The\nWarlord of Mars by Edgar Rice Burroughs\n
\nNon-Spoiler Thoughts
\n
\n\n- Burroughs is kind of verbose, which is symbolic of the time period\nin which it was written.
\n
\nBeverage Reviews
\n
\n\n- Thaj: Tempting fate with a tall glass of the highly\ntoxic, Dihydrogen\nMonoxide
\n- x1101: Shipyard\nLittle Horror of Hops Its a very amber IPA
\n- Pokey: Yellow Tail\nChardonay Its definitely a chardonay in flavor. You can taste the\ncost effectiveness up front, but it mellows out on the finish, and is\npretty okay for the price on average.
\n- FiftyOneFifty: Funky Pumpkin spiced\npumpkin ale
\n- Mark: Lagunitas IPA
\n
\nThings We Talked About
\n
\n\nOur Next Audiobook
\n
\nSee\nYou At The Morgue by Lawrence Blochman
\nThe Next Audiobook Club\nRecording
\n
\nRight now we are working through a backlog of older episode that have\nalready been recorded. Once that ends we fully anticipate recording new\nepisodes with listener participation.
\nFeedback
\n
\nThank you very much for listening to this episode of the HPR\nAudioBookClub. We had a great time recording this show, and we hope you\nenjoyed it as well. We also hope you\'ll consider joining us next time we\nrecord a new episode. Please leave a few words in the episode\'s comment\nsection.
\nAs always; remember to visit the HPR contribution page HPR could\nreally use your help right now.
\nSincerely, The HPR Audiobook Club
\nP.S. Some people really like finding mistakes. For their enjoyment,\nwe always include a few.
\nOur Audio
\n
\nThis episode was processed using Audacity. We\'ve been making\nsmall adjustments to our audio mix each month in order to get the best\npossible sound. Its been especially challenging getting all of our\nvoices relatively level, because everyone has their own unique setup.\nMumble is great for bringing us all together, and for recording, but\nit\'s not good at making everyone\'s voice the same volume. We\'re pretty\nhappy with the way this month\'s show turned out, so we\'d like to share\nour editing process and settings with you and our future selves (who, of\ncourse, will have forgotten all this by then).
\nWe use the \"Truncate Silence\" effect with it\'s default settings to\nminimize the silence between people speaking. When used with it\'s\ndefault (or at least reasonable) settings, Truncate Silence is extremely\neffective and satisfying. It makes everyone sound smarter, it makes the\nfile shorter without destroying actual content, and it makes a\nconversations sound as easy and fluid during playback as it was while it\nwas recorded. It can be even more effective if you can train yourself to\nremain silent instead of saying \"uuuuummmm.\" Just remember to ONLY pass\nthe file through Truncate Silence ONCE. If you pass it through a second\ntime, or if you set it too aggressively your audio may sound sped up and\nchoppy.
\nNext we use the \"Compressor\" effect with the following settings:
\nThreshold: -30db\n\nNoise Floor: -50db\n\nRatio: 3:1\n\nAttack Time: 0.2sec\n\nDecay Time: 1.0 sec
\n\"Make-up Gain for 0db after compressing\" and \"compress based on\npeaks\" were both left un-checked.
\nAfter compressing the audio we cut any pre-show and post-show chatter\nfrom the file and save them in a separate file for possible use as\nouttakes after the closing music.
\nWe adjust the Gain so that the VU meter in Audacity hovers around\n-12db while people are speaking, and we try to keep the peaks under\n-6db, and we adjust the Gain on each of the new tracks so that all\nvolumes are similar, and more importantly comfortable. Once this is done\nwe can \"Mix and Render\" all of our tracks into a single track for export\nto the .FLAC file which is uploaded to the HPR server.
\nAt this point we listen back to the whole file and we work on the\nshownotes. This is when we can cut out anything that needs to be cut,\nand we can also make sure that we put any links in the shownotes that\nwere talked about during the recording of the show. We finish the\nshownotes before exporting the .aup file to .FLAC so that we can paste a\ncopy of the shownotes into the audio file\'s metadata.
\nAt this point we add new, empty audio tracks into which we paste the\nintro, outro and possibly outtakes, and we rename each track\naccordingly.
\nRemember to save often when using Audacity. We like to save after\neach of these steps. Audacity has a reputation for being \"crashy\" but if\nyou remember save after every major transform, you will wonder how it\never got that reputation.
\nAttribution
\n
\nRecord\nScratch Creative Commons 0
\n',157,0,1,'CC-BY-SA','mars, audiobook club, fiction, scifi, audiobook',0,0,1),
(4151,'2024-07-01','HPR Community News for June 2024',0,'HPR Volunteers talk about shows released and comments posted in June 2024','',159,47,1,'CC-BY-SA','Community News',0,0,1),
(4176,'2024-08-05','HPR Community News for July 2024',0,'HPR Volunteers talk about shows released and comments posted in July 2024','',159,47,1,'CC-BY-SA','Community News',0,0,1),
-(3902,'2023-07-18','Introduction to a new series on FFMPEG',474,'In this episode, I introduce FFMPEG, media containers, and codecs','Links
\n\n\n',300,0,0,'CC-BY-SA','ffmpeg,video streaming,audio streaming',0,0,1),
-(3903,'2023-07-19','Why I don\'t love systemd (yet)',396,'Klaatu reads a script by Deepgeek about systemd','I\'ve been meaning to put down my thoughts about SystemD for the HPR\ncommunity for some while, so here goes.
\nI want to say that I am not a SystemD hater. When SystemD was a hot\ntopic of debate, many became irrational over it, but I want to start by\nsaying that I don\'t think it\'s a bad technology. I think it is a rather\ngood technology. I just don\'t want it on my personal computer. So I\nwould like to run things down in this order: what is it (as in, what is\nit really,) what makes it a good technology, why I don\'t want it now\n(but might later,) and a few tips for you if you decide that you don\'t\nwant it currently.
\nSystemD Is not an init system. SystemD includes an init system.\nSystemD Init was faster than SysVInit, but SystemD Init isn\'t the\nfastest init system, and SysVInit now has a parallelization helper, at\nleast on Debian.
\nSo, if SystemD Init is not SystemD, than what is SystemD? To\nunderstand this we must first understand something about Linux. Linux\noperates under a model where there are root processes, and there are\nuser processes. These two kinds of processes are usually called\n\"layers.\" SystemD is actually a third layer, that can be called a system\nlayer. So when SystemD is added to a Linux system, that changes the\nsystem so that there are three layers, a root layer, a user layer, and a\nsystem layer. As such, you now ask SystemD to set how the system runs.\nThis is why SystemD includes things like an init system, because if you\nwant to change what the system is running, you ask SystemD to change it.\nSystemD then messages an appropriate system to implement the change,\nlike messaging its init system to bring up or bring down a system\ndaemon. Once you play out this in your head a bit, you really realize\nthat SystemD acts more like a message passing system in this regard.
\nSo why do I say SystemD is a good technology? Because this can\nstandardize system control. Without SystemD a fleet of computers becomes\nlike individual fingerprints or unique snowflakes. If you manage many\ncomputers, as many professional IT people do, you want them to all run\nthe same, all have the same profiles and general configurations. So if\nyou have a bunch of computers you are running, you can run a lot more if\nthey are all run the same way. If your job requires you to run 10,000\nwebservers, you want them to run identically because it is impossible to\nkeep an understanding of 10,000 unique configurations in a human\nhead.
\nSystemD really shines in its support of virtualization as well. So\nto speak of servers, I used to run an email server for a few friends.\nEach of us had a userid and number as unix users. The mapping of unix\nuserids and postfix userids can get confusing when it gets big. Thanks\nto SystemD\'s virtualization work, you can actually put a service like\nemail into a namespace situation so that it has only the users root and\nthe daemon user id (like \"postfix\"), so SystemD greatly enhances\nsecurity for server installations. This might help explain its\ndominance in linux distributions that have been traditionally\nserver-centric, such as debian and redhat.
\nSo why don\'t I don\'t want it? Well, I\'ve been doing a lot of talking\nabout professional computer work and corporate work environments, but I\nuse a \"Personal Computer\" as a hobby. I\'ve been out-of-industry for\ndecades now. And when I say \"Personal Computer\" I\'m not talking a\nhardware specification, rather I\'m talking about \"This is my personal\ncomputer where I do things my way, as opposed to my work computer where\nI do things my companies way\". Dear listener, please remember that I did\nthe first community show contribution to HPR, and my topic was about\npersonalization. For me, a hobbyist interested in operating system\nexperimentation, I don\'t want a system layer, I want a traditional\nunix-like system that operates on a two-layer model and does things my\nway, nobody else\'s way.
\nSo, what advice can I give to those who don\'t want SystemD now? Well,\nrecently I\'ve left Debian. Debian, you see, supports init system\ndiversity, but as you now know dear listener, that is different than\nbeing without SystemD. You may have heard that SystemD is\nlinux-specific, that is to say that it runs only on linux, not anything\nlike a BSD system or a Windows system. But you may be curious to know\nthat it is also Gnu-libC specific. Which means that the C compiler must\nuse GNU\'s libC standard library. Thus, if you have a system built around\nthe Musl C standard library like Alpine or Void, or a system like\nAndroid that runs on the Bionic C Standard library, you wont have a\nSystemD system. I\'m personally learning Void as its package manager\nsupports both binary and a ports collection much like the BSD\'s. But\nthat is what I\'m doing on my personal computer, I leave you in the\nfreedom to do things your way on your personal computer!
\n\n',73,99,0,'CC-BY-SA','systemd,linux',0,0,1),
+(3902,'2023-07-18','Introduction to a new series on FFMPEG',474,'In this episode, I introduce FFMPEG, media containers, and codecs','Links
\n\n\n',300,0,0,'CC-BY-SA','ffmpeg,video streaming,audio streaming',0,0,1);
+INSERT INTO `eps` (`id`, `date`, `title`, `duration`, `summary`, `notes`, `hostid`, `series`, `explicit`, `license`, `tags`, `version`, `downloads`, `valid`) VALUES (3903,'2023-07-19','Why I don\'t love systemd (yet)',396,'Klaatu reads a script by Deepgeek about systemd','I\'ve been meaning to put down my thoughts about SystemD for the HPR\ncommunity for some while, so here goes.
\nI want to say that I am not a SystemD hater. When SystemD was a hot\ntopic of debate, many became irrational over it, but I want to start by\nsaying that I don\'t think it\'s a bad technology. I think it is a rather\ngood technology. I just don\'t want it on my personal computer. So I\nwould like to run things down in this order: what is it (as in, what is\nit really,) what makes it a good technology, why I don\'t want it now\n(but might later,) and a few tips for you if you decide that you don\'t\nwant it currently.
\nSystemD Is not an init system. SystemD includes an init system.\nSystemD Init was faster than SysVInit, but SystemD Init isn\'t the\nfastest init system, and SysVInit now has a parallelization helper, at\nleast on Debian.
\nSo, if SystemD Init is not SystemD, than what is SystemD? To\nunderstand this we must first understand something about Linux. Linux\noperates under a model where there are root processes, and there are\nuser processes. These two kinds of processes are usually called\n\"layers.\" SystemD is actually a third layer, that can be called a system\nlayer. So when SystemD is added to a Linux system, that changes the\nsystem so that there are three layers, a root layer, a user layer, and a\nsystem layer. As such, you now ask SystemD to set how the system runs.\nThis is why SystemD includes things like an init system, because if you\nwant to change what the system is running, you ask SystemD to change it.\nSystemD then messages an appropriate system to implement the change,\nlike messaging its init system to bring up or bring down a system\ndaemon. Once you play out this in your head a bit, you really realize\nthat SystemD acts more like a message passing system in this regard.
\nSo why do I say SystemD is a good technology? Because this can\nstandardize system control. Without SystemD a fleet of computers becomes\nlike individual fingerprints or unique snowflakes. If you manage many\ncomputers, as many professional IT people do, you want them to all run\nthe same, all have the same profiles and general configurations. So if\nyou have a bunch of computers you are running, you can run a lot more if\nthey are all run the same way. If your job requires you to run 10,000\nwebservers, you want them to run identically because it is impossible to\nkeep an understanding of 10,000 unique configurations in a human\nhead.
\nSystemD really shines in its support of virtualization as well. So\nto speak of servers, I used to run an email server for a few friends.\nEach of us had a userid and number as unix users. The mapping of unix\nuserids and postfix userids can get confusing when it gets big. Thanks\nto SystemD\'s virtualization work, you can actually put a service like\nemail into a namespace situation so that it has only the users root and\nthe daemon user id (like \"postfix\"), so SystemD greatly enhances\nsecurity for server installations. This might help explain its\ndominance in linux distributions that have been traditionally\nserver-centric, such as debian and redhat.
\nSo why don\'t I don\'t want it? Well, I\'ve been doing a lot of talking\nabout professional computer work and corporate work environments, but I\nuse a \"Personal Computer\" as a hobby. I\'ve been out-of-industry for\ndecades now. And when I say \"Personal Computer\" I\'m not talking a\nhardware specification, rather I\'m talking about \"This is my personal\ncomputer where I do things my way, as opposed to my work computer where\nI do things my companies way\". Dear listener, please remember that I did\nthe first community show contribution to HPR, and my topic was about\npersonalization. For me, a hobbyist interested in operating system\nexperimentation, I don\'t want a system layer, I want a traditional\nunix-like system that operates on a two-layer model and does things my\nway, nobody else\'s way.
\nSo, what advice can I give to those who don\'t want SystemD now? Well,\nrecently I\'ve left Debian. Debian, you see, supports init system\ndiversity, but as you now know dear listener, that is different than\nbeing without SystemD. You may have heard that SystemD is\nlinux-specific, that is to say that it runs only on linux, not anything\nlike a BSD system or a Windows system. But you may be curious to know\nthat it is also Gnu-libC specific. Which means that the C compiler must\nuse GNU\'s libC standard library. Thus, if you have a system built around\nthe Musl C standard library like Alpine or Void, or a system like\nAndroid that runs on the Bionic C Standard library, you wont have a\nSystemD system. I\'m personally learning Void as its package manager\nsupports both binary and a ports collection much like the BSD\'s. But\nthat is what I\'m doing on my personal computer, I leave you in the\nfreedom to do things your way on your personal computer!
\n\n',73,99,0,'CC-BY-SA','systemd,linux',0,0,1),
(3904,'2023-07-20','How to make friends',2861,'This topic is being actively researched. Not for production use.','Show notes
\n\n- \n
No clear mark of when friendship starts
\n \n- \n
often feels \"right\" when mutual
\n \n- \n
to some people friendship is a persistent state. once you have it, it's forever unless explicitly dissolved.
\n \n- \n
for other people, it's something requiring maintenance. arguable this suggests that there are degrees of friendship, based on when you last spoke to one another.
\n \n- \n
degrees of friendship also suggests progression. friend → close friend → best friend.
\n \n
\nhow to make a friend
\nfriendship requires communication.
\n\n- \n
start by communicating in some way that makes the other person feel not unpleasant
\n \n- \n
you're not supposed to target a friend. this can be a frustrating rule, because if you're trying to make a friend, you have to target somebody, but the general consensus is that you're not supposed to \"try too hard\". target lots of people in the hopes of stumbling across somebody to befriend.
\n \n- \n
complimenting something they have done, even if it's something simple like wearing a cool shirt, is a very easy start
\n \n- \n
finding ground common allows for repeated communication
\n \n- \n
repetition of this is what builds friendship. this is why friendships often develop at work, but can dissolve quickly after a job change.
\n \n- \n
the situation matters. chatting with someone who's being paid to interact with you, like somebody working at a store, doesn't count because in context they more or less cannot choose to stop communicating with you until you leave the store. chatting with someone who has anything to gain by chatting with you doesn't count (like an intern at work).
\n \n- \n
to speed up a developing friendship, you can invite the person to interact with you on something with a clearly defined goal. You like coding? I like coding! Would you care to collaborate for 4 hours on a script that would help me find my Raspberry Pi on my network?
\n \n- \n
during the activity, continue to communicate. this can be difficult because you're doing an activity that you both claim to enjoy, so in theory the activity should be sufficient to further the friendship. However, the activity doesn't build the friendship, it only builds a partnership. It's the communication that builds friendship.
\n \n
\nunfortunately, there's no clear point during this process at which you know you have made a friend. so you have to define what a friend is, to you, and then work toward that goal.
\nHere are some examples of definitions for friendship. There is no right or wrong here, it's really just setting your own expectations and requirements:
\n\n- \n
A friend is someone to hang out with on sundays.
\n \n- \n
A friend is someone I can call when I've got some free time to kill.
\n \n- \n
A friend is someone I can play video games with online.
\n \n- \n
A friend is someone I can call, day or night, when I need help.
\n \n- \n
A friend is someone who has come over for dinner, and has met my family, and who I see at least once a month.
\n \n
\nThere's no official definition, so you must define it yourself.\nYour definition may differ from the other person's definition.\nYou might say \"we are best friends\" but they might say \"no, I already have a best friend, but you're a good friend\" and THAT'S OK.
\nIf it helps, classify what kinds of friends you have so you understand what kinds of relationships you are maintaining.\nCommunicate with your friends, even if it's only to let them know that you're bad at communicating on a regular basis, or ask them how frequently they need to communicate to maintain a healthy friendship.
\n',78,108,0,'CC-BY-SA','autism,friendship,relationship,social engineering',0,0,1),
-(3905,'2023-07-21','Presenting Fred Black',1105,'I have a short talk to present Fred Black.','\n- IB-program https://ibo.org/
\n- Animals To The Max https://corbinmaxey.com/podcast-1
\n- I Spend A Day With... https://feeds.megaphone.fm/ispentadaywith
\n- The Vinyl Guide https://www.thevinylguide.com/
\n- NSOD - Norsken, Svensken og Dansken https://podkast.nrk.no/program/norsken_svensken_og_dansken.rss
\n
\n',309,0,0,'CC-BY-SA','school,podcasts,instrument,quiz',0,0,1);
-INSERT INTO `eps` (`id`, `date`, `title`, `duration`, `summary`, `notes`, `hostid`, `series`, `explicit`, `license`, `tags`, `version`, `downloads`, `valid`) VALUES (3906,'2023-07-24','The Oh No! News.',1741,'Sgoti discusses the threat of convenience.','The Oh No! news.
\nOh No! News is Good\nNews.
\n\n- TAGS: Oh No News, InfoSec, browser security,\nsession tokens, session id
\n
\n
\nInfoSec; the language\nof security.
\n\n- Source: Session ID.
\n \n- Source: JSON Web\nToken.
\n\n\n- Terms\nof Use: Copyleft, free content
\n \n
\n- Source: Session\nvs Token Based Authentication.
\n\n\n- Terms\nof Use: CC-BY-SA (with CC-BY-NC-SA elements).
\n \n
\n- Source: Steal Application\nAccess Token. Adversaries can steal application access tokens as a\nmeans of acquiring credentials to access remote systems and resources.\nApplication access tokens are used to make authorized API requests on\nbehalf of a user or service and are commonly used as a way to access\nresources in cloud and container-based applications and\nsoftware-as-a-service (SaaS).
\n\n\n- Terms of\nUse: Similar to CC-BY-SA
\n \n
\n- Source: Analysis:\nCircleCI attackers stole session cookie to bypass MFA.
\n\n\n- Terms of\nUse: Section 8. CONTENT AND CONTENT LICENSES. NOT\ncertain
\n \n
\n- Source: How to Prevent\nSession Hijacking?
\n\n \n
\n
\n\n- Additional Information.\n
\n- What is a \"Data\nBreach\"? A data breach is a security violation, in which sensitive,\nprotected or confidential data is copied, transmitted, viewed, stolen,\naltered or used by an individual unauthorized to do so.
\n- What is \"Malware\"?\nMalware (a portmanteau for\nmalicious software) is any software intentionally designed to cause\ndisruption to a computer, server, client, or computer network, leak\nprivate information, gain unauthorized access to information or systems,\ndeprive access to information, or which unknowingly interferes with the\nuser\'s computer security and privacy.
\n- What is a \"Payload\"?\nIn the context of a computer virus or worm, the payload is the portion\nof the malware which performs malicious action; deleting data, sending\nspam or encrypting data. In addition to the payload, such malware also\ntypically has overhead code aimed at simply spreading itself, or\navoiding detection.
\n- What is \"Phishing\"?\nPhishing is a form of social engineering\nwhere attackers deceive people into revealing sensitive information or\ninstalling malware such as ransomware. Phishing\nattacks have become increasingly sophisticated and often transparently\nmirror the site being targeted, allowing the attacker to observe\neverything while the victim is navigating the site, and transverse any\nadditional security boundaries with the victim.
\n- Social\nengineering (security) In the context of information security,\nsocial engineering is the psychological\nmanipulation of people into performing actions or divulging\nconfidential information. A type of confidence trick for the purpose of\ninformation gathering, fraud, or system access, it differs from a\ntraditional \"con\" in that it is often one of many steps in a more\ncomplex fraud scheme.
\n \n- What is \"Information\nSecurity\" (InfoSec)? Information security, sometimes shortened to\nInfoSec, is the practice of protecting information by mitigating information risks. It\nis part of information risk\nmanagement.\n
\n- Information Security Attributes: Confidentiality, Integrity and Availability (C.I.A.).\nInformation Systems are composed in three main portions, hardware,\nsoftware and communications with the purpose to help identify and apply\ninformation security industry standards, as mechanisms of protection and\nprevention, at three levels or layers: physical, personal and\norganizational. Essentially, procedures or policies are implemented to\ntell administrators, users and operators how to use products to ensure\ninformation security within the organizations.
\n
\n- What is \"Risk\nmanagement\"? Risk management is the identification, evaluation, and\nprioritization of risks followed by coordinated and economical\napplication of resources to minimize, monitor, and control the\nprobability or impact of unfortunate events or to maximize the\nrealization of opportunities.
\n- What is a \"Vulnerability\"\n(computing)? Vulnerabilities are flaws in a computer system that\nweaken the overall security of the device/system. Vulnerabilities can be\nweaknesses in either the hardware itself, or the software that runs on\nthe hardware.
\n- What is an \"Attack\nSurface\"? The attack surface of a software environment is the sum of\nthe different points (for \"attack vectors\") where an unauthorized user\n(the \"attacker\") can try to enter data to or extract data from an\nenvironment. Keeping the attack surface as small as possible is a basic\nsecurity measure.
\n- What is an \"Attack\nVector\"? In computer security, an attack vector is a specific path,\nmethod, or scenario that can be exploited to break into an IT system,\nthus compromising its security. The term was derived from the\ncorresponding notion of vector in biology. An attack vector may be\nexploited manually, automatically, or through a combination of manual\nand automatic activity.
\n- What is\n\"Standardization\"? Standardization is the process of implementing\nand developing technical standards based on the consensus of different\nparties that include firms, users, interest groups, standards\norganizations and governments. Standardization can help maximize\ncompatibility, interoperability, safety, repeatability, or quality. It\ncan also facilitate a normalization of formerly custom processes.\n
\n- What is a \"Replay\nattack\"? A replay attack is a form of network attack in which valid\ndata transmission is maliciously or fraudulently repeated or delayed.\nAnother way of describing such an attack is: \"an attack on a security\nprotocol using a replay of messages from a different context into the\nintended (or original and expected) context, thereby fooling the honest\nparticipant(s) into thinking they have successfully completed the\nprotocol run.\"
\n- What is a\n\"Man-in-the-middle attack\"? In cryptography and computer security, a\nman-in-the-middle, ..., attack is a cyberattack where the attacker\nsecretly relays and possibly alters the communications between two\nparties who believe that they are directly communicating with each\nother, as the attacker has inserted themselves between the two\nparties.
\n- What is \"Transport Layer\nSecurity\" (TLS)? Transport Layer Security (TLS) is a cryptographic\nprotocol designed to provide communications security over a computer\nnetwork. The protocol is widely used in applications such as email,\ninstant messaging, and voice over IP, but its use in securing HTTPS\nremains the most publicly visible.
\n- What is a \"Handshake\"\n(computing)?. In computing, a handshake is a signal between two\ndevices or programs, used to, e.g., authenticate, coordinate. An example\nis the handshaking between a hypervisor and an application in a guest\nvirtual machine.
\n- What is Security\ntheater? The practice of taking security measures that are\nconsidered to provide the feeling of improved security while doing\nlittle or nothing to achieve it.
\n \n
\n
\n
\n\n',391,74,0,'CC-BY-SA','Oh No News, InfoSec, browser security, session tokens, session id',0,0,1),
+(3905,'2023-07-21','Presenting Fred Black',1105,'I have a short talk to present Fred Black.','\n- IB-program https://ibo.org/
\n- Animals To The Max https://corbinmaxey.com/podcast-1
\n- I Spend A Day With... https://feeds.megaphone.fm/ispentadaywith
\n- The Vinyl Guide https://www.thevinylguide.com/
\n- NSOD - Norsken, Svensken og Dansken https://podkast.nrk.no/program/norsken_svensken_og_dansken.rss
\n
\n',309,0,0,'CC-BY-SA','school,podcasts,instrument,quiz',0,0,1),
+(3906,'2023-07-24','The Oh No! News.',1741,'Sgoti discusses the threat of convenience.','The Oh No! news.
\nOh No! News is Good\nNews.
\n\n- TAGS: Oh No News, InfoSec, browser security,\nsession tokens, session id
\n
\n
\nInfoSec; the language\nof security.
\n\n- Source: Session ID.
\n \n- Source: JSON Web\nToken.
\n\n\n- Terms\nof Use: Copyleft, free content
\n \n
\n- Source: Session\nvs Token Based Authentication.
\n\n\n- Terms\nof Use: CC-BY-SA (with CC-BY-NC-SA elements).
\n \n
\n- Source: Steal Application\nAccess Token. Adversaries can steal application access tokens as a\nmeans of acquiring credentials to access remote systems and resources.\nApplication access tokens are used to make authorized API requests on\nbehalf of a user or service and are commonly used as a way to access\nresources in cloud and container-based applications and\nsoftware-as-a-service (SaaS).
\n\n\n- Terms of\nUse: Similar to CC-BY-SA
\n \n
\n- Source: Analysis:\nCircleCI attackers stole session cookie to bypass MFA.
\n\n\n- Terms of\nUse: Section 8. CONTENT AND CONTENT LICENSES. NOT\ncertain
\n \n
\n- Source: How to Prevent\nSession Hijacking?
\n\n \n
\n
\n\n- Additional Information.\n
\n- What is a \"Data\nBreach\"? A data breach is a security violation, in which sensitive,\nprotected or confidential data is copied, transmitted, viewed, stolen,\naltered or used by an individual unauthorized to do so.
\n- What is \"Malware\"?\nMalware (a portmanteau for\nmalicious software) is any software intentionally designed to cause\ndisruption to a computer, server, client, or computer network, leak\nprivate information, gain unauthorized access to information or systems,\ndeprive access to information, or which unknowingly interferes with the\nuser\'s computer security and privacy.
\n- What is a \"Payload\"?\nIn the context of a computer virus or worm, the payload is the portion\nof the malware which performs malicious action; deleting data, sending\nspam or encrypting data. In addition to the payload, such malware also\ntypically has overhead code aimed at simply spreading itself, or\navoiding detection.
\n- What is \"Phishing\"?\nPhishing is a form of social engineering\nwhere attackers deceive people into revealing sensitive information or\ninstalling malware such as ransomware. Phishing\nattacks have become increasingly sophisticated and often transparently\nmirror the site being targeted, allowing the attacker to observe\neverything while the victim is navigating the site, and transverse any\nadditional security boundaries with the victim.
\n- Social\nengineering (security) In the context of information security,\nsocial engineering is the psychological\nmanipulation of people into performing actions or divulging\nconfidential information. A type of confidence trick for the purpose of\ninformation gathering, fraud, or system access, it differs from a\ntraditional \"con\" in that it is often one of many steps in a more\ncomplex fraud scheme.
\n \n- What is \"Information\nSecurity\" (InfoSec)? Information security, sometimes shortened to\nInfoSec, is the practice of protecting information by mitigating information risks. It\nis part of information risk\nmanagement.\n
\n- Information Security Attributes: Confidentiality, Integrity and Availability (C.I.A.).\nInformation Systems are composed in three main portions, hardware,\nsoftware and communications with the purpose to help identify and apply\ninformation security industry standards, as mechanisms of protection and\nprevention, at three levels or layers: physical, personal and\norganizational. Essentially, procedures or policies are implemented to\ntell administrators, users and operators how to use products to ensure\ninformation security within the organizations.
\n
\n- What is \"Risk\nmanagement\"? Risk management is the identification, evaluation, and\nprioritization of risks followed by coordinated and economical\napplication of resources to minimize, monitor, and control the\nprobability or impact of unfortunate events or to maximize the\nrealization of opportunities.
\n- What is a \"Vulnerability\"\n(computing)? Vulnerabilities are flaws in a computer system that\nweaken the overall security of the device/system. Vulnerabilities can be\nweaknesses in either the hardware itself, or the software that runs on\nthe hardware.
\n- What is an \"Attack\nSurface\"? The attack surface of a software environment is the sum of\nthe different points (for \"attack vectors\") where an unauthorized user\n(the \"attacker\") can try to enter data to or extract data from an\nenvironment. Keeping the attack surface as small as possible is a basic\nsecurity measure.
\n- What is an \"Attack\nVector\"? In computer security, an attack vector is a specific path,\nmethod, or scenario that can be exploited to break into an IT system,\nthus compromising its security. The term was derived from the\ncorresponding notion of vector in biology. An attack vector may be\nexploited manually, automatically, or through a combination of manual\nand automatic activity.
\n- What is\n\"Standardization\"? Standardization is the process of implementing\nand developing technical standards based on the consensus of different\nparties that include firms, users, interest groups, standards\norganizations and governments. Standardization can help maximize\ncompatibility, interoperability, safety, repeatability, or quality. It\ncan also facilitate a normalization of formerly custom processes.\n
\n- What is a \"Replay\nattack\"? A replay attack is a form of network attack in which valid\ndata transmission is maliciously or fraudulently repeated or delayed.\nAnother way of describing such an attack is: \"an attack on a security\nprotocol using a replay of messages from a different context into the\nintended (or original and expected) context, thereby fooling the honest\nparticipant(s) into thinking they have successfully completed the\nprotocol run.\"
\n- What is a\n\"Man-in-the-middle attack\"? In cryptography and computer security, a\nman-in-the-middle, ..., attack is a cyberattack where the attacker\nsecretly relays and possibly alters the communications between two\nparties who believe that they are directly communicating with each\nother, as the attacker has inserted themselves between the two\nparties.
\n- What is \"Transport Layer\nSecurity\" (TLS)? Transport Layer Security (TLS) is a cryptographic\nprotocol designed to provide communications security over a computer\nnetwork. The protocol is widely used in applications such as email,\ninstant messaging, and voice over IP, but its use in securing HTTPS\nremains the most publicly visible.
\n- What is a \"Handshake\"\n(computing)?. In computing, a handshake is a signal between two\ndevices or programs, used to, e.g., authenticate, coordinate. An example\nis the handshaking between a hypervisor and an application in a guest\nvirtual machine.
\n- What is Security\ntheater? The practice of taking security measures that are\nconsidered to provide the feeling of improved security while doing\nlittle or nothing to achieve it.
\n \n
\n
\n
\n\n',391,74,0,'CC-BY-SA','Oh No News, InfoSec, browser security, session tokens, session id',0,0,1),
(3908,'2023-07-26','Emacs package curation, part 2',667,'Let\'s go through every single package installed in my Emacs configuration. File 2 of 3.','We discuss the packages installed in the second of three files that\nmake up my emacs config.
\n;;; init-base.el --- The basics\n;;; Commentary:\n;;; Packages for my personal and work laptop, but not termux.\n\n;;; Code:\n\n;;;;;;;;;;;;;;;\n;;; Writing ;;;\n;;;;;;;;;;;;;;;\n\n;; Focused writing mode\n(use-package olivetti\n :hook (olivetti-mode . typewriter-mode-toggle)\n :bind ("C-x C-w" . olivetti-mode)\n :custom (olivetti-body-width 64)\n :config\n (defvar-local typewriter-mode nil\n "Typewriter mode, automatically scroll down to keep cursor in\n the middle of the screen. Setting this variable explicitly will\n not do anything, use typewriter-mode-on, typewriter-mode-off\n and typewriter-mode-toggle instead.")\n (defun typewriter-mode-on()\n "Automatically scroll down to keep cursor in the middle of screen."\n (interactive)\n (setq-local typewriter-mode t)\n (centered-cursor-mode +1))\n (defun typewriter-mode-off()\n "Automatically scroll down to keep cursor in the middle of screen."\n (interactive)\n (kill-local-variable 'typewriter-mode)\n (centered-cursor-mode -1))\n (defun typewriter-mode-toggle()\n "Toggle typewriter scrolling mode on and off."\n (interactive)\n (if typewriter-mode (typewriter-mode-off) (typewriter-mode-on))))\n\n(use-package centered-cursor-mode)\n\n;; Check for weasel words and some other simple rules\n(use-package writegood-mode\n :bind ("C-c g" . writegood-mode))\n\n;; spellchecking\n(use-package flyspell-correct\n :after flyspell\n :bind (:map flyspell-mode-map\n ("C-;" . flyspell-correct-wrapper)))\n\n;; show correction options in a popup instead of the minibuffer\n(use-package flyspell-correct-popup\n :after (flyspell-correct))\n\n;online thesaurus service from powerthesaurus.org\n(use-package powerthesaurus)\n\n;; WordNet Thesaurus replacement\n(use-package synosaurus\n :custom (synosaurus-choose-method 'default)\n :config (when window-system\n (if (string= (x-server-vendor) "Microsoft Corp.")\n (setq synosaurus-wordnet--command "C:\\\\Program Files (x86)\\\\WordNet\\\\2.1\\\\bin\\\\wn.exe"))))\n\n;; WordNet search and view\n(use-package wordnut\n :bind ("C-c s" . wordnut-search)\n :config (when window-system\n (if (string= (x-server-vendor) "Microsoft Corp.")\n (setq wordnut-cmd "C:\\\\Program Files (x86)\\\\WordNet\\\\2.1\\\\bin\\\\wn.exe"))))\n\n;; fill and unfill with the same key\n(use-package unfill\n :bind ("M-q" . unfill-toggle))\n\n;; Markdown...\n(use-package markdown-mode)\n\n;;;;;;;;;;;;;;\n;;; Coding ;;;\n;;;;;;;;;;;;;;\n\n;; Syntax checking\n(use-package flycheck\n :diminish\n :init (global-flycheck-mode))\n\n(use-package flycheck-popup-tip\n :after (flycheck)\n :hook (flycheck-mode-hook . flycheck-popup-tip-mode))\n\n;; Web design\n(use-package emmet-mode\n :hook (sgml-mode . emmet-mode) ;; Auto-start on any markup modes\n (css-mode . emmet-mode)) ;; enable Emmet's css abbreviation.\n\n(use-package sass-mode)\n\n(use-package web-mode)\n\n;; Python\n(use-package python\n :mode ("\\\\.py\\\\'" . python-mode)\n :interpreter ("python" . python-mode))\n\n;; highlight todo items everywhere\n(use-package hl-todo\n :straight (:host github :repo "tarsius/hl-todo")\n :custom (hl-todo-keyword-faces\n `(("FIXME" error bold)\n ("STUB" error bold)\n ("REPLACETHIS" error bold)\n ("REVISIT" error bold)))\n (hl-todo-exclude-modes nil)\n :config (add-to-list 'hl-todo-include-modes 'org-mode)\n :init (global-hl-todo-mode))\n\n;; git\n(use-package magit)\n\n(use-package git-timemachine)\n\n;; rest APIs via org source block\n(use-package ob-restclient)\n\n;;; END ;;;\n\n(provide 'init-base)\n;;; init-base.el ends here
\n',399,0,0,'CC-BY-SA','emacs,elisp',0,0,1),
(3918,'2023-08-09','Emacs package curation, part 3',864,'Let\'s go through every single package installed in my Emacs configuration. The last one.','We discuss the packages installed in the second of three files that\nmake up my emacs config.
\nSince recording, I pulled in some EXWM (the Emacs X Window Manager,\nthat\'s right), even though I\'m not actually using it, I\'m still using\nstumpWM.
\nI have also added pass, the password manager, khardel, an emacs\npackage for the khard CLI address book application.
\nI also moved (server-start) to this file, so that it\'ll only happen\nwhen I\'m on linux.
\n;;; init-extra.el --- Extra init stuff\n;;; Commentary:\n;;; Stuff just for my personal laptop, not for my work laptop or termux, for example.\n\n;;; Code:\n\n;;;;;;;;;;;;;;;;\n;;; org-roam ;;;\n;;;;;;;;;;;;;;;;\n\n(use-package org-roam\n :demand t\n :straight (:host github :repo "org-roam/org-roam"\n :files (:defaults "extensions/*"))\n :custom (org-roam-mode-sections (list #'org-roam-backlinks-section\n #'org-roam-reflinks-section\n #'org-roam-unlinked-references-section))\n :init (setq org-roam-directory "~/org/roam/"\n org-roam-capture-templates\n '(("o" "outline" plain\n "%?"\n :if-new\n (file+head "${slug}.org" "#+title: ${title}\\n#+filetags: :outline:\\n")\n :immediate-finish t\n :unnarrowed t)\n ("r" "reference" plain "%?"\n :if-new\n (file+head "${slug}.org" "#+title: ${title}\\n")\n :immediate-finish t\n :unnarrowed t)\n ("m" "memo" entry "* ${title}\\n%?"\n :if-new\n (file "memos.org")\n :immediate-finish t\n :unnarrowed t)))\n :bind (("C-c n l" . org-roam-buffer-toggle)\n ("C-c n f" . org-roam-node-find)\n ("C-c n g" . org-roam-graph)\n ("C-c n i" . org-roam-node-insert)\n ("C-c n c" . org-roam-capture)\n ;; Dailies\n ("C-c n j" . org-roam-dailies-capture-today))\n :config\n ;; If you're using a vertical completion framework, you might want a more informative completion interface\n (setq org-roam-node-display-template (concat "${title:*} " (propertize "${tags:10}" 'face 'org-tag)))\n (org-roam-db-autosync-mode)\n ;; If using org-roam-protocol\n (require 'org-roam-protocol))\n\n;; citations\n(use-package citar\n :after org-roam\n :custom (org-cite-insert-processor 'citar)\n (org-cite-follow-processor 'citar)\n (org-cite-activate-processor 'citar)\n (citar-bibliography '("~/org/biblio.bib"))\n (citar-notes-paths '("~/org/roam"))\n (citar-file-note-extensions '("org"))\n :hook (LaTeX-mode . citar-capf-setup)\n (org-mode . citar-capf-setup)\n :bind (("C-c n b" . #'citar-open-notes)\n :map org-mode-map :package org\n ("C-c b" . #'org-cite-insert)))\n\n;; view your org-roam notes on a map\n(use-package org-roam-ui\n :after org-roam\n :custom (org-roam-ui-sync-theme t)\n (org-roam-ui-follow t)\n (org-roam-ui-update-on-save t)\n (org-roam-ui-open-on-start t))\n\n;; archive web pages in org attachments\n(use-package org-board\n :after org\n :custom (org-board-default-browser #'browse-url)\n (org-board-property "ROAM_REFS")\n :bind (:map org-mode-map\n ("C-c B a" . org-board-archive)\n ("C-c B o" . org-board-open)\n ("C-c B D" . org-board-delete-all)))\n\n;;;;;;;;;;;;;;;\n;;; Writing ;;;\n;;;;;;;;;;;;;;;\n\n; something like grammarly, but open source\n(use-package langtool)\n\n;; better than docview, for pdf\n(use-package pdf-tools)\n\n;; annotating docs in org files\n(use-package org-noter)\n\n;; epub\n(use-package nov\n :mode ("\\\\.epub$" . nov-mode))\n\n;;; Invoke quick emacs windows to edit anything anywhere.\n;;; bind a key in xorg to ~emacsclient -c (emacs-everywhere)~\n(use-package emacs-everywhere)\n\n;;;;;;;;;;;;;;\n;;; Auctex ;;;\n;;;;;;;;;;;;;;\n(straight-use-package '( auctex\n :host nil :repo "https://git.savannah.gnu.org/git/auctex.git"\n :pre-build (("./autogen.sh")\n ("./configure" "--without-texmf-dir" "--with-lispdir=.")\n ("make"))))\n\n (setq TeX-data-directory (expand-file-name "straight/repos/auctex" user-emacs-directory)\n TeX-lisp-directory TeX-data-directory)\n\n (eval-after-load 'info\n '(add-to-list 'Info-additional-directory-list\n (expand-file-name "straight/repos/auctex/doc" user-emacs-directory)))\n (load (expand-file-name "straight/repos/auctex/auctex.el" user-emacs-directory) nil t t)\n (load (expand-file-name "straight/repos/auctex/preview-latex.el" user-emacs-directory) nil t t)\n\n(use-package evil-tex)\n\n(use-package latex-preview-pane\n :custom (latex-preview-pane-use-frame t))\n\n(use-package adaptive-wrap)\n\n;;; END AUCTEX ;;;\n\n;;;;;;;;;;;;;;;;;;;\n;;; Programming ;;;\n;;;;;;;;;;;;;;;;;;;\n\n;; downloading and viewing Dash documentation files\n(use-package dash-docs\n :init (defun elisp-doc ()\n (setq-local consult-dash-docsets '("Emacs Lisp")))\n (add-hook 'emacs-lisp-mode-hook 'elisp-doc)\n :custom (dash-docs-docsets-path (expand-file-name "docsets" user-emacs-directory))\n (dash-docs-browse-func 'eww))\n\n(use-package consult-dash\n :straight (:host codeberg :repo "rahguzar/consult-dash")\n :bind (("M-s d" . consult-dash))\n :after consult\n :config\n ;; Use the symbol at point as initial search term\n (consult-customize consult-dash :initial (thing-at-point 'symbol)))\n\n;;;;;;;;;;;;;\n;;; Email ;;;\n;;;;;;;;;;;;;\n\n(use-package notmuch\n :commands notmuch\n :config (defun notmuch-show-view-html ()\n "Open the text/html part of the current message using\n `notmuch-show-view-part'. From https://emacs.stackexchange.com/a/63457"\n (interactive)\n (save-excursion\n (goto-char (prop-match-beginning\n (text-property-search-forward\n :notmuch-part "text/html"\n (lambda (value notmuch-part)\n (equal (plist-get notmuch-part :content-type)\n value)))))\n (notmuch-show-view-part)))\n ;; Enable link to message via org-store-link\n (load-file (expand-file-name "org-notmuch.el" user-emacs-directory))\n (require 'org-notmuch)\n :bind (:map notmuch-show-mode-map\n (". v" . notmuch-show-view-html))\n :custom (notmuch-draft-folder "local/drafts")\n (notmuch-search-oldest-first nil)\n (notmuch-fcc-dirs "fastmail/sent")\n (notmuch-tagging-keys '(("r" ("+receipt" "-inbox") "Receipt")))\n (sendmail-program (executable-find "msmtp"))\n (message-sendmail-f-is-evil t)\n (message-sendmail-extra-arguments '("--read-envelope-from")))\n\n(use-package khardel\n :after notmuch\n :bind (:map notmuch-message-mode-map\n ("C-c M-k" . khardel-insert-email)))\n\n;;;;;;;;;;;;\n;;; PASS ;;;\n;;;;;;;;;;;;\n\n(use-package pass)\n\n;;;;;;;;;;;;\n;;; EXWM ;;;\n;;;;;;;;;;;;\n\n(use-package xelb\n :disabled t\n :straight (:host github :repo "ch11ng/xelb"))\n\n(use-package exwm\n :disabled t\n :straight (:host github :repo "ch11ng/exwm")\n :defer t\n :config (require 'exwm-systemtray)\n (require 'exwm-randr)\n (setq xcb:connection-timeout 20)\n (exwm-systemtray-enable)\n (add-hook 'exwm-update-class-hook\n (lambda ()\n (exwm-workspace-rename-buffer exwm-class-name)))\n (add-hook 'exwm-randr-screen-change-hook\n (lambda ()\n (start-process-shell-command\n "autorandr" nil "autorandr -c")))\n (defun exwm-randr-mobile()\n "Load a xrandr profile to use only the laptop screen."\n (interactive)\n (start-process-shell-command "xrandr" nil "xrandr --output eDP-1 --auto --output DP-1 --off"))\n (defun exwm-randr-docked()\n "Load a xrandr profile to use only the connected external screen DP-1."\n (interactive)\n (start-process-shell-command "xrandr" nil "xrandr --output eDP-1 --off --output DP-1 --auto"))\n (defun exwm-randr-chair()\n "Load a xrandr profile to use both the laptop screen and the connected screen."\n (interactive)\n (start-process-shell-command "xrandr" nil "xrandr --output HDMI-1 --auto --scale 1.3 --output eDP-1 --off"))\n (defun exwm-randr-all()\n "Load a xrandr profile to use both the laptop screen and the connected screen."\n (interactive)\n (start-process-shell-command "xrandr" nil "xrandr --output eDP-1 --primary --output DP-1 --above eDP-1")\n (setq exwm-randr-workspace-output-plist '(0 "eDP-1" 1 "DP-1"))\n )\n (exwm-randr-enable)\n :custom (exwm-input-global-keys\n `((,(kbd "s-r") . exwm-reset)\n (,(kbd "s-w") . exwm-workspace-switch)\n (,(kbd "s-a") . exwm-randr-all)\n (,(kbd "s-c") . exwm-randr-chair)\n (,(kbd "s-d") . exwm-randr-docked)\n (,(kbd "s-m") . exwm-randr-mobile)\n (,(kbd "s-k") . exwm-input-release-keyboard)\n (,(kbd "s-f") . exwm-layout-toggle-fullscreen)\n (,(kbd "s-p") . pass)\n (,(kbd "s-t") . exwm-workspace-switch-to-buffer)\n (,(kbd "s-&") . (lambda (command)\n (interactive (list (read-shell-command "$ ")))\n (start-process-shell-command command nil command)))\n ,@(mapcar (lambda (i)\n `(,(kbd (format "s-%d" i)) .\n (lambda ()\n (interactive)\n (exwm-workspace-switch-create ,i))))\n (number-sequence 0 9))\n ))\n )\n\n;; start emacs server\n(server-start)\n\n;;; END ;;;\n\n(provide 'init-extra)\n;;; init-extra.el ends here
\n',399,0,0,'CC-BY-SA','emacs,elisp',0,0,1),
(3909,'2023-07-27','Permission tickets. ',688,'Collective delusions of elective conclusions. ','No special knowledge nor resources.
\nThis is a preview show for some future, self referential tangle of\ncryptographic distraction.
\nSo far, I see money as some social credit by proxy.
\nI recognise the utility of keeping track of resource recipes.
\nI also see dangers in over abstracting relations beyond robustly\nprovable outcomes.
\n',398,0,1,'CC-BY-SA','ledger,cryptographic,consensus,permission,integrity',0,0,1),
@@ -20454,7 +20466,8 @@ INSERT INTO `eps` (`id`, `date`, `title`, `duration`, `summary`, `notes`, `hosti
(3979,'2023-11-02','FireStick and ad blocking',1501,'operat0r talks about recent apps for firestick and blocking ads','I talk about recent apps for firestick and blocking ads
\n',36,0,1,'CC-BY-SA','streaming,tv,ad blocking,youtube',0,0,1),
(3982,'2023-11-07','Conversation with ChatGPT',218,'Conversation with ChatGPT about EU Cookie banners','The\nfollowing conversation is from my query to ChatGPT
\nconversation.html
\n',318,0,0,'CC-BY-SA','ChatGPT, EU, GDPR, cookies',0,0,1),
(3983,'2023-11-08','ChatGPT Output is not compatible with CC-BY-SA',536,'Ken is not a lawyer but is fairly sure that ChatGPT is not compatible with Creative Commons','When uploading to HPR you are\nYou are\nagreeing to license your show CC-BY-SA.
\n\nAll our shows are now released under a Creative Commons\nAttribution-ShareAlike 4.0 International (CC BY-SA 4.0) license, which\nmeans that while you continue to retain the copyright to your show, you\nare allowing us (and everyone else) to use it provided we give you\nattribution and that we release it under the same license. Click the\nlink for more information.
\n
\nThe\nCreative\nCommons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)\nlicense itself says that sharing (the S in CC-BY-SA), allows you to\n\"copy and redistribute the material in any medium or format for any\npurpose, even commercially\".
\nOn the face of it the\nOpenAI\nChatGPT Terms of use seem similar, with Section 3 saying \"you can\nuse Content for any purpose, including commercial purposes\".\nUnfortunately they then go on to say \"Subject to your compliance with\nthese Terms\":
\n 3. Content\n\n (a) Your Content. You may provide input to the Services (“Input”), and\n receive output generated and returned by the Services based on the Input\n (“Output”). Input and Output are collectively “Content.” As between the\n parties and to the extent permitted by applicable law, you own all\n Input. Subject to your compliance with these Terms, OpenAI hereby\n assigns to you all its right, title and interest in and to Output. This\n means you can use Content for any purpose, including commercial purposes\n such as sale or publication, if you comply with these Terms. OpenAI may\n use Content to provide and maintain the Services, comply with applicable\n law, and enforce our policies. You are responsible for Content,\n including for ensuring that it does not violate any applicable law or\n these Terms.
\nThe same document lists some restrictions...
\n 2. Usage Requirements\n\n (c) Restrictions. You may not (i) use the Services in a way that\n infringes, misappropriates or violates any person’s rights; (ii) reverse\n assemble, reverse compile, decompile, translate or otherwise attempt to\n discover the source code or underlying components of models, algorithms,\n and systems of the Services (except to the extent such restrictions are\n contrary to applicable law); (iii) use output from the Services to\n develop models that compete with OpenAI;
\n... while the\nUsage policies\nlist more.
\nSo in my opinion, and I am not a lawyer (IANAL) the\nOpenAI\nChatGPT Terms of use is not compatible with the\nCreative\nCommons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)\nlicense.
\nYou can of course refer to ChatGPT as you would any other non\nCreative Commons site.
\nIf you disagree or would like to weigh in please discuss this on the\nmail list.
\n',30,0,0,'CC-BY-SA','CreativeCommons, CC-BY-SA, ChatGPT, HPR, CC',0,0,1),
-(3984,'2023-11-09','Whoppers. How Archer72 and I made moonshine. Volume one.',1730,'Sgoti assists Archer72 with his crazy plan to make moonshine.','What is a whopper?
\nan\nextravagant or monstrous lie
\na\nbig lie
\n
\nA work of Fiction\nis any creative work, chiefly any narrative work, portraying\nindividuals, events, or places that are imaginary or in ways that are\nimaginary.
\n
\n\n- Source: Moonshine is\nhigh-proof liquor, generally whiskey, traditionally made, or at least\ndistributed, illegally.
\n \n- Supporting Source: busthead\n(bust-head). noun. Cheap, strong liquor, usually of the illegal\nvariety. Moonshine. Hooch. Poteen. Pop-skull. Bumblings. The origin is\nobvious to anyone who’s hit the busthead a little hard themselves.
\n \n
\nThe Bureau of Alcohol, Tobacco, Firearms and Explosives (BATFE),\ncommonly referred to as the ATF, is a domestic law enforcement agency\nwithin the United States Department of Justice.
\n
\n\n- Source: Archer72
\n \n- Source: Mechatroniac
\n \n- Source: Klaatu
\n \n- Source: Zen_Floater2
\n \n
\n',391,0,1,'CC-BY-SA','Whoppers, Moonshine, Archer72',0,0,0);
+(3984,'2023-11-09','Whoppers. How Archer72 and I made moonshine. Volume one.',1730,'Sgoti assists Archer72 with his crazy plan to make moonshine.','What is a whopper?
\nan\nextravagant or monstrous lie
\na\nbig lie
\n
\nA work of Fiction\nis any creative work, chiefly any narrative work, portraying\nindividuals, events, or places that are imaginary or in ways that are\nimaginary.
\n
\n\n- Source: Moonshine is\nhigh-proof liquor, generally whiskey, traditionally made, or at least\ndistributed, illegally.
\n \n- Supporting Source: busthead\n(bust-head). noun. Cheap, strong liquor, usually of the illegal\nvariety. Moonshine. Hooch. Poteen. Pop-skull. Bumblings. The origin is\nobvious to anyone who’s hit the busthead a little hard themselves.
\n \n
\nThe Bureau of Alcohol, Tobacco, Firearms and Explosives (BATFE),\ncommonly referred to as the ATF, is a domestic law enforcement agency\nwithin the United States Department of Justice.
\n
\n\n- Source: Archer72
\n \n- Source: Mechatroniac
\n \n- Source: Klaatu
\n \n- Source: Zen_Floater2
\n \n
\n',391,0,1,'CC-BY-SA','Whoppers, Moonshine, Archer72',0,0,1),
+(3985,'2023-11-10','Bash snippet - be careful when feeding data to loops',1644,'A loop in a pipeline runs in a subshell','\nOverview
\nRecently Ken Fallon did a show on HPR, number\n3962, in which he used a Bash\npipeline of multiple commands feeding their output into a\nwhile loop. In the loop he processed the lines produced by\nthe pipeline and used what he found to download audio files belonging to\na series with wget.
\nThis was a great show and contained some excellent advice, but the\nuse of the format:
\npipeline | while read variable; do ...
\nreminded me of the \"gotcha\" I mentioned in my own show\n2699.
\nI thought it might be a good time to revisit this subject.
\nSo, what\'s the problem?
\nThe problem can be summarised as a side effect of pipelines.
\nWhat are pipelines?
\nPipelines are an amazingly useful feature of Bash (and other shells).\nThe general format is:
\ncommand1 | command2 ...
\nHere command1 runs in a subshell and produces output (on\nits standard output) which is connected via the pipe symbol\n(|) to command2 where it becomes its\nstandard input. Many commands can be linked together in this\nway to achieve some powerful combined effects.
\nA very simple example of a pipeline might be:
\n$ printf 'World\nHello\n' | sort\nHello\nWorld
\nThe printf command (≡\'command1\') writes two\nlines (separated by newlines) on standard output and this is\npassed to the sort command\'s standard input\n(≡\'command2\') which then sorts these lines\nalphabetically.
\nCommands in the pipeline can be more complex than this, and in the\ncase we are discussing we can include a loop command such as\nwhile.
\nFor example:
\n$ printf 'World\nHello\n' | sort | while read line; do echo "($line)"; done\n(Hello)\n(World)
\nHere, each line output by the sort command is read into\nthe variable line in the while loop and is\nwritten out enclosed in parentheses.
\nNote that the loop is written on one line. The semi-colons are used\ninstead of the equivalent newlines.
\nVariables and subshells
\nWhat if the lines output by the loop need to be numbered?
\n$ i=0; printf 'World\nHello\n' | sort | while read line; do ((i++)); echo "$i) $line"; done\n1) Hello\n2) World
\nHere the variable \'i\' is set to zero before the\npipeline. It could have been done on the line before of course. In the\nwhile loop the variable is incremented on each iteration\nand included in the output.
\nYou might expect \'i\' to be 2 once the loop exits but it\nis not. It will be zero in fact.
\nThe reason is that there are two \'i\' variables. One is\ncreated when it\'s set to zero at the start before the pipeline. The\nother one is created in the loop as a \"clone\". The expression:
\n((i++))
\nboth creates the variable (where it is a copy of the one in the\nparent shell) and increments it.
\nWhen the subshell in which the loop runs completes, it will delete\nthis version of \'i\' and the original one will simply\ncontain the zero that it was originally set to.
\nYou can see what happens in this slightly different example:
\n$ i=1; printf 'World\nHello\n' | sort | while read line; do ((i++)); echo "$i) $line"; done\n2) Hello\n3) World\n$ echo $i\n1
\nThese examples are fine, assuming the contents of variable\n\'i\' incremented in the loop are not needed outside it.
\nThe thing to remember is that the same variable name used in a\nsubshell is a different variable; it is initialised with the value of\nthe \"parent\" variable but any changes are not passed back.
\nHow to avoid the\nloss of changes in the loop
\nTo solve this the loop needs to be run in the original shell, not a\nsubshell. The pipeline which is being read needs to be attached to the\nloop in a different way:
\n$ i=0; while read line; do ((i++)); echo "$i) $line"; done < <(printf 'World\nHello\n' | sort)\n1) Hello\n2) World\n$ echo $i\n2
\nWhat is being used here is process\nsubstitution. A list of commands or pipelines are enclosed with\nparentheses and a \'less than\' sign prepended to the list\n(with no intervening spaces). This is functionally equivalent to a\n(temporary) file of data.
\nThe redirection feature allows for data being read from a\nfile in a loop. The general format of the command is:
\nwhile read variable\n do\n # Use the variable\n done < file
\nUsing process substitution instead of a file will achieve what is\nrequired if computations are being done in the loop and the results are\nwanted after it has finished.
\nBeware of this type of\nconstruct
\nThe following one-line command sequence looks similar to the version\nusing process substitution, but is just another form of pipeline:
\n$ i=0; while read line; do echo $line; ((i++)); done < /etc/passwd | head -n 5; echo $i\nroot:x:0:0:root:/root:/bin/bash\ndaemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin\nbin:x:2:2:bin:/bin:/usr/sbin/nologin\nsys:x:3:3:sys:/dev:/usr/sbin/nologin\nsync:x:4:65534:sync:/bin:/bin/sync\n0
\nThis will display the first 5 lines of the file but does it by\nreading and writing the entire file and only showing the first 5 lines\nof what is written by the loop.
\nWhat is more, because the while is in a subshell in a\npipeline changes to variable \'i\' will be lost.
\nAdvice
\n\nUse the pipe-connected-to-loop layout if you\'re aware of\nthe pitfalls, but will not be affected by them.
Use the read-from-process-substitution format if you\nwant your loop to be complex and to read and write variables in the\nscript.
Personally, I always use the second form in scripts, but if I\'m\nwriting a temporary one-line thing on the command line I usually use the\nfirst form.
\nTracing pipelines (advanced)
\nI have always wondered about processes in Unix. The process you log\nin to, normally called a shell runs a command language\ninterpreter that executes commands read from the standard input or\nfrom a file. There are several such interpreters available, but we\'re\ndealing with bash here.
\nProcesses are fairly lightweight entities in Unix/Linux. They can be\ncreated and destroyed quickly, with minimal overhead. I used to work\nwith Digital Equipment Corporation\'s OpenVMS operating system\nwhich also uses processes - but these are much more expensive to create\nand destroy, and therefore slow and less readily used!
\nBash pipelines, as discussed, use subshells. The description\nin the Bash man page says:
\n\nEach command in a multi-command pipeline, where pipes are created, is\nexecuted in a subshell, which is a separate process.
\n
\nSo a subshell in this context is basically another child\nprocess of the main login process (or other parent process), running\nBash.
\nProcesses (subshells) can be created in other ways. One is to place a\ncollection of commands in parentheses. These can be simple Bash\ncommands, separated by semi-colons, or pipelines. For example:
\n$ (echo "World"; echo "Hello") | sort\nHello\nWorld
\nHere the strings \"World\" and \"Hello\", each\nfollowed by a newline are created in a subshell and written to standard\noutput. These strings are piped to sort and the end result\nis as shown.
\nNote that this is different from this example:
\n$ echo "World"; echo "Hello" | sort\nWorld\nHello
\nIn this case \"World\" is written in a separate command,\nthen \"Hello\" is written to a pipeline. All\nsort sees is the output from the second echo,\nwhich explains the output.
\nEach process has a unique numeric id value (the process id\nor PID). These can be seen with tools like ps or\nhtop. Each process holds its own PID in a Bash variable\ncalled BASHPID.
\nKnowing all of this I decided to modify Ken\'s script from show\n3962 to show the processes being created - mainly for my interest,\nto get a better understanding of how Bash works. I am including it here\nin case it may be of interest to others.
\n#!/bin/bash\n\nseries_url="https://hackerpublicradio.org/hpr_mp3_rss.php?series=42&full=1&gomax=1"\ndownload_dir="./"\n\npidfile="/tmp/hpr3962.sh.out"\ncount=0\n\necho "Starting PID is $BASHPID" > $pidfile\n\n(echo "[1] $BASHPID" >> "$pidfile"; wget -q "${series_url}" -O -) |\\n (echo "[2] $BASHPID" >> "$pidfile"; xmlstarlet sel -T -t -m 'rss/channel/item' -v 'concat(enclosure/@url, "→", title)' -n -) |\\n (echo "[3] $BASHPID" >> "$pidfile"; sort) |\\n while read -r episode; do\n\n [ $count -le 1 ] && echo "[4] $BASHPID" >> "$pidfile"\n ((count++))\n\n url="$( echo "${episode}" | awk -F '→' '{print $1}' )"\n ext="$( basename "${url}" )"\n title="$( echo "${episode}" | awk -F '→' '{print $2}' | sed -e 's/[^A-Za-z0-9]/_/g' )"\n #wget "${url}" -O "${download_dir}/${title}.${ext}"\n done\n\necho "Final value of \$count = $count"\necho "Run 'cat $pidfile' to see the PID numbers"
\nThe point of doing this is to get information about the pipeline\nwhich feeds data into the while loop. I kept the rest\nintact but commented out the wget command.
\nFor each component of the pipeline I added an echo\ncommand and enclosed it and the original command in parentheses, thus\nmaking a multi-command process. The echo commands write a\nfixed number so you can tell which one is being executed, and it also\nwrites the contents of BASHPID.
\nThe whole thing writes to a temporary file\n/tmp/hpr3962.sh.out which can be examined once the script\nhas finished.
\nWhen the script is run it writes the following:
\n$ ./hpr3962.sh\nFinal value of $count = 0\nRun 'cat /tmp/hpr3962.sh.out' to see the PID numbers
\nThe file mentioned contains:
\nStarting PID is 80255\n[1] 80256\n[2] 80257\n[3] 80258\n[4] 80259\n[4] 80259
\nNote that the PID values are incremental. There is no guarantee that\nthis will be so. It will depend on whatever else the machine is\ndoing.
\nMessage number 4 is the same for every loop iteration, so I stopped\nit being written after two instances.
\nThe initial PID is the process running the script, not the login\n(parent) PID. You can see that each command in the pipeline runs in a\nseparate process (subshell), including the loop.
\nGiven that a standard pipeline generates a process per command, I was\nslightly surprised that the PID numbers were consecutive. It seems that\nBash optimises things so that only one process is run for each element\nof the pipe. I expect that it would be possible for more processes to be\ncreated by having pipelines within these parenthesised lists, but I\nhaven\'t tried it!
\nI found this test script quite revealing. I hope you find it useful\ntoo.
\nLinks
\n\n- Bash pipelines:\n
\n- GNU\nBash manual: 3.2.3 Pipelines
\n
\n
\n\n- Bash loops:\n
\n- GNU\nBash manual: 3.2.5.1 Looping Constructs
\n
\n
\n\n- Bash process substitution:\n
\n- GNU\nBash manual: 3.5.6 Process Substitution
\n
\n
\n\n- HPR shows referenced:\n
\n- hpr2045 ::\nSome other Bash tips
\n- hpr2699 ::\nBash Tips - 15
\n- hpr3962 ::\nIt\'s your data
\n
\n
\n\n',225,42,1,'CC-BY-SA','Bash,loop,process,shell',0,0,1);
/*!40000 ALTER TABLE `eps` ENABLE KEYS */;
UNLOCK TABLES;
@@ -21378,4 +21391,4 @@ UNLOCK TABLES;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
--- Dump completed on 2023-11-01 12:49:06
+-- Dump completed on 2023-11-02 8:26:55
![\"Figure](\"https://hackerpublicradio.org/eps/hpr3707/fig1trash.jpg\")
![\"Figure](\"https://hackerpublicradio.org/eps/hpr3707/fig2close.jpg\")
![\"Figure](\"https://hackerpublicradio.org/eps/hpr3707/fig3screen.jpg\")
![\"Figure](\"https://hackerpublicradio.org/eps/hpr3707/fig4gets.jpg\")
![\"Figure](\"https://hackerpublicradio.org/eps/hpr3707/fig5iron.jpg\")
![\"Figure](\"https://hackerpublicradio.org/eps/hpr3707/fig6compare.jpg\")
![\"Main](\"https://hackerpublicradio.org/eps/hpr3724/main_sm.png\"\ntitle=\"Main)
![\"\"](\"/eps/hpr3725/01.jpeg\")
![\"\"](\"/eps/hpr3725/02.jpeg\")
![\"\"](\"/eps/hpr3725/03.jpeg\")
![\"\"](\"/eps/hpr3725/04.jpeg\")
![\"\"](\"/eps/hpr3725/05.jpeg\")
![\"Creative](\"https://i.creativecommons.org/l/by-sa/4.0/88x31.png\")
![Encoding vs Decoding](\"https://s3-us-west-2.amazonaws.com/courses-images/wp-content/uploads/sites/4052/2019/04/08194049/CommunicationProcessModel1.jpg\"){kind=link}