summaryrefslogtreecommitdiff
path: root/content-org/blog.org
blob: 91829d88064112f86621932f2738fe1c835775d6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
#+TITLE: Michał Sapka's Emacs Config
#+AUTHOR: Michał Sapka
#+URL: https://michal.sapka.me/star-trek
#+STARTUP: show2levels indent logdone

#+HUGO_BASE_DIR: ~/ghq/vcs.sapka.me/michal-sapka-me/
#+HUGO_WEIGHT: auto
#+HUGO_SECTION: blog

* 2024  [5/5]                                                         :@blog:
:PROPERTIES:
:EXPORT_HUGO_SECTION: blog/2024
:END:
** DONE Software devolution in the hands of Apple
CLOSED: [2024-01-26 Fri 19:51]
:PROPERTIES:
:EXPORT_FILE_NAME: apple-dma
:EXPORT_HUGO_CUSTOM_FRONT_MATTER: abstract Apple tries dodging creating user freedom once again
:END:
Let's go back some 60 years into the past.
Image buying a /mainframe/ computer for a low price of 200k USD.
You can not install any arbitrary software there, as the architecture is closed.
PC with its openness will come in some 30 years.
For now, you have bought machine, but you are also renting it.
Any changes require a dedicated team to come to your site.
You are also forced to pay constant fee every month for the privilege to use the machine.

This was the standard way to /compute/ in the 60s.
But we have evolved.
Nowadays, you buy a computer and nothing keeps you from doing anything with it.

Unless you bought it from Apple.
Yesterday the Big A dropped a news article[fn:apple] about how they will comply with Digital Markets Act[fn:dma].

In short: they Cook-ed it.
They fulfilled the letter of the law, completely bypassing any reasoning behind the act.
One may say: Apple made the Cookie popup of the DMA.

Yes, external store will be possible and one may install[fn:sideload] programs bypassing Apple App Store.
It may even be possible to bypass Apple requirements for programs this way.
Hooray?

First of all: no /truly/ independent store will emerge.
Apple still needs to accept store before it is allowed to install anything.
And this comes with two requirements:
- 0.5Eur fee for each first install from so-called "Core Technology Fee" [fn:fee].
- 1 million EUR credit[fn:fee] [sic].
  Yup, to secure the above you need a letter of credit from a bank.
  This ensures that no independent store, akin to F-Droid will emerge.

But that's not all!
Apple requires that each version of you program distributed from different stores needs to be the same.
So, if you even think of having it /also/ on Apple App Store, you are forbidden from giving more freedom to a user in version sold /outside/.

And with those two Catch-22 requirements Apple stopped any real user freedom on their platform.
You may create an independent, non-for-profit store if you have enough profits to do that.

This goes against everything I believe in when it comes to /software/.
I want open computers empowering users, not closed ones guarding them.

And the scariest part?
Some folks are defending this policy.
Sometimes I feel like a relict of the past.

And I wonder how will they the botch opening iMessage.
I used to be an Apple fanboy.
I even owned an Airport Extreme.
But, as a father and person living from software development, I am at this point where I don't want to have anything to do with this company.

I own an iPhone 13 Mini and I hate UI.
I am forced to work on an MacBook and I hate how little one can customize there.
I also own an AppleTV and the availability of programs there is a joke.

I planned to /never/ buy an Apple device ever again.

But with this I am no longer just an ex-fanboy.
I am now actively *against* what they do and what they stand for.
This is no longer the company I fell in love with[fn:love].
For some time we've been discovering that a single provider shouldn't control the entire chain.
Apple became the /worst/ enemy when it comes to software freedom simply because /they can/.
Little by little, they prove Stallman's take[fn:stallman] is stop on.

Wake me up when Linux is ready for everyday phone use, because Google is a poor alternative.

[fn:dma] [[https://digital-markets-act.ec.europa.eu/index_en][The Digital Markets Act on EC site]]
[fn:apple] [[https://www.apple.com/newsroom/2024/01/apple-announces-changes-to-ios-safari-and-the-app-store-in-the-european-union/][Apple announces changes to iOS, Safari, and the App Store in the European Union]]
[fn:sideload] let's not call it "sideloading".
[fn:fee] [[https://9to5mac.com/2024/01/25/apple-says-third-party-app-marketplace-creators-must-have-e1000000-letter-of-credit/][Apple says third-party app marketplace creators must have €1,000,000 ‘letter of credit’]]
[fn:love] yup, having any positive feelings towards a company is not a good idea.
Proven by case in point.
[fn:stallman] [[https://stallman.org/apple.html][Reasons not to use Apple]]
** DONE Technical book review: Hacking APIs
CLOSED: [2024-01-19 Fri 20:01]
:PROPERTIES:
:EXPORT_FILE_NAME: hacking-apis
:EXPORT_HUGO_CUSTOM_FRONT_MATTER: abstract Short impression of 2600 magazine
:EXPORT_HUGO_PAIRED_SHORTCODES: img-r
:END:

#+attr_shortcode: "hacking-apis.jpg" 
#+begin_img-r
Cover
#+end_img-r
I am a software developer with a new-found interest in security.
Childhood spent watching hacking-related entertainment didn't go to waste.
When I saw the /hacking/ humble bundle, I knew I needed it.
My first read[fn:smnet] from that bundle was not a love at first sight I expected it to be.
Luckily, /Hacking APIs/ is a completely different beast.

The title says it all: it's about hacking web APIs.
The target audience seems to be aspiring pentesters.
I may even say that no prior experience is expected, as the author explains /a lot/.
You will learn how those APIs work, what to look when testing them and how to exploit them.

The book gives a really nice overview of most common vulnerabilities types, giving me new ways to be smug.
It is always welcomed.

Still, I will not benefit from a huge part of this book as it reads like a commercial for Burp Suite.
Yes, it is a standard and learning what one can do with it is great.
But I am not a pentester, so I will not need all that practical knowledge.
It's a great exercise for me, nothing more.

It will also come in handy if I decide to switch trades.

Highly recommended book!

*** Meta
- Read as PDF on Onyx Boox Note Air 2.
- Issues bought from Humble Bundle
- Next up: back to "Absolute FreeBSD".
[fn:smnet] [[/blog/2023/cybersecurity-for-small-networks/][Cybersecurity for Small Networks]]

** DONE 2600
CLOSED: [2024-01-12 Thu 21:23]

:PROPERTIES:
:EXPORT_FILE_NAME: 2600-magazine
:EXPORT_HUGO_CUSTOM_FRONT_MATTER: abstract Short impression of 2600 magazine
:EXPORT_HUGO_PAIRED_SHORTCODES: img-r
:END:
For quite some time I've been looking for a magazine to read.
In my younger days, reading computer game magazines was the best thing.
Way before the +internet+ big tech ruined everything, polish gamers have already found a safe haven.
In the dark days of post-communistic 90s, we were feeling like living in the future.

And then they, one by one, died.
Killed by "free" sites filled with ads and sponsored content.

It may very well be anachronistic to wait for a review that will not even move on the screen.
But this is exactly what I found to be great about them - slow moving, regular, without much fuss, much more deliberate.

I've been reading quite a few magazines recently, but finally I have found the one which fills me with passion - just like the ones from my childhood.
Now I have something to wait from, to learn from and, well, feel to be a part of it.

I have finally found *2600*[fn:site].

What is 2600 you ask?
Well, the magazine self-describes as /The Hacker Quarterly/ and it fully shows the purpose.
It's a magazine written, edited and read by /hackers/ that is released since 1984[fn:1984]
Hackers in the /original/ sense of the word - tinkerers trying to expand what is possible to do with electronic devices.
Other than that, the team behind 2600 also organized *Hope*, a hacker-focused conference (known as what Defcon was when Defcon was good. I've never been to either one, so I'm just repeating) and even made a few movies.
They were also very involved in the "Free Kevin"[fn:kevin] campaign.

All in all, 2600 encompasses everything that is good about computer-oriented communities, and it rejects the current status quo of closed, surveillance based systems.

It's not that this is the first time I've heard of it, but with the digital version, it finally became economically sane to get familiar.

Funny enough, I've bought my first issue late in December - just a few days before the next issue came out.
After finishing those two, I feel extremely satisfied.
I don't remember when was the last time I wanted to read a magazine from cover to cover.
This is exactly what the doctor ordered.

The biggest shock for me was how /soft/ the magazine is.
On the Internet, all /hackers sites/ focus on the technical stuff.
/2600/ also has some articles that are strictly technical, but there's not much of them.
It is, however, full of /hacker/ culture.
For me, as a /hacker/ much more in /spirit/ than in /abilities/, this is simply wonderful.

It seems that U found what I was looking for a long ass time.
All this, because 2600 is finally available as digital download.
I need to give my data to make the payment, but the PDF comes without any DRM.
Beats paying dozens USD just for shipping by a mile!

Though paying by Monero would be much more l33t.

Finally, as part of [[/blog/2024/email-project/][The Email Project]] I have emailed the editing team.
A significant portion of these 2 issues I've bought is occupied by letters from readers.

*** Contents of  Winter 2023/2024 issue (40-4)
#+attr_shortcode: "2600-40-4.webp" 
#+begin_img-r
Cover of issue 40-4
#+end_img-r
- The Road Behind
- The Dark Side of DNA Data
- The BoneBox
- Artificial Intelligence and Creativity
- Career and Gloating in Las Vegas
- TELECOM INFORMER
- Enhance Your Typing Experience With Mechanical Keyboards
- Adventures in Lockpicking
- Ooops; v97.129
- Geo-Distributed Bug Bounty Hunting
- Being a Hacker
- Byte-Sized Justice: A Tale of Hacker Ethics and Copy Protection
- A Quick Intro to Biohacking
- HACKER PERSPECTIVE
- Privacy: Protecting Your Personal Information Online
- The AI Risk Nobody Seems to Mention
- American Shanzhai, Part 4
- EFFECTING DIGITAL FREEDOM
- Quantum Computer Algorithms, Part III: DES Decryption
- GPT Revolution: Reimagining Programming in the Era of AI
- Snitched Out by Tech
- I Fight for the Users
- ARTIFICIAL INTERRUPTION
- Platform Capitalism Can't Surveil Absurdism (and Worse)
- Alzheimer's and AR Tech
- Book Review: Pegasus
- Book Review: Fancy Bear Goes Phishing

*** Contents of Autumn 2023 issue (40-3)
#+attr_shortcode: "2600-40-3.webp" 
#+begin_img-r
Cover of issue 40-3
#+end_img-r
- Memories to Come
- Designing an OpenAI Powered IRC Chat Bot for Fun and Profit
- Cute App, But I'll Use My Own
- Saying Goodbye to an Old (GPFS) Friend
- TELECOM INFORMER
- The Arrival of 2600 Digital Delivery
- Why Aren't You Cracking Your Users' Passwords?
- A Technology Life Story
- Social Engineering is Forever
- Is AI More of a Tool or an Ethical Challenge?
- Quantum Proof Encryption
- But I Don't Want a Copilot
- HACKER PERSPECTIVE
- Diskless Malware
- Hacking the Airwaves
- Adventures in Zero Trust
- American Shanzhai, Part 3
- EFFECTING DIGITAL FREEDOM
- Go On a Journey
- Morbid Curiosity in the Weaponized AI Era
- See You on the C-Drive (A Series of Late 20th Century Fragments)
- ARTIFICIAL INTERRUPTION
- Is 2600 Still Relevant?
- Learn Linux, People!
- WasteTrackers and More


*** Meta
- Read as PDF on Onyx Boox Note Air 2.
- Issues bought from [[https://2600.com][2600.com store]] <BR>
- Next up: back to "Hacking APIs". It's great!

[fn:site] [[https://2600.com][Official website of 2600]]
[fn:kevin] [[https://www.mitnicksecurity.com/blog/how-the-free-kevin-movement-changed-the-cyber-security-industry][How the Free Kevin Movement Changed the Cyber Security Industry]]
[fn:1984] that's one year older than me!

** DONE The Email Project
CLOSED: [2024-01-03 Wed 18:26]
:PROPERTIES:
:EXPORT_FILE_NAME: email-project
:EXPORT_HUGO_CUSTOM_FRONT_MATTER: abstract This year I want to rely on Email even more!
:END:
I have no resolutions for 2024, as the last ones were dropped long before December.
There is however one thing I wanted to do for a long time: to rely on Email more.

So my project for 2024 is as simple as sending email.
I will not use any other means (sigh, social media) to reach people I want to contact.
Instead, I will use plain, old email.http://localhost:1313/blog/2023/cybersecurity-for-small-networks/

Last year one person (won't name publicly due to respect and privacy) emailed me, and we've been exchanging messages since then.
It was the surprise of the year and I met a person I would never have a chance otherwise.
I would like it to happen more, as this is a great growth experience.

I'm not leaving [[https://emacs.ch/@mms][Mastodon]], but I will not approach people using it.
Furthermore, I'd love to leave Discord and Messenger, but folks there are pretty stubborn :)

** DONE Links for week #01
CLOSED: [2024-01-03 Wed 18:12]
:PROPERTIES:
:EXPORT_FILE_NAME: links-01
:EXPORT_HUGO_CUSTOM_FRONT_MATTER: abstract Cool links from week 01 of 2024
:END:

It's the New Year, so here are some cool links I've stumbled upon recently:
- **[[https://www.anildash.com/2024/01/03/human-web-renaissance/][The Web Renaissance Takes Off]]** -
  Maybe the web is not lost?
  A very short opinion piece.
- **[[https://www.jwz.org/blog/2023/12/remember-when-mozilla-made-a-web-browser/][Remember when Mozilla made a web browser?]]** -
  I use Firefox, I promote Firefox, and I am very sad to have to agree with author
- **[[https://garymarcus.substack.com/p/things-are-about-to-get-a-lot-worse][Things are about to get a lot worse for Generative AI]]** -
  Guess who got caught training on and recreating copyrighted content?
  Spoiler: it's AI
- **[[https://blogsystem5.substack.com/p/the-ides-we-had-30-years-ago-and][The IDEs we had 30 years ago... and we lost]]** -
  A cool, short article on IDEs of the past and how little have they progressed
- **[[https://aftermath.site/true-lies-4k-uhd-blu-ray-james-cameron-peter-jackson-park-road-post][They Want You To Forget What A Film Looks Like]]** -
  jump from VHS to DVD was huge; from DVD to HD big; from HD to 4k was incremental at best.
  In this article we explore a few recent upscales and how bad they are.
  Spoiler: it's AI

But, most importantly, The Weaver published _TWO_ new articles on computer history:
- [[http://wovenmemories.net/2023/12/30/First.Operating.System_Part.2.html][First Operating System -- Part Two]]
- [[http://wovenmemories.net/2024/01/02/Subroutines.html][Subroutines]]