in grad school on why originalism is horseshit, so this book was of particular interest to me.
Dennie does a great job making this book accessible to everyone. I would strongly recommend this as a read for any one in the legal or legal-adjacent professions, but I think anyone can read and pick up what Dennie is laying down here. She summarizes the history of originalism as well as deep-diving into its most recent developments (this book was published in 2024, so it's quite recent).
Originalism has a way of making itself seem inevitable, but Dennie reveals with researched ease how untrue that is; she shows the hypocrisy and insincerity of the theory over and over.
Dennie doesn't stop at "here's what's wrong" either--she has proposal and suggestions for how to counter the outsized influence of this once-disfavored theory and what we as citizens can do to push back against it. On the whole, while there is obviously anger and frustration in this book--feelings I share!--there is also a lot of hope and optimism. Dennie calls herself an optimist at heart, and it shows. This is not a doom-and-gloom book foreseeing an indefinite miserable political future for liberals and anyone who wants to expand rather than contract the depth and breadth of our rights. It is a justified call-out to political opportunists seeking to dress their partisanship up as rationalism, but it is also an essay on how it doesn't have to be this way.
At a brief 218 pages (plus bibliography), The Originalism Trap is easy to recommend to any fellow Americans, both as a way to understand where we're at, and a way forward, hopefully out of this extremist quagmire. Dennie can occasionally be irreverent in a way I feel detracts rather than adds to her argument, but she is also dealing with incredibly dry material that the average reader will probably struggle to stay engaged with, so I can forgive it. Very glad I picked this one up and I left feeling hopeful that there is an achievable alternative to where we are now.
There are no comments on this entry. (Reply.)
October 11th, 2025
posted by marycatelli in books at 11:19am on 11/10/2025
marycatelli in books at 11:19am on 11/10/2025The Perks of Being an S-Class Heroine, Vol. 5 by Grrr
Spoilers ahead for the earlier volumes.
( Read more... )
Spoilers ahead for the earlier volumes.
( Read more... )
There are no comments on this entry. (Reply.)