[sci] Q re journal article IP

Jul. 26th, 2017 12:48 am
siderea: (Default)
[personal profile] siderea
I'm reading this really great journal article in the field of medical anthropology, and it got me thinking, "I wanna quote this whole thing. I bet my readers would really dig this." And then I thought, I wonder if I asked nicely if the author would let me republish it as a guest post in my journal? And then I thought, I wonder if the author even has the authority to do that, once their paper has been published in a journal?

What rights does the author of journal article have in their article once published in a journal? I appreciate this might vary by specific journal (or organization that owns or edits the journal), but are there general trends? Do journals typically require submitting authors forfeit the right to publish the work for free on the internet? Forever? What if an author wants to contribute the paper as a chapter in an anthology (book)? Or write their own book in which the paper is one chapter?
marissafriedcj: (Default)
[personal profile] marissafriedcj posting in [community profile] davis_square
$1050 Monthly + Utilities for Large Bedroom Unit / Coin Op Washer Dryer in Building

$1050 Deposit Required by Landlord

About Your Potential Roomates:

Marissa, 29, is a chocolate connoisseur who also enjoys exercising (#RocknFitness #TeamFitBit) and following baseball. In Marissa's free time, when she has that sort of thing haha, she likes to cook, bake, as well as try out new restaurants with friends.

Ayla, 31, is a wellness educator emphasizing mindfulness and meditation. Ayla also enjoys creative writing, yoga, swimming, and nature walks. Ayla is involved with local community efforts in sustainability and government.

If You are Interested Please Let Us Know About You and Your Availability

Thanks and plans that fell through...

Jul. 25th, 2017 09:14 am
kalloway: (FE:F Scarlet Cute)
[personal profile] kalloway posting in [community profile] imzy
[personal profile] wolfpurplemoon, thank you for the imzy gloves! They're perfect and they'll be my 'computer gloves' for the winter, since my hands pretty much freeze up on the first day of autumn. (And they've been here a few days-- I had them sent to my folks since I don't have a secure mailbox and then had to pick them up.)

While cleaning my computer desk a few minutes ago, I found a bunch of notes for things to post in the future on my imzy comms on certain days, whatever. I'd done a decent bit of pre-planning (and just had to do some image scanning/hunting/etc. before actually making and scheduling the posts.

Oh well...

How is everyone doing? I check the Discord server sometimes and it's good to see familiar names still around.
siderea: (Default)
[personal profile] siderea
Every. single. time. my shell hosting company announces a planned outage for an upgrade for something having to do with email, and they assure me that it won't impact me at all and I won't have any email outage, every single time they've wrong.

I'm not going to embarrass them in public because they do try so hard and are quick to fix broken things when I bring them to their attention.

It's just that, by now, I'd hope they'd just email me, "Hey, Siderea, we'll be fucking up your email at this future date and time. We'll be around on Twitter until this subsequent date and time. Please be available during this window to exercise your account and let us know what we've broken this time."

Instead, I email them in response to the planned outage announcement and say, "Hey, what can we do in advance to make this work?" and they're like "nothing, it's all going to go perfectly!" and I'm like, "ooookay, when exactly will you be flipping the switch, (so I know when to check on you, but I don't say this part)?" and they're like, "oh, sometime on that weekend." *throws hands in the air*

(I miss nyip.net so hard.)

SHREW

Jul. 22nd, 2017 12:36 pm
rydra_wong: Lee Miller photo showing two women wearing metal fire masks in England during WWII. (Default)
[personal profile] rydra_wong posting in [community profile] common_nature
Yesterday I got to see a tiny shrew very close-up and it was very exciting.

So I was sitting on a muddy path in a wooded area because of reasons (ok, exhausted after climbing) when I saw movement and a tiny thing scurrying past me. I figured that glimpse was all I'd see, but I turned round to see where it'd gone and it was on the path on the other side of me, and with great caution so as not to startle it I managed to dig my phone out of my coat pocket:

longshot in which a tiny shrew may be visible among rocks and moss

(There's nothing to give a sense of scale, but the shrew is a few centimetres long. It makes mice look big.)

THEN --

Cut for blurry close-ups and blurry worm death )

Thailand in the rainy season.

Jul. 21st, 2017 10:14 pm
jbvb: (pic#51664908 hiking)
[personal profile] jbvb
Today: Weigh 206.5 lb., pretty good after all the Thai food I'd been fed. Black Raspberries almost gone, blueberries fading. Mulberry still producing. Yellow Transparent apple will be ripe before month's end, crop fairly heavy and not showing a lot of damage. Defrosted the kitchen freezer.

Thu: Flight home was better than outbound; I stayed warmer and the food was better. Aisle seat let me sleep a bit without making my legs too sore. Mieke brought my car to Logan, I drove it home. Went to bed about 11 PM EDT.

Wed: Nid's house re-roofed with corrugated aluminum, 75 mm of foil-faced fiberglass batts installed in 1100 mm wide bays between steel frame members, above old foil faced bubble insulation. Saved intact panels from failed corrugated cement board roof for her brother, whose roof is worse. P. Noy treated dinner at a place that served pizza. Their Hawaiian had the expected ham & pineapple, but also slices of (effectively) hot dogs, peas, carrots and corn. Crust soft, almost fluffy.

Tue: Nid drove part of the way home from Koh Chang, I drove the rest. Apple Maps did better, sending us down a long, straight, mostly rural road along Khlong 13 to bypass the motorways east of Bangkok. Excellent except for a couple of spectacular embankment failures amounting to maybe 300m of pothole dodging.

Mon: Rainy morning, see Ah Tep's group off, then explore the South side of Koh Chang. Cleared in the afternoon, tried out the Ramayana's private beach: Water too cold for Nid (at least 25C), very foamy from wave action, lots of plastic & debris on the beach. There was sand close to the shore, but out where the waves were breaking was all coral rock. Only a couple of body surfing rides.

Sun: Rainy morning, so no beach for the kids. P Noy and Bing headed home late morning. Nid and I hiked ~1 km. to the Klong Plu waterfall, which was nice but would be spectacular when the river is closer to flood stage. At full typhoon flow, the approach path would be meters deep.

Sat 7/15: Drive to Koh Chang. Apple maps suggested a rural route, but Bing, driving the other carload, stayed on the highway. He's a fast driver, but they lost their lead when they stopped for lunch. We didn't make the initial turn correctly and encountered some slow roads and a number of towns. I drove the 2nd half, my first driving on this trip. The policeman at the 'getting near Cambodia' checkpoint asked for my license, I showed him NH and Nid told him she'd washed my IDP. He said 'not legal, you're free to go' and off we went. Only 2 ferries working, so a noon-ish arrival didn't get us across till about 14:30. Bing & P. Noy got aboard a little behind us, but Ah Pa and Ah Tep had to wait at least another hour.

Thu: After breakfast with the 505 family, drove around looking for deer. Then Nid drove Ah Taow and Ah Pa back to the island, then us back to Saraburi.

Wed: Remembrance Day for deceased family members, ceremony and meal at Wat Tha Tako, 1/2 km away from the island. Then to the Mall, I got name cards and a pair of Birkenstock Milanos for $80.

Tue: Drive to 505 Pokhaphan noodle plant, cattle ranch etc. with Ah Wat, Ah Pa, Ah Rat and Ah Taow. Lots of discussion of old times, tour of the ranch, nice lunch at the canteen, visit the company store which sells noodles, beef and a good deal of hardware and tools. Then to see the land Wat just bought, which alas is on the far side of the giant traffic jam of everyone returning to Bangkok on Hwy. 2.

Mon: Namo, Ah Pa, Nid and I drive to Phanon Rung Historical Park to see the restored Khmer site from ~1000 AD, then to a theme resort with an interesting botanical garden.

Sun: To Ah Wat's store downtown to watch the Vassa Parade. The first two Buddha floats didn't have too many clearance problems, but we had to leave before the next got there - Ah Thai had come down from Nong Kai but couldn't stay long due to a medical appointment.

Sat 7/8: Start at 0600 for Korat, but Hwy. 2 already heavily congested with people going to the Northeast for the long weekend. What's normally 2 hours and a bit took us more than 7, Nid doing all the driving. Many family members were at the island, more arrived from the US just after we got there.

Fri: Road trip to Lop Buri, see the RR station and the palace, then home for Namo's football game. Nid got another quote for a metal roof and installation of insulation we buy.

Thu: Drive to Kaeng Khoi, look around the RR station - busy junction where a branch splits off the Northeastern main line to Korat and an arm of the Southern line joins. Then a 'make your own spring roll' Vietnamese lunch.

Wed: Out early to inspect the roof - found lots of cracks, some quite big enough to be the leak. Local builder told us the cement board had failed because it was screwed too tightly to the steel frame. Gave quote for a replacement cement board roof and insulation.

Tue: Very heavy rain in the afternoon caused a leak in Nid's house. Move the bed and a lot of other stuff, nothing seriously damaged.

Mon: Work around the house, buy a few tools, more wandering at the Thai Watsadu (big box building supply). P Noy's bike tires hold air, but the derailleur cable was rusted beyond repair and I can't get the handgrip shifter apart to detach the wire. New tube fixed Nid's folding bike just fine.

Sun: Visit building supply places looking for insulation, rigid foam does not seem to be available anywhere in Thailand. Look up bubble/foil, find it very over-marketed. Traffic ridiculous near big stores b/c everyone got paid at month's end. Fix Nid's screens, the kitchen sink drain, other stuff.

Sat 7/1: Hang around the house in Saraburi rebuilding my energy, doing minor chores.

Thu 6/29: Chores, packing, then J took me to the bus to Logan. Flight not comfortable, I should have put on the sweatshirt before trying to sleep. Was totally at the bottom of my blood sugar barrel when I got to Bangkok, should have been more explicit with Nid about needing fruit - she got 1 banana...

First Black Raspberries just ripe, blueberries getting near, mulberries well along. I think I've killed enough of the caterpillars that I'll have an apple crop, but I've also gotten a couple of their spines embedded in my fingertips. Gloves from now on.

Middle Eastern food?

Jul. 20th, 2017 05:51 pm
cos: (Default)
[personal profile] cos posting in [community profile] davis_square
We were in Davis Square a couple of evenings ago when someone said they wanted Middle Eastern food. Other than Amsterdam Falafel, I couldn't think of anywhere right there. I know Sabur in Teele Sq, which is kind of Middle Eastern (and pretty fancy). Googling around didn't turn up anything else in Davis Square, though I found a Lebanese place on Mass Ave nearby which I don't remember trying. Anyone know of any Middle Eastern food in Davis Square, or others a short walk away that you like?
siderea: (Default)
[personal profile] siderea
Can somebody update me on the present legal status in the US of graphical user interfaces as intellectual property? Am I correct in believing they can't be patented (though the code can be copyrighted)?

What I really want to know: Can I rip off GVoice's old/retired web interface legally? Or more accurately, can I pay somebody else to do it for me with reasonable ability to assure them they won't go to jail or get sued into oblivion for doing it?

To be clear, there are some nifty functional subtleties I'd want to make off with, which I wouldn't even want to bother pretending I came up with on my own. For instance, there's some interesting algorithm for how texts are batched into threads which I haven't entirely reversed engineered, but make a huge difference in readability.

Wood Pidgeon, York

Jul. 20th, 2017 11:43 am
highlyeccentric: A seagull lifting into flight, skimming the cascade (Castle Hill, Nice) (Seagull)
[personal profile] highlyeccentric posting in [community profile] common_nature
I get the impression these are perfectly normal birds in the UK, but they're quite a novelty to me. Those fancy collars! There were three in the yard of the pub we stayed in, but they wouldn't sit still to be photographed. Here's one from the walk into town:

Tawny owl

Jul. 20th, 2017 08:50 am
nanila: wrong side of the mirror (me: wrong side of the mirror)
[personal profile] nanila posting in [community profile] common_nature
Short-eared owl
[Grainy photo of a short-eared tawny owl sitting on a lawn]

I know this isn't the greatest photo of all time. In my defense, I did take it from behind a dusty windowpane in an upstairs bedroom where I was crouched breathlessly lest I frighten it off.

There've long been barn owls living at my partner's parents' home in rural Norfolk, but I'd never seen any other type of owl there. I was surprised, therefore, to see this tawny owl (h/t to [personal profile] shapinglight for corrected identification) sitting on their lawn at dusk a couple of weeks ago. I worked out that it was watching a group of four partridges who were pecking through the pebbles in the drive, closer to the house. They seemed a rather optimistic target, given that the owl wasn't much bigger than they were.

The owl flew off and returned to the lawn several times whilst I watched, but never made a move on the partridges, who eventually moved onto the roof of the house and over to the other side.
desireearmfeldt: (Default)
[personal profile] desireearmfeldt posting in [community profile] davis_square
Anyone else getting constant flyovers most days and (more annoying) 2-4 large, low, LOUD flyovers between 10:45 pm and midnight every night?

City of Somerville advises you to call Massport and also 311 to report your complaint: http://www.somervillema.gov/departments/programs/reporting-airplane-noise

Massport politely took my complaint and promised me a written report.  311 said "people should totally call us about issues, no one ever calls us!", politely took my complaint, and said that various elected officials (including Rosetti, Capuano and some third person I'm forgetting, possibly the mayor) have been trying to get this mitigated, but not necessarily to much effect.

Pigeon!

Jul. 18th, 2017 08:16 pm
rydra_wong: a woman wearing a bird mask balances on her arms in bakasana (yoga -- crow pose)
[personal profile] rydra_wong posting in [community profile] common_nature
I had to check the comm profile to try to decide if this was legit, as this was clearly not a wild pigeon; it was obviously someone's sleek, well-fed and well-cared-for homing/racing pigeon.

However, it was definitely "unsupervised", as it was hanging out at a gritstone crag eating bilberries and watching the climbers.

It wouldn't quite let people touch it, but was otherwise very comfortable with humans and happy to let you get very close.

I took a lot of photos of it trying to get a shot of the tags on its legs, as I was worried it was someone's beloved pet and lost. But when I got home, I found out that the "report a found pigeon" websites (they exist, naturally) say in rather weary tones not to even bother unless the pigeon's been around for at least 48 hours; apparently they like to take pit stops.

Pigeon with beautiful iridescent neck

Cut for more pigeon )
[personal profile] mjg59
In measured boot, each component of the boot process is "measured" (ie, hashed and that hash recorded) in a register in the Trusted Platform Module (TPM) build into the system. The TPM has several different registers (Platform Configuration Registers, or PCRs) which are typically used for different purposes - for instance, PCR0 contains measurements of various system firmware components, PCR2 contains any option ROMs, PCR4 contains information about the partition table and the bootloader. The allocation of these is defined by the PC Client working group of the Trusted Computing Group. However, once the boot loader takes over, we're outside the spec[1].

One important thing to note here is that the TPM doesn't actually have any ability to directly interfere with the boot process. If you try to boot modified code on a system, the TPM will contain different measurements but boot will still succeed. What the TPM can do is refuse to hand over secrets unless the measurements are correct. This allows for configurations where your disk encryption key can be stored in the TPM and then handed over automatically if the measurements are unaltered. If anybody interferes with your boot process then the measurements will be different, the TPM will refuse to hand over the key, your disk will remain encrypted and whoever's trying to compromise your machine will be sad.

The problem here is that a lot of things can affect the measurements. Upgrading your bootloader or kernel will do so. At that point if you reboot your disk fails to unlock and you become unhappy. To get around this your update system needs to notice that a new component is about to be installed, generate the new expected hashes and re-seal the secret to the TPM using the new hashes. If there are several different points in the update where this can happen, this can quite easily go wrong. And if it goes wrong, you're back to being unhappy.

Is there a way to improve this? Surprisingly, the answer is "yes" and the people to thank are Microsoft. Appendix A of a basically entirely unrelated spec defines a mechanism for storing the UEFI Secure Boot policy and used keys in PCR 7 of the TPM. The idea here is that you trust your OS vendor (since otherwise they could just backdoor your system anyway), so anything signed by your OS vendor is acceptable. If someone tries to boot something signed by a different vendor then PCR 7 will be different. If someone disables secure boot, PCR 7 will be different. If you upgrade your bootloader or kernel, PCR 7 will be the same. This simplifies things significantly.

I've put together a (not well-tested) patchset for Shim that adds support for including Shim's measurements in PCR 7. In conjunction with appropriate firmware, it should then be straightforward to seal secrets to PCR 7 and not worry about things breaking over system updates. This makes tying things like disk encryption keys to the TPM much more reasonable.

However, there's still one pretty major problem, which is that the initramfs (ie, the component responsible for setting up the disk encryption in the first place) isn't signed and isn't included in PCR 7[2]. An attacker can simply modify it to stash any TPM-backed secrets or mount the encrypted filesystem and then drop to a root prompt. This, uh, reduces the utility of the entire exercise.

The simplest solution to this that I've come up with depends on how Linux implements initramfs files. In its simplest form, an initramfs is just a cpio archive. In its slightly more complicated form, it's a compressed cpio archive. And in its peak form of evolution, it's a series of compressed cpio archives concatenated together. As the kernel reads each one in turn, it extracts it over the previous ones. That means that any files in the final archive will overwrite files of the same name in previous archives.

My proposal is to generate a small initramfs whose sole job is to get secrets from the TPM and stash them in the kernel keyring, and then measure an additional value into PCR 7 in order to ensure that the secrets can't be obtained again. Later disk encryption setup will then be able to set up dm-crypt using the secret already stored within the kernel. This small initramfs will be built into the signed kernel image, and the bootloader will be responsible for appending it to the end of any user-provided initramfs. This means that the TPM will only grant access to the secrets while trustworthy code is running - once the secret is in the kernel it will only be available for in-kernel use, and once PCR 7 has been modified the TPM won't give it to anyone else. A similar approach for some kernel command-line arguments (the kernel, module-init-tools and systemd all interpret the kernel command line left-to-right, with later arguments overriding earlier ones) would make it possible to ensure that certain kernel configuration options (such as the iommu) weren't overridable by an attacker.

There's obviously a few things that have to be done here (standardise how to embed such an initramfs in the kernel image, ensure that luks knows how to use the kernel keyring, teach all relevant bootloaders how to handle these images), but overall this should make it practical to use PCR 7 as a mechanism for supporting TPM-backed disk encryption secrets on Linux without introducing a hug support burden in the process.

[1] The patchset I've posted to add measured boot support to Grub use PCRs 8 and 9 to measure various components during the boot process, but other bootloaders may have different policies.

[2] This is because most Linux systems generate the initramfs locally rather than shipping it pre-built. It may also get rebuilt on various userspace updates, even if the kernel hasn't changed. Including it in PCR 7 would entirely break the fragility guarantees and defeat the point of all of this.

[tech, domesticity] Oy, Verizon

Jul. 17th, 2017 06:28 pm
siderea: (Default)
[personal profile] siderea
The one logistical thing that has not gone swimmingly with D's move to assisted living has been moving her landline.

The extent to which Verizon has screwed this up has been epic. [personal profile] tn3270 referred to it as a Russian novel.

Penultimately, I had a conversation with billing that went approximately thus:
Billing: Hello, Verizon Billing, this is [NAME]. How can I help you today?

Me: You can waive this month's bill because Verizon has screwed up two move orders so far, and the 90 year old account holder hasn't had access to her phone line for five days and counting. It's still not on at her new place, but I understand there's an expedited technician order for today. But who knows? You're the seventh Verizon employee I've talked to so far, and I've been told a variety of wrong and contradictory things every step of the way. This has been the worst corporate fiasco I've been involved with in years.

Billing: ...yes, we will totally credit the account for the month.

I had originally thought that we might have trouble because Verizon had security and stuff, and I wasn't the account holder (D) and I wasn't the contact on the account ([personal profile] tn3270). But no. I text chatted with Verizon in advance of putting in the order (CSR #1), and they told me what authentication tokens I needed to authorize the move order, I got them, and they worked fine when I put the order in.

No, everything went to hell apparently due to galloping incompetence on Verizon's (staff's) part(s).

Initially, I was told we didn't need a technician to come out for the line move, unless we wanted help plugging the phone into the wall; they could do it on their end. For the record, this is a good ol' fashioned POTS line, and moving within the same town. Fine. Once we'd nailed down the move date and booked movers – June 30th, to be precise – I got back in touch – btw, I was using the Verizon website realtime customer service chat, because I couldn't find a damn customer service phone number. It's 1800VERIZON, btw. So I fired up the chat thingy, and talked to a customer serv rep (CSR#2), who said they'd be happy to do the move order for me. Somewhere in the middle of the process, he apologized to me and said that the system was saying that a technician is required for that address; that there were no available technicians on the move in date, but could do the day after (7/13) between 1pm and 5pm, and it wouldn't cost anything to have the technician. I said to make it so, so he put the move order in. I asked him to confirm the service and he quotes me a price that I later find out is almost twice D's usual bill. I ask him whether he needs the account contact there to meet the technician, and he doesn't know, so he transfers me to another cust serv rep (CSR#3), who says, no, any adult who can let the tech in is fine, and who confirms the order is all complete, and (he specifically said this) the previous CSR did everything necessary.

Subsequently, [personal profile] tn3270 got a phone call from Verizon confirming the incipient move.

On Thursday, 7/13, 6pm no Verizon tech, and D's landline still has no dial tone at the new place, and is still working at her old place.

I am working until 9pm, so when I get home around 10pm, I get back on the text chat, and ask what happened. I'm informed they can find no move order on the account. The cust serv rep (CSR#4) asks if I have an ID number for the move order, and I don't have one. But they're happy to submit a new move order. Grrrrr. I say, yes, do it. After a long pause, the cust serv rep apologizes and says they can't do the move. Because it's a landline. The text-chat customer serv reps can't do landline moves. For that you have to call in. 8:00 AM and 9:00 PM EST Monday through Friday or 9:00AM to 5:00PM on Saturday. Also, he tells me, I might need to present paperwork in person at a local Verizon office.

It's after 10pm on Thursday, so I have to wait until the phone is staffed again. Why they can have 24/7 text chat CSRs but not 24/7 phone CSRs, I don't know.

Other stuff comes up, that has priority Friday, so I don't get to call Verizon until Saturday, 7/15. The rep I speak to (CSR#5) tells me she sees no record of the move order for Thursday, but she can totally put in a move order for right now immediately. I say the guy I talked to on Thursday said I needed a technician and special documentation; she said she had no idea what he was on about, no technician was needed, and no, they didn't need any special documentation. She said it would be done by "5 today, though maybe really more like by midnight". I make her give me the order number for this move order.

Sunday, 7/16, still no dialtone at her new place, dialtone at the old place. Verizon is closed for phone calls.

Today, Monday, 7/17, I call Verizon and ask WTELF. The CSR (CSR#6) calls up the account and says, "Oh, I see you had a move order for last Thursday." "WAIT. WUT. You can see that order? I was told you guys had no record of that order!" I make him read me the order number; so now I have the order numbers for both move orders that failed to happen. He then apologizes on Verizon's behalf and tells me they over-booked technicians, and that is why no technician came out. "BUT, BUT, WAIT. NOBODY EVER CALLED OR EMAILED. I WAS TOLD THERE WAS NO ORDER. THE LAST PERSON TOLD ME WE DIDN'T NEED A TECHNICIAN AT ALL." The CSR apologized again, and said he'd put the order in, and expedite it, and a technician would be by today.

Then I explained that I wanted the bill credited, and he referred me to billing (CSR#7), who both credited the bill ([personal profile] tn3270 has already got the confirmation email) and confirmed her service level and price, contra CSR#2.

Miraculously, a Verizon technician actually showed up at the assisted living facility today. He did a bunch of stuff, including something in the network closet and sticking some sort of probe in her wall socket, and assured us everything in the building is all set.

She still doesn't have dialtone, though; the technician confidently told [personal profile] tn3270 that the problem was on the pole outside. They'll have a lineman deal with that tomorrow (Tuesday, 7/18).

Next up, contacting the Mass DTC to see about filing an official complaint.

Insect Season

Jul. 17th, 2017 10:43 am
redsixwing: Two water lily leaves with smaller plants between (stems)
[personal profile] redsixwing posting in [community profile] common_nature
Cattails and water skippers in a local ditch.

skippers and cattails

A very vivid ladybug on a maple tree.

ladybug on maple

(no subject)

Jul. 17th, 2017 11:06 am
gender_euphoric: (Default)
[personal profile] gender_euphoric posting in [community profile] imzy
HEY THANKS TO wolfpurplemoon

imzy.jpg

these had a long voyage to get to me!!!! I love everything!

Profile

timmc: (Default)
timmc

June 2017

S M T W T F S
    1 23
45678910
11121314151617
18192021222324
252627282930 

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 26th, 2017 10:34 am
Powered by Dreamwidth Studios