Has an awful habit of taking things too seriously.
Joined July 2012
- Tweets 1,346
- Following 343
- Followers 136
- Likes 54,150
22 Photos and videos
Gordon Messmer retweeted
Instead of discussing how Elon Musk is now the world's first trillionaire, we should talk about how he killed hundreds of thousands of people through his dismantling of food and medical aid to poor countries
currentaffairs.org/news/how-…
4,802
18,854
45,977
1,697,311
In software development, cost tends to be a function of how long the software is maintained and how complete security patching is.
1
1
21
Fedora, on the other hand, optimizes for cost and security coverage. The trade off is long-term stability. A release can only reasonably last as long as upstream project releases typically do.
1
12
Free LTS systems optimize for cost and stability, but security coverage isn't great as a result. Upstreams stop producing patches long before the distribution ends the release, and free distributions aren't staffed to produce their own security patches for everything they ship.
10
Gordon Messmer retweeted
May 29
Artificial intelligences do not undergo experiences, do not possess a body, do not feel joy or pain, do not mature through relationships, and do not know from within what love, work, friendship or responsibility mean. Nor do they have a moral conscience, since they do not judge good and evil, grasp the ultimate meaning of situations, or bear responsibility for consequences. They may imitate or even simulate, but they do not understand what they produce, for they lack the affective, relational, and spiritual perspective through which human beings grow in wisdom. #MagnificaHumanitas
4,060
60,349
309,822
14,198,424
Gordon Messmer retweeted
May 24
Cognitive fatigue is real.
We mock it because admitting it would force us to redesign everything: schools, workplaces, classrooms, hospitals, parenting.
Mocking is cheaper.
7
28
178
1,819
May 17
SeaGL is coming up. I don't see talks in their recent archives Re: LTS and regular releases from a security point of view. I am finding that far more people than I expected believe that LTS systems offer better security.
Do you think such a talk would be interesting or useful?
1
1
37
May 17
As adversaries develop and adopt better tools, it becomes increasingly important to understand the difference between LTS and regular release models.
1
16
May 17
This talk will explore the challenges that exist in keeping LTS systems secure, especially as they continue to ship code that is no longer maintained upstream.
1
16
If dnf is broken, you can always use a container to upgrade your host OS:
$ sudo podman run -it --rm -v /:/sysimage fedora:latest
# dnf5 --installroot=/sysimage/ distro-sync
1
43
Apr 11
I've started a project to support kernel builds, signed with an HSM and publishing transparency logs, on infrastructure that can be readily forked, deployed, discussed, and improved.
codeberg.org/gordonmessmer/s…
ALT signed build infrastructure diagram depicting git repos, a CI runner, the KMS HSM, and transparency logs
1
1
1
101
"There’s an old joke within Google that there are two ways of doing things: the one that’s deprecated, and the one that’s not-yet-ready."
I always thought this was an odd attitude among Googlers, because that's... how software is supposed to work.
1
15
As software matures, as it gains features and users, it becomes more likely that development will run into architectural limitations that require refactoring or rewriting large sections, which will create a new not-yet-ready series and deprecate the old one.
1
14
That's how the stable release process works. It's a natural cycle. There's *supposed* to be two (or more) versions under normal circumstances.
10