July 2024
Pupdate
July (finally) brought some decent weather, at least for a bit, including our trip to the Lake District (more on that later).
Milo also had his first post chemo scan, which looked good (and got its own post).
Berlin part 2
After getting stranded in Berlin at the end of last month it was good to have a return trip for Fluttercon that was less eventful (at least on the travel front).
The conference was great, and it was fab to hang out with some of the leaders of the Flutter community, which remains one of the most friendly and vibrant I’ve come across. I particularly enjoyed the package maintainers summit, which was an ‘unconference’ within the conference where we got to discuss with Google product managers how to improve the pub.dev package ecosystem.
With two trips to Berlin in two weeks I took the opportunity to look up some of the folk I know who have moved there over the past few years, and it was interesting to get their insights from within what’s become one of the leading tech hubs in Europe.
No easyJet compensation :(
To further explain what happened on the day; earlier in the day intense thunderstorms over Berlin Brandenburg (BER) meant that our ground crew we not able to safely work, and as a result the airport authorities deemed it necessary to suspend all ground operations until the weather improved. The delays knocked on to the rest of the flights for that day. Unfortunately, This caused your flight to miss the curfew in Berlin Brandenburg (BER) and we had no option but to cancel your flight. We do take reasonable measures to avoid delays and cancellations to our flights by having replacement crews and spare aircraft available in our network. In the circumstances, these options were not possible as the cancellation to your flight was a direct result of adverse weather conditions.
I’m starting to wonder what the circumstances are when you do get compensation?[1]
Lake District (again)
After the last few years staying at Keepers Cottage it was time for a change. $daughter0 wasn’t joining us, as she was just getting started on her industry placement, and the in-laws weren’t up for it this year[2]. But Graythwaite has been so good that we decided to return to the smaller Dove Cottage.
It proved to be an ideal location for walks with the dogs, as we could do various circuits of the estate without ever touching a road. The car only left the drive three times over the whole week.
Great Internet connection
One pleasant surprise was a fibre based Internet connection. Past trips had got very indifferent ADSL, but having 150Mbps was hugely better than 2Mbps. The WiFi didn’t reach to the far end of the cottage (from the access point in the lounge), but that was fixed by deploying a travel router in the midway corridor.
Maps
I previously described the OS Maps app as ‘really good’, but sadly they’ve been tinkering with it, and the app user experience has declined badly. Dangerously bad. Waiting minutes for a map to appear when you’re planning a trip is super annoying. The same white screen with no map (as your battery runs down) whilst you’re outside trying to find your way is totally unacceptable.
It was also perplexing that the shiny new West Windermere Way doesn’t yet appear on the online map, making it invisible to those who don’t already know it’s there[3].
New sofa
The brown leather corner unit we’ve had since ’08 was beyond tired, with multiple holes in various places. But finding a replacement has proven trickier than expected. Fashions change, and it was really hard to get something that suited the aesthetic we wanted.
The ‘Contempo’ in Pecan Brown felt like a least worst choice, but now it’s in place we’re pretty happy with it. It’s comfortable, the lighter colour lifts the room, and although we’ve lost a seat versus the previous configuration it’s got just as much space. The only thing we hadn’t considered is the higher back is harder for the dogs to get to, and more precarious once they’re up there (and an even more crazy leap if they choose to jump off).
Nc’nean
I first heard of Nc’nean when I received an offer to buy a couple of Batch 1 bottles, and I was impressed with their approach to building a modern whisky brand. I’d become a small time investor via the Seedrs EIS 100 fund, and the ‘Ainnir‘ maiden bottling was being offered to everybody who’d bought shares[4].
When I saw that there was a Nc’nean tasting coming up at the Scotch Malt Whisky Society (SMWS) it seemed like a good excuse to get some friends together, and they invited more friends, and in no time we had a huge group taking most of the tickets. Master distiller Matt took us through four different bottlings (including one that’s never been sold in the UK), and they were all excellent. His explanations for how they’re making such good whisky when the distillery is so young provided a great set of counterpoints to much received wisdom about whisky and what makes it taste nice.
I’ll be keeping an eye out for future releases, and my fingers are crossed for an SMWS bottling some time soon. Though for what it’s worth my favourite bottle on the night was their flagship ‘Organic Single Malt‘, which is widely available (e.g. from Amazon [affiliate link]).
ABS Sensor Replacement
On the way to drop off the dogs at kennels for EMFcamp (back in May) the ABS light came on in the XC60. My initial hope was a transitory fault, but it didn’t clear itself up. On the other hand, the car was driving just fine. Until the day I needed to take Milo to the vets for a scan, when it seemed to go into some kind of ultra-limp mode. It wasn’t safe to drive to the end of the street, never mind to the garage for a fix.
I’d already had a look at the fault codes with a reader, which pointed to the front drivers side ABS sensor. Sadly my initial attempt at removal failed completely. Though I was being too cautious, as I didn’t want to break the existing sensor (even though it had failed).
With a new sensor in hand (from eBay), and some YouTube guidance on removing stuck sensors I had a second try, and thankfully the fault is now cleared and the car is back in use (just in time for multiple runs to the tip with segments of the old sofa). The trick was to not be too bothered about breaking off the top of the sensor, as that clears the way to drill a hole then put a screw in, then the whole lot can be pulled out with a pry bar.
Solar Diary
This July was a slight improvement over last year. I also got the chance to clean off some of the panels that were looking a bit grubby.
The electricity generated for the month almost exactly matched what we used. Though there was still about 50% imported from the grid (and a similar chunk exported) as our usage doesn’t conveniently align with when the sun’s shining.
Notes
[1] Whilst I was waiting for my claim to be processed the news broke that the supreme court didn’t consider crew illness to be an ‘extraordinary circumstance’ that would absolve a carrier (in this case BA) from paying out.
[2] A decision that can now be filed as ‘just as well’ since my father in law had a stroke earlier in the month, and was in no shape to be driving the length of the country. Thankfully he seems to be improving as well as can be expected.
[3] Adding to the trouble is the top Google result for ‘West Windermere Way’ is the now outdated project page, which gives the impression that it’s still a work in progress.
[4] I suspect that I’ll see a much better return on the unopened bottle I’ve kept than I’ll ever get from my tiny shareholding. But I’m also glad I opened one, as it’s amazing whisky, especially considering it was bottled at the minimum 3y old.
Filed under: monthly_update | Leave a Comment
Tags: ABS, Berlin, dachshund, EasyJet, Lake District, maps, Miniature Dachshund, Nc'nean, pupdate, sensor, sofa, solar, Volvo, whisky, XC60
What?
Let’s get the terminology cleared up. This post is about:
- Software Bill of Materials (SBOM) – the idea that you write down what’s inside the software you’re shipping (in a standarised form) so that people can figure out what vulnerabilities might be in there and make risk decisions based on that insight.
- Supply-chain Levels for Software Artifacts (SLSA) “salsa” – creating attestations from the build process to show that things haven’t been tampered with.
- Open Source Security Foundation (OpenSSF) Scorecards – a set of checks with accompanying badges and visualisation to show that a range of security practices are being adhered to (showing that you care about security).
None of these things stands alone, they’re all interlinked; and they certainly complement each other – a tripod is more stable than a pole.
SBOM
My earliest memories of the topic of supply chain security come from conversations with Josh Corman a little while after he founded I am the cavalry in 2013. He was taking a sabbatical from Sonotype to work on putting a bill through congress that would mandate SBOMs for stuff bought by the US Federal Government. There were two ideas at the core of this:
- Nobody would want to sell software with known vulnerabilities to Uncle Sam (because procurement officials would push hard on pricing for stuff with such defects).
- US government is one of the largest buyers, so if they’re getting SBOMs then for most products the work is done already and everybody else can benefit.
This eventually (in 2021) turned into Executive Order 14028 “Improving the Nation’s Cybersecurity“, and now lies at the heart of work being done by the Cybersecurity & Infrastructure Security Agency (CISA)[1].
Easy level – modern languages
Most modern languages use a package manager that creates a lock file, describing (in detail) the dependencies used by a piece of software. It’s relatively trivial to transpose the contents of that lock file into an SBOM expressed as SPDX or CycloneDX using tools like Syft. This is exactly what I’ve done for a bunch of Dart and Python stuff at Atsign, and I’ve little doubt I’ll be able to follow the same process for Java, Go, Rust and a bunch of other things we use.
Boss level – C
Things aren’t so straightforward with C (or C++). There’s no widely used package manager[2], so there’s no lock file to generate an SBOM from. I’ve been kicking the tyres on a few things that try to integrate with CMake; and logically the compiler and linker should know exactly what’s going in, though maybe not with the correct metadata to generate a good SBOM.
This is of course problematic. C/C++ is the centre of mass for software deployed in production. It’s also ground zero for most vulnerabilities, caused by a lack of memory safety.
SLSA
If SBOM is about the ingredients that go into a piece of software, SLSA is about making sure nobody sneaks anything else in there. The v1.0 spec defines three levels:
| Track/Level | Requirements | Focus |
| Build L1 | Provenance showing how the package was built | Mistakes, documentation |
| Build L2 | Signed provenance, generated by a hosted build platform | Tampering after the build |
| Build L3 | Hardened build platform | Tampering during the build |
I initially envisaged an implementation process that would start by achieving L1 and progressively step up, but since we were already using GitHub Actions for Continuous Delivery it was pretty straightforward to jump straight to Build L3 (as GitHub provide the hardened build platform). All that’s needed is a little extra effort to get the provenance attestations out, which can be done with the slsa-github-generator action. This takes a bunch of file SHAs from the build process and mangles them into the multiple.intoto.jsonl file that carries provenance details that can then be verified[3].
Scorecard
Sticking with the ingredients/cooking analogy, Scorecard is the kitchen hygiene rating – a measurable way to show that diligent software practices are being used throughout the process.
I’ve written about ‘Implementing OSSF Scorecards Across a GitHub Organisation‘ previously (and spoken at a few conferences on the topic).
Much of the toil generated by getting a good score comes from dependency management, which of course relates to SBOMs. And there’s points on offer for signed releases, which can be measured (amongst other ways) by the presence of a SLSA attestation; so it’s in the Scorecard that the pieces of the supply chain security puzzle really come together to present a coherent picture to people who care about that software.
In some talks I’ve described Scorecard as a way to ‘show that you care about security’, and the various tables and charts that can be generated from a scorecard provide a very visual way to do that.
Bringing it all together
The SBOM can be signed in the SLSA attestation, which contributes to the Scorecard. That’s exactly what I’ve been pulling together for some of the key Atsign repos, and as it’s all open source[4] you can see for yourself how it’s done (and copy/paste into your own work as you see fit).
Notes
[1] Where it’s great to see friends like Allan Friedman keep going with the good work.
[2] People in the know have pointed me at Conan, but it’s early days in figuring out how that might help.
[3] It’s worth noting that GitHub’s Artifact Attestations achieves a similar outcome, and can be used in addition to the SLSA generator. Arguably Artifact Attestations provides much easier verification.
[4] Our OpenSSF Scorecards summary page provides a good entry point.
Filed under: security | 3 Comments
Tags: OpenSSF, sbom, scorecard, security, slsa, supply chain
It’s now been two months since Milo finished his second CHOP protocol, so he was back to the vets for another surveillance scan. It looked good, perhaps even a smidge better than the scan on the day of his last chemo :)
A couple of milestones worth mentioning:
- When he started chemo it was supposed to end shortly before our annual trip to the Lake District*, which seemed like something that would be good to do with him again. We go once more at the weekend :) So ‘I hope we make it through 6 months’ has turned to we made it through 18.
- We passed the point where he’s been alive for longer since we first noticed symptoms than he was before. That would be sad if he was unwell, but apart from the vet visits he’s enjoying a pretty normal little sausage dog life, with plenty of long walks and chasing around after things in the woods with Max.
Meanwhile we’re now up to date with insurance payments, and once again past the annual limit (by just shy of £900) :(
He had a visit to the vets a few weeks back for (we think) a grass seed in his paw. Thankfully that seemed to get better pretty quickly.
Note
* Various delays meant in the end he had his final treatment after we got back.
Past parts:
Filed under: MiloCancerDiary | Leave a Comment
Tags: cancer, chemo, chemotherapy, CHOP, insurance, lymphoma, Miniature Dachshund, scan
June 2024
Pupdate
The weather for June has been… variable, with some glorious days, but also some torrential downpours. I don’t think I’ve ever seen the boys muddier than they were after this particular walk in the woods.
EMFcamp cont.
Last month’s post came midway through EMFcamp, so there was more fun to be had.
Saturday was probably the most fun day I’ve had at EMF over my three visits. Good talks, great times with friends, and an amazing ‘whisky leaks’ party at Milliways.
Sunday was great too, but sadly we had to leave before it was all over, as a fresh half term beckoned. Thankfully the drive home in the motorhome was uneventful.
EMF was life affirming, and definitely the best one yet. It didn’t feel busy despite having more people there, and I hope to return in 2026.
Veteran’s Railcard
It’s been 3 years since I first got a Veteran’s Railcard, so time to renew, and also reflect on how good it’s been.
The headline is that it saved me £1082.80 over 3 years, which is pretty good :) Of that £372.95 was for work trips, and £48.95 for trips with my wife.
For the last few years the main benefit has been cheaper access to First Class fares. My trips to London are generally on Thameslink, but their standard class seating is awful – it’s a design that I could excuse for suburban commuter trains, prioritising density and standing room over comfortable seating. But it’s not good for trips of an hour or more (and people going from Brighton to Cambridge or Bedford could be spending many hours in those seats). Anyways… the First seats aren’t anything special – pretty much what used to be standard class. But they’re worth the premium to avoid backache.
Berlin part 1
Just like last month found me midway through EMF, this month catches me midway between two trips to Berlin.
The first was for Google’s I/O Connect, an event that brought together the regional developer community to recap highlights from the I/O event, and in some cases provide fresh product launches and service updates. Peeking past the AI hype, it was great to spend some time with the Dart/Flutter product team, and learn a little about what’s changing with Android 15.
As there were so many Google Developer Experts (GDEs) in town, the team also took the opportunity for a get together at Google’s Berlin office for a GDE Forum. This provided a good opportunity to meet fellow GDEs from other disciplines, and also learn about some new interop features in Dart.
The best bit of course was spending some time hanging out with fellow community members, and we get to do it all again next week at Fluttercon, where I’ll be talking about supply chain security.
Escaping Berlin
Shortly before I was due to leave the GDE Forum for the airport I got an email saying that my flight was cancelled. EasyJet’s rebooking site was pretty useless, and each alternative I tried to pick wasn’t there by the time I got to the confirm button. Eventually I got a trip back (to Luton) with a long layover in Amsterdam – leaving two days later; and the hotel they booked for me was only for one night :0
Thankfully the Worktrips travel agents used by Google stepped up to get me an alternative flight home a day later, and Google were happy to swallow the additional cost providing quick approval for the new plan. I’m glad they did, as the alternate flight was also cancelled, so I’d probably still be stuck in Berlin.
Hopefully next week won’t be so dramatic.
Tiny USB-C Laptop Charger
I’ve written before about USB-C chargers and power bricks, but when I saw this at an AI workshop I had to find out more.
It’s made my Dell, called the LA60NM200, it’s tiny, and it kicks out 60W:) I found a used one on eBay for £20.
The cables it comes with are a good length, but not too heavy, and the UK plug is one of the smallest I’ve seen. My only complaint is that the mains connection is a ‘Mickey Mouse’ C6 socket rather than the smaller ‘Figure of 8’ C8, which means it can’t be used with my preferred laptop adaptor mains cable (which is a Euro plug C8 fitted with a Euro-UK adapter). It might find its way into my US travel bag as a smaller and lighter replacement for the Mackertop.
Audiobooks
Amazon were doing a promotion on Audible, so I reactivated my account (at least for a few months), and I’ve been listening to a few books:
Rory Stewart “Politics on the Edge”
This is Stewart’s autobiography of the chunk of his life as a politician. I’ve always liked Rory (despite him being a Tory), and his storytelling did little to dissuade me from that view. He came across as a genuine nice guy, trying to do his best for the country and its people, who ultimately got shivved by the schemers and malcontents he was surrounded by.
It does sadly paint a picture of a fairly fundamentally broken system, where the good guys get crushed, and it’s winner takes all for the psycho/sociopaths. I’ve added Ian Dunt’s “How Westminster Works… and Why it Doesn’t” to my wishlist, as the hardback I bought is stubbornly refusing to be handy when I have time to read (and I have more time to listen than I have time to read).
Patrick Alley “Terrible Humans”
A compilation of stories emerging from the work by Global Witness, “Terrible Humans” was gripping right the way through. I particularly enjoyed the story of their collaboration with Citizen Lab to investigate spying enabled by NSO group, as I suppose it’s closely related to my own work on privacy and security.
Alley’s earlier “Very Bad People” is now on my wishlist.
Solar Diary
This June was about 10% down on last year, which is hardly surprising given the ‘variable’ weather :/
Filed under: monthly_update, travel | Leave a Comment
Tags: Audible, audiobooks, Berlin, charger, EMFcamp, Patrick Alley, Politics on the Edge, pupdate, railcard, Rory Stewart, solar, Terrible Humans, travel, USB-C
Bullshit Baffles Brains
It’s right there in the title. If the word offends you, just stop, now.
TL;DR
Generative AI is a bullshit machine, but that’s fine because we need machines to do the bullshit jobs.
Military Grade Bullshit
I first heard the phrase ‘Bullshit Baffles Brains’ in my early days in the Navy, and I would hear it many more times during my service. It came to encapsulate everything that I ended up hating the most about the Navy – the idea that performative nonsense would routinely triumph over substance.
A quick search of the term turned up this amusing dit, which is a more generous spin than anything I saw.
My own interpretation was that a bit of spit and polish, and the resultant shiny thing would be enough to distract the attention of the senior officer carrying out the inspection (or whatever).
AI Bullshit
This post is (of course) about the present AI zeitgeist, and accompanying investment bubble.
There’s a wonderful paper that was published a few weeks back with the not at all subtle title of ‘ChatGPT is Bullshit‘. It painstakingly explains (scientifically and with proper academic references) what bullshit is, then goes on to detail why the large language models (LLMs) behind ChatGPT and the raft of other ‘generative AI’ things are such tremendous bullshit generators.
It’s no surprise sadly, that the executive class are taken in by it. Too busy to pay attention to the details, and easily distracted by a shiny demo… Bullshit Baffles Brains.
Calling out the Bullshit
Back when I still did Twitter, one of my favourite accounts was @callin_bull, from the awesome callingbullshit.org team ‘The Art of Skepticism in a Data-Driven World’. They did a great job of harpooning (and lampooning) some of the bullshit that’s out there.
People are (quite rightly) starting to notice that AI isn’t the panacea it’s being pedaled as, with my favourite recent rant post being ‘… If You Mention AI Again‘. Though for a toot size version this from @[email protected] is also excellent at summarising the state of grift.
There are two huge (and overlapping) problems at play here:
- AI is sucking up almost all of the (discretionary) time and treasure, at least in the IT industry[2].
- None of this stuff works as advertised unless you’re prepared to make sure that the foundational stuff is taken care of – clean data, a solid operating philosophy, good teams with strong psychological safety.
Of course I jest. All work on 2 has ceased while every ounce of effort goes into 1. AI makes line go up!
Bullshit Jobs
It seems that the main reason execs are so allured by AI is the notion that they can replace all those pesky unreliable people that work for them.
For those paying attention, we’ve seen this show before, with Robotic Process Automation (RPA)[3] – software that got (extortionately) licensed by the ‘virtual person’ so that middle managers could keep their empires (albeit with a staff of glorified bash scripts rather than actual people to boss around – I guess it makes annual review season much less of a hassle).
But… this time it’s different. Not only have models been trained, at enormous expense, and by scraping every bit of text that wasn’t safely hidden away. But also the chatbots can do a decent impression of generating plausible sentences[1], especially if you’re the trademark ‘moron in a hurry‘.
There is sadly a whole class of ‘Bullshit Jobs‘ as articulated by David Graeber. If the purpose of the job is to create bullshit, then a bullshit spawning AI is the perfect fit.
So maybe there’s a happy ending here. Maybe the truth of AI taking peoples’ jobs is bullshit AI taking peoples’ bullshit jobs. The disruption is going to be awkward, but hopefully we all get to spend our time more meaningfully.
Notes
[1] Cory Doctorow has been using the term ‘plausible sentence generators‘ to describe what an LLM does, and I think it’s a description that perfectly nails things. If you substitute ‘AI’ or ‘Generative AI’ or ‘LLM’ for ‘plausible sentence generator’ then it brings things properly into perspective. Cory also has an excellent piece on ‘How plausible sentence generators are changing the bullshit wars‘.
[2] And since arguably the IT industry is the only thing that’s been driving economic growth for decades, so it kind of matters.
[3] In $LASTJOB I used to have a list of ‘preferred ways of automating things’ with RPA dead last (after API based automation and CLI tools), though that also presumed that something was worth automating rather than eliminating, or doing better. There’s a snippet of my operating philosophy.
Filed under: technology, wibble | 2 Comments
Tags: AI, bullshit, ChatGPT, generative, LLM, Navy
May 2024
Pupdate
The boys got a new bed, which they seem to love.
EMFcamp
I’m writing this post from inside the camper van I rented for EMFcamp. As usual the WiFi is amazing, and it’s great to hang out with friends.
Previous trips suggested that having a ‘live in vehicle’ was the way to go, and after a decent first night’s sleep I’m enjoying the extra luxury. We got a Swift Edge 464 Motorhome from Ocean Trail.
Whisky (and whiskey) tasting at the Food Hacking Tent was good fun, and the Scotch Malt Whisky Society (SMWS) bottle of that I took seemed to be well liked. Even better, we were joined by another SMWS member who brought another nice Speyside along :)
The event spills over into June, so maybe more to follow then.
Travel
It’s been a busy month for work trips, with Open Network Users Group (ONUG) in Dallas followed by IoT Solutions World Forum in Barcelona.
Dallas was one of those trips where I barely made it out of the conference hotel. ONUG Spring was a great event though, and well worth the trip though – maybe the best trade show experience I’ve ever had :)
My Texan friends told me I should get some BBQ whilst in town, and as luck would have it, there was a BBQ truck at the closing drinks.
Tripit tells me that Barcelona is my most frequent destination, though I got to visit some parts of the city I’ve not spent time in on previous trips, which was nice.
Cross Trainer
My ‘new’ Horizon Fitness Andes 7i cross trainer started making an awful squeaking noise. After dismantling it the problem was easily localised to the flywheel, and after dismantling that it was fairly obvious that one of the bearings was broken. I guess in one of the moves from original owners house to storage, to different storage, to my car, to the garage etc. it’s had a knock that maybe squished one of the balls. In general the machine seems well engineered, perhaps even over engineered in places, but all the mechanical load ends up being put onto a couple of little (10mm x 22mm x 6mm) 6900Z bearings. Luckily they’re cheap and easily available.
Putting the whole thing back together was a job I’d be happy to never do again, but the return of smooth and (nearly) silent workouts is welcome.
Solar Diary
May brought some nice sunny days. It was briefly dry enough for me to get my motorbike out again.
But also the succession of Atlantic weather fronts that have been bashing us almost non stop since mid Oct resumed, leaving the month almost 100 kWh down on last year.
Filed under: monthly_update, travel | Leave a Comment
Tags: 6900Z, Andes 7i, Barcelona, bearing, camper, cross trainer, Dallas, EMFcamp, flywheel, Horizon Fitness, pupdate, solar, Texas, travel, van, whisky
Today is Milo’s third birthday, which seems like a milestone worth celebrating :)
It’s also two months since the last update, and he had the last dose of Doxorubicin to complete the second CHOP chemotherapy protocol on Tuesday. His weight has been stable, the cystitis subsided, no further complications, and no problems with neutrophils.
So… we’re back to monitoring scans, with the next one scheduled for early July.
Insurance
No update over the last couple of months, though the last vets visit also pushed the total for this year past the limit, so I’ve submitted the final claim for now.
Past parts:
Filed under: MiloCancerDiary | Leave a Comment
Tags: cancer, chemo, chemotherapy, insurance, lymphoma, Miniature Dachshund
April 2024
Pupdate
A trip to the North East provided the chance for some beach walks, which was a new experience for the boys.
They seemed to enjoy it :)
Tynemouth
With some inspiration from Robson Green’s Weekend Escapes we looked for somewhere we could take the dogs with us for an Easter break to catch up with family and friends in the North East.
When Waters Edge came up I wasn’t really searching too hard for anywhere else. Percy Gardens was my aspirational place to live when I was growing up in the area, so I jumped at the chance to spend a few days there.
The place was much bigger than we needed, though we did have grand plans for dinner parties and maybe even some folk staying over. That all came to naught due to me picking up a cold at QCon and (sensibly) nobody wanting to risk catching it, but it was a lovely place to stay.
QCon
I’ve been to 22 QCons over the years, and spoken at or helped organise 8 of the London events. This year’s was easily my favourite. So many great talks, so many great conversations, and lots of fun with friends old and new.
I’d be lying if I said it was stress free. I’d invited 3/4 of the keynote speakers, which meant I was on tenterhooks from opening to close. But I needn’t have worried, as they were all great :)
Johnny Hates Jazz
Johnny Hates Jazz weren’t huge when they hit the charts in the 80s, but they had a memorable name, and I recall seeing them on Top of The Pops. So when the chance came up to see them locally it didn’t take much deliberation.
Of course they played all the crowd-pleaser hits from their early days, with much singing along (my wife went from ‘who are they’ to suddenly remembering the words). They also played some of their newer stuff, and I have to say I like the rockier sound that their lead guitarist brings :)
Cross trainer
After repairing the cross trainer in January it started squeaking again. Initially I thought the left side would need the same treatment I’d given to the right, which is a job I planned for the weekend. Then one morning I noticed the right hand crank at a funny angle; because I’d snapped the crankshaft :0
It had lasted through something like 20 years, and thousands of workouts, so I guess I’d got my money’s worth.
I’ve picked up a ‘nearly new’ Horizon Fitness Andes 7i on eBay, which initially seemed to be performing faultlessly (and almost silently). But after a few workouts there’s a squeak coming from the flywheel. I’m cursed :(
Solar Diary
Given that the weather remained steadfastly awful (as it’s been since mid Oct) this April wasn’t too far shy of last year.
A bit less iBoost to the water tank (and hence a bit more export) as the sender unit batteries ran out whilst I was away from the house (and even when I got back it took me a few days to noticed the error message and figure out what I needed to do).
Lord Mayor’s Big Curry Lunch
One of the reasons we headed home from Tynemouth when we did was I had tickets for the Lord Mayor’s Big Curry Lunch.
It’s an event that we first became aware of during lock-down when they partnered with Cookaway to do a cook at home version (along with a ‘cookalong’ featuring Cyrus Todiwala that really upped our rice cooking game). Since then I’ve been on the mailing list and received invitations each year, but it’s always clashed with work stuff. But this time it fell nicely on a holiday week, and provided a good excuse to get dressed up and head to the Guildhall. We met a whole bunch of interesting folk there, mainly from the various Livery Companies.
Filed under: monthly_update | Leave a Comment
Tags: beach, cross trainer, Johnny Hates Jazz, pupdate, QCon, solar, Tynemouth
March 2024
Pupdate
March continued the succession of Atlantic weather front based wet and wind that’s been going on since mid October; but… it’s been warm enough for the coats stay off, at least some days.
Damian Lewis
I’ve loved just about everything I’ve seen Damian Lewis in, particularly Billions; so (despite his crooning of the National Anthem at Silverstone F1 last year) when the chance came up to see him with his band I was straight onto the booking page.
His stage presence was exactly what I expected after seeing him on chat shows, and he and the band put on a good fun show.
Rick Wakeman
I neglected to include this in my Feb post, but I also got to see Rick Wakeman at Trading Boundaries. He put on a virtuoso demonstration of keyboard playing. Perhaps my favourite bit was when he played various nursery rhymes in the style of different comedians – he’s a musical genius.
AI workshops
Last month I described AI as the bubbliest bubble I’ve ever seen, but that doesn’t mean I’m not interested in learning more about what the tools can achieve. So I attended a couple of workshops at Google’s London office.
Duet
The re-brand of all AI Googley things to ‘Gemini’ hadn’t quite rolled into their coding assistant, so we were still calling it Duet at the start of the month.
My main takeaway is that it’s possible to create a lot of mundane stuff very quickly. One concern that emerges is you can create a lot of code you might not understand, but that can quickly be batted back with ‘get the AI to explain the code to you’, which it can do – if you actually care.
Just as AI is a spammers delight for ‘content’, it seems that it’s now possible to create run of the mill websites and apps in enormous volume at great speed. This is probably not a tremendous thing in the (limited) attention economy.
The first thing I asked Duet was ‘what’s the latest version of the Go programming language?’ to which it replied 1.19.2. I subsequently asked ‘what’s the latest version of the Dart programming language?’, which got me 2.17. Coffee break chat touched on the ‘Stack Overflow problem’ of things being right at some past point in time, but no longer correct in current practice.
I can see how such assistants are useful for certain types of programming related work, but I’ve yet to see anything that’s particularly helpful for the challenges I personally face day to day.
Gemma
Gemma is the suite of open models that complements Gemini based services and allows people to build things that incorporate a model locally.
Much of the workshop was spent explaining why it’s an open model rather than open source, and agonising over the safety versus openness arguments.
But we did get to the fun stuff eventually, with a demo of an AI powered word game that could be run standalone on a laptop (without needing Internet connectivity). It was simultaneously impressive and underwhelming – the tech holds so much promise, but even fairly trivial demos can end up revealing weaknesses.
Monkigras
I’ve been going to RedMonk founder James Governor’s Monkigras since the beginning, so it was great to see it back after a long (not entirely to do with the pandemic) break.
The theme was (of course) AI with ‘prompting craft’, and James did an amazing job of bringing together a lineup of speakers with unique insights on the topic. Here’s the main takeaways I noted down:
- We’re quickly evolving past the point of large language models (LLMs) being used standalone into an environment where they’re glued into more complex workflows. The ‘mash-up’ is back, and there’s a bunch of new tools like LangChain and Griptape to help things along.
- Retrieval-augmented generation (RAG) is the present hotness, and inserting knowledge graphs into queries looks especially promising.
- Most applications of LLMs benefit from a process that Google’s Zack Akil calls IVO – Immediately Validate Output; meaning that the output generated by the model is immediately validated (and corrected) by a human expert before it gets in front of an end user. The example he showed of translating indecipherable (to a layperson) medical terminology into plain language was super quick, but clearly something that needed a doctor to click the ‘looks good to me’ button before getting to a patient.
- ‘AI skill risk’ is distorting the incentive structures within organisations – another complicating factor in office politics and the relationship between workers and management.
- The current ‘chat’ interface to most models doesn’t provide much in the way of user interface affordances – those little clues we get about what we’re supposed to do next. So we can expect a Cambrian explosion in new ways to interact.
- Asking a model for its reasoning can help give it an ‘internal monologue’ that improves the quality of output.
Lastly, and perhaps most importantly, there’s ‘no magic’. LLM based systems may not be deterministic in the way that we’re accustomed to with regular computer programs; but we can still reason about such systems, and scratch deep enough and there’s just applied statistics and a LOT of matric multiplication.
Podcasts
Nick and I have been recording a fresh season of Tech Debt Burndown, along with a special mini series; but I’ve also spent some time as a guest on other people’s podcasts.
- DevHops – Unpacking Leadership
- Ship It! – Scoring your project’s security
There’s also an episode of Nerding out with Viktor in the can that I hope will drop soon.
Plumbing
I got up one morning to a cold house. It didn’t take long to figure out that the central heating pump had broken. It had done OK (much better than its predecessor), lasting around 15y.
Worse was to follow though, as I cleared the way for the heating engineer I noticed a leak from the central heating/hot water diverter valve.
I have a Corgi insurance policy, which got an engineer the next day, but he was only able to fix the pump, which at least got the heating going again (which in turn made the leak less bad). He reckoned that replacing the valve would first mean draining and removing the tank – a lot of time consuming work.
After a bit of chasing, and another call out fee, and a visit to see the job, and a bit more chasing; a second engineer came to replace the leaking valve, which he managed without having to tear the whole system apart.
Turbo trouble
When we got the new Mini last September I decided to hang onto our Volvo, at least for a bit, as it’s not worth much given its age and miles, but still in nice condition. I’d also spent a bundle on it over the summer to get various things fixed. Sadly it’s been playing up again. On a short local trip it went into ‘limp mode’, meaning vastly less power from the engine due to no turbo. It reset when stopped, but would start limping again after any hard acceleration or big hills to climb.
I got hold of a code reader that threw up P0299 ‘Turbo underboost’, and with nothing obvious that I could fix it was off to the garage. They eventually tracked things down to a broken sensor – one that fails so frequently that they had one in stock. It’s behaving itself again now, but I wonder if it’s time for it to go, especially as we’ll shortly have $daughter0’s Mini back on the drive whilst she’s doing her industrial placement year.
Solar Diary
Despite the clouds and wet weather this March was actually better than last year.
Filed under: monthly_update | Leave a Comment
Tags: AI, Corgi, dachshund, Damian Lewis, Duet, Gemma, heating, leak, LLM, Monkigras, plumbing, podcast, prompt, pump, pupdate, Rick Wakeman, solar, turbo, Volvo
Just like Red Team Blues, ‘The Bezzle‘ is a book that I could have easily devoured in one sitting – if I didn’t have a job. As things were, I got through it in a matter of days.
Confession – I parked ‘The Lost Cause‘ so I could get back to Marty’s adventures. It was so worth it, another romp through the stuff that Cory writes about on his Pluralistic blog, with characters and scene setting to bring it to life. The prison industrial complex, private equity and tax audits – that may not sound like material for a gripping thriller; but it was, as the cons and corruption, the human greed behind that, and the frailty it brings all provide ample fodder for some great storytelling.
(Not for the first time) I get the feeling that if Cory had picked the spreadsheet over the word processor, he might have been a forensic accountant like Marty Hench.
It was gratifying to see my name in the acknowledgements along with other reviewers of Red Team Blues, and I can’t wait for the next installment Picks and Shovels.
Filed under: review | Leave a Comment
Tags: Cory Doctorow, review, The Bezzle
Chris Swan's Weblog 