I was under the vague impression that a number of Russian software companies had basically relocated to Armenia so as to not deal with sanctions stuff. Which was a good deal for Armenia, since they had a bunch of tech companies suddenly materialize.

searches

This is from 2023:

https://apri.institute/how-russian-migration-fuels-armenias-it-sector/

How Russian Migration Fuels Armenia’s IT Sector Growth

The Russian invasion of Ukraine has led to a significant influx of Russian IT specialists into Armenia, boosting the sector and contributing to the country’s economic recovery.

The Russian invasion of Ukraine has triggered a significant exodus of Russians; some left Russia for political reasons, as they were against the war, and many did not want to compromise their lives. Armenia became one of the primary destinations for Russian migrants due to several reasons. Armenia and Russia enjoy a visa-free regime, and there are many daily flights to Yerevan from multiple Russian cities. Armenia and Russia are members of the Eurasian Economic Union, allowing tariff-free export and import. Perhaps, most importantly, many Armenians have favorable views on Russians. Despite the growing criticism of Russia in Armenia due to its actions or inaction during the 2020 Nagorno-Karabakh war, Azerbaijani incursions into Armenia in 2021 and 2022, and the military takeover of Nagorno-Karabakh by Azerbaijan in September 2023, this has not turned into resentment against Russians, as it has focused on the Russian state.

According to different estimates, up to 100,000 Russians have entered Armenia since February 2022, with two big waves, one in March-April and one in late September-October 2022, immediately after mobilization was declared in Russia. As of October 2023, up to 60,000 Russians remain in Armenia, primarily located in the capital, Yerevan, though a few Russians also live in Gyumri, the second biggest city of Armenia. Most Russians who migrated to Armenia are specialists in the IT sphere. The robust growth of the IT sector in Armenia played a role in influencing their choice, as Armenia can offer them developed infrastructure, including IT business centers and IT parks.

https://data.worldbank.org/indicator/NY.GDP.PCAP.CD?locations=AM

Looking at that chart, Armenia’s GDP-per-capita has roughly doubled since the start of the Russo-Ukranian War. Dunno how much of that is related to that movement, but I wouldn’t be surprised if it were a factor.

Windsor Mayor Drew Dilkens says parts of Trump’s post are factually incorrect, as U.S. steel was used in the construction from the Michigan side of the river.

“It’s just insane,” Dilkens told CBC Power & Politics host David Cochrane on Monday evening.

“I really can’t believe what I’m reading,” Dilkens said. “The faster we can get to the midterms and hopefully see a change, the better for all of us.”

The midterms are the nearest big inflection point, and the Democrats will most likely take the House. However, unless there are angles that I don’t know about, the most important thing that the Democrats will be able to likely directly do in terms of Trump doing a lot of Executive Branch things after the midterms is threaten a government shutdown when the next budget rolls around (and it won’t be on a limited “hopefully the Republicans don’t just decide to end the fillibuster and take away our power to block the budget” basis a la last time). That’s a big gun, but it’s got limited usability, and they probably have a lot of things that they want to horse-trade on it already.

They can block more legislation from being passed, but that won’t really change the status quo, not unless something new and unexpected comes up in the second half of the term that the Trump administration really wants legislation on. The Republicans have a trifecta now, so they’ll try to pass whatever they want prior to the midterms.

The biggest politically-useful thing that I’m aware of that the Democrats get is that in both houses of Congress, investigations require a simple majority, and they’ll probably have at least the House. Trump has done about a zillion things that probably would be a pretty solid case for Congress to start investigations — that’s a big part of Congress’s job, to oversee the Executive Branch — and if you get a simple majority in either house of Congress, you can compel the Executive Branch to turn over a lot of information on what it’s been doing. So Trump and a number of other people from the administration might be spending a lot of the second half of Trump’s term sitting in front of Congressional investigations.

https://en.wikipedia.org/wiki/United_States_congressional_hearing#Investigative_hearings

Oversight hearings

Oversight hearings review or study a law, issue, or an activity, often focusing on the quality of federal programs and the performance of government officials. Hearings also ensure that the executive branch’s execution goes with legislative intent, while administrative policies reflect the public interest. Oversight hearings often seek to improve the efficiency, economy, and effectiveness of government operations. A significant part of a committee’s hearings workload is dedicated to oversight. For example, on a single day, May 8, 1996, the Senate Committee on Energy and Natural Resources held an oversight hearing to look into a recent increase in gasoline prices; the Committee on Governmental Affairs held an oversight hearing on the Internal Revenue Service; the Committee on Health, Education, Labor and Pensions held an oversight hearing on the implementation of the Family and Medical Leave Act; and the Committee on Indian Affairs held an oversight hearing on the impact of a recent Supreme Court case involving Indian gaming. Many committees oversee existing programs in the context of hearings on related legislation, or routinely perform oversight when it is time to reauthorize a program, so oversight hearings may be combined with legislative hearings.

Investigative hearings

Investigative hearings share some of the characteristics of legislative and oversight hearings. The difference lies in Congress’s stated determination to investigate, usually when there is a suspicion of wrongdoing on the part of public officials acting in their official capacity, or private citizens whose activities suggest the need for a legislative remedy. Congress’s authority to investigate is broad and it has exercised this authority since the earliest days of the republic. The first such hearings were held by the House of Representatives in 1792 following St. Clair’s Defeat in the Battle of the Wabash.[11] Its most famous inquiries are benchmarks in American history: Credit Mobilier, Teapot Dome, Army-McCarthy, Watergate, and Iran-Contra. Investigative hearings often lead to legislation to address the problems uncovered. Judicial activities in the same area of Congress’s investigation may precede, run simultaneously with, or follow such inquiries.

Congress can pretty much shut down the President, or even remove him from office if he breaks a law, but it requires hefty supermajorities to do so, and unless the Democrats can turn up more-damning information via investigations or similar than they have so far, I doubt that they’d get enough Republican Congressmen to vote with them to do that to Trump.

• Impeachment alone doesn’t do much; it’s just a formal accusation of wrongdoing. If the Democrats take the House, they can impeach Trump. The problem is that that just initiates the process to remove the President from office. You need a two-thirds supermajority in the Senate to convict, which is a very high bar, and the Democrats will not have that, so they’d need to convince at least some Republican senators to vote to convict in an impeachment trial. And this really requires a law to be broken; it’s a not a recall vote or a “you’re doing a bad job” remedy something like that, but to deal with lawbreaking.

• Congress can pass new legislation over the President’s veto. However, it requires a two-thirds supermajority in both the House and the Senate to do so, so unless at least a significant number of Republicans get onboard, which I’m skeptical will happen, I doubt that they can pass laws requiring the bridge to be opened or whatever over a Trump veto.

There may be some more subtle things that might happen. So, the Supreme Court may decide not to block Executive Branch action due to the political question doctrine even if the President is likely acting outside his powers, if it’s not clear that there’s an actual disagreement between a majority in Congress and the President, over something like Trump using emergency power tariffs. That is, they may let the President do X if it looks like Congress is actually just fine with X and is just letting the President take the heat for doing X. But if the Democrats take the House and then clearly have a majority object, that might turn into SCOTUS ruling on the tariffs. That might address some things. However, I would bet that it’s probably within Presidential powers to prevent this bridge from being opened, though, so I don’t think that that would likely change due to the midterms.

My guess is that if Trump really wants to, and isn’t just posting to generate noise, he probably could block the opening of the bridge for the next three years.

If I’m traveling or I wipe my device or get a new one, I would have to add the new key to many servers as authorized keys,

So, I don’t want to get into a huge argument over the best way to deal with things, since everyone has their own use cases, but if that’s your only concern, you have a list of hosts that you want to put the key on, and you still have a key for another device, that shouldn’t be terribly difficult. Generate your new keypair for your new device. Then on a Linux machine, something like:

$ cat username-host-pairs.txt
me@host1
me@host2
me@host3
$ cat username-host-pairs.txt|xargs -n1 ssh-copy-id -i new-device-key-file-id_ed25519.pub

That should use your other device’s private key to authenticate to the servers in question and copy the new device’s pubkey to the accounts on the host in question. Won’t need password access enabled.

In fact, that’s generally what you want to do, since if one device gets lost or compromised, you just revoke access to the key for that device.

Why buy Russian Steel?

Without looking at the numbers, I’d guess that Russia is probably the cheapest option for those companies importing it from Russia.

It also sounds like it’s not just steel in general, but some specific stuff:

Sanctions on Russian exports have blocked most steel products from flowing into the EU, especially the most basic ones. Yet semi-finished slabs are still permitted into the bloc because Belgium, Czechia and Italy requested they remain available for factories that they say have no alternative sources of supply.

I’m a little skeptical that nobody else out there produces those, though.

searches

Apparently they look like this:

https://kavehmetal.com/steel-slab-7-essential-tips2025-guide/

Steel slab plays a vital role in the production of steel sheets, plates, and other related products. Its use is particularly prominent in the manufacture of:

Hot-rolled sheets or black sheets: The slab is heated to a specific temperature, then passed through rollers to reduce thickness and achieve the desired dimensions.

Structural components: It is also used in the production of I-beams, rebars, and steel pipes, which are essential for construction and infrastructure projects.

So an internet

The highest data rate it looks like is supported by LoRa in North America is 21900 bits per second, so you’re talking about 21kbps, or 2.6kBps in a best-case scenario. That’s about half of what an analog telephone system modem could achieve.

It’s going to be pretty bandwidth-constrained, limited in terms of routing traffic around.

I think that the idea of a “public access, zero-admin mesh Internet over the air” isn’t totally crazy, but that it’d probably need to use something like laser links and hardware that can identify and auto-align to other links.

https://meshmap.net/

These guys appear to have a global visualization of the Meshtastic network nodes that they can see.

I don’t run a home automation system, but if you want an open solution and are willing to do some configuration, my understanding is that the main contenders are OpenHAB and Home Assistant.

I’d also suggest [email protected] as a more-specialized resource than [email protected], though I imagine that there’s overlap.

https://www.reuters.com/business/retail-consumer/new-tesla-sales-spain-fall-44-december-2026-01-02/

New Tesla sales in Spain fall 44% in December

Jan 2 (Reuters) - Tesla’s (TSLA.O) New car sales in Spain fell 44.2% in December from the same month in 2024 to 1,794 vehicles, registration data from industry group ANFAC showed on Friday.

February should be interesting.

Mix and match login managers and desktop environments

So, I was wondering if it would be possible to use just the GDM login prompt, but have it feed into KDE desktop and if so what I’d need to tinker with to configure it.

I imagine that it’d depend on the login manager.

I use emptty, which allows me to log in on a text console.

For that login manager, I:

Add a ~/.config/emptty-custom-sessions/sway-wrapped.desktop file:

Name=Wrapped Sway
Exec=/home/tal/bin/my-wrapped-sway.sh
Environment=wayland

And add ~/bin/my-wrapped-sway.sh:

#!/bin/bash

. ~/.bash_profile

export XDG_SESSION_TYPE=wayland

exec dbus-run-session sway "$@"

I mark my-wrapped-sway.sh executable (chmod +x ~/bin/my-wrapped-sway.sh), and done.

searches

https://blog.boristerzic.com/posts/2023-09-17-build-your-own-desktop-environment/

Adding a New Custom Desktop Environment in Arch Linux

Your desktop environment is typically started right after your login to the system using your display manager (or login manager). In graphical display managers like gdm you can select one of several session types from a list. This is where we want to add a new entry for our labwc based desktop environment.

On Arch linux these sessions are stored in /usr/share/xsessions in separate .desktop files. A /usr/share/xsessions/labwc.desktop file could look like this:

[Desktop Entry]  
Encoding=UTF-8
Name=labwc
Comment=labwc
Exec=labwc
Type=Application

I’d probably give that a try.

Oh, yeah, it’s not that ollama itself is opening holes (other than adding something listening on a local port), or telling people to do that. I’m saying that the ollama team is explicitly promoting bad practices. I’m just saying that I’d guess that there are a number of people who are doing things like fully-exposing or port-forwarding to ollama or whatever because they want to be using the parallel compute hardware on their computer remotely. The easiest way to do that is to just expose ollama without setting up some kind of authentication mechanism, so…it’s gonna happen.

I remember someone on here who had their phone and desktop set up so that they couldn’t reach each other by default. They were fine with that, but they really wanted their phone to be able to access the LLM on their computer, and I was helping walk them through it. It was hard and confusing for them — they didn’t really have a background in the stuff, but badly wanted the functionality. In their case, they just wanted local access, while the phone was on their home WiFi network. But…I can say pretty confidently that there are people who want access all the time, to access the thing remotely.

I mean, the article is talking about providing public inbound access, rather than having the software go outbound.

I suspect that in some cases, people just aren’t aware that they are providing access to the world, and it’s unintentional. Or maybe they just don’t know how to set up a VPN or SSH tunnel or some kind of authenticated reverse proxy or something like that, and want to provide public access for remote use from, say, a phone or laptop or something, which is a legit use case.

ollama targets being easy to set up. I do kinda think that there’s an argument that maybe it should try to facilitate configuration for that setup, even though it expands the scope of what they’re doing, since I figure that there are probably a lot of people without a lot of, say, networking familiarity who just want to play with local LLMs setting these up.

EDIT: I do kind of think that there’s a good argument that the consumer router situation plus personal firewall situation is kind of not good today. Like, “I want to have a computer at my house that I want to access remotely via some secure, authenticated mechanism without dicking it up via misconfiguration” is something that people understandably want to do and should be more straightforward.

I mean, we did it with Bluetooth, did a consumer-friendly way to establish secure communication over insecure airwaves. We don’t really have that for accessing hardware remotely via the Internet.

While that is true in theory, it’s also true that it’s a little more complicated than that.

My understanding is that in the past, the US tried placing tariffs on steel originating from China — steel being a strategic good, something where there’s a positive externality to having a secure supply — and it wound up effectively being routed through other countries.

A second issue is that it’s not just a matter of the steel moving through countries directly, but the fact that products can be manufactured in other countries using steel from China, and there isn’t any system for tracking that. Like, say I buy a desktop computer case made of sheet metal from, oh, Taiwan. Where did the Taiwanese manufacturer get the steel from?

searches

Here’s something from Brookings (Brookings not being particularly enthusiastic about either Trump or protectionist trade policy):

https://www.brookings.edu/articles/is-china-circumventing-us-tariffs-via-mexico-and-canada/

Since 2018, the U.S. has imposed and ratcheted up tariffs on a broad range of Chinese imports. U.S. tariffs on China have created incentives for Chinese products to circumvent these tariffs by entering the U.S. via Canada and Mexico, paying either the United States-Mexico-Canada Agreement (USMCA) tariff rate of zero or the U.S. WTO Most-Favored-Nation (MFN) rate, which has been well below U.S. tariffs on China. Chinese circumvention of U.S. tariffs undermines the U.S. policy of reducing economic integration with China and addressing the impact of China’s imports on U.S. manufacturing. This paper analyzes the extent of Chinese circumvention of U.S. tariffs up until the end of 2024. Since President Donald Trump came into office in 2025, he has raised tariffs further on imports from China and (but to a lesser extent so far) on imports from Canada, Mexico, and other countries as well. At the time of writing, U.S. tariffs were in flux, but the end result will most likely be U.S. tariffs on imports from China that continue to be higher than U.S. tariffs on imports from Canada and Mexico, thereby maintaining the incentive for circumvention.

This paper analyzes three ways that Chinese products can circumvent U.S. tariffs:

1. Transshipment, which occurs when an import from China passes through Mexico or Canada on its way to the U.S.
2. Incorporation of Chinese products into North American supply chains. This includes manufacturing in Mexico and Canada to produce products that are then exported to the U.S.
3. Chinese foreign direct investment (FDI) into Mexico and Canada to produce goods that are then exported to the U.S.

Even aside from the whole Russia angle, an oil tanker running aground is bad news, just from an “huge oil mess potential” standpoint. I wonder if it was empty, seeing as the article didn’t mention oil spill risk?

searches

Doesn’t sound like it was empty.

https://uawire.org/french-forces-escort-seized-russian-shadow-fleet-tanker-grinch-to-marseille-hand-over-to-prosecutors

On January 25, AFP published video provided by the French Armed Forces General Staff. The footage shows a military helicopter hovering above the tanker as armed French personnel fast-rope onto the deck, make contact with the crew and conduct an inspection.

The Insider reviewed the AFP video and noted the tanker was riding low in the water — in places the waterline was barely visible due to waves. Such draft typically indicates the ship is carrying a full or near-full load.

Oh, “grounded” here must be some kind of bad translation. I suspect that they mean “impounded” or something like that.

An order had been issued on Friday prohibiting British activists from gathering for a planned “stop the boats” protest nicknamed Operation Overlord in the departments of Nord and Pas-de-Calais.

They named a protest aimed at stopping boats from crossing the English Channel…after what was probably the largest crossing of boats across the English Channel ever?

https://en.wikipedia.org/wiki/Operation_Overlord

Operation Overlord was the codename for the Battle of Normandy, the Allied operation that launched the successful liberation of German-occupied Western Europe during World War II. The operation was launched on 6 June 1944 (D-Day) with the Normandy landings (Operation Neptune). A 1,200-plane airborne assault preceded an amphibious assault involving more than 5,000 vessels. Nearly 160,000 troops crossed the English Channel on 6 June, and more than two million Allied troops were in France by the end of August.

Have a limited attack surface will reduce exposure.

If, say, the only thing that you’re exposing is, oh, say, a Wireguard VPN, then unless there’s a misconfiguration or remotely-exploitable bug in Wireguard, then you’re fine regarding random people running exploit scanners.

I’m not too worried about stuff like (vanilla) Apache, OpenSSH, Wireguard, stuff like that, the “big” stuff that have a lot of eyes on them. I’d be a lot more dubious about niche stuff that some guy just threw together.

To put perspective on this, you gotta remember that most software that people run isn’t run in a sandbox. It can phone home. Games on Steam. If your Web browser has bugs, it’s got a lot of sites that might attack it. Plugins for that Web browser. Some guy’s open-source project. That’s a potential vector too. Sure, some random script kiddy running an exploit scanner is a potential risk, but my bet is that if you look at the actual number of compromises via that route, it’s probably rather lower than plain old malware.

It’s good to be aware of what you’re doing when you expose the Internet to something, but also to keep perspective. A lot of people out there run services exposed to the Internet every day; they need to do so to make things work.

I was going to wince at a US publication not doing European geography, but no, it’s actually the British The Independent, of all places.

I mean, there are a number of cases in mythologies where you can find common elements. I’d buy that in some cases, there might be common elements causing it, but I don’t think that it’d need to be a common hallucinogen.

Off-the-cuff, some examples:

• Dragons

• “Hybrid” animals that are a conglomeration of different animals.

• Ghosts

• Mermaids.

• House spirits

• Sun gods

It’s not just EVs that are connected.

Society can’t have females stripping for males — which I’m assuming from the official’s phrasing does not constitute a “direct and cynical violation of basic moral norms and traditional spiritual values” — if they’re not leaving the kitchen.