I remember the time Aaron was hospitalized and I spent two hours on the phone going through my bookshelves arguing with him about the virtues of the books in my library as we tried to decide which books I would bring him. I remember Aaron confronting Peter Singer intellectual founder of the modern animal rights movement at the Boston Vegetarian Food Festival to ask if humans had a moral obligation to stop animals from killing each other. I lurked behind, embarrassed about the question but curious to hear the answer. (Singer sighed and said yes sort of and complemented Aaron on the enormous Marxist commentary he was carrying.) I remember 1-800-INTERNET.com. I remember talking with Aaron about whether being wealthy could be ethical. I argued it could not but Aaron argued uncharacteristically I thought that it could. Aaron told Mika she should slap him if he ever became wealthy. The very next day, it was announced that his company had been acquired and that Aaron was a millionaire. I remember the standing bets I had with Aaron and how he would email me every time news reports favored his claims (but never when they did not). And I remember that I won t hear from him again.Aaron was a friend and inspiration. I miss him deeply and I am very sad.
SJ: You know, Mako and I had some pretty good ideas for improving connectivity to the internet, and we think we can reach 90% of the world s population. So think about this. You re sitting in a Starbucks, and you need to connect to the internet. But you can t, because there s no internet. But what is there, near every Starbucks? There s a payphone! You pick up the payphone, and you call . 1-800-INTERNET. You can connect to our bank of researchers on our fast T1 connections and get any information you need! So, we don t actually have 1-800-INTERNET yet, we have 1-800-225-3224, so the first thing we need to do is buy the number. So here s Mako, who is our web designer from UC Santa Cruz and Bradford, our financial guru, and Aaron, who s handling all of our technical implementation. But Mako, you should explain the earballs. Mako: So, so, so yeah, so most people on the Internet are going for the eyeballs, but they ve just left all of these earballs. So I have some experience in web design, and it s true that this isn t really a website, but we still need good web design. So, so, I ve actually got a really experienced team, we can go into later, and we have some really great earcons not icons, but earcons.. And it s going to be all together, not apart like some of the websites. It s going to be together. Brad: so how does this work technically? Aaron: Well, I mean, so I only spent one year at Stanford but that s Ok, because there are new developmental technologies, we re going to throw away all that old stuff, we re going to use really reliable and efficient well-designed code that everyone can clearly understand, and write the whole thing in Perl. I know this is a risk, but I am confident that Perl is going to destroy those old C websites. No one will write websites in C anymore once we do this, it s going to be so much faster, and so dynamic, everythings going to be like, on top of everything. It s going to be great. Bradford: So here s the business model. It s really really simple, and it s a really really great idea. It s all about the licensing. Because what we re going to have are these underlying audio ads, While you re on the phone you re going to hear this subliminal advertising message. And the way it works is really really cool, because it s really really low volume, it s high impact! And it s even better, because we license it, and the way it works is when a caller calls 1-800-Internet, they re hearing the ad, but so is the representative, so we get to bill em twice! So that s it: All: 1-800-INTERNET.COMWe did not win and I still believe that we were robbed.
Social activism and political disobedience are important and often valuable things, but performing your social activism using other people's stuff is just rude. I think it can be a forgivable rudeness; people can get caught up in the moment and not realize what they're doing. But it's still rude, and it's still not the way to go about civil disobedience.While i generally agree with Russ' thoughtful consideration of consent, I have to take issue with this elevation of some sort of hyper-extended property right over the moral agency that drives civil disobedience. To use someone else's property for the sake of a just cause without damaging the property or depriving the owner of its use is not "forgivable rudeness" -- it's forgivable, laudable even, because it is just. And the person using the property doesn't need to be "caught up in the moment and not realize what they're doing" for it to be acceptable. Civil disobedience often involves putting some level of inconvenience or discomfort on other people, including innocent people. It might be the friends and family of the activist who have to deal with the jail time; it might be the drivers stuck in a traffic jam caused by a demonstration; it might be the people forced to shop elsewhere because the store's doors are barricaded by protestors. All of these people could be troubled by the civil disobedience more than MIT's network users and admins were troubled by Aaron's protest, and that doesn't make the protests described worse or "not the way to go about civil disobedience." The trouble highlights a more significant injustice, and in its troubling way does what it can to help right it. Aaron was a troublemaker, and a good one. He will be missed. Tags: aaronsw
Publisher: | Ace |
Copyright: | 1992 |
Printing: | December 1993 |
ISBN: | 0-441-65241-7 |
Format: | Mass market |
Pages: | 194 |
2005/06 | 2006/07 | 2007/08 | 2008/09 | 2009/10 | 2010/11 | 2011/12 | |
---|---|---|---|---|---|---|---|
number of (partial) days | 25 | 17 | 29 | 37 | 30 | 30 | 25 |
Dam ls | 10 | 10 | 5 | 10 | 16 | 23 | 10 |
Diedamskopf | 15 | 4 | 24 | 23 | 13 | 4 | 14 |
Warth/Schr cken | 0 | 3 | 0 | 4 | 1 | 3 | 1 |
total meters of altitude | 124634 | 74096 | 219936 | 226774 | 202089 | 203918 | 228588 |
highscore | 10247m | 8321m | 12108m | 11272m | 11888m | 10976m | 13076m |
# of runs | 309 | 189 | 503 | 551 | 462 | 449 | 516 |
dpkg-buildflags
interface in dpkg that at long last gives the
distribution, the package maintainers, and users the control they want over
the build flags used when building packages.
The announcement mail gives all the gory details about how to invoke
dpkg-buildflags in your build to be compliant; but the nice thing is, if
you're using dh(1)
with debian/compat=9
, debhelper does it for you
automatically so long as you're using a build system that it knows how to
pass compiler flags to.
So for the first time, /usr/share/doc/debhelper/examples/rules.tiny
can now
be used as-is to provide a policy-compliant package by default (setting
-g -O2
or -g -O0
for your build regardless of how debian/rules
is
invoked).
Of course, none of my packages actually work that way; among other things I
have a habit of liberally sprinkling DEB_MAINT_CFLAGS_APPEND := -Wall
in my rules, and sometimes DEB_LDFLAGS_MAINT_APPEND := -Wl,-z,defs
and
DEB_CFLAGS_MAINT_APPEND := $(shell getconf LFS_CFLAGS)
as well. And my
upstreams' build systems rarely work 100% out of the box with dhauto*
without one override or another somewhere. So in practice, the shortest
debian/rules file in any of my packages seems to be 13 lines currently.
But that's 13 lines of almost 100% signal, unlike the bad old days of
cut'n'pasted dh_* command lists.
The biggest benefit, though, isn't in making it shorter to write a rules
file with the old, standard build options. The biggest benefit is that
dpkg-buildflags now also outputs build-hardening compiler and linker flags
by default on Debian. Specifically, using the new interface lets you pick up
all of these hardening flags for free:
-fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -Wl,-z,relro
It also lets you get -fPIE
and -Wl,-z,now
by adding this one line to
your debian/rules (assuming you're using dh(1)
and compat 9):
export DEB_BUILD_MAINT_OPTIONS := hardening=+pie,+bindnow
Converting all my packages to use dh(1)
has always been a long-term goal,
but some packages are easier to convert than others. This was the tipping
point for me, though. Even though debhelper compat level 9 isn't yet frozen,
meaning there might still be other behavior changes to it that will make more
work for me between now and release, over the past couple of weekends I've
been systematically converting all my packages to use it with dh
. In
particular, pam and samba have been rebuilt to use the default hardening
flags, and openldap uses these flags plus PIE support. (Samba already
builds with PIE by default courtesy of upstream.)
You can't really make samba and openldap out on
the graph, but they're
there (with their rules files reduced by 50% or more).
I cannot overstate the significance of proactive hardening. There have been
a number of vulnerabilities over the past few years that have been thwarted
on Ubuntu because Ubuntu is using -fstack-protector
by default. Debian has
a great security team that responds quickly to these issues as soon as
they're revealed, but we don't always get to find out about them before
they're already being exploited in the wild. In this respect, Debian has
lagged behind other distros.
With dpkg-buildflags, we now have the tools to correct this. It's just a
matter of getting packages to use the new interfaces. If you're a maintainer
of a security sensitive package (such as a network-facing daemon or a setuid
application), please enable dpkg-buildflags in your package for wheezy!
(Preferably with PIE as well.) And if you don't maintain security sensitive
packages, you can still help out with the hardening release
goal.
(Photo credit: Obey Arthur Liu; originally on Picasa, license.)
Three weekends ago, I participated in a Debian bug squashing party. It was more fun than I had guessed!
The event worked: we squashed bugs. Geoffrey Thomas (geofft) organized it as an event for MIT's student computing group, SIPB. In this post, I'll review the good parts and the bad. I'll conclude with beaming photos of my two mentees and talk about the bugs they fixed.
So, the good:
Next.