The bullshitter has been indicted for secret payments to Stormy Daniels.

I think that paying her, as such, was not a crime. I think the crime was using campaign funds for this personal purpose, but I wish that were made clear.

Robert Reich rebuts the ways the wrecker will claim that it was unfair to indict him.

Comparing the US and other democracies in regard to how they treat criminal accusations against former presidents.

Posted Sun Apr 2 02:35:12 2023 Tags:

*Angry Fox News chief said [in 2020 that] fact-checks of Trump’s election lies "bad for business."*

Posted Sun Apr 2 02:35:12 2023 Tags:

Rep. Gaetz hired a convicted murderer as an aide. But not just any murder — that one murdered a prisoner of war in Afghanistan.

I expect that this was no coincidence — that Gaetz did this to demonstrate his support for political murder.

Posted Sun Apr 2 02:35:12 2023 Tags:
Posted Sun Apr 2 02:35:12 2023 Tags:

The Tories' planned law to punish refugees will especially punish those who have been enslaved and trafficked.

Posted Sun Apr 2 02:35:12 2023 Tags:

*Trump appointees interfered to weaken EPA assessment of [a type of PFAS].*

Biden reversed the damage they had done, but they remain in positions of authority in the EPA.

Posted Sun Apr 2 02:35:12 2023 Tags:

US citizens: call on Biden to appoint Kyrsten Sinema ambassador to Italy.

The proposal is ironic but I think it is seriously proposed.

Posted Sun Apr 2 02:35:12 2023 Tags:

US citizens: call on Attorney General Garland to automate marijuana pardon applications.

Posted Sun Apr 2 02:35:12 2023 Tags:

US citizens: call on Congress to reject the Republican plan to replace income tax with a big sales tax.

The result of that change would be to tax wealthy people much less and tax poor people a lot more. This is what sales taxes always do; we should get rid of them. The Capitol Switchboard numbers are +1-202-224-3121, +1-888-818-6641 and +1-888-355-3588.

If you phone, please spread the word!

Posted Sun Apr 2 02:35:12 2023 Tags:

US citizens: call on Biden to declare a climate emergency now. This would give him powers he could use effectively without Congress.

The White House comments lines are +1-202-456-1111 and (TTY/TDD) +1-202-456-6213.

If you phone, please spread the word!

Posted Sat Apr 1 08:55:39 2023 Tags:
The paleontology world is abuzz this week:

following the release of a new study which concludes that the tyrannosaurus rex, a massive bipedal carnivore that went extinct 66 million years ago, possessed soft, smoochable lips in addition to their absolute dump truck behinds.

"It's always been hypothesized that T-Rexes had ample junk in the trunk and a toothy grin, but aided by advanced computer modeling we can now conclusively say that they were indeed bottom-heavy sweeties with generous, lippy smiles," said Dr. John Mendez, head of Cretaceous Studies at the Royal Vancouver Museum.

"While it's common to depict T-Rexes as vicious predators with a mouth full of exposed teeth similar to that of an alligator or crocodile, our modeling suggests they actually would have been excellent kissers with a highly squeezable ass, if their tiny arms hadn't precluded the possibility of T-Rex-on-T-Rex ass squeezing."

Previously, previously, previously, previously, previously, previously, previously, previously, previously.

Posted Sat Apr 1 02:01:49 2023 Tags:
Twenty-Five years ago today, mozilla.org dropped the Netscape source code.

I covered most of this on my post in January about the 25th anniversary of mozilla.org itself, but I thought this date also deserved honorable mention.

Also, twenty-five years ago tomorrow was the first time that I rented a big nightclub and booked a bunch of DJs, bands and circus acts. Spoilers!

Previously.

Posted Fri Mar 31 16:14:18 2023 Tags:

(When I did an image search to try and find where this came from, all the results were trucks. This is the apocalyptic banality of "AI". Great job everybody.)

Posted Fri Mar 31 15:58:58 2023 Tags:

As of today, gitlab.freedesktop.org allows anyone with a GitLab Developer role or above to remove spam issues. If you are reading this article a while after it's published, it's best to refer to the damspam README for up-to-date details. I'm going to start with the TLDR first.

For Maintainers

Create a personal access token with API access and save the token value as $XDG_CONFIG_HOME/damspam/user.tokenThen run the following commands with your project's full path (e.g. mesa/mesa, pipewire/wireplumber, xorg/lib/libX11):


$ pip install git+https://gitlab.freedesktop.org/freedesktop/damspam
$ damspam request-webhook foo/bar
# clean up, no longer needed.
$ pip uninstall damspam
$ rm $XDG_CONFIG_HOME/damspam/user.token
The damspam command will file an issue in the freedesktop/fdo-bots repository. This issue will be automatically processed by a bot and should be done by the time you finish the above commands, see this issue for an example. Note: the issue processing requires a git push to an internal repo - if you script this for multiple repos please put a sleep(30) in to avoid conflicts.

Once the request has been processed (and again, this should be instant), any issue in your project that gets assigned the label Spam will be processed automatically by damspam. See the next section for details.

For Developers

Once the maintainer for your project has requested the webhook, simply assign the Spam label to any issue that is spam. The issue creator will be blocked (i.e. cannot login), this issue and any other issue filed by the same user will be closed and made confidential (i.e. they are no longer visible to the public). In the future, one of the GitLab admins can remove that user completely but meanwhile, they and their spam are gone from the public eye and they're blocked from producing more. This should happen within seconds of assigning the Spam label.

For GitLab Admins

Create a personal access token with API access for the @spambot user and save the token value as $XDG_CONFIG_HOME/damspam/spambot.token. This is so you can operate as spambot instead of your own user. Then run the following command to remove all tagged spammers:


$ pip install git+https://gitlab.freedesktop.org/freedesktop/damspam
$ damspam purge-spammers
The last command will list any users that are spammers (together with an issue that should make it simple to check whether it is indeed spam) and after interactive confirmation purge them as requested. At the time of writing, the output looks like this:

$ damspam purge-spammers
0: naughtyuser : https://gitlab.freedesktop.org/somenamespace/project/-/issues/1234: [STREAMING@TV]!* LOOK AT ME
1: abcuseless : https://gitlab.freedesktop.org/somenamespace/project/-/issues/4567: ((@))THIS STREAM IS IMPORTANT
2: anothergit : https://gitlab.freedesktop.org/somenamespace/project/-/issues/8778: Buy something, really
3: whatawasteofalife : https://gitlab.freedesktop.org/somenamespace/project/-/issues/9889: What a waste of oxygen I am
Purging a user means a full delete including all issues, MRs, etc. This is nonrecoverable!
Please select the users to purge:
[q]uit, purge [a]ll, or the index:
Purging the spammers will hard-delete them and remove anything they ever did on gitlab. This is irreversible.

How it works

There are two components at play here: hookiedookie, a generic webhook dispatcher, and damspam which handles the actual spam issues. Hookiedookie provides an HTTP server and "does things" with JSON data on request. What it does is relatively generic (see the Settings.yaml example file) but it's set up to be triggered by a GitLab webhook and thus receives this payload. For damspam the rules we have for hookiedookie come down to something like this: if the URL is "webhooks/namespace/project" and damspam is set up for this project and the payload is an issue event and it has the "Spam" label in the issue labels, call out to damspam and pass the payload on. Other rules we currently use are automatic reload on push events or the rule to trigger the webhook request processing bot as above.

This is also the reason a maintainer has to request the webhook. When the request is processed, the spambot installs a webhook with a secret token (a uuid) in the project. That token will be sent as header (a standard GitLab feature). The project/token pair is also added to hookiedookie and any webhook data must contain the project name and matching token, otherwise it is discarded. Since the token is write-only, no-one (not even the maintainers of the project) can see it.

damspam gets the payload forwarded but is otherwise unaware of how it is invoked. It checks the issue, fetches the data needed, does some safety check and if it determines that yes, this is spam, then it closes the issue, makes it confidential, blocks the user and then recurses into every issue this user ever filed. Not necessarily in that order. There are some safety checks, so you don't have to worry about it suddenly blocking every project member.

Why?

For a while now, we've suffered from a deluge of spam (and worse) that makes it through the spam filters. GitLab has a Report Abuse feature for this but it's... woefully incomplete. The UI guides users to do the right thing - as reporter you can tick "the user is sending spam" and it automatically adds a link to the reported issue. But: none of this useful data is visible to admins. Seriously, look at the official screenshots. There is no link to the issue, all you get is a username, the user that reported it and the content of a textbox that almost never has any useful information. The link to the issue? Not there. The selection that the user is a spammer? Not there.

For an admin, this is frustrating at best. To verify that the user is indeed sending spam, you have to find the issue first. Which, at best, requires several clicks and digging through the profile activities. At worst you know that the user is a spammer because you trust the reporter but you just can't find the issue for whatever reason.

But even worse: reporting spam does nothing immediately. The spam stays up until an admin wakes up, reviews the abuse reports and removes that user. Meanwhile, the spammer can happily keep filing issues against the project. Overall, it is not a particularly great situation.

With hookiedookie and damspam, we're now better equipped to stand against the tide of spam. Anyone who can assign labels can help fight spam and the effect is immediate. And it's - for our use-cases - safe enough: if you trust someone to be a developer on your project, we can trust them to not willy-nilly remove issues pretending they're spam. In fact, they probably could've deleted issues beforehand already anyway if they wanted to make them disappear.

Other instances

While we're definitely aiming at gitlab.freedesktop.org, there's nothing in particular that requires this instance. If you're the admin for a public gitlab instance feel free to talk to Benjamin Tissoires or me to check whether this could be useful for you too, and what changes would be necessary.

Posted Tue Mar 28 09:30:00 2023 Tags:
Hollywood is abandoning Covid precautions everywhere but black tie events.

According to the dominant narrative of film and TV over the past three years, Covid-19 never happened and is still not happening, despite a global death toll of nearly seven million within three years (and counting, plus tens of millions disabled). It's as if Covid has had no effect on the world whatsoever. [...]

Zone A is all performers and background actors and all employees who are present; there is no distancing or masking, and the zone is described as "a bubble encasing closely vetted vulnerable people." Vaccinated Zone A workers must test three times a week, including a required PCR test, with additional testing if scenes require intimate contact or "exertion."

Zone B are crew who work on set but don't get close to unmasked members of Zone A; masking is required and specific to N95's and above, and Zone B must also test three times a week with one being a lab PCR. Zones C and D are not allowed contact with Zone A. [...]

Zone A goes out of its way -- to its own detriment, as we're witnessing -- to avoid modeling Covid-safe behaviors, providing no explanation or context [...] Hollywood was contorting itself behind the scenes to prevent and avoid Covid in productions as well as award events. Yet simultaneously it became evident that Hollywood was very conspicuously erasing one of the greatest humanitarian crises of the twenty-first century from all dominant film, TV, and pop culture narratives. [...]

Actors, film and TV makers, and content creators have been perpetuating a fantasy for nearly three years that there is no pandemic. No "present day" shows or films acknowledge the real present day. By pretending in real life there is no pandemic in films and TV, no public health crisis affecting every corner of everyone's lives, no massive global event disabling our friends, putting our grandparents in coffins, and making our babies sick, we are being denied our ongoing collective experience.

We're being gaslit and mocked by the very people we're looking to for some relief in all of this. We're being robbed of our collective grief.

But hey, Tilda Swinton seems fine.

Previously, previously, previously, previously, previously.

Posted Tue Mar 28 02:35:07 2023 Tags:
Eric Meyer:

Today I learned about Mozilla's new AI startup from my gas pump. Stop the future, I want it to be less stupid.

We go now live to Mozilla HQ:

Previously, previously, previously, previously, previously, previously, previously.

Posted Fri Mar 24 22:15:57 2023 Tags:

Police Sue Afroman for Using Home Raid Footage in Music Videos:

In August 2022, police in Adams County, Ohio raided the home of Joseph Foreman -- a.k.a. Afroman -- on unfounded suspicions of drug trafficking and kidnapping. In brilliant retaliation, the "Because I Got High" rapper used home security footage of the raid and referenced it in multiple music videos. Now, seven officers have sued Afroman for allegedly invading their privacy.

Local news outlets report that the plaintiffs -- four deputies, two sergeants, and a detective -- are claiming Afroman took footage of their faces obtained during the raid and circulated it without their consent, which is a misdemeanor violation under Ohio Revised Code. They're also suing on civil grounds, claiming they've suffered "emotional distress, embarrassment, ridicule, loss of reputation, and humiliation." [...]

"They come up here with AR-15, traumatize my kids, destroyed my property, kick in my door, rip up and destroy my camera system," Afroman said of the raid at the time. The officers took a number of items from his home, including about $5,000 in cash.

Previously, previously, previously, previously.

Posted Fri Mar 24 22:05:32 2023 Tags:
This photo of the DNA Lounge roof being constructed was taken one hundred years ago, on this day in 1923:

And pictured in this slightly earlier photo is the fellow who built this building, Dave Lerer, who was our current landlord's grandfather. He's the one in the dapper waistcoat.

So that was 54 years as a warehouse and foundry; then 8 years as a bar; then 38 years as DNA Lounge!

More details on the 1906-1998 page.

Posted Thu Mar 23 18:00:08 2023 Tags:

Please enjoy jwz mixtape 239.

Posted Wed Mar 22 18:43:34 2023 Tags:
The white panel between the wheels of this truck is called a "Lateral Protective Device", and its purpose is to prevent people, bicycles, motorcycles and small cars from getting sucked under the truck's rear wheels when it swerves into them:

This second safety device must serve a similar function, but I can't quite put my finger on it:

I pass this truck all the time. It seems to spend hours almost every day parked in front of the Flower Mart with its engine running the whole time.

Posted Mon Mar 20 22:28:34 2023 Tags:

Planet Debian upstream is hosted by Branchable.