The Epoch of Bagira

DHLP: Reduced ISO Size and Improved Build Safety

I was able to reduce the generated livecd ISO image from its eyesore of 8GB down to just under 2GB, putting the ISO size for the Dark Horse Linux livecd on par with other distributions.

You can grab the latest image here.

The issue was ultimately an overzealousness to make the image “provable” from a security perspective. The debuginfo in the compiled binaries of the system, particularly the kernel modules and shared libraries, accounted for about 6GB of the storage. Stripping that debuginfo consisted of almost all of the size reduction. 75% size reduction is really quite worth it.

This version also has some repaired filepaths, as well as additional safety in the scripts that generate the image.

You’ll probably see in the git logs that there are a bunch of fairly recent additions of set -u in the bash executables that Rex is kicking off. This tells bash to treat any reference to an unset variable as an error and exit immediately. That way if you do the admittedly dumb rm -Rf ${unset_path}/${also_unset_path}, bash will refuse to execute that line and fail the project run of rex due to a non-zero exit code. Obviously this is a stop-gap measure until I can do a full cycle focused on code safety rewrites.

Next is (besides some more clean up on the pyrois codebase) the introduction of RPM and presumably DNF, followed by some formation of what an installer ISO will look like.

It would potentially be a turning point for this project as it could be the point at which the distro moves from source based to precompiled binary package based, depending on how much infrastructure gets introduced during the RPM and DNF build/research work.

Make sure and subscribe to the new mailing list for updates as well.

Pyrois Commits: 07939eb9ec9c6b7e15a945ffc343a733643dbb49

re-adding project_config

Pyrois Commits: 832361fd6f6fe73616100c8af711dcbf9193f191

reduction of ISO size to 1.9 GB - milestone

Pyrois Commits: 2ce0b4fb7afb386cb0989a42f03b9e9c1d609a6c

adding missing livecd files

Pyrois Commits: 93f40be56ee46c464661cb6609efb1b1e3b1c4f5

size reduction of iso - 6.4G

DHLP: Email, Mailing lists and More

As part of the productization effort of Dark Horse Linux, one of the things that needed to be done is getting Dark Horse Linux resources off the SILO GROUP domain.

One of those included email. Another included mailing lists.

So, I’m bringing mailing lists back. If you’re looking for how to contribute, the dhlp-contributors mailing list is a great place to ask questions and find out about the project:

https://lists.darkhorselinux.org/mailman/listinfo/dhlp-contributors

If you want to contact someone personally, I can be reached at:

chris (dot) punches (at) darkhorselinux (dot) org

As always, I’m eager to bring more people onto the project, so if you know of any potential volunteers, please feel free to point them at that mailing list or to me directly.

I think I may be running out of excuses to focus on the installer and bringing in RPM.

Phanes' Canon: Kaizen

Well, I’m finally where I can take a couple days off and kick back.

I was evaluating where things are from a year ago, and three years ago, and five years ago, and my God, what a few years this has been!

And I am so tired that just sleeping in for a few days isn’t going to do it.

Dark Horse Linux

I got a new website up for Dark Horse Linux and there are a few issues to work out, but, there always will be. It needs a documentation generation system that’s themable and web-friendly, but also supports many formats.

For the immediate next cycle:

• I’ve decided to tackle the ISO size issue
• I will be putting RPM onto it, to open the door to all the cool things I’ve got planned.
• Along the way will be a new pass at the Pyrois project to clean up all the code along the way to make some of those commands a little safer to the build system, clean up dependencies, etc.
• This will involve either a tag and branch of Pyrois or a kind of snapshot fork to represent a generic distribution generator that is very close to LFS.

This will position that project nicely to start approaching both a package and patching ecosystem, as well as give users something they can builld on top of a little more easily for those spin-off possibilities.

Then, it’s installer, installer, installer and documentation, documentation, documentation.

Everything Else

I’m not taking on any new projects. In fact I might be trimming down the project list to focus more on DHLP, though, I really do want to sink my teeth into SMQ/S.

DHLP: New Website

As a result of community feedback, I have created a new website for dark horse linux, and it is in production now.

I am lukewarm with the results, but it does meet the intended purpose for now.

The documentation system is an acknowledged gap, one that presents an eyesore, and I’m not sure how I’ll approach it yet.

I’m not 100% convinced I should be writing the documentation so much as overseeing community contributions to that and ensuring the content is accurate.

Phanes' Canon: New Website Coming

I’ve hardened a preprod and prod environment for hosting the new site.

I’m about 3/4 of the way through the creation of the static site generator and the initial theme. Content is another story.

Interestingly enough, this is to address community feedback about the admittedly horrid theme on www.darkhorselinux.org currently — which is ironically based directly off the slackware.com website, after fixing it to make it valid html (the slackware.com website is not valid html).

But, feedback is feedback.

I really do need to get some other party involved on the theme stuff as HTML/CSS is really not something I enjoy doing or am even good at.

This stuff takes forever and I want to be spending this time improving the actual OS or writing some much needed documentation.

Phanes' Canon: Team Chris is Sleepy, and other Ramblings…

Summer keeps teasing me. It’ll come in hot and strong and I’ll rev up and have a great productive day. The next, it’s bleak, grey winds that cut through you and it’s cold again.

Can’t win with this. I get a crippling seasonal depression in the colder months. Maybe it’s time to move further south.

Hopefully we’ll get a “Brief History of the World Part 2” before Mel Brooks gets too old.

Work is still way too busy to put serious time into anything.

I’m working on a new static generator made to produce whole websites instead of just feed aggregation. This should be useful for improving the Dark Horse Linux website. Don’t know what to do about theming, though, that’s just really not something I want to learn how to do too well.

Stay tuned…

DHLP: New LiveCD ISO

Within the next hour or so, I’ll be uploading a new livecd to the downloads section of the site. It is a rather clean and faithful production of an LFS system, with overlayfs added as a dracut module so that the livecd can actually be used as a system with a writable root filesystem.

Changes won’t be persistent, but, this is a much better proof of work than what was up before it.

At this point I do encourage people to try it by downloading it and firing it up in an emulator and provide feedback. I’d be thrilled to hear someone got it running on a physical machine.

While cool in and of itself, this paves the way for transitioning the image to an installer ISO, where Pyrois copies the sysroot to a subdirectory in itself to put on to a target machine to boot from local disk after some basic configuration prompts.

ISO Image file size is still an issue at 8GB. I’ll have to depart from LFS to fix that. So, this might be the “goodbye LFS” post I’ve been building up to. Not sure yet.

Pyrois Commits: 8b7e0cc32f6784bcf974bd1ab5a50b92443e7c2c

major improvements to iso boot

Pyrois Commits: 6b852ee8f0a1ff76395998c5b08c26ecb6d03c1a

2023-04-07 snapshot

Pyrois Commits: 7428c41ce9c0e120eb57486671c45b45d52b123f

fixed bug introduced in download_sources target

Pyrois Commits: bab234d5c3cc807fe997afe3d650f69437f35b5d

fix typo in makefile

Pyrois Commits: d3548540e75d0d60d46fa3930b7f1a9841d9258f

minor backup cleanup for mods

Pyrois Commits: afd68110bcb0ea6682e8e05b59ebb31a3d36a840

new livecd generation make target

Pyrois Commits: f276e5e3e7f184cf3c6e9964ffc188376db70344

fix typo in makefile

Phanes' Canon: The Next Phase

I am still resting up in between the current next phase of Pyrois / Dark Horse Linux to work on other projects so I don’t fall behind.

Aside from the improvement of themes for DarkFeed, which is really out of my wheelhouse as I’m not a graphic designer, I’m also looking to build out a basic working time series prediction engine that works off data pulled from yahoo finance to test out some of the newer LSTM models’ capabilities.

I may also soon start to finally build pieces of the SMQ/S together now that I’ve refound the Raft protocol.

I may need to take another vacation before then, as between $dayjob and everything else I’m getting worn out pretty well.

Bing art is cool.

Pyrois Commits: 7fdac0e72e51363705ab1a9419c4d72b5e35f011

demarcation point from LFS

Pyrois Commits: 0b5d868da17b17dd60be19910a50b122642a68db

through kernel compilation -- possibly ready to image with initrd for iso prep

DHLP: Progress Update

I am excited to announce a milestone in the Dark Horse Linux project.

The code in the repo has finished creating the initial target system, including the kernel compilation using the default Fedora Linux kernel config.

There is an exception, the fstab file, which has a chicken-egg problem to resolve but I consider this to be minor and can be resolved during the ISO file generation, which is the next piece.

I should be able to use grub-mkrescue or genisoimage/xorriso or some combination of these with a thought out init ram disk to complete that part.

Once complete, I’ll start polishing the codebase for Pyrois up, branding a fork of it for ALFS-NG, and tag and release that for now.

For the long term, the `ALFS-NG` spinoff is just a side project that got spawned by this effort. I haven’t decided if this is something I want to give to the LFS folks to revive/modernize their seemingly abandoned ALFS project, or if it should remain wholly separate due to the Darcy infection. I have a desire to “play well with others”, but, that can’t occur in a vacuum, and I need to be certain it stays shielded from Canonical based on previous behaviours.

On the other hand, it’s likely to go very stale if I keep it under my thumb as it’s not a priority for me to keep it up to date more than to facilitate it as an instructional device. I suppose that begs the consideration that they’ve already abandoned that project once, so, it may not be a priority for them either. They likely wouldn’t want it.

I will then want to decide whether I want to introduce librpm for the next phase, or whether I want to create an installer disk, presumably with something like `anaconda`, though, I am hesitant about introducing an upstream dependency on the RH ecosystem based on the goals of the DHLP project.

I will want this system to be very familiar to RH-based distro users for many reasons, but, all cooperation with external projects must be a voluntary effort that can be easily severed for this mission to work. This is, after all, a contagion firewall. I’m already going the librpm route, which is maintained by RH, but, many distros use librpm. Not many use anaconda, so, their maneuvreability is different with that piece. Not that I think anything would happen there, but, it’s a risk surface that needs gaurded.

I suppose I’ve answered my own question thinking it out — anaconda is a package-based distro installer, so, if I’m going the librpm route I need to do that first before anaconda.

I suppose one approach might be to build my own basic installer that is a modification of the sysroot I’ve created that just copies the unmodified sysroot to a target system after the user selects and mounts all their target mounts. That’s a thought. Copy it off, when it’s done in the build, then engage in a 6th stage that turns one of the copies into an installer that puts the intact copy onto the target system.

I may do that first to move forward on a known working path, and then do my reductionist cross-reference with other similar projects to synthesize a new process. It’s a bit of a longer path but it’s one that can provide consistent progress.

Of course, things are always subject to pivot based on what I learn as I go through this. I have no experience with this aspect of things, so, I’m certainly open to ideas.

Pyrois Commits: 1f5d82d752cb8fa9f49812525a78f9fd7c8985b9

ready to begin chapter 9

DHLP: Entering Chapter 9

Automation of the 11.3-systemd rc1 has been successful on a Fedora build system up to Chapter 9.

At this point what’s left is:

• populate some of the system config files (/etc/*)
• set up udev
• set up the timezone
• some minor systemd disablement
• set the system locale
• compile the kernel
• set up kernel module load orders
• configure grub to be on an iso and install the bootloader to that iso (this will require deviation from the LFS book)

The fun part is that I’m not going to be using stock values for these. It’ll give you curses dialogs asking for input on alot of the stuff you’d normally configure on your OS, though, I may be reserving alot of that implementation for an “installer ISO” so that the values aren’t baked into the ISO in future versions.

After that, it’s an RPM variant.

After that it’s a reductionist rewrite cross-referenced with other unrelated projects to create a more minimal system without sacrificing on the core components.

All in all, looking back through the work, this process would have only taken a couple days, maybe a few hours for someone who’s done it before, but, automating it — I think that’s where this project’s value is.

I would like to see someone fork it, containerize the process, and then use pull requests with automated unit tests to accelerate OS development.

In the meantime once this ALFS-NG baby project is wrapped up, I’ll rebrand it as that, and then use the Dark Horse Linux label to build out the real deal.

Pyrois Commits: 89a7e712aef79293646717a48506a808d7f95c55

up through 8.77

Pyrois Commits: 344f4664458cb4c599f000cfaeb8536941ceb4a8

now has systemd -- up through 8.72

Pyrois Commits: 0117cd3cb26bfe02077980bc626f5db89bf32fe1

now has grub - up through 8.60

DHLP: Project Direction Changes

After some review of the dual licensing of LFS, it’s occured to me I need more segmentation in my planning for how to get to a new distro that I can offer commercial support for and distribute for commercial use.

That’s not the core reason for doing this, but, I’d like to be compensated eventually for all the hard work, and perhaps hire people and build a company around it.

I think in order to get there, I’ll need to make some pivots on approach on this.

To get around the non-commercial shit in LFS’ licensing, I’ll probably, once I get to a releasable state, release this build as a project called “ALFS- NG” that inherits the crap they snuck in there and have DHLP be a non-derivative rewrite.

I’m still thinking about it, but, if that’s the direction, once ALFS-NG is good to a certain point, I’ll be able to apply what I’ve learned to Dark Horse Linux. I feel as I’m going through this process that LFS has many, many unnecessary steps to do something like this.

I may even do a second build with one of the RPM variants of LFS/BLFS to get an idea of what I’m in for in terms of introducing binary package management cleanly.

Pyrois Commits: eb6f5acfd556ebe326f1507685acfdb7ae5b14e4

up through 8.40

DHLP: Progress Report

I’m at about Chapter 8, section 26 of the LFS build.

At this point there’s a sysroot, you can enter the chroot with `make enter_chroot`, and browse around after getting through a `make all`.

You’ll probably see in the git commit logs for Pyrois that I’m adding units to “master.plan” and testing there, before moving them to “stage4.plan” after they’re worked out.

That’s by design. I use “make backup” and “make restore” all through the process as this allows me to work out kinks in the scripts before vetting them and moving them over to their “forever homes”.

Pyrois Commits: b9cc1a06bb821439b6f02bb8c736e7b6248c9834

up to 8.31 in testing in master plan

Pyrois Commits: d0c228be5f73eec5269130d5118f8d81df104347

up to 8.31 in testing in master plan

DHLP: So what’s this project all about?

It’s occured to me that even someone technical may see all the movement here and just not really understand what this project is, so, I thought I’d write a brief to catch folks up to speed.

So, what’s the Dark Horse Linux Project?

The Dark Horse Linux Project (DHLP) is a new Linux Distribution.

You’ve likely heard of Linux, already. What you may not know is that the term “Linux” actually includes many different kinds of operation systems.

If you’re not sure what an Operating System is, you may have heard of Microsoft Windows. You get a little compact disc and install it on the machine, and it gives you things to click on and do your work, and, for the more nerdly, to write your own software or host your own services.

In the Linux space, the term “Linux” is really just referring to the kernel itself and in some crowds includes the gnu toolchain as well. What you might not know is that there are many providers of unique operating sytems that fall under the category of “Linux”. Each of those providers gives you a different variation of what Linux is and comes with different pieces that make up the operating system. Here are some famous examples:

• Fedora Linux
• RedHat Linux
• Ubuntu
• Debian
• Slackware
• CentOS
• Mint
• Arch Linux

You’ve likely already heard of these, and there are lots to choose from, each with unique properties. RedHat Linux and Ubuntu, for example, have attributes that make them prime selection candidates for an enterprise computing environment (think of servers, cloud, etc).

Indeed, the various communities surrounding Linux are myriad, and this diversity is critical to the continued existence of the Free and Open Source Systems movement.

However, there are some complex problems, and always have been in those communities. Some can’t be addressed simply by the introduction of a new contender, but some issues can.

Diversity in the Linux Ecosystem

If those communities were to homogenize it would become vulnerable to interference from entities that sell proprietary systems — all of which stand to gain a great deal financially from the elimination or control of a sizable portion of Linux communities and their internal development pipelines. The best thing that can happen for those cooperative adversaries is the unification of all Linux distribution communities into 3-5 distributions, as this would allow them to steer those projects into directions that are financially beneficial for those companies, but, not so great for us.

Check out the latest upcoming Linux distributions for this year. If you go through the list, you’ll see an exemplification of one of the issues this project exists to address. Every single one of these new Linux distributions is, in fact, not a new Linux distribution at all. They are rebranded releases of already existing Linux distributions.

In fact, if you look closer at the “famous” list I provided earlier, you’ll notice a few oddities that parallel this: CentOS is a rebranded RedHat. Ubuntu is a rebranded Debian. Mint is a rebranded Ubuntu (twice over on that one!).

In the list I linked to for this year’s new contenders, you’ll see that about half of them are based on Arch Linux, while the rest are based on others on the list I typed out above.

Almost all “truly new” or “parent leaf” distributions die out pretty soon after release.

Of those that don’t, there are serious issues that serve as barriers to widespread adoption, such as a non-standard libc variant, or using busybox as the userland toolchain, or missing multilib support, preventing a desktop market, etc. They have serious missing pieces that Linux communities expect to see.

That is a large part of why this project exists.

Most Established Distro Communities are Toxic

The other part of it is that, as someone who’s been participating in the Linux community since the mid-90s, I’ve found that the non-commercial communities have categorically toxic cultures. I had been involved in and even led numerous campaigns to try to address that over the years, and was seeing some progress, but I found that after all that work, one kind of toxicity was simply being exchanged for another. I wanted to create something better. So I decided to.

While researching this issue quite a few years ago, I came across a project called “Linux From Scratch”. This is such an impressive project! They tediously list out, step by step, a process to create a bespoke installation to their own specifications of a new Linux system. It’s not quite a distribution, as there is no downloadable OS, but a set of instructions that can easily serve a large part in the genesis of a fully equipped new parent leaf Linux distribution with all of the pieces those users look for.

When I said that the process is tedious, I mean that in every sense of the word. It’s alot of work and takes a lot of skill to do it by hand. So, I got to thinking:

What if I unitized all the steps that create a new distribution into separate automations represented in an object notation that allowed me to automate the entire process with selectable components?

The thinking behind this is that this would allow more people to have access to the tools they need to create fully capable Linux distributions, and that if this took on momentum it could help to facilitate the diversity of the Linux ecosystem, either directly, or by inspiring a competitor project who can do it better.

There was the ALFS project (Automated Linux From Scratch) but it had gone stale and didn’t, in my impression, fully unitize the steps — though it did automate them. Even if it had, it did not appear to be terribly receptive to customization, and the project appeared to be abandoned. I believe it still is.

So, I probed around for a few years, knowing I was about to start building a new Linux distribution.

Initially I was going to call it SURRO Linux, as I was trying to figure out how to create a new “parent leaf” linux distribution anyway, and, there was initially some interest. I created an IRC channel for the project, and a couple of the LFS crew even helped out. Until…I joined their channel to ask some questions about making some changes to the compile options.

It turned out, someone from the Ubuntu Linux community had figured out a way to gain rank in the LFS project and my access to LFS resources was immediately terminated by that person when I explained the scale of what I was attempting to do, despite being a year into the process already with another LFS developer.

As a result of Matt’s deliberate efforts to starve the project of critical resources, though, it inspired me to create an entirely new thing: A distro that helps other distros be created, as an example of how this should work — both technically and at a human level.

So I guess you could say, in a way, Matt played an important role in the creation of SURRO Linux by demonstrating that the problems I was concerned about on many levels were not just further along than I believed, but closing the gaps on one of the last bastion projects in the F/OSS world that gauranteed the perpetuity of the Linux operating system by facilitating diversity– by infecting the LFS project with his presence and compromising the decision authority in it in order to prevent the genesis of a product intended to compete with Canonical’s (Ubuntu).

I recall being profoundly disappointed at this turn of events, as, I had been learning so much from the LFS project’s other members, quite quickly, and am immensely grateful of the feedback they were providing in the early stages before that. I will always be appreciative of that learning period.

Galvanized in determination, over the years since, and in between other projects, I picked at SURRO Linux, the hard way, and had to develop some custom tools to implement what I could extract from the LFS documentation.

You may have seen some mentions of these. Rex. Examplar.

Examplar is the original name of the tool. It was recently rebranded as Rex. Rex is an automation tool that reads a libary of json objects, each representing the necessary parts of a largely idempotent automation. It then reads another json file whose contents represent steps in a plan to carry out, which reference the automations in the library. This method allows me to do large chains of automations with each step in a fully controlled context, including environment, whether a pty is used, what user the automation runs as, as it captures STDOUT and STDERR of the automation to log files for review to ensure the build is clean without having to stop.

After some time, I ran into a technical barrier with Rex that prevented the continuation of the development of SURRO Linux until it was unkinked. I worked on other projects and campaigns for a while to get my head fresh on it.

Once that issue was finally solved, enough time had passed to where I needed to refresh the codebase used as the solution involved a full rewrite of Rex.

So, I renamed it to Dark Horse Linux and started over. With the new tools in place I was able to do what had previously taken 2 years to develop in just a few days, and now there seems to be some momentum behind it.

I’m hoping to have it generate a bootable image by July of this year finally, though, it won’t really be the release of Dark Horse Linux, so much as a snapshot of a working system for others to borrow from before I move on to building out an installer image. That’ll just be when the real work starts to build out the installer and package management infrastructure. Honestly, with my workload at my dayjobs, I think July is an ambitious target. Walking through LFS is only of moderate difficulty, automating the steps and extracting enough to create a new Distribution is another matter entirely. This is all just one person currently.

You’ve probably seen some mention of a repo called “Pyrois”. Pyrois is a Rex project that will compile the install images related to Dark Horse Linux and is where the majority of the work takes place.

I’m always receptive to people participating, and if you’d like to participate, feel free to email me at “““`dhlp@silogroup.org

Along the way, many things happened since I initially announced SURRO Linux was going to be a thing. My Dad died early on. I ran into access issues researching what I was trying to do. I have other projects. I have a whole other career besides this and the project is self-funded currently. I was involved into two activist campaigns in the open source community (RMS, Freenode). My personal blog has more details about those, though, I just wanted to make it clear that this is a slowly moving project for now — though I do have high hopes for it.

Pyrois Commits: 1a360bed1a9888071fa3a0cf21a3d3265c5bf68a

gcc pass 3

Pyrois Commits: 88f65e83e50c0e270eb17db93797dc8beba183f7

8.25

Pyrois Commits: b9af982ce39808c9bd8f2263afa80157a6f5137a

through 8.24

Pyrois Commits: 360f2afae74ac3d3c797f6b05918dd8908722ff3

up through binutils - pass 3

Pyrois Commits: b8bfec9722bb71b3d3b8db8f47af848aecaed286

checkpoint - passing SURRO current state

Pyrois Commits: 4fbe0c8d81500e5d8dbffc6504b03af8764f67fd

some cleanup of messy backup/restore facilities

Pyrois Commits: c4192e2328eec033aa9967feb98fec722de45d2e

snapshot while working out backup/restore issues

Pyrois Commits: b513be8d4d0d7a9f7beb8b0d03abc50c4be642d5

incremental improvement in backup/restore facility

Pyrois Commits: 05c65e8d1d458af0d2875c47c607c383ea71ca84

various typo fixes and progress up to 8.8

Phanes' Canon: Dark Horse Linux: Stage 4

At this point, DHLP is compiling up to LFS CH. 8.

This is the point where it finally starts to get “real”, as we’ve finished the compilation of all the temporary tools and are starting to build the “real” permanent system.

This is also an exciting part because I got to introduce the first of those classic ncurses dialog prompts.

Stay tuned.

Pyrois Commits: 7868997024999e80c12fbb76ca2449bd97a339b4

up thorugh 17.13.2, backup facility needs additional testing

Phanes' Canon: SURRO Reborn: Dark Horse Linux

I’ve done something I think is interesting.

After I finally found time to do a rewrite of Rex to add pty support and fix some bugs, I did a new build of SURRO Linux that, frankly, is much better than it could have ever been in the old setup.

This has been an especially long and hard progress since I initially set out to do it, both technically and politically, so, I wanted a way to give the project a clean slate and start fresh since it looks like it’s actually developing some momentum finally.

SURRO Linux is being rebranded as The Dark Horse Linux Project. The Foster project has been rebranded as Pyrois. I will be slowly dismantling SURRO-branded themes and sites over the next little bit as I transition things over.

I’ve registered the website www.darkhorselinux.org to serve as the project landing page.

While I’d like to lay some framework for project governance, it’s really just me working on it, so, there’s really no point in that, so, I think I’ll adopt an approach similar to my impression of Patrick Volkerding’s approach with Slackware: If people want to contribute, please do, and suggestions are always welcome.

In fact, I envision much of the starting point of this once it releases to resemble elements of Slackware quite a bit.

Phanes' Canon: Plans for Dark Horse Linux

So, as it’s nearing a bootable ISO, some stages of development seem to be forming in terms of expectations.

A Whole Image

First, I’ll end up with something very close to an LFS build that needs alot of work to get installed onto a different system.

Gentooesque Genesis, Slackwaresque Form

Then, I’ll end up with some kind of installer that seems like it will work very similarly to slackware’s and FreeBSD’s installer, but compiled in a very gentoo kind of way beforehand. I see this piece taking quite a bit of time to get through if I pursue that as far would be expected. The important pieces will be drive formatting/partitioning dialogs and tools, bootloader installation. Copying to the mounts appropriately etc.

A Familiar Set of Tools

Some ways after that, unless it doesn’t work the way I expect, I’ll probably pivot to an rpm-based system that, a certain point after librpm is compiled, binary packages are downloaded that replace the packages already compiled and installed. Systemd. Firewalld. Then the decision needs made about whether I’ll use DNF or an inhouse built package manager. One drawback I see about this is, some users will probably use rpms from SUSE and RH and Rocky and Fedora and run into build compatibility problems. On the other hand, some of the time it’ll actually work with a little tweaking of binaries. On the other hand, using a familiar ecosystem for the core pieces of the system will bring with them the stability those pieces are known for, they are tried and true, and will be already familiar by many, many users. So there’s a tradeoff to consider. It also prevents me from having to reinvent package management. Life’s just too short and I’m one person.

On Package Management

It’s dangerous to go alone.

Take this.

Leaving it without package management is just not an option in the currrent security theatre. Modern systems need not just build systems for distributable packages but patching systems built in with pipelines established for those patches to reduce overhead. Patches that are free, open source, and available in other package-based distributions. In some cases, with associated CVEs. This will require lots of infrastructure to do sustainably even if I weren’t just one person.

I think what I ought to do is find some way to faciliate that infrastructure, designed in such a way where it waits for contributors to do the things. So, if someone thinks its too slow, a pull request from a stranger (or a familiar maintainer, even) gets submitted so that I don’t have to do the work. It gets reviewed and merged. The more people involved the better, but, it /could/ work with one person, just very slowly.

Pyrois Commits: 4b302e0c896a217347b0bb31ea9e103b74bb574f

make all target created and made safe - requires sudo or root

DHLP: Advent of Pyrois

Pyrois is the automation project that is intended to generate the Dark Horse Linux boot iso.

DHLP: Advent of Dark Horse Linux

Welcome to the beginning of Dark Horse Linux, a new Linux distribution.

DHLP: Rex 2.1a

The rewrite for Rex, the tool that drives the automation behind Dark Horse Linux is complete.

Phanes' Canon: Musings on a Code of Conduct

I don’t even like the concept of a Code of Conduct in any technical project.

But, people are jerks. I acknowledge that you need one these days to provide a groundwork of acceptable behaviour because not everyone can just be a decent adult on their own, but may have good technical contributions to provide.

That said, every implementation of a Code of Conduct that I have ever seen has been so permeated with overreach that it should be set on fire and abandoned before routing out everyone who created that overreach and removing any control they have over that community.

I personally view most major F/OSS projects’ CoC to be created for the sole purpose of preparing a community and its culture for hijacking by corporate sponsors.

It ends up being a device they can use to bump out the people that won’t meet their sponsor’s goals while creating gaps to fill by the people they have selected to steer the project towards those corporate interests.

This practice is, in my opinion, so pervasive that in aggregate, I see it could eventually create an insincere and purely aesthetic dystopia where people will eventually have to resort to whispering in soundproof rooms to express themselves to avoid being targeted unless they abandon their entire personalities– their careers, their families, project positions at jeopardy– all depending on the scale of money behind the project and who the sponsors are. People will comply with the narrative or they will “become bad people”.

I would rather have nothing in its place than contribute to that. It is unethical, toxic and harmful to anyone who participates in it.

I’ve also seen a strange reoccurence of identity politics being worked into the CoC. I’m actually a little confused why the LGBTQ+ community is not largely comprised of people offended by the blatant attempt of these corporate-backed projects to introduce identity politics and dog whistles to open source communties as blatant disruption devices to serve those corporate interests, and the CoC is a great place for that to happen. It is a blatant exploitation of a vulnerable community taking place out of financial interests.

Perhaps my thinking on this may change in the future, but if I were to ever build a community of contributors for, say, SURRO Linux (or what it will actually be called on release), that I might have a CoC that mostly just aimed to prevent political hijacking and offtopic yammer, or interpersonal shit getting mixed with project discussion.

I mean, be gay, trans, bi, straight, whatever you want, but push code and create development roadmaps instead of using this as a platform to validate yourself. That’s not what it’s there for and it’s oppressive to other demographics.

In lieu of identity politics and facilitating project hijacking, a CoC that I would want to use would be designed in such a way as to develop, encourage, and reward emotional resilience in members of its community while providing a framework that inclines discussions to be related the project.

That can’t happen in a safe space or an ideological echo chamber. Decay can, and does in all cases.

Safe spaces are toxic and harmful. They are well intended but ultimately detrimental to host and participant as, for the sake of comfort, they stifle the expression of conflicting ideas that drive conceptual evolution in cultural development, which, unless you have a community that has reached an ideological apex– an Atlantean society of the most perfect expression of viewpoints humanity can ever have with no more room for improvement, then conflicts of ideas have to be permissable for growth of that community (and the broader society it exists in) to take place.

Competing concepts drive cultural evolution, and you can’t have competing concepts if you forbid or suppress conflict. This is the nature of people. This is the nature of ideas. This is the nature of growth. Communities that suppress conflict and consequently free expression cannot grow. Communities that value emotional resilience and a productive manner of conflict can and do– exclusively.

And then there’s the out-of-band behaviour. Too many times I’ve seen people engaged in conflict who are so emotionally fragile or toxic that they feel they need to go to other platforms to crowdsource a lynching to target people who have a different perception of reality than they do — they make up lies about them, and try to use crowds of collaborators to “shame” their ideological counterpart which inevitably devolves into extraordinarily toxic harassment by many people, even stalking and offline violence directed at those people who disagree with them (or are triggered by a lie about their target that they believe), or they go after their families, or their careers and reputations. Anyone who particpates in something like that shouldn’t be on any project and are a threat to anyone they work with. The world needs protected from people who do things like that. I don’t just mean the people who rally the crowd either, I mean the people who choose to be in the crowd doing the harassment as well. They are timeless filth.

So, I propose the “Nobody Cares” golden principle: Nobody cares about your poltiical beliefs beyond that you should be allowed to have them. Nobody cares about your spiritual beliefs beyond that you should be allowed to have them. Nobody cares about your sexuality or gender identity beyond that you should be allowed to have them. The same for race, country of origin.

People would make mistakes occasionally and accidentally care. They’re human. They all have beliefs of their own. If someone gets a pronoun wrong, or has a belief system that affects which pronouns they use for either themselves or others, then we need to rely on the emotional resilience of everyone participating. Nobody is forced to alter their speech or beliefs for anyone else. That also means pejoratives and slurs should not be used. People who do should be sanctioned. Personal attacks violate the rule. And trying to force people to comply with your belief system should count as a personal attack that isn’t centered on the “nobody cares” philosophy: “Is the statement about the project or is the statement about someone on the project?”.

The caring should be about the project being discussed, not the discussers. If someone goes on a rampage to try to force everyone’s beliefs they can go away and practice their emotional fragility in any of the already existing echo chambers more than willing to cater to them at the expense of meaningful progress. I’ve seen enough. Nobody cares about the discussers. They should care about the project and contributions to the project, not whether someone who submitted a pull request donated to the Trump campaign or something stupid they did or said (though I certainly would not be excited to hear about that).

The only exception to not caring is when someone with a bunch of followers on twitter gets mad because they weren’t given enough political kowtowing to their identity politics, or are mad about something unrelated that they proceed to shame and lynch, defame, harass, or otherwise harm other contributors on the project. This also goes for those that take to other platforms for the purpose of stirring up others to do those things. People that engage in this should be decisively and rapidly ejected.

I also think relying purely on the CoC is a bad call. It’s not a framework to push people out, it’s a framework to help people focus on what they gathered to do. So, instead of treating it like a legal doctrine, I think right now I would treat it more like a guideline and use my own discretion when handling interpersonal issues or conduct reports to hopefully prevent it from being misused in the way I see other CoC’s be misused, or sabotaged by trolls.

Phanes' Canon: Artificial Food

Our Food Sucks, and it’s caused by Liars

So as it turns out, when you buy food at the grocery store, what you are purchasing is not your grandfather’s food.

A Kushi Institute analysis of nutrient data from 1975 to 1997 found that average calcium levels in 12 fresh vegetables dropped 27 percent; iron levels 37 percent; vitamin A levels 21 percent, and vitamin C levels 30 percent. A similar study of British nutrient data from 1930 to 1980, published in the British Food Journal,found that in 20 vegetables the average calcium content had declined 19 percent; iron 22 percent; and potassium 14 percent. Yet another study concluded that one would have to eat eight oranges today to derive the same amount of Vitamin A as our grandparents would have gotten from one.

https://www.scientificamerican.com/article/soil-depletion-and-nutrition-loss/

Causes contributing to this generally center around:

• soil depletion
• global-scale overproduction
• corporate control over the genes of the plants used for crops

Yeah, so, as it turns out, when we introduced *GMOs to the world, we did it primarily through a company previously known as Mansanto, until it was bought by a larger company called Beyer. Mansanto’s profit strategy included:

• Genetic engineering and genome editing — using modified viruses designed to splice a gene from what is often not a related plant or animal into an organism. (*This is what people are really talking about when they complain about “GMOs” — what many bootlickers and unethical propagandists do is claim that this is on the same level of safety and precedent as cross-breeding two plant crops, or selecting seeds for the next year’s crop by using selection criteria that provides larger yields as we’ve been doing for thousands of years longer than the advent of the field of genetics. It is not the same as these farming practices, they know it is not, and they say this anyway because they are shitty people who want to sound smart more than they want to be accurate, and this serves as a constant detractor from very legitimate concerns people have over this practice by drowning them out with knowing lies in the public dialog – they somehow do this while virtue signaling).
• Patenting the resulting modified organism and becoming the only providers of the seeds.
• Suing farmers when their modified organism is found in their crops.
• Dropping seeds around farming properties who don’t buy from them to facilitate that litigation.

It was remarkably successful. This introduction became the dominant source of most products you buy in the supermarket today. This allows a couple of companies to control the genetic profile of almost all food in the global food supply chain to the point that, as of the time of this writing, it’s almost impossible to avoid eating organisms modified in this manner. Even if you make your own bread, the flour you buy at the store to make it contains these products. You’d have to find wild wheat or corn, genetically analyze it to ensure it isn’t a windblown GMO, grow a crop of it, and then mill it to get one loaf.

There have, to date, been no cross-generational impact studies performed for regular consumption of GMOs prior to them becoming the dominant presence in the global food supply chain, propagandized as safe by the same people that told you and your parents that consuming fat is a leading contributor to obesity, that margarine was good for you, that aspartame was a safe alternative to sugar, that eggs and potatoes are bad for you– the same people that brought the fictitious “food pyramid” to your schools.

In some cases, the GMOs that made Mansanto famous create crops that produce their own pesticide internally. Some variants are also very resistant to pesticides that many farmers already spray on their crops (It’s a pesticide called “RoundUp”, also sold by Mansanto) to prevent yield loss from bugs eating into the crops. Because these crops are more resistant to insects and pesiticides they tend to take over an area and choke out the farm-managed versions of those crops that they were designed to replace (they are what some people call “an invasive species”). They also are modified to not produce seeds, and where unable or when that genetic mechanism fails, litigation ensues if the farmer collects seeds to replant the next year from their own crop — they need to purchase those seeds from the company that designed, owns, and sells those organisms’ patented genes.

Their strategy was one of necessity: The farmers often didn’t want genetically engineered crops, and most intelligent people didn’t either. Not at that scale. But, between the widespread litigation of farmers, and the paid marketing, it’s become mainstream, and then people who do research on youtube filled in the gaps with mainstream audiences. It’s amazing what money can do to low information leftists’ realities.

As to soil depletion, since we’ve overcommercialised farming to keep up with growing populations, we’ve stopped rotating crops as well which replenishes vital nutrients in the soil, so, the growing plants are bigger from being fake, and drawing less nutrients out of the ground because of last year’s crop.

The problem, at the end of the day, is that there are just too many people on the Earth. There’s no good solution to that, but among those that rank among the best, none of them involve paying those squirrels who are just chasing nuts with no regard for the impact of their work on the world to keep degrading the food that’s already there — for everyone that is currently alive and will live after us.

Phanes' Canon: IDM/A Rewrite & Job Stuff

I’ve got a keyboard on the frits, so I’ll give this post about one more try before I put my fist through this keyboard and go on vacation until a new one arrives.

I’m about a quarter of the way through a rewrite of the IDM/A prototype.

The reasons I elected to rewrite most of the codebase instead of adapt it and release it are many, but the main issues were:

1. The access control was being handled in the API layer, instead of the controller library that controls all the actions being performed, mostly to accomodate flask’s ridiculously embedded and inflexible marshmallow and sqlalchemy extensions. While not an issue for a whole product, it does make the API an unnecessary risk surface. To be clear, this is not an issue with SQLAlchemy and Marshmallow libraries, but Flask’s extensions of them.
2. Having access control being handled in the API layer also means access control needs reimplemented in any interface being created to interoperate with the system, which not only sucks for responsibility isolation from a general design perspective, but as security problems would emerge, their impact scope would vary depending on which interface was in use, which breaks continuity and degrades the security posture of the entire system. Being an identity, access, and session management system I would consider that tendency to be purpose-defeating.
3. This allows third party interfaces to be developed with security controls that are gauranteed to be in continuity with the provided ones and disincentivizes the development of frontends designed to exploit the underlying system.
4. I wanted the API to merely be relaying input parameters and output responses to/from a secure underlying controller layer so that the modular design could be leveraged later for C-rewrites of various layers (including potentially the API). This creates the path for that.
5. I wanted to completely remove any dependency of any underlying component on the API layer for that same reason.
6. I want to write a CLI toolchain that accompanies it that performs all tasks. This is also useful for writing functional tests, and should make system administration a little easier. I did not want those tools to contain any of the security layer, and I do want it to be oriented to CLI toolchains first.
7. I wanted to create a path for PAM integration and didn’t see a web API centric approach being suitable for that as it was. Ideally administrators should be able to configure PAM to point at this system and then use it for administrating users on a great many machines.
8. I wanted to create a path for an LDAP emulation interface for web systems. This would require that component responsibility rework.

Unfortunately, as always, this sets my time tables back.

Job Stuff

Got another raise. Unfortunately, this one involves an expansion of my responsibilities this round, so, I’ll be busier and will have to do alot of skill refresh.

On both fronts, this is a time for building.

Phanes' Canon: Back to the Basics. Again.

As winter approaches, I see a chance to sharpen up on some core skills.

This is something I do regularly, I am a firm believer in keeping the basics down as that is still where so much of the work to be done is. We tend to drop the basics after we learn or work on the more advanced things thinking we have “graduated” to higher planes of thought.

That’s a delusion of the ego. Foundational concepts and skills in information systems make or break you, whether you’re an intern starting out or a 20 year career veteran in the field. Doesn’t matter. You have to either continuously refresh, join a socially empowered demographic, or take a “contributor influencer persona” that rests more on twitter likes and marketing masked as culture rather than actual contributions. Over time, people who don’t go back to the foundation concepts of the work they are doing, no matter how senior they get in their careers, become out of touch and fail, and usually in great arrogance.

For me, for now, I’m re-reading Kernighan & Ritchie’s “The C Programming Language”, second edition for ANSI C. Fellow nerds just call it “K&R”. It’s one of those core learning books that should sit on every Linux nerd’s bookshelf right next to “The Unix Programming Environment” by Kernighan & Pike, or “Unix Network Programming” by W. Richard Stevens. I have a copy of “The Practice of Programming” on my basics bookshelf, but I have to admit I haven’t found time to read it, yet.

For people who don’t write code, and like to design at a higher level, shame on you, but, “The Design of Design” by Brooke, or for your splash into good design (you’ll have to learn some code) “Design Patterns: Elements of Reusable Object-Oriented Software” by Gamma, Helm, Johnson, Vlissides– both of which I found incredibly boring but useful.

In any case, K&R is driven by necessity. I’m exploring the idea of porting Rex to C to increase its compatibility footprint and reduce the size of the codebase. There are alot of problems to solve to do that, so, I’m just getting the juices flowing. It’s not going to hurt me to go back to C.

Phanes' Canon: Long Live the King, Spring Cleaning and Routine

The Queen is dead. Long live the King. King Charles III succeeds Queen Elizabeth II as I type this after the unfortunate news of her majesty’s passing. I wonder what kind of king he will be. His choice of his name, Charles, is a loaded one with quite an implication, and he may be less conflict adverse than his mother.

I’m still in vacation mode. I think it’s been a couple of years now, but I’m at least acknowledging that I am not working on anything really besides my own peace outside of my dayjobs.

All of my projects are going stale, so, I’ll need to get with it soon, as much as I’m enjoying the downtime and balance that comes with being so unfocused or absent outside of some remote leadership courses at Harvard that I’m taking for fun.

I am still feeling quite directionless. I have found strength for the sake of strength, mind for the sake of mind, and money for the sake of money. It certainly could be worse, and is nothing to regret, but, I am finding myself often coming to deliberations about who I really want to be, and how I want to be that person. I’ve run out of personal aspirations. I am ready and eager to build, and rebuild — yet do not know in some ways what it is that I wish to build at the moment. I’m not talking about tech. I’m talking about soul.

I am also becoming more aware of opportunity costs in this decision: I am approaching my 40’s, and what I spend my time doing will decide other things I can do later.

Then there’s the consideration of legacy. At some point in a person’s life, usually later than earlier, the potential of what you could be gives way to the history of what you have been.

Looking back at how it all started, with my younger shipwrecked self on an unforgiving shore after being tossed and drowned by the cold waves and winds of life so thoroughly, I have come so far in rebuilding already — with very little help available, even when I very much needed it. It is unlikely that I can ever be in that place again. I have become no Count of Monte Cristo as of yet, but, we don’t really do those here, and, in our times, the roles we play in life often shift around too quickly for our stories to be worth telling.

Since COVID-19 hit, I have been working from home for my jobs. This has had a progressively damaging impact on my daily routine for many reasons and in many ways. So, I have started exercising again and am already showing some results, and I have committed to recreating my daily routine to something more effective. I am losing too much productivity to poor time management and shitty sleeping habits.

I have also committed to a more consistent cleaning routine. As a systems and software person who does spend a great deal of time in front of a screen, it can become easy to neglect your household, and, the state of your house has a huge impact on how you live. I am messy and naturally disorganized, so I particularly have to keep it in attention. Even if it’s 20 minutes a day, and you can’t program yourself to clean as you go (I know some people who have done this, I have never been able to), then just dedicate 20 minutes a day to shut off all those other threads of thought and clean something in your house. It makes a huge difference. If you are like me, and you are just not good at cleaning, it is absolutely essential to good living in my opinion. Sometimes I forget to clean something or get distracted and then realize I really, really need to. Messes make worse messes over time if you don’t clean them. I know alot of tech people who don’t factor that in, and I wouldn’t eat at their houses.

I suppose this is what life without a moral battle is like. What’s next?

Phanes' Canon: How I learned to stop winning the battle and losing the war.

Busy, busy, busy!

I haven’t posted in a while, but not for lack of effort to make the time.

I’m expecting to have an IDM/A prototype completed by the end of the year at this pace. I eventually got fed up from not having free time and just cut into my sleep to knock some features out. I actually don’t recommend anyone do that and try to avoid it myself because the quality of the work tends to pop out as sub-par when you next get to look at it with fresh eyes, but, I just need some trailblazing done at this point.

One of my current struggles is with a product called RHCS (RedHat Certificate System), which I also don’t recommend anyone try.

I’m considering re-theming this site and moving stuff around when I can give it proper attention. I don’t feel like it’s as visible as it could be (I mostly just complain on here anyway), and I think the layout may be a little outdated.

I may also be trimming out some of the projects I intend to build from the portfolio list to make room for new developments forming, depending on what the long game looks like.

Phanes' Canon: FIPS Mode on Centos9

So, you’ve installed CentOS 9 on a server, but you’re not a 1337 information security architect and don’t really know where to get started.

That’s fine. You still need to do some basic hardening of your machine, or Vladimir Putin will start mining bitcoin on your new server in between using it as a trash nest to launch attacks on other peoples’ servers with. Even then, there’s no guarantee, but, you can make it harder to do that to you (and your reputation — yes, people out there judge you based on your servers’ security posture).

The first thing you should be aware of is that there are whole organizations whose purpose it is to write security standards that you can learn and adhere to. One of particular note is the National Institute of Standards and Technology.

But, if you cared about stuff like that, you wouldn’t be reading this.

So there are two standards collections we’re going to barely talk about here, one is called FIPS and the other is called the DISA STIG. If you take a few steps revolving these two standards you can get a much more secure system.

There are many more things on top of this guide that you can do to further harden your systems depending on the type of attack you may be concerned about, or the topology of the solution you are building, but those will be out of scope for the purpose of this writing. For this post, we’ll just be covering FIPS mode. My next post will cover an attempt to apply the DISA STIG to a CENTOS 9 Stream system.

Let’s Get Started

Before you touch anything on your fresh install, update to the latest set of packages available through yum.

yum -y update

Enabling FIPS Mode

First, we’ll set up FIPS mode.

Install the dracut-cips or dracut-fips-aesni packages depending on your cpu instruction set.

yum -y install dracut-fips dracut-fips-aesni

Run dracut:

dracut -v -f

Find out what boot partition you’re using:

df /boot | tail -n 1 | awk '{ print $1; }'

Get the UUID for that partition using the above’s output:

blkid $above_output

Or, if you’re lazy:

blkid $(df /boot | \
  tail -n 1 | \
  awk '{ print $1; }') | \
  sed -E 's/^.*UUID="(.*)"\sB.*$/\1/g'

Once you’ve got your UUID for /boot, open up your /etc/default/grub file:

vim /etc/default/grub

Append the line that starts with GRUB_CMDLINE_LINUX with fips=1

If your /boot partition is a separate mount than your root filesystem, then also append:

boot=UUID=<< YOUR_UUID >>

Save and exit, and then you’ll want to regenerate grub.cfg with:

grub2-mkconfig -o /etc/grub2.cfg

Now in the case of Centos 9, at least in my case on a Linode Centos 9 image, I got an error like this:

[root@localhost ~]# grub2-mkconfig -o /etc/grub2.cfg 
Generating grub configuration file ...
/etc/grub.d/00_tuned: line 26: /etc/tuned/bootcmdline: No such file or directory

Though ridiculous and unprofessional for a release, this is the new reality for CentOS, so, just go with it and yum install tuned and move on with your life before running grub2-mkconfig -o /etc/grub2.cfg again so that you don’t have to dig around inside of grub to make it do what it was designed to do.

Provided you read closely and followed the steps outlined here, you can now reboot and you should see that your machine is running in FIPS mode.

Run reboot:

reboot

Now let’s verify our newly booted system is actually running compliantly. Truth be told, if something failed, your system probably won’t even boot.

cat /proc/sys/crypto/fips_enabled 

The result of the above call should return 1.

Congratulations, your system is running with FIPS mode enabled.

Phanes' Canon: Breathing Again

Whew, seems like it’s been a while.

I did not die.

In fact, I recovered. Well, from the lung thing. My right arm is still a little off from that elbow fracture a couple years ago.

Getting old sucks, especially if you were young for a long time

So, what happened since my last post….? Oh, I lost 40-50 pounds in 2 months while I was sick. It was not deliberate. I opted not to keep the weight off after recovery since nobody can account for the dramatic weight loss.

Quite a bit of bruising on my abdomen still. Not sure what’s up yet. Doc says it is COPD and wants to talk about smoking cessation.

I missed the deadline for finding a new place so I’m still in Cincinnati for another year. March of 2023. It’s occurred to me since then that I am not sure if I want to move back to Columbus. I deeply enjoy my social network up there but the housing scene there is horrendous unless you own, and buying a house is a huge, time-consuming thing. At least for me. I’m picky.

COVID isolation became a new way of life. I’m slowly gearing out of that mode.

I’m still in vacation mode in terms of projects. I’m taking a break until I find my inspiration again.

It may be that I switch to a mode where I only do things in spurts here or there as I feel like it, so I can be a little more balanced with time than I have in years past.

I’ve been cutting down on work as well, like not working super late every night making everything perfect. This has actually made me more productive, so, I may be onto something.

No big plans at the moment. I’m enjoying that.

Phanes' Canon: Sometimes Just Surviving is Okay

A little over a month ago I got really sick. I mean really sick.

At first I thought it was just a headcold so I popped some Vit-C, took a couple days off and just rode it out.

But then I continued to get sicker. And sicker. And sicker.

And the days went on as I got sicker. Then it became weeks. And it became sicker.

I wasn’t getting better and I was starting to get worried about my jobs.

So whatever it was was viral I thought, but something was setting me off and making it worse. Something with the air. I tried staying in different rooms. Staying out of the main office helped but I was still getting sicker, just not as fast.

I bought a really expensive air purifier to blast on full right next to my head. It helped, but I was still getting sicker. I checked the HVAC filter on a hunch, and sure enough, jet black and slimy, full of mold of the eldritch horror variety.

I ripped it out and replaced it, and then thought that would help.

I continued to get sicker. So I turned off the HVAC. That helped. But then the heat was an issue because it was the dead of winter. I considered buying space heaters but saw the path I was on: If I continued to invest in this without intervention I’d exhaust all my other options.

So, I evacuated. Grabbed the dog, and hobbled feverishly to the kennel place and dropped him off for a week and checked into a hotel where I coughed until I puked all day for another week and then stayed at a friend’s house when I still wasn’t getting any better. By that point I’d gotten to a doctor who’d given steroids and antibiotics, which helped a great deal and I recovered.

I have never been sicker.

After a while a I got better, and went back to the place, blasted the HVAC system to clear it out with the new filter for a couple days and things normalized. Went and picked up the dog, today, and the house is back to normal.

So, it wasn’t COVID-19. I was tested several times by the doctor. It was viral, though. I’ve noticed this is becoming a thing. I’m seeing alot of people getting sick with viruses that aren’t COVID-19 since the pandemic started, likely due to our immune systems not being as rugged due to all the isolation.

The new normal sucks and it almost killed me.

At this point I’ve got the virus beat but I’m still pretty lethargic, coughing a bit while my lungs clear out, but it’s nothing too serious.

I guess it’s time to just chill for a few weeks.

Phanes' Canon: The Stranger

Within a hundred trillion years from now, star formation in the universe will end and every remaining star in existence will go cold.

After that, there will be 10^106 years of the universe consisting entirely of black holes and nothingness: Void and destruction.

Proportionally that’s like the universe starting with a single second of stars and then a billion billion billion billion billion billion billion years of just black holes and void.

The time from the formation of the Earth, to the Earth’s destruction as our sun enters its red giant phase of its existence about 7.5 billion years later would just be a flicker during that second. An instance. If you blinked you’d miss it; if you didn’t blink you might still not see it because it was so brief. That one second period of light in the cosmos could fit our beginning and our end in it many thousands of times.

If you were to view the universe as a designed system, would you attribute to its purpose the side effect of its brief explosion at the beginning of its initiation?

This would be like attributing to the function of your vehicle the light created from the spark in its starter during ignition.

The proper characterization of the the universe is, with an amazingly brief exception in time, a dark expanse filled with nothing but black holes in it.

“Nothing”, the space between these black holes, is hard for beings like us to even conceptualize because we live surrounded by “something” and are never exposed to “true nothingness”.

We look at an empty box and think “nothing”, but it has air, dust, energy, and things of the micro we’re still studying.

We look into space and see the dark expanse and think “nothing” because it lacks most of those things, but even the fabric of reality is there, even if only at the quantum perspective. Empty space is a vacuum but it’s not “nothing”. That comes later as these reality-bending horrors rip the space between themselves apart for consumption.

We can’t even visualize what most of our universe is for most of its existence. It’s not just a vacuum or the absence of material at this state– it’s “nothingness”.

We’re in a machine we can’t understand. We don’t have the context. Our entire existence is in that brief side effect of the ignition. So, let’s not ever talk about “purpose” outside of the subjective meaning that we ourselves attribute to the things in our fleeting lives.

Our economy is failing.

It hasn’t impacted me much yet, but I’m seeing the signs everywhere. We’re about to see tectonic shifts in the workforces of almost every major industry in almost every major country.

I’m predicting huge waves of unemployment and financial collapse that will especially hit middle class families.

The crypto markets have failed.

The technology sector has been stalled for 2 years and is surviving almost entirely off momentum at this point.

Companies will start going under everywhere. Big ones you didn’t see coming. We may even see some issues with our food supply chains.

And then we’ll see a cultural response to shutting everything down this long. The PR benefit to these companies only lasted about the first 6 months.

I’m moving. Again.

I’ll be trying to relocate to Columbus to get ready for the storm I see coming. I’m better networked there, it is a technology hub infused with wealth, without the mismanagement that characterizes silicon valley and makes it unlivable, and the climate is tolerable enough to me. Hopefully the move will be wrapped up by March.

The general strategy is to maximize opportunities for contracts, getting fit physically and working as many contracts at the same time as possible to maximize income so that if there’s a collapse I’ll have resources to get a secure situation created.

I sound like a prepper.

Project SURRO

I’ve had a breakthrough. I can’t talk about it yet.

Phanes' Canon: The Sweet Still Air Before a Storm

I love the smell of the air before a big storm, when everything gets still and quiet, and you can almost smell the electricity in the air.

I think alot of people do.

That probably doesn’t mean we’re creatures of chaos. I don’t think it’s so enjoyable because we anticipate the storm; in fact, I think we’d all be just fine if it stayed like that year round. But it never does. And then we’re fighting the storm and longing for the suspended breath of nature once again.

What makes us creatures of chaos is that if we were not fighting the storm we’d be fighting each other, and, we do between the storms. The nature outside is our enemy, and when it’s not, the nature inside is, and when that’s not, the nature of each other is.

All creatures hide from the storms except us. We wage war with those storms and build up resilience to them, and organize against them just as we do against each other. This is a human trait. This is the human trait.

It’s been a little quiet lately. I hope it’s just a lull and not a quiet before a storm. It usually isn’t.

I’ve been preoccupied with work and family things. As boring as that is, I’m relieved.

The cross-compilation process I’ve been using for Foster-D, while working, won’t be feasible for generating a distribution that targets multiple platforms. Only x86_64. I’ll need to revisit it at some point.

I don’t feel like making decisions. I might enjoy a brief period of analysing the projects I’ve been working on after some private life reorganization to get ready for the next cycle of effort.

I don’t like how loose in planning I’ve been lately nor do I like how soft I’ve let my routines get while dealing with an extended bout of insomnia.

On that note, I suppose there is a storm coming.

Phanes' Canon: SURRO Linux: Almost there!

I am absolutely giddy to announce that the SURRO Linux effort has broken through a major problem with the cross-compiler generation. At this point it’s almost fully automated and it /looks/ like we might have something to download soon

I want to say more, but so much of this is uncharted territory and I want to make sure I underpromise and overdeliver.

Doing this mostly on my own so far has been bullshit levels of work lol.

The current build is working with glibc/gcc from raw sources with no crosstool-ng dependency.

Phanes' Canon: The Gods Can Bleed

As of June 21st, Molly de Blanc is reporting as being unemployed, presumed to include the Gnome Foundation, which means we are officially at 33% of goal for the community response to the Stallman smear campaigns. Woot!

I think the oddest thing about the whole series of events is the Gnome Foundation’s total silence on the matter. The community deserved the announcement.

This is actually monumental progress, because what it’s done is it’s shown the people watching all of these smear campaigns, many fearful of being canceled if they say anything off the path of the narratives, that these FAANG-sponsored corporate “contributor” trojan horse actors that get embedded into these projects, particularly Gnome Foundation, OSI, Debian, are peddling – that these people can be stopped and that there can be consequences for their methods if people work together and are adamant enough about it.

The open source gods can bleed, and everyone saw it happen.

It’s also shown the agents of these campaigns that they can lose. They can not only lose, they can be held accountable after they lose.

There’s alot more to do though.

Neil McGovern, who in all likelihood used Molly as a patsy for this campaign while he was orchestrating it with Elana Hashman, is still employed by the Gnome Foundation. Elana Hashman is at RedHat and Debian too for that matter.

Those are the primary actors, but let’s talk about the secondary actors for a moment, too, because this is the impact these people had on the community during that campaign:

Aaron Basset, whose most notable attribute is that he represents New Relic in his role as the “Developer Relations Principal” (other companies are calling this “Developer Advocate”, or “Community Ambassador” or similar) it’s a role that interfaces with the developer communities that use their software), has published software designed to target the signers of the Stallman counter-letter. Why does this asshole still have a job? New Relic was made aware of it. So, I just want to recap:

1. He’s paid to represent New Relic to the various F/OSS communities.
2. The petition he is supporting got less than half as many votes as the counter petition, effectively demonstrating those communities’ voices and showing that he was not in alignment with the majority of the open source community.
3. His response is to publish software designed to target people who signed the petition he disagreed with, effectively fostering a climate of intolerance, exclusion, and alienation. He did this in the context of his job duties at New Relic.
4. New Relic is aware and apparently quietly hoping no one will say anything or that people will forget about it.

He didn’t just release software, he rounded up his pay-for-audience used to make New Relic’s opinions appear majority to host a podcast to build it live with that audience to give the false impression that this was some kind of community response.

For context for those who aren't following, if you'll recall, there were two petitions floating around in March.

- One directed at Stallman in the campaign led by Molly de Blanc mentioned above
- One directed at the methods/smears used in that campaign

 The first petition was basically a set of provable lies designed to attack the Free Software Foundation and their board of directors, who collectively own and maintain the GPL.  It wasn't terribly well hidden in its purpose.

The second one was a counter-petition that protested the methods used and disputed the "assertions of facts" in the first one, and signed in support of Stallman's advancement of the FSF and for the continued current representation in the FSF board of directors. 

The smear campaign's petition got  3,004 signatures (minus the ones from people who tried to retract their signature after re-reading the letter and realizing they didn't want to sign it, who were refused right of retraction).   Most of the signers were coerced through corporate contact points. 

The support petition got 6,785 signatures, in an overwhelming show of support for the FSF, its board of directors and particularly Richard Stallman by the open source community these organizations claim to be friendly towards.

So, I’ll just reiterate what I’ve heard from others talking to the other f/oss developers (actual ones, not pretend ones on twitter — the real ones don’t have 30k followers because they dont have time for that); People want this little asshole fired. I do too. I want to see Aaron Bassett fired over this, with cause. I want the entire world to know why so that other people who are inclined to target innocents for token signaling are forced to consider the potential consequences of their malicious behaviour. We are taught, from at least the age of 5, that targeting innocents is unacceptable.

At the end of the day though, he’s a low-information secondary actor. The primary actors are the core team who were behind the smears. Fire them all. They think they’re invincible. They view community dissent as coming from “the little people”. And they lie to achieve their objectives. They don’t just lie, they carefully plan out entire campaigns of lying, and they do it to destroy people while hiding behind corporate barriers on corporate pedestals, and we’ve had enough!

The gods can bleed, and now they know we know.

I know some of them are reading this. If that’s you, and you’re looking for a way to shut me up, I’ve just got one thing to say:

Veni et Vide.

Chris Punches

Have a good night folks.

Phanes' Canon: Bye, Freenode

I’m not Staff There, Ya Dummies

As of June 21st, I amicably tendered my resignation and severed my contract as VP of Business Development at Freenode Limited. There was a brief exchange and everybody’s on good terms.

Why I left

I had many reasons, but, many of them are better left discussed internally.

Of those that I can speak about, chiefly among them is a matter of identity. A couple of months ago, Freenode was the world’s FOSS IRC hub. Today its identity is heading towards a more general purpose network. While the new identity is one rooted in freedom of expression, if you’ll recall when I first joined the effort it was to empower the targets of serial defamation and to eventually disempower and remove the people and structures in FOSS communities that participate in it, enable it, cover it up, and propagate it, often in serial fashion. That included some of the ex-staff at Freenode prior to things blowing up earlier in the year, as well as some of the current staff at OFTC.

This is regrettable to me, as, in response to things completely beyond my control, I have observed that the majority of the FOSS community has relocated to either OFTC or Libera; effectively unifying and emboldening the network of abusers I sought to remove, who are continuing even today to engage in vicious targeting of the staff at Freenode (as well as other people who they choose to target) in a cyclical arrangement, and with a convenient cover narrative about what happened. Instead of the real reason, which is that their repeated behaviour over years caught up to them and dislocated the majority of the open source world as a result, they now can cite events that they themselves antagonized and orchestrated in some cases, which just adds further insult to injury.

Another reason is that of direction. I had a different vision on where to take Freenode that was incompatible with the direction it is going and has gone, which did include catering to the FOSS community, so, it would not be appropriate for me to stay.

The Most Notable Part of This was the Smear Campaigns

I can’t lie, I hope that freenode does succeed, though I am no longer part of its daily affairs, and I do hope that Libera and OFTC fail — their identities as organizations have become corrupt, and their methods have been enabled and legitimized by this.

The only members of the staff that were not targeted by smear campaigns while I was there belonged to socially empowered demographics. The majority of those targeted were hetero-normative Caucasian males. These campaigns followed the same formula as the other campaigns I occasionally talk about here.

I was also targeted to some degree, but there really isn’t alot of dirt on me; all they can really pull out is false light and innuendo to make legitimate things appear to be improper by manipulating details and context surrounding events in my life that they actually know nothing about, thus opening themselves to being rendered non-credible in their future campaigns as things unfold and opening themselves up to liability.

The Moral Law

The truth that burns for some of these miserable bastards is, I live an awesome life, full of love, and compassion, varying degrees of wisdom and empathy, and friendships, and hope, and even beauty. I’m not super wealthy, I mean I have to work for a living, but I pull a solid couple hundred G’s along the way, and am on my way to not needing to work anymore if I maintain. Even then I’ll still do open source stuff because it’s what I enjoy.

I’m no longer a 23 year old living in an efficiency apartment without the resources to stick up for himself making 8.25/hr at a call center while fighting the slackware team.

My values and my character are not only well tested now but well known in my circles to the point that I no longer have to prove them. I remember being in my early 20s and not being established yet, living in a new place without alot of new friends yet, and having to defend myself against a campaign like that, and having a hard time at it, because I just hadn’t been on the Earth long enough for people to know they were lies yet.

There were two formative smear campaigns for me back then, back to back: The first was an ex-fiance in college who developed severe mental problems after our engagement fell apart, and proceeded to engage in the most devastating campaign of dishonest destruction I’ve still ever seen anything close to; the second was with the Slackware crew shortly after, where details from the first campaign leaked out into the second campaign after I challenged their support venue by trying to create my own and resulted in about 7 years of defamation, harassment, and even offline stalking coordinated by people that you probably trust if you’re in the Open Source community. At the time, the Freenode staff were aware of what was going on and were turning a blind eye to it, and allowed it to be used as fodder to justify future ostracisation.

Along the way my career took off and I’ve lived in a strange split universe; one in which my walking world is awesome and relatively normal where I live as a competent and successful corporate systems architect and consultant for Fortune list companies, am pretty much surrounded by joy and success, and another bizarro universe of a demon named “me” on IRC that never seems to have any substance when investigated to primary sources and is a reality that only seems to exist in a single social network. The interesting part is at one point after I had decided to launch IRCThulu, the ex-staff at Freenode sent a courier, a member of their staff, to negotiate with me, who ended up becoming a friend of mine because the bullshit surrounding that bizarro IRC universe was so apparent and in such discord with reality that it doesn’t really hold any weight to it.

Well, now I’m 36, and these same folks are breaking their literary fists on my abs, and I have the financial pull to hire attorneys when that’s not enough, which ends with me being financially compensated and expenses covered along the way. If I can’t have peace, I can at least have a nice house.

Hasn’t had to happen yet, and hopefully won’t have to start, though, I am starting to wonder about that with this one. Even without legal teeth behind it, the truth is, every enemy I’ve ever noticed that I had has eventually destroyed themselves with their own character, even if it took a few years of waiting for it. Why do you suppose that is?

What’s Next

What’s next is July 4th, and an awesome BBQ being planned. At some point between then and now, me and my puppy are going out to a closed fence park where he can run himself stupid chasing a dirty tennis ball. Then I am considering retheming the site. Then looking at hopefully devoting more time to SURRO Linux development. Couple of events to go to along the way.

Phanes' Canon: Strength and Establishment

What a rollercoaster of a couple of weeks it’s been. It was already a wild year. In a wild decade. For a wild life.

SURRO Linux Effort

For SURRO, we started a new ambassador program to increase our presence on various media. Also hardened down on our ability to verify identities of project leadership due to a recent rash of impersonations of me on the new Libera network.

It also looks like new work will start soon on the troubleshooting of Foster. It’s about damned time a new cycle started. I can’t tell you how many times I’ve wondered through this project if I can pull it off.

Freenode Transition

Freenode has been interesting and inspiring. I am so proud of these people I am working with.

So for those of you who are not aware, I am new staff at Freenode currently. As discussed in previous entries, there was a change in leadership over the last month that lifted a great burden for me. Lots of reasons why.

I see some people compromising and making the argument that both sides have been mean or toxic towards each other, but, I am only seeing positive vibes on our end against the grain of some of the ex-staff and their social circles who either abused people on this network for decades or enabled it and sometimes covered it up. I get the occasional dislocated abusive ex-project leader romping in trying to work a gotcha argument, but nothing I’m not used to dealing with. They’ve been sending in people and bots to spam and spread misinformation about the integrity of the network, targeting the staff with more smear campaigns (behaviours that literally are what got them in the position they’re in). It had become a toxic culture for everyone except the people the abuse was benefiting. The most insidious thing though that I observed was circles of ex-staff telling sponsors and project leaders outright lies to strategically overhwelm them with false information that undermined their confidence and generating rallies to call for a transition to their new network — in alot of cases those channels literally set their channel up where no one could speak and started booting people out after telling them to go the other network, essentially forcing users who did not want to transition into doing so. In alot of cases they used those ever-more famous “whisper networks” to facilitate the miasma they were generating. And all the while they believe they’re the good guys in this. I am having difficulty reconciling what they believe themselves to be with what I am observing and have been observing for many years now.

Malignant Narcissists are the Problem, not “Social Justice Warriors”

The problems in F/OSS culture are hugely misunderstood. While all societies are burdened with such things, the issues we have are not nearly as heavily related to racial bigotry, transphobic bias, or even gender disparity — although these problems do exist even in these communities — they are being worked on and are socially empowered to be worked on. A very serious, overlooked and unaddressed problem in F/OSS that accounts for most strife in these communities is a problem with narcissists once they reach a position of authority or influence.

NPD is a disorder that has a set of hallmark behaviours common to it that I strongly suggest anyone reading this educate themselves on if they wish to understand why so many problems have occurred over the last 10 years or so in those communities. One of those behaviours involves smear campaigns and the expert use of gaslighting, a technique called DARVO, and the sinister but effective inspiration or utilization of what are referred to as “flying monkeys”, which are secondary and tertiary actors to a narcissist’s smear campaign and sometimes do (and sometimes don’t) know whether the smears are true or not.

Behind most of those campaigns are 2-3 primary actors with NPD, APD, or a similar combination of actors with what are called “dark triad” traits, and the secondary actors who do most of the harassment or defamation will usually have a personality disorder that is related, often covert and is sometimes also NPD, and then there are tertiary actors (these are also flying monkeys) who mainly act as the peanut gallery holding the signs or throwing the tomatoes on various mediums — this class of campaign actor tends to be the loudest, and serves mainly as a vessel to carry the misinformation. Tertiary actors often have no clue that this is the function they are serving, or that it was a function designated to them by the NPD actors driving the campaign.

The general mode of operation of a narcissist is reputational attacks and subversion of social orders; this is the coworker that lies about you in the office that you never give enough ammo to until one of you leaves, or the disgruntled ex-employee that posts mean reviews on yelp about your business, or the embittered ex-fiance who lies about you to try to destroy your happiness– or the F/OSS community leader who seems to continuously get away with destroying people who have more potential than they do to remove threats to their career progress or position as a technical authority — or sometimes just to protect the same for people in their circles.

The smears involved will usually have pieces of real events woven in with the lies consisting largely of false light, taking advantage of the high cost of attention required to validate their assertion. So, people go to validate, see that some elements line up, and accept the lies. This makes the secondary and tertiary actors (the flying monkeys) emboldened by a false sense of justice.

This is not an exaggeration: A narcissist will put an enormous, staggering, and unbelievable amount of work into the deceptions that they use. In some cases, they will not use a lie if they can’t get any ammo but will use innuendo so that others will misinterpret and relay that implied misinformation to avoid liability. They also groom their secondary actors to find people who will either read between the lines and do it deliberately (ritual defamation) or will be gullible and malicious enough to be a willing, but dumb relay.

The narcissist is an interesting creature and you often don’t see them for what they are until it’s far too late. Most of their accusations are confessions, they are attracted to positions of power or influence for sometimes long periods of time, and , above all, they lash out when their position of power is reversed with their targets. Everything I’ve seen so far is textbook playbook and pretty easy to draw out and handle.

One element of these types of tactics that makes them devastating to their targets is that their campaigns can feed off of each other without any coordination: When an NPD’s smear campaign dies down, years can go by but their smears are still in the public’s memory so a new narcissist comes along and rehashes the other’s old smears to try to falsely establish a destructive narrative. Sometimes just for fun, and because they can. Someone already did some of the work for them, so, it’s ammo. People who are targeted by a narcissist are extremely likely to be targeted again by other narcissists often with variations of the same smears to establish a narrative, attack reputation, and undermine their target’s credibility to prevent the truth from coming out (which would result in consequences for the narcissist).

The solution to alot of the problems in the F/OSS community, in particular regard for the parts of it that are backed by large corporations, which attract these at a higher rate because the positions carry the tone of funded authority and immunity, is to simply stop participating in these smear campaigns or bullying operations.

In terms of accountability today, malignant narcissists tend to springboard from one environment to another to avoid accountability; for example, one I’ve engaged with recently was high up at RedHat until his behaviour was starting to become exposed and create problems for him, so, he hopped over to Microsoft after things fell apart and he was becoming exposed, and that person is now a Principal Program Manager and Microsoft has no clue what he is or has done, giving him a completely fresh slate to quietly start again in the background and likely a bump in pay. Society often rewards NPD abusers because almost none of the effective strategies against their behaviours are legal or socially accepted; There aren’t even really socially acceptable ways to even make people aware of their behaviour, or the damage that they cause, because it has been a masked issue for so long. They don’t get exposed and when they do it is often at great personal cost to quite a few people before it has any real impact at all, which likely just forces the narcissist to swap out environments with no further consequence for the trail of damage they left behind.

The narcissist knows that serial campaigns detract from their credibility eventually so they tend to gravitate towards themes of social justice where their behaviour will not just be tolerated but rewarded and empowered by a culture that wants social justice for all but perhaps is not of a similar mind on what that looks like. As such, demographics that are not empowered by social justice movements make softer targets than others.

You don’t need to be out to ruin somebody’s life because of a poor comment they made 20 years ago; what you can do to help the community is to identify serial defamers, lynch mob participants, and exclusionist bullies in positions of authority and replacing them with people who want to foster a large community where anyone can participate — people who do not abuse the public trust.

A word of caution though — nothing enrages the narcissist more than being exposed as one. They are not able to process the dissonance between their self-perception and the reality being given light about them. When a group of abusers is suddenly in a reversed position of authority with their target, it is almost gauranteed that they will lash out desperately with increasing animus until they are exhausted, destroy themselves, or destroy you. The way you beat the narcissist is with self-reflection on how you contribute to their campaigns, exposing it, distancing from it, and in good faith. People who are not prone to their manipulation are likely targets, as are people who have been previously smeared, but almost nothing guarantees being targeted quite like them becoming aware that you know what they are. You will immediately be seen as a critical threat to them.

I hope that you are able to see through the visceral lies that brought you here enough to be able to read and understand what I have communicated to you here, today. I am less concerned over whether you believe what somebody told you that brought you here than I am that you understand this phenomena so that you can stop others from having to experience it. Who knows, maybe some of those “others” that you help by stopping the normalization of these behaviours might be someone you care about one day.

Abuse @ SILO

Some of the folks angry with the change, seemingly from the circles of the ex-staff, have been targeting the new staff online with vicious and predatory smear campaigns, which inspired me to use SILO GROUP’s infrastructure to launch an abuse reporting mechanism for the F/OSS community for those affected by cyber-lynching, group harassment, general exclusionary practices or other forms of bullying that has happened far too frequently by people who have made it to very high ranking roles in large F/OSS and/or corporate entities, who have targeted too many people who otherwise would have made great contributions to free and open source systems and software. I never want to see this kind of abuse again and I want to help people expose the malicious actors who engage in it.

Phanes' Canon: Frank Gingras is a Former Stalker of Mine

Hi. I just was made aware that Frank Gingras (thumbs) has been repeating an old hobby of defaming me. I am able to prove that he is lying and has actually projected his own actions towards me onto myself; I will be posting a public statement addressing it. Frank has done this too many times and it needs to be public knowledge.

For clarification on the log I read, to avoid confusion, I am both bagira and phanes.

The featured image should explain what was going on there. I’ve also put it below[3] along with a list of my former stalkers[4] that they compiled themselves. I’m happy to answer questions and update this page with new information as questions are asked about the history there, which is long.

The context is that after some devastating life circumstances, some career rivals in the open source space, gravitating around the core slackware development group — notably their IRC group, decided to respond to a dispute I had with that group originating from me trying to create a non-official support medium that rivaled theirs and provided a more open culture, which subjected me to years of abuse to try to bully me into shutting down. During their collective campaign, they incorporated both real and fabricated events from my personal and family life, cherry picked from what was made public at the time.

The full list of people involved in the stalking of me, my loved ones, both online and offline is in the ban list of #surro-linux. Frank was only one of them but was involved in most of the offline stalking in a campaign of sustained abuse, which went on for about 7 years between 2009 and 2016. Leadership at the Apache project was made aware of his behaviour by me at a convention. I am reserving my right to add the names of the others at my time of choosing.

They wrote defaming letters to employers and potential employers. They defamed me to peers with lies much like the ones I am responding to. At the time I did not have the resources to litigate. There was no retaliation that involved any breach of integrity on my part. They were in the social network of the ex-Staff[1], and I tried many times to get it addressed[2] by Freenode’s ex-staff.

My intent was to move on from it but I have been made aware that <thumbs> is defaming me in various mediums again currently over the controversy involved with the Freenode change of staff, as I am currently on the new staff after the old staff left. I am considering my options on how to best address his behaviour.

Thank you.

1. https://web.archive.org/web/20210528084305/https://pastebin.com/8BLKnFU5
2. https://web.archive.org/web/20210528085208/https://pastebin.com/tWRcqr76
3. Taken 2021-05-27

4. Taken 2021-05-28

Update:

Upon being made aware of this blog post, Frank Gingras joined the channel where stalking of me by this group was coordinated, used chanserv to get operator status, and booted me from the channel to prevent collection of more artifacts proving his involvement:

5. Taken 2021-05-28

Phanes' Canon: Luigi needs a W-A-L-K, Work, Freenode/Libera, Upcoming Projects

The Dog and I

Who can say no to a face like that? What the image does not show, is a little black tail waving on the ground at about 300 bpm (that’s 300 borks per minute for those of you without dogs).

Been Too Busy

So, me and my sweet, big dumb dog are enjoying the weekend. I had half of Thursday off and all of Friday after a very exhausting platform rebuild for a client, preceded by a week of oncall rotation that same week while trying to memorize about 2000 words for a public speaking engagement to be delivered Thursday.

Somehow it all worked out with no casualties. By about Tuesday evening I was so tired that I was becoming physically ill and was dangerously close to burning out. I had forgotten how much work engineering-level can be and this role has been a good reminder of that.

I kinda miss architecture

I do miss architecture, though. Fixing processes saves more work than quick repairs and having to explain the basics of requirements gathering and communication around them to justify them are harder than actually doing them.

The tradeoff is that the problems are almost always uncharted territory with much larger consequences.

Freenode/Libera

A few choice words would be appropriate…

Love it. As predicted way ahead of time, less than 48 hours into Libera’s existence, a manic network operator using the nickname “Jose” careened into the main channel #libera and shut down all communication with channel modes before proceeding to bark orders at the users, issuing klines left and right, effectively demonstrating that the most toxic parts of the open source community are no longer on Freenode: They resigned and moved to Libera.

They don’t have the social skills to foster a culture like Freenode used to have, and pretended to have the last 10-12 years, that was all inherited legacy from Lilo and this was all a natural and appropriate course of events that directly result from their inability to lead or coexist. Freenode will be fine for the most part. Still alot of garbage to sort out, but it’s on the right track. Let these kids build their toxic operator paradise, and please, please let it be an exclusive club. This pads the rest of the community by no longer having to interact with them and the poison that created them at OFTC, or the poison that they pour into any community that depends on them. I love me some justice.

Sure, some big communities are moving over. Well, kinda, they’re mostly colocating to see which network sticks around, and most of them have discord arms building up to move over to. The ones that are being all big and dramatic and flashy about it are the people we’ve all wanted to see leave for 10 years. This is amazing, it’s somehow concentrating all the exclusionist dirtbags to one or two places.

I did have a few choice words.

I had words for Jessica Porter (<Jess> on IRC):

http://web.archive.org/web/20210522083243/https://gist.github.com/jesopo/45a3e9cdbe517dc55e6058eb43b00ed9

Had a real fun time with that one because, as has become expected of her and her constituents, she tried to erase the evidence as you can now see on the original page. Good thing the archive.org link to it was circulated and not her carefully whitewashed version.

I had words for Christian (<Fuchs> on IRC):

https://web.archive.org/web/20210523012420/https://gist.github.com/Fuchs/7d5866faadf71620583ceee10222ef95

He did the same thing and tried to sweep it under the rug. Utterly pointless since this is all on archive.org now and has already been circulated.

Oh and I had words for EdK:

https://gist.github.com/edk0/478fb4351bc3ba458288d6878032669d

The only person I didn’t have words for was grumble, who was a direct participant in the abuse I witnessed and experienced by Freenode staff at one point. I don’t have much to say to that one. I just want him gone with the others. There’s really not much else to say. He knows why he deserves it.

These people participated in ritual defamation for years and they need to face consequences.

There are still about a dozen channel operators who should also be removed and not to mention Tom Wesley and Doug Freed. I can’t do much about that at the moment. I guess we all need things to look forward to.

Oh, by the way, some rando alerted me to the presence of this thread:

https://news.ycombinator.com/item?id=27235576

I was really happy to see that someone is picking up on what’s been going on with me, and decided to throw in.

Upcoming Projects

In terms of current projects, I need to re-assess at a later time on priorities, because I think things are moving in the right direction with the IRCThulu project’s goals and I don’t want to interfere or create unnecessary adversarial models. The environment changed, and I need to understand it first. That will take a little time.

One idea that crossed my mind was building the backend, frontend and the runners, and hosting the backend and frontend, but providing packages to install the runners to provide feeds as a community service. I actually like this idea alot. That way I can shut off the feed for networks that don’t want it and have a positive relationship with my efforts, while the community can still get visibility on the things they need to be visible. It also removes anything resembling liability for me for reasons mentioned in previous posts while still presenting as a potential sanction device for OFTC and Libera in case it becomes necessary.

As for SURRO and the Foster effort, I need to spend some time on it. Maybe the weekend after next. Conceptually I think I’m pretty close to a breakthrough since Rex was polished up to a releasable state.

Phanes' Canon: Vae Victis!

Alas, there are far fewer reasons to develop IRCThulu as of today due to a series of wonderful developments: A collection of the most toxic abusers and abuser enablers in the F/OSS community have resigned their positions on Freenode, thus reducing the reach of their misuse of authority and curbing the implementation of their toxic gatekeeper mentalities across the open source world. The problem with OFTC and Freenode is that they let toxic shits get to positions of authority in their organizations, and then those people proceeded to do what toxic shits do for decades when they were given an ounce of control over other people.

I’ll never forget when these people were literally ignoring a stalker using crowd lynching techniques to harass and threaten my family and I on their network, spread lies about me, impersonate me, and then rally up others to do the same. Instead, they victim-blamed, and even participated in some instances until this project surfaced seeking a scorched earth scenario.

Well this is that scenario.

I’m glad they’re gone. I hope they never are given positions of authority in any community again, and if you’re reading this, I sincerely hope you take measures to prevent them from seeking such positions.

Their names are:

• Fuchs, who was aware of the situation and chose to punish and ostracize the stalking victims of his friends over the right thing. His name is Christian. More identifying details will follow.
• Jess, who is a toxic enabler of abuse on the network.
• EdK who has been famous for his misuse of authority in the community for decades.

It’s all just so wonderful to see them leave with nowhere to go to of any substance.

Here are some blogs, and I can assure you the timing was incidental (wink, wink):

• emilsp: https://gist.github.com/pinkisemils/39d4ded8b1639b6f39dcab15618649f5
• Fuchs: https://gist.github.com/Fuchs/7d5866faadf71620583ceee10222ef95 / https://fuchsnet.ch/freenode-resign-letter.txt
• jess: https://gist.github.com/jesopo/45a3e9cdbe517dc55e6058eb43b00ed9
• kline: https://kline.sh/
• Md: https://blog.bofh.it/debian/id_461
• mniip: https://mniip.com/freenode.txt
• niko: https://coevoet.fr/freenode.html
• Swant: https://swantzter.se/freenode-resignation

Anyway, there are still problems at Freenode. See, Tom Wesley, a covert narcissist at the OFTC has been plotting and undermining both of these organizations to further his interests with this growing takeover being orchestrated from the bowels of the Debian Community for years, and has his claws sunk into Freenode and OFTC to these peoples’ detriment (even though they inadvertently helped him do it). Shortly before all of this was the Stallman smear campaign, which I can’t comment too much on but was active in helping shut down, and was whisked off of both networks to keep me from creating consequences for the currently unethical behaviour being coordinated against Stallman from those same people in the Debian community and to definitely keep me from telling my own personal story about these people while they were begging to retain control of the very network they used to abuse people for decades.

I just want to say it again: The open source community was improved by these people leaving. Don’t let them come back.

So, I’m not sure where things go from here. If Tom Wesley is thrown out, which is actually pretty likely within a couple of years once the new crew comes in, there simply will be no reason for IRCThulu: The Freenode network would have provided justice.

Time to sit back and watch how this unfolds, and make decisions as things go.

Phanes' Canon: IRCThulu Platform: Tenta Rehash

So, I cracked open the 4 year old codebase for the pieces of IRCThulu that I can make public:

https://source.silogroup.org/ircthulu

Yeah, this is all proof of concept at best. Plus, these runtimes aren’t particularly portable for the guerrilla style campaign model I want this system to be capable of executing. It needs to scale.

So, I brushed up on my IRC and made a little proof of concept bot to get those neurons firing again:

https://github.com/cmpunches/Tentabot

It turns out, implementing down to the socket level without introducing dependencies was crazy easy compared to how it would have been 4 years ago. I’ve grown a little as a developer and an architect since then. I did some sloppy work here with field processing in the IRC_Event class that needs rewritten before anyone should use it — it’s just a POC for an event-driven IRC bot. I didn’t want to introduce regex dependencies or spend too much time on tokenizing the responses. Quick and dirty, took about a day.

I can’t believe it’s been 4 years.

The Tentabot was fun to build and I got to test it out a little with a well known hosting provider, and even gather some field data in the process for requirements gathering for the IRCThulu. Can’t quite publicize the endgame strategy just yet, but, it’ll bring some closure to alot of people who deserve that closure. The bot needs to look like a real user when it connects. It should also be very small and portable.

I think the next step from here is re-implementing in C++. Then I want to bring in a command subsystem as well as the ability to connect to new hosts, then loop in hooks for everything and release that. That way if the IRCThulu campaign ends for whatever reason I’ve still got something to show for it as a released product. I have so little time these days that I’ve gotta create layers of win with stuff like this.

I prefer a modular approach to platform design. Every component should be a standalone product that does one thing for a specific purpose and works together to create a larger platform. It not only fits in well with the Unix philosophy, but it also creates an incremental delivery for larger distributed systems, and the resultant platform is far more flexible than a bespoke system where everything is made to uniquely only talk to its sibling components.

Freenode is headed towards their endgame with this, but, I’m still in the opening credits. They have a couple of excellent developers. No real executive acumen for adversarial models, though, despite the ardent effort to create them; a clear sign of a leadership defect.

So, time to trim some fat, and losing weight takes time. When you are losing weight you don’t lose 5 pounds here and 10 pounds there after a night of rigorous exercise, or even a couple weeks of it — you develop a strategy and a routine around energy expenditure and dietary intake. You grind away at it for weeks, months, some people take years, and then you wake up one morning to find yourself more fit, and to stay that way you decide to continue your program. After a while you enjoy it.

Conflict is much the same way. Not all conflict is an argument that’s over when someone says something mean or witty. That’s a defect in our current culture, and not a reflection of any historical merit. Sometimes conflicts last for generations. People who seek out conflict are unwise, sure, but people who avoid necessary conflict at the expense of their values are the former’s prey. Sometimes it is unavoidable. That’s also something smoothed over in human history: We like to pretend every conflict in the past is a product of barbaric times instead of a hallmark feature of our species, and, perhaps categorically– of sentience.

Phanes' Canon: A Thousand Years of IRCThulu

I’ve decided to relaunch the IRCThulu effort after a sudden encounter from an old harasser named Tom Wesley.

I had a deal worked out with the major IRC networks that I wouldn’t develop it, as long as my work was left unhindered, but, the person I worked it out with has left staff and the two networks I go on don’t seem to believe it is an issue anymore, so, this is my cue to build away given the adversarial stance one of the networks has suddenly taken by a couple of renegade staffers. Up until this point, I’ve kept my terms of those agreements. It’s really too bad. Ironically, this was set off after years of everyone holding up their end of our agreement until a big shitfest of exclusionary douchebags in the debian space started a smear campaign against RMS and some other folks, which I helped shut down, so, they’re cleaning house of folks who don’t fit into their narratives, and just happened to pick out the one staffer holding the policy avalanche away that is IRCThulu with an agreement with me, and then proceeded to bait me for weeks hoping I’d respond with something mean they can use as ammunition to justify their restriction of my access to my work spaces. Seen it. Beaten it. Had it for breakfast, guys. I’ve spent years structuring all of this to be resilient to this very tactic.

What hubris.

I’m taking a different approach this round. Already built a POC for this, but I need scale. Instead of furiously coding everything all at once, I’m designing it one small piece at a time, making each piece good at what it does before moving onto the others. A slow burning, low energy, but highly inspired, approach.

I think first is the IRC client. I need a bot. Not just any bot. I need a bot deliberately designed to be hard to detect, easy to control, and extremely portable — while still being modern in design to make its feature set quite flexible to be able to do what I’m envisioning it should do and to enable the broader strategy at play.

Since this project is 1984 incarnate with a splash of nerdrage and cthulu reality-warping madness, I’ll want it to be verbose enough such that identity research features are possible with the data it relays, but not so verbose that data management is a burden.

Conflict is never pleasant…but if you have to fight in one, find a way to enjoy it, if you can. Inside each and every one of us are gods and demons, angels and ghosts, heroes and monsters — reachable as those archetypes which generate legends and history. They are tools of the human spirit. Find the right tool for the job, and if you’re adept with it you’ll end up making a new one from time to time.

SILO GROUP LLC: SMQ/S

SMQ/S is a very simple message queue service designed to be quite fast and barebones.

As this project is part of the Logthulu project, and is a component, see the Logthulu project for updates:

https://logthulu.silogroup.org

SILO GROUP LLC: Desktop: Scallywag

Scallywag is a linux desktop client for The Pirate Bay reverse proxies. It automatically retrieves a list of known reverse proxies for the famous PirateBay website and allows the user to search for, and select magnet links, and begins the download using the system’s XDG-configured default magnet link downloader. Written in Python and uses the GTK UI.

Source code is public, GPL licensed, and hosted here.

SILO GROUP LLC: SME/D

SME/D is a Delphi-based think tank system and analytical engine designed to allow highly functional subject matter experts to explore and debate diverse angles of many issues. Not yet available for prototype showcasing.

SILO GROUP LLC: SAL/M

A System that Designs Systems

SAL/M is a solution that manages the Software and Systems Architecture Lifecycle.

It will facilitate high level aspects of solution design using only artifacts created/represented inside of its portfolio.

Project Objectives

• Facilitate an intact distributed systems design process.
• Generate artifacts of that process.
• Represent all available components in a software ecosystem to those ends.
• Represent relationships between those components.
• Generate a compiled artifact on demand of the current state of a solution design.

Dependencies

SAL/M will use SME/D for stakeholder engagement and IDM/A for its security layer.

Further Reading

Not yet available for prototype showcasing.

SILO GROUP LLC: Pyrois

Pyrois is a “distro in a box” in the making.

9000 Foot View: How Pyrois Works 

Makefile-driven, Pyrois downloads and compiles our tool, Rex, onto it, and then uses a Rex project to compile a chroot using a cross-compiler.  From within that chroot, Rex then compiles all items in the chroot with everything you need for a Linux system. Pyrois will eventually fork to spawn another project, called Foster, which will preserve that process while it evolves to generate an installer image for a binary package system as part of the genesis of a new Linux Distribution.

As Rex is json-driven, this allows “checkbox” style user interfaces to the build steps, allowing almost limitless customization of the Linux distribution that is created by Pyrois. This will allow you to create very, very small Linux images for specialized use cases.

Pyrois is largely curses dialog-driven and is eager to onboard contributors.

Pyrois is the component that will create Dark Horse Linux.

SILO GROUP LLC: Dark Horse Linux

Dark Horse Linux is a new Linux distribution owned by SILO GROUP LLC.

Cross-compiling a Linux sysroot, and building the system from upstream sources inside your environment with verified checksums is about the only way to ensure that software hasn’t been tampered with.

That’s what Dark Horse Linux does to create its sysroot in a publicly verifiable way. Borrowing largely from the LFS process, Dark Horse Linux is a parent project meant to empower more creators to create their own linux distributions in the course of developing one.

While Dark Horse Linux will eventually move to become a binary package distribution and sell commercial support, it is currently a community effort to re-establish open standards, provide a provably clean OS build, and targets both the container markets as well as research environments.

In order to automate the build process, which is complex, SILO GROUP has developed a new utility called Rex. You can read more about Rex on its info page.

SILO GROUP LLC: IDM/A

IDM/A is an identity management, session management, and rights management system in development by SILO GROUP.

This system is currently closed source and not available to the public prior to stable release.

SILO GROUP LLC: Theme: Antikythera

Antikythera is a WordPress theme designed with simplicity and stability in mind.  It is based heavily on both Artifact for Hexo as well as Hitchcock for WordPress.

You can download it from its dedicated github repository here.

SILO GROUP LLC: Library: Machapi

Machapi is a somewhat comical API  engine to interface with various social networking sites, written in Python.

You can read the documentation here.

SILO GROUP LLC: Logthulu

Logthulu is a large-scale log aggregation system.

The project site is at https://logthulu.silogroup.org