Erik McClure

[programmers frantically pulling cables out of the wall]

AI: "Nuclear power. Double teachers' salaries. Build more houses. Distribute food more fairly. TRAINS—"

— qntmyrrh (@qntm) November 24, 2023

I remember growing up with that same old adage of how you could be the next scientist to invent a cure for cancer, or a solution to climate change, or whatever. What they don’t tell you is that we already have solutions for a lot of problems, we just don’t use them. Sometimes this is because the solution is too expensive, but usually it’s because competing interests create a tragedy of the commons. Most problems in the modern age aren’t complicated engineering problems, they’re the same problem: coordination failure.

It was recently unveiled that basically every single UEFI SecureBoot implementation ever made can be bypassed with a malicious image file. This means that any manufacturer that allows the user to customize the boot image is now vulnerable to a complete bypass of SecureBoot and Intel Boot Guard. Luckily, the fix for this is pretty simple: don’t make the logo customizable. But how did something this absurd happen in the first place?

The results from our fuzzing and subsequent bug triaging unequivocally say that none of these image parsers were ever tested by IBVs or OEMs. We can confidently say this because we found crashes in almost every parser we tested. Moreover, the fuzzer was able to find the first crashes after running just for a few seconds and, even worse, certain parsers were crashing on valid images found on the Internet. — binarly.io

It’s pretty obvious what happened, actually. The image parsers were written with the assumption they’d only ever need to load an image file provided by the manufacturer. When this assumption was violated, all hell broke loose, because we don’t test software anymore. None of this happened because engineering is hard. None of this happened because of some tricky, subtle bug. It happened because the people writing the image parsers made an incredibly stupid mistake and then didn’t bother testing it, because the software industry doesn’t bother with QA anymore. Thus, there was no swiss cheese. There was just one slice of cheese with a gaping hole in it, because it turns out that some manufacturers decided to let users customize their boot image, thinking it would be harmless, and that by itself was enough to wreak havoc.

Every layer of this problem is a different flavor of coordination failure. No one on the team who implemented this either thought that there might need to be a warning about untrusted images, or whoever did bring it up was ignored because it was supposed to be handled by another team. Except whoever was supposed to put in a warning about this either wasn’t told, or buried it inside a technical document nobody ever reads. The vendors who decided to implement user-customizable boot logos didn’t ask whether this would be a problem, or weren’t told about it.

And nobody, not a single layer in this clown train, implemented a proper QA or pentesting process that could have caught this bug, because we just don’t bother testing anything anymore. Our economic incentives have somehow managed to incentivize building the worst possible piece of shit that still technically works. We know how to avoid this situation. We have decades of experience building in-depth QA processes that we are simply ignoring. We could fix this, we just don’t.

This is not exclusive to software, as this fantastic video about the popcorn button explains. Our economic race to the bottom has been sabotaging almost every aspect of engineering in our society. To save a few cents per microwave, the cheap microwaves don’t include a humidity sensor and then lie about having a popcorn button when it can’t actually work properly, which leads to everyone saying “don’t use the popcorn button” and now nobody uses the popcorn buttons even on microwaves that actually have a humidity sensor and a working popcorn button. The cheapskates control the supply chain now. They have pissed in the proverbial pool, and if this sounds familiar, that’s because it’s a classic example of the Tragedy of the Commons.

Except, that’s not an excuse. What’s truly absurd is that the tragedy of the commons isn’t inevitable. We know this because ancient human tribes managed to navigate responsible utilization of common resources all the time. It has no historical basis whatsoever. The tragedy of the commons only happens when you have a total failure of collective action. It is the original symptom of societal enshittification.

[...] many nomadic pastoralist societies of Africa and the Middle East in fact "balanced local stocking ratios against seasonal rangeland conditions in ways that were ecologically sound", reflecting a desire for lower risk rather than higher profit...

We actually have a cure for blood cancer now, by the way. Like, we’ve done it. It’s likely that a similar form of immunotherapy will generalize to most forms of cancer. Unfortunately, the only approved gene therapy we have is for sickle-cell disease and costs $2 million per patient, so most people in America simply assume they will never be able to afford any of these treatments, even if they were dying of cancer, because insurance will never cover it. This is actually really bad, because if nobody can afford the treatment, then biotech companies won’t bother investing into it, because it’s not profitable! We have built a society that can’t properly incentivize CURING CANCER. This is despite the fact that socialized healthcare is a proven effective strategy (as long as the government doesn’t sabotage it). We could fix this, we just don’t.

Some people try to complain that this happens because democracy is hard, or whatever, and they’re also wrong. We know exactly what’s wrong with our current voting systems and CGP Grey even put out a video on it 13 fucking years ago. It inevitably results in a two-party system, because strategic voting is rational behavior, and you can’t break out of this two-party system because of the spoiler effect, and the solution is Ranked Choice Voting (or the Alternative Vote). If you want to go further and address gerrymandering you can use the Single Transferable Vote. All of these better systems were proposed decades ago. We have implemented exactly none of them for the presidential election (except for Maine and Alaska). In fact, America still uses the electoral vote system, which is strictly worse than the popular vote, we all know it’s worse, and we even have a potential solution but we still can’t get rid of it due to counterproductive societal interests.

We HAVE solutions for these problems. We just don’t use them. We could be running fiber-optic cable to every house in America, and we even know how much it would cost. We just don’t because we gave the money to corporations who then used none of it and instead paid themselves huge bonuses. We know that automation is chipping away at low-skill jobs, which means our workforce needs to be better educated, and that providing free college to everyone would be a good idea, we just don’t. We know how to build interstate high-speed commuter rail, we just don’t (although Biden is trying). We could fix everything, we just don’t.

We have no excuses anymore. None of these are novel or difficult problems, not even the tragedy of the commons. We can do better. We don’t need AI to fix things. We don’t need new technology to solve these problems. We already know how to do better, we’ve just dug ourselves into a cooperation slump that’s so bad we can’t even implement solutions we already know about, let alone invent new ones. We’re in this hole simply because society is run by people who are incentivized to sabotage cooperation in the name of profits. That’s it.

It’s January 1st of the new year, and with all these people wishing each other a “better year”, I am here to remind you that it will only get worse unless we do something. Society getting worse is not something you are hallucinating. It cannot be fixed by you biking to work, or winning the lottery. We are running on the fumes of our wild technological progress of the past 100 years, and our inability to build social systems that can cooperate will destroy civilization as we know it, unless we do something about it.

We live in what is perhaps the most critical turning point in all of human history, and we’re on a ship that has drifted far off course. The rapid current of technology means that we are swept along faster and faster, making it exponentially harder to steer away from the icebergs ahead of us. We must address our coordination failures. We must build systems that foster better cooperation, or this century won’t be a turning point for humanity, it will be the end of humanity.

"All that would remain of us would be a thin layer in some future rock face. This is the future we must avoid at all costs." — John D. Boswell (melodysheep)

I originally posted an even more snarky response to this, but later deleted it when I realized they were just a teenager. Kids do not have decades of experience with buggy drivers, infuriating edge-cases, and broken promises necessary to understand and contribute to the underlying debate here (nor do they have the social context to know that Xe and I were just joking with each other). Of course, they also don’t know that it’s generally considered poor taste to interject like this, as it tends to annoy everyone and almost always fails to take into consideration the greater context in which someone might be using Windows, or Mac, or TikTok, or Twitter, or whatever corporate hellscape they are trapped in. The thing is, there’s always a reason. You might not like the reason, but there is usually a reason someone has locked themselves inside the Apple ecosystem, or subjected themselves to Twitter, or tried to eke a living from beneath the lovecraftian whims of YouTube’s recommendation algorithm.

People can only care about so much.

They can’t care about everything. You might think something is important, and it probably is, but… so is everything else. Everything matters to someone, and everything is important to society in general to some degree. Some people think that YouTube isn’t very important, but they’re objectively wrong, as YouTube creators reach billions of people. They change people’s lives on a daily basis. We could argue about how important art and music and creativity is to society, yet observe that our capitalist hellhole treats creatives as little more than wage slaves, but then we’d be here all day.

As this blog post bemoaning the loss of Bandcamp explains, They Can And Will Ruin Everything You Love. The only thing that is important to the money vultures is… money. The only people who can build another Bandcamp are people who believe it’s important. I particularly care about the Bandcamp debacle because one of my hobbies is writing music, and I prefer selling it on Bandcamp. If Bandcamp dies, I will no longer have anywhere to offer downloadable lossless versions of my songs. Everything has devolved into shitty streaming services, and there’s nothing I can do about it. I’m too busy fixing everything else that’s broken, there’s no time for me to build a Bandcamp alternative and I’m terrible at web development anyway. Don’t get me started on whether the new solution should be FOSS, because some people believe FOSS is important, and they’d be right! Just look at Cory Doctorow’s talk about enshittification and how proprietary platforms are squeezing the life out of us.

Everything is important!!!

…But I can’t care about everything. You can’t care about everything either, you have to pick your battles. No, that’s too many battles, put some back. That’s still too many battles. You only have 16 waking hours every day to do anything. You have to pick something, and everything you care about has a cost. When everything is important, nothing happens. No websites are created. No projects are built. No progress is made. We simply sit around, bikeshedding over whose pet issue is the most important. There are always trade-offs, and sometimes you can make the wrong ones:

If I had a dollar every time I saw an "open source" project vaguely recreate a handful of surface-level features of some commercial solution then go "there you have it folks, YOU'RE FREE" while Nothing Actually Works, I would be able to, like, pay rent with it.

— fasterthanlime (@fasterthanlime) October 19, 2023

As the corresponding blog post later elaborates on, when you are 19 / still a student / unemployed, time is all you have to spend. It can be easy to forget how valuable time is to some people. Even if I won’t touch Apple devices with a 10-foot-pole, I can understand why people use them. If all your use cases fall inside Apple’s supported list of behaviors, it can be great to have devices that just work (assuming you can afford them, of course). On the other hand, while I prefer Windows, I know many people who use Linux because Windows either won’t let them do what they want, or literally just doesn’t even work. They are willing to put in the time and effort to make their linux machines work just the way they want, and to maintain them, and occasionally do batshit insane source-code patches that I hopefully will never have to do in my life, because it’s important to them.

Back when I was still writing fiction, I got a great comment from an editor who said something along the lines of “writing should be fun, you should only pursue perfection as far as you enjoy.” You can spend your entire life chasing perfection, but you’ll never reach it, and at some point you have to ship something. I’ve been trying to finish up some songs for an album recently and I’ve had to rely on formulaic crutches more than I want to, because at the end of the day, it’s just a hobby, and I simply don’t have the time to be as experimental as I want. My choice is to either release an okay song, or none at all. You can tell where I was hopelessly chasing an unattainable goal for over two years when my output completely stops:

Everyone has to make trade-offs, and it can take time to figure out which ones are right for you. Not everyone can contribute to your particular social cause. When you ask someone to care about something, you are implicitly asking them to stop caring about something else, because they have a finite amount of time. They can’t do everything. In order to help you, they must give up something else. Is it grocery shopping? Time to cook? Time to sleep? A social gathering? Playtime with their children?

By no means should you stop asking people to care about something, that part is kind of important. Raising awareness allows individuals to make informed decisions about what trade-offs they are making with their time. However, if someone says they aren’t interested in something you care about… it’s because they have different priorities, and the trade-offs didn’t make sense. Maybe they care more about adding a feature to a 50 year old programming language, and thank goodness they did, because would you have cared enough to put up with this nonsense?

Your time is precious. Other people’s time, doubly so. Mind it well.

Discord’s Recent Announcement made a lot of people mad, mostly because of Hyrum’s Law - users were relying on unintended observable behavior in the original username system, and are mad that their use-cases are being broken despite very good evidence that the current system is problematic. I think the major issue here is that Discord didn’t go far enough, and as a result, it’s confusing users who are unaware of the technical and practical reasons for the username change, or what a username is even for.

There are several issues being brought up with the username change. One is that users are very upset about usernames being ascii-only alphanumeric, presumably because they do not realize that Discord is only ever going to show their usernames for the purposes of adding friends. Their Display Name is what everyone will normally see, which can be any arbitrary unicode. Discord only spent a single sentence mentioning the problem with someone’s username being written in 𝕨𝕚𝕕𝕖 𝕥𝕖𝕩𝕥 and I think a lot of users missed just how big of a problem this is. Any kind of strange character in a username would be liable to render it completely unsearchable, could easily get corrupted when sent over ascii-only text mediums, and essentially had to be copy+pasted verbatim or it wouldn’t work.

However, some users wanted to be unsearchable, because they had stalkers or were very popular and didn’t want random people finding their discord account. Discriminators and case-sensitivity essentially created a searchability problem which users were utilizing on purpose to make it harder for people to search them. The solution to this is extremely simple, and was in fact a feature of many early chat apps: let the user turn off the ability for people to search for their username. That’s what people actually want.

What discord is trying to do, and communicating incredibly poorly, is transform usernames into friend codes. They say this in a very roundabout way for some reason, and they are also allowing people to essentially reserve custom friend codes. This is silly. Discord should instead replace usernames with friend codes, and provide an opt-in fuzzy search mechanism that tries to find someone based on their Display Name, if users want to be discoverable that way. Discord should let you either regenerate or completely disable your own friend code, if users don’t want random people trying to friend them.

What makes this so silly is that nothing is preventing discord from doing this, because you log in with your e-mail anyway! By replacing usernames with display names, Discord has removed all functionality from them aside from friend codes, so they should just turn usernames into friend codes and stop confusing everyone so much. There is absolutely no reason a user should have to keep track of their username, display name, and server specific nicknames, and letting users reserve custom friend codes is never going to work, because everyone is going to fight over common friend codes. Force the friend codes to be random 10-digit alphanumeric strings. Stop pretending they should be anything else. Stop letting people reserve specific ones.

There is one exception to this that I would tolerate: a custom profile URL. If you wanted to allow people with nitro to, for whatever reason, pay to have a special URL that linked to their profile, this could be done on a first-come first-serve basis, and it would be pretty obvious to everyone why it had to be unique and an ascii-compatible URL.

I’m really tired of companies making a decision for good engineering reasons, and then implementing that decision in the most confusing way possible and blaming anyone who complains as luddites who hate change. There are better ways to communicate these kinds of changes. If your users are confused and angry about it, then it’s your fault, not theirs.

Death: No. Humans need fantasy to be human. To be the place where the falling angel meets the rising ape.
Susan: With tooth fairies? Hogfathers?
Death: Yes. As practice, you have to start out learning to believe the little lies.
Susan: So we can believe the big ones?
Death: Yes. Justice, mercy, duty. That sort of thing.

I want to start this by saying that I am in favor of a wealth tax. We should be increasing taxes on the wealthy and raising minimum wage, because we know that steadily increasing the relative buying power of the poor is the best way to improve an economy. However, none of this happens in a vacuum. When we talk about income equality, I have become distressed at the amount of ignorance on display about the economy, systemic societal problems, and even what money actually is.

One Pixel Wealth is a webpage from 2021 that helps visualize how truly insane the amount of wealth that the richest people have actually is. While the visualization is great at putting in perspective just how much Jeff Bezos’ wealth is on paper, it links to a refutation of the Paper Billionaire Argument to dispute the idea that Jeff Bezos doesn’t really have that much money in liquid assets. The paper billionaire argument is that, because most wealth is in stocks or bonds, selling it all at once would flood the market and crater the total value of those assets.

The proposed counter-argument is incredibly bad. It demonstrates a total lack of understanding about macro-economic forces. Ironically, this is because it cannot appreciate the scale of its own arguments, the exact issue that One Pixel Wealth is trying to address. Let me paraphrase the key points in this counter-argument:

1. The Paper Billionaire argument doesn’t work, because you can liquidate the wealth over time in a controlled sell-off, which executives do regularly.
2. Given that $122 trillion worth of stock changes hands in the US every year, you could liquidate a trillion dollars over five years and only constitute 0.16% of all the trading.
3. Because 50% of all US households own stock, you will always be able find people to buy the stock the billionaires are selling, it’s not just other billionaires that will buy it.
4. Even if the paper bilionaire argument was true, if selling all the stock would lose 80% of it’s value, that would leave behind $700 billion.

To start, #1 and #2 don’t work for a very simple reason: A stock’s value represents the market’s confidence in the stock producing future value. Owning stock, in some circumstances, is interpreted as having confidence in that future value. If the market loses confidence in your company, it doesn’t matter what assets you have, your stock price will crater if the market thinks you’ll start losing money. If the CEO starts liquidating their position (which they must state their intention to sell stock ahead of time, years before it completes), the market will panic and the stock price will implode at the mere announcement of the liquidation, let alone actually selling any stock. Elon Musk right now should make it painfully obvious that he was only ever the richest man in the world on paper, because he just lost $107 billion dollars this year! He only bought Twitter for $44 billion! You simply cannot make the combined GDPs of Bulgaria, Croatia, Iceland and Uruguay evaporate if that money was actually real in any sense.

Money does not represent physical assets. Money is supposed to represent human labor, and there is a fixed amount of human labor available on the planet. When someone dies or is incapacitated, it goes down. When someone graduates into the labor force, or becomes more skilled, it goes up. In ancient times, “human labor” was heavily correlated to how much physical activity someone could do, like lifting things or harvesting food. However, our modern economy is dominated by specialist jobs done by highly skilled laborers. So for the sake of analysis, we can say that the GDP of the entire planet should ideally represent the maximum amount of labor the entire human race could do, if we assigned everyone to the job they are most qualified for. We could then increase the total amount of labor we can do by either building machines or improving our skills.

This leads into why point #3 is complete nonsense. It reminds me of when Ben Shapiro, when talking about climate change, asked “you think that people aren’t going to just sell their homes and move?”

The entire point of wealth inequality is that the top 1% holds more money than the entire middle-class. That’s literally the problem! How can everyone else possibly buy all the stock the billionaires are selling if it would require all of their savings? Who are you selling the stocks to?! This isn’t how money works! One Pixel Wealth even tries to claim that if we just gave all the poor people in america a bunch of money it would fix poverty, while linking to a study that only applies to local economies. The world’s largest economy is NOT a local economy! These measures only work when the global economy can absorb the difference, which means making changes gradually or in small, localized areas.

Of course, even if you somehow magically liquidated all your assets and acquired $700 billion dollars in real, liquid cash, it’s not actually $700 billion dollars. It’s like saying that there are gold asteroids worth $10000 quadrillion dollars - the value would plummet if you actually had that much gold. Since money represents human labor, which is a limited resource, simply having more money does not let you do more things. $700 billion dollars is enough to hire 12 billion people for 1 day working at minimum wage ($7.25), but you can’t actually do that, because there’s only 7.8 billion people in the entire world. Having $700 billion in liquid assets would decrease the value of money itself. That’s what inflation is. People claim that some billions of dollars will be enough to eradicate malaria or provide drinking water to everyone, but it’s never that simple because these are always geopolitical issues. Bill Gates has donated billions of dollars since 2005 towards fighting malaria and we only got a vaccine 16 years later. We’re surrounded by so many dumb problems we can solve with more money that we’ve forgetten that some problems are really, truly, fundamentally difficult problems that cannot be solved by throwing money at them. At some point there are just too many cooks in the kitchen.

Note that this labor distribution problem applies to liquid assets, which is one theory on why inflation had (until 2021), remained fairly low despite the amount of wealth increasing to ridiculous amounts. Wealthy people are acting as gigantic money sinks - by absorbing all of the “money”, the actual amount of real, liquid cash in the economy increased at a modest rate, so inflation remained stable. Now, inflation has started to skyrocket in 2022, and some people blame the stimulus payments, but the reality is that the low interest rates during the pandemic, combined with other complex macroeconomic forces, likely caused it, although nobody knows for sure. If wealthy people started actually spending all their money at once, as people seem to want them to do, the amount of liquid assets would skyrocket and so would inflation.

I keep saying that money is supposed to represent human labor, because it’s really an approximation. Someone can be more productive at one job than another, so the amount of human labor is not a knowable value in the first place. Instead, it helps to think of money as representing percieved power imbalance (conservatives often make the mistake of thinking it represents actual power imbalance, which it does not). This power imbalance can come from economic, diplomatic, or military factors. Basically, money is just the current state of global geopolitics. You cannot fight wealth inequality by just redistributing money. Simply taking money from rich people does not fix the systemic issues that created the power imbalance in the first place, because it’s not actually wealth inequality, it’s power inequality, and that is a political issue, not economic. Money is simply our way of quantifying that imbalance. The government’s unwillingness to tax rich people is because of the power imbalance, not the cause of it. If politicians are unwilling to go after rich people, it’s because those rich people hold an alarming amount of sway over politicians, which makes them keys to power.

It means that we have allowed power to accumulate in dangerously high concentrations, and we need to deal with this at a political level before we get an economic solution. We must elect leaders that help tackle power inequality (like break up huge corporations) before we can make progress on wealth inequality. Basically, go vote.

You can’t have a 4-slot GPU. You just can’t.

We have finally left sanity behind, with nvidia’s 4000 series cards yielding a “clown car” of absurd GPU designs, as GamersNexus put it. These cards are so huge they need “GPU Support Sticks”, which are an actual real thing now. The fact that we insist on relegating the GPU to interfacing with the system while hanging off of a single, increasingly absurd PCIe 6.0 x16 slot that can push 128 GBps is completely insane. There is no real ability to just pick the GPU you want and then pair it with a cooler that is actually attached to the motherboard. The entire cooling solution has to be in the card itself and we are fast reaching the practical limitations here due to gravity and the laws of physics. Top-heavy GPUs are now essentially giant levers pulling on the PCIe slot, with the only possible anchor point that is above the center of mass being the bracket on one side.

A 4090 series card will demand a whopping 450 W, which dwarfs the Ryzen 9 5900X peak power consumption of only 140 W. That’s over 3 times as much power! The graphics card is now drawing more power than the entire rest of the computer! We’ll have to wait for benchmarks to be sure, but the laws of thermodynamics suggest that the GPU will now also be producing more heat than every other component of the PC, combined. And this is the thing we have hanging off of a PCIe slot that doesn’t have any other way of mounting a cooling solution to the motherboard?!

What the FUCK are we doing?!

Look, I’m not a hardware guy. I just write all the shader code that makes GPUs cry. I don’t actually know how we should fix this problem, because I don’t know what designs are thermally efficient or not. I do know, however, that something has to change. Maybe we can make motherboards with a GPU slot next to the CPU slot and have a unified massive radiator sitting on top of them - or maybe it’s a better idea to put the two processor units on opposite ends of the board. I don’t know, just do something so I can use a cooling solution that is actually screwed into the fucking motherboard instead of requiring a “GPU Support Stick” so gravity doesn’t rip it out of the PCIe slot.

As an example of alternative solutions, here is an MXM form-factor for laptops that allow them to provide custom cooling solutions appropriate for the laptop.

In fact, the PCIe spec itself actually contains a rear-bracket mount that, if anyone was paying attention, would help address this problem:

See that funky looking metal thing labeled “2” on the diagram? That sure looks like a good alternative to a “support stick” if anyone ever actually paid attention to the spec. Or maybe this second bracket doesn’t work very well and we need to rethink how motherboards work entirely. Should we have GPU VRAM slots alongside CPU RAM slots? Is that even possible? (Nope.) Or maybe we can come up with an alternative form factor for GPU cards that you can actually attach to the motherboard with screws?

I have no idea what is or isn’t practical, but please, just do something before the GPUs collapse under their own gravity and create strange new forms of matter inside my PC case.