Francis 🇾🇪 🏳️🌈 🏳️⚧️ @francis@greenplenty.social
- Socialist Fiction
- https://francis.fish
- Green Plenty
- https://www.greenplenty.info
- Medium
- https://medium.com/@fjfish
Admin
Francis. Old guy in the corner. Socialist, maybe even a (shock) Marxist. Can't stop writing. Musician. Coder for over 30 years.
Joined Apr 2022
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
In 2025, the top 1% will get a tax cut of more than $60,000.
Meanwhile, the bottom 60% will see a tax cut of less than $500.
This is why we called the Trump tax cuts a giveaway to the super-rich.
Because that’s exactly what they were.
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
I have said, and I've printed a sticker in case you don't hear me say it:
Defend Dangerous Computing
I don't know if I've ever said why.
VS Code + Github hold a monopoly on the software development process like hasn't been seen since before the days of GNU. (You can @ me about GNU later, that's not the point right now.) Developers have been lured to this end by very nice to use tools, that are "free." These tools are both owned by Microsoft who can integrate them together as tightly as anything. The average, I would guess, developer experience is completely tied up in VS Code and Github.
Many of us don't use either, we can get back to that point later.
Now that we're all settled in to the default MS workflow, let's introduce a couple more technologies that seem obvious for security: Trusted Computing, SBOM and Software Identification.
There is a movement to secure the open source supply chain. I'm intimately familiar, and have been working in that space for a few years now. There are others more involved and smarter than me, look them up. A large open source software ecosystem has a broad attack surface, and this is making some people nervous. With something greater than 80% of enterprise software comprising of open source components, there are those in the security community who are nervous about the potential for malicious code to be introduced somewhere within this vast, porous field. In order to answer to this threat, new elements of control are being explored. Most of these seem benign on their own.
Having a bill of materials for a piece of software is fine. Having a reasonable assurance that the software you are running is the software that you think you are running is fine. Signing packages, libraries, SBOMs and various attestations is also fine, probably even good.
VS Code and Github are already starting work to make providing signed SBOM and attestations seamless for developers. Additional work being proposed by CISA aims to make it easier to identify software packages, and Microsoft will no doubt provide free, robust tools to make this simple for developers as well. No doubt, these tools will integrate seamlessly between Code and Github with little to no effort. We have an open source code ecosystem we can trust.
Did somebody say Trust? Let's add Trusted Computing. Without getting way into implementation specifics, Trusted Computing (and it's ilk) are designed to ensure that only the software that the hardware manufacturer deems "safe" may be run. Combined with secure software identification, SBOMs and trusted certificates, Trusted Computing we have an impenetrable fortress within which approved software may be safely run. Right?
"Safe" is not necessarily determined by the user of the system, but by the manufacturer, by regulators, by law. With a hegemony in place to ensure that software is identified, signed and approved, and hardware will only run approved software, this is looking pretty sweet for the monopolists - all with the blessing of regulators to give real teeth to any punishment for violation. CFAA gets even more powerful, no?
By willingly leaning into the VS Code + Github monopoly, developers are cutting a clear path to domination in exchange for "free", convenient tooling. These same folks might say of Alphabet or Meta, "If you're not paying, you're the product." Why would this be any different for corporate development tools?
This story gets even spookier when you add browser monopoly, cloud monopoly, what have you. If you don't like the word "monopoly", try "monoculture" and see if that makes you feel any better.
So, I say fuck safe (I work in cybersecurity, the irony is not lost on me), give me Dangerous Computing. Give me keen tools that I control that, yes, I might be able to cut myself on. Give me weapons, or get out of my why while I build my own.
DEFEND DANGEROUS COMPUTING
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
People who can comfortably live off 30% of their income cluelessly explaining savings to people who can barely live off 100% of theirs is a phenomenon I encounter way too often.
YOU'RE NOT BETTER AT BUDGETING YOU JUST HAVE MORE MONEY.
@c_9 one thing I’ve been wondering about for ages is whether or not there are enough materials to make all the batteries we will need. I’ve not really seen it answer to this.
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
Look like one group is doing well out of the cost of living (enforced poverty) crisis & the financial plight of local councils (now often taking a zero tolerance approach to outstanding payments)...
Yup, the Bailiffs are have a good time (and of course, the bosses are paying themselves accordingly.
Yet one more symptom of a country in which callousness has been normalised & poverty is increasingly violently punished.
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
Millenials having "little to no loyalty in the workplace" is a sign of *progress*, not concern, you fucking deliberately obtuse coercive capitalist fucks.
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
Britain's poor have been the victims of fifteen years of Tory austerity & poor economic management.
But you don't have to believe their critics on this, as Tom Clark sets out here (with links) the state's own data show conclusively the effect of shredding the safety net for the vulnerable & poor.
We have a callous govt. that has wrecked this country for so many; now no-one can now claim they were unaware.
Will Keir Starmer act on this?
https://www.theguardian.com/commentisfree/2024/mar/21/poverty-britain-society-failing-poorest-people
@nickpeers Thatcher never won the popular vote. Closest she came was 49%.
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
@ChrisMayLA6 be interesting to see if there’s a North/South divide for the over 60’s
For sociopaths, empathy is propaganda https://medium.com/@jmtolcher/the-zone-of-interest-is-gaza-propaganda-4b0d937a4d38
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
:abreath:🌬️
There's something about the northern reaches that just get weird...
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
Extending Trump's tax cuts will cost $3.5 trillion over a decade.
This is why Trump wants to cut Social Security.
So he can take a lifetime of earned benefits away from working people and gift it to the rich.
It's reverse Robin Hood.
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
The Inaccessibility Cycle
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
"Labour see incitement to kill an MP who they’ve been bullying for years and marginalising for 11 months as a chance to score political points against the Tories and a convenient opportunity to fundraise donations, and the Tories see the world’s first live-streamed genocide as a good thing because it’s harming Labour’s standing amongst Muslim voters."
#UKpolitics
https://anotherangryvoice.substack.com/p/tories-want-gaza-genocide-continue-labour-muslim?utm_source=pocket_saves
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
Unions are a better invention than chatGPT
Francis 🇾🇪 🏳️🌈 🏳️⚧️
boosted
Wanton killing of innocent civilians is terrorism, not a "war against terrorism."
-- Noam Chomsky
- Socialist Fiction
- https://francis.fish
- Green Plenty
- https://www.greenplenty.info
- Medium
- https://medium.com/@fjfish
Admin
Francis. Old guy in the corner. Socialist, maybe even a (shock) Marxist. Can't stop writing. Musician. Coder for over 30 years.
Joined Apr 2022
