I haven’t yet had chance to read this properly, but it’s very exciting and impressive, and will no doubt be essential supplementary reading on the security course I’m teaching next term: Countering Trusting Trust through Diverse Double-Compiling.
Update 2006-01-26: Bruce Schneier’s lucid explanation.
Build-it-yourself cell phones – hardware and software [bash]
Personally, I’d just be happy with a phone that was scriptable with Python, but hey.
At the end of every module we teach, we hand out forms to all the students asking for feedback. One of my second year seems to be impressed, and made the following +1 Insightful comment at the bottom of his form:
Mr Gimblett’s lectures tell a compelling story. His office is full of leather-bound books and his apartment smells of rich mahogany.
Please would whoever is selling LSD to my students stop it?
A really good meal: it takes you from not believing you could ever be full, to not believing you could ever be hungry again.
(Not very taoist, I realise…)
Nice life hack which I should remember next time I need to, for example, arrange tutorials with my students…
I’ve just stumbled upon the wikipedia entry for the Riverworld series of books which sounds both barmy and intruiging.
… the Riverworld is an Earthlike planet whose surface has been sculpted to consist solely of one staggeringly long river-valley.
The story of Riverworld begins when almost the whole of humanity, from the time of the first homo sapiens through to the early 21st century, is simultaneously resurrected along the banks of the river, an estimated thirty-five to thirty-seven billion people.
There’s more. It is, of course, impossible to tell from the article if they’re well written or a bunch of pants. A lot of sci-fi works enjoy a vociferous and enthusiastic fanbase while still being turgid rubbish… The mention of Esperanto is troubling… Hmmm, well, ultimately I suppose I should just get hold of a copy of the first book and see what I think – unless anyone can advise me otherwise? :-)
Americans using (banned) napalm and white phosphorous in Iraq, BBC not reporting it, thanks to practice of embedding reporters in military units [robot].
Thus, BBC viewers were unaware of the fine words of Colonel James Alles, commander of the US Marine Air Group II. “We napalmed both those bridge approaches,” he said. “Unfortunately, there were people there…. you could see them in the cockpit video… It’s no great way to die. The generals love napalm. It has a big psychological effect.”
(And of course, there’s that other old “what in name of all that is good are they thinking?” chestnut, depleted uranium…
I’ve heard many people in the UK talk disparagingly about how the “news” in the USA is just a joke, a farce, and that most Americans have no real idea of what’s actually going on in the world. Alas, America doesn’t (of course) hold the monopoly on biased/incompetent journalism…
w00t – I just watched the sun rise, standing on the beach. Delicious, no matter how cold your ears get.
Update 2006-10-15: For reasons discussed below and in the comments, I am no longer allowing comments which say “I installed such-and-such-a-driver and it fixed it”. Thanks.
Update 2006-05-19: OK, will people please stop posting comments that say “on Windows you can just use the Synaptics drivers” or similar? Yes, I’m sure it’s true, but no, it’s not very interesting, since this post is about how to fix the problem if you’re not running Windows. Thanks. :-)
Update 2006-03-03/2007-02-27: someone has just added a comment pointing to these instructions which claim to fix the problem without cutting the cable. Instead, they involve inserting a small piece of plastic shielding (but see comment #92 for a warning why not to use an anti-static bag for this purpose). I haven’t tried this out (and can’t any more!) but if anyone comes here looking for a solution, and tries this out, I’d love to know if it worked or not. Also, I’ll keep a local copy of that page in case it ever goes away – again, if it does, please let me know and I’ll publish the instructions here instead. Thanks!As reported previously, I now use a Dell C600 laptop for most of my computing. I’m running FreeBSD and it’s been a very agreeable experience. There has, however, been one fly in the ointment. It started small – one day I was typing and the mouse pointer started slowly drifting to the corner of the screen. Odd. I pulled it out, and carried on with my day. Then it started happening more frequently… In my first lecture of the year, it went completely doolally, rushing up into the top-right corner and refusing to come out. Since then, every now and then it’s been doing this intermittently, sometimes just a little, sometimes so much that the pointer is unusable. I’ve managed quite well for two months, because I use the mouse as little as possible. I do most of my work at the command line or in emacs, and only really need the pointer for web browsing, chat, drawing and painting. Yesterday, however, I snapped. It was too much – the pointer dancing all over the screen like a drunken hillbilly, my blood pressure rising, clearly something had to be done… Read the rest of this entry »
I really enjoyed this article, if only for the profound sense of relief it drenched me in. When I program, I program in emacs, mostly, (but not always) in python, and mostly (but not always), under Unix. I haven’t done any “visual” programming for over seven years, and haven’t missed it. I found the experience painful. I do sometimes, however, worry that I’m getting stuck in the dark ages, or missing something great – that I would be so much more productive if I just “got with the program” and did things The Modern Way.
The article reinforces my underlying belief that what I do is right, for me at least. I remain convinced that the programmer’s most important tool is their brain, and that the programmer’s key task is organisation. Any tool that gets in the way of that task, and which prevents me from wielding my brain to full effect, diminishes my ability to program well.
The other thing the article confirms for me is that yes, Windows programming really has been horrible since day one. So much of what I read there had me nodding, saying to myself “Yes! When I did this I knew it was wrong! I knew it was stupid!”. I’m definitely better off out of it. :-)
Will has published a few rather good photos Bash took over the summer, at the Welsh National Botanical Gardens and elsewhere.
Oona King in America, talking about New Orleans, the race divide, and in particular the idea that whites don’t think about race, just because they don’t have to. Good stuff, to make you wish even more fervently that George Galloway hadn’t unseated her.
On Saturday morning, I drove Bash to Cardiff Airport and saw her off to Amsterdam, where she’s spending the week reporting on Eurooscon for Ping Wales. How, then, to spend the afternoon? I somehow managed to resist the alluring prospect of tidying the house, saving it for Sunday, and instead walked from our house to Three Cliffs Bay. It were nice.
Photos are here, potentially boring account follows…
(By the way, Friday night was rather good too – Lanonima Imperial at Taliesin, performing The Ecstasy of Orpheus. We somehow got invited to the after-show nibbles and wine, and Will’s excellent art is here.)Read the rest of this entry »
Anyone stupid enough to believe The Powers That Be when they say anti-terror legislation won’t be used inappropriately for general authoritarian head-stamping should read this about a woman arrested under the Terrorism Act for walking on a cycle path [robot].
Living in Britain? Give a monkey about civil rights? Give a monkey about civil rights in a digital age? Me too.
Or at the very least, read this to find out why you might want to do such a thing.
The Feynman Lectures on Physics – PDF notes on all the lectures and mp3s for most of them. Gigabytes of data, however…
Update 2006-10-07: looks like that’s now a dead like. I guess the copyright police wrote a threatening email, or something. Ah well…
Python Browser Posuer (formerly “Python Browser Probe”):
… exposes browser functionality at the level of a shell-like interpreter so that testers can quickly write tests in a simple language designed specifically for that purpose. Anyone familiar with a command line should be able to write test scripts for even the most complex web applications with PBP.
Handy. Other approaches to this problem exist and will be blogged about when I can be bothered to try them out (as will this, further). For now, a bookmark.
A month of silence. What have I been doing?
The Linux 2005 conference showed me two things very clearly.
One, I needed my own laptop. I’d been limping along using a departmental Windows laptop shared with another tutor, but I knew that wasn’t going to fly this year because it was tricky enough last year, and our teaching loads have both increased since then. Sitting in a room full of Unix geeks listening to talks about Unix while typing on a Windows laptop made me feel dirty – time to break free.
Two, Linux is getting very messy – maybe it’s time to give the BSDs a try. Another good reason for this is the security module I’m teaching this year – part of that’s gonna cover OpenBSD and the like, so…
Result: one second-hand Dell C600 from eBay, a new battery, a new big hard drive, FreeBSD 6.0 beta 4, and lots and lots of learning. It’s taken a while to get up and running, and the process hasn’t been helped by having to return the hard drive ‘cos it was riddled with errors (but I learnt about SMART, so that was good), and it hasn’t been helped by the metal pins in the right-hand hinge of the laptop screen shearing, necessitating the purchase of a replacement “screen backing” (but I learnt about lapop repair, and how easy it is in this modular age, with the right instructions at least, so that was good too, ultimately).
It’s been fun, but for some reason I haven’t felt in the least like blogging throughout the whole episode. You’d think this would be ideal technical blog fodder wouldn’t you…? Imagine, a whole month of “OK, so video was crashing the laptop hard every time I started vlc, but I spoke to TR and he suggested I use the VESA driver instead of the ATI one and that’s completely fixed it – w00t”. That would have been exciting, wouldn’t it? Well, arguably yes, and arguably it would have helped other people with this same laptop when they installed FreeBSD in the future. Maybe I’ll summarise my experience sometime – discharge my public duty that way. Or maybe not.
Anyway, for whatever reason I was more focussed on actually doing the job than writing about it. I think I’ve also been feeling a bit less like blogging because it’s been suggested to me that the words I write here are not my own; that I only echo others’ thoughts and sentiments without truly reflecting myself. That’s possibly true. Perhaps I don’t want to truly reflect myself in public. I started this blog long enough ago to predate the blogging explosion, and its primary purpose was (and remains) “a big list of links I don’t want cluttering my browser bookmarks”. Any ranting or diarising included was incidental (though yes, there’s been more as time’s moved on). But these days a blog is seen as something more than that, a window on the writer. Having this pointed out to me, that through my window it looked like I had no thoughts of my own, has disturbed me, and I’m not sure how much I want to play. This has certainly influenced my recent quietness. Whether the outcome will be more or less (zero?) opinionating in the future, I don’t yet know.
Having said that, I’m going to give one short, informed, and genuinely “mine” opinion: BSD is very nice indeed. Linux has been feeling increasingly cluttered and messy to me, and FreeBSD (on the laptop) and OpenBSD (on another box which I’m using for various things) are undeniably both clean and coherent in a way Linux never has been and probably never will be. I’m enjoying that. And I haven’t, so far, found anything I can’t do with this system that I could with a Linux distro (or would want to, anyway). Thus, and in summary: It’s good to have finally made the switch.
Spotted on the cover of ACM’s “Computing Reviews” (vol 46, number 8):
Information wants to be free. Information also wants to be expensive. Information wants to be free because it has become so cheap to distribute, copy, and recombine – too cheap to meter. It wants to be expensive because it can be immeasurably valuable to the recipient. That tension will not go away. It leads to endless wrenching debate about price, copyright, “intellectual property”, the moral rightness of casual distribution, because each new round of new devices makes the tension worse, not better.
The above is an obvious truism for anyone paying attention much today, and hardly worth blogging. What’s interesting is that those words weren’t written today – they were written an eon ago, in 1987. It’s from “The media lab: inventing the future at MIT” by Stewart Brand. I find it interesting that this perception existed even back then, before HTTP was invented and the net exploded onto the public consciousness. I also find it interesting that the term “intellectual property” gets quotes around it, presumably because of its unfamiliarity and dubiousness – which don’t think it would today.
Also, from vol 46 number 5:
Technology is a servant who makes so much noise cleaning up in the next room that his master cannot make music. — Karl Kraus, “Half-Truths and One-and-a-Half Truths”, 1990.
Since I didn’t get very far with writing about the UKUUG Linux 2005 Conference, I refer the interested reader to the Ping Wales coverage: day one (tutorials), day 2, day 3 and their first feature arising from the show, which looks at Cutter Project’s work, and is probably more coherent than my hastily penned efforts.
About a year or so ago, Bash and I opened a joint account with Smile, who call themselves “the internet bank”. Now, perhaps there was a time, long ago, where Smile were ahead of the pack and could justify calling themselves that. Unfortunately, it looks to me like that time (if it ever existed) is long gone, and the only justification for the moniker is that they don’t have any actual physical presence (apart from call centres, of which more later).
Allow me to explain. First, however, I’d like to solicit suggestions about alternatives. Specifically, does anyone know of a UK bank with a decent online service (not suffering from the problems outlined below) but which has an ethical investment policy? Smile is part of the Co-operative Bank, and as such makes that claim, which appeals to us. However, the warm fuzzies are being nullified by their poor service, so if anyone can suggest where to move, I’m all ears.
OK, so: for anyone without the benefit of a year of Smile, allow me to explain why I think they Could Do Better.
Weak authentication upon login.
The login procedure is as follows: you enter your sort code and account number, you enter a secret four-digit code, and finally you’re asked one of about five personal questions (eg “Please enter your significant date”).
The first observation is that only one of these things can really be called “secret”. The sort code/account number are easily found out (eg if I give you a cheque, or want you to transfer money to my account), and the personal questions are obviously only weakly secret. Many people in the world know what the last school I attended was. Many know the first. Other items (memorable names, memorable dates) are the kinds of things that can be guessed.
The second observation is that the secret code is only four digits long. Four digits (0 to 9), not four characters.
I was on the phone to them yesterday, and the chirpy call centre girl I spoke with had the nerve to state that their security was “better than everyone else’s” as if this were incontravertible fact. Well, with Lloyds TSB I have three keys, only two of which I get to choose and none of which are associated with my account. None of them are only four digits long, either. The first key, which is effectively my username, is a nonsensical mix of numbers and letters. Hard to remember, completely unguessable.
The only mitigating factor here is that of course, failed attempts to log in lock down the account – but that’s also the case with other banks, so how is this stronger? Answer: it isn’t.
The third observation is this: hang on, this is a joint account – we both enter the same sort code/account number. How does it tell the difference between us? Answer: with the 4-digit security code of course! It’s not just for authentication, it’s also the username. Nice! And when I get it wrong three times, it locks me out and it locks out Bash! Because it doesn’t know which of us is getting it wrong/being attacked. In the words of The Mighty Boosh: Genius!
Oh, wait. That’s not genius. That’s stupid design.
OK, so enough about logins. Suffice to say, it’s messy.
No downloadable statements.
The next most annoying thing is that statements aren’t available in electronic format for download. Unbelievable but true! This hasn’t been a big problem for me thus far but at some point in the future I will want to do this and it will be annoying to scrape the HTML by hand. I’ve written to them twice about this with no response. To me, this is a no-brainer, especially for “the internet bank”. Yeah, right.
And yet every month they email me telling me my statement “is ready”.
Inconsistent statement formats, and no running total.
Your old statements have a running total. Obviously. Your latest statement doesn’t. In general, they seem to be different things, your latest statement is somehow “special” rather than just happening to be the most recent page of activity. As a programmer, that makes me think “yicky”. But that missing running total is the worst thing about the statements. Awful!
No dates on standing orders.
Obviously when you set up a standing order, you assign a date to it. For example, “monthly, on the first of the month”. But when you edit them, all you see is “monthly”. What the hell? When’s it going? According to Chirpy Call Centre Girl, the way to find out is “look at your statements and look at when the last one went”. a) That’s just lame, and b) What if the first payment hasn’t gone yet? I just have to sit and wait. Rubbish!
Those are the main things have have bent my widgets over the last year. There are other, smaller, niggly things – such as kicking you out if you accidentally hit “Back” on your browser (Lloyds TSB can deal with this – why not Smile?), but let’s leave it there for now. I know it’s going to take months, but I want to to move to something better, and if anyone’s got any good suggestions, let’s hear them. Thanks!
/me LOL at the OpenBSD yp(8) man page:
If ypbind cannot find a server, the system behaves the same way as Sun’s code does: it hangs.
Also, /me was very impressed by Tom Cosgrove’s talk earlier on Exploit Mitigation Techniques, describing some of the Cunning Stuff which OpenBSD does to make Mr Script Kiddie’s (or even Mr Mafia Funded Russian Hacker’s) life less fruitful. 2 second summary: Much good use of randomisation, basically… :-)
I skipped the tutorials yesterday, although it sounds like the one on Zsh was quite interesting and in particular showed off lots of shiny things you can do with that. One of the reasons I didn’t go is because, well, I really can’t swap from Bash can I? What would the wife think? Well, it turns out she’s clued in enough that apparently, if Zsh really is that good, she’ll consider changing her name. ;-)
I’m currently missing some talks, but this morning there was a really good one on “Experiences of a large linux deployment in education“. It seems that schools in this country waste shedloads of (taxpayers’) money on IT, paying and re-paying for proprietary software licenses, constantly churning hardware (eg 3 year cycles are typical), usually without real in-house IT expertise. The government’s target is a 1:4 ratio of computers to pupils, which 33% of schools had met last year, but that number is going to decrease not increase because many of those schools have now run out of budget for upgrades they’ll need over the next couple of years. Their installations are expensive, complicated, fragile in the face of “improperly-motivated” students, and require lots of time-consuming installation and maintenance.
The guys speaking this morning went into a school in Felixstowe last September and installed IBM Blade application servers and loads of thin clients running Linux and KDE. They have a Windows 2003 Terminal Server for their legacy Windows stuff. The students don’t resist using Linux – they don’t care, they pick it up in no time – but there’s been resistance from staff, who are only just dealing with Windows. So the staff continue using Windows laptops to admin this stuff, with NX bridging the gap. KDE’s a win for them because it looks like Windows, but also because it’s apparently got a very tight and manageable “kiosk mode” in which it’s completely locked down. Over the 12 months since rollout, the school has had one “tampering” incident to deal with, as opposed to the previous situation of having to rebuild/reinstall one or two boxes per week because of malware or general student breakage. Win.
The thin clients can run on old boxes people are giving away. They heard about someone giving away 40 PIIIs, spent 47 quid hiring a minibus, and went and collected them. A classroom of PCs for 47 quid. The school in question has smashed the 1:4 ratio, and slashed their IT budget by about 30 grand per annum. Using thin clients really has made the system trivial to maintain (they’ve only returned to the school for upgrades and development, not maintenance – the school has an IT guy, but he’s not a Linux guy… It just works.) and easy to expand.
Sounds good to me. Only shame is they’ve only done this on the educational/pedagogical side, not the schools admin/office side, which is apparently much hairier and where fat clients are still, realistically, necessary. Cutter Project for more info.
After that I went to hear about “Adopting a driver – from fixing typos to breaking thousands of machines worldwide” which was a bit more technical (though not hugely), and mainly about the woes of freeform open source development. Interesting, but less of a jaw-dropper than the first.
Then coffee in the Digital Technium atrium – a woefully small space for nigh-on a hundred geeks to drink coffee, talk, and (largely) sit around tapping away at laptops. Shame.
I decided to skip the current session and come here for some work. So I should really do some now, I guess. :-)
LOL at Si’s “filmic internal monologue” on Moorland Sheep Hazards – scroll down, or read the whole thing if you have any sense of south-east Wales’ geography, and an appreciation for Si in semigrump mode (mathematicians, that’s like a semigroup, but in steaming blue latex shorts).
Also via Si, some fantastic lateral thinking puzzles.
Ad Hoc, Self-Supervising Peer-to-Peer Search Networks – nice paper on a proposed architecture for p2p networks, built on primitives which are so simple they’re obviously right. :-) Abstract:
Peer-to-peer search networks are a popular and widely deployed means of searching massively distributed digital object repositories. Unfortunately, as such networks grow, they place an increasingly overwhelming load on some or all of the participating nodes. We examine how to reduce the load on nodes by allowing them to self-organize into a relatively efficient network, and then self-tune to make the network even more efficient. Unlike previously studied architectures, our “ad hoc, self-supervising” networks avoid restrictions on who a node can connect to or what information can be exchanged. This makes the network topology quite flexible and tuneable. Our results indicate that our ad hoc networks are more efficient than popular supernode topologies for several important scenarios.
Thirty years of research on query languages can be summarized by “we have moved from SQL to XQuery.” At best, we have moved from one declarative language to a second declarative language with roughly the same level of expressiveness.
As promised, though I’m still working on the shiny LaTeX article which actually explains all this stuff…
From the README:
It started out just as an exercise in operational semantics, using Python because it’s the language I get things done fastest in. That proved interesting enough that I wanted to re-do it in Haskell, which I’m learning and which arguably handles this sort of thing better.
The Python version is more advanced. It includes mu-recursion, which the Haskell doesn’t, and is quite tidy IMHO. OTOH the Haskell is less developed, and in particular the functions for actually creating the graphs could, I’m sure, be improved. Always nice to have some future work to do…
I’m publishing this in case anyone is interested in the code. In particular, it is perhaps useful as an example of:
- Graph programming in Python using NetworkX and Pydot.
- Represention and manipulation of abstract syntax trees in Python.
- Graph programming in Haskell using Data.Graph.Inductive and Data.Graph.Inductive.Graphviz
- Poor newbie Haskell programming style. ;-)
I’m working on a paper describing the problem, the semantics, and the approaches taken in the two languages, but it’s very much an ongoing WIP and isn’t ready to publish yet.
Homepage for this work: http://www.cs.swan.ac.uk/~csandy/research/op_sem_py_hs/
I’ve got two books on the go at the moment (Potter can wait): Neal Stephenson‘s Quicksilver, and Charlie Stross‘ Accelerando. I’ve just about finished the former, and according to Plucker, I’m 46% of the way through the latter – so perhaps some of the opinions expressed below will change…
These are both science fiction works. The first is unusual for sci-fi in that it’s set (mainly) in the seventeenth century; Newton and Liebniz are key (though secondary) characters, and it seems mainly to be about religious tensions (as you’d expect from the setting), the nascent scientific movement, the nature of money and markets, and a very nascent anti-slavery movement, though I’m not sure where that’s going to go. The second is based around the futurism idea of the Singularity, a supposed point in the future where the rate of change of scientific knowledge and human ability goes nonlinear, basically.Read the rest of this entry »
More Robot Wisdom goodies: Feynman/von Neumann US postage stamps, future windfarms (“twelve [offshore] wind farms of 100 units would meet the UK government’s 10% target for renewable sources” – so let’s build 120?), and finally short excerpts from Rwanda genocide accounts book, eg:
Saving the babies, that was not practical. They were whacked against walls and trees or they were cut right away. They were killed more quickly, because of their small size and because their suffering was of no use. The babies could not understand the why of the suffering; it was not worth lingering over them.
Chilling. We saw Hotel Rwanda last week, and I gotta say, it was one of the hardest films I’ve ever watched – up there with Threads in terms of visceral human horror, made worse by its reality. Highly recommended.
Oh my yummy yum yum yummy… [bash]
About time somebody did this. I will, of course, wait for the split/ergonomic version, if only because it confuses and annoys people who try to use my computer.
There’s a bit in Brian Eno’s A Year With Swollen Appendices where he’s in Egypt, and a boy rides past on a bike shouting “I am here! I am here!” repeatedly, and Eno dubs this “perhaps the single and central message of humanity”. I’ve always really liked that.
As I sat in the lobby of our hotel in London last week, I mused on the feeling of obscelescence and redundancy. There’s a moment in Accelerando where one of the central characters loses all the computational stuff that augments his senses and mental faculties – he’s reduced to bare meat and a comparatively sluggish consciousness. This leads him (even after he’s fully restored to bright shining augmented posthumanism) to worry a lot about how long he can remain on the bleeding edge. Now, everyone feels this at some point, I believe: the horror (or at least angst) of realising that What Once Was has passed, never to be surpassed or even attained again. The loss of the intellect, the passing of the peak, the fading of the beauty, whatever it is. The fear that all that lies ahead is swimming ever harder, if one can even manage that, only to drift inexorably downstream.
So, a fundamental question is how to deal with this? If all my best lies behind, then what of the future? Naturally, having hit my early thirties, I have somewhat irrationally started to worry at this question myself. It’s absurd I know, but there you go.
The answer, it seems, is just this: to have hope and not worry about it. Nothing more that. For one thing, your best days may actually lie ahead. However, a stronger statement is the following: now is what matters – the past is gone and cannot be changed, and the future is yet to arrive, if at all. The question is not “what have you done?” or even “what would you do?”, but simply “what are you doing?“
As such, I contend that just as “I am here” is the single and central message of humanity, so is “What are you doing?” the single and central question. (Not “where are you?”, I note.)
Of course, the real question is what do I have to do to discuss this with Brian over a glass of wine some time? ;-)
(Aside: it’s so hard to find anything specific in Eno’s book, because you just keep getting distracted – there’s an interesting idea or fact or insight on every page. Given that I’m reading Quicksilver at the mo, this one particularly caught my eye: 16 October. I also asked Anthea how many mature oaks she thought it would have taken to build a top-of-the-line ship in Nelson’s day. She guessed ten. The anstonishing answer (from Brewer’s) is about 3,500 – 900 acres of oak forest. She said, “I wonder what we’re doing now that’s as wasteful as that”. I said it’s still called Defence.)
50 Eno Moments, which I don’t have time to read right now.
I’m still here, I’ve just been too busy to blog. However, while I’m waiting for ghc-6.4 to compile (that’s my excuse anyway), I thought I’d do a quick blogdump…
I was going to write about my week in London, and a bit about what I’ve been reading lately, but I started by writing the stuff below instead, and now I think that’s enough for one post, so I’ll publish this and follow up with the rest maybe tomorrow or Sunday. (Short version: London fun except bombs, Quicksilver OK, Accelerando completely barmy but getting a bit dull at 40%). Colin, I should warn you that the rest of this post is of the kind you don’t like. The London diary thing might be better. Sorry!
Work’s been truly excellent this week. No students so no teaching, and also no admin for a while too. Some time I need to do some preparation for next year’s teaching, but for the next two months I’m mainly going to be focussing on research at last, aiming to break the back of my MPhil. I made a breakthrough on the parsing side last Sunday (or rather, I cleared up a misconception I’d been harbouring), but have spent this week on a different tack, learning about operational semantics through the magical medium of Python. Specifically, Markus gave me a toy process algebra and its semantics, and outlined the algorithm for turning expressions in the PA into their labelled transition systems, then I went away and programmed it.
It’s been excellent fun, and I got it basically done in no time at all, mainly because I chose to do it in Python. It’s quite remarkable, in fact… For months I’ve been struggling to get anywhere with my research, and it’s been very depressing and making me feel like I can’t hack this stuff. Now I realise it’s just that I’m a complete Haskell newbie. If I was doing my research in Python, I’d probably have finished by now. Alas, I have to do it in Haskell, because of the system we’re interacting with, but it’s encouraging to realise my problems relate to the language/paradigm I’m working in, not some basic failing on my part to understand what the heck I’m trying to do.
Anyway, I’m writing up an article explaining what I’ve done, and either later today or early next week I’ll publish it and my code, so anyone who reads the above and says “huh?” can take a look if they want. (JOn? You reading this? ;-))
Next week is graduation week at Swansea University and I’m acting as a marshall on Monday, which is Science day. So I get to see all this year’s third years do their stuff. With luck and effort, I should be there myself this time next year.
What else is new? I recently made the shift from ion to ion3. Ion’s been by window manager of choice for about three years now, mainly because I can’t be bothered with all that tedious point-and-click move-and-resize nonsense you have to do with windows in most WMs. TR occasionally moans at me that it’s modal but I don’t see it as a problem, it works for me and is extremely keyboard friendly and fast, so I’m happy. But I’ve been feeling behind the curve, and in particular some apps (eg the Gimp) don’t play well with the tiled model – which is why ion3 is nice because it adds optional “float workspaces” which act more like a conventional tedious point-and-click point-and-resize window manager if and when that’s what you need. Making the move was non-trivial because my config files had to be ported to Lua, but now it’s done and I’m very happy with my window manager indeed. Once again, I’d recommend looking at Ion if you’re getting dissatisfied with your Gnome/KDE experience and want to strip things down.
Finally, a couple of Python goodies via the Python-URL: try/except vs if/else in terms of speed (an oldie but a goodie, especially when advocating Python to curmudgeons), and Sparklines, which are kinda weird and kinda cool, but I’ve no idea if they’d actually be useful.
Well, Bash and I are in London for her birthday – lovely day for it.
First we heard of the explosions was at about 10:15, waiting for the lift to arrive in the hotel, when my parents rang. “Are you OK?” “Er, yeah, fine thanks. Whhhyyyyy…?”
The hotel’s on The Strand. Five minutes walk to Trafalgar Square, strangely quiet (especially after yesterdays Olympic crowds), with sirens zooming past constantly. We’re now at the Royal Society, which was our intended first stop on a day to also include St Paul’s Cathedral, the Tate Modern, Tate Britain (via the Tate-2-Tate boat), maybe a shufti at Parliament, and then birthday dinner with London friends in Earl’s Court. Needless to say, most of these plans are on hold just now. St Paul’s to Tate to Tate is all do-able on foot/boat, but to get to St Paul’s we have to get to The City, which might not be a good idea assuming these explosions have an economically motivated component.
It’s been a good week, up to now, though. The show’s going very well and everybody loves the calculator. Having now used it quite a bit, I can definitely say it’s Way Cool and very impressive.
I went to the Science Museum for a bit on Tuesday, mainly checking out the Computer Science, Maths, and Telecoms Displays. I found it very disappointing. The best part is easily the Babbage stuff – difference engines, and his brain – but the rest seemed like it hadn’t been updated for 20 years. The CS stuff was also disappointingly focussed on machinery, but there’s so much more to computing than that, and increasingly so. The computers themselves are far less interesting than what you do with them and how (IMHO) but there was almost nothing on that. There was a fifteen-foot wide display on the history of the British Punched Card Calculator industry (not even general purpose computers!), but only a small card with about fifteen lines of text for Alan Turing! A travesty! Telecoms was not much better, and didn’t seem to have changed at all since I visited it with my eldest brother Mike back when I was eleven. Actually, that’s not true, it had changed: most of it had stopped working.
The bookshop was quite good, though.
Tuesday evening I headed to Greenwich to visit Rich and Em, and meet with a couple of the old Frontier possee, viz Jon and Mark F. This took place in a superb pub in Greenwich – The Union, with a microbrewery and some excellent excellent beers. The “chocolate beer” (stout) was particularly fine.
I spent yesterday afternoon planning what to do for the next three days (now out the window, it seems), then met Bash at Paddington at 7:30, and whisked her to the National Film Theatre for Antenna – a bi-monthly showcase of music videos. Some really good stuff, in particular “Sentimental Journey” by Yuki – very thoughtful and gentle. The place was, of course, full of achingly cool people. :-)
Anyway, think we’re going to have a look round the exhibition now, and I don’t know, maybe stay here all day. Hope everyone reading this is OK and your loved ones are accounted for…
Emergent Chaos – a weblog on “security, privacy, and economics” (via risks). To pick but three consecutive good examples: Equifax CEO says identify theft is epidemic, fingerprint privacy is rubbish (as any fule kno), and the UK government does plan to sell your ID card information. One to watch.
On subject of which… Bash & I went out for dinner last night, and we noticed they were taking card payments using a wireless terminal. So out came my Palm Tungsten, and up was fired wiffi, which duly reported no 802.11 signal in the area. “In that case, ” asked Bash, “what’s the terminal doing?”. Answer at Chip & Spin, although you can guess a lot of it.. Obviously without a network connection, it wasn’tt performing any online back-end checks that, for example, I had enough money in my account to cover the bill. So it’s basically the card authenticating itself to the terminal, and authenticating me via the PIN I entered. But what suprised her most was this: if the chip happens to be broken (eg fried), the system should fall back to magstripe – which this particular terminal happened not to support. So what happens then? Answer: no authentication whatsoever. Zero. Nada.
Go read the paper. Seriously. It’s great.
Blimey, the Thimblebys are in New Scientist – and where do I spot it byt Robot Wisdom? Jorn, apparently, is unconvinced. On the other hand Andy, who’s seen it up close and played with it, is very impressed.
The Google Maps satellite picture of the UWS campus predates the Digital Technium (for now).
Intersting also that we have higher-res of Swansea than of Cardiff. So I can see where I live quite clearly, but not where I used to live. Also managed to clearly pick out the Eiffel Tower (nice shadow!), the Vatican, and the Palace of Westminster fairly easily. Not in Swansea, though. K2 and Everest more elusive, particularly the former. Singapore still at lo-res (nice clouds, however!), but Beijing central high enough for a very clear shot of the Forbidden City. The Summer Palace is still hazy, however.
Simon‘s a cartophile in the true sense but me, I just love maps because of the imaginary journeys they take me on. As such, I’ve been waiting for this all my life. It’s just gonna keep getting better, with more detail, more 3-d, more up-to-date imagery, and better navigation. What an amazing age to live in.
I definitely want to learn Ruby this summer, starting as soon as I get this exam team stuff out of the way (or possibly sooner). Here, then, is a collection of resources which I might find useful. I might revisit this post and expand it later as I find new stuff or add thoughts on what’s here. If anyone has anything to add, feel free.
The first edition of Programming Ruby: The Pragmatic Programmer’s Guide is available free online.
In terms of reference material…
The Ruby home page.
RubyGems – CPAN for Ruby, I think?
And ooh, RubyForge.
That should be enough to keep me going for a while.
Well, it’s midnight which means today’s been a 16 hour day so far. Must be something about Wednesdays: last week I was here all night, and didn’t go home until about 4 the next day (then watched the best Shakespeare I’ve ever seen: The Comedy Of Errors in the open air in front of Oystermouth Castle with a cast of five – very manic).
Certainly a few hours’ more work to do tonight, but it shouldn’t be an all nighter. You never know, though.
Oh, how I love working on the exam team…
Update: going home at 02:34 – an 18.5 hour shift. And no overtime! Yay!
While googling for something to do with the unison file synchronizer, I was distracted by The Seymour Skinner page at The Simpsons Archive. Was particularly amused by P.A. announcements. Tee hee, etc.
Alas, no time to linger – I gots coding to do.
In other news, the cat is running around the house like a lunatic.
“Attention everyone, this is principal Skinner. I trust you all remembered to bring in your implements of destruction. Now let’s trash this dump.”
You scored as Cultural Creative. Cultural Creatives are probably the newest group to enter this realm. You are a modern thinker who tends to shy away from organized religion but still feels as if there is something greater than ourselves. You are very spiritual, even if you are not religious. Life has a meaning outside of the rational.
Cultural Creative 81% · Idealist 69% · Modernist 50% · Existentialist 50% · Postmodernist 44% · Fundamentalist 31% · Materialist 25% · Romanticist 25%
Also interesting, also in RISKS: EEPI 2005, Conference on Electronic Entertainment Policies, Problems, Solutions, held where else but Los Angeles? The call is very carefully worded and I particularly enjoyed “This will not be a place for finger-pointing or name-calling.” I guess the organisers know just how contentious this whole issue is.
Here’s the RISKS post, which is basically the same announcement from the conference web page.
So I guess everyone else has seen this already, but (for reasons stated in my previous post) I missed it until the latest RISKS Digest dropped onto my doormat. Anyway, it’s a nice example of a covert channel, and I was flailing around unsuccessfully for a nice example when I spoke about them in one of my Operating Systems lectures this year (poor preparation on my part), so I should bear this in mind for the future.
Security researcher Colin Percival recently (13 May) announced a security vulnerability caused by the combination of the Hyperthreading and shared cache features of Intel Pentium 4 processors. By carefully measuring the time required for instructions to execute in one thread while the other thread is performing a cryptographic calculation, the secret key can be determined.
Here’s the paper (PDF).
Insightful comment at the end of the RISKS post:
The RISK here is a classic example of relying on underlying abstractions (the hardware memory model) to behave in an ideal manner, rather than understanding their implementations. Many security flaws result from the adversary breaking the veil of abstraction to look at the soft, juicy parts inside. Even when the higher-level model is perfect (or formally verified), the mapping to implementation can hide a multitude of sins.
Indeed. We computer scientists just love abstraction – it’s a powerful conceptual tool which allows us to build very powerful; but when you actually have to deal with reality, rather than some mathematically ideal space, everything suddenly gets very messy and the thick straight lines you drew between the layers turn into fuzzy fractals instead. Or something.
Not much time for blogging lately (working til 2am last night!), but here’s a round up of some crunchy bits from Robot Wisdom of late:
Ho hum, back to it, see you in July or something…
Teaching is over, exams are happening, and the office is quiet of students – except for the occasional past paper question from some enthusiastic reviser. As a consequence it’s time to catch up with coursework marking, and start cracking on with whipping systems into shape in preparation for the flood of exam marks which will hit my desk soonish… Avid readers will remember that this was fun in February, and lots of late nights are clearly on the cards. Once that’s over, it’s research-agogo for the summer, hopefully.
Musically, it’s XTC Radio, the mighty Groove Salad, and Cryosleep once again, but also – thanks to Bash’s keen ear – the delightfully named Bobby Friction and Nihal on Radio One. Gawd help me, they call it “urban”. The hell with that, what it is is rawkin’, Mother.
Yet another interesting-looking python project I don’t have time to get into: Solipsis – “a peer-to-peer system for a massively multi-participant virtual world“.
It seems to be pretty much “framework” status, however, so I wonder how much lifting would be required to do anything useful or impressive with it. “ Solipsis is a public virtual territory. The world is initially empty and only users will fill it by creating and running entities. No pre-existing cities, habitants nor scenario to respect…” Ah well, one to file away for possible future student project material, anyway…
Also interesting: Beautiful Soup, a Python HTML/XML parser which “won’t choke if you give it bad markup. It yields a parse tree that makes approximately as much sense as your original document. This is usually good enough to collect the data you need and then run away.” Nice.
Quite a good weekend in Gimboville… Excellent company throughout, and rather productive: I spent most of Saturday working on Superstring Sister – have now got more of an idea on how to carry it forward, though of course it probably needs about five more sessions like this before it’s perfick. :) To offset that, I then spent most of Sunday on my MPhil: deconstructing & documenting a Parsec-based parser for a toy “while” language, then starting to work on a prototypical CSP parser. No great shakes, but it’s something, and that’s better than nothing.
Then I arrived at work this morning to find that my 9 o’clock appointment wanted to reschedule, so I now have an unexpected hour in which I can do Something Useful before my 10 o’clock research meeting. Score!
Via Bash, a slightly long and not-quite-safe-for-work, but really rather good French advert for AIDS awareness.
Should I be worried that I find the lioness wife in Father Of The Pride attractive?
My life in one sentence: I would like to be Snufkin, but deep down I know I’m Moomintroll, going on Moominpappa.
An important aspect of security is, of course, physical security. So note ye well these notes on hacking proximity cards [robot]. It’s worrying how simple all this stuff is… Once again we see that just because some technology is widespread or ubiquitous, that doesn’t mean it’s actually at all secure. Sure, a certain amount of effort is required to break these mechanisms, but someone will go to that effort. The trick is to design systems where the amount of effort is astronomical and uneconomical.
I note with interest that the tips on giving a talk say “use handwritten OHP slides”, but the tips on writing a good research paper, themselves from a talk, are Powerpoint slides. ;-) I suppose the excuse is, that wasn’t a research talk – it was a research meta talk. Or a meta(research talk). Or something.
The definitive Oolong collection – classic. Ooh, and thanks to Rich for the link!
The following example loops endlessly, outputting the ascii values 0 to 255:
We will spend more on hospitals! We will jail anyone not in jail already! We will spend billions limiting immigration! We will deport anyone we can deport! We will abolish schools!
Wow… I’m just going through some old stuff, folders, notebooks etc. in my office and I discovered some notes from my first attempt to install Linux. The date? 26th August 1999. Crikey, there’s nostalgia. I was working at STS, and had been trapped in Windows Programming Hell since leaving university (in fact, the first few years were DOS Programming Hell, but that’s another story). Knowing there was more to life than this, I bought a terribly underspecced used PC and downloaded Debian (it was Slink, I think). I didn’t do anything useful with it, but it gave me enough knowledge & enthusiasm to land a Linux programming/sysadmin job with Frontier a few months later.
Five years on, I’m back in academia, and Unix is my bread and butter. These days I use gentoo, and I’m thinking it’s about time I gave one of the BSDs a shot, but Debian will always have a special place in my heart, as my first step towards freedom… ;-)
Wow – great story, wonder if it’s true.
CS-238 students take note: this is Hamming as in Hamming Distance, Hamming Single Bit Code, etc.
Update 2005-05-02: Yep, read it, very inspiring and intersting.
I notice that if you have the door to your office closed, you get more work done today and tomorrow, and you are more productive than most. But 10 years later somehow you don’t know quite know what problems are worth working on; all the hard work you do is sort of tangential in importance. He who works with the door open gets all kinds of interruptions, but he also occasionally gets clues as to what the world is and what might be important. Now I cannot prove the cause and effect sequence because you might say, “The closed door is symbolic of a closed mind.” I don’t know. But I can say there is a pretty good correlation between those who work with the doors open and those who ultimately do important things, although people who work with doors closed often work harder. Somehow they seem to work on slightly the wrong thing – not much, but enough that they miss fame.
‘The way teachers’ authority has been eroded is key,’ she said. ‘It is not simply that there is no respect for teachers or authority but that the children are actually in control of the schools. They own them and the teachers have no power to take that control back.’
Thomas illustrates her point with an incident when a boy walked out of her class during a lesson. ‘If I tried to stop him leaving by taking his arm, it would have been his word against mine that I hadn’t abused him and I would be suspended while the incident was investigated, which could take three years. My name would be in the local press and my reputation as a teacher would be destroyed. The children are very worldly-wise: they know they have this power.’
Also, Coldsync Conduits, for syncing from Unix.
Strange things apparently happening with broadband provision in the Land Of The Free – ISPs and monopoly interests buying legislation to prevent cheap local community wireless networks undercutting them [robot].
Interesting, isn’t it…? If market forces were the only factors at play here, the telcos and ISPs would be losing this battle. But instead, the market is self aware, and sufficiently successful companies can modify the environment in which they must operate. Time to ask again, if aliens arrived tomorrow, what would they consider to be the dominant life form on the planet? People? Cars? Or companies?
NetworkX — graph creation, manipulation, rendering, and other funky stuff in Python. Looks like a nice toolkit for working with graphs, basically. Check the screenshots for “mmmm” and tutorial for “ooooh”.
www.picturesofwalls.com – in fact seems to be mainly concerned with graffiti on walls rather than just being pictures of the walls themselves, which I found slightly disappointing; gladly, the graffiti is good [rivets].
In November 2001, I went to China and walked on the Great Wall. On Easter Saturday this year, I flew out there again, to spend a week visiting Universities telling the students there that Computer Science in Swansea rocks, which of course it does.
It was a very busy trip: lots of travelling, lots of public speaking, lots of meeting Important People, and lots and lots of Chinese food – w00t. Donkey was eaten at one point. Specifically, it was the donkey from Shrek. Very tasty, and my chopstick fu is now at level five.
It was very much a Work trip; there wasn’t much time for sightseeing or recreation, but we squeezed in a bit: on the Sunday we arrived, we saw the Summer Palace and the China National Acrobatic Circus, and on the last day I was taken to the Yellow Crane Tower in Wuhan, which I’d highly recommend if only for the chance to make a huge bell go CLONNNNGGGGGG!
I took 350 photos, the best 94 of which are here. And here are my personal faves:
Via Will, a Guardian article on Hans-Joachim Roedelius, one time Cluster member and jamming buddy of His Enoship. Having spent this morning lounging in bed soaking up Music For Airports and Neroli as I lounged around in bed this morning, this is all very timely. I haven’t heard any Cluster, but may have to now.
Update 2005-04-10: Just in case the reader missed it, I was lounging around in bed yesterday morning.
It was nice to see that the government’s plans for ID cards have been dropped, but if you want another reason not to vote Labour, it’s that they plan to reintroduce the plans should (when?) they win the election in May.
It’s not that I’m ideologically opposed to ID cards: in an ideal world, yes, they’d be a good thing and ordinary people would have nothing to fear. However, this is not an ideal world, and I have zero faith in the government’s ability to implement them properly. The IT infrastructure will be critical and as identify fraud becomes more and more popular, a single ID card is an obvious target. The UK has an appalling track record when it comes to large public sector IT projects – whether developed in-house or outsourced to the so-called experts, who then deliver late, over budget, or not at all. It’s just a recipe for disaster.
The Report concludes that the establishment of a secure national identity system has the potential to create significant, though limited, benefits for society. However, the proposals currently being considered by Parliament are neither safe nor appropriate. There was an overwhelming view expressed by stakeholders involved in this Report that the proposals are too complex, technically unsafe, overly prescriptive and lack a foundation of public trust and confidence. The current proposals miss key opportunities to establish a secure, trusted and cost-effective identity system and the Report therefore considers alternative models for an identity card scheme that may achieve the goals of the legislation more effectively. The concept of a national identity system is supportable, but the current proposals are not feasible.
Lib Dem This Time – Brian Eno argues (as he has for the last ten years) that it’s time for the Lib Dems to take over from the Conservatives as the opposition in the UK.
Powered by Mambo, I note.
How can Smile call themselves “The Internet Bank” but not provide any facility for downloading electronic copies of your statements?
In fact, even worse, the statements don’t even have a running balance on them, and old statements have a different format from the latest statement!
Yes, I’ve complained about this to them. They said thanks. Bet it doesn’t change by the end of the year…
Interesting observation: tinyurl considered harmful, at least if you care about URL-based phising attacks.
I’m a little late on the uptake here – didn’t read RISKS while at BCTCS or in China.