Oddbean new post about | logout

Notes by Luis Villa | export

Luis Villa | 1 years ago (raw) | full thread | reply | flag 
 If you use Google Docs, and share a doc with me that doesn't use continuous scroll/unpaginated mode, and doesn't strictly need to be paginated, FYI that (1) you can set unpaginaged as a default for new docs! hooray! and (2) I am silently judging you.
Luis Villa | 1 years ago (raw) | full thread | reply | flag 
 That feeling when you need a legal document, search https://blueoakcouncil.org/ for something similar, and in fact it already has *exactly* what you need. Huzzah.
Luis Villa | 1 years ago (raw) | full thread | reply | flag 
 You should read the new paper from @24fe2880 and @07f3fab1 but if you’re short on time it has mostly been summarized below:

From: @f1cf1cd7
https://mas.to/@yogthos/111071215888135964
Luis Villa | 1 years ago (raw) | full thread | reply | flag 
 OH: "You're not dying on that hill—you're camped out on that hill, waiting to die, but no one is trying to kill you, they're just going on with their lives all around the hill"
Luis Villa | 1 years ago (raw) | full thread | reply | flag 
 https://xkcd.com/1425/ but "what is AI" takes a few hours and "what is open source AI" takes several committees and five years.
Luis Villa | 1 years ago (raw) | full thread | reply | flag 
 I am in this toot and I don’t like it

From: @dfab1ba9
https://octodon.social/@pts/111055485368802470
82f33967 | 1 years ago (raw) | full thread | reply | flag 
 #BlackMastodon #BlackTwitter nostr:npub13vyftx2wglj740zpshq9rzv5gaa3djhkqw74ecry4mk7n3vt8htqwmlcz...
Luis Villa | 1 years ago (raw) | root | parent | reply | flag 
 @8d1af2ae @8b089599 I hope you can try again next year and report out - I've been curious about the festival for years, thanks to AfroPop Worldwide. Please let us know if you see anything about supporting the festival and/or the community around it.
Luis Villa | 1 years ago (raw) | full thread | reply | flag 
 Am reading a "secure OSS supply chain consumption framework" that is making me wonder if framing "secure" and "consumption" as top-level goals creates a fundamental tension.

"Consume" implies "do not contribute" at a time when (as CISA and NIST both noted yesterday) deep security requires at least upstream support, if not active participation.
Luis Villa | 1 years ago (raw) | full thread | reply | flag 
 Have just started “Managing the Risk of Organizational Accidents”, by James Reason, and can tell I’m going to love it (though maybe also skim it, because I’ve seen enough failure already.

Q: Reason seems more focused on in-practice safety, rather than safety-by-design. Is there a single ur-text for safety-by-design (and thinking through the tradeoffs thereof)?

(cc @07f3fab1)
Luis Villa | 1 years ago (raw) | full thread | reply | flag 
 So! Last week the Office of the National Cyber Director (ONCD) published a "request for information" (RFI). I blogged it, but here are some highlights and a few things that didn't make the blog post that may be of interest to others: 
https://blog.tidelift.com/new-rfi-shows-the-us-gov-effort-to-invest-in-open-source-is-picking-up-steam
Event not found
Luis Villa | 1 years ago (raw) | root | parent | reply | flag 
 @256de476 Even lots of technically very sophisticated people have not put 2+2 together on our deliberately-fragile JIT supply chains, and how badly they will hold up in the face of sustained climate disruptions.