Shared posts

26 Jul 12:21

TT-RSS FTW

by Steven D. Brewer

When Google first began killing Reader, I was very sad. But I saw the writing on the wall and began promptly looking for alternatives. After investigating, I settled on Tiny Tiny RSS, a project run by a curmudgeonly guy in Russia. He is famous in the support forum for savaging people that ask stupid questions without having bothered to do their homework.

TT-RSS requires some resources and a bit of technical expertise to set up. You need a LAMP server and you have to know how to manage permissions and start a daemon. But it really only takes a few minutes, if you have the necessary resources and you know what you're doing.

I had first set up an instance at Dreamhost and then later on the BCRC server. Dreamhost shared hosting isn't a good solution for tt-rss because they wont't let you run a daemon. You can run the updates out of cron, but it's not very satisfactory. The instance I ran on the BCRC server was OK, but I wanted to make it available to students and faculty using ldap, which uses http-basic authentication. This required some extra effort to offer public shared feeds and left Phil out, since he's not in the Department. He had switched to using The Old Reader, but it has been slow (or just unavailable). So last night, when he mentioned that, I offered to set up an instance on my new home server.

Since North Star wasn't using the computer I built with the students, I decided to bring it home and use it as a home server/workstation. I needed something since my laptop, which had been the repository of all my files and data, started failing this spring and the replacement laptop, provided by the university, is pretty unsatisfactory -- and doesn't have a large enough drive to store all my files. So far, I've been able to get Ubuntu to easily do anything I've needed to do.

It took about a half hour to set up tt-rss on the stock Ubuntu install. It wanted a php with curl, so I had to google up a command to do that. And I had to google up an init.d script to start and stop the daemon. And this morning, I found a problem: we were getting errors trying to subscribe to our shared feeds "XML Parsing Error: XML or text declaration not at start of entity". When I had created the config.php file (which you do by copying and pasting from the installer, now) I had accidentally left in a blank line at the end of the file.

As I say, I'm very happy with tt-rss. The web interface is excellent and there is also a good client for android, which I was willing to pay for. I don't miss Google Reader at all.

22 Jul 15:50

Naughty Little Booze Hound

by Jim Macdonald
Philipbrewer

You have to click through to read. Lots of interesting comments there, too. (Jackie will remember tnh and pnh from the "Whiskey whisky bourbon and rye"panel at WorldCon in Scotland.)

Let me recommend a book to you: Vintage Spirits and Forgotten Cocktails by Ted Haigh. The subtitle is "100 Rediscovered...
19 Jul 21:21

Novel: A Delicate Truth by John le Carré

by Chris East
Philipbrewer

An interesting perspective on Le Carree's work. Makes me want to read this new one.

Late in John le Carré’s new novel A Delicate Truth (2013) comes a passage that, for me anyway, illustrates a thematic difference between his more recent books and his earlier ones.

And from there, he wandered off into an argument with Friedrich Schiller’s grandiose statement that human stupidity was what the gods fought in vain. Not so, in Toby’s opinion, and no excuse for anybody, whether god or man. What the gods and all reasonable humans fought in vain wasn’t stupidity at all. It was sheer, wanton, bloody indifference to anybody’s interests but their own.

This passage crystallizes a general shift in his work, I think:  from the traditional moral ambiguities of spy fiction, to the less traditional, but perhaps more relevant, moral certitudes of  the 21st century.  This shift may have started with The Constant Gardener – I might claim as much if I were a more careful reader with a better memory – but it’s certainly true of Our Kind of Traitor, and now A Delicate Truth.  Le Carré has grown more certain in his voice, and these recent books don’t shy away from taking sides.  They pick their heroes, brand their villains, and pit them against each other, making no bones about it.  This probably disappoints some readers, who perhaps prefer the gray areas of the Cold War, and particularly those who disagree with le Carré’s leftist ideology.  But to me it still succeeds at a high level, and le Carré remains an eloquent critic of our leaders and institutions, and the perils of standing up to them.

A Delicate Truth opens with an operation in Gibraltar: the apprehension of a suspected jihadist terrorist, mounted by a private sector security force with nominal British oversight.  The mission, supposedly, comes off without a hitch.  But years later, the truth starts to come out when now-retired British diplomat, Christopher “Kit” Probyn, is approached by one of the British soldiers who carried out the op. Probyn sees the operation as the crowning achievement of his career – but was it really a success?  Meanwhile Toby Bell, an idealistic young politician who worked for the Minister responsible for the job, cottons on to its unseemly nature, and wrestles with how to pursue it.  The two men unravel the mystery, their separate paths destined to intersect in a confrontation with an international conspiracy.

While the first chapter felt a bit muddy to me, le Carré’s sure-handed storytelling asserts itself soon after.  Once his heroes and their dilemmas are introduced, the plot escalates briskly, leading to a perfectly clocked, chilling conclusion.  Le Carré the political critic is definitely in incisive form again, rightly villifying the British and especially American intelligence worlds and policy-makers.  But it’s equally, if more sympathetically, critical of its well-meaning heroes, who for all their bravery and honor come across as naïve, reckless, and short-sighted. They’re no less heroic for it, but the sad truth is that their heroism is even needed.

I don’t think it’s quite le Carré in perfect form. There is the murky opening, and some broad villainy. Also, some late, over-explicated reveals make the mystery resolution somewhat anticlimactic…although part of me wonders if that’s a deliberate point. Have we become so jaded that shocking secrets no longer matter? Does revealing them even lead to meaningful change any more?  A Delicate Truth raises these questions masterfully, and leaves one contemplating the dark answers.

14 Jul 12:28

Raking Rocks

by tara@goingslowly.com (Tara)
Philipbrewer

Formerly local world travelers (by bicycle) prepare to pour a slab.

After finishing my indexing quota for the day, I headed "downstairs" to help Tyler rake the stone that was dumped in our workshop's concrete form yesterday. Using Peter's slab plans as a guide, we shaped the material into a flat mound with carefully sloping edges. Early in the afternoon, Rick stopped by to fix a broken hydraulic hose on his excavator.

Rick's Excavator Leaking Hydraulic Fluid Tyler and Rick Fixing Hydraulic Line Rick

His dog Oliver came too!

Oliver

But mostly it was just Tyler and I, raking and shoveling all afternoon. Moving small pieces of stone around is far more difficult one would think—it was a heck of a workout! I kind of felt like I was an old-timey prisoner from a movie. Tyler and my synchronized shovel-strokes and grunts of exertion made me want to sing work songs or sea shanties! Heave Ho!

Tara Shoveling Rock Tara Shoveling Rock

During the process, there was plenty of measuring to do. We stopped often so I could squint behind the eyepiece of our newly purchased builders level, while Tyler held up a big metal yardstick in various points around the rock heap. Our goal was to get the main mass of stone five inches below the top of the form. The perimeter, which will have far more concrete to support the load of the timber posts, needed to be a full 16 inches below the form.

Checking Height with Builder's Level Checking Height with Builder's Level Grindbygg Slab Sections

Hoo boy. After a good five hours of raking and shoveling (even more for Tyler!), as well as acting as sitting-ducks for a veritable mosquito massacre, we were finally finished. Now, I'm in bed next to Tyler, who is completely passed out. I can feel every single muscle aching in a good way. I don't think I'll have any trouble falling asleep tonight!

Workshop Concrete Form with Stone Raking Stone
|
12 Jul 11:21

[cancer|art] Gene sequence scarf

by Jay

Astrid Bear has been very kindly been working on a fascinating art project. She has taken part of the base pair sequence of my Chromosome 18, the one most likely implicated in my colon cancer, and translated it into a weaving pattern.

This past weekend at the Locus Awards, Astrid showed me her first sample swatch.

Test swatch for scarf knitted by Astrid Bear

That’s me there, encoded in the yarn. A tiny little fraction, about 18/6,000,000,000 of my genetic code. A celebration of my life and a poke in the eye of my cancer via the medium of fabric art.

I want to thank Astrid for both her generosity and her creativity. There will be more on this.


Photo © 2013, Joseph E. Lake, Jr.

Creative Commons License

This work by Joseph E. Lake, Jr. is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

11 Jul 12:09

[photos] Your Wednesday moment of zen

by Jay
Philipbrewer

All the bactrian camels you like, as long as it's two.

Your Wednesday moment of zen.

00000216

Bactrian camels, Outer Mongolia. Photo © 1992, 2013, Joseph E. Lake, Jr.

Creative Commons License

This work by Joseph E. Lake, Jr. is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

10 Jul 21:31

Wage deflation charts of the day

by Felix Salmon
Philipbrewer

Interesting data about real wages during the recovery, plus a neat list of occupations at the end.

NELP, the National Employment Law Project, has taken a detailed look at what happened to wages during the recovery — specifically, between 2009 and 2012. They looked at the annual Occupational and Employment Statistics for three years — 2007, 2009 and 2012 — and created a list of wages for 785 different occupations. They then split those occupations into five quintiles, according to income; the lowest quintile made $9.49/hr, on average, last year, while the highest quintile averaged $40.23/hr.

But let’s not look at averages, let’s look at the actual disaggregated data. Here are some charts which Ben Walsh laboriously constructed, and which need a little bit of explanation. Each thin line is one occupation, with nominal wages rebased to 2007=100. As a result, these charts show increase in wages, rather than absolute wages: the lines which rise the most are the ones with the biggest pay raises, not the ones with the highest pay. (Although, as you’ll see, the two are highly correlated.)

The two green lines show inflation: the dark-green line is CPI, while the light-green line is CPI-U, the urban index used by NELP. As a result, all the jobs below the green lines saw real wage declines between 2007 and 2012, while all the jobs above the green lines saw real wage gains.

The charts are presented in order, with the 1st quintile — the lowest-earning occupations — first. You can see that while wages grew in both real and nominal terms between 2007 and 2009, there was a decided flattening off thereafter, and inflation started overtaking a lot of jobs from 2009 onwards. The actual figures: real wages grew 1.9% between 2007 and 2009, and then fell 2.8% between 2009 and 2012, which means that over the full five-year period they fell, overall, by 0.9%.

1stq.png

2ndq.png

3rdq.png

4thq.png

5thq.png

As you go down the charts, you can see that until you get to the fourth and fifth quintiles, most jobs fall below the green lines — which means that they’re seeing their real wages fall. You can also see the commodification of low-wage jobs in the the number of occupations in the bottom two quintiles: there are just 47 occupations in the bottom quintile, while there are 186 occupations in the top quintile. (Each quintile, of course, includes the same number of total workers.)

The big-picture lesson that NELP draws is that between 2009 and 2012, real median hourly wages fell by 2.8% — and that the poorer you were to start with, the more your wages fell. The top quintile didn’t do well: their wages dropped by 1.8%, in real terms. But the fourth quintile did particularly badly: its wages fell by 4.1%, on average. To take one example, occupation 39-5012 — that’s Hairdressers, Hairstylists, and Cosmetologists — was earning $12.00 an hour, in 2012 dollars, in 2009. But by 2012 they were earning just $10.91 per hour: a drop of more than 9%. Or look at occupation 51-6042 (“Shoe Machine Operators and Tenders”): that job saw wages fall 14%, in real terms, in just three years, with nominal wages falling from $12.69 to $11.69 per hour.

The charts show the large range of outcomes: some occupations are doing great. At the top end, the highest-paid profession on the list, Psychiatrists, went from earning $69.48 per hour in 2007, to $83.33 per hour in 2012. That’s a real increase of 8.3%. But overall, everybody is doing pretty badly. Here’s the NELP chart:

nelp.tiff

This chart shows where a lot of the current stock-market strength is coming from: capital is taking more than 100% of real productivity gains, with labor steadily losing out. This, I fear, is the New Normal: OK for investors, bad for workers.

Finally, just because I love it, here’s the list of people earning between $26 and $27 per hour, on average. Here Roof Bolters keep company with Social Workers, Librarians hang out with Foresters, and — of course — Public Relations Specialists linger near Writers and Authors. Luckily the Police and Sheriff’s Patrol Officers are there to keep the peace.

26.tiff

10 Jul 14:35

#RKOI by dgdsn

Philipbrewer

Jackie mentioned not knowing what a Guy Fawkes mask looked like.



#RKOI by dgdsn

10 Jul 12:10

Recent Foreign Policy History Does Not Deserve the Name "Realist"

by Ryan Cooper
Philipbrewer

Both the quoted bit and the main text are interesting.

One of Josh Marshall's readers comes up with the following scheme:
What I find most compelling about the Snowdon affair is what it says about changing generational attitudes toward foreign policy—in particular, I feel that it’s the first major salvo in Generation Y’s war on realist foreign policy.
Edward Snowdon and I are the same age; our adolescence sits squarely between the fall of the Soviet Union (8 years old) and the events of 9/11 (18 years old). During that time, without the bipolar rivalry that overshadowed much of the twentieth century, American culture shifted toward a greater emphasis on issues that assumed global cooperation, such as environmentalism and humanitarianism, and placed significant value on cross-cultural exchange. (I’m thinking of shows like Captain Planet, in which an international, multi-ethnic team of kids thwart rapacious corporate villains). Furthermore, it was always assumed that the United States, secure in its position as the world’s sole superpower, would be leading such efforts, and doing what it could to bring about a more unified, less contentious world community.
Contrast that with the tenets of realism, which assume that competition between states is an immutable fact of life, and that individual nation-states are, in some sense, perpetually at each other’s throats for the upper hand on the world stage. In such an environment, the less savory aspects of spycraft (like spying on your allies, or hacking into the servers of private companies) make perfect sense. But in the world Edward Snowdon and a lot of other Gen Y kids thought they were growing up in, it’s a gross violation of basic decency. Worse, it’s a vestige of a bygone era, a worldview that has no appeal to children of the Information Age, who have seen the power of unbounded, collaborative spaces like the Internet and are increasingly disgusted with the human toll wreaked by self-serving foreign policy.
I definitely agree that the recent history of American foreign policy has been a nearly unmitigated disaster. I just don't think "realism" has much to do with it—in fact, it's still an idea worth considering. The Iraq war, the ur-fiasco of the last decade, was an imperialist project pushed by a bunch of dipshits who thought they could remake the Middle East according to a hyper-ideological scheme. It beggars belief to imagine a hard-bitten realist like George Kennan arguing that a war of aggression against a piddling tinpot dictatorship would be in America's interests.

Now, I also wouldn't say that self-interest is always the best model for international diplomacy. Ties of trade, tourism, and basic decency have created a good deal of mutual understanding that has, I think, calmed relations between the great powers. (Also, too, nukes.) And sometimes there are situations so horrible that basic morality demands some kind of action. (Genocide, yes. Ordinary war, not so much.)

But I think self-interested realism is an underrated method for organizing foreign policy because it is a sensible heuristic for determining which policies are likely to succeed. Rebuilding Iraq failed partly because the soldiers trying to carry it out, try as they might, ultimately didn't have the necessary personal investment in the project to make it work. They didn't know the people, the culture, the history, or the language like Iraqis do (the ones who didn't get blown to smithereens or emigrate, that is), and it didn't ultimately matter that much to them whether Iraq collapsed or thrived. The soldiers knew their tours would eventually end and they would return to the US.

In other words, no outsider will ever have the attachment to a country that a resident does.

This kind of reasoning is most obviously relevant when it comes to whether we're going to invade random country du jour, but it can hold for other things as well. Common currency areas like the Euro, for example, are really more of a foreign policy project than an economic one. And the Eurozone is failing in large part because the people with the power (Germany) refuse to act in the interest of Spaniards and Greeks. As Steve Waldman has said, "the nations of the Eurozone have ceded a significant part of their sovereignty to European institutions," and everyone but Germany is suffering for it to some degree.

So I'm all for international agreements for reducing greenhouse emissions and so forth, but I'm going to keep my realist cynicism within easy reach. Especially when I hear high-flown stuff about a new world order.
10 Jul 00:32

Hiroshi Yoshida Fishing Goldfishes 1928

Philipbrewer

Hiroshi Yoshida!



Hiroshi Yoshida

Fishing Goldfishes

1928

09 Jul 14:26

Universities shouldn’t be tax exempt

by Felix Salmon
Philipbrewer

"if we simply abolished those exemptions, and used the proceeds to spend on higher education, we would get vastly more bang for our buck"

I have a piece up at Architect Magazine on Cooper Union, and the real (if slim) possibility that it will lose the tax break from which most of its current income flows. Cooper Union will get $18 million this year in “tax equivalency payments” stemming from its ownership of the land under the Chrysler Building — money which would normally flow to New York City in the form of property taxes, but instead gets diverted to Cooper Union for its own uses. Do the math, and that works out to about $18,200 per enrolled student — a much greater subsidy than New York City provides to any of the students being educated at its own colleges.

Doug Turetsky, of New York City’s State’s Independent Budget Office, says that if Cooper is going to start charging tuition, then “the public purpose of the unusual tax breaks now mostly a thing of the past,” and New York should start collecting property tax on the Chrysler Building rather than letting Cooper Union use all that money for itself. So far, there’s no indication that the attorney general agrees with him; as I say in my piece, the time for the AG to crack down on Cooper was in 2006, rather than now, when the removal of the tax break would mean certain death for the college.

Still, in an ideal world, Cooper Union wouldn’t get this tax break — and neither would NYU be exempt from paying property tax on its buildings, and neither would Harvard be able to invest its endowment tax-free. The tax exemptions that universities receive cause them to behave in a manner which would otherwise be quite irrational: NYU’s expansionism, for instance, is driven in part by the fact that it can extract more economic value out of property than other actors, thanks to all property it buys automatically becoming tax-exempt. And if you look at Harvard’s balance sheet, it has for decades now been a hedge fund with an educational institution attached, the educational institution more than paying for itself in the tax exemption it confers upon the entire endowment.

The dollar value of universities’ tax exemptions is enormous — and it almost goes without saying that if we simply abolished those exemptions, and used the proceeds to spend on higher education, we would get vastly more bang for our buck. The overwhelming majority of the tax expenditures go to the richest universities — the ones who need the money the least. Meanwhile, great institutions like the University of California are slowly starved to death: direct fiscal expenditures, it seems, are much, much easier to cut than more-hidden tax expenditures.

If state and federal governments are going to spend billions of dollars subsidizing tertiary education — and they should — then they should spend those billions wisely, with a focus on education. Instead, they spend those billions through the tax code, with no kind of oversight at all, pushing their thumb on the scales so as to encourage, at the margin, the purchase of buildings and the building-up of large endowments.

A revenue-neutral abolition of universities’ tax exemptions would be a massive gain for pretty much everybody, even if it did have the effect of slightly reducing alumni giving. In fact, it would be a very interesting real-world experiment: if alumni giving didn’t drop very much, that would be a good reason to extend the abolition to the entire charitable-giving nexus more broadly.

I don’t think that Cooper should, or will, lose the tax equivalency payments it receives from the Chrysler Building — they’re no more odious than all the other tax exemptions received by universities across the nation. But if all colleges lost all their exemptions, and got their federal subsidy directly instead of indirectly — now that I would applaud.

09 Jul 11:09

Needlework

by Marissa Lingen

Oh, people. People, people, people, I am so tired of dislike of needlework being used as a stand-in for making a young female character actually interesting. I see this mostly in middle-grade fantasies, mostly. Not so much in YA, although I don’t know if that’s because I’m not seeing as much secondary world YA as I’d like. It sometimes goes with not being boyyyyyy crazy. Because girls who are interested in boys are stupid and hate everything that is fun and good and probably will grow boobs early and never ever ever have adventures. (Also girls who are interested in girls are invisible and don’t exist. So basically if you have proto-romantic feelings before age 18 or preferably 21, you stink. Thanks, MG tropes!)

Several things about the needlework thing annoy me, though. One of them is that it’s the cheap shot among “women’s work” stuff. It’s the one that middle-grade readers of the present are by and large not being asked to do, or at least not insistently/universally. Some girls are crafters as a hobby, but very few of them would self-define as doing “needlework.” So it’s a lot safer for an author aiming at a tomboy everygirl, because, hello, third wave! Tomboy everygirls can love making cookies or soup or whatever. And nobody* really says, “I adore cleaning. I live for cleaning. Cleaning is so awesome.” You can have your character announce that she hates scrubbing the floor, but nobody thinks that makes her amazing, they just think it makes her normal.

The other thing that ties in with this is: needlework used to be a lot like cleaning, in that it used to be necessary for continued health. Sure, you can choose whether you want your home spotless or a little messy, but you do in fact need to wash your dishes, one way or the other. That’s a health issue. And before industrial textiles, you had to do a million textile-related chores in order to keep your family healthily clothed. Mending. Taking things in and letting them out and altering them for younger/smaller family members. Even tapestry, while it is an art form and was used for self-expression, was also used to keep the walls of those stone castles and houses from turning the wenches into wenchcicles. Even in post-industrial textile societies, you will see a very realistic concern for what torn clothing and clever needlework can mean if you read the books of Noel Streatfeild, where the cost of a dress to put a family member in a good position to gain economic advantage is really non-trivial. I would love to see a parent or sibling in a fantasy novel react to a character’s stated hatred of needlework in one of these contexts–basically someone treating it as the protag saying, “I want you to buy me a better cell phone and data plan and all the other bells and whistles I want,” or else, “I hate cleaning the toilet,” rather than, “I am so interesting and independent!” I don’t expect that soon, though. It’s pretty embedded.

So where does all this come from? Two places: resentment of early twentieth century middle-class Anglo/American enforced femininity, and the Victorians. A lot, a lot of the women who pioneered the fantasy genres–especially children’s fantasy–chafed at the roles they were slotted into in the rest of their lives. And the “needlework as a useless pastime for enforcing female idleness” is straight out of Victorian life, where manufacturing endless unwanted decorations for the parlor and the jumble sale was, in fact, some women’s lot. But the Victorians were substantially along the line of progress of industrial textiles; a vicar’s daughter who spun flax would be distinctly odd, because that sort of thing was done in factories by then. Taking those frustrations and plunking them down wholesale in medieval-inspired cultures is understandable for those who lived them and witnessed them firsthand–Edith Nesbit, if ever you do that, I forgive you. (But notice that Nesbit has an unusual regard for the consequences of the children’s rash behavior on servants and the family budget. This was not much replicated by her imitators.) For those of us for whom they are historical study, it’s just plain laziness.

More than that, it’s attempting to make traits and interests exclusive that frankly aren’t. My friend V., for example, crocheted me a hyperbolic plane. She is interested in fiber arts and in math. She didn’t have to choose Boy Stuff or Girl Stuff–she can like some gendered activities and a great many activities like fiber arts and math that are not essentially gendered. And we lose a great deal when we accept shorthands for characterization too easily, too readily. “She’s a tomboy, not a girly girl.” “He’s a brain, not a jock.” We make our own cultural pitfalls in creating supposed opposites that aren’t really opposed more universal than we mean to when we import them whole cloth into secondary worlds.

Honestly, though, it’s just boring. It’s a trigger for me to say, “Another one of those, author getting lazy,” and put the book down. Find something else to express your character’s adventurous soul. Or don’t make them have a standard-issue Adventurous Soul TM in the first place. Whichever.

*Almost certainly somebody says this, because, well, people. They vary. And almost certainly there are loads of women who hate “needlework.” I am not a seamstress or a crafter myself. My complaint here is not that girls who fit these traits are unrealistic or do not exist, it’s that the traits are being overused and used cheaply.

08 Jul 18:30

A Really Good Article on How Easy it Is to Crack Passwords

by schneier
Philipbrewer

Crackers are cracking hard-to-crack passwords faster than ever...

Ars Technica gave three experts a 16,000-entry encrypted password file, and asked them to break them. The winner got 90% of them, the loser 62% -- in a few hours.

The list of "plains," as many crackers refer to deciphered hashes, contains the usual list of commonly used passcodes that are found in virtually every breach involving consumer websites. "123456," "1234567," and "password" are there, as is "letmein," "Destiny21," and "pizzapizza." Passwords of this ilk are hopelessly weak. Despite the additional tweaking, "p@$$word," "123456789j," "letmein1!," and "LETMEin3" are equally awful....

As big as the word lists that all three crackers in this article wielded -- close to 1 billion strong in the case of Gosney and Steube -- none of them contained "Coneyisland9/," "momof3g8kids," or the more than 10,000 other plains that were revealed with just a few hours of effort. So how did they do it? The short answer boils down to two variables: the website's unfortunate and irresponsible use of MD5 and the use of non-randomized passwords by the account holders.

The article goes on to explain how dictionary attacks work, how well they do, and the sorts of passwords they find.

Steube was able to crack "momof3g8kids" because he had "momof3g" in his 111 million dict and "8kids" in a smaller dict.

"The combinator attack got it! It's cool," he said. Then referring to the oft-cited xkcd comic, he added: "This is an answer to the batteryhorsestaple thing."

What was remarkable about all three cracking sessions were the types of plains that got revealed. They included passcodes such as "k1araj0hns0n," "Sh1a-labe0uf," "Apr!l221973," "Qbesancon321," "DG091101%," "@Yourmom69," "ilovetofunot," "windermere2313," "tmdmmj17," and "BandGeek2014." Also included in the list: "all of the lights" (yes, spaces are allowed on many sites), "i hate hackers," "allineedislove," "ilovemySister31," "iloveyousomuch," "Philippians4:13," "Philippians4:6-7," and "qeadzcwrsfxv1331." "gonefishing1125" was another password Steube saw appear on his computer screen. Seconds after it was cracked, he noted, "You won't ever find it using brute force."

Great reading, but nothing theoretically new. Ars Technica wrote about this last year, and Joe Bonneau wrote an excellent commentary.

Password cracking can be evaluated on two nearly independent axes: power (the ability to check a large number of guesses quickly and cheaply using optimized software, GPUs, FPGAs, and so on) and efficiency (the ability to generate large lists of candidate passwords accurately ranked by real-world likelihood using sophisticated models).

I wrote about this same thing back in 2007. The news in 2013, such as it is, is that this kind of thing is getting easier faster than people think. Pretty much anything that can be remembered can be cracked.

If you need to memorize a password, I still stand by the Schneier scheme from 2008:

So if you want your password to be hard to guess, you should choose something that this process will miss. My advice is to take a sentence and turn it into a password. Something like "This little piggy went to market" might become "tlpWENT2m". That nine-character password won't be in anyone's dictionary. Of course, don't use this one, because I've written about it. Choose your own sentence -- something personal.

Until this very moment, these passwords were still secure:

  • WIw7,mstmsritt... = When I was seven, my sister threw my stuffed rabbit in the toilet.
  • Wow...doestcst::amazon.cccooommm = Wow, does that couch smell terrible.
  • Ltime@go-inag~faaa! = Long time ago in a galaxy not far away at all.
  • uTVM,TPw55:utvm,tpwstillsecure = Until this very moment, these passwords were still secure.

You get the idea. Combine a personally memorable sentence, some personal memorable tricks to modify that sentence into a password, and create a long-length password.

Better, though, is to use random unmemorable alphanumeric passwords (with symbols, if the site will allow them), and a password manager like Password Safe to store them. (If anyone wants to port it to the Mac, iPhone, iPad, or Android, please contact me.) This article does a good job of explaining the same thing. David Pogue likes Dashlane, but doesn't know if it's secure.

In related news, PasswordSafe is a candidate for July's project-of-the-month on SourceForge. Please vote for it.

EDITED TO ADD (6/7): As a commenter noted, none of this is useful advice if the site puts artificial limits on your password.

08 Jul 02:47

A Fifth-Grader’s Dream House, or MY Dream House?

by Joey deVilla
Philipbrewer

There are some issues with the scale....

5th grade dream house

The only differences between this fifth-grader’s dream house and my present-day one are:

  • I’d replace the McDonalds with a high-end steakhouse, and
  • I’d ditch the racetrack and use the extra space to expand the hot girls room.

Those changes aside, I’d say “Nicely done, ten-year-old architect!”

06 Jul 21:39

An Adventuress

by Theodora Goss

I want to be an adventuress.

But that term has been used in some pejorative ways, so I have to specify what I mean by it. What I mean is a female adventurer. You know, like those Victorian women who went to distant lands, and learned the local languages, and climbed the Himalayas — often in not very practical Victorian clothing. Why then don’t I simply use the term adventurer? I suppose because it doesn’t have the same feel to it, the same sense of breaking boundaries and doing it with a sort of style and grace. I want some of the connotations of the word. But not others, because the term often describes women who use their charms and wiles to live off men — and that’s the opposite of adventure. An adventure requires self-reliance, guts. An adventure involves discovering yourself.

This was the conclusion I came to, that I wanted to be an adventuress, after returning from Europe. Which happened yesterday, actually. Yesterday morning I was in Budapest, and today I am in Boston. This is the last picture of myself that I took in Hungary, leaning against the railing of the Szabadság híd (Liberty Bridge), looking at the Danube. It was almost sunset: Budapest has the most gorgeous light at sunset.

OLYMPUS DIGITAL CAMERA

What I learned, being in Europe for two months, was how easily I moved around, how much I loved the act of traveling. Of looking out a train window. Of getting into an airplane and flying to another country. Of carrying adapters, and trying to figure out new plumbing arrangements, and making my way in another language. Did you know that in England, there are no electrical outlets in bathrooms? It’s illegal, so you have to go into another room to dry your hair. Also, all over Europe, it’s useful to know the term “to take away,” which is equivalent to the American “to go,” because you are charged more for food that you’re going to eat in.

I like going to museums and seeing original paintings for myself: Renaissance art, for example, looks completely different for real than it does reproduced. It’s only when you see it for real, and up close, that you realize its complete brilliance. In Brussels, I saw Landscape with the Fall of Icarus by Pieter Bruegel (at least we think it’s by him, but maybe not say the art scholars). I had the impulse to bow before it, as though I were meeting an important personage . . . I like figuring out maps and metro systems, walking through a strange city and seeing the architecture, coming upon small cafés and bookshops. In Budapest I found an English bookshop and bought too many books. In Brussels I came across an outdoor antiques market and bought some English transferware coffee cups. Ever after, I can look at those things and say, yes, I found that copy of Margaret Atwood’s Alia Grace in Budapest. Or I brought those cups all the way back from Brussels.

There are good and bad things about being an adventuress. It means that I’m not very good at living a quiet life. I need to be doing things, going places, and there’s a sort of restlessness in that: I always feel as though I should find contentment in simply being. But that’s not who I am, and I think it’s better to accept that about myself than fight against it. I want a life of adventures and new experiences — sometimes those are uncomfortable and inconvenient, sometimes they can even be frightening. I don’t like inconveniences any more than the next person, and I try to avoid dangers. But the lure of adventures, of new things, even the smallest — of using different kinds of money, eating different kinds of foods! That is a great and powerful lure.

I think I’ll add one more picture, also of myself looking at the Danube that final evening. It was hot and I had put my hair up — I twist and tuck it, and it stays up by itself. But the bridge was windy, and the wind blew my hair down, so I ended up with this. I’m ending with it because I think it makes a fine Portrait of an Adventuress.

OLYMPUS DIGITAL CAMERA


04 Jul 04:55

Exceptionalism or Imperialism

by Steven D. Brewer

We the People (aka "The United States of America") have been doing some really nasty stuff lately. We're flying robots around the world killing people extra-judicially -- that is, unconstrained by any national or international law. We operate a prison camp that is outside of either national or international law that has been detaining demonstrably innocent people for many years with no end in sight. Most recently, we have learned that, as many suspected, we are also running a surveillance police state that sweeps up, indexes, and stores vast amounts of communications data. We — you, me, all of us — are doing these things.

Our government claims that these are in our best interests. They argue that America has a special, "exceptional" role in the world. Foremost, they argue, they must do these things to "keep us safe". They say, "America is special" and ask that we all wave a little flag and look away while they do things to others that they would never accept be done to us. Are we OK with that?

Once upon a time, We the People were bound together in a shared mission. We had a shared fate and saw that we sank or swam together. That is no longer true. The United States has become a platform for the monied interests all around the world to maintain their hegemony. But We the People, who actually live here, have become incidental to their goals.

The United States of America is no longer ruled by We the People. It is ruled by the tiny coterie of people who control essentially all of the wealth and the apparatus of the state. They use the United States to maintain their interests throughout the world. The United States is still a democracy, but in name only: neither of the dominant political parties is actually aligned with the interests of the people who happen to live in the United States.

And any state that does not align itself with maintaining the interests of the extremely wealthy is labeled a "rogue state". Any country that tries to use its wealth for any other purpose finds itself pariah.

Edward Snowden, by revealing the extent of the police state that we have constructed, has provided a brief moment of illumination when it is possible to see where we are -- and where we are going. In return, the United States has made him a stateless person and is bending all its will to catch and punish him.

We the People just violated the sovereignty of Bolivia, in a brazen and illegal attempt to catch Snowden. The United States would never tolerate its Head of State being treated in such a contemptuous manner. Is that exceptionalism? Or just plain imperialism? We the People really need to decide.

I call on Barack Obama — if, as he says, he truly welcomes this debate — to pardon Edward Snowden and invite him back with a guarantee of immunity, to testify publicly before Congress and the American People. Democracy demands it. The failure to engage in this dialog in a meaningful way demonstrates the failure of Democracy in the United States. Terrorism is not the existential threat to our Democracy: it is our own police state.

03 Jul 03:02

Twenty Years of Haiku in Esperanto

by Steven D. Brewer

Almost twenty years ago, I started writing haiku. I wrote them in Esperanto: a language I had come to love. It began as a kind of joke -- an excuse for to spend a few minutes practicing my language at a moment when I was pressed for time. Little by little, I came to develop a deeper appreciation of haiku as well. This is how it happened.

I'm sure, like most U.S. children, I was introduced to haiku in public school. I have no specific memories of writing haiku, but as an adult I knew generally what haiku are -- from a typical North American perspective. I had seen the "haiku computer error messages" and other examples of everyday references to haiku in the popular literature, but knew little of the actual tradition of writing haiku.

My brother, Philip Brewer, and I had heard of Esperanto as teenagers. It sounded interesting and like a good idea so, as adults, we began to learn it and found it to be everything it claimed to be: an easy-to-learn second language that lets you converse with people all over the world. In the following years, I became a doctoral student and grew so that I didn't have time to practice Esperanto anymore. My adviser made it painfully clear that distractions, like Esperanto, were to be avoided. So I looked for some little way to do just a tiny something to stay in practice.

It started when Philip sent me a haiku in English to which I replied with a haiku in Esperanto. Pretty soon, we were exchanging one or two haiku every day. In just a few minutes, we could craft something fun to share — and get a little practice with Esperanto.

In the beginning, they were rarely intended as serious haiku. They tended to be commentary on the inanity of our every-day lives and would often comment on one another. Baring my soul, below are a few of my earliest haiku.

ombrelo kuŝas
refoje forgesita
ĉe hejme, seka.

the umbrella lies
forgotten once again
at home, dry

We didn't really think about what we were doing — it was mostly just a game to us. We hadn't heard of senryu. We mostly just remembered what we had learned about haiku from childhood. This was in the early days of the internet, before the World Wide Web was widely known. We liked how it felt to craft and share something.

mi serĉas ion
sed ne povas trovi ĝin
en kuirejo

I'm looking for something
but cannot find it
in the kitchen

Every now and then, however, one of us would create a real gem that was actually a pretty good haiku. That experience resonated with me and made me more curious about haiku.

trofrumatenas
nebulo kaŝas herbon
nudpiedmarŝu

too early in the morning
mist hiding the grass
walk barefoot

A few years later, I saw that the Haiku Society of America was meeting nearby. Out of curiosity, I registered and attended the meetings. I encountered a warm and supportive community that invited me to share some of my haiku and responded enthusiastically when I read them. The conversations I had there prompted me to reflect on my experience writing haiku in Esperanto. I wrote an article for the Esperanto press around this time explaining why writing haiku in Esperanto was so satisfying.

In writing the article, I checked out some books of haiku in English from the library. And read more about haiku. And over time, I began to see my practice as more than just Esperanto practice. I found that the few minutes I spent writing haiku meant something more to me. I began to value the experience of writing haiku for itself. It gave me a sense of peace and helped me focus and connect more closely with the world around me.

Esperanto famously has 16 rules of grammar. I read somewhere once that the rules of Esperanto are all permissions: they provide immense flexibility of expression. You want that word to be an adjective? Just add an "a"! Now you want it to be an adverb? Use an "e" instead! You want to change the word order? You bet! Anything you want! Moreover, especially with respect to syllable-counts, you can easily elide or add syllables in a variety of ways to tinker with flow, meaning, or emphasis.

Haiku, on the other hand, is famously rigid — even if people frequently bend the rules. A division into three parts with particular syllable counts; a natural theme, a seasonal word, and a cutting word; and the emphasis on momentariness and wholeness. Pulling that altogether in a just a few, carefully chosen words, is challenging. And more than that.

Bit by bit, I found haiku working its way into the rest of my life. I was invited to translate haiku into Esperanto for the "Dozen Tongues Project" by Redmoon Press. I found myself offering workshops at regional and national meetings. When Arika Okrent mentions haiku in her book "In the Land of Invented Languages", she was attending one of my workshops. And my haiku began looking for ways to be published.

In the past couple of years, I've begun sharing my daily haiku via Twitter. Haiku are perfect for social media and there are vast numbers of people quietly writing and sharing haiku via Twitter. A small community of authors post haiku in Esperanto, several of them in Japan. It turns out that 140 characters is pretty reliably enough to post a haiku in the original Esperanto with a translation (with hashtags #hajko and/or #haiku or #senryu and, when there's enough space #esperanto.

In 2010, I published a first collection of my haiku: Poŝtmarkoj el Esperantujo (Postage stamps from Esperanto-land). When Esperanto speakers meet, they say that they're in Esperantujo — a kind of homeland that springs into existence wherever people are using Esperanto. And postage stamps have special meanings for Esperanto speakers, who would typically receive mail from correspondents all around the world. Paired with my haiku, presented in Esperanto with English translation, were graphics in the form of imaginary postage stamps from Esperantujo.

My next book, Premitaj Floroj (Pressed Flowers), followed two years later. The first haiku introduced the theme of the book.

inter la paĝoj
de l' taglibro de panjo…
premitaj floroj

between the pages
of mom's diary…
pressed flowers

The book includes 210 haiku paired with delicate black-and-white images of pressed flowers (courtesy of the University of Massachusetts Amherst Herbarium and the Amherst College Herbarium). As a biologist, many of my haiku relate to plants: where you see them, when they flower, and the activities of their various animal associates. The book includes a forward written by HIROTAKA Masaaki, the author of a new book "Kiel verki hajkon en Esperanto" (How to write haiku in Esperanto) published by "Japana Esperanta Librokooperativo" (Japanese Esperanto Book Cooperative).

I'm currently working on my next book, Senokulvitre (Without Eyeglasses). I'm hoping it will be available by the end of August.

After twenty years of daily practice, I begin to see how much my technique has grown. I can tell when I have a good solid hit or hit it over the fence. Or when I bunt and can lay it right along the third-base line. But I still strike out fairly regularly. Haiku is not something you master in a day or a year, but something that you can strive to perfect over a whole lifetime.

29 Jun 22:58

Ultimate, Iron-Clad, Final Rules On Critique Groups

by skzb
Philipbrewer

These are pretty good.

I got an email asking my advice about forming a critique group. I answered, but I’m going to expand on it here, so if I get asked again I can just point.

A couple of things by way of introduction: First, get it out of your head that you need a writers group.  You don’t.  You need to write.  If you get as lucky as I did, you can find a group that helps; but you’re just as likely to find one doesn’t, or is even harmful.   Second, the point of a critique group is not to improve the manuscript (though that is a very nice bonus), it is to train the editor who lives in the back of your head.   If you are very good at revisions, then skip the critique group and just hang out with your friends and drink coffee and scotch and argue about politics and season 6 of “Buffy.”

There, that said, if you do form one, what should it be like?  Fortunately for you, I know the answer.  Herewith, the Exactly Right Way to do it, and no other way will work.  I actually believe that, except that I can point to groups that violate every one of these rules and work just fine.  So, oh well.

And note I’m talking about a group that meets in person; for those of you meeting electronically, I have no idea, but I suspect much of this is different.  So, then, without further ado, here is the Ultimate Truth about writers groups.

1. The correct number of people is 5-7.  Any fewer and you don’t have enough diversity of opinion; any more and it becomes  a pain for everyone to talk.

2. You must respect every member as a writer, a critic, and a person.  That last one is not just something I’m saying because it sounds good; it has immediate, practical value.  Here’s why:  At some point, Jim Douchebag is going to say something about your book that makes you go, “Oh, crap.  He’s right.”  And you’ll fix it, because you have to.  And for the rest of your life, every time you look at that book you’ll go, “Fucking Jim Douchebag has his greasy thumbprint on my beautiful book!”  So don’t go there.  Don’t work with anyone whose greasy thumbprint will upset you.

3. Do not have a leader.  I mean, seriously.  What the fuck?  A leader?  Pfui.

4. None of this read aloud bullshit.  You pass out manuscripts ahead of time, find out when people can get together (another reason for the small number: it’s manageable), and talk about what you’ve read.

5.  None of that artificial crap about how long people get to talk.  First, you go around with general comments–the sort where it doesn’t really apply to any specific moment in the book.  Then you go through it chapter by chapter, page by page, even sentence by sentence if necessary (“My next comment is on page 41.” “I have something on page 38″ “Go fish.”).  I’d skip the persnickety copy-editing type details (though it’s nice if someone marks those for you and then hands you the marked-up manuscript after the meeting), but on the other hand, sometimes grammar can be very useful.  In fact, having a grammarian in the group is really, really nice (bless you, Pamela, and bless you again).

6. Mention passages, scenes, sentences that you like.  This is not about stroking the writer’s ego.  It’s because two years from now, when you’re gleefully reading the book that you helped with, and your favorite passage is missing because no one told the writer it was good, you’ll feel like an idiot.

7. Do not be afraid to argue.  I mean, the writer shouldn’t argue, but there’s nothing wrong with strong disagreement among the critics. If someone likes a particular way of handling something, and you thought it sucked, that is a good thing. Argue, and let the writer listen to the argument; the writer will then be able to form a useful opinion, and possibly even pull a general rule out of it.  (General rules and laws about how to write or how not to write are the Big Bonus Prize.  You can’t make them happen, but when they do it’s the big payoff.)

8. The argument (see above)  is over when the writer says it is.  (We use the code-phrase, “Thank you.  I’ll think about it.”)

9. Oh, right. You meet as often as you need to in order to cover as much writing as the group is doing.

I may be adding stuff as people point things out, but in general, there. The final and ultimate truth about writers groups, and anything else is a mistake.

Except that, yeah, well, never mind.

 

29 Jun 01:35

The mad genius of Vi Hart

Philipbrewer

There.

The "mathemusician" Vi Hart first came to my attention when my son showed me a hexaflexagon he had made after watching one of her YouTube videos. I soon discovered that there are good reasons why Hart's YouTube channel has more than 500,000 subscribers. She's funny, geeky and has a knack for explaining complex concepts in the span of just a few minutes. The four-minute-and-thirty-seven-second long Doodling in Math Class: Infinity Elephants" provides a classic example.

But Vi Hart's ambitions do not always fit into small sizes. On Thursday, she dropped her latest effort, and there's simply no other way to describe it than as a masterpiece of mad genius. At one point during the 30-minute video she observes that she wouldn't presume to tell you what her creation is "about," but that's not going to stop me.

Here are a few things I think Vi Hart's "Twelve Tones" video is about:

Continue Reading...

28 Jun 21:01

Prosecuting Snowden

by schneier
Philipbrewer

Pretty much what I think too.

Edward Snowden broke the law by releasing classified information. This isn't under debate; it's something everyone with a security clearance knows. It's written in plain English on the documents you have to sign when you get a security clearance, and it's part of the culture. The law is there for a good reason, and secrecy has an important role in military defense.

But before the Justice Department prosecutes Snowden, there are some other investigations that ought to happen.

We need to determine whether these National Security Agency programs are themselves legal. The administration has successfully barred anyone from bringing a lawsuit challenging these laws, on the grounds of national secrecy. Now that we know those arguments are without merit, it's time for those court challenges.

It's clear that some of the NSA programs exposed by Snowden violate the Constitution and others violate existing laws. Other people have an opposite view. The courts need to decide.

We need to determine whether classifying these programs is legal. Keeping things secret from the people is a very dangerous practice in a democracy, and the government is permitted to do so only under very specific circumstances. Reading the documents leaked so far, I don't see anything that needs to be kept secret. The argument that exposing these documents helps the terrorists doesn't even pass the laugh test; there's nothing here that changes anything any potential terrorist would do or not do. But in any case, now that the documents are public, the courts need to rule on the legality of their secrecy.

And we need to determine how we treat whistle-blowers in this country. We have whistle-blower protection laws that apply in some cases, particularly when exposing fraud, and other illegal behavior. NSA officials have repeatedly lied about the existence, and details, of these programs to Congress.

Only after all of these legal issues have been resolved should any prosecution of Snowden move forward. Because only then will we know the full extent of what he did, and how much of it is justified.

I believe that history will hail Snowden as a hero -- his whistle-blowing exposed a surveillance state and a secrecy machine run amok. I'm less optimistic of how the present day will treat him, and hope that the debate right now is less about the man and more about the government he exposed.

This essay was originally published on the New York Times Room for Debate blog, as part of a series of essays on the topic.

28 Jun 11:30

Some thoughts on the occasion of my first chin-up

by Caitlin
Philipbrewer

You can skip the first three paragraphs of "why I haven't updated this blog for a while."

Editor’s note:  So you might have noticed that it’s been like a month since I updated my blog.  I certainly noticed because not a day went by where I wasn’t like “okay, time to update your blog now!” I had actually told myself that I was going to take a short break from blogging because I was having all of these overly sensitive and emotional reactions to things and I was putting all of this pressure on myself to write amazing things all the time – but things that would not garner critical comments or emails! – and my mind was just like NOPE NOT GONNA DO IT and instead made me watch endless episodes of “Game of Thrones,” “The Killing” and now “True Blood.”

And then what happened is that after a certain amount of time had passed, I started feeling embarrassed about how long it had been since I updated, sort of like how after you are out of contact with someone for so long and you really want to get back in touch with them but you are so embarrassed about your delinquency as a friend and loved one that even more time passes before you reach out because you just don’t want to deal with the initial awkwardness. (Or is this just me?  Come on, this can’t just be me.)  I was having all of these issues despite the fact that there is a lot of shit I really, really want to write about!  Things like race photos, women-only fitness spaces, the hidden work of femininity!  Isn’t it weird how our brains can totally take these things we want to do and then build them up until they become these huge, impassable obstacles?  This seems to be particularly true when it comes to writing, and I know that I’m not the only writer out there who struggles with this on a daily – no, an hourly basis.

But because it feels weird to just jump in to serious writing, I’m instead going to re-immerse myself in the world of feminist blogging with a quick post about some things that have been going on with me.  Thanks for your patience, and also for hanging around while I did battle with myself.

—-

In the event that you are not a fan of the Fit and Feminist Facebook page – in which case, you can fix that right now – you might have missed my big piece of news, which is that on Monday night, I finally managed to do a complete chin-up.  After several years of chin-up and pull-up attempts in which I looked less like an aspiring badass athlete and more like a sloth dying of old age, I had resigned myself to the belief that such feats of strength were still far off in the future for me.  Like so far off, I needed a reflector telescope to see them.

And then I met Alicia. Alicia was getting ready to do deadlifts in the squat rack when she was generous enough to let me work my sets in with hers.  She gave me some advice about my deadlift form, we talked a bit about the programs each one of us is working – I am doing New Rules of Lifting for Women, she is doing Stronglifts 5×5 – and we laughed about all of the people who say we shouldn’t lift too heavy because we might *gasp!* bulk up.  Later, we ran into each other again and we got to talking about pull-ups and chin-ups.  (Because what else do women talk about in the weight room?)  Alicia demonstrated one for me on the TRX frame, and then she encouraged me to give it a try myself.

So I reached up, wrapped my hands around the bar and pulled.  I felt my arms, my core and my back tense up as they always have in the past, but this time, my body was actually moving upward.  I kept pulling and pulling until finally, my entire head was over the bar, and I had a clear elevated view of all of the people chugging away on the rows of cardio machines.  I stayed up there for a few seconds, shocked that I had actually done it!  I dropped to the ground and started laughing, I was so happy.

A few minutes later, I tried again, just to prove to myself that I could do it.  I did it, but that wasn’t enough to assuage my insecurity, so today on my lunch break, just before I hopped on the bike for an interval session, I did another chin-up.   And then finally, when Brian showed up at the gym, I did another one (just because I am a show-off who likes to impress her husband).  Of course, I paid for my pride when I strained my left shoulder and had to cut my swim short later that day.  *insert gif of Antoine Dodson saying “YOU ARE SO DUMB” here*  But still – chin-ups!  Plural, even!

My little triumph came on the heels of a conversation Brian and I had while sitting at the beach this weekend, in which he told me that I seem as though I’ve reached another level with my fitness.  Hearing him say that confirmed what I’d been noticing privately over the past couple of months. My arms and shoulders have gotten quite a bit larger, to the point that a lot of my shirts now pull awkwardly across my shoulders.  My quads have more definition.  My front abs are still not visible but my obliques are poking out all over the place. I noticed that the scale had climbed a few pounds, but that my pants and shorts are looser around the waist – a sure sign that I’m increasing my lean muscle mass.

Best of all, I am able to do things like throw down full pushups and burpees, I’ve broken through long-standing plateaus with rows and lat pulldowns, and I feel comfortable squatting to way below parallel.  Plus I’m capable of sustaining a pretty serious clip when I’m out running, even when the humidity levels have passed the point of discomfort and gone straight into the “holy fuck how do millions of people live in this state?!” territory.  It’s not just that I’m looking more buff; it’s that I’m actually feeling a lot stronger, too.

I think that what’s going on is that I’ve sailed into the Perfect Storm of Caitlin Awesomeness, where I’ve put together a regular training routine that is so varied (and also so fun!) that my all-around fitness level has skyrocketed without me even realizing it.  I still run quite a bit, and I ride my bike too, but these three activities put so much emphasis on my upper body that I really have no choice but to develop more strength in my arms, back and shoulders if I was going to keep doing these things.

1. Swimming: Most weeks, I swim between 2-3 times a week.  I cycle between swims aimed getting faster and increasing my endurance, and then I also swim in the open water.  At first I was just psyched to swim 1,000 yards or whatever, but over time I’ve started doing drills, working with the kickboard and the pull buoy, and more recently, I’m incorporating swim fins into my workout. (BTW, if you’ve ever wondered what it feels like to be a dolphin, strap on a pair of swim fins and swim a lap or two.  I slide through the water like a nuclear submarine with those things on.)  I have to drive kind of far out of my way to get to the only pool with hours that are not totally screwy, but I have gotten to the point where I don’t mind the traffic because I know I’m going to get to spend an hour in a state of total bliss.

2. Strength training: On the advice of many of this blog’s readers, I started working my way through the “New Rules of Lifting for Women” and I. Love. It.  While it may lack some of the more hardcore cachet of Starting Strength or Olympic lifting or strongwoman programs, it works really well for me, as strength training is meant to be conditioning for my other sports and isn’t my main show, so to speak.  Having a plan that lets me strength train two days a week lets me keep my legs fresh enough to keep working on running and cycling, and it shows, because I find my legs are way less likely to become fatigued when doing hills or speedwork.

Plus, the program has made me more focused and consistent when it comes to record-keeping, which has made it easier for me to see my gains and to also know when it’s time to go increase and when it’s time to maintain. NROL4W is making me more serious about weight training and less of a dilettante about it. The end result is that I have made some pretty substantial strength gains in a short period of time, and I only expect that to continue as I make my way through the stages.

3. Pole: I wrote about my first experience with pole dancing but then kind of went quiet about it after getting a bunch of reactions that made me not really want to talk about it anymore.  The truth is that I’ve kept it up because I really, really enjoy it and it’s teaching me to use my body in ways I’ve never even though possible. Right now I am taking a class that is called Tricks Foundations, which is basically an hour a week dedicated to learning how to hold my body in a variety of positions around a vertical pole.   We use our arms, our inner thighs, the backs of our knees, our tummies and even our shins and feet to hold ourselves in the air.

I do a lot of really physically demanding things on a regular basis, and none of those things can compare to pole in terms of sheer difficulty.  (I’m always nursing a new set of random bruises after I leave the studio, and it’s kind of awesome.) One of the things that pole has taught me to do is to use my arms and core to pull my body into the air, which is what doing a chin-up is, except on a socially-acceptable horizontal bar instead of a vertical pole.  Once you become aware of what that sensation feels like, your body knows how to replicate it elsewhere, which is probably why I was able to get the chin-up on my first try.

That’s a lot of upper-body strength work!  No wonder my shirts don’t fit me anymore.  (And by the way, I know this is a common complaint among women with muscles, that clothing manufacturers don’t seem to think we exist.  So that means I fall into two categories of non-existent women: muscular women and tall women.  Basically I’m a unicorn in the eyes of the clothing world, and it’s a miracle I haven’t been reduced to walking around butt naked for want of a pair of pants that fits.)

So that’s all of the physical nuts-and-bolts stuff going on behind my little accomplishment.  What’s also interesting to me is the emotional and psychological stuff going on, too.  I wrote a few weeks ago about how my self-image had shifted so that I was no longer “working to become strong” but that I was now “strong” and “capable.”  It’s a transition that struggles to take hold, simply because I had so deeply internalized this idea of myself as “weak,” but it is slowly happening. It started the first time I ran a 5K without stopping – I was so excited, I can’t even put it into words – and it has continued on through half-marathons and marathons and triathlons and open-water swims and hours spent in the weight room and in the pool and in the pole studio.

It’s a thrilling sensation, to know that I am reshaping the way I look at myself through time and sweat and effort.  The muscles and all that, they’re nice and fun to look at while flexing in the mirror, but they’re all secondary to the changes in the way I see myself, that ineffable essence of who I am as a person.  I think those are the changes that really count, and I’m so excited to know they are happening for me.


26 Jun 15:44

More on Feudal Security

by schneier
Philipbrewer

I feel like a peasant just as the enclosures act was taking effect....

Facebook regularly abuses the privacy of its users. Google has stopped supporting its popular RSS feeder. Apple prohibits all iPhone apps that are political or sexual. Microsoft might be cooperating with some governments to spy on Skype calls, but we don't know which ones. Both Twitter and LinkedIn have recently suffered security breaches that affected the data of hundreds of thousands of their users.

If you've started to think of yourself as a hapless peasant in a Game of Thrones power struggle, you're more right than you may realize. These are not traditional companies, and we are not traditional customers. These are feudal lords, and we are their vassals, peasants, and serfs.

Power has shifted in IT, in favor of both cloud-service providers and closed-platform vendors. This power shift affects many things, and it profoundly affects security.

Traditionally, computer security was the user's responsibility. Users purchased their own antivirus software and firewalls, and any breaches were blamed on their inattentiveness. It's kind of a crazy business model. Normally we expect the products and services we buy to be safe and secure, but in IT we tolerated lousy products and supported an enormous aftermarket for security.

Now that the IT industry has matured, we expect more security "out of the box." This has become possible largely because of two technology trends: cloud computing and vendor-controlled platforms. The first means that most of our data resides on other networks: Google Docs, Salesforce.com, Facebook, Gmail. The second means that our new Internet devices are both closed and controlled by the vendors, giving us limited configuration control: iPhones, ChromeBooks, Kindles, BlackBerry PDAs. Meanwhile, our relationship with IT has changed. We used to use our computers to do things. We now use our vendor-controlled computing devices to go places. All of these places are owned by someone.

The new security model is that someone else takes care of it -- without telling us any of the details. I have no control over the security of my Gmail or my photos on Flickr. I can't demand greater security for my presentations on Prezi or my task list on Trello, no matter how confidential they are. I can't audit any of these cloud services. I can't delete cookies on my iPad or ensure that files are securely erased. Updates on my Kindle happen automatically, without my knowledge or consent. I have so little visibility into the security of Facebook that I have no idea what operating system they're using.

There are a lot of good reasons why we're all flocking to these cloud services and vendor-controlled platforms. The benefits are enormous, from cost to convenience to reliability to security itself. But it is inherently a feudal relationship. We cede control of our data and computing platforms to these companies and trust that they will treat us well and protect us from harm. And if we pledge complete allegiance to them -- if we let them control our email and calendar and address book and photos and everything -- we get even more benefits. We become their vassals; or, on a bad day, their serfs.

There are a lot of feudal lords out there. Google and Apple are the obvious ones, but Microsoft is trying to control both user data and the end-user platform as well. Facebook is another lord, controlling much of the socializing we do on the Internet. Other feudal lords are smaller and more specialized -- Amazon, Yahoo, Verizon, and so on -- but the model is the same.

To be sure, feudal security has its advantages. These companies are much better at security than the average user. Automatic backup has saved a lot of data after hardware failures, user mistakes, and malware infections. Automatic updates have increased security dramatically. This is also true for small organizations; they are more secure than they would be if they tried to do it themselves. For large corporations with dedicated IT security departments, the benefits are less clear. Sure, even large companies outsource critical functions like tax preparation and cleaning services, but large companies have specific requirements for security, data retention, audit, and so on -- and that's just not possible with most of these feudal lords.

Feudal security also has its risks. Vendors can, and do, make security mistakes affecting hundreds of thousands of people. Vendors can lock people into relationships, making it hard for them to take their data and leave. Vendors can act arbitrarily, against our interests; Facebook regularly does this when it changes peoples' defaults, implements new features, or modifies its privacy policy. Many vendors give our data to the government without notice, consent, or a warrant; almost all sell it for profit. This isn't surprising, really; companies should be expected to act in their own self-interest and not in their users' best interest.

The feudal relationship is inherently based on power. In Medieval Europe, people would pledge their allegiance to a feudal lord in exchange for that lord's protection. This arrangement changed as the lords realized that they had all the power and could do whatever they wanted. Vassals were used and abused; peasants were tied to their land and became serfs.

It's the Internet lords' popularity and ubiquity that enable them to profit; laws and government relationships make it easier for them to hold onto power. These lords are vying with each other for profits and power. By spending time on their sites and giving them our personal information -- whether through search queries, e-mails, status updates, likes, or simply our behavioral characteristics -- we are providing the raw material for that struggle. In this way we are like serfs, toiling the land for our feudal lords. If you don't believe me, try to take your data with you when you leave Facebook. And when war breaks out among the giants, we become collateral damage.

So how do we survive? Increasingly, we have little alternative but to trust someone, so we need to decide who we trust -- and who we don't -- and then act accordingly. This isn't easy; our feudal lords go out of their way not to be transparent about their actions, their security, or much of anything. Use whatever power you have --- as individuals, none; as large corporations, more -- to negotiate with your lords. And, finally, don't be extreme in any way: politically, socially, culturally. Yes, you can be shut down without recourse, but it's usually those on the edges that are affected. Not much solace, I agree, but it's something.

On the policy side, we have an action plan. In the short term, we need to keep circumvention -- the ability to modify our hardware, software, and data files -- legal and preserve net neutrality. Both of these things limit how much the lords can take advantage of us, and they increase the possibility that the market will force them to be more benevolent. The last thing we want is the government -- that's us -- spending resources to enforce one particular business model over another and stifling competition.

In the longer term, we all need to work to reduce the power imbalance. Medieval feudalism evolved into a more balanced relationship in which lords had responsibilities as well as rights. Today's Internet feudalism is both ad hoc and one-sided. We have no choice but to trust the lords, but we receive very few assurances in return. The lords have a lot of rights, but few responsibilities or limits. We need to balance this relationship, and government intervention is the only way we're going to get it. In medieval Europe, the rise of the centralized state and the rule of law provided the stability that feudalism lacked. The Magna Carta first forced responsibilities on governments and put humans on the long road toward government by the people and for the people.

We need a similar process to rein in our Internet lords, and it's not something that market forces are likely to provide. The very definition of power is changing, and the issues are far bigger than the Internet and our relationships with our IT providers.

This essay originally appeared on the Harvard Business Review website. It is an update of this earlier essay on the same topic. "Feudal security" is a metaphor I have been using a lot recently; I wrote this essay without rereading my previous essay.

EDITED TO ADD (6/13): There is another way the feudal metaphor applies to the Internet. There is no commons; every part of the Internet is owned by someone. This article explores that aspect of the metaphor.

24 Jun 19:33

How the US Postal Service Should Promote Itself

by Joey deVilla
Philipbrewer

The laws on peeking inside your mail are much more strict than the laws on peeking inside your computer.

a message from the post office

24 Jun 15:20

Idiom’s Delight

by Pat
Philipbrewer

Somebody should share some Esperanto ones.

When I was in Columbus recently, I met a reader that I’ve known for a long time….

For those of you who have been reading the blog for a while, you might recognize her name: Carly Trowbridge.

Trowbridge4-711731

She told me that she really liked the Cealdish idiom that I put into Name of the Wind, “Don’t put a spoon in your eye over it.”

For those of you who don’t know, an idiom is a phrase that means something other than what it means. For example, when you “pull someone’s leg” you’re not *really* pulling their leg, you’re teasing them. You’re telling a joke.

I love idioms, especially foreign idioms. For example, in German, you can say, “Du hast ein vogel.” Literally, it means, “you have a bird” but what it *really* means is “You’re crazy.”

Another one I like goes like this: “Jim likes to drag people through the cocco.” but what it really means is that Jim likes to trick people and pull jokes on them.

Anyway, Carly told me that she and her friends started making up their own fake idioms. Her favorite was “I’m angry enough to punch mirrors.”

So I’m throwing open the doors. Feel free to share your favorite foreign idioms in the comments below.

Or make up one of your very own.

Have fun,

pat

22 Jun 10:55

Tradeoffs

by Steve Randy Waldman
Philipbrewer

This resonates with me.

The stupidest framing of the controversy over ubiquitous surveillance is that it reflects a trade-off between “security” and “privacy”. We are putting in jeopardy values much, much more important than “privacy”.

The value we are trading away, under the surveillance programs as presently constituted, are quality of governance. This is not a debate about privacy. It is a debate about corruption.

Just after the PRISM scandal broke, Tyler Cowen offered a wonderful, wonderful tweet:

I’d heard about this for years, from “nuts,” and always assumed it was true.

There is a model of social knowledge embedded in this tweet. It implies a set of things that one believes to be true, a set of things one can admit to believing without being a “nut”, and an inconsistency between the two. Why the divergence? Oughtn’t it be true that people of integrity should simply own up to what they believe? Can a “marketplace of ideas” function without that?

It’s obvious, of course, why this divergence occurs. Will Wilkinson points to an economy of esteem, but there is also an economy of influence. There are ideas and modes of thought that are taboo in the economy of influence, assertions that discredit the asserter. Those of us who seek to matter as “thinkers” are implicitly aware of these taboos, and we navigate them mostly by avoiding or acceding to them. You can transgress a little, self-consciously and playfully, as Cowen did in his tweet. If you transgress too much, too earnestly, you are written off as a nut or worse. Conversely, there are ideas that are blessed in the economy of influence. These are markers of “seriousness”, as in Paul Krugman’s perceptive, derisive epithet “Very Serious People”. This describes “thinkers” whose positions inevitably align like iron filings to the pull of social influence, indifferent to evidence that might impinge upon their views. Most of us, with varying degrees of consciousness, are pulled this way and that, forging compromises between what we might assert in some impossible reality where we observed social facts “objectively” and the positions that our allegiances, ambitions, and taboos push us towards. Individually, there is plenty of eccentricity, plenty of noise. People go “off the reservation” all the time. But pubic intellectualizing is a collective enterprise. What matters is not what some asshole says, but the conventional wisdom we coalesce to. When the noise gets averaged out, the bias imposed by the economy of influence is hard to overcome. And the economy of influence pulls, always, in directions chosen by incumbent holders of wealth and power, by people with capacity to offer rewards and to mete out punishment.

I want to introduce a word into the discourse surrounding NSA surveillance that has been insufficiently discussed. That word is blackmail. I will out and say this. I think our President’s “evolutions” on questions of civil liberties and surveillance are largely the result of blackmail. I think it is not coincidental that support for the security state is highly correlated with seniority and influence, in both of our increasingly irrelevant political parties. The apparatus we are constructing, have constructed, creates incredible scope for digging up dirt on people and their spouses, their children, their parents. It doesn’t take much to manage the shape of the economy of influence. There are, how shall we say, network effects. You don’t have to blackmail the whole Congress. Powerful people are, almost by definition, people very attuned to economies of influence. They quickly detect the trends and emerging conventions among other powerful people and conform to them. A consensus that emerges at the top is quickly magnified and disseminated. Other voices don’t disappear, there is plenty of shouting in the blogs. But a correlation emerges between a certain set of views and “seriousness”, “respectability”. The mainstream position is defined. Eventually it’s reflected by the polls, so it’s what the American people wanted all along, we are just responding to the demands of the public, whine the politicians.

Blackmail is and has always been a consequential component of our political system. This ought not to be controversial. Blackmail — like its sister B-word, “bribery” — has largely gone mainstream and been institutionalized. “Opposition research” is a profession that is openly practiced and is considered respectable. Opposition researchers, like lobbyists, will tell perfectly accurate stories about the useful role served by their profession. The public deserves to know the truth about the people in whom it will invest the public trust. Legislators require information and expertise that only industry participants can provide. True, true! But these are, obviously, incomplete accounts of the roles that these professionals play. Lobbyists don’t simply inject neutral, objective information into the legislative process. And opposition research is used in ways other than to immediately inform the public. For both bribery and blackmail, there is a spectrum of vulgarity. A guy gives you a suitcase of hundred-dollar bills that you hide in your freezer in exchange for a legislative favor. That’s vulgar, and illegal. But the same gentleman hints in conversation that, should you ever choose to “leave public service”, his firm would be excited to hire someone with your connections and expertise — expertise which, it needn’t be said, ought naturally be reflected in legislative choices! — and that is tasteful, normal, legal. Those jobs are worth a lot more than a suitcase full of C-notes. Similarly, it is vulgar and unnecessarily risky to show up in a Congressional office with a dossier of compromising pictures, or the dossier documenting ones participation in a fraud. You just have to make it known that you know.

I’m going to excerpt a bit from a great, underdiscussed piece by Beverly Gage:

[J. Edgar] Hoover exercised powerful forms of control over potential critics. If the FBI learned a particularly juicy tidbit about a congressman, for instance, agents might show up at his office to let him know that his secrets—scandalous as they might be—were safe with the bureau. This had the predictable effect: Throughout the postwar years, Washington swirled with rumors that the FBI had a detailed file on every federal politician. There was some truth to the accusation. The FBI compiled background information on members of Congress, with an eye to both past scandals and to political ideology. But the files were probably not as extensive or all-encompassing as people believed them to be. The point was that it didn’t matter: The belief alone was enough to keep most politicians in line, and to keep them voting yes on FBI appropriations.

Today, James Bamford quotes a former senior CIA official, describing current spymaster Keith Alexander:

We jokingly referred to him as Emperor Alexander — with good cause, because whatever Keith wants, Keith gets… We would sit back literally in awe of what he was able to get from Congress, from the White House, and at the expense of everybody else.

Bribery and blackmail go together, of course. The carrot and the stick. It’s not just that bad things will happen if you don’t toe the line. If you do the right thing, who knows? You might be the next Dianne Feinstein. Or John Boehner. Or Barack Obama. Note that, despite my excesses in this regard as a writer, I did not place do-the-right-thing in italics or scare quotes. There is a third element in this recipe for influence: persuasion. People don’t like to view themselves as venal, corrupt, weak. Even the sort of person who ends up “senior in politics” has limits to how crass a view of themselves they will tolerate. Bribery and blackmail are omnipresent in the background, but in the foreground are spirited conversations, arguments over policy, arguments in which I suspect decisionmakers frequently start with the hardest possible line against the position they will eventually accept so that they can reassure themselves: they have been persuaded, it was not just the pressure. I accuse Barack Obama of having been effectively bribed and blackmailed on these issues, but if he ever were to respond, I suspect he would deny that fervently and with perfect, absolute sincerity. He was persuaded. He knows more now than he did then.

We humans are such malleable things. This is not, ultimately, a story about evil individuals. The last thing I want to do with my time is get into an argument over the character of our President. I could care less. The problem we face here is social, institutional. Bribery, blackmail, influence peddling, flattery — these have always been and always will be part of any political landscape. Our challenge is to minimize the degree to which they corrupt the political process. “Make better humans” is not a strategy that is likely succeed. “Find better leaders” is just slightly less naive. Institutional problems require institutional solutions. We did manage to reduce the malign influence of the J. Edgar Hoover security state, by placing institutional checks on what law enforcement and intelligence agencies could do, and by placing those agencies under more public and intrusive supervision. I think that much of our task today is devising a sufficient surveillance architecture for our surveillance architecture.

But as we are talking about all this, let’s remember what we are talking about. We are not talking about a tradeoff between “security” and “privacy”. That framing is a distraction. Our current path is to pay for (alleged) security by acquiescence to increasingly corrupt and corruptible governance. We ought to ask ourselves whether a very secure, very corrupt state is better than the alternatives, whether security for corruption is a tradeoff we are willing to make.


P.S. It’s worth pausing in this context to note with sadness the death of Michael Hastings yesterday in a car crash. Hastings was a person clearly trying to address corrupt power by placing it under aggressive public surveillance. It’s worth considering the lessons of Cowen’s quip about “nuts” before we profess to be certain of very much.

Update History:

  • 20-Jun-2013, 6:15 a.m. PDT: “professionals plays
  • 21-Jun-2013, 4:55 a.m. PDT: converted parens to em dashes in bit beginning “experties which…”; added hyphen into “self-consciously”; “to which they will eventually be persuadedaccept“; “reassure themselves. T: they have…”
22 Jun 10:45

Positive Control

by John Robb
Philipbrewer

It's not quite here yet. Turning off your phone is not yet suspicious when you do it. But after the fact—if something bad happens and you're suspected in some way—having had your phone turned off becomes suspicious.

When something is very dangerous, like nuclear weapons, standard forms of protection and control aren't sufficient.

Hardtack_Umbrella_nuke

Something that potentially dangerous needs something more aggressive.

In the military, that's called positive control.  

Positive control is an active form of control where the dangerous item is under 24x7x365 monitoring, checking, patrolling, testing, etc.

In this type of system, no information = danger.   Alarm bells sound when the feeds and system checks monitoring the item go dark.  

This is the opposite of the type of security and law enforcement we're used to in our daily lives.  These systems are best described as negative control systems.  

Negative control systems are focused on detecting exceptions.  A crime.  Good behavior is expected.  As a result, this system only takes action when a failure occurs.  

Positive security and People

Positive security can apply to people too, if they are dangerous enough.  

NOTE:  When I was the Internet guru at Forrester Research over decade ao, we had an analyst day that discussed dangerous knowledge.  The conclusion?  Someday, technology and the knowledge of how to use it will become so dangerous that education would become a controlled substance.  Granted, I influenced that conclusion, since I had experience working with people in the past who were under "positive" control.  Most were in black programs, but one was a physics instructor who designed nuclear weapons (shaped charges, x-ray, etc.) as a profession. 

We've even designed corporate environments where every movement is being tracked (keystrokes and other forms of Taylorism) to determine whether people are doing the busy work they were tasked with.

However, those situations are only possible because they are limited in scope.

We've always assumed, despite the fears stoked by fiction like "1984", that positive control wasn't likely more nightmare than reality.

So far, the attempts to apply positive control to complete societies in the past have fallen far short, even with an aggressive application of technology. Bureaucratic forms of dictitorial governance like communism and fascism never reached the level of active surveillance required for true positive control.  Further, the process of attempting it undermined their ability to deliver robust growth over the long term.

How quickly things change.  We're now actively moving towards a society, and a world, founded on positive control.

Why?  Paranoia over terrorism, a massive national security infrastructure, and new technology has made it not only possible, but probable.  

So, let me lay it out in simple terms.  

Here's a framework that will allow you to put the stuff you read in the news into context.  

From hat bans to NSA leaks about surveillance programs.  

Problem:  Everybody on the planet IS a potential terrorist.

 Solution:  Put everybody on the planet under positive control.  

Positive control means the continuous monitoring.  

  • Location  GPS phone. Implied by utility use (smart grid).  Car GPS.  CCTV.  Facial recognition everywhere.  Social media data.
  • Network  Phone.  Social media connections.  Proximity.  Network analysis.  
  • Behavior  Economic activity.  Utility use.  Content use.  Usage monitoring.

In the case of positive control, any lack of activity or lapse in data flow is considered a dangerous act.  

Try to hide = something to hide.   

Any blocking of monitoring will be made illegal and a major crime.

Multiple systems with overlapping control will provide a complete cradle to grave blanket. 

There's no way to avoid this.  It's already here and nobody cares.  

Sincerely,

JOHN ROBB

Colorado john

 

21 Jun 19:25

Big Brothers Everywhere

by John Robb
Philipbrewer

Of course, I remove my hat when I'm indoors, as all well-brought-up men do. But still.

Pic via Joel Bush from the Austin Public Library says it all:

Hats

21 Jun 17:30

Prometheus

Philipbrewer

Don't miss the mouseover text.

'I'm here to return what Prometheus stole.' would be a good thing to say if you were a fighter pilot in a Michael Bay movie where for some reason the world's militaries had to team up to defeat every god from human mythology, and you'd just broken through the perimeter and gotten a missile lock on Mount Olympus.