Brief items

So it seems incredibly likely that any effort to bar TikTok would raise a whole bunch of legal concerns -- starting with a basic 1st Amendment concern. The US government can't just say "you can't use that social media app." That may be how things work in China or India, but not in the US. And, of course, it would likely set off a chain reaction elsewhere as well. China already bans most major US apps and services, but we're still dealing with a pointless trade war that would only be exacerbated by such a move.

There are plenty of reasons to be concerned about TikTok, it's connections to China, and the security of the app. But none of that means that the US government has the right to just ban it. While Trump may want to pretend he's a dictator, and Pompeo may want to pretend he works for a dictator, that's not how any of this works.

The list, which was published on a popular hacking forum, includes each device's IP address, along with a username and password for the Telnet service, a remote access protocol that can be used to control devices over the internet.

According to experts to who ZDNet spoke this week, and a statement from the leaker himself, the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hacker then tried using (1) factory-set default usernames and passwords, or (2) custom, but easy-to-guess password combinations.

As with pretty much everything else, you can assume that if an industry lobbying group is in favor of it, then it doesn't go far enough.

And if you need more security and privacy principles for the IoT, here's a list of over twenty.

Because we are relying on things that are not guaranteed by the C memory model, we need to pay attention to the implementations. As I have said elsewhere, the price of control dependencies is eternal vigilance.

That said, I am not against sd-boot, btrfs, nano or a bunch of other changes which seem to have gotten every 'stop the change' advocate out there. I understand a little of where they are coming from... fixing things are hard enough at times. I also understand what it is like to be overloaded with everything going on these days and just want things to stop for a bit. The problem is that doesn't happen, and it definitely doesn't happen in Fedora. If people need a slower or stopped OS, there is CentOS or Debian Stable. Fedora isn't as bleeding edge as other Linux distributions... but it is constantly moving and it is always going to be a bumpy road.

Now, why should we care about an old bridge? It's because there's a universal truth about software development that software engineers don't like to talk about too much.

We're really bad at writing software.

[...] But the people who design and build bridges, they're great at it. Bridges get built on time, on budget, and last for dozens, hundreds, even thousands of years. Bridge building is, if you think about it, kind of awesome. And bridges are such a common occurrence that they’re also incredibly boring. No one is amazed when a bridge works correctly, and everyone is kind of amazed when software does.

Unfortunately, the world is very dependent on software. It might even depend more on software than it does on bridges. So we have to get better at writing software far faster than we got good at building bridges.