gattsuru
11d ago
It's... had a lot of governance Issues for a long time, and there's the normal coastal politics (did you know NixCon had Anduril sponsorships, the sridhar ban). I don't grok the entire point of the Nix project, but from what I've seen via shlevy on twitter, the NixOS governance has been kinda the center of a turf war since ~2021 (with the first community team rfc, not enacted).
A lot of recent heat seems to be downstream of Eelco, the original dev, officially stepping down and handing control over to the Foundation Board. He's not been active much for a while, but the community was largely willing to overlook a lot of moderation and management decisions running very much by the seat of everyone's pants, under the auspices that he'd be kinda overlooking things. In theory, there's supposed to be constitutional convention and a foundation board meeting and a whole bunch of stuff about distribution of power and oversight, but in practice, there's not really much clear way for anything to happen beyond the Foundation writing whatever policies it thinks will be popular in California -- see the sponsorship policy snafu, and specifically how the forum auto-locked the discussion and moderators forbid opening new threads on it (and the thread OP was tempbanned for being a putz).
But the recent snafu is about more generally around the ethos that:
There's a code of conduct in place, people want it expanded significantly, and that people are allowed to question it are evidence that it should have been expanded years ago, if not evidence of governance failures or destructive to the reputation of the community; sprinkle in some mentions of sealioning and concern trolling, and you're done.
gattsuru
9d ago
Yeah. I think the more recent immigration bills also had to deal with the aftermath of the Gang of Eight attempt in 2013, which even contemporaneously was seen as Rubio getting punked by some embarrassingly useless compromises-in-name-only
gattsuru
9d ago
Yes, not only do state criminal courts handle federal constitutional questions, it's actual necessary for a plaintiff or defendant to bring constitutional complaints to the trial-level court or they risk surrendering the question on appeal (with a few exceptions not relevant here).
gattsuru
22d ago
Texas' law was somewhat unusual in that it had originally had prohibited heterosexual sodomy, but had been revamped, possibly by accident, such that only same-sex sodomy was actually punishable. Anal sex, among other things, was defined as "deviate sexual intercourse" regardless of who did it with whom, but it was only an offense if done with "another individual of the same sex".
((It also restricted homosexual oral sex, and possibly using a dildo or a sounding rod on someone else, though I've not seen any evidence of it actually being used in this way.))
And O'Connor's concurrence pushed on this hard: she held that it mattered that the state was expressed moral disapproval not of an act, but of an act being done by a group:
This case raises a different issue than Bowers: whether, under the Equal Protection Clause, moral disapproval is a legitimate state interest to justify by itself a statute that bans homosexual sodomy, but not heterosexual sodomy. It is not. Moral disapproval of this group, like a bare desire to harm the group, is an interest that is insufficient to satisfy rational basis review under the Equal Protection Clause. See, e. g., Department of Agriculture v. Moreno, 413 U. S., at 534; Romer v. Evans, 517 U. S., at 634-635. Indeed, we have never held that moral disapproval, without any other asserted state interest, is a sufficient rationale under the Equal Protection Clause to justify a law that discriminates among groups of persons.
(emphasis added)
But only O'Connor signed onto that concurrence, which even at the time came across as a nitpick. The majority opinion, which received five votes but not O'Connors, didn't rest on it being a status-based offense, in no small part because the courts were still trying avoid committing to treating homosexuality as a special status, with even status-based SCOTUS matters like Romer hiding behind rational basis. Lawrence argued certain types of 'intimate contact' outside the scope of the general police power, so it invalidated not just bans on (consensual private non-commercial adult) sodomy, but also a wide variety of other private behaviors.
The laws involved in Bowers and here are, to be sure, statutes that purport to do no more than prohibit a particular sexual act. Their penalties and purposes, though, have more far-reaching consequences, touching upon the most private human conduct, sexual behavior, and in the most private of places, the home. The statutes do seek to control a personal relationship that, whether or not entitled to formal recognition in the law, is within the liberty of persons to choose without being punished as criminals.
This, as a general rule, should counsel against attempts by the State, or a court, to define the meaning of the relationship or to set its boundaries absent injury to a person or abuse of an institution the law protects. It suffices for us to acknowledge that adults may choose to enter upon this relationship in the confines of their homes and their own private lives and still retain their dignity as free persons.
In theory. Like a lot of that era of SCOTUS jurisprudence, there's a decent chance that these lofty principles get smothered under balancing tests. It's not clear how this applies to situations like extreme BDSM; so far, the only relevant cases have generally alleged consent violations, sometimes pretty credibly. But where courts have had cause to evaluate restrictions under the assumption they would be applied in a consenting framework, they often do so by reframing Lawrence post-hoc, generally by promoting the O'Connor concurrence:
Under the Lawrence methodology, history and tradition continue to inform the analysis. See id. at 2598 (“History and tradition guide and discipline [the implied fundamental liberty interests] inquiry but do not set its outer boundaries.”). Yet, courts must consider not only the history and tradition of freedom to engage in certain conduct, but also any history and tradition of impermissible animus that motivates the legislative restriction on the freedom in order to weigh with appropriate rigor whether the government's interest in limiting some liberty is a justifiable use of state power or an arbitrary abuse of that power. In this respect, the conclusion reached here under the Glucksberg line of reasoning that there is no deeply rooted history or tradition of BDSM sexual activity remains relevant and important to the analysis. Also relevant and important to the analysis is the absence of a history of impermissible animus as the basis for the restriction at issue here. Sexual activity that involves binding and gagging or the use of physical force such as spanking or choking poses certain inherent risks to personal safety not present in more traditional types of sexual activity. Thus, as in Cruzan and Glucksberg, a legislative restriction on BDSM activity is justifiable by reference to the state's interest in the protection of vulnerable persons, i.e. sexual partners placed in situations with an elevated risk of physical harm. Accordingly, consistent with the logic of Lawrence, plaintiff has no constitutionally protected and judicially enforceable fundamental liberty interest under the Due Process Clause of the Fourteenth Amendment to engage in BDSM sexual activity.
((Probably not helped by the guy in that case probably being a douchebag.))
gattsuru
8d ago
Wheeeeeeeeee. (details).
gattsuru
23d ago
If you're just trying to receive e-mails, Mail in a Box works pretty well 99% of the time. If you're largely just sending yourself notifications, with an account that's not used anywhere else of significance, it works 98%ish of the time. ((And even that's overkill; a basic postfix relay works.))
If you're trying to send e-mail, it can be messy, and worse unpredictably messy. Mailinabox tries to solve the absolute horror story that mail config turned into, and to be fair a lot of the tedious config-twisting stuff is no longer as frustrating as it once was. You can do it... for a while.
The issue is not that you might send enough e-mail to hit an automated spam filter yourself, or even the risk that you might misconfigure things in a way that a bad actor can abuse -- that's a concern with near-any server, and there's a lot of things like a SIP PBX where you just recognize and mitigate it. With e-mail, however, your domain and/or IP address can end up on sizable DNSBLs because some IP address half an octet away fucked up, or because some sysadmin in Europe had a stick up their ass that day. Surprisingly big-name people can misconfigure their own stuff, and break because you're not big enough to have been made an exception, and not even have reporting turned on: it's happened to me.
E-mail can be done fine for a toy project, or where you're measuring reliability by licking your finger and sticking it in the air rather than by count of nines. If you're going to move the system you use to handle your bank account's verification to it, or how you send bills to customers, you gotta be willing to put a lot of effort in and realize it may not work.
One part, about banning one person (JR), seemed to be a controversy over whether a defense contractor (Anduril) should be allowed to sponsor the project, with the losing faction being "NATO defense contractors are what prevent Russia from conquering Ukraine and the rest of the world", and the winning faction being "defense contractors kill people and are icky and we don't want their name near us" (various positions were put forth, but I can't come up with a coherent charitable interpretation)
The charitable steelman is that Anduril's products flirt increasingly closely with autonomous weapons, and the extent humans are in the loop (for autonomous weapons made by other people) has at best diffused responsibility regarding validity of target selection, and more practically put to a point where oversight and responsibility aren't enforceable. The... less charitable bit is that, like Palantir, the (surveillance) equipment and technology is also used by ICE and police, and a lot of Nix tech could be and/or could be driven to be very useful for that equipment and technology. The even less charitable one is that, while Palmer Luckey isn't as No Go politics-wise as Peter Thiel, it's known, in ways that kept people from supporting him.
And what really got my attention were the comments by people speaking in support of him that were "flagged by the community and temporarily hidden".
Yeah. On one hand, that's a Discourse (the forum software designed by CodingHorror's lead) default behavior, and one reason (among many) I'm glad that Zorba didn't base this forum off Discourse. On the other hand, the moderation team can override it, or allow successor threads, and didn't.
I still can't figure out what side of the culture war the people fleeing the project are on, and that's probably intentional.
Dunno. There's at least some text from big names in the github from the TotsNotBlueTriberJustUsingTheirAssumptions, and not much explicit red triber, but that doesn't exclude the porque no los dos.
gattsuru
24d ago
That seems a near-universal recipe to surrender any and every public to whatever jackass is willing to occupy it first, and then insist that they feel unsafe because The Wrong Person walked close to them or took pictures of their public protest. Dissolving 'starting a confrontation' at all makes the fundamental flaws of this framework, if anything, more apparent.
gattsuru
10d ago
Six months update:
As of 14 February 2024, 112 hostages had been returned alive to Israel, with 105 being released in a prisoner exchange deal, four released by Hamas unilaterally and three rescued by the Israel Defense Forces (IDF). Twelve bodies of hostages were repatriated to Israel, with three of the hostages killed by friendly fire from the IDF[22] and the bodies of nine hostages repatriated through military operations. 49 hostages were reportedly killed on October 7 or in Hamas captivity according to Israel. According to unconfirmed Israeli intelligence, at least 20 additional hostages may be deceased, with their bodies being held captive in Gaza. As of 3 May 2024, 132 hostages remained in captivity in the Gaza Strip, 128 of whom had been abducted on 7 October 2023; the other four hostages having been captured earlier.
About 130 hostages remain unaccounted for after being kidnapped by Hamas on 7 October last year - at least 34 of them are presumed dead. According to Israel, more than 250 Israelis and foreigners were taken during the attacks. Israel gives an official figure of 134 hostages because it includes four people taken hostage in 2014 and 2015. Two of these are believed to have died.
My sad working theory has been that one reason talks were stalled was that a deal would force Hamas to reveal that most of the hostages were either dead or pregnant. Now this: AFAIK, there are still ca 125 hostages in Gaza, and Hamas can't produce 33 who are still alive?
So more than I feared, less than I hoped, and it's become increasingly possible to say publicly among mainstream sources that it's probably not gonna look better.
gattsuru
24d ago
There's been a number of other things going on in this space, either from financial drivers or more straightforward legal ones. You've already gotten a post on gumroad, but itch.io has been doing a slow-march version where they don't block adult content sales as a category, just individual pieces of adult content, which has kept going apace.
I've not found good proof that there's something Operation Chokepoint-like going on, but with the timing and the variety in impacted content, it's increasingly hard to believe that this is all occurring randomly.
On the direct legal attacks, in the furry sphere, some places have complied with local bans (eg, e621 blocks North Carolina, while others have largely ignored them and hoped they don't get made examples. There's good reason that they're rather paranoid about having to keep name-identifying records, since people have blown zero-days on FurAffinity.
gattsuru
24d ago
Students for Justice in Palestine and Jewish Voice for Peace, along with a couple other umbrella groups, have jointly claimed credit for both the Columbia-specific protest and the follow-on encampments at a number of other schools. There's a fair criticism that there's at least a few rando Garbage People in the hradzka sense running around, or even agent provacateurs, but this isn't some Stand Alone Complex where the simulacrum had no real original version.
((The less charitable take on 'umbrella group' is that they're both just front groups for the actual coordinating organizations, but by definition I can only point to the subchapters and related organizations giving extremely similar messaging on short notice, or other more subtle signs that they've got intercampus communication going on that doesn't match the paper or training from the public faces.))
gattsuru
15d ago
I'm not sure whether it's better to respond with a furry fandom joke, a Baldur's Gate joke, or with a Vintage Story joke.
gattsuru
13d ago
Any ideas for small electrical things that you use regularly that would make a good Project?
I've been running some students through designing a macropad variant, and someone in the tumblr rat-adj-adj sphere is building a small timer. But a lot of the field, including things I've run as student projects before, tend to be toys.
I like your basic two-wheel robot as much as the next person, but it's something that at best you make, put on the shelf, and never touch again. Same for infinity mirrors, and the best that can be said for epaper weather stations is that at least they'll change on the shelf. Or, alternatively, there's a ton of projects to build something that's really useful for somebody who wants to be an electrical engineer and needs something that'll work until they can buy a Real Tool.
Ideally, I'd have students long enough to see what they'd want, but I've gotten a lot of shrugs, or worse questions for stuff that seems deceptively easy (forget the ethics of DIY AppleTags, the TI MSP430 library for LoRA suuuuuuucks). And in more cases, I don't really have the timelines for it, as hilariously enough even if we're getting circuit boards done as students finish the CAD, I need to have the non-jellybean parts ordered months in advance or they'll get in slower than OSHPark or JLCPCB can turn something around.
Perhaps they'll issue a clarification, but from the note in this section, I think someone could read this as "memory"; it has "memory" right in the name!
Maybe, but so does CMOS RAM, and that's a central example of where you probably do want this rule to apply, and it's (usually) more volatile than FRAM. 5.4-1 to my read isn't about access modes or media type, but about storage volatility, and that makes some amount of sense for certain attack vectors -- you don't want someone reading cloud passwords by probing random SPI flash, as weird as that particular threat is.
But it also makes a lot of design spaces for low-power devices goofy, in ways that don't make sense. There's probably a class of low-power device where it's a really critical security problem is someone delid the main processors and inspects individual FRAM cells during a toggle-off state, but 99% of the time even if someone could hijack a session id from that it's less big of a deal than having access to the board to start with.
5.4-2 (unique IDs) : This one is conditional, and I imagine ultra-small or ultra-disposable devices won't qualify in the first place.
Yeah, but the condition is only that applies where ever "a hard-coded unique per device identity is used for security purposes". I think that includes virtually every LoRaWan (DevEUI) and probably every LoRa device, for one common example, but also technically at least most Bluetooth implementations. There's other places where it's a good idea to use hard-coded unique identities per device for security purposes even where it doesn't 'matter', and that's largely going to result in people just dealing with stupid hacks instead to avoid triggering the requirement whenever possible.
5.3.4/6/10 (updates): Same here; conditional. We'd at least have to get down to the level of thinking about each of the devices you've mentioned in terms of the conditions.
Yeah, but the conditions for 5.3-4 is "an update mechanism is implemented", 5.3-6 "an update mechanism is implemented" and "the device supports automatic updates and/or update notifications", and 5.3-10 that "updates are delivered over a network interface" and "an update mechanism is implemented". These are fine when you're talking a full web-UI/app-equipped device, but twenty sensors on a LIN line that can be updated still hit the requirement for 5.3-4, which is on its own a requirement for automatic updates so you now hit 5.3-6. Then you're trying to figure out how 5.3-10 works for devices that don't have user interfaces (and may not have user physical access!), and now you're either stuck tossing an authentication layer on your LIN, implementing a cryptographic security function for comms on said LIN, or spamming users with update notifications like they were running Arch Linux.
5.3-15: I think I would interpret this as, sure, you need to support any part of a product until you tell the customer that you're not supporting it anymore, and the type of support can vary.
Eh...
Let's take the example of a lightning switches attached to a base station, as a fairly common home automation setup where the switches and adapters are... not actually a central case of the constrained device model (they have wall power!) but are at least arguably close. If you build one of these, you're probably going to support a wide variety of light bulb sockets and switch types, but not all of those are going to make sense over the longer term -- maybe a socket type falls out of popularity, or a new lightbulb tech drops that doesn't play well with dimmer circuits, or a vendor you partner with stops selling a product that makes that particular device make sense.
By the text, is a lighting hub "isolable and hardware replaceable" if the vendor doesn't want to sell every attachment for the hub's life cycle? Removing one attached device doesn't make the attached device 'isolable', because turning on and off that light is its core feature. Nor is removing the entire hub from the internet, since there's no sane way to call that a "self-contained environment with other devices if and only if the integrity of devices within that environment can be ensured", when the especially if the entire reason to pop them off the internet has to do with their ability to communicate securely with the local hub. Would it be hardware replaceable is the only hardware replacement doesn't actually fit into the same socket, just because something attaches to the same hub?
Yes, in practice your interpretation is the sane one, and hopefully it's probably going to end up as the sort of asterisk that just confuses people, like vendors just putting out generic 'support may stop without notice for some devices' clauses. But at best that turns the requirement into aspirational text instead of the actual policy.
(5.5-3) How easy is that? You don't even have to update it at all. But if you do, then at least make sure your shit isn't trivially broken, at least so long as you're telling the customer that you're still supporting it.
I think the interpretation of that standard is closer to page 45-46 here, if not on the exact same timelines, and that quickly turns into an eWaste and version hop mandate for a lot of stuff pretty quickly in order to theoretically prevent the plausibility of certain attack classes, rather than blocking trivial ones. But even for its steelman of "don't use WPA2-only chips in new products", I think it's still costly even if well-intended, and a lot of those costs don't make a ton of sense. There's a number of chips and equipment that can't connect on WPA3 at all, and even where it's something that can be implemented in software that doesn't mean it's exactly easy.
More broadly, though, it seems like overbroad application of a rule. A presumption toward encrypting everything makes sense when it's free or nearly-free, but there are a lot of entire devices where it's just not that relevant. If your equipment does literally nothing but relay temperature and humidity values over ISM bands, you might want some amount of authentication to prevent spoofing, but it's really not that big a deal if someone can listen in. And there's a lot of IoT stuff that goes into that category.
There's some parts of the rules that motion around this -- 5.5-1's "Appropriateness of security controls and the use of best practice cryptography is dependent on many factors including the usage context" or the exceptions for ARP, DHCP, DNS, ICMP, and NTP in 5.5-5 -- but again that turns the requirement into aspirational text.
gattsuru
24d ago
Visa and MasterCard see pornography as high risk because they get a lot of chargebacks, so they charge adult services producers a much higher rate for payment processing.
I think this would be plausible for a wide-spectrum ban on porn, if still uncertain since these companies have little trouble working with businesses that have increased chargeback risks otherwise and just slamming on fees.
I don't think it's remotely plausible for the common levels of specificity involved, here. There may well be higher (or lower) rates of chargeback for incest porn, or hypnosis or forced TF kink, or dragon dongs with too much red dye, but I'm incredibly skeptical that a) card companies have the data to actually know that, b) that these rates are so much higher that they can't be resolved by fees, and c) that there's no more immediate and less-financially-direct motivation.
I can't find any records involving either person in the Pennsylvania court system, though given how crappy most court records are, that doesn't mean much.
The underlying complaint is here, and seems to be resting heavily on past adjudications by the State Board in 2010 (for Herr) and 2018 (for Wentworth). Like most state licensing laws, the definition of veterinary practice in Pennsylvania is very broad :
"Practice of veterinary medicine" includes, but is not limited to, the practice by any person who (i) diagnoses, treats, corrects, changes, relieves or prevents animal disease, deformity, injury or other physical, mental or dental conditions by any method or mode, including the prescription or administration of any drug, medicine, biologic, apparatus, application, anesthetic or other therapeutic or diagnostic substance or technique, (ii) performs a surgical operation, including cosmetic surgery, upon any animal, (iii) performs any manual procedure upon an animal for the diagnosis or treatment of sterility or infertility of animals, (iv) represents himself as engaged in the practice of veterinary medicine, (v) offers, undertakes, or holds himself out as being able to diagnose, treat, operate, vaccinate, or prescribe for any animal disease, pain, injury, deformity, or physical condition...
It's not obvious that ultrasounds (or possibly(?) selling bull semen?) are covered, and there's not a ton of great pragmatic arguments for it, but the courts have given near-complete carte blanche to regulatory agencies to anything even remotely near the borders. And for a wide variety of reasons this sorta thing is near-impossible to practically challenge even were courts willing to push back on it.
Given some of the coverage, though ("both men were advised by their former attorneys not to pay the fines or appear in court"), I'm not sure what happened was completely without any court behavior -- this may be referring to the 'court' of the board licensing group, which is more court in the kangaroo sense, but it also could be about enforcement summons for a conventional court. An actually fake arrest warrant wouldn't be unprecedented, but it's left me noticing I'm confused.
That said:
Rusty Herr was arrested the very next morning, April 11, at 6:30 a.m. at his home in Christiana.
gattsuru
23d ago
MindGeek claims to have the tech fully ready to go for a UK-standards version (and that's the subtext behind PornHub, a MindGeek subsidiary, not complying with the American age verification versions), and MindGeek says that it's actually in use in Germany since 2015. It's definitely the political economy of things.
gattsuru
16d ago
I would... not be so sure the administration can avoid it if Biden wanted. See the Kincaid v. Williams denial of cert (starts at page 39) from last year as an example of what's going to start coming down the pike in earnest: a very broad law with expansive reads of standing, on a matter extremely sympathetic to progressive-leaning and left-leaning judges, and where individual private actors can bring a private right of action with staggeringly high penalties, and a ton of opportunity to forum shop.
Philosophically, there's a fun question about the difference between sending in the troops and charging 150k for each violation, but there's a point where the practical difference gets pretty small, and it happens pretty quick when the target's main assets will also be the tools necessary to not comply.
gattsuru
21d ago
Yeah, that's absolutely fair, and 'constructive possession' is in many ways just the tip of the iceberg, as bad as the shoestring machine is. Stuff like autokeycard, the various recent regulatory changes, Abramski, so on, very much show the limits of textual formalism as a control protecting the actually disfavored, even to the point of blocking defendants from raising the text.
gattsuru
13d ago
That’s a good one, especially since a lot of mainstream gear in that space depends on annoying IoT stuff.
gattsuru
24d ago
This is already the norm for legally-sanctioned protests, though, right? As I mentioned in other replies, it is common for police to prevent counter protestors from intruding on the space of protestors and vice versa.
That's actually a fun question! The rules for how police can separate protestors and counterprotestors are complex. And this clearly flops many important prongs of that test.
The video looks like it is taken at a courtyard, one of a dozen around the University. They aren’t holding captive the main amphitheater at Columbia or something, where yeah there would be a concern regarding the reasonable use of university amenities.
This thread is south of this video, which was from Yale, about access to a building. And I buy people being blocked from just a few public fora about as much as I buy someone being a 'little bit pregnant'.
Ironically, you could even argue that the courtyard is seeing greater facility during this protest, given the population density from the looks of it.
It was great, for the one side able to use it, isn't the most compelling argument for neutral access to public fora.
gattsuru
24d ago
That’s a moderate argument in favor of unsanctioned protest, if somewhat marred by one of its (first!) prongs turning into whether people like the protest goals or not.
But I don’t need an argument in favor of unsanctioned protest: my metrics there are far simpler. My problem here is not the presence of a protest, but your advocacy of a norm where whatever protest group that takes a public forum first gets to exclude people who disagree with their message.
There might be some edge cases where that’s an unfortunate compromise we have to take, but under vague concerns about ‘confrontation’ are little more than carte blanche
gattsuru
29d ago
it took urban liberal Jewish/* lawyers to deploy it in practice?
I think urban liberal would have stood stronger on its own.
gattsuru
25d ago
Are we gonna get body-cam footage and be able to come to an independent judgment on the conduct of the government in the course of the raid?
No.
The Department of Justice confirmed to me and @JohnBoozman last night that the ATF agents involved in the execution of a search warrant of the home of Bryan Malinowski weren’t wearing body cameras. We will continue to press the Department to explain how this violation of its own policy could’ve happened and to disclose the full circumstances of this tragedy. Mr. Malinowski’s family and the public have a right to a full accounting of the facts.
I'd expect it's more likely that the UK just gets flooded with more CE crap, while the bottom end of the domestic or near-business market lifts its skirt up over the floodwaters, same as the rest of the EU user privacy data stuff. Sorry if that's cynical, but the last time I went to the UK a coworker got zapped because none of the three-prong power adapters he'd locally-purchased actually had connections between the input and output ground plugs.
Some of these restrictions, even some of the good ones, aren't that readily implemented. SecureBoot is only a recommendation, which is good, given that even a lot of mid-range microprocessors don't support it, nevermind the microcontroller world where it's gfl. I've got two projects I'm running now (STM32F103Cx- and Nuvoton NUC980) that don't support it at all, and these aren't exactly ancient PICs. Same, maybe even worse, for the recommendation for memory access controls. Mandating a default-off mode for any debug interface is understandable from a Serious IT Perspective, but it also makes a lot of stuff e-waste in a wide variety of circumstances, and makes a lot of useful prosumer and enthusiast concepts unavailable.
More broadly, this reads a bit like it was written by a mid-studies electrical engineering student, for better or worse. There's a lot of good recommendations, but trying to make a clear distinction between IoT and 'constrained' devices as a simple binary... it's bad enough trying to split microcontrollers from microprocessors, but from a quick read this reg would put harder restrictions on an ESP32 lighting controller than solar-powered NVR system.
On net, it's probably not bad to have a document people can look at, even if they end up shrugging on actual implementations at points, but it's frustrating.
More options
Context Copy link