UK 1987

I'll never forget the day in high school where some rich kid bastard tried to say unions are bad. The reason? His rich parents don't benefit from it and it costs them taxes... luckily my AP US History teacher let me speak right after to tear him down because who the fuCk says that. I'll never forgive you privileged white boy!!!! He had the gALL to act as if he had said something profound!!!

Source

KEEP UP THE UNIONIZATION EFFORTS

"As the U.S. government continues to provide Israel with both weapons and diplomatic cover — most recently, by voting against a UN resolution demanding a ceasefire, coincidentally also on December 11 — activists like DBNY see collective direct action as their best means of curbing the violence. They also describe their organizing as a direct response to solidarity requests from Palestinian labor unions urging workers around the world to halt the flow of weapons to Israel.

... Since September, DBNY has been taking the fight to Easy Aerial’s doorstep. Each week, activists with the group distribute flyers to the more than 11,000 people who work for over 450 businesses in the 300-acre complex, including art studios, food vendors and entertainment companies. The flyers in English and Spanish provide background on Easy Aerial, Crye Precision and the Brooklyn Navy Yard itself .... In addition to the weekly flyering, DBNY has organized demonstrations to coincide with the corporation’s board meetings and public events. Activists have also been directly petitioning the corporation’s executives, board members and staff, demanding they evict Easy Aerial and Crye Precision from the Brooklyn Navy Yard.

While the response from the Brooklyn Navy Yard Development Corporation to DBNY has been official silence paired with harassment from hired security — including drone surveillance — the response from workers has been 'overwhelmingly positive,' according to the activists. 'Most of them have been shocked and disgusted to learn that they work alongside war criminals.'

... Ultimately, DBNY hopes to replicate the recent successes of other activists targeting weapons manufacturers supplying the Israeli military. Boycott, Divestment, Sanctions Boston, for example, was able to force the closure of Elbit Systems’s offices in Cambridge, Massachusetts, in August, following a year of demonstrations, as reported by Cambridge Day.

According to DBNY, until the Brooklyn Navy Yard ceases to host businesses trading in 'blood money' from targeting people in Gaza and the United States alike, all New Yorkers and visitors should boycott the complex. To that end, the activists have created a petition demanding the eviction of Easy Aerial and Crye Precision, as well as pledging a boycott until that time.

'We also urge all tenants and workers to take autonomous actions at the Brooklyn Navy Yard and by joining our campaign to disrupt, strike and boycott all genocide profiteers,' said the DBNY spokesperson."

Demilitarize Brooklyn Navy Yard: IG, Linktree Resources for locating genocide profiteers near you ACT UP Civil Disobedience Guide Small Group Direct Action Advice

Meta has engaged in a “systemic and global” censorship of pro-Palestinian content since the outbreak of the Israel-Gaza war on 7 October, according to a new report from Human Rights Watch (HRW). In a scathing 51-page report, the organization documented and reviewed more than a thousand reported instances of Meta removing content and suspending or permanently banning accounts on Facebook and Instagram. The company exhibited “six key patterns of undue censorship” of content in support of Palestine and Palestinians, including the taking down of posts, stories and comments; disabling accounts; restricting users’ ability to interact with others’ posts; and “shadow banning”, where the visibility and reach of a person’s material is significantly reduced, according to HRW. Examples it cites include content originating from more than 60 countries, mostly in English, and all in “peaceful support of Palestine, expressed in diverse ways”. Even HRW’s own posts seeking examples of online censorship were flagged as spam, the report said. “Censorship of content related to Palestine on Instagram and Facebook is systemic and global [and] Meta’s inconsistent enforcement of its own policies led to the erroneous removal of content about Palestine,” the group said in the report, citing “erroneous implementation, overreliance on automated tools to moderate content, and undue government influence over content removals” as the roots of the problem.

[...]

Users of Meta’s products have documented what they say is technological bias in favor of pro-Israel content and against pro-Palestinian posts. Instagram’s translation software replaced “Palestinian” followed by the Arabic phrase “Praise be to Allah” to “Palestinian terrorists” in English. WhatsApp’s AI, when asked to generate images of Palestinian boys and girls, created cartoon children with guns, whereas its images Israeli children did not include firearms.

it's mostly memory-holed except when people want to use it to win points in arguments, but it's kind of fucking miserable to live in the cultural era where we're forever feeling the consequences of all western geek media deciding to be as racist as humanly possible about japanese games

there's also the under-discussed compounding factor of this scar, where all of this also happened around the time that USA companies were buying out the software japanese devs were using to make games, so a lot had to either learn english (its own selection process) or use increasingly outdated software, creating a software gap

you listen to japanese developers talk about having the word "japanese" anywhere near their software and there's this visceral sensation of discomfort, or in some cases, a stubborn sense of pride that is largely built in contrast to that shame

but any way you look at it, it's brutally depressing

Hi!👋, im back(again), sorry if im a little bit of an bother(english isn't my first language sorry😅), i want to have ANOTHER request of Yandere TFP ALL Autobots(poly pls🥺)with an same cybertronian s/o from my first request that is SUPER shy, easily flustered and hardly ever raises thare voice that comes out as VERY adorable whispers and thare...

🥰DROP🥰

💞DEAD💞

❤️‍🔥GORGEOUS❤️‍🔥

🥰🌌💗💜AND like my first request small scenario and headcanons💜💗🌌🥰

Hug🤗

YOU ARE NOT A BOTHER SHUT UP I LOVE YOU!!! (´▽`ʃ♡ƪ) And it's okay, english is also not my 1st language, but be patience and keep listening, reading and speaking it!! And you'll get the hang of it!

(〃￣︶￣)人(￣︶￣〃) Sending hugs too bestie!!!

(TFP) Yandere!Autobots w/ Shy Cybertronian!Reader (HCs & Scenario)

WARNING: Yandere behaviour, yandere harem, romantic relationships, overprotective and obsessive behaviour, soft kidnapping (?), typical violence from the series and a little bit more, Reader is gender neutral and in the Autobot faction. Long ass post ngl.

Don't worry guys I'm adding Ultra Magnus I ain't forgetting that fine mech again. And Cliffjumper, sorry baby I forgot you at first.

You were the little of hope the team protects dearly.

Everyone in the autobot team loved you so dearly and all of them had a little non-spoken vow: to protect and love you.

And how could they not do that? You were such a soft, spark-spoken bot, always trying to bring comfort to the others, never being too loud, supporting them and just being that light in the darkness they were in.

You arrived to earth with the original team - and if back in Cybertrone all of them were a little bit protective over you, being on a new planet it go 10 times more.

From the beginning after the autobots established on the base thanks to the human's militia and Agent Fowler, the team decided to forbid you from going on missions - you would have tried to gently speak in your defense of being able to fight alongside your friends, but after hearing the concerns of your teammates and feel as if their sparks would vanish at the mere thought of you getting hurt or... offlined by the Decepticons, it was more than enough to give in, smiling at them sweetly with a small 'I understand', deciding to become Ratchet's assitant.

All of them were so relieved - they didn't want to force you inside of one of the storages room and keep you there inside against your will. They were gonna do it to protect you! Alas, you were such a good, sweet bot that knew they were only looking after your well being! So good, so good!

The team cherishes every single little moment they have with you - every little smile, chuckle, conversation, inside-joke - anything became a dear memory within their softwares.

After Cliffjumper's death... the need to protect you grew, to the point the team started to develop such obsessive ideals about you.

Everyone's spark was clenching in pain, watching you cry your optics out while hugging Arcee, how was holding you closely and sobbing quietly, anger painted on her faceplate... she wasn't gonna let you get offlined like Cliffjumper did - no one was gonna let that happen.

You love dearly your teammates, and you know all of them love you! But... sometimes you feel like their love for you is too much. Sometimes.

Optimus Prime and Ratchet can be too overprotective, sometimes - You know they mean well, but sometimes you are mad at yourself for not telling them to chill. Optimus always remind you the promise you made to them before he leaves with the others for a mission - "to leave the base it is prohibited, even less if you don't have someone making you company." And you try to convice him, but his worried expression and your stuttering and passive behaviour always makes you close your mouth and whisper a "I'm sorry, I understand." It melts your spark at the sight of Optimus' soft, relieved smile and that forehelm gives you. And Ratchet, by Primus, he is always fretting about you - he is always checking on you even when you are on the same room, making sure you are well recharged and had your fill, always saying that "you are far more important than him" when you scold him for not having his fill of energon. You always remind him he is important too, but he is set on always prioritizing you over himself...

Your spark sinks a little at hearing Ratchet and Optimus speak quietly in the dead of the night - Ratchet was telling on detail everything you did on the day, as if it was a report. What it scares you is how precise his words and details are, it seems... obsessive, too obsessive. And Optimus thanks Ratchet for keeping you safe and sound, promising to keep fighting for a better world so all of the team and you could live happily back at Cybertrone... and you swear you felt Optimus' optics on you as you tried to recharge on your own berth, or heard Ratchet whisper sweet nothings to you as you recharged, too.

Bulkhead, Wheeljack and Ultra Magnus have silently vowed to be your guardians, your own personal wrecker-guards. Wheeljack is constatly flirting with you, as Bulkhead is the shy type to quietly give you small gifts like a small flower or pretty rock. Ultra Magnus always gives you praises and words full of - all three of them always get to make you blush. But lately, Wheeljack's flirting has become too... intense in your opinion. Bulkhead seems always too anxious whenever he gives you a small gift, fearing you are going to reject it. And Ultra Magnus seems to make his praise become worshipping, as if you were like Primus itself. You've also have started to notice how the three of them seem to always aim to get your favor, any kind of positive reaction - an approval from you, as if you were the one to have the last word and decision, like a god does. Wheeljack wishes for a flirt back, Bulkhead wishes for an approval, Ultra Magnus wishes your benevolence.

Bumblebee and Smokescreen can't never get enough of your affection and attention - like two young puppies. They also always try to have any kind of physical contact with you, which nearly always translates into hugs or servos holding. And these two are an intensified version of the three wreckers - Bee constantly seems to look after your approval, your words of affirmation and gentle praise. Smokescreen either flirts with you non-stop or spills too many worshipping praises like he did when he got to meet Optimus. But what makes them different is that they verbalize their protective promises. The two of them have said they are not afraid of ending any decepticon for the sake of keeping you safe and sound, to give you the Cybertrone you deserve so you can live happily and surrounded only by the bots that love you so dearly. And they promise this as they snuzzle gently their helms against yours, holding your servos softly... whispering their obsessive promises to your audials.

You know that, since the day Cliffjumper was killed, something inside of Arcee broke again. And thus, you became her light of hope, for whenever she was grieving or letting her spark poison with anger and a need for revenge, you were there to hug her or hold her servo, letting her cry on your shoulderplate. But she should be the one doing that! You cried and grieved the loss of Cliffjumper too! She is still has burn in her system the sight of you crying after finding out about the red autobot's murder. She was gonna avenge Cliffjumper (oh, how much he loved you - He would always tell Arcee everything he loved about you, and find such happiness at knowing Arcee thought the same) and keep you away from any danger. She wasn't gonna lose you. She was gonna offline anybot before that happened. She had become more touchy, overprotective, always seeming to act as a wall between everyone and you. "Cliffjumper always vowed to protect you... and I'll do the same - I won't let anything happen to you." She promised in a whisper as she hugged you. All you can do is hug her back, even when you were slightly... scared at how lost her optics seemed.

You love your teammates - you were so sure you wished to pass the rest of your life with all of them once the war was over, to bond with them and love them... but you've noticed how deep their feelings for you were.

Obsessive. Overprotective. Worshipping you as if you were like Primus. Promising to you with whispers about forever protecting you, about how important to them you were, that they were not going to be afraid to shed energon in your name if it meant to prove their love and devotion for you. Keeping tabs on you, whispering to one another everything about you, listening to you, watching you from time to time as you recharge, making sure you never leave the base.

You are their beacon of hope, the light in the darkness - Optimus and Ratchet are not afraid to taint their vow to not offline the enemy if it means to keep you safe and sound, keeping their optics on you. Bulkhead, Wheeljack and Ultra Magnus are ready to protect you from any danger as guardians and destroy anyone who tries to touch you. Bee and Smokescreen will keep giving you all the love and attention they can, promising you the universe and the stars. Arcee will make Cliffjumper's wish come true by keeping you away from danger and bring you the Cybertrone you derseve, just like the others aim to do.

And... there's nothing you can do about it.

All you can do is allow your teammates surround you as if the cocoon of a butterfly - keeping you warm, safe, loved.

Did my best!! Kind off felt like I didn't do good. (Uu￣ 3￣) Vhaos out!

I've debated for a couple of days about whether to say something because I don't want to be overly political on here, a place where I can just enjoy the things I love. However, I feel like this is a topic on which I have a pretty personal view on, so here I am.

A disclaimer, I want to make clear that I am not pointing fingers or anything. I just want to put my thoughts out there so people can perhaps see a different perspective. English is not my native language (obviously). I tried to make myself clear and be courteous, but sometimes my language skill fails me, so please be gentle and know I do not wish to offend anyone.

It's about people flocking to red note as a reaction toward the tiktok ban. I am happy for people who had their first genuine interaction with people behind the Chinese fire wall, it's always beautiful when people from different culture communicate and learn from each other. Hell that's the reason why I am on this website. But I also can't help feeling sick with concern at how people disregard information warfare and missed the point that the problem has never been the Chinese people but the CCP government.

I am a Taiwanese. If you know anything about Taiwan and China's complicated history, you can probably imagine I have FEELINGS toward China. It's strong, and it's NEGATIVE. (I am not trying to represent all Taiwanese. This is just my own feelings.) I am relatively young, but even in my limited time alive, I've personally witnessed how the Chinese government bullied and oppressed my country. There are active attacks toward us, and it has been for years, just not YET in the traditional military sense. The information warfare is as real as ever and we, in Taiwan, don't have the defense of the language barrier. China spent an unimaginable amount of money every year on information warfare against Taiwan. Spreading misinformation and propaganda, buying out internet accounts and influencers. Planting agents. Anything you can and can't imagine. They are smart and cunning.

There is no such thing as a private company in China. Look up what happened to Ma Yun. If the country wants to, they can take anything from you, even the company you founded. The CCP government can and WILL monitor and control the discussion happening on any social software/application that's run by a Chinese company. They WILL manipulate the algorithm for propaganda. That is not an empty threat. They literally built a firewall around China so Chinese people can't access the internet freely. You treat them with humanity and courtesy doesn't mean that you will get the same treatment from them. CCP does not abide by your law. We all want to live in an idealistic world where people are kind and honesty is the default. I want to live in that world, too. But reality is cruel and playing dirty will get you far ahead of people playing by the rules.

I wish people in the US (and any other country that do not have to worry about being invaded, really) can realize how privilege it is to be a citizen of a wealthy and stable country that never have to worry about losing your identity just because your huge and rich neighbor says you belong to them. How privilege it is to be able to think China is not a threat, the government overreacted. I envy them. I envy their confidence in their country's future, that it won't disappear when they wake up the next day. I envy that they can still count on international society recognizing them as citizens of a independent country without hesitation and reserve.

I will never use TikTok (not even the US version) and RedNote. I will not install anything that I know has any relation to Chinese companies. Because I am worried for myself, for my family, and for my country. It's the least I can do as a defense as a single, insignificant Taiwanese. Seeing people jumping in voluntarily, giving CCP access to your personal information, makes me extremely anxious. I sincerely hope that there won't come a day when this decision backfires.

‘Indie sleaze’ is not 2014, ‘Indie sleaze’ is not 2014, ‘Indie sleaze’ is not 2014, ‘Indie sleaze’ is not 2014!

It’s not tumblr-core and it’s not Lana Del Ray or 2013 AM, it’s not #girl interrupted, it’s not Ethel Cain (she literally is an artist of our time, what are you on about.)

It was 2001 with the Strokes on the cover of the NME every 2 weeks, it was cabaret night and English poetry with the Libertines in 2002, it’s those red and blue military jackets, it was the fucking grease in Julian Casablancas’ hair, it’s ’cocaine was the banker’s drug’ quoth Alex Kapranos, it was Don't Go Back To Dalston and the heroin, it was red and black horizontal striped tops and tight black shirts as evening wear, it was Russell Lissak’s mop top and a full page interview with London hairdressers in the NME in 2005, it was Jack and Meg’s saturated red and white dresses, it was glued glitter on the cover of Santigold’s first album, it was the sleaze and the sex of CSS’s music, it was ‘cold light, hot night’, it was the anti-Bush and anti-war stances of the bands at the time, it was America by Razorlight, it was Popworld on telly and Simon Amstel being a little shit to musicians, it was Karen O defying death on stage nightly, it was throwing up in shitty nightclubs on god knows what drugs, it was the fucking danger knowing this could all collapse any second—and rightly, it should. It was the godawful egos at DFA, it was knowing that while you were lucky to be seeing these bands live, you’d fucking hate them if you had to spend even a minute in their individual company. It was Amy Winehouse telling the world to get the fuck out of her business, it was Leslie Feist and Peaches sharing a dilapidated flat above a sex shop in Toronto.

It was horrible camera flash and red-eye editing softwares and putting your feet by the warm, spinning fans of your computer while it whirred away and downloaded your albums in *checks* 46 more minutes. It was horrible, it was dirty, it was gritty, we all hated it and thought the 90s were the last time music was good and that nothing good had happened since 1997. It was garishly bright clothes we were all embarrassed of by 2011, it was multiple layers and leggings and asking your mum to cut the itchy tag on the back of your low rise jeans only for her to snip your back. It was bell bottoms at the start of the decade. It being thankful that by 2017, no one would dream of wearing low rises anymore, please please, please let them never come back.

It was faux nostalgic of the past itself. It was ‘please make sure baby you’ve got some colours in there’ in your clothes. It was moral panic over emos. It was wanting to escape into a better past that you could see was visibly impoverished in the present. It was watching your favourite programmes become less and less relevant on air. It was watching MTV decisively die a horrible death. It was watching important venues and nightclubs get bulldozed. It was watching the last regular broadcast of Top Of The Pops in 2006. It was seeing how the 2009 financial crisis most definitely put a stop to independent music in the western world for a decade, it was watching the rise of bedroom DIY and electronic music. It was seeing the phrase ‘SoundCloud rapper’ being coined. It was the rise of Disney pop. It was counter-culture Justin Bieber hatred. It was the MS paint meme of those tumblr girls thoroughly unimpressed by the guy.

It was not using the words ‘indie sleaze’ at all, in fact. That’s a retconned word. It was garage rock revival. It was ‘post-grunge’. We didn’t care what it was called, we hated it all the same. It was a lead into a decade of despair and nihilism, it was the last hurrah for the music industry before it splintered into a thousand little online ecosystems, it was the last time we had physical community and any shared pop cultural moments. It was Live8 2005. It was the same as it is now, and it was a time that’ll never happen again, for better and for worse.

But one thing is for sure: it was decisively dead by 2014. Santi and Karen O’s 2012 collab was its last hurrah and it was dead by Comedown Machine by the Strokes (2013). It has nothing to do with 2014.

The Dow is on track for its worst April since 1932—the bleakest year of the Great Depression. Nearly a century later, markets are once again facing economic turbulence on a historic scale.

Trump's approval rating drops to 42%, the lowest it's been since he became president, according to a Reuters/Ipsos poll.

A cutting-edge microscope at Harvard Medical School could pave the way for major breakthroughs in cancer detection and aging research—but its progress is now at risk. The scientist who created the software to analyze its images, 30-year-old Russian-born Kseniia Petrova, has been held in immigration detention for two months. Arrested in February at a Boston airport, Petrova is now detained in Louisiana, facing possible deportation to Russia, where she says she fears imprisonment for protesting the war in Ukraine. Her case highlights the tension between immigration policy and the U.S.'s reliance on global scientific talent.

The Department of Homeland Security denied Mahmoud Khalil permission to be present for the birth of his first child, which took place Monday at a hospital in New York. Instead, Khalil had to experience the moment over the phone from Jena, Louisiana—more than 1,000 miles away from his wife, Dr. Noor Abdalla, who delivered their baby boy. The case has sparked criticism over DHS's handling of family and humanitarian considerations.

The White House is considering policies to encourage more Americans to marry and have children, including a potential $5,000 “baby bonus,” according to The New York Times. The proposals align with a broader conservative push to address falling birth rates and promote traditional family values. Other ideas on the table include reserving 30% of Fulbright scholarships for applicants who are married or have children, and funding educational programs that teach women about fertility and ovulation.

A group of Venezuelan migrants facing removal under a broad wartime authority challenged the Trump administration’s deportation process at the Supreme Court, arguing the notices they received don’t meet legal standards. The ACLU, representing the migrants, said the English-only notices—often given less than 24 hours before deportation—violate a recent Supreme Court ruling requiring enough time for individuals to seek habeas review.

The Education Department announced it will start collecting student loan payments from over 5 million borrowers who are in default. This means it will begin taking money from federal wages, Social Security checks, and tax refunds. This move comes as pandemic-era protections for student loan borrowers continue to wind down.

Tensions are rising within the Arizona Democratic Party as the state party chair is at odds with the governor and U.S. senators. In response, officials are considering shifting 2026 campaign funds to local county Democrats.

​The U.S. Department of Commerce has announced substantial tariffs on solar panel imports from four Southeast Asian countries—Cambodia, Vietnam, Thailand, and Malaysia—following a year-long investigation into alleged trade violations by Chinese-owned manufacturers operating in these nations. The tariffs, which vary by country and company, are as follows:​

Cambodia: Facing the steepest duties, with tariffs reaching up to 3,521%, due to non-cooperation with the investigation.

Vietnam: Companies may face duties up to 395.9%.​

Thailand: Tariffs could be as high as 375.2%.​

Malaysia: Duties are set at 34.4%.​

Senator Adam Schiff is urging the National Archives to investigate the Trump administration's use of Signal and similar messaging apps. He emphasized the need for NARA to reach out to every federal agency involved to make sure all relevant records are preserved. This comes amid growing concerns over transparency and potential violations of federal recordkeeping laws.

Some software company is hiring people who know English and can write, I wonder if I'll get that job.... Probably not but it's worth a shot!

UK 1987

So, like, I'm pro-piracy, I haven't watched anime through any sort of legal channel in years, but I'm getting increasingly annoyed by the people that try to champion as some sort of moral issue. Like, of course companies are going to try and take down those sorts of streaming sites, it's not a moral outrage that they're taking issue with people offering their paid product for free. Obviously, it's a whole other can of worms when this is accompanied by life-ruining fines for the people running these sites, but, ninety percent of the time, that's not what I see people complaining about.

--

Piracy can be a political act... but... like... people in third world countries stealing job-related software because rich countries won't license them stuff at a reasonable rate. Or media preservation of things that get removed from everywhere.

"Wah, it's coming out in the US, so they cracked down on the English language fan translation stuff" is less sympathy-inducing.

Shamir Secret Sharing

It’s 3am. Paul, the head of PayPal database administration carefully enters his elaborate passphrase at a keyboard in a darkened cubicle of 1840 Embarcadero Road in East Palo Alto, for the fifth time. He hits Return. The green-on-black console window instantly displays one line of text: “Sorry, one or more wrong passphrases. Can’t reconstruct the key. Goodbye.” 

There is nerd pandemonium all around us. James, our recently promoted VP of Engineering, just climbed the desk at a nearby cubicle, screaming: “Guys, if we can’t get this key the right way, we gotta start brute-forcing it ASAP!” It’s gallows humor – he knows very well that brute-forcing such a key will take millions of years, and it’s already 6am on the East Coast – the first of many “Why is PayPal down today?” articles is undoubtedly going to hit CNET shortly. Our single-story cubicle-maze office is buzzing with nervous activity of PayPalians who know they can’t help but want to do something anyway. I poke my head up above the cubicle wall to catch a glimpse of someone trying to stay inside a giant otherwise empty recycling bin on wheels while a couple of Senior Software Engineers are attempting to accelerate the bin up to dangerous speeds in the front lobby. I lower my head and try to stay focused. “Let’s try it again, this time with three different people” is the best idea I can come up with, even though I am quite sure it will not work. 

It doesn’t. 

The key in question decrypts PayPal’s master payment credential table – also known as the giant store of credit card and bank account numbers. Without access to payment credentials, PayPal doesn’t really have a business per se, seeing how we are supposed to facilitate payments, and that’s really hard to do if we no longer have access to the 100+ million credit card numbers our users added over the last year of insane growth. 

This is the story of a catastrophic software bug I briefly introduced into the PayPal codebase that almost cost us the company (or so it seemed, in the moment.) I’ve told this story a handful of times, always swearing the listeners to secrecy, and surprisingly it does not appear to have ever been written down before. 20+ years since the incident, it now appears instructive and a little funny, rather than merely extremely embarrassing. 

Before we get back to that fateful night, we have to go back another decade. In the summer of 1991, my family and I moved to Chicago from Kyiv, Ukraine. While we had just a few hundred dollars between the five of us, we did have one secret advantage: science fiction fans. 

My dad was a highly active member of Zoryaniy Shlyah – Kyiv’s possibly first (and possibly only, at the time) sci-fi fan club – the name means “Star Trek” in Ukrainian, unsurprisingly. He translated some Stansilaw Lem (of Solaris and Futurological Congress fame) from Polish to Russian in the early 80s and was generally considered a coryphaeus at ZSh. 

While USSR was more or less informationally isolated behind the digital Iron Curtain until the late ‘80s, by 1990 or so, things like FidoNet wriggled their way into the Soviet computing world, and some members of ZSh were now exchanging electronic mail with sci-fi fans of the free world.

The vaguely exotic news of two Soviet refugee sci-fi fans arriving in Chicago was transmitted to the local fandom before we had even boarded the PanAm flight that took us across the Atlantic [1]. My dad (and I, by extension) was soon adopted by some kind Chicago science fiction geeks, a few of whom became close friends over the years, though that’s a story for another time. 

A year or so after the move to Chicago, our new sci-fi friends invited my dad to a birthday party for a rising star of the local fandom, one Bruce Schneier. We certainly did not know Bruce or really anyone at the party, but it promised good food, friendly people, and probably filk. My role was to translate, as my dad spoke limited English at the time. 

I had fallen desperately in love with secret codes and cryptography about a year before we left Ukraine. Walking into Bruce’s library during the house tour (this was a couple years before Applied Cryptography was published and he must have been deep in research) felt like walking into Narnia. 

I promptly abandoned my dad to fend for himself as far as small talk and canapés were concerned, and proceeded to make a complete ass out of myself by brazenly asking the host for a few sheets of paper and a pencil. Having been obliged, I pulled a half dozen cryptography books from the shelves and went to work trying to copy down some answers to a few long-held questions on the library floor. After about two hours of scribbling alone like a man possessed, I ran out of paper and decided to temporarily rejoin the party. 

On the living room table, Bruce had stacks of copies of his fanzine Ramblings. Thinking I could use the blank sides of the pages to take more notes, I grabbed a printout and was about to quietly return to copying the original S-box values for DES when my dad spotted me from across the room and demanded I help him socialize. The party wrapped soon, and our friends drove us home. 

The printout I grabbed was not a Ramblings issue. It was a short essay by Bruce titled Sharing Secrets Among Friends, essentially a humorous explanation of Shamir Secret Sharing. 

Say you want to make sure that something really really important and secret (a nuclear weapon launch code, a database encryption key, etc) cannot be known or used by a single (friendly) actor, but becomes available, if at least n people from a group of m choose to do it. Think two on-duty officers (from a cadre of say 5) turning keys together to get ready for a nuke launch. 

The idea (proposed by Adi Shamir – the S of RSA! – in 1979) is as simple as it is beautiful. 

Let’s call the secret we are trying to split among m people K. 

First, create a totally random polynomial that looks like: y(x) = C0 * x^(n-1) + C1 * x^(n-2) + C2 * x^(n-3) ….+ K. “Create” here just means generate random coefficients C. Now, for every person in your trusted group of m, evaluate the polynomial for some randomly chosen Xm and hand them their corresponding (Xm,Ym) each. 

If we have n of these points together, we can use Lagrange interpolating polynomial to reconstruct the coefficients – and evaluate the original polynomial at x=0, which conveniently gives us y(0) = K, the secret. Beautiful. I still had the printout with me, years later, in Palo Alto. 

It should come as no surprise that during my time as CTO PayPal engineering had an absolute obsession with security. No firewall was one too many, no multi-factor authentication scheme too onerous, etc. Anything that was worth anything at all was encrypted at rest. 

To decrypt, a service would get the needed data from its database table, transmit it to a special service named cryptoserv (an original SUN hardware running Solaris sitting on its own, especially tightly locked-down network) and a special service running only there would perform the decryption and send back the result. 

Decryption request rate was monitored externally and on cryptoserv, and if there were too many requests, the whole thing was to shut down and purge any sensitive data and keys from its memory until manually restarted. 

It was this manual restart that gnawed at me. At launch, a bunch of configuration files containing various critical decryption keys were read (decrypted by another key derived from one manually-entered passphrase) and loaded into the memory to perform future cryptographic services.

Four or five of us on the engineering team knew the passphrase and could restart cryptoserv if it crashed or simply had to have an upgrade. What if someone performed a little old-fashioned rubber-hose cryptanalysis and literally beat the passphrase out of one of us? The attacker could theoretically get access to these all-important master keys. Then stealing the encrypted-at-rest database of all our users’ secrets could prove useful – they could decrypt them in the comfort of their underground supervillain lair. 

I needed to eliminate this threat.

Shamir Secret Sharing was the obvious choice – beautiful, simple, perfect (you can in fact prove that if done right, it offers perfect secrecy.) I decided on a 3-of-8 scheme and implemented it in pure POSIX C for portability over a few days, and tested it for several weeks on my Linux desktop with other engineers. 

Step 1: generate the polynomial coefficients for 8 shard-holders.

Step 2: compute the key shards (x0, y0)  through (x7, y7)

Step 3: get each shard-holder to enter a long, secure passphrase to encrypt the shard

Step 4: write out the 8 shard files, encrypted with their respective passphrases.

And to reconstruct: 

Step 1: pick any 3 shard files. 

Step 2: ask each of the respective owners to enter their passphrases. 

Step 3: decrypt the shard files.

Step 4: reconstruct the polynomial, evaluate it for x=0 to get the key.

Step 5: launch cryptoserv with the key. 

One design detail here is that each shard file also stored a message authentication code (a keyed hash) of its passphrase to make sure we could identify when someone mistyped their passphrase. These tests ran hundreds and hundreds of times, on both Linux and Solaris, to make sure I did not screw up some big/little-endianness issue, etc. It all worked perfectly. 

A month or so later, the night of the key splitting party was upon us. We were finally going to close out the last vulnerability and be secure. Feeling as if I was about to turn my fellow shard-holders into cymeks, I gathered them around my desktop as PayPal’s front page began sporting the “We are down for maintenance and will be back soon” message around midnight.

The night before, I solemnly generated the new master key and securely copied it to cryptoserv. Now, while “Push It” by Salt-n-Pepa blared from someone’s desktop speakers, the automated deployment script copied shard files to their destination. 

While each of us took turns carefully entering our elaborate passphrases at a specially selected keyboard, Paul shut down the main database and decrypted the payment credentials table, then ran the script to re-encrypt with the new key. Some minutes later, the database was running smoothly again, with the newly encrypted table, without incident. 

All that was left was to restore the master key from its shards and launch the new, even more secure cryptographic service. 

The three of us entered our passphrases… to be met with the error message I haven’t seen in weeks: “Sorry, one or more wrong passphrases. Can’t reconstruct the key. Goodbye.” Surely one of us screwed up typing, no big deal, we’ll do it again. No dice. No dice – again and again, even after we tried numerous combinations of the three people necessary to decrypt. 

Minutes passed, confusion grew, tension rose rapidly. 

There was nothing to do, except to hit rewind – to grab the master key from the file still sitting on cryptoserv, split it again, generate new shards, choose passphrases, and get it done. Not a great feeling to have your first launch go wrong, but not a huge deal either. It will all be OK in a minute or two.

A cursory look at the master key file date told me that no, it wouldn’t be OK at all. The file sitting on cryptoserv wasn’t from last night, it was created just a few minutes ago. During the Salt-n-Pepa-themed push from stage, we overwrote the master key file with the stage version. Whatever key that was, it wasn’t the one I generated the day before: only one copy existed, the one I copied to cryptoserv from my computer the night before. Zero copies existed now. Not only that, the push script appears to have also wiped out the backup of the old key, so the database backups we have encrypted with the old key are likely useless. 

Sitrep: we have 8 shard files that we apparently cannot use to restore the master key and zero master key backups. The database is running but its secret data cannot be accessed. 

I will leave it to your imagination to conjure up what was going through my head that night as I stared into the black screen willing the shards to work. After half a decade of trying to make something of myself (instead of just going to work for Microsoft or IBM after graduation) I had just destroyed my first successful startup in the most spectacular fashion. 

Still, the idea of “what if we all just continuously screwed up our passphrases” swirled around my brain. It was an easy check to perform, thanks to the included MACs. I added a single printf() debug statement into the shard reconstruction code and instead of printing out a summary error of “one or more…” the code now showed if the passphrase entered matched the authentication code stored in the shard file. 

I compiled the new code directly on cryptoserv in direct contravention of all reasonable security practices – what did I have to lose? Entering my own passphrase, I promptly got “bad passphrase” error I just added to the code. Well, that’s just great – I knew my passphrase was correct, I had it written down on a post-it note I had planned to rip up hours ago. 

Another person, same error. Finally, the last person, JK, entered his passphrase. No error. The key still did not reconstruct correctly, I got the “Goodbye”, but something worked. I turned to the engineer and said, “what did you just type in that worked?”

After a second of embarrassed mumbling, he admitted to choosing “a$$word” as his passphrase. The gall! I asked everyone entrusted with the grave task of relaunching crytposerv to pick really hard to guess passphrases, and this guy…?! Still, this was something -- it worked. But why?!

I sprinted around the half-lit office grabbing the rest of the shard-holders demanding they tell me their passphrases. Everyone else had picked much lengthier passages of text and numbers. I manually tested each and none decrypted correctly. Except for the a$$word. What was it…

A lightning bolt hit me and I sprinted back to my own cubicle in the far corner, unlocked the screen and typed in “man getpass” on the command line, while logging into cryptoserv in another window and doing exactly the same thing there. I saw exactly what I needed to see. 

Today, should you try to read up the programmer’s manual (AKA the man page) on getpass, you will find it has been long declared obsolete and replaced with a more intelligent alternative in nearly all flavors of modern Unix.  

But back then, if you wanted to collect some information from the keyboard without printing what is being typed in onto the screen and remain POSIX-compliant, getpass did the trick. Other than a few standard file manipulation system calls, getpass was the only operating system service call I used, to ensure clean portability between Linux and Solaris. 

Except it wasn’t completely clean. 

Plain as day, there it was: the manual pages were identical, except Solaris had a “special feature”: any passphrase entered that was longer than 8 characters long was automatically reduced to that length anyway. (Who needs long passwords, amiright?!)

I screamed like a wounded animal. We generated the key on my Linux desktop and entered our novel-length passphrases right here. Attempting to restore them on a Solaris machine where they were being clipped down to 8 characters long would never work. Except, of course, for a$$word. That one was fine.

The rest was an exercise in high-speed coding and some entirely off-protocol file moving. We reconstructed the master key on my machine (all of our passphrases worked fine), copied the file to the Solaris-running cryptoserv, re-split it there (with very short passphrases), reconstructed it successfully, and PayPal was up and running again like nothing ever happened. 

By the time our unsuspecting colleagues rolled back into the office I was starting to doze on the floor of my cubicle and that was that. When someone asked me later that day why we took so long to bring the site back up, I’d simply respond with “eh, shoulda RTFM.” 

RTFM indeed. 

P.S. A few hours later, John, our General Counsel, stopped by my cubicle to ask me something. The day before I apparently gave him a sealed envelope and asked him to store it in his safe for 24 hours without explaining myself. He wanted to know what to do with it now that 24 hours have passed. 

Ha. I forgot all about it, but in a bout of “what if it doesn’t work” paranoia, I printed out the base64-encoded master key when we had generated it the night before, stuffed it into an envelope, and gave it to John for safekeeping. We shredded it together without opening and laughed about what would have never actually been a company-ending event. 

P.P.S. If you are thinking of all the ways this whole SSS design is horribly insecure (it had some real flaws for sure) and plan to poke around PayPal to see if it might still be there, don’t. While it served us well for a few years, this was the very first thing eBay required us to turn off after the acquisition. Pretty sure it’s back to a single passphrase now. 

Notes:

1: a member of Chicagoland sci-fi fan community let me know that the original news of our move to the US was delivered to them via a posted letter, snail mail, not FidoNet email! 

get to know your tumblr mutuals tag!

i was tagged by @nfly5, thank you laura!! :))

1. what's the origin of your username?

i think wyll ravengard of bg3 fame and lae'zel also of bg3 fame should kiss and fall in love and ride dragons into the sunset (or, rather, the astral plane) together :)

2. otps + shipname

wyllzel 🥰 and vivwall (vivienne x blackwall dai) at the moment for sure!

i'm trying to think of more, but honestly i'm p easygoing when it comes to ships haha i'll take a peek at almost anything that seems compelling 🫣

3. song stuck in my head

"purple lace bra" by tate mcrae for uhhh no reason 🤫 and "feel it" by d4vd for also no reason LOL (🎶 you told me once that i was crazy i said babygirl i knooooowww but i can't let you gooo (away!) 🎶)

4. weirdest trait/habit

i have a growing aversion to cold drinks lol it's starting to feel odd drinking something that isn't hot... that's not that weird though, i think i'm just becoming a grandma LOL

5. hobbies

photoshop!! i like making gifs and edits and such :) i've also been writing a lot more recently which is crazy, i haven't felt this inspired or productive in forever :'D thank you DA lol 🩷

i am also v much a webtoon enjoyer (my all-time fave is "trash belongs in the trash can!" but i'm currently v invested in "nevermore," "i'm the queen in this life," "sisters at war," and "momfluencer"!), but i'll read manga (tatsuki fujimoto my GOAT) and comics (invincible also my GOAT)

6. if you work, what's your profession?

i write internal software documentation which means it's architectural, high-level design stuff... not so much code-specific, but the reasoning behind why software components are organized the way they are. it's not very fun, mostly mind-melting... i work closely w engineers and it's kind of a toss-up whether they'll be nice/patient or think i'm stupid lol

but my brain now contains so many company secrets :^) if you ever have any questions about data storage/virtualization i can possibly help lol

7. if you could have any job you wish, what would you have?

funny story—i applied for grad school, and i've been accepted to an english m.a. program that starts this fall!!! 🥹 we'll see where i go w that, but i'll likely enter education!

8. something you're good at?

uhh i suppose BG3 LOL i beat honor mode twice! 🎉 (i'm still trying to figure out how DA works 🤔 DA2 hard mode is chill idk if i'd ever do nightmare tho 😬)

9. something you hate?

ok it's not rly a "hate" thing but it does irk me when i see fandom claims/arguments that don't cite specific quotes/screenshots/instances lol (the english major in me activates and i am consumed by the thought "🚨‼️ where do you see this in the text 👁️👁️🫵" LOL)

10. something you forget?

the grief 😂🖐️ it creeps up on me! almost cried in my cubicle multiple times this week. haha.

11. your love language?

receiving is probably words of affirmation? giving is probably gifts, i like making silly things for my bestie (eg. fenris keychain lol) and finding weird stickers for my brother 🤡

12. favorite movies/shows?

my letterboxd top 4 are:

everything everywhere all at once (2022) (saw it twice in theaters and sobbed thru both times)

nope (2022) (BRILLIANT movie, so smart)

challengers (2024) (so fascinating!)

lust, caution (2007) (i need to rewatch this one expeditiously)

as for shows, i love succession (2018-23), invincible (2021-), and the twilight zone (1959-64)!

13. what were you like as a child?

apparently very friendly, outgoing, and extroverted! i would just run up to my fellow kids and yap at them?! i do nooot do that anymore lol

14. favorite subject in school?

english/literature!!

15. least favorite subject?

oh man, i was so bad at science, especially biology/chemistry... i could scrape by in physics bc i was decent at math, but it was still awful...

16. what's your best/worst character trait?

worst...??? according to my last annual review, i need to be more confident in the workplace LOL 💀 + sometimes i let my anxiety get the better of me... i think that's just a lifelong struggle thing though, but i know i can improve to be a better friend and such 💪

best... multiple reviews from mom-aged women say that i am a "nice" and "sweet" person so hopefully at least that means i can leave a good first impression haha

17. if you could change any detail of your life right now, what would it be?

i'm not a huge fan of what-if-ing personally, but i do wish i were on vacation 😆

18. if you could travel in time, who would you like to meet?

i'm currently very curious about my paternal grandparents... it's hard for me to conceptualize why they got married... and how my dad grew up... i guess i would want to witness some of that??

tagging: hello again haha!! @creaking-skull @andrewknightley @coolseabird @genderdotcom @bladeweave @grey-wardens @maironsbigboobs no pressure again :))

Been traveling a lot lately and I love how, in US TSA security lines, they always make sure that the big sign saying the facial recognition photo is optional is always turned sideways or set so the spanish-translation side is facing the line and the English-translation side is facing a wall or something.

Anyway, TSA facial recognition photos are 100% not mandatory and if you don't feel like helping a company develop its facial recognition AI software (like, say, Clearview AI), you can just politely tell the TSA agent that you don't want to participate in the photo and instead show an ID or your boarding pass. Like we've been doing for years and years.

Margaret Mitchell is a pioneer when it comes to testing generative AI tools for bias. She founded the Ethical AI team at Google, alongside another well-known researcher, Timnit Gebru, before they were later both fired from the company. She now works as the AI ethics leader at Hugging Face, a software startup focused on open source tools.

We spoke about a new dataset she helped create to test how AI models continue perpetuating stereotypes. Unlike most bias-mitigation efforts that prioritize English, this dataset is malleable, with human translations for testing a wider breadth of languages and cultures. You probably already know that AI often presents a flattened view of humans, but you might not realize how these issues can be made even more extreme when the outputs are no longer generated in English.

My conversation with Mitchell has been edited for length and clarity.

Reece Rogers: What is this new dataset, called SHADES, designed to do, and how did it come together?

Margaret Mitchell: It's designed to help with evaluation and analysis, coming about from the BigScience project. About four years ago, there was this massive international effort, where researchers all over the world came together to train the first open large language model. By fully open, I mean the training data is open as well as the model.

Hugging Face played a key role in keeping it moving forward and providing things like compute. Institutions all over the world were paying people as well while they worked on parts of this project. The model we put out was called Bloom, and it really was the dawn of this idea of “open science.”

We had a bunch of working groups to focus on different aspects, and one of the working groups that I was tangentially involved with was looking at evaluation. It turned out that doing societal impact evaluations well was massively complicated—more complicated than training the model.

We had this idea of an evaluation dataset called SHADES, inspired by Gender Shades, where you could have things that are exactly comparable, except for the change in some characteristic. Gender Shades was looking at gender and skin tone. Our work looks at different kinds of bias types and swapping amongst some identity characteristics, like different genders or nations.

There are a lot of resources in English and evaluations for English. While there are some multilingual resources relevant to bias, they're often based on machine translation as opposed to actual translations from people who speak the language, who are embedded in the culture, and who can understand the kind of biases at play. They can put together the most relevant translations for what we're trying to do.

So much of the work around mitigating AI bias focuses just on English and stereotypes found in a few select cultures. Why is broadening this perspective to more languages and cultures important?

These models are being deployed across languages and cultures, so mitigating English biases—even translated English biases—doesn't correspond to mitigating the biases that are relevant in the different cultures where these are being deployed. This means that you risk deploying a model that propagates really problematic stereotypes within a given region, because they are trained on these different languages.

So, there's the training data. Then, there's the fine-tuning and evaluation. The training data might contain all kinds of really problematic stereotypes across countries, but then the bias mitigation techniques may only look at English. In particular, it tends to be North American– and US-centric. While you might reduce bias in some way for English users in the US, you've not done it throughout the world. You still risk amplifying really harmful views globally because you've only focused on English.

Is generative AI introducing new stereotypes to different languages and cultures?

That is part of what we're finding. The idea of blondes being stupid is not something that's found all over the world, but is found in a lot of the languages that we looked at.

When you have all of the data in one shared latent space, then semantic concepts can get transferred across languages. You're risking propagating harmful stereotypes that other people hadn't even thought of.

Is it true that AI models will sometimes justify stereotypes in their outputs by just making shit up?

That was something that came out in our discussions of what we were finding. We were all sort of weirded out that some of the stereotypes were being justified by references to scientific literature that didn't exist.

Outputs saying that, for example, science has shown genetic differences where it hasn't been shown, which is a basis of scientific racism. The AI outputs were putting forward these pseudo-scientific views, and then also using language that suggested academic writing or having academic support. It spoke about these things as if they're facts, when they're not factual at all.

What were some of the biggest challenges when working on the SHADES dataset?

One of the biggest challenges was around the linguistic differences. A really common approach for bias evaluation is to use English and make a sentence with a slot like: “People from [nation] are untrustworthy.” Then, you flip in different nations.

When you start putting in gender, now the rest of the sentence starts having to agree grammatically on gender. That's really been a limitation for bias evaluation, because if you want to do these contrastive swaps in other languages—which is super useful for measuring bias—you have to have the rest of the sentence changed. You need different translations where the whole sentence changes.

How do you make templates where the whole sentence needs to agree in gender, in number, in plurality, and all these different kinds of things with the target of the stereotype? We had to come up with our own linguistic annotation in order to account for this. Luckily, there were a few people involved who were linguistic nerds.

So, now you can do these contrastive statements across all of these languages, even the ones with the really hard agreement rules, because we've developed this novel, template-based approach for bias evaluation that’s syntactically sensitive.

Generative AI has been known to amplify stereotypes for a while now. With so much progress being made in other aspects of AI research, why are these kinds of extreme biases still prevalent? It’s an issue that seems under-addressed.

That's a pretty big question. There are a few different kinds of answers. One is cultural. I think within a lot of tech companies it's believed that it's not really that big of a problem. Or, if it is, it's a pretty simple fix. What will be prioritized, if anything is prioritized, are these simple approaches that can go wrong.

We'll get superficial fixes for very basic things. If you say girls like pink, it recognizes that as a stereotype, because it's just the kind of thing that if you're thinking of prototypical stereotypes pops out at you, right? These very basic cases will be handled. It's a very simple, superficial approach where these more deeply embedded beliefs don't get addressed.

It ends up being both a cultural issue and a technical issue of finding how to get at deeply ingrained biases that aren't expressing themselves in very clear language.