#computer software assurance | Explore Tumblr posts and blogs

mostlysignssomeportents · 1 year ago

Text

Demon-haunted computers are back, baby

Catch me in Miami! I'll be at Books and Books in Coral Gables on Jan 22 at 8PM.

As a science fiction writer, I am professionally irritated by a lot of sf movies. Not only do those writers get paid a lot more than I do, they insist on including things like "self-destruct" buttons on the bridges of their starships.

Look, I get it. When the evil empire is closing in on your flagship with its secret transdimensional technology, it's important that you keep those secrets out of the emperor's hand. An irrevocable self-destruct switch there on the bridge gets the job done! (It has to be irrevocable, otherwise the baddies'll just swarm the bridge and toggle it off).

But c'mon. If there's a facility built into your spaceship that causes it to explode no matter what the people on the bridge do, that is also a pretty big security risk! What if the bad guy figures out how to hijack the measure that – by design – the people who depend on the spaceship as a matter of life and death can't detect or override?

I mean, sure, you can try to simplify that self-destruct system to make it easier to audit and assure yourself that it doesn't have any bugs in it, but remember Schneier's Law: anyone can design a security system that works so well that they themselves can't think of a flaw in it. That doesn't mean you've made a security system that works – only that you've made a security system that works on people stupider than you.

I know it's weird to be worried about realism in movies that pretend we will ever find a practical means to visit other star systems and shuttle back and forth between them (which we are very, very unlikely to do):

https://pluralistic.net/2024/01/09/astrobezzle/#send-robots-instead

But this kind of foolishness galls me. It galls me even more when it happens in the real world of technology design, which is why I've spent the past quarter-century being very cross about Digital Rights Management in general, and trusted computing in particular.

It all starts in 2002, when a team from Microsoft visited our offices at EFF to tell us about this new thing they'd dreamed up called "trusted computing":

https://pluralistic.net/2020/12/05/trusting-trust/#thompsons-devil

The big idea was to stick a second computer inside your computer, a very secure little co-processor, that you couldn't access directly, let alone reprogram or interfere with. As far as this "trusted platform module" was concerned, you were the enemy. The "trust" in trusted computing was about other people being able to trust your computer, even if they didn't trust you.

So that little TPM would do all kinds of cute tricks. It could observe and produce a cryptographically signed manifest of the entire boot-chain of your computer, which was meant to be an unforgeable certificate attesting to which kind of computer you were running and what software you were running on it. That meant that programs on other computers could decide whether to talk to your computer based on whether they agreed with your choices about which code to run.

This process, called "remote attestation," is generally billed as a way to identify and block computers that have been compromised by malware, or to identify gamers who are running cheats and refuse to play with them. But inevitably it turns into a way to refuse service to computers that have privacy blockers turned on, or are running stream-ripping software, or whose owners are blocking ads:

https://pluralistic.net/2023/08/02/self-incrimination/#wei-bai-bai

After all, a system that treats the device's owner as an adversary is a natural ally for the owner's other, human adversaries. The rubric for treating the owner as an adversary focuses on the way that users can be fooled by bad people with bad programs. If your computer gets taken over by malicious software, that malware might intercept queries from your antivirus program and send it false data that lulls it into thinking your computer is fine, even as your private data is being plundered and your system is being used to launch malware attacks on others.

These separate, non-user-accessible, non-updateable secure systems serve a nubs of certainty, a remote fortress that observes and faithfully reports on the interior workings of your computer. This separate system can't be user-modifiable or field-updateable, because then malicious software could impersonate the user and disable the security chip.

It's true that compromised computers are a real and terrifying problem. Your computer is privy to your most intimate secrets and an attacker who can turn it against you can harm you in untold ways. But the widespread redesign of out computers to treat us as their enemies gives rise to a range of completely predictable and – I would argue – even worse harms. Building computers that treat their owners as untrusted parties is a system that works well, but fails badly.

First of all, there are the ways that trusted computing is designed to hurt you. The most reliable way to enshittify something is to supply it over a computer that runs programs you can't alter, and that rats you out to third parties if you run counter-programs that disenshittify the service you're using. That's how we get inkjet printers that refuse to use perfectly good third-party ink and cars that refuse to accept perfectly good engine repairs if they are performed by third-party mechanics:

https://pluralistic.net/2023/07/24/rent-to-pwn/#kitt-is-a-demon

It's how we get cursed devices and appliances, from the juicer that won't squeeze third-party juice to the insulin pump that won't connect to a third-party continuous glucose monitor:

https://arstechnica.com/gaming/2020/01/unauthorized-bread-a-near-future-tale-of-refugees-and-sinister-iot-appliances/

But trusted computing doesn't just create an opaque veil between your computer and the programs you use to inspect and control it. Trusted computing creates a no-go zone where programs can change their behavior based on whether they think they're being observed.

The most prominent example of this is Dieselgate, where auto manufacturers murdered hundreds of people by gimmicking their cars to emit illegal amount of NOX. Key to Dieselgate was a program that sought to determine whether it was being observed by regulators (it checked for the telltale signs of the standard test-suite) and changed its behavior to color within the lines.

Software that is seeking to harm the owner of the device that's running it must be able to detect when it is being run inside a simulation, a test-suite, a virtual machine, or any other hallucinatory virtual world. Just as Descartes couldn't know whether anything was real until he assured himself that he could trust his senses, malware is always questing to discover whether it is running in the real universe, or in a simulation created by a wicked god:

https://pluralistic.net/2022/07/28/descartes-was-an-optimist/#uh-oh

That's why mobile malware uses clever gambits like periodically checking for readings from your device's accelerometer, on the theory that a virtual mobile phone running on a security researcher's test bench won't have the fidelity to generate plausible jiggles to match the real data that comes from a phone in your pocket:

https://arstechnica.com/information-technology/2019/01/google-play-malware-used-phones-motion-sensors-to-conceal-itself/

Sometimes this backfires in absolutely delightful ways. When the Wannacry ransomware was holding the world hostage, the security researcher Marcus Hutchins noticed that its code made reference to a very weird website: iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com. Hutchins stood up a website at that address and every Wannacry-infection in the world went instantly dormant:

https://pluralistic.net/2020/07/10/flintstone-delano-roosevelt/#the-matrix

It turns out that Wannacry's authors were using that ferkakte URL the same way that mobile malware authors were using accelerometer readings – to fulfill Descartes' imperative to distinguish the Matrix from reality. The malware authors knew that security researchers often ran malicious code inside sandboxes that answered every network query with fake data in hopes of eliciting responses that could be analyzed for weaknesses. So the Wannacry worm would periodically poll this nonexistent website and, if it got an answer, it would assume that it was being monitored by a security researcher and it would retreat to an encrypted blob, ceasing to operate lest it give intelligence to the enemy. When Hutchins put a webserver up at iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com, every Wannacry instance in the world was instantly convinced that it was running on an enemy's simulator and withdrew into sulky hibernation.

The arms race to distinguish simulation from reality is critical and the stakes only get higher by the day. Malware abounds, even as our devices grow more intimately woven through our lives. We put our bodies into computers – cars, buildings – and computers inside our bodies. We absolutely want our computers to be able to faithfully convey what's going on inside them.

But we keep running as hard as we can in the opposite direction, leaning harder into secure computing models built on subsystems in our computers that treat us as the threat. Take UEFI, the ubiquitous security system that observes your computer's boot process, halting it if it sees something it doesn't approve of. On the one hand, this has made installing GNU/Linux and other alternative OSes vastly harder across a wide variety of devices. This means that when a vendor end-of-lifes a gadget, no one can make an alternative OS for it, so off the landfill it goes.

It doesn't help that UEFI – and other trusted computing modules – are covered by Section 1201 of the Digital Millennium Copyright Act (DMCA), which makes it a felony to publish information that can bypass or weaken the system. The threat of a five-year prison sentence and a $500,000 fine means that UEFI and other trusted computing systems are understudied, leaving them festering with longstanding bugs:

https://pluralistic.net/2020/09/09/free-sample/#que-viva

Here's where it gets really bad. If an attacker can get inside UEFI, they can run malicious software that – by design – no program running on our computers can detect or block. That badware is running in "Ring -1" – a zone of privilege that overrides the operating system itself.

Here's the bad news: UEFI malware has already been detected in the wild:

https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/

And here's the worst news: researchers have just identified another exploitable UEFI bug, dubbed Pixiefail:

https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html

Writing in Ars Technica, Dan Goodin breaks down Pixiefail, describing how anyone on the same LAN as a vulnerable computer can infect its firmware:

https://arstechnica.com/security/2024/01/new-uefi-vulnerabilities-send-firmware-devs-across-an-entire-ecosystem-scrambling/

That vulnerability extends to computers in a data-center where the attacker has a cloud computing instance. PXE – the system that Pixiefail attacks – isn't widely used in home or office environments, but it's very common in data-centers.

Again, once a computer is exploited with Pixiefail, software running on that computer can't detect or delete the Pixiefail code. When the compromised computer is queried by the operating system, Pixiefail undetectably lies to the OS. "Hey, OS, does this drive have a file called 'pixiefail?'" "Nope." "Hey, OS, are you running a process called 'pixiefail?'" "Nope."

This is a self-destruct switch that's been compromised by the enemy, and which no one on the bridge can de-activate – by design. It's not the first time this has happened, and it won't be the last.

There are models for helping your computer bust out of the Matrix. Back in 2016, Edward Snowden and bunnie Huang prototyped and published source code and schematics for an "introspection engine":

https://assets.pubpub.org/aacpjrja/AgainstTheLaw-CounteringLawfulAbusesofDigitalSurveillance.pdf

This is a single-board computer that lives in an ultraslim shim that you slide between your iPhone's mainboard and its case, leaving a ribbon cable poking out of the SIM slot. This connects to a case that has its own OLED display. The board has leads that physically contact each of the network interfaces on the phone, conveying any data they transit to the screen so that you can observe the data your phone is sending without having to trust your phone.

(I liked this gadget so much that I included it as a major plot point in my 2020 novel Attack Surface, the third book in the Little Brother series):

https://craphound.com/attacksurface/

We don't have to cede control over our devices in order to secure them. Indeed, we can't ever secure them unless we can control them. Self-destruct switches don't belong on the bridge of your spaceship, and trusted computing modules don't belong in your devices.

I'm Kickstarting the audiobook for The Bezzle, the sequel to Red Team Blues, narrated by @wilwheaton! You can pre-order the audiobook and ebook, DRM free, as well as the hardcover, signed or unsigned. There's also bundles with Red Team Blues in ebook, audio or paperback.

If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2024/01/17/descartes-delenda-est/#self-destruct-sequence-initiated

Image: Mike (modified) https://www.flickr.com/photos/stillwellmike/15676883261/

CC BY-SA 2.0 https://creativecommons.org/licenses/by-sa/2.0/

#pluralistic #uefi #owner override #user override #jailbreaking #dmca 1201 #schneiers law #descartes #nub of certainty #self-destruct button #trusted computing #secure enclaves #drm #ngscb #next generation secure computing base #palladium #pixiefail #infosec

576 notes · View notes

linkhundr · 9 months ago

Text

So NFTgate has now hit tumblr - I made a thread about it on my twitter, but I'll talk a bit more about it here as well in slightly more detail. It'll be a long one, sorry! Using my degree for something here. This is not intended to sway you in one way or the other - merely to inform so you can make your own decision and so that you aware of this because it will happen again, with many other artists you know.

Let's start at the basics: NFT stands for 'non fungible token', which you should read as 'passcode you can't replicate'. These codes are stored in blocks in what is essentially a huge ledger of records, all chained together - a blockchain. Blockchain is encoded in such a way that you can't edit one block without editing the whole chain, meaning that when the data is validated it comes back 'negative' if it has been tampered with. This makes it a really, really safe method of storing data, and managing access to said data. For example, verifying that a bank account belongs to the person that says that is their bank account.

For most people, the association with NFT's is bitcoin and Bored Ape, and that's honestly fair. The way that used to work - and why it was such a scam - is that you essentially purchased a receipt that said you owned digital space - not the digital space itself. That receipt was the NFT. So, in reality, you did not own any goods, that receipt had no legal grounds, and its value was completely made up and not based on anything. On top of that, these NFTs were purchased almost exclusively with cryptocurrency which at the time used a verifiation method called proof of work, which is terrible for the environment because it requires insane amounts of electricity and computing power to verify. The carbon footprint for NFTs and coins at this time was absolutely insane.

In short, Bored Apes were just a huge tech fad with the intention to make a huge profit regardless of the cost, which resulted in the large market crash late last year. NFTs in this form are without value.

However, NFTs are just tech by itself more than they are some company that uses them. NFTs do have real-life, useful applications, particularly in data storage and verification. Research is being done to see if we can use blockchain to safely store patient data, or use it for bank wire transfers of extremely large amounts. That's cool stuff!

So what exactly is Käärijä doing? Kä is not selling NFTs in the traditional way you might have become familiar with. In this use-case, the NFT is in essence a software key that gives you access to a digital space. For the raffle, the NFT was basically your ticket number. This is a very secure way of doing so, assuring individuality, but also that no one can replicate that code and win through a false method. You are paying for a legimate product - the NFT is your access to that product.

What about the environmental impact in this case? We've thankfully made leaps and bounds in advancing the tech to reduce the carbon footprint as well as general mitigations to avoid expanding it over time. One big thing is shifting from proof of work verification to proof of space or proof of stake verifications, both of which require much less power in order to work. It seems that Kollekt is partnered with Polygon, a company that offers blockchain technology with the intention to become climate positive as soon as possible. Numbers on their site are very promising, they appear to be using proof of stake verification, and all-around appear more interested in the tech than the profits it could offer.

But most importantly: Kollekt does not allow for purchases made with cryptocurrency, and that is the real pisser from an environmental perspective. Cryptocurrency purchases require the most active verification across systems in order to go through - this is what bitcoin mining is, essentially. The fact that this website does not use it means good things in terms of carbon footprint.

But why not use something like Patreon? I can't tell you. My guess is that Patreon is a monthly recurring service and they wanted something one-time. Kollekt is based in Helsinki, and word is that Mikke (who is running this) is friends with folks on the team. These are all contributing factors, I would assume, but that's entirely an assumption and you can't take for fact.

Is this a good thing/bad thing? That I also can't tell you - you have to decide that for yourself. It's not a scam, it's not crypto, just a service that sits on the blockchain. But it does have higher carbon output than a lot of other services do, and its exact nature is not publicly disclosed. This isn't intended to sway you to say one or the other, but merely to give you the proper understanding of what NFTs are as a whole and what they are in this particular case so you can make that decision for yourself.

#käärijä #whew its a long one sorry #but hopefully useful #and intended entirely to inform

96 notes · View notes

fluentmoviequoter · 1 year ago

Text

Accidental CI

Pairing: David "Deacon" Kay x fem!reader

Summary: When your employer's name comes up in a case, your best friend Deacon calls to ask for your help. He leads you into a dangerous situation, and you come out as more than friends.

Warnings: r works an unspecified corporate job, mentions weapon trafficking and guns, threats, mostly fluff!

Word Count: 3.1k+ words

Masterlist Directory | Deacon Masterlist | Request Info/Fandom List

“Hi, Deac,” you greet as you open the door.

“How was work?” he asks.

“It was fine. My boss forgot to start a software update last night so we didn’t have computer access until after lunch.”

“So, you got paid to sit there and do nothing?”

“Which isn’t that much different than most days,” you tease. “What about you? Any crazy calls?”

You lead Deacon into your kitchen, and his smile widens when he sees dinner waiting on your counter. He pulls you into a quick hug before telling you about his day at work.

“No injuries?” you ask softly.

“No injuries,” he assures. “What about you; any paper cuts that need tending to?”

“Just mental injuries for me. Our financial statements aren’t aligning like they should and if it’s not fixed by the next audit, someone’s getting in trouble.”

“What do you think caused it?”

“Oversight or adding the same bill twice, I’d guess. But I think we should talk about something more exciting than my future IRS investigation.”

“Then let’s talk about that amazing dinner over there and I’ll remind you that Luca wants to have a cooking competition with you.”

Deacon has been your best friend since he moved in next door. You also harbor an ever-growing crush on him. When you saw him climb out of the moving truck the first day, you knew you wanted to be close. He’s got a stressful job, so if you can give him a break and a friend, that’s what you’ll do.

Deacon watches the screen in the situation room as Hondo explains the corporate espionage turned weapon trafficking case. It's a strange move, going from stealing trade secrets to transporting illegal weapons across borders and into areas with strict gun control laws. Metro found a lot of evidence, but when they located the weapons supply in their prime suspect’s corporate office, they called in 20 Squad.

“Wait, go back. Who’s the suspect?” Deacon asks.

His eyes search the monitor as Hondo returns to a page of surveillance photos.

“Elwin Dupree. You know him?” Hondo responds.

“Not personally, but I know someone who works for him.”

“CI?” Chris guesses.

“No. She might be willing to help, though.”

“Call her,” Hondo says.

Hicks adds, “Otherwise, we’re going in blind. Metro has intel but it’s not enough to avoid an ambush.”

Deacon nods and walks out of the room. He presses a contact from his favorites list before raising his phone to his ear.

“Remind me why we work here?” your desk neighbor, whom you lovingly call Nola, says as she sits across from you.

“Because the pay is good… and we’re desperate,” you offer, smiling as you accept your favorite drink.

“May I remind you that Dupree is an idiot who can’t even remember what he asks us to do?”

“Just smile and go with it, Nola, it’s the easiest way to handle it.”

“The man called me into his office yesterday, and then didn’t know why I was there,” she whispers.

“That’s probably a good thing for you. Considering your nickname is based off of your reply of no; lazy.”

“I am lazy! So, I don’t like to do things. He can fire me whenever he wants.”

You roll your eyes and prepare to reply but are interrupted by your cell phone ringing. You apologize to Nola before you answer it.

“Hey, it’s me,” Deacon says on the other end of the line.

“Indeed, it is. What’s going on?” you reply.

“How do you know something is going on?”

“It’s mid-morning on a weekday. And you never call me.”

“I call you all the time!” Deacon argues.

You laugh before you say, “Not when you’re at work.”

“Okay, fine, you’re right. Listen, we’re working on something, and your boss’s name came up.”

“Dupree?” you inquire. “Why?”

“I can’t tell you exactly what we’re looking into, but Hondo and Hicks wanted to know if you’d be willing to help us.”

“Of course. Tell me what to do,” you agree.

“Can you come down here?”

“Uh, yeah,” you answer. You open the calendar on your computer and add, “I can spare an hour and a half, is that enough time?”

“Absolutely. Thank you,” Deacon says.

“Anything for you.”

You hang up and gather your things before standing.

“Where are you off to? Please tell me you’re leaving to go on a date with the hot neighbor you always talk about,” Nola whispers.

“Not today. There was a slight mishap for some of our paperwork. I have to run to another office and get everything sorted out,” you lie. “I’ll have my cell if you need anything.”

“Dodging bullets left and right, aren’t you? Go ahead, I’ll watch your phone and fill in Dupree if he notices you’re gone.”

“Thanks, Nola.”

When you park outside the station, your thoughts begin spiraling. You sit in your seat and wonder if you made the right decision. Will you be in Deacon’s way or be too distracted by him to even help? What if something happens to him while you’re with him? What if he-

A tap on your window draws you from your questions. You turn your head and see Deacon looking at you through the glass. You send him a small smile as he opens your door and bends to look at you. His head tilts to this side, and when he lowers to a squat, his brown eyes distract you as he looks up at you.

“You okay? You don’t have to do this if you don’t want to,” he says gently.

“No, I want to. Just- I was thinking too much, I guess,” you reply.

Deacon nods and stands before offering his hand to help you out of your seat. He closes the door and ensures it’s locked before moving his hand to your back to lead you inside.

“Nice to meet you. I’m Hondo,” Hondo says as you enter.

You shake Hondo’s hand and introduce yourself as you follow him further into the station. He doesn’t waste any time as he begins explaining as much as he can about how your boss is involved in the case they’re working.

“We’d like to send you in the get additional details on the office and any other information you can find,” Hondo says. “We’ve got basic floor plans, but we need insider info.”

“She can’t go in alone,” Deacon argues. “We don’t know what he has in that office. If she starts asking questions and he gets suspicious-“

You cut Deacon off by laying a hand on his shoulder and asking, “What if you go in with me? It wouldn’t be that hard for me to lie about who you are; Dupree doesn’t know most of the people who work in the building. Plus, you know what to look for better than I do.”

Hondo looks at Deacon and waits for his reply. You feel Deacon sigh against your hand before agreeing to go into the office with you.

“There’s an employee entrance without metal detectors, but you have to swipe a keycard,” you explain. “They’ll know if you piggyback with me.”

“Our techs can make him a keycard,” Hondo assures. “If you have yours, they can copy parts of it.”

You nod and pass your card to Hondo. He turns and gives it to a passing officer with a few short instructions. Deacon pats your arm as he leaves to change; his uniform isn’t business casual, but he said he'd find something more fitting.

“20 Squad is going to be close by,” Hondo begins. “Deacon can say a word and we’ll be inside, but if you need help and get separated from Deacon, try to get to a window. Signaling for help is easiest with this; just keep it in your pocket or your hand and press the button if you need us.”

You accept the small device and slide it into your pocket. It’s invisible, and you nod as Hondo reassures you everything will be okay.

“I know you can’t tell me what exactly Dupree is doing, but you’re going to catch him, right?” you ask softly.

“Absolutely. Nobody can run from S.W.A.T.”

You scan your keycard and wait for Deacon to do the same before opening the door. The employee entrance is on the side of the building, and you smooth your hands over your hips nervously. When you feel the device Hondo gave you, you relax slightly.

“We’ll walk to my desk, look at a few papers, and then go in?” you suggest as Deacon gestures for you to enter.

“Sounds good,” he agrees.

“The suit looks good,” you mumble as you walk toward the elevator.

Deacon chuckles as the elevator door opens, and you smile as he shakes his head at your flattery. The elevator is quiet, and as you wait to arrive on your floor, you take a few deep breaths. Deacon’s hand finds your lower back, and he rubs small, comforting circles before the door opens.

“Still working on the paperwork issue?” Nola asks when you reach your desk.

“Yeah, we are. This is Ryan from the Santa Monica branch,” you say.

Nola’s eyes narrow at you before she looks at Deacon’s hand. He’s close to you, like always, but you don’t understand her look. You raise your brows, but she only shrugs before looking back at her computer.

“Was it this one?” you ask Deacon.

He takes the blank form from your hand and nods. “Yes, this is the one.”

You return the paper to its rightful place on your desk before leading Deacon down another hallway. Nola’s reaction confused you at first, yet you’re not surprised when Deacon gently grabs your hip to stop you in the hallway.

“I’m sorry,” you whisper.

“It’s fine. Just stay calm and remember our covers. Like you said, Dupree won’t know any difference,” Deacon soothes. “And the team’s waiting for our signal if we need them.”

You nod, and Deacon’s hands raise to your shoulders as he drops his chin to look into your eyes.

“You got this,” he promises.

“I need to discuss an urgent matter with Mr. Dupree,” you inform his secretary. “This is Mr. Ryan Davidson from the Santa Monica branch. There have been some discrepancies with paperwork submitted to their office, which needs Mr. Dupree’s immediate attention.”

His secretary raises the receiver of her desk phone and whispers into it. You turn to look at Deacon, and he tilts his head to the left to signal you to stay calm and wait.

“You can go on in,” the secretary says as she lowers the phone.

Deacon opens the door for you, and you step inside first.

“Hello,” Mr. Dupree greets. He doesn’t pretend to remember your name, you notice. “I heard there’s an issue with some paperwork?”

“Yes, sir,” Deacon says. “I’m Ryan Davidson with the Santa Monica office and we’ve been having issues; receiving incomplete or incorrect paperwork from this branch.”

“My sincerest apologies, Ryan. If you don’t mind, use that laptop there and sign into your account while I bring mine up. We’ll get this sorted.”

You stand back as Deacon walks to the table at the back of the office and opens the laptop. Mr. Dupree didn’t shake his hand, ask for identification, or take other proper steps before jumping to help. It’s suspicious, but probably not what Deacon and his team need.

“What kind of incorrect information have you seen?” Mr. Dupree asks. You open your mouth to answer, and he adds, “Ryan?”

“Financial statements that aren’t matching previous months, for one. Most likely an oversight or adding the same bill twice. Nothing too extreme, just something we need sorted before the end-of-year audits,” Deacon answers.

You raise your eyebrows in surprise at his response. He practically repeated a complaint you shared during your last dinner together.

“Very well. I don’t know why the system is moving so slowly,” Dupree responds. He moves his hand under his desk as Deacon types.

You watch Dupree because Deacon’s team is getting him the access he needs. When you see the handle of a gun gripped in Dupree’s hand, you call, “Gun!” and drop to the floor just before he shoots above your head.

Deacon pulls his own weapon and points it at Dupree as he demands, “Put the gun down. I’m Sergeant Kay, L.A.P.D. S.W.A.T.”

As Deacon speaks, you slowly press your back against the side of Dupree’s desk, where he can’t see you. Deacon’s eyes are on Dupree, but you watch Deacon because you trust him to keep you safe.

“I could put it down,” Dupree says. “But if I angle it like this and pull the trigger, wouldn’t it hit your little friend?”

Deacon glances at you quickly, and you lock eyes before you shift away from the oversized desk.

“One more time: drop the gun,” Deacon repeats.

You can’t see Dupree, but you clap your hands over your ears as you hear two shots. Everything goes quiet, and you lean forward slowly to look for Deacon. He kneels before you and gently pulls your hands away from your head. You let him move you before surging forward to hug him. He welcomes you into his arms as footsteps echo in the hallway outside.

“It’s okay. We got him,” Deacon promises.

You nod against Deacon and allow him to help you stand. Deacon keeps you angled away from Dupree’s desk, and you’re happy to avoid looking.

“Did you get everything you need?” you ask quietly as Street and Luca lead a paramedic inside.

“We did. Are you okay?”

Deacon lays a hand on your shoulder, and his thumb presses gently into your tense muscles as he looks into your eyes.

“Get her out of here. Hondo said you can take the rest of the day. Maybe she can practice for the competition,” Luca calls.

“I think you need the practice more than me,” you reply without turning.

Luca laughs as Deacon wraps an arm around your shoulders and leads you out of the office. He takes you back to your desk to get your things, and Nola rushes to hug you when you enter the open area.

“I heard the shots and was so worried!” she exclaims. “You’re okay?”

“I’m fine,” you promise.

“Then I need you to do something. Go home and ask your neighbor out. Don’t wait too long,” she says.

You nod and return to Deacon’s side. He heard everything from where he was standing, yet doesn’t comment as he helps you into the passenger seat of his car. Once you’re on the road, he fills the silence by asking you questions about what you will cook for your competition with Luca. You know he’s trying to distract you from what happened, and you appreciate it.

Back at the station, you sign some paperwork to receive CI benefits before walking to Deacon’s side. He offers to drive you home and keep you company, which you happily accept. You never like leaving Deacon and don’t want to be alone tonight.

“I waited too long,” Deacon murmurs while walking you out.

You stop and turn to face him as you ask, “For what?”

“What your friend said. I waited too long to ask you out.”

You smile and slide your hand into his. “Did you know that Nola looked at us like that because you were standing really close to me?" Deacon shrugs, and you explain, “I never shut up about you, Deac. I’m in love with you, so she was confused about why I was standing so close to another man.”

“Never?” Deacon repeats playfully.

“You didn’t wait too long, Deac,” you promise.

“I didn’t?”

“Not if you take your chance right now.”

Deacon looks around quickly before yelling, “Hicks! Did you file it yet?”

“No; I’m busy, Deacon,” Hicks answers.

“Can you make her Hondo’s CI?”

Hicks looks between the two of you and rolls his eyes. “Yes, I can.”

When Deacon turns back to you, he doesn’t give you time to speak before he asks, “Will you go out with me?”

“Nothing would make me happier,” you answer.

Your smile grows to match Deacon’s, but he makes it disappear when he pulls you in and kisses you. The sound of clapping makes you open your eyes as you pull back. Hondo leads 20 Squad in a round of applause, and you bury your face in Deacon’s chest to hide your grin and burning embarrassment.

“My CI’s never end up like this,” Hondo jokes.

“Pretty good timing, though, wasn’t it?” Deacon asks as he wraps his arms around you.

You stand wordlessly from the couch and walk past Deacon. He turns to watch you as you enter your bathroom and close the door. It only takes a moment for him to decide to follow you.

“Are you okay?” Deacon asks from outside the door. “And don’t just say you’re fine. We both know you’re not.”

You open the door and lean against the vanity as he walks in. “I feel bad that you had to shoot Dupree. I know he’s fine and he’ll recover, pay for him crimes, and everything. But you probably wouldn’t have done that if I wasn’t there.”

“Don’t think like that. If he had refused to drop the gun or fired again, I would have stopped him. Whether you were there or not. The only thing that was different was how fast I decided to do it; he was threatening you, but that didn’t affect my reaction itself.”

You nod, and Deacon places his hands on the vanity, caging you and keeping you close. “Don’t carry that guilt around,” he requests. “It gets heavy quickly.”

You slip your arms under Deacon’s to circle his waist. Because of your position, you look up at him and ask, “Could I have another kiss to help me overcome all of this guilt?”

Deacon laughs as his hand raises to rub your back. “Anything for my accidental CI.”

“I’m Hondo’s CI,” you remind him.

“But I’m the one that gets to kiss you, so who has the better timing?”

You let your kiss answer the question, and when Deacon pulls you against him to be even closer, you know that the wait was worth it. Though you probably won’t agree to go into the office of a weapon trafficker with him again, you will always be ready to help him when he asks and comfort him when he can’t. Despite how much you loved Deacon when you thought you could only be friends, you feel more love now that you know he feels the same.

#hanna writes✯#david deacon kay x reader #deacon kay x reader #david kay x reader #deacon kay fluff #david deacon kay #deacon kay #fem!reader

181 notes · View notes

thezombieprostitute · 7 months ago

Text

Tech Tuesday: Curtis Everett

Summary: Curtis decides to take the next step and ask if you're willing to meet offline.

A/N: Reader is female. No physical descriptors used.

Warnings: Meeting someone from online, Mentions of past bad experiences. Please let me know if I missed any.

Series Masterlist

"So, what all has been going on with your computer? Did you bring it with you?" Curtis tries to keep his tone calm. He's been eager to meet you in person for months but has worked hard to make sure you feel safe to do so and that means not pushing you into it. He tries to keep his excited fidgeting to a minimum but he's worried it just makes him look even more suspicious. He's so used to keeping his features schooled into a scowl, but that's the last thing he wants to do to you.

"Basically it'll go for a while but then start freezing, stuttering and I have to force it to shut down before I can do anything else," you answer while sipping your coffee. You can't believe his eyes are as blue as the photo he sent. "I tried to see if it was because I was running some heavy duty games and maybe I was using too much RAM. I cleaned up so many programs, uninstalled a bunch of games I don't play anymore, but it just keeps happening."

Curtis rubs his beard as he thinks. "It might be a hardware issue. It's not my strong suit, but I can still take a look. At the very least I can ask my buddy, Mace, for help. He's a whiz with the hardware and could probably get you a good deal if any upgrades are needed."

"Oh yeah, you've talked about him before," you reassure yourself. Having him mention another stranger worried you but Mace has been brought up several times before, especially when Curtis mentioned getting upgraded tech.

"You definitely don't have to meet him," Curtis affirms. "He can be a real grump. And coming from me, that's saying something." He gives a light chuckle as he sips his coffee.

"Snow, I work at a hospital," you counter. "Ain't no kind of grump I haven't had to deal with before." You give Curtis a look that says 'I'm stronger than you'.

Curtis smiles fully, "absolutely fair, Heart." He struggles a little bit to not turn shy. That look, that strength, that self-assured smile has him weak in the knees. "Still," he coughs, trying to regain control of himself. "Still, uh, when...did you bring the computer with you? Would this be an okay time to take a look at it?"

"Friend of mine at the library is keeping an eye on it for me." Best to let him know you've got allies nearby. He hasn't really given anything to make you worry about, but his reactions to your safety protocols could be telling. Of course, if you were expecting him to look scared or upset at this news, Curtis happily defied those expectations as his eyes lit up.

"Oh, that's really smart! We can borrow one of their laptops to run some tests. That way my laptop's settings won't mess with your computer."

You smile, genuinely, for the first time all day. Curtis is very different and you couldn't be happier about it.

"Don't you need your diagnostic software?"

"If it's called for, sure. The basic versions are free to download and they'll help me pick up if it's actually a software issue. Plus, the libraries regularly wipe downloads after use, right?"

"Okay, everything's plugged in so let's get this running and see what happens."

After looking over the hardware Curtis had found no obvious reasons for the failure so you had gone to your friend and loaned out one of the laptops. Curtis's computer bag had an impressive collection of tools, wires and connectors. You always appreciate when a person is prepared.

He works in relative silence and it gives you the chance to really look at him. He's definitely handsome, as Cassandra pointed out when she loaned you laptop. You weren't normally one for lip piercings but it seemed to work well on him, even though it was partially hidden by his beard.

The quiet between you two isn't so uncomfortable. It's how you spent a lot of time when you started gaming together. Talking over comms almost always resulted in a bunch of idiots either hitting on you, calling you a 'fake gamer,' lobbing insults at you, or all three at the same time. Snowpiercer was one of the few gamers who didn't care that you were a girl gamer. For him it was about how well you worked together. Given that the two of you could get high scores without having to talk over comms, it was no wonder the two of you started playing together more and more.

Even after you'd started voice chatting while playing, there was always a level of respect. Something you hadn't gotten from Chase.

Curtis gets out of the chair and gets a closer look at each of the fans, stopping at the one closest to the heat sink. "There it is," he intones. "This fan is dying. It's easy to miss because, by the time you know something's wrong, the whole computer's shut down and all the fans are stopped."

"Well, at least it's an easy fix," you comment. "Thanks for taking a look at it."

"Not a problem at all," he assures. "I'm happy to help."

You smile, "are you always this nice?"

"No," he shakes his head. "Definitely not. I'm not an ass, but I'm definitely not this nice to everyone."

"I'm honored."

He chuckles at that. "Like I said, I'm happy to help you out. You're the best teammate I've ever had and it just isn't as fun paying without you."

"I appreciate that, Curtis. So, what do I owe you?"

"Nothing."

"Don't do that to me, Snow. You know how I feel about owing people." It was a wound from Chase that had yet to heal. His use of favors as manipulation made you wary of anyone who said you don't owe anything.

Curtis sighs and nods. "Tell you what, there are some pastries at that coffee shop we were at that I avoided because I didn't want you to see me covered in crumbs. Wouldn't make for a good first impression." You smile at the thought. "Just get me a couple of those while I shut everything down here and return the laptop?"

"Deal." You stand to get moving but turn to him before you leave, "and thank you, again. Not just for the computer fix, but for...for respecting the boundaries."

He looks at you with those gorgeous blue eyes, "not a problem."

Tech Tuesday Masterlist

Tagging @alicedopey; @delicatebarness; @ellethespaceunicorn; @icefrozendeadlyqueen; @jaqui-has-a-conspiracy-theory;

@late-to-the-party-81; @lokislady82 ; @peyton-warren @ronearoundblindly; @stellar-solar-flare

#tech tuesday #tech tuesday: curtis everett #curtis everett x reader #curtis everett x nurse!reader #curtis everett x female!reader

55 notes · View notes

machine-saint · 4 months ago

Text

licensing all my posts under the GPL from now on

GNU GENERAL PUBLIC LICENSE

Version 3, 29 June 2007

Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.

Preamble

The GNU General Public License is a free, copyleft license for software and other kinds of works.

The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.

When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.

To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.

For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.

Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.

For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.

Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.

Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.

The precise terms and conditions for copying, distribution and modification follow.

TERMS AND CONDITIONS

0. Definitions.

"This License" refers to version 3 of the GNU General Public License.

"Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.

"The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations.

To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work.

A "covered work" means either the unmodified Program or a work based on the Program.

To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.

To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.

An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.

1. Source Code.

The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work.

A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.

The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.

The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.

The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.

The Corresponding Source for a work in source code form is that same work.

2. Basic Permissions.

All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.

You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.

Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.

3. Protecting Users' Legal Rights From Anti-Circumvention Law.

No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.

When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.

4. Conveying Verbatim Copies.

You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.

You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.

5. Conveying Modified Source Versions.

You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:

a) The work must carry prominent notices stating that you modified it, and giving a relevant date.

b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices".

c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.

d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.

A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.

6. Conveying Non-Source Forms.

You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:

a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.

b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.

c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.

d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.

e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.

A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.

A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.

"Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.

If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).

The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.

Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.

7. Additional Terms.

"Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.

When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.

Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:

a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or

b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or

c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or

d) Limiting the use for publicity purposes of names of licensors or authors of the material; or

e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or

f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.

All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.

If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.

Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.

8. Termination.

You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).

However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.

Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.

Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.

9. Acceptance Not Required for Having Copies.

You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.

10. Automatic Licensing of Downstream Recipients.

Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.

An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.

You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.

11. Patents.

A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version".

A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.

Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.

In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.

If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.

If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.

A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.

Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.

12. No Surrender of Others' Freedom.

If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.

13. Use with the GNU Affero General Public License.

Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.

14. Revised Versions of this License.

The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.

Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.

If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.

Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.

15. Disclaimer of Warranty.

THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

16. Limitation of Liability.

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

17. Interpretation of Sections 15 and 16.

If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.

36 notes · View notes

dreaminginthedeepsouth · 5 months ago

Text

LETTERS FROM AN AMERICAN

February 4, 2025

Heather Cox Richardson

Feb 05, 2025

Shortly after 1:00 this morning, Vittoria Elliott, Dhruv Mehrotra, Leah Feiger, and Tim Marchman of Wired reported that, according to three of their sources, “[a] 25-year-old engineer named Marko Elez, who previously worked for two Elon Musk companies [SpaceX and X], has direct access to Treasury Department systems responsible for nearly all payments made by the US government.”

According to the reporters, Elez apparently has the privileges to write code on the programs at the Bureau of Fiscal Service that control more than 20% of the U.S. economy, including government payments of veterans’ benefits, Social Security benefits, and veterans’ pay. The admin privileges he has typically permit a user “to log in to servers through secure shell access, navigate the entire file system, change user permissions, and delete or modify critical files. That could allow someone to bypass the security measures of, and potentially cause irreversible changes to, the very systems they have access to.”

“If you would have asked me a week ago” if an outsider could’ve been given access to a government server, one federal IT worker told the Wired reporters, “I'd have told you that this kind of thing would never in a million years happen. But now, who the f*ck knows."

The reporters note that control of the Bureau of Fiscal Service computers could enable someone to cut off monies to specific agencies or even individuals. “Will DOGE cut funding to programs approved by Congress that Donald Trump decides he doesn’t like?” asked Senator Chuck Schumer (D-NY) yesterday. “What about cancer research? Food banks? School lunches? Veterans aid? Literacy programs? Small business loans?”

Josh Marshall of Talking Points Memo reported that his sources said that Elez and possibly others got full admin access to the Treasury computers on Friday, January 31, and that he—or they—have “already made extensive changes to the code base for the payment system.” They are leaning on existing staff in the agency for help, which those workers have provided reluctantly in hopes of keeping the entire system from crashing. Marshall reports those staffers are “freaking out.” The system is due to undergo a migration to another system this weekend; how the changes will interact with that long-planned migration is unclear.

The changes, Marshall’s sources tell him, “all seem to relate to creating new paths to block payments and possibly leave less visibility into what has been blocked.”

Both Wired and the New York Times reported yesterday that Musk’s team intends to cut government workers and to use artificial intelligence, or AI, to make budget cuts and to find waste and abuse in the federal government.

Today Jason Koebler, Joseph Cox, and Emanuel Maiberg of 404 Media reported that they had obtained the audio of a meeting held Monday by Thomas Shedd for government technology workers. Shedd is a former Musk employee at Tesla who is now leading the General Services Administration’s Technology Transformation Services (TTS), the team that is recoding the government programs.

At the meeting, Shedd told government workers that “things are going to get intense” as his team creates “AI coding agents” to write software that would, for example, change the way logging into the government systems works. Currently, that software cannot access any information about individuals; as the reporters note, login.gov currently assures users that it “does not affect or have any information related to the specific agency you are trying to access.”

But Shedd said they were working through how to change that login “to further identify individuals and detect and prevent fraud.”

When a government employee pointed out that the Privacy Act makes it illegal for agencies to share personal information without consent, Shedd appeared unfazed by the idea they were trying something illegal. “The idea would be that folks would give consent to help with the login flow, but again, that's an example of something that we have a vision, that needs [to be] worked on, and needs clarified. And if we hit a roadblock, then we hit a roadblock. But we still should push forward and see what we can do.”

A government employee told Koebler, Cox, and Maiberg that using AI coding agents is a major security risk. “Government software is concerned with things like foreign adversaries attempting to insert backdoors into government code. With code generated by AI, it seems possible that security vulnerabilities could be introduced unintentionally. Or could be introduced intentionally via an AI-related exploit that creates obfuscated code that includes vulnerabilities that might expose the data of American citizens or of national security importance.”

A blizzard of lawsuits has greeted Musk’s campaign and other Trump administration efforts to undermine Congress. Today, Senator Chuck Schumer (D-NY) and Representative Hakeem Jeffries (D-NY), the minority leaders in their respective chambers, announced they were introducing legislation to stop Musk’s unlawful actions in the Treasury’s payment systems and to protect Americans, calling it “Stop the Steal,” a play on Trump’s false claims that the 2020 presidential election was stolen.

This evening, Democratic lawmakers and hundreds of protesters rallied at the Treasury Department to take a stand against Musk’s hostile takeover of the U.S. Treasury payment system. “Nobody Elected Elon,” their signs read. “He has access to all our information, our Social Security numbers, the federal payment system,” Representative Maxwell Frost (D-FL) said. “What’s going to stop him from stealing taxpayer money?”

Tonight, the Washington Post noted that Musk’s actions “appear to violate federal law.” David Super of Georgetown Law School told journalists Jeff Stein, Dan Diamond, Faiz Siddiqui, Cat Zakrzewski, Hannah Natanson, and Jacqueline Alemany: “So many of these things are so wildly illegal that I think they’re playing a quantity game and assuming the system can’t react to all this illegality at once.”

Musk’s takeover of the U.S. government to override Congress and dictate what programs he considers worthwhile is a logical outcome of forty years of Republican rhetoric. After World War II, members of both political parties agreed that the government should regulate business, provide a basic social safety net, promote infrastructure, and protect civil rights. The idea was to use tax dollars to create national wealth. The government would hold the economic playing field level by protecting every American’s access to education, healthcare, transportation and communication, employment, and resources so that anyone could work hard and rise to prosperity.

Businessmen who opposed regulation and taxes tried to convince voters to abandon this system but had no luck. The liberal consensus—“liberal” because it used the government to protect individual freedom, and “consensus” because it enjoyed wide support—won the votes of members of both major political parties.

But those opposed to the liberal consensus gained traction after the Supreme Court’s 1954 Brown v. Board of Education of Topeka, Kansas, decision declared segregation in the public schools unconstitutional. Three years later, in 1957, President Dwight D. Eisenhower, a Republican, sent troops to help desegregate Central High School in Little Rock, Arkansas. Those trying to tear apart the liberal consensus used the crisis to warn voters that the programs in place to help all Americans build the nation as they rose to prosperity were really an attempt to redistribute cash from white taxpayers to undeserving racial minorities, especially Black Americans. Such programs were, opponents insisted, a form of socialism, or even communism.

That argument worked to undermine white support for the liberal consensus. Over the years, Republican voters increasingly abandoned the idea of using tax money to help Americans build wealth.

When majorities continued to support the liberal consensus, Republicans responded by suppressing the vote, rigging the system through gerrymandering, and flooding our political system with dark money and using right-wing media to push propaganda. Republicans came to believe that they were the only legitimate lawmakers in the nation; when Democrats won, the election must have been rigged. Even so, they were unable to destroy the post–World War II government completely because policies like the destruction of Social Security and Medicaid, or the elimination of the Department of Education, remained unpopular.

Now, MAGA Republicans in charge of the government have made it clear they intend to get rid of that government once and for all. Trump’s nominee to direct the Office of Management and Budget, Russell Vought, was a key architect of Project 2025, which called for dramatically reducing the power of Congress and the United States civil service. Vought has referred to career civil servants as “villains” and called for ending funding for most government programs. “The stark reality in America is that we are in the late stages of a complete Marxist takeover of the country,” he said recently.

In the name of combatting diversity, equity, and inclusion programs, the Trump administration is taking down websites of information paid for with tax dollars, slashing programs that advance health and science, ending investments in infrastructure, trying to end foreign aid, working to eliminate the Department of Education, and so on. Today the administration offered buyouts to all the people who work at the Central Intelligence Agency, saying that anyone who opposes Trump’s policies should leave. Today, Musk’s people entered the headquarters of the National Oceanic and Atmospheric Administration (NOAA), which provides daily weather and wind predictions; cutting NOAA and privatizing its services is listed as a priority in Project 2025.

Stunningly, Secretary of State Marco Rubio announced today that the U.S. has made a deal with El Salvador to send deportees of any nationality—including U.S. citizens, which would be wildly unconstitutional—for imprisonment in that nation’s 40,000-person Terrorism Confinement Center, for a fee that would pay for El Salvador’s prison system.

Tonight the Senate confirmed Trump loyalist Pam Bondi as attorney general. Bondi is an election denier who refuses to say that Trump lost the 2020 presidential election. As Matt Cohen of Democracy Docket noted, a coalition of more than 300 civil rights groups urged senators to vote against her confirmation because of her opposition to LGBTQ rights, immigrants’ rights, and reproductive rights, and her record of anti-voting activities. The vote was along party lines except for Senator John Fetterman (D-PA), who crossed over to vote in favor.

Musk’s so-called Department of Government Efficiency is the logical outcome of the mentality that the government should not enable Americans to create wealth but rather should put cash in the pockets of a few elites. Far from representing a majority, Musk is unelected, and he is slashing through the government programs he opposes. With full control of both chambers of Congress, Republicans could cut those parts themselves, but such cuts would be too unpopular ever to pass. So, instead, Musk is single-handedly slashing through the government Americans have built over the past 90 years.

Now, MAGA voters are about to discover that the wide-ranging cuts he claims to be making to end diversity, equity, and inclusion (DEI) programs skewer them as well as their neighbors. Attracting white voters with racism was always a tool to end the liberal consensus that worked for everyone, and if Musk’s cuts stand, the U.S. is about to learn that lesson the hard way.

In yet another bombshell, after meeting with Israeli prime minister Benjamin Netanyahu, Trump told reporters tonight that the U.S. “will take over the Gaza Strip,” and suggested sending troops to make that happen. “We’ll own it,” he said. “We’re going to take over that piece, develop it and create thousands and thousands of jobs, and it will be something the entire Middle East can be proud of.” It could become “the Riviera of the Middle East,” he said.

Reaction has been swift and incredulous. Senator Tim Kaine (D-VA), who sits on the Foreign Relations Committee, called the plan “deranged” and “nuts.” Another Foreign Relations Committee member, Senator Chris Coons (D-DE), said he was “speechless,” adding: “That’s insane.” While MAGA representative Nancy Mace (R-SC) posted in support, “Let’s turn Gaza into Mar-a-Lago,” Senator Thom Tillis (R-NC) told NBC News reporters Frank Thorp V and Raquel Coronell Uribe that there were “a few kinks in that slinky,” a reference to a spring toy that fails if it gets bent.

Senator Chris Murphy (D-CT) suggested that Trump was trying to distract people from “the real story—the billionaires seizing government to steal from regular people.”

LETTERS FROM AN AMERICAN

HEATHER COX RICHARDSON

#Heather Cox Richardson #Letters From An American #Right Wing Coup #Musk #TFG #Gaza #history #American History #the US Treasury #treasury department #MAGA #here we go folks

50 notes · View notes