Matthew's Journal

In walking our dog L. we occasionally meet other friendly dogs. It has been interesting for me to observe that many dogs appear to know the rules of a game. Each round has them bring their faces near to each other and pause (tail probably wagging) then they both dart apart and run around or chase a bit before starting the next round. It appears to be very good fun.

1. Summarising the last few days in American politics

(tags:USA politics EpicWTF republicans )

2. UK — High Court to lawyers: cut the ChatGPT or else

(tags:UK law ai )

3. After Pornhub left France, Proton VPN saw a 1,000% surge in minutes

(tags:VPN censorship porn France )

4. Reform UK doesn't know how government spending works

(tags:UK bureaucracy politics )

Having been made redundant from my fully remote job, I am starting a new job that has me on-site in Edinburgh twice per week. In looking into how to make this a cost-effective habit, first I thought of railcards but there don't seem to be any that apply. Fortunately, there are flexi ticket bundles that are useful for people taking a few trips within a longer period, which seem to be the best option.

Among the flexible tickets, the two obvious kinds appear to be from ScotRail which would cost me around £22 per day and allow me to travel on all the relevant trains, and from CrossCountry which for around £15 per day allow me to travel on only their trains which are the minority, only a couple of plausible ones each day either way. We need to save money where we can but the latter option has me arriving back into Glasgow at 21.22 at the earliest.

I didn't discover the cheaper option until after I had bought the other, at least for the initial period. After I learn more about the peak-time trains and the culture in the office, I can look into limiting which trains I may take. Perhaps a couple of longer workdays each week will make sense.

Having transcribed the timetable into LibreOffice Calc and tried some sorts, it seems to me that Central Station has those couple of useful CrossCountry trains which take at least an hour, plus some ScotRail services that take rather longer still. Queen Street station is further from me on foot, easy by subway though, and offers only ScotRail services that run frequently and take less than an hour but are anecdotally rather busy.

https://dotat.at/@/2025-06-08-floats.html

A couple of years ago I wrote about random floating point numbers. In that article I was mainly concerned about how neat the code is, and I didn't pay attention to its performance.

Recently, a comment from Oliver Hunt and a blog post from Alisa Sireneva prompted me to wonder if I made an unwarranted assumption. So I wrote a little benchmark, which you can find in pcg-dxsm.git.

( Read more... )

1. goslings! (Canadian; one still very yellow and fluffy, several more rather larger.)
2. SNAILS. so many excellent snails. we went out on a couple of stupid little walks and saw MANY snails.
3. ate the last of my birthday cake, with discounted raspberries courtesy of one of said stupid little walks. <3
4. the post brought Several more books for me (two pain-related, ...some cookery) and I am very pleased with them. particularly looking forward to warm bread and honey cake, though given that I've still not actually read Salt Fat Acid Heat I don't rate my chances of getting to it any time soon...
5. current borrowed-on-a-whim-from-the-library book: Adventures in Stationery, James Ward. First chapter was paperclips; current chapter is a whistlestop tour of The History Of The Pen, including a much more loving biography of the BIC Cristal than I am normally exposed to via fountain pen fandom!

My brother Mike got me this for my birthday, and it just takes a weight off my mind being able to say "bring the steam temperature up to 95 degrees and hold it there"

(Control over oil temperature when frying eggs is also awesome.)
Original is here on Pixelfed.scot.

1. "Free Roam" mode is Mario Kart World's killer app

(tags:Mario nintendo games driving )

2. Low-calorie diets make you depressed

(tags:diet mentalhealth depression )

3. "I serve school dinners at state schools and private schools - here's the difference"

(tags:food money school england )

4. Robots are coming for mail-sorting jobs

(tags:robots video viaKenny )

5. Well, CAN You Prove You're a US Citizen?

(tags:usa citizenship )

6. Women warned weight-loss jabs may affect contraception

(tags:drugs contraception weight )

I'm playing an ice hockey game tonight in Cambridge, a charity fundraiser between Warbirds and Tri-Base Lightning. But until then I have a strangely unscheduled day. I might sleep or read or something.

I could post about what I've been up to lately!

Work:

• spoke on a panel about effective 1:1s, it seemed to go well
• played my usual Senior Tech Woman role for a colleague's recruitment panel, and am happy that our preferred candidate has apparently just accepted. (a frustrating number of timewasting applicants more or less obviously using LLMs to write their applications and generate their free-text statements on suitability for the role; I really resent having to wade through paragraphs of verbose buzzword bilge to ... fail to find any evidence they actually know how to do the job)

Hockey:

• KODIAKS WON PLAYOFFS on the bank holiday weekend oh yes they did. So proud of the players, and definitely earned my share of reflected glory managing the team this season and running around half the weekend. League winners, Cup winners, Playoff winners, promotion to Division 1 next season, utter delight.
• Very much an Insufficient Sleep weekend, we topped off the playoff win with a night out in Sheffield, I got back to my hotel as the sky was getting light, good times.
• Kodiaks awards evening last night: lots of celebration of the hard work and lovely camaraderie of this group of players, A and B teams both. I got to announce and hand out the B team awards, and I received a really nice pair of gifts for me as manager: a canvas print of a post-final winners photo, and a personalised insulated travel mug (club logo and MANAGER on it). I love this team.
• I'm still enjoying also playing with Warbirds, and have now been to a few summer Friday scrimmages run by Tri-Base. I went to a couple of Friday scrims at the end of last summer and felt everyone was very kind but I was pretty outclassed. I'm pleased to feel like I'm keeping up a bit better now after training a lot harder this last season.
• I trained three days in a row this week (Warbirds Monday, Haringey Greyhounds tryouts in Alexandra Palace on Tuesday, Kodiaks Wednesday) and that was Too Much and I was pretty sore Wednesday evening and Thursday. Rest days are important even if I am much improved in fitness compared to this time last year.

Other:

• I did a formal hall at my old College! Using my alumna rights and having a nice evening hanging out with old friends (who were the ones to suggest the plan). Good times, will do again but probably not this term.
• I had an excessive number of books out from Suffolk libraries that needed returning, so I did a flying visit to Newmarket by bus last Saturday, this turned out to be the cheapest/quickest way across the county border. I managed to stick to my resolution not to borrow any more physical books but slipped and fell on the "withdrawn books for sale" stand. Managed to only come home with four.
• I did a little indoor cricket the Friday before playoffs (it's now finished due to exam period), and some nets practice last Sunday, but I keep being too busy to actually play any of my team's games. I'd like to do more nets practice though, that was intense but also felt like I was beginning to improve.
• I did a little table tennis with Active Staff but that's also now suspended for exams. I'm considering getting a cheap set of bats and balls for me and the family to go use at the local rec ground, or in the free indoor tables at the Grafton Centre.

Coming up: my summer is full of ice hockey camps and tournaments (Prague, Hull, Sheffield, Biarritz) and my old club Streatham have just announced all their summer training sessions will be "Summer Skills Camps" open to all interested WNIHL players, so I'm looking at going to London regularly again in July and August.

A significant part of the problem is that we only start saying "all pain is in the brain" (or "the tissue isn't the issue" or whatever) to people with complex or chronic pain.

And there's a good reason for that! It's the same reason that I need to have a much more detailed idea of the fine detail of what an atom is and how it behaves than the vast majority of the population, for whom the Bohr model is perfectly adequate!

... and we need to explain that, we need to explain why we don't tell people with simple acute pain that All Pain Is In The Brain -- it's not because it's any less true for them, it's just that for most people most of the time they don't need to worry about that level of detail. But if you don't explain that, it sure do sound a lot like "your pain isn't real (unlike those people over there)".

Lies-to-children. That. That thing. That's a thing I need to explain.

I spent the day feeling bad for lacking focus, and wondering why I couldn't get anything done.
And then I slept for an hour on no notice.
And now I'm very wobbly and all of my muscles gently ache.
So I think I'm going to chalk it up as "The Plague" and hope I feel better tomorrow.

I see we're back at the "Labour attempt to introduce a mandatory ID card" stage of history*.

My feeling last time, was that the main problem that they always have is that they *start* with the cards being mandatory.

If you start with "Here is a thing that makes your life much easier, that you can carry about if you like." then that will get you 85% of the way there. And then, once you have a voluntary ID card that's not causing any problems for anyone, and that 85% of the population is using to make their life easier, *then* you move in and say "The only people who don't carry an ID card are weirdos and troublemakers, and they're causing friction in the system, we could make it all run more smoothly if only they *had* to carry one."

But no, they always try to go instantly from "Nobody has an ID card." to "Everyone must carry one at all times." - which forms a coalition of all sorts of people from across the political spectrum, and ends up being far more politically costly to them than if they'd just boiled their frog slowly.

(None of which should be taken as me taking a position on ID cards. I'm just constantly bemused by their inability to get things done by trying to rush them through in the most authoritarian manner possible.)

*Younger readers may not remember the fuss in 2006 (repealed in 2011)

1. First case on AI and copyright referred to the CJEU

(tags:europe law copyright ai )

2. Therapy Chatbot Tells Recovering Addict to Have a Little Meth as a Treat

(tags:ai drugs )

3. What it's like being made responsible for the behaviour of Conservative MPs

(tags:Conservatives chaos politics UK )

4. Reform leads in voting intentions - but where does their vote come from?

(tags:voting polls uk politics )

5. The Universal Tech Tree

(tags:Technology history visualisation )

1. On Tuesday, I picked a kohlrabi. The stem itself got eaten at the plot; the leaves I brought home to cook and eat subsequently rather than compost them. I stuck them in a glass of water to keep them going while I work out what exactly it is I want to do, and -- they are stunning. I am enjoying them so much every time I go past them: dark blue-tinged green leaves, pink-purple stems and veins (the cultivar is Azur; I do not currently have photos but will attempt to get my act together tomorrow.)
2. I have four spikes of ginger, one thoroughly unfurled into leaves, and at least one more thinking hard about it. I do not expect to wind up self-sufficient in ginger but I am very much enjoying the experiment.
3. a word you've never understood (Prophet, 9k words). I did not read it all in one gulp -- I paused to take notes -- and I'm now on my second read through, which could in theory be more of a gulp but mysteriously I seem to be taking more notes and also remembering that I wanted to shake the internet for more information about the experience termed "aftersensations", for Book Purposes. (Also I think I've lured another person into at least starting the book...)
4. Asparagus for lunch! Still in season; still delicious.
5. My house once again contains Large Quantities of hazelnuts and pecans. I Monch.

As I wrote in my last post, Twitter's new encrypted DM infrastructure is pretty awful. But the amount of work required to make it somewhat better isn't large.

When Juicebox is used with HSMs, it supports encrypting the communication between the client and the backend. This is handled by generating a unique keypair for each HSM. The public key is provided to the client, while the private key remains within the HSM. Even if you can see the traffic sent to the HSM, it's encrypted using the Noise protocol and so the user's encrypted secret data can't be retrieved.

But this is only useful if you know that the public key corresponds to a private key in the HSM! Right now there's no way to know this, but there's worse - the client doesn't have the public key built into it, it's supplied as a response to an API request made to Twitter's servers. Even if the current keys are associated with the HSMs, Twitter could swap them out with ones that aren't, terminate the encrypted connection at their endpoint, and then fake your query to the HSM and get the encrypted data that way. Worse, this could be done for specific targeted users, without any indication to the user that this has happened, making it almost impossible to detect in general.

This is at least partially fixable. Twitter could prove to a third party that their Juicebox keys were generated in an HSM, and the key material could be moved into clients. This makes attacking individual users more difficult (the backdoor code would need to be shipped in the public client), but can't easily help with the website version[1] even if a framework exists to analyse the clients and verify that the correct public keys are in use.

It's still worse than Signal. Use Signal.

[1] Since they could still just serve backdoored Javascript to specific users. This is, unfortunately, kind of an inherent problem when it comes to web-based clients - we don't have good frameworks to detect whether the site itself is malicious.

Hm. I'm still not sure about writing `2.` but if you have to use floats then I think I came around to preferring to write `2.0` over writing `2`.

Posted by Simon Tatham

https://www.chiark.greenend.org.uk/~sgtatham/quasiblog/parsing/

A collection of semi-connected rants about context-free grammars, parser generators, and the ways in which they aren’t quite as useful as I’d like them to be.

https://www.chiark.greenend.org.uk/~sgtatham/quasiblog/parsing/

(Edit: Twitter could improve this significantly with very few changes - I wrote about that here. It's unclear why they'd launch without doing that, since it entirely defeats the point of using HSMs)

When Twitter[1] launched encrypted DMs a couple
of years ago, it was the worst kind of end-to-end
encrypted - technically e2ee, but in a way that made it relatively easy for Twitter to inject new encryption keys and get everyone's messages anyway. It was also lacking a whole bunch of features such as "sending pictures", so the entire thing was largely a waste of time. But a couple of days ago, Elon announced the arrival of "XChat", a new encrypted message platform built on Rust with (Bitcoin style) encryption, whole new architecture. Maybe this time they've got it right?

tl;dr - no. Use Signal. Twitter can probably obtain your private keys, and admit that they can MITM you and have full access to your metadata.

The new approach is pretty similar to the old one in that it's based on pretty straightforward and well tested cryptographic primitives, but merely using good cryptography doesn't mean you end up with a good solution. This time they've pivoted away from using the underlying cryptographic primitives directly and into higher level abstractions, which is probably a good thing. They're using Libsodium's boxes for message encryption, which is, well, fine? It doesn't offer forward secrecy (if someone's private key is leaked then all existing messages can be decrypted) so it's a long way from the state of the art for a messaging client (Signal's had forward secrecy for over a decade!), but it's not inherently broken or anything. It is, however, written in C, not Rust[2].

That's about the extent of the good news. Twitter's old implementation involved clients generating keypairs and pushing the public key to Twitter. Each client (a physical device or a browser instance) had its own private key, and messages were simply encrypted to every public key associated with an account. This meant that new devices couldn't decrypt old messages, and also meant there was a maximum number of supported devices and terrible scaling issues and it was pretty bad. The new approach generates a keypair and then stores the private key using the Juicebox protocol. Other devices can then retrieve the private key.

Doesn't this mean Twitter has the private key? Well, no. There's a PIN involved, and the PIN is used to generate an encryption key. The stored copy of the private key is encrypted with that key, so if you don't know the PIN you can't decrypt the key. So we brute force the PIN, right? Juicebox actually protects against that - before the backend will hand over the encrypted key, you have to prove knowledge of the PIN to it (this is done in a clever way that doesn't directly reveal the PIN to the backend). If you ask for the key too many times while providing the wrong PIN, access is locked down.

But this is true only if the Juicebox backend is trustworthy. If the backend is controlled by someone untrustworthy[3] then they're going to be able to obtain the encrypted key material (even if it's in an HSM, they can simply watch what comes out of the HSM when the user authenticates if there's no validation of the HSM's keys). And now all they need is the PIN. Turning the PIN into an encryption key is done using the Argon2id key derivation function, using 32 iterations and a memory cost of 16MB (the Juicebox white paper says 16KB, but (a) that's laughably small and (b) the code says 16 * 1024 in an argument that takes kilobytes), which makes it computationally and moderately memory expensive to generate the encryption key used to decrypt the private key. How expensive? Well, on my (not very fast) laptop, that takes less than 0.2 seconds. How many attempts to I need to crack the PIN? Twitter's chosen to fix that to 4 digits, so a maximum of 10,000. You aren't going to need many machines running in parallel to bring this down to a very small amount of time, at which point private keys can, to a first approximation, be extracted at will.

Juicebox attempts to defend against this by supporting sharding your key over multiple backends, and only requiring a subset of those to recover the original. I can't find any evidence that Twitter's does seem to be making use of this,Twitter uses three backends and requires data from at least two, but all the backends used are under x.com so are presumably under Twitter's direct control. Trusting the keystore without needing to trust whoever's hosting it requires a trustworthy communications mechanism between the client and the keystore. If the device you're talking to can prove that it's an HSM that implements the attempt limiting protocol and has no other mechanism to export the data, this can be made to work. Signal makes use of something along these lines using Intel SGX for contact list and settings storage and recovery, and Google and Apple also have documentation about how they handle this in ways that make it difficult for them to obtain backed up key material. Twitter has no documentation of this, and as far as I can tell does nothing to prove that the backend is in any way trustworthy. (Edit to add: The Juicebox API does support authenticated communication between the client and the HSM, but that relies on you having some way to prove that the public key you're presented with corresponds to a private key that only exists in the HSM. Twitter gives you the public key whenever you communicate with them, so even if they've implemented this properly you can't prove they haven't made up a new key and MITMed you the next time you retrieve your key)

On the plus side, Juicebox is written in Rust, so Elon's not 100% wrong. Just mostly wrong.

But ok, at least you've got viable end-to-end encryption even if someone can put in some (not all that much, really) effort to obtain your private key and render it all pointless? Actually no, since you're still relying on the Twitter server to give you the public key of the other party and there's no out of band mechanism to do that or verify the authenticity of that public key at present. Twitter can simply give you a public key where they control the private key, decrypt the message, and then reencrypt it with the intended recipient's key and pass it on. The support page makes it clear that this is a known shortcoming and that it'll be fixed at some point, but they said that about the original encrypted DM support and it never was, so that's probably dependent on whether Elon gets distracted by something else again. And the server knows who and when you're messaging even if they haven't bothered to break your private key, so there's a lot of metadata leakage.

Signal doesn't have these shortcomings. Use Signal.

[1] I'll respect their name change once Elon respects his daughter

[2] There are implementations written in Rust, but Twitter's using the C one with these JNI bindings

[3] Or someone nominally trustworthy but who's been compelled to act against your interests - even if Elon were absolutely committed to protecting all his users, his overarching goals for Twitter require him to have legal presence in multiple jurisdictions that are not necessarily above placing employees in physical danger if there's a perception that they could obtain someone's encryption keys

1. Craftlings - Lemmings meets Settlers meets Terraria

(tags:games video trailer )

2. Autonomous drone from TU Delft defeats human champions in historic racing first

(tags:automation drone ai race )

3. What are people doing right now?

(tags:people humans visualisation viaLinkMachineGo )

Picture me: sat on the sofa, opposite the French doors, vaguely paying attention to what was going on at the bird feeder, mildly amused by the extremely ungainly magpie.

The magpie that inspected the water bowl (that someone had thrown off its stand) and the feeder (that was empty) and the me (on the sofa) and Came To A Decision.

It did a tiny hop-skip-flap over and landed, very deliberately, on the workbench just the other side of the glass. It turned its head from side to side to get a good look at me from both eyes.

And then, having glared at me, it started yelling.

And kept yelling until I was up off the sofa and clearly heading for the door, whereupon it retreated to a safe distance, i.e. the garage rooves, and Continued Observing.

I sorted out the water dish. I got the crates of Misc Birdseed out of their cupboard. I sorted out the feeder. I sorted out the other feeder.

I went back inside.

Some time elapsed.

Eventually I got sufficiently puzzled about why the magpie hadn't come back yet to actually notice that I'd left the crates of seed out, and their cupboard door open.

I heaved myself back off the sofa.

I returned the seeds to their cupboard, and shut the cupboard's door. I returned myself to the sofa, shutting the patio door behind me.

Not terribly long after that, the magpie returned, and drank, and nibbled suspiciously (I had changed which food was in which feeder position), and appeared satisfied at least to the extent of not yelling any further...

... right up until the squirrel showed up to claim a portion of the restock.

I am absolutely delighted to have made this neighbour's acquaintance.

1. Microsoft will make Windows use your selected browser for searches. But only in the EU. Because they're dicks.

(tags:Microsoft OhForFucksSake regulation Europe )

2. Voters In Labour-Reform Battleground Seats More Likely To Rely On Disability Benefits

(tags:welfare inequality disability politics uk )