Monday 4 March 2019

Feedback on Article 3(3)

The following is my feedback regarding the proposed legislation around uploading of software to radio devices.

See this link for more details:
https://blog.mehl.mx/2019/protect-freedom-on-radio-devices-raise-your-voice-today/

“Upload of software on radio equipment” initiative direct link:
https://ec.europa.eu/info/law/better-regulation/initiatives/ares-2018-6621038_en

Feedback direct link:
https://ec.europa.eu/info/law/better-regulation/initiatives/ares-2018-6621038/feedback/F238237_en?p_id=380919

This is an extremely concerning piece of proposed legislation and I urge you to read my words here and hopefully understand why this is such a bad idea.

By limiting the type of software that can be loaded onto these devices it will unequivocally lower the overall level of security in the ecosystem. There are countless examples of insecure software which has been left for years on devices that are actively in use, with manufacturers who are unwilling to devote resources to fixing security holes. Open Source has traditionally stepped up to fix these kinds of problems, led by people who want to avoid waste, to be more secure, and to have individual choice.

If users cannot load e.g. open source software onto a device, then this blows up the whole idea of sustainability, up-cycling and re-use. It would be a shameful thing to do as it would render many devices that could be re-used as completely useless and just ending up in landfill. That may as well be an environmental crime that this article would enable.

For example, many SSL attacks have been discovered in the past 5 years, and if the security in some software on a device was found to be vulnerable but no remedy was forthcoming from the manufacturer (as they had gone out of business or they were focusing on latest released devices), then that renders the device an active security risk, potentially compromised, and could cost an enterprise millions in staff time, losses from being attacked, etc. The same kind of situation can exist on phones, on other networked, radio devices such as WiFi routers, etc. Preventing a user to update them in this way is dangerous and actively helps/supports attackers who could otherwise be thwarted.

Allowing open source software on devices (e.g. phones, routers) means that the life, security and performance of them can be hugely extended, in a way that the user is in control of. For routers, it means that a device can be protected from new and active threats / vulnerabilities - these are literally being discovered each week. How quickly are approved updates from a manufacturer likely to arrive? Nowhere near that, obviously.

This article must be removed. This tendency toward centralised control of software on devices owned by individuals, charities, and companies both small and large must be examined carefully. There is simply no way that this can work in a beneficial way to users, because trust has so frequently been broken, and this is essentially guaranteed regardless of legislation.

Saturday 17 March 2018

Porting Inversion part 2

Looking towards TCR from Euston
Things have progressed and I think it’s time to write up and highlight a few items.

Choices of what to port

There are some things which I have chosen to abandon for now. These include my Inversion.Web.Razor extensions in inversion-razor, and the ConfigurationHelper and Pipeline models for service containers in Inversion.Extensibility.

In the case of the Razor extensions, I think I will need to rewrite this entirely in light of the AspNetCore support for Razor. I’d much rather be integrated with that than remain off-piste with Antaris RazorEngine.

Regarding ConfigurationHelper and Pipeline interfaces, the configuration options are so starkly different in .Net Standard, and so much easier to deal with, that there’s no point having a shim to pull configuration from a database etc when the new methods are so much more accessible.

Publishing to NuGet

I’m not sure which sociopath designed the web UI for NuGet, but they need their head examining; they’re clearly insane. It’s not quite as bad as the Visual Studio interface though, at least.

Having fought through the various stuff it puts in your way to prevent you getting a clean package uploaded, the various repos - inversion-dev, inversion-data, inversion-data and inversion-messaging - have been made available. The assemblies that make up those repos are available separately in order to keep project tech hierarchies segregated, e.g. Inversion.Data base library is separate to Inversion.Data.AmazonSQS which is separate to Inversion.Data.Redis etc. Don’t cross the streams unless you have to.

The versions are in the 1.0.x range and the references of child packages to their parents are currently set to 1.0.* as I was pretty shocked how stupid the management of minor versions was in the NuGet CLI. Anyway, working now.

GitHub organisation

The main libraries are now under the newly formed inversion-org GitHub organisation - https://github.com/inversion-org

Guy, Rob and myself are owners.

Here you will find:

The main Inversion library hasn’t moved yet but this will be its home in the future. You can still find it here:

Other libraries, such as Inversion.Ultrastructure will also be moved into the organisation shortly.

Adding Travis automation

Some Travis automation has been added to build and publish the NuGet packages, which it does sort of blindly as it doesn’t check first if the version already exists and so seeks forgiveness rather than permission when it fails to upload. I suppose there might be ways to automate incrementing the patch number on the .csproj file, but at the moment it is manual.

Things to do next:

  • add unit tests (with automation for commit status updates)
  • test the libraries work!
  • create basic application that uses the libraries via NuGet and can be deployed as a container

Sunday 4 March 2018

5 - 8 Rooms - Angina P

IDM, minimalist d’n’b

8 Rooms - Angina P

I think I first came across Ulla’s work on MySpace, a very long time ago. It was during the period when musicians in the same network would find you and then in response you would place hastily photoshopped “thanks for the add!” messages on their boards, carrying band and EP names, and it was all one nice music party, plus a bunch of emos and the worst CSS in the world. I fucking miss MySpace.

Anyway, I found some of her tracks via MySpace and some via MP3.com (yes, really) which carried “Tokyo 6pm” into my ears and I was lost instantly.

In truth, I’ve already reviewed this album, although I can’t remember exactly who it was for (maybe for her label, Notochord?) It was providing a soundbite synopsis that pretty much said that this is crystal-sharp IDM and complete headphone-fuel. I meant it back then and I still mean it today.

There’s space here - open and modern like stark and hard white-grey architecture - but it’s a space filled with details that are reminiscent of Japanese technical design and wonderful emotive sweeps. Framing this is a real perfectionist focus on complex layers of accurately scattered percussion. These combine to make this one of my favourite albums, let alone IDM, providing what I generally term “coding music”. This describes tracks that for years I hadn’t identified a genre for, but eventually worked out were something along the lines of tech-step jungle and complex, minimalist drum’n’bass.

“Destroy you, with my robots”

Three of the tracks are remixes and are extremely high quality, making wonderful companions of the originals and blending right on in with the whole album. Semiomime’s remix of “Known Issues” makes me think we might be related as they know exactly what sort of drums I like.

Highlights

  • Glitter - this was my ringtone for ages until I hit the Mirror’s Edge soundtrack by Solar Fields
  • Known Issues (Semiomime remix)

Thursday 1 March 2018

Porting Inversion

Aldgate somewhere

Just recently I have been porting the Inversion libraries over to .Net Standard, such that they will be able to support the existing set of behavioural applications that make up the image delivery part of the Digital Library Cloud Service (see https://dlcs.info).

To do this I received some initial help from Robert Stiff (@UatecUK) to prove that the basics would work in the new execution environment, since it is vaguely exotic, having been based around the Reactive Extensions for .Net. Once we had ported the OWIN-based hello-world website across, I was convinced that I would be able to port across almost the entire application.

Last weekend I set about taking the ported versions of the libraries in https://github.com/guy-murphy/inversion-dev, giving them some basic metadata and publishing them to NuGet as .Net Standard 2.0 packages (and yes, I have Guy’s explicit permission to do this). This included the new web code that Robert and myself tested the proof of concept with which has been added as the Inversion.Web.AspNetCore package.

Next, I ported and published the libraries in Inversion.Data (https://github.com/fractos/inversion-data) into separate NuGet packages. This means that the different storage dependencies will remain separate in a target application.

Inversion.Extensibility (https://github.com/fractos/inversion-extensibility) was ported and published next, with a separate package for Inversion.Extensibility.Web.

Finally, I ported Inversion.Messaging (https://github.com/fractos/inversion-messaging) and packaged it separately, just as I had done for Inversion.Data.

It should be noted that each of these repositories has a separate "dotnetcore" branch for this code.

Things to do next:

  • add unit tests
  • add Travis CI scripting to build, pack and publish to NuGet
  • test the libraries work when imported!

Wednesday 21 February 2018

4 - 3 - Peter Gabriel

progressive… stuff

3

Look, I’ll be honest; there’s a lot of pretty weird stuff on this album, and I am aware that Peter Gabriel could be described as massively up themselves. However, when I first came across this album (and Security, I was an impressionable, slightly obsessive youth with a head full of magic and sci-fi. This was fuel. This fed that whirlwind. At the time, I didn’t know just how much heroin Gabriel was doing. Seems quite obvious now…

The backing tracks and effects on this album date from the dawn of synth technology, and also the beginning of some techniques like Phil Collins’ noise-gate clipped drum tracks. No cymbals were allowed during the recordimg, according to the wiki, on the basis that an “artist given complete freedom dies a horrible death,” so restrictions forming part of the creative process - a rebellion of sorts.

There’s a ridiculous roll-call of musicians on the album, including Tony Levin, Kate Bush, the aforementioned Phil Collins, Paul Weller and Robert Fripp, it’s no wonder that there are some good sounds going on. I’ve always loved Tony Levin’s bass techniques; they’re just so out there.

Highlights

  • Intruder - for its gated drums and creepy atmos.
  • I Don’t Remember - I’m totally in love with the bass guitar sound on this.
  • Not One Of Us - The intro and break are just beautiful.

Trivia

The version I first heard was my brother’s cassette copy of the vinyl record which had skips in places which made me think some friend of his, whacked into God-mode on acid, had put it together in a fit of genius, or it was an authentic home-run of a happy accident:

Peak-time viewing born in a flash
as I burn into your memory- skip
I burn into your memory- skip
I burn into your memory- click
-cells

Sunday 18 February 2018

3 - 10,000 days - Tool

progressive, psychedelic dark rock

10,000 days

Tool homepage

Quite late in the Tool canon, “10,000 days” sees them in full psychedelic rock flow, with quiet, noodly, introspective sections blossoming into complex, stoned soundscapes.

I’ve only had the stand-out track “Right In Two” on my phone for years, having given the full album a listen only a handful of times in the past. However, giving it another audition yields some different bits that I’m picking up on and I have restored the full track list to my working collection. I think maybe it was the rambling intro for “Lost Keys (blame Hoffman)” that originally did it, where a Doctor tries to get a patient to talk after presenting at an Emergency Room in a silent, troubled state. I guess it doesn’t feel quite so close to the bone now, so that’s progress, right?

Sunkist and Sudafed, gyroscopes and infrared

The sound they produce is immense; signature guitar setup pervades, the drums display various complex-timing trickery, and the chunky, intricate basslines, thick with harmonics, bounce around the low- and mid- range. Get a decent copy and bathe your ears in it.

Trivia

Two of the tracks - “Wings for Marie (Pt 1)” and “10,000 days (Wings Pt 2)” can be layered together to form a single song (see https://m.youtube.com/watch?v=EFjEp79zaNw) which has an interesting call-response thing going on.

Highlights

  • Right In Two
  • The Pot
  • Vicarious

MASSIVE UPDATE

It turns out that the packaging for the CD is EPIC - with a built-in stereogram viewer and about 15 illustrations.

Showing off the cover

Wednesday 17 January 2018

2 - 1/f - immune

progressive hard rock?

Bandcamp link

1/f

Once upon a stumbling around Bandcamp, I found immune linked from somewhere, referenced as an interesting, Tool-esque, British band to explore. Was not disappointed!

I don’t really know that much about them aside from that they went through a name change at some point - they are now known as Master & The Mule - but they have a talent for melodic, dark, progressive rock. It’s quite thoughtful, introspective, and only shouty when it really needs to be.

Highlights

  • Monkey
  • Selling Screen
  • Consume