The Changes

  2014-04-14 20:35 EDT

In the last few weeks, I've made some changes to (Yes, I said "I". I'll explain in a bit.) The response has been mixed. Several "yay!"s, several "wat"s and a silence I'll assume is "meh". I want to take a bit and put some context around these changes and why I'm making them.

Let's start with some history. wasn't born It was born in 1999-2000 as MAGnet or Rhizomatic, depending on who you ask. It was a refuge from EFnet #perl which had gotten a bit too, I guess, n00b-filled for everyone. So, a splinter group built an irc server and thus Rhizomatic was born. (I prefer Rhizomatic for the philosophical roots.) There were maybe a dozen or two users on a single server. Really, there was a single channel, too: #perl. Just as lawless as EFnet #perl but a more curated community. Curation by obscurity.

Over time, we added another server to cover downtime, then a third. Oper blocks were handed out to people we liked. There were no real rules because it was a network of friends.

Then it all changed.

One day, we woke up to discover that the domain had been pointed to our little network. Suddenly, we had n00bs and DDoS and botnets. Suddenly, we had a need for policy.

We purged the oper blocks down to just the people that run the network and drafted the most simple of policies. "We, the opers, run the network. Don't fuck with us." It was simple, elegant, and reflected our general annoyance at being bothered. But we also had an internal rule. No one gives a shit about the channels. We ran the network not the channels. We restored ops when necessary and that was pretty much it. We were still a network of only a few hundred. is a very different place now. Years have passed. We've grown from a few hundred to 1400 strong. We've grown from one main channel to 460 channels, most of which are community channels dedicated to a particular open source project. We've gone through half a dozen different node providers and even more opers.

All this time, though, general policy has stayed the same. Don't fuck with the opers.

Let's go back to that "I" from the beginning. Over the years, the oper group has shrunk for various reasons. I am the only surviving oper of the first few years. There are three of us who take care of the day to day, really. When it comes to policy, I'm the one deciding changes and making them happen. I control the server deployments. When I decided to make changes, I didn't need to consult anyone. (I did, though.) This is the definition of SPOF and the tendency for policy-developed-by-navel-gazing is too high.

You deserve better.

The new Standard of Conduct and the proposed governance structure are designed to two things. First, they codify what we've done informally for a long time. Second, they give control of the community back to the community.

Our Standard of Conduct really is, fundamentally, the Reasonable Person Principle spelled out in long form. There's nothing new in there, from my perspective. Don't be an asshole. In case you're not sure what that means, we helpfully spell it out.

The governance proposal makes official a program I started a year or two ago. To deal with the vast segments of the community I'm not aware of, I asked a couple of people to be opers so they could take care of the needs of their community segment. This proposal makes that official and puts them in one channel and, really, gives them a single goal. "Make this irc network into the best it can be for the community it serves."

Honestly, I do not expect this to change your day to day life on Well, unless you're an abusive asshole in a public channel. Then, yeah, you might want to re-examine your life choices. Otherwise, nothing in your irc life changes and, if there's a problem, you know who you can talk to about it.

And, yes, it is still just a proposal. If we decide this proposal a bad idea, as a community, we'll figure something else out.

From a network ops perspective, nothing is changing. Still the same ol' curmudgeon assholes keeping the lights on. You'll see us when the monsters come out to play.

I do want to be very clear about something, though. Part of the goal of the new SoC and the new governance is transparency. I will not, however, be transparent about the server architecture or day to day operations of the network. There's secret sauce in the system that helps mitigate and prevent the DDoS issues we had in 2010. If it affects the userbase, I'll be as transparent as I can but some things will always remain private.

There are a few other things brewing. Nothing that really affects anyone, though. I promised a way that you can donate to the server operations budget and that's still coming. I'm also working on some other ways people can pitch in.

For now though, I really need everyone to provide constructive feedback on the governance proposal. Please comment on the gist, grab me on irc or twitter.

So... about that mining rig

  2014-04-06 00:24 EDT

It grew.

22Gh/s now.

On Bitcoin Mining

  2014-03-22 16:24 EDT

I've gotten into bitcoin mining recently. Figured I'd show off the rig.

The kit runs down like this:

  • 5 BitMain AntMiner U2s at 2Gh/s each
  • 1 ASICMiner Block Erupter at 330Mh/s
  • 1 Raspberry Pi running Raspian and BFGMiner
  • 1 Rosewill 7 Port USB Hub
  • 1 Arctic Breeze 92mm USB powered fan

Why the Block Erupter, you ask? It's the first ASIC I bought and I actually really dislike it. It gets too hot to touch without the fan while the AntMiners are always pretty low temp. The block erupter costs about the same (at time of writing) as the U2s as well. However, one of the U2s is slightly defective and throws about 12% hardware errors. The Block Erupter covers that error rate to round out the numbers.

The USB hub also can't run 5 miners + the fan + the pi. It'll run 4 of them just fine though.

All in all, the rig mines at roughly 10Gh/s for a return of around 50uBTC/hr.

If I had a comments section, some of you would be all "but it'll take forever to pay off that rig!" and you're right. The problem is that I don't think of BTC that way. I think of it like WOW gold or EVE's ISK. Bitcoin is independently useful inside a specific context, separate from what the current USD rate is. I remember how much time and energy it took to make a living wage inside of EVE. This rig is cheaper than all that and it sits quietly doing its work regardless of my time and interest level.

Heavy Encryption (Followup: Having Trouble With Microsoft)

  2013-09-28 19:09 EDT

In my previous entry, I expressed some difficulties I was having with the Microsoft ecosystem. Since then, a lot has changed. In case you've been living under a rock or are a time traveller, there is strong evidence from multiple sources that the NSA has backdoors or compromises into most commercial software and Internet security products. Man-In-The-Middle attacks are being run against major Internet services. And in relevance to my previous entry, there's strong evidence that Microsoft actively helps the US government with early disclosure of security flaws, encryption backdoors, and quite possibly a backdoor into Windows itself.

A lot of this isn't terribly new information. The NSAKEY variable was discovered in 1999, after all. Previously, however, all we had were rumors, suspicions and conspiracy theories. Now we have confirmation and as close to hard proof as we're likely to get in the near future.

So, I did some thinking and some staring at the vast horde of technology laying around my apartment. (I'm more than a little bit of a hoarder when it comes to kit. I rarely throw kit away because I almost always find a use for it eventually.)

The end result is that I've decomm'd the Surface and taken it to work for work-related Windows stuff. No personal data goes there. I've ripped Win8 off my Dell XPS 12 and reimaged it with Ubuntu 13, with a LUKS encrypted drive and ecryptfs encrypted home tree. (I'll have a post about this soon. Getting Linux onto the XPS 12 has some tricks I've not found documented elsewhere.)

On the data side, I've taken everything down from cloud providers, moved to git-annex and a hosted bare-metal server in Europe. None of my data remains in the cloud and there now exists no unencrypted copy of my data.

I've always had a personal VPN hosted in Europe but I'm using it a lot more these days.

My phone is now an HTC One running Cyanogenmod. It does not sync data to the cloud and I sync data to/from it using USB.

My email is still currently in the hands of a US provider but that's mainly because setting up SMTP and IMAP is a pain in the ass. It's pretty much last on my list to self-host. I have, however, switched back to mutt+gpg.

At home, I've replaced my commercial firewall kit with a handrolled Linux based firewall/server. DNS is routed out via Europe given Verizon's cooperation with the NSA on so-called "metadata" surveillance. I'm also heavily using TOR, particularly when not at home.

I don't need a comments section to hear you ask "What the shit do you have that's interesting enough to warrant all this?"

As Aaron Schwartz and others have discovered, the Computer Fraud and Abuse Act is old and vague enough that us geeks probably commit multiple felonies a day and don't even know it. Ever keep a copy of a former employer's code after you left? BAM! Ever give your HBO GO password to a relative? BAM! Ever evade an IRC channel ban by changing your IP? BAM! A single indictment would not only likely ruin my career but it would give the government complete access to my data and gear.

I'm not particularly worried about being a target though and I'm not worried that men in black are going to bust down my door. But it's the principle of the matter. I don't want random people, government or no, to have access to my data and systems without my express permission for each use. And if The Man does decide that I'm interesting, they'll have a high barrier of entry to my life. (Yes, I am ignoring Rubber Hose decryption.)

It's also a matter of hygiene. You bathe, brush your teeth, wash your hair not as a response to a specific problem or incident. You do these things to prevent specific problems or incidents. You lock the doors of your house not because you see thieves waiting outside but because there might be.

I'm locking the doors of my data and software not because the men in black are lurking outside my door. I'm locking the doors of my data and software because I know they are lurking in my ISP, in US cloud services. I know they are dumping my data for offline processing by supercomputers. I know that some Booz-Allen contractor is running queries against databases containing my Google search history.

I know they are watching and I choose to at least make their lives more difficult.

Having Trouble With Microsoft

  2013-07-05 13:32 EDT

In my previous entry, I ranted a bit about Windows 8. Since then, I've been using a Surface Pro, obtained the weekend they came out. Combined with my Nokia 920 phone, I've been rocking Windows 8 in some flavor for seven or eight months.

I generally, as noted previously, really enjoy the experience.

Ignoring the sparse app ecosystem, I adore my 920 and the consistency of Windows Phone 8. It's lacking in some important ways, like VPN support and a sane notification system, but a lot of that is slated to get fixed in the next rev.

I'm also a heavy Xbox 360 user. The implementation of tiles on the recent builds is an atrocity but the game library is sizable and the controls are excellent. And let's face it; when done right, the kinect voice commands are spiffy.

But there's a problem which I can sum up in one word: Ads.

I fucking hate ads. I don't watch TV channels with ads. I'd rather spend the extra money to buy the ad-free versions from Amazon. I pay for Spotify, Pandora, and to get rid of ads.

When I pay for something, particularly something physical, I expect it to come ad-free. The Surface Pro runs $1k-ish. The new Xbox will run over $600. This is not some heavily discounted product line.

Yet, I'm seeing articles like these:

So the plan is for me to spend a significant amount of money to get a device that is still swarming with ads? For already expensive devices like my existing Surface Pro to become filled with ads that I can't turn off? For the Xbox, which I already pay a monthly fee to fully use, to mostly be an ad generation device?

This leaves me in a quandry. I've built a significant and shiny work environment out of the Surface. It's quite literally the center of my digital universe.

Most of my personal stuff could be moved back to Linux without a big fuss. My development work is already based on a VPS, for personal stuff, and a standalone Linux box, for day-job stuff, all tied together by OpenVPN.

My work environment, however, can't be moved to Linux. Office isn't a big problem thanks to their web apps but our conferencing software and other infrastructure bits are Windows-only. They also don't run well under virtualization.

So I can't just dump Ubuntu on the Surface and move on with life. Dual-booting is an option. I've been pondering a usb flash drive based solution where the whole Linux setup would live on a bootable stick, leaving the Windows partitions alone.

Being on vacation this week, I picked up a Samsung Chromebook and have built it into a network-required dumb terminal. This will be the subject of another post but I've got it configured to be on my personal vpn and derive most of its services from there. I'm thinking maybe of moving to a 2 machine system where the Surface is work and Windows-only grit-my-teeth-at-all-the-ads stuff while the Chromebook is everything else.

So, I don't know. I really like my Windows 8 centric environment but I just can't tolerate constant ads. I suppose whatever I figure out will show up in future posts.

Also, do I bail out on the Xbox and plan to be PS4-only?