US citizens: call on Congress to defund the bully's border wall.

If you sign, please spread the word!

Posted Thu Jan 23 00:00:00 2020 Tags:
Posted Wed Jan 22 00:00:00 2020 Tags:

*Beetles and fire kill dozens of 'indestructible' giant sequoia trees.*

Mature, healthy trees are proving vulnerable in ways that didn't happen before.

Posted Wed Jan 22 00:00:00 2020 Tags:

The UK sentences Islamist extremists to longer prison terms than right-wing extremists, for similar crimes. Three times as long, on the average.

The UK does not fully recognize freedom of speech, and some of the crimes in question involve posting extremist opinions and nothing more. I condemn those opinions, but imprisoning people for their opinions is dangerous too.

Posted Wed Jan 22 00:00:00 2020 Tags:

The IRS has terminated its commitment not to release its own tax-filing software. Does this matter?

When the article says "free", it means "gratis" — zero price. The gratis digital filing options offered by companies almost surely require the user to run a nonfree program. (Can anyone check the facts for me?). In addition, they require trusting the company with your personal data.

A gratis digital filing option from the IRS won't require trusting a company with personal data, but no other improvement is assured.

The IRS would be able to release it as free/libre software, but we can't expect that to happen by itself. More likely it will release that software in the unjust way most software is released. A nonfree program is equally unjust whether it comes from a company or a government agency.

We will need to urge, perhaps pressure, the IRS to respect taxpayers' computing freedom by releasing free/libre tax-filing software.

Posted Wed Jan 22 00:00:00 2020 Tags:

Florida's citizens voted to allow ex-cons convicted of felonies to vote, so the Republican legislature found an excuse to block 80% of them: requiring them to pay all their fines and court fees first.

There is no record of what any ex-con owes, so those who wish to pay these fines and fees have no way to make sure they have done so.

Posted Wed Jan 22 00:00:00 2020 Tags:

*Brazil culture secretary forced out after appearing to paraphrase Nazi Goebbels.*

Bolsonaro often appoints ministers for sharing his extremist ideology.

Posted Wed Jan 22 00:00:00 2020 Tags:

It looks like nothing will convince Australian PM Scott Morrison to stop trying to convert Australia and the rest of the world to ashes. How can Australia bypass his power and protect itself?

Posted Wed Jan 22 00:00:00 2020 Tags:

*Germany will pay billions to speed up coal-fired power plant shutdowns.*

It is important to shut down the coal-burning plants, but the idea that electric utilities should not have to pay any part of the cost of this change seems unfair to me. If it is a matter of supporting the poorer eastern regions of Germany, the support should go to those regions and their people, not to electric utilities.

Posted Wed Jan 22 00:00:00 2020 Tags:

Putin's plan to reduce the president's power seems designed to transfer the power to other offices which he could hold for the rest of his life.

Posted Wed Jan 22 00:00:00 2020 Tags:
Mystery Flesh Pit National Park:

As the name suggests, it's a giant flesh tunnel opening through the Earth's epidermis, dermis, hypodermis, and more, revealing colossal esophagi and leviathan spleen. As you descend, you may encounter "spasm fits" and "gastric ejecta" or feel your bodily moisture being "leeched." Deviate from the marked trails and you risk digestion, lethal entanglement with "Macrobacteria" and "Abyssal Copepods," or a splattering of "amniotic secretions."

Feast your eyes upon it, O mortal.

D̷̺̕ȯ̸̗ ̸͈͂y̷"̚o̵͐͜ü̷͖ ̶͉͑f̷̓͜e̴̻̒ḛ̴̆l̷̩̊ ̴͕͆i̸͕̒ẗ̶̖́ ̴̤͠b̵͎̽e̵̖͛c̵̤̆k̸̦̈́ȍ̵̱n̴̟͊i̴͖̅n̴̦̐g̷͖͘?̸̼̍

Roberts describes the MFPNP as such:

The Mystery Flesh Pit is the name given to a bizarre natural geobiological feature discovered in the permian basin region of west texas in the early 1970s. The pit is characterized as an enormous subterranean organism of indeterminate size and origin embedded deep within the earth, displaying a vast array of highly unusual and often disturbing phenomena within its vast internal anatomy.

Following its initial discovery and subsequent survey exploration missions, the surface orifice of the Mystery Flesh Pit was enlarged and internal sections were slowly reinforced and developed by the Anodyne Deep Earth Mining corporation who opened the Pit as a tourist attraction in 1976. In the early 1980s, the site was absorbed into the National Park System which operated and maintained the Mystery Flesh Pit until its sudden closure in 2007.

Previously, previously, previously, previously, previously, previously, previously.

Posted Mon Jan 20 10:12:34 2020 Tags:
Sometimes you don't realize that you have a question until you've seen the answer. In this case, "When your building is this aggressively hideous, how do you clean the windows?"

The answer, I'm guessing, is "badly".

Previously, previously, previously, previously.

Posted Sat Jan 18 04:08:31 2020 Tags:
We have a new monthly live synthpop event starting tomorrow called Star Crash. it promises to be a good time, and the opening lineup is great! Here's what they have to say for themselves:

S T A R C R A S H

Live sets by Bay Area artists Sophia Prise, Vice Reine, Host Bodies & Containher. Live visuals by Fetz.

Announcing STARCRASH: a new monthly party, every Third Thursday in 2020 at DNA Lounge, starting January 16. It will feature live performances by established & emerging musicians from the Bay Area & beyond in an array of electronic genres including synthpop, indie dance, indie pop, synthwave, electroclash, chillwave, and more.

Influenced by cult/sci-fi cinema, Starcrash will be a ritzy, glitzy affair bringing campy, over-the-top futuristic glamour to one of SF's most beloved night clubs, DNA Lounge. Starcrash seeks to bring together & build on the existing synth music community, elevate local artists, and give real-world context to music that exists increasingly adrift in a digital world of streaming & social algorithms.

Starcrash is led by booker/promoter Remi X. DeVice (frontwoman of SF-based synthpop trio Vice Reine) along with April Gee (Containher, Synthesthesia, the Labyrinth Ball) & Leanne Kelly (New Spell). Remi X. says of the inspiration for Starcrash: "We want to unite local synth musicians and music lovers in a beautiful club every month as we create our own "cinematic universe". Starcrash is about pushing forward to create the world we want to see... to a future that isn't terrible... or at least having a hell of a party as it all goes down."

Get your tickets now! You can also win tickets at Do The Bay. It's at #4 on their list right now, so give it an up-vote, won't you?

This week we also have three official Wobbleland pre- and after-parties, on Thursday, Friday, and Saturday, if the wubbity wubbity wubwubwubstep is more your jam. Secret line-ups to be announced late on the day of each show. (Ticket prices will be going up...)

And also this Saturday afternoon, we're hosting the West Coast Classic Beard & Mustache Championship. It's like a hair show, but from the nose down! This should be quite a thing to see.

Finally, always close with a poop joke.

I must share this video of, as Boing Boing put it, "Magnificent steel toilet flushes forty golf balls with ease." Turn the sound up, you won't be disappointed. This looks to be the same model as our toilets; if not, it's the same design.

HOWEVER, I can tell you for sure that these feats of plumbing excellence have little to do with the toilet: it's all about the drains. Toilets, like the Internet, are a Series of Tubes.

Remember that time we flushed a video camera? And remember that time you flushed your cell phone?

People give our toilets a lot of shit, but let me remind you that they are all twenty years old and they all still work! That's really quite impressive. These days you're not likely to find any appliance with that kind of stamina. Or even one that won't gleefully sell you out to a Moldovan botnet.

Posted Wed Jan 15 21:44:25 2020 Tags:
I just received this email from Apple, in response to a bug that I reported against Xcode 2.2 in 2006. That's fourteen years.

Date: Wed, 15 Jan 2020 10:38:45 -0800
From: donotreply@apple.com
To: jwz@jwz.org
Subject: Information about your feedback 5373417

Hi Jamie,

Thank you for your feedback.

There have been many changes in Apple platforms since this was filed. If your feedback is still relevant to current software, please update this feedback with recent diagnostics, sample code and screenshots, as appropriate. Otherwise, please close your feedback.

Feedback ID 5373417, want $ACTIVE_TARGET read-only build setting 4431417

Do not reply to this email. Please login to Feedback Assistant to view this request.

Previously, previously.

Posted Wed Jan 15 18:57:27 2020 Tags:
Dear Lazyweb,

Can anyone give me working instructions on how to mitmproxy the Instagram app, from macOS, using either a real iPhone, or an emulated Android or iOS device?

When I proxy the iOS version, Safari and Twitter work, but Instagram says "Couldn't refresh feed" or sometimes "no Internet connection". It's detecting the proxy somehow. Maybe cert pinning?

It appears that there are people out in the world successfully proxying it on Android, but I can't figure out how to proxy the Instagram app in an Android emulator. There are instructions to make proxying work with non-Chrome apps, and those involve doing "adb root", but that doesn't work on Android installs that have Google Play on them, and without Google Play, how do I get the Instagram app installed in the emulator at all? (Note, I know nearly nothing about Android.)

Previously, previously.

Posted Mon Jan 13 20:41:07 2020 Tags:
It's Apple Pass Type ID Certificate Renewal Day, so let me share with you what a spectacular shitshow that is.

The DNA Lounge store sends you an Apple Wallet Pass when you buy a ticket. For the end user, it's a good system: your ticket pops up on your lock screen when you arrive at the club. I wish more businesses used it. (Looking at you, Alamo.)

But given how hard Apple makes it, I'm not at all surprised that more people don't.

If anyone sane were designing this, the API would be something like: "load this URL to put a JPEG in the special photo gallery that you can access without unlocking your phone. Done." But it's Apple, so you need to sign that JPEG with an Apple-issued certificate. And that certificate expires every 12 months. And you can't renew it, you have to create a new one every year by jumping through a set of hoops worthy of one of those "ninja warrior" shows.

Here are my notes on how to do that this year. Of course the procedure also changes slightly every year, and can't be sensibly automated.

This is insane. IN. SANE.

To create a new "dnapass.crt" file, which expires annually:

  1. developer.apple.com / Certificates / Identifiers
  2. Rightmost menu: "Pass Type IDs"
  3. Click on "pass.com.dnalounge" and Remove. (This step is new for 2020: It no longer lets you create a new pass with the name of an existing one, so we have to delete the old one first. But the name has to be the same as last year! And the error message just says "invalid", not "name already used".)
  4. Click the tiny plus box.
  5. Create new "Pass Type ID".
  6. Description: type "Ticket";
  7. Identifier: type "pass.com.dnalounge" (beware that it tries to "help" by typing out "pass." for you, so don't type it twice.)

  8. Keychain Access.app / Menu 0 / Certificate Assistant / Request from a CA.
  9. "jwz@jwz.org", "DNA Lounge Wallet Key"
  10. Checkbox "Save to disk"

  11. Back to the web site: Click on the "pass.com.dnalounge" pass.
  12. Choose File: "CertificateSigningRequest.certSigningRequest"
  13. Download the "pass.cer"

Now we need crt and key files that are not password protected, because we're doing this crazy thing of using these certs from a web server instead of typing in a password every time we use them. Here are the hoops for that:

  1. Open "pass.cer" in Keychain Access.app
  2. Select "My Certificates" (or else you can't select ".p12" on the Save dialog)
  3. Find the right "Pass Type ID" cert by looking for an "Expires" of today, since now there are several.
  4. Context Menu / Export / "Pass Type ID: pass.com.dnalounge" as "dnapass.p12" with blank password.
  5. openssl pkcs12 -in dnapass.p12 -clcerts -nokeys -passin pass: -out dnapass.crt
  6. openssl pkcs12 -in dnapass.p12 -nocerts -passin pass: -passout pass:TMPTMP -out dnapass.tmp
    (Password is required, but bullshit password "TMPTMP" must be at least 4 characters!)
  7. openssl rsa -in dnapass.tmp -out dnapass.key -passin pass:TMPTMP
  8. openssl pkcs12 -in dnapass.p12 -out dnapass.pem -nodes -clcerts
  9. rm dnapass.tmp dnapass.p12
  10. "scp -p dnapass.* www:" and install the new certs.
  11. Update your calendar reminder for this date next year: remember, the new cert expires a year from today, not a year from when it expired this year.

If it doesn't work, check:

  • Web server error_log;
  • Safari + Console.app / Search "pass";
  • Apple root cert expiration:
    openssl x509 -enddate -noout < certs/wwdr.pem
    Get a new one here, E.g. which currently expires in Feb 2023, then convert .cer to .pem with:
    openssl x509 -inform der < AppleWWDRCA.cer > wwdr.pem

Previously, previously.

Posted Sun Jan 12 19:26:36 2020 Tags:
Some time ago I walked by one of those "Free Flu Shots" signs, and I thought, we should be doing that at the club!

People come here to sweat on each other, become sleep-deprived and swap saliva. Basically we're where you come to get the flu, so why shouldn't we try to do our part to get ahead of that problem? Let people get their flu shot on the way into the club or on the way home. After all, it's not uncommon for organizations like DanceSafe or H.E.A.R. to set up their table at clubs, either inside or outside, to help people take care of themselves. This should be a no-brainer!

Well, it was very hard to get answers, but after investigating this off-and-on for over a year, I think we've learned that it's impossible.

One of our bartenders is a registered nurse, so our first thought was, does her accreditation allow her to just set up a table and stick people? She looked into it and the answer, unsurprisingly, is "Hahahahaha no."

It appears that the only people who adminster those "free" flu shots are Walgreens and CVS. And while they advertise that they'll come to your office and do your employees, it was hard to tell whether they'll come on site to do that for the general public, let alone at night. But after some phone calls, the answer seems to be yes?

But here's the problem: those free flu shots aren't free. They're covered by most insurance, but if you don't have insurance, or proof of insurance, they're $40 each.

First off, that pretty much makes this plan a non-starter, because most people don't think to bring proof of insurance with them when they're going out clubbing, and no way are they gonna pay forty bucks for it. I'm sure some people just carry that with them everywhere, but the chances of that go down the skimpier the outfit gets.

Bur second, WHY ISN'T THIS FREE? What kind of Libertarian hellscape is this that thinks that herd immunity works if you only immunize people who have insurance?? Spoiler alert, it doesn't, watch this video:

The best way for you not to get the flu is for everyone else to get a flu shot. Even if you don't care about anyone but yourself, you still want that herd immunity to be out there to protect you. That's why the Randian philosophy of "I got mine, fuck you" doesn't work when applied to disease prevention. (Or anything else.)

So we outsourced this to for-profit supermarkets instead of letting SFDPH administer it as a matter of... public health. Cool, cool.

I'll bet this also means that it's just about impossible for the homeless to get flu shots.

Posted Fri Jan 10 07:14:21 2020 Tags:

I'd seen a lot of photos of the Blade Runner models, but I don't think I ever noticed this hover-truck! Did it make it in to the movie? It's not the same model as the ship from Space Truckers, but I had to check.

Also these close-ups of the Spam Blimp are pretty great:


Previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously.

Posted Thu Jan 9 19:00:33 2020 Tags:
"Fuck Everything, We're Doing Five Blades"

One of the large displays is pretty much where you'd expect it to be. The other three are spread out above it and tow the sides, and two of the small screens are placed atop the side displays. Honestly I'm not sure why you'd really want/need those displays, but I guess it gives the laptop a slightly more uniform height when fully opened.

The final 7 inch display is embedded in the palm rest and it supports multi-touch input, giving you an interactive display panel beneath the laptop's motherboard. [...]

It's telling that Expanscape hasn't shared any images of the laptop when it's folded up. I have no idea if it's even possible to collapse these screens gracefully.

After all that, they don't bother to put a spring-loaded two-part keyboard on it? Pfffffffff....

Previously, previously, previously, previously, previously, previously, previously, previously, previously, previously.

Posted Wed Jan 8 18:54:56 2020 Tags:

Planet Debian upstream is hosted by Branchable.