Used for these attacks, dunno, used for some attacks, yes. (But CF still remains a much less frequent nuisance than pretty much any other infrastructure provider.)

I really appreciated everything you did for young students in science and your position on the role of computers in schools. You're a brilliant human and a good human. It's a treat to see both in the same package.

I was replying to the "used in active criminal investigations" part. Yes, the ALPR data managed by Flock is sometimes used in active criminal investigations. However, it's also used for many other things.

The many other things that it's used for supports ~jedberg's argument.

It's a bit like saying pornography is used in the study of human anatomy.

The fact of the matter is that Flock is playing two-step with the concept of "ownership" of data. They disclaim ownership as a way to leave local agencies holding the bag for liabilities, but they fight tenaciously to retain complete and unfettered access to that data.

(After organizing a community group that won Flock contract cancellations in multiple jurisdictions in Oregon, I went on to coauthor state legislation regulating ALPRs. I am very well familiar with all the dirty ball they play.)

Also, Flock's cameras collect more data than is provided to police agencies. Who owns that data, I wonder?

I'm not (just) being glib. That earlier article displays some introspection and thoughtful consideration of an old debate. The writing style is clearly personal, human.

Today's post is not so much. It has LLM fingerprints on it. It's longer, there are more words. But it doesn't strike me as having the same thoughtful consideration in it. I would venture to guess that the author tried to come up with some new angles on the news of the Claude Code leak, because it's a hot topic, and jotted some notes, and then let an LLM flesh it out.

Writing styles of course change over time, but looking at these two posts side by side, the difference is stark.

That and ProxyJump both also require the container-host to negotiate ssh connections, which is... fine, I guess? But the port knocking approach means that the only thing the container-host is doing is port forwarding, which gives it like half an extra point in my calculus.

I have an architecture with a single IP hosting multiple LXC containers. I wanted users to be able to ssh into their containers as you would for any other environment. There's an option in sshd that allows you to run a script during a connection request so you can almost juggle connections according to the username -- if I remember right, it's been several years since I tried that -- but it's terribly fragile and tends to not pass TTYs properly and basically everything hates it.

But, set up knockd, and then generate a random knock sequence for each individual user and automatically update your knockd config with that, and each knock sequence then (temporarily) adds a nat rule that connects the user to their destination container.

When adding ssh users, I also provide them with a client config file that includes the ProxyCommand incantation that makes it work on their end.

Been using this for a few years and no problems so far.

-14 materialized, Prozanski called for a vote on -12, Senator Braodman voted with Republicans against -12, and then they unanimously voted in -14: https://olis.oregonlegislature.gov/liz/2026R1/Downloads/Prop...

The sole difference between the two is that -14 removes the following language: "'End-to-end encryption’ means a method of data encryption that ensures only the law enforcement agency that owns the captured license plate data possesses the capability to decrypt, access or grant access to the captured license plate data."

This was just the latest move in a long, long series of behind-the-scenes work by Axon to undermine the entire bill throughout its development.

There's a lot more I'm eager to say about that process, but we have some work to do before it all can be made public.

But also, having just been through this process (for my first time!): however terrible you think the political process is, it's worse.

Also, your Reps do read your correspondence, and there's a critical moment coming up in this bill.

Drop me a line at contact@eyesoffeugene.org and I'll reply with a Signal link and we can talk more.

I worked most closely with Senator Floyd Prozanski. He's my local senator, and was in many ways an ideal fit for this. After we successfully kicked Flock out of Eugene, Springfield, and Lane County, he reached out to form a legislative workgroup. Over a few months of effort, we developed SB1516: https://olis.oregonlegislature.gov/liz/2026R1/Measures/Overv...

Depending on where you fall on the spectrum of opinions on ALPRs, this is either a sort of okay bill or a pretty terrible bill.

Axon interfered heavily with that process and -- after the legislative workgroup had well concluded and just a couple of hours before the Senate committee was to vote on it -- managed to neuter one of the key protections in the bill.

Axon is not "better" than Flock, they are just slightly less transparent about some aspects and slightly less radioactive.

Community groups that have formed and activated against Flock should continue to harass local governments that immediately switch to Axon as a replacement.

If you're a tech worker and you still have a job and you think AI is pretty cool and you don't follow news very closely, things seem okay...ish. You are maybe dimly aware of some social problems, but they're all somebody else's problems.

If you're one of the many many thousands of people who have been abducted by federalized lunatics, or you have a child or family member in one of our concentration camps, things seem urgently and unimaginably bad.

If you're politically involved, things seem tenuous, at best. You likely know someone who either feels justifiably terrified by what's going on, or someone whose life has been seriously impacted by it.

I've spent several months successfully combating one of YC's contributions to all this mess. Tonight, federal law enforcement fired pepper rounds, flashbangs, and tear gas into a crowd of protestors who were noisy -- not violent, not even causing property damage, just noisy. One of the officers aimed the tear gas weapon directly at a protestor's head and caused a serious head injury (the kind that causes convulsions and foaming at the mouth after impact). And, they'll get away with that.

The local police department was flying half a dozen drones directly over this, but they are only there to surveil and look for an excuse to put on riot gear.

There were an assortment of reporters there, but most of them have editors or owners that won't run much of a story about any of it. A few politicians showed up, but they made a short speech and then left immediately. The building where this all happened is in a city center, so, just a block away, life and traffic continues as normal and most people are entirely unaware.

So that's also why nobody's really been making an organized 2A effort either. For most people, this isn't "real", in the sense that it isn't something they're experiencing, and for those that are experiencing it, they're trying to walk a tightrope that resists the current administration without spiraling into a widespread civil war.

I'm also spinning up a new team that will be able to more actively help people get efforts started (or keep them going). Their first meeting is coming up this week too.

The extent to which Flock manipulates police departments is really incredible. Here's a fun little factoid: Lexipol is a company which sells various pre-written policies to police departments, including an ALPR policy; Lexipol is also a parent company of Police1, which helps police departments find public grant money to purchase Flock subscriptions, and Flock in turn is heavily featured on Police1.

So, if you're a police department, you go to Police1 (Lexipol) for news and product info, they pitch you on Flock, you fill out a form, you sign a contract, and then later you need an actual ALPR policy for your department, and Lexipol sells you that, too. The policy of course is extremely friendly towards vendors like Flock.

Flock exerts a lot of influence with the police departments that subscribe to their platform. We've repeatedly had to respond to the same talking points from PDs (and some city officials) that are very clearly getting all of their info from Flock, and in some cases coached by them.

And YCombinator startup Flock Safety is extremely misleading in many of their product, service, and business statements.

I helped someone else earlier today with an unstable Linux laptop, it turned out there was an amd/gpu/drm issue that was crashing Wayland in the background.

My first bet would be that you've got something similar going on -- a hardware or device driver problem. You've crawled through journalctl and the like, I assume?

In the Trek universe, LCARS wasn't getting continuous UI updates because they would have advanced, culturally, to a point where they recognized that continuous UI updates are frustrating for users. They would have invested the time and research effort required to better understand the right kind of interface for the given devices, and then... just built that. And, sure, it probably would get updates from time to time, but nothing like the way we do things now.

Because the way we do things now is immature. It's driven often by individual developers' needs to leave their fingerprints on something, to be able to say, "this project is now MY project", to be able to use it as a portfolio item that helps them get a bigger paycheck in the future.

Likewise, Geordi was regularly shown to be making constant improvements to the ship's systems. If I remember right, some of his designs were picked up by Starfleet and integrated into other ships. He took risks, too, like experimental propulsion upgrades. But, each time, it was an upgrade in service of better meeting some present or future mission objective. Geordi might have rewritten some software modules in whatever counted as a "language" in that universe at some point, but if he had done so, he would have done extensive testing and tried very hard to do it in a way that wouldn't've disrupted ship operations, and he would only do so if it gained some kind of improvement that directly impacted the success or safety of the whole ship.

Really cool technology is a key component of the Trek universe, but Trek isn't about technology. It's about people. Technology is just a thing that's in the background, and, sometimes, becomes a part of the story -- when it impacts some people in the story.

Been daily driving desktop Debian for dang-near a decade now (heh). I've also maintained a gradually-evolving app hosting service for clients for even longer, covering all kinds of stuff. Current architecture includes LXC and nginx. And, I've got BSD experience too.

Job market sucks for me too.