Still going after all these years.
I’m starting to think that people on social networks, like everything else, follow predictable principles of organization. You can be in an equilibrium for months, adding very few friends to your local aggregation of people, when all of a sudden someone new shows up, and you make dozens of connections in the next few days. Punctuated equilibrium, I think, is the phenomenon that I’m describing. Or just plain old statistical mechanics.
Yeah, it’s that weird kind of night.
Normally I write about application security in this space, but occasionally I’m inspired to write about physical security as well. In this case: Remember the 2006 Heathrow incident that started the War on Liquids? The one in which people were supposed to be bringing the ingredients for a liquid bomb on a flight? Well, the Daily Mail says that they were planning to mix hydrogen peroxide with another unnamed compound, which Bruce Schneier and the Guardian name:
Tang.
That’s right. The drink that took the astronauts to the moon was supposed to blow up seven planes.
Heh. Read the thread on Schneier’s blog for information about the feasibility of this threat, and then ask yourself why we still have to carry on 4 ounce portions of liquid and taste our baby’s breast milk.
Security theatre does not equal security.
Busy today, so just a quick note: I think eMusic just justified the cost of a subscription to the service. All the Rolling Stones albums on ABKCO are on the service now, including the singles compilations. Go, go, download.
The recent coverage of the PWN 2 OWN contest, in which hackers broke into a MacBook Air and a Vista laptop, has generated a little blog heat—but in a misleading way. The headline of this InfoWorld post is an example: MacBook Air is Insecure. With all due respect to Mr. Hultquist, that’s like saying that water is wet. At this point, the way to look at it is not whether a platform is secure or insecure, but rather how much effort it takes to exploit the platform.
As long as software has flaws, it opens computers up to attacks. The fact that the MacBook was hacked through a Safari vulnerability and the Vista machine through a Flash flaw, and that neither could be hacked directly from the network, says something about the manufacturer’s networking code. But more, it says that this contest is not about whether the Mac is more secure than Vista or Ubuntu, but is about the risks introduced by applications with bugs.
So for software vendors it becomes much more critical to find and fix those flaws, and for users, as Hultquist rightly points out, the right approach is to be aware that these vulnerabilities may exist and to behave accordingly.
Man. You can tell the Internet is getting boring when no one bothers to do April Fool’s day pranks. Except for the following:
Geez, other than Google (and, um, my company), is anyone else out there celebrating the foolishness?
Update: Okay, spoke too soon. While the placement of Ima Hogg as the featured article at Wikipedia might itself be an April Fools joke, surely the rewritten lead for the article definitely qualifies: “Ima Hogg was an enterprising circus emcee who brought culture and class to Houston, Texas. A storied ostrich jockey, she once rode to Hawaii to visit the Queen. Raised in government housing, young Ima frolicked among a backyard menagerie of raccoons, possums and a bear…”
And then there’s ever-reliable TidBITS: iPhone Goes International With Iridium, Take Control of (Backdating Stock Options, Swearing in Esperanto, Spouse Sharing in Leopard…), new Twitter feed, US Court Declares Email Bankruptcy Illegal, Mac Users Affected by New Virus, Merriam-Webster Accepts Sponsorship to Redefine Unlimited, and Time Machine Support Added to iPhone and iPod Touch. Nice job, guys. That’s more like it.
When my grandfather passed away in January, I made a resolution that I would do what I could to ensure that he was not forgotten and that my descendants would know about him. So I started a little project that blossomed. The Brackbill Wiki is a set of pages I set up to collect family genealogy information, primarily original documents and pointers to photos. In the process of getting the site together, I also collected a bunch of information about various family members, friends, and institutions.
The core of the site is a set of documents from my grandfather and other family members that he gave to us or that he left behind. In particular, other family members and I are in the process of transcribing four years of his journal that span from the time he graduated from the state teachers’ college to the time my mom was born. The 1939 journal has been completely transcribed and the 1940 journal is in progress. We also used the site to provide a new home for my sister’s project, “Great Aunt Eva’s Blog,” which disappeared when her old blog host shut down. Esta is in the process of bringing it back on the new site right now.
There are a bunch of cool things that have come out of the process of transcribing these journals. I’ve gained a new appreciation for my grandparents’ lives (just how did they work six days a week and go out every night to choir practices and committee meetings? I only work five and I’m exhausted when I get home), for the people they spent time with (Twiddley!), and the infrastructure in which they grew up. I’ve also gotten to know my grandfather, and his sense of humor, a little better.
What occurred to me the other day was how this project is analogous, on a humbler scale, to big digital humanities projects like the Valley of the Shadow project, in which former UVA professor Ed Ayers and a team of students indexed and digitized reams of original materials from two Civil War era communities. In this case, our scope and our team is quite a bit smaller, but thanks to the wiki technology we used the material is coming together quite a bit faster.
Note, 2017-03-29: the Brackbill Wiki has since moved to a new location.
Also known as: How on earth did people write encyclopedias before the Internet?
I’ve been a regular editor on Wikipedia for a while now, with a pretty narrow focus on the University of Virginia and related topics. In the process, I’ve found a list of sources that have made the topic much easier, and might be helpful for other fans of the history of the University:
Note that the sources are hosted by the UVA Library, Google Books, and the Internet Archive. Without the efforts of text initiatives like these I don’t think that what is being done on Wikipedia would be possible. I don’t think that I imagined, when I was an intern applying SGML markup to out-of-copyright texts in the University’s Electronic Text Center (since incorporated into the library’s Scholars Lab), that the work would lead here.
I ran across an interesting concept in my reading today: technical debt, and its cousin design debt. The concept is basically the application of the Second Law of Thermodynamics to software development. As you develop software, you affect the entropy of the code. Feature development typically increases entropy, while refactoring and explicit design activities decrease entropy.
Why do we care about entropy in software code? Code with high entropy is harder to maintain, harder to fix bugs in, and harder to add features to. It basically increases the cost and time to get new releases of the software out.
The concept of design debt argues that this kind of entropy is additive across releases, and that each time you perform entropy positive actions you increase the amount of work needed to dig out and make the code maintainable again.
I’ve lived this, for sure, and I suspect most others have too. But what makes it really interesting is thinking about it dynamically, where it is made clear that design debt decreases the profitability of a project. I think it’s even worse than it appears in the diagram, because the diagram neglects the time dimension. As the cost of development increases, more than likely the time to develop also increases—which means that Domain Evolution proceeds even farther while you are trying to catch up. This means that you have to increase the number of features even more, but that incurs a higher design debt still. It’s an unpleasant positive feedback loop.
I’ve stopped reading Jakob Nielsen on a regular basis, so I missed this: Top-10 Application-Design Mistakes. As it turns out, this is one of the few of Jakob’s Alertboxes that I agree with more than disagree with. Iterative design, paper prototypes, decide what your app should do, beware nonstandard GUI controls, design for the user rather than the back-end system, etc.
Number two particularly amuses me. I was on a business trip with someone who was bitten, hard, by this bug (on a different travel site). His boss booked his travel, and didn’t pay attention to the fact that the position of the months on the calendar changed between the Start and End date fields. Worse, the travel was in February in a non-leap year, so there wasn’t even a difference in date numbers to clue him in (since the Wednesday in March was exactly 28 days after the Wednesday in April). Result? A very long delay for our friend at McCarran Airport in Las Vegas trying to straighten the problem out, so that my friend could get back 30 days earlier than his ticket specified.
Usability mistakes cost.
The big concert, that is, or concerts to be more precise. The last Tanglewood Festival Chorus concert series of the Symphony Hall part of our season is coming up, and it’s big: Hector Berlioz’s two part opera, Les Troyens. Everything about it is big: five acts divided into two nights, big chorus, big orchestra, big writing.
The background on the opera’s composition makes for some interesting reading, a classic battle between artist and public. Berlioz wrote what he felt to be a magnum opus, only to have it whittled down by the only opera house willing to perform it. Of the audiences who came to see the opera, he remarked glumly, “Yes, they are coming, but I am going.”
We’ve had a pair of rehearsals, and all I can say is that so much tonality, after the astringent aesthetic of the Bolcom, feels kind of sinful. Should be a fun run.
New York Times: Red Sox Top A’s, 6-5, in Tokyo Opener. For the curious, no, I did not get out of bed at 5:30 to watch the opener. I did, however, tune into the game on AM radio—something I haven’t ever used on my car before—on the way in to work, to hear that the As were up in the seventh inning.
Yes indeed: daytime temps nearing 50, the Red Sox are back in action, and it’s still light when I drive home from work. Must be spring.
It’s been a while since I wrote a food-oriented post—and of course a holiday weekend is just the thing to trigger one. Lisa’s parents were here this weekend, so our relatively freewheeling Easter dinner that we have honed over the past few years got expanded a little stylistically while reining in a few of the more eccentric ingredients.
The menu: deviled eggs for hors d’oeuvres; glazed ham; mashed potatoes; asparagus; and mushrooms. The deviled eggs were the most restrained compared to past years, where I used wasabi in place of the horseradish my parents always used to perk things up. Instead of wasabi, I just used hot sauce, slightly increased the salt for flavor, and diced up some shallot very fine to mix into the filling. The eggs were superb: eminently edible but leaving one still hungry—and thirsty. As is also traditional at Easter, I accompanied mine with a small amount of bourbon over ice as I was cooking. This year it was Blanton’s, a serendipitous find that I was delighted to have in my liquor cabinet. No juleps this year, though; for one thing, at 30-something degrees, it was too damned cold out to have them or want them.
The potatoes were simple too—half and half and butter in the place of the chicken broth and buttermilk that I’ve used in the past to give them flavor, and I thought the potatoes were bland as a result. But! They were a perfect foil to the mushrooms (sliced, cooked in olive oil and butter with more diced shallot and two cloves of garlic, and then finished covered in the pan), which were a hit. The garlic was definitely the thing. Alas the asparagus! cooked much too long.
The ham was tasty, but—and here regional prejudices rear their head—I do wish I could have found a proper ham. And by proper, I mean country ham, dry-aged, the kind that comes in a burlap bag and tastes a little like a salt lick and a little like a smoky prosciutto. That’s the ham I had a lot of growing up, both at home and at church, where ham biscuits were the order of the day after a sunrise service. But this ham—a spiral sliced ham with a brown sugar and orange juice glaze, was pretty good in its own way—just not quite the way my mouth remembered it.
After dinner, of course, the requisite ham biscuits. Mine reflected my inner culinary struggle, with mustard on top and butter on the bottom. Yes! Butter with ham. And if you think it’s insane, ask the street vendors in Provence selling jambon cru sandwiches with thick local butter about it, and then come back and tell me I was right. Of course it‘s not the Provençal coming out in me so much as the Pennsylvania Dutch grandmother, but oh well.
Others had clam chowder with dinner—Legal’s, sold prepackaged, and it occurred to me how much easy access to the greatest ambrosia breeds contempt. Watching the others eat it made me think about the Bull Island clam chowder I grew up with, cooked with a clear broth, not milk, and certainly not with tomato.
Happy Good Friday! In honor of the day when history turned upside down, here’s a keen little insight from the late Joseph Weizenbaum (via helmintholog, via Scott Rosenberg): some programmers are compulsive programmers who, in taking a purely software-centric approach to solving problems, set themselves up for failure and take the organizations in which they work hostage. Weizenbaum cites some nifty examples of this, such as the programmer who can’t be bothered to write documentation for his mission critical hacks.
Weizenbaum goes on to cast this critique of hacker culture—the concept that everything can be explained by the computer, and that no external skills are needed—in the context of scientism, the belief that science alone, without external belief systems or other human considerations, is sufficient to explain everything about the world around us.
I may have to go and dig up a copy of the book. It sounds like a thought provoking read along the lines of Winner’s The Whale and the Reactor.
I was going to take a shot at ripping apart this Leander Kahney article in Wired magazine on how Apple is the anti-Google and therefore evil, but I figured if I waited long enough that John Gruber at Daring Fireball would do it for me. Gruber didn’t disappoint, noting that “by Kahney’s logic, any company that is different from Google – and clearly most companies are far more different from Google than Apple is – is evil. I can’t tell if Kahney is being willfully obtuse or is simply a shithead.” Heh.
The accompanying list of 5 ways that Apple “breaks the rules” makes me wish that Gruber had gone after it as well. Software should be decoupled from hardware, huh? So it can run on just any phone or computer? We have a name for that kind of application. It’s called a web application. You know, the kind of application that Apple encouraged people to develop for the iPhone, and that all the pundits said wasn’t sufficient. Now Kahney slams Apple for encouraging people to build apps that run on the iPhone natively. What does he really want? Maybe Kahney is really asking for the iPhone OS to run on any old phone hardware platform. I can tell you that I can think of no surer way to ruin the user experience, and the brand, than to cram the iPhone software onto a piece of crap like the Sony Ericsson phone I just got rid of, or even onto my wife’s Blackberry Pearl.
The third point, that every Mac is preloaded with Apple software, makes me laugh. You think PC users like having a bunch of crap applications preloaded on their machines? Windows Media Player, which is preloaded on Windows everywhere but the EU, is an OK media player and it’s the default, unless the OEM changes it. But that has nothing to do with the OEM’s concern for the end user’s experience, and everything to do with the revenue they get from the partner from whom they are bundling the software. To be fair, Apple chooses not to bundle competing products, but they have bundled third party software, notably Quickbooks and trials from the Omni group. On both Windows and the Mac, the user can change the default music player (or any other default program) very easily. Would Kahney prefer that Apple shipped with no default player and made the user download one?
And the whole point about the iTunes/iPod closed loop is such a piece of crap. One word: MP3. Available on every platform. You can rip your CDs to MP3s, using iTunes, and put the MP3s on your iPod. One point in favor of this argument: iTunes for Windows doesn’t support syncing to non-iPod players, but there’s a free plugin to fix that.
The fourth point, love your customers, sounds like a page from the Good Product Manager blog. How to be a bad product manager: give your customers whatever they want and ask for in your product, regardless of the cost of support and regardless of whether the resulting product actually does what your customer wants it to do. How else to explain Kahney’s inexplicably picking on the “no floppy drive in an iMac” decision, which in retrospect was not only one of the smartest things that Apple ever did but also created the market for USB thumb drive storage? And the MacBook Air “no optical drive” situation has been covered over and over again. It’s called making intelligent trade offs. It’s what every product manager does.
I enjoyed the Fake Steve Jobs smack-down on Kahney, and wish that he had gone farther. There’s a lot of good lessons to learn in the article for a product manager with half a brain; you just need to dig in and question every assumption that Kahney makes.
A few comics related links this morning. First, it will be of interests to comics historians, fantasy fans, and my sister that the full archive of Elfquest is going on line for free to mark the comic’s thirtieth anniversary; the archive will fill up over the coming year. That’s a whole lotta Pini, folks. If you thought catching up with the Sluggy Freelance archives took a long time, just wait.
The other freebie is an archive of the original art for the first issue of Elektra: Assassin, written by Frank Miller and lovingly painted by Bill Sienkiewicz. If you think Miller’s later work was weird, intense, and violent, just wait until you feast your mind on this one. (Greg Burgas wrote an excellent review of the series that might lend some context to the art.)