Saturday, September 29

Followup to an earlier post: We finally got a response from Google letting E. reset her Gmail password, though it took long enough that we'd given up and quit checking the appropriate e-mail, so we only actually noticed it tonight.

It turns out that, aside from bogus Paypal charges, our friends in Hong Kong attempted a fairly transparent eBay scam. The thing that strikes me here is that actors like Paypal and eBay are really good at catching this kind of thing - though we temporarily lost some dollars to the Paypal charges, most of the transactions were immediately flagged as suspicious, and the eBay auctions were taken down in short order. What's really weird is that, with all of the work and apparatus going into fraud detection, everything is still tied to this mail address = identity conceit - even as compromised mail accounts have to be one of the most common and basic avenues of attacks.

Maybe this was sane when everyone was using a mail provider with some immediate, human accountability (a local ISP or institutional affiliation), but in the world of webmail and "forgot your password?" links, it just don't make sense. It's kind of like most of the basic practices around identity are still operating on unexamined assumptions forged sometime in the mid 90s.

Friday, September 28

Chris Mercogliano is in town on a book tour and crashing on our couch for a couple of days. I haven't read the book yet, but I did go to a talk he did last night at Naropa. One liner version: Childhood is ever-more subject to a range of controlling and domesticating influences (soccer tots, medicalization, school, electronic pacification, you get the idea), and this is not a good thing.

Chris is a smart guy. If you're at all interested in these problems, his stuff is probably worth reading. If you're in Boulder, there's a signing tonight at your friendly local radical leftist bookstore.

Tuesday, September 25

important historical documents

p1k3: now with just over 10 years of content. If you're looking to feel better about how pathetic you were in highschool, the first four years or so ought to help. Unless they just bring back memories too painful to confront directly.

rand quotient

I'd like to propose a new standard metric for gauging the compound intellectual maturity of an internet-based discussion.

Specifically, given a discussion thread touching on any of general philosophy, epistemology, ethics, economics, or capitalism, count the number of posts which either strongly assert or vociferously debate the merits of Ayn Rand as a philosopher (including all meta-argument posts about the argument about Ayn Rand), and divide this by the total number of posts.

As the Rand Quotient approaches .5, consider walking away. If you're still reading as it approaches 1, you have no one to blame but yourself.

My inspiration is two collections of comments on Paul Graham's latest. As of this writing, they clock in as follows:

This could be further refined, but if you read the linked comments, I think you'll find I've stumbled on a useful measure. Perhaps, in the spirit of A Plan for Spam, we could develop a browser plugin which uses Bayesian filtering techniques to recognize the Standard Ayn Rand Thread, then estimates the Rand Quotient for a given discussion.

Monday, September 24

carolAnn is writing a poem about spiders

Brennen: urbandictionary: Clock Spider
Brennen: be sure you click all the way over to #3.
CarolAnn: will i hate you if i look at this?
CarolAnn: like, have nightmares?
CarolAnn: don't lie!
Brennen: maybe a little.
Brennen: but it will help your poem.
CarolAnn: OH GOD
CarolAnn: OH GOD
CarolAnn: OH GOD
CarolAnn: i'm moving to the arctic
Brennen: I'm sure it's photoshopped.
CarolAnn: i don't really care
Brennen: they have spiders there too, you know.
Brennen: ice spiders.
CarolAnn: it has eight legs, after all
CarolAnn: you're lying
Brennen: you can't prove it.
CarolAnn: yes i can, when i'm living in my safe little ice hut and no spiders ever show up
Brennen: global warming.
CarolAnn: i hate you
CarolAnn: but at least i have a swiffer
Brennen: god is merciful.

Sunday, September 23

... Feelings accompany the metaphysical and metapsychical fact of love, but they do not constitute it. The accompanying feelings can be of greatly differing kinds. The feeling of Jesus for the demoniac differs from his feeling for the beloved disciple, but the love is the one love. Feelings are "entertained": love comes to pass. Feelings dwell in man; but man dwells in his love. That is no metaphor, but the actual truth. Love does not cling to the I in such a way as to have the Thou only for its "content," its object, but love is between I and Thou. The man who does not know this, with his very being know this, does not know love; even though he ascribes to it the feelings he lives through, experiences, enjoys, and expresses. ...

— Martin Buber, "I and Thou"

Saturday, September 22

Paul Graham's latest bit, How to Do Philosophy, is interesting.

As with the recent An Alternative Theory of Unions, I cannot shake the sense that Graham is either talking out of his ass on various points, or simply ignoring things because they would undermine the apparent novelty and breadth of his arguments. It's always hard to know what I should do with this feeling when it comes in response to someone with greater domain knowledge, but I am learning not to ignore it.

That said, the essay is well worth a read.

Monday, September 17

I just spent a couple of hours making p1k3 do very simple image galleries. There's one up at /winfield, which for now just has some pictures from 2005, but I'll be adding a bunch more this week.

Friday, September 14

the candle table

Wednesday, September 12

drosophila melanogaster or a close cousin circles in the dead air of the kitchen. I have a squash in the oven. There was supposed to be hamburger casserole and stir-fried frozen vegetables ("California Style, with Broccoli, Corn, Black Beans, & Peppers"), but Elizabeth brought home slices of pizza instead, saying that she couldn't do hamburger again. Now I don't know what will become of the squash.

We're leaving for Kansas in the morning.

Tuesday, September 11

I just finished proofing what has got to be nearly the final version of Levente's book, the scintillatingly titled Corruption and Democratic Performance. I would like to share a brief passage:

The procedure that marries the advantages of producing unbiased estimates and introducing the appropriate level of uncertainty in the modeling while being highly efficient is multiple imputation. Multiple imputation (MI) requires the researcher to impute missing values several times, creating M number of independent complete datasets. Imputations can have different imputed values in all datasets, as they are simulated values that consider both the expected value for the missing item and the uncertainty. The imputation is a random draw from the plausible distribution of the item. These M datasets have to be analyzed independently, with the same analytical procedure and their results combined using a set of formulas which are collectively known as Rubin's rules. Simulation studies have shown that M ≥ 10 imputations produce sufficiently accurate results in longitudinal models. This is how I determined the number of imputations I used.

Tugs at the heartstrings, don't it?

Monday, September 10

a word about multi-file projects

(Chopped out of an earlier post and modified slightly.)

I've been living in Bash & Vim since I was about 19, and I am getting tired of typing. Part of a solution to this, is of course, making better use of the facilities at hand: Script more, use better editor macros and keybindings, remember that ctags is there, write Makefiles, get better with find(1) and xargs(1) and Perl one-liners.

But it's also starting to feel like, at this late date, part of the solution should be graphical. The last IDE I used seriously was Microsoft's QBasic, unless you count things like mIRC's built-in scripting, but I'm finally starting to be a bit jealous of basic features of contemporary IDEs like Eclipse.

Specifically, when this thing you're working on is spread across half a dozen different kinds of file (schema, HTML template, Perl, CSS, JavaScript, PNG), it can be amazingly useful to have that clickable/collapsable list of project files ready to hand. Likewise for painless tabs and visual bookmarking. Arguably these aren't really IDE features so much as they're the kind of thing you get if your editor grew up in a graphical environment.

I've been messing with a Vim plugin called Project for the last couple of days. It's essentially some folding and keybindings wrapped around a structured file, so that

FieldTrip=/home/bbearnes/fieldtrip CD=. {
  FieldTrip.pm
  pages=pages {
    frontpage.html
    header.html
    footer.html
  }
}

gives you a double-clickable list of files in a project. The interface breaks in a couple of places, and Vim's fold highlighting has always annoyed me, but this is probably 70% of what I want. I'm not sure how easy the other 30% will be to come by. Maybe I'm just wishing for a gvim which feels more native to its environment, or a file manager that knows how to talk to vim.

There's an argument to be made that much of the physical effort of using software emerges directly from the costs and requirements of holding things in memory - entities, paths, context. You wind up maintaining a complex mental model of system structure and state and physically navigating the system by reference to that model. Where there's rapid access to some kind of broad visual overview, I think you can shortcut a lot of that.

This has got its own set of problems, and you can have my xterm when you pry the keyboard from from my cold, dead hands - but it seems obvious that GUI approaches to context-display can be a lot less costly, where you've got a lot of context to display. How many times do I needlessly type "ls" in a given day, and why do I spend so much time specifying and navigating between discrete elements of a hierarchy or graph?

The rodent has long had a considerable advantage for things like continuous input, navigation, and selection. The people who brought you the Macintosh weren't exactly wrong about these things, they just insisted on throwing out the command-line baby with the bathwater, and somehow we're all still living with the consequences. Or at least we are on the level that most people interact with a filesystem.

Counterexamples do multiply, because the best interfaces in certain domains seem to independently arrive at some kind of hybrid model: Nobody played Quake with a keyboard alone (well, nobody sane), but Quake was a deeply good interface as much because it provided a builtin console and scriptable keybindings as because of the fluid and expressive mouse-input model. Similar things can probably be said about certain IRC clients, or the browser URL bar (the command line triumphs by stealth).

Sunday, September 9

CarolAnn says that we're only happy when we're doing things we'll regret.

Saturday, September 8

grape flavored

There isn't really much Kool-Aid to drink in this instance, but I thought I might talk about how much mileage I have recently gotten out of using CGI::Application, a web application framework.

There are two directions I could go with this. One is for people who might be contemplating a Perl5 web framework and looking for someone to tip the balance one way or another, or maybe just give them a sense of what it would be easiest to do. That essay and some associated points follow, and all but three of my regular readers probably want to skip it. The other direction is some general rambling about abstraction in the abstract, which I might get to in a day or two.

more: grape_flavored

Friday, September 7

Am contemplating an excursion to Nebraska as a precursor to Winfield - a plan conceived over a pitcher of PBR, so who knows whether it will come to fruition.

(One of these years I need to get back to making plans of this nature about places that aren't predominantly-rural states in the middle of the country where I lived most of my life.)

LATER: Being quasi-responsible, have decided not to drive today. If anyone's headed East from Boulder/Denver on I-80 early next week, I'm still thinking about it.

Wednesday, September 5

I've always wanted to be good at lots of things. Actually, that's not quite true: I've always thought that serious people are good at lots of things. I blame some of this on Robert Heinlein, and more of it on my parents.1 The conceptual model of useful I inherited from them is, it turns out, well above the American cultural median.

Handle livestock, grow a garden, plant a field, build most of your own furniture, fix the plumbing, weld, sew, knit, quilt, turn wood, run a combine, drive a truck, cut down a tree, back a trailer, split a log, start a fire, cook, bake, can, do your taxes, make paper, shoot, lay tile, pour concrete, build a barn, fix the roof, dig a posthole, build fence, change a tire, teach, sing,

(false start, but I'll come back to this)

1 Of course, this is circular - my dad is responsible for buying all those novels in the first place. And in another life, one with more rockets and polygamy, I suspect he might have been a Heinlein character himself.

Saturday, September 1

your paranoia is justified

So Elizabeth's Gmail account got cracked sometime last week, which of course in this era of deeply intermeshed and profoundly vulnerable authentication regimes pretty much means that our shared financial life just took on the security profile of a comatose hedgehog on its back.

So far the little bastards have only spent about a hundred bucks of our reserves, primarily on RuneScape subscriptions.1 We've taken the usual steps, redundantly reported fraud to enough of the appropriate parties to hope that someone, somewhere in the chain, will refund the missing dollars, and things are probably contained. Maybe.

Outcomes will depend heavily on how Google responds to our desperate plea for help. Their security policy appears to work as follows in the case of a compromised account:

  1. Can't log in? We'll e-mail you a change password link!
  2. Gosh, someone has changed the secondary e-mail associated with your gmail account? Well, just wait 5 days without attempting a login and answer your security questions!
  3. Someone is actively using your account and/or has changed your security questions anyway? Gosh, you're completely fucked!

There's a "my account has been compromised holy shit please help" form, but until early this morning it was mysteriously returning a 404. I filled it out. We'll see what happens. If no real response arrives, you can be assured that I will make as much noise as humanly possible about the insane catch-22 built into Gmail security ("a question for Google: what's the fundamental difference between indifferent and evil?" strikes me as a catchy social-bookmarking sort of headline), but of course it won't make a goddamned bit of difference.

ANYWAY, the truth is that this is all my fault and I know it. I forgot a fundamental technological rule: paranoia is always justified, and your complacence will destroy you.

Systems fail. Catastrophically. All of them, in proportion to the trust you place in them and the magnitude of your need for their basic functions. Often enough to matter, there are malicious parties interested in their failure. Script-kiddies breed like flies. The government where you live is careening ever-closer to a totalitarianism overhauled by the fundamental realization that mundane and implicit evil mixed well with broadcast commercial soul-rot has a half-life that makes Stalin and Hitler look like complete chumps.2 What matters more for your immediate concerns, entropy is out to get you and entropy is going to win. Learn this and live by it. Back up your hard drive every day. Encrypt the living shit out of everything. Never send anything in plaintext. Change your passwords. Don't give the Verizon/Qwest/Comcast rep on the phone your goddamned Social Security Number. Laugh at the Best Buy peon asking for your home phone, date of birth, and mother's maiden name. Compartmentalize every important form of access to the things you care about. Use version control for everything that matters. Have redundant copies. Stop using public terminals and sketchy unsecured wireless. I am watching you download mediocre internet porn. Just fucking stop it. Bring your bike inside from the front porch, because I promise you some kid with a hacksaw can take care of that cute little lock in about 30 seconds flat.

1 At least no one is doing anything that will ever get them laid on my remarkably limited dime.

2 Fuck you, Mike Godwin.