holy moly #39c3 thanks for a fantastic first day!!
39c3
Federating knowledge: exploring ways to bridge wikis and notes
Join the workshop at #39C3!
NEW DATE: day 4, TODAY at 13:40 @ Free Knowledge Habitat Workshop Area.
Most people and organisations have their very own way of acquiring, organising, archiving, sharing, and collaborating on knowledge repositories. A broad spectrum of opinions and approaches resulted in a diverse and rich ecosystem of knowledge management solutions. Nevertheless, this also implies scattered and disconnected knowledge sources. What would it mean to build bridges among wikis and federate knowledge?
This workshop is going to be heavily centred on a twofold discussion, exploring the challenge of federated knowledge starting from two questions.
What does it mean to federate knowledge repositories?
Instead of pursuing a silver-bullet solution to embrace all use-cases, what would it mean to foster and enable interoperability for different software?
These questions stem from years of questioning and wondering how to integrate my personal note-taking and collective, participatory knowledge management at work, in organisations, institutions, and informal collectives. Recently, I began actively researching this topic as I started playing with the MediaWiki API to cross-synchronise my local Markdown notes and the XPUB wiki, the public learning wiki of the Experimental Publishing master. I am puzzled by taking advantage of the potential of a specific software (in this case, MediaWiki) while fearing of being locked-in.
Some further, more specific, insights and questions:
Local-first approaches and software (e.g. Reflection)
Interesting experiments based on existing protocols, such as Ibis
What do we take of semi-open and obscure yet very cool initiatives like Anytype
The power and the limits of plain-text: how to enable collaboration on simple Markdown files and build on top of it, as @Obsidian does
Cc: @modal @p2panda @obsidian @wikimediaDE @dweb
#knowledge #FreeKnowledge #wiki #MediaWiki #API #Obsidian #Anytype #Ibis #IbisWiki #Reflection #CCC #Federation #federatedKnowledge #docs #PKM #knowledgeManagement #personalKnowledgeManagement #collectiveKnowledgeManagement #DWeb #decentralization #ActivityPub
Edited 34d ago
I've been going through (slowly) watching some of the 39c3 proceedings.
Though I am still a far cry from a Rustacean @bunnie and @Xobs's talk on Xous was kind of neat https://media.ccc.de/v/39c3-xous-a-pure-rust-rethink-of-the-embedded-operating-system I'm looking forward to the RISC-V hardware mentioned (due out later this year via Crowd Supply apparently) and the idea of "piggy backing" on someone else's tape out was fascinating!
I'm biased, but I don't think MMUs are the panacea others seem to imagine they are. It's probably the decades of folks circumventing MMU oriented protections (whether Maximilian Dornseif's "Owned by an iPod" research circa 2004, or more recent ioMMU protection exploits such as Thunderspy) or the folks who think the Commodore Amiga failed, because it didn't have MMUs, even though: Amiga 3000s and 4000s, did have MMUs, and the Amiga 3000UX (running what was arguably one of the most obscure versions of UNIX to ever ship commercially ever) supposedly "took advantage" of such things. Make no mistake: the Amiga failed because Commodore had awful management. The hardware and engineering and even the software were brilliant. IMHO, Amiga Workbench set a high water mark that the industry has still failed to catch up to in the ensuing decades. MMUs, were not the reason Commodore declared bankruptcy.
Having written as much, will Xous' Rust driven MMU centric design, help with its popularity? I dunno, it seems as if it's interesting for other reasons to me at least.
The FreeBSD jails presentation (https://media.ccc.de/v/39c3-escaping-containment-a-security-analysis-of-freebsd-jails) was also interesting, not just because some 40+ odd vulnerabilities were found, but also: one of the vulnerabilities found in NFS? Was fixed in OpenBSD in 2019!
I also ended up watching stein's 36c3 presentation on OpenBSD (https://media.ccc.de/v/36c3-10519-a_systematic_evaluation_of_openbsd_s_mitigations) which kind of felt like how a teacher gives bad marks, start with some praise, then work in the corrections, but I couldn't help but feel as if the presenter (and the associated website) leans a bit too hard into the PaX detraction mindset. It makes sense from an adversarial perspective, which I would expect from an immature exploit dev; but it fails to empathize with the grimmer realities and bigger negatives of limited resources such as developer time and focus, which is endemic to what passes for "hacker" culture these days. Too much focus on attacks and defense, too little acknowledgement of the bigger realities of existence and that there are so many hours in the day. Most seasoned martial artists in older age, focus more on meditation and gentler dynamics, than competitive carnage; similar dealio IMHO. Felt, sophomoric.
The Pink Power Ranger presentation pwn1ng some white supremacist dating site (https://media.ccc.de/v/36c3-10519-a_systematic_evaluation_of_openbsd_s_mitigations) was absolute lulz on a number of levels.
The PS5 "jailbreak" talk related to beat saber stuff (https://media.ccc.de/v/39c3-opening-pamdora-s-box-and-unleashing-a-thousand-paths-on-the-journey-to-play-beatsaber-custom-songs), seemed very over hyped in the media relative to what was actually contained in the talk; though I found it fascinating that apparently lots of folks caught wind of the presentation and apparently dropped their sploits in hopes that they might get the jump on the presentation findings? I wonder if that methodology could be a way to entice similar leaks, intentionally? Such a strange day and age we find ourselves in as that is really not the kind of incentive structure that IMHO, is good. I am still of the mindset that bug bounty programs, were a mistake and have only made the field, more like a mine field and it was already bad enough beforehand.
Real defense, is so much harder than most seem to comprehend. It is much much easier to destroy than it is to create.
Anyway, I doubt I'll ever get around to catching up on everything that was presented, but those are some thoughts on some of what I have viewed at the moment.
#39c3
Though I am still a far cry from a Rustacean @bunnie and @Xobs's talk on Xous was kind of neat https://media.ccc.de/v/39c3-xous-a-pure-rust-rethink-of-the-embedded-operating-system I'm looking forward to the RISC-V hardware mentioned (due out later this year via Crowd Supply apparently) and the idea of "piggy backing" on someone else's tape out was fascinating!
I'm biased, but I don't think MMUs are the panacea others seem to imagine they are. It's probably the decades of folks circumventing MMU oriented protections (whether Maximilian Dornseif's "Owned by an iPod" research circa 2004, or more recent ioMMU protection exploits such as Thunderspy) or the folks who think the Commodore Amiga failed, because it didn't have MMUs, even though: Amiga 3000s and 4000s, did have MMUs, and the Amiga 3000UX (running what was arguably one of the most obscure versions of UNIX to ever ship commercially ever) supposedly "took advantage" of such things. Make no mistake: the Amiga failed because Commodore had awful management. The hardware and engineering and even the software were brilliant. IMHO, Amiga Workbench set a high water mark that the industry has still failed to catch up to in the ensuing decades. MMUs, were not the reason Commodore declared bankruptcy.
Having written as much, will Xous' Rust driven MMU centric design, help with its popularity? I dunno, it seems as if it's interesting for other reasons to me at least.
The FreeBSD jails presentation (https://media.ccc.de/v/39c3-escaping-containment-a-security-analysis-of-freebsd-jails) was also interesting, not just because some 40+ odd vulnerabilities were found, but also: one of the vulnerabilities found in NFS? Was fixed in OpenBSD in 2019!
I also ended up watching stein's 36c3 presentation on OpenBSD (https://media.ccc.de/v/36c3-10519-a_systematic_evaluation_of_openbsd_s_mitigations) which kind of felt like how a teacher gives bad marks, start with some praise, then work in the corrections, but I couldn't help but feel as if the presenter (and the associated website) leans a bit too hard into the PaX detraction mindset. It makes sense from an adversarial perspective, which I would expect from an immature exploit dev; but it fails to empathize with the grimmer realities and bigger negatives of limited resources such as developer time and focus, which is endemic to what passes for "hacker" culture these days. Too much focus on attacks and defense, too little acknowledgement of the bigger realities of existence and that there are so many hours in the day. Most seasoned martial artists in older age, focus more on meditation and gentler dynamics, than competitive carnage; similar dealio IMHO. Felt, sophomoric.
The Pink Power Ranger presentation pwn1ng some white supremacist dating site (https://media.ccc.de/v/36c3-10519-a_systematic_evaluation_of_openbsd_s_mitigations) was absolute lulz on a number of levels.
The PS5 "jailbreak" talk related to beat saber stuff (https://media.ccc.de/v/39c3-opening-pamdora-s-box-and-unleashing-a-thousand-paths-on-the-journey-to-play-beatsaber-custom-songs), seemed very over hyped in the media relative to what was actually contained in the talk; though I found it fascinating that apparently lots of folks caught wind of the presentation and apparently dropped their sploits in hopes that they might get the jump on the presentation findings? I wonder if that methodology could be a way to entice similar leaks, intentionally? Such a strange day and age we find ourselves in as that is really not the kind of incentive structure that IMHO, is good. I am still of the mindset that bug bounty programs, were a mistake and have only made the field, more like a mine field and it was already bad enough beforehand.
Real defense, is so much harder than most seem to comprehend. It is much much easier to destroy than it is to create.
Anyway, I doubt I'll ever get around to catching up on everything that was presented, but those are some thoughts on some of what I have viewed at the moment.
#39c3
Edited 20d ago
In case anyone wants to find me at #39C3, I am mostly hanging around the Hakkavélin assembly. But also roaming a lot.
DECT 63686.
🚀
Edited 37d ago
Winterrail 2025/26
And so it starts! Since yesterday and until January 4th I will be travelling around Europe exclusively by train, carrying with me my lovely foldable bike.
Stops:
Paris (at @mario’s 💕), but also having lovely conversations with @giovannicerboni
Barcelona (for the yearly gathering of the youth movements in @bancaetica Italy and Spain)
Marseille, because going straight back to Italy was a bit too much in one go, so I will just hand out and chill.
Sanremo, to spend Christmas with my family (even though on 21-22 December we will be doing a full-immersion planning with the staff of @scambi)
Hamburg, for #39C3 😍
Berlin, for New Year’s Eve with @dario 💜
Back to Rotterdam to start XPUB’s Special Issue 29 yeeeaaaah
I will be (trying to) keep this page and this thread updated with what’s happening.
Edited 50d ago
Topics I like to talk about are: growing food (annual, perennial + from seed), gardening, foraging + preserving food, sourdough, solar punk as a life style + low-tech diy automation, woodworking, self sufficiency, permaculture, climate action, hands-on antifascism as a queer neurodivergent woman in Brandenburg + building alternative, inclusive, resilient communities.
If you want to meet me here to chat, exchange knowledge or experiences, ping me!