Why Linux is not to be trusted

From a recent Wired article:

THE DEVELOPER OF a popular open source package has been caught adding malicious code to it, leading to wiped files on computers located in Russia and Belarus. The move was part of a protest that has enraged many users and raised concerns about the safety of free and open source software.
The application, node.ipc, adds remote interprocess communication and neural networking capabilities to other open source code libraries. As a dependency, node.ipc is automatically downloaded and incorporated into other libraries, including ones like Vue.js CLI, which has more than 1 million weekly downloads.

Two weeks ago, the node.ipc author pushed a new version of the library that sabotaged computers in Russia and Belarus, the countries invading Ukraine and providing support for the invasion, respectively. The new release added a function that checked the IP address of developers who used the node.ipc in their own projects. When an IP address geolocated to either Russia or Belarus, the new version wiped files from the machine and replaced them with a heart emoji.

To conceal the malice, node.ipc author Brandon Nozaki Miller base-64-encoded the changes to make things harder for users who wanted to visually inspect them to check for problems.

Translated to common language, the open source community is motivated by ideology, not money. Since they are motivated by ideology, they constantly need to find “noble causes” and “change the world”. In this case, one such “noble individual” decided that the “noble cause” is to support Ukraine in its valiant struggle for fascism, theft, corruption and enrichment of criminals, and against Russia, and modified a popular open source project by adding malware that damages user data if the IP address is in antifascist countries. The code was base-64 encoded in order to prevent visual detection.

Now – if we have in mind that the supposedly “open source” projects are hardly ever peer-reviewed in normal times, because there are too many projects, and nobody really wants to bother with it because it’s assumed that, because the code is open to inspection, it actually is constantly inspected and reviewed – the fact remains that hundreds or thousands pieces of malware, carefully encoded to hide their real purpose, can be scattered across all sorts of open source projects, maintained by one or two actual developers who do all the work on the project while the “reviewers” will seldom give the source code even a passing glance, those project maintainers are starved for money and therefore easy target for bribery by governments or corporations, they are also possibly sensitive to other forms of pressure/blackmail, and then there are those who are ideologically motivated, in the sense that they, like all godless people, live empty and worthless lives and want to pretend that their lives matter and that they make a difference by contributing to the cause of the day. There’s absolutely no reason why I would assume that open source projects are trustworthy, which means I would have to either personally go through them – for which I lack both time and motivation – or trust someone who will provide oversight, in which case quo custodiet ipsos custodes?

I told the packet manager in the Linux distro I use to list all the installed packages and there were 2147 of them, and I inspected source code in exactly 0 of those. If n (where n,o,p > 0) % of all contributors were sensitive to ideological virtue-signalling, o% were sensitive to money issues and p% were sensitive to blackmail, how many hidden pieces of malware could they have hidden in there, carefully masked by either obfuscation, function by omission or function by interaction with other pieces of the puzzle, which is all very hard to detect?

Basically, if I want something that will work reliably in all kinds of scenarios, Linux and other open source solutions are arguably no better than the proprietary ones; they just have different sets of issues, which is why I try to average-out by using all the available platforms and maintain sufficient proficiency in all of them to be able to instantly platform-hop if one of them is disabled.

Enslavement through convenience

Apple recently created the new generation of laptops that are, performance-wise, the ideal machine to replace my aging 15” mid-2015 Macbook Pro, in the role of a desktop replacement heavy lifting photo editing machine. They also recently released the Mac Studio desktop which is almost exactly what I would want as a desktop machine. Did I just go out and buy them immediately, the way I did some other things they made before? Heck no. Instead, I started moving away from Apple gradually by buying a Lenovo Legion 5 pro gaming laptop; earlier I already upgraded my desktop machine to Ryzen 5900X, so that beast is very unlikely to need any kind of replacement or an upgrade in the next four years, meaning it’s likely to outlast both myself and human civilization.

What made me “fall out of love” with Apple is the fact that they are at the bleeding edge of the political censorship movement based in America, and are basically the most likely company to disable your computer by a remote command if you find yourself in a “political dissident” camp; basically, if you’re not a complete sheep toeing the official American main stream media line prescribed by the CIA. Having in mind my political stance, I’m an obvious target, and I don’t really feel like making it easier for the CIA to shut me out; sure, I have lots of Apple gear, and I have “cloud” accounts with other American vendors. However, I have a sufficient number of backups; I can trivially get a Huawei phone which is already de-nazified, and I already have several older SSD drives with Linux pre-installed, so that I wouldn’t have to go online in order to be able to go online; I would just have to plug an USB stick into the machine and boot a live Linux distro, or, if I wanted to get serious, plug the SSD into the machine and have an instantly-working pre-configured OS where I just install the certificates and encryption keys and I’m up and running within five minutes. Let’s say a paranoid old bastard like myself is not the easiest conceivable target. They would have to really try, it’s not like they can lock my Apple account and I’m out. I’m certainly not going out of my way to make things easier for them by having an all-Apple ecosystem. Sure, it’s very convenient in peacetime environment where you agree with everything the CIA wants you to agree with, but let’s put it this way. By having a non-Apple system, I miss out on things like the iMessage or the iCloud integration. Big deal, I have to get the Macbook if I want to write lots of text messages. If I switch to Linux, it’s more of a hassle, because a certain percentage of things won’t work properly, I will have to use a different, somewhat inferior password manager, and I won’t have Lightroom so managing my photo library would become a real pain in the arse. Other than that, everything will work, because the way I have my Windows and Mac system configured is basically to work like Linux with Adobe apps running on it. Whenever it’s possible, I use the most direct possible way of controlling things, such as copying files over the network using ssh instead of the high-level services, so the moment I get the ssh terminal and the web browser running, I have everything I need. Would I run Linux preferentially over Mac OS or Windows during peacetime? Heck no; too many things are wrong with it. Would I run it if the commercial options start waging technological warfare for America? Heck yes. Also, I did it for five years in a row at one point so it’s quite easy for me to find my way around, especially since I have a current Ubuntu distro running in WSL on all my Windows machines, I run Linux on both my servers, on a home staging server, and I use the Mac the way I would use a Linux distro where the window manager isn’t actually crap.

Besides, I’m quite shocked by the amount of user-unfriendliness of the current Macs, to the point where you can’t even replace the monitor cable on the new Studio display, and you can’t add/replace SSD drives or add RAM on a Mac Studio which is a machine targeted at professionals. I understand that you can’t do it on a Macbook Air, but on a desktop machine? On a thick Macbook Pro, targeted at professionals? And the entire thing is deliberately designed so that America can pull a plug with a single command and you’re out. Russia recently found out what it’s like to implicitly rely on “international” services which are essentially all American-controlled, and you find out that you have tractors and harvesters from John Deere that are designed to be maintained only by the manufacturer, so that when you’re sanctioned by America, your agriculture stops working. Fuck that shit. I want to have a car that doesn’t “phone home” to tell its American masters where I am and what I’m doing so that they can brick it in case they don’t “support” my way of thinking and want to “cancel” me. I don’t want a phone or a computer that requires someone’s approval in order to keep working. Sure, it’s very difficult to get out once you get comfortable in the American ecosystem, but I’m at least keeping a foot out. That’s why I bought a laptop where I can add or replace drives, add or replace RAM modules, it’s designed so that I can open it and make upgrades, and I can just replace the OS with something that doesn’t require political compliance in order to work.

Oh BTW, when Americans figure out that half of the world hates them, they think it’s because of their “freedom”. Well fuck you and fuck your “freedom”. Everything you make is a slave-control device. That’s not what you do if you’re interested in freedom, that’s what you do if you want to keep everyone else as your slave. Anyone who wants freedom today would need to make a list of everything they own and use that is controlled by America, put it on a heap and burn it.

Useless technologies

Maybe I’m getting old, but as someone who’s been living on the bleeding edge of technology since 1984 or so, and early-adopting all kinds of gadgets, there are increasingly more things that leave me indifferent, or I actually find them annoying. Let me cite some examples.

  • Smart watches. I saw how they work, said “meh”, never got one. Instead, I use a very classic mechanical watch. It is a very elegant piece of technology that is powered by hand motions, is easily serviceable and lasts for a very, very long time. Also, it isn’t landfill fodder.
  • Social media. Strictly speaking not a gadget or a tech artifact, but I see the entire phenomenon as extremely worrisome, and it does kind of function as the spirit behind lots of gadgets. My main problems with social media are that they are corporate-owned, and as such have a chokepoint of censorship, where a political group can take control of the company, which is relatively easy, and then basically control behavior of billions. Also, they promote groupthink and mobbing, and, by definition, reduce people to very simplified patterns of thought and emotion. Absolutely none of that is a good thing. I certainly don’t object to people communicating online, and it is definitely possible to create very constructive forums, but the general trend is that Facebook, Google, Twitter and others are implementing political censorship and reducing the level of human mental diversity and complexity.
  • Virtual/hybrid reality devices. The only place where I can see use for them are driving/flight simulators. For everything else, they are just a great way of getting motion sickness.
  • Mobile apps that are essentially just single-website browsers. Just use the web browser to go to that site and there’s your “app”. Pointless. Also, dedicated media library apps. A better version of this is called a file system and a media player.
  • Appliances with Li-ion batteries built in, with no apparent thought given to servicing or replacement of the battery, which shows that the device’s useful life is obviously limited by that of the battery. It’s an obvious example of wastefulness and planned obsolescence. I’m talking about electric shavers, vacuum cleaners, toothbrushes, smartwatches, digital styluses, earphones/headphones, phones, tablets, laptops etc. It’s not that I object to things not being tethered to a wall with a power cord, but just make batteries that are standard, modular and easy to replace and recycle, thank you.
  • Electric cars, but shortage of electricity. It’s not that we don’t have designs for safe and efficient nuclear power plants. Thorium-molten-salt technology that uses liquid nuclear fuel not only is safe (it’s trivially easy to make it fail in a safe manner without causing meltdowns), it also uses radioactive waste from our solid-fuel plants as fuel, basically transmuting everything into either fissile or inert form. The technology is absolutely awesome, but you don’t hear the “eco” leftists talking about it, because all they care for is stupid and toxic shit such as the windmills and solar panels. It’s all weak, inefficient and unreliable garbage. The only things that are actually great are geothermal and nuclear plants, and you can define geothermal plants as nuclear plants using unconcentrated nuclear fuel in-situ, because the Earth heat is nuclear in origin. Electric cars are not “clean”, they are toxic garbage, and they don’t use a “clean” or “abundant” resource, because electricity can be both dirty and scarce, and, thanks to the leftists, it is increasingly more so. Power the entire civilization with liquid fuel fission reactors, and power the cars with modern isotope sources instead of those huge, heavy and fragile Li-ion batteries, and then we can talk about electric cars. Safety-wise, I would rather have a nuclear reactor than a Li-ion battery in my car, and as for the solar panels and windmills, has anyone given any thought to their lifespan, recycling requirements and ecological impact? Thought so.
  • Hipster tech. Here I’m thinking about film cameras that intentionally produce inferior pictures because it’s “retro”, or using vinyl records mastered from digital sources because it’s “analog”. That’s just affectation.
  • Podcasts and video. I don’t object to those as such, but when a guy online makes a video in which he basically shows stock footage and reads from a script, it might as well be an article in textual form. Reading is a thing.
  • Nuclear fusion. Stop trying to make that work, it works only when gravity provides containment for free, i.e. in the stars, but when you have to create containment yourself, it’s extremely expensive which makes the whole idea ineffective, dirty, cumbersome and fragile. It’s also not “clean”, it produces as much radiation as nuclear fission, it’s just that the nuclear fuel is gaseous, and not solid or liquid. Liquid nuclear fuel used for fission solves all the problems of solid-fuel fission reactors, and remove all the complexity, difficulty and cost associated with fusion.

Basically, I find it annoying when people who discard a technology that consumes nuclear waste to produce clean electricity, in favor of technology that consumes rare elements to produce chemical waste and dirty electricity, have some incredible urge to lecture everybody about environmental impact. Also, I find it annoying when people who can’t write a web application to save their lives think they are tech savvy because they have all the social media apps on their phones. Also, I find it annoying when people who virtue signal online about the evils of “capitalism” and “consumerism” prefer to buy a locked-in unserviceable device because it’s “more elegant”, and they also bully people who still use an older device because they are “poor”. Also, they use hipster tech, but ridicule “boomers”, without actually knowing what a “boomer” is, only that it’s someone older than they are, with an assumption that they are the smartest generation because they have smartphones and stuff. But the old guys who made them their fucking smartphones, they are stupid and “out of touch with the modern things”.

It is also my impression that we are witnessing a historically unique phenomenon where the younger generations are significantly less tech-savvy than the ones before them. Basically, the WW2 generation went to the Moon, the baby-boomers invented IT, my generation invented all the IT infrastructure that runs on top of that, and the younger generations basically just use it all to exchange memes online. Basically, the level of intellectual degradation is visible from the prevalence of conspiracy theories that cast doubt on the existence of all kinds of things that were obvious to the generations before. I’ve seen all kinds of nonsense – Moon landings aren’t real, space tech isn’t real, Earth is flat, nuclear weapons aren’t real.

All I can say to this is, idiocracy is real.

Hardware upgrades

Every time I write an article about how I don’t need a new computer because my old one works just fine, you know what’s going to happen next. 🙂

I basically concluded that I’m spending too much mental energy arguing with myself that I don’t need to spend money on new computers despite the fact that most of my gear is 4-5 years old and old computers are neither fast nor reliable, and for someone like myself who does basically everything with computers, it’s not the best idea to keep the old stuff for too long, because it increases the probability of random failure, so preventative maintenance in form of replacing the workhorse machines every 5 years at max is simply a reasonable thing to do.

So, I got both a new laptop and a desktop upgrade kit; I upgraded the desktop to Ryzen 5900X with 64GB of RAM, and I got a new M1 Macbook Air. The desktop thing is obvious – I basically replaced the motherboard, which was actually producing issues with sound going mute for a second every now and then, which must be a USB issue since my sound works through s Schiit Modi 3 DAC connected via USB, and not the built-in audio. The issue went away with motherboard change. I also got rid of the DDR3 RAM, which was running at 1600MHz, and I got a high end CPU. Basically, in most things I do it conformed to my predictions – it’s no faster in normal desktop use than my old system, but Lightroom runs significantly faster, and I actually use 44GB of RAM under serious load, so 64GB is not overkill.

As for the laptop, the 15” Mac was not the best match for my usage case (too big and awkwardly shaped for writing books/articles in my lap), so I bought an Asus Zenbook ultralight a couple of years ago, because the new Air had shit keyboard and shit CPU, and it cost significantly more, but the screen and battery on the Zenbook were sub-par, and I prefer Mac OS on the laptop, so I got the new Apple Silicon Air now, which is fast, has great keyboard, touchpad and screen, and the battery life is better than anything I could imagine existing on a laptop. I managed to compile the GNU tools I needed in Macports, and unless I need a dedicated portable Lightroom machine later on, I’m done with hardware now and I can go back to blissfully ignoring it into the foreseeable future. Basically, I replaced both my old laptops with a single new one, except for Lightroom on a vacation, where the 15” Macbook pro will continue to be used, due to bigger screen and more RAM, which make it a superior photo editing machine. The new Air has sufficient resources for everything other than Lightroom, which is a specialized task that requires so much more resources it just makes no sense to try and cram it all into an ultraportable, especially since the screen size is one of the main limitations, and for everything else that I do the Air is as fast as the new Ryzen desktop.

About hardware reviews

I’ve been watching the hardware reviews on YouTube pretty much regularly for the last couple of years, and I see a clear trend there.

Remember those commercials on TV where the host is super-excited about the set of knives he’s trying to sell you, or some kitchen appliance, or some additive for automotive oil? Yeah, that’s those supposedly freelance PC hardware reviewers. They are the new kitchen appliance salesmen.

That doesn’t say they are completely useless. If you’re interested in what they are trying to sell you, they are quite informative, or otherwise I wouldn’t be watching them, but never in a million years should you forget that they are basically an arm of the advertisement sector. Their revenue stream comes from generating interest for what they are presenting, and interest, for the product manufacturers, means increased sales, so there is a clear motive for the manufacturers to funnel their advertising budget to the hardware reviewers who can generate the most useful form of customer interest, which can be described as “enthusiasm for the product and the brand”.

One of the ways of creating enthusiasm for what they are trying to sell you is to create a perception that we live in a parallel universe where your current computer is slow, and you really need an upgrade. An excellent example of this is a video I watched just now, basically saying that the new thing Apple released is so good, everything else is a steaming pile of garbage and you should get the shiny new gadget in order for your life to have meaning and purpose. Yawn.

Let’s put things into perspective, shall we? The computers have been an absolute overkill for the last several years. Laptops and desktops with Intel Haswell CPU, released in 2013, if they are equipped with a good SSD and GPU, are blazingly fast. I have a Haswell Macbook pro 15” and I use it to edit photos when I’m away from home, and the stuff I’m doing with it isn’t trivial – some of it is creating panoramas of more than 10 RAW files from a 24MP camera in Lightroom – and guess what, it’s fast and great. I have absolutely no complaints on its performance, unless we’re talking about GPU. Sure, I’ve seen and worked with nominally faster computers, but for the most part “fast” is a number in a benchmark, not something you actually feel. If you’re running a task that really takes a while, such as re-indexing an entire catalog in Lightroom, it’s going to take hours no matter what hardware I use. Whether it takes two or four hours is quite irrelevant, because that’s an operation I do once in a few years, and when I do it I just leave the computer overnight to do its thing, and it’s done in the morning. I’m certainly not going to sit behind it for hours with a stopwatch, and no, upgrading hardware isn’t going to make it exponentially faster, because it needs to load tens of thousands of RAW files and create JPEG previews for all of them, and that’s such a massive workload it doesn’t really matter if your computer is twice as fast, because it’s still taking hours. In normal operation, the difference between fast and faster is measured in tenths of a second. There’s no feeling of “OMG this new one is so fast, my old one is garbage”. It’s “oh, nice, it’s somewhat snappier, you almost kinda feel the difference if you really try”. I’ve seen a double blind test of SSD speed between SATA, NVMe and the new gen-4 NVMe, where people who actually work with those things professionally all day all guessed wrong trying to guess which is which, because it’s all fast enough for whatever you have to do, and a 10x difference in benchmarks is imperceptible by the user. How can that be, you might ask. Well, as I said, computers have been very good for the last ten years or so, and once you have an SSD and a GPU competent enough for the resolution and refresh rate of your monitor, you’re not going to perceive any lag in normal use. Sure, the benchmarks are going to show bigger numbers, but it’s like speed and acceleration – you don’t perceive speed, you perceive only acceleration. It also depends on the task you’re using it for. For instance, I use a Raspberry Pi 3B+ as a local backup and development server, and I don’t perceive it as “slow” for what it does; it runs a development copy of this server, and I use it to test code before I deploy. It doesn’t even have an SSD, just a microSD memory card and an USB thumb drive. Why don’t I use something faster, like a Raspberry Pi 4? It uses more power, so I would be hesitant to leave it always on, so it would be worse for the purpose. The same goes for the NUC – it’s faster, it’s better in every conceivable way, but it doesn’t matter for the intended purpose. If something is fast enough, faster doesn’t mean better, it means “meh”.

I’m in a weird position where most of my computers are more than 4 years old, all the YouTube salesmen are trying to sell me expensive new and shiny hardware, and if I listened to them and replaced all my “garbage” hardware, it would cost me enough to buy a car, and it would produce exactly zero perceivable difference in practical use for the things I do. One reason for that is that I actually did upgrade things that matter to me – the SSD in both my Macbook Pro and my desktop PC is a 1TB Samsung 970 EVO NVMe. If you know tech, you know how fast that thing is. I have 32 GB of RAM in the desktop, the monitor is a huge 43” 4K thing, and the GPU is powerful enough to run games at the monitor’s refresh rate in the native resolution; and yes, it’s completely silent in normal operation. That thing is essentially un-upgradable, because whatever you change you don’t really get a better result, you just waste money. The same goes for the Raspberry pi server: I have a NUC here I could replace it with, so it’s not even a matter of money, it’s a matter of why the fuck would I do that, because it would do the same tasks equally well. At some point, upgrading feels like changing your dishwasher just because there’s a new model. No wonder the YouTube salesmen are trying so hard to create enthusiasm for the whole thing, because it’s really, really hard to give even the slightest amount of fuck at this point.