Re: Survey on the impact of software regulation on DNS systems
Hi, On Thursday, 27 March 2025 13:10:42 CET Peter 'PMc' Much wrote: > Finally got back to this one. Thank You, both of You! Not to worry, these emails are still as relevant now as they were back then :) > A mixture of both is very much what we already have. In Brussels, > for instance, 90% of the personel are not politicians, but lobbyists. > They are the vast majority, and their job is to make sure that the > government does what big tech wants. > > We must consider that government people, i.e. politicians, are not > engineers. Unlike most of us here, they are just as overwhelmed by the > vast amount of technological innovation as ordinary people nowadays are. > > Then, what makes things worse is: the ordinary people, being overwhelmed > by all the new things, look up to the governments with the expectation > that these should make things "somehow safe" for the people. And the > politicians, having no more clue than the ordinary people, now have to > /pose/ as being competent in order to get elected and stay in power. > > So the only chance they have is to listen to their consultants - and > these consist almost entirely of lobbyists who have their own agenda; > for the simple reason that even if you are competent, there is no way > to get into these circles unless you are backed by a powerful sponsor. Once I attended a lobby in Brussels, organized by the Free Software Foundation Europe. It was held in response to GitHub being acquired by Microsoft. I went there because for me, it's really just a single train ride away (Antwerp to Brussels). Meeting these various European politicians face-to-face was a surreal experience, but also equally fascinating. I didn't like that Microsoft acquired GitHub, and made sure to mention it there as such. I also mentioned that I was operating in the capacity of an individual GitHub user, which they had no issue with. Eventually, the acquisition happened regardless, and Microsoft made some rather interesting choices like adding a snapshot of all GitHub repositories into their Arctic Code Vault. That's when I left GitHub and deployed my own Gitea instance. It's unfortunate, because GitHub is ultimately where all the eyeballs are. But issue trackers aside, I do not intend to return. > The sad thing is: we knew all this before. In the aftermath of > the 1968 student revolts and due to the rising popularity of social > sciences, we had excellent analysis of the inherent problems of > /power/. > Only, nowadays nobody seems to care for these materials anymore. :( > > So, while I am not strictly against regulation, the bottomline question > appears to be: how do we manage to get /unbiased skill/ into the > decision making process? When I sent an e-mail to the EU Commission (if memory serves) about the Chips Act, I was told that my correspondence traversed several of their departments before being added to their internal memos. They also mentioned that I should join their "Expert Group", which presumably would've involved representatives of various chips manufacturers (ASML and TSMC come to mind). I didn't join and consider my email to be somewhat inaccurate in retrospect, but.. oh well. Benefit of hindsight I guess. It worked at the time, so back then it should've been good enough. Either way, I'm glad that such Expert Groups exist. If they can offer advisory to the politicians themselves and bicker among each other to level the playing field, all the better. > Now having a look at Michael's comment: > > On Sat, Feb 01, 2025 at 08:54:32PM +0100, Michael De Roover wrote: > ! Now, to be fair, when actual safety is involved, that's perhaps a case > where ! regulation is justified. > > Certainly. Now, with more and more things moved to the Internet, it > will be not far into the future that safety-critical material ends > up there - probably unnoticed until some accident happens. And after > the accident the outcry for regulations will be imminent. Fascinating. Just the other day, I did experience a denial of service attack, that turned out to be performed by none other than OpenAI. It was against my Gitea server, with OpenAI's crawlers requesting an unreasonable amount of zip and bundle archives from it. Those were generated, (presumably) transferred and saved to disk. This took down my Gitea instance twice so far, in both cases due to storage being depleted. What I find interesting about it, is that until now, I had an overall positive sentiment towards AI. Not entirely glazed from its drawbacks either, mind you, artists in particular have been very vocal about their disdain towards the technology threatening their livelihood. But that seemed like a foreign concept to me, until it literally came to my doorstep now. I won't claim to hate AI at this point, even after this incident. But I do want to take a more proactive approach to keeping them the fuck away from my lawn. The proverbial guard dogs are to be deployed, and they will bite.
Re: ECS subnet
> Am 25.02.2025 um 01:06 schrieb Evan Hunt : > > On Tue, Feb 18, 2025 at 08:40:53AM +0100, Rainer Duffner wrote: >>> ECS is not supported in the open source version of BIND so I guess >>> it might not get logged. > > The open source version doesn't *send* client-subnet requests, > or cache the responses differently depending on client-subnet data > included in a response. > > However, it does recognize the option, and it will log it when it > sees it. Turn on query logging and, if there are ECS options present > in responses, you should see things like "[ECS 192.168/16/0]" in the > log. > > I don't know if this is any help to you, though. I don't think I've > understood what you're trying to do. Hi, it turns out, that to use the send-client-subnet option in unbound, it has to be compiled with the „subnetcache“ module - which is apparently not happening by default on FreeBSD. Once I rebuilt unbound with that option and passed the right IP for the downstream-server, the actual source IPs did show up. Thanks a lot for hint! Rainer -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: ECS subnet
> One follow-up question: it seems the IP is not shown in the RPZ log. Can this be adjusted? -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Survey on the impact of software regulation on DNS systems
On Sun, Feb 02, 2025 at 02:45:08PM -0500, Paul Kosinski via bind-users wrote: ! On Sat, 1 Feb 2025 14:47:35 + ! Marc wrote: ! ! "You have to get the bigger picture. Everything requires regulation otherwise big tech is going to fuck you. There are enough examples out there." ! ! The even bigger picture is that the regulators are sometimes even worse than Big Tech. Finally got back to this one. Thank You, both of You! What immediately came to my mind after reading Marc's stance, that there are two other option (and I'll stay with the wording for now): * big tech can just fuck the government, which is usually easier to achieve, or * big tech can team up with the government in order to fuck you. A mixture of both is very much what we already have. In Brussels, for instance, 90% of the personel are not politicians, but lobbyists. They are the vast majority, and their job is to make sure that the government does what big tech wants. We must consider that government people, i.e. politicians, are not engineers. Unlike most of us here, they are just as overwhelmed by the vast amount of technological innovation as ordinary people nowadays are. Then, what makes things worse is: the ordinary people, being overwhelmed by all the new things, look up to the governments with the expectation that these should make things "somehow safe" for the people. And the politicians, having no more clue than the ordinary people, now have to /pose/ as being competent in order to get elected and stay in power. So the only chance they have is to listen to their consultants - and these consist almost entirely of lobbyists who have their own agenda; for the simple reason that even if you are competent, there is no way to get into these circles unless you are backed by a powerful sponsor. The sad thing is: we knew all this before. In the aftermath of the 1968 student revolts and due to the rising popularity of social sciences, we had excellent analysis of the inherent problems of /power/. Only, nowadays nobody seems to care for these materials anymore. :( So, while I am not strictly against regulation, the bottomline question appears to be: how do we manage to get /unbiased skill/ into the decision making process? Now having a look at Michael's comment: On Sat, Feb 01, 2025 at 08:54:32PM +0100, Michael De Roover wrote: ! Now, to be fair, when actual safety is involved, that's perhaps a case where ! regulation is justified. Certainly. Now, with more and more things moved to the Internet, it will be not far into the future that safety-critical material ends up there - probably unnoticed until some accident happens. And after the accident the outcry for regulations will be imminent. ! It's more or less like that with the radios in mobile ! devices too. Not sure if that firmware should be proprietary, but allowing ! everyone to have an SDR in their pockets might not be a great idea either. That's funny, because that is what originally brought me onto this train of thought: two years ago I got myself a new laptop. And I put FreeBSD onto it. It's a Fujitsu laptop (and it works fine, btw), and what came as a surprize; it does /not/ have a radio kill switch. Instead, for cost-saving, the radio-kill function was put onto a certain keyboard-key. So effectively there is no such function, unless you install the manufacturer's specific device driver (which certainly does not exist for unix). We can see where this leads: FreeBSD provides ready-to-install OS packages - they even have a funded initiative to simplify installation on laptops for non-technical people. In the end, the user may not even know whether the OS has found and powered on the radio (unless they read the debug logs) - and anyway, they cannot switch it off. Then, if you want to make a case that this is unsafe, it shouldn't be too difficult. Compare this to the situation for mobile-phones. No such problem does exist with these: there is only one provider for the OS, and it is (officially) impossible to modify it, therefore the hardware manufacturer can be held responsible to properly design the device. >From here onwards you can easily argue to politicians that there are safety issues, and private people should only be allowed to use computer OS software as provided by Google or Apple, on those devices that are designed for such software (as most of the people do already, anyway). And, closing the circle: from there onwards the governments will make sure that big tech indeed has the authority to fuck you, thanks to regulation. cheerio, PMc -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
