# Coffee Space

Listen:

## Iris Messenger {Vol 2 Issue 1}

### Overview

Welcome back after a short break of just 5 years! This article series was originally stopped after volume 1, issue 7, in September 2017 1, after the article became too difficult to maintain.

Since then, the ability to automate the creation of articles has greatly improved as well as generally having better knowledge capture systems available. Going forwards, releases are planned for once a month, for a total of 12 issues a year, free of charge on CoffeeSpace 2. There are a few key other differences:

• Dark/light theme - The plan is to offer two different themed digital versions, a dark theme (better for viewing) and a light theme (better for printing).
• Links as notes - Rather than use a link shortener as done previously, links are now offered in full as footnotes.
• More sections - As will be seen, there is a lot more content in the new issues, including news, links, politics, website articles, open problems and puzzles.

The target audience for this content is both wide and narrow - tech/engineering people with an interest in politics. Of course people are also free to read the parts they are most interested in.

### Tech News

The following are highlights from major news items in the tech world. This update brings two CVEs.

#### Chrome RCE

`CVE-2022-1096` - Due to a type confusion in V8, it appears possible to have Google Chrome and Chromium perform remote code execution (RCE) 3. Worse still, it appears this bug is being actively exploited in the wild.

Encase you haven't done so already, update your Chrome/Chromium browser and confirm the version is at least 99.0.4844.84 where the patch was deployed. Unfortunately for some users, not all Chromium builds are well maintained 5.

#### Dirty Pipe

`CVE-2022-0847` - As Max Kellermann describes 6:

This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.

About as serious as it gets. It was discovered after a year of corrupted log files from a commercial client, where processes were able to write to other processes read-only files!

On the plus side, after recognizing the bug, it took just two weeks to go from reporting the bug to a wide scale kernel patch. Now we all just need to update these ancient kernels!

### Politics

The following is a collection of interesting politics happening around the world. These are a commentary on ongoing events.

#### Food Shortages

Encase it escaped your notice, food shortages are definitely coming 16. Partly due to COVID, partly due to overdue inflation, partly due to the Russian invasion of Ukraine and partly due to a cascade failure in globalisation, we are going to see global shortages of basic foods that will likely affect all.

As energy prices have increased, the energy cost of farming has also increased, making low-margin crop and live-stock unattractive to farmers as the risk increases. We then see major exporters of fertilizer such as Russia and China banning their exports, meaning remaining demand outstrips supply and prices increase.

As a result, farmers have moved towards less fertilizer intense crop such as corn and move towards crop such as soy 18. Bare in mind there is already going to be shortages of wheat and corn as Russia and Ukraine are major exporters of these items.

Even if we want to ramp-up domestic production, this has a lead-time of at least 4 months (time taken to grow), not to mention how difficult it is to gather the resources required (land, expertise, materials, funding, etc). Needless to say, it is a responsible action to slowly start overstocking your food supplies to reduce the effects of a surge. Just be sure not to waste food.

#### Russia Default

Russia has sent their bond payments in Rubles after the US blocked payment in US dollars, likely putting Russian in technical default very soon (after a 30 day grace period) 19. With Russia's artificially inflated economy, those Rubles aren't going to be worth much, and investors will be reluctant to accept.

This will likely have a very large impact on Russia's economy, increase their debt and decrease their borrowing power. There is apparently now a 99% chance they will default on their obligations. How this will play out further is hard to tell.

#### US Mid-Terms

The winds are not currently blowing in favour of the Democrats, with them recently rolling out Obama and offering to postpone student debt loans to boost approval 21. Bare in mind, he already made the promise during the 2020 election to forgive all undergraduate student debt 22.

It's quite likely that the reason the Democrats have rammed through so many spending bills recently is that they realise it is about to get much tougher, with a red-wave predicted. Things are not looking good in preparation for the mid-terms in early November. We will also likely get Trump officially announcing he will be running.

#### French Election

The 2022 French presidential election kicks off, which will be held on the 12th of June with run-offs on the 19th 24. The two main players are Emmanuel Macron (current leader) and Marine Le Pen (main opposition). Currently the opinion polls swing wildly week-by-week, mostly still in Macron's favour, but increasingly less.

Macron is supposed to represent the left-wing and Le Pen is supposed to represent the right-wing (although the media have largely billed her as 'far-right', which is incorrect). Topics worth keeping an eye on are living standards, immigration and the future of the EU.

Why should you care? If you live in the EU, Macron currently represents the old guard leadership and has a lot of power. He is currently trying to position himself as an authoritative voice on behalf of the EU with negotiations with Putin. This could have large implications on the European continent.

### CoffeeSpace

These are a collection of articles I recommend taking a look at from the site.

#### Blogs

I wrote a great article on Going Green 27, where I re-processed the statistics of New Zealand's greenhouse gas emissions and show that they are unfairly burdening the working class.

[Src: CoffeeSpace 28]](iris-messenger-vol-2-issue-1/benwallace-cmp.png)

I managed to get a copy of the Ben Wallace Prank before Youtube banned it 29, showing UK Defence Secretary Ben Wallace leaking military secrets to Russian pranksters.

#### Reports

There is a nice article on Colour Selection 30 where you want to produce unique and easily identifiable colours. It ends with a useful Python function for generating HTML RGB strings.

Another article of interest is Server Update 31, a discussion on how to auto-pull updates with just a simple bash script.

The last article I suggest from this section is one based on Directory Sampling 32, an attack I theorized about 8 years ago or so for finding hidden directories.

#### Other

A nice long abstract discussing robotics developments, hinting at some work we currently actively work on 33. There is certainly some nice progress being made slowly but surely in this space.

### Open Problems

Here I want to explore some very basic problems, but ones that are highly interesting. The idea is that readers may explore or discuss these problems, but mostly they are there to foster curiosity.

A question I've had for a long time is regarding Langton's ant 34, a basic cellular automata with the following rules:

• If current patch white, turn 90 degrees clockwise, set patch black and move forward one patch.
• If current patch black, turn 90 degrees counter-clockwise, set patch white, move forward one patch.
• (Added) If the ant moves outside of the designated environment, loop.

The question is this: For a given Langton's ant environment of width and height of specified value, how many actions does it require for the environment to return to the original state?

This may sound simple at first, but bare in mind that there are ${2}^{W+H}$ different possible states of the patches alone. But it is made more complicated by the fact that the agent also carries state in the form of $x$, $y$ and $\alpha$. Given the environment loops we do not care where the agent ends up or in what rotation (although these are also quite interesting).

You may run this problem in a simple environment and see that it is predictable for small environments. But it is known that the problem has several 'modes' of behaviour.

### Puzzles

This is a randomly generated sudoku problem based on an open source sudoku generator 36:

It was a little of a pain to setup, but hopefully it is agreed it works quite nicely in the end. In the future I will look towards making the process simpler for editing.

Hopefully the next article doesn't take 5 years! Check back next month for the next instalment.

Thank you for reading. If you have any suggestions, please email `barray` `[at]` `protonmail` `[dot]` `com`.