Weekly Thing 282 / Decentralized, Blobs, Rewards
Weekly Thing 282 with thirteen links and eight journal entries between Mar 29, 2024 and Apr 5, 2024. Sent from Minneapolis, MN.
Good morning! 👋
I haven't had a cup of coffee since Sunday morning.
Without much planning or contemplation I decided to try not having coffee (or any caffeine) for a bit. Why? The promises of better blood pressure, better sleep, lower anxiety — all sound appealing. Monday was fine. Tuesday was not good. I felt like I was in a foggy soup all day, was super tired, and had a constant headache all day. Wednesday was a repeat of Tuesday. Thursday felt like maybe I turned the corner. I felt like I woke up with more energy on Friday.
All of that from just 2 cups of coffee a day — a mere 22g of beans.
I would have said that coffee didn’t have much of an effect on me. The absence of coffee says otherwise.
We'll see. I miss the coffee ritual. In its place I put a morning workout. That is definitely a trade for the better.
Fewer links caught my attention this week. Not sure why. If there was ever an issue that my son might take more interest in it might be this one with an article about MrBeast and another about Zelda.
Have a great weekend. You're probably drinking a coffee right now. 😏
PS: The Weekly Thing Forum has been getting some more activity lately. Check it out and connect!
Railroad tracks crossing a bridge in Milwaukee.
Mar 26, 2024
Milwaukee, Wisconsin
Notable
MrBeast may never quit YouTube, but his game is changing - Polygon
MrBeast has defined what it means to be a "YouTuber" for the last few years. The strategies he tested and honed are now used by all creators on YouTube that are seeking large audiences. But how will he evolve? Where does this go? How does the growth of TikTok and short form video impact it all? Overall this is a good read to get a better understanding of the entertainment world built on YouTube.
Vision Pro is an over-engineered “devkit” // Hardware bleeds genius & audacity but software story is disheartening // What we got wrong at Oculus that Apple got right // Why Meta could finally have its Android moment – Hugo's Blog
This is a very solid take on all the components of the Apple Vision Pro from the former head of Oculus at Meta — so someone that knows this stuff very deeply. I tend to agree with the perspectives that he shares on the various aspects.
Ethereum has blobs. Where do we go from here?
Buterin with a State of Ethereum update after the successful Dencun hard fork to activate EIP-4844 and enable blobs. In the last three years Ethereum has been through a heavy change curve including proof-of-stake and now blobs. These changes have allowed Ethereum to embrace a multi-chain Ethereum ecosystem solution going forward.
What this means to developers is simple: we no longer have any excuse. Up until a couple of years ago, we were setting ourselves a low standard, building applications that were clearly not usable at scale, as long as they worked as prototypes and were reasonably decentralized. Today, we have all the tools we'll need, and indeed most of the tools we'll ever have, to build applications that are simultaneously cypherpunk and user-friendly. And so we should go out and do it.
There is a lot of work to do on end-user UX. The crypto applications of the future need to not feel different. They should work similar to things that people are already familiar with, but have a decentralized backend.
The table of "2010 v 2020 Ethereum" in this post is a great way to see what that difference looks like.
What we know about the xz Utils backdoor that almost infected the world | Ars Technica
The open source security world was rocked this week with the discovery of what appears to be a multi-year effort to introduce a backdoor into a critical service of Linux based machines. This seems to be one of the most coordinated and longest running attacks ever with activity from the suspected individual, Jia Tan, starting in 2021.
Malicious code added to xz Utils versions 5.6.0 and 5.6.1 modified the way the software functions. The backdoor manipulated sshd, the executable file used to make remote SSH connections. Anyone in possession of a predetermined encryption key could stash any code of their choice in an SSH login certificate, upload it, and execute it on the backdoored device. No one has actually seen code uploaded, so it's not known what code the attacker planned to run. In theory, the code could allow for just about anything, including stealing encryption keys or installing malware.
When I saw the time and scale of this attack I immediately thought how incredibly patient and expensive this is. Many attacks like this are done to make money, and investing three years into something is a pretty poor way to make money. It seems possible this wasn't about money at all, and perhaps was supported by other kinds of organizations.
While it was three years in the making it took about three days for the open-source community to get it out. However, the sophistication of this attack leaves a question in everyone's mind — are there others like this?
More information on the XZ library attack.
- The email from Andres Freund sharing the discovery. → oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise
- Great breakdown of the obfuscation used in the bash components of this attack. This was a great read to see how payloads were hidden. → xz/liblzma: Bash-stage Obfuscation Explained
- A timeline of this attack which is notable for the incredible duration. → Timeline of the xz open source attack
- Illustration to help show the various components of this attack, including the stages and overall timeline. → Graphic illustration of XZ Outbreak — Thomas Roccia
The Wyoming Decentralized Unincorporated Nonprofit Association Act, Section-by-Section – Preston Byrne
I continue to think that Decentralized Autonomous Organizations (DAOs) have large potential in the future to "organize collective action." I think it is limiting to call them companies or one specific form of an entity. I think more broadly thinking about "organizing collective action" feels right to me. Wyoming has been leading the way with legal recognition of DAOs, and now has taken an even bigger step with Decentralized Unincorporated Nonprofit Association Act.
… this is the first serious attempt to take blockchain organizations which mimic the functions of a corporation, but aren't corporations, and allow them to avail themselves of certain protections afforded to corporations in a crypto-native way …
there is a lot here worth reading, and it is explicit on how this can be done.
"A DUNA may provide for its governance, in whole or in part, through distributed ledger technology, including smart contracts."
Nicely done Wyoming. Signed into law on March 7, 2024! There is still a lot to figure out but this is a giant step.
Anatomy of a credit card rewards program
Thorough overview of how credit card rewards programs work, what the structures are, and some comparison information about different approaches.
The heaviest credit card spenders, and this fact is both uncontroversial and flies in the face of what many personal finance columnists believe, are wealthy and sophisticated. They use credit cards primarily as payment instruments. Issuers compete aggressively for their business, which is quite lucrative. This is not because they pay much in interest, because while they have higher headline APRs they only rarely revolve balances. It is because "clipping the ticket" via interchange on a high volume of transactions is an excellent business to be in.
Overall this will leave you a smarter consumer of credit cards.
Journal
I’ve been a fan of the IndieWeb community for years, but finally decided I should get a bit more active. I created my profile on the IndieWeb wiki, started as a backer, and signed up to host the next available IndieWeb Blog Carnival in April 2025.
My friend @Bricker is lighting up his blog timeline with a bunch of new and old blog posts. Worth adding to your feed reader or timeline of choice. 🔥
Happy Easter! We had family to Magic Pines and had a 90 Easter Egg Hunt outside looking for treats! It seems that only Mazie got the memo on dressing in brighter colors. 🐰
We saw the New Standards perform tonight at the Dakota. It was a great show and featured a number of new and newer songs. Steve Roehm was on fire on the vibraphone tonight. 🔥
I just completed all the blog posts for our Milwaukee Spring Break trip. This is the most complete job I’ve done using daily logs (1, 2, 3, 4, 5), posts for most events, and a collection page linking to all posts as well as an index of all restaurants and attractions we visited.
Today I Learned: DNS and Wildcard Records
Apr 2, 2024 at 9:11 PM
One of my favorite features of Fastmail is mail routing. I can use that to create any number of ad hoc email addresses in the format of anything@jamie.thingelstad.com. I’ve been using this feature for a while and to set it up you create a wildcard MX entry for your domain pointing to Fastmail. This way it works for all users of your domain. A couple of weeks ago these addresses stopped working though and I had no idea why.
I actually raised the issue with Fastmail support and they confirmed that there was no MX entry for jamie.thingelstad.com. They then asked if I had setup any CNAMEs or A records recently for that name. Then it hit me, I had recently created a TXT entry for jamie.thingelstad.com.
It turns out the second that there is any record of any type on a name you no longer get the benefit of the wildcard entry. I created the specific MX entries for jamie.thingelstad.com and everything started to work just as it should.
No Coffee?
Apr 2, 2024 at 9:17 PM
I’ve been wondering how much caffeine is impacting me and yesterday, without much thinking about it, I decided to stop coffee for a while to see.
Today was day two without coffee. I had already cut back to just 2 cups a day for the last couple months but I still have felt super fuzzy and tired the last two days. I had a mild headache today and just felt slow. I’m hoping that I’m over the hump now. We’ll see.
My goal is to find out what benefits I may see to my blood pressure, sleep, anxiety, and who knows what else. The first two days have been more noticeable than I would have expected. 😬
Day 4 without coffee and caffeine seemed to turn the corner. Felt a little less of a fog all day. Wasn't tired all day. No headache today. I've felt more rested waking up the last two days. 🤞
Weekly Thing Forum 🆕
Join Barry Hess, Patrick Hambek, Tom Mungavan, Peter Clark, Aleksei Drokin, and many other Weekly Thing readers in the Weekly Thing Forum. Recent topics include:
- A few thoughts on this weeks Weekly Thing
- Take Ownership Of Your Future Self
- Milwaukee
- Tron Movies
- Medovik
Briefly
Graham is a very good essayist, and his thoughts on writing essays are good for those wishing to write better. → The Best Essay
There is something here. Streaming everything is super convenient, but you own nothing and it is up to the providers what you can stream. I used to own 1,800 CDs, hundred of DVDs, and a full laserdisc collection. I still have much of it in archive. We have a record player at our cabin and that is always fun in part because it is "not streaming". 🤔 → The film fans who refuse to surrender to streaming: ‘One day you’ll barter bread for our DVDs’ | The Guardian
It was amazing how long the Mac ran on HFS. I was one of the few that got really excited when the rumor circled that they might switch to ZFS. And then Apple made their own filesystem, APFS. → Happy birthday APFS, 7 years old today – The Eclectic Light Company
Love this, and very true. → xkcd: Eclipse Coolness
Tears of the Kingdom is a great game and using all physics-driven objects is a big reason why. → How the team behind Zelda made physics feel like magic - The Verge
Bray correctly framing that Open-Source software has been hugely beneficial to all but that the XZ attach shows a clear weakness. A weakness he suggests government could help block. This is further elaborated on by Sorace. → Open Source Quality Institutes · ongoing by Tim Bray
Nice upgrade for Vision Pro. Unfortunately none of my friends have one to try this with. → Spatial Persona on Vision Pro changes the game – Six Colors
Fortune
Here is your fortune…
A few hours grace before the madness begins again.
Thank you for subscribing to the Weekly Thing!
Want to support the Weekly Thing?
First — thank you for subscribing and reading. Here are some things you can do that would be great…
- Share with others you know!
- Post about the Weekly Thing and let others know about it.
- Join the Weekly Thing Forum and connect with others.
- Email me comments, feedback, or just to say Hi!
Recent Issues
- Weekly Thing 281 / Fediverse, Odyssey, Echo Chess
- Weekly Thing 280 / Canvas, Undersea, Documents
- Weekly Thing 279 / Nushell, BlackCat, Daemons
- Weekly Thing 278 / Groq, GraphRAG, Gasless
- Weekly Thing 277 / Privacy, Scammed, OmniFocus
This work by Jamie Thingelstad is licensed under CC BY-SA 4.0.
My opinions are my own and not those of any affiliates. The content is non-malicious and ad-free, posted at my discretion. Source attribution is omitted due to potential errors. Your privacy is respected; no tracking is in place.