All Entries

1990s bootloader memories Entry created on 2026-04-17 author:steeph (372) cat:Computers (21) cat:Linux (36) cat:Operating Systems (24) lang:en (254)

When I was growing up I didn't have a menu to select which OS to boot. I had to use fdisk to change the active partition in order to switch from Unix* to DOS or back. (Or switch boot order in the BIOS when they were installed on separate HDDs. But I was rarely so lucky to be allowed on an expensive computer like that.)

When I first tried Linux I was thrilled by the fact that it came with a boot loader that would let you add other OSs. Dual-booting was so easy. Linux (developers) seemed so thoughtful, considering the possibility that you might want to use other OSs alongside it. And MS just blindly overwrote the MBR without even asking.

GRUB (legacy) was a great improvement over LiLo. But nowadays LiLo's simplicity is kind of attractive compared to the >1000 lines of GRUB 2 config that every distro ships nowadays.

Entry created on 2026-04-16 author:steeph (372) cat:Computers (21) cat:Software (53) cat:Thoughts (71) lang:en (254)

IT systems become more complex over generations. There's always something that could be made simpler by adding another abstraction layer. This can not go on indefinitely. But it will probably go on for longer than we all wish it would.

Sorry, this might be a totally stupid and banale thought. But it feels relevant right now and I don't know how to explain my point more concise. Let me know if you think I should. (Of if it's because I don't really have a point.)

When you think back about how computers were used in the 1960s, the 1970s, the 1980s, the people who used them back then really knew their systems, as it's often put. With each generation more people began using computers. So while some were still designing, improving and expanding circuits, others would work on inventing higher-level languages, operating systems. When you think a bit further, the 1990s, microcode became more complex, operating systems started to became more complex, software interfaces between applications were developed. But we still needed people who maintained OS kernels, worked on processor architectures and knew serial and parallel interfaces on a low level.

You can look at any small part of computers and will find that new abstraction layers have formed over time. E.g. Your fan speed controller. I bet you don't even know what processor it is utilising and what it's capable of. Even if you study an open source driver for it, you'll likely just see an imitation of some things a Windows driver is doing. There are probably only a handful of people in the world who really understand that tiny part of your computer.

Let's not get into networking, the internet and the complexity that was added to everything in the last couple of decades.

My point is: We will need people who understand every little thing of these hugely complex systems at least at some point. Otherwise systems will not run smoothly or reliably. In the silly little example of the fan speed controller, if that would not work with newer systems anymore for some reason, documentation would probably be good enough to find a workaround. If it would have to be replaced in future systems, that's also doable, or you can just run fans at full speed all the time. But there are so many other components (I'm mainly thinking of software) that don't just have to work reliably on their own but interact with other, evolving components.

Not every little thing can be maintained continuously with the amount of attention it deserves. Be it the often used example of a small open source software component that 90% of software somehow relies on, maintained by a single person at the risk of, well, anything that might happen to a human. Or a commercial product that's driven to make as much money as possible with next to no work hours. Or end of life of some software that still runs on millions of machines.

These are disruptions in IT that happen right now. With increasing complexity of systems, failures that have not been properly planned for will probably happen more and more often. It's not even unusual today that when a service goes down, the people responsible for keeping it up don't understand what has happened. They have to start a research into the matter; if they have the time or it's deemed important enough. Because there's a gap between the coders, who know the languages, frameworks and tools they're working with, and the system administrators, who know their OS, config, containers with other OSs, their config and somewhat the services that are running. But in between there are frameworks, huge libraries that depend on other libraries you don't even know about, cloud services you have no insight into. The code written, if it's still written by a coder at all, may be compiled into another language that's interpreted, at each layer adding Gigabytes of dependencies you have never read and can't possible stay updated on.

All of those components have bugs. The more we add, the more failures will occur. More projects will be kept hardly alive because they're still needed to delay another failure. Just as you – even as a computer enthusiast – likely don't know what physical signals are needed over your USB port to make it do what it does, people responsible for keeping a service you rely on running don't know how most of the systems work that they are keeping online.

This growing complexity can be seen in almost every field. But I think it is growing especially fast in medical science and IT. Both will have negative effects on our lives. But with medicine it is a side effect of a science that's working to improve and prolong our lives. So it might be worth it. IT does not have that noble goal.

Web Links Regarding Retro Computing Entry created on 2026-03-21 author:steeph (372) cat:Links (7) cat:Retrocomputing (1)

The Silicon Underground The Silicon Underground - Articles about PC history, mainly 80s and 90s (hardware, software and business)

Talks from the 39th Chaos Communication Congress Entry created on 2026-01-01 (edited 2026-01-09) author:steeph (372) cat:CCC (3) cat:Talks (4) lang:de (41) lang:en (254) top:Events:Chaos:Congress (2)

Yet another year is over without me having been at one of teh big Chaos events. Congress stays one of my favouruite vents. Until I'll be there in person, again, I mostly consume it over the fediverse and look forward to watching interesting and entertaining talk recordings. I don't usually do this, but this time I felt like recommending the talks I got the best out of.

Die Känguru-Rebellion: Digital Independence Day

56 min - deutsch - CCC & Community - Marc-Uwe Kling and Linus Neumann

Die meiste Zeit Unterhaltung von Mark-Uwe Kling. Er liest sein Comics über Elon Musk und Jeff Bezos auf dem Mars. Das ganze ist Publikums-Lockmittel für die Vorstellung der Idee des Digitalen Unabhängigkeitstags (DUT)/Digital Independence Day (DID). Unter dem Hashtag #DUTgemacht bzw. #DIDit sollen Interessierte von nun an an jedem ersten Sonntag im Monat den Umstieg weg von geschlossenen Plattformen, von Millardären kontrollierten Diensten und gesellschaftsschädlichen Apps und Webseiten besprechen bzw. öffentlich mit dem Erfolgreichen Verzicht angeben. Dazu gäbe es eineiges zu sagen. Vielleicht werde ich das ja noch in einem eigenen Post darüber. Es ist aus unterschiedlichen Gründen gar keine so schlechte Idee und sie wurde öffentlichkeitswirksam vorgestellt. Der DUT hat jetzt schon viele Vertreter und kann als erfolgreich eingeführt betrachtet werden. Projektwebseite: di.day

The idea of a monthly Digital Independence Day (DID) on which many people draw attention to and discuss possibilities to remove power from billionaires and their corporations by choosing to use alternatives is a good one. There's a few things to talk about here. And maybe I will in a separate post.

All my Deutschlandtickets gone: Fraud at an industrial scale

60 min - Englisch - Security - Q Misell and 551724 / maya boeckh

Entertaining story of an investigation into fake and otherwise illegitimately sold German train tickets, a stolen signing key, communication with transport companies, a QR code that is illegal to scan. Just a good and entertaining story.

Hacking washing machines

56 min - Englisch - Hardware - Severin von Wnuck-Lipinski and Hajo Noerenberg

20 year old washing machines have interesting interfaces for analising and controlling their sensors and actuators. Software for service technitions, firmware dump of a controller, finding the reason why a machine is no longer spin-drying. Newer machines have even more interfaces. Custom apps for controlling and reading them would be interesting. A good insight into those things (not a comnplete overview) based on the speaker's experiences.

Agentic ProbLLMs: Exploiting AI Computer-Use and Coding Agents

58 min - English - Security - Johann Rehberger

Demonstrating AI agent exploits, many of them surprisingly simple!

AI Agent, AI Spy

40 min - English - Ethics, Society & Politics - Udbhav Tiwari and Meredith Whittaker

In-depth introduction to the privacy-invading design and features of an OS-integrated AI agent (Microsoft Recall). This was quite interesting and reveiling to me because I have had hardly more information on it than the headlines conveyed and I have no experience with AI agents myself. The talk covers reliability, vulnerability, privacy-intruding design and functioning principle, and an appeal to the people creating agentic systems ("touch grass, press pause" and "stop reckless deployment"). I cocur with most of what's said in the talk, bt also learned some details about MS Recall. Apparently the negative hype wasn't exaggerated. This is an extraordinary bad design, made by combining bad ideas, resulting in software that antagonises the user more than anything MS has ever tried.

PRÜF

38 min - deutsch - Ethics, Society & Politics - Nico Semsrott

Nico Semsrott stellt die PRÜF-Kampagne vor. Inklusive Gemeinschaftsrituale (naja, nur Singen). Aber gute Vorstellung und Erklärung der Kampagne.

Wer liegt hier wem auf der Tasche? - Genug mit dem Bürgergeld-Fetisch. Stürmt die Paläste!

56 min - deutsch - Ethics, Society & Politics - Helena Steinhaus

Über die aktuelle Bürgergelddebatte, armenfeindliche Politik, grubndgesetzwidrige Sanktionen, Bestrafung von Schwäche. Parteiische, oft polemisch, manchmal u7nsachlich. Aber ich denke das ist erkenn-und einortenbar. Trotzdem eine intere4ssante Dartstellung einer wichtige Sichtweise und mangels sozialerer Gesetze und Politik leider notwendiger zuvilgesellschaftlicher Hilfe.

51 Ways to Spell the Image Giraffe: The Hidden Politics of Token Languages in Generative AI

38 min - English - Art & Beauty - Ting-Chun Liu and Leon-Etienne Kühr

Really interesting insight into how artificial neural neutworks convert between text tokens and images (generating images from text prompts).

CSS Clicker Training: Making games in a "styling" language

39 min - English - Art & Beauty - Lyra Rebane

I love this talk because it's about a topic I've been interested in for years without ever taking the time to learn much about it. Lyra presents examples of CSS crimes (tricks that abuse features of CSS). Using checkboxes or details elements to influence arbitrary elements on a page are relatively well known crimes and can be used to create complex GUIs that look like they are probably built with JS. But there are many more tricks that allow for surprising GUI features. Just a few examples: A card game, random choice buttons, movable "windows", a 2D grid map with Zelda style character movement, binary operator implementation. Apparently people take this to the extreme (as I could have expected) and there is a CPU implemented in CSS that executes binary code. Lots to check out if I wanted to spend time getting into this topic. Check out her blog.

Von Fuzzern zu Agenten: Entwicklung eines Cyber Reasoning Systems für die AIxCC

52 min - deutsch - Security - Mischa Meier (mmisc) and Annika Kuntze

Den hier möchte ich hier erwähnen, weil zur Zeit überwiegend die einseitige Sichtweise geteilt wird, dass KI-generierte Bug-Reports bzw. Reports über durch KI gefundene Bugs unbrauchbar und durch die extreme Zeitverschwendung schädlich für ehrenamtlich entwickelte Software ist. Dieses hauptsächlich durch die Talks einer Person verbreitete Sichtweise habe ich keine eigene Erfahrung und keinen Widerspruch entgegenzusetzen. Aber die hier präsentierte Arbeit legt nahe, dass es stark auf die Qualität der Bugsuche mit KI ankommt und darauf, wie Agenten zur Bugsuche und Fehlerquotenverringerung eingesetzt wird. (Das hat auch Daniel Stenberg mittlerweile erfahren/eingestanden.)

I Hated All The Cross-Stitch Software So I Made My Own: My Deranged Outsider Software Suite For Making Deranged Outsider Art

36 min - English - Art & Beauty - yomimono

This isn't really a topic I'm interested in getting into. I won't try cross stitching because I have enough topics I don't spend any time actually doing anything in. But I liked the talk and it was and interesting insight into the hobby that is suited for newbs and not only about the software. This is actually one of two cross stitching talks at 39c3. The other one has some interesting bits as well for somebody who doesn't really care about stitching and is well worth watching if you do.

There is NO WAY we ended up getting arrested for this (Malta edition)

54 min - Endlish - Security - mixy1, Luke Bjorn Scerri and girogio

Three students from Malta enthusiastically tell their side of their incredible story of being arrested for responsibly disclosing a vulnerability they found in a mobile app. It's a story about Maltese law, police, politics and media representation.

Live, Die, Repeat - The fight against data retention and boundless access to data

40 min. - English - Ethics, Society & Politics - Klaus Landefeld

The tiresome topic of data retention laws is one that I almost didn't want to include on this list here. But it is not only an important issue (The fight against them is not going well if we stop talking about it because it is exhausting to repeat the same points against the same kind of misinformation for generations.) but also a good (re-)intoduction and summary of the concept of data retention, it's problems and the political history of such laws.

Not an Impasse: Child Safety, Privacy, and Healing Together

45 min. - English - Ethics, Society & Politics - Kate Sim

How I'm Dreaming Now Entry created on 2025-12-17 (edited 2026-01-04) author:steeph (372) cat:Dreams (4) cat:Lucid Dreaming (12) cat:Personal (12) cat:incomplete (22)

This will probably become one of those posts here that will stay unfinished for long without getting to the point. But I'll try not to care. But if I want to be able to finish it at some point I have to start it first.

Lucid Dreaming (I'll not include a definition here. But there are different ones.) was one of the subjects I spent years intensively studying. Both by reading and by experimenting with my own dreams. Most of my experimenting was about trying out different induction techniques. My success wasn't greater than that of most people attempting to learn to dream lucidly at will. Most give up without much success. I was too interested and not blinded by exaggerated claims enough to stop after a few months. To be honest and complete, I did stop after a few months and not as much success as I wished for. But after a pause of a few years my newfound interest in the subject was greater, lasted longer and lead to a deeper dive into the literature, science and culture of lucid dreaming. I hung out in the largest German-language lucid dreaming web forum and connected chats and TeamSpeak gatherings a lot. I read every recommended book on the topic, then continued with every mentioned book, then went to find even more on my own (and then stopped because most newly published "ebooks" on the topic at the time were of very low quality). I visited meetups, started the German-language podcasst together with Zitrom.I've tested and compared a lot of dream diary software (most, actually), filled books of physical dream diaries and built my own dream diary software. I took part in a project to fix up the German-language lucid dreaming wiki, assisted in research, edited and translated texts, helped fund projects, tried assisting tech and drugs, wrote articles for several blogs in the field, and so on.

I've also looked at every published lucid dream induction technique in 2014 that I could find in German and English sources, compared and categorised them and wrote and overview about them. I've tried many of them for four to six weeks at a time and picket out some for more experiments. This is probably the part most people who take an interest in lucid dreaming are mainly interested in: How to increase the rate of lucid dreams and improve their quality? I don't necessarily have any better answers to that than others. But I have a few years of experience of and for my own.

I've always struggled to keep my mind free enough from stress to be able to accomplish much in my hobbies (or anything beside my day job) when I'm working full-time. So while I'm working full-time (I am and have been since I stopped my intense occupation with the topic of lucid dreaming) I don't have any advances over any other motivated and interested person. But I did collect some experience in some key abilities that help to increade lucid dreaming rate. When I want to remember my dreams (and am not super-stressed and distracted), I do. When I have free time and sleep in I remember my dreams if I intenmd to or not. This is a good jump start to using my dreams for insight or lucdid reaming attempts. Every now and then I gain insight in the fact that I'm dreaming without trying, even in times where I'm not interested in my dreams at all. It's just something that happens in my dreams now. It can be part of the plot of a non-lucid dream, or I realise more of the possibilities that my dreaming state opens for decisions in that moment, or I have a full lucid dream worth taking a place in one of my dream diaries. Either of those are usually fun or at least interesting.

(…)