Rowan Thorpe

Thanks, that’s good to know, but for raw-writing a bootable image to a device do you (or anyone reading) know if there are also straightforward powershell commands for mapping devices at the block level? (as opposed to mounting at filesystem level)

The article at the end mentions they suggest dd as alternative for MacOS (due to Unix user space). It seems the balena -> rufus decision is about the easiest-onramp Mac+Win-portable option, for those uncomfortable dropping to low-level device-writing CLI tools in their current system.

Side-note: Last time I was on a friend’s Windows I installed dd simply enough both as mingw-w64 (native compiled) and under Cygwin. So for Windows users who are comfortable using dd it only requires a minor step. When I once used WSL devices were accessible too, but that was WSL1 (containerized), whereas WSL2 (virtualized) probably makes device-mapping complex(?) enough to not be worth it there.

If you haven’t already seen the talk recently given at the Chaos Computer Club’s “Hacker Hotel” named “How Thermonuclear fusion works, free energy without waste”, I highly recommend it. https://libranet.de/display/0b6b25a8-ff152736-e38872dd7aed088e

they choose their business model, I choose my customer model.

Ooh, this is very pithy. I like it. I will use it.

I did a similar but more generalised thing since long ago, when I got my first pager (pre-mobile) in '95. I made myself a solemn promise that I would gratuitously and unapologetically use silent-mode, DnD, etc (including more recently auto-DnD every late-afternoon-to-mid-morning, even on weekends, when it became a thing) to live an almost exclusively asynchronous life. I almost never answer direct phone-calls too, often even for many of the recognised numbers. My modus operandi is this:

If it’s a real emergency a call might be unavoidable, but if it’s just typical-urgent it could be an SMS (key part of that acronym is Short) which I would see relatively soon. Alternatively a sensitive/private urgent requirement could be fulfilled via Signal. Otherwise email (pgp-encrypted if it has to be private) which I usually catch up with every day or two. Also I disable all non-critical realtime app-notifications entirely. Additionally whenever someone calls/emails me with an “opportunity” requiring “immediate response because they need a confirmation by yesterday!!!1” I know that means the work is going to be like that too (absent time-management or time-discipline, bouncing between crises in parallel) so my go-to response is along the lines of “Thanks, but such a shame it’s so last-minute - it would be impossible for me to properly consider this against the rest of my schedule and decide responsibly whether I could do it. I hope you find someone.”

I didn’t choose that for the sake of being antisocial, I chose it because I felt that “flow state” and “focus-retention while tackling complex problems” are extremely precious resources, and also increasingly rare. Most (not all) of the time if you don’t push back to protect that then others won’t voluntarily protect yours for you, because a lot of people only respect their own time, mental-bandwidth and priorities, and not those of others. I found that batching tasks together to grind through them in bulk without interruption is not only useful at work, but in most of the mundane/administrative parts of life too, because it minimizes the destructive effect of context-switching.

I discovered a very astute validation of this in an essay by Paul Graham “Maker’s Schedule, Manager’s Schedule” https://www.paulgraham.com/makersschedule.html

AKA “Disaster Capitalism”

Just like the playbook against NHS in UK:

“NHS doesn’t work, it must be privatised (and contracted out to companies owned by my friends)!!”

/proceeds to starve funds and undermine NHS at every turn

“See?! I told ya it doesn’t work” 🥴

Most of Facebook runs on Linux.

I long ago stopped getting caught up in “that discussion” about recent trends despite a stream of people lobbing leading questions to get the ball rolling. Because I also try to not do so more rudely than necessary, I have developed several diplomatically worded (or at least ambiguous enough to float opaquely off to the side of the offense spectrum) ways of essentially saying the following: The simplest and cheapest way of [A] learning the “computer science” end of software is by becoming proficient in Lisp, [B] learning the “engineering” end of software by becoming proficient in Forth, [C] learning how “busywork” is a dangerous and demoralising thing to confuse with “actual work” by maintaining some Java code, [D] learning how insidious and self-sabotaging “expert beginner syndrome” is by reading a lot of the relevent code-reviews and blogposts when maintaining Javascript & Python projects, [E] learning how mob-mentality and populism can lead to selective blindness and architectural stubbornness by working with large volumes of C & C++ code, [F] learning how it is all really abstraction-layers over something akin to an old-shool phone switchboard by working with Assembler, [G] learning how the only work with longevity is that which stands on the shoulders of giants by using Fortran libraries, [H] learning how the mere act of developing using languages with baked-in discipline can be inherently educational by using DbC/TDD/BDD/dependent-type/formally-verifying/etc based languages (SPARK-Ada, Haskell, Eiffel, ACL2, Rust, etc), and then [I] learning how - after a certain level of experience - the languages, frameworks, and tools become less important than the engineers’s mindset and the work that happens both before and after the fingers hit the keyboard…by finding semi-performant techniques for implementing masochistic things like a VM and a network stack in Bash script (as hobby tasks, not for real use). If they are coming from a more hands-on/hardware background I also recommend [J] how eye-opening it is to maintain your own customized LibreCMC image flashed onto an open router (the older/smaller the HW the better, because you have to be increasingly creative with your kernel & OS configs), and [K] how educational it is getting a RISC-V working on an FPGA. I top it off by saying that [L] despite coding on-and-off since my start with z80 assembler on an Amstrad in the mid-80s I still feel like a beginner with so much to learn, and [M] that fact is by far the part I love most about the field (not just field of “work” but of “mental endeavour”) - far more than status/seniority/raises. I find I don’t get bombarded so much with JS-framework-du-jour zealotry and expert-beginnerism after that.

If you’re only talking about Storage (data at rest) or Network (data in transit) then encrypt/decrypt offsite and never let symmetric keys (or asymmetric private keys) near the VPS, or for in-transit you could similarly setup encrypted tunnels (symmetric/private keys offsite only) where neither end of the tunnel terminates at the VPS. If you’re talking about Compute then whatever does the processing inherently needs access to decrypted data (in RAM, cache, etc) to do anything meaningful. Although there are lots of methods for delegating, compartmentalising, obfuscating, etc (like enclaves, TPM/vTPM…) the unavoidable truth is that you must trust whomever owns the base-infra ultimately processing your data. The one vaguely useful way to use “other people’s computers” trustlessly is with SMPC (secure multi-party computation) spread sufficiently widely across multiple independent (preferably competing - or even adversarial!) virtual-computation providers, with an “N-of-M keys” policy that avoids any single provider being able to attain a meaningful level of access to your data independently, or being able to view tangible portions of your data while providing functionality during SMPC. That stuff gets super-niche though.

Not all made up though. I’ve been following this one’s mailing list for a while https://en.wikipedia.org/wiki/Zephyr_(operating_system)