Monday, February 25, 2008

Microsoft cartoon figures

This is just weird. Microsoft has released a set of collectible cartoon action figures, aimed at developers who attend their training sessions.

Source Fource

(Click image for full view.)


Apparently Microsoft hope that by ascribing "heroic justice crusader" virtues to the toys, people will be attracted to their products:

Slick, quick, and with a fistful of super-style tricks, Windows Vista Sensei is the new karate-kid on the scene. Born in the United States and trained in Tibet, he acquired hardcore martial arts moves, and the wisdom to use these powers wisely. Once he'd perfected his signature preying-mantis kick, the bullies at school stood no chance.

The Anonymity Experiment

Can you live in a big city without leaving traces? Who is watching you and what you do?

2006, David Holtzman decided to do an experiment. Holtzman, a security consultant and former intelligence analyst, was working on a book about privacy, and he wanted to see how much he could find out about himself from sources available to any tenacious stalker. [...] When he put the information together, he was able to discover so much about himself—from detailed financial information to the fact that he was circumcised—that his publisher, concerned about his privacy, didn’t let him include it all in the book.

[...] Last year, 127 million sensitive electronic and paper records (those containing Social Security numbers and the like) were hacked or lost—a nearly 650 percent increase in data breaches from the previous year. [...] Last November, the British government admitted losing computer discs containing personal data for 25 million people, which is almost half the country’s population.

[...]

It was strangely calming, standing in this dim room, watching the words and thoughts of strangers reveal themselves to me. I still had my hat on, but for once there were no surveillance cameras, so I sat down on a bench in the room and pulled out my notebook, grateful to finally be the observer rather than the observed. And then, out of the corner of my eye, I saw her: a security guard standing in the room’s darkened corner—silent, motionless, watching.

Unlike some, I'm not ready to give up on privacy in the information age. I'm with this important essay by Bruce Schneier:

We've been told we have to trade off security and privacy so often -- in debates on security versus privacy, writing contests, polls, reasoned essays and political rhetoric -- that most of us don't even question the fundamental dichotomy.

But it's a false one.

Security and privacy are not opposite ends of a seesaw; you don't have to accept less of one to get more of the other. Think of a door lock, a burglar alarm and a tall fence. Think of guns, anti-counterfeiting measures on currency and that dumb liquid ban at airports. Security affects privacy only when it's based on identity, and there are limitations to that sort of approach.

Since 9/11, approximately three things have potentially improved airline security: reinforcing the cockpit doors, passengers realizing they have to fight back and -- possibly -- sky marshals. Everything else -- all the security measures that affect privacy -- is just security theater and a waste of effort.

[...]

There is no security without privacy. And liberty requires both security and privacy. The famous quote attributed to Benjamin Franklin reads: "Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety." It's also true that those who would give up privacy for security are likely to end up with neither.

Speaking of privacy... I want this.

Three links

Three interesting miscellaneous links:

Can the Cavendish banana be saved from extinction? (No.) Can the fruit growers create a new variety acceptable to the American market? (Probably not.)

The town of Brattleboro, Vermont, has tabled a motion authorizing the local cops to arrest Bush and Cheney if they come into the town.

A leaked British government document shows that they intend to coerce the population into giving up their privacy.

Major security hole in encryption products

Professor Ed Felton has published research that demonstrates conclusively that disk encryption can be defeated quite easily due to a hardware leak: even when you turn off power, modern memory chips will hold their contents for minutes without any special actions. If you cool the DRAM chips they can hold their contents for hours. This is important because it allows an attacker to retrieve the encryption key from memory and use it to decrypt the hard disk.

This news doesn't make disk encryption useless. It will still protect your data in the event of casual theft, but it does mean that if you have sensitive data, and you believe you could be targeted by people wanting that data, you can't rely on disk encryption. At this time, there is no work-around, and the operating system you use is irrelevant. I expect that the eventual fix will be a circuit to fill the DRAM chips with random data when the computer is turned off.

Striking at the terrorists

Remember when the "War On Terror" was supposed to make us safer? Well, somebody forgot to mention to the US military that their supposed to be stopping terrorists, not sheltering them while they attack one of the US's NATO allies.

Turkey, fed up with Kurdish terrorists launching attacks while under the protection of the US military, has invaded northern Iraq. While this isn't a full-blown invasion, nor is it a border incursion with a handful of troops: it apparently involves thousands of soldiers. Turkey has publicly denied the invasion, a denial which is looking less and less credible every day. Why isn't this big news?

And a reminder that it's not just "Islamo-fascists" who are terrorists, like racists and conservatives would have us believe. Christian terrorists in Serbian have attacked and burned the US embassy in Belgrade, angry at Kosovo gaining independence.

Equality of the sexes

It's all too easy to forget that "women's liberation" hasn't even begun in some parts of the world, and that women aren't even given the dignity of being treated as second-class citizens.

In Saudi Arabia, an illiterate woman is set to be executed after she was tortured into confessing to using witchcraft to make a man impotent. And tribal elders in Pakistan decide that women shouldn't vote.

Here in the western civilized world (and I make no apology for using that term), there are people who want to roll back the clock and return to their imagined glory days where women knew their place. Childless old men like Pat Buchanan and macho wanna-be Patriarchs are trying to frighten European women with scare stories that if they don't give up their jobs, stay home, obey their husbands and have lots of babies, the terrorists will win and the Muslim Hordes will take over. It's the Yellow Peril redux, only now it's the "slightly off-white, not quite brown, Islamo-fascist Peril".

I believe that many feminists have well and truly lost their way, but don't imagine that means that feminism is no longer relevant or necessary. The forces of evil are still out there.

But it's not all bad news. Although the meme of sexism dies slow, it does die. When a religious school tried to ban a woman from refereeing a basketball match, her male colleagues boycotted the game:

The reason given, according to the referees: Campbell, as a woman, could not be put in a position of authority over boys because of the academy's beliefs.

[...]

"I said, 'If Michelle [Campbell] has to leave, then I'm leaving with her,'" Putthoff said Wednesday. "I was disappointed that it happened to Michelle. I've never heard of anything like that."

Fred Shockey, who was getting ready to leave the gym after officiating two junior high games, said he was told there had been an emergency and was asked to stay and officiate two more games.
"When I found out what the emergency was, I said there was no way I was going to work those games," said Shockey, who spent 12 years in the Army and became a ref about three years ago. "I have been led by some of the finest women this nation has to offer, and there was no way I was going to go along with that."


Isn't that something?

Sunday, February 24, 2008

Why don't more conservatives go to university?

Why are most university professors liberal? Two academics, Matthew Woessner and April Kelly-Woessner, have done a study that suggests that most conservatives simply aren't interested in the sorts of things that attract people to academic careers. Matthew Woessner himself is an interesting counter-example: he's a fan of Fox New, Rudy Giuliani and Rush Limbaugh and usually votes Republican, and unlike most of the conservative students he has studied, has a deep interest in the scientific method. (Although he clearly doesn't apply it to Fox, Giuliani or Limbaugh...)

The Agonist has this to say:

What do you do when there are not enough laissez-fare loving, personal responsibility professing and family values fundies at your university? You make it more socialist:
The research led the Woessners to conclude that if higher education wants to attract more conservatives to the professoriate, it should smooth the way financially, offering subsidized health insurance and housing for graduate students

I've often thought that conservative politics simply meant "handouts for me, not for thee".

Read more here.

Last major music labels give up on DRM

The last two of the big music labels -- and of course the independent labels weren't stupid and arrogant enough to install spyware and rootkits on their customers' computers -- Warner Music and Sony BRM, have finally stopped trying to hold the tide back and have given up using DRM on their music downloads, at least for most of their catalogues. Warner caved to the inevitable in December last year and allowed Amazon to sell mp3s, and in January Sony BRM also announced that they are giving up DRM for music downloads.

This isn't quite the death of DRM for music, but it's close.

Another reason to hate Flash

There's a lot to hate about Flash video. And yes, I'm aware of the irony of saying this when I myself put Flash videos on my blog. If YouTube would use a decent format, I'd be onto it so fast your head would spin.

It's not a fully open standard, making it near impossible for anyone to create Flash applications that don't depend on Adobe. There are a zillion movie players for .avi, .mpg, and even a handful for .mov, there's only one player for Flash .swf applications. (In fairness, mplayer can, sometimes, play .flv videos. mplayer is awesome!) That's a warning sign of data obsolescence.

Specifications for the Flash formats are only released to developers on the condition that they don't create Flash players. Flash videos contain executable code, which is a serious security hole: it's only a matter of time before somebody creates a virus which runs through Flash, even on Linux. Most Flash applications are poorly written, with terrible user interfaces and buggy implementations: Flash sites frequently lock up my browser. You can't index or search Flash sites, or copy text out of them, and if you are blind and use a screen-reader, web designers who use Flash are giving you a big F-U. And if you're a movie creator, why on Earth would you be happy with the crappy, low resolution, compression-artifact-filled ugliness that is the typical .flv file?

I could go on, but I'll just link to one more reason to avoid Flash if possible: Adobe is now adding Digital Restrictions Management software to the format.

Finally, there's a classic suite of arguments against DRM that will be as true for online video as they were for music. DRM doesn't move additional product. DRM is grief for honest end-users. And there's no reason to imagine that new DRM systems will stop copyright infringement any more effectively than previous systems.

The things you never hear about

I understand that it's a big world, and it's impossible to keep up with everything happening everywhere.

But still, it's kind of creepy and shocking to discover that the Middle East's version of the Berlin Wall was (temporarily) knocked down a month ago, and nobody I know has heard anything about it. Described by one commentator as "the biggest prison break in the history of man", Joel Beinin, Professor of Middle East History at Stanford University, described it thusly:

About 3:00 am on Wednesday morning Jan. 23, well-coordinated explosions demolished the iron wall built by Israel to seal the southern border between the Gaza Strip and Egypt (the Philadelphi axis). Tens of thousands of Palestinians streamed across the border and entered the Egyptian side of the town of Rafah, which had been bisected by the wall, in search of food, gasoline, and other basic commodities which have been in short supply for many months in Gaza. The first wave of Palestinians to cross consisted of hundreds of women who were met with water canons and beatings by Egyptian security forces.

Read the rest of his op-ed here.

For that matter, most people I know didn't even know there is a Wall cutting off Palestinians from their own farms and jobs, or that it has already lead to the avoidable deaths of innocents.

Bad writing and poor grammar

One of the most pernicious myths about English grammar is that you should never split an infinitive. Linguists point out time and time again that the prohibition against splitting infinitives makes no sense in English, and that it was originally derived from Latin and French where it is impossible to split an infinitive.

An infinitive is a verb with the word "to". For example:

  • We plan TO GO immediately home.

  • At the time I intended TO INVADE only half of Poland.

  • My auntie told me TO KICK the guy viciously.

And here they are again split:

  • We plan TO immediately GO home.

  • At the time I intended TO only INVADE half of Poland.

  • My auntie told me TO viciously KICK the guy.

There's no doubt that sometimes splitting infinitives can weaken a sentence, but very often it makes it clearer and stronger. In case you still believe that infinitives should never be split, please read this and this and this.

But then there are still those who continue to spread the superstition that splitting infinitives is bad grammar, like the aptly-named "Lousy Writer". When I first came across his site, I had just spent a delightful half hour or so browsing the World Wide Words site. Compared to Michael Quinion's delightful prose, which has flow and rhythm, going to the Lousy Writer site is like having your eyeballs sand-blasted. I can't imagine taking the Lousy Writer's advice on style matters, or common English idioms.

There's at least one common construction where even the most rabid "Thou
Shalt Not Split Infinitives" mavens end up splitting their infinitives:

  • An effective way TO more than DOUBLE your income is by mugging little old ladies.

On a related note, are you shamed by you English?

Shamed By You English?

Click thumbnail for full-sized image.

I so have to get a t-shirt of this

Thanks to BoingBoing:

┬┐Que?

(For the benefit of anyone who has been living in a cave for the last thirty years, the person in the image is Fawlty Towers' Manuel, shown in the style more familiar from the iconic photograph of South American revolutionary Che Guevara.)

Taking back democracy

Sick of the Republican Party trying to block them from voting, students at Prairie View A&M University in Texas decided to take back democracy one street at a time: literally.

Faced with systematic efforts to disenfranchise blacks and Democrat supporters, such as putting polling places seven miles away from the voting precinct, more than 3,000 students took to the highway, blocking it as they walked the seven miles to the polling place.

Nice one guys!

Technical Virgin

The things that offend people, or that people are afraid will offend people (not necessarily the same thing!) often astounds me.

In 2006, actress and mother Melanie Martinez was sacked from her job of host of the PBS television program "The Good Night Show" because of two 30 second videos she had made over five years earlier. The videos, for the now-defunct "TechnicalVirgin.com" website, were send-ups of public service announcements for abstinence-only sex education.

Here are the two videos:

Boys Can Wait



Also viewable here.

I Have A Future



I'm amused (in that "have to laugh or else I'd cry" way) by this comment defending PBS:

But I think in her case she openly lied to her employers. Every job interview has that "prior history" question where if you did anything that would effect your job, it's best to say it then.

"Every" job interview? I've been to a couple of dozen job interviews (some of them were even successful) and I've never been asked if I'd done something that would make me morally unsuitable for the position. And for all we know, she did disclose the videos when she was hired. But if she didn't, it doesn't follow that she lied -- far more likely she just never imagined that they could possibly be an issue.

Deputizing the ISPs

One of the more insidious dangers coming out of the copyright lobby is the idea that ISPs must be made responsible for enforcing copyright law on their behalf by choking off infringing material. It's a rather bizarre concept, no different from the idea that the Post Office must scrutinize every piece of mail posted for signs of illegal activities.

In practice, not only would this a huge burden on ISPs, but it's also ridiculously impractical. Since infringing bytes aren't coloured differently from non-infringing bytes, the only "solutions" are to either non-selectively cut off entire avenues of communication, or make an expensive and ineffectual attempt to analyze Internet traffic, trying to detect infringing material. That sort of censorship is ripe for abuse and prone to errors. And let's not forget the privacy implications of having your ISP actively monitoring every packet of data you send.

Such is the influence of the copyright lobby that the idea is being taken seriously, so it is good to see that British bastion of middle-class respectability, the Guardian, slam the idea:

Some internet users are irresponsible, and their behaviour may even be damaging Taylor's clients. But in seeking legislative relief for this distress, governments need to strike a balance between the wider public interest and the demands of a particular industry to defend an increasingly obsolete business model. And though the record industry is important, it's an economic minnow compared with the IT industry.

An analogy may help to illustrate the point. Millions of people use the telephone network for questionable, illegal or unethical purposes. But we would regard it as unthinkable to impose on phone companies a legal obligation to monitor every conversation.

Who owns data?

Ed Felten raises a very important point about many of the debates we have about data portability: we start off by making a poor assumption, and that closes off options.

An example is the Internet storm over Facebook canceling well-known blogger Robert Scoble's account. Scoble had amassed a vast amount of data in his account, and got caught using software tools to export it. Facebook has a vested interest in locking people into their service (more users = more advertising revenue), and the way they have chosen to do this is to give people free accounts, encourage them to invest a lot of time creating valuable (to the users, if not anyone else) data, but prohibit them from extracting that data elsewhere.

Hmmm... I must update my Blogger backup script. It hasn't worked well since Google made the upgrade from Blogger version 1 to version 2.

The poor assumption that we make is that data -- facts -- must be owned by somebody. As Felten says:

Where did we get this idea that facts about the world must be owned by somebody? Stop and consider that question for a minute, and you’ll see that ownership is a lousy way to think about this issue. In fact, much of the confusion we see stems from the unexamined assumption that the facts in question are owned.

Once we give up the idea that the fact of Robert Scoble’s friendship with (say) Lee Aase, or the fact that that friendship has been memorialized on Facebook, has to be somebody’s exclusive property, we can see things more clearly. Scoble and Aase both have an interest in the facts of their Facebook-friendship and their real friendship (if any). Facebook has an interest in how its computer systems are used, but Scoble and Aase also have an interest in being able to access Facebook’s systems. Even you and I have an interest here, though probably not so strong as the others, in knowing whether Scoble and Aase are Facebook-friends.

How can all of these interests best be balanced in principle? What rights do Scoble, Aase, and Facebook have under existing law? What should public policy says about data access? All of these are difficult questions whose answers we should debate. Declaring these facts to be property doesn’t resolve the debate — all it does is rule out solutions that might turn out to be the best.




UPDATE: Chris Finke has an innovative solution to the Facebook problem, one which could (in principle) be extended to all similar such websites. His Facebook Scavenger extension for Firefox lets you capture copies of the data once it's in your browser.

The downside of proprietary data

Mark Pilgrim is a published author, Google employee and long-time Apple Macintosh user and programmer. In the Macintosh universe, he's part of the pantheon: although never an Apple employee, and not quite up there with folks like Andy Hertzfeld, he's nevertheless one of the minor demi-gods of Apple mythology. He also helped create one of the few Mac viruses (the MBDF-A), but co-operated with police on his arrest and paid restitution for the damage done.

Putting aside his checked past, Pilgrim was considered one of the Mac power-user evangelists, so it came an unpleasant shock to the Mac community when he finally discarded his Mac in favour of Linux. There were tears and predictions of doom. Those predictions turned out to be wrong, and Pilgrim is predicting that 2008 will be the year of Linux on the Desktop. (With the sudden expansion of notebooks running Linux, like the EEE, I think those predictions will finally be right. And not before time.)

Not long after jumping ship to Linux, Pilgrim discussed his experiences with long-term data storage, and his frustration with the difficulty of keeping data accessible over a time frame measured in decades instead of months or years. The bottom line? Long-term storage of data is like a series of migrations from data format to data format. Anything which makes that migration harder is going to hurt you. Companies like Apple who don't grok openness are constantly trying to lock people into their products, then change the products. Every time they do that, there's pain and inconvenience for users, and usually the loss of data.

Pilgrim's conclusion is that using open source software and, more importantly, open formats, goes a long way to reducing this problem. You will still need to migrate data from computer to computer (anyone think that the computers of 2028 will still be running Windows Vista?) but the pain will be less.

There’s an important lesson in here somewhere. Long-term data preservation is like long-term backup: a series of short-term formats, punctuated by a series of migrations. But migrating between data formats is not like copying raw data from one medium to another. [...] But converting data into a different format is much trickier, and there’s the potential of data loss or data degradation at every turn.

Fidelity is not a binary thing. Data can gradually degrade with each conversion until you’re left with crap. People think this only affects the analog world, like copying cassette tapes for several generations. But I think digital preservation is actually much harder, in part because people don’t even realize that it has the same issues.

[...]

So if you care about long-term data preservation, your #1 goal should be to reduce the number of times you convert your data from one format to another. You should also strive to increase the fidelity of each conversion, but you may not have any control over that when the time comes. Plus, you may not know in advance how faithful the conversion will be, so planning ahead to reduce the number of conversions is a better bet.

Open source software is not a panacea for this sort of data loss: as Pilgrim discusses, the open source photo-editing software Gimp uses a deliberately undocumented file format that no other application can fully read.

If you care about accessing your data in ten years time, then go read the rest of his conclusions. (And if you care about people accessing your data in 200 years time, print it out on good acid-free paper and deposit it somewhere dry and safe.)

Friday, February 22, 2008

The Unbearable Burden of Blogging

Well, perhaps not quite unbearable...

A big hello to Metro over at Metroblog, who liked my stuff enough to comment three times in one sitting and then promise to blogroll me. Don't worry Metro, if I steal your Avid Fans I'll let you steal some of 'em back...

That makes him, or will make him, the first blogger to blogroll me (hint hint Metro...) other than that reasonable conservative Jon Swift, but he'll link to anyone, even liberals and progressives. Thanks Metro.

More bloggage shall happen soon, but for now I'll just point folks at my other blog where I'm experimenting with Wordpress. Typical... here I am busier than a really busy guy who's just taken on two more commitments, and I've got fans relying on me to entertain and educate them.

If only I could use that TARDIS technology to be in two places at once...