Thus begins the war on roads, think of the children!

Straight out of page 48 of Agenda 21.

Some people think that this is part of a coordinated effort by governments, worldwide, to increase their own power by coralling the bulk of their populations in high-density urban areas, limiting their access to transportation, and making them totally dependent on government controlled services.

By that model, "Transit oriented developments" (i.e. no space to park a car for you - go only where and when public transit deigns to take you), "walkable neighborhoods", and "getting people over their love affair with cars" (by designing road networks to make commuting and recreational travel difficult and unpleasant) isn't enough. They've been closing roads in much of the rural areas, in the name of "protecting the environment". Next step: Make it a public policy to abandon or close non-wilderness rural roads.

... if you visit the first article linked in the story, while using AdBlock, you get a giant pop-up complaining about your doing so. :-)

Not if you also use noscript. B-)

Even though it's funded by adblock, I still believe it. May not be such high percentages, but it will certainly take a measurable chunk away.

I'm surprised it's not more.

Perhaps that's me, though. My browsing tends to be sites, such as Slashdot, where the meat I'm after is text, and the site's chaff is mainly icons, formatting-prettys, buttons, and other things that are static, image-light, and either susceptable to substantial compression or rendeded by the browser from small descriptions. Ads, meanwhile, tend to be image-rich, moving, and flashy, and designed for the add site's customer (who has litte concern for the viewer's costs) which chews up bandwidth.

I'll presume it's so low either because others browse more bandwidth-intensive sites or site designers, in this age of broadband and optimized-only-for-appearance site design tools, are also not interested in keeping the bandwidth down (and the resulting performance up).

Individual sites cry foul because they cannot meet their advertising targets affecting their revenue, but from the point of view of the user that is active on the net they are bombarded by advertising. Stripping even 10% away can be a good thing...

For reducing viewer distraction, cutting bandwidth costs, and avoiding delays in web-page rendering.

I NEED to suppress the ads when I'm at the ranch, with only slow dialup. A single image can make a page take minutes to load, when it could have been up in a second or less. So imagine one surrounded by banner ads, sidebar ads, embedded ads, footer ads, and so on. One animated ad can make the page take half an hour or more to load, and dynamic content can make it never finish at all, as the content changes outstrip the bandwidth.

I even browse Slashdot with a configuration hack corresponding roughly to enabling firefox's long-lost "delay image loading" option. To do otherwise, even in classic mode and with "patron status or enough karma to disable ads", would be impractical.

Without adblock plus AND noscript, (and maybe flashblock,) I'd be off the web when out of town.

Except Snowden gave the information to everyone, US and foreign.

Riddle me this: How do you give it to the American People WITHOUT also giving it to everyone else, US and foreign?

Do you REALLY think 321 million people can keep a secret?

What happened is that people who used the system very day, day in and day out, became so fast at entering the machine settings the rate of UI events exceeded the ability of the custom monitor software written for the machine to respond correctly to them.

Which is still to some extent a UI issue.

But the literal "killer" is what happened next:
  1) The machine detected that it had screwed up.
  2) But the UI reported this by a cryptic error message: "MALFUNCTION nn" - where the 1 = nn = 64 error codes not only weren't explanatory, but weren't even included in the manual.
  3) And if the operator hit "P" (for "proceed") the machine would GO AHEAD AND OPERATE in the known-to-be-broken mode, giving the patient a fatal (high-power, not-swept-around) electrons rather than a 100x weaker flood of x-rays, with NO FURTHER INDICATION that something is still wrong (unless you count the patient sometimes screaming and running out of the room.)

If 2) and 3) aren't user interface problems, what is?

According to wikipedia, that had software problems that ended up killing people What's that got to do with UI changes and user experience?

The original post was about bad user interfaces causing harm to people. Changes breaking the user experience was only one of the issues.

In Therac's case the bug WAS primarily in the user interface:
  - Due to a race condition, if a button happened to be pressed at the wrong moment and the menu filled out in a particular order, the device would configure the electron beam for x-ray generation rather than electron beam generation (high electron beam current, no scanning) but not position the target, flattening filter, collimator, or ion-chamber x-ray sensor in the beamway, resulting in a configuration that irradiated the patient with beta radiation, rather than x-rays, at 100x a normal dose.)
  - The machine DID detect that there was a problem. But it reported it as "MALFUNCTION nn" - where nn was a number from 1 to 64 and not explained in the manual. If the operator entered "P" (proceed), it would then go ahead and operate in the improper mode anyhow.

Both the second part and most of the first part sound like user interface problem to me.

Someone started uploading all the HackingTeam source code to GitHub ... There are also some signing keys for kernel drivers in here.

IMHO:

Anyone with a project hosted on git hub should pull a backup copy NOW!

Hosting this leak on git hub could lead to moves by authorities to contain it - which could have the side effect of making GitHub and/or some projects on it unavailable - temporarily or permanently.

Better safe than sorry.

... will this help bona fide security researchers with their work on fighting exploits on all platforms ... ?

I wonder if this will also help people trying to write open software for closed devices? Signing keys, driver sources with spyware installed, ... Not only does it expose the malware bypassing the user's security, it may also expose the internal details of how the devices are driven and/or how to compromise the malware's and devices' anti-user "security".

(I have often wondered how many of the closed-driver devices have the code closed just for business reasons and how many are closed because that's where the spyware has been installed and they can't let the source out - even sanitized - because that would lead to the spyware's exposure.)

The goal is to intimidate the makers of such designs. Arrest first and ask questions later, when such designs get out.

It's also to make it harder for "the common man" to arm himself - in case a Schelling Point is reached and a LOT of people suddenly decide that they need to arm themselves against the government or its puppeteers. By slowing them down, and reducing the number and quality of designs available, the powers that be have more time to react and try to divide and reconquer.

Of course intimidating designers is a big part of that.

This is not the first time they did this. In fact it has quite an interesting history in cryptography that was classified as a munition for just this reason.

Which is why OpenBSD is hosted from outside the US. (It's NOT just that Theo happens to live in Canada.)

I have similar issues:
  - Towing several tons (travel trailer or 23 foot trailerable-with-extreme-trailer deep-keel coastal-water-ocean-capable sailboat) up and down mountains and cross-country.
  - Going to/from the ranch - over 250 miles one way (over the Altamont grade, across the central valley, and through a pass in the Sierras) - with the last 0.7 miles sometimes hubcap-deep mud.
  - Carrying ranch groceries for several months and/or other supplies or equipment from the nearest supermarket etc. - 27 miles away.
and so on.
  - Off-roading to visit ghost towns and other historic sites in the Nevada Desert - where "running out of gas" - in the absence of cell phone service - might mean your skeletons are discovered in a couple years.

On the other hand, for trips about 3/4 of the year and NOT towing, a plug-in hybrid or an all-electric vehicle with sufficient range, serious regenerative braking, and adequate cargo capacity for two week's groceries and luggage for two, would be ideal. Charge it up at each end (off a windmill/solar at the Nevada end) to start full, use regenerative braking on the downslopes to power across the valley or up the next up slope. For a hybrid: Top off the batteries while cruising the central valley and use batteries plus engine to avoid being a creeping traffic hazard on the mountain roads.

My cycle would be almost identical to a Silicon Valley worker who mostly commutes 25 miles each way and occasionally vacations at the Lake Tahoe ski resorts or Reno or camps in the Sierras. A single vehicle that could do both - rather than needing two vehicles to accommodate the use pattern - would be ideal.

Sure, no problem. If you dislike systemd that much, it certainly makes sense to move to a different software platform.

I don't particularly dislike systemd per se. I do observe the controversy around it, and the image of it and its project, painted by its opponents (some of whom have enough creds that it's unlikely that they're talking through their hats), indicates that the claimed issues are likely to be real problems, and this may be a tipping point for Linux adoption and user choice among distributions or OSes.

Your Snowden argument isn't particularly applicable in this instance, as you have access to the full source code for systemd. If you're not comfortable looking through C code, then any init system would be a problem for you. ... If you think that porting your laptop, home servers and desktops to a completely different operating system is less effort than learning how systemd works, then I can only conclude you haven't tried to learn how systemd works. Or you've severely underestimated the work involved in moving to another OS.

I did my first Linux drivers (a PROM burner and a Selectric-with-selonoids printer) on my personal Altos ACS 68000 running System III, wrote a driver for a block-structured tape drive for AUX - working from my own decompilation of their SCSI disk driver (since the sources weren't available to me initially), ported and augmented a mainframe RAID controller from SvR3 to SvR4, and so on, for nearly three decades, through hacking DeviceTree on my current project. I don't think C has many problems left for me, nor does moving to yet another UNIX environment - especially to one that is still organized in the old, familiar, fashion. B-)

As for trying to learn how systemd works, that's not the proper question. Instead, I ask what is so great about it that I should spend the time to do so, distracting me from my other work, and how doing this would meet my goals (especially the undertand-the-security-issues goal), as compared to moving to a well-supported, time-proven, high-reliability, security-conscious alternative (which is also under a license that is less of a sell to the PHBs when building it into a shippable product.)

Snowden's revealations show that the NSA, and others like them are adept, at taking advantage of problems in obscure corners of systems and using that obscurity to avoid detection. The defence against this is simplicity and clarity, avoiding the complexity that creates subtle bugs and hides them by burying them in distractions. Bigger haystacks hide more needles.

The configuration for systemd isn't buried. It's there for all to see and change, in plain text. Logging in binary form is _optional_. You can choose to direct logged messages to syslog, or use both syslog and binary, to have the "best of both worlds", albeit with the best of disk usage.

Unfortunately, I don't get to make that choice myself. It's made by the distribution maintainers. My choice is to accept it, open the can of worms and redo the work of entire teams (and hope their software updates don't break things faster than I fix them), or pick another distribution or OS.

Again, why should I put myself on such a treadmill of unending extra work? If I could trust the maintainers to mostly make the right choices I could go along - with no more than an audit and perhaps an occasional tweak. But if they were making what I consider the right choices, I wouldn't expect to see such a debacle.

Entangling diverse processes into an interlocking mass is what operating systems are all about! ;)

No, it's not. The job of an operating system is to KEEP them from becoming an interlocking mass, while letting them become an interacting system to only the extent appropriate. It isolates them in their own boxes, protects them from each other, and facilitates their access to resources and ONLY their LEGITIMATE interaction wherever appropriate and/or necessary. The job is to Keep It Simple while letting it work.

Your phrasing, and making a joke of this issue, is symptomatic of what is alleged to be wrong with systemd and the engineering behind it.

At a large scale, the internet was designed to route around individual problems such as this.
Can't this same principle be applied on a smaller scale?

Yes, it can. Just dig a whole bunch MORE trenches around the country at enormous cost.

The SONET fiber networks were designed to be primarily intersecting rings. Most sites have fiber going in opposite directions (with a few having more than two fibers going off in more than two directions so it's not just ONE big, convoluted, ring.) This is built right into the signaling architecture: Bandwitdth slots are pre-assigned in both directions around the ring. Cut ONE fiber run and the signals that would have crossed the break are folded back at the boxes at each end of the break, run around the ring the other way, and get to where they're going after taking the long route. The switching is automatic and takes place in miliseconds. The ring approach means that the expensive cable runs are about a short and as separated as it's possible to make them.

But cut the ring in TWO places and it partitions into two, unconnected, networks. To get from one to the other you have to hope there's another run between the two pieces, and there's enough switching where they join to reroute the traffic.

IP WANs have, in some portions, also adopted the ring topology as they move to fiber, rather than sticking to the historic "network of intersecting trees" approach everywhere. That's partly because much of the long haul is done on formerly "dark fiber" laid down in bundles with the SONET rings from the great fiber buildout (or is carried in assigned bandwidth slots on the SONET networks themselves), partly because the same economics of achieving redundancy while minimizing costly digging apply to high-bandwidth networking regardless of the format of the traffic, and partly because routers that KNOW they're on a ring can reroute everything quickly when a fiber run fails, rather than rediscovering what's still alive and recomputing all the routing tables.

= = = = =

Personal note: Back when Pacific Bell was stringing its fibers around the San Francisco Bay Area, I was living in Palo Alto. They did their backbone as two rings. There was only one section, perhaps a mile long, where BOTH rings ran along the same route. It happened to go right past my house, with the big, many-manhole repeater vault right next to the house. (I used to daydream of running my own fiber the few feet into the vault. B-) The best I had available, in those pre-DSL days, were dialup with Telebit PEP modems (18-23 k half-duplex) and base-rate (128k) ISDN.)

Anyway, I digress. Advantages of systemd are: [long list]

Those are all very nice things to have.

Unfortunately, for my needs, simplicity and understandability are far more important than a fast boot and feature-rich management of the runtime environment. I need to KNOW that things are being handled properly and securely. That's become far more important since Snowden showed us, not that the spooks were getting into our computers (which we'd already figured was happening), but how DEEPLY and EFFECTIVELY their technology and personnel are able to do so.

If the improved functionality is at the cost of burying the configuration and logging in non-human-readable form and entangling diverse processes into an interlocking mass under a complex and ever growing manager, the shark has been jumped.

Though Linux has been becoming (MUCH!) more usable with time, its configuration has been buried progressively more deeply under more and more "convenient and simplifying", but non-transparent, configuration management tools. Systemd is the continuation of the trend. But it is also a quantum leap, rather than another thin slice off the salami. So it has apparently created the "Shelling Point", where a lot of frogs simultaneously figure out that NOW is the time to jump out of the pot.

It's been a great ride. It had the potential to be even greater. But I think this is where it took the wrong turn and it's time for me to get serious about switching.

There's good reason to switch to NetBSD at work, on the product. (The code supporting the secret sauce is on the user side of the API and is Posix compatible, so it should be no big problem.) Porting my laptop, home servers, and desktops to OpenBSD now looks like it's worth the effort - and less effort than trying to learn, and keep abreast of, the internals of systemd.

Call me if somebody comes up with a way to obtain the key benefits of systemd in a simple and transparent manner, rather than creating an opaque mass reminiscent of Tron's Master Control Program. (Unfortunately, the downsides of systemd's approach seem to be built into its fundamental structure, so I don't expect it to evolve into something suitable, even if it's forked.)

As I understand the three major forks:

One (OpenBSD) is for having as secure a desktop/server/embedded platform as the maintainers can manage - important in this post-Snowden era (as it was, all unknown, in the era preceding Snowden B-b). It is based outside the US so it can incorporate strong encryption without coming afoul of US export controls.

One (NetBSD) is for developing network internals software and networking platforms (typically ported, when possible and not part of a proprietary product, to the others and other OSes.)

One (FreeBSD), now that its original purpose of getting the code disentangled from proprietary accomplished and the other two projects forked from it, is for making an open unix-like system run on the widest range of hardware platforms and devices possible.

Unless you're using your machine for building networking equipment or it's a new hardware platform under development, the choice seems clear.