Two more months have rolled by since the last scan and Milo has enjoyed a nice summer of long walks and no vet visits (apart from his routine vaccinations).
Sadly the most recent scan picked up some inflammation of the lymph nodes, which suggests that the cancer is back. But once again we’ve caught it early, so there’s no sign of alimentary issues and any corresponding illness. It’s weird having a dog who’s ill but not unwell.
So… back to chemo, and a slightly different protocol this time as he can’t have any more Doxorubicin (the H in CHOP). This time it’s going to be CEOP, which uses Epirubicin rather than Doxorubicin; but that comes at the end of the cycle, so we start off as before.
Past parts:
Filed under: MiloCancerDiary | Leave a Comment
Tags: cancer, CEOP, chemo, chemotherapy, CHOP, dachshund, doxorubicin, Epirubicin, lymphoma, Miniature Dachshund, oncology, scan, Vincristine
August 2024
Pupdate
The holidays brought the chance for longer lunchtime walks :)
Zig
A bunch of smart (network) engineers kept mentioning Zig to me, so I took the opportunity to try it out. It’s supposed to be a replacement for C, and I was impressed by the bitwise switch statements in the fizz-buzz sample. If I was writing a device driver this feels like the language I’d want to use.
Even better, the Zig tool chain can cross compile C code. This seemed like the answer to my prayers for easily creating a range of binaries for the C implementation of NoPorts – until I discovered the binaries only worked superficially. I guess I’m now waiting for Zig 1.0.0 and a complete implementation of compiler-rt.
Warship
There’s a reunion planned in mid September to mark 35 years since a bunch of us joined Britannia Royal Naval College (BRNC) in Dartmouth. It’s sent me on a bit of a Navy nostalgia trip, which has got me watching episodes of Warship during my morning workouts. As it was made from 1973-77 I was far too young for an adult themed show, and I don’t even recall ever seeing any repeats of it back in the day. It holds up really well though. There are some scenes and episodes where it seems like my former colleagues were cosplaying what they’d seen on TV. And numerous comments (sometimes dismissed with ‘maybe before your time’) now suddenly make sense. Perhaps most (sadly) striking is that the challenges faced in the 70s that set the frame for some episodes are still relevant today.
Birthdays
The big event of the summer was Rachel’s 50th birthday, which we marked with a variety of activities culminating in a big party for friends at a local restaurant. Everything was great fun, and I’m particularly glad we got to see ABBA Revival at Trading Boundaries, which was an excellent evening out (and worth the early start and late arrival for OSHcamp…)
Weirdly, my car was registered on Rachel’s 25th birthday, meaning it hit its quarter century at the same time as her half.
OSHcamp
It was great to return to the Open Source Hardware camp (OSHcamp) as part of Wuthering Bytes in Hebden Bridge. Even better to see one of my favourite communities thriving and growing, with a bigger venue allowing for more attendees with a good bunch of new younger faces :)
I enjoyed the talks on Saturday, and had the chance to present myself on ‘Showing that you care about security for your open source (hardware) project‘.
Whilst Sunday brought the much greater challenge of assembling Ken Boak’s ‘TICK‘ bit serial computer.
New things
Windows
When we moved into our new build house in 2002 it was frustrating that the windows were so bad – poorly fitting wood framed units. We were told that wood was mandatory because of building in a conservation area, which was madness – chopping down more trees, and with gales blowing into some rooms that obviously impacted our energy use for heating. Thankfully there’s no such silliness for replacement windows, and we are perhaps in the late majority on the street to get uPVC units.
At this stage it’s hard to notice any difference (other than the lack of rotten window sills outside), but hopefully they’ll make a real difference once winter comes. I’ll be keeping a close eye on our gas usage.
Hot tub
I wasn’t a fan of getting an inflatable hot tub – mainly due to the energy use. But when an mSpa Alpine D-AL04 showed up in the summer of 2020 I grudgingly got into enjoying it whenever the weather allowed. Things changed once the solar was installed, as the tub could be run from a timer that would use electricity that would otherwise be exported, which really changed the effective cost.
Each year as it’s gone away I’ve wondered if it would survive for another season, and it lasted longer than I expected. But after some time off during our Lakes Trip the pump wouldn’t run for more than about 15m without stopping with an E1 error. I tried stripping it down and cleaning it out, but actually everything was pretty clean.
Deciding that it wasn’t worth buying a new pump that might fix a now somewhat shabby old tub I thought the money would be better spent on a new one, so I grabbed a Lay-Z-Spa Barbados (which was half price in their summer sale). In many ways it’s a much better tub than the old mSpa. Energy efficiency is hugely improved by better insulation, the base is much more comfortable, and the chemical dispenser makes keeping the right chlorine level easy. My one niggle is that the lid fills up with rain water, though it’s much easier to clear than the old one. Also the WiFi/App is utter garbage – I can’t even get through the setup process.
Solar Diary
It’s been another year since getting the panels installed, with a total of 8665 kWh generated (4271 this year, a little down on the previous year).
Ethernet data logger
I was never happy that the WiFi data logger couldn’t connect to my devices SSID, so I got a ShineLan-X ethernet data logger, and a managed switch to run a VLAN to it (because there’s no way I’m putting something that connects back to China onto my regular LAN). It’s great when it works, but there seems to be a race condition where sometimes the logger comes online before the inverter is ready.
Filed under: monthly_update | Leave a Comment
Tags: ABBA Revival, birthdays, data logger, hot tub, lay-z-spa, OSHcamp, pupdate, ShineLan-X, solar, Warship, zig
E*TRADE Backup Withholding Tax
Disclaimer
This isn’t tax or investment advice – if you need those things speak to a professional.
This is simply a story of a scary thing that happened, and (thankfully) worked out in the end.
TL;DR
If you’re in the process of re-certifying your tax status, E*TRADE take this as ‘not presently certified’ (even if your past certification hasn’t expired), and reach into your account and grab 24% of any trade proceeds as Backup Withholding Tax. Ouch.
My money was returned after the re-certification completed, about a week later.
What happened…
I needed to sell some US stocks to get cash for another investment. I’ve had an E*TRADE account for over 15y (since Credit Suisse created one for me to hold their restricted stock unit [RSU] grants), and so that’s where the stocks were.
When I signed in I was asked to re-certify my tax status as a non US person, which results in a W-8BEN being generated for the US Internal Revenue Service (IRS). Keen to ensure that I’m on top of such matters I did this before my trade, which was probably mistake #1. If I’d just skipped then the following events might have gone very differently, as my existing W-8BEN status was valid until 31 Dec (they last for 3 years).
Things have changed
There were a couple of aspects to the re-certification process that I don’t recall from previous occasions:
- I was asked why I had a US phone number on my account. This seems to be angled towards ‘if you have a US number then you must actually be a US person pretending to be a foreigner’, which is kind of ridiculous in a world of virtual telephony. I’ve had a US Google Voice number since 2010, and I often use it as my contact for US companies because they’re not always great at dealing with foreign contact details.
- I had to upload a bank statement with my UK address on it.
Make sure to keep evidence
After doing the re-certification I didn’t bother to download the file it offered me, thinking that I could get that in my account later. Mistake #2 – I now had no evidence of completing the re-certification process.
Back to the business at hand
I did my trade, but wasn’t able to move my money straight away. The US details for my Wise multi currency account had changed, so I had to initiate the process of adding a new account for withdrawals. It took a few (business) days for the the verification transactions to show up.
We’ve taken your money
I woke up on Saturday morning to an email ‘Backup Withholding Report’ telling me that a sizable chunk had been debited from my account (at a couple of minutes after Friday midnight).
They’d taken 24%.
- Not 24% of my dividends – there hadn’t been any, that would have been $0.
- Not 24% of my capital gains – that would have been a few $s, but fairly trivial.
- 24% of my capital.
But, it was the weekend, so I had to wait for Monday (US time) to come around.
Meanwhile a trawl of the web didn’t turn up much solid information. This Reddit thread gave some glimmers of hope, but also raised the specter of the IRS holding my money for months-years, and lots of form filling to get it back.
The whole thing felt a bit like asset seizure, where my money was being accused of a (tax) crime, and would be held until I could prove its innocence.
I call support
Rob was very calm and helpful. He put me on hold to speak to the ‘tax and retirement’ team and came back to say that everything would be automatically refunded once my W8-BEN re-certification was complete. I asked why that was taking so long (as it used to be essentially instant) and he said that it was taking a few days to validate the uploaded docs.
Meanwhile…
I got a letter from E*TRADE ‘IMPORTANT: ACTION REQUIRED FOR YOUR TAX STATUS’ saying that my W-8 would expire on 31 Dec 2024, and if I didn’t re-certify:
your account may be subject to U.S. backup tax withholding of 24% on proceeds, dividends, and interest received in your account.
Oh, the irony :/
Also every time I signed into E*TRADE it was still nagging me to re-certify. It’s like I’d never completed the form (and there was no evidence that I had visible to me in my account).
Worked out in the end
About 6 days after the trade I got a notification that W-8BEN certification was complete. It was another couple of days before I got the ‘Withholding Reversal Report’ and the cash was back in my account and available for withdrawal.
Luckily I wasn’t in a huge hurry, and the various setbacks didn’t cause any particular problems (other than the worry and stress).
Could E*TRADE have done better?
I think so. At no point was I actually outside of W8 certification, so in my opinion they should never have taken anything from my account. It feels like a systems/process problem on their side that this happened at all.
Even if me starting the re-certification meant that they had to take money from my account, there could have been a much better explanation of why that was happening and what to expect. That would have saved me a bunch of worry. It would have saved them a support call.
It’s also telling of poor systems/process that the re-certification nag screens kept popping up even though I’d filled out the form.
What I’ll be doing differently if there’s a next time
- Don’t mix up admin work with trading. If I’d waited until the money was safely out of my account before starting re-certification I’d have seen a nag screen on each login, but no real ill effects.
- When offered the chance to download evidence take it. Don’t assume that you’ll be able to get to it later.
If Google’s brought you here
I’m sorry. It’s stressful. I hope things get straightened out. And I hope this might alleviate some of the panic. But do call support, your precise circumstances might be different; and also E*TRADE needs to feel some impact for how clumsily they seem to be handling this. Good luck…
Filed under: could_do_better | 3 Comments
Tags: 24%, certification, E*TRADE, E-Trade, eTrade, re-certification, re-certify, support, tax, W8, W8-BEN, withholding
Security researchers at the CISPA Helmholtz Center for Information Security have discovered a vulnerability they’ve called ‘GhostWrite’ that’s caused by a hardware bug in T-Head’s XuanTie C910 and C920 RISC-V CPUs. Vector extensions that are supposed to provide translation of virtual memory addresses to physical addresses don’t work, meaning that an attacker can gain access to the contents of memory and any attached devices. The bug was found using RISCVuzz ‘Differential Hardware Fuzzing’ tool, which the researchers describe in a paper (pdf). They also discovered ‘Halt and Catch Fire’ bugs in T-Head C906 and C908 CPUs that could be exploited for denial of service attacks.
Filed under: InfoQ news, security | Leave a Comment
Tags: fuzzing, GhostWrite, InfoQ, RISC-V, security
July 2024
Pupdate
July (finally) brought some decent weather, at least for a bit, including our trip to the Lake District (more on that later).
Milo also had his first post chemo scan, which looked good (and got its own post).
Berlin part 2
After getting stranded in Berlin at the end of last month it was good to have a return trip for Fluttercon that was less eventful (at least on the travel front).
The conference was great, and it was fab to hang out with some of the leaders of the Flutter community, which remains one of the most friendly and vibrant I’ve come across. I particularly enjoyed the package maintainers summit, which was an ‘unconference’ within the conference where we got to discuss with Google product managers how to improve the pub.dev package ecosystem.
With two trips to Berlin in two weeks I took the opportunity to look up some of the folk I know who have moved there over the past few years, and it was interesting to get their insights from within what’s become one of the leading tech hubs in Europe.
No easyJet compensation :(
To further explain what happened on the day; earlier in the day intense thunderstorms over Berlin Brandenburg (BER) meant that our ground crew we not able to safely work, and as a result the airport authorities deemed it necessary to suspend all ground operations until the weather improved. The delays knocked on to the rest of the flights for that day. Unfortunately, This caused your flight to miss the curfew in Berlin Brandenburg (BER) and we had no option but to cancel your flight. We do take reasonable measures to avoid delays and cancellations to our flights by having replacement crews and spare aircraft available in our network. In the circumstances, these options were not possible as the cancellation to your flight was a direct result of adverse weather conditions.
I’m starting to wonder what the circumstances are when you do get compensation?[1]
Lake District (again)
After the last few years staying at Keepers Cottage it was time for a change. $daughter0 wasn’t joining us, as she was just getting started on her industry placement, and the in-laws weren’t up for it this year[2]. But Graythwaite has been so good that we decided to return to the smaller Dove Cottage.
It proved to be an ideal location for walks with the dogs, as we could do various circuits of the estate without ever touching a road. The car only left the drive three times over the whole week.
Great Internet connection
One pleasant surprise was a fibre based Internet connection. Past trips had got very indifferent ADSL, but having 150Mbps was hugely better than 2Mbps. The WiFi didn’t reach to the far end of the cottage (from the access point in the lounge), but that was fixed by deploying a travel router in the midway corridor.
Maps
I previously described the OS Maps app as ‘really good’, but sadly they’ve been tinkering with it, and the app user experience has declined badly. Dangerously bad. Waiting minutes for a map to appear when you’re planning a trip is super annoying. The same white screen with no map (as your battery runs down) whilst you’re outside trying to find your way is totally unacceptable.
It was also perplexing that the shiny new West Windermere Way doesn’t yet appear on the online map, making it invisible to those who don’t already know it’s there[3].
New sofa
The brown leather corner unit we’ve had since ’08 was beyond tired, with multiple holes in various places. But finding a replacement has proven trickier than expected. Fashions change, and it was really hard to get something that suited the aesthetic we wanted.
The ‘Contempo’ in Pecan Brown felt like a least worst choice, but now it’s in place we’re pretty happy with it. It’s comfortable, the lighter colour lifts the room, and although we’ve lost a seat versus the previous configuration it’s got just as much space. The only thing we hadn’t considered is the higher back is harder for the dogs to get to, and more precarious once they’re up there (and an even more crazy leap if they choose to jump off).
Nc’nean
I first heard of Nc’nean when I received an offer to buy a couple of Batch 1 bottles, and I was impressed with their approach to building a modern whisky brand. I’d become a small time investor via the Seedrs EIS 100 fund, and the ‘Ainnir‘ maiden bottling was being offered to everybody who’d bought shares[4].
When I saw that there was a Nc’nean tasting coming up at the Scotch Malt Whisky Society (SMWS) it seemed like a good excuse to get some friends together, and they invited more friends, and in no time we had a huge group taking most of the tickets. Master distiller Matt took us through four different bottlings (including one that’s never been sold in the UK), and they were all excellent. His explanations for how they’re making such good whisky when the distillery is so young provided a great set of counterpoints to much received wisdom about whisky and what makes it taste nice.
I’ll be keeping an eye out for future releases, and my fingers are crossed for an SMWS bottling some time soon. Though for what it’s worth my favourite bottle on the night was their flagship ‘Organic Single Malt‘, which is widely available (e.g. from Amazon [affiliate link]).
ABS Sensor Replacement
On the way to drop off the dogs at kennels for EMFcamp (back in May) the ABS light came on in the XC60. My initial hope was a transitory fault, but it didn’t clear itself up. On the other hand, the car was driving just fine. Until the day I needed to take Milo to the vets for a scan, when it seemed to go into some kind of ultra-limp mode. It wasn’t safe to drive to the end of the street, never mind to the garage for a fix.
I’d already had a look at the fault codes with a reader, which pointed to the front drivers side ABS sensor. Sadly my initial attempt at removal failed completely. Though I was being too cautious, as I didn’t want to break the existing sensor (even though it had failed).
With a new sensor in hand (from eBay), and some YouTube guidance on removing stuck sensors I had a second try, and thankfully the fault is now cleared and the car is back in use (just in time for multiple runs to the tip with segments of the old sofa). The trick was to not be too bothered about breaking off the top of the sensor, as that clears the way to drill a hole then put a screw in, then the whole lot can be pulled out with a pry bar.
Solar Diary
This July was a slight improvement over last year. I also got the chance to clean off some of the panels that were looking a bit grubby.
The electricity generated for the month almost exactly matched what we used. Though there was still about 50% imported from the grid (and a similar chunk exported) as our usage doesn’t conveniently align with when the sun’s shining.
Notes
[1] Whilst I was waiting for my claim to be processed the news broke that the supreme court didn’t consider crew illness to be an ‘extraordinary circumstance’ that would absolve a carrier (in this case BA) from paying out.
[2] A decision that can now be filed as ‘just as well’ since my father in law had a stroke earlier in the month, and was in no shape to be driving the length of the country. Thankfully he seems to be improving as well as can be expected.
[3] Adding to the trouble is the top Google result for ‘West Windermere Way’ is the now outdated project page, which gives the impression that it’s still a work in progress.
[4] I suspect that I’ll see a much better return on the unopened bottle I’ve kept than I’ll ever get from my tiny shareholding. But I’m also glad I opened one, as it’s amazing whisky, especially considering it was bottled at the minimum 3y old.
Filed under: monthly_update | Leave a Comment
Tags: ABS, Berlin, dachshund, EasyJet, Lake District, maps, Miniature Dachshund, Nc'nean, pupdate, sensor, sofa, solar, Volvo, whisky, XC60
What?
Let’s get the terminology cleared up. This post is about:
- Software Bill of Materials (SBOM) – the idea that you write down what’s inside the software you’re shipping (in a standarised form) so that people can figure out what vulnerabilities might be in there and make risk decisions based on that insight.
- Supply-chain Levels for Software Artifacts (SLSA) “salsa” – creating attestations from the build process to show that things haven’t been tampered with.
- Open Source Security Foundation (OpenSSF) Scorecards – a set of checks with accompanying badges and visualisation to show that a range of security practices are being adhered to (showing that you care about security).
None of these things stands alone, they’re all interlinked; and they certainly complement each other – a tripod is more stable than a pole.
SBOM
My earliest memories of the topic of supply chain security come from conversations with Josh Corman a little while after he founded I am the cavalry in 2013. He was taking a sabbatical from Sonotype to work on putting a bill through congress that would mandate SBOMs for stuff bought by the US Federal Government. There were two ideas at the core of this:
- Nobody would want to sell software with known vulnerabilities to Uncle Sam (because procurement officials would push hard on pricing for stuff with such defects).
- US government is one of the largest buyers, so if they’re getting SBOMs then for most products the work is done already and everybody else can benefit.
This eventually (in 2021) turned into Executive Order 14028 “Improving the Nation’s Cybersecurity“, and now lies at the heart of work being done by the Cybersecurity & Infrastructure Security Agency (CISA)[1].
Easy level – modern languages
Most modern languages use a package manager that creates a lock file, describing (in detail) the dependencies used by a piece of software. It’s relatively trivial to transpose the contents of that lock file into an SBOM expressed as SPDX or CycloneDX using tools like Syft. This is exactly what I’ve done for a bunch of Dart and Python stuff at Atsign, and I’ve little doubt I’ll be able to follow the same process for Java, Go, Rust and a bunch of other things we use.
Boss level – C
Things aren’t so straightforward with C (or C++). There’s no widely used package manager[2], so there’s no lock file to generate an SBOM from. I’ve been kicking the tyres on a few things that try to integrate with CMake; and logically the compiler and linker should know exactly what’s going in, though maybe not with the correct metadata to generate a good SBOM.
This is of course problematic. C/C++ is the centre of mass for software deployed in production. It’s also ground zero for most vulnerabilities, caused by a lack of memory safety.
SLSA
If SBOM is about the ingredients that go into a piece of software, SLSA is about making sure nobody sneaks anything else in there. The v1.0 spec defines three levels:
| Track/Level | Requirements | Focus |
| Build L1 | Provenance showing how the package was built | Mistakes, documentation |
| Build L2 | Signed provenance, generated by a hosted build platform | Tampering after the build |
| Build L3 | Hardened build platform | Tampering during the build |
I initially envisaged an implementation process that would start by achieving L1 and progressively step up, but since we were already using GitHub Actions for Continuous Delivery it was pretty straightforward to jump straight to Build L3 (as GitHub provide the hardened build platform). All that’s needed is a little extra effort to get the provenance attestations out, which can be done with the slsa-github-generator action. This takes a bunch of file SHAs from the build process and mangles them into the multiple.intoto.jsonl file that carries provenance details that can then be verified[3].
Scorecard
Sticking with the ingredients/cooking analogy, Scorecard is the kitchen hygiene rating – a measurable way to show that diligent software practices are being used throughout the process.
I’ve written about ‘Implementing OSSF Scorecards Across a GitHub Organisation‘ previously (and spoken at a few conferences on the topic).
Much of the toil generated by getting a good score comes from dependency management, which of course relates to SBOMs. And there’s points on offer for signed releases, which can be measured (amongst other ways) by the presence of a SLSA attestation; so it’s in the Scorecard that the pieces of the supply chain security puzzle really come together to present a coherent picture to people who care about that software.
In some talks I’ve described Scorecard as a way to ‘show that you care about security’, and the various tables and charts that can be generated from a scorecard provide a very visual way to do that.
Bringing it all together
The SBOM can be signed in the SLSA attestation, which contributes to the Scorecard. That’s exactly what I’ve been pulling together for some of the key Atsign repos, and as it’s all open source[4] you can see for yourself how it’s done (and copy/paste into your own work as you see fit).
Notes
[1] Where it’s great to see friends like Allan Friedman keep going with the good work.
[2] People in the know have pointed me at Conan, but it’s early days in figuring out how that might help.
[3] It’s worth noting that GitHub’s Artifact Attestations achieves a similar outcome, and can be used in addition to the SLSA generator. Arguably Artifact Attestations provides much easier verification.
[4] Our OpenSSF Scorecards summary page provides a good entry point.
Filed under: security | 3 Comments
Tags: OpenSSF, sbom, scorecard, security, slsa, supply chain
It’s now been two months since Milo finished his second CHOP protocol, so he was back to the vets for another surveillance scan. It looked good, perhaps even a smidge better than the scan on the day of his last chemo :)
A couple of milestones worth mentioning:
- When he started chemo it was supposed to end shortly before our annual trip to the Lake District*, which seemed like something that would be good to do with him again. We go once more at the weekend :) So ‘I hope we make it through 6 months’ has turned to we made it through 18.
- We passed the point where he’s been alive for longer since we first noticed symptoms than he was before. That would be sad if he was unwell, but apart from the vet visits he’s enjoying a pretty normal little sausage dog life, with plenty of long walks and chasing around after things in the woods with Max.
Meanwhile we’re now up to date with insurance payments, and once again past the annual limit (by just shy of £900) :(
He had a visit to the vets a few weeks back for (we think) a grass seed in his paw. Thankfully that seemed to get better pretty quickly.
Note
* Various delays meant in the end he had his final treatment after we got back.
Past parts:
Filed under: MiloCancerDiary | Leave a Comment
Tags: cancer, chemo, chemotherapy, CHOP, insurance, lymphoma, Miniature Dachshund, scan
June 2024
Pupdate
The weather for June has been… variable, with some glorious days, but also some torrential downpours. I don’t think I’ve ever seen the boys muddier than they were after this particular walk in the woods.
EMFcamp cont.
Last month’s post came midway through EMFcamp, so there was more fun to be had.
Saturday was probably the most fun day I’ve had at EMF over my three visits. Good talks, great times with friends, and an amazing ‘whisky leaks’ party at Milliways.
Sunday was great too, but sadly we had to leave before it was all over, as a fresh half term beckoned. Thankfully the drive home in the motorhome was uneventful.
EMF was life affirming, and definitely the best one yet. It didn’t feel busy despite having more people there, and I hope to return in 2026.
Veteran’s Railcard
It’s been 3 years since I first got a Veteran’s Railcard, so time to renew, and also reflect on how good it’s been.
The headline is that it saved me £1082.80 over 3 years, which is pretty good :) Of that £372.95 was for work trips, and £48.95 for trips with my wife.
For the last few years the main benefit has been cheaper access to First Class fares. My trips to London are generally on Thameslink, but their standard class seating is awful – it’s a design that I could excuse for suburban commuter trains, prioritising density and standing room over comfortable seating. But it’s not good for trips of an hour or more (and people going from Brighton to Cambridge or Bedford could be spending many hours in those seats). Anyways… the First seats aren’t anything special – pretty much what used to be standard class. But they’re worth the premium to avoid backache.
Berlin part 1
Just like last month found me midway through EMF, this month catches me midway between two trips to Berlin.
The first was for Google’s I/O Connect, an event that brought together the regional developer community to recap highlights from the I/O event, and in some cases provide fresh product launches and service updates. Peeking past the AI hype, it was great to spend some time with the Dart/Flutter product team, and learn a little about what’s changing with Android 15.
As there were so many Google Developer Experts (GDEs) in town, the team also took the opportunity for a get together at Google’s Berlin office for a GDE Forum. This provided a good opportunity to meet fellow GDEs from other disciplines, and also learn about some new interop features in Dart.
The best bit of course was spending some time hanging out with fellow community members, and we get to do it all again next week at Fluttercon, where I’ll be talking about supply chain security.
Escaping Berlin
Shortly before I was due to leave the GDE Forum for the airport I got an email saying that my flight was cancelled. EasyJet’s rebooking site was pretty useless, and each alternative I tried to pick wasn’t there by the time I got to the confirm button. Eventually I got a trip back (to Luton) with a long layover in Amsterdam – leaving two days later; and the hotel they booked for me was only for one night :0
Thankfully the Worktrips travel agents used by Google stepped up to get me an alternative flight home a day later, and Google were happy to swallow the additional cost providing quick approval for the new plan. I’m glad they did, as the alternate flight was also cancelled, so I’d probably still be stuck in Berlin.
Hopefully next week won’t be so dramatic.
Tiny USB-C Laptop Charger
I’ve written before about USB-C chargers and power bricks, but when I saw this at an AI workshop I had to find out more.
It’s made my Dell, called the LA60NM200, it’s tiny, and it kicks out 60W:) I found a used one on eBay for £20.
The cables it comes with are a good length, but not too heavy, and the UK plug is one of the smallest I’ve seen. My only complaint is that the mains connection is a ‘Mickey Mouse’ C6 socket rather than the smaller ‘Figure of 8’ C8, which means it can’t be used with my preferred laptop adaptor mains cable (which is a Euro plug C8 fitted with a Euro-UK adapter). It might find its way into my US travel bag as a smaller and lighter replacement for the Mackertop.
Audiobooks
Amazon were doing a promotion on Audible, so I reactivated my account (at least for a few months), and I’ve been listening to a few books:
Rory Stewart “Politics on the Edge”
This is Stewart’s autobiography of the chunk of his life as a politician. I’ve always liked Rory (despite him being a Tory), and his storytelling did little to dissuade me from that view. He came across as a genuine nice guy, trying to do his best for the country and its people, who ultimately got shivved by the schemers and malcontents he was surrounded by.
It does sadly paint a picture of a fairly fundamentally broken system, where the good guys get crushed, and it’s winner takes all for the psycho/sociopaths. I’ve added Ian Dunt’s “How Westminster Works… and Why it Doesn’t” to my wishlist, as the hardback I bought is stubbornly refusing to be handy when I have time to read (and I have more time to listen than I have time to read).
Patrick Alley “Terrible Humans”
A compilation of stories emerging from the work by Global Witness, “Terrible Humans” was gripping right the way through. I particularly enjoyed the story of their collaboration with Citizen Lab to investigate spying enabled by NSO group, as I suppose it’s closely related to my own work on privacy and security.
Alley’s earlier “Very Bad People” is now on my wishlist.
Solar Diary
This June was about 10% down on last year, which is hardly surprising given the ‘variable’ weather :/
Filed under: monthly_update, travel | Leave a Comment
Tags: Audible, audiobooks, Berlin, charger, EMFcamp, Patrick Alley, Politics on the Edge, pupdate, railcard, Rory Stewart, solar, Terrible Humans, travel, USB-C
Bullshit Baffles Brains
It’s right there in the title. If the word offends you, just stop, now.
TL;DR
Generative AI is a bullshit machine, but that’s fine because we need machines to do the bullshit jobs.
Military Grade Bullshit
I first heard the phrase ‘Bullshit Baffles Brains’ in my early days in the Navy, and I would hear it many more times during my service. It came to encapsulate everything that I ended up hating the most about the Navy – the idea that performative nonsense would routinely triumph over substance.
A quick search of the term turned up this amusing dit, which is a more generous spin than anything I saw.
My own interpretation was that a bit of spit and polish, and the resultant shiny thing would be enough to distract the attention of the senior officer carrying out the inspection (or whatever).
AI Bullshit
This post is (of course) about the present AI zeitgeist, and accompanying investment bubble.
There’s a wonderful paper that was published a few weeks back with the not at all subtle title of ‘ChatGPT is Bullshit‘. It painstakingly explains (scientifically and with proper academic references) what bullshit is, then goes on to detail why the large language models (LLMs) behind ChatGPT and the raft of other ‘generative AI’ things are such tremendous bullshit generators.
It’s no surprise sadly, that the executive class are taken in by it. Too busy to pay attention to the details, and easily distracted by a shiny demo… Bullshit Baffles Brains.
Calling out the Bullshit
Back when I still did Twitter, one of my favourite accounts was @callin_bull, from the awesome callingbullshit.org team ‘The Art of Skepticism in a Data-Driven World’. They did a great job of harpooning (and lampooning) some of the bullshit that’s out there.
People are (quite rightly) starting to notice that AI isn’t the panacea it’s being pedaled as, with my favourite recent rant post being ‘… If You Mention AI Again‘. Though for a toot size version this from @[email protected] is also excellent at summarising the state of grift.
There are two huge (and overlapping) problems at play here:
- AI is sucking up almost all of the (discretionary) time and treasure, at least in the IT industry[2].
- None of this stuff works as advertised unless you’re prepared to make sure that the foundational stuff is taken care of – clean data, a solid operating philosophy, good teams with strong psychological safety.
Of course I jest. All work on 2 has ceased while every ounce of effort goes into 1. AI makes line go up!
Bullshit Jobs
It seems that the main reason execs are so allured by AI is the notion that they can replace all those pesky unreliable people that work for them.
For those paying attention, we’ve seen this show before, with Robotic Process Automation (RPA)[3] – software that got (extortionately) licensed by the ‘virtual person’ so that middle managers could keep their empires (albeit with a staff of glorified bash scripts rather than actual people to boss around – I guess it makes annual review season much less of a hassle).
But… this time it’s different. Not only have models been trained, at enormous expense, and by scraping every bit of text that wasn’t safely hidden away. But also the chatbots can do a decent impression of generating plausible sentences[1], especially if you’re the trademark ‘moron in a hurry‘.
There is sadly a whole class of ‘Bullshit Jobs‘ as articulated by David Graeber. If the purpose of the job is to create bullshit, then a bullshit spawning AI is the perfect fit.
So maybe there’s a happy ending here. Maybe the truth of AI taking peoples’ jobs is bullshit AI taking peoples’ bullshit jobs. The disruption is going to be awkward, but hopefully we all get to spend our time more meaningfully.
Notes
[1] Cory Doctorow has been using the term ‘plausible sentence generators‘ to describe what an LLM does, and I think it’s a description that perfectly nails things. If you substitute ‘AI’ or ‘Generative AI’ or ‘LLM’ for ‘plausible sentence generator’ then it brings things properly into perspective. Cory also has an excellent piece on ‘How plausible sentence generators are changing the bullshit wars‘.
[2] And since arguably the IT industry is the only thing that’s been driving economic growth for decades, so it kind of matters.
[3] In $LASTJOB I used to have a list of ‘preferred ways of automating things’ with RPA dead last (after API based automation and CLI tools), though that also presumed that something was worth automating rather than eliminating, or doing better. There’s a snippet of my operating philosophy.
Filed under: technology, wibble | 2 Comments
Tags: AI, bullshit, ChatGPT, generative, LLM, Navy
May 2024
Pupdate
The boys got a new bed, which they seem to love.
EMFcamp
I’m writing this post from inside the camper van I rented for EMFcamp. As usual the WiFi is amazing, and it’s great to hang out with friends.
Previous trips suggested that having a ‘live in vehicle’ was the way to go, and after a decent first night’s sleep I’m enjoying the extra luxury. We got a Swift Edge 464 Motorhome from Ocean Trail.
Whisky (and whiskey) tasting at the Food Hacking Tent was good fun, and the Scotch Malt Whisky Society (SMWS) bottle of that I took seemed to be well liked. Even better, we were joined by another SMWS member who brought another nice Speyside along :)
The event spills over into June, so maybe more to follow then.
Travel
It’s been a busy month for work trips, with Open Network Users Group (ONUG) in Dallas followed by IoT Solutions World Forum in Barcelona.
Dallas was one of those trips where I barely made it out of the conference hotel. ONUG Spring was a great event though, and well worth the trip though – maybe the best trade show experience I’ve ever had :)
My Texan friends told me I should get some BBQ whilst in town, and as luck would have it, there was a BBQ truck at the closing drinks.
Tripit tells me that Barcelona is my most frequent destination, though I got to visit some parts of the city I’ve not spent time in on previous trips, which was nice.
Cross Trainer
My ‘new’ Horizon Fitness Andes 7i cross trainer started making an awful squeaking noise. After dismantling it the problem was easily localised to the flywheel, and after dismantling that it was fairly obvious that one of the bearings was broken. I guess in one of the moves from original owners house to storage, to different storage, to my car, to the garage etc. it’s had a knock that maybe squished one of the balls. In general the machine seems well engineered, perhaps even over engineered in places, but all the mechanical load ends up being put onto a couple of little (10mm x 22mm x 6mm) 6900Z bearings. Luckily they’re cheap and easily available.
Putting the whole thing back together was a job I’d be happy to never do again, but the return of smooth and (nearly) silent workouts is welcome.
Solar Diary
May brought some nice sunny days. It was briefly dry enough for me to get my motorbike out again.
But also the succession of Atlantic weather fronts that have been bashing us almost non stop since mid Oct resumed, leaving the month almost 100 kWh down on last year.
Filed under: monthly_update, travel | Leave a Comment
Tags: 6900Z, Andes 7i, Barcelona, bearing, camper, cross trainer, Dallas, EMFcamp, flywheel, Horizon Fitness, pupdate, solar, Texas, travel, van, whisky
Chris Swan's Weblog 