Shared posts

23 Apr 20:51

N.Y. Imam Calls 9/11 Museum Documentary Offensive to Muslims

by Josh Encinias
Ryan Overbey

This will be a story to watch closely in the coming months.

When the 9/11 museum opens on May 21, the documentary “The Rise of Al-Qaeda” will play on loop, but an interfaith panel and an imam disagree with the documentary’s portrayal of Islam. 

The documentary is less than seven minutes long and is a small feature in the museum. It’s narrated by NBC News anchor Brian Williams and features images of terrorist training camps and al-Qaeda attacks.

Recently, an interfaith advisory group was shown the documentary, and they did not like what they saw. The group asked that changes be made to the narrative but the museum chose not to take their advice. The group’s only imam resigned in protest of the museum’s decision.

Sheikh Mostafa Elazabawy, an imam from Masjid Manhattan, wrote a letter to the museum’s director, saying the film would “greatly offend our local Muslim believers as well as any foreign Muslim visitor to the museum,” and that “unsophisticated visitors who do not understand the difference between Al Qaeda and Muslims may come away with a prejudiced view of Islam.”

The 9/11 museum isn’t budging. Joseph C. Daniels, president of the non-profit behind the museum, said, “We had a very heavy responsibility to be true to the facts, to be objective, and in no way smear an entire religion when we are talking about a terrorist group.” But some scholars don’t agree.

Akbar Ahmed, chairman of the Islamic studies department at American University, said the use of the terms “Islamist” and “jihadist” in the documentary is problematic because most visitors are “simply going to say Islamist means Muslims, jihadist means Muslims.”

Dr. Ahmed said the 9/11 terrorists need to be condemned and “remembered for what they did,” but he doesn’t want “one and a half billion people who had nothing to do with these actions” forever associated with 9/11.

23 Apr 18:50

Ms Barstool: Taking a trip at the East Bay Spice Co.

by Risa Nye
Ryan Overbey

Cocktail menu looks pretty OK.

The East Bay Spice Company on Oxford Street is open until 2:00am seven nights a week. Photo: Risa Nye

The East Bay Spice Company on Oxford Street is one of the few places open late in Berkeley — until 2:00am seven nights a week. Photo: Risa Nye

When you enter the world of the East Bay Spice Company, allow yourself to be transported to a place far beyond the edge of the Berkeley campus.

While the tree-lined west side of campus is clearly visible from the window that looks out on Oxford Street, the interior will remind you of anything you might have learned about the spice trade. Scattered along the shelves lined with spirits behind the bar, you’ll find blue and white porcelain spice jars, wooden mills, glass jars full of nutmeg and other spices, and a large old-fashioned brass scale — along with a variety of nautical-themed items we couldn’t readily identify.

On a Friday night at the beginning of a holiday weekend, every available table and barstool — inside, outside, and upstairs — seemed to be occupied. We came into the intimate space in a celebratory mood, owing to the spring weather, the holiday ahead, and finding a place to park right across the street. After a brief wait, we settled at the bar and studied the menu. We are fond of clever titles and literary references on drink menus, and found several here that intrigued us.

While we certainly care the most about the composition of our cocktails, we are initially attracted to a play on words, which is why we hesitated briefly when we saw the Last in Translation (Wild Turkey rye, Green Chartreuse, Star Anise Porter reduction, and lemon) — before settling on the more literary Portrait of a Lady (Anchor Hophead vodka, Tru Organic gin, Weiss Cream ale, honey, lemon, and fennel bitters), a book which we are determined to finish reading some day.(...)

Read the rest of Ms Barstool: Taking a trip at the East Bay Spice Co. (729 words)


By Risa Nye. | Permalink | 5 comments |
Post tags: Berkeley cocktails, Berkeley dining, East Bay drinking, East Bay Spice Company, Ms Barstool

23 Apr 12:39

China Clamp Down on Slash Fiction

by Abby

China recently launched a crackdown on online pornographic content: ”Cleaning the Web 2014″. According to the campaign, all online texts, pictures, videos, and ads with pornographic content will be deleted in order to “create a healthy cyberspace”. 

According to Offbeat China, since the launch of “Cleaning the Web 2014″, many Chinese fiction-sharing websites have removed their slash collections, including jjwxc.net, the most popular self-publishing website in China. Websites dedicated to slash, such as dmxsw.com, have been shut down. At least 20 writers have reportedly been arrested for producing slash fiction. 

Written by Abby · comments (0)
Donate · Share: facebook · twitter · googleplus · reddit · StumbleUpon · delicious

18 Apr 19:00

Popular Cryptography

It’s like this: Everybody ought to be able to use strong cryptography any time they’re going to send anything to anybody. Ideally it should just happen, by default, but let’s take baby steps. This is a messy rambling work diary on trying to put some of the pieces together to make that a little more practical than it is today.

Sorry, this isn’t introductory. Maybe when a few more pieces of the solution are in place I’ll be able to write a painless “Here’s how you can do secure messaging” piece. Let’s assume you know what public-key encryption is and how Web APIs and Android apps work, and go from there.

So, what are the pieces you have to pull together to make private messaging for everyone (PM4E) useful?

  1. People have to have keys, and tools to take care of them.

  2. People have to be able to find other people’s keys and have good reason to believe they’re the right ones.

  3. People have to have an easy way to encrypt/sign messages to other people.

  4. People have to have an easy way to decrypt/verify messages from other people.

Keybase.io and OpenKeychain logos

What happened was...

I ran across two pieces of software that seem to represent good progress toward making 1 through 4 above work for ordinary people. First is Keybase, which I wrote up last month; it provides a directory structure for people and keys. Next is OpenKeychain, an Android app from Dominik Schürmann that provides a bunch of handy crypto functions. It turns out that two OpenKeychain-related projects are part of this year’s Google Summer of Code; I think this is a project with legs.

I’m trying to help out both projects in small ways here and there.

1. Having keys

The only really practical toolset I’ve found so far is from the Gnu Privacy Guard (GnuPG) project. They have command-line tools for those who like such things, and GUIs on Mac and Windows. I’m one of those “people who like such things”, and the gpg command-line is hunky dory on OS X and I suspect everywhere else it runs.

The back-end machinery behind it feels robust and smart and convenient; it pushes things into clouds in places that Just Work where that seems appropriate.

One of the hard bits here is that most people are going to need their private keys to exist on more than one place: Typically, at least one computer and at least one mobile device. Amazingly, this is getting close to being user-accessible; I moved my private key from my laptop to my Android by sticking it in Dropbox. I’ve started to believe that this sort of thing is perfectly acceptable, as long as the key passphrase never crosses the wire. But once again, it needs a point&click GUI.

The vendors own this problem

The GUI, well on OS X it’s sorta kinda usable; which means not remotely good enough for civilians.

GPG Keychain Access on OS X

And you know what, that’s not GPG’s fault, that’s Apple’s fault. And Microsoft’s and Android’s and iOS’s. That’s right: Now that we have good robust free back-end public-key infrastructure, it’s ethically incumbent on OS providers to ensure that their OS comes with a nice clean easy safe GUI so that people can make and manage their own keys; this obviously must not require any geek-level understanding about how the pieces fit together and work.

Also, every OS really has to come with an API for this functionality, that messaging software can call out to and get results that provide no-surprise privacy.

2. Finding other people’s keys

The PKI technologies have been around for a long time but, near as I can tell, this key-sharing and key-trusting stuff has been one of the biggest stumbling blocks keeping them from being useful. In crypto-geek culture they have “signing parties” where people (who typically already understand the underlying crypto voodoo) get together and perform command-line rituals to say that “Joe believes that this here really is Ali’s key” and then if you also know that Elias, whom you trust, signed Joe’s key, you can probably believe Joe about Ali’s key.

ROFLMAO. Yeah, gonna happen real soon now at Internet scale, and ordinary human beings are gonna climb right on board with that, yessirreebob.

But the Keybase.io directory I mentioned above has another approach that I think is a winner. You can search in Keybase.io and look up, for example, me, and discover a public key with my name on it, and also strong cryptographic evidence that the person with that key is also github.com/timbray and @timbray and the person who runs tbray.org.

Listing for keybase.io/timbray

The lines under the hex key beginning “A052” are the proofs; you can click on them to help convince yourself.

Which means that if a bad guy wanted to slip in a fake key there, they’d also have to persuade Twitter and GitHub and some DNS machinery to play along simultaneously; it’d be really hard.

So I forked OpenKeychain and have started adding Keybase.io support for it; this is easy, because Keybase has a straightforward HTTP/JSON API and the people building are responsive to questions and suggestions. Also, OpenKeychain is one of the cleanest, easiest-to-understand codebases I’ve stumbled across in years. Thank you Dominik! Here’s what a Keybase key search in OpenKeychain looks like.

Searching Keybase.io in OpenKeychain

I’m assuming that Keybase will introduce proofs via Facebook and email and so on; at the moment they can’t do it on Google+, which has a bug that eats PGP signatures in posts. [Update: Nope, G+ seems to be fixed.] But unless I’m missing something, the finding-trustworthy-keys part of the problem is solved, or at worst on its way to a solution.

Now, Keybase isn’t perfect; it has a super-slick Web GUI, but to decrypt and sign stuff you have to store your private key with them; this makes real crypto geeks blanch in horror, and justly so, because if NSA comes in and waves compelling legal documents at Keybase, they could fiddle with the software in such a way as to give the spooks your private key. Anybody who thinks that isn’t a real risk has their head up their ass.

But the notion of crypto-in-JavaScript is thought-provoking and I have to wonder if there’s a way to do it safely; a combination of siting the Keybase infrastructure in a place out of reach of misguided spooks, and some sort of unfuckable dead-man switch, so that changes to trusted JavaScript code can’t be hidden.

And anyhow, Keybase doesn’t require you to store your private key with them, which is good, except for that means you have to use their command-line interface, which is also pretty good, except for civilians won’t use command lines, so that’s bad. So the same OS providers who should be providing built-in key-management software should also bloody well either support Keybase’s API (which is easy, I’ve done it) or some other logically equivalent key-lookup service.

3. Encrypting and signing

So I guess in an ideal world there’d be “encrypt/sign” buttons in my email and Facebook and Twitter and G+ and Instagram and Snapchat clients. Forgive me, but I find this hard to believe in; at least in the short term.

Well, except maybe on Android, which has this incredibly useful notion of Intents with which you can support “sharing”, my favorite write-up is Alex Lucas’ Share With Intents.

the Share icon

Android users have gotten used to seeing the Share icon beside pictures or movies or chunks of text or, well, anything; press it and you get a menu asking how you want to share. So, you can share a Web page to Twitter, or a photo to email, or a movie to Facebook, or, well, more or less anything to more or less anything.

OpenKeychain

It does much of what GnuPG does, has a reasonably-OK UI, and supports sharing: you can share from any other app to it for encryption/signing, and anywhere you can share text from, you can share to OpenKeychain for decryption/verification.

Encryption/Decryption options on the share menu

Privacy options in the Share menu. Note that you wouldn’t have the option to “decrypt” if this were a photo or something, because decryption only applies to text.

Encrypting a message with OpenKeychain

Once you’ve shared to OpenKeychain, you select who you’re encrypting for off one pick list, and which of your secret keys you want to sign with off another.

No, I don’t know why I’d want to encrypt a note-to-myself about marine maintenance. Yeah, the UI could be a little more compelling. But it works and it’s idiomatic Android tap-and-swipe.

Anyhow, when you’ve made those choices, you click the “Share with” button (yes, it should have the standard “share” icon on it) and you see another standard menu asking you how you want to send the encrypted version along.

4. Decrypting and verifying

Once again, OpenKeychain. But we still have a few problems. One is very specific to the decryption side. I bet that a lot of times, when you encrypt something, you’re going to want to drop the encrypted text into email. Which for a lot of people on Android means Gmail. And when you get that kind of message on Gmail, you quickly discover that it doesn’t have a “Share” option. Bad, bad Gmail! Well... it turns out that if you copy a bunch of text from your email, then a “Share” button pops up, which is better than nothing, and would be better still if Gmail had a “select all” button, which it doesn’t.

Actually, the right answer is for Gmail to notice the PGP signature and just go and bloody decrypt the thing for you. In fact, lots of apps should, OpenKeychain has APIs and they’re under active development. Also, I wonder if it’s a problem that apparently everything crypto-related is GPL’ed; the choice of license seems perfectly appropriate for this domain, but lots of pieces of software that should use these capabilities aren’t GPL candidates. Anyhow, baby steps.

[Update: Dominik says that the OpenKeychain API code is actually Apache2. Win!]

The other problem is that to sign a message, and to decrypt a message sent to you, you have to use your secret key. Which, at the moment, means you have to type in your secret key’s password. Which is wrong, because typing in high-quality passwords on mobile devices is axiomatically wrong.

I’m not sure what the right solution is, and I’m not a deep enough security pro to evaluate the candidates. But I’m wondering if something PIN-based is appropriate, last time I checked, “something you know and something you have” is, in many contexts, better than the strongest password ever.

LastPass and OpenKeychain

Another candidate is password managers, things like 1Password, KeePass, and LastPass. If you absolutely must type passwords into mobiles, you should only ever have to type one, and this is the effect the password managers produce. A few of the password managers are starting to get native-app integration, too; check the picture to see what I mean. LastPass’ native-app integration is based on clever use of Android’s accessibility APIs, another example of the curb-cut effect in action. I’m very impressed.

But there’s a problem, which is that sometimes it doesn’t work. In particular, it doesn’t work with OpenKeychain; sure, the LastPass dialogue pops up like you see in the picture, but something modal goes off the rails in a way that results in no decryption happening.

I like LastPass but I haven’t drilled down on its security policies; for example, I’m pretty convinced that 1Password couldn’t turn your data over to an overenthusiastic civil servant even if they wanted to, and that’s the bar I’d like to see any password manager meet.

Baby steps

In fact, there are a lot of chapters in this story that almost work, but not quite, just yet. But I’m still excited, because I think that the shape of a future in which anyone can have safe access to strong crypto, without having to understand it, is perfectly visible through all these early-stage bugs and shortfalls.

The lines under the hex key beginning “A052” are the proofs; you can click on them to help convince yourself.

Privacy options in the Share menu. Note that you wouldn’t have the option to “decrypt” if this were a photo or something, because decryption only applies to text.

21 Apr 23:33

Break a Leg, Glenn Beck: Politics' Loss Is America's Gain

by Tim Cavanaugh
Ryan Overbey

LOL. Glenn Beck is going to make movies. Pass the popcorn!

The Hollywood Reporter catches up with Glenn Beck as the former Fox talker and media mogul of TheBlaze gets ready to dive into the movie business in the Lone Star State:

Beck says he is developing three original stories as theatrical films — one set in ancient history, one in modern history and a third he considers “faith-based” — and has optioned several other ideas, some of which could be adapted into VOD features. He adds that he has purchased rights to his 2008 best-seller The Christmas Sweater back from Sony and will turn the story into a movie for television or theatrical release.

The Christmas Sweater is a semi-fictionalized recounting of a 12-year-old Beck celebrating his last Christmas with his mother before she died. He says his later real-life problems with drugs and alcohol (he’s been sober since 1994) can be traced back to that Christmas . . . 

Beck notes it’s too early to specify budgets or potential financing partnerships, though he probably has leverage to attract interested parties, considering TheBlaze lands an estimated $40 million in revenue annually and he earns $20 million a year hosting the radio show, according to sources familiar with his business. He also declined to identify the Hollywood moviemaking talent he has hired so far.

“I bought a movie studio for a reason,” he says. “I have every intent of finding great artists who will tell great stories that aren’t typical. Everybody thinks they know who I am because of my stint on Fox — that was two years of my life. I’m much more into culture than I am into politics, and that’s where I intend on making my stand.”

The very successful 50-year-old political-media entrepreneur says the move will take him not just into a new business but largely out of retail politics:

“The message of that film is: Help each other and just be decent,” says Beck. “We’re beginning to agree that Republicans and Democrats suck — they’ve built this machine to grind people into the ground. I hate this stuff. I hate politics. I hate politicians and I feel like I’m wasting my life. Don’t we all know what’s happening? George W. Bush was taking us down a road, and Barack Obama is taking us down that same road. What difference does it make? I don’t want to waste my life anymore.”

Without any irony, sarcasm, or japery, I wish Beck the very best, for a variety of reasons. I find Glenn Beck’s personal journey in some ways the most interesting thing about him. One of the really enjoyable things about his blackboards-and-org charts Fox show was the sense that you were following along with Beck in his own discoveries. Even if you already knew yourself that Woodrow Wilson was not just another president due some measure of reverence but a priggish, racist, tyrannical monster who contributed more than possibly any other single American to the general horribleness of the 20th century, it was fun and exciting to see Beck sharing the news with everybody, fired by the zeal of a recent convert.

I also, though my own moviemaking experience is so far limited to one feature film, understand absolutely where he is coming from. For starters, making movies is better than political journalism in a strictly technical sense: You don’t have to worry about having your facts straight or quoting people accurately; you can just make stuff up and force people to say what you need them to say, and the actors (and hopefully the audience) will actually be grateful that you did. Your stuff gets read more closely, by highly intelligent and accomplished professionals, than any journalism you’ll ever produce. And if you’re lucky, the end product is something that people might actually pay to see and even feel like they got a good deal.

More people in political journalism would be happier, and probably better at their jobs, if they realized what a small percentage of a normal human life is taken up with politics, and that that percentage is a deadweight loss. The other parts of our lives — the parts including culture and family and money and personal goal-setting and friendship — are far richer and more interesting. Good on Glenn Beck for figuring that out, and for doing his best to share the news with everybody.

21 Apr 20:36

Atom XHTML Content Considered Jerky

Dr. Drang writes about varying support for Atom’s content type="xhtml".

I strongly disliked this part of the Atom spec.

The thing about this feature is that the HTML tags are included as naked tags in the XML. That is, they’re not escaped or placed in a CDATA section.

From the good doctor’s example:

<content type="xhtml" xml:lang="en-US" xml:base="​http://lancemannion.typepad.com/​lance_mannion/">
<div xmlns="​http://www.w3.org/​1999/xhtml"><p><em>Barnes & Noble. Thursday. April 17, 2014. Six forty five p.m.</em></p>…
</content>

Just look at it. This feature is a giant invitation to screwed-up feeds. The HTML — which is probably a blog post, typed by a human — has to be valid XML. People writing scripts to generate these feeds have to make sure they can turn that HTML into valid XML.

Feeds are already screwed-up often enough. This could only make it worse.

The second issue: how can a parser handle this? What an RSS/Atom parser really wants is everything between <content> and </content> as a string.

I remember writing this code for NetNewsWire, which still supports this feature. (I checked. I have no idea if they’ve touched my code or not.)

I’m going from memory, but I’m pretty sure this is what I did.

NetNewsWire used libxml2’s SAX parser, which meant it gets called when the XML parser encounters the beginning and end of a tag and when it encounters a range of characters. There was no easy way — that I know of; correct me if I’m wrong — to tell the parser to treat everything inside a tag (<content> and </content>) as a string when there are XML tags inside that tag.

So I wrote the Atom parser to rebuild the HTML. It maintained a string and pushed stuff on it. If it encountered a tag and (optionally) attributes, it would create a string version and push it. When it encountered characters it would push those. When it encountered the end of a tag it would create a string version and push that. Once the </content> was reached then it had the entire string.

The end result was equivalent HTML, but not necessarily character-for-character the same, since little things like quote characters could change.

It worked. But boy was I coding angry that day.

PS Luckily I didn’t see this feature used very often. Still had to write the code, though.

PPS I still wonder if there’s an easier way. (Using a SAX parser. No way would I give up SAX. Performance and memory use considerations require SAX.)

PPPS For a great list of other ways feeds get screwed up, see Brian’s Stupid Feed Tricks.

21 Apr 19:14

Responsive Design: The Picture Element Comes of Age

by Jeffrey Zeldman

Until now, Picturefill supported span-based HTML markup that mimicked a pattern we hoped would one day become a web standard: namely, the picture element and its associated features. Following the hard work of the Responsive Images Community Group (chaired by Filament Group’s own Mat Marquis), we’re pleased to report that there are native picture implementations in development for Chrome, Firefox, Opera, and potentially others!

With this news, this week we released a new version of Picturefill that will make the real picture element work in existing browsers, which means you can start using picture today.

Scott Jehl, Picturefill 2.0: Use the picture element today

 

20 Apr 19:24

Playing philologist at summer camp

by Mark Liberman
Ryan Overbey

Some great #sickburns here.

In response to "What would a "return to philology" be a return to?", Omri Ceren proposes a simple explanation for Paul de Man's assertion that literary "theory" was just a return to philology:

You might be overthinking the de Man thing.

He did the same thing with "philology" that he did with "rhetoric." It's just the bald assertion that he's doing the same thing you're doing, except he doesn't want to put in the time learning specialized methods or doing the empirical grunt work (sustained effort, especially in de Man's case, not being the hallmark of the deconstructionists).

Philologists analyzed the evolution of words to study the structure of language; de Man mentioned words and noticed that language has structure; hey, they're doing the same thing so he must be a philologist too!

It's like summer camp. You get to be whatever you want to be. He pulled the same nonsense with rhetoric. Rhetoricians analyze tropes to understand how language becomes persuasive; de Man mentioned tropes and noted that language is persuasive; hey, they're doing the same thing so he must be a rhetorician too! 

You'd think he's just trying to hijack the ethos of philology for whatever hand-waving he's engaged in, and you'd be mostly right. But there's also a more pernicious move, which becomes more noticeable when it's applied to scientific rather than humanistic disciplines (though it's applied by this crowd to both). It's the same double-move every time: "rigorous methods don't have any privileged access to knowledge" (the you're-not-doing-anything-special move) and "postmodern methods are just as rigorous as any other methods" (the what-we're-doing-is-just-as-special-as-what-you're doing move).

Later:

Or more tersely, now that I've read his philology essay: "hey, philologists think about language; I Paul de Man think about language; I'm doing philology too!"

The move requires a strange combination, driven by a con man's confidence but insulated by ignorance.

If we take some uncontroversial 30,000ft view of knowledge — disciplines split off when particular methodologies align nicely with particular objects of study, so that we can squeeze out new insights — then you can see how total ignorance of specialized methodologies would help. If you don't actually know what someone is doing, you can say with confidence you're doing the same things they are. So Lacanians who can't do math or logic claim they're doing analytical philosophy. Literary scholars who have not the foggiest clue about phonology or morphology are doing philology. And per Richard Rorty, we're all doing science, because after all that's just a narrative too.

There's an anti-intellectual version of this conceit, which is buoyed by the kind of journalism that insists experts ain't all that smart anyways. There's a version found in the workaday academy, which is usually cashed out as complaints about boundary policing. But if you're a former Nazi sympathizer with a European accent taking in the rarefied air of the 1960s humanities, it goes all the way to being the height of sophistication.

I'll add another perhaps-relevant factor:  the supreme intellectual prestige of "philology" in Europe through the middle of the 19th century, and to some extent until WW I. Thus de Man implicitly positions post-modernism as a return to pre-modern verities. The publisher's blurb for James Turner, Philology: The Forgotten Origins of the Modern Humanities (2014) explains:

Many today do not recognize the word, but "philology" was for centuries nearly synonymous with humanistic intellectual life, encompassing not only the study of Greek and Roman literature and the Bible but also all other studies of language and literature, as well as religion, history, culture, art, archaeology, and more. In short, philology was the queen of the human sciences. How did it become little more than an archaic word? In Philology, the first history of Western humanistic learning as a connected whole ever published in English, James Turner tells the fascinating, forgotten story of how the study of languages and texts led to the modern humanities and the modern university.

18 Apr 18:41

Professor Files Charge Alleging University Violated Title IX in Denying Her Tenure | News | The Harvard Crimson

by overbey
Theidon, who holds the title of John J. Loeb Associate Professor of the Social Sciences—an endowed position—said that although she received indication that she was a strong candidate for tenure, she was ultimately denied a permanent professorship at the University. She alleges that the denial was in retaliation for her public expressions of support for sexual assault victims, as well as for complaining that she was not receiving the same pay as her male colleagues.
18 Apr 19:52

OKAY, WELL, THANKS FOR LUNCH. IT WAS REALLY GOOD SEEING YOU...



OKAY, WELL, THANKS FOR LUNCH.

IT WAS REALLY GOOD SEEING YOU AGAIN. REALLY GOOD. I’VE MISSED YOU.

I MISSED YOU TOO.

SO MUCH.

… 

… 

OKAY, SERIOUSLY, I’VE GOT A PILATES CLASS AT 3. IT WAS NICE RUNNING INTO YOU.

IT WAS, WASN’T IT?

LET ME GO, DAN.

18 Apr 19:32

The Coming Real Estate Hyperpocalypse: All YOUR Fault!

by Tim Cavanaugh
Ryan Overbey

“But I also remember how intense the reaction was during the recession, when all the masters of the universe got together to “rescue” us from the threat of reasonably priced homes. All those same people are still working overtime to keep the so-called recovery alive. Fear them.”

Some good folks are pig-biting mad about my recent article noting that the rate of foreclosures has dropped dramatically as a result of the reinflation of the real estate market.

So many nuggets of #yellowjournalism in this @NRO piece by @bigtimcavanaugh, it’s hard to pick my favourite: http://t.co/Pxac3REJ9l

— Sam Heppell (@HeppellSam) April 17, 2014

Some of the vituperation is coming from the usual gang of housing justice fairness activists incensed that anybody (let alone a majority of homeowners and experts) would oppose the practice of giving public assistance to people who borrowed money with no intention of paying it back. But a lot of the abuse stems from a sentiment I agree with — that declaring victory on mortgage defaults means you have to ignore how bogus the “recovery” of the real estate market is.

There are three main claims: 1. Banks are sitting on a massive number of non-performing loans and putting off foreclosure starts because that would mean realizing big losses on their balance sheets. 2. For years the “shadow inventory” of hopelessly distressed homes was said to be in the multimillions, and since it’s not clear what happened to those (estimated) numbers, there are still second, third and fourth shoes waiting to drop on the market recovery. 3. The short-term recovery of the market is the result of massive public expenditures, government support for real estate inflation, and outright deception; so the whole house of cards must eventually collapse.

I agree with the general idea here, and in fact I find the whole concept of the real estate “recovery” infuriating. But facts is facts, and there just isn’t a lot of support for the idea that a second coming of the real estate correction is imminent. The Wall Street Journal had bank-owned property at only 309,000 units in October. Also in October, CoreLogic had the full shadow inventory, including REO and other seriously distressed property, at just1.9 million — about three months of inventory even if it all hit the market at once.

It’s certainly true that banks dragged their feet on foreclosures in the past, through a combination of swamped processing infrastructure, general reluctance to own real estate, and probably an effort to disguise how dire their balance sheets were. But in fact, the reinflation of real estate increases the bank’s incentive to foreclose on a bad loan. In most cases, foreclosure is just a way of minimizing losses: you lose the value of the loan but you end up with an asset you can unload in order to make up some of what you lost to the deadbeat. But foreclosing on a bad loan in a rising market can be an attractive deal: The lender can potentially end up owning a property that is worth more than the amount of the remaining principal. For the same reason, bad borrowers in rising markets will try to avoid default and foreclosure. That happens more often than you might think: A Boston Fed report [pdf] from 2009 — a time when house prices were still plummeting — found that a third of bad borrowers managed to “self-cure” without any loan modification or outside help. That portion can only go up as the incentive to hang on to the property increases.

That said, I fully agree that the 2006 crash was only a partial correction that was interrupted, less than midway through its healthful work, by massive fiscal, monetary and regulatory interventions. As a function of income, real estate began 2006 outrageously overvalued; it hit the trough of the downturn only noticeably overvalued; and today it is stunningly overvalued. This is an imbalance that began in the 1990s and has gotten more pronounced, and it is well outside of historic norms.

For most of postwar history, a house cost about 1.5 to 2.5 times more than a person earned in a year. Today, even after the much-whined-about correction, it is more than four times as much. In 1940 the median U.S. income was $1,368; and the median house price was $2,938, a little more than double the income figure. In 1960 the income figure was $6,200, while the house price was $17,200, 2.77 times as much. In 1980 the ratio was 1/2.62, with income at $18,000 and house price at $47,200.

But by 2011, supposedly the bottom of the correction, a house cost more than four times what an American earned in a year: income $50,054; house price $212,300. It is a massively unfair situation, and like most contemporary unfairness, it is directed against the young, who are looking at an ever-growing chasm between what they earn and what it takes to buy a house.

The standard explanations for this imbalance are laughably inadequate. Does anybody believe this is all the result of low interest rates (which by the way are an artificial phenomenon that can’t be sustained indefinitely), or that houses today are that much more valuable because they have bigger bathrooms and granite countertops? As Edgar Guest might have said if he were a certified financial planner, it took a heap o’ swindlin’ to make these houses into overpriced homes. Land-use policy, relentless Realtor propaganda, heedless pro-homeowner lawmaking by both parties, and maybe most of all the IRS’s unjust mortgage-interest deduction (which indirectly encourages real estate ownership by directly encouraging real estate debt) all had a hand in creating this monster.

As 2006 proved, some parties can come to an end even though they have massive political, business, financial and popular buy-in. Like many of you, I long for the second coming of the real estate crash, and I’m encouraged that RealtyTrac estimates there are still 9.1 million homes underwater. But I also remember how intense the reaction was during the recession, when all the masters of the universe got together to “rescue” us from the threat of reasonably priced homes. All those same people are still working overtime to keep the so-called recovery alive. Fear them.

Never doubt that a large group of panicking idiots can prevent the world from changing, especially when they have all the guns, all the money and all the microphones.

17 Apr 18:42

NoSQL Meets Bitcoin and Brings Down Two Exchanges: The Story of Flexcoin and Poloniex

by overbey
Ryan Overbey

“Any masters student in a top school can build an eventually consistent datastore over a weekend, and students in our courses at Cornell routinely do. What they don't do is go from door to door in the valley, peddling the resulting code as if it could or should be deployed.”

The problem here stemmed from the broken-by-design interface and semantics offered by MongoDB. And the situation would not have been any different if we had used Cassandra or Riak. All of these first-generation NoSQL datastores were early because they are easy to build. When the datastore does not provide any tangible guarantees besides "best effort," building it is simple. Any masters student in a top school can build an eventually consistent datastore over a weekend, and students in our courses at Cornell routinely do. What they don't do is go from door to door in the valley, peddling the resulting code as if it could or should be deployed. Yes, yes, the broken-by-design apologists will trot out the usual refrain that goes "there is nothing wrong with MongoDB as long as you always deploy it knowing that it can give you back bogus answers." Yeah well, there is nothing wrong with flammable mattresses either, just make sure there is no source of ignition nearby. It just turns out that we then get charred family tragedies, because people are fallible. Little websites that start out as a pokemon collection or Magic the Gathering trading cards suddenly turn into world's largest Bitcoin exchange handling half a billion dollars, and oops.
17 Apr 18:05

How quirky is Berkeley? The Giant Orange of Spruce St.

by Tom Dalzell
Giant orange at 722 Spruce St.  Photo: Colleen Neff.

The Giant Orange at 722 Spruce St. Photo: Colleen Neff.

Of the thousands of examples of quirky material culture that I have seen in Berkeley, my favorite is a giant orange on Spruce Street. It has nothing to do with Roald Dahl, but everything to do with old, weird America, a brilliant phrase coined by Berkeley’s extraordinary cultural writer Greil Marcus.(...)

Read the rest of How quirky is Berkeley? The Giant Orange of Spruce St. (553 words)


By tomdalzell. | Permalink | 8 comments |
Post tags: Bruce Dodd, Giant Orange of Spruce Street, Greil Marcus, Quirky Berkeley, Tom Dalzell

16 Apr 21:15

Ludaversality and its discontents

Doing anything outside of the norm was historically considered Ludacris.

17 Apr 00:26

Samsung Launches Website Highlighting ‘Meaningful’ Design

by John Gruber

You can’t make this stuff up.

14 Apr 16:00

Cardinals trounce Bears in first ever birding Big Game

by Ilana DeBare
Ryan Overbey

Rich kids even win at _birding_.

Jack Gedney and Maureen Lahiff search for birds on the UC Berkeley campus. Photo: Peter Maiden

Jack Gedney and Maureen Lahiff search for birds on the UC Berkeley campus during Sunday’s inaugural Cal vs Stanford Big Game birding competition. Photo: Peter Maiden

Ten birding Bears! Four song-filled hours! Sixty-four species! But alas, no victory.

The Berkeley birding team organized by Golden Gate Audubon Society fell eleven species short of their cross-bay rivals on Sunday morning, in the first ever Cal-versus-Stanford Big Game birding competition.

The Stanford team spotted 75 species to Berkeley’s 64. Berkeley may have been undone in part by the humble sparrow.

“We had a lot of sparrows,” said Rob Furrow, a Santa Clara Valley Audubon member who led the Stanford team. “White-throated Sparrows, Grasshopper Sparrows, Lark Sparrows, Savannah Sparrows.”(...)

Read the rest of Cardinals trounce Bears in first ever birding Big Game (699 words)


By Ilana BeBare. | Permalink | 3 comments |
Post tags: Birding, Birding Big Game, Cal-versus-Stanford birding competition, Golden Gate Audubon Society, Golden Gate Birder, Stanford, UC Berkeley

15 Apr 05:33

Chris Culliver pleads not guilty to hit-run, brass knuckles charges

by Associated Press
Ryan Overbey

By the end of the offseason, what percentage of the 49ers roster will be charged with felonies?

San Francisco 49ers cornerback Chris Culliver has pleaded not guilty to misdemeanor hit-and-run charges and felony possession of brass knuckles.
15 Apr 03:19

Oberlin backs down on 'trigger warnings' for professors who teach sensitive material | Inside Higher Ed

by overbey
Ryan Overbey

TW: meta-discussions about trigger warnings

14 Apr 17:10

Very Worrisome

by Josh Marshall

I totally get the very correct desire to avoid violence. But allowing a bunch of militia freaks and gun-toting thugs to run off federal agents trying to act against a rancher who's refused to pay grazing fees for using federal lands for 20 years seems like a very, very bad idea. If you've missed what happened this weekend, read this.

14 Apr 20:01

★ No One Said Following Is Easy

by John Gruber

Ina Fried, reporting for Recode on the ongoing Apple-Samsung court case, “Top Android Executive Says Google Didn’t Copy Apple’s iPhone”:

Lockheimer testified that Android, too, was the product of long hours and hard work.

“The hours were pretty grueling,” Lockheimer said, speaking of the early days of Android as the operating system was being developed in 2006 and 2007. “They continue to be grueling, by the way. … We work really hard.”

Later in the article:

One thing that was not initially contemplated for the first Android device — at least initially — was any sort of touchscreen.

Weird use of initially in that sentence. As shown below, touchscreens probably were “contemplated” for the first Android devices (they expressly mentioned the potential to support them eventually) but they were explicitly rejected in the specification for Android 1.0.

“Touchscreens will not be supported,” Google said in a 2006 specification for Android devices. “The product was designed with the presence of discrete physical buttons as an assumption. However, there is nothing fundamental in the products [sic] architecture that prevents the support of touch screens [sic] in the future.”

Obviously, Google later changed course and a touchscreen became mandatory. Lockheimer said the vision evolved as the company learned what it heard screen manufacturers tell it what was coming down the pipeline.

This testimony defies credulity. Consider the timeline. As Daniel Dilger documents in a report today for AppleInsider looking at Android design documents entered as evidence in the trial, in August 2006, the draft Android 1.0 design document mandated up/down/left/right/select hardware buttons and explicitly stated that touchscreens would not be supported. Then, the very next revision of the specification, in April 2007 — a draft described as a “major update” — multitouch touchscreens became mandatory. In August 2006 Android was planned as a BlackBerry/Windows Mobile style hardware-button platform with no initial support for touchscreens. In April 2007 it became a platform where multitouch touchscreens were mandatory. The only way one could believe that this change was driven by what Google heard from screen manufacturers is if what the screen manufacturers told Google was, “Holy shit, what are we going to do about the iPhone?”


But what caught my attention is the “hard work” angle in Lockheimer’s testimony. Long hours of hard work don’t disprove that Android copied the iPhone. In fact, copying the iPhone would imply more work. They effectively designed the Android platform twice: first as a BlackBerry/Windows Mobile style hardware button platform, and then as an iPhone-style touchscreen platform.

The word copying is pejorative, so let’s just call it following. Of course Android followed the iPhone’s lead. But what else was Google to do? It took genius to conceive and create the original iPhone. But once it was revealed — and especially once it hit the market — anyone with a lick of sense could see that this was how all such devices should work. If Google had stuck to its original design for Android, it wouldn’t have succeeded in a post-iPhone world — it would have been Windows Mobile without the existing market share.

The first successful implementation of a radical idea is usually and correctly lauded as the innovator. The second is derided as an imitator. But by the time you get to the third and fourth, the idea becomes a category.

It was inevitable that competitors would follow the iPhone’s lead, and it was inevitable that Apple would feel wronged when it happened. What I wonder about is whether it was inevitable that Apple would sue. Are they pursuing Samsung in court because Samsung is so clearly their most successful rival in the handset industry, or is it because Samsung so clearly copied — not merely followed but gratuitously copied — so much from Apple? I suspect it’s both — that it was the combination of Samsung’s blatant copying and mimicry of the iPhone’s trade dress, combined with their success, that has compelled Apple to fight them tooth-and-nail in court.1

I suspect Apple’s goal is not so much about procuring redress for Samsung’s past actions, but rather to send a message. I doubt Apple will be awarded enough money from this Samsung lawsuit to have made the effort worthwhile directly. But indirectly, if the message gets through to competitors that Apple is willing to pursue lawsuits like this with a seemingly irrational fervor, and it makes them (the competitors) gun-shy to copy future Apple products, to follow Apple too closely — it may not be so irrational after all.2


  1. They’ve sued other companies, too — most notably HTC. But nothing with the fervor and high stakes of this Samsung lawsuit. 

  2. I also believe that Apple’s executives — Tim Cook, Phil Schiller, Eddy Cue, all of them — truly believe that suing Samsung, fighting the case until the bitter end, is the morally right thing to do. Remember what Steve Jobs told Walter Isaacson about his willingness to spend “every penny” of Apple’s cash and “go thermonuclear war on this”. I believe Apple’s current leadership feels exactly the same way. The fact that this is not entirely rational, that it’s driven in part by emotion, anger, and a sense of justice, serves Apple’s interests by disincentivizing would-be future copiers. A crazy opponent is a dangerous opponent. 

13 Apr 19:01

bag-of-dirt: Portrait of a Soviet medical orderly of the 1st...

by joanna-molloy


bag-of-dirt:

Portrait of a Soviet medical orderly of the 1st Guards Cavalry Corps during the Battle of Moscow on the Eastern Front, January 1942.

14 Apr 11:15

Prubechu: For the love of Guam

by Michael Bauer

Prubechu: A San Francisco love letter to Guam

Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu Dining13 Prubechu

I can’t tell you exactly why, but diners can taste the difference in food that’s made with love and passion. It’s much like a singer who knows all the right notes, but the song falls flat. It’s not until he or she is invested in the words does the song come to life.

While not every dish was perfect on my review visits to Prubechu, it was clear that chef/owner Shawn Naputi cares deeply about what he is doing. He is from Guam, and at this modest restaurant that took over the space of Roxy’s Cafe, he and co-owner Shawn Camacho share their connection for their homeland on the five-course fixed-priced menu ($40).

It is to my knowledge the only Chamorro restaurant in San Francisco, and it’s another example of why food is so exciting — it connects people to their homeland and gives others a glimpse of where they’ve came from.

14 Apr 16:08

Prepare your taxes while watching tonight’s lunar eclipse

by John Timmer

Early tomorrow morning, starting at about 1am on the East Coast, there will be a total eclipse of the Moon that will be visible from most of North America. The first signs will be a gradual dimming, followed by the appearance of the Earth's shadow a bit before 2am Eastern Time; by 3am, the total eclipse will begin, lasting for about an hour and a half.

This will be the first of four eclipses that are grouped in what's called a tetrad. Although there have been only 142 tetrads over the last 500 years, they tend to cluster; there were none between 1582 and 1908, but we'll have eight tetrads this century. (The first already occurred in 2003/2004.) The other eclipses in this tetrad will be in October of this year, followed by one each in April and September of 2015.

Read on Ars Technica | Comments

13 Apr 06:46

New-Age Bullshit Generator

by overbey
Ryan Overbey

so so very good.

After sitting through hours of New Age rhetoric, I decided to have a crack at writing code to generate it automatically and speed things up a bit. I cobbled together a list of New Age buzzwords and cliché sentence patterns and this is the result.
12 Apr 23:02

Changing of the guard ceremony at the Tomb of the Unkown Soldier...



Changing of the guard ceremony at the Tomb of the Unkown Soldier in Kiev, Ukrainian Soviet Socialist Republic. Photo by Eve Arnold, 1975.

12 Apr 12:56

Higher standards

Many people are—quite rightly, in my opinion—upset about the prospect of DRM landing in the W3C HTML specification at the behest of media companies like Netflix and the MPAA.

This would mean that a web browser would have to include support for the plugin-like architecture of Encrypted Media Extensions if they want to claim standards compliance.

A common rebuttal to any concerns about this is that any such concerns are hypocritical. After all, we’re quite happy to use other technologies—Apple TV, Silverlight, etc.—that have DRM baked in.

I think that this rebuttal is a crock of shit.

It is precisely because other technologies are locked down that it’s important to keep the web open.

I own an Apple TV. I use it to watch Netflix. So I’m using DRM-encumbered technologies all the time. But I will fight tooth and nail to keep DRM out of web browsers. That’s not hypocrisy. That’s a quarantine measure.

Stuart summarises the current situation nicely:

From what I’ve seen, this is a discussion of pragmatism: given that DRM exists and movies use it and people want movies, is it a good idea to integrate DRM movie playback more tightly with the web?

His conclusion perfectly encapsulates why I watch Netflix on my Apple TV and I don’t want DRM on the web:

The argument has been made that if the web doesn’t embrace this stuff, people won’t stop watching videos: they’ll just go somewhere other than the web to get them, and that is a correct argument. But what is the point in bringing people to the web to watch their videos, if in order to do so the web becomes platform-specific and unopen and balkanised?

As an addendum, I heard a similar “you’re being a hypocrite” argument when I raised security concerns about EME at the last TAG meetup in London:

I tried to steer things away from the ethical questions and back to the technical side of things by voicing my concerns with the security model of EME. Reading the excellent description by Henri, sentences like this should give you the heebie-jeebies:

Neither the browser nor the JavaScript program understand the bytes.

Alex told me that my phone already runs code that I cannot inspect and does things that I have no control over. So hey, what does it matter if my web browser does the same thing, right?

I’m reminded of something that Anne wrote four years ago when a vulnerability was discovered that affected Flash, Java, and web browsers:

We have higher standards for browsers.


Tagged with w3c drm eme standards security


Have you published a response to this? Let me know the URL:

12 Apr 02:03

Male aunty

by Victor Mair

Joel Martinsen came across this snapshot a couple of days ago:


Here's the story

The sign says:

Zhāopìn
Zuòfàn āyí
(Nánnǚ bù xiàn)

  招 聘
做饭阿姨
(男女不限)

Help Wanted
Cook Aunty
(Male or female)

Baidu Fanyi translates the last line more literally as "not limited to men and women".

We've been grappling with gender a lot lately, and it looks like we have more gender bending going on here.

The key term is āyí 阿姨 ("aunt; auntie; aunty; nurse[maid]"). The first syllable is a noun prefix designating terms of relationship; the second syllable contains the semantic core of the word — note that the character used to write this syllable has the female radical.

Chinese families often hire an āyí 阿姨 ("aunty") to help with the children, but many of the āyí 阿姨 that I encountered in China served primarily as cooks for the families where they were employed. In this case, it is fairly clear that cooking duties are being emphasized.

But wait a minute! What about the last line, which declares that this "cook aunty" can be either male or female (or maybe even something else!)? It would appear that āyí 阿姨 ("aunty") is losing its gender designation in China, so for many people it no longer sounds strange to think of a "male aunty".

It's no stranger than to speak of a "male nurse", though I must confess that, when I was young and first heard that expression, I felt confused. Similarly, it took me a while to get used to the fact that stewardesses could be male (never mind that "stewardess" is obviously the femininization of "steward"). See: "'Male stewardess' just didn't fly". More generally, see also this Wikipedia article on "Gender marking in job titles".

[Thanks to Rebecca Fu, Jing Wen, and Cheng Fangyi]

11 Apr 15:45

Meet the Bag Man

by John Gruber

Eye-opening feature by Steven Godfrey for SBNation on the stream of money paid to college football recruits and players:

Remember, your job as a bag man isn’t to hide the benefit. It’s to hide the proof. In a region as passionate about college football as the American South, there’s no real moral outrage when new cars or clothes or jobs for relatives appear.

“We can only get away with whatever’s considered reasonable by the majority of the folks in our society. That’s why it’s different in the SEC. Maybe that’s why we’re able to be more active in what we do. Because no one ever looks at the car or the jewelry and says, ‘How did you get that, poor football player?’ They say, ‘How did they get you that and not get caught, poor football player?’”

11 Apr 15:53

Scaling the Facebook Data Warehouse to 300 PB

by John Gruber

Pamela Vagata and Kevin Wilfong, writing for the Facebook Engineering Blog:

At Facebook, we have unique storage scalability challenges when it comes to our data warehouse. Our warehouse stores upwards of 300 PB of Hive data, with an incoming daily rate of about 600 TB. In the last year, the warehouse has seen a 3x growth in the amount of data stored. Given this growth trajectory, storage efficiency is and will continue to be a focus for our warehouse infrastructure.

600 TB of incoming data per day is mind-blowing. I can’t fathom it. And it’s great that they’re sharing this information. There can’t be that many entities dealing with this scale of data storage, and the others likely aren’t sharing what they’ve learned. This is the cutting edge of computer science.

11 Apr 16:08

Eye-Openers: Beef prices hit an all-time high

by Paolo Lucchesi
Beef cattle roam the brown-dirt fields on a ranch on the outskirts of Delano, in California's Central Valley, on February 3, 2014.  At this time of the year normally, the fields would be covered in lush green grass but the western US states's worst drought in decades has reduced the land to a parched moonscape. California rancher Nathan Carver, who's family has owned a ranch nearby for five generations, remembers tales his grandparents told of the Dust Bowl years in the 1930's, but this is as bad as he has ever seen it in his lifetime, he said.   AFP PHOTO/Frederic J. BrownFREDERIC J. BROWN/AFP/Getty Images

Beef cattle roam the brown-dirt fields on a ranch on the outskirts of Delano, in California’s Central Valley, on February 3, 2014. At this time of the year normally, the fields would be covered in lush green grass but the western US states’s worst drought in decades has reduced the land to a parched moonscape. California rancher Nathan Carver, who’s family has owned a ranch nearby for five generations, remembers tales his grandparents told of the Dust Bowl years in the 1930′s, but this is as bad as he has ever seen it in his lifetime, he said. AFP PHOTO/Frederic J. Brown

From the local scene:

  • Beef prices has officially hit an all-time high in America — and they’re not expected to come down anytime soon: “Extreme weather has thinned the nation’s beef cattle herds to levels last seen in 1951, when there were about half as many mouths to feed in America … The retail value of ‘all-fresh’ USDA choice-grade beef jumped to a record $5.28 a pound in February, up from $4.91 the same time a year ago.” [Los Angeles Times]
  • Hapa Ramen, Juhu Beach Club, Kin Khao, Nopalito and the case for paying more for ethnic food. [Edible SF]

From the national scene:

  • The obit for Steven Shaw, pioneering online food writer. [New York Times]
  • Quinoa quarrel? Quinoa quarrel. [Harper's]
  • Peets Coffee opens a new location just steps from the White House. [Business Times]
  • Get to know the Breslin’s lamb burger. [Serious Eats]
  • “How I Learned to Love Vegetables—by Following the Grateful Dead” [Bon Appetit]