What about US sanctions against China about Huawei using free, open sourced Android? What about USA advising Germany, Switzerland to stop buying gas from Russia - see Grenell's letters to industry:
http://www.xinhuanet.com/english/2019-12/24/c_138655403.htm (B.t.w.: Grenell's now commander in chief of all US secret services. A pure nightmare, that guy!) That affront even was noticed in China. And what about Apple buying and removing Open Sourced FoundationDB from Internet? "In March 2015 the FoundationDB Community site was updated to state that the company had changed directions and would no longer be offering downloads of its product. The company was acquired by Apple Inc., which was confirmed March 25, 2015." Never, ever trust US government, US companies, US Foundations. Even RISC V Foundation had to move away from the US to Switzerland due to geopolitical concerns: https://www.theregister.co.uk/2019/11/26/riscv_foundation_switzerland/ Most people here seem to think, i would be paranoid or being a "US hater". I fear, it's much worse than that! :-( Again: Stop using US software stacks! Under all circumstances!!! Best regards, Guido Stepken Am Sonntag, 19. April 2020 schrieb Jeronimo Pellegrini < j.pellegr...@randomnode.info>: > [ sorry for duplacates; I've realized I have sent this from a wrong > From: address, so I'm sending it again ] > > Hello. > > I don't usually write here, but I believe this is important. > > I agree that the tone used initialy by Guido was really bad. But > there are strong arguments that lead to what he said. > > I would like to at least present the argument, even if only > pointing to external references. Because there is one, and for > the same reason I don't like when people go saying that "earth is > flat", or that "there is no coronavirus" [0], because that is strongly > disrespectful of science, I also believe that for agreeing or > disagreeing on the subject being discussed on this thread, one would > also need to show where the agreement or disagrement comes from. > Scientifically -- and I'm including human sciences. > > The argument would not be strictly in exact sciences, and that may > be why it is uncomfortable for programmers to actually pay attention > to it [1]. The argument would likely go through Mumford, Foucault, > Deleuze, Zuboff. I wont reproduce it here. > > However, cryptographer Phil Rogaway did write an essay that is closely > related to that, and explains much of the core of it. It is called > "The Moral Character of Cryptographic Work" [2], and is really > brilliant. This as a distingueshed IACR lecture in 2015 [3]. IACR > is the International Association for Cryptologic Research [4]. > > So. One important thing: Lewis Mumford noticed [5] that technology > is not always of the same kind. Sometimes it is more useful than > damaging, and sometimes it is the other way around (the terminology he > used is different, but it is the same). And people have been working > on developing technology without any attention to that (nuclear energy is > the usual first example of this. Rogaway metions the Russel-Einstein > manifesto, for example. It was written by two exact science researchers! > Rogaway also mentions in his text that "Academic cryptography used to > be more political" -- check that. > > A few examples may be interesting. > With nuclear energy, there came a requirement for more authoritarianism, > stronger vertical power structures. Why? Because the potential for damage > is huge. See, for example, the radioactive boy scout, David Hahn [6]. > I do recall that there was some similar incident in Europe, but couldn't > easily find the reference. > Besides requiring more authoritative power, nuclear energy is also > related to several disasters, and there is thenuclear waste problem. > > Am example closer to programmers: deep fake. "We have neural networks, and > we now can train deep networks" - everybody is happy. "We can use > deep learning in videos and audios" - happier. Then comes deep fake. > It is hard -- and will possibly become harder and harder -- to detect > wether a video is fake or not. This could potentially lead > both criminology and investigative journalism to the pre-photography > era. There will be a solution, and I am afraid that it will, again, > require an even more authoritative society (your video, photo or > audio must have been recorded by a tivoized device with a unbreakable > crypto module, otherwise it is useless). AND you will need to > trust the manufacturer (they COULD use the private keys to create whatever > fake videos they want). > > See... Technology is not "neutral". (Interestingly, this is also why > darktable -- a great software package -- does not have a face recognition > module [7]) > > > As to LLVM. Being or not funded by a foundation is not really a good > criterion for assessing software, I'm afraid. But I can do this: I trust > the people who develop GCC. They have a longstanding strong ethical commitment, > and I have no reason to be afraid of what gcc may do on my system. > I don't trust LLVM, for several reaosns, so I avoid it as much as > possible. > > Jerônimo > (The guy who maintains the LibreCMC and OpenWRT packages of Picolisp [8] -- > by the way, OpenWRT and similar firmware would probbaly not exist if > developers of Linux and several userland utilities had not picked > the GNU/GPL as a license. Another example of a decision that does > have an impact on how technology will be used and how it impacts > people's lives. With LibreCMC, I have some more confidence that my > router runs *strictly* what I want, for example. This is important for > security, since I don't want to have to trust a big hardware maker. > See, for example, what is already happening with other devices -- > smart TVs recording audio on your house and SENDING IT TO THE > MANUFACTURER. And they don't even deny it) > > [0] It is really sad that I have been seeing this a lot in my country. > > [1] About the communication gap between exact sciences and human > sciences, see C. P. Snow, "TheTwo Cultures". There is a Wikipedia > page for the text: https://en.wikipedia.org/wiki/The_Two_Cultures > > [2] https://web.cs.ucdavis.edu/~rogaway/papers/moral-fn.pdf > > [3] https://www.youtube.com/watch?v=F-XebcVSyJw > > [4] https://www.iacr.org/ > > [5] https://en.wikipedia.org/wiki/Technics_and_Civilization > > [6] https://en.wikipedia.org/wiki/David_Hahn > Also, > Silverstein, Ken (2004). > The Radioactive Boy Scout: The Frightening True Story of a > Whiz Kid and His Homemade Nuclear Reactor. > Villard. > ISBN 978-0812966602. > > [7] https://darktable.org/ > https://github.com/darktable-org/lua-scripts/pull/100#issuecomment-351001162 > There is an external Lua script for that, > https://github.com/darktable-org/lua-scripts/blob/master/contrib/face_recognition.lua > but the feature was denied > into the core. > > [8] https://gitlab.com/jpellegrini/openwrt-packages > > On Sun, Apr 19, 2020 at 04:24:48PM +0200, Jo-To Schäg wrote: >> Dear Guido, >> >> all our time on earth is limited. We all got our own priorities. >> I think the PicoLisp community gladly spends time teaching people. Even >> multiple times. >> However the PicoLisp community does not like to solve problems for other >> people. >> Especially if it is motivated for political reasons. >> Do not expect Alex to spend his time on satisfying your paranoia or >> political motivations. >> >> You are weary of the giants of muscle and steel, I come from Cyberspace, >> the new home of Mind. On behalf of the future, I ask you of the past to >> leave us alone. You are not welcome among us. You political motivations >> have no sovereignty where we gather. - inspired by the Declaration of >> Cyberspace >> >> Also you do not need to leave the community but at least stop bothering >> Alex about your political opinions. >> We have heard you concern thrice. As far as i see we only use LLVM to >> translate LLVM-IR to some CPU architecture, so we only depend on the code >> for that. >> You could write your own LLVM-IR to x86 translator if you are bothered by >> LLVM itself. >> >> >> >> On Sun, 19 Apr 2020 at 15:54, Guido Stepken <gstep...@gmail.com> wrote: >> >> > Alex, this is not the point. One day LLVM will inject trojan code, because >> > US government, by law, tells them to do so! >> > >> > With Cloud Act and Patriot Act US government can advise any US company or >> > organisation to implement evil code. >> > >> > Can you do a full code review at every update coming for LLVM? I can't! >> > Nobody can! 2.5 million lines is out of anybody's reach! >> > >> > 100 bytes more in a binary can make a *huge difference* from security oint >> > of view. Do you always know, why LLVM suddenly is generating bigger code? >> > Can be everything. E.g. this: >> > >> > https://gist.github.com/DGivney/5917914 >> > >> > TCC, i can review any time .... code is so tiny. Well ok, TCC binary code >> > is not as highly optimized in terms of speed, but AMD processor microcode >> > does compensate that. Differences to GCC -O3 or LLVM - in practice - have >> > become negligible. >> > >> > TCC always is fast enough. And i repeat: Stop using US software stacks! >> > >> > Best regards, Guido Stepken >> > >> > Am Sonntag, 19. April 2020 schrieb Alexander Burger < a...@software-lab.de>: >> > > Hi Guido, >> > > >> > >> Look at LLVM generated bloat and compare with Nokolisp. Less is more!!! >> > In >> > >> terms of size as well as of security. >> > > >> > > True, LLVM is huge (as is gcc, and other equivalent systems), but this is >> > > irrelevant because I *use* it only to translate *my* code. >> > > >> > > The generated pil21 'picolisp' binary is only a few percent larger than >> > the >> > > assembly version of pil64. >> > > >> > > ☺/ A!ex >> > > >> > > -- >> > > UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe >> > > > > -- > UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe > >
